path: root/wpa_supplicant/wpas_glue.c
Commit message (Collapse)AuthorAgeFilesLines
* Propagate the EAP method error codeAhmed ElArabawy2018-03-311-0/+9
| | | | | | | | | | | | | | | | | | In the current implementation, upon an EAP method failure, followed by an EAP failure, the EAP Status is propagated up in wpa_supplicant with a general failure parameter string "failure". This parameter is used for a notification on the dbus. This commit reports the EAP method failure error code in a separate callback. The solution in this commit is generic to all EAP methods, and can be used by any method that need to pass its error code. However, this commit only implements the reporting for EAP-SIM and EAP-AKA methods where the Notification Code (in AT_NOTIFICATION) is used as the method specific error code value. Signed-off-by: Ahmed ElArabawy <arabawy@google.com>
* Add testing functionality for resetting PN/IPN for configured keysJouni Malinen2017-10-161-0/+10
| | | | | | | | | | | | | This can be used to test replay protection. The "RESET_PN" command in wpa_supplicant and "RESET_PN <addr>" command in hostapd resets the local counters to zero for the last configured key. For hostapd, the address parameter specifies which STA this operation is for or selects GTK ("ff:ff:ff:ff:ff:ff") or IGTK ("ff:ff:ff:ff:ff:ff IGTK"). This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove all PeerKey functionalityJouni Malinen2017-10-151-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | This was originally added to allow the IEEE 802.11 protocol to be tested, but there are no known fully functional implementations based on this nor any known deployments of PeerKey functionality. Furthermore, PeerKey design in the IEEE Std 802.11-2016 standard has already been marked as obsolete for DLS and it is being considered for complete removal in REVmd. This implementation did not really work, so it could not have been used in practice. For example, key configuration was using incorrect algorithm values (WPA_CIPHER_* instead of WPA_ALG_*) which resulted in mapping to an invalid WPA_ALG_* value for the actual driver operation. As such, the derived key could not have been successfully set for the link. Since there are bugs in this implementation and there does not seem to be any future for the PeerKey design with DLS (TDLS being the future for DLS), the best approach is to simply delete all this code to simplify the EAPOL-Key handling design and to get rid of any potential issues if these code paths were accidentially reachable. Signed-off-by: Jouni Malinen <j@w1.fi>
* DPP: Add new AKMJouni Malinen2017-06-191-0/+1
| | | | | | | | | | This new AKM is used with DPP when using the signed Connector to derive a PMK. Since the KCK, KEK, and MIC lengths are variable within a single AKM, this needs number of additional changes to get the PMK length delivered to places that need to figure out the lengths of the PTK components. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* eap_proxy: Support multiple SIMs in get_imsi()Vidyullatha Kanchanapally2017-06-061-1/+1
| | | | | | | | This allows the eap_proxy mechanism to be used with multiple SIMs by following the configured sim_num to index which SIM to use for when fetching the IMSI through eap_proxy. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Add support for Cache Identifier in add/remove PMKSAVidyullatha Kanchanapally2017-04-071-4/+22
| | | | | | | | | Add support for setting and deleting PMKSA cache entries based on FILS Cache Identifer. Also additionally add support for sending PMK as part of SET_PMKSA to enable driver to derive keys in case of FILS shared key offload using PMKSA caching. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* driver: Move add_pmkid() and remove_pmkid() arguments into a structVidyullatha Kanchanapally2017-04-071-2/+13
| | | | | | | This makes it easier to add more arguments to these wpa_driver_ops functions. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OWE: Define and parse OWE AKM selectorJouni Malinen2017-03-121-0/+1
| | | | | | This adds a new RSN AKM "OWE". Signed-off-by: Jouni Malinen <j@w1.fi>
* FILS: Use FILS Cache Identifier to extend PMKSA applicabilityJouni Malinen2017-02-261-0/+5
| | | | | | | | This allows PMKSA cache entries for FILS-enabled BSSs to be shared within an ESS when the BSSs advertise the same FILS Cache Identifier value. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Parse and report received FILS HLP Containers from responseJouni Malinen2017-02-011-0/+21
| | | | | | | | The new FILS-HLP-RX control interface event is now used to report received FILS HLP responses from (Re)Association Response frame as a response to the HLP requests configured with FILS_HLP_REQ_ADD. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* eap_proxy: On SIM error flush PMKSAs only for SIM/AKA/AKA' networksPurushottam Kushwaha2017-01-041-1/+29
