www.project-moonshot.org Git - mech

wpa_supplicant: Add LCI and civic request to Neighbor Report Request

Add an option to request LCI and Location Civic Measurement in Neighbor
Report Request frame, as described in IEEE P802.11-REVmc/D5.0, 9.6.7.6.

Note: This changes the encoding format of the NEIGHBOR_REP_REQUEST
ssid=<val> parameter. This used to be parsed as raw SSID data which is
problematic for accepting additional parameters. The new encoding allows
either a string within double-quotation marks or a hexdump of the raw
SSID.

Thew new format:
NEIGHBOR_REP_REQUEST [ssid=<SSID>] [lci] [civic]

Signed-off-by: David Spinadel <david.spinadel@intel.com>

utils: Add ssid_parse() function

Add a function that parses SSID in text or hex format. In case of the
text format, the SSID is enclosed in double quotes. In case of the hex
format, the SSID must include only hex digits and not be enclosed in
double quotes. The input string may include other arguments after the
SSID.

Signed-off-by: David Spinadel <david.spinadel@intel.com>

Add measurement and neighbor report definitions

Add measurement report definitions from Table 9-81 in IEEE
P802.11-REVmc/D5.0 "Measurement type definition for measurement
requests".

Add measurement report definitions from IEEE Std 802.11-2012 Table 8-71
"Location subject definition".

Add neighbor report bandwidth subelement definition from IEEE
P802.11-REVmc/D5.0 MC Table 9-150 - "Optional subelement IDs
neighbor report"

Add neighbor report channel width definition from IEEE
P802.11-REVmc/D5.0, Table 9-152 - "HT/VHT Operation Information
subfields".

Add definitions for neighbor report BSSID info from IEEE
P802.11-REVmc/D5.0, 9.4.2.37 Neighbor Report element.

Signed-off-by: David Spinadel <david.spinadel@intel.com>

utils: Rename hostapd_parse_bin to wpabuf_parse_bin and move it

Make the function available as part of the wpabuf API.
Use this renamed function where possible.

Signed-off-by: David Spinadel <david.spinadel@intel.com>

hostapd: Set LCI and Location Civic information in configuration

Enable configuration of LCI and location civic information in
hostapd.conf.

Signed-off-by: David Spinadel <david.spinadel@intel.com>

tests: AP with open mode and STA poll

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Add POLL_STA command to check connectivity in AP mode

The hostapd "POLL_STA <addr>" control interface command can be used to
check whether an associated station ACKs a QoS Data frame. The received
ACK for such a frame is reported as an event message ("AP-STA-POLL-OK
<addr>").

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: hostapd disconnecting STA without transmitting Deauth/Disassoc

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Allow AP to disconnect STA without sending Deauth/Disassoc frame

The optional tx=0 parameter can be added to the hostapd
DEAUTHENTICATE/DISASSOCIATE command to request disconnection without
transmitting the Deauthentication/Disassociation frame to the STA.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: AP with open mode and STA statistics

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Add inactive_msec into STA output

This allows external programs to fetch the driver inactivity value for a
specific STA ("STA <addr>" hostapd control interface command).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: VENDOR_ELEM 14 to add an IE into Probe Request frame

Signed-off-by: Jouni Malinen <j@w1.fi>

Extend VENDOR_ELEM parameters to cover non-P2P Probe Request frame

The new VENDOR_ELEM value 14 can now be used to add a vendor element
into Probe Request frames used by non-P2P active scans.

For example:
VENDOR_ELEM_ADD 14 dd05001122330a
and to clear that:
VENDOR_ELEM_REMOVE 14 *

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Modify test_hs20_filter

Modify the test cases to tests the Hotspot 2.0 filtering functionality
in wpa_supplicant, instead of testing only the kernel interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

nl80211: Implement configure_data_frame_filters() callback

Implement configure_data_frame_filters() callback by using
the net-sysfs interfaces (if these are available).

