path: root/wpa_supplicant/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* mesh: Add mesh robust security networkThomas Pedersen2014-11-161-0/+7
| | | | | | | | | | | | | | This implementation provides: - Mesh SAE authentication mechanism - Key management (set/get PSK) - Cryptographic key establishment - Enhanced protection mechanisms for robust management frames Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Thomas Pedersen <thomas@noack.us>
* Suite B: PMKID derivation for AKM 00-0F-AC:11Jouni Malinen2014-11-161-0/+6
| | | | | | | | | The new AKM uses a different mechanism of deriving the PMKID based on KCK instead of PMK. hostapd was already doing this after the KCK had been derived, but wpa_supplicant functionality needs to be moved from processing of EAPOL-Key frame 1/4 to 3/4 to have the KCK available. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Add mesh peering managerBob Copeland2014-10-251-0/+1
| | | | | | | | | | | | | | | The mesh peering manager establishes and maintains links among mesh peers, tracking each peer link via a finite state machine. This implementation supports open mesh peerings. [assorted fixes from Yu Niiro <yu.niiro@gmail.com>] [more fixes from Masashi Honma <masashi.honma@gmail.com>] Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-hostap: Bob Copeland <me@bobcopeland.com>
* mesh: Add mesh mode routinesThomas Pedersen2014-10-251-0/+1
| | | | | | | | | | Add routines to (de)initialize mesh interface data structures and join and leave mesh networks. Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Thomas Pedersen <thomas@noack.us>
* AP: Add support for BSS load element (STA Count, Channel Utilization)Kyeyoon Park2014-10-211-0/+1
| | | | | | | | | | | | | | | The new "bss_load_update_period" parameter can be used to configure hostapd to advertise its BSS Load element in Beacon and Probe Response frames. This parameter is in the units of BUs (Beacon Units). When enabled, the STA Count and the Channel Utilization value will be updated periodically in the BSS Load element. The AAC is set to 0 sinze explicit admission control is not supported. Channel Utilization is calculated based on the channel survey information from the driver and as such, requires a driver that supports providing that information for the current operating channel. Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
* nl80211: Add new commands to support mesh interfacesBob Copeland2014-10-191-0/+5
| | | | | | | | | Create init_mesh, mesh_join, and mesh_leave actions to kernel. Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
* Implement RFC 5297 AES-SIVBob Copeland2014-10-191-0/+3
| | | | | | | | | | | | Add an implementation of Synthetic Initialization Vector (SIV) Authenticated Encryption Using the Advanced Encryption Standard (AES). This mode of AES is used to protect peering frames when using the authenticated mesh peering exchange. Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
* Include ieee802_11_common.c in wpa_supplicant build unconditionallyJouni Malinen2014-10-121-7/+0
| | | | | | | | | | | This is needed for number of items and it was possible to make a build configuration that did not include ieee802_11_common.c while still trying to use functions from there. While it would be possible to add NEED_80211_COMMON=y to all the cases where this file is needed, the extra complexity from this is not really justifiable anymore, so include the file unconditionally. Signed-off-by: Jouni Malinen <j@w1.fi>
* test: Remove driver_test.cJouni Malinen2014-10-111-20/+0
| | | | | | | | | | | | The driver_test.c driver wrapper (-Dtest in wpa_supplicant and driver=test in hostapd) was previously used for testing without real Wi-Fi hardware. mac80211_hwsim-based tests have practically replaced all these needs and there has been no improvements or use for driver_test.c in a long while. Because of this, there has not really been any effort to maintain this older test tool and no justification to change this either. Remove the obsoleted test mechanism to clean up the repository. Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix CONFIG_MODULE_TESTS=y build without CONFIG_P2P=yJouni Malinen2014-06-151-0/+3
