path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Add wpa_supplicant state change event for Android network managerDmitry Shmidt2011-02-261-0/+2
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* OpenSSL: Add access to Android certificatesDmitry Shmidt2011-02-261-0/+86
| | | | | | | This allows keystore:// prefix to be used with client_cert and private_key configuration parameters. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Add CONFIG_ANDROID_LOG supportDmitry Shmidt2011-02-252-0/+53
| | | | | This makes wpa_printf() calls use __android_log_vprint(). In addition, hexdumps are commented out.
* Change executable permissions for AndroidDmitry Shmidt2011-02-251-0/+30
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* wext: Do not include typedefs for Android buildJouni Malinen2011-02-251-0/+2
| | | | | | Android build gets __u32 and friends from bionic/libc/kernel/arch-x86/asm/types.h and having the typedefs here causes redefinition errors.
* wext: Sync with linux/wireless.h from wireless-testing.gitJouni Malinen2011-02-251-14/+98
| | | | | This updates the Linux wireless extensions header file to be based on the latest version (22).
* P2P: Add method to signal lost deviceJohannes Berg2011-02-242-0/+11
| | | | | | | This signal is used to notify users of the P2P state machine or wpa_supplicant of lost devices. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* P2P: Add p2p_get_peer_found to get peer infoJohannes Berg2011-02-242-0/+51
| | | | | | | | This will only retrieve information about peers that have been fully discovered, not peers that are only half-discovered based on their Probe Request frames. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* P2P: Add new_device flag to dev_found callbackJohannes Berg2011-02-244-6/+14
| | | | | | | | | | | | | | The DBus code will want to have perfect matching of dev_found and the dev_lost it adds so it doesn't need to keep track internally. Enable that with a new flag in the core that tracks whether we have already notified about this -- the existing users can ignore it. The part where this is always set to 1 if the new device is discovered by a driver that has P2P in the driver is buggy -- the driver should feed the P2P peer database and then that should feed the notification here instead. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* P2P: Embed publically visible struct in peer infoKonguraj(Raj) Kulanthaivel2011-02-249-128/+155
| | | | | | | | | | | | This embeds some information about each P2P peer that will be publically visible in a struct that is shared. The dev_found notification function is also passed the new struct, which requires some work for the driver-based P2P management. Signed-off-by: Konguraj(Raj) Kulanthaivel <konguraj.kulanthaivel@intel.com> Signed-off-by: Fabien Marotte <fabienx.marotte@linux.intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* hostapd: Inherit correct MAC address for AP VLAN interfacesHelmut Schaa2011-02-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | When using multiple vifs and dynamic vlan tagging is enabled on any interface, the created AP VLAN interfaces get the BSSID of the first AP mode interface instead of the BSSID of the corresponding AP mode interface. Example: wlan0 - xx:xx:xx:xx:x0 wlan1 - xx:xx:xx:xx:x1 Assume a STA connects to the AP interface wlan1 and gets a dynamic VLAN tag 100 assigned by the RADIUS server. Hostapd will create an AP VLAN interface wlan1.100 but doesn't set an address for this interface which results in wlan1.100 getting the same address as wlan0: wlan1.100 - xx:xx:xx:xx:x0 As a result the STA that was moved to wlan1.100 isn't able to finish its 4-way handshake since mac80211 won't pass its frames to wlan1.100 due to the different address. To fix this issue make use of the address of the AP interface when creating an AP VLAN interface. Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
* AP: Update logging related to inactivity and disassociationBen Greear2011-02-242-16/+22
| | | | | | | | Add MAC addresses for stations and use wpa_msg instead of printf methods to make it easier to grep logs and find messages for the station in question. Signed-off-by: Ben Greear <greearb@candelatech.com>
* Add more wpa_auth debugging messagesBen Greear2011-02-241-1/+13
* Remove unneeded OpenSSL error messages from key/cert parsingJouni Malinen2011-02-221-27/+6
| | | | | | | If parsing of the certificate or private key succeeds using any of the tried encoding types, clear the OpenSSL error queue without showing the pending errors in debug log since they do not really provide any useful output and can be confusing.
