aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/mesh.c
Commit message (Collapse)AuthorAgeFilesLines
* OCV: Pass ocv parameter to mesh configurationMathy Vanhoef2018-12-171-0/+3
| | | | Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
* mesh: Fix crash with CONFIG_TAXONOMY enabledFelix Fietkau2018-05-311-1/+1
| | | | | | | | | wpa_s->ifmsh needs to be allocated using hostapd_alloc_iface() instead of a direct call to os_zalloc(), otherwise the linked list for station taxonomy items remains uninitialized, leading to a crash on the first attempt to traverse that list Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mesh: Register msg_ctx for hostapd/AP codeJouni Malinen2018-05-191-0/+1
| | | | | | | | | The use of hostapd code for a mesh interface did not register hapd->msg_ctx. This needs to be done similarly to the existing cases in wpa_supplicant AP and IBSS mode uses so that wpa_msg() calls from the hostapd/AP code get delivered properly. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* mesh: Properly handle sae_passwordDaniel Golle2018-04-131-3/+7
| | | | | | | | | | | | | The recently introduced sae_password parameter was only handled properly in wpa_supplicant/sme.c while wpa_supplicant/mesh.c assumed that ssid->passphrase exclusively holds the secret. Import the logic from sme.c to mesh.c to allow having only sae_password set which otherwise throws this error: AP-ENABLED mesh: Passphrase for SAE not configured Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mesh: Make NL80211_MESHCONF_RSSI_THRESHOLD configurableMasashi Honma2017-05-081-0/+4
| | | | | | | | In some practical cases, it is useful to suppress joining to node in the distance. The new field mesh_rssi_threshold could be used as RSSI threshold for joining. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* Use os_memdup()Johannes Berg2017-03-071-6/+4
| | | | | | | | | | | | | | | | | | | | | | This leads to cleaner code overall, and also reduces the size of the hostapd and wpa_supplicant binaries (in hwsim test build on x86_64) by about 2.5 and 3.5KiB respectively. The mechanical conversions all over the code were done with the following spatch: @@ expression SIZE, SRC; expression a; @@ -a = os_malloc(SIZE); +a = os_memdup(SRC, SIZE); <... if (!a) {...} ...> -os_memcpy(a, SRC, SIZE); Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mesh: Fix CONFIG_MESH=y build without CONFIG_IEEE80211W=yJouni Malinen2017-02-261-0/+2
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Fix struct hostapd_data initializationJouni Malinen2017-02-041-2/+1
| | | | | | | | | | | | | | | | | | The local custom version of allocating and initializing struct hostapd_data within wpa_supplicant_mesh_init() is problematic. This has already missed couple of initialization steps that are required. Instead of trying to remember to keep this up to date, use hostapd_alloc_bss_data() so that there is only one place for this initialization. This is fixing a recent issue where FILS HLP started using hapd->dhcp_server and expected that to be initialized to -1. For the mesh case, that did not happen and when removing the interface, the FILS HLP implementation ended up unregistering eloop socket for hapd->dhcp_server (= 0). This could result in missing socket callbacks for an arbitrary socket. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Fix channel configuration in pri/sec switch caseJouni Malinen2016-12-131-7/+15
| | | | | | | | | | | | | | If 20/40 MHz co-ex scan resulted in switching primary and secondary channels, mesh setup failed to update the frequency parameters for hostapd side configuration and that could result in invalid secondary channel configuration preventing creating of the mesh network. This could happen, e.g., when trying to set up mesh on 5 GHz channel 36 and co-ex scan finding a BSS on channel 40. Switching the pri/sec channels resulted in hostapd code trying to check whether channel 32 is available. Fix this by swapping the channels for hostapd configuration when needed. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Initialize hapd->nr_db in hostapd_alloc_bss_data()Jouni Malinen2016-08-221-0/+1
| | | | | | | | | | Previously, this was initialized in hostapd_setup_bss() which made it possible for a REMOVE_NEIGHBOR control interface command to be issued prior to the list head pointers having been set. That resulted in a NULL pointer dereference. Fix this by initializing the list head at the time the data structure gets allocated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* mesh: Report HT operation mode to kernelMasashi Honma2016-08-181-0/+2
| | | | | | | Report HT operation mode to kernel to broadcast correct IE in beacon (for example HT operation IE). Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Use WPA_DRIVER_MESH_CONF_FLAG_* as modification flagMasashi Honma2016-08-181-2/+2
| | | | Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Move max_peer_links parameter to appropriate structMasashi Honma2016-08-181-1/+1