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Makefile change avoiding compiler error for module testAmit Khatri2014-05-311-10/+10
| | | | | | | | | | | wpa_supplicant was giving below error when "CONFIG_MODULE_TESTS=y" and "CONFIG_P2P=y" are in .config file: "wpas_module_tests.c:84: undefined reference to `wps_module_tests'" This error is coming because "CONFIG_WPS=y" is commented out in .config file but CONFIG_WPS is getting enabled by CONFIG_P2P in Makefile. Signed-off-by: Amit Khatri <amit.khatri@samsung.com>
* tests: Add module tests for src/commonJouni Malinen2014-05-271-0/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Add printf encoding/decoding module testsJouni Malinen2014-05-261-0/+1
| | | | | | This replaces tests/test-printf.c. Signed-off-by: Jouni Malinen <j@w1.fi>
* eloop: Add epoll option for better performanceMasashi Honma2014-05-161-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds epoll option for the eloop implementation. This can be selected with the CONFIG_ELOOP_EPOLL=y build option. [merit] See Table1. Table1. comparison table +--------+--------+-----------+------------+-------------+ | | add fd | remove fd | prepare fd | dispatch fd | +--------+--------+-----------+------------+-------------+ | select | O(1) | O(1) | O(N) | O(N) | +--------+--------+-----------+------------+-------------+ | poll | O(1) | O(1) | O(N) | O(N) | +--------+--------+-----------+------------+-------------+ | epoll | O(1) | O(1) | 0 | O(M) | +--------+--------+-----------+------------+-------------+ "add fd" is addition of fd by eloop_sock_table_add_sock(). "remove fd" is removal of fd by eloop_sock_table_remove_sock(). "prepare fd" is preparation of fds before wait in eloop_run(). "dispatch fd" is dispatchment of fds by eloop_sock_table_dispatch(). "N" is all watching fds. "M" is fds which could be dispatched after waiting. As shown in Table1, epoll option has better performance on "prepare fd" column. Because select/poll option requires setting fds before every select()/poll(). But epoll_wait() doesn't need it. And epoll option has also better performance on "dispatch fd" column. Because select/poll option needs to check all registered fds to find out dispatchable fds. But epoll option doesn't require checking all registered fds. Because epoll_wait() returns dispatchable fd set. So epoll option is effective for GO/AP functionality. [demerit] The epoll option requires additional heap memory. In case of P2P GO, it is about 8K bytes. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* MACsec: wpa_supplicant integrationHu Wang2014-05-091-0/+13
| | | | | | Add MACsec to the wpa_supplicant build system and configuration file. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* eap_proxy: Use unique Makefile names for Android and non-AndroidJouni Malinen2014-04-151-1/+1
| | | | | | | | Rename the eap_proxy_*.mk file to eap_proxy_*.mak for non-Android builds so that the same eap_proxy implementation can be more easily included in the same directory for both cases. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Enable WSC 2.0 support unconditionallyJouni Malinen2014-03-251-4/+0
| | | | | | | | | There is not much point in building devices with WPS 1.0 only supported nowadays. As such, there is not sufficient justification for maintaining extra complexity for the CONFIG_WPS2 build option either. Remove this by enabling WSC 2.0 support unconditionally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Use internal FIPS 186-2 PRF if neededJouni Malinen2014-03-111-3/+6
| | | | | | | | | | | | Previously, EAP-SIM/AKA/AKA' did not work with number of crypto libraries (GnuTLS, CryptoAPI, NSS) since the required FIPS 186-2 PRF function was not implemented. This resulted in somewhat confusing error messages since the placeholder functions were silently returning an error. Fix this by using the internal implementation of FIP 186-2 PRF (including internal SHA-1 implementation) with crypto libraries that do not implement this in case EAP-SIM/AKA/AKA' is included in the build. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Add common OSEN definitionsJouni Malinen2014-02-251-0/+1
