Jouni Malinen [Fri, 3 Aug 2012 18:36:38 +0000 (21:36 +0300)]
EXT PW: Add support for psk parameter from external storage
This allows wpa_supplicant configuration file to be created without
the PSK/passphrase value included in the file when a backend for
external password storage is available.
Following example can be used for developer testing:
ext_password_backend=test:psk1=
12345678
network={
ssid="test-psk"
key_mgmt=WPA-PSK
psk=ext:psk1
}
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 3 Aug 2012 18:28:42 +0000 (21:28 +0300)]
EXT PW: Add framework for supporting external password storage
This new mechanism can be used to make wpa_supplicant using external
storage (e.g., key store in the operating system) for passwords,
passphrases, and PSKs. This commit is only adding the framework part
needed to support this, i.e., no actual configuration parameter can
yet use this new mechanism. In addition, only a simple test backend
is added to allow developer testing of the functionality.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 3 Aug 2012 17:56:18 +0000 (20:56 +0300)]
Move PSK/passphrase configuration check into use time from parsing
Instead of rejecting network blocks without PSK/passphrase at the time
the configuration file is read, allow such configuration to be loaded
and only behave as if the network block with missing PSK/passphrase is
disabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 3 Aug 2012 19:13:32 +0000 (22:13 +0300)]
Interworking: Set key_mgmt parameter for the temporary network block
Previously, this was left to the default (WPA-EAP WPA-PSK) value which
could potentially result in unexpected behavior if an AP were to enable
both WPA2-Enterprise and WPA2-Personal in the same BSS. While this is
not really that likely for APs supporting Interworking, it is good to
get the PSK option removed to avoid any issues with missing
passphrase/PSK configuration parameter.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 2 Aug 2012 15:48:31 +0000 (18:48 +0300)]
Interworking: Add support for using Roaming Consortium OI for matching
Each cred block can now be matched based on Roaming Consortium OI as an
alternative mechanism to using NAI Realm information. This may be
optimized for efficiency in the future since Roaming Consortium
information is available in scan results without having to go through
ANQP queries. In addition, this is easier to support in case there is a
large number of realms that can be used for authentication.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 2 Aug 2012 15:40:45 +0000 (18:40 +0300)]
Interworking: Allow pre-configuration of EAP parameters
The new cred block parameters eap, phase1, and phase2 can be used to
select which EAP method is used with network selection instead of using
the value specified in ANQP information (e.g., NAI Realm).
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 2 Aug 2012 15:35:18 +0000 (18:35 +0300)]
Interworking: Move EAP parameter setting into a separate function
This makes it easier to share the common code with other credential
matching cases in the future.
Signed-hostap: Jouni Malinen <j@w1.fi>
Xi Chen [Sun, 26 Feb 2012 15:28:42 +0000 (17:28 +0200)]
atheros: Implement WNM-Sleep Mode driver operations
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Xi Chen [Sun, 26 Feb 2012 15:27:19 +0000 (17:27 +0200)]
WNM: Add WNM-Sleep Mode for station mode
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Xi Chen [Sun, 26 Feb 2012 15:25:55 +0000 (17:25 +0200)]
WNM: Add WNM-Sleep Mode implementation for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Xi Chen [Sun, 26 Feb 2012 15:22:02 +0000 (17:22 +0200)]
WNM: Add placeholders for WNM driver commands and events
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jay Katabathuni [Mon, 24 Oct 2011 21:34:52 +0000 (00:34 +0300)]
atheros: Add HS 2.0 Action frame TX/RX support
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 1 Aug 2012 10:14:09 +0000 (13:14 +0300)]
Fix compiler warning with wpa_supplicant AP builds without 802.11r
Signed-hostap: Jouni Malinen <j@w1.fi>
Jay Katabathuni [Thu, 8 Sep 2011 17:52:23 +0000 (20:52 +0300)]
atheros: Add support for Action frame TX/RX
This allows hostapd to send and receive various Action frames.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Mahesh Palivela [Mon, 22 Aug 2011 21:35:26 +0000 (14:35 -0700)]
Add support for using SA Query with drivers that implement MLME
This allows the SA Query mechanism in hostapd to be used with drivers
that implement authentication and association MLME/SME.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Shan Palanisamy [Mon, 25 Oct 2010 11:30:04 +0000 (14:30 +0300)]
FT: Add FT AP support for drivers that manage MLME internally
