Kyeyoon Park [Sat, 1 Nov 2014 05:15:19 +0000 (22:15 -0700)]
AP: Add multicast-to-unicast conversion send for "x_snoop"
Multicast-to-unicast conversion send will be needed in various part of
Proxy ARP and DGAF Disable.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Thu, 6 Nov 2014 00:15:46 +0000 (16:15 -0800)]
AP: Extend the BSS bridge neighbor entry management to support IPv6
This allows adding/deleting an IPv6 neighbor entry to/from the bridge,
to which the BSS belongs. This commit adds the needed functionality in
driver_nl80211.c for the Linux bridge implementation. In theory, this
could be shared with multiple Linux driver interfaces, but for now, only
the main nl80211 interface is supported.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Thu, 6 Nov 2014 00:14:24 +0000 (16:14 -0800)]
l2_packet: Add support for NDISC packet filter in l2_packet_linux
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Sat, 1 Nov 2014 01:18:35 +0000 (18:18 -0700)]
AP: Convert "dhcp_snoop" to use the generic "x_snoop"
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Sat, 1 Nov 2014 01:18:35 +0000 (18:18 -0700)]
AP: Add a generic "x_snoop" infrastructure for Proxy ARP
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Jouni Malinen [Wed, 19 Nov 2014 00:03:39 +0000 (02:03 +0200)]
tests: Move parallel-vm.py test control to the host
This allows all VMs to be used at the end of a test sequence by
assigning test cases to VMs based on which VM is available for a new
test case rather than splitting the full task at the beginning and
potentially getting stuck with the last VM running long test cases for
significantly longer than another VM that gets shorter duration tests
assigned to it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 19 Nov 2014 00:01:27 +0000 (02:01 +0200)]
tests: Add run-tests.py -i to control execution from stdin
The new -i command line argument can be used to control test case
execution from stdin to run-tests.py and vm-run.sh. This can be used,
e.g., to run multiple repeated test sequences in a virtual machine
without havign to restart the VM between each iteration.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 18 Nov 2014 22:41:45 +0000 (00:41 +0200)]
tests: Allow run-tests.py to be run from the vm directory
Some of the paths in run-tests.py are hardcoded and could not handle
tests/hwsim/vm as the working directory. Modify the design enough to
allow ../run-tests.py -L to be used from the vm directory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 18 Nov 2014 22:34:36 +0000 (00:34 +0200)]
tests: Make run-tests.py process test case selection arguments
This allows a list of matching test cases to be produced without having
to run the test cases. Previously, -L output included all defined test
cases regardless of what else was included on the command line.
Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan Peer [Wed, 5 Nov 2014 08:50:34 +0000 (03:50 -0500)]
AP: Drop retransmitted auth/assoc/action frames
It is possible that a station device might miss an ACK for an
authentication, association, or action frame, and thus retransmit the
same frame although the frame is already being processed in the stack.
While the duplicated frame should really be dropped in the kernel or
firmware code where duplicate detection is implemented for data frames,
it is possible that pre-association cases are not fully addressed (which
is the case at least with mac80211 today) and the frame may be delivered
to upper layer stack.
In such a case, the local AP will process the retransmitted frame although
it has already handled the request, which might cause the station to get
confused and as a result disconnect from the AP, blacklist it, etc.
