path: root/wpa_supplicant/events.c
Commit message (Collapse)AuthorAgeFilesLines
* OCE: Use RSSI of actual BSS which rejected associationAnkita Bajaj2019-05-311-6/+13
| | | | | | | | | | | If an AP rejects association due to low RSSI, then RSSI of the BSS from which association reject is received shall be used for calculating RSSI threshold at which STA can try connecting back to that BSS later. In case of SME offload, the current_bss might not have been set before receiving association completion, so fetch the BSS entry based on the BSSID provided in the driver event. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Make channel switch started event available over control interfaceOmer Dagan2019-04-221-3/+10
| | | | | | | | This makes it easier to upper layer components to manage operating channels in cases where the same radio is shared for both station and AP mode virtual interfaces. Signed-off-by: Omer Dagan <omer.dagan@tandemg.com>
* Add 802.11 reason code strings into wpa_supplicant messagesAlex Khouderchah2019-04-221-5/+6
| | | | | | | | | Logs involving IEEE 802.11 Reason Codes output the Reason Code value, but do not provide any explanation of what the value means. This change provides a terse explanation of each Reason Code using the latter part of the reason code #define names. Signed-off-by: Alex Khouderchah <akhouderchah@chromium.org>
* Fix FILS ERP association event with 4-way HS offload driversAvraham Stern2019-04-151-11/+11
| | | | | | | | | | | | | When FILS authentication is used with ERP, no EAPOL frames are expected after association. However, for drivers that set the WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X capability flag, the EAP state machine was not configured correctly and was waiting for EAPOL frames, which leads to disconnection. Fix this by reordering the if branches to set the EAPOL/EAP state machines to success when FILS authentication was already completed. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* DPP2: PFS for PTK derivationJouni Malinen2019-03-181-0/+23
| | | | | | | | | | Use Diffie-Hellman key exchange to derivate additional material for PMK-to-PTK derivation to get PFS. The Diffie-Hellman Parameter element (defined in OWE RFC 8110) is used in association frames to exchange the DH public keys. For backwards compatibility, ignore missing request/response DH parameter and fall back to no PFS in such cases. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* UBSan: Fix RRM beacon processing attempt without scan_infoJouni Malinen2019-02-251-2/+2
| | | | | | | | | | | | | Some driver interfaces (e.g., wext) might not include the data->scan_info information and data could be NULL here. Do not try to call the RRM handler in this case since that would dereference the NULL pointer when determining where scan_info is located and could potentially result in trying to read from unexpected location if RRM is enabled with a driver interface that does not support it. events.c:1907:59: runtime error: member access within null pointer of type 'union wpa_event_data' Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix cipher suite selector default value in RSNE for DMGLior David2019-02-211-0/+4
| | | | | | | | | | | | | | | | | | | | According to IEEE Std 802.11-2016, when fields of an RSNE are not included, the default values are used. The cipher suite defaults were hardcoded to CCMP in the previous implementation, but the default is actually different for DMG: GCMP (per It is not possible to find out from the RSNE if the network is non-DMG or DMG, so callers of wpa_parse_wpa_ie_rsn() need to handle this case based on context, which can be different for each caller. In order to fix this issue, add flags to the wpa_ie_data indicating whether pairwise/group ciphers were included in the RSNE. Callers can check these flags and fill in the appropriate ciphers. The wpa_parse_wpa_ie_rsn() function still initializes the ciphers to CCMP by default so existing callers will not break. This change also fixes some callers which need to handle the DMG network case. Signed-off-by: Lior David <liord@codeaurora.org>