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 1 Aug 2012 07:34:35 +0000 (10:34 +0300)]
Add new drv_flag for indicating user space AP MLME
This makes it easier for hostapd to determine at runtime which
operations to use.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jay Katabathuni [Mon, 30 Jul 2012 19:01:08 +0000 (22:01 +0300)]
HS 2.0: Add HS Capability element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jay Katabathuni [Mon, 30 Jul 2012 18:55:46 +0000 (21:55 +0300)]
Interworking: Add Domain Name element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jay Katabathuni [Mon, 30 Jul 2012 18:51:19 +0000 (21:51 +0300)]
Interworking: Add IP Address Type Availability element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jay Katabathuni [Mon, 30 Jul 2012 18:45:31 +0000 (21:45 +0300)]
Interworking: Add Network Auth Type element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 18 Oct 2011 09:38:32 +0000 (12:38 +0300)]
HS 2.0: Add mechanism for disabling DGAF
disable_dgaf=1 in hostapd.conf can now be used to disable downstream
group-addressed forwarding (DGAF). In this configuration, a unique
GTK (and IGTK) is provided to each STA in the BSS to make sure the
keys do not match and no STA can forge group-addressed frames.
An additional mechanism in the AP needs to be provided to handle some
group-addressed frames, e.g., by converting DHCP packets to unicast
IEEE 802.11 frames regardless of their destination IP address and by
providing Proxy ARP functionality.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jay Katabathuni [Thu, 8 Sep 2011 17:52:23 +0000 (20:52 +0300)]
HS 2.0: Add Hotspot 2.0 Indication for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jay Katabathuni [Thu, 8 Sep 2011 17:52:23 +0000 (20:52 +0300)]
HS 2.0: Add configuration for Hotspot 2.0 AP support
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 30 Jul 2012 14:55:41 +0000 (17:55 +0300)]
Fix a typo in a comment
Signed-hostap: Jouni Malinen <j@w1.fi>
Thomas Pedersen [Wed, 25 Jul 2012 13:56:43 +0000 (16:56 +0300)]
nl80211: Support setting sched scan RSSI threshold
Allow the user to configure an RSSI threshold in dBm below which the
nl80211 driver won't report scan results. Currently only supported
during scheduled (PNO) scans.
Signed-off-by: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 25 Jul 2012 13:18:12 +0000 (16:18 +0300)]
P2P: Leave forced BSSID parameter for P2P group
P2P group is only going to use a single GO, so we can leave the fixed
BSSID parameter set for the actual data connection in addition to the
initial WPS provisionign step. This can speed up operations with drivers
that select BSS internally by allowing them to skip an extra scan when
the BSSID and frequency of the GO is already known.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 23 Jul 2012 18:59:01 +0000 (21:59 +0300)]
P2P: Fix provision discovery retries during p2p_find
Commit
6b56cc2d97fe9efd1feea8d418714b4658b056f1 added retries of
provision discovery request frames in IDLE state. However, it did not
make the p2p_find case behave consistently with the new limitied retry
behavior. This can result in way too many and frequent PD retries. Fix
this by extending the previous commit to address PD retries and maximum
retry limit consistently regardless of whether p2p_find is running.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
Jouni Malinen [Sat, 7 Jul 2012 10:01:45 +0000 (13:01 +0300)]
WPS SSDP: Fix socket leaks on error paths
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 7 Jul 2012 10:00:00 +0000 (13:00 +0300)]
WPS UDF: Fix fd leak on error path
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 7 Jul 2012 09:34:48 +0000 (12:34 +0300)]
Fix AP build without NEED_AP_MLME
Commit
1b487b8b1e95e1fbd9e00d52d883ba0ac4c2e4bf added CH_SWITCH
event for nl80211, but ended up using hostapd_hw_get_channel()
regardless of build configuration for driver interfaces. This
function is not always available, so make its use conditional
on NEED_AP_MLME.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 7 Jul 2012 08:01:02 +0000 (11:01 +0300)]
Add OpenSSL 0.9.8x patch for EAP-FAST
The older patch for 0.9.8i does not apply cleanly, so add an updated
version that can be used with the current OpenSSL 0.9.8 release.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 7 Jul 2012 07:58:32 +0000 (10:58 +0300)]
OpenSSL: Add support for HMAC functions with 0.9.8 and older
Commit
d9cc4646eb0255be31f11d8a8edad857431fdf49 added
crypto_hash_{init,update,finish}() wrappers for OpenSSL, but it
assumed the current HMAC API in OpenSSL. This was changed in 0.9.9
to return error codes from the functions while older versions used
void functions. Add support for the older versions, too.
