Tomasz Bursztyka [Wed, 14 May 2014 13:10:38 +0000 (16:10 +0300)]
dbus: Declare GONegotiation signals properly
These signals delivers an array of key/value pairs, thus declaring those
as it should.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Dmitry Shmidt [Thu, 15 May 2014 22:55:21 +0000 (15:55 -0700)]
Send authentication failure reason in wpas_auth_failed()
"WRONG_KEY" - possibly wrong psk
"AUTH_FAILED" - authentication failure
"CONN_FAILED" - continiuos connection failure
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Fri, 16 May 2014 13:49:17 +0000 (16:49 +0300)]
P2P: Iterate through full pref_chan list in search of a valid channel
p2p_get_pref_freq() went through the full list only if the channels
arguments was provided. If no channel list contraint was in place, the
first pref_chan item was picked regardless of whether it is valid
channel and as such, a later valid entry could have been ignored. Allow
this to loop through all the entries until a valid channel is found or
the end of the pref_chan list is reached. As an extra bonus, this
simplifies the p2p_get_pref_freq() implementation quite a bit.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 22:23:29 +0000 (01:23 +0300)]
tests: Verify HT40 coex scan with 20 MHz legacy BSS
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Rajkumar Manoharan [Wed, 14 May 2014 07:41:44 +0000 (13:11 +0530)]
hostapd: Check for overlapping 20 MHz BSS before starting 20/40 MHz BSS
Before starting a 20/40 MHz BSS on the 2.4 GHz band, a 40-MHz-capable HT
AP is required by the rules defined in IEEE Std 802.11-2012 10.15.5 to
examine the channels of the current operational regulatory domain to
determine whether the operation of a 20/40 MHz BSS might unfairly
interfere with the operation of existing 20 MHz BSSs. The AP (or some of
its associated HT STAs) is required to scan all of the channels of the
current regulatory domain in order to ascertain the operating channels
of any existing 20 MHz BSSs and 20/40 MHz BSSs. (IEEE 802.11-2012 S.5.2
Establishing a 20/40 MHz BSS).
Add the check for an overlapping 20 MHz BSS to the initial AP scan for
the P == OT_i case in 10.15.3.2.
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Eduardo Abinader [Wed, 14 May 2014 13:08:47 +0000 (09:08 -0400)]
WPS: Deinit before wpas_p2p_disconnect()
When there is a pending WPS negotiation for P2P and signal interrupt is
triggered, invalid read occurs in wpas_wps_terminate_pending() if
wpas_p2p_disconnect() removed the interface. Inverting deinit order
solves the issue.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Simon Baatz [Thu, 15 May 2014 18:10:39 +0000 (20:10 +0200)]
SCARD: Fix GSM authentication on USIM
scard_gsm_auth() used SIM_CMD_GET_RESPONSE for both SIM and USIM. Convert
the command into USIM_CMD_GET_RESPONSE for USIM.
Since commit
eb324600295 ("Fix switching from EAP-SIM to EAP-AKA/AKA'")
EAP-SIM is using the USIM if available. This triggers a probably ancient
bug in scard_gsm_auth(), which results in sending the wrong get response
command to the USIM. Thus, EAP-SIM stopped to work after this change on
USIMs that expect the proper command.
Signed-off-by: Simon Baatz <gmbnomis@gmail.com>
Jouni Malinen [Thu, 15 May 2014 21:57:40 +0000 (00:57 +0300)]
tests: Verify that WPS operation report failure if WPS is disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
Petar Koretic [Wed, 14 May 2014 13:51:04 +0000 (13:51 +0000)]
WPS: Fix return value when context is not valid
If WPS isn't enabled, hostapd_cli returns 'OK' even though WPS doesn't
get activated because WPS context is not valid:
$ hostapd_cli wps_pbc
Selected interface 'wlan0'
OK
$ hostapd_cli wps_cancel
Selected interface 'wlan0'
OK
Fix this by returning appropriate error when WPS fails to activate:
$ hostapd_cli wps_pbc
Selected interface 'wlan0'
FAIL
$ hostapd_cli wps_cancel
Selected interface 'wlan0'
FAIL
Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
CC: Luka Perkov <luka.perkov@sartura.hr>
Jouni Malinen [Thu, 15 May 2014 21:27:47 +0000 (00:27 +0300)]
tests: Make GAS test cases more robust
Scan explicitly for the specific AP to work around issues where under
heavy CPU load, the single active scan round may miss the delayed Probe
Response from the AP. In addition, verify that ANQP_GET commands succeed
to make error cases clearer in the log.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 15 May 2014 20:58:10 +0000 (23:58 +0300)]
tests: Verify P2P GO Negotiation wait-for-ready timeout
This verifies that the wait for peer to be ready for GO Negotiation is
timed out properly at no less than 120 seconds. Since this is a long
test case, it is disabled by default without the --long option.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Rashmi Ramanna [Wed, 14 May 2014 09:05:02 +0000 (14:35 +0530)]
P2P: Modify the timeout for GO Negotiation on no concurrent session
Peer should handle a GO Negotiation exchange correctly when the
responding device does not have WSC credentials available at the
time of receiving the GO Negotiation Request. WSC Credentials
(e.g., Pushbutton) can be entered within the 120 second timeout.
