Jouni Malinen [Thu, 13 Feb 2014 14:14:04 +0000 (16:14 +0200)]
NFC: Workaround nfcpy message debug exception
The current nfcpy version does not support new WSC connection handover
message format and the handover server fails to process the request due
to a debug print. As a temporary workaround, override
HandoverServer::_process_request() with a version that avoids pretty()
print of the handover messages. This can be removed once nfcpy has been
updated to support the new format.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Eytan Lifshitz [Mon, 10 Feb 2014 10:55:09 +0000 (12:55 +0200)]
Avoid NULL dereference in ieee802_1x_get_mib_sta() printf
In function ieee802_1x_get_mib_sta(), eap_server_get_name() may return
NULL, and it could be dereferenced immidiately by os_snprintf() (if the
snprintf implementation does not handle NULL pointer).
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Eytan Lifshitz [Mon, 10 Feb 2014 10:55:08 +0000 (12:55 +0200)]
wpa_supplicant: Fix NULL dereference in tls_verify_cb()
In function tls_verify_cb(), X509_STORE_CTX_get_current_cert() may
return NULL, and it will be dereferenced by X509_get_subject_name().
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Eytan Lifshitz [Mon, 10 Feb 2014 10:55:07 +0000 (12:55 +0200)]
wpa_supplicant: Fix NULL dereference in eap_fast_parse_end()
In eap_fast_parse_end(), pos might be NULL if the line doesn't
contain '='.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Eytan Lifshitz [Mon, 10 Feb 2014 10:55:06 +0000 (12:55 +0200)]
Remove unnecessary NULL check
In send_assoc_resp(), sta was checked for NULL, although it can't be
NULL.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Eytan Lifshitz [Mon, 10 Feb 2014 10:55:06 +0000 (12:55 +0200)]
Fix theoretical NULL dereference in debug printf
In hostapd_logger_cb(), module_str is checked for NULL (on a path that
does not get executed in practice), and then possibly dereferenced in
snprintf() anyway.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Max Stepanov [Mon, 10 Feb 2014 10:55:05 +0000 (12:55 +0200)]
P2P: Avoid compiler warning in p2p_supplicant.c
Initialize flag variable explicitly to avoid [-Wmaybeuninitialized]
compiler warning in wpas_p2p_verify_channel().
Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
Max Stepanov [Mon, 10 Feb 2014 10:55:04 +0000 (12:55 +0200)]
DFS: Avoid compiler warnings in src/ap/dfs.c
Initialize variables explicitly to avoid [-Wmaybeuninitialized] compiler
warning in hostapd_handle_dfs() and
hostapd_dfs_start_channel_switch_cac() functions.
Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
Eytan Lifshitz [Mon, 10 Feb 2014 10:55:03 +0000 (12:55 +0200)]
wpa_supplicant: Fix memory leak in wfd_subelems error path
Memory allocated by calling function ieee802_11_vendor_ie_concat()
was not freed on an error path int ctrl_iface BSS command.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Jouni Malinen [Thu, 13 Feb 2014 13:29:09 +0000 (15:29 +0200)]
Fix CONFIG_WPS_NFC=y build without CONFIG_P2P=y
Some of the control interface operations for P2P were not properly
protected with #ifdef CONFIG_P2P.
Signed-off-by: Jouni Malinen <j@w1.fi>
Dmitry Shmidt [Thu, 13 Feb 2014 13:14:18 +0000 (15:14 +0200)]
Add bssid/freq hint for driver-based BSS selection
This uses the new nl80211 attributes to allow the connect command to
provide bssid and freq hints to the driver without limiting roaming to
the specific BSS/frequency. This can be used by drivers that perform
internal BSS selection (WPA_DRIVER_FLAGS_BSS_SELECTION) as a candidate
for initial association.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Thu, 13 Feb 2014 12:56:42 +0000 (14:56 +0200)]
Start using unodified Developer Certificate of Origin v1.1
With the license terms having been cleaned up in the hostap.git files,
there is no continued need for the additional (e) item to explicitly
acknowledge BSD license option for contributions. Since DCO v1.1 is now
available from http://developercertificate.org/ it looks reasonable to
move to the unmodified version of DCO and to the commonly used
Signed-off-by tag for this project.