* wpa_supplicant: Support Multi-AP backhaul STA onboarding with WPSDavina Lu2019-02-181-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Wi-Fi Alliance Multi-AP Specification v1.0 allows onboarding of a backhaul STA through WPS. To enable this, the backhaul STA needs to add a Multi-AP IE to the WFA vendor extension element in the WSC M1 message that indicates it supports the Multi-AP backhaul STA role. The Registrar (if it support Multi-AP onboarding) will respond to that with a WSC M8 message that also contains the Multi-AP IE, and that contains the credentials for the backhaul SSID (which may be different from the SSID on which WPS is performed). Introduce a new parameter to wpas_wps_start_pbc() and allow it to be set via control interface's new multi_ap=1 parameter of WPS_PBC call. multi_ap_backhaul_sta is set to 1 in the automatically created SSID. Thus, if the AP does not support Multi-AP, association will fail and WPS will be terminated. Only wps_pbc is supported. This commit adds the multi_ap argument only to the control socket interface, not to the D-Bus interface. Since WPS associates with the fronthaul BSS instead of the backhaul BSS, we should not drop association if the AP announces fronthaul-only BSS. Still, we should only do that in the specific case of WPS. Therefore, add a check to multi_ap_process_assoc_resp() to allow association with a fronthaul-only BSS if and only if key_mgmt contains WPS. Signed-off-by: Davina Lu <ylu@quantenna.com> Signed-off-by: Igor Mitsyanko <igor.mitsyanko.os@quantenna.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Daniel Golle <daniel@makrotopia.org> Cc: Marianna Carrera <marianna.carrera.so@quantenna.com>
* Indicate wifi_generation in wpa_supplicant STATUS outputJouni Malinen2019-02-151-0/+20
| | | | | | | | | | This adds a wifi_generation=4/5/6 line to the STATUS output if the driver reports (Re)Association Request frame and (Re)Association Response frame information elements in the association or connection event. Only the generations 4 (HT = 802.11n), 5 (VHT = 802.11ac), and 6 (HE = 802.11ax) are reported. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* drivers: Add separate driver flags for 802.1X and PSK 4-way HS offloadsArend van Spriel2019-01-071-2/+2
| | | | | | | | | Allow drivers to indicate support for offloading 4-way handshake for either IEEE 802.1X (WPA2-Enterprise; EAP) and/or WPA/WPA2-PSK (WPA2-Personal) by splitting the WPA_DRIVER_FLAGS_4WAY_HANDSHAKE flag into two separate flags. Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
* mesh: Consider mesh interface on DFS event handlerPeter Oh2019-01-031-3/+4
| | | | | | | | Once mesh starts supporting DFS channels, it has to handle DFS related events from drivers, hence add mesh interface to the check list. Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com> Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* dbus: Expose authentication status to D-BusAlex Khouderchah2019-01-021-0/+2
| | | | | | | | | | | wpa_supplicant currently logs CTRL-EVENT-AUTH-FAILED errors when authentication fails, but doesn't expose any property to the D-Bus interface related to this. This change adds the "AuthStatusCode" property to the interface, which contains the IEEE 802.11 status code of the last authentication. Signed-off-by: Alex Khouderchah <akhouderchah@chromium.org>
* dbus: Export roam time, roam complete, and session lengthMatthew Wang2019-01-021-0/+17
| | | | | | | | | | | Add new Interface properties "RoamTime", "RoamComplete", and "SessionLength". "RoamTime" carries the roam time of the most recent roam in milliseconds. "RoamComplete" carries True or False corresponding to the success status of the most recent roam. "SessionLength" carries the number of milliseconds corresponding to how long the connection to the last AP was before a roam or disconnect happened. Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
* OCE: Add RSSI based association rejection support (STA)Beni Lev2019-01-011-3/+29
| | | | | | | | | | | | | | An AP might refuse to connect a STA if it has a low RSSI. In such case, the AP informs the STA with the desired RSSI delta and a retry timeout. Any subsequent association attempt with that AP (BSS) should be avoided, unless the RSSI level improved by the desired delta or the timeout has expired. Defined in Wi-Fi Alliance Optimized Connectivity Experience technical specification v1.0, section 3.14 (RSSI-based association rejection information). Signed-off-by: Beni Lev <beni.lev@intel.com>
* Update wpa_supplicant channel list on FLUSHJouni Malinen2019-01-011-6/+9
| | | | | | | | Try to make sure the driver channel list state is synchronized with wpa_supplicant whenever explicitly clearing state (e.g., between hwsim test cases). Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_supplicant: Add Multi-AP backhaul STA supportVenkateswara Naralasetty2018-12-201-0/+50
| | | | | | | | | | | | | | | | | | | | | Advertise vendor specific Multi-AP IE in (Re)Association Request frames and process Multi-AP IE from (Re)Association Response frames if the user enables Multi-AP fuctionality. If the (Re)Association Response frame does not contain the Multi-AP IE, disassociate. This adds a new configuration parameter 'multi_ap_backhaul_sta' to enable/disable Multi-AP functionality. Enable 4-address mode after association (if the Association Response frame contains the Multi-AP IE). Also enable the bridge in that case. This is necessary because wpa_supplicant only enables the bridge in wpa_drv_if_add(), which only gets called when an interface is added through the control interface, not when it is configured from the command line. Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org> Signed-off-by: Jouni Malinen <jouni@codeaurora.org> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
