path: root/wpa_supplicant/ctrl_iface.c
Commit message (Collapse)AuthorAgeFilesLines
* OCE: Add RSSI based association rejection support (STA)Beni Lev2019-01-011-0/+2
| | | | | | | | | | | | | | An AP might refuse to connect a STA if it has a low RSSI. In such case, the AP informs the STA with the desired RSSI delta and a retry timeout. Any subsequent association attempt with that AP (BSS) should be avoided, unless the RSSI level improved by the desired delta or the timeout has expired. Defined in Wi-Fi Alliance Optimized Connectivity Experience technical specification v1.0, section 3.14 (RSSI-based association rejection information). Signed-off-by: Beni Lev <beni.lev@intel.com>
* Update wpa_supplicant channel list on FLUSHJouni Malinen2019-01-011-0/+2
| | | | | | | | Try to make sure the driver channel list state is synchronized with wpa_supplicant whenever explicitly clearing state (e.g., between hwsim test cases). Signed-off-by: Jouni Malinen <j@w1.fi>
* mka: MIB informationJouni Malinen2018-12-291-0/+5
| | | | | | | Provide MKA information through the wpa_supplicant control interface MIB command. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Allow TX/RX data test to use different frame lengthJouni Malinen2018-12-241-13/+35
| | | | | | This is needed for MACsec test cases with a bit shorter MTU. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add SAE to GET_CAPABILITY key_mgmtJouni Malinen2018-12-211-0/+8
| | | | | | | | Provide information about SAE AKM support in "GET_CAPABILITY key_mgmt" for completeness. The "GET_CAPABILITY auth_alg" case is already providing information about SAE support through user space SME. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Accept DPP_CONFIGURATION_SIGN without double space before parametersJouni Malinen2018-12-211-1/+1
| | | | | | | Make this command more convenient to use by not requiring two space characters between the command and the first parameter. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Expose Multi-BSS STA capability through wpa_supplicant control interfaceJouni Malinen2018-12-201-0/+7
| | | | | | | | Indicate whether the driver advertises support for Multi-BSS STA functionality with "GET_CAPABILITY multibss" (returns "MULTIBSS-STA" if supported). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Add UNPROT_DEAUTH command for testing OCVMathy Vanhoef2018-12-171-0/+5
| | | | | | | This new wpa_supplicant control interface command can be used to simplify testing SA Query with OCV. Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
* WNM: Collocated Interference ReportingJouni Malinen2018-10-301-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for negotiating WNM Collocated Interference Reporting. This allows hostapd to request associated STAs to report their collocated interference information and wpa_supplicant to process such request and reporting. The actual values (Collocated Interference Report Elements) are out of scope of hostapd and wpa_supplicant, i.e., external components are expected to generated and process these. For hostapd/AP, this mechanism is enabled by setting coloc_intf_reporting=1 in configuration. STAs are requested to perform reporting with "COLOC_INTF_REQ <addr> <Automatic Report Enabled> <Report Timeout>" control interface command. The received reports are indicated as control interface events "COLOC-INTF-REPORT <addr> <dialog token> <hexdump of report elements>". For wpa_supplicant/STA, this mechanism is enabled by setting coloc_intf_reporting=1 in configuration and setting Collocated Interference Report Elements as a hexdump with "SET coloc_intf_elems <hexdump>" control interface command. The hexdump can contain one or more Collocated Interference Report Elements (each including the information element header). For additional testing purposes, received requests are reported with "COLOC-INTF-REQ <dialog token> <automatic report enabled> <report timeout>" control interface events and unsolicited reports can be sent with "COLOC_INTF_REPORT <hexdump>". This commit adds support for reporting changes in the collocated interference (Automatic Report Enabled == 1 and partial 3), but not for periodic reports (2 and other part of 3). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* HS 2.0: Request and process OSU Providers NAI List ANQP-elementJouni Malinen2018-10-051-0/+2
| | | | | | | | | Extend wpa_supplicant to use a separate OSU_NAI information from OSU Providers NAI List ANQP-element instead of the OSU_NAI information from OSU Providers list ANQP-element when connecting to the shared BSS (Single SSID) for OSU. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* wpa_supplicant: Add ieee80211ac information in STATUSBhagavathi Perumal S2018-05-041-0/+7
