aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Change version information for the 2.5 releasehostap_2_5Jouni Malinen2015-09-271-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Do not clear RSN parameters before full configurationJouni Malinen2015-09-271-4/+5
| | | | | | | | | | This fixes an issue where hostapd SET command is used to configure RSN parameters and the wpa parameter is sent after the other parameters. Previously, the default case here ended up clearing rsn_pairwise and wpa_pairwise values and once wpa=2 was finally set, the cipher configuration had already been lost. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Fix the calculation of group common freqsIlan Peer2015-09-251-0/+10
| | | | | | | Previously, the calculation allowed for the same frequency to appear several times in the result. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* Linker changes for building eapol_test on OS XAlan T. DeKok2015-09-251-1/+3
| | | | Signed-off-by: Alan DeKok <aland@freeradius.org>
* Portability fixes for OS XAlan T. DeKok2015-09-251-1/+36
| | | | | | Fix os_get_reltime() and os_fdatasync() for OS X. Signed-off-by: Alan DeKok <aland@freeradius.org>
* Android: Set ctrl_iface client socket group (AID_WIFI) separatelyAmarnath Hullur Subramanyam2015-09-241-0/+2
| | | | | | | | | | Split chown() call in wpa_ctrl_open() and wpa_ctrl_open2() to allow the group id to be set even if the process does not have privileges to change the owner. This is needed for modules that need to communicate with wpa_supplicant since without the group change, wpa_supplicant may not have privileges to send the response to a control interface command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Do not copy STA VHT capabilities if VHT is not enabled for APAshok Raj Nagarajan2015-09-231-6/+8
| | | | | | | | | | | Previously, station's VHT information elements were copied and passed regardless of the AP's VHT configuration. As a result, AP with VHT disabled in configuration could have ended up transmitting packets in VHT rates though AP is not advertising VHT support. Fix this by copying the station's VHT capabilities only when AP supports VHT (both hardware and configuration). Signed-off-by: Ashok Raj Nagarajan <arnagara@qti.qualcomm.com>
* WPA: Do not print GTK in debug log unless requestedJouni Malinen2015-09-091-2/+2
| | | | | | | | The GTK value received in RSN (WPA2) group rekeying did not use the wpa_hexdump_key() version of debug printing that is conditional on -K being included on the command line. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Reduce struct wps_parse_attr sizeJouni Malinen2015-09-073-22/+26
| | | | | | | | | Use shorter variables for storing the attribute lengths and group these variables together to allow compiler to pack them more efficiently. This reduces the struct size from 960 bytes to 760 bytes in 64-bit builds. This reduces stack use in number of functions. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Reduce wps_ap_priority_compar() stack useJouni Malinen2015-09-071-6/+6
| | | | | | | | There is no need to maintain two concurrent instances of struct wps_parse_attr in this function. Share a single structure for parsing both IEs. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Fix num_probereq_cb clearing on DISABLE to avoid segfaultChen, Yi2015-09-071-0/+1
| | | | | | | | | | | | | | | | | Reset hapd->num_probereq_cb to 0 on an interface deinit to avoid unexpected behavior if the same interface is enabled again without fully freeing the data structures. hostapd_register_probereq_cb() increments hapd->num_probereq_cb by one and leaves all old values unchanged. In this deinit+init case, that would result in the first entry in the list having an uninitialized pointer and the next Probe Request frame processing would likely cause the process to terminate on segmentation fault. This issue could be hit when hostapd was used with WPS enabled (non-zero wps_state configuration parameter) and control interface command DISABLE and ENABLE were used. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS ER: Clean up WPS session on PutMessage error casesJouni Malinen2015-09-071-7/+20
| | | | | | | This is needed to allow new operation to be started after an error without having to wait for the AP entry to time out. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Allow config_methods to be cleared with an empty stringJouni Malinen2015-09-051-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Rename IE field to clarify its useMasashi Honma2015-09-051-2/+2