Signed-hostap: Jouni Malinen <j@w1.fi>
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 13 Feb 2014 12:35:01 +0000 (14:35 +0200)]
Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-02-12.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 12 Feb 2014 15:46:33 +0000 (17:46 +0200)]
Fix SAE state validation on AP
Confirm-before-commit validation step allowed execution to continue on
error case. This could result in segfault in sae_check_confirm() if the
temporary SAE data was not available (as it would not be, e.g., in case
of an extra SAE confirm message being received after successful
exchange). Fix this by stopping SAE processing immediately after
detecting unexpected state for confirm message. In addition, make the
public sae.c functions verify sae->tmp before dereferencing it to make
this type of bugs less likely to result in critical issues.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 12 Feb 2014 10:48:26 +0000 (12:48 +0200)]
NFC: Add summary and success file options for nfcpy scripts
These can be used to get updates on NFC operation status and success for
external programs.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 12 Feb 2014 10:45:07 +0000 (12:45 +0200)]
P2P NFC: Add p2p-nfc.py --handover-only option
p2p-nfc.py allowed an NFC Tag to be read and reported to wpa_supplicant
even in cases where it was explicitly asked to initiate negotiated
connection handover and return after completing this operation. The new
command line argument can be used to disable NFC Tag read operations
when a negotiated connection handover is expected.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 11 Feb 2014 17:33:43 +0000 (19:33 +0200)]
P2P NFC: Clean up p2p-nfc.py error handling
If wpa_supplicant reports a failure when trying to generate a handover
request, detect that before trying to decode the response as a hex
string.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 18 Dec 2013 00:00:21 +0000 (16:00 -0800)]
WPS: Make UUID-from-MAC Address easily available
"hostapd -u<MAC Address>" can now be used to display the UUID that will
be generated based on a MAC Address (i.e., when hostapd configuration
does not set a specific UUID).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 10 Feb 2014 12:36:39 +0000 (14:36 +0200)]
P2P: Do not indicate P2P_FIND failure if p2p_scan is in progress
It was possible to FAIL return for a P2P_FIND command that was issued
while an already started P2P_FIND operation was in the scan phase. This
can be confusing for upper layer software, so hide the failure report
from the ctrl_iface response. The previously started scan will continue
the find operation after this.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 16 Jan 2014 15:37:39 +0000 (17:37 +0200)]
WPS: Add more debug information to M7 AP Settings
This allows the AP Settings data to be included in debug log
(only with -K on command line).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 16 Jan 2014 15:35:45 +0000 (17:35 +0200)]
WPS: Indicate current AP settings in M7 in unconfigurated state
Previously, unconfigured state was forcing the best supported
authentication and encryption state to be shown in WPS messages,
including AP Settings in M7 in case the AP acts as an Enrollee. This is
not really correct for the AP Settings case, so change that one to
indicate the currently configured state.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 7 Feb 2014 14:26:59 +0000 (16:26 +0200)]
P2P: Handle unexpected GO Neg Req reject message more cleanly
The mechanism of using Status attribute in GO Negotiation Request was
used in some early specification drafts, but it is not compliant with
the current P2P specification where GO Negotiation Request is used only
for the purpose of initiating a new GO Negotiation. However, some
deployed devices use it to indicate rejection of GO Negotiation in a
case where they have sent out GO Negotiation Response with status 1. The
P2P specification explicitly disallows this.
To avoid unnecessary interoperability issues and extra frames, mark the
pending negotiation as failed and do not reply to this GO Negotiation
Request frame. Previously, GO Negotiation Response frame with status=4
was sent back as an indication of the GO Negotiation Request frame being
invalid. This response is not sent anymore and the status code for the
P2P-GO-NEG-FAILURE event is changed from 4 (invalid parameters) to 11
(rejected by user) for this specific workaround case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Mahesh A Saptasagar [Mon, 27 Jan 2014 14:46:02 +0000 (20:16 +0530)]
Fix persistent P2P connection failure in case channel list changes
P2P persistent connection may fail due to 802.11d channel change event
invalidating support of the operating frequency sent in the invitation
request, before receiving the invitation response. If the operating
frequency is invalid at the time the invitation response is processed
and there is no forced frequency provided by user, allow frequency
re-selection.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Dmitry Shmidt [Mon, 3 Feb 2014 21:30:46 +0000 (13:30 -0800)]
wpa_supplicant: Add DFS indicator to get_capability freq
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Thu, 6 Feb 2014 14:03:42 +0000 (16:03 +0200)]
Handle Wi-Fi Display commands more carefully if P2P is disabled
If P2P was disabled (e.g., due to driver not supporting it or through
p2p_disabled=1 configuration), setting Wi-Fi Display parameters could
result in segmentation fault when the WFD IE is updated without the P2P
module being initialized. Fix this by skipping the update if P2P module
is not in use. In addition, show Wi-Fi Display as disabled in "GET
wifi_display" and refuse to enable it with "SET wifi_display 1" if P2P
is not enabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 6 Feb 2014 13:22:06 +0000 (15:22 +0200)]
Fix Beacon RX before AP setup completion
It is possible for the driver to report Beacon RX prior to hostapd
having completed AP mode setup, e.g., when changing country code. Beacon
frame processing for OLBC was not prepared for this and could trigger
segfault due to NULL pointer dereference. Fix this by ignoring the
Beacon frames received prior to completing interface setup when
determining OLBC updates.