| | | | | | This allows user to get current operating mode of station. Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
* Make CENTER_FRQ1 available independently in SIGNAL_POLLBhagavathi Perumal S2018-04-191-4/+11
| | | | | | | This allows user to get center frequency and find secondary channel offset. Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
* HS 2.0: Add fetching of Operator Icon Metadata ANQP-elementJouni Malinen2018-04-171-0/+2
| | | | | | | | | This extends wpa_supplicant Hotspot 2.0 ANQP routines to allow the Operator Icon Metadata ANQP-element to be fetched with "ANQP_GET <bssid> hs20:12". The result is available in the new hs20_operator_icon_metadata entry in the "BSS <bssid>" output. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* dbus: Add FILS to global capabilitiesMasashi Honma2018-04-021-22/+0
| | | | | | | If any of the interfaces supports FILS (and similarly for FILS-SK-PFS), include the "fils" (and "fils_sk_pfs") capability in D-Bus information. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* DPP: Support retrieving of configurator's private keyPurushottam Kushwaha2018-03-161-0/+3
| | | | | | | | | | | | | | | | | | To retain configurator information across hostapd/wpa_supplicant restart, private key need to be maintained to generate a valid pair of authentication keys (connector, netaccess_key, csign) for new enrollees in the network. Add a DPP_CONFIGURATOR_GET_KEY control interface API through which the private key of an existing configurator can be fetched. Command format: DPP_CONFIGURATOR_GET_KEY <configurator_id> The output from this command can then be used with "DPP_CONFIGURATOR_ADD key=<hexdump>" to create the same key again. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Do not include common/dpp.h without CONFIG_DPP=yJouni Malinen2018-02-171-0/+2
| | | | | | | | This header file pulls in an OpenSSL header file and as such, should not be included without CONFIG_DPP=y to avoid bringing in an unnecessary build dependency on OpenSSL header files. Signed-off-by: Jouni Malinen <j@w1.fi>
* FILS: Driver configuration to disable/enable FILS featuresvamsi krishna2017-12-151-0/+6
| | | | | | | | | | The new disable_fils parameter can be used to disable FILS functionality in the driver. This is currently removing the FILS Capability bit in Extended Capabilities and providing a callback to the driver wrappers. driver_nl80211.c implements this using a QCA vendor specific command for now. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* tests: DPP P-256 test vectorsJouni Malinen2017-12-071-0/+10
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Allow protocol key to be overridden for testing purposesJouni Malinen2017-12-051-0/+11
| | | | | | This can be used for various testing needs. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Fix compilation without CONFIG_TESTING_OPTIONS=yAshok Ponnaiah2017-11-271-0/+4
| | | | | | | Add CONFIG_TESTING_OPTIONS ifdef protection to couple of forgotten DPP test parameters in wpa_supplicant ctrl_iface. Signed-off-by: Ashok Ponnaiah <aponnaia@qti.qualcomm.com>
* DPP: Allow PKEX x/X and y/Y keypairs to be overriddenJouni Malinen2017-11-231-0/+12
| | | | | | | This is for testing purposes to allow a test vector with specific values to be generated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Allow PKEX own/peer MAC addresses to be overriddenJouni Malinen2017-11-231-0/+8
| | | | | | | This is for testing purposes to allow a test vector with specific values to be generated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Retransmit DPP Authentication Response frame if it is not ACKedJouni Malinen2017-11-131-0/+6
| | | | | | | | This extends wpa_supplicant DPP implementation to retransmit DPP Authentication Response frame every 10 seconds up to 5 times if the peer does not reply with DPP Authentication Confirm frame. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Stop authentication exchange of DPP_STOP_LISTENJouni Malinen2017-11-131-0/+1
| | | | | | | | | | Previously, this command stopped listen operation immediately, but if there was an ongoing authentication exchange, a new listen operation was started. This is not really expected behavior, so stop the authentication exchange first with this command to avoid restarting listen operation. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Support multiple channels for initiating DPP AuthenticationJouni Malinen2017-11-131-0/+9
| | | | | | | | | | This extends wpa_supplicant to iterate over all available channels from the intersection of what the peer indicates and the local device supports when initiating DPP Authentication. In addition, retry DPP Authentication Request frame up to five times if no response is received. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: ACS offload for the autonomous GOSunil Dutt2017-11-031-2/+28
