Commit message (Collapse)AuthorAgeFilesLines
* doc: Update version to 2.5Jouni Malinen2015-09-271-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Change version information for the 2.5 releasehostap_2_5Jouni Malinen2015-09-271-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Add ChangeLog entries for v2.5Jouni Malinen2015-09-272-0/+99
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Add test for hostapd cli orderingJohannes Berg2015-09-271-0/+31
| | | | | | | | | | When the 'SET wpa 2' command is executed last, it seems to somehow reset parts of the settings, causing hostapd to beacon with the pairwise cipher suite selector set to 00-0F-AC:0 (none/use-group). This is not permitted and should be rejected; wpa_supplicant also cannot connect. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* Do not clear RSN parameters before full configurationJouni Malinen2015-09-271-4/+5
| | | | | | | | | | This fixes an issue where hostapd SET command is used to configure RSN parameters and the wpa parameter is sent after the other parameters. Previously, the default case here ended up clearing rsn_pairwise and wpa_pairwise values and once wpa=2 was finally set, the cipher configuration had already been lost. Signed-off-by: Jouni Malinen <j@w1.fi>
* D-Bus: Add InvitationReceived SignalManeesh Jain2015-09-277-1/+112
| | | | | | | | This is equivalent to the P2P_EVENT_INVITATION_RECEIVED signal on the control interface. It can be used to sent the Invitation Received signal to applications written using D-Bus. Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
* D-Bus: Add Signal to notify WPS PBC Overlap eventSaurav Babu2015-09-273-0/+18
| | | | Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
* D-Bus: Add signal to notify WPS timeout eventSaurav Babu2015-09-273-1/+17
| | | | Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
* wpa_supplicant: Fix channel switch notification with VHTAndrei Otcheretianski2015-09-251-1/+2
| | | | | | | Fix a bug in wpas_ap_ch_switch() function, which didn't pass VHT frequencies correctly to hostapd_event_ch_switch(). Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* Update wpa_s->current_ssid->frequency on CS eventAndrei Otcheretianski2015-09-251-0/+2
| | | | | | Update wpa_s->current_ssid->frequency when EVENT_CH_SWITCH is received. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* P2P: Fix the calculation of group common freqsIlan Peer2015-09-251-0/+10
| | | | | | | Previously, the calculation allowed for the same frequency to appear several times in the result. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* Fix get_shared_radio_freqs_data() used-by flags settingAndrei Otcheretianski2015-09-251-1/+1
| | | | | | | | Fix an iteration bug in get_shared_radio_freqs_data when building freqs_data array. Only the last used-by flag was maintained instead of making this a bitfield of all found uses. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* mesh: Add support for scanning only the current frequencyMasashi Honma2015-09-251-1/+2
| | | | | | This patch enables scan_cur_freq=1 on VIF based mesh network. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* D-BUS: dev_passwd_id should be "q" because it uses DBUS_TYPE_UINT16Nishant Chaprana2015-09-252-2/+2
| | | | | | | | This corrects the type of dev_passwd_id in GONegotiationRequest event. This field is packed as DBUS_TYPE_UINT16 but in wpas_dbus_interface_signals it was "i" which is DBUS_TYPE_INT32. Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
* Fix EAP-EKE peer build rulesJouni Malinen2015-09-252-0/+2
| | | | | | NEED_AES_CBC is needed for EAP-EKE builds. Signed-off-by: Jouni Malinen <j@w1.fi>
* Linker changes for building eapol_test on OS XAlan T. DeKok2015-09-253-1/+9
| | | | Signed-off-by: Alan DeKok <aland@freeradius.org>
* Portability fixes for OS XAlan T. DeKok2015-09-251-1/+36
| | | | | | Fix os_get_reltime() and os_fdatasync() for OS X. Signed-off-by: Alan DeKok <aland@freeradius.org>
* Android: Set ctrl_iface client socket group (AID_WIFI) separatelyAmarnath Hullur Subramanyam2015-09-241-0/+2
| | | | | | | | | | Split chown() call in wpa_ctrl_open() and wpa_ctrl_open2() to allow the group id to be set even if the process does not have privileges to change the owner. This is needed for modules that need to communicate with wpa_supplicant since without the group change, wpa_supplicant may not have privileges to send the response to a control interface command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Avoid same per-iface and global ctrl socketSunil Dutt2015-09-241-0/+47