| | | | | | This is used only for RSNE. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* TDLS: Use proper IE parsing routine for non-EAPOL-Key casesJouni Malinen2015-09-051-6/+9
| | | | | | | | | | | | wpa_supplicant_parse_ies() was never supposed to be used as a generic IE parser, i.e., it is for the specific purpose of parsing EAPOL-Key Key Data IEs and KDEs. TDLS used this function for parsing generic AP IEs and while that works, it resulted in confusing "WPA: Unrecognized EAPOL-Key Key Data IE" debug messages. Clean this up by using ieee802_11_parse_elems() for the cases where generic IEs are being parsed. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add station tracking based on other management frame subtypesJouni Malinen2015-09-053-1/+5
| | | | | | | | This extends the previous tracking design to add a station entry based on other management frames than Probe Request frames. For example, this covers a case where the station is using passive scanning. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Merge identical error paths in ssdp_listener_open()Jouni Malinen2015-09-051-8/+5
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Add option to reject authentication on 2.4 GHz from dualband STAJouni Malinen2015-09-056-7/+72
| | | | | | | | | | | | | | | | | | The new no_auth_if_seen_on=<ifname> parameter can now be used to configure hostapd to reject authentication from a station that was seen on another radio. This can be used with enabled track_sta_max_num configuration on another interface controlled by the same hostapd process to reject authentication attempts from a station that has been detected to be capable of operating on another band, e.g., to try to reduce likelihood of the station selecting a 2.4 GHz BSS when the AP operates both a 2.4 GHz and 5 GHz BSS concurrently. Note: Enabling this can cause connectivity issues and increase latency for connecting with the AP. Signed-off-by: Jouni Malinen <j@w1.fi>
* Indicate CTRL-EVENT-AUTH-REJECT event on authentication rejectionJouni Malinen2015-09-051-0/+2
| | | | | | | | This allows control interface monitors to get more detailed information in cases where wpa_supplicant-based SME receives an Authentication frame with non-zero status code. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add option to ignore Probe Request frames on 2.4 GHz from dualband STAJouni Malinen2015-09-053-0/+39
| | | | | | | | | | | | | | | | | | | The new no_probe_resp_if_seen_on=<ifname> parameter can now be used to configure hostapd to not reply to group-addressed Probe Request from a station that was seen on another radio. This can be used with enabled track_sta_max_num configuration on another interface controlled by the same hostapd process to restrict Probe Request frame handling from replying to group-addressed Probe Request frames from a station that has been detected to be capable of operating on another band, e.g., to try to reduce likelihood of the station selecting a 2.4 GHz BSS when the AP operates both a 2.4 GHz and 5 GHz BSS concurrently. Note: Enabling this can cause connectivity issues and increase latency for discovering the AP. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Add mechanism to track unconnected stationsJouni Malinen2015-09-056-0/+104
| | | | | | | | | | | hostapd can now be configured to track unconnected stations based on Probe Request frames seen from them. This can be used, e.g., to detect dualband capable station before they have associated. Such information could then be used to provide guidance on which colocated BSS to use in case of a dualband AP that operates concurrently on multiple bands under the control of a single hostapd process. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Add authentication command and eventJouni Malinen2015-09-052-0/+110
| | | | | | These are needed to work with nl80211 driver interface. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Add support for EVENT_SCAN_STARTEDJouni Malinen2015-09-052-0/+4
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Clear extended_capa pointersJouni Malinen2015-09-051-0/+4
| | | | | | | | | For now, there is no support for passing extended_capa pointers through the driver_privsep.c interface from wpa_priv. Avoid leaving bogus pointers by explicitly clearing these on both wpa_priv and wpa_supplicant sides. Signed-off-by: Jouni Malinen <j@w1.fi>
* Do not advertise DSSS/CCK support in 40 MHz for 5 GHz bandVasanthakumar Thiagarajan2015-09-041-0/+9