Signed-hostap: Jouni Malinen <j@w1.fi>
Yun Park [Tue, 4 Feb 2014 21:11:14 +0000 (23:11 +0200)]
nl80211: Fix regression in returning to AP mode after scan
Commit
b1f625e0d81b76bb2380d0b47b95f5ad61123ba5 extended
ap_scan_as_station to be able to distinguish between AP and P2P GO
iftypes. However, it did this in a way that completely lost the original
mode because drv->nlmode had already been replaced with the station
mode. Fix this by storing the correct old mode.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 4 Feb 2014 15:16:32 +0000 (17:16 +0200)]
P2P: Do not re-start invitation on Probe Req RX if already ack'ed
If the peer device has already acknowledge receipt of the Invitation
Request frame, it is better not to re-start invitation by sending
another Invitation Request. This should not be needed since the peer
already has received the Invitation Request frame and sending the second
round in this type of sequence can cause issues with nl80211 offloaded
offchannel TX operations since driver_nl80211.c will lose the cookie
value for the first pending Action frame and may not be able to cancel
offchannel wait for it properly. this has been seen to trigger a failure
in the p2p_go_invite_auth test case with the scan failing due to GO
sending out Probe Response frame on incorrect channel (the channel used
in that not-cancelled Action TX).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 4 Feb 2014 14:10:44 +0000 (16:10 +0200)]
The hostap.git master branch is now used for 2.2 development
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 3 Feb 2014 19:11:46 +0000 (21:11 +0200)]
Remove dead code from AP setup
wpa_supplicant_create_ap() is only called for AP mode, so there is no
point in trying to address station (infra/IBSS) modes.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 3 Feb 2014 08:54:21 +0000 (10:54 +0200)]
WPS: Remove unused Credential AP Channel processing
Commit
bd3a3737672aaf6eb50dba2b8caa3941c8df42e9 added a mechanism to use
AP Channel attribute from within a Credential attribute to optimize
scans. However, this design is not actually used with the WPS NFC use
cases. With configuration token, the AP Channel attribute is in the same
container with the Credential attribute (and that was also handled in
the previous implementation). With connection handover, AP Channel
information is outside the Credential attribute as well.