* OCV: Perform an SA Query after a channel switchMathy Vanhoef2018-12-171-0/+3
| | | | | | | | | | | After the network changed to a new channel, perform an SA Query with the AP after a random delay if OCV was negotiated for the association. This is used to confirm that we are still operating on the real operating channel of the network. This commit is adding only the station side functionality for this, i.e., the AP behavior is not changed to disconnect stations with OCV that do not go through SA Query. Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
* OWE: Try another group only on association rejection with status 77Ashok Kumar2018-12-021-0/+1
| | | | | | | | | Do not change the OWE group if association is rejected for any other reason than WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED to avoid unnecessary latency in cases where the APs reject association, e.g., for load balancing reasons. Signed-off-by: Ashok Kumar <aponnaia@codeaurora.org>
* Fix indentation levelJouni Malinen2018-11-301-4/+3
| | | | | | This gets rid of smatch warnings about inconsistent indenting. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* WNM: Collocated Interference ReportingJouni Malinen2018-10-301-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for negotiating WNM Collocated Interference Reporting. This allows hostapd to request associated STAs to report their collocated interference information and wpa_supplicant to process such request and reporting. The actual values (Collocated Interference Report Elements) are out of scope of hostapd and wpa_supplicant, i.e., external components are expected to generated and process these. For hostapd/AP, this mechanism is enabled by setting coloc_intf_reporting=1 in configuration. STAs are requested to perform reporting with "COLOC_INTF_REQ <addr> <Automatic Report Enabled> <Report Timeout>" control interface command. The received reports are indicated as control interface events "COLOC-INTF-REPORT <addr> <dialog token> <hexdump of report elements>". For wpa_supplicant/STA, this mechanism is enabled by setting coloc_intf_reporting=1 in configuration and setting Collocated Interference Report Elements as a hexdump with "SET coloc_intf_elems <hexdump>" control interface command. The hexdump can contain one or more Collocated Interference Report Elements (each including the information element header). For additional testing purposes, received requests are reported with "COLOC-INTF-REQ <dialog token> <automatic report enabled> <report timeout>" control interface events and unsolicited reports can be sent with "COLOC_INTF_REPORT <hexdump>". This commit adds support for reporting changes in the collocated interference (Automatic Report Enabled == 1 and partial 3), but not for periodic reports (2 and other part of 3). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OWE: Use shorter scan interval during transition mode searchJouni Malinen2018-10-121-0/+13
| | | | | | | Start scans more quickly if an open BSS advertising OWE transition mode is found, but the matching OWE BSS has not yet been seen. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OWE: Attempt more scans for OWE transition SSID if expected BSS not seenSunil Dutt2018-10-121-0/+18
| | | | | | | | | | | | This commit introduces a threshold for OWE transition BSS selection, which signifies the maximum number of selection attempts (scans) done for finding OWE BSS. This aims to do more scan attempts for OWE BSS and eventually select the open BSS if the selection/scan attempts for OWE BSS exceed the configured threshold. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Flush PMKSA if an assoc reject without timeout is receivedSrinivas Dasari2018-09-181-0/+10
| | | | | | | | | | | | | | Flush the PMKSA upon receiving assoc reject event without timeout in the event data, to avoid trying the subsequent connections with the old PMKID. Do not flush PMKSA if assoc reject is received with timeout as it is generated internally from the driver without reaching the AP. This extends commit d109aa6cacf2c3f643de0c758a30b0daf936a67a ("SAE: Flush PMKSA if an assoc reject without timeout is received") to handle also the DPP AKM. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* FILS: Fix FILS connect failures after ERP key invalidationAnkita Bajaj2018-08-241-1/+3