* nl80211: Use nl_atype() from libnlRaghunathan Kailasanathan2011-02-221-1/+1
| | | | | libnl provides nla_type() which can be used to derive nla_type from struct nlattr.
* utils: Corrected a typo in header's name definitionGuy Eilam2011-02-211-1/+1
| | | | | | | Corrected a typo in the BASE64_H definition that might cause the header file to be included more than once. Signed-off-by: Guy Eilam <guy@wizery.com>
* Increase internal TLSs client key exchange bufferChristian Lamparter2011-02-211-1/+1
| | | | | | | | | | | | | | | | | This patch fixes a problem I had when I tried to connect an embedded system [wpa_supplicant, CONFIG_TLS=internal] to my TLS secured network. TLSv1: Send CertificateVerify TLSv1: CertificateVerify hash - hexdump(len=36): ha .. ha PKCS #1: pkcs1_generate_encryption_block - Invalid buffer lengths \ (modlen=512 outlen=454 inlen=36) It turned out that a fixed 1000 byte message buffer was just a little bit too small for the 4096 bit RSA certificates I'm using. Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
* hostapd: Allow coexistance of HT BSSes with WEP/TKIP BSSesHelmut Schaa2011-02-214-8/+12
| | | | | | | | | | | | | | | | | | | In multi BSS setups it wasn't possible to set up an HT BSS in conjunction with a WEP/TKIP BSS. HT needed to be turned off entirely to allow WEP/TKIP BSSes to be used. In order to allow HT BSSes to coexist with non-HT WEP/TKIP BSSes add a new BSS conf attribute "disable_11n" which disables HT capabilities on a single BSS by suppressing HT IEs in the beacon and probe response frames. Furthermore, mark all STAs associated to a WEP/TKIP BSS as non-HT STAs. The disable_11n parameter is used internally; no new entry is parsed from hostapd.conf. This allows a non-HT WEP/TKIP BSS to coexist with a HT BSS without having to disable HT mode entirely. Nevertheless, all STAs associated to the WEP/TKIP BSS will only be served as if they were non-HT STAs. Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
* FT: Fix FT-EAP to set EAPOL Authenticator into authenticated stateJouni Malinen2011-02-201-1/+20
| | | | | This is needed to avoid the EAPOL Authenticator from trying to start new authentication when FT protocol is used. [Bug 384]
* FT: Specify source MAC address for RRB messagesJouni Malinen2011-02-201-12/+27
| | | | | | | | Use l2_packet with Ethernet header included so that the source address for RRB packets can be forced to be the local BSSID. This fixes problems where unexpected bridge interface address may end up getting used and the recipient of the frame dropping it as unknown R0KH/R1KH.
* Flush STA entries in hostapd when clearing STAs from kernelJouni Malinen2011-02-101-0/+1
| | | | | | | | This is needed to keep kernel and hostapd in sync. In addition, the obsolete entry in hostapd prevented use of Deauthentication or Disassociation frame with reason code 6/7 mechanism to indicate to the STA that there is no association if the STA missed the broadcast Deauthentication frame for any reason.
* hostapd: Fix RADIUS client configuration update on reconfigJouni Malinen2011-02-103-4/+19
| | | | | | | The internal pointer to RADIUS client configuration needs to be updated whenever a new hostapd configuration is loaded. Without this, freed memory may be dereferenced and this can result in segmentation faults.
* Make sure reserved field in WMM IE is set to 0Jouni Malinen2011-02-101-0/+2
| | | | | This was previously left uninitialized for Beacon frames and could potentially have any value.
* Fix CONFIG_NO_STDOUT_DEBUG=y buildJouni Malinen2011-02-102-3/+11
* Use wpa_msg() instead of wpa_printf()Ben Greear2011-02-102-227/+302
| | | | | | | | | | This converts number of debugging messages to use wpa_msg() in order to allow the interface name to be shown with the messages. A new function, wpa_dbg(), is introduced to allow CONFIG_NO_STDOUT_DEBUG=y builds to remove the debug strings. This is otherwise identical with wpa_msg(), but it gets compiled out if stdout debugging is disabled.
* hostapd: Add require_ht configuration parameterJouni Malinen2011-02-094-3/+26
| | | | | This can be used to configure hostapd to reject association with any station that does not support HT PHY.