| | | | | | | | | | | | This commit introduces the ACS functionality for the autonomous GO. The optional parameter <freq> in p2p_group_add is enhanced to carry a value "acs" with the intention to select the channels among any supported band. freq = 2 / 5 carry the need to select the channels only in the respective bands 2.4 / 5 GHz. This functionality is on top of the host driver's capability to offload ACS, which is advertized through WPA_DRIVER_FLAGS_ACS_OFFLOAD. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Allow testing override values to be clearedJouni Malinen2017-10-291-3/+18
| | | | | | | | This allows wpa_supplicant dpp_config_obj_override, dpp_discovery_override, and dpp_groups_override parameters to be cleared by setting them to a zero-length value. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Protocol testing frameworkJouni Malinen2017-10-221-0/+6
| | | | | | | | | | | | | | Add a generic mechanism for configuring the DPP implementation to behave in particular different (mostly incorrect) ways for protocol testing purposes. The new dpp_test parameter can be set to a non-zero integer to indicate a specific behavior. This is only available in CONFIG_TESTING_OPTIONS=y builds. This commit include cases for an extra attribute being added after the Wrapped Data attribute and Initiator/Responder capabilities having an unexpected zero capability. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Allow last (Re)Association Request frame to be replayed for testingJouni Malinen2017-10-161-0/+38
| | | | | | | | | | | The new wpa_supplicant RESEND_ASSOC command can be used to request the last (Re)Association Request frame to be sent to the AP to test FT protocol behavior. This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Allow EAPOL-Key Request to be sent through control interfaceJouni Malinen2017-10-161-0/+18
| | | | | | | | | | The new wpa_supplicant "KEY_REQUEST <error=0/1> <pairwise=0/1>" command can be used to request an EAPOL-Key Request frame to be sent to the AP. This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Make last received ANonce available through control interfaceJouni Malinen2017-10-161-0/+6
| | | | | | | This makes it easier to debug 4-way handshake implementation issues without having to use a sniffer. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add testing functionality for resetting PN/IPN for configured keysJouni Malinen2017-10-161-0/+27
| | | | | | | | | | | | | This can be used to test replay protection. The "RESET_PN" command in wpa_supplicant and "RESET_PN <addr>" command in hostapd resets the local counters to zero for the last configured key. For hostapd, the address parameter specifies which STA this operation is for or selects GTK ("ff:ff:ff:ff:ff:ff") or IGTK ("ff:ff:ff:ff:ff:ff IGTK"). This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove all PeerKey functionalityJouni Malinen2017-10-151-26/+0
| | | | | | | | | | | | | | | | | | | | | | | | This was originally added to allow the IEEE 802.11 protocol to be tested, but there are no known fully functional implementations based on this nor any known deployments of PeerKey functionality. Furthermore, PeerKey design in the IEEE Std 802.11-2016 standard has already been marked as obsolete for DLS and it is being considered for complete removal in REVmd. This implementation did not really work, so it could not have been used in practice. For example, key configuration was using incorrect algorithm values (WPA_CIPHER_* instead of WPA_ALG_*) which resulted in mapping to an invalid WPA_ALG_* value for the actual driver operation. As such, the derived key could not have been successfully set for the link. Since there are bugs in this implementation and there does not seem to be any future for the PeerKey design with DLS (TDLS being the future for DLS), the best approach is to simply delete all this code to simplify the EAPOL-Key handling design and to get rid of any potential issues if these code paths were accidentially reachable. Signed-off-by: Jouni Malinen <j@w1.fi>
* OWE: Transition mode support on station sideJouni Malinen2017-10-081-2/+19
| | | | | | | Add support for using the OWE Transition Mode element to determine the hidden SSID for an OWE BSS that is used in transition mode. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OCE: Update default scan IEs when OCE is enabled/disabledvamsi krishna2017-10-011-0/+1
| | | | | | | | Update the default scan IEs when OCE is enabled/disabled to the driver/firmware, so that the correct IEs will be sent out by the driver/firmware in Probe Request frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* SAE: Allow commit fields to be overridden for testing purposes (STA)Jouni Malinen2017-09-041-0/+8