Simplify implementation by removing the AP Channel within Credential
case. This allows wpas_wps_use_cred() to get the AP Channel from the
container instead of having to find this during credential iteration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 2 Feb 2014 21:41:47 +0000 (23:41 +0200)]
WPS: Remove unused 802.1X attribute parsing and processing
This is not really used in practice and there is no need to maintain
unsed code that would only print debug log entries.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 20:20:41 +0000 (22:20 +0200)]
Replace ieee802_11_print_ssid() with wpa_ssid_txt()
There is no need to maintain two different functions for printing out
ASCII text version of SSID.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 4 Feb 2014 11:12:50 +0000 (13:12 +0200)]
Change version information for the 2.1 release
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 18:46:51 +0000 (20:46 +0200)]
Update ChangeLog files to match current implementation
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 4 Feb 2014 11:22:10 +0000 (13:22 +0200)]
tests: Report unexpected STATUS lines instead of stopping
It looks like get_status() has failed in some test runs because of a
STATUS command returning an line without '=' on it. Instead of stopping
there on exception, report the unexpected line in the log and ignore it
to allow test to continue.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 3 Feb 2014 22:08:18 +0000 (00:08 +0200)]
tests: wpa_supplicant ctrl_iface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 3 Feb 2014 19:52:33 +0000 (21:52 +0200)]
tests: AP mode operations with wpa_supplicant
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 3 Feb 2014 09:06:55 +0000 (11:06 +0200)]
tests: Verify functionality with WPS 1.0 ER
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 2 Feb 2014 22:07:42 +0000 (00:07 +0200)]
tests: Verify WPS AP does not activate PBC during overlap
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 2 Feb 2014 22:01:39 +0000 (00:01 +0200)]
tests: Verify WPS ER behavior on selecting a single Enrollee
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 21:34:09 +0000 (23:34 +0200)]
tests: WEP
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 21:16:35 +0000 (23:16 +0200)]
tests require_ht=1
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 21:12:38 +0000 (23:12 +0200)]
tests: ctrl_iface STA-FIRST and STA-NEXT iteration
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 21:00:07 +0000 (23:00 +0200)]
tests: NAI Home Realm Query
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 20:45:08 +0000 (22:45 +0200)]
tests: OLBC AP detection
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 20:33:39 +0000 (22:33 +0200)]
tests: Hidden SSID using zero octets as payload
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 20:13:23 +0000 (22:13 +0200)]
tests: HT40 OBSS scan and 20/40 MHz co-ex report
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 31 Jan 2014 14:59:41 +0000 (16:59 +0200)]
tests: Add test cases for various AP mode parameters
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 31 Jan 2014 14:39:50 +0000 (16:39 +0200)]
tests: Verify different ways of configuring passphrase/PSK
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Prashanth Kumar [Mon, 3 Feb 2014 12:19:02 +0000 (17:49 +0530)]
wpa_supplicant: Fix misplaced os_free
os_free has wfd_dev_info_hex as an argument which is defined within
CONFIG_NO_STDOUT_DEBUG
Signed-hostap: Prashanth Kumar <prashanthkumar.kr@globaledgesoft.com>
Jouni Malinen [Mon, 3 Feb 2014 11:24:50 +0000 (13:24 +0200)]
Fix hostapd segfault on beacon hint event
Commit
795baf773f6d53bae3cfae4df6edda63e5022344 ('hostapd: Filter
channel list updated events after country code change') uses the
EVENT_CHANNEL_LIST_CHANGED data pointer, but it updated only one of the
callers to provide that data. NL80211_CMD_REG_BEACON_HINT event was
still sending the event without the initiator data and resulted in NULL
pointer dereference, e.g., if a scan was run while hostapd was running
and the driver was in world roaming state and enabled a channel for
active scans.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Masashi Honma [Sun, 2 Feb 2014 21:06:14 +0000 (23:06 +0200)]
bsd: Fix hostapd compiler warning
The hostapd compilation displays a below warning On NetBSD 6.1.2.
../src/drivers/driver_bsd.c:72:1: warning: 'get80211opmode' defined but not used
This patch solves it and moves other functions to appropriate position to
reduce #ifdef.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
Jouni Malinen [Fri, 31 Jan 2014 21:31:26 +0000 (23:31 +0200)]
Fix authentication algorithm negotiation in SME code
Commit
6ac4b15ef8af434d216fd2dac62ec82948ab0fbd (wpa_radio work for
connection) caused a regression for cases where multiple auth_alg values
are set in a network block and wpa_supplicant-based SME is supposed to
iterate through them. The connection radio work was not terminated when
receiving authentication failure and this resulted in the following
authentication attempt failing.
Signed-hostap: Jouni Malinen <j@w1.fi>
Janusz Dziedzic [Fri, 24 Jan 2014 22:12:23 +0000 (23:12 +0100)]
nl80211: Show DFS region info in debug messages
Print DFS region info, if provided, when printing regulatory
information.
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Janusz Dziedzic [Fri, 24 Jan 2014 22:12:24 +0000 (23:12 +0100)]
hostapd: Increase timeout for channel list update to 5 seconds
Before this patch, 1 second timeout was used for regulatory updates. In
some cases, specially when we reload driver modules on some slower
platforms this could take more than 1 second (about 2 seconds). This is
important specially for DFS case, where we have to have correct DFS
region before we will start CAC. In other case (unknown DFS region), CAC
will fail. 5 seconds should be enough for all cases.
