Srinivas Dasari [Mon, 27 Jul 2015 10:14:22 +0000 (15:44 +0530)]
QCA vendor command support to set band to driver
Add vendor command to pass SET setband command to the driver and read
the updated channel list from driver when this notification succeeds.
This allows the driver to update its internal channel lists based on
setband configuration.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 28 Jul 2015 08:53:13 +0000 (11:53 +0300)]
OpenSSL: Remove EAP-FAST TLSv1.0 only workaround for OpenSSL 1.1.0
The issue with the special form of TLS session tickets has been fixed in
the OpenSSL 1.1.0 branch, so disable workaround for it. OpenSSL 1.0.1
and 1.0.2 workaround is still in place until a release with the fix has
been made.
This allows TLSv1.1 and TLSv1.2 to be negotiated for EAP-FAST with the
OpenSSL versions that support this.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 28 Jul 2015 13:38:02 +0000 (16:38 +0300)]
tests: Allow local disconnect in openssl_cipher_suite_config_wpas
The openssl_ciphers="EXPORT" case may result in locally generated
disconnection event if the OpenSSL version used in the build rejects
export ciphers in default configuration (which is what OpenSSL 1.1.0
will likely do). Don't report a test case failure in such a case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 28 Jul 2015 13:32:27 +0000 (16:32 +0300)]
EAP-TLS/TTLS/PEAP/FAST peer: Stop connection more quickly on local failure
If there is only zero-length buffer of output data in error case, mark
that as an immediate failure instead of trying to report that
non-existing error report to the server. This allows faster connection
termination in cases where a non-recoverable error occurs in local TLS
processing, e.g., if none of the configured ciphers are available.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 28 Jul 2015 13:30:41 +0000 (16:30 +0300)]
EAP-TTLS/PEAP/FAST peer: Stop immediately on local TLS processing failure
EAP-TLS was already doing this, but the other TLS-based EAP methods did
not mark methodState DONE and decision FAIL on local TLS processing
errors (instead, they left the connection waiting for a longer timeout).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 28 Jul 2015 08:57:05 +0000 (11:57 +0300)]
OpenSSL: Add CONFIG_TLS_ADD_DL=y build option for hostapd
This behaves similarly to the same option in wpa_supplicant, i.e., adds
-ldl when linking in libcrypto from OpenSSL.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 28 Jul 2015 08:51:55 +0000 (11:51 +0300)]
OpenSSL: Drop security level to 0 if needed for EAP-FAST
OpenSSL 1.1.0 disables the anonymous ciphers by default, so need to
enable these for the special case of anonymous EAP-FAST provisioning.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 28 Jul 2015 08:40:17 +0000 (11:40 +0300)]
OpenSSL: Add SHA256 support in openssl_tls_prf() for TLSv1.2
This is needed when enabling TLSv1.2 support for EAP-FAST since the
SSL_export_keying_material() call does not support the needed parameters
for TLS PRF and the external-to-OpenSSL PRF needs to be used instead.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 28 Jul 2015 07:48:05 +0000 (10:48 +0300)]
OpenSSL: Implement openssl_tls_prf() for OpenSSL 1.1.0
This needs to use the new accessor functions since the SSL session
details are not directly accessible anymore and there is now sufficient
helper functions to get to the needed information.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 27 Jul 2015 22:00:06 +0000 (01:00 +0300)]
OpenSSL: Implement SSL_set_session_secret_cb() callback for OpenSSL 1.1.0
This needs to use the new accessor functions for client/server random
since the previously used direct access won't be available anymore.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 27 Jul 2015 21:58:39 +0000 (00:58 +0300)]
OpenSSL: Implement tls_connection_get_keys() for OpenSSL 1.1.0
This needs to use the new accessor functions since the SSL session
details are not directly accessible anymore.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 27 Jul 2015 21:57:36 +0000 (00:57 +0300)]
OpenSSL: Include openssl/engine.h and openssl/dsa.h explicitly
This seems to be needed for OpenSSL 1.1.0.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 27 Jul 2015 21:54:08 +0000 (00:54 +0300)]
OpenSSL: Remove extra BIO_write() call on TLS client
openssl_handshake() was checking only that in_data is not NULL and not
its length when determining whether to call BIO_write(). Extend that to
check the buffer length as well. In practice, this removes an
unnecessary BIO_write() call at the beginning of a TLS handshake on the
client side. This did not cause issues with OpenSSL versions up to
1.0.2, but that call seems to fail with the current OpenSSL 1.1.0
degvelopment snapshot. There is no need for that zero-length BIO_write()
call, so remove it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 27 Jul 2015 10:54:03 +0000 (13:54 +0300)]
tests: Skip fst_attach_wpas_error if no FST support
This check for FST testing support was forgotten from one of the new FST
test cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:26 +0000 (16:21 +0300)]
tests: Add CPT parameters to p2ps_provision()
Add adv_cpt and seeker_cpt parameters to p2ps_provision() function.