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

HS 2.0: Add support for configuring frame filters

When a station starts an association to a Hotspot 2.0 network, request
the driver to do the following, based on the BSS capabilities:

1. Enable gratuitous ARP filtering
2. Enable unsolicited Neighbor Advertisement filtering
3. Enable unicast IP packet encrypted with GTK filtering if
DGAF disabled bit is zero

Clear the filter configuration when the station interface is
disassociated.

Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>

driver: Add a packet filtering function declaration

Add a new function declaration that will allow wpa_supplicant to request
the driver to configure data frame filters for specific cases.

Add definitions that will allow frame filtering for stations as
required by Hotspot 2.0:

1. Gratuitous ARP
2. Unsolicited NA
3. Unicast IP packets encrypted with GTK

Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>

AP: Pass station P2P PS capabilities info during station add/set

If a legacy client with no P2P PS support is trying to connect to
a P2P GO, the driver should know that, and change its PS behavior
accordingly.

Add a parameter to hostapd_sta_add_params() indicating if P2P PS is
supported by the station and pass this parameter to kernel with nl80211
driver when the station is added/set.

Signed-off-by: Ayala Beker <ayala.beker@intel.com>

Sync with mac80211-next.git include/uapi/linux/nl80211.h

This brings in nl80211 definitions as of 2016-04-06.

Signed-off-by: Jouni Malinen <j@w1.fi>

wpa_supplicant: "don't care" value for pbss in ssid structure

Add a new value 2 to the pbss parameter of wpa_ssid structure, which
means "don't care". This value is used in infrastructure mode to request
connection to either AP or PCP, whichever is available in the scan
results. The value is also used in regular WPS (not P2P group formation)
to make WPS work with devices running as either AP or PCP.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>

tests: RADIUS failure when adding MPPE keys

This is a regression test case for a radius_msg_add_mppe_keys() memory
leak on an error path.

Signed-off-by: Jouni Malinen <j@w1.fi>

RADIUS: Fix a possible memory leak on an error path

Fix a possible memory leak in radius_msg_add_mppe_keys() if
os_get_random() fails.

Signed-off-by: Ayala Beker <ayala.beker@intel.com>

tests: WPA2 with invalid PSK from RADIUS

This is a regression test case for a memory leak on a
decode_tunnel_passwords() error path.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Fix pyrad exception name in RADIUS test cases

Signed-off-by: Jouni Malinen <j@w1.fi>

RADIUS: Fix possible memory leak when parsing per-STA passphrase

Fix a possible memory leak in decode_tunnel_passwords() if an invalid
passphrase is received from the RADIUS server.

Signed-off-by: Ayala Beker <ayala.beker@intel.com>

tests: Add P2P invitation coverage during p2p_find

The new persistent_group_peer_dropped3 test case is similar to
persistent_group_peer_dropped with the difference being in the
responding device (the one from which the persistent group information
is dropped) is not issued a separate P2P_LISTEN command and instead, a
single P2P_FIND is used through the exchange to verify that this
operation does not get stopped unexpectedly. This is a regression test
case to verify that P2P_PENDING_INVITATION_RESPONSE case ends up calling
p2p_check_after_scan_tx_continuation() in non-success case. It should be
noted that this is dependent on timing: Action frame TX request needs to
occur during the P2P_FIND Search phase (scan). As such, not every
execution of this test case will hit the previous issue sequence, but
that should be hit every now and then.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Continue p2p_find after sending non-success Invitation Response

This was previously handled for the case where the non-success
Invitation Response frame was sent out during the Listen phase. However,
in the case the Action frame TX ended up getting scheduled when the
Search phase scan had already started (e.g., due to the driver reporting
Invitation Request RX late enough for the Listen-to-Search transition
having already started), the postponed Action frame TX status processing
did not cover the specific case of non-success Invitation Response. This
could result in the p2p_find operation getting stopped (stuck in SEARCH
state) unexpectedly.

