Commit message (Collapse)AuthorAgeFilesLines
* Add support for new 5 GHz channels 173 and 177HEADpendingmasterSreeramya Soratkal3 days8-48/+63
| | | | | | | Add support for new channels 173 and 177 in the operating classes 125 to 130 as defined in draft IEEE P802.11ax/D8.0. Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
* P2P: Fix channel selection for operating class 129Sreeramya Soratkal3 days1-2/+2
| | | | | | | | | | | | | | | | The operating class 129 includes channels with a maximum bandwidth of 160 MHz with center frequency index 50 and 114. The previous definition of operating class 129 considered the center frequency index as actual channels resulting in incorrect channel setup for the operating class. Fix the definition of operating class 129 to consider channels with the center frequency index of 50 and 114. Also update the comment that describes the channel selection for operating 128, 129, and 130 which mentions wpas_p2p_allow_channel() verifies the channels while wpas_p2p_verify_channel() takes care of it. Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
* tests: DPP Responder behavior on missing Auth ConfirmJouni Malinen3 days1-1/+14
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Abort authentication if no Auth Confirm is received within a secondPurushottam Kushwaha3 days3-0/+76
| | | | | | | | | | | | | | | After sending DPP Auth Response, the Responder might not receive the Auth Confirm either due to the Initiator not sending it or the reception of the frame failing for some reason (e.g., Responder having already left the negotiation channel). If this happens, following initiation attempts would fail since the consecutive Auth Request would get discarded since the previous authentication is still in progress. Terminate DPP authentication on Responder, if no Auth Confirm is received within one second of successfully sending Auth Response. This allows the Responder to accept start of a new exchange. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Add a configuration to disconnect on deinit if WoWLAN is enabledSunil Dutt4 days4-2/+19
| | | | | | | | | | | | | | | | | Commit 02c21c02d09f ("wpa_supplicant: Do not disconnect on deinit if WoWLAN is enabled") prevents the disconnection on deinit if the driver indicates that WoWLAN is enabled. This is not the expected behavior in some earlier use cases where the wpa_supplicant process is left running when going to sleep and killing of the wpa_supplicant process is used only when there is an expectation of Wi-Fi connection being disabled. To support the use cases which require the WLAN to disconnect on deinit even if WoWLAN is enabled, introduce a configuration parameter wowlan_disconnect_on_deinit. This is set to 0 by default thereby not impacting the functionality in the above mentioned commit. Setting it to 1 restores the old behavior before the commit identified above. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Fix rfkill testing with updated kernelJouni Malinen10 days1-1/+1
| | | | | | | | | | | Kernel commit 14486c82612a ("rfkill: add a reason to the HW rfkill state") added an extra byte to the end of the rfkill events and that confused the read loop here since python tried to buffer the results from multiple read() calls into the local buffer that then delivered the extra octets in consecutive events. Fix this by disabling buffering for these reads. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* dbus: Export new 'suiteb192' capabilityAntonio Cardace11 days1-1/+4
| | | | | | | | Export a new 'suiteb192' capability to indicate that wpa_supplicant was built with WPA-EAP-SUITE-B-192 support and accepts 'key_mgmt=WPA-EAP-SUITE-B-192'. Signed-off-by: Antonio Cardace <acardace@redhat.com>
* DBus: Add 'owe' to interface CapabilitiesBrian Norris11 days2-1/+7
| | | | Signed-off-by: Brian Norris <briannorris@chromium.org>
* tests: Fix ap_ft_eap_pull_wildcard_multi_bssAndrei Otcheretianski11 days1-0/+7
| | | | | | | | | | Python enumerates dictionaries in an arbitrary order, thus the resulting configuration file will have the parameters shuffled randomly. This may cause the test to fail when, for example, auth_server_addr is placed after auth_server_port. Fix this by enforcing some of the fields to be placed before the others. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* wpa_cli: Add WPS_EVENT_OVERLAP to action scriptsBerkay Ercan11 days1-0/+2
