www.project-moonshot.org Git - mech

Android: Add dfs.c into build

This fixes Android build after commit
e76da5052980f301fe61f2fc0e1e7a5789716061 that added the new dfs.c file.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

WNM: Set Disassoc Imminent flag in ESS Disassoc Imminent frame

The Disassociation Timer field is only valid if Disassoc Imminent is set
to 1.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Interworking: Add required_roaming_consortium parameter for credentials

This allows credentials to be limited from being used to connect to a
network unless the AP advertises a matching roaming consortium OI.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

GAS: Update timeout from TX status handler

This allow GAS operations to be fine-tuned based what happens with GAS
query TX. Failed queries are timed out immediately and acknowledged
queries are given some more time to account for possible TX queue
latencies.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

HTTP server: Allow TCP socket to be reused

This makes it easier to handle cases where the application is restarted
and the previously used local TCP port may not have been fully cleared
in the network stack.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Add test option for specifying hardcoded BSS Load element

The new bss_load_test parameter can be used to configure hostapd to
advertise a fixed BSS Load element in Beacon and Probe Response frames
for testing purposes. This functionality is disabled in the build by
default and can be enabled with CONFIG_TESTING_OPTIONS=y.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Define BSS Load element id

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Interworking: Add support for QoS Mapping functionality for the STA

Indicate support for QoS Mapping and configure driver to update the QoS
Map if QoS Map Set elements is received from the AP either in
(Re)Association Response or QoS Map Configure frame.

This commit adds support for receiving the frames with nl80211 drivers,
but the actual QoS Map configuration command is still missing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

atheros: Add support for QoS Mapping configuration

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Interworking: Add support for QoS Mapping functionality for the AP

This allows QoS Map Set element to be added to (Re)Association Response
frames and in QoS Map Configure frame. The QoS Mapping parameters are
also made available for the driver interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Interworking: Add domain_suffix_match for credentials

This allow domain_suffix_match to be specified for a cred block and then
get this copied for the network blocks generated from this credential as
part of Interworking network selection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Interworking: Add support for multiple home FQDNs

Credentials can now be configured with more than one FQDN ('domain'
field in the cred block) to perform Domain Name List matching against
multiple home domains.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

tests: Remove cred before changing domain

This is in preparation for supporting multiple domain values after which
setting the domain value does not replace the old value, but adds a new
one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Add AAA server domain name suffix matching constraint

The new domain_suffix_match (and domain_suffix_match2 for Phase 2
EAP-TLS) can now be used to specify an additional constraint for the
server certificate domain name. If set, one of the dNSName values (or if
no dNSName is present, one of the commonName values) in the certificate
must have a suffix match with the specified value. Suffix match is done
based on full domain name labels, i.e., "example.com" matches
"test.example.com" but not "test-example.com".

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

OpenSSL: Fix code indentation in OCSP processing

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

hostapd: Add support for DFS with 160 MHz channel width

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>

Mark DFS functions static and rename them

These functions are not used from outside dfs.c anymore.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>

hostapd: DFS with 40/80 MHz channel width support

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>

DFS: Add more parameters to radar events

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>

nl80211: Use struct hostapd_freq_params with start_dfs_cac

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>

hostapd: Split hostapd_set_freq to helper function

This allows the functionality to fill in a struct hostapd_freq_params to
be shared.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>

hostapd: Add AP DFS support

Add DFS structures/events handlers, CAC handling, and radar detection.
By default, after radar is detected or the channel became unavailable, a
random channel will be chosen.

This patches are based on the original work by Boris Presman and
Victor Goldenshtein. Most of the DFS code is moved to a new dfs.c/dfs.h
files.