* wpa_s AP: Deliver EVENT_RX_PROBE_REQ events to AP processingJouni Malinen2011-02-082-19/+21
| | | | | | | | This is needed to allows WPS PBC session overlap detection to work with drivers that process Probe Request frames internally. This code is is run in hostapd, but the wpa_supplicant AP mode did not have call to the hostapd_probe_req_rx() function even though it registered handlers for hostapd Probe Request RX callbacks.
* P2P: Allow WPS_PBC command on GO to select on P2P Device AddressJouni Malinen2011-02-079-10/+69
| | | | | | | | | | | | | | An optional parameter, p2p_dev_addr, can now be given to WPS_PBC command on P2P GO to indicate that only the P2P device with the specified P2P Device Address is allowed to connect using PBC. If any other device tries to use PBC, a session overlap is indicated and the negotiation is rejected with M2D. The command format for specifying the address is "WPS_PBC p2p_dev_addr=<address>", e.g., WPS_PBC p2p_dev_addr=02:03:04:05:06:07 In addition, show the PBC session overlap indication as a WPS failure event on an AP/GO interface. This particular new case shows up as "WPS-FAIL msg=4 config_error=12".
* Add interface name to wpa_msg() outputBen Greear2011-02-062-2/+24
| | | | | | | | | | This makes log files much more readable if multiple interfaces are being controlled by the same process. The interface name is added to stdout/file/syslog entries, but not to the messages sent to control interface monitors to avoid issues with parsing in external programs. Signed-off-by: Ben Greear <greearb@candelatech.com>
* wpa_supplicant: Support 'relog' command to re-open log filesBen Greear2011-02-062-0/+35
| | | | | | | | | This allows rolling log files: mv log.txt log.txt.1 wpa_cli relog Signed-off-by: Ben Greear <greearb@candelatech.com>
* util: Add compact MAC address formatting/parsingJohannes Berg2011-02-022-0/+31
| | | | | | | The P2P DBus interface will use addresses for DBus paths, and uses them without any separators. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* AP: Add callback for STA authorized transitionsJohannes Berg2011-02-022-0/+8
| | | | | | | Add a callback for station's authorized transitions to allow wpa_supplicant to emit events in DBus. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* AP: Introduce sta authorized wrappersJohannes Berg2011-02-025-10/+33
| | | | | | | | To enable making state change notifications on the WLAN_STA_AUTHORIZED flag, introduce ap_sta_set_authorized(), and to reduce use of the flag itself also add a wrapper for testing the flag: ap_sta_is_authorized(). Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* nl80211: Use max_remain_on_chan data from nl80211Johannes Berg2011-02-011-1/+10
| | | | | | | | | If the driver advertises max_remain_on_chan data, use it instead of the hardcoded value of 5000. Keep the default at 5000 since that is the value used by earlier versions of cfg80211/mac80211 and not advertised in nl80211 for those. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* nl80211: Remove excessive nl80211_set_mode() callEliad Peller2011-02-011-4/+2
| | | | | | | | When authenticating, and the interface type is not already NL80211_IFTYPE_STATION, we need to call wpa_driver_nl80211_set_mode() only once. Remove the excessive call. Signed-off-by: Eliad Peller <eliad@wizery.com>
* AP: Make sure ieee80211n_allowed_ht40_channel_pair() gets calledJouni Malinen2011-02-011-1/+3
| | | | | | We need to call this function after having completed the neighboring channel scan to figure out whether HT40 can be used and if so, which channel is the secondary channel.
* AP: Ensure ieee80211n_supported_ht_capab() gets called to check ht capsNishant Sarmukadam2011-02-011-2/+2
| | | | | | | | | | | ieee80211n_supported_ht_capab is called after ieee80211n_check_40mhz in function hostapd_check_ht_capab. ieee80211n_check_40mhz can return 1 in a valid scenario where the initialization is completed in a callback. In this case ieee80211n_supported_ht_capab is skipped and hostapd does not check the ht capabilities reported by the driver. Fix this issue making sure ieee80211n_supported_ht_capab gets called. Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
* AP: Enable WMM with default parameters by default for HTJohannes Berg2011-02-013-8/+24
| | | | | | | | If WMM is not disabled explicitly (wmm_enabled=0 in hostapd.conf), enable WMM automatically whenever HT (ieee80211n) is enabled. Use the default WMM parameters for AP TX queues and the EDCA parameters advertised for stations in WMM IE if no overriding values are included in the configuration.