| | | | | | | | | WPS_EVENT_OVERLAP case was missing on wpa_cli_action_process function in wpa_cli.c, so when the overlap event occurs, there was no event message sent to the action script. Add this event case to the function. Signed-off-by: Berkay Ercan <berkay.ercan@airties.com> Signed-off-by: Veli Demirel <veli.demirel@airties.com>
* tests: remote: Allow shuffleJanusz Dziedzic11 days1-2/+10
| | | | | | With -S option we will run tests in random order. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
* tests: remotehost: Add missed select importJanusz Dziedzic11 days1-0/+3
| | | | Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
* tests: remotehost: Remove wait_execute_completeJanusz Dziedzic11 days1-3/+3
| | | | | | | Today we have thread_wait(). Fixes: 11b3af3dad12 ("tests: remotehost: Use correct name") Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
* nl80211: Add missing WPA3-SAE auth_data in auth retry casehongwang.li11 days2-0/+15
| | | | | | | | | | | | | | | | | | When wpa_supplicant sends NL80211_CMD_AUTHENTICATE to kernel, it is possible that the cfg80211 in kernel has expired the BSS entry that we are trying to auth with. Then cfg80211 will reject the auth cmd. In this case, wpa_supplicant will trigger a single channel scan to refresh cfg80211 BSS entry, and retry the auth when scan is finished. When this case happens, wpa_supplicant makes a copy of auth params, such as frequency, bssid, ssid, ie and so on. So when we retry auth, the copy of these params will be used. The problem is, a param named auth_data is missed when making the copy. The auth_data is used by NL80211_ATTR_SAE_DATA which is a mandatory field for WPA3-SAE auth. In WPA3-SAE case the auth retry will always fail because auth_data is missing. This patch fixes the issue. Signed-off-by: hongwang.li <hongwang.li@sonos.com>
* FT: Update key mgmt properly in RSNE during roamingShiva Sankar Gajula11 days1-13/+14
| | | | | | | | | | | | | | | | When STA is performing roam from WPA3 AP to WPA2 AP, the STA was including key mgmt FT-SAE instead of FT-PSK in FT Authentication request RSNE when using driver-based SME. This is because the RSNE/MDE/FTE were updated and forwarded to the driver using the NL80211_CMD_UPDATE_FT_IES command before updating key mgmt properly. Because of this, the AP is rejecting FT Authentication request with WLAN_REASON_UNSPECIFIED reason code which is due to the invalid keymgmt in RSNE. Fix this by reordering IE population to happen earlier in the sequence so that the updated key mgmt information can be provided when using NL80211_CMD_UPDATE_FT_IES. Signed-off-by: Shiva Sankar Gajula <sgajula@codeaurora.org>
* tests: FT reassociation SAE-PSK-SAEJouni Malinen11 days1-5/+16
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Add user configured vendor IEs to default scan IEsVinita S. Maloo11 days2-3/+22
| | | | | | | | Add user configured vendor IEs for Probe Request frames to default scan IEs so that these IEs will be included in the Probe Request frames for the scans issued also by components other than wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Fix p2p fuzzer build after API changeJouni Malinen2020-12-231-1/+1
| | | | | | | | | Commit 7b121af26af5 ("P2P: Delay P2P scan when an external scan is in progress") added a new argument to p2p_scan_res_handled(), but did not update this test tool. Fix this by using hardcoded value 0 for the new delay argument. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Android: Pass the vendor events to $(BOARD_WPA_SUPPLICANT_PRIVATE_LIB)Sunil Dutt2020-12-213-0/+14
| | | | | | | | | | | | | | | | | | Android has a mechanism to extend the driver interface in vendor specific ways. This implementation of the vendor interface is done in $(BOARD_WPA_SUPPLICANT_PRIVATE_LIB). Extend this to allow the vendor events to be provided to this library to facilitate the event processing. Introduce a new board configuration via $(BOARD_WPA_SUPPLICANT_PRIVATE_LIB_EVENT) rather than reusing $(BOARD_WPA_SUPPLICANT_PRIVATE_LIB) to enable this event handling in the private library. This is to avoid compilation issues for wpa_driver_nl80211_driver_event() with the already existing private library implementations defined with $(BOARD_WPA_SUPPLICANT_PRIVATE_LIB). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* P2P: Delay P2P scan when an external scan is in progressPurushottam Kushwaha2020-12-213-5/+27