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Add support for IPv6 with UDP ctrl_ifaceJanusz Dziedzic2014-02-251-0/+11
| | | | | | | | | | | | | | | | | | | | Add IPv6 support when using udp/udp-remote control interface using the following new build configuration options: CONFIG_CTRL_IFACE=udp6 CONFIG_CTRL_IFACE=udp6-remote This is useful for testing, while we don't need to assign IPv4 address (static or using DHCP) and can just use auto configured IPv6 addresses (link local, which is based on the MAC address). Also add scope id support for link local case. For example, ./wpa_cli ./wpa_cli -i ::1,9877 ./wpa_cli -i fe80::203:7fff:fe05:69%wlan0,9877 Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* tests: Add module tests for WPS attribute parsingJouni Malinen2014-02-211-0/+3
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Add a module test integration to hwsim testsJouni Malinen2014-02-211-0/+5
| | | | | | | | | | | | CONFIG_MODULE_TESTS=y build option can now be used to build in module tests into hostapd and wpa_supplicant binaries. These test cases will be used to get better testing coverage for various details that are difficult to test otherwise through the control interface control. A single control interface command is used to executed these tests within the hwsim test framework. This commit adds just the new mechanism, but no module tests are yet integrated into this mechanism. Signed-off-by: Jouni Malinen <j@w1.fi>
* Avoid undefined references with CONFIG_WPA_TRACE_BFD=yRoger Zanoni2014-02-201-3/+3
| | | | | | libdl, libiberty, and libzlib are dependencies for libbfd. Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
* Fix hostapd and wpa_supplicant build with binutils >= 2.24.xRoger Zanoni2014-02-191-1/+1
| | | | | | | | | | | | | | | Using binutils >= 2.24.x and setting CONFIG_WPA_TRACE/CONFIG_WPA_TRACE_BDF causes both builds to fail with "#error config.h must be included before this header" message. Since version 2.24.x, the bfd header checks for PACKAGE and PACKAGE_VERSION macros. As suggested in http://sourceware.org/bugzilla/show_bug.cgi?id=14243 projects that use bfd and don't use autotools should define a PACKAGE macro. Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
* P2P: Add support for IP address assignment in 4-way handshakeJouni Malinen2014-01-271-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | This new mechanism allows P2P Client to request an IPv4 address from the GO as part of the 4-way handshake to avoid use of DHCP exchange after 4-way handshake. If the new mechanism is used, the assigned IP address is shown in the P2P-GROUP-STARTED event on the client side with following new parameters: ip_addr, ip_mask, go_ip_addr. The assigned IP address is included in the AP-STA-CONNECTED event on the GO side as a new ip_addr parameter. The IP address is valid for the duration of the association. The IP address pool for this new mechanism is configured as global wpa_supplicant configuration file parameters ip_addr_go, ip_addr_mask, ip_addr_star, ip_addr_end. For example: ip_addr_go= ip_addr_mask= ip_addr_start= ip_addr_end= DHCP mechanism is expected to be enabled at the same time to support P2P Devices that do not use the new mechanism. The easiest way of managing the IP addresses is by splitting the IP address range into two parts and assign a separate range for wpa_supplicant and DHCP server. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Make CONFIG_TESTING_OPTIONS=y enable all testing optionsJouni Malinen2013-12-261-0/+6
| | | | | | | This makes it easier to enable various testing parameters and functionality in build configuration. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Add make lcov-html to generate code coverage reportJouni Malinen2013-12-261-2/+14
| | | | | | | | In addition, update build rules to compile object files in the same directory as the source code file if CONFIG_CODE_COVERAGE=y is set to make lcov find the source code files. Signed-hostap: Jouni Malinen <j@w1.fi>
* Add CONFIG_CODE_COVERAGE=y option for gcovJouni Malinen2013-11-241-1/+9
| | | | | | This can be used to measure code coverage from test scripts. Signed-hostap: Jouni Malinen <j@w1.fi>
* Use monotonic clock for relative time for eloop if availableJohannes Berg2013-11-201-0/+7