Presently, if concurrent session is not active, the peer would wait for
GO Negotiation Request frame from the other device for approximately one
minute due to the earlier optimization change in commit
a2d63657603b8f0714274f34bea45cb5d0c0a7b9. To meet the two minute
requirement, replace this design based on number of iterations with a
more appropriate wait for the required number of seconds.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 19:16:19 +0000 (22:16 +0300)]
P2P: Refrain from performing extended listen during PD
Extend the previous commit
0f1034e3889e7b8f54ed59317f1234db8167d12e to
skip extended listen also based on ongoing provision discovery operation
(which does not show up as a separate P2P module state and as such, was
not coveraged by the previous commit).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 18:35:09 +0000 (21:35 +0300)]
tests: Verify P2P_FIND operation when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 18:34:32 +0000 (21:34 +0300)]
P2P: Reject P2P_FIND and P2P_LISTEN on disabled interface
This makes the P2P operations behave more consistently with the SCAN
command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 18:32:54 +0000 (21:32 +0300)]
P2P: Clear P2P state if active interface is disabled
The radio works for the interface get removed if interface is disabled.
This could have left P2P module in invalid state if the interface got
disabled during a p2p_find or p2p_listen operation. Clear the state in
such a case to avoid blocking following operations due to P2P module
assuming it is still in progress of doing something.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 18:10:52 +0000 (21:10 +0300)]
tests: Verify scan behavior when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 18:09:48 +0000 (21:09 +0300)]
Add DRIVER_EVENT ctrl_iface command for testing purposes
This new command can be used to simulate driver events without having to
go through the driver wrapper or kernel code for this. This enables more
testing coverage with hwsim.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 15 May 2014 14:50:51 +0000 (17:50 +0300)]
tests: Show number of remaining parallel VMs
Make the parallel-vm.sh output a bit more helpful by showing a count of
running VMs.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 15 May 2014 15:04:59 +0000 (18:04 +0300)]
tests: Make ap_acl_accept and ap_acl_deny more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 15 May 2014 13:57:10 +0000 (16:57 +0300)]
tests: Make wpas_ctrl_bssid_filter more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 15 May 2014 11:13:39 +0000 (14:13 +0300)]
tests: Make discovery_group_client more robust
Allow three P2P_FIND attempts for discovering the GO on a non-social
channels since the single Probe Response frame can be missed easily
under heavy CPU load.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 15 May 2014 09:40:02 +0000 (12:40 +0300)]
wlantest: Add support for OSEN
This allows Hotspot 2.0 OSEN connection to be analyzed more
conveniently. The frames from an OSEN association can now be decrypted
using an MSK file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 14 May 2014 22:02:03 +0000 (01:02 +0300)]
tests: Make WPS test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 14 May 2014 21:31:30 +0000 (00:31 +0300)]
tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 14 May 2014 14:02:32 +0000 (17:02 +0300)]
tests: Make FT test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 14 May 2014 10:35:32 +0000 (13:35 +0300)]
tests: Make HS 2.0 test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 14 May 2014 09:54:13 +0000 (12:54 +0300)]
tests: Make scan and scan_only more robust
These can fail during heavy CPU load due to active scan dwell time not
being long enough to catch the delayed Probe Response frame from the AP.