To avoid such a case, save the sequence control of the last processed
management frame and in case of retransmissions drop them.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni Malinen [Sun, 16 Nov 2014 23:20:10 +0000 (01:20 +0200)]
EAP-pwd: Remove unnecessary OpenSSL EVP_sha256() registration
This gets registered in tls_openssl.c from tls_init(), so there is no
need for EAP-pwd implementation to register explicitly. This avoids some
corner cases where OpenSSL resources do not get fully freed on exit.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 23:14:35 +0000 (01:14 +0200)]
DFS: Fix hostapd operation without hw_mode driver data
If DFS implementation was built in, some configurations with drivers
that do not provide mode information could end up dereferencing a NULL
pointer. Fix this by skipping DFS operations in such cases since not
having information about modes and channels means that hostapd could not
perform DFS anyway (i.e., either this is not a wireless driver or the
driver takes care of DFS internally).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 23:08:04 +0000 (01:08 +0200)]
Fix hostapd operation without hw_mode driver data
Commit
7f0303d5b0bb425f3e7318a7016b55ba9e67f9de ('hostapd: Verify VHT
160/80+80 MHz driver support') added couple of hapd->iface->current_mode
dereferences of which the one in hostapd_set_freq() can be hit with some
configuration files when using driver wrappers that do not have hw_mode
data, i.e., when current_mode is NULL. This could result in segmentation
fault when trying to use driver=wired. Fix this by checking that
current_mode is not NULL before dereferencing it to get vht_capab.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 22:57:15 +0000 (00:57 +0200)]
wired: Fix deinit path to unregister eloop read_sock
The previous version was leaving behind registered eloop socket
instances.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 20:34:54 +0000 (22:34 +0200)]
tests: Report kernel panic clearly in parallel-vm.py
Previously, it was possible for a kernel panic to be missed since the
only sign of it in stdout was reduced number of passed test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 20:24:18 +0000 (22:24 +0200)]
tests: Use a single timestamp in all vm-run.sh instances
This avoids possible mismatches in directory and log file timestamps if
the UNIX timestamp (seconds) changes during the startup sequence.
Signed-off-by: Jouni Malinen <j@w1.fi>
Eliad Peller [Wed, 22 Oct 2014 12:04:04 +0000 (08:04 -0400)]
tests: Add wpa_supplicant WMM-AC test
Add basic wpa_supplicant tests for WMM-AC TSPEC addition/deletion.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Johannes Berg [Wed, 22 Oct 2014 12:04:03 +0000 (08:04 -0400)]
WMM AC: Notify driver before sending DelTS
Switch the stop and sending DelTS to avoid sending data packets
for the session after the DelTS, which is otherwise possible.
This also helps the mac80211 implementation as it requires stopping the
traffic flow before sending the DelTS as it may modify the AC parameters
for the affected queue, and that may in turn affect management frames.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Moshe Benji [Wed, 22 Oct 2014 12:04:02 +0000 (08:04 -0400)]
WMM AC: Add wmm_ac_status control interface command
This wmm_ac_status command will show the current status for WMM AC.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Moshe Benji [Wed, 22 Oct 2014 12:04:02 +0000 (08:04 -0400)]
Add wpa_scnprintf() helper function
This provides a simpler version of snprintf that doesn't require further
error checks.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Moshe Benji [Wed, 22 Oct 2014 12:04:01 +0000 (08:04 -0400)]
nl80211: Implement add_ts/del_ts ops
Add ops to notify about TSPECs to add/remove. Additionally, subscribe to
ADDTS/DELTS Action frames to be able to process WMM AC Action frames.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Moshe Benji [Wed, 22 Oct 2014 12:04:00 +0000 (08:04 -0400)]
wpa_cli: WMM_AC_ADDTS and WMM_AC_DELTS commands
wmm_ac_addts command will add (or update) a traffic stream and
wmm_ac_delts command will delete an existing traffic stream.
Each of the above commands will call its corresponding
ctrl_iface command.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Moshe Benji [Wed, 22 Oct 2014 12:03:59 +0000 (08:03 -0400)]
ctrl_iface: Add wmm_ac_addts and wmm_ac_delts commands
wmm_ac_addts command will add (or update) a traffic stream and
wmm_ac_delts command will delete an existing traffic stream.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Eliad Peller [Wed, 22 Oct 2014 12:03:58 +0000 (08:03 -0400)]
Add str_token() function
Add helper function to get the next token from a string.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Moshe Benji [Wed, 22 Oct 2014 12:03:57 +0000 (08:03 -0400)]
WMM AC: Handle TSPEC action frames
Add the TSPEC to the driver on successful TSPEC ADDTS response. Delete
the TSPEC when receiving DELTS action.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Eliad Peller [Wed, 22 Oct 2014 12:03:56 +0000 (08:03 -0400)]
WMM AC: Add basic ADDTS/DELTS sending functions
Add basic implementation for ADDTS and DELTS sending
functions.
wpas_wmm_ac_addts() will send ADDTS request public action,
containing TSPEC (traffic stream specification) with
the given params.
wpas_wmm_ac_delts() will look for the saved tspec with
the given tid, and send DELTS public action for it.