| | | | | | | | | | | | | | | Relative time shouldn't be calculated based on gettimeofday because that clock can jump (e.g., when the time is adjusted by the system administrator.) On systems where that is available, use CLOCK_BOOTTIME (on fairly recent Linux systems, this clock takes into account the time spend suspended) or CLOCK_MONOTONIC (on Linux and some POSIX systems, this clock is just freely running with no adjustments.) Reported-by: Holger Schurig <holgerschurig@gmail.com> Signed-hostap: Johannes Berg <johannes.berg@intel.com>
* wpa_supplicant: Add CONFIG_IEEE80211ACEliad Peller2013-10-271-0/+6
| | | | | | | In order to support P2P GO with 11ac support, add CONFIG_IEEE80211AC config option support to the Makefile. Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
* hostapd: Add AP DFS supportJanusz Dziedzic2013-10-171-0/+1
| | | | | | | | | | | | | | | | Add DFS structures/events handlers, CAC handling, and radar detection. By default, after radar is detected or the channel became unavailable, a random channel will be chosen. This patches are based on the original work by Boris Presman and Victor Goldenshtein. Most of the DFS code is moved to a new dfs.c/dfs.h files. Cc: Boris Presman <boris.presman@ti.com> Cc: Victor Goldenshtein <victorg@ti.com> Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de> Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* EAP-EKE: Add peer implementationJouni Malinen2013-07-071-0/+20
| | | | | | This adds a new password-based EAP method defined in RFC 6124. Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove CONFIG_NO_WPA2 build parameterJouni Malinen2013-06-071-5/+1
| | | | | | | | | | There is not much use for enabling WPA without WPA2 nowadays since most networks have been upgraded to WPA2. Furthermore, the code size savings from disabling just WPA2 are pretty small, so there is not much justification for maintaining this build option. Remove it to get rid of undesired complexity. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Support VHT capability overridesJohannes Berg2013-03-101-0/+4
| | | | | | | | | Add support for VHT capability overrides to allow testing connections with a subset of the VHT capabilities that are actually supported by the device. The only thing that isn't currently supported (by mac80211 and this code) is the RX/TX highest rate field. Signed-hostap: Johannes Berg <johannes.berg@intel.com>
* eap_proxy: Add mechanism for allowing EAP methods to be offloadedDeepthi Gowri2013-02-081-0/+7
| | | | | | | | | In addition to the offload mechanism, the Android configuration and makefiles are extended to allow this to be configured for the build by dropping in platform specific configuration files and makefile without having to modify any existing files. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Fix wpa_priv buildJouni Malinen2013-01-131-0/+1
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix EAP-pwd server file name for wpa_supplicant AP buildsJouni Malinen2013-01-131-1/+1
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* SAE: Add support for FFC groupsJouni Malinen2013-01-121-0/+1
| | | | | | | | | | This allows FFC groups to be used with SAE. Though, these groups are not included in the default sae_groups value based on what is available since the FFC groups have the additional requirement of using a safe prime with the current implementation (or specification of the group order). Signed-hostap: Jouni Malinen <j@w1.fi>
* SAE: Use crypto wrappers instead of direct OpenSSL callsJouni Malinen2013-01-121-0/+5
| | | | | | | This makes the SAE implementation independent of the crypto/bignum library. Signed-hostap: Jouni Malinen <j@w1.fi>
* SAE: Add generation of the commit message fieldsJouni Malinen2013-01-121-0/+1
| | | | | | | This adds derivation of PWE and the needed commit values so that the full SAE commit message can be built. Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix CONFIG_NO_WPA build with TLSJouni Malinen2012-12-181-0/+2
| | | | | | | The SHA1 and MD5 functions need to be included in builds that use TLS even if WPA support is removed. Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix wpa_supplicant CONFIG_AP=y build with WNM enabledJouni Malinen2012-12-161-0/+3