The seeker_cpt is used in P2P_ASP_PROVISION command by a seeker, the
adv_cpt parameter is in P2P_ASP_PROVISION_RESP by an advertiser.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:25 +0000 (16:21 +0300)]
tests: Add CPT parameter to p2ps_advertise()
Add an optional parameter to p2ps_advertise() function allowing to
specify CPT priority values.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:24 +0000 (16:21 +0300)]
tests: Add CPT parameter to WpaSupplicant asp_provision()
Add an optional CPT parameter to asp_provision() method of
WpaSupplicant.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:23 +0000 (16:21 +0300)]
P2PS: Add feature capability to PD events
Report the feature capability on P2PS-PROV-START and P2PS-PROV-DONE
ctrl-iface events. A feature capability value is specified as
'feature_cap=<hex>' event parameter, where <val> is a hexadecimal
string of feature capability bytes in a PD Response frame.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:22 +0000 (16:21 +0300)]
P2PS: Add CPT handling on PD request and response
On PD Request/follow-on PD Request preparation set a feature capability
CPT value of PD context.
On PD Request processing use a request CPT and service advertisement
CPT priority list to select a feature capability CPT of PD Response.
On follow-on PD Request processing use a request CPT and a CPT priority
list in PD context to select a CPT value of follow on PD Response.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:21 +0000 (16:21 +0300)]
P2PS: Add CPT parameter to P2PS_PROVISION and P2PS_PROVISION_RESP
Add a parameter allowing to specify a value of Coordination
Protocol Transport to P2PS_PROVISION and P2PS_PROVISION_RESP commands.
Extend the p2ps_provision structure to contain cpt_priority and
cpt_mask properties and initialize them on a P2PS PD request command.
The format of the parameter:
cpt=<cpt>[:cpt]
where <cpt> is CPT name e.g. UDP or MAC. The CPT names are listed
according to their preferences to be used for a specific P2PS session.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:20 +0000 (16:21 +0300)]
P2PS: Add CPT parameter to P2P_SERVICE_ADD asp command
Add Coordination Transport Protocol parameter to P2P_SERVICE_ADD
asp command.
Extend p2ps_advertisement structure to contain CPT priorities
and a supported CPT bitmask.
The format of the new parameter:
cpt=<cpt>[:<cpt>]
where <cpt> is a name of the Coordination Protocol Transport.
This implementation supports two CPT names: UDP and MAC.
The order of specified CPTs defines their priorities where
the first one has the highest priority.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Max Stepanov [Thu, 2 Jul 2015 13:21:19 +0000 (16:21 +0300)]
utils: Add cstr_token() function
Add an auxiliary cstr_token() function to get a token from a const char
string. The function usage syntax is similar to str_token(), but unlike
str_token() the function doesn't modify the buffer of the string. Change
str_token() function implementation to use cstr_token().
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Andrei Otcheretianski [Mon, 13 Jul 2015 06:49:12 +0000 (09:49 +0300)]
tests: Add p2ps_connect_pd() method
Add p2ps_connect_pd() helper method which strictly validates the PD
results and establishes the connection between peers accordingly.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Andrei Otcheretianski [Mon, 13 Jul 2015 06:49:11 +0000 (09:49 +0300)]
tests: Add p2ps_provision() method
Add generic provision method. This method receives a seeker and an
advertiser devices, advertisement id, method, and a flag which indicates
whether deferred flow is expected. The method returns P2PS-PROV-DONE
events and the pin (if keypad or display method is used).
This method is needed to simplify the P2PS provision flows in the tests.
This method complies to the P2PS specification regarding the expected
order of the show and display PIN events.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Andrei Otcheretianski [Mon, 13 Jul 2015 06:49:10 +0000 (09:49 +0300)]
tests: Add asp_provision method to wpa_supplicant
Add asp_provision method which issues either P2PS PD Request or, if the
status is provided, continues the deferred flow by sending follow on
PD Request.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Jouni Malinen [Sun, 26 Jul 2015 15:23:37 +0000 (18:23 +0300)]
tests: Make discovery_auto more robust
This test case could fail if there were old BSS entries remaining in
cfg80211 scan results. That happened, e.g., when running test cases in
the following sequence: "discovery_social_plus_one discovery_auto".