Cc: Boris Presman <boris.presman@ti.com>
Cc: Victor Goldenshtein <victorg@ti.com>
Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>

tests: Make sure hlr_auc_gw exits and clean up sockets

If a test run is terminated forcefully, hlr_auc_gw could have been left
running and/or some of the control interface files could still remain.
This could result in hlr_auc_gw not starting again for the next test
run.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

tests: Skip EAP-SIM/AKA/AKA' if hlr_auc_gw not available

Do not fail the EAP-SIM/AKA/AKA' test cases if hlr_auc_gw is not
available since hlr_auc_gw is not considered required part for the test
setup.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Increase buffer size and prevent write beyond buffer end

wpa_config_write_key_mgmt has a buffer size of 50. This is not enough
to fit the longest case. I used a network with "WPA-PSK WPA-EAP
WPA-NONE" and CONFIG_IEEE80211R=y + CONFIG_IEEE80211W=y to produce
a string longer than 50 chars. Increase the buffer size to 100 to
prevent truncated output.

Truncated output is not the only problem. If the buffer end is
reached when adding certain key mgmt types the function does not
return immediately. This leaves pos > end. When a second os_sprintf
is called the calculation of end - pos yields a large positive
number for buffer size. End result is a write beyond the buffer end.
Fix this by bailing out if buffer end is reached.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>

hostapd: Fix segfault after ACS when flushing STAs

When hostapd receives an auth frame during ACS the transmission of
the according auth response will always fail:

ACS: Automatic channel selection started, this may take a bit
[..]
send_auth_reply: send: Resource temporarily unavailable
[..]

However, a station info entry was created. Once ACS is finished
it will flush all stations even though hapd was not yet fully
initialized. This results in a segfault when trying to access
hapd->radius:

0  0x0042c1c0 in radius_client_flush_auth ()
1  0x00416a94 in ap_free_sta ()
2  0x00416cc0 in hostapd_free_stas ()
3  0x0040bce8 in hostapd_flush_old_stations ()
4  0x0040c790 in hostapd_setup_interface_complete ()
5  0x0046347c in acs_scan_complete ()
6  0x0040f834 in hostapd_wpa_event ()
7  0x0043af08 in send_scan_event.part.46 ()
8  0x00443a64 in send_scan_event ()
9  0x00443c24 in do_process_drv_event ()
10 0x004449e8 in process_global_event ()
11 0x7767d7d0 in ?? ()

Fix this by not presuming anything about the initialization state of
hapd and checking ->radius before accessing.

Signed-off-hostapd: Helmut Schaa <helmut.schaa@googlemail.com>

WPS NFC: Cancel scheduled scan before attempting a scan

Cancel scheduled scan (if any) before attempting to scan for the newly
received configuration/credential in WPS NFC Config token case.

Signed-hostap: Jithu Jance <jithu@broadcom.com>

Replace printf with wpa_printf debug message

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>

P2P: Do not allow P2P client connection without P2P IE from GO

P2P-GROUP-STARTED event depends on having enough information about the
group available. To avoid incomplete information from being delivered to
upper layers, do not accept scan results without P2P IE (e.g., from a
non-P2P scan) for P2P client association process. This can be of use for
some join-a-group cases where non-P2P scans have generated the BSS entry
for the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Allow persistent group determination based on Beacon frame

P2P IE may be available from a Beacon frame from a GO even if we have
not yet received a Probe Response frame with P2P IE from that GO. Since
all the needed information for determining the GO's P2P Device Address
and group capabilities are available, use that information instead of
displaying incomplete group information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Allow GO to be discovered based on Beacon frame

This fixes some P2P-join-a-group cases where GO may have been discovered
based on passive scan or non-P2P scan. P2P IEs may have been received
from a Beacon frame in such a case and that information can be used to
create a P2P peer entry, e.g., to allow provision discovery exchange to
be completed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Show p2p flag in debug info for scan results

This makes it easier to confirm that P2P capabilities for a GO has been
discovered properly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Show P2P flag in BSS entries also based on Beacon frames

It is possible that a P2P GO has been discovered through a non-P2P scan
that did not return P2P IE in Probe Response frames. To cover those
cases, check also Beacon frame (if received) for P2P IE.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Do not drop P2P IEs from BSS table on non-P2P scans

This could happen when non-P2P station interface runs a scan without P2P
IE in the Probe Request frame. P2P GO would reply to that with a Probe
Response that does not include P2P IE. Do not update the IEs in this BSS
entry to avoid such loss of information that may be needed for P2P
operations to determine group information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Make sure wait for the first client gets stopped

If a group was removed before the wait for the first client had timed
out and the client had not yet connected, p2p_go_wait_client could have
been left set and with that, scan operations could be unnecessarily
delayed. This fixes some undesired delays from commit
c1c0b35fea656345b672984910cc3b93938bc5e5.