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Johannes Berg [Fri, 24 Jan 2014 12:32:27 +0000 (13:32 +0100)]
nl80211: Treat RSSI as part of each sched scan matchset
The original RSSI filter semantics for scheduled scan were
really confusing - a separate matchset was created, but it
wasn't actually treated as a separate matchset in the kernel
but rather used as the global RSSI value. The RSSI matchset
thus behaved like an RSSI filter outside of the matchsets,
being ANDed rather than ORed (as normal between matchsets.)
To make this less confusing, I changed the kernel API a bit
to actually treat the RSSI inside each matchset properly,
but keeping it compatible with the old approach by using a
matchset with only an RSSI value as the default for all the
other matchsets, and adding it as a separate matchset only
if it's the only one.
The proper way for wpa_supplicant to do this then would be
to add the RSSI to each SSID matchset, and only add another
matchset without SSID if there's none with.
However, to keep compatibility with older kernels, always
keep the non-SSID matchset and only add the RSSI to all the
other matchsets. This gets close to the desired behaviour,
the only difference would be that we shouldn't add the RSSI
matchset if there are others, but stays compatible with old
and new kernels, as new ones ignore the RSSI-only matchset
if there are others and those others have an RSSI.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Eytan Lifshitz [Tue, 28 Jan 2014 07:32:35 +0000 (09:32 +0200)]
Fix memory leaks and wrong memory access
1. In wpa_config_process_bgscan() fix memory leak after
calling wpa_config_parse_string()
2. In hostapd_config_defaults(), on failure to allocate bss->radius,
conf->bss was not freed.
3. In p2p_deauth_nofif(), memory allocated in p2p_parse_ies() was not
freed in case of NULL minor_reason_code.
4. In p2p_disassoc_nofif(), memory allocated in p2p_parse_ies() was
not freed in case of NULL minor_reason_code.
5. In p2p_process_go_neg_conf(), memory allocated was not freed in
case that the P2P Device interface was not waiting for a
GO Negotiation Confirm.
6. In wpa_set_pkcs11_engine_and_module_path(), the wrong pointer was
checked.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Eytan Lifshitz [Tue, 28 Jan 2014 07:32:34 +0000 (09:32 +0200)]
wpa_supplicant: Fix wrong size memory allocation
Fix memory allocation in wpa_scan_clone_params(), where the
allocation request used the size of a pointer rather than the
size of the structure.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Michal Kazior [Tue, 28 Jan 2014 13:56:41 +0000 (14:56 +0100)]
nl80211: Fix channel switching with VHT80
It is possible for channel switch notification to be missing channel
type attribute. This is true at least for VHT80. This led to
iface->conf->secondary_channel being set to 0. This in turn made
subsequent DFS-triggered CSA to fail due to invalid frequency
parameters.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Shital Jaju [Thu, 30 Jan 2014 11:44:07 +0000 (13:44 +0200)]
nl80211: Verify that ifindex attribute is included in survey
This checks if the NL80211_ATTR_IFINDEX attribute is present before
trying to get the value of interface index.
Signed-hostap: Shital Jaju <shitalj@broadcom.com>
Naresh Jayaram [Thu, 30 Jan 2014 11:10:29 +0000 (13:10 +0200)]
wpa_cli: Add tdls_external_control to tab completion for SET
This global configuration parameter was added in commit
800d58721c8a5721d1ddb1271093350ab769ade0 but the tab completion list for
the wpa_cli SET command in interactive mode was not updated.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 4 Dec 2013 03:42:14 +0000 (05:42 +0200)]
P2P: Disable DNS server from dnsmasq
This avoids issues with multiple instances of dnsmasq running, e.g.,
with one on eth0 and the other one for the P2P group.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 22 Feb 2013 06:48:40 +0000 (22:48 -0800)]
P2P NFC: Add script for connection handover with nfcpy
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 29 Nov 2013 11:01:39 +0000 (13:01 +0200)]
WPS NFC: Protect nfcpy pretty print calls against exceptions
nfcpy does not yet support all the new message formats, so some of the
pretty() calls can result in exceptions.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 29 Nov 2013 10:59:26 +0000 (12:59 +0200)]
WPS NFC: nfcpy script to use new connection handover design
Fetch a carrier record from wpa_supplicant instead of full handover
request. This makes it easier for external programs to build handover
request messages with multiple alternative carriers.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 30 Nov 2013 14:49:04 +0000 (16:49 +0200)]
WPS NFC: Logging level configuration to wps-nfc.py and wps-ap-nfc.py
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 29 Nov 2013 10:57:34 +0000 (12:57 +0200)]
WPS NFC: Clean up nfcpy script no-wait operations