Signed-hostap: Jouni Malinen <j@w1.fi>
Mahesh Palivela [Wed, 4 Jul 2012 18:42:56 +0000 (21:42 +0300)]
nl80211: Save VHT capabilities from the driver
Save VHT capabilities coming through nl80211 within hostapd.
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
Jouni Malinen [Wed, 4 Jul 2012 18:40:31 +0000 (21:40 +0300)]
Sync with linux/nl80211.h from wireless-testing.git
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 4 Jul 2012 18:36:38 +0000 (21:36 +0300)]
eloop: Fix EVENT_TYPE_WRITE with poll()-based eloop
This needs to use POLLOUT instead of POLLIN to get the correct event.
Signed-hostap: Jouni Malinen <j@w1.fi>
Michael Naumov [Wed, 4 Jul 2012 18:07:53 +0000 (21:07 +0300)]
P2P: Add D-Bus python scripts to perform additional commands
Four D-Bus scripts using python glib are added to perform the following
operations: p2p_flush, p2p_group_add, p2p_listen and p2p_stop_find.
Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Cyril Brulebois [Wed, 4 Jul 2012 18:01:04 +0000 (21:01 +0300)]
wpa_gui: Fix compilation with gcc/g++ 4.7
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
intended-for: hostap-1
Jouni Malinen [Tue, 3 Jul 2012 17:54:40 +0000 (20:54 +0300)]
autoscan: Fix potential freeing of uninitialized pointer
Commit
7c865c68536825d91e64e1545a1f6ed51526ebff introduced a code
path that can skip extra_ie initialization in wpa_supplicant_scan().
This could result in semi-random crashes when using the autoscan
mechanism. Fix this by initializing extra_ie to NULL.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 2 Jul 2012 19:10:03 +0000 (22:10 +0300)]
EAP-pwd: Replace direct OpenSSL HMAC use with wrapper
This is a step towards allowing EAP-pwd to be supported with other
crypto libraries.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 2 Jul 2012 19:04:25 +0000 (22:04 +0300)]
OpenSSL: Add support for crypto_hash_{init,update,finish}()
This adds initial support for HMAC operations using the
crypto_hash_{init,update,finish}() wrappers.
Signed-hostap: Jouni Malinen <j@w1.fi>
Masashi Honma [Mon, 2 Jul 2012 17:53:46 +0000 (20:53 +0300)]
P2P: Check memory allocation result in a Service Discovery Response
This patch adds a check of the return value of wpabuf_dup() in a large
Service Discovery Response.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
Jouni Malinen [Mon, 2 Jul 2012 17:50:03 +0000 (20:50 +0300)]
Update license notification in driver_wired.c
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Gunter Burchardt, tmisu@gmx.de,
Mon, 02 Jul 2012 17:54:28 +0200).
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 2 Jul 2012 17:48:24 +0000 (20:48 +0300)]
Update license notification in signalbar implementation
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Kel Modderman <kel@otaku42.de>,
Mon, 2 Jul 2012 20:02:37 +1000).