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 14:35:52 +0000 (17:35 +0300)]
tests: FST SESSION_INITIATE and SESSION_RESPOND error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 13:34:35 +0000 (16:34 +0300)]
FST: Make fst_hw_mode_to_band() non-inline function
There is no need for using an inline function for this. Save a bit in
binary size by using a normal function.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 13:30:21 +0000 (16:30 +0300)]
tests: More FST GET_PEER_MBIES coverage
The case of valid but unknown peer address was not covered previously.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 13:28:51 +0000 (16:28 +0300)]
FST: Fix get_peer_mbies interface fetching in multi-group case
The foreach_fst_group() loop needs "break-if-found", not
"continue-if-not-found" to do the search iteration properly. If there
were multiple groups, the previous design could have failed to find the
interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 13:18:40 +0000 (16:18 +0300)]
FST: Merge unreachable error case to another error return
fst_read_next_text_param() is never called with buflen <= 1, so this
separate error path is practically unreachable. Merge it with another
error path to make this a bit more compact.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 10:37:44 +0000 (13:37 +0300)]
tests: Use a shared FST setup function
This removes quite a bit of duplicated code. In addition, this starts
using different FST group names to get additional coverage.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 15:44:39 +0000 (18:44 +0300)]
FST: Use more robust interface-find for TEST_REQUEST
It is possible for there to be multiple FST groups, so the hardcoded
mechanism of selecting the first one when sending out an event message
may not be sufficient. Get the interface from the caller, if available,
and if not, go through all groups in search of an interface to send the
event on.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 10:39:55 +0000 (13:39 +0300)]
FST: Use more robust interface-find for event messages
It is possible for there to be multiple FST groups, so the hardcoded
mechanism of selecting the first one when sending out an event message
may not be sufficient. Get the interface from the caller, if available,
and if not, go through all groups in search of an interface to send the
event on.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 10:34:54 +0000 (13:34 +0300)]
tests: Explicitly close hostapd global control socket on RELOG
Without this, the run-tests.py socket could have been left in attached
to receive all hostapd global events during a test case. This could hit
the limit of pending messages on the socket since there is nothing
clearing this socket during the execution of a test case. Fix this by
explicitly closing the socket after having completed the RELOG command.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 09:10:14 +0000 (12:10 +0300)]
FST: Remove unnecessary fst_attach() already attached check
Now that both hostapd and wpa_supplicant already enforce no duplicate
fst_attach() calls, there is no need for this check within fst_attach().
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 09:09:08 +0000 (12:09 +0300)]
tests: FST attach errors in wpa_supplicant
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 09:08:17 +0000 (12:08 +0300)]
FST: Avoid memory leak on double FST-ATTACH
Do not allow wpa_s->fst to be replaced when processing FST-ATTACH
command for an interface that has already been attached.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 08:54:48 +0000 (11:54 +0300)]
tests: FST Setup Request processing and OOM during MBIE update
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 08:45:12 +0000 (11:45 +0300)]
tests: FST setup multiple times
This verifies FST group dialog_token wrap-around and behavior with large
number of session setups and teardowns.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 08:25:49 +0000 (11:25 +0300)]
FST: Fix dialog token wrap-around
Dialog token is only 8 bits and maintaining u32 version of it in struct
fst_group resulted in incorrect wrap-around behavior in
fst_group_assign_dialog_token(). It was possible to assign u8
dialog_token value 0 because of this. Fix this by using u8 variable
consistently.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 25 Jul 2015 21:33:55 +0000 (00:33 +0300)]
tests: Additional FST Setup test coverage
This adds a test case that goes through session initialization through
separate commands that can be modified more easily for special case. The
first such special case is using special FST Setup Request frames with
non-standard MBIE contents to hit different code paths for finding the
interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 15:11:29 +0000 (18:11 +0300)]
tests: Extend fst_ap_ctrl_iface to support existing groups
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 07:56:02 +0000 (10:56 +0300)]
tests: FST protocol tests to verify invalid STIE header