| | | | | | | | | | | | | | | | If the RADIUS authentication server dropped the cached ERP keys for any reason, FILS authentication attempts with ERP fails and the previous wpa_supplicant implementation ended up trying to use the same keys for all consecutive attempts as well. This did not allow recovery from state mismatch between the ERP server and peer using full EAP authentication. Address this by trying to use full (non-FILS) authentication when trying to connect to an AP using the same ERP realm with FILS-enabled network profile if the previous authentication attempt had failed. This allows new ERP keys to be established and FILS authentication to be used again for the consecutive connections. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* HS 2.0: Allow OSEN connection to be used in an RSN BSSJouni Malinen2018-05-291-4/+10
| | | | | | | | | This allows a single BSS/SSID to be used for both data connection and OSU. In wpa_supplicant configuration, the current proto=OSEN key_mgmt=OSEN combination is now allowing both the old separate OSEN BSS/IE and the new RSN-OSEN to be used. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OWE: Mark connection failed in the unlikely no-bss-entry caseJouni Malinen2018-05-161-1/+4
| | | | | | | | | If no BSS entry can be found when processing association rejected event from the driver for the special OWE case of unsupported finite-cyclic-group, process the event as a connection failure instead of just skipping the the OWE retry with another DH group. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Move wpa_supplicant_event() EVENT_ASSOC_REJECT handling into a functionJouni Malinen2018-05-161-78/+82
| | | | | | | This cleans up the implementation a bit by making this functionality easier to understand. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OWE: Get the bss from bssid of assoc_reject to try for next groupSrinivas Dasari2018-05-151-0/+9
| | | | | | | | | | | On an assoc_reject from the BSS with the status=77, a connection attempt with the next supported group happens. The BSS considered here is from current_bss which may be NULL at this point of time with SME-in-driver case. Address this by getting the BSS from the bssid obtained in association reject indication and skip the step if no BSS entry can be found. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: Flush PMKSA if an assoc reject without timeout is receivedSrinivas Dasari2018-05-151-0/+12
| | | | | | | | | | | | Flush the PMKSA upon receiving association reject event without timeout in the event data in SME-in-driver case to avoid trying to use the old PMKSA entry in subsequent connection attempts. Do not flush PMKSA if association reject is received with timeout as it is generated internally from the driver without reaching the AP. This is similar to the SME-in-wpa_supplicant case that was already addressed within sme_event_assoc_reject(). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* wpa_supplicant: Make channel switch event available for non-AP buildsBhagavathi Perumal S2018-05-041-0/+4
| | | | | | | This allows user to get channel switch indication in station mode even if wpa_supplicant is built without CONFIG_AP=y. Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
* wpa_supplicant: Add ieee80211ac information in STATUSBhagavathi Perumal S2018-05-041-0/+5
| | | | | | This allows user to get current operating mode of station. Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
* wpa_supplicant: Increase authentication timeout if CAC is startedDmitry Lebed2018-04-151-10/+85
| | | | | | | | | | | | | | | | | | Timeout is increased by dfs_cac_ms from channel data, or by max CAC time (10 minutes) if dfs_cac_ms is not defined. This is needed for some more complex cases, e.g., when STA is acting as an active slave with DFS offload enabled and decided to start CAC after receiving CONNECT command, in such a case the 10 second timeout is too small and wpa_supplicant need to wait for CAC completion or CAC timeout (up to 10 minutes). Without such timeout modification wpa_supplicant will be unable to connect to an AP on DFS channel, since the default authentication timeout (10 s) is smaller than the minimum CAC time (60 s). Tested with nl80211 DFS offload implementation. Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
* wpa_supplicant: Rename wpas_event_*() to wpas_ap_event_*()Dmitry Lebed2018-04-151-6/+7
| | | | | | | Rename DFS event handling functions, since they are located in ap.c and refer to AP-mode only. Needed to add some STA-mode DFS event handling. Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
* SAE: Only allow SAE AKMP for PMKSA caching attemptsJouni Malinen2018-04-091-2/+2