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 2 Jul 2012 09:43:16 +0000 (12:43 +0300)]
Update license notification in roboswitch interface file
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Jouke Witteveen
<j.witteveen@gmail.com>, Mon, 2 Jul 2012 11:38:34 +0200).
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 2 Jul 2012 09:11:01 +0000 (12:11 +0300)]
wpa_gui: Update licence notification text in wpa_gui
The Help|About message box was still referring to the old license
alternatives.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 2 Jul 2012 09:04:38 +0000 (12:04 +0300)]
Update license notification in D-Bus interface files
This updates these files to use the license notification that uses only
the BSD license. The changes were acknowledged by email (Dan Williams
<dcbw@redhat.com>, Sun, 01 Jul 2012 15:53:36 -0500).
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 30 Jun 2012 18:27:32 +0000 (21:27 +0300)]
Move p2p_connect PIN format validation into a separate function
This functionality could be shared for other commands, too, so move
it to a common function. In addition, implement the validation in a
bit more strict way to avoid accepting values like '-123' as a valid
PIN.
Signed-hostap: Jouni Malinen <j@w1.fi>
Masashi Honma [Sat, 30 Jun 2012 18:19:12 +0000 (21:19 +0300)]
P2P: Add error message for invalid PIN
Reject invalid PIN value in p2p_connect command. Before this, typos
like "pbd" as the third parameter could have resulted in OK return
value since this parameter was interpreted as the PIN.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
Jouni Malinen [Sat, 30 Jun 2012 17:30:40 +0000 (20:30 +0300)]
Do not share special scan results with virtual interfaces
When a special scan_res_handler is used the scan parameters may not have
been suitable for other purposes (e.g., during a p2p_find operation). As
such, do not indicate such scan results to other virtual interfaces
using the same radio.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 30 Jun 2012 17:20:29 +0000 (20:20 +0300)]
P2P: Remove unused P2P_SCAN_SPECIFIC
This is not used anymore after the commit
e6ecfc4fd3856309b2e1b9e0d23a8635752666e2.
Signed-hostap: Jouni Malinen <j@w1.fi>
Johannes Berg [Sat, 30 Jun 2012 17:18:07 +0000 (20:18 +0300)]
P2P: Remove GO neg/invite special cases from search
There are separate states for these, so we can't really get into this
situation unless somebody tries to do multiple things at the same
time. p2p_connect stops find and CONNECT state is used to probe the peer
on its Listen channel with GO Negotiation Request frames. Similarly,
p2p_invite() stops find and INVITE state is used to probe the peer on
its Listen channel with Invitation Request frames. The older mechanism
of using Search state functionality to find the peer can be removed.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sat, 30 Jun 2012 16:36:04 +0000 (19:36 +0300)]
Update license notification in files initially contributed by Sam
This updates these files to use the license notification that uses only
the BSD license. The changes were acknowledged by email (Sam Leffler
<sam@errno.com>, Sat, 30 Jun 2012 07:57:53 -0700).
Signed-hostap: Jouni Malinen <j@w1.fi>
Gary Morain [Sat, 30 Jun 2012 13:43:50 +0000 (16:43 +0300)]
Export disconnect reason code to dbus
In the properties changed signal, added a new property
"DisconnectReason", which carries the IEEE 802.11 reason code of the
most recent disassociation or deauthentication event. The reason code is
negative if it is locally generated. The property is sent to the DBUS
immediately so as to prevent it from being coalesced with other
disconnect events.
Signed-off-by: Gary Morain <gmorain@chromium.org>
Jouni Malinen [Sat, 30 Jun 2012 13:16:32 +0000 (16:16 +0300)]
EAP-pwd: Avoid double-frees on some error paths
At least some error paths (e.g., hitting the limit on hunt-and-peck
iterations) could have resulted in double-freeing of some memory
allocations. Avoid this by setting the pointers to NULL after they have
been freed instead of trying to free the data structure in a location
where some external references cannot be cleared. [Bug 453]
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 30 Jun 2012 13:12:41 +0000 (16:12 +0300)]
EAP-pwd: Increase maximum number of hunting-and-pecking iterations
The previously used limit (10) is too small for practical purposes since
it can result in about 1 out of 1000 authentication attempts failing.