(Handling of ADDTS response and actually configuring the admission
control params will be added in following patches.)
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Moshe Benji [Wed, 22 Oct 2014 12:03:55 +0000 (08:03 -0400)]
WMM AC: Add add_tx_ts and del_tx_ts driver ops
Add add_tx_ts() and del_tx_ts() ops to notify the driver about
TSPEC add / delete.
Additionally, add wmm_ac_supported flag to indicate
whether the driver supports WMM AC.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Moshe Benji [Wed, 22 Oct 2014 12:03:54 +0000 (08:03 -0400)]
WMM AC: Parse WMM IE on association
Initialize WMM AC data structures upon successful association
with an AP that publishes WMM support, and deinitialize the data
structure when the association is no longer valid.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Eliad Peller [Wed, 22 Oct 2014 12:03:53 +0000 (08:03 -0400)]
nl80211: Parse WMM parameters on association
Set the relevant WMM parameters in the assoc_data event.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Eliad Peller [Wed, 22 Oct 2014 12:03:52 +0000 (08:03 -0400)]
drivers: Add WMM parameters to association event data
The WMM parameters will be used later for setting default tspec values.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Jouni Malinen [Sun, 16 Nov 2014 18:07:09 +0000 (20:07 +0200)]
Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-11-11.
Signed-off-by: Jouni Malinen <j@w1.fi>
Masashi Honma [Sat, 15 Nov 2014 01:35:32 +0000 (10:35 +0900)]
mesh: Make plink params configurable
This patch makes four MIB variables for plink configurable and sets the
correct default values based on IEEE Std 802.11s-2011.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Sat, 15 Nov 2014 01:35:28 +0000 (10:35 +0900)]
mesh: Check mesh key management method
Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Sat, 15 Nov 2014 01:35:24 +0000 (10:35 +0900)]
mesh: Add wpa_cli action script processing for mesh events
Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Mon, 1 Sep 2014 04:23:39 +0000 (00:23 -0400)]
mesh: Add scan result for mesh network
Android 4.4 uses "BSS" command instead of "SCAN_RESULT" command.
So this patch add the mesh scan result for BSS command.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Mon, 1 Sep 2014 04:23:38 +0000 (00:23 -0400)]
mesh: Make BSSBasicRateSet configurable
STAs that have different BSSBasicRateSet cannot connect to each other
as per IEEE 802.11s-2011 9.6.0c1:
"A mesh STA shall not establish a mesh peering with a mesh STA using a
different BSSBasicRateSet."
Make BSSBasicRateSet configurable to improve interoperability with other
stations.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Javier Lopez [Mon, 1 Sep 2014 04:23:33 +0000 (00:23 -0400)]
Add mesh_group_{add,remove} control interface commands
Parse MESH_GROUP_ADD/REMOVE commands on ctrl interface and call
wpa_supplicant routines. These commands are used to start or
join and leave a mesh network.
The mesh id is given in the configuration file, therefore there is
no need to scan before joining a mesh network. We reuse the
connect_without_scan construct used by P2P for that same purpose.
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Masashi Honma [Sat, 15 Nov 2014 01:35:27 +0000 (10:35 +0900)]
mesh: Reduce none 11N Self-protected Action frame allocation size
Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Sat, 15 Nov 2014 01:35:26 +0000 (10:35 +0900)]
mesh: Fix 11N capability in Self-protected Action frame
mesh_ht_mode default value is CHAN_UNDEFINED.
So previous code set 11N capability even though 11N is not used.
Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Sat, 15 Nov 2014 01:35:25 +0000 (10:35 +0900)]
mesh: Set driver capability flags to mesh interface
Signed-off-by: Kenzoh Nishikawa <Kenzoh.Nishikawa@jp.sony.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Sat, 15 Nov 2014 01:35:29 +0000 (10:35 +0900)]
mesh: Fix segmentation fault by repeating MESH_GROUP_ADD/REMOVE
Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Jason Mobarak [Mon, 1 Sep 2014 04:23:36 +0000 (00:23 -0400)]
mesh: Enable mesh HT mode
Add a new option "mesh_ht_mode" that specifies the HT mode for the
mesh, with this option on, mesh beacons, actions frames, and probe
responses with include the appropriate HT information elements.
[original implementation by Chun-Yeow Yeoh <yeohchunyeow@gmail.com>]
[some fixes by Masashi Honma <masashi.honma@gmail.com>]
Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Chun-Yeow Yeoh [Mon, 1 Sep 2014 04:23:31 +0000 (00:23 -0400)]
mesh: Add timer for SAE authentication in RSN mesh
Add timer to do SAE re-authentication with number of tries defined
by MESH_AUTH_RETRY and timeout defined by MESH_AUTH_TIMEOUT.
Ignoring the sending of reply message on "SAE confirm before commit"
to avoid "ping-pong" issues with other mesh nodes. This is obvious when
number of mesh nodes in MBSS reaching 6.
Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:30 +0000 (00:23 -0400)]
mesh: Start mesh peering after successful authentication
[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:30 +0000 (00:23 -0400)]
SAE: Enhance AP implementation to handle auth for mesh interfaces
Add state transition logic to the SAE frame handling in order to more
fully implement the state machine from the IEEE 802.11 standard. Special
cases are needed for infrastructure BSS case to avoid unexpected
Authentication frame sequence by postponing transmission of the second
Authentication frame untile the STA sends its Confirm.
[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Thomas Pedersen [Mon, 1 Sep 2014 04:23:29 +0000 (00:23 -0400)]
mesh: Add mesh robust security network
This implementation provides:
- Mesh SAE authentication mechanism
- Key management (set/get PSK)
- Cryptographic key establishment
- Enhanced protection mechanisms for robust management frames
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Thomas Pedersen <thomas@noack.us>
Dmitry Shmidt [Wed, 3 Sep 2014 21:58:37 +0000 (14:58 -0700)]
hostapd: Add wowlan_triggers config param
New kernels in wiphy_suspend() will call cfg80211_leave_all() that will
eventually end up in cfg80211_stop_ap() unless wowlan_triggers were set.
For now, use the parameters from the station mode as-is. It may be
desirable to extend (or constraint) this in the future for specific AP
mode needs.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Ilan Peer [Wed, 5 Nov 2014 08:50:37 +0000 (03:50 -0500)]
nl80211: Fix Android compilation by adding include for fcntl.h
This is needed for fcntl() at least with Android KK.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni Malinen [Sun, 16 Nov 2014 13:42:29 +0000 (15:42 +0200)]
tests: Suite B
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 13:40:02 +0000 (15:40 +0200)]
Suite B: Select EAPOL-Key integrity and key-wrap algorithms based on AKM
This adds support for AKM 00-0F-AC:11 to specify the integrity and
key-wrap algorithms for EAPOL-Key frames using the new design where
descriptor version is set to 0 and algorithms are determined based on
AKM.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 11:22:46 +0000 (13:22 +0200)]
Suite B: PMKID derivation for AKM 00-0F-AC:11
The new AKM uses a different mechanism of deriving the PMKID based on
KCK instead of PMK. hostapd was already doing this after the KCK had
been derived, but wpa_supplicant functionality needs to be moved from
processing of EAPOL-Key frame 1/4 to 3/4 to have the KCK available.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 16 Nov 2014 11:20:51 +0000 (13:20 +0200)]
Suite B: Add AKM 00-0F-AC:11
This adds definitions for the 128-bit level Suite B AKM 00-0F-AC:11. The
functionality itself is not yet complete, i.e., this commit only
includes parts to negotiate the new AKM.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 15 Nov 2014 10:56:02 +0000 (12:56 +0200)]
tests: Clear ignore_old_scan_res setting
This parameter was used in some of the NFC test cases to make scanning
more robust in case of changing AP configuration. However, the parameter
was not cleared anywhere, so it could have been left in use for other
test cases as well. To get more consistent behavior, clear the value
back to its default between test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 15 Nov 2014 10:35:10 +0000 (12:35 +0200)]
OpenSSL: Allow TLS v1.1 and v1.2 to be negotiated by default
Use SSLv23_method() to enable TLS version negotiation for any version
equal to or newer than 1.0. If the old behavior is needed as a
workaround for some broken authentication servers, it can be configured
with phase1="tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1".