Fix this by calling p2p_check_after_scan_tx_continuation() from
Invitation Response TX callback handler if the invitation was rejected.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Mark wpa_supplicant_{start,stop}_sched_scan() static

With the only callers in wpas_{start,stop}_pno() moved into scan.c,
there is no need to call these helper functions from outside scan.c
anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>

Fix race condition with PNO stop followed immediately by PNO start

Commit dd271857a5b501cd88143efe8ca0f0dce4519a91 ('Skip normal scan when
PNO is already in progress') fixed issues with normal scans getting
rejected by the driver when PNO scan is already running. The part about
skipping such a scan request is fine, but the part about clearing
wpa_s->pno back to 0 in EVENT_SCHED_SCAN_STOPPED handler is problematic.

If PNO is stopped ("SET pno 0") and then restarted ("SET pno 1")
immediately, it is possible for the EVENT_SCHED_SCAN_STOPPED event from
the stopping part to be received only after the new PNO instance has
been started. This would have resulted in clearing wpa_s->pno and the
driver and wpa_supplicant getting out of sync. This would then prevent
PNO from being stopped with "SET pno 0" (that fails if wpa_s->pno == 0).

Fix this race condition by reverting the wpa_s->pno = 0 addition from
the EVENT_SCHED_SCAN_STOPPED handler.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Add QCA nl80211 vendor commands for TSF and WISA Feature

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

RSN: Set EAPOL-Key Request Secure bit to 1 if PTK is set

The Secure bit in the Key Information field of EAPOL-Key frames is
supposed to be set to 1 when there is a security association. This was
done for other frames, but not for the EAPOL-Key Request frame where
supplicant is requesting a new PTK to be derived (either due to Michael
MIC failure report Error=1 or for other reasons with Error=0). In
practice, EAPOL-Key Request frame is only sent when there is a PTK in
place, so all such frames should have Secure=1.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Pass full apdev to add_ap() function (7)

Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (7) converts the cases where a local variable is used to store
apdev[#]['ifname'] before passing it as the argument to hostapd.add_ap().

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Pass full apdev to add_ap() function (6)

Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (6) converts the cases where apdevs[#]['ifname'] was used as
the argument to hostapd.add_ap().

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Pass full apdev to add_ap() function (5)

Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (5) converts the cases that use the start_ap_wpa2_psk() helper
function.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Pass full apdev to add_ap() function (4)

Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (4) converts the cases that call hostapd.add_ap() from a
helper function that got apdev[i] as an argument.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Pass full apdev to add_ap() function (3)

Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (3) converts the cases that use the start_ap() helper
function.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Pass full apdev to add_ap() function (2)

Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (2) converts the cases that use the add_ssdp_ap() helper
function.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Pass full apdev to add_ap() function (1)

Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].

This step (1) converts the cases where apdev[#]['ifname'] was used as
the argument to hostapd.add_ap().

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Allow full apdev to be passed to add_ap() function

This allows the full apdev dict to be passed to the add_ap() function
instead of just ifname. This allows us to handle also remote hosts while
we can check apdev['hostname'], apdev['port']. The old style ifname
argument is still accepted to avoid having to convert all callers in a
single commit.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

Android: Fix max number of sched scan SSIDs based on driver capability

This adds use of the driver capability (instead of hardcoded
WPAS_MAX_SCAN_SSIDS) in wpas_start_pno() similarly to what was already
done in wpa_supplicant_req_sched_scan().

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>

binder: Implement interface add/remove methods

This commit implements the methods defined in Supplicant service:
1. CreateInterface
2. RemoveInterface
3. GetInterface

The binder service returns the corresponding iface binder object
references which can be used by clients to control a specific
interface.

Signed-off-by: Roshan Pius <rpius@google.com>

binder: Add binder skeletal code for Android

Create the skeletal binder interface for wpa_supplicant. The interface
hierarchy is based off the existing dbus
interface(https://w1.fi/wpa_supplicant/devel/dbus.html).