| | | | | | | | | DSSS/CCK rate support in 40 MHz has to be set to 0 for 5 GHz band since this mechanism is designed only for the 2.4 GHz band. Clear HT_CAP_INFO_DSSS_CCK40MHZ in ht_capab when the configured mode is neither 11b nor 11g. Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
* Allow wpa_cli/hostapd_cli client socket directory to be specifiedManikandan Mohan2015-09-012-4/+33
| | | | | | | | | This adds a new helper function wpa_ctrl_open2() that can be used instead of wpa_ctrl_open() to override the default client socket directory. Add optional -s<directory path> argument to hostapd_cli and wpa_cli to allow the client socket directory to be specified. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Remove trailing CR from subscription callback URLsJouni Malinen2015-08-311-0/+2
| | | | | | This cleans up the debug log a bit. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Print subscription UUID in debug log in more placesJouni Malinen2015-08-312-5/+15
| | | | | | This makes it easier to debug subscription issues. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Clean up next_advertisement() error pathJouni Malinen2015-08-311-5/+1
| | | | | | | | No need to have a common failure handler if it is used from only a single location and that lcoation does not even need the memory freeing step. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Merge event_send_start() error pathsJouni Malinen2015-08-311-5/+3
| | | | | | There is no need to keep these separate. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Merge SetSelectedRegistrar parsing error returnsJouni Malinen2015-08-311-4/+2
| | | | | | There is no need to maintain two error paths for this. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-WSC peer: Reject connection on unexpected failureJouni Malinen2015-08-301-0/+3
| | | | | | | | | Previously, the EAP-WSC peer state machine ended up just ignoring an error and waiting for a new message from the AP. This is not going to recover the exchange, so simply force the connection to terminate immediately. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Use a shared error path in http_client_addr()Jouni Malinen2015-08-291-18/+12
| | | | | | This simplifies error processing by removing duplicated cleanup steps. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Clean up http_client_tx_ready()Jouni Malinen2015-08-291-6/+6
| | | | | | | Calculate the send() buffer length only once to make this a bit more readable. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Remove duplicated isgraph() loop in HTTP header parsingJouni Malinen2015-08-281-2/+0
| | | | | | | The hbp pointer is moved to the next space already earlier in this code path, so the while loop here did not really do anything. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Merge common error paths in HTTP serverJouni Malinen2015-08-281-5/+3
| | | | | | There is no need to maintain three separate "goto fail" cases. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove unnecessary enum typedef from wpa_auth_sm_event()Jouni Malinen2015-08-282-4/+4
| | | | | | This is more consistent with the expected coding style. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* EAPOL auth: Avoid recursive wpa_sm_step() on WPA_DEAUTH caseJouni Malinen2015-08-281-0/+8
| | | | | | | | | | | | | It was possible for wpa_auth_sm_event(WPA_DEAUTH) to be called from wpa_sm_step() iteration in the case the EAPOL authenticator state machine ended up requesting the station to be disconnected. This resulted in unnecessary recursive call to wpa_sm_step(). Avoid this by using the already running call to process the state change. It was possible to hit this sequence in the hwsim test case ap_wpa2_eap_eke_server_oom. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* EAPOL auth: clear keyRun in AUTH_PAE INITIALIZEJouni Malinen2015-08-281-0/+12
| | | | | | | | | | | | | | | | | | | Clearing keyRun here is not specified in IEEE Std 802.1X-2004, but it looks like this would be logical thing to do here since the EAPOL-Key exchange is not possible in this state. It is possible to get here on disconnection event without advancing to the AUTHENTICATING state to clear keyRun before the IEEE 802.11 RSN authenticator state machine runs and that may advance from AUTHENTICATION2 to INITPMK if keyRun = TRUE has been left from the last association. This can be avoided by clearing keyRun here. It was possible to hit this corner case in the hwsim test case ap_wpa2_eap_eke_server_oom in the case getKey operation was forced to fail memory allocation. The following association resulted in the station getting disconnected when entering INITPMK without going through EAP authentication. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* nl80211: Use nla_put_nested() to set NL80211_ATTR_MAC_ADDRSJouni Malinen2015-08-281-11/+14