| | | | | | | | | | | | | | | | | | Android platform assigns the same socket id if the socket identifier in conf->ctrl_interface and global->params.ctrl_interface (parameter for android_get_control_socket) point to the same Android specific control socket. This ends up having two eloop socket handlers registered for the same file descriptor and thus, two attempt to receive and process each command. This can result in unexpected failure, e.g., the prefix IFNAME= for any command is valid for global socket handler, but results in UNKNOWN COMMAND response from the per-interface ctrl socket handler). Since it might be possible to end up with this type of invalid configuration in OTA upgrade, compare the socket identifiers and do not open the ctrl socket on the respective interface if both point to same. This allows the Wi-Fi framework to use the global control interface. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Do not copy STA VHT capabilities if VHT is not enabled for APAshok Raj Nagarajan2015-09-231-6/+8
| | | | | | | | | | | Previously, station's VHT information elements were copied and passed regardless of the AP's VHT configuration. As a result, AP with VHT disabled in configuration could have ended up transmitting packets in VHT rates though AP is not advertising VHT support. Fix this by copying the station's VHT capabilities only when AP supports VHT (both hardware and configuration). Signed-off-by: Ashok Raj Nagarajan <arnagara@qti.qualcomm.com>
* tests: WPA2-Enterprise interactive identity entry and ENABLE_NETWORKJouni Malinen2015-09-221-0/+30
| | | | | | | | This verifies that ENABLE_NETWORK does not trigger reconnection if already connected. The previous commit fixed a case where it was possible for that to happen. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Avoid reconnection on ENABLE_NETWORK if already connectedJouni Malinen2015-09-221-1/+4
| | | | | | | | | | | | | | | This was already the case for most command sequences, but it was possible for wpa_s->reassociate to be set to 1 when CTRL-RSP-* commands were used to set identity, password, or passphrase for EAP authentication. In such cases, ENABLE_NETWORK issued after the connection was completed could result in a new connection attempt (likely reconnection back to the same BSS). Fix this by checking whether an actual connection is already present even if wpa_s->reassociate is set when processing the ENABLE_NETWORK command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Update AP WPA/RSN IE on all associations if driver can select BSSSunil Dutt2015-09-171-6/+8
| | | | | | | | | | | | | | | | | | | | It is possible for driver-based BSS selection to end up reassociating back to the current AP. If wpa_supplicant preferred another BSS, it would have updated the internal knowledge of the AP's WPA/RSN IE when requesting a new connection. In the special case of existing association and new association being with the same BSS that is different from the wpa_supplicant preference, association event processing skipped the WPA/RSN IE update. This could result in the following 4-way handshake getting rejected due to incorrectly detected mismatch with AP's RSN/WPA IE between Beacon/Probe Response frame and EAPOL-Key msg 3/4. Fix this by updating the AP WPA/RSN IE on all association events when driver-based BSS selection is used regardless of whether the BSSID changes. This could also cover a theoretical case of the AP changing its RSN/WPA IE at the very moment we try to reassociate back to the same BSS. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Drop some control interface debug print verbosity for send operationsJouni Malinen2015-09-101-2/+3
| | | | | | | | | | These prints were at DEBUG level (-d), but they can be very frequent, so drop them to MSGDUMP (-dd). This allows the prints to be suppressed in common debugging cases while still leaving them easily enablable to debug control interface issues without having to enable excessive debugging. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Reduce debug verbosity for read-only control interface commandsJouni Malinen2015-09-101-6/+17
| | | | | | | | | | | Commands like BSS and GET_NETWORK are used in some cases very frequently and those can increase the amount of debug information from wpa_supplicant without significant benefit. These were logged at the DEBUG level (-d). Move logging of such read-only commands (i.e., no new wpa_supplicant operation is started based on it) to EXCESSIVE level (-ddd) which was already used for the PING command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPA: Do not print GTK in debug log unless requestedJouni Malinen2015-09-091-2/+2
| | | | | | | | The GTK value received in RSN (WPA2) group rekeying did not use the wpa_hexdump_key() version of debug printing that is conditional on -K being included on the command line. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Reduce struct wps_parse_attr sizeJouni Malinen2015-09-073-22/+26