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* WNM: Use CONFIG_WNM more consistentlyJouni Malinen2012-12-161-6/+2
| | | | | | | | | | Replace CONFIG_IEEE80211V with CONFIG_WNM to get more consistent build options for WNM-Sleep Mode operations. Previously it was possible to define CONFIG_IEEE80211V without CONFIG_WNM which would break the build. In addition, IEEE 802.11v has been merged into IEEE Std 802.11-2012 and WNM is a better term to use for this new functionality anyway. Signed-hostap: Jouni Malinen <j@w1.fi>
* WNM: Fix CONFIG_WNM use in MakefileJouni Malinen2012-12-161-4/+4
| | | | | | | This code was within ifdef CONFIG_AP and did not get included unless AP mode support was also enabled. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Fix wpa_supplicant compilation after adding eap_user databaseVladimir Kondratiev2012-11-211-0/+1
| | | | | | | | | | | | Commit ee431d77a51b361b4697f2b737bcf46a1860a6fe broke wpa_supplicant compilation: ../src/ap/ieee802_1x.o: In function `ieee802_1x_get_eap_user': /../src/ap/ieee802_1x.c:1689: undefined reference to `hostapd_get_eap_user' collect2: error: ld returned 1 exit status make: *** [wpa_supplicant] Error 1 Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
* WPS: Remove deprecated UFD config method and OOB ctrl_ifaceJouni Malinen2012-11-111-6/+0
| | | | | | | | | | The UFD (USB flash drive) configuration method was deprecated in WSC 2.0. Since this is not known to be used, remove the UFD implementation from hostapd and wpa_supplicant to allow the WPS implementation to be cleaned up. This removes the now unused OOB operations and ctrl_iface commands that had already been deprecated by the new NFC operations. Signed-hostap: Jouni Malinen <j@w1.fi>
* WPS: Remove old OOB NFC interfaceJouni Malinen2012-10-281-9/+0
| | | | | | | | | | The old WPS interface for using NFC has no known deployments and even the binary libraries referenced here are not easily available anymore. Since the new interface for using NFC with WPS covers the same functionality, remove the old implementation to clean up WPS implementation. Signed-hostap: Jouni Malinen <j@w1.fi>
* Add initial parts for SAEJouni Malinen2012-09-301-0/+4
| | | | | | | | | | | | | This introduces new AKM for SAE and FT-SAE and adds the initial parts for going through the SAE Authentication frame exchange. The actual SAE algorithm and new fields in Authentication frames are not yet included in this commit and will be added separately. This version is able to complete a dummy authentication with the correct authentication algorithm and transaction values to allow cfg80211/mac80211 drivers to be tested (all the missing parts can be handled with hostapd/wpa_supplicant changes). Signed-hostap: Jouni Malinen <j@w1.fi>
* WFD: Add Wi-Fi Display supportJouni Malinen2012-08-291-0/+5
| | | | | | | | | | | | | | | | This commit adds control interface commands and internal storage of Wi-Fi Display related configuration. In addition, WFD IE is now added to various P2P frames, Probe Request/Response, and (Re)Association Request/Response frames. WFD subelements from peers are stored in the P2P peer table. Following control interface commands are now available: SET wifi_display <0/1> GET wifi_display WFD_SUBELEM_SET <subelem> [hexdump of length+body] WFD_SUBELEM_GET <subelem> Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Add UNAUTH-TLS vendor specific EAP typeJouni Malinen2012-08-221-0/+11
| | | | | | | | | | | | | | | This EAP type uses a vendor specific expanded EAP header to encapsulate EAP-TLS with a configuration where the EAP server does not authenticate the EAP peer. In other words, this method includes only server authentication. The peer is configured with only the ca_cert parameter (similarly to other TLS-based EAP methods). This method can be used for cases where the network provides free access to anyone, but use of RSN with a securely derived unique PMK for each station is desired. The expanded EAP header uses the hostapd/wpa_supplicant vendor code 39068 and vendor type 1 to identify the UNAUTH-TLS method. Signed-hostap: Jouni Malinen <j@w1.fi>