Signed-hostap: Jouni Malinen <j@w1.fi>

P2P: Clone 'disable_scan_offload' parameter for p2p group

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>

P2P: Increase Invitation Request timeouts

In noisy environment peer may take more time to send Invitation
Response so increase Invitation Response timeout to 500 ms in success
case and also increase Invitation Request action wait time to 500 ms.
This makes the Invitation Request case use the same timeout with GO
Negotiation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Clear p2p_group_formation and p2p_in_provisioning on group removal

Commit 41f853235fe1d1fad1acecc0ee5dfe81c872c6b2 extends group formation
timeout for the first data connection to complete and resets
p2p_go_group_formation_completed flag due to which p2p_in_provisioning
and p2p_group_formation flags are not cleared when
wpas_group_formation_completed() is called. This can result in both
station scan and p2p_find failures in the case where separate P2P group
interface is not used and the client does not complete 4-way handshake.
Fix this by clearing p2p_group_formation and p2p_in_provisioning when
such a P2P group is deleted.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Include Extended Capabilities element based on scan results

Add Extended Capabilities element to association request only if the AP
included this element in Beacon/Probe Response frames. This is a
workaround to address interoperability issues with some older APs that
do not seem to be able to handle Extended Capabilities element in
(Re)Association Request frames.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P Extend postponing of concurrent scans for persistent GO

Update the p2p_go_wait_client timestamp in p2p_go_configured() to
address the case where the group is set up without the provisioning
step.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

TDLS: Do not start concurrent TDLS setup

A new TDLS request shall transmit TPK M1 frame with a unique INonce.
Thus a new explicit request would fail an ongoing TDLS negotiation with
the error "TDLS: FTIE SNonce in TPK M3 does not match with FTIE SNonce
used in TPK M1" if the peer happens to receive two M1 frames before an
M3 frame. Check for the ongoing negotiation with the peer and do not
start a new one if we are already in a setup negotiation with the peer.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

TDLS: Use wpa_tdls_disable_peer_link() in TPK M1 processing

This function is used only with external setup, so this can cleaned up
to use simpler design.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

TDLS: Use wpa_tdls_disable_peer_link() to avoid peer search

There is no need to go through the peer list when we already have a
pointer to the specific peer entry.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

TDLS: Use helper function for disable link operation

This is called from number of locations and it is more efficient to use
a new helper function instead of wpa_tdls_disable_link() that would do
peer address search from the list of peers.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

TDLS: Clean up wpa_tdls_teardown_link() uses

Making this function be used only for external setup case simplifies the
implementation and makes core wpa_supplicant calls in ctrl_iface.c and
events.c consistent.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

tests: Flush stdout after each status line print

This makes it more convenient to follow live test execution status.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Add test cases for WPA2-Enterprise

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Start RADIUS authentication server

This can be used to run WPA2-Enterprise test cases.

Signed-hostap: Jouni Malinen <j@w1.fi>

hlr_auc_gw: Fix max_chal value validation

This was supposed to be at maximum EAP_SIM_MAX_CHAL (3).

Signed-hostap: Jouni Malinen <j@w1.fi>

hlr_auc_gw: Add support for processing command line operations

This allows hlr_auc_gw to be used to run a single operation without
having to use it as a server. This can be useful, e.g., for generating
GSM authentication triplets for external programs. For example:
./hlr_auc_gw -m hlr_auc_gw.milenage_db "SIM-REQ-AUTH 232010000000000"

Signed-hostap: Jouni Malinen <j@w1.fi>

EAP-AKA server: Fix AUTS processing

Commit 8a9f58f2cca92e5e362809ae4a531a4676c29888 ("EAP-AKA server: Store
permanent username in session data") broke AUTS processing by skipping
new authentication triplet fetch after having reported AUTS. Fix this by
started new full authentication sequence immediately after reporting
AUTS so that the updated parameters are available for the Challenge
message.