* nl80211: use P2P interface typesJohannes Berg2011-01-311-4/+18
| | | | | | | | We can use the P2P interface types to check if the driver supports P2P and to tell the kernel that a given interface is going to be used for P2P (when it is created). Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* Remove obsolete drivers wrappers: atmel, ndiswrapper, ipw, hermesJouni Malinen2011-01-305-1400/+0
| | | | | | | | | | | | | | | | | | | | | | | | | There is no real reason to maintain these in the current development branch anymore. If someone really needs support for the obsolete driver interfaces, these can be found in older wpa_supplicant branches. driver_atmel.c - vendor-specific interface for ATMEL AT76C5XXx cards - for some old out-of-tree driver; not for the upstream atmel* drivers driver_ndiswrapper.c - vendor-specific interface for an out-of-tree driver - ndiswrapper should work with driver_wext.c, too driver_ipw.c - vendor-specific interface for old ipw2100/2200 driver - the upstream driver works with driver_wext.c (and does not work with the old interface) driver_hermes.c - vendor driver that was not even included in the main wpa_supplicant releases
* nl80211: Make use of the ht opmode bss attributeHelmut Schaa2011-01-301-5/+21
| | | | | | | | | In order to enable protection mechanisms for different HT opmodes the driver needs to be aware of the current HT opmode that is calculated by hostapd. Hence, pass the current opmode to the nl80211 driver via the bss attribute NL80211_ATTR_BSS_HT_OPMODE. Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
* hostapd: Allow TDLS use to be prohibited in the BSSJouni Malinen2011-01-285-0/+37
| | | | | | tdls_prohibit=1 and tdls_prohibit_chan_switch=1 and now be used to disable use of TDLS or TDLS channel switching in the BSS using extended cabilities IE as defined in IEEE 802.11z.
* Fix couple of compiler warnings about uninitialized variablesJouni Malinen2011-01-261-0/+1
* AP: Validate management frame lengthJouni Malinen2011-01-172-0/+5
| | | | | | Make sure that received management frames are long enough before processing them. This avoids a potential segmentation fault if a driver delivers an invalid frame all the way to hostapd.
* EAP-pwd: Fix some interoperability issuesDan Harkins2011-01-164-54/+30
| | | | | | | | | | | | The changes are: 1. the word "and" in the hunting-and-pecking string passed to the KDF should be capitalized. 2. the primebitlen used in the KDF should be a short not an int. 3. the computation of MK in hostap is based on an older version of the draft and is not the way it's specified in the RFC. 4. the group being passed into computation of the Commit was not in network order.
* EAP-pwd: Use os_free to free memory allocated with os_mallocJouni Malinen2011-01-161-1/+1
| | | | The direct use of free() caused a crash with CONFIG_WPA_TRACE=y.
* WPA: Add more info for EAPOL-Key Nonce/MIC debuggingJouni Malinen2011-01-153-0/+13
* WPS: Add mechanism for indicating non-standard WPS errorsChao-Wen Yang2011-01-137-19/+62
| | | | | | | | | | | Previously, only the Configuration Error values were indicated in WPS-FAIL events. Since those values are defined in the specification it is not feasible to extend them for indicating other errors. Add a new error indication value that is internal to wpa_supplicant and hostapd to allow other errors to be indicated. Use the new mechanism to indicate if negotiation fails because of WEP or TKIP-only configurations being disallows by WPS 2.0.
* P2P: Check GO Neg Req retransmit limit in p2p_listen_endJouni Malinen2011-01-121-0/+8
| | | | | | | This needs to be done both in the more normal location in p2p_timeout_connect_listen() (internal timeout after driver event) and in p2p_listen_end() as a workaround for the case where the driver event is delayed to happen after the internal timeout.
* nl80211: Set NL80211_ATTR_KEY_DEFAULT_TYPES based on set_key addrJouni Malinen2011-01-091-0/+38
| | | | | This allows mac80211 to configure default keys properly for RSN IBSS mode.