Signed-off-by: Jouni Malinen <j@w1.fi>
Andrei Otcheretianski [Wed, 5 Nov 2014 08:50:35 +0000 (03:50 -0500)]
EAP-IKEv2: Fix compilation warning
Fix signed/unsigned comparison compilation warning introduced in
08ef442 "EAP-IKEv2: Fix the payload parser".
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Dmitry Shmidt [Wed, 5 Nov 2014 21:22:25 +0000 (13:22 -0800)]
Add CTRL-EVENT-SCAN-FAILED notification in case of scan failure
This is needed since the SCAN command with radio work returns before the
actual driver operation to trigger a scan has been executed and as such,
cannot return result of that operation.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Fri, 14 Nov 2014 18:57:05 +0000 (20:57 +0200)]
Work around AP misbehavior on EAPOL-Key descriptor version
It looks like some APs are incorrectly selecting descriptor version 3
(AES-128-CMAC) for EAPOL-Key frames when version 2 (HMAC-SHA1) was
expected to be used. This is likely triggered by an attempt to negotiate
PMF with SHA1-based AKM.
Since AES-128-CMAC is considered stronger than HMAC-SHA1, allow the
incorrect, but stronger, option to be used in these cases to avoid
interoperability issues with deployed APs.
This issue shows up with "WPA: CCMP is used, but EAPOL-Key descriptor
version (3) is not 2" in debug log. With the new workaround, this issue
is ignored and "WPA: Interoperability workaround: allow incorrect
(should have been HMAC-SHA1), but stronger (is AES-128-CMAC), descriptor
version to be used" is written to the log.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 14 Nov 2014 18:56:43 +0000 (20:56 +0200)]
tests: PMF required with SHA1-based AKM
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Yanbo Li [Sun, 2 Nov 2014 09:46:35 +0000 (17:46 +0800)]
hostapd: Change drv_flags from unsigned int to u64
Some flag already using a bit larger than 32, so extend the hostapd
drv_flags type similarly to the earlier wpa_supplicant change to get the
full flag content.
Signed-off-by: Yanbo Li <yanbol@qti.qualcomm.com>
Jouni Malinen [Thu, 13 Nov 2014 14:26:55 +0000 (16:26 +0200)]
Assign QCA vendor specific nl80211 command id 52 for APFIND
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 1 Nov 2014 17:42:49 +0000 (19:42 +0200)]
tests: DFS with chanlist
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 1 Nov 2014 17:31:23 +0000 (19:31 +0200)]
Remove unused EVENT_MLME_RX
This was used in driver_test.c, but that driver wrapper has been removed
and there are no remaining or expected users for EVENT_MLME_RX.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 1 Nov 2014 17:27:48 +0000 (19:27 +0200)]
Remove unused EVENT_FT_RRB_RX
This was used in hostapd driver_test.c, but that driver wrapper has been
removed and there are no remaining or expected users for
EVENT_FT_RRB_RX.
Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan Peer [Mon, 27 Oct 2014 14:00:57 +0000 (10:00 -0400)]
tests: Make vm-run.sh arguments non-positional
This was currently breaking parallel-run.*, as it was passing
--split num/num parameters (intended for rnu-tests.py)
to vm-run.sh which broke the --codecov and --timewrap options.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 27 Oct 2014 14:00:56 +0000 (10:00 -0400)]
tests: Update vm README
Update the code coverage documentation to also specify the
source base directory for the code coverage generation.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 27 Oct 2014 14:00:55 +0000 (10:00 -0400)]
tests: Add usage() to run-all.sh
The -h or --help command line arguments can now be used to request usage
information for run-all.sh.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 27 Oct 2014 14:00:54 +0000 (10:00 -0400)]
tests: Add option to build before running all tests
Add an option --build to run-all.sh to build before starting to run all
the tests. In addition, add an option --codecov to extract the code
coverage data at the end of the run.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 27 Oct 2014 14:00:53 +0000 (10:00 -0400)]
tests: Make run-all.sh arguments non-positional
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni Malinen [Sat, 1 Nov 2014 14:24:36 +0000 (16:24 +0200)]
Remove completed to-do items
While this file has not really been updated in years, some of the
completed items can easily be removed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 1 Nov 2014 14:15:53 +0000 (16:15 +0200)]
Remove references to madwifi from various files
Number of documentation and configuration files had references to the
madwifi driver interface that was removed in the previous commit. Remove
these references as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 1 Nov 2014 14:13:41 +0000 (16:13 +0200)]
madwifi: Remove obsolete madwifi driver interface
The MadWifi project is not active anymore and the last release happened
in early 2008. As such, there is no remaining justification for
maintaining the madwifi-specific driver interface for hostapd either.
Signed-off-by: Jouni Malinen <j@w1.fi>
Slava Monich [Tue, 28 Oct 2014 16:20:37 +0000 (18:20 +0200)]
dbus: Fix memory leak in wpas_dbus_getter_bss_wps
Signed-off-by: Slava Monich <slava.monich@jolla.com>
Martin Kletzander [Wed, 29 Oct 2014 10:12:36 +0000 (11:12 +0100)]
wpa_gui: Use dialog window type
This helps window managers treat the window properly. Mostly tiling WMs
are affected by this. All other windows inherit this option from QDialog
already.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Jouni Malinen [Thu, 30 Oct 2014 22:48:12 +0000 (00:48 +0200)]
tests: Concurrent station mode scan and p2p_find with P2P Device
This verifies that station mode interface SCAN command gets executed if
P2P Device instance is running p2p_find.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 30 Oct 2014 18:01:21 +0000 (20:01 +0200)]
tests: P2P_STOP_FIND/P2P_FLUSH to ignore new results
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Thu, 30 Oct 2014 15:21:52 +0000 (20:51 +0530)]
P2P: Do not consider the p2p_scan results after p2p_stop_find
If p2p_stop_find is issued after the p2p_scan request is triggered to
the host driver, the obtained scan results are also considered to update
the P2P peer entries. This is not always desired behavior, i.e., it can
be clearer if no P2P-DEVICE-FOUND events are generated based of that
final pending scan.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 30 Oct 2014 18:13:16 +0000 (20:13 +0200)]
P2P: Document p2p_in_progress() return value 2
Function documentation was not in sync with the implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Thu, 30 Oct 2014 12:07:46 +0000 (17:37 +0530)]
P2P: Delay scan operation only when P2P is not in search state
With the radio work interface in place, station interface SCAN command
was not scheduled (i.e., it got continously delayed with "Delay station
mode scan while P2P operation is in progress") when a p2p_find was
operational. Fix this be delaying station mode scan only when a P2P
operation is in progress, but not in search state.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Thu, 30 Oct 2014 10:50:22 +0000 (16:20 +0530)]
P2P: Set p2p_scan_running based on driver scan request result
With the radio work interface, the actual request to start p2p_scan
operation is scheduled from a radio work and hence the initial return
value cannot provide the real result of the driver operation to trigger
a scan. Introduce a new notification API to indicate the scan trigger
status based on which the p2p_scan_running instance can be set using the