| | | | | | | | | Previously, SIM state change with SIM_STATE_ERROR cleared all PMKSA entries (including non-SIM networks). Limit this to networks which use SIM-based authentication methods to avoid unnecessarily removal of PMKSA entries. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* eap_proxy: Add support for SIM state change indication from eap_proxyPurushottam Kushwaha2016-12-191-0/+22
| | | | | | | | | | | | This registers a new callback to indicate change in SIM state. This helps to do some clean up (more specifically pmksa_flush) based on the state change of the SIM. Without this, the reconnection using the cached PMKSA could happen though the SIM is changed. Currently eap_proxy_sim_state corresponds to only SIM_STATE_ERROR. This can be further extended. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add PMKSA-CACHE-ADDED/REMOVED events to wpa_supplicantJouni Malinen2016-12-121-2/+30
| | | | | | | These allow external program to monitor PMKSA cache updates in preparation to enable external persistent storage of PMKSA cache. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* EAP peer: External server certificate chain validationJouni Malinen2015-12-121-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for optional functionality to validate server certificate chain in TLS-based EAP methods in an external program. wpa_supplicant control interface is used to indicate when such validation is needed and what the result of the external validation is. This external validation can extend or replace the internal validation. When ca_cert or ca_path parameter is set, the internal validation is used. If these parameters are omitted, only the external validation is used. It needs to be understood that leaving those parameters out will disable most of the validation steps done with the TLS library and that configuration is not really recommend. By default, the external validation is not used. It can be enabled by addingtls_ext_cert_check=1 into the network profile phase1 parameter. When enabled, external validation is required through the CTRL-REQ/RSP mechanism similarly to other EAP authentication parameters through the control interface. The request to perform external validation is indicated by the following event: CTRL-REQ-EXT_CERT_CHECK-<id>:External server certificate validation needed for SSID <ssid> Before that event, the server certificate chain is provided with the CTRL-EVENT-EAP-PEER-CERT events that include the cert=<hexdump> parameter. depth=# indicates which certificate is in question (0 for the server certificate, 1 for its issues, and so on). The result of the external validation is provided with the following command: CTRL-RSP-EXT_CERT_CHECK-<id>:<good|bad> It should be noted that this is currently enabled only for OpenSSL (and BoringSSL/LibreSSL). Due to the constraints in the library API, the validation result from external processing cannot be reported cleanly with TLS alert. In other words, if the external validation reject the server certificate chain, the pending TLS handshake is terminated without sending more messages to the server. Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix CONFIG_NO_WPA=y buildJouni Malinen2015-11-231-1/+1
| | | | | | | | Number of places were calling functions that are not included in CONFIG_NO_WPA=y build anymore. Comment out such calls. In addition, pull in SHA1 and MD5 for config_internal.c, if needed. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_supplicant: Add GTK RSC relaxation workaroundMax Stepanov2015-11-011-0/+1
| | | | | | | | | | | | | | | | | | | | | | Some APs may send RSC octets in EAPOL-Key message 3 of 4-Way Handshake or in EAPOL-Key message 1 of Group Key Handshake in the opposite byte order (or by some other corrupted way). Thus, after a successful EAPOL-Key exchange the TSC values of received multicast packets, such as DHCP, don't match the RSC one and as a result these packets are dropped on replay attack TSC verification. An example of such AP is Sapido RB-1732. Work around this by setting RSC octets to 0 on GTK installation if the AP RSC value is identified as a potentially having the byte order issue. This may open a short window during which older (but valid) group-addressed frames could be replayed. However, the local receive counter will be updated on the first received group-addressed frame and the workaround is enabled only if the common invalid cases are detected, so this workaround is acceptable as not decreasing security significantly. The wpa_rsc_relaxation global configuration property allows the GTK RSC workaround to be disabled if it's not needed. Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
* Try to set PMK only with key mgmt offload support in the driverJouni Malinen2015-04-271-1/+2
| | | | | | | | | | | Previously, it was possible for the set_key() handler to be used with WPA_ALG_PMK even if the driver did not indicate support for key management offload. While this is not really supposed to result in any difference, it makes the debug logs somewhat confusing. Avoid that by using driver capability flag for key management offload as an additional condition for setting the PMK. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Allow PSK/passphrase to be set only when neededJouni Malinen2015-03-281-22/+36