| | | | | | | | | When an external scan is in progress on the same radio, delay the P2P search operation based on configuration parameter p2p_search_delay. The "search_delay" configuration done through p2p_find always takes precedence over this delay value set due to an external scan trigger. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* P2P: Recover p2p_find operation in case of failure to fetch scan resultsSunil Dutt2020-12-213-3/+32
| | | | | | | | | | | | Add a handler to notify failures to fetch the scan results and provide an option to override default behavior of requesting a new scan in one second in such an error condition. Use this new handler mechanism to continue the p2p_find operation (by invoking p2p_scan_res_handled) for an interim scenario where the p2p_scan attempt fails to get the scan results from the driver which can happen, e.g., if there are parallel updates to the cfg80211 scan results. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Process QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH after NL80211_CMD_ROAMPurushottam Kushwaha2020-12-213-1/+53
| | | | | | | | | | | | | | | | | | NL80211_CMD_ROAM indication is scheduled via a kernel work queue, while QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH is a vendor event from the driver. Thus, a race condition can exist wherein the vendor event is received prior to the NL80211_CMD_ROAM indication. The processing of this vendor event depends on the NL80211_CMD_ROAM indication to update the roamed BSS/BSSID information and thus the out of sequence processing of these events would result in not updating the right BSS information. This commit adds a workaround to hold the pending QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event for up to 100 ms in case NL80211_CMD_ROAM is not received first. Signed-off-by: Purushottam Kushwaha <pkushwah@codeaurora.org>
* nl80211: Do not ignore disconnection event after a connection eventVamsi Krishna2020-12-211-0/+7
| | | | | | | | | | | | | | | | | | | | | | | After a disconnect command is issued, wpa_supplicant generates a disconnection event to self and ignores the next disconnection event coming from the driver. In a race condition in which the driver generates a connected event due to roaming just before receiving the disconnect command from userspace, wpa_supplicant processes the connected event after processing the self-generated disconnection event and enters WPA_COMPLETED state. The driver sends a disconnection event after processing the disconnect command sent by wpa_supplicant but the disconnection event is ignored by wpa_supplicant as the disconnection event is considered to be a result of locally generated disconnect command. Thus, wpa_supplicant continues to be in the connected (WPA_COMPLETED) state though the driver is in disconnected state. Fix this out-of-sync behavior between the driver and wpa_supplicant by not ignoring the disconnection event from the driver because of the locally generated disconnect command sent to the driver if there is a connection event received after issuing the disconnect command to the driver. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Update ap_open_unexpected_assoc_event to match implementationJouni Malinen2020-12-211-10/+6
| | | | | | | | Now that wpa_supplicant ignores the unexpected association event in disconnected-not-trying-to-connect state, this test cases needs to be modified to avoid incorrect failures. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Drop unexpected connection event while disconnectedVamsi Krishna2020-12-211-0/+5
| | | | | | | | | | | | | | | | | | | | | | If there is a disconnect command from wpa_supplicant immediately after the driver sends a connection event to userspace but before that event is received and processed by wpa_supplicant, wpa_supplicant processes the disconnect command and a self-generated disconnected event first followed by the connected event received from the driver. As a result wpa_supplicant moves to the WPA_COMPLETED state. Whereas the driver processes the disconnect command received from wpa_supplicant after it sends the connected event and moves to the disconnected state. Due to this race between the disconnect command from wpa_supplicant and the connected event from the driver, wpa_supplicant is moving to the connected state though the driver is moving to the disconnected state which results in abnormal functionality. Ignore the connection event coming from the driver when wpa_supplicant is not trying to connect after a disconnect command is issued but before the next connect command is issued to fix the above mentioned race condition. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Vendor feature capability to notify TWT asynchronous response supportSunil Dutt2020-12-211-8/+33