Signed-hostap: Jouni Malinen <j@w1.fi>

hlr_auc_gw: Update file comments to mention Milenage

The notes about using only fixed GSM authentication triplets were not
really up-to-date with the implementation. Milenage and GSM-Milenage
were available for EAP-SIM, EAP-AKA, and EAP-AKA'.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Auto detect group name

Some older systems used admin group, but adm group seems to be more
common nowadays, so detect this automatically rather than assume admin
group is used.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Merge start-p2p-concurrent.sh functionality into start.sh

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Add mechanism for test cases to indicate a skipped run

This can be used by test cases that depend on some external component
that may not always be available to indicate clearly that a test case
was skipped rather than passed or failed.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: run-tests.py -L to print out list of test cases

This can be used to get a summary of all the available test cases.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Adjust debug verbosity levels to get rid of extra info

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Document automated mac80211_hwsim test setup

This provides guidance on how to build the test setup, how to run the
tests, and how to add new test cases.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Add test cases for P2P service discovery

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Test GO functionality with legacy STAs

Signed-hostap: Jouni Malinen <j@w1.fi>

Document use of Linux capabilities instead of privileged process

Linux capabilities cap_net_admin and cap_net_raw can be used to replace
need for running wpa_supplicant as a root process.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Make run-tests.py command argument parser more flexible

This allow -e, -r, and -f arguments to be given in any order.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Write test case result summary into a file

This can be used to build statistics from test execution without having
to go through number of log files.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Add test duration and time to PASS/FAIL reports

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Exit early if startup fails

There is no point trying to go through the tests if hostapd and
wpa_supplicant processes cannot be started properly.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Wait for driver scan state to clear between tests

cfg80211/mac80211 seems to getting stuck with scans every now and then.
Check for this special state and delay return from reset() until the
driver has stopped the scan operation. This reduces likelihood of
failing multiple test cases in a row because of a single error.

Signed-hostap: Jouni Malinen <j@w1.fi>

Add driver status information to control interface

STATUS-DRIVER command can now be used to fetch driver interface status
information. This is mainly for exporting low-level driver interface
information for debug purposes.

Signed-hostap: Jouni Malinen <j@w1.fi>

nl80211: Add some more debug prints for mgmt frame TX

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Add a test case for P2P invitation

test_p2p_go_invite verifies that GO can invite a peer in a case where
the operating channel and peer's listen channel are different.

Signed-hostap: Jouni Malinen <j@w1.fi>

nl80211: Fix off-channel Action frame TX from GO with use_monitor

TX frequency gets lost when going through the monitor send MLME option
and this resulted in P2P operations like invitation from a GO failing
when the driver needs monitor socket, but would support offchannel TX.
Fix this by using frame_cmd path instead in case the monitor socket
would have been hit for action frame TX.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Speed up stop-wifi.sh

Split the long waits to iterations of shorter waits that can be stopped
based on processes having died.

Signed-hostap: Jouni Malinen <j@w1.fi>

tests: Add support for using Linux kernel tracing functionality

run-all.sh and start.sh scripts can now take 'trace' command line
argument to request Linux tracing information from mac80211, cfg80211,
and wpa_supplicant to be recorded.

Signed-hostap: Jouni Malinen <j@w1.fi>

Get rid of compiler warning in no-CONFIG_CTRL_IFACE builds

no_ctrl_interface parsing was declared within ifdef CONFIG_CTRL_IFACE
block, so the parser function needs to be marked similarly.

Signed-hostap: Jouni Malinen <j@w1.fi>

Add no_ctrl_interface config param to clear ctrl_interface

This can be used to override previously set ctrl_interface value in a
way that clears the variable to NULL instead of empty string. The only
real use case for this is to disable per-interface ctrl_interface from
the additional control file (-I<file>) in case ctrl_interface was set in
the main configuration file. It should be noted that zero-length
ctrl_interface parameter can be used to initiate some control interface
backends, so simpler designs were not available for this.