Increase the limit to 30 to avoid such issues. [Bug 453]
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
Mahesh Palivela [Sat, 30 Jun 2012 10:57:52 +0000 (13:57 +0300)]
hostapd: Add IEEE 802.11ac VHT IEs into Beacon/Probe Response
IEEE 802.11ac VHT changes to include VHT IEs in Beacon and Probe
Response frames.
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
Mahesh Palivela [Sat, 30 Jun 2012 10:52:13 +0000 (13:52 +0300)]
hostapd: Initial IEEE 802.11ac (VHT) definitions
Add IEEE 802.11ac definitions for config, IEEE structures, constants.
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
Michael Naumov [Sat, 30 Jun 2012 10:11:26 +0000 (13:11 +0300)]
P2P: Add dbus python scripts to perform p2p_find and p2p_connect
Two DBUS scripts using python glib are added to perform p2p_find and
p2p_connect operations respectively. p2p_connect script just performs
the traditional connect to create a new p2p group. Additional updates
will be required to perform join, auth etc. al.
Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Jouni Malinen [Thu, 28 Jun 2012 18:28:49 +0000 (21:28 +0300)]
WPS: Document NFC use cases with password/config token
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 17:54:53 +0000 (20:54 +0300)]
WPS: Share a single function for generating NFS password tokens
There is no need for both hostapd and wpa_supplicant to have their
own functions for this.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 17:42:50 +0000 (20:42 +0300)]
WPS: Add a standalone tool for building NFC password tokens
nfc_pw_token can be used to build random NFC password token for WPS.
This tool prints out the wpa_supplicant.conf (or hostapd.conf)
parameters and the hexdump of the WPS password token (with and without
NDEF encapsulation) so that it can be written to a NFC tag with an
external program.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 17:40:16 +0000 (20:40 +0300)]
WPS: Use random_get_bytes() for NFC password id
os_random() may not be seeded properly, so use stronger mechanism for
generating the password id for NFC password tokens.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 16:43:29 +0000 (19:43 +0300)]
WPS: Add support for NCF password token from AP
The new hostapd ctrl_iface command WPS_NFC_TOKEN can now be used to
manage AP-as-Enrollee operations with NFC password token. WPS/NDEF
parameters to this command can be used to generate a new NFC password
token. enable/disable parameters can be used to enable/disable use of
NFC password token (instead of AP PIN) for external Registrars.
A preconfigured NFS password token can be used by providing its
parameters with new hostapd.conf fields wps_nfc_dev_pw_id,
wps_nfc_dh_pubkey, wps_nfc_dh_privkey, and wps_nfc_dev_pw. This use
will also depend on WPS_NFC_TOKEN enable/disable commands, i.e., the
configured NFS password token is disabled by default.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 16:41:26 +0000 (19:41 +0300)]
WPS: Allow NFC password token from AP to be used with wps_reg
The AP PIN on wps_reg command can now be replaced with special value
"nfc-pw" to use device password from a NFC password token from the AP.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 14:34:46 +0000 (17:34 +0300)]
WPS ER: Add support for using NFC password token from an Enrollee
WPS_NFC_TAG_READ ctrl_iface command can now be used to add NFC password
tokens to ER.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 13:35:51 +0000 (16:35 +0300)]
WPS ER: Add support for building NFC configuration token
WPS_ER_NFC_CONFIG_TOKEN command can now be used to build a NFC
configuration token based on AP Settings learnt with WPS_ER_LEARN
or set with WPS_ER_CONFIG.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 11:05:13 +0000 (14:05 +0300)]
WPS: Fix ifdef use for the new NFC mechanism in wpa_supplicant
Use CONFIG_WPS_NFC instead of CONFIG_WPS_OOB for the NFC specific
new ctrl_iface commands.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 10:59:29 +0000 (13:59 +0300)]
WPS: Add support for NFC configuration token from external program
The new wpa_supplicant ctrl_iface command WPS_NFC_TAG_READ can now be
used to process NFC tags read by external programs to initiate
wpa_supplicant to use NFC Configuration Token to create a new network.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 10:25:48 +0000 (13:25 +0300)]