Work around this by allowing multiple scan attempts to see the response.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 13 May 2014 23:31:55 +0000 (02:31 +0300)]
tests: Verify P2P GO start when scan_req = MANUAL_SCAN_REQ
There was a bug in this code path that resulted in the
skip-scan-to-start-GO case to not actually skip the scan. It looks like
this could be hit at least when autoscan was enabled, but it is possible
that some other sequences could hit this as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 13 May 2014 23:13:18 +0000 (02:13 +0300)]
P2P: Make sure GO start does not miss connect_without_scan
It looks like there was a possible sequence for wpa_s->scan_req to be
MANUAL_SCAN_REQ at the moment a GO is to be started. This could result
in the "Request scan (that will be skipped) to start GO" to actually not
skip the scan and end up stuck waiting for something external to trigger
a scan before the GO could be started. Fix this by clearing
wpa_s->scan_req when deciding to start the GO.
This issue could be hit at least by first enabling autoscan and then
issuing P2P_GROUP_ADD. Other sequences that set wpa_s->scan_req to
MANUAL_SCAN_REQ without going through wpa_supplicant_scan() to clear it
immediately could also have similar effect (and there is even a small
window for the wpa_supplicant_scan() call to happen only after the
P2P_GROUP_ADD command is processed, so this could potentially have
happened even with SCAN + P2P_GROUP_ADD).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 13 May 2014 22:29:55 +0000 (01:29 +0300)]
tests: Work around grpform_pbc_overlap robustness issues
Since P2P Client scan case is now optimzied to use a specific SSID, the
WPS AP will not reply to that and the scan after GO Negotiation can
quite likely miss the AP due to dwell time being short enoguh to miss
the Beaco frame. This has made the test case somewhat pointless, but
keep it here for now with an additional scan to confirm that PBC
detection works if there is a BSS entry for a overlapping AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 13 May 2014 21:47:42 +0000 (00:47 +0300)]
nl80211: Fix send_frame freq for IBSS
bss->freq was not updated for IBSS, so whatever old value was stored
from a previous AP mode operation could end up having been used as the
channel when trying to send Authentication frames in an RSN IBSS. This
resulted in the frame not sent (cfg80211 rejects it) and potentially not
being able to re-establish connection due to 4-way handshake failing
with replay counter mismatches. Fix this by learning the operating
channel of the IBSS both when join event is received and when a
management frame is being transmitted since the IBSS may have changed
channels due to merges.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 13 May 2014 21:12:40 +0000 (00:12 +0300)]
tests: Make pmksa_cache_on_roam_back more robust
The single channel scan while associated to another AP and immediately
after starting the second AP can miss the Probe Response frame
especially under heavy CPU load. Avoid false error reports by allowing
multiple scan rounds to be performed. wpas_ctrl_bssid_filter is also
modified to take into account different get_bss() behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
Rashmi Ramanna [Tue, 13 May 2014 10:44:18 +0000 (16:14 +0530)]
P2P: Fix scan optimization for GO during persistent group invocation
Commit
41d5ce9e0b7b37dd84fbf3c1aa5ed571c32321d4 was intended to scan for
GO on the negotiated channel for few iterations, but it did not work
correctly due to incorrect operator being used. Fix this by requiring
both conditions to be met for the single channel scan.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Edhar, Mahesh Kumar [Mon, 5 May 2014 06:33:21 +0000 (12:03 +0530)]
P2P: Validate GO operating channel on channel list changes
On receiving CHANNEL_LIST_CHANGED event from driver, verify that local
GO (if any) is operating in valid frequency. If not, we should remove
the group and reform on valid frequency. Indicate this similarly to the
avoid-frequency notification (i.e., a control interface message for
upper layers to react to this for now; potentially CSA later).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Alexandru Costache [Mon, 12 May 2014 16:14:55 +0000 (19:14 +0300)]
Remove leftover timeouts on cleanup
Signed-off-by: Alexandru Costache <alexandru.costache.100@gmail.com>
Jouni Malinen [Mon, 12 May 2014 15:50:05 +0000 (18:50 +0300)]
tests: DUP_NETWORK
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Dmitry Shmidt [Tue, 29 Apr 2014 20:41:47 +0000 (13:41 -0700)]
Add 'dup_network <id_s> <id_d> <name>' command
This command allows to copy network variable from one network to
another, e.g., to clone the psk field without having to extract it from
wpa_supplicant.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Hannu Mallat [Mon, 12 May 2014 11:33:12 +0000 (14:33 +0300)]
dbus: Reorder deauthentication and cleanup calls when removing a network
Valgrind indicates reference to already freed memory if function
wpa_config_remove_network() is called prior to calling
wpa_supplicant_deauthenticate(), and this can lead to a crash.