The format of the new parameter is not exactly cleanest due to
configuration file parsing assumptions. For example:

ctrl_interface=....
no_ctrl_interface=

would end up with ctrl_interface=NULL.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Make sure updated BSS entry does not get added twice to the list

When the BSS table is being updated based on new scan results, a BSS
entry could end up getting added into last_scan_res list multiple times
if the scan results from the driver includes duplicated values. This
should not happen with driver_nl80211.c since it filter outs duplicates,
but in theory, other driver wrappers could indicate such scan results.
Anyway, it is safer to make sure this cannot happen by explicitly
verifying the last_scan_res list before adding an updated BSS entry
there. A duplicated entry in the list could potentially result in freed
memory being used if there is large enough number of BSSes in the scan
results to cause removal of old BSS entries.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Fix possible freed-memory use in BSS table updates

If there are large number of BSSes in the scan results, BSS table update
could have added a BSS entry to the last_scan_res in a case where that
BSS entry got just deleted. This would happen only if there are more
than bss_max_count (by default 200) BSSes and if at least bss_max_count
of those BSSes are known (match a configured network). In such a case,
wpa_bss_add() could end up allocating a new BSS entry and return a
pointer to that entry even if it was the one that ended up getting freed
to keep the BSS table length within the limit. This could result in
freed memory being used and the process crashing (likely with segfault)
when trying to access information from that BSS entry.

Fix the issue by removing the oldest BSS entry before linking the new
entry to the table. This makes sure the newly added entry will never get
picked up as the one to be deleted immediately.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Use group formation timeout on persistent group GO

Previously, GO considered the group to be fully re-invoked after
starting beaconing on successful invitation exchange. This would leave
the group running until idle timeout (which may not be enabled) or
explicit removal if the client fails to connect for any reason. Since
the client is expected to connect immediately after the invitation
exchange that ends with status=0 (i.e., either client initiated the
exchange or it responded with success), extend group formation timeout
to cover that period until the first successfully completed data
connection. This allows the GO to remove the group automatically if the
client devices does not connect within
P2P_MAX_INITIAL_CONN_WAIT_GO_REINVOKE (15) seconds.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Extend group formation timeout on GO to first data connection

Previously, GO considered the group to be fully formed at the completed
of WPS provisioning step. This would leave the group running until idle
timeout (which may not be enabled) or explicit removal if the client
fails to connect for any reason. Since the client is expected to connect
immediately after the WPS provisioning step, extend group formation
timeout to cover that period until the first successfully completed data
connection. This allows the GO to remove the group automatically if the
client devices does not connect within P2P_MAX_INITIAL_CONN_WAIT_GO (10)
seconds.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Remove P2P groups on process termination

Killing the wpa_supplicant process or using TERMINATE ctrl_iface command
resulted in the process existing without cleaning up possibly added
dynamic P2P group interfaces. Clean this up by stopping each P2P group
before stopping eloop.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Register wpa_msg callback even if only global ctrl_iface is used

Previously, wpa_msg_register_cb() was called only from successful
completion of per-interface control interface initialization. This would
leave the callback unregistered in case only the global control
interface is used which would result in not delivering control interface
events on the global interface. Fix this by registering the callback
handler also from successful initialization of the global control
interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

nl80211: Add more debug prints for send_mlme operations

This makes it easier to debug issues in incorrect channel use in
management frame transmission.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

nl80211: Reset nlmode to station on leaving IBSS

Previously, IBSS mode (NL80211_IFTYPE_ADHOC) was left in drv->nlmode
when leaving IBSS. This causes issues for send_mlme() handler for P2P
Probe Response transmission in Listen state. Fix this by clearing nlmode
back to NL80211_IFTYPE_STATION on leaving IBSS so that following P2P
operations can be executed correctly. Previously, this was fixed only
when the next authentication/association attempt in station mode
occured.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Avoid compiler warning with CONFIG_NO_STDOUT_DEBUG=y

There is no need to use the bss variable which is used only within a
wpa_printf() call that can be conditionally removed from the build.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Allow hostapd config file for dynamically added interface

This extends hostapd global control interface command "ADD" to use a
configuration file instead of requiring configuration to be built using
SET command.