Since we use libbinder, the binder interface codebase needs to be
written in C++ and can only be compiled on Android platform for now.

The aidl files define binder RPC interfaces. The Android build system
generates the corresponding C++ interface classes which needs to be
implemented by the server process.

The clients can obtain a reference to the binder service (root object)
using:
android::String16 service_name("fi.w1.wpa_supplicant");
android::sp<android::IBinder> binder =
android::defaultServiceManager()->getService(service_name);

Once a reference to the root object is retrieved, the clients can
obtain references to other RPC objects using that root object methods.

Signed-off-by: Roshan Pius <rpius@google.com>

Remove struct ieee80211_mgmt::u.probe_req

This struct in the union is empty, but the design of using a zero-length
u8 array here is not fully compatible with C++ and can result in
undesired compiler warnings. This struct is not used anymore, so it can
be removed from the struct ieee80211_mgmt definition to complete the
changes started in commit d447cd596f0a9f73850229e7fa2bdd35755dc750
('Updates for stricter automatic memcpy bounds checking').

Signed-off-by: Jouni Malinen <j@w1.fi>

atheros: Do not use struct ieee80211_mgmt::u.probe_req

This struct in the union is empty, but the design of using a zero-length
u8 array here is not fully compatible with C++ and can result in
undesired compiler warnings. Since there are no non-IE fields in the
Probe Request frames, get the location of the variable length IEs simply
by using the pointer to the frame header and the known header length.

Signed-off-by: Jouni Malinen <j@w1.fi>

wpa_supplicant: Do not use struct ieee80211_mgmt::u.probe_req

This struct in the union is empty, but the design of using a zero-length
u8 array here is not fully compatible with C++ and can result in
undesired compiler warnings. Since there are no non-IE fields in the
Probe Request frames, get the location of the variable length IEs simply
by using the pointer to the frame header and the known header length.

Signed-off-by: Jouni Malinen <j@w1.fi>

AP: Do not use struct ieee80211_mgmt::u.probe_req

This struct in the union is empty, but the design of using a zero-length
u8 array here is not fully compatible with C++ and can result in
undesired compiler warnings. Since there are no non-IE fields in the
Probe Request frames, get the location of the variable length IEs simply
by using the pointer to the frame header and the known header length.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: EAP-SIM fast reauth with no-change SET_NETWORK

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Do not clear PMKSA entry or EAP session cache if config does not change

This avoids unnecessary flushing of the PMKSA cache entry and EAP
session data when processing SET_NETWORK commands that set a network
profile parameter to the same value that the parameter already has.

Introduce a new wpa_config_set() and wpa_config_set_quoted() return
value (==1) signifying that the new value being set for the
corresponding field equals to the already configured one so that the
caller can determine that nothing changed in the profile.

For now, this does not cover all the network profile parameters, but
number of the most commonly used parameters are included to cover the
Android use cases where the framework may have issued SET_NETWORK
commands that would have unnecessarily prevented use of PMKSA caching or
EAP fast reauthentication.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Revert "Assign QCA vendor command and attribute for Tx/Rx aggregation"

This reverts commit 4ca16b5fd71833d7d200167ba10b471cab7d049f.
Configuration for this will be done using a previously assigned more
generic command. This new command
QCA_NL80211_VENDOR_SUBCMD_SET_TXRX_AGGREGATION has not been used in any
driver version and won't be used, so the assigned command id can be
freed for future use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: SAE and bignum failures

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Add TEST_FAIL() calls into OpenSSL bignum operations

This makes it easier to test error paths in bignum operations in SAE.

Signed-off-by: Jouni Malinen <j@w1.fi>

Comment out UDP/UNIX socket code from common ctrl_iface based on build

These were unreachable cases in the switch statements based on how the
build was configured.

