Jouni Malinen [Mon, 6 Oct 2014 16:07:21 +0000 (19:07 +0300)]
Change version information for the 2.3 release
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 6 Oct 2014 16:05:47 +0000 (19:05 +0300)]
Update ChangeLog files for v2.3
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 6 Oct 2014 15:51:22 +0000 (18:51 +0300)]
browser-wpadebug: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 6 Oct 2014 15:50:47 +0000 (18:50 +0300)]
browser-android: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 6 Oct 2014 15:50:00 +0000 (18:50 +0300)]
browser-system: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 6 Oct 2014 15:49:01 +0000 (18:49 +0300)]
hostapd_cli: Use os_exec() for action script execution
Use os_exec() to run the action script operations to avoid undesired
command line processing for control interface event strings. Previously,
it could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use. (CVE-2014-3686)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 6 Oct 2014 14:25:52 +0000 (17:25 +0300)]
wpa_cli: Use os_exec() for action script execution
Use os_exec() to run the action script operations to avoid undesired
command line processing for control interface event strings. Previously,
it could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use. (CVE-2014-3686)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 6 Oct 2014 13:27:44 +0000 (16:27 +0300)]
Add os_exec() helper to run external programs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 9 Oct 2014 11:27:23 +0000 (14:27 +0300)]
tests: VHT 80+80 MHz
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 9 Oct 2014 11:25:55 +0000 (14:25 +0300)]
DFS: Allow 80+80 MHz be configured for VHT
This allows cases where neither 80 MHz segment requires DFS to be
configured. DFS CAC operation itself does not yet support 80+80, though,
so if either segment requires DFS, the AP cannot be brought up.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 8 Oct 2014 22:59:52 +0000 (01:59 +0300)]
tests: Fix DFS radar-during-CAC test case
This uses mac80211_hwsim dfs_simulate_radar to get the real kernel side
CAC operation executed and aborted due to radar detection. This allows
another channel to be selected properly through another CAC run.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 8 Oct 2014 22:23:21 +0000 (01:23 +0300)]
tests: Extend DFS testing to include channel switch
Simulate a radar detection event to verify that hostapd switches
channels properly and the station follows the AP to the new channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 8 Oct 2014 15:27:12 +0000 (18:27 +0300)]
tests: Re-enable DFS connection check
It looks like association with DFS works fine with the current kernel
version, so re-enable this part of the DFS test cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Wed, 8 Oct 2014 15:18:39 +0000 (18:18 +0300)]
tests: VHT with 160 MHz channel width
Since this requires a recent CRDA version and updated wireless-regdb, do
not report failures yet (i.e., indicate that the test case was skipped
if AP startup fails).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 7 Oct 2014 17:07:48 +0000 (20:07 +0300)]
Reserve QCA vendor specific nl80211 commands 34..49
These are reserved for QCA use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 7 Oct 2014 11:53:09 +0000 (14:53 +0300)]
test-aes: Allow NIST key wrap test vectors to be verified
This allows the aes_wrap() and aes_unwrap() implementation to be
verified against KW_{AE,AD}_{128,192,256}.txt test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/mac/kwtestvectors.zip
For example:
./test-aes NIST-KW-AE kwtestvectors/KW_AE_128.txt
./test-aes NIST-KW-AE kwtestvectors/KW_AE_192.txt
./test-aes NIST-KW-AE kwtestvectors/KW_AE_256.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_128.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_192.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_256.txt
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 7 Oct 2014 11:45:22 +0000 (14:45 +0300)]
AES: Extend key wrap implementation to support longer data
This extends the "XOR t" operation in aes_wrap() and aes_unwrap() to
handle up to four octets of the n*h+i value instead of just the least
significant octet. This allows the plaintext be longer than 336 octets
which was the previous limit.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 7 Oct 2014 10:48:45 +0000 (13:48 +0300)]
AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.