| | | | | | | Accoding to the comment of struct wpa_driver_mesh_bss_params, the max_peer_links parameter should be under that struct. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Make DTIM period configurableMasashi Honma2016-07-231-0/+4
| | | | Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Mark wpa_state COMPLETED when mesh join has been performedMaital Hahn2016-06-241-0/+3
| | | | | | | | | | In mesh interface, the wpa_supplicant state was either DISCONNECT/SCANNING in non-secured connection or AUTHENTICATING in secured connection. The latter prevented the scan. Update the wpa_supplicant state in mesh to be COMPLETED upon initialization. This is similar to the P2P GO case. Signed-off-by: Maital Hahn <maitalm@ti.com>
* mesh: Select pairwise and group cipher based on network profileJouni Malinen2016-06-191-2/+19
| | | | | | | This allows the previously hardcoded CCMP cipher to be replaced in the network profile for mesh. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Avoid use of hardcoded cipherJouni Malinen2016-06-191-9/+13
| | | | | | | | | This moves pairwise, group, and management group ciphers to various mesh data structures to avoid having to hardcode cipher in number of places through the code. While CCMP and BIP are still the hardcoded ciphers, these are now set only in one location. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Use ieee80211w profile parameterJouni Malinen2016-06-181-2/+10
| | | | | | | | | This is initial step in fixing issues in how PMF configuration for RSN mesh was handled. PMF is an optional capability for mesh and it needs to be configured consistently in both hostapd structures (to get proper RSNE) and key configuration (not included in this commit). Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Remove extra newline from the end of an error messageJouni Malinen2016-06-041-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Remove unreachable codeJouni Malinen2016-06-041-7/+1
| | | | | | | ssid->frequency cannot be 0 in wpa_supplicant_mesh_init() since wpas_supplicant_join_mesh() rejects such a configuration. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Fix MESH_INTERFACE_ADD error path cleanupJouni Malinen2016-05-291-1/+1
| | | | | | | If wpa_supplicant_add_iface() fails, we need to remove the added netdev, not the existing wpa_s instance. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Add support for PMKSA cachingMasashi Honma2016-03-201-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | This patch add functionality of mesh SAE PMKSA caching. If the local STA already has peer's PMKSA entry in the cache, skip SAE authentication and start AMPE with the cached value. If the peer does not support PMKSA caching or does not have the local STA's PMKSA entry in the cache, AMPE will fail and the PMKSA cache entry of the peer will be removed. Then STA retries with ordinary SAE authentication. If the peer does not support PMKSA caching and the local STA uses no_auto_peer=1, the local STA can not retry SAE authentication because NEW_PEER_CANDIDATE event cannot start SAE authentication when no_auto_peer=1. So this patch extends MESH_PEER_ADD command to use duration(sec). Throughout the duration, the local STA can start SAE authentication triggered by NEW_PEER_CANDIDATE even though no_auto_peer=1. This commit requires commit 70c93963edefa37ef84b73efb9d04ea10268341c ('SAE: Fix PMKID calculation for PMKSA cache'). Without that commit, chosen PMK comparison will fail. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Add MESH_PEER_ADD commandMasashi Honma2016-03-201-0/+6
| | | | | | | | This allows a mesh peer connection to be initiated manually in no_auto_peer mesh networks. Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com> Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Add MESH_PEER_REMOVE commandMasashi Honma2016-03-201-0/+6
| | | | | | | This command allows the specified mesh peer to be disconnected. Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com> Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Fix VHT Operation information in peering messagesJouni Malinen2015-12-171-0/+45
| | | | | | | | | | | | The full VHT channel information was not set in the hostapd data structures which resulted in incorrect information (all zeros) being used when building the VHT Operation element for peering messages while the actual driver mode was set with the full details. We did not seem to use the VHT information from peering messages, so this does not change behavior with another wpa_supplicant-based mesh implementation. Anyway, these elements should match the ones used in Beacon frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* mesh: Clear wpa_s cipher selection on starting meshJouni Malinen2015-11-261-0/+10
| | | | | | | | | This is needed to avoid hitting WEP/TKIP detection in ibss_mesh_setup_freq() if the previous connection used WEP or TKIP. Previously, that could have resulted in VHT and HT getting disabled for the mesh connection. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add VHT support for MeshPeter Oh2015-11-191-0/+1