WPS: Add new mechanism for generation NFC configuration token
The new hostapd ctrl_iface command WPS_NFC_CONFIG_TOKEN can now be used
to fetch payload for an NFC configuration token so that an external
program can be used to write this on an NFC tag.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 28 Jun 2012 10:23:58 +0000 (13:23 +0300)]
WPS: Fix error case in NFC password token generation
Need to verify that wps_build_nfc_pw_token() returned a valid buffer
before trying to encapsulate it for NDEF.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 19:15:55 +0000 (22:15 +0300)]
WPS: Use separate list of NFC Password Tokens in the Registrar
This adds a cleaner mechanism for handling NFC Password Tokens in the
WPS Registrar. There could be more than one active NFC Password Token in
use and as such, a list of tokens needs to be maintained. The old
WPS_OOB interface is still using the old mechanism that supports only a
single active NFC Password Token.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 17:54:56 +0000 (20:54 +0300)]
WPS: Add new mechanism for communicating NFC tag read events
hostapd ctrl_iface can now be used to deliver payload from read
operation of an NFC tag. This allows operations without having to have
low-level NFC code within hostapd. For now, the new wps_nfc_tag_read
command can be used with NFC password tokens for the case where the AP
has an NFC device that is used to read an NFC tag from the station
Enrollee.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 15:56:41 +0000 (18:56 +0300)]
WPS: Add new mechanism for NFC config method using password token
Instead of requiring low-level access to an NFC device and synchronous
operations, the new WPS_NFC_TOKEN and WPS_NFC ctrl_iface commands can be
used to build a NFC password token and initiate WPS protocol run using
that token (or pre-configured values) as separate commands. The
WPS_NFC_TOKEN output can be written to a NFC tag using an external
program, i.e., wpa_supplicant does not need to have low-level code for
NFC operations for this.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 17:18:47 +0000 (20:18 +0300)]
WPS: Move attribute parser definitions into a new header file
This allows wps/wps_attr_parse.h to be included into files outside
src/wps.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 15:25:16 +0000 (18:25 +0300)]
WPS: Split wps_build_oob_dev_password() into parts
This allows sharing of a function to build the attribute without
changing the OOB parameters.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 16:51:11 +0000 (19:51 +0300)]
NDEF: Mark input data const when it is not modified
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 15:16:47 +0000 (18:16 +0300)]
WPS: Allow NDEF functions to be used from outside src/wps
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 15:11:46 +0000 (18:11 +0300)]
NDEF: Skip unnecessary wpabuf to ptr/len conversion
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 18:17:49 +0000 (21:17 +0300)]
Add dh5_init_fixed() to allow fixed DH parameters to be used
This allows pre-configured private and public key to be used when
initializing DH for group 5.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 18:15:29 +0000 (21:15 +0300)]
WPS: Fix OOB Device Password use for EAP-WSC peer
The OOB Device Password is passed in as a hexdump of the real Device
Password (16..32 octets of arbitrary binary data). The hexdump needs to
be converted to binary form before passing it for WPS processing.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 15:28:13 +0000 (18:28 +0300)]
WPS: Add support for OOB dev password lengths 16..31
Previously, only the maximum length 32 octets for OOB device password
was accepted. Since the specification allows a shorter password to be
used with limited OOB mechanism (e.g., small NFC tag), we should accept
lengths 16..32.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 17:53:29 +0000 (20:53 +0300)]
WPS: Fix potential memory leak with NFC password token
The old stored public key hash needs to be freed before replacing
the pointer with the new value.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 27 Jun 2012 15:19:29 +0000 (18:19 +0300)]
WPS: Fix NFC password token building with WPS 2.0
The earlier WPS 2.0 changes did not increase the wpabuf size when
adding a new attribute to the NFC password token. This could result