This allows the scripts to terminate at proper point with --no-wait.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 29 Nov 2013 10:46:41 +0000 (12:46 +0200)]
WPS NFC: Validate ctrl_iface response before decoding it
If the operation fails for any reason ("FAIL" response), it is cleaner
to return error clearly instead of hitting an exception in the hex
decoder.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 29 Nov 2013 10:41:34 +0000 (12:41 +0200)]
WPS NFC: Use argparse in the nfcpy scripts
This cleans up command line parsing and simplifies the commands.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 29 Nov 2013 10:16:38 +0000 (12:16 +0200)]
WPS NFC: Update wps-nfc.py and wps-ap-nfc.py to use new nfcpy API
This moves many of the peer discovery operations into the core nfcpy.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 8 Sep 2013 16:46:47 +0000 (09:46 -0700)]
tests: Add test cases for static handover for join-a-group
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 28 Apr 2013 19:32:38 +0000 (22:32 +0300)]
tests: Add test cases WPS ER with NFC
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 4 Apr 2013 22:50:30 +0000 (01:50 +0300)]
tests: Add a test case for WPS connection handover with password token
This verifies that NFC connection handover can be used in a case where
hostapd has an enabled password token.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 4 Apr 2013 15:47:13 +0000 (18:47 +0300)]
tests: Add test cases for public key hash mismatches
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 4 Apr 2013 14:32:46 +0000 (17:32 +0300)]
tests: Add a test case for NFC handover resulting in auto configuration
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 2 Apr 2013 18:46:52 +0000 (21:46 +0300)]
tests: Add test cases for P2P+NFC
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 28 Nov 2013 13:50:47 +0000 (15:50 +0200)]
tests: Reset hostapd state with FLUSH between test cases
This is similar to the FLUSH command for wpa_supplicant.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 4 Dec 2013 03:44:56 +0000 (05:44 +0200)]
P2P NFC: Add support for freq option in NFC ctrl_iface commands
This can be used to force an operating channel for P2P group formation
triggered by NFC operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 28 Nov 2013 15:48:35 +0000 (17:48 +0200)]
WPS NFC: Use BSSID and AP Channel from handover select
These optional attributes, if present, can be used to speed up the
initial connection by using a single channel scan.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 28 Nov 2013 13:47:19 +0000 (15:47 +0200)]
WPS: Add testing option to corrupt public key hash
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new
wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be
used to request public key hash to be corrupted in all generated OOB
Device Password attributes. This can be used for testing purposes to
validate public key hash validation steps.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 28 Nov 2013 11:47:32 +0000 (13:47 +0200)]
WPS NFC: add more debug prints for connection handover report
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 28 Nov 2013 10:48:28 +0000 (12:48 +0200)]
WPS NFC: Use AP Channel information from credential container
This allows NFC Configuration Token to indicate the current AP operating
channel, so that a single channel scan can be used to speed up the
initial connection.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 28 Nov 2013 10:31:32 +0000 (12:31 +0200)]
WPS NFC: Add BSSID and AP channel info to Configuration Token
This information can help the Enrollee to find the AP more quickly with
an optimized scan.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 26 Nov 2013 18:04:56 +0000 (20:04 +0200)]
WPS-STRICT: Update valid Device Password ID and Config Error range
Accept the new values defined for WPS NFC.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 9 Sep 2013 00:15:42 +0000 (17:15 -0700)]
P2P NFC: WPA state machine config with driver-based BSS selection
wpa_s->current_bss was updated too late for the
wpa_supplicant_rsn_supp_set_config() call within
wpa_supplicant_select_config(). Re-order code so that current_bss gets
updated between current_ssid update and this call to set the WPA state
machine configuration, so that the new code that determines whether the
current GO support the new IP address assignment mechanism works.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 8 Sep 2013 16:45:04 +0000 (09:45 -0700)]
P2P NFC: Static handover with NFC Tag on client
This adds a new P2P Invitation mechanism to invite a P2P Device with an
NFC Tag to an already operating group when the GO with NFC Device reads
the NFC Tag. The P2P Device with the NFC Tag will then accept invitation
and connect to the group automatically using its OOB Device Password.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 8 Sep 2013 15:08:26 +0000 (08:08 -0700)]
P2P NFC: Enable own NFC Tag on GO Registrar
