path: root/wpa_supplicant
Commit message (Collapse)AuthorAgeFilesLines
* Use LDFLAGS in all linker commandsBjarke Istrup Pedersen2010-02-081-6/+6
| | | | | | When building hostapd and wpa_supplicant, the build system does not respect the LDFLAGS selected in the environment in some cases. [Bug 311] (cherry picked from commit 466940c55e101fd9d8c4b813361d2d90c11006ee)
* Preparations for 0.6.10 releasehostap_0_6_10Jouni Malinen2010-01-121-1/+13
* Fix init2() driver_ops to get the correct global driver contextJouni Malinen2010-01-092-3/+7
| | | | | | | Need to provide the private driver context, not the wpa_supplicant global context, in init2() call. (this is a backported version of 8a5ab9f5e56cd2f5781c2d92f41495e60d544780 and d8222ae38c3be3fba794462d11fed8b57590c7f5)
* WPS: Clear SSID selection if more than one BSSID match is foundJouni Malinen2010-01-091-2/+15
| | | | | | | Need to use wildcard SSID matching for WPS connection if the same BSSID occurs multiple time in scan results since any of the SSIDs may be used. (cherry picked from commit f7e54365022cd30de16e32d4a88e085861243881)
* Fix wpa_priv memory leak in wpa_priv_get_scan_results2()Dmitry Shmidt2010-01-091-2/+2
| | | | | | I suspect that new scan results format demands more complex free procedure. (cherry picked from commit 4e2225a52026163ba5ed5eb03617dccd1ca444cf)
* Add cleared deprecation notes on iwl,ndiswrapper,madwifi(sta) wrappersJouni Malinen2010-01-092-2/+5
| | | | | | | These driver wrappers should not be used anymore; WEXT should be used instead. However, there may still be users stuck on older kernel versions that may require driver specific wrappers, so the source code still remains in the repository.
* Getting back to DISCONNECTED afer SCANNINGSamuel Ortiz2010-01-092-3/+9
| | | | | | | | | | | After transitioning from DISCONNECTED to SCANNING, we never go back to DISCONNECTED even though scanning is done or failed. We're thus stuck in SCANNING while scanning is actually done. (cherry picked from commit 3180d7a2088fdd429c2eb9ae74abfa96e6a9b9b0) Conflicts: wpa_supplicant/events.c
* Do not schedule a new scan if no networks are enabledSam Leffler2010-01-093-11/+25
| | | | | | | | | | This avoids an extra timeout to move to INACTIVE state. (cherry picked from commit 4f34d51abe432b615629dff6f4654c9344289677) Conflicts: wpa_supplicant/events.c wpa_supplicant/scan.c
* Reset EAPOL pointer when handling DBus smartcard parametersDavid Smith2010-01-091-0/+4
| | | | | | | | | | | | | Smartcard parameter update via DBus ended up re-initializing the EAPOL state machine without updating the pointer inside WPA state machine. This can trigger a segfault when EAP layer attempts to use the old reference. Fix this by re-initializing the pointer inside WPA state machine. (cherry picked from commit d7199342f0633b5ab147dca5b885530fe32ceaeb) Conflicts: wpa_supplicant/ctrl_iface_dbus_handlers.c
* wpa_supplicant: add DBus method for changing debug parametersHelmut Schaa2010-01-093-0/+54
| | | | | | | | | | | | | | | | Add a new DBus method "setDebugParams" which takes the parameters debug_level, debug_timestamp and show_keys as input and updates the internal debug variables accordingly. To change the debug level, enable/disable timestamps and enable/disable show_keys the following dbus-send command can be used: dbus-send --system --dest=fi.epitest.hostap.WPASupplicant --print-reply /fi/epitest/hostap/WPASupplicant fi.epitest.hostap.WPASupplicant.setDebugParams int32:0 boolean:false boolean:false Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com> (cherry picked from commit 01a569e8a131cc6150210036ae171b8bfd418a3f)
* WPS: Add PBC overlap and timeout events from WPS moduleOleg Kravtsov2009-11-251-0/+4
| | | | | | | This provides information about PBC mode result from the WPS Registrar module. This could be used, e.g., to provide a user notification on the AP UI on PBC failures. (cherry picked from commit 63330c68321cdf275193048236fa5e4051180447)
* Allow CONFIG_DEBUG_SYSLOG=y to be usedSam Leffler2009-11-251-0/+4
| | | | | | Instead of having to add the syslog define manually into CFLAGS, CONFIG_DEBUG_SYSLOG=y can now be used in .config. (cherry picked from commit cca8773165fae7f3b88d528232b47b7ad10a32e5)
* dbus: add 'scanning' propertyDan Williams2009-11-258-0/+115