| | | | | | | | | | Explicitly check the PMKSA cache entry to have matching SAE AKMP for the case where determining whether to use PMKSA caching instead of new SAE authentication. Previously, only the network context was checked, but a single network configuration profile could be used with both WPA2-PSK and SAE, so should check the AKMP as well. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_supplicant: Fix auth failure when the MAC is updated externallyBeniamino Galvani2018-03-301-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When connecting to a WPA-EAP network and the MAC address is changed just before the association (for example by NetworkManager, which sets a random MAC during scans), the authentication sometimes fails in the following way ('####' logs added by me): wpa_supplicant logs: wlan0: WPA: RX message 1 of 4-Way Handshake from 02:00:00:00:01:00 (ver=1) RSN: msg 1/4 key data - hexdump(len=22): dd 14 00 0f ac 04 d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23 WPA: PMKID in EAPOL-Key - hexdump(len=22): dd 14 00 0f ac 04 d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23 RSN: PMKID from Authenticator - hexdump(len=16): d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23 wlan0: RSN: no matching PMKID found EAPOL: Successfully fetched key (len=32) WPA: PMK from EAPOL state machines - hexdump(len=32): [REMOVED] #### WPA: rsn_pmkid(): #### WPA: aa - hexdump(len=6): 02 00 00 00 01 00 #### WPA: spa - hexdump(len=6): 66 20 cf ab 8c dc #### WPA: PMK - hexdump(len=32): b5 24 76 4f 6f 50 8c f6 a1 2e 24 b8 07 4e 9a 13 1b 94 c4 a8 1f 7e 22 d6 ed fc 7d 43 c7 77 b6 f7 #### WPA: computed PMKID - hexdump(len=16): ea 73 67 b1 8e 5f 18 43 58 24 e8 1c 47 23 87 71 RSN: Replace PMKSA entry for the current AP and any PMKSA cache entry that was based on the old PMK nl80211: Delete PMKID for 02:00:00:00:01:00 wlan0: RSN: PMKSA cache entry free_cb: 02:00:00:00:01:00 reason=1 RSN: Added PMKSA cache entry for 02:00:00:00:01:00 network_ctx=0x5630bf85a270 nl80211: Add PMKID for 02:00:00:00:01:00 wlan0: RSN: PMKID mismatch - authentication server may have derived different MSK?! hostapd logs: WPA: PMK from EAPOL state machine (MSK len=64 PMK len=32) WPA: 02:00:00:00:00:00 WPA_PTK entering state PTKSTART wlan1: STA 02:00:00:00:00:00 WPA: sending 1/4 msg of 4-Way Handshake #### WPA: rsn_pmkid(): #### WPA: aa - hexdump(len=6): 02 00 00 00 01 00 #### WPA: spa - hexdump(len=6): 02 00 00 00 00 00 #### WPA: PMK - hexdump(len=32): b5 24 76 4f 6f 50 8c f6 a1 2e 24 b8 07 4e 9a 13 1b 94 c4 a8 1f 7e 22 d6 ed fc 7d 43 c7 77 b6 f7 #### WPA: computed PMKID - hexdump(len=16): d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23 WPA: Send EAPOL(version=1 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=22 keyidx=0 encr=0) That's because wpa_supplicant computed the PMKID using the wrong (old) MAC address used during the scan. wpa_supplicant updates own_addr when the interface goes up, as the MAC can only change while the interface is down. However, drivers don't report all interface state changes: for example the nl80211 driver may ignore a down-up cycle if the down message is processed later, when the interface is already up. In such cases, wpa_supplicant (and in particular, the EAP state machine) would continue to use the old MAC. Add a new driver event that notifies of MAC address changes while the interface is active. Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
* OWE: Fix CONFIG_OWE=y build without CONFIG_IEEE80211R=yJouni Malinen2018-03-261-2/+2
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Make STA opmode change event available to upper layersTamizh chelvam2018-03-191-0/+12
| | | | | | | | | | | | | Add an event callback for EVENT_STATION_OPMODE_CHANGED to allow user/application to get the notification whenever there is a change in a station's HT/VHT op mode. The new events: STA-OPMODE-MAX-BW-CHANGED <addr> <20(no-HT)|20|40|80|80+80|160> STA-OPMODE-SMPS-MODE-CHANGED <addr> <automatic|off|dynamic|static> STA-OPMODE-N_SS-CHANGED <addr> <N_SS> Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
* wpa_supplicant: Handle port authorized eventAvraham Stern2018-02-171-5/+16
| | | | | | | | When the driver indicates that the connection is authorized (i.e., the 4-way handshake was completed by the driver), cancel the EAP authentication timeout and set the EAP state machine to success state. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* SAE: Support external authentication offload for driver-SME casesSunil Dutt2018-02-021-0/+19
| | | | | | | | | | Extend the SME functionality to support the external authentication. External authentication may be used by the drivers that do not define separate commands for authentication and association (~WPA_DRIVER_FLAGS_SME) but rely on wpa_supplicant's SME for the authentication. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OWE: Allow station in transition mode to connect to an open BSSJouni Malinen2018-01-211-1/+18