in aborting the application on wpabuf overflow if NFC out-of-band
mechanism is used with WPS 2.0 enabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
Jouni Malinen [Tue, 26 Jun 2012 17:11:25 +0000 (20:11 +0300)]
Allow autoscan parameters to be changed in SCANNING state
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 26 Jun 2012 17:05:51 +0000 (20:05 +0300)]
Reinitialize autoscan on explicit reassocciate/reconnect command
This clears the exponential scan interval back to the base value
when a reconnection is requested explicitly.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 26 Jun 2012 16:57:03 +0000 (19:57 +0300)]
Cancel pending scan request on DISCONNECT command
Previously, a pending scan request could be left running when processing
DISCONNECT command from control interface. This can result in unexpected
scan, so cancel the request to avoid this.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 26 Jun 2012 16:52:46 +0000 (19:52 +0300)]
Start autoscan for first connection attempt
Use wpa_supplicant_set_state() to initialize state to DISCONNECT so that
autoscan gets initialized properly. This needs a change in
autoscan_init() to avoid extra scan request that would postpone the
first scan request when an interface is added.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 26 Jun 2012 16:51:06 +0000 (19:51 +0300)]
Fix autoscan exponential to limit interval in all cases
The first time the limit is exceeded could result in using larger
value - avoid that by limiting the interval also in that case.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 26 Jun 2012 16:47:25 +0000 (19:47 +0300)]
Fix autoscan exponential to start with the base value
Initial implementation used base^2 as the starting value.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 26 Jun 2012 16:43:05 +0000 (19:43 +0300)]
Write autoscan parameter to config file on updates
Signed-hostap: Jouni Malinen <j@w1.fi>
Tomasz Bursztyka [Tue, 26 Jun 2012 16:28:21 +0000 (19:28 +0300)]
Add a simple periodic autoscan module
This module will sets a fixed scanning interval. Thus, the parameter to
this module is following this format: <fixed interval>
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Tue, 26 Jun 2012 16:22:56 +0000 (19:22 +0300)]
Add autoscan module named exponential
This module will compute the interval on a base exponential. Thus,
params to this module are following this format: <base>:<limit>
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Tue, 26 Jun 2012 16:11:17 +0000 (19:11 +0300)]
Add autoscan command into wpa_cli
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Tue, 26 Jun 2012 16:09:47 +0000 (19:09 +0300)]
Add ctrl iface command for autoscan
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Tue, 26 Jun 2012 16:05:09 +0000 (19:05 +0300)]
D-Bus: Add AutoScan interface method to set/unset autoscan parameters
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Tue, 26 Jun 2012 15:55:41 +0000 (18:55 +0300)]
Add automatic scanning support
Like bgscan, autoscan is an optional module based feature to automate
scanning but while disconnected or inactive.
Instead of requesting directly a scan, it only sets the scan_interval
and the sched_scan_interval. So, if the driver supports sched_scan,
autoscan will be able to tweak its interval. Otherwise, the tweaked
scan_interval will be used. If scan parameters needs to be tweaked, an
autoscan_params pointer in wpa_s will provide those. So req_scan /
req_sched_scan will not set the scan parameters as they usually do, but
instead will use this pointer.
Modules will not have to request a scan directly, like bgscan does.
Instead, it will need to return the interval it wants after each
notification.
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Tue, 26 Jun 2012 15:09:57 +0000 (18:09 +0300)]
Add autoscan parameters support in config file
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Thomas Pedersen [Mon, 25 Jun 2012 11:45:14 +0000 (14:45 +0300)]
nl80211: Handle CH_SWITCH event
Some drivers may independently decide to switch channels. Handle this by
updating the hostapd and wpa_supplicant AP and GO configuration.
Signed-hostap: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
Jouni Malinen [Mon, 25 Jun 2012 11:34:22 +0000 (14:34 +0300)]
Sync with include/linux/nl80211.h from wireless-testing.git
Signed-hostap: Jouni Malinen <j@w1.fi>
projects / mech_eap.git / log