| | | | | | | | | | Mesh Points themselves have capability to support VHT as long as hardware supports it. However, supporting VHT in mesh mode was disabled because no one had clearly tested and confirmed its functionality. Since VHT80 has now been verified to work with ath10k QCA988X driver and mac80211_hwsim, enable VHT support in mesh mode. Signed-off-by: Peter Oh <poh@qca.qualcomm.com>
* mesh: Rename IE field to clarify its useMasashi Honma2015-09-051-4/+4
| | | | | | This is used only for RSNE. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Fix mesh SAE auth on low spec devicesMasashi Honma2015-08-021-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | The mesh SAE auth often fails with master branch. By bisect I found commit eb5fee0bf50444419ac12d3c7f38f27a47523a47 ('SAE: Add side-channel protection to PWE derivation with ECC') causes this issue. This does not mean the commit has a bug. This is just a CPU resource issue. After the commit, sae_derive_pwe_ecc() spends 101(msec) on my PC (Intel Atom N270 1.6GHz). But dot11RSNASAERetransPeriod is 40(msec). So auth_sae_retransmit_timer() is always called and it can causes continuous frame exchanges. Before the commit, it was 23(msec). On the IEEE 802.11 spec, the default value of dot11RSNASAERetransPeriod is defined as 40(msec). But it looks short because generally mesh functionality will be used on low spec devices. Indeed Raspberry Pi B+ (ARM ARM1176JZF-S 700MHz) requires 287(msec) for new sae_derive_pwe_ecc(). So this patch makes the default to 1000(msec) and makes it configurable. This issue does not occur on infrastructure SAE because the dot11RSNASAERetransPeriod is not used on it. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* Fix a memory leak on mesh_attr_text() error pathJouni Malinen2015-04-221-3/+4
| | | | | | | | | Should there not be enough room in the output buffer, the bss_basic_rate_set line would not be printed. This error case was handled otherwise, but the temporary memory allocation for building the information was not freed. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Leave mesh in driver setup if initialization failsJouni Malinen2015-03-061-0/+1
| | | | | | | | | | | | | | | It was possible to leave the driver in mesh point state if upper layer mesh initialization failed in wpa_supplicant_mesh_init(). With nl80211, this results in the vif being left in mesh point mode instead of restoring it to station mode. That seems to break normal functionality, e.g., for Public Action frame TX/RX. Fix this by restoring station mode on mesh failure path. This error could be triggered, e.g., with the following hwsim test case sequence: wpas_mesh_secure_sae_missing_password nfc_p2p_static_handover_tagdev_go_forced_freq Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Fix interface deinit for failed group interface initializationJouni Malinen2015-03-011-2/+1
| | | | | | | | | | | wpa_supplicant_deinit_iface() ends up removing all P2P groups if the removed interface is the parent interface. This is correct behavior in general, but this resulted in issues in the new group interface initialization error path since wpa_s->parent was not assigned before hitting this check. Fix this by assigning wpa_s->parent as part of wpa_supplicant_add_iface(). Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Make inactivity timer configurableMasashi Honma2015-01-191-0/+2
| | | | | | | | | | | Current mesh code uses ap_max_inactivity as inactivity timer. This patch makes it configurable. There is another mesh inactivity timer in mac80211. The timer works even if user_mpm=1. So this patch sets the max value to the timer for workaround. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Use the shared function with IBSS to determine channel parametersJouni Malinen2015-01-101-17/+2
| | | | | | | | Automatically enable HT20, HT40+, HT40-, or VHT, based on driver capabilities. This obsoletes the mesh_ht_mode network block parameter that was previously used to configure HT parameters. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Convert channel configuration to use common routinesJouni Malinen2015-01-101-3/+15
| | | | | | | Use struct hostapd_freq_params just like other modes do instead of mesh-specific freq and ht_mode. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Use a separate variable to track whether HT is enabledJouni Malinen2015-01-101-0/+1
| | | | | | | A network profile parameter should not be used to check whether the currently operating mesh has HT enabled. Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Make maximum number of peer links configurableMasashi Honma2014-12-211-1/+2
| | | | | | | | Maximum number of peer links is maximum number of connecting mesh peers at the same time. This value is 0..255 based on the dot11MeshNumberOfPeerings range. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Make beacon interval configurableMasashi Honma2014-12-211-0/+4
| | | | Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Add mesh interface creation command for mesh gateMasashi Honma2014-12-141-0/+59