| | | | | | | | | | | | | | | | | | | | | The new network profile parameter mem_only_psk=1 can be used to specify that the PSK/passphrase for that network is requested over the control interface (ctrl_iface or D-Bus) similarly to the EAP network parameter requests. The PSK/passphrase can then be configured temporarily in a way that prevents it from getting stored to the configuration file. For example: Event: CTRL-REQ-PSK_PASSPHRASE-0:PSK or passphrase needed for SSID test-wpa2-psk Response: CTRL-RSP-PSK_PASSPHRASE-0:"qwertyuiop" Note: The response value uses the same encoding as the psk network profile parameter, i.e., passphrase is within double quotation marks. Signed-off-by: Jouni Malinen <j@w1.fi>
* eap_proxy: Callback to notify any updates from eap_proxySunil Dutt2015-03-021-0/+22
| | | | | | | | This commit introduces a callback to notify any configuration updates from the eap_proxy layer. This is used to trigger re-reading of IMSI and MNC length. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Preparations for variable length KCK and KEKJouni Malinen2015-01-261-4/+5
| | | | | | | | This modifies struct wpa_ptk to allow the length of KCK and KEK to be stored. This is needed to allow longer keys to be used, e.g., with Suite B 192-bit level. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add peer certificate alt subject name information to EAP eventsJouni Malinen2015-01-141-1/+3
| | | | | | | | | | | | | | | A new "CTRL-EVENT-EAP-PEER-ALT depth=<i> <alt name>" event is now used to provide information about server certificate chain alternative subject names for upper layers, e.g., to make it easier to configure constraints on the server certificate. For example: CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:server.example.com Currently, this includes DNS, EMAIL, and URI components from the certificates. Similar information is priovided to D-Bus Certification signal in the new altsubject argument which is a string array of these items. Signed-off-by: Jouni Malinen <j@w1.fi>
* Include peer certificate always in EAP eventsJouni Malinen2015-01-141-0/+1
| | | | | | | | | | | | | | | | This makes it easier for upper layer applications to get information regarding the server certificate without having to use a special certificate probing connection. This provides both the SHA256 hash of the certificate (to be used with ca_cert="hash://server/sha256/<hash>", if desired) and the full DER encoded X.509 certificate so that upper layer applications can parse and display the certificate easily or extract fields from it for purposes like configuring an altsubject_match or domain_suffix_match. The old behavior can be configured by adding cert_in_cb=0 to wpa_supplicant configuration file. Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix memory leak on wpa_supplicant_init_wpa() error pathJouni Malinen2015-01-071-0/+1
| | | | | | | If wpa_sm_init() fails, the context data needs to be freed in the caller. Signed-off-by: Jouni Malinen <j@w1.fi>
* TDLS: Propagate enable/disable channel-switch commands to driverArik Nemtsov2015-01-041-0/+23
| | | | | | | | | | | | The supplicant code does not try to control the actual channel of the radio at any point. It simply passes the target peer and channel parameters to the driver. It's the driver's responsibility to periodically initiate TDLS channel-switch operations when TDLS channel-switching is enabled. Allow enable/disable operations to be invoked via the control interface. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
* TDLS: Add channel-switch capability flagArik Nemtsov2015-01-041-1/+6
| | | | | | | Propagate a driver TDLS channel-switch support bit from nl80211 to TDLS code. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
* Remove unused send_eapol() driver opJouni Malinen2014-12-111-1/+1
| | | | | | | | | | The send_eapol() callback was used by driver_test.c, but with that removed, there is no remaining users of the alternative EAPOL frame transmitting mechanism in wpa_supplicant, i.e., all remaining driver interfaces use l2_packet instead. Remove the send_eapol() to get rid of unused code. Signed-off-by: Jouni Malinen <j@w1.fi>
* Check os_snprintf() result more consistently - automatic 1Jouni Malinen2014-12-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This converts os_snprintf() result validation cases to use os_snprintf_error() where the exact rule used in os_snprintf_error() was used. These changes were done automatically with spatch using the following semantic patch: @@ identifier E1; expression E2,E3,E4,E5,E6; statement S1; @@ ( E1 = os_snprintf(E2, E3, ...); | int E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else if (E6) E1 = os_snprintf(E2, E3, ...); else E1 = 0; | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else if (E6) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... E1 = os_snprintf(E2, E3, ...); } ) ? os_free(E4); - if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \)) + if (os_snprintf_error(E3, E1)) ( S1 | { ... } ) Signed-off-by: Jouni Malinen <j@w1.fi>