real return value from the driver operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 30 Oct 2014 09:43:47 +0000 (11:43 +0200)]
MACsec: Fix policy configuration
macsec_validate variable was set incorrectly to FALSE(0) or TRUE(1)
instead of the enum validate_frames values (Disabled(0), Checked(1),
Strict(2). This ended up policy == SHOULD_SECURE to be mapped to
macsec_validate == Checked instead of Strict. This could have resulted
in unintended SecY forwarding of invalid packets rather than dropping
them.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 29 Oct 2014 11:04:09 +0000 (13:04 +0200)]
P2P: Clean up p2p_go_neg_failed() calls
This function is always called with the peer argument equal to
p2p->go_neg_peer, so there is no need for that argument to be there. In
addition, p2p->go_neg_peer is not NULL in cases where there is an
ongoing GO Negotiation, so the function can be simplified to just check
once whether the peer pointer is set and if not, skip all processing.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 28 Oct 2014 14:39:33 +0000 (16:39 +0200)]
tests: GO Negotiation and timeout while waiting for peer
grpform_cred_ready_timeout2 is similar to the grpform_cred_ready_timeout
test case with the difference being in initiating a P2P_FIND operation
during the wait.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Rashmi Ramanna [Tue, 28 Oct 2014 11:26:43 +0000 (16:56 +0530)]
P2P: Use timer to fail GO Negotation while waiting for peer
The timeout check while waiting for the peer to accept the GO
Negotiation depended on the WAIT_PEER_IDLE or WAIT_PEER_CONNECT states
being in use. Any P2P command to alter such states would have resulted
in the failure to time out GO Negotiation and thus ended up in not
indicating GO Negotiation failure or left the selected peer available
for new GO negotiation after the expected two minute timeout.
Fix this by using a separate timer to time out GO Negotiation
irrespective of the P2P state.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 28 Oct 2014 12:01:16 +0000 (14:01 +0200)]
tests: Remove ap_ht40_csa and ap_ht40_csa3 workarounds
The issue in mac80211 was identified and proposed fix is now available,
so remove the workaround here and start reporting failures from
unexpected disconnection during CSA.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 27 Oct 2014 23:47:17 +0000 (01:47 +0200)]
P2P: Do not call wpas_p2p_disconnect_safely() if no match is found
In theory, wpas_p2p_disconnect_safely() could have dereferenced the
wpa_s == NULL argument, but in practice, it won't due to the
calling_wpa_s == wpa_s check and wpas_p2p_disconnect() accepting NULL.
Anyway, it is cleaner to add an explicit check for this. (CID 74492)
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 27 Oct 2014 23:41:57 +0000 (01:41 +0200)]
nl80211: Fix a copy-paste error in key offload management
Commit
b41f26845aaa7cf8aed6e4889e7041debc476ef9 ('Add support for
offloading key management operations to the driver') used incorrect
variable for determining the KCK length. This does not get triggered in
normal use cases since KCK and KEK are always included and of the same
length (in currently supported key management cases). Anyway, this needs
to be fixed to check the correct attribute. (CID 74491)
Signed-off-by: Jouni Malinen <j@w1.fi>
Kyeyoon Park [Fri, 26 Sep 2014 05:32:55 +0000 (22:32 -0700)]
AP: Add support for Proxy ARP, DHCP snooping mechanism
Proxy ARP allows the AP devices to keep track of the hardware address to
IP address mapping of the STA devices within the BSS. When a request for
such information is made (i.e., ARP request, Neighbor Solicitation), the
AP will respond on behalf of the STA device within the BSS. Such
requests could originate from a device within the BSS or also from the
bridge. In the process of the AP replying to the request (i.e., ARP
reply, Neighbor Advertisement), the AP will drop the original request
frame. The relevant STA will not even know that such information was
ever requested.
This feature is a requirement for Hotspot 2.0, and is defined in IEEE
Std 802.11-2012, 10.23.13. While the Proxy ARP support code mainly
resides in the kernel bridge code, in order to optimize the performance
and simplify kernel implementation, the DHCP snooping code was added to
the hostapd.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Thu, 25 Sep 2014 06:17:29 +0000 (23:17 -0700)]
common: Add definition for ETH_HLEN
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Sat, 27 Sep 2014 04:09:54 +0000 (21:09 -0700)]
AP: Add support for setting bridge network parameter
This allows setting a network parameter on the bridge that the BSS
belongs to.