| | | | | | | | | | | | | When the supplicant is connected and performs a scan, it doesn't enter WPA_SCANNING state for various reasons. However, external programs still need to know that the supplicant is scanning since they may not wish to perform certain operations during a scan (as those operations will likely fail or yield incorrect results). Add a 'scanning' property and signal to the supplicant dbus interface to allow clients to synchronize better with the supplicant when it scans. Signed-off-by: Dan Williams <dcbw@redhat.com> (cherry picked from commit cb8564b1ddf2738fa26a80523078749bb7a55c5f)
* wpa_gui: Only move to WPS tab if inactive/disconnect and AP readyJouni Malinen2009-11-221-3/+6
| | | | | | | | | This removes many of the cases where moving to the WPS tab can be undesired. It is really only useful if we are not currently connected and there is an AP available that would likely be able to provide us network connectivity with use of WPS (active PBC more or selected registrar set). (cherry picked from commit 19019a84a24fd3f1f49ca3296fa24626b403a607)
* wpa_supplicant: Fix ctrl_interface group permissions to allow read/executeAnders Aspegren Søndergaard2009-11-221-0/+8
| | | | | | | | | When using umask 0077, the control interface directory was left without group read/execute permissions even if the configuration file explicitly asked for the group to be allowed to access the control interface. Fix this by adding read/execute permissions for group if a specific group is defined in the configuration. [Bug 199] (cherry picked from commit 3fd2a226f9dfb1ff5016e4f2809174f4ae8f33eb)
* wpa_gui-qt4: Fix build with Session Manager disabled in Qt4Christian Rüb2009-11-223-0/+10
| | | | | | | | | | | | | | When trying to build wpa_gui (Qt4 version) from openembedded it fails because Qt4 is compiled without session manager and thus wpa_gui fails to compile. I attached a patch, that enables compiling without Session Manager (via preprocessor) if it is not compiled into Qt4; otherwise, it behaves as it does right now. I checked to build on my host (Debian unstable, Session Manager enabled) and openembedded (Session Manager disabled). (cherry picked from commit 1545457e04cfd625c1c9439e62a6a3b5fb1cf15c)
* Remove a note about other repositories of wpa_supplicantJouni Malinen2009-11-221-3/+3
| | | | (cherry picked from commit 4bb4ae0ae0433a8992ee33a801cfeb0c945cce6c)
* Add wpa_msg_ctrl() for ctrl_interface-only messagesJouni Malinen2009-11-221-1/+2
| | | | | | | | | | | | This is like wpa_msg(), but the output is directed only to ctrl_interface listeners. In other words, the output will not be shown on stdout or in syslog. Change scan result reporting to use wpa_msg_ctrl() for CTRL-EVENT-SCAN-RESULTS message at info level and wpa_printf() at debug level to avoid showing scan result events in syslog in the common configuration used with NetworkManager. (cherry picked from commit 69856fadf77e680d01cac09da37e6bb3643ca427)
* Stub out the dbus function w/o CONFIG_WPS to fix buildSam Leffler2009-11-221-0/+5
| | | | (cherry picked from commit 2d8fe38109e63532ff7b8a50396ceb458273ba55)
* Remove wpa_priv on 'make clean'Jouni Malinen2009-11-221-0/+1
| | | | (cherry picked from commit 385f16c6114500e9a2287058f99f6c3da3e949ad)
* Skip networks without known SSID when selecting the BSSJouni Malinen2009-11-221-0/+10
| | | | | | | | | | | | Previously, APs that were hiding SSID (zero-length SSID IE in Beacon frames) could have been selected when wildcard SSID matching was used. This would result in failed association attempt since the client does not know the correct SSID. This can slow down WPS which is often using wildcard SSID matching. Ignore BSSes without known SSID in the scan results when selecting which BSS to use. (cherry picked from commit e81634cd1802e14b061c6c3672529a862ba19189)
* MFP: Clear IGTKMasashi Honma2009-11-221-0/+4
| | | | | | | | The fourth and fifth keys are used as IGTK for management frame protection. This patch clears these keys. I have tested with linux kernel (cherry picked from commit 0e27f655f1275a98a0081f4d41f551af254ad38f)
* Include only the used DH groups in the buildJouni Malinen2009-11-221-0/+4
| | | | | | This reduces the binary size by 3 kB or so when WPS is included in the build, but IKEv2 is not. (cherry picked from commit dd01b1ff9d8a19c1e1b7e40d6df7d838d2ac34bb)