Inverting the call order fixes the problem.
Signed-off-by: Hannu Mallat <hannu.mallat@jollamobile.com>
Jouni Malinen [Sun, 11 May 2014 20:01:10 +0000 (23:01 +0300)]
tests: Clear cfg80211 scan results before HT coex tests
This is needed to avoid incorrect failures based on neighboring BSSes
from earlier test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 17:59:07 +0000 (20:59 +0300)]
tests: UNAUTH-TLS
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 17:54:15 +0000 (20:54 +0300)]
tests: EAP-pwd with server fragmenting messages
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 17:53:41 +0000 (20:53 +0300)]
EAP-pwd server: Allow fragment_size to be configured
Previously, the fragment_size parameter was ignored and the default
value of 1020 was hardcoded.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 17:42:18 +0000 (20:42 +0300)]
tests: EAP-IKEv2 fragmentation
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 17:40:44 +0000 (20:40 +0300)]
EAP-IKEv2: Allow frag ack without integrity checksum
RFC 5106 is not exactly clear on the requirements for the "no data"
packet that is used to acknowledge a fragmented message. Allow it to be
processed without the integrity checksum data field since it is possible
to interpret the RFC as this not being included. This fixes reassembly
of fragmented frames after keys have been derived.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 17:09:40 +0000 (20:09 +0300)]
tests: EAP-FAST and missing PAC configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 17:03:45 +0000 (20:03 +0300)]
tests: EAP-FAST using binary PAC file format
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 15:39:54 +0000 (18:39 +0300)]
tests: EAP-pwd with invalid group
This could result in wpa_supplicant segmentation fault prior to the
EAP-pwd fix for error case handling.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 15:38:07 +0000 (18:38 +0300)]
EAP-pwd: Fix processing of group setup failure
If invalid group was negotiated, compute_password_element() left some of
the data->grp pointer uninitialized and this could result in
segmentation fault when deinitializing the EAP method. Fix this by
explicitly clearing all the pointer with eap_zalloc(). In addition,
speed up EAP failure reporting in this type of error case by indicating
that the EAP method execution cannot continue anymore on the peer side
instead of waiting for a timeout.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 15:18:58 +0000 (18:18 +0300)]
tests: Fix scan_bss_operations
The BSS id numbers were assumed to start from 0 at the beginning of this
test case, but that is only the case if this is run as the first test
after starting wpa_supplicant. Fix the test case to figure out the id
values dynamically to avoid false errors.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 14:08:31 +0000 (17:08 +0300)]
tests: EAP-SIM/AKA configuration parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 18:22:55 +0000 (21:22 +0300)]
EAP-pwd peer: Export Session-Id through getSessionId callback
EAP-pwd was already deriving the EAP Session-Id, but it was not yet
exposed through the EAP method API.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 09:43:09 +0000 (12:43 +0300)]
eapol_test: Check EAP-Key-Name
The new command line argument -e can be used to request the server to
send EAP-Key-Name in Access-Accept. If both the local EAP peer
implementation and server provide the EAP Session-Id, compare those
values and indicate in debug log whether a match was seen.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 09:42:55 +0000 (12:42 +0300)]
RADIUS: Define EAP-Key-Name
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 10 May 2014 22:06:00 +0000 (01:06 +0300)]
tests: EAP-SIM/AKA/AKA' with SQLite
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 11 May 2014 14:54:59 +0000 (17:54 +0300)]
EAP-SIM peer: Fix counter-too-small message building
The extra data (nonce_s) used in this message was pointing to the
parsed, decrypted data and that buffer was previously freed just before
building the new message. This resulted in use of freed data and
possibly incorrect extra data value that caused the authentication
attempt to fail. Fix this by reordering the code to free the decrypted
data only after the new message has been generated. This was already the
case for EAP-AKA/AKA', but somehow missing from EAP-SIM.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 10 May 2014 18:33:49 +0000 (21:33 +0300)]
tests: EAP with expanded Nak
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 10 May 2014 18:20:54 +0000 (21:20 +0300)]
tests: EAP roundtrip limit
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 10 May 2014 13:17:41 +0000 (16:17 +0300)]
tests: HS 2.0 with FT
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 10 May 2014 13:15:20 +0000 (16:15 +0300)]
Interworking: Allow FT to be used for connection
This extends Interworking network selection to enable FT-EAP as an
optional key_mgmt value to allow FT to be used instead of hardcoding
WPA2-Enterprise without FT.