The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 7 Oct 2014 08:44:56 +0000 (11:44 +0300)]
OpenSSL: Clean up one part from the BoringSSL patch
The (int) typecast I used with sk_GENERAL_NAME_num() to complete the
BoringSSL compilation was not really the cleanest way of doing this.
Update that to use stack_index_t variable to avoid this just like the
other sk_*_num() calls.
Signed-off-by: Jouni Malinen <j@w1.fi>
Adam Langley [Fri, 19 Sep 2014 01:40:03 +0000 (18:40 -0700)]
Support building with BoringSSL
BoringSSL is Google's cleanup of OpenSSL and an attempt to unify
Chromium, Android and internal codebases around a single OpenSSL.
As part of moving Android to BoringSSL, the wpa_supplicant maintainers
in Android requested that I upstream the change. I've worked to reduce
the size of the patch a lot but I'm afraid that it still contains a
number of #ifdefs.
[1] https://www.imperialviolet.org/2014/06/20/boringssl.html
Signed-off-by: Adam Langley <agl@chromium.org>
Dmitry Shmidt [Fri, 5 Sep 2014 20:13:01 +0000 (13:13 -0700)]
Android: Remove ctrl_interface=wlan0 from config template
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Dmitry Shmidt [Thu, 4 Sep 2014 17:47:59 +0000 (10:47 -0700)]
Android: Set pmf=1 to default template
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Mon, 6 Oct 2014 21:40:52 +0000 (00:40 +0300)]
tests: VENDOR_ELEM_REMOVE of the second IE
Signed-off-by: Jouni Malinen <j@w1.fi>
Toby Gray [Mon, 6 Oct 2014 11:24:33 +0000 (12:24 +0100)]
Fix out of bounds memory access when removing vendor elements
Commit
86bd36f0d5b3d359075c356d68977b4d2e7c9f71 ("Add generic
mechanism for adding vendor elements into frames") has a minor bug
where it miscalculates the length of memory to move using
os_memmove. If multiple vendor elements are specified then this can
lead to out of bounds memory accesses.
This patch fixes this by calculating the correct length of remaining
data to shift down in the information element.
Signed-off-by: Toby Gray <toby.gray@realvnc.com>
Jouni Malinen [Sat, 4 Oct 2014 19:08:17 +0000 (22:08 +0300)]
Clean up authenticator PMKSA cache implementation
This makes the implementation somewhat easier to understand.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 18:43:32 +0000 (21:43 +0300)]
Clear PMKSA cache entry data when freeing them
Avoid leaving the PMK information unnecessarily in memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 18:38:44 +0000 (21:38 +0300)]
Remove unnecessary PMKSA cache freeing step
_pmksa_cache_free_entry() is a static function that is never called with
entry == NULL, so there is no need to check for that.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 19:59:01 +0000 (22:59 +0300)]
tests: OKC with multiple stations
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 19:11:00 +0000 (22:11 +0300)]
Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
If the first entry in the PMKSA cache did not match the station's MAC
address, an infinite loop could be reached in pmksa_cache_get_okc() when
trying to find a PMKSA cache entry for opportunistic key caching cases.