| | | | | | | | | | | | | | | | | | | | | | The mesh gate is used to bridge (or route) between mesh network and another network. For example, mesh gate acts as router between mesh network and IEEE 802.11 BSS network. This command makes a virtual mesh interface to be used for mesh gate. This command expects to be used like this. wpa_cli -i wlan0 MESH_INTERFACE_ADD ifname=mesh0 wpa_cli -i mesh0 add_network wpa_cli -i mesh0 set_network 0 ssid '"commell_2X_mmm"' wpa_cli -i mesh0 set_network 0 mode 5 wpa_cli -i mesh0 set_network 0 frequency 2412 wpa_cli -i mesh0 set_network 0 key_mgmt SAE wpa_cli -i mesh0 set_network 0 psk '"01234567"' wpa_cli -i mesh0 mesh_group_add 0 wpa_cli -i wlan0 mesh_group_remove mesh0 Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* Check os_snprintf() result more consistently - automatic 1Jouni Malinen2014-12-081-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This converts os_snprintf() result validation cases to use os_snprintf_error() where the exact rule used in os_snprintf_error() was used. These changes were done automatically with spatch using the following semantic patch: @@ identifier E1; expression E2,E3,E4,E5,E6; statement S1; @@ ( E1 = os_snprintf(E2, E3, ...); | int E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else if (E6) E1 = os_snprintf(E2, E3, ...); else E1 = 0; | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else if (E6) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... E1 = os_snprintf(E2, E3, ...); } ) ? os_free(E4); - if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \)) + if (os_snprintf_error(E3, E1)) ( S1 | { ... } ) Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Send peering close message before leaving meshJouni Malinen2014-11-271-2/+3
| | | | | | | This is needed to allow proper Action frame transmission to work without having to claim these to be offchannel operations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* mesh: Make plink params configurableMasashi Honma2014-11-161-0/+4
| | | | | | | This patch makes four MIB variables for plink configurable and sets the correct default values based on IEEE Std 802.11s-2011. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Add scan result for mesh networkMasashi Honma2014-11-161-0/+94
| | | | | | | Android 4.4 uses "BSS" command instead of "SCAN_RESULT" command. So this patch add the mesh scan result for BSS command. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Make BSSBasicRateSet configurableMasashi Honma2014-11-161-12/+28
| | | | | | | | | | | | | STAs that have different BSSBasicRateSet cannot connect to each other as per IEEE 802.11s-2011 9.6.0c1: "A mesh STA shall not establish a mesh peering with a mesh STA using a different BSSBasicRateSet." Make BSSBasicRateSet configurable to improve interoperability with other stations. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Set driver capability flags to mesh interfaceMasashi Honma2014-11-161-0/+1
| | | | | Signed-off-by: Kenzoh Nishikawa <Kenzoh.Nishikawa@jp.sony.com> Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Enable mesh HT modeJason Mobarak2014-11-161-0/+6
| | | | | | | | | | | | Add a new option "mesh_ht_mode" that specifies the HT mode for the mesh, with this option on, mesh beacons, actions frames, and probe responses with include the appropriate HT information elements. [original implementation by Chun-Yeow Yeoh <yeohchunyeow@gmail.com>] [some fixes by Masashi Honma <masashi.honma@gmail.com>] Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
* mesh: Add timer for SAE authentication in RSN meshChun-Yeow Yeoh2014-11-161-0/+1
| | | | | | | | | | | | Add timer to do SAE re-authentication with number of tries defined by MESH_AUTH_RETRY and timeout defined by MESH_AUTH_TIMEOUT. Ignoring the sending of reply message on "SAE confirm before commit" to avoid "ping-pong" issues with other mesh nodes. This is obvious when number of mesh nodes in MBSS reaching 6. Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com> Signed-off-by: Bob Copeland <me@bobcopeland.com>
* mesh: Add mesh robust security networkThomas Pedersen2014-11-161-0/+7
| | | | | | | | | | | | | | This implementation provides: - Mesh SAE authentication mechanism - Key management (set/get PSK) - Cryptographic key establishment - Enhanced protection mechanisms for robust management frames Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Thomas Pedersen <thomas@noack.us>
* mesh: Implement mesh scanningJason Abele2014-10-251-0/+13
| | | | | | | | When mesh is configured in, include the wildcard mesh id so that mesh networks are returned. Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Jason Abele <jason.abele@gmail.com>
* mesh: Add mesh peering managerBob Copeland2014-10-251-2/+20
| | | | | | | | | | | | | | | The mesh peering manager establishes and maintains links among mesh peers, tracking each peer link via a finite state machine. This implementation supports open mesh peerings. [assorted fixes from Yu Niiro <yu.niiro@gmail.com>] [more fixes from Masashi Honma <masashi.honma@gmail.com>] Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-hostap: Bob Copeland <me@bobcopeland.com>