| | | | | | | | | | | | | | | The response for the respective TWT operations can either be synchronous or asynchronous (wherever specified). If synchronous, the response to this operation is obtained in the corresponding vendor command reply to the user space. For asynchronous case, the response is obtained as an event with the same operation type. Drivers shall support either of these modes but not both simultaneously. The support for asynchronous mode is advertised through the new flag QCA_WLAN_VENDOR_FEATURE_TWT_ASYNC_SUPPORT. If the driver does not include this flag, it shall support synchronous mode. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* New TWT operations and attributes to TWT Setup and NudgeSunil Dutt2020-12-161-2/+252
| | | | | | | | | | | Define the following additional TWT operations: QCA_WLAN_TWT_GET_STATS, QCA_WLAN_TWT_CLEAR_STATS, QCA_WLAN_TWT_GET_CAPABILITIES, QCA_WLAN_TWT_SETUP_READY_NOTIFY. Also define new attributes to qca_wlan_vendor_attr_twt_setup and qca_wlan_vendor_attr_twt_nudge. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Add DPP_CONTROLLER commands to hostapd_cli and wpa_cliDisha Das2020-12-162-0/+38
| | | | | | | Add the DPP control interface DPP_CONTROLLER_START and DPP_CONTROLLER_STOP commands to the CLIs. Signed-off-by: Disha Das <dishad@codeaurora.org>
* Use bool for is_6ghz variables and functionsJouni Malinen2020-12-1111-27/+28
| | | | | | | Replace the implicit boolean checks that used int variables with use of a more explicit bool variable type. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: setband with band combinationJouni Malinen2020-12-111-8/+21
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Extend the setband support for 6 GHz and band combinationsVeerendranath Jakkam2020-12-1110-52/+86
| | | | | | | | | | Support possible band combinations of 2.4 GHz, 5 GHz, and 6 GHz with QCA_WLAN_VENDOR_ATTR_SETBAND_MASK attribute. Ensure backwards compatibility with old drivers that are using QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE attribute and supporting only 2.4 GHz and 5 GHz bands. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* tests: Update scan_fail to match implementation changeJouni Malinen2020-12-111-1/+1
| | | | | | | The function name for adding frequency lists changed, so this test case needs a matching change to avoid failures. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* scan: Add a helper function to append supported freqs from a given bandVeerendranath Jakkam2020-12-113-61/+38
| | | | | | | This functionality was repeated for couple of times. Use a shared helper function to avoid code duplication. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* Fix gcc-10 build with -Werror=array-bounds and dl_list_for_each()Jouni Malinen2020-12-042-3/+3
| | | | | | | | | | | | | | | | | The earlier workaround for UBSAN issues in commit 3b6b3ae58133 ("Modify dl_list_for_each() to not use unaligned access with WPA_TRACE") ended up using a construction in which the type cast to the containing structure was compared instead of the struct dl_list pointers. While that worked around the UBSAN issue, it resulted in a comparison that gcc-10 interprets as being out of bounds for struct dl_list (which it obviously is since this is to find the start of the containing structure). Revert that workaround and instead, mark the struct dl_list used within struct os_alloc_trace to have matching 16 octet alignment as the containing structure. This is also restoring consistent design for dl_list_for_each*(). Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: HE: Add a test for wifi generation on 2.4 GHzJohannes Berg2020-12-041-13/+26
| | | | | | | | | | This was broken in the kernel in mac80211 for a while, until commit 780a8c9efc65 ("mac80211: do not disable HE if HT is missing on 2.4 GHz") fixed it. Add a test for wifi generation on 2.4 GHz in addition to the 5 GHz one. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* wolfSSL: Client cert loading API fixJuliusz Sosinowicz2020-12-041-4/+4
| | | | | | | Client cert loading API should check equality to SSL_SUCCESS for success. Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
* nl80211: Report invalid signal and noise when info is unavailableAvraham Stern2020-12-042-9/+16