This would only happen if OKC is enabled (okc=1 included in the
configuration file).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 19:39:16 +0000 (22:39 +0300)]
tests: PMKSA cache with multiple stations
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 16:38:55 +0000 (19:38 +0300)]
tests: PMKSA cache entry timeout based on Session-Timeout
This verifies that hostapd uses Session-Timeout value from Access-Accept
as the lifetime for the PMKSA cache entries and expires entries both
while the station is disconnected and during an association.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 16:36:48 +0000 (19:36 +0300)]
Fix PMKSA cache timeout from Session-Timeout in WPA/WPA2 cases
Previously, WPA/WPA2 case ended up using the hardcoded
dot11RSNAConfigPMKLifetime (43200 seconds) for PMKSA cache entries
instead of using the Session-Timeout value from the RADIUS server (if
included in Access-Accept). Store a copy of the Session-Timeout value
and use it instead of the default value so that WPA/WPA2 cases get the
proper timeout similarly to non-WPA/WPA2 cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Oct 2014 16:05:10 +0000 (19:05 +0300)]
tests: PMKSA caching disabled on AP
Signed-off-by: Jouni Malinen <j@w1.fi>
Janusz Dziedzic [Wed, 1 Oct 2014 07:52:54 +0000 (09:52 +0200)]
wpa_supplicant: Enable HT for IBSS
Enable HT20 for IBSS when HT is supported by the driver.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Janusz Dziedzic [Wed, 1 Oct 2014 07:52:53 +0000 (09:52 +0200)]
wpa_supplicant: Use hostapd_freq_params in assoc_params
Use hostapd_freq_params instead of simple frequency parameter for driver
commands. This is preparation for IBSS configuration to allow use of
HT/VHT in IBSS.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Jouni Malinen [Sat, 4 Oct 2014 15:32:57 +0000 (18:32 +0300)]
wpa_ctrl: Update wpa_ctrl_recv() documentation for non-block behavior
Commit
4fdc8def8855ce9b90ffbbdc47152ce46ccdcb1e changed the wpa_ctrl
socket to be be non-blocking, so the comment about wpa_ctrl_recv()
blocking is not valid anymore.
Signed-off-by: Jouni Malinen <j@w1.fi>
Tomasz Bursztyka [Fri, 3 Oct 2014 06:10:33 +0000 (09:10 +0300)]
dbus: Add an interface configuration entry to set the WPS methods
It is thus possible to restrain WPS methods to prefered ones, like PBC
only, etc.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Jouni Malinen [Sat, 4 Oct 2014 13:41:33 +0000 (16:41 +0300)]
tests: External MAC address change
Signed-off-by: Jouni Malinen <j@w1.fi>
Dan Williams [Thu, 2 Oct 2014 15:30:05 +0000 (10:30 -0500)]
nl80211: Re-read MAC address on RTM_NEWLINK
Commit
97279d8d (after hostap-2.0) dropped frame events from foreign
addresses. Unfortunately this commit did not handle the case where the
interface's MAC address might be changed externally, which other
wpa_supplicant code already handled. This causes the driver to reject
any MLME event because the address from the event doesn't match the
stale address in the driver data.
Changing an interface's MAC address requires that the interface be
down, the change made, and then the interface brought back up. This
triggers an RTM_NEWLINK event which driver_nl80211.c can use to
re-read the MAC address of the interface.
Signed-hostap: Dan Williams <dcbw@redhat.com>
Jouni Malinen [Sat, 4 Oct 2014 13:20:38 +0000 (16:20 +0300)]
nl80211: Add get_bss_ifindex() helper
This can be used to fetch a BSS entry based on interface index.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 3 Oct 2014 19:50:21 +0000 (22:50 +0300)]
P2P: Use only the -m config for P2P management device
Previously, the case of non-netdev P2P management device ended up
pulling in both the main interface (e.g., wlan0) and P2P Device
interface (from command line -m argument) as configuration. Similarly,
the main interface ended up included both configuration files. This is
not really helpful for various use cases, e.g., when permanent P2P group
information is stored in the P2P Devince interface, but it gets
duplicated in the main station interface configuration.
Clean this up by changing the -m<file> argument to replace, not
concatenate, configuration information. In other words, the main station
interface will not read this configuration and the P2P Device interface
(non-netdev) does not read parameters from the station interface
configuration file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 3 Oct 2014 08:41:32 +0000 (11:41 +0300)]
Revert "tests: Skip ap_wpa2_tdls_concurrent_init on failure"
This reverts commit
bf700cc3d2431017e5911e4efb439c235b18ef5d. The
concurrent initialization test case is now expected to work again with
the STA entry added early enough to avoid the recently added mac80211
validation step failure.