Signed-off-by: Jouni Malinen <j@w1.fi>

Fix CONFIG_CTRL_IFACE=udp6/udp6-remote builds

wpa_supplicant_global_ctrl_iface_receive() did not handle the from
address properly for the IPv6 case. This was broken by commit
d60886cdafbf839be05ca5f7d4877565d4958a44 ('wpa_supplicant: Add monitor
support for global UDP ctrl_iface').

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: SAE and pwe failure

Signed-off-by: Jouni Malinen <j@w1.fi>

SAE: Check SHA256-PRF operation result

While this is mostly theoretical, check explicitly that SHA256
operations in sha256_prf*() succeed.

Signed-off-by: Jouni Malinen <j@w1.fi>

SAE: Remove dead code in FFC pwd-value derivation

The local bits variable is set to prime_len * 8 and consequently bits %
8 cannot be anything else than 0.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: RADIUS accounting with various security cases

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Suite B error cases for PMKID and MIC derivation

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: WNM BSS transition management with various PHY types

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: DFS CAC functionality on channel 104 HT40-

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: AP Channel Switch - invalid channel

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Information element parsing OOM

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Information element parsing - extra coverage

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: QCA vendor element parsing

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Invalid VHT 80 and 80+80 MHz configuration (seg0/seg1)

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: HT40 co-ex scan and broken legacy/HT AP

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: HT40 on 5 GHz with disabled secondary channel

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Fix FST cleanup if alloc_fail is not supported

The test cases fst_ap_start_session_oom and fst_setup_mbie_diff did not
clean up FST sessions properly in case alloc_fail failed due to missing
support for it in the build. This could result in abandoning attached
hostapd global control interface monitors and test case failures due to
the global control interface socket running out of output buffer.

Fix this by going through the cleanup steps even if alloc_fail raises
HwsimSkip exception.

Signed-off-by: Jouni Malinen <j@w1.fi>

nl80211: Fix libnl-tiny build with CONFIG_LIBNL20=y

libnl-tiny does not use the separate nl-genl library.

Signed-off-by: Jouni Malinen <j@w1.fi>

Use TIOCOUTQ instead of SIOCOUTQ to avoid need for linux/sockios.h

All that the kernel header was doing here is defining SIOCOUTQ to be
TIOCOUTQ. Instead of pulling in the header, we might as well use
TIOCOUTQ directly.

Signed-off-by: Jouni Malinen <j@w1.fi>

wlantest: Use local ETH_P_IP define instead of linux/if_ether.h

There is no strong need for pulling in linux/if_ether.h here since all
that is needed if ETH_P_IP and we already cover multiple other ETH_P_*
values in utils/common.h.

Signed-off-by: Jouni Malinen <j@w1.fi>

Drop USE_KERNEL_HEADERS define

This was only used for providing an option to use linux/if_packet.h
instgead of netpacket/packet.h in src/ap/iapp.c. However,
netpacket/packet.h is nowadays commonly available and hostapd already
depends on it through src/l2_packet/l2_packet_linux.c, so there is no
need to continue to provide this option for the kernel header.

Signed-off-by: Jouni Malinen <j@w1.fi>

Use a separate header file for Linux bridge interface definitions

This moves the BRCTL_* defines from vlan_full.c to linux_bridge.h to
clean up header inclusion.

Signed-off-by: Jouni Malinen <j@w1.fi>

Use own header file for defining Linux VLAN kernel interface

This gets rid of need to include linux/if_vlan.h and additional defines
in vlan_ioctl.c to avoid issues with missing definitions in libc
headers.

