aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/ctrl_iface.c
Commit message (Collapse)AuthorAgeFilesLines
* DPP: Fix compilation without CONFIG_TESTING_OPTIONS=yAshok Ponnaiah2017-11-271-0/+4
| | | | | | | Add CONFIG_TESTING_OPTIONS ifdef protection to couple of forgotten DPP test parameters in wpa_supplicant ctrl_iface. Signed-off-by: Ashok Ponnaiah <aponnaia@qti.qualcomm.com>
* DPP: Allow PKEX x/X and y/Y keypairs to be overriddenJouni Malinen2017-11-231-0/+12
| | | | | | | This is for testing purposes to allow a test vector with specific values to be generated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Allow PKEX own/peer MAC addresses to be overriddenJouni Malinen2017-11-231-0/+8
| | | | | | | This is for testing purposes to allow a test vector with specific values to be generated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Retransmit DPP Authentication Response frame if it is not ACKedJouni Malinen2017-11-131-0/+6
| | | | | | | | This extends wpa_supplicant DPP implementation to retransmit DPP Authentication Response frame every 10 seconds up to 5 times if the peer does not reply with DPP Authentication Confirm frame. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Stop authentication exchange of DPP_STOP_LISTENJouni Malinen2017-11-131-0/+1
| | | | | | | | | | Previously, this command stopped listen operation immediately, but if there was an ongoing authentication exchange, a new listen operation was started. This is not really expected behavior, so stop the authentication exchange first with this command to avoid restarting listen operation. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Support multiple channels for initiating DPP AuthenticationJouni Malinen2017-11-131-0/+9
| | | | | | | | | | This extends wpa_supplicant to iterate over all available channels from the intersection of what the peer indicates and the local device supports when initiating DPP Authentication. In addition, retry DPP Authentication Request frame up to five times if no response is received. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: ACS offload for the autonomous GOSunil Dutt2017-11-031-2/+28
| | | | | | | | | | | | This commit introduces the ACS functionality for the autonomous GO. The optional parameter <freq> in p2p_group_add is enhanced to carry a value "acs" with the intention to select the channels among any supported band. freq = 2 / 5 carry the need to select the channels only in the respective bands 2.4 / 5 GHz. This functionality is on top of the host driver's capability to offload ACS, which is advertized through WPA_DRIVER_FLAGS_ACS_OFFLOAD. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Allow testing override values to be clearedJouni Malinen2017-10-291-3/+18
| | | | | | | | This allows wpa_supplicant dpp_config_obj_override, dpp_discovery_override, and dpp_groups_override parameters to be cleared by setting them to a zero-length value. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Protocol testing frameworkJouni Malinen2017-10-221-0/+6
| | | | | | | | | | | | | | Add a generic mechanism for configuring the DPP implementation to behave in particular different (mostly incorrect) ways for protocol testing purposes. The new dpp_test parameter can be set to a non-zero integer to indicate a specific behavior. This is only available in CONFIG_TESTING_OPTIONS=y builds. This commit include cases for an extra attribute being added after the Wrapped Data attribute and Initiator/Responder capabilities having an unexpected zero capability. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Allow last (Re)Association Request frame to be replayed for testingJouni Malinen2017-10-161-0/+38
| | | | | | | | | | | The new wpa_supplicant RESEND_ASSOC command can be used to request the last (Re)Association Request frame to be sent to the AP to test FT protocol behavior. This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Allow EAPOL-Key Request to be sent through control interfaceJouni Malinen2017-10-161-0/+18
| | | | | | | | | | The new wpa_supplicant "KEY_REQUEST <error=0/1> <pairwise=0/1>" command can be used to request an EAPOL-Key Request frame to be sent to the AP. This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Make last received ANonce available through control interfaceJouni Malinen2017-10-161-0/+6
| | | | | | | This makes it easier to debug 4-way handshake implementation issues without having to use a sniffer. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add testing functionality for resetting PN/IPN for configured keysJouni Malinen2017-10-161-0/+27
| | | | | | | | | | | | | This can be used to test replay protection. The "RESET_PN" command in wpa_supplicant and "RESET_PN <addr>" command in hostapd resets the local counters to zero for the last configured key. For hostapd, the address parameter specifies which STA this operation is for or selects GTK ("ff:ff:ff:ff:ff:ff") or IGTK ("ff:ff:ff:ff:ff:ff IGTK"). This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove all PeerKey functionalityJouni Malinen2017-10-151-26/+0