Signed-off-by: Jouni Malinen <j@w1.fi>
Arik Nemtsov [Mon, 29 Sep 2014 18:47:54 +0000 (20:47 +0200)]
tests: Verify TDLS responder teardown in encrypted network
Older mac80211 implementations did not set the link identifier
appropriately, resulting in an incorrect teardown packet being sent the
peer. wpa_supplicant adds the FTE containing the MIC field calculated
using the correct link-identifier. This causes a MIC failure on the
other side and the teardown is discarded. Verify this case is fixed by
newer kernel and wpa_supplicant code.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Mon, 29 Sep 2014 18:47:53 +0000 (20:47 +0200)]
TDLS: Use WMM IE for propagating peer WMM capability
Relying on qos qosinfo is not enough, as it can be 0 for WMM enabled
peers that don't support U-APSD. Further, some peers don't even contain
this IE (Google Nexus 5), but do contain the WMM IE during setup.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Mon, 29 Sep 2014 18:47:52 +0000 (20:47 +0200)]
TDLS: Fix concurrent setup test for mac80211 drivers
A recent mac80211 patch ("8f02e6b mac80211: make sure TDLS peer STA
exists during setup") forces the TDLS STA to exist before sending any
mgmt packets. Add the STA before sending a concurrent-setup test packet.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Mon, 29 Sep 2014 18:47:51 +0000 (20:47 +0200)]
TDLS: Set the initiator during tdls_mgmt operations
Some drivers need to know the initiator of a TDLS connection in order
to generate a correct TDLS mgmt packet. It is used to determine
the link identifier IE. Pass this information to the driver.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Jouni Malinen [Fri, 3 Oct 2014 08:38:34 +0000 (11:38 +0300)]
Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-10-02.
Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan Peer [Wed, 1 Oct 2014 06:01:25 +0000 (08:01 +0200)]
nl80211: Fix compatibility with older version of libnl
Commit
97ed9a06df566357f0ebe57f8080f78726e78db6 ('nl80211: Remove bridge
FDB entry upon sta_remove()') used nl_sock and nl_socket_* functions
which are not compatible with older versions of libnl. Fix this.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni Malinen [Mon, 29 Sep 2014 16:58:26 +0000 (19:58 +0300)]
TDLS: Filter AID value properly for VHT peers
IEEE 802.11 standard sends AID in a field that is defined in a bit
strange way to set two MSBs to ones. That is not the real AID and those
extra bits need to be filtered from the value before passing this to the
driver.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 29 Sep 2014 20:25:43 +0000 (23:25 +0300)]
tests: Random MAC addresses while maintaining OUI
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Sep 2014 20:24:19 +0000 (23:24 +0300)]
Extend random MAC address support to allow OUI to be kept
mac_addr=2 and preassoc_mac_addr=2 parameters can now be used to
configure random MAC address to be generated by maintaining the OUI part
of the permanent MAC address (but with locally administered bit set to
1). Other than that, these values result in similar behavior with
mac_addr=1 and preassoc_mac_addr=1, respectively.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Sep 2014 20:23:11 +0000 (23:23 +0300)]
Add helper function for generating random MAC addresses with same OUI
random_mac_addr_keep_oui() is similar to random_mac_addr(), but it
maintains the OUI part of the source address.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Sep 2014 21:19:45 +0000 (00:19 +0300)]
tests: Update server and user certificates
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 24 Sep 2014 13:13:44 +0000 (16:13 +0300)]
tests: FDB entry addition/removal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Kyeyoon Park [Tue, 9 Sep 2014 22:38:03 +0000 (15:38 -0700)]
nl80211: Remove bridge FDB entry upon sta_remove()
The FDB entry removal ensures that the traffic destined for a
disassociated station's MAC address is no longer forwarded from the
bridge to the BSS.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Kyeyoon Park [Fri, 29 Aug 2014 18:59:55 +0000 (11:59 -0700)]
AP: hostapd_setup_bss() code clean-up
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Ahmad Masri [Thu, 25 Sep 2014 09:42:07 +0000 (12:42 +0300)]
P2P: Add support for 60 GHz social channel
Support 60 GHz band in P2P module by selecting random social channel
from all supported social channels in 2.4 GHz and 60 GHz bands.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Bojan Prtvar [Sat, 13 Sep 2014 16:24:04 +0000 (18:24 +0200)]
Extend STATUS command with frequency information
This makes 'wpa_cli status' command more versatile.