When "P2P_SET nfc_tag 1" is used to enable the own NFC Tag for P2P, also
enable it for any running GO interface.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 8 Sep 2013 00:51:04 +0000 (17:51 -0700)]
P2P NFC: Add GO info into handover message when in client role
P2P Group ID can optionally be included in the connection handover
messages when acting as a P2P Client in a group. Add this information
and show it in the P2P-NFC-PEER-CLIENT event message.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 7 Sep 2013 22:44:29 +0000 (15:44 -0700)]
P2P NFC: Optimize join-a-group operation based on NFC information
When the NFC connection handover message received from a peer indicates
that the peer is operating as a GO on a specific channel, use that
information to avoid having to go through full scan. In addition, skip
the separate join-a-group scan since we already know the operating
channel, GO P2P Device Address, and SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 11 Jul 2013 14:01:49 +0000 (17:01 +0300)]
P2P NFC: Copy DH parameters to a separate group interface
The DH public and private key needs to be copied for the separate group
interface if that is used for a P2P group.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 11 Jul 2013 13:33:05 +0000 (16:33 +0300)]
WPS NFC: Update DH keys for ER operations
Since wpa_s->conf->wps_nfc_dh_* parameters can be set in number of code
paths, update the wps_context copy of the DH keys even if no new keys
were generated for the request. This tries to avoid some cases where
public key hash may not have matched the public key used in the ER
operation.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 11 Jul 2013 13:17:36 +0000 (16:17 +0300)]
WPS NFC: Use pubkey mismatch config error from Enrollee
This was already done for Registrar, but the Enrollee case did not
set config error properly if Registrar public key did not match the
hash received during NFC connection handover.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 4 Apr 2013 13:18:46 +0000 (16:18 +0300)]
P2P NFC: Add processing of P2P client while NFC handover case
Instead of automatically triggering a connection, provide an indication
of one of the devices being a P2P client to upper layers to allow user
to determine what to do next.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 4 Apr 2013 12:32:09 +0000 (15:32 +0300)]
P2P NFC: Do not try to join peer if both devices are already GO
Send a P2P-NFC-BOTH-GO event to upper layers to determine what to
do in case both devices going through NFC connection handover are
already operating as a GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 4 Apr 2013 16:09:10 +0000 (19:09 +0300)]
P2P: Add test option to disable IP address assignment request
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 16 Mar 2013 17:13:31 +0000 (19:13 +0200)]
P2P: Add support for IP address assignment in 4-way handshake
This new mechanism allows P2P Client to request an IPv4 address from the
GO as part of the 4-way handshake to avoid use of DHCP exchange after
4-way handshake. If the new mechanism is used, the assigned IP address
is shown in the P2P-GROUP-STARTED event on the client side with
following new parameters: ip_addr, ip_mask, go_ip_addr. The assigned IP
address is included in the AP-STA-CONNECTED event on the GO side as a
new ip_addr parameter. The IP address is valid for the duration of the
association.
The IP address pool for this new mechanism is configured as global
wpa_supplicant configuration file parameters ip_addr_go, ip_addr_mask,
ip_addr_star, ip_addr_end. For example:
ip_addr_go=192.168.42.1
ip_addr_mask=255.255.255.0
ip_addr_start=192.168.42.2
ip_addr_end=192.168.42.100
DHCP mechanism is expected to be enabled at the same time to support P2P
Devices that do not use the new mechanism. The easiest way of managing
the IP addresses is by splitting the IP address range into two parts and
assign a separate range for wpa_supplicant and DHCP server.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 24 Feb 2013 19:54:55 +0000 (21:54 +0200)]
P2P NFC: Optimize GO Negotiation retries
When NFC connection handover is used to trigger GO Negotiation, the
channel used for the GO Negotiation frames is already known. As such,
there is no need to use the Listen operations to find the peer.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 27 Apr 2013 14:50:50 +0000 (17:50 +0300)]
P2P NFC: Add NFC tag enabling for static handover
The device with the NFC Tag can be configured to enable NFC to be used
with "P2P_SET nfc_tag 1" and "P2P_LISTEN" commands to allow static
handover to be used.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 27 Apr 2013 15:38:41 +0000 (18:38 +0300)]
P2P NFC: Report handover select from tag for static handover
WPS_NFC_TAG_READ can be used to report static connection handover where
the connection handover select message was read from an NFC tag.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>