| | | | | | | | | The new "SET sae_commit_override <hexdump>" control interface command can be used to force wpa_supplicant to override SAE commit message fields for testing purposes. This is included only in CONFIG_TESTING_OPTIONS=y builds. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Remove devices object from the connectorJouni Malinen2017-08-221-3/+0
| | | | | | | This was removed from the draft DPP tech spec, so remove it from the implementation as well. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* STA: Add OCE capability indication attributeAshwini Patil2017-07-141-0/+18
| | | | | | | Add OCE capability indication attribute in Probe Request and (Re)Association Request frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Clear get_pref_freq_list_override on P2P DeviceAndrei Otcheretianski2017-07-081-0/+6
| | | | | | | Clear the get_pref_freq_list_override in p2p_ctrl_flush(). This fixes the case when a dedicated P2P device interface is used. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* FILS: Advertize FILS capability based on driver capabilityVidyullatha Kanchanapally2017-07-071-8/+86
| | | | | | | | Add changes to control interface command get_capability to advertize FILS capability, FILS AKMs suites, and FILS Authentication algorithms based on the driver capabilities. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add wpa_supplicant ctrl iface support to scan for a specific BSSIDAshwini Patil2017-07-041-0/+13
| | | | | | | | | Add support to scan for a specific BSSID through the wpa_supplicant control interface. Usage: wpa_cli scan bssid=ab:bc:cd:de:ef:12 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Add DPP_CONFIGURATOR_SIGN to generate own connectorJouni Malinen2017-07-041-0/+3
| | | | | | | The DPP Configurator can use this new command to generate its own signed connector for the network that it manages. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Configurator parameters in responder roleJouni Malinen2017-07-031-0/+5
| | | | | | | This allows wpa_supplicant to be configured to act as the configurator in the case where a peer device initiates DPP Authentication. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: PKEX bootstrappingJouni Malinen2017-07-021-0/+14
| | | | | | | | This implements genric PKEX functionality in src/common/dpp.c and glue code to use this in wpa_supplicant (i.e, hostapd DPP implementation does not yet support PKEX). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Add DPP_BOOTSTRAP_INFO commandJouni Malinen2017-06-221-0/+3
| | | | | | This can be used to fetch parsed details on bootstrapping information. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Add new AKMJouni Malinen2017-06-191-0/+18
| | | | | | | | | | This new AKM is used with DPP when using the signed Connector to derive a PMK. Since the KCK, KEK, and MIC lengths are variable within a single AKM, this needs number of additional changes to get the PMK length delivered to places that need to figure out the lengths of the PTK components. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Configuration exchangeJouni Malinen2017-06-191-0/+31
| | | | | | | | This adds support for DPP Configuration Protocol using GAS. Full generation and processing of the configuration object is not included in this commit. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Authentication exchangeJouni Malinen2017-06-191-0/+12
| | | | | | | Add wpa_supplicant control interface commands for managing DPP Authentication exchange. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Bootstrap information managementJouni Malinen2017-06-191-0/+39
| | | | | | | | | | | | | Add wpa_supplicant control interface commands for parsing the bootstrap info URI from a QR Code (get peer public key) and to generate a new bootstrap info with private key for local use. The optional key=<hexdump> argument to the DPP_BOOTSTRAP_GEN command can be used to specify the bootstrapping private key in OpenSSL ECPrivateKey DER encoding format. This results in the local bootstrapping information entry being created with the specified key instead of generating a new random one. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Do not flush PMKSA on bssid_hint changePurushottam Kushwaha2017-05-221-0/+1
| | | | | | | | | | | | | Change in any network configuration at runtime will cause flush to PMKSA cache. For most of the network parameters if there is no change in value, PMKSA flush is not performed except 'bssid' and 'priority'. Add 'bssid_hint' to exemption list of avoiding PMKSA flush on change. This is needed to complete change in commit 43a356b2687219b7a212df8ef21237b5ddf49f35 ('Provide option to configure BSSID hint for a network'). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>