Signed-off-by: Bojan Prtvar <bojan.prtvar@rt-rk.com>
Philippe De Swert [Tue, 23 Sep 2014 07:08:30 +0000 (10:08 +0300)]
hostapd: Avoid dead code with P2P not enabled
In case P2P is not enabled the if (dev_addr) is always ignored as
dev_addr will be NULL. As this code is relevant only to P2P, it can be
moved to be the ifdef to avoid static analyzer warnings. (CID 72907)
Signed-off-by: Philippe De Swert <philippe.deswert@jollamobile.com>
Tomasz Bursztyka [Mon, 15 Sep 2014 05:04:31 +0000 (08:04 +0300)]
dbus: Add a global property to set or unset WFD IEs
This permits to set or unset the WiFi Display subelements from DBus, by
providing the full WFD specific IE frame.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Mon, 15 Sep 2014 05:04:30 +0000 (08:04 +0300)]
wifi_display: Add a utility function to set WFD subelements from IEs
This will be useful to update the WFD subelements from DBus.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Tomasz Bursztyka [Mon, 15 Sep 2014 05:04:29 +0000 (08:04 +0300)]
wifi_display: Add a utility function to get the sub-elements as IEs
This will be useful for DBus API to expose current WFD configuration.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Bernhard Walle [Tue, 16 Sep 2014 19:20:47 +0000 (21:20 +0200)]
util: Don't use "\e"
'\e' representing ESC (0x1b) is not C standard, it's an GNU extension.
https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes
Since the code also compiles on Windows with Microsoft compiler, we
should use '\033' instead.
Note: I didn't try to build the whole wpa_supplicant on Windows, so I
don't know if it still builds (I have no Visual Studio 2005 for a quick
test). I just needed the string conversion routines for the P"" syntax
in both directions.
Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
Jouni Malinen [Sun, 28 Sep 2014 15:56:06 +0000 (18:56 +0300)]
tests: P2P_PROV_DISC auto
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Sep 2014 15:44:24 +0000 (18:44 +0300)]
tests: P2P service discovery no protocol/match cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Sep 2014 15:09:53 +0000 (18:09 +0300)]
tests: Increase P2P persistent group with per-STA PSK coverage
Remove and re-start the persistent group manually to increase test
coverage to include the case of re-configuring the PSK list entries from
a stored persistent group.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Sep 2014 14:51:09 +0000 (17:51 +0300)]
tests: Make ap_hs20_random_mac_addr more robust
If the previuous test case used a non-RSN AP and that was left in
cfg80211 scan results, it was possible for ap_hs20_random_mac_addr to
pick that old AP from the previous test and reject to connect through
Hotspot 2.0 mechanisms. Work around this test issue by requesting new
set of scan result at the beginning of the test.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Sep 2014 08:03:21 +0000 (11:03 +0300)]
tests: WPS while connected
Signed-off-by: Jouni Malinen <j@w1.fi>
Stefan Lippers-Hollmann [Tue, 16 Sep 2014 23:22:06 +0000 (01:22 +0200)]
ap_config.c: fix typo for "capabilities"
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Jouni Malinen [Sat, 27 Sep 2014 19:41:28 +0000 (22:41 +0300)]
WPS: Fix WPS-in-search check when STA_AUTOCONNECT is disabled
If "STA_AUTOCONNECT 0" has been used to disable automatic connection on
disconnection event and the driver indicates multiple disconnection
events for the disconnection from the current AP when WPS is started, it
could have been possible to hit a case where wpa_s->disconnected was set
to 1 during WPS processing and the following scan result processing
would stop the operation.
wpa_s->key_mgmt == WPA_KEY_MGMT_WPS check was trying to avoid to skip
autoconnect when WPS was in use, but that does not seem to work anymore.