Signed-off-by: Jouni Malinen <j@w1.fi>
Eduardo Abinader [Wed, 7 May 2014 22:42:52 +0000 (18:42 -0400)]
Remove duplicated ibss_rsn_deinit() call
No need to call ibss_rsn_deinit() again since it is already being called
by wpa_supplicant_mark_disassoc().
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Jouni Malinen [Sat, 10 May 2014 09:36:19 +0000 (12:36 +0300)]
X.509: Fix v3 parsing with issuerUniqueID/subjectUniqueID present
The current position pointer was not updated when issuerUniqueID or
subjectUniqueID were present. This could result in extensions being
ignored.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 10 May 2014 09:15:36 +0000 (12:15 +0300)]
tests: Fix couple of compiler warnings
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 9 May 2014 19:49:49 +0000 (22:49 +0300)]
tests: Add 4.16.1 and 4.16.2 from NIST PKITS
This adds two more X.509 path validation test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Sunil Dutt [Tue, 6 May 2014 16:34:37 +0000 (22:04 +0530)]
P2P: Refrain from performing extended listen during P2P connection
Do not perform extended listen period operations when either a P2P
connection is in progress. This makes the connection more robust should
an extended listen timer trigger during such an operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Tue, 25 Mar 2014 19:39:02 +0000 (21:39 +0200)]
Add macsec_qca driver wrapper
This is based on driver_wired.c and provides driver interface for the
QCA MACsec driver.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Tue, 25 Mar 2014 19:39:02 +0000 (21:39 +0200)]
MACsec: wpa_supplicant integration
Add MACsec to the wpa_supplicant build system and configuration file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Tue, 25 Mar 2014 19:39:02 +0000 (21:39 +0200)]
MACsec: Add PAE implementation
This adds initial implementation of IEEE Std 802.1X-2010 PAE for MACsec.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Tue, 25 Mar 2014 19:39:02 +0000 (21:39 +0200)]
MACsec: Add driver_ops
This defines new driver_ops to be used with MACsec.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Tue, 25 Mar 2014 19:39:02 +0000 (21:39 +0200)]
MACsec: Add common IEEE 802.1X definitions
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Mon, 31 Mar 2014 14:38:54 +0000 (17:38 +0300)]
MACsec: Add define for EAPOL type MKA
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Mon, 31 Mar 2014 14:36:55 +0000 (17:36 +0300)]
MACsec: Allow EAPOL version 3 to be configured
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Hu Wang [Tue, 25 Mar 2014 20:06:20 +0000 (22:06 +0200)]
Add function to fetch EAP Session-Id from EAPOL supplicant
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Chandrasekaran, Manishekar [Mon, 5 May 2014 09:21:37 +0000 (14:51 +0530)]
nl80211: Use max associated STAs information in AP mode
Propagate max associated STAs in AP mode advertised by the driver to
core wpa_supplicant implemantion. This allows wpa_supplicant to update
the P2P GO group limit information automatically without having to
configure this limit manually. The information (if available) is also
used in the generic AP implementation to control maximum number of STA
entries.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 29 Apr 2014 15:47:36 +0000 (18:47 +0300)]
Fix MinGW build
No need to use ENOBUFS within core wpa_supplicant, so just replace it
with -1 to work arounds MinGW build issues.
Signed-off-by: Jouni Malinen <j@w1.fi>
Eliad Peller [Thu, 24 Apr 2014 05:45:39 +0000 (08:45 +0300)]
wpa_supplicant: Add Wake-on-WLAN configuration support
Add a new wowlan_triggers option to wpa_supplicant.conf. The triggers in
this key will be used to configure the kernel wowlan configuration.