| | | | | | | | | | | | | | | | | | | | | | | | This was originally added to allow the IEEE 802.11 protocol to be tested, but there are no known fully functional implementations based on this nor any known deployments of PeerKey functionality. Furthermore, PeerKey design in the IEEE Std 802.11-2016 standard has already been marked as obsolete for DLS and it is being considered for complete removal in REVmd. This implementation did not really work, so it could not have been used in practice. For example, key configuration was using incorrect algorithm values (WPA_CIPHER_* instead of WPA_ALG_*) which resulted in mapping to an invalid WPA_ALG_* value for the actual driver operation. As such, the derived key could not have been successfully set for the link. Since there are bugs in this implementation and there does not seem to be any future for the PeerKey design with DLS (TDLS being the future for DLS), the best approach is to simply delete all this code to simplify the EAPOL-Key handling design and to get rid of any potential issues if these code paths were accidentially reachable. Signed-off-by: Jouni Malinen <j@w1.fi>
* OWE: Transition mode support on station sideJouni Malinen2017-10-081-2/+19
| | | | | | | Add support for using the OWE Transition Mode element to determine the hidden SSID for an OWE BSS that is used in transition mode. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OCE: Update default scan IEs when OCE is enabled/disabledvamsi krishna2017-10-011-0/+1
| | | | | | | | Update the default scan IEs when OCE is enabled/disabled to the driver/firmware, so that the correct IEs will be sent out by the driver/firmware in Probe Request frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* SAE: Allow commit fields to be overridden for testing purposes (STA)Jouni Malinen2017-09-041-0/+8
| | | | | | | | | The new "SET sae_commit_override <hexdump>" control interface command can be used to force wpa_supplicant to override SAE commit message fields for testing purposes. This is included only in CONFIG_TESTING_OPTIONS=y builds. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Remove devices object from the connectorJouni Malinen2017-08-221-3/+0
| | | | | | | This was removed from the draft DPP tech spec, so remove it from the implementation as well. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* STA: Add OCE capability indication attributeAshwini Patil2017-07-141-0/+18
| | | | | | | Add OCE capability indication attribute in Probe Request and (Re)Association Request frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Clear get_pref_freq_list_override on P2P DeviceAndrei Otcheretianski2017-07-081-0/+6
| | | | | | | Clear the get_pref_freq_list_override in p2p_ctrl_flush(). This fixes the case when a dedicated P2P device interface is used. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* FILS: Advertize FILS capability based on driver capabilityVidyullatha Kanchanapally2017-07-071-8/+86
| | | | | | | | Add changes to control interface command get_capability to advertize FILS capability, FILS AKMs suites, and FILS Authentication algorithms based on the driver capabilities. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add wpa_supplicant ctrl iface support to scan for a specific BSSIDAshwini Patil2017-07-041-0/+13
| | | | | | | | | Add support to scan for a specific BSSID through the wpa_supplicant control interface. Usage: wpa_cli scan bssid=ab:bc:cd:de:ef:12 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Add DPP_CONFIGURATOR_SIGN to generate own connectorJouni Malinen2017-07-041-0/+3
| | | | | | | The DPP Configurator can use this new command to generate its own signed connector for the network that it manages. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Configurator parameters in responder roleJouni Malinen2017-07-031-0/+5
| | | | | | | This allows wpa_supplicant to be configured to act as the configurator in the case where a peer device initiates DPP Authentication. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: PKEX bootstrappingJouni Malinen2017-07-021-0/+14
| | | | | | | | This implements genric PKEX functionality in src/common/dpp.c and glue code to use this in wpa_supplicant (i.e, hostapd DPP implementation does not yet support PKEX). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Add DPP_BOOTSTRAP_INFO commandJouni Malinen2017-06-221-0/+3
| | | | | | This can be used to fetch parsed details on bootstrapping information. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Add new AKMJouni Malinen2017-06-191-0/+18
| | | | | | | | | | This new AKM is used with DPP when using the signed Connector to derive a PMK. Since the KCK, KEK, and MIC lengths are variable within a single AKM, this needs number of additional changes to get the PMK length delivered to places that need to figure out the lengths of the PTK components. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Configuration exchangeJouni Malinen2017-06-191-0/+31