Fix this by checking through wpas_wps_searching() as well to avoid
setting wpa_s->disconnect = 1 when there is an ongoing WPS operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Eduardo Abinader [Sat, 20 Sep 2014 20:51:01 +0000 (16:51 -0400)]
P2P: Remove unecessary sanity check for global p2p
This check is already being done on wpas_p2p_deinit_iface.
Of course, it is assumed wpa_s is not deinit when reaches
that point as a matter of fact.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Eduardo Abinader [Sat, 20 Sep 2014 20:51:00 +0000 (16:51 -0400)]
P2P: Flush services based on global p2p init and not p2p ifaces
As P2P service are not necessarily attached to a iface, when
added, proceed with same approach on p2p global deinit. Such
approach solves memory leaks ocurring upon wpa_supplicant
termination, when p2p services were registered previously.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Constantin Musca [Mon, 22 Sep 2014 12:00:37 +0000 (15:00 +0300)]
P2P: Decrement sd_pending_bcast_queries when sd returns success
The sd_pending_bcast_queries variable should be decremented only
in case of success. This way, the supplicant can retry if a service
discovery request fails.
Signed-off-by: Constantin Musca <constantin.musca@intel.com>
Janusz Dziedzic [Fri, 26 Sep 2014 18:21:25 +0000 (20:21 +0200)]
nl80211: Fix memory leak on start radar detection error path
Free nlmsg if failing to start radar detection.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Janusz Dziedzic [Fri, 26 Sep 2014 18:21:24 +0000 (20:21 +0200)]
hostap: nl80211 use nl80211_put_freq_params
Use nl80211_put_freq_params when it possible. Remove
duplicated code.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Jouni Malinen [Sat, 27 Sep 2014 16:12:32 +0000 (19:12 +0300)]
tests: Random MAC address use
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 16:12:41 +0000 (19:12 +0300)]
Add support for using random local MAC address
This adds experimental support for wpa_supplicant to assign random local
MAC addresses for both pre-association cases (scan, GAS/ANQP) and for
connections. MAC address policy for each part can be controlled
separately and the connection part can be set per network block.
This requires support from the driver to allow local MAC address to be
changed if random address policy is enabled. It should also be noted
that number of drivers would not support concurrent operations (e.g.,
P2P and station association) with random addresses in use for one or
both.
This functionality can be controlled with the global configuration
parameters mac_addr and preassoc_mac_addr which set the default MAC
address policies for connections and pre-association operations (scan
and GAS/ANQP while not connected). The global rand_addr_lifetime
parameter can be used to set the lifetime of a random MAC address in
seconds (default: 60 seconds). This is used to avoid unnecessarily
frequent MAC address changes since those are likely to result in driver
clearing most of its state. It should be noted that the random MAC
address does not expire during an ESS connection, i.e., this lifetime is
only for the case where the device is disconnected.