| | | | | | | | | | | | | | | | | | | When the driver sends a CQM RSSI threshold event, wpa_supplicant queries the driver for the signal and noise values. However, it is possible that by that time the station has already disconnected from the AP, so these values are no longer valid. In this case, indicate that these values are invalid by setting them to WPA_INVALID_NOISE. Previously a value of 0 would be reported, which may be confusing as this is a valid value. Since nl80211_get_link_signal() and nl80211_get_link_noise() already set invalid values for a case of failure, just use the value set by these functions even if they fail. Signed-off-by: Avraham Stern <avraham.stern@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com> Reviewed-by: Brian Norris <briannorris@chromium.org>
* tests: remotehost: Introduce wait_event()Janusz Dziedzic2020-12-041-0/+80
| | | | | | | | | | | | Allow to run local/remote process like: - ubus listen - logread -f - tail -f - wpa_cli - hostapd_cli And next wait for specific event(s). Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
* tests: remotehost: Use correct nameJanusz Dziedzic2020-12-044-16/+16
| | | | | | | | | While we start thread use: - thread_run - therad_stop - thread_wait Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
* wlantest: Allow missing RSNE in S1G beaconThomas Pedersen2020-12-044-2/+15
| | | | | | | | S1G beacons save a few bytes by not requiring the RSNE in beacon if RSN BSS is configured. Handle this in wlantest by only clearing RSNE from the BSS info if frame is a Probe Response frame. Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
* tests: Skip dpp_enterprise_tcp tests without OpenSSLAndrei Otcheretianski2020-12-041-0/+6
| | | | | | Skip these tests if OpenSSL wasn't loaded, instead of crashing. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* tests: Determine number of parallel make jobs automaticallyJouni Malinen2020-12-041-4/+9
| | | | | | Use nproc (if available) instead of the hardcoded 8 parallel make jobs. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Skip test cases properly if tshark is not availableJouni Malinen2020-12-041-0/+6
| | | | | | | Instead of trying to process empty results, mark the test case as skipped if tshark is not available. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Fix p2p_autogo_pref_chan_not_in_regulatoryThomas Pedersen2020-12-021-1/+1
| | | | | | | Sweden now allows channel 149 in the updated wireless-regdb. Choose Japan for the negative test instead. Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
* Add option to ignore Probe Request frames when RSSI is too lowJohn Crispin2020-12-024-0/+11
| | | | | | | Add a new hostapd configuration parameters rssi_ignore_probe_request to ignore Probe Request frames received with too low RSSI. Signed-off-by: John Crispin <john@phrozen.org>
* wpa_supplicant: Initial connection speedupFrederik Juul2020-12-024-1/+50
| | | | | | | | | | | | | Add initial_freq_list to wpa_supplicant configuration. This option allows wpa_supplicant to scan a smaller list of frequencies when it starts. This in turn allows for a faster connection to an already known network. This limit applies only for the initial scan operation and does not restrict other channels from being used in consecutive scans. Tests have shown this to reduce the amount of time for connecting to a network from roughly 3 seconds to roughly 0.1 second. Signed-off-by: Frederik Juul <frederik.juul@3shape.com>
* tests: DFS and no available channel after radar detectionJouni Malinen2020-12-021-0/+42
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DFS: Enter DFS state if no available channel is foundDavid Bauer2020-12-021-2/+10
| | | | | | | | | | | Previously hostapd would not stop transmitting when a DFS event was detected and no available channel to switch to was available. Disable and re-enable the interface to enter DFS state. This way, TX does not happen until the kernel notifies hostapd about the NOP expiring. Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: Add ability to disable HT/VHT/HE per BSSShay Bar2020-12-029-18/+37
| | | | | | | | | | | | Add the ability to disable HT/VHT/HE for specific BSS from hostapd.conf. - Add disable_11ax boolean to hostapd_bss_config. - Change disable_11n and disable_11ac to bool in hostapd_bss_config. - Add configuration option to set these disable_11* parameters (which were previously used only automatically based on incompatible security parameters to disable HT/VHT). Signed-off-by: Shay Bar <shay.bar@celeno.com>
* mesh: Move mesh frequency setting to its own functionMarkus Theil2020-11-301-27/+35
| | | | Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>