| | | | | | | | | Use shorter variables for storing the attribute lengths and group these variables together to allow compiler to pack them more efficiently. This reduces the struct size from 960 bytes to 760 bytes in 64-bit builds. This reduces stack use in number of functions. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Reduce wps_ap_priority_compar() stack useJouni Malinen2015-09-071-6/+6
| | | | | | | | There is no need to maintain two concurrent instances of struct wps_parse_attr in this function. Share a single structure for parsing both IEs. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS and DISABLE/ENABLE APJouni Malinen2015-09-071-0/+7
| | | | | | | This is a regression test case for the issue fixed by the previous commit (hapd->num_probereq_cb not getting cleared on deinit). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Fix num_probereq_cb clearing on DISABLE to avoid segfaultChen, Yi2015-09-071-0/+1
| | | | | | | | | | | | | | | | | Reset hapd->num_probereq_cb to 0 on an interface deinit to avoid unexpected behavior if the same interface is enabled again without fully freeing the data structures. hostapd_register_probereq_cb() increments hapd->num_probereq_cb by one and leaves all old values unchanged. In this deinit+init case, that would result in the first entry in the list having an uninitialized pointer and the next Probe Request frame processing would likely cause the process to terminate on segmentation fault. This issue could be hit when hostapd was used with WPS enabled (non-zero wps_state configuration parameter) and control interface command DISABLE and ENABLE were used. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* tests: WPS ER learn OOMJouni Malinen2015-09-071-0/+50
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS ER: Clean up WPS session on PutMessage error casesJouni Malinen2015-09-071-7/+20
| | | | | | | This is needed to allow new operation to be started after an error without having to wait for the AP entry to time out. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS ER SetSelectedRegistrar OOMJouni Malinen2015-09-071-0/+51
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS ER OOM in PutWLANResponse generationJouni Malinen2015-09-071-0/+12
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS ER OOM in STA addJouni Malinen2015-09-071-0/+34
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS ER and OOM in HTTP response generationJouni Malinen2015-09-071-1/+14
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Use sqlite3.Binary() with the log filesJouni Malinen2015-09-071-2/+10
| | | | | | | This is needed to avoid issues in some cases where 8-bit bytestrings may be present in the otherwise text debug log. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS ER subscribe OOMJouni Malinen2015-09-071-0/+39
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS ER caching AP settings (OOM)Jouni Malinen2015-09-071-0/+124
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS against external implementationJouni Malinen2015-09-071-2/+3246
| | | | | | | | | | This adds a Python-based minimal WSC protocol implementation to allow more testing coverage to be reached for various error cases in protected attributes. The wps_ext test case completes successful exchange in both the Enrollee and Registrar roles acting in the middle of AP and STA. The other test cases cover error cases. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS ER init failureJouni Malinen2015-09-071-0/+6
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS AP configured for special ap_setup_locked=2 modeJouni Malinen2015-09-071-0/+38
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS AP and UPnP event subscription and many eventsJouni Malinen2015-09-061-0/+67
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Multiple WPS ERs adding a new enrollee using PINJouni Malinen2015-09-061-0/+57
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: D-Bus GroupFormationFailure signalJouni Malinen2015-09-051-4/+15
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Add D-Bus signal GroupFormationFailureNishant Chaprana2015-09-056-0/+73
| | | | | | | This is similar to the control interface event P2P-GROUP-FORMATION-FAILURE. Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
* tests: WPS config method update for WPS and P2PJouni Malinen2015-09-052-0/+44
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Allow config_methods to be cleared with an empty stringJouni Malinen2015-09-051-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: IBSS RSN OOM during wpa_initJouni Malinen2015-09-051-0/+9
| | | | | | | This is a regression test for a segfault that was fixed in the previous commit. Signed-off-by: Jouni Malinen <j@w1.fi>
* RSN IBSS: Fix segfault on error pathJouni Malinen2015-09-051-1/+2
| | | | | | | If wpa_init() fails, wpa_deinit(NULL) must not be called to avoid hitting a NULL pointer dereference. Signed-off-by: Jouni Malinen <j@w1.fi>