Signed-off-by: Jouni Malinen <j@w1.fi>

vlan: Fix musl libc conflict with Linux kernel headers

Due to both <netinet/in.h> (in "utils/includes.h") and <linux/in6.h> (in
<linux/if_bridge.h>) being included, the in6_addr is being redefined:
once from the C library headers and once from the Linux kernel headers.
This causes some build failures with for example the musl C library:

In file included from /usr/include/linux/if_bridge.h:18,
from ../src/ap/vlan_init.c:17:
/usr/include/linux/in6.h:32: error: redefinition of 'struct in6_addr'
/usr/include/linux/in6.h:49: error: redefinition of 'struct sockaddr_in6'
/usr/include/linux/in6.h:59: error: redefinition of 'struct ipv6_mreq'

Mixing C library and Linux kernel headers is a bit problematic [1] and
should be avoided if possible [2]. In order to fix this, define just the
macros needed from <linux/if_bridge.h> as done in Busybox for the brctl
applet [3].

[1] https://sourceware.org/bugzilla/show_bug.cgi?id=15850
[2] http://www.openwall.com/lists/musl/2015/10/06/1
[3] https://git.busybox.net/busybox/commit/?id=5fa6d1a632505789409a2ba6cf8e112529f9db18

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>

P2P: Fix persistent group for 60 GHz networks

Fix two problems with storage of 60 GHz P2P persistent groups:
1. pbss flag was not stored in the network block.
2. When recreating the persistent group from storage,
in addition to the missing pbss flag, the pairwise_cipher and
group_cipher were initialized to CCMP which does not work
in 60 GHz since the default in 60 GHz should be GCMP.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>

vlan: Move if_nametoindex() use out of vlan_init.c

With this, vlan_init.c does not need any special header files anymore
and vlan_ifconfig.c does not need hostapd-specific header files that
might conflict with net/if.h on NetBSD.

Signed-off-by: Jouni Malinen <j@w1.fi>

vlan: Move ifconfig helpers to a separate file

This removes final ioctl() use within vlan_init.c.

Signed-off-by: Jouni Malinen <j@w1.fi>

vlan: Move CONFIG_FULL_DYNAMIC_VLAN functionality into a separate file

This cleans up vlan_init.c by removing number of C pre-processor
dependencies.

Signed-off-by: Jouni Malinen <j@w1.fi>

vlan: Remove unnecessary header includes from netlink implementation

The implementation in vlan_util.c does not use many of the header files
that were pulled in.

Signed-off-by: Jouni Malinen <j@w1.fi>

vlan: Clean up netlink vs. ioctl API implementation

Move the ioctl-based VLAN implementation to a separate file to avoid
need for conditional blocks within vlan_ioctl.c. This removes the
internal CONFIG_VLAN_NETLINK define, i.e., this is now used only in
build configuration (.config) to select whether to include the
vlan_util.c (netlink) or vlan_ioctl.c (ioctl) implementation of the
functions.

Signed-off-by: Jouni Malinen <j@w1.fi>

vlan: Fix musl build error

caddr_t is legacy BSD and should be avoided [1]. While glibc may still
use __caddr_t as the type, Linux kernel does not (it is "void __user *
ifru_data").

This fixes compile errors with the musl libc:

../src/ap/vlan_init.c: In function 'br_delif':
../src/ap/vlan_init.c:218:18: error: '__caddr_t' undeclared (first use in this function)
ifr.ifr_data = (__caddr_t) args;

[1] http://stackoverflow.com/questions/6381526/what-is-the-significance-of-caddr-t-and-when-is-it-used

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>

Make it a bit easier to roam from 2.4 GHz to 5 GHz within ESS

The initial connection to an ESS was already explicitly increasing the
likelihood of picking a 5 GHz BSS. While the throughput estimation is
likely to do same for the roaming decision, it might be possible that
that does not cover all cases. Add couple of dB extra preference for 5
GHz in case the roaming decision falls back to comparing signal levels.