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 07:54:58 +0000 (10:54 +0300)]
FST: Validate STIE header in FST Setup Request/Response
While this is always supposed to be the first element, check that this
is indeed the case instead of blindly using values from within the
element.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 26 Jul 2015 07:40:21 +0000 (10:40 +0300)]
FST: Fix Session Transition element length field value
The Element ID and Length subfields are not supposed to be included in
the Length. In addition, both of these subfields needs to be filled in
even for non-zero status code cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 25 Jul 2015 20:20:33 +0000 (23:20 +0300)]
FST: Print reason for ignoring FST Action frame in debug log
This makes it easier to understand why some frames are not processed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 25 Jul 2015 16:52:27 +0000 (19:52 +0300)]
FST: Do not replace previous attachment
hapd->iface->fst must not be overridden if it is already pointing to FST
instance. Without this, duplicated FST-ATTACH could result in memory
leak and process termination.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 25 Jul 2015 16:50:43 +0000 (19:50 +0300)]
FST: Use -EINVAL instead of EINVAL as return value
This is more consistent with other error cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Ashok Ponnaiah [Fri, 24 Jul 2015 11:43:47 +0000 (17:13 +0530)]
atheros: Enable PMF functionality without CONFIG_IEEE80211R=y
This extends the previous PMF (CONFIG_IEEE80211W=y) design that used
functionality from the FT (CONFIG_IEEE80211R=y) changes to work without
requiring CONFIG_IEEE80211R=y build option to be included.
Signed-off-by: Ashok Ponnaiah <aponnaia@qti.qualcomm.com>
Jouni Malinen [Thu, 23 Jul 2015 17:48:33 +0000 (20:48 +0300)]
tests: Fix ap_wps_wpa_cli_action outside VM
Pass absolute path to the daemonized wpa_cli process and add read
privileges for everyone on the action script to make this test case work
better when run without a VM.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jul 2015 15:45:31 +0000 (18:45 +0300)]
hostapd: Add build options for selecting eloop type
This adds CONFIG_ELOOP_POLL=y and CONFIG_ELOOP_EPOLL=y options to
hostapd build options similarly to how these were implemented for
wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jul 2015 15:39:35 +0000 (18:39 +0300)]
eloop: Fix cases where a socket is reopened from a timeout/signal handler
It was possible for a registered eloop socket handler to be unregistered
and re-registered for a re-opened socket with the same fd from a timeout
or signal handler. If such a case happened with the old socket having a
pending event waiting for processing, some eloop combinations could end
up calling the new handler function with the new socket and get stuck
waiting for an event that has not yet happened on the new socket. This
happened with timeout and signal handlers with all eloop.c types. In
addition to that, the epoll case could also trigger this when a socket
handler re-registered a re-opened socket.
Fix these by checking whether there has been socket handler changes
during processing and break the processing round by going back to
select/poll/epoll for an updated result if any changes are done during
the eloop handler calls before processing the old socket results.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jul 2015 15:39:02 +0000 (18:39 +0300)]
tests: eloop socket re-open from timeout/socket handler
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 22 Jul 2015 16:56:04 +0000 (19:56 +0300)]
drv_callbacks: Coding style cleanup
Clean up inconsistent whitespace use and split strings.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 22 Jul 2015 14:12:07 +0000 (17:12 +0300)]
tests: WPS events and wpa_cli action script
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 22 Jul 2015 14:10:32 +0000 (17:10 +0300)]
wpa_cli: Skip action script execution when eloop termination is pending
Try to exit more quickly by avoiding execution of the action script for
any pending events if the process is requested to be killed. This may
help in avoiding hitting the two second SIGALRM workaround in eloop in
case some of the action scripts block for long period of time.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 22 Jul 2015 14:05:46 +0000 (17:05 +0300)]
eloop: Try to terminate more quickly on SIGINT and SIGTERM
It was possible for the SIGINT/SIGTERM signal to be received while
processing a pending timeout/socket/signal event and then get stuck in
the following select() call before processing the signal event. If no
other events show up within the two second SIGALRM trigger, process will
be terminated forcefully even though there would have been possibility
to do clean termination assuming no operationg blocked for that two
second time.
Handle this more cleanly by checking for eloop.pending_terminate before
starting the select()/poll()/epoll_wait() wait for the following event.
Terminate the loop if pending signal handling requests termination.