* Replace send_ft_action() driver_op with send_action()Jouni Malinen2014-12-061-1/+38
| | | | | | | | This reduced number of unnecessarily duplicated driver interface callback functions for sending Action frames by using the more generic send_action() instead of FT specific send_ft_action(). Signed-off-by: Jouni Malinen <j@w1.fi>
* Add support for offloading key management operations to the driverChet Lanctot2014-10-231-0/+14
| | | | | | | | | This commit introduces a QCA vendor command and event to provide an option to use extended versions of the nl80211 connect/roam operations in a way that allows drivers to offload key management operations to the driver/firmware. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Allow OpenSSL cipherlist string to be configuredJouni Malinen2014-10-121-0/+1
| | | | | | | | | | | The new openssl_cipher configuration parameter can be used to select which TLS cipher suites are enabled for TLS-based EAP methods when OpenSSL is used as the TLS library. This parameter can be used both as a global parameter to set the default for all network blocks and as a network block parameter to override the default for each network profile. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add external EAPOL transmission option for testing purposesJouni Malinen2014-10-101-0/+15
| | | | | | | | | | The new ext_eapol_frame_io parameter can be used to configure hostapd and wpa_supplicant to use control interface for receiving and transmitting EAPOL frames. This makes it easier to implement automated test cases for protocol testing. This functionality is included only in CONFIG_TESTING_OPTIONS=y builds. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Use WMM IE for propagating peer WMM capabilityArik Nemtsov2014-10-031-4/+4
| | | | | | | | Relying on qos qosinfo is not enough, as it can be 0 for WMM enabled peers that don't support U-APSD. Further, some peers don't even contain this IE (Google Nexus 5), but do contain the WMM IE during setup. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
* TDLS: Set the initiator during tdls_mgmt operationsArik Nemtsov2014-10-031-2/+4
| | | | | | | | Some drivers need to know the initiator of a TDLS connection in order to generate a correct TDLS mgmt packet. It is used to determine the link identifier IE. Pass this information to the driver. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
* Work around broken AP PMKSA caching implementationJouni Malinen2014-09-081-5/+23
| | | | | | | | | | | | | An interoperability issue with a deployed AP has been identified where the connection fails due to that AP failing to operate correctly if PMKID is included in the Association Request frame. To work around this, allow EAPOL-Start packet to be transmitted on startWhen reaching 0 even when trying to use PMKSA caching. In practice, this allows fallback to full EAP authentication if the AP/Authenticator takes more than 1-2 seconds to initiate 4-way handshake for PMKSA caching or full EAP authentication if there was no PMKSA cache match. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* MACsec: wpa_supplicant integrationHu Wang2014-05-091-0/+3
| | | | | | Add MACsec to the wpa_supplicant build system and configuration file. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Pass TDLS peer capability information in tdls_mgmtSunil Dutt2014-03-271-3/+3
| | | | | | | | | | | | | | | While framing the TDLS Setup Confirmation frame, the driver needs to know if the TDLS peer is VHT/HT/WMM capable and thus shall construct the VHT/HT operation / WMM parameter elements accordingly. Supplicant determines if the TDLS peer is VHT/HT/WMM capable based on the presence of the respective IEs in the received TDLS Setup Response frame. The host driver should not need to parse the received TDLS Response frame and thus, should be able to rely on the supplicant to indicate the capability of the peer through additional flags while transmitting the TDLS Setup Confirmation frame through tdls_mgmt operations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Add test option to disable IP address assignment requestJouni Malinen2014-01-271-1/+2
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Add support for IP address assignment in 4-way handshakeJouni Malinen2014-01-271-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | This new mechanism allows P2P Client to request an IPv4 address from the GO as part of the 4-way handshake to avoid use of DHCP exchange after 4-way handshake. If the new mechanism is used, the assigned IP address is shown in the P2P-GROUP-STARTED event on the client side with following new parameters: ip_addr, ip_mask, go_ip_addr. The assigned IP address is included in the AP-STA-CONNECTED event on the GO side as a new ip_addr parameter. The IP address is valid for the duration of the association. The IP address pool for this new mechanism is configured as global wpa_supplicant configuration file parameters ip_addr_go, ip_addr_mask, ip_addr_star, ip_addr_end. For example: ip_addr_go= ip_addr_mask= ip_addr_start= ip_addr_end= DHCP mechanism is expected to be enabled at the same time to support P2P Devices that do not use the new mechanism. The easiest way of managing the IP addresses is by splitting the IP address range into two parts and assign a separate range for wpa_supplicant and DHCP server. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Pass peer's Supported channel and oper class info during sta_addSunil Dutt2014-01-141-1/+7