The mac_addr parameter can also be set in the network blocks to define
different behavior per network. For example, the global mac_addr=1 and
preassoc_mac_addr=1 settings and mac_addr=0 in a home network profile
would result in behavior where all scanning is performed using a random
MAC address while connections to new networks (e.g.,
Interworking/Hotspot 2.0) would use random address and connections to
the home network would use the permanent MAC address.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 16:12:02 +0000 (19:12 +0300)]
Add helper function for generating random MAC addresses
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 16:11:24 +0000 (19:11 +0300)]
nl80211: Add command for changing local MAC address
This can be used to allow wpa_supplicant to control local MAC address
for connections.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 13:17:17 +0000 (16:17 +0300)]
tests: Make ap_wps_er_add_enrollee more robust under load
The scan for WPS-AUTH validation may miss a Probe Response frame if the
hostapd process gets blocked under load, e.g., when testing with
parallel-vm.sh.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 10:44:03 +0000 (13:44 +0300)]
P2P: Set timeout when starting GO Negotiation from Probe Req RX
It was possible for the p2p_go_neg_start timeout handler to get called
when there was a pending timeout from an earlier GO Negotiation start.
This could result in that old timeout expiring too early for the newly
started GO Negotiation to complete. Avoid such issues by setting a
sufficiently long timeout here just before triggering the new GO
Negotiation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 10:15:47 +0000 (13:15 +0300)]
P2P: Clear pending_listen_freq when starting GO Neg/Invite
Previously, it was possible for the p2p->pending_listen_freq to be left
at non-zero value if Probe Request frame was received from a peer with
which we were waiting to start GO Negotiation/Invite process. That could
result in the following Listen operation getting blocked in some
operation sequences if the peer did not acknowledge the following P2P
Public Action frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 09:53:17 +0000 (12:53 +0300)]
nl80211: Ignore auth/assoc events when testing driver-SME
Previously, extra connect/roam events were ignored when user space SME
was used to avoid confusing double events for association. However,
there was no matching code for ignoring auth/assoc events when using
driver SME. Such events would not normally show up since the driver SME
case would not generated them. However, when testing forced connect
command with force_connect_cmd=1 driver param, these events are
indicated.
Ignore the extra events in testing cases to make the hwsim test cases
match more closely the real code path for driver SME. In addition, this
resolves some test case failures where double association event could
end up causing a failure, e.g., when doing PMKSA caching in
pmksa_cache_oppurtunistic_connect.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 09:16:06 +0000 (12:16 +0300)]
tests: Fix autogo_bridge to clear autoscan setting
Previously, periodic autoscan could have been left running and that
could result in the following test cases failing in some cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 09:08:21 +0000 (12:08 +0300)]
tests: Make ap_hs20 test cases more robust
Some of the test cases where using INTERWORKING_SELECT internally
without using scan_for_bss like the helper functions did. Add explicit
scan_for_bss calls to make the test cases less likely to fail due to
missing BSSes in scan results. This could cause false failure reports
when runnign under heavy load with parallel-vm.sh.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 13:11:28 +0000 (16:11 +0300)]
tests: Use TYPE=ONLY scan for scan_for_bss
This avoids unexpected connection attempts in cases a matching network
is enabled and there is no existing connection (e.g., when testing with
ENABLE_NETWORK no-connect option).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 08:30:56 +0000 (11:30 +0300)]
tests: Skip ap_wpa2_tdls_concurrent_init on failure
A mac80211 TDLS validation change ended up breaking test functionality
that was needed for this test case. Instead of reporting this known
issue as a FAIL every time, mark the test as SKIP since the issues is
known and there are no plans of "fixing" it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 27 Sep 2014 07:50:19 +0000 (10:50 +0300)]
tests: PMKSA_FLUSH
Signed-off-by: Jouni Malinen <j@w1.fi>
Ahmad Kholaif [Fri, 26 Sep 2014 17:20:21 +0000 (10:20 -0700)]
Add PMKSA_FLUSH ctrl_iface command
"PMKSA_FLUSH" can now be used to flush PMKSA cache entries over the
control interface.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 26 Sep 2014 12:41:55 +0000 (15:41 +0300)]
wpa_cli: Support action scripts with global ctrl_iface
This extends "wpa_cli -a<action script>" functionality to work with the
global wpa_supplicant control interface. The IFNAME=<ifname> prefix is
removed from the event messages and converted to the control interface
name when present. Previously, action scripts could only be used with
the per-interface control interfaces.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 26 Sep 2014 12:26:43 +0000 (15:26 +0300)]
wpa_cli: Increase event buffer size to 4096 bytes
Number of other buffers were already increased to this size, but the
buffer used for receiving unsolicited event messages from wpa_supplicant
(e.g., for wpa_cli action scripts) was still at the older 256 byte size.