For now, support only simple flags. More complex triggers can be added
later on.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Dmitry Shmidt [Fri, 11 Apr 2014 23:05:39 +0000 (16:05 -0700)]
Android: Use extended P2P functionality (ANDROID_P2P) for all vendors
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Arik Nemtsov [Thu, 24 Apr 2014 05:45:38 +0000 (08:45 +0300)]
TDLS: Fully tear down existing link before setup
Disabling the link only clears the local state. The remote peer will
still think we are connected and disallow the setup.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Thu, 24 Apr 2014 05:45:37 +0000 (08:45 +0300)]
TDLS: Disable links during AP deauth in external flow
When de-authenticating from the AP, disable each TDLS link after
sending the teardown packet. Postpone the reset of the peer state
data until after the link disable request.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Jouni Malinen [Tue, 29 Apr 2014 15:09:17 +0000 (18:09 +0300)]
TDLS: Make wpa_tdls_send_teardown() static
This function was not used anywhere outside tdls.c.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ilan Peer [Thu, 24 Apr 2014 05:45:33 +0000 (08:45 +0300)]
nl80211: Take ownership of dynamically added interfaces
Indicate to cfg80211 that interfaces created by the wpa_supplicant
or hostapd are owned by them, and that in case that the socket that
created them closes, these interfaces should be removed.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Eduardo Abinader [Sat, 26 Apr 2014 00:46:03 +0000 (20:46 -0400)]
nl80211: Cancel rfkill timeout on deinit
Got segfault, when freeing drv and there exists registered timeout for
blocked rfkill. This patch adds cancel timeout to avoid this.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Jouni Malinen [Tue, 29 Apr 2014 14:24:00 +0000 (17:24 +0300)]
tests: Add more cred parameters into config file test
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sreenath Sharma [Mon, 28 Apr 2014 11:57:47 +0000 (17:27 +0530)]
HS 2.0 R2: Fix writing of domain_suffix_match cred parameter
This was supposed to end with a newline character so that parameters are
aligned in configuration file.
Signed-off-by: Sreenath Sharma <sreenats@broadcom.com>
Pradeep Reddy POTTETI [Mon, 28 Apr 2014 14:56:17 +0000 (20:26 +0530)]
TDLS: Pass peer's capability info to the driver in open mode
Commit
96ecea5eb14cc1362cb01b914ac4163324294a28 did not consider
to pass the VHT/HT/WMM capabilities of the peer for BSS with
open mode.
Address this issue by passing the capabilities irrespective of
the security mode.
Signed-off-by: Pradeep Reddy POTTETI <c_ppotte@qti.qualcomm.com>
Jouni Malinen [Tue, 29 Apr 2014 11:46:09 +0000 (14:46 +0300)]
tests: Verify global control interface before starting each test
This allows control interface issues to be caught in a bit more readable
way in the debug logs. In addition, dump pending monitor socket
information more frequently and within each test case in the log files
to make the output clearer and less likely to go over the socket buffer
limit.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 26 Apr 2014 19:05:34 +0000 (22:05 +0300)]
tests: ROAM error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 19:01:55 +0000 (22:01 +0300)]
tests: BSS command parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 18:44:23 +0000 (21:44 +0300)]
tests: GET_CAPABILITY special cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 18:39:13 +0000 (21:39 +0300)]
tests: SET_CRED/GET_CRED error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 18:35:07 +0000 (21:35 +0300)]
tests: Additional REMOVE_CRED coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 18:29:19 +0000 (21:29 +0300)]
tests: Large number of creds and LIST_CREDS truncation
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 18:23:44 +0000 (21:23 +0300)]
tests: SET/GET_NETWORK failure cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 18:16:36 +0000 (21:16 +0300)]
tests: SELECT/ENABLE/DISABLE/REMOVE_NETWORK failure cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 18:10:56 +0000 (21:10 +0300)]
tests: SELECT_NETWORK any
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 14:46:32 +0000 (17:46 +0300)]
tests: WPS PIN provisioning with configured WPS v1.0 AP
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 14:25:26 +0000 (17:25 +0300)]
tests: Make ap_wps_init_2ap_pin/pbc more robust
It is possible for the scan to miss a Probe Response frame especially
under heavy load, so try again to avoid reporting invalid failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 14:18:37 +0000 (17:18 +0300)]
tests: Verify network information in SCAN_RESULTS
This checks WPA/RSN IE parsing result and WEP information in
SCAN_RESULTS.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 14:09:48 +0000 (17:09 +0300)]
tests: Invalid MAC address with BLACKLIST
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 26 Apr 2014 14:05:57 +0000 (17:05 +0300)]
tests: id_str in network configuration
Signed-off-by: Jouni Malinen <j@w1.fi>