Signed-off-by: Jouni Malinen <j@w1.fi>

Fix a typo in a comment

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: WNM BSS Transition Management and cfg80211 connect command

For now, this is not enforcing cfg80211 reassociation since the needed
changes do not yet exist in the upstream kernel. Once those changes are
accepted, the TODO note in the test case can be addressed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: WNM BSS Transition Management and security mismatch

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

nl80211: Ignore deauth/disassoc event during Connect reassociation

cfg80211 reports a deauth/disassoc event when internally clearing
connection with the previous BSS. Ignore that event to allow the new
connect command to complete.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Include previous BSSID in connection request to indicate reassociation

This allows the SME-in-the-driver case to get similar information about
reassociation that was already available for the SME-in-wpa_supplicant
case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

nl80211: Add NL80211_ATTR_PREV_BSSID with Connect command

This makes it easier for drivers that use the Connect command instead of
separate Auth+Assoc commands to determine when to use reassociation
instead of association. Matching changes are still needed in cfg80211 to
allow this parameter to be used, but it is safe for wpa_supplicant to
start including this attribute now since it will be ignored by older
cfg80211 versions.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

WNM: Verify BSS TM target match against the current network profile

Reject a BSS transition management candidate if it does not match the
current network profile, e.g., due to incompatible security parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

mesh: Simplify wpa_auth_pmksa_set_to_sm()

pmksa->pmk or pmksa->pmkid cannot be NULL since they are arrays. Remove
the unnecessary NULL checks and use the provided pmksa pointer directly
to simplify the implementation. (CID 138519)

Signed-off-by: Jouni Malinen <j@w1.fi>

privsep: Fix a compiler warning on unsigned/signed comparison

Signed-off-by: Jouni Malinen <j@w1.fi>

Add interface matching support with -M, guarded by CONFIG_MATCH_IFACE

The new wpa_supplicant command line argument -M can be used to describe
matching rules with a wildcard interface name (e.g., "wlan*").

This is very useful for systems without udev (Linux) or devd (FreeBSD).

Signed-off-by: Roy Marples <roy@marples.name>

Find correct driver for interface additions/removals

Interface additions/removals are not guaranteed to be for the driver
listening to the kernel events. As such, send the events to
wpa_supplicant_event_global() which can then pick the correct interface
registered with wpa_supplicant to send the event to.

Signed-off-by: Roy Marples <roy@marples.name>

wpa_supplicant: Fix CONFIG_IBSS_RSN=y build without CONFIG_AP=y

Commit 1889af2e0f89f9a98171761683eb1c244584daf8 ('VLAN: Separate station
grouping and uplink configuration') added an ap_sta_set_vlan() function
that gets called from pmksa_cache_auth.c. This broke CONFIG_IBSS_RSN=y
build if src/ap/sta_info.c did not get included in the build, i.e., if
CONFIG_AP=y was not set.

Fix this by making the ap_sta_set_vlan() call conditional on
CONFIG_NO_VLAN being undefined and define this for CONFIG_IBSS_RSN=y
builds. This is fine for wpa_supplicant since CONFIG_AP=y case was
already defining this. For hostapd, this function call is not needed for
CONFIG_NO_VLAN case either.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: Allow RC4-SHA failure in ap_wpa2_eap_fast_cipher_suites

This needs to be allowed with OpenSSL 1.1.0 since the RC4-based cipher
has been disabled by default.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: Improve debug logs in hostapd/wpasupplicant with remote commands

Show more info when we are using remote wpaspy and UDP-based control
interface.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: hostapd.py/wpasupplicant.py use Host when executing commands

Execute commands using the Host class. This enables use of remote hosts
as well.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Add remotehost.py and Host class

This class allows execution of commands on a remote hosts/machine. This
is based on ssh with authorized keys, so you should be able to execute
such commands without any password:

ssh <user>@<hostname> id

By default user is root.

Support for sync and async calls is included.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>

wpa_supplicant: Fix p2p_group_add when UDP-based ctrl_iface is used

While p2p_group_add ctrl_interface name could be derived from the main
interface (simple p2p_group_add command), we failed to bind the same UDP
port. Fix this problem and also update the correct ctrl_interface name
(port decrement).

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>