| | | | | | | | | This allows an empty nested list (i.e., no MAC addresses) to be included in the NL80211_CMD_SET_MAC_ACL message unlike with nla_nest_start()/nla_nest_end() where the current libnl implementation removes the "empty" attribute and causes cfg80211 to reject the command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2PS: Remove redundant check in for loopPurushottam Kushwaha2015-08-271-1/+1
| | | | | Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com> Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
* Fix key derivation for Suite B 192-bit AKM to use SHA384Jouni Malinen2015-08-273-0/+111
| | | | | | | | | While the EAPOL-Key MIC derivation was already changed from SHA256 to SHA384 for the Suite B 192-bit AKM, KDF had not been updated similarly. Fix this by using HMAC-SHA384 instead of HMAC-SHA256 when deriving PTK from PMK when using the Suite B 192-bit AKM. Signed-off-by: Jouni Malinen <j@w1.fi>
* Make sure configuration is saved to storage deviceMitchell Wills2015-08-275-0/+45
| | | | | | | | | | | | Config file is written to a temp file and then it is renamed to the original config file. However, it is possible that the rename operation will be commited to storage while file data will be still in cache causing original config file to be empty or partially written in case of a system reboot without a clean shutdown. Make this less likely to occur by forcing the data to be written to the storage device before renaming the file. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* WPS: Fix HTTP body length checkJouni Malinen2015-08-241-3/+6
| | | | | | | | | | | | | | Commit 7da4f4b4991c85f1122a4591d8a4b7dd3bd12b4e ('WPS: Check maximum HTTP body length earlier in the process') added too strict check for body length allocation. The comparison of new_alloc_nbytes against h->max_bytes did not take into account that HTTPREAD_BODYBUF_DELTA was added to previous allocation even if that ended up going beyond h->max_bytes. This ended up rejecting some valid HTTP operations, e.g., when checking AP response to WPS ER setting selected registrar. Fix this by taking HTTPREAD_BODYBUF_DELTA into account. Signed-off-by: Jouni Malinen <j@w1.fi>
* OpenSSL: Write PKCS#12 extra cert errors into debug logJouni Malinen2015-08-241-0/+5
| | | | | | | | | | | | Commit de2a7b796d82d92120aa9532450863f503e1885a ('OpenSSL: Use connection certificate chain with PKCS#12 extra certs') added a new mechanism for doing this with OpenSSL 1.0.2 and newer. However, it did not poinr out anything in debug log if SSL_add1_chain_cert() failed. Add such a debug print and also silence static analyzer warning on res being stored without being read (since the error case is ignored at least for now). Signed-off-by: Jouni Malinen <j@w1.fi>
* OpenSSL: Enable support for server side TLS session resumptionJouni Malinen2015-08-241-13/+115
| | | | | | This allows TLS-based EAP server methods to use session resumption. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-TLS server: Add support for session resumptionJouni Malinen2015-08-241-1/+50
| | | | | | | This allows TLS session resumption to be used to enable abbreviated handshake. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-TTLS server: Add support for session resumptionJouni Malinen2015-08-241-1/+90
| | | | | | | This allows TLS session resumption to be used to enable abbreviated handshake and skipping of Phase 2. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP-PEAP server: Add support for session resumptionJouni Malinen2015-08-241-3/+93
| | | | | | | This allows TLS session resumption to be used to enable abbreviated handshake and skipping of Phase 2. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP server: Set per-EAP method session contextJouni Malinen2015-08-231-1/+5
| | | | | | | | | | | This can be used to limit TLS session resumption within a TLS library implementation to apply only for the cases where the same EAP method is used. While the EAP server method matching will be enforced separately by EAP server method implementations, this additional steps can optimize cases by falling back to full authentication instead of having to reject attempts after having completed session resumption successfully. Signed-off-by: Jouni Malinen <j@w1.fi>