This could result in some events getting truncated. Avoid this by using
the same 4096 byte buffer size here as in the other places receiving
messages from wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 26 Sep 2014 12:23:00 +0000 (15:23 +0300)]
wpa_cli: Fix PING in interactive mode with ifname_prefix
The ifname_prefix string could change during line editing and the
periodic PING command running in the background ended up getting the
latest snapshot of the command line due to the pointer being left to
point to the edit buffer. This resulted in unexpected prefix strings
getting used with the periodic PING command. Fix this by temporarily
clearing the ifname_prefix whenever running such a periodic PING.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Mon, 22 Sep 2014 09:06:01 +0000 (14:36 +0530)]
Check for driver's DFS offload capability before handling DFS
This fixes couple of code paths where the WPA_DRIVER_FLAGS_DFS_OFFLOAD
flag was not checked properly and unexpected DFS operations were
initiated (and failed) in case the driver handles all these steps.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 18 Aug 2014 18:04:56 +0000 (11:04 -0700)]
STA: Update scan results for ap_scan=1 skip-selection case also
The commit
5cd4740580350371d77618ac037deef90b48d339 has rearranged the
update scan results code and hence the IEs were not getting updated
properly for ap_scan=1 case. This can result in a 4-way handshake
failure in the roaming case (IE mismatch in 3/4 EAPOL). Fix this by
updating the scan results even if ap_scan=1 is used and network does not
need to get reselected based on association information.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
Dan Williams [Wed, 10 Sep 2014 17:34:56 +0000 (12:34 -0500)]
dbus: Add SignalPoll() method to report current signal properties
Analogous to the control interface's SIGNAL_POLL request.
Signed-hostap: Dan Williams <dcbw@redhat.com>
vandwalle [Thu, 11 Sep 2014 18:40:14 +0000 (11:40 -0700)]
Android: Add NO_EVENTS parameter to status command
It also allows to use the STATUS command with default behavior,
say for debug, i.e., don't generate a "fake" CONNECTION and
SUPPLICANT_STATE_CHANGE events with the new STATUS-NO_EVENTS case.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Sat, 13 Sep 2014 13:27:52 +0000 (16:27 +0300)]
P2P: Check os_get_random() return value more consistently
In theory, this call could fail, so check the return value before using
the received data. These specific cases would not really care much about
the failures, but this keeps the code more consistent and keeps static
analyzer warnings more useful. (CID 72678, CID 72679, CID 72680,
CID 72683, CID 72689, CID 72698, CID 72703)
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 13 Sep 2014 13:22:16 +0000 (16:22 +0300)]
RADIUS server: Remove unreachable code
The previous break will already stop the loop, so this unnecessary check
can be removed (CID 72708).
Signed-off-by: Jouni Malinen <j@w1.fi>
Darshan Paranji Sri [Fri, 12 Sep 2014 15:46:56 +0000 (18:46 +0300)]
FT: Fix hostapd with driver-based SME to authorize the STA
The driver-based SME case did not set STA flags properly to the kernel
in the way that hostapd-SME did in ieee802_11.c. This resulted in the FT
protocol case not marking the STA entry authorized. Fix that by handling
the special WLAN_AUTH_FT case in hostapd_notif_assoc() and also add the
forgotten hostapd_set_sta_flags() call to synchronize these flag to the
driver.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 11 Sep 2014 12:56:37 +0000 (15:56 +0300)]
tests: Roaming policy change with the bssid parameter
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>