In addition, make eloop_terminated() return 1 on eloop.pending_terminate
in addition to eloop.terminate since the process will be terminated
shortly and there is no point in starting additional processing.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ahmad Kholaif [Tue, 21 Jul 2015 20:11:43 +0000 (13:11 -0700)]
Add QCA vendor definitions for multi-port concurrency
Introduce definitions for QCA vendor specific subcommands and attributes
to support multiport concurrency.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 21 Jul 2015 10:46:00 +0000 (13:46 +0300)]
hostapd: Mark config parameter name const
The functions parsing configuration parameters do not modify the name of
the parameter, so mark that function argument constant. In theory, the
value should also be const, but at least for now, number of the parser
functions end up modifying this to simplify parsing.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Anton Nayshtut [Sun, 19 Jul 2015 17:09:18 +0000 (20:09 +0300)]
tests: hostapd DUP_NETWORK
This test checks the functionality of DUP_NETWORK global control
inteface command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Anton Nayshtut [Mon, 20 Jul 2015 10:38:01 +0000 (13:38 +0300)]
hostapd: Add DUP_NETWORK global control interface command
This adds a new global control interface command DUP_NETWORK with the
following syntax:
DUP_NETWORK src_ifname dst_ifname param
The currently supported parameters:
wpa
wpa_key_mgmt
wpa_pairwise
rsn_pairwise
wpa_passphrase
wpa_psk
The specified configuration parameter is copied from the source
interface to the destination interface. The main use for this is to
allow cloning of security configuration without having to expose the
keys from the hostapd process.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Anton Nayshtut [Sun, 19 Jul 2015 14:21:57 +0000 (17:21 +0300)]
hostapd: Introduce hostapd_ctrl_iface_get_key_mgmt()
This function will be used in DUP_NETWORK command implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Anton Nayshtut [Sun, 19 Jul 2015 09:13:23 +0000 (12:13 +0300)]
hostapd: Introduce hostapd_interfaces_get_hapd()
This function will be used in DUP_NETWORK command implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ravi Joshi [Fri, 17 Jul 2015 00:45:41 +0000 (17:45 -0700)]
Add QCA vendor command for updating gateway parameters
Add vendor command for updating gateway parameters to the driver.
Signed-off-by: Ravi Joshi <ravij@qca.qualcomm.com>
Jouni Malinen [Tue, 21 Jul 2015 10:15:24 +0000 (13:15 +0300)]
FST: Include fst/fst.h explicitly into wpa_supplicant/ctrl_iface.c
This header file is needed to get struct fst_iface_cfg and struct
fst_wpa_obj defined. While it does currently get pulled in through
ap/hostapd.h and ap/ap_config.h, a more explicit inclusion may be a
cleaner option for future.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 20 Jul 2015 10:42:35 +0000 (13:42 +0300)]
Move ap_list_timer() to use common AP periodic cleanup mechanism
This reduces number of periodic eloop timeouts when AP mode operations
are in progress.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 20 Jul 2015 10:39:22 +0000 (13:39 +0300)]
Move hostapd_acl_expire() to use common AP periodic cleanup mechanism
This reduces number of periodic eloop timeouts when AP mode operations
are in progress.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 20 Jul 2015 10:33:30 +0000 (13:33 +0300)]
Add shared periodic cleanup function for AP mode
This new mechanism can be used to combine multiple periodic AP
(including P2P GO) task into a single eloop timeout to minimize number
of wakeups for the process. hostapd gets its own periodic caller and
wpa_supplicant uses the previously added timer to trigger these calls.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 20 Jul 2015 10:11:31 +0000 (13:11 +0300)]
Use a single cleanup timer per wpa_supplicant process
Previously, one timeout per process (by default every 30 seconds) was
used P2P peer expiration and another per-interface timeout (every 10
seconds) was used to expire BSS entries. Merge these to a single
per-process timeout that triggers every 10 seconds to minimize number of
process wakeups due to periodic operations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 19 Jul 2015 20:10:55 +0000 (23:10 +0300)]
tests: Use codecov build hostapd/wpa_supplicant in FST tests
Try to use the special build for --codecov purposes, if present, instead
of hardcoding the hostapd/wpa_supplicant binary to the default location.