| | | | | | | | | The information of the peer's supported channel and operating class is required for the driver to do TDLS off channel operations with a compatible peer. Pass this information to the driver when the peer station is getting added. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Skip network disabling on expected EAP failureJouni Malinen2014-01-081-5/+24
| | | | | | | | | | Some EAP methods can go through a step that is expected to fail and as such, should not trigger temporary network disabling when processing EAP-Failure or deauthentication. EAP-WSC for WPS was already handled as a special case, but similar behavior is needed for EAP-FAST with unauthenticated provisioning. Signed-hostap: Jouni Malinen <j@w1.fi>
* EAP peer: Add framework for external SIM/USIM processingJouni Malinen2013-10-201-0/+5
| | | | | | | | | | | | | | The new configuration parameter external_sim=<0/1> can now be used to configure wpa_supplicant to use external SIM/USIM processing (e.g., GSM authentication for EAP-SIM or UMTS authentication for EAP-AKA). The requests and responses for such operations are sent over the ctrl_iface CTRL-REQ-SIM and CTRL-RSP-SIM commands similarly to the existing password query mechanism. Changes to the EAP methods to use this new mechanism will be added in separate commits. Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove compiler warnings if TDLS is enabled without WPA2Jouni Malinen2013-06-071-2/+2
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Add test code for fetching the last configured GTKJouni Malinen2013-05-201-0/+7
| | | | | | | | | | | | This can be useful for some test cases, so allow wpa_supplicant to be built with special test functionality to expose the current (last configured) GTK. This is disabled by default and can be enabled by adding following line into .config: CFLAGS += -DCONFIG_TESTING_GET_GTK The GTK can then be fetched with "wpa_cli get gtk". Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Move AID=1 workaround into driver_nl80211.cJouni Malinen2013-05-061-1/+1
| | | | | | | | The use of AID=1 for the nl80211 dummy STA case is specific to the driver (cfg80211), so better move this into the driver wrapper instead of generic TDLS implementation. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Pass peer's AID information to kernelSunil Dutt2013-05-061-2/+2
| | | | | | | | | The information of the peer's AID is required for the driver to construct partial AID in VHT PPDU's. Pass this information to the driver during add/set station operations (well, as soon as the information is available, i.e., with set station operation currently). Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Fix build with CONFIG_NO_CONFIG_BLOBSJouni Malinen2013-03-161-0/+2
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* TDLS: Pass peer's VHT Capability information during sta_addSunil Dutt2013-02-251-0/+2
| | | | | | | | | The information of the peer's VHT capability is required for the driver to establish a TDLS link in VHT mode with a compatible peer. Pass this information to the driver when the peer station is getting added. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Pass peer's Capability and Ext Capability info during sta_addSunil Dutt2013-02-141-1/+3
| | | | | | | | | The contents of the peer's capability and extended capability information is required for the driver to perform TDLS P-UAPSD and Off Channel operations. Pass this information to the driver when the peer station is getting added. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Pass peer's HT Capability and QOS information during sta_addSunil Dutt2013-02-141-2/+13
| | | | | | | | The information of the peer's HT capability and the QOS information is required for the driver to perform TDLS operations. Pass this information to the driver when the peer station is getting added. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Fix add/set STA operationJouni Malinen2013-02-141-0/+2
| | | | | | | | | | | Commit a9a1d0f08aaf7c96f40def0d7966399b89b2a7c0 added vht_capabilities to struct hostapd_sta_add_params but forgot to update wpa_supplicant_tdls_peer_addset() to initialize the variable to NULL. This could result in uninitialized pointer being used in driver_nl80211.c when adding a TDLS peer entry. Fix this by clearing the hostapd_sta_add_params with memset. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>