| | | | | | | | This adds support for DPP Configuration Protocol using GAS. Full generation and processing of the configuration object is not included in this commit. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Authentication exchangeJouni Malinen2017-06-191-0/+12
| | | | | | | Add wpa_supplicant control interface commands for managing DPP Authentication exchange. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Bootstrap information managementJouni Malinen2017-06-191-0/+39
| | | | | | | | | | | | | Add wpa_supplicant control interface commands for parsing the bootstrap info URI from a QR Code (get peer public key) and to generate a new bootstrap info with private key for local use. The optional key=<hexdump> argument to the DPP_BOOTSTRAP_GEN command can be used to specify the bootstrapping private key in OpenSSL ECPrivateKey DER encoding format. This results in the local bootstrapping information entry being created with the specified key instead of generating a new random one. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Do not flush PMKSA on bssid_hint changePurushottam Kushwaha2017-05-221-0/+1
| | | | | | | | | | | | | Change in any network configuration at runtime will cause flush to PMKSA cache. For most of the network parameters if there is no change in value, PMKSA flush is not performed except 'bssid' and 'priority'. Add 'bssid_hint' to exemption list of avoiding PMKSA flush on change. This is needed to complete change in commit 43a356b2687219b7a212df8ef21237b5ddf49f35 ('Provide option to configure BSSID hint for a network'). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Add GET_CAPABILITY for P2P redirectionDmitry Shmidt2017-05-041-0/+1
| | | | | | | It will give capability to check channel list before P2P group is created. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* MBO: Add support to set ignore assoc disallow to driverVamsi Krishna2017-05-041-0/+2
| | | | | | | | Add support to set ignore assoc disallow to the driver so that the driver ignores assoc disallowed bit set by APs while connecting. This is used by drivers that handle BSS selection and roaming internally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add control interface command to enable/disable roamingAshwini Patil2017-04-241-0/+2
| | | | | | | The new "SET roaming <0/1>" command can now be used to control driver-based roaming. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Hide *PMKSA_ADD parameters from debug logJouni Malinen2017-04-021-2/+6
| | | | | | | | PMKSA_ADD and MESH_PMKSA_ADD command arguments include keying material, so show it in debug log only if requested to do with the command line -K argument. Signed-off-by: Jouni Malinen <j@w1.fi>
* FILS: Add FILS-SK-PFS capability into "GET_CAPABILITY fils" commandJouni Malinen2017-03-131-0/+4
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* OWE: Add driver capability flag for OWE AKMJouni Malinen2017-03-121-0/+8
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* OWE: Define and parse OWE AKM selectorJouni Malinen2017-03-121-0/+10
| | | | | | This adds a new RSN AKM "OWE". Signed-off-by: Jouni Malinen <j@w1.fi>
* WNM: Add option to configure candidates for BTM query candidate listAvraham Stern2017-03-111-8/+7
| | | | | | | | | | | | | Add a mechanism to configure the candidates for BTM query candidate list manually. This can be used to verify AP behavior for various candidates preferences. usage: wnm_bss_query <reason> [neighbor=<BSSID>,<BSSID information>, <operating class>,<channel number>, <PHY type>[,<hexdump of optional subelements>]] Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* ANQP: Extend ANQP_GET command to request without IEEE 802.11 elementsJouni Malinen2017-03-101-1/+1
| | | | | | | | | Previously, ANQP_GET required at least one IEEE 802.11 ANQP-element to be requested. This is not really necessary, so allow a case where num_ids == 0 as long as the request includes at least one Hotspot 2.0 or MBO ANQP-element. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* MBO: Add option to add MBO query list to ANQP queryAvraham Stern2017-03-101-4/+5
| | | | | | | | | | | | | | | | | MBO techspec v0.0_r27 changed the MBO ANQP-element format. The MBO element in ANQP query should now include an MBO Query List element that contains a list of MBO elements to query. Add API to add the MBO Query List to an ANQP query. Format: ANQP_GET <addr> <info_id>[,<info_id>]...[,mbo:<subtype>...] Example for querying neighbor report with MBO cellular data connection preference: ANQP_GET <bssid> 272,mbo:2 Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* Fix SELECT_NETWORK freq parameterJouni Malinen2017-02-261-3/+4