* WPS: Fix CONFIG_WPS=y compilation of wpa_supplicantMasashi Honma2009-11-221-0/+1
| | | | | | The wpa_supplicant compilation failed with CONFIG_WPS=y option if CONFIG_CLIENT_MLME and CONFIG_IEEE80211R are not used. (cherry picked from commit f1b0de09d96dafd229c615e8114ca83d1af3b380)
* Remove extra whitespaceWitold Sowa2009-11-223-4/+3
| | | | (cherry picked from commit 1bd3f426d3cc421e8cc635599fcc94cf070e1efb)
* Delay processing of EAPOL frames when not associatedJouni Malinen2009-11-223-0/+47
| | | | | | | | | | | | If an EAPOL frame is received while wpa_supplicant thinks the driver is not associated, queue the frame for processing at the moment when the association event is received. This is a workaround to a race condition in receiving data frames and management events from the kernel. The pending EAPOL frame will not be processed unless an association event is received within 100 msec for the same BSSID. (cherry picked from commit 1ff733383f3d5c73233ef452a738765667021609)
* WPS: Workaround mixed-mode WPA+WPA2 auth type in credentialsJouni Malinen2009-11-221-7/+15
| | | | | | | | An SMC router was reported to use 0x22 (WPAPSK + WPA2PSK) in the authentication type of the provisioned credential and wpa_supplicant rejected this as invalid. Work around this by replacing WPAPSK + WPA2PSK with WPA2PSK. (cherry picked from commit 49eba5f82fcf05f90aad369744a6f8e669bd3311)
* CONFIG_WIRELESS_EXTENSION need not be in CFLAGSJohannes Berg2009-11-221-1/+0
| | | | (cherry picked from commit 602606091b62a64017f91b33b0527a4948a21a71)
* CONFIG_WIRELESS_EXTENSION is purely internal to the MakefileJohannes Berg2009-11-222-5/+1
| | | | (cherry picked from commit 91382de4d12c341183170bc98dcc991b6939c682)
* make the build process quieter to see warningsJohannes Berg2009-11-221-0/+10
| | | | (cherry picked from commit b2840aafaf4dd5c7dd476e2d03944782edb20541)
* Clean up some more binaries in wpa_supplicant 'make clean'Johannes Berg2009-11-221-1/+1
| | | | (cherry picked from commit 8055fb781d7d1f08c944fc894309c75b819f46de)
* WPS: Change wpa_supplicant wps_reg to not send out M8Jouni Malinen2009-11-221-1/+6
| | | | | | | | | | | Since we do not currently support changing the AP settings received from M7, there is no point in actually sending out the M8 that would likely trigger the AP to reconfigure itself and potentially reboot. For now, we just receive the AP settings in M7 and add a local network configuration block based on those, but NACK the message. This makes wps_reg work like wps_pin, but by using the AP PIN instead of a client PIN. (cherry picked from commit 4625a47f4bb722710a5e622085ccd2b32ebaf6c9)
* Fix MLME build after WMM renamesJouni Malinen2009-11-221-17/+17
| | | | (cherry picked from commit 77ac446621c5d64b306df4e90a848086a7bf0aed)
* Disconnect if 4-way handshake processing failsJouni Malinen2009-04-201-2/+2
| | | | | | | | There is no point in trying to continue if a 4-way handshake frame is discarded or if PTK/GTK/IGTK configuration fails. Force the client to disconnect in such a case to avoid confusing user by claiming the connection was successfully completed. (cherry picked from commit 83935317a78fb4157eb6e5134527b9311dbf7b8c)
* Make deauthentication and disassociation consistentJouni Malinen2009-04-201-3/+1
| | | | | | This fixes an issue where the station was not marked disassociated properly with locally requested deauthentication. (cherry picked from commit c3dc92e85f7bc5823102e70ecff1d3402d79139b)
* Fix SHA-256-based KDF when using CCMP as the pairwise cipherJouni Malinen2009-04-201-0/+5
| | | | | | | | | | | | | | | | | IEEE 802.11r KDF uses key length in the derivation and as such, the PTK length must be specified correctly. The previous version was deriving using 512-bit PTK regardless of the negotiated cipher suite; this works for TKIP, but not for CCMP. Update the code to use proper PTK length based on the pairwise cipher. This fixed PTK derivation for both IEEE 802.11r and IEEE 802.11w (when using AKMP that specifies SHA-256-based key derivation). The fixed version does not interoperate with the previous versions. [Bug 307] (cherry picked from commit c0a6190815ce37450fc348d4d09b2a0153478fc0) Conflicts: wpa_supplicant/ChangeLog
* WPS: Fix local configuration update after AP configurationJouni Malinen2009-04-201-0/+10