This commit adds the needed functionality in driver_nl80211.c for the
Linux bridge implementation. In theory, this could be shared with
multiple Linux driver interfaces, but for now, only the main nl80211
interface is supported.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Fri, 26 Sep 2014 04:04:43 +0000 (21:04 -0700)]
AP: Add support for setting bridge port attributes
This allows setting a bridge port attribute. Specifically, the bridge
port in this context is the port to which the BSS belongs.
This commit adds the needed functionality in driver_nl80211.c for the
Linux bridge implementation. In theory, this could be shared with
multiple Linux driver interfaces, but for now, only the main nl80211
interface is supported.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Wed, 24 Sep 2014 06:02:04 +0000 (23:02 -0700)]
AP: Add support for IPv4 neighbor entry management to the BSS bridge
This allows adding/deleting an IPv4 neighbor entry to/from the bridge,
to which the BSS belongs. This commit adds the needed functionality in
driver_nl80211.c for the Linux bridge implementation. In theory, this
could be shared with multiple Linux driver interfaces, but for now, only
the main nl80211 interface is supported.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Wed, 10 Sep 2014 05:25:16 +0000 (22:25 -0700)]
nl80211: Make br_ifindex available in i802_bss
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Mon, 8 Sep 2014 21:27:11 +0000 (14:27 -0700)]
l2_packet: Add support for DHCP packet filter in l2_packet_linux
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Jouni Malinen [Mon, 27 Oct 2014 22:24:11 +0000 (00:24 +0200)]
tests: Scan result update changing last_scan_res and connect_work
This verifies that last_scan_res and connect work pointers to BSS
entries get updated when scan result update ends up removing or
reallocating a BSS entry.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 27 Oct 2014 22:19:24 +0000 (00:19 +0200)]
Update pending connect radio work BSS pointer on scan update
It is possible for scan result processing or BSS entry removal to occur
while there is a pending connect or sme-connect radio work with a
previously selected BSS entry. The BSS pointer was previously verified
to be valid, i.e., still point to a BSS entry, at the time the actual
connection operation is started. However, that BSS entry could have
changed to point to another BSS if the old BSS entry was either removed
or reallocated and a new BSS entry was added at the same location in
memory. This could result in the connection attempt failing to configure
parameters properly due to different BSS information (e.g., different
BSSID).
Fix this by updated the pending connect radio work data on BSS entry
updates similarly to how the last_scan_res array was updated. If the
selected BSS entry is removed, this will still result in a failed
connection, but reallocated BSS entry is now followed properly and used
when the connection work starts.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 27 Oct 2014 18:19:45 +0000 (20:19 +0200)]
tests: WPS with ap_scan=2
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Mon, 20 Oct 2014 04:48:47 +0000 (10:18 +0530)]
Invoke connect work done for all the connection failure cases
This commit fixes couple of connection failure paths where
wpas_connect_work_done() was not called, thus enabling the radio work
interface to proceed with the other queued actions.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 27 Oct 2014 18:13:39 +0000 (20:13 +0200)]
WPS: Fix ap_scan=2 special association case
Commit
22628eca3440976bf51846da0554099f7429b206 ('Support driver-based
BSS selection in ap_scan=1 mode') ended up disabling the special
ap_scan=2 WPS case where ap_scan=1 like scan followed by association is
used to find the WPS AP using wildcard SSID. Fix this by allowing
association request even with wpas_driver_bss_selection() when searching
for a WPS AP.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Tomasz Bursztyka [Thu, 23 Oct 2014 08:31:21 +0000 (11:31 +0300)]
dbus: Redirect P2P request to the managment device if present
In case of a P2P management device being present, it will be up to that
interface to handle P2P requests.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Thu, 23 Oct 2014 08:31:20 +0000 (11:31 +0300)]
notify: Do not raise any signal from a P2P management interface
Such interface is not registered on DBus, thus there is no need to raise
any signal from it.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>