The command format is now following:
ADD <ifname> <control path|config=<path to config>>

For example:

ADD wlan0 /var/run/hostapd
ADD wlan0 config=/tmp/hostapd.conf

When using the configuration file option, ctrl_interface parameter in
the file needs to be set to allow ENABLE command to be issued on the new
interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Do not clear hostapd configuration parameters on disable-iface

There was a comment about the the cleanup steps being from
hostapd_cleanup_iface(). However, the operations that cleared some
security parameters do not seem to exist elsewhere and do not make sense
here. Remove them to avoid changing configuration with DISABLE followed
by ENABLE.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

hostapd: Fix couple of deinit path cases to clear pointers

This fixes some issues where dynamic interface enable/disable cycles
could end up trying to free resources twice and crash the process while
doing so.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

nl80211: Print more debug info on management frame RX information

This can be useful in figuring out how drv->last_mgmt_freq gets set
to debug issues with P2P frames being sent on incorrect channel.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

tests: Clear global monitor interface on dump_monitor()

This avoids some issues with the global control interface socket
getting stuck with send buffer limit reached if test cases did not
use wait_global_event().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Re-open ctrl_iface socket on some failure cases as a workaround

If wpa_supplicant ctrl_iface clients are misbehaving and refusing to
read replies or event messages from wpa_supplicant, the single socket
used in wpa_supplicant to send messages can reach the maximum send
buffer limit. When that happens, no more responses to any client can be
sent. Work around this by closed and reopening the socket in case such a
failure state is detected. This is obviously not desirable since it
breaks existing connected sockets, but is needed to avoid leaving
wpa_supplicant completely unable to respond to any client. Cleaner fix
for this may require more considerable changes in the ctrl_iface design
to move to connection oriented design to allow each client to be handled
separately and unreachability to be detected more reliably.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

atheros: Compile fix for driver code not defining IEEE80211_APPIE_FRAME_WNM

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

OpenSSL: Split OCSP peer_cert/peer_issuer debug output into parts

This makes it clearer which certificate was missing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

HS 2.0: Allow printf format parsing with language:name strings

This allows Hotspot 2.0 and Interworking strings that use language:name
string (e.g., venue_name) to be encoded using printf format to enter
special characters like newline.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Fix wpa_config_parse_string() to null terminate printf decoded values

printf_decode() fills in a binary buffer and returns the length of
the written data. This did not use null termination since initial
use cases used the output as a binary value. However, Hotspot 2.0
cred block values are also using this for parsing strings. Those
cases could end up without proper null termination depending on what
os_malloc() ends up getting as the memory buffer. Fix these and make
printf_decode() more convenient by forcing the output buffer to be
null terminated.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Fix language string length validation in parse_lang_string()

The language string length needs to be validated to hit into the
three-octet lang field in struct hostapd_lang_string before copying
this. Invalid configuration entries in hostapd.conf could have resulted
in buffer overflow.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Simplify ctrl_iface sendto() use

Prepare reply buffer first for all cases and then use a single sendto()
call instead of three calls depending on reply type. This allows simpler
error handling for control interface send operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Clear frequency list on empty value

Allow current frequency list of be cleared with an empty string value.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Make scan_freq field to be saved by save_config

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>

P2P: Prefer 20 MHz operating channels on 5 GHz band over 2.4 GHz

When no other user preference is specified, opt to use an operating
channel that allows 5 GHz band to be used rather than 2.4 GHz.
Previously, this was already done in practice for HT40 channels since no
such channel is enabled for P2P on 2.4 GHz. This commit extends this to
apply 5 GHz preference for 20 MHz channels as well.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Drop EAP packet with code 10 before EAPOL state machine processing

H3C WA2620i-AGN AP may send an EAP packet with an undefined EAP code
10 after successful EAP authentication which restarts the EAPOL
state machine. Drop such frames with this unrecognized code without
advancing the EAPOL supplicant or EAP peer state machines to avoid
interoperability issues with the AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

Use configured sched_scan interval for the PNO scan

The interval for the PNO scan did not use the configured sched_scan
interval. This commit addresses the same by using the configured value
or the default of 10 seconds if configuration parameter is not used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>