| | | | | | | | Update credential to only include a single authentication and encryption type in case the AP configuration includes more than one option. Without this, the credential would be rejected if the AP was configured to allow more than one authentication type. (cherry picked from commit 73267b9ca433288c207c4e06a938eaa326c8672a)
* Preparation for 0.6.9 releasehostap_0_6_9Jouni Malinen2009-03-231-1/+1
* Fix UNIX domain socket address handling to be more portableSam Leffler2009-03-221-6/+18
| | | | | | | Removing just sun_family is not portable since some systems (e.g., FreeBSD) include an additional sun_len field. Using offsetof should be portable. In addition, set sun_ken for FreeBSD. (cherry picked from commit 19b9436c0efe7036d94444e34e27523485c1e314)
* Fix FreeBSD build by not adding -ldlJouni Malinen2009-03-221-0/+2
| | | | | Unlike Linux, FreeBSD does not use libdl. (cherry picked from commit 7d737d6bf92b75d8c0a6e52c04115dd8e730c22b)
* Fix IEEE 802.11r key derivation function to match with the standardJouni Malinen2009-03-221-0/+2
| | | | | | | | | | IEEE Std 802.11r-2008, starts the 'i' counter from 1, not 0. Note: this breaks interoperability with previous versions. [Bug 303] (cherry picked from commit 4cb0dcd92d560674865a951010bed5054f3fd26c) Conflicts: wpa_supplicant/ChangeLog
* Detach ctrl_iface monitor if the client socket is removedJouni Malinen2009-03-221-2/+5
| | | | | | No need to wait for 10 errors when using UNIX domain socket; we can detach the client immediately on ENOENT. (cherry picked from commit c5aaa015627daa1e9fba7065e07294f952b295cf)
* Fixed eapol_test build after RADIUS API changes (const)Jouni Malinen2009-03-111-2/+3
| | | | (cherry picked from commit 8383da80092659295af9e8a69bb4276ebbbb0aa7)
* Fix EAP-FAST only build to include the needed EAPOL implementationJouni Malinen2009-03-111-0/+1
| | | | (cherry picked from commit 58d1f6d189bea3ccb7af8a19c1bbc191cfbabfbd)
* driver_ndis: Add PAE group address to the multicast addressJouni Malinen2009-03-111-0/+4
| | | | | | | | | | | | | | | | This is done with wired interfaces to fix IEEE 802.1X authentication when the authenticator uses the group address (which should be happening with wired Ethernet authentication). This allows wpa_supplicant to complete wired authentication successfully on Vista with a NDIS 6 driver, but the change is likely needed for Windows XP, too. (cherry picked from commit c472ef754d81792959f8d678a71b6f49a5856c2e) Conflicts: src/drivers/driver_ndis.c wpa_supplicant/ChangeLog
* WPS: Add a workaround for TKIP/CCMP mixed mode credentialsJouni Malinen2009-03-111-0/+99
| | | | | | | | | | | | | Many deployed APs do not handle negotiation of security parameters well when both TKIP and CCMP (or both WPA and WPA2) are enabled. The most common end result seems to be ending up with the least secure option.. As a workaround, check whether the AP advertises WPA2/CCMP in Beacon frames and add those options for the credential if needed. This allows the client to select the most secure configuration regardless of how broken the AP's WPS implementation is as far as auth/encr type negotiation is concerned. (cherry picked from commit 7cc1b6c900d79e6051116f4aed55b84d404c49f1)
* Fix builds that need SHA256 or mod_exp, but not TLS functionsJouni Malinen2009-03-111-13/+14
| | | | (cherry picked from commit 049a292f8958e18bbf5ce95f6e9c0361c8a3aea3)
* WPS: Fix WEP key index to use 1..4 instead of 0..3Andriy Tkachuk2009-02-271-3/+4
| | | | | | | It seems that WFA WPS spec says that default key index should be 1 (not 0). I think this meas that WEP key indexes region is not from 0 to 3, but from 1 to 4 in WPS. At least WRT610N implemented it this way. (cherry picked from commit 522b5b6ed344ae40755f2d4e42fdc0409371884f)
* WPS: support WEP keys in hex characters format in received credentialsAndriy Tkachuk2009-02-271-5/+28
| | | | | | Attached patch makes wpa_supplicant support WEP keys in hex characters format in received credentials from Registrars (tested with WRT610N). (cherry picked from commit 4b195a1bc9750bbe58c73a9661a74317ce2c18b2)
* WPS: support registration with APs in WEP security modeAndriy Tkachuk2009-02-271-0/+5
| | | | | | Attached patch fixes the issue when supplicant does not select APs in WEP security mode for WPS registration. (cherry picked from commit 0632542b8b640d04780af6ca4c154f520d8214d5)