This is needed to collect code coverage correctly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 19:36:35 +0000 (22:36 +0300)]
tests: wpa_supplicant ctrl_iface network OOM in string parsing
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 17:25:41 +0000 (20:25 +0300)]
tests: Additional module tests for src/utils
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 19:04:07 +0000 (22:04 +0300)]
tests: wpa_supplicant control interface wait for client
This test case is also adding code coverage for process daemonizing and
Linux tracing.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 17:52:11 +0000 (20:52 +0300)]
tests: UUID parsing error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 14:28:44 +0000 (17:28 +0300)]
tests: NFC connection handover to form a new P2P group and IP pool OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 13:44:51 +0000 (16:44 +0300)]
tests: WPS ER OOM in XML processing
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 13:31:12 +0000 (16:31 +0300)]
tests: Initial AP configuration and OOM during PSK generation
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jul 2015 13:29:29 +0000 (16:29 +0300)]
EAP server: Force FAILURE if EAP method buildReq fails
Previously, this resulted in unnecessary wait and retransmission of the
previous EAP-Request. Change that to trigger immediate transmission of
EAP-Failure and disconnection since the EAP method cannot really recover
from this state.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 20:24:16 +0000 (23:24 +0300)]
hostap: Remove special handling for protocol version 3 on RX
This functionality was removed from the Host AP driver in May 2003, so
there is not any point in maintaining this in hostapd either.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 19:53:07 +0000 (22:53 +0300)]
hlr_auc_gw: Hide a bogus static analyzer warning
For some reason, snprintf() was not seen as sufficient to remove
potentially tainted string from fgets() before passing this to rename().
This does not make much sense, but anyway, try to get rid of the warning
by using a separate buffer for the internally written file names.
(CID 72690)
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 16:29:39 +0000 (19:29 +0300)]
tests: FST-MANAGER TEST_REQUEST error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 16:28:38 +0000 (19:28 +0300)]
FST: Fix FST-MANAGER TEST_REQUEST parsing
The space separator between the command and the parameter was not
skipped properly and the first integer ended up being interpreted as 0
in all cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 15:53:06 +0000 (18:53 +0300)]
tests: FST protocol testing for Ack Response
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 15:09:57 +0000 (18:09 +0300)]
FST: Remove unreachable code in fst_session_handle_tear_down()
fst_session_is_in_progress() is already checked as part of
fst_find_session_in_progress() before calling
fst_session_handle_action(). This is the only call path that can reach
fst_session_handle_tear_down() and as such, fst_session_is_in_progress()
cannot return 0 here.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 15:08:51 +0000 (18:08 +0300)]
tests: FST protocol testing for Setup Response
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 16:04:55 +0000 (19:04 +0300)]
tests: Speed up fst_proto by waiting for MGMT-TX-STATUS event
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 13:29:44 +0000 (16:29 +0300)]
FST: Remove duplicated dl_list_empty() check befor dl_list_first()
dl_list_first() takes care of this already, so there is no need to do a
separate check here.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 13:26:19 +0000 (16:26 +0300)]
FST: Use EINVAL more consistently as a negative return value
There was a mix of EINVAL and -EINVAL returns through the FST
implementation. Make this more consistent by always returning -EINVAL in
error cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 13:16:26 +0000 (16:16 +0300)]
FST: Mark get_mb_ie() return value const
The caller is not expected to free or modify the value since this is
returning a reference to a buffer maintained by the upper layer.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 13:09:42 +0000 (16:09 +0300)]
FST: Replace print_mb_ies() with wpa_snprintf_hex()
There is no need to add new functions with more or less identical
functionality of an already available helper function.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 13:01:35 +0000 (16:01 +0300)]
tests: FST-MANAGER TEST_REQUEST GET_FSTS_ID and ID not found
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 12:56:20 +0000 (15:56 +0300)]
tests: FST-MANAGER SESSION_RESPOND failure
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 12:36:49 +0000 (15:36 +0300)]
tests: FST-MANAGER SESSION_ADD OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 09:51:06 +0000 (12:51 +0300)]
tests: FST-MANAGER SESSION_SET parameter parsing error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 09:40:23 +0000 (12:40 +0300)]
FST: Mark format_session_state_extra() static
This is not used outside fst_ctrl_iface.c.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 08:13:20 +0000 (11:13 +0300)]
tests: FST-ATTACH OOM in fst_iface_create()
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 08:02:46 +0000 (11:02 +0300)]
tests: Use direct fst_test_common access
There is no need to go through fst_module_aux to reach fst_test_common
since both of these get imported here.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jul 2015 08:01:44 +0000 (11:01 +0300)]
tests: FST attach with llt=0
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 17 Jul 2015 21:20:23 +0000 (00:20 +0300)]
tests: Verify wpa parameter in hostapd GET_CONFIG
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>