| | | | | | | | | If the OWE network profile matches an open network which does not advertise OWE BSS, allow open connection. The new owe_only=1 network profile parameter can be used to disable this transition mode and enforce connection only with OWE networks. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OWE: Try all supported DH groups automatically on STAJouni Malinen2017-12-271-0/+20
| | | | | | | | If a specific DH group for OWE is not set with the owe_group parameter, try all supported DH groups (currently 19, 20, 21) one by one if the AP keeps rejecting groups with the status code 77. Signed-off-by: Jouni Malinen <j@w1.fi>
* DPP: Update AES-SIV AD for DPP Authentication framesJouni Malinen2017-10-181-2/+2
| | | | | | | The protocol design was updated to protect the six octets in the header before the attributes. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Update replay counter from roam infoVidyullatha Kanchanapally2017-10-171-5/+1
| | | | | | | | | Update the replay counter after a roam for all cases. This restores the design back to what it was before commit 01ef320f192daa074c7055a44a03b6b5b811d6bd ('FILS: Update ERP next sequence number with driver offload'). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Allow last (Re)Association Request frame to be replayed for testingJouni Malinen2017-10-161-0/+10
| | | | | | | | | | | The new wpa_supplicant RESEND_ASSOC command can be used to request the last (Re)Association Request frame to be sent to the AP to test FT protocol behavior. This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add testing functionality for resetting PN/IPN for configured keysJouni Malinen2017-10-161-0/+5
| | | | | | | | | | | | | This can be used to test replay protection. The "RESET_PN" command in wpa_supplicant and "RESET_PN <addr>" command in hostapd resets the local counters to zero for the last configured key. For hostapd, the address parameter specifies which STA this operation is for or selects GTK ("ff:ff:ff:ff:ff:ff") or IGTK ("ff:ff:ff:ff:ff:ff IGTK"). This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove all PeerKey functionalityJouni Malinen2017-10-151-17/+0
| | | | | | | | | | | | | | | | | | | | | | | | This was originally added to allow the IEEE 802.11 protocol to be tested, but there are no known fully functional implementations based on this nor any known deployments of PeerKey functionality. Furthermore, PeerKey design in the IEEE Std 802.11-2016 standard has already been marked as obsolete for DLS and it is being considered for complete removal in REVmd. This implementation did not really work, so it could not have been used in practice. For example, key configuration was using incorrect algorithm values (WPA_CIPHER_* instead of WPA_ALG_*) which resulted in mapping to an invalid WPA_ALG_* value for the actual driver operation. As such, the derived key could not have been successfully set for the link. Since there are bugs in this implementation and there does not seem to be any future for the PeerKey design with DLS (TDLS being the future for DLS), the best approach is to simply delete all this code to simplify the EAPOL-Key handling design and to get rid of any potential issues if these code paths were accidentially reachable. Signed-off-by: Jouni Malinen <j@w1.fi>
* OWE: PMKSA caching in station modeJouni Malinen2017-10-091-3/+4
| | | | | | | This extends OWE support in wpa_supplicant to allow PMKSA caching to be used. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OWE: Transition mode support on station sideJouni Malinen2017-10-081-4/+84
| | | | | | | Add support for using the OWE Transition Mode element to determine the hidden SSID for an OWE BSS that is used in transition mode. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add group_mgmt network parameter for PMF cipher selectionJouni Malinen2017-09-261-0/+8
| | | | | | | | | | The new wpa_supplicant network parameter group_mgmt can be used to specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128, BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not specified, the current behavior is maintained (i.e., follow what the AP advertises). The parameter can list multiple space separate ciphers. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* RRM: Send reject/refuse response only to unicast measurement requestAvraham Stern2017-07-171-0/+1
| | | | | | | | | | IEEE Std 802.11-2016, 11.11.6 specifies that a station that is unable to make a requested measurement or refuses to make a measurement shall respond only if the measurement request was received within an individually addressed radio measurement request frame, but shall not respond if such a request was received in a group addressed frame. Signed-off-by: Avraham Stern <avraham.stern@intel.com>