| | | | | | | | | | | | | | | | This functionality was originally added in commit 204c9ac4eed9f0ad69497f2efcd0d095dfd6e61c ('Extend select_network command with freq= to reduce scan time') re-using wpa_s->manual_scan_freqs and MANUAL_SCAN_REQ. That got broken when commit 35d403096eb63c787bd736dd8ba0902c34398fa8 ('Set NORMAL_SCAN_REQ on SELECT_NETWORK/ENABLE_NETWORK') started overriding wpa_s->scan_req for SELECT_NETWORK. Fix this by adding a new scan frequency list specifically for SELECT_NETWORK so that this does not need to depend on any specific wpa_s->scan_req value. Signed-off-by: Jouni Malinen <j@w1.fi>
* FILS: External management of PMKSA cache entry with Cache IdentifierJouni Malinen2017-02-261-1/+27
| | | | | | | | The PMKSA_GET and PMKSA_ADD commands can now use an optional extra parameter to fetch and add PMKSA cache entries with the FILS Cache Identifier. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FT: Support addition of RIC elements into Reassociation Request frameJouni Malinen2017-02-181-0/+27
| | | | | | | | | The new "SET ric_ies <hexdump>" control interface command can now be used to request wpa_supplicant to add the specified RIC elements into Reassociation Request frame when using FT protocol. This is mainly for testing purposes. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Add P2P_SET override_pref_op_chan to allow overriding preferenceJouni Malinen2017-02-161-0/+14
| | | | | | | | This new P2P_SET parameter uses <op_class>:<channel> format and is used mainly for testing purposes to allow overriding the value of the GO Negotiation Response frame Operating Channel attribute. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add wpa_supplicant SET get_pref_freq_list_overrideJouni Malinen2017-02-161-0/+48
| | | | | | | | | | | | This can be used to override driver get_pref_freq_list() operation for more convenient testing of preferred frequency list functionality. Override string format: <if_type1>:<freq1>,<freq2>,... <if_type2>:... if_type: 0=STATION, 2=AP, 3=P2P_GO, 4=P2P_CLIENT, 8=TDLS, 9=IBSS Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add support to sched scan to report relatively better BSSsvamsi krishna2017-02-101-0/+51
| | | | | | | | | | | | | | | | Add support to set sched scan relative RSSI parameters so that the drivers can report BSSs after relative comparision with the current connected BSS. This feature is applicable only when in connected mode. The below commands can be used to configure relative RSSI parameters SET relative_rssi <disable|rssi_value> disable - to disable the feature rssi_value - amount of relative RSSI in dB SET relative_band_adjust <band:adjust_value> band - "2G" or "5G" for 2.4 GHz or 5 GHz respectively adjust_value - amount of RSSI to be adjusted in dB Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Override P2P_PEER group_capab with 0 if no matching BSS entry foundSunil Dutt2017-02-061-2/+26
| | | | | | | | | | | | | | | | | | | | | | Relying on the group_capab from the P2P peer information can result in improper information on whether the peer is currently operating as a GO. However, there is a known implementation in Android that does this. To reduce issues from this misuse in upper layer to try to determine whether a specific peer is operationg a group, override the group_capab value in P2P_PEER output with 0 if there are no BSS entries with the peer P2P Device as a GO. This is not a perfect information since there may not have been a recent scan on all channels, but this results in less issues than trying to decide between new group formation and joining an existing group based on stale or incorrect information. Since no upper layer application is really supposed to use the group_capab field value in P2P_PEER command, this change should not cause any impact for properly design components and the possibility of regressions is limited to cases that are already known to work incorrectly in number of identifiable cases. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* tests: Validate hwaddr/hexstr input to DRIVER_EVENT SCAN_RESJouni Malinen2017-02-051-8/+13
| | | | | | | To be more consistent with existing hwaddr_aton() and hexstr2bin() callers, check the return values in this test command. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_supplicant: Fix global control interface for STA/STA-FIRST/STA-NEXTDmitry Shmidt2017-01-291-0/+7
| | | | | | | | | | | | | | | | | | | | update_stations(ctrl_conn) is stuck in never-ending loop: sendto(3, "STA-FIRST", 9, 0, NULL, 0) = 9 pselect6(4, [3], NULL, NULL, {10, 0}, NULL) = 1 (in [3], left {9, 999995000}) recvfrom(3, "UNKNOWN COMMAND\n", 4095, 0, NULL, NULL) = 16 sendto(3, "STA-NEXT UNKNOWN COMMAND", 24, 0, NULL, 0) = 24 pselect6(4, [3], NULL, NULL, {10, 0}, NULL) = 1 (in [3], left {9, 999995833}) recvfrom(3, "UNKNOWN COMMAND\n", 4095, 0, NULL, NULL) = 16 sendto(3, "STA-NEXT UNKNOWN COMMAND", 24, 0, NULL, 0) = 24 pselect6(4, [3], NULL, NULL, {10, 0}, NULL) = 1 (in [3], left {9, 999995000}) recvfrom(3, "UNKNOWN COMMAND\n", 4095, 0, NULL, NULL) = 16 sendto(3, "STA-NEXT UNKNOWN COMMAND", 24, 0, NULL, 0) = 24 Direct STA, STA-FIRST, and STA-NEXT commands from the global control interface to a per-interface control interface to avoid this. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>