path: root/wpa_supplicant/wps_supplicant.c
Commit message (Collapse)AuthorAgeFilesLines
* WPS: Add GCMP-256 and CCMP-256 cipher options on EnrolleeJouni Malinen2017-12-021-0/+10
| | | | | | | | | If a credential with encp type AES is received, add GCMP-256 and CCMP-256 cipher options on station Enrollee based on local capabilities. This is needed to allow connection with an AP using either of these newer ciphers. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Check BSS table against current BSSID if credential does not matchJouni Malinen2017-12-021-0/+3
| | | | | | | | | The credential MAC address is not necessarily that of the AP, i.e., it is more likely to be that of the Enrollee. Check the scan results against the current BSSID as well if match is not found otherwise when going through the mixed mode workaround. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Add option for using random UUIDJouni Malinen2017-04-131-0/+3
| | | | | | | | | | | If the uuid configuration parameter is not set, wpa_supplicant generates an UUID automatically to allow WPS operations to proceed. This was previously always using an UUID generated from the MAC address. This commit adds an option to use a random UUID instead. The type of the automatically generated UUID is set with the auto_uuid parameter: 0 = based on MAC address (default; old behavior), 1 = random UUID. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Notify about WPS PBC event in Enrollee modeJörg Krause2017-03-111-0/+1
| | | | | | | | | | | | Previously, the event "WPS-PBC-ACTIVE" was only generated when wpa_supplicant is operating as WPS Registrar whereas "WPS-SUCCESS" or "WPS-TIMEOUT" are generated for both, the Registrar and the Enrollee roles. Also generate the event when wpa_supplicant is operating as WPS Enrollee to allow monitoring the begin and the end of a WPS PBC process. Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
* Use os_memdup()Johannes Berg2017-03-071-2/+1
| | | | | | | | | | | | | | | | | | | | | | This leads to cleaner code overall, and also reduces the size of the hostapd and wpa_supplicant binaries (in hwsim test build on x86_64) by about 2.5 and 3.5KiB respectively. The mechanical conversions all over the code were done with the following spatch: @@ expression SIZE, SRC; expression a; @@ -a = os_malloc(SIZE); +a = os_memdup(SRC, SIZE); <... if (!a) {...} ...> -os_memcpy(a, SRC, SIZE); Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* wpa_supplicant: "don't care" value for pbss in ssid structureLior David2016-04-081-0/+14
| | | | | | | | | | Add a new value 2 to the pbss parameter of wpa_ssid structure, which means "don't care". This value is used in infrastructure mode to request connection to either AP or PCP, whichever is available in the scan results. The value is also used in regular WPS (not P2P group formation) to make WPS work with devices running as either AP or PCP. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* P2P: Add a separate pointer to the P2P Device instanceLior David2016-02-271-6/+6
| | | | | | | | | | | | | | | In many places in the code there was a reference to wpa_s->parent to get from group interface to p2p_dev interface. These places can break if P2P_DEVICE interface would need to be used with the primary interface as the group interface, since the parent of the primary interface points to itself and not the p2p_dev interface. Fix this by adding a separate "p2pdev" pointer to wpa_supplicant, it will be the same as parent pointer in most cases but whenever the primary interface is used as a group interface, change it to point to the correct p2p_dev interface. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* WPS: Use only os_get_random() for PIN generationNick Lowe2016-02-191-1/+4
| | | | | | | | | Remove the fallback dependency on os_random() when generating a WPS pin. This is exceptionally unlikely to ever be called as the call to os_get_random() is unlikely to fail. The intention is to facilitate future removal of os_random() as it uses a low quality PRNG. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* wpa_supplicant: Basic support for PBSS/PCPLior David2016-02-081-0/+8
| | | | | | | | | | | | | | | | | | | | | PBSS (Personal Basic Service Set) is a new BSS type for DMG networks. It is similar to infrastructure BSS, having an AP-like entity called PCP (PBSS Control Point), but it has few differences. PBSS support is mandatory for IEEE 802.11ad devices. Add a new "pbss" argument to network block. The argument is used in the following scenarios: 1. When network has mode=2 (AP), when pbss flag is set will start as a PCP instead of an AP. 2. When network has mode=0 (station), when pbss flag is set will connect to PCP instead of AP. The function wpa_scan_res_match() was modified to match BSS according to the pbss flag in the network block (wpa_ssid structure). When pbss flag is set it will match only PCPs, and when it is clear it will match only APs. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* WPS: Reconnect for a failed data connection when STA_AUTOCONNECT is 0Sunil Dutt2015-11-171-0/+7
| | | | | | | | | | | | | | | | | If "STA_AUTOCONNECT 0" has been used to disable automatic connection on disconnection event and the driver indicates a failure for the data connection after successful WPS handshake, it is possible to hit a case where wpa_s->disconnected is set to 1 and further attempts to connect shall stop. While "STA_AUTOCONNECT 0" is used to disable automatic reconnection attempts in general, this specific WPS case can benefit from trying again even with that configuration for a short period of time. Extend the wpa_supplicant re-enable-networks-after-WPS 10 second timeout to apply for ignoring disabled STA_AUTOCONNECT immediately after a WPS provisioning step. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* D-Bus: Add Signal to notify WPS PBC Overlap eventSaurav Babu2015-09-271-0/+16
| | | | Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
* D-Bus: Add signal to notify WPS timeout eventSaurav Babu2015-09-271-0/+12
| | | | Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
* P2P: Fix PBC overlap detectionAvraham Stern2015-06-191-29/+28
| | | | | | | | | | | | | | PBC overlap detection searches for another BSS with active PBC in the BSS table. However, when a separate P2P interface is used, scan results without P2P IE are not saved in the BSS table, so non-P2P BSS's with active PBC will not be detected. Fix this by iterating only the WPS AP array instead of the BSS table. This is also more efficient since only WPS APs may have active PBC. This also fixes hwsim test "grpform_pbc_overlap" when a dedicated P2P Device is used. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* WPS: Allow the priority for the WPS networks to be configuredSunil Dutt2015-06-041-0/+4
| | | | | | | This commit adds a configurable parameter (wps_priority) to specify the priority for the networks derived through WPS connection. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Fix a potential memory leak in a P2P+NFC corner casePurushottam Kushwaha2015-05-291-0/+1
| | | | | | | | | Avoid memory leak due to previous allocation for ssid->ssid. It does not look like this is hit in normal cases, but at might be possible for the SSID to get set if the peer is present in previous scan results and WPS code ends up copying the SSID from there. Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
* WPS: Add support for 60 GHz bandHamad Kadmany2015-04-271-1/+8
| | | | | | | | Handling of WPS RF band for 60 GHz was missing. Add it in all relevant places and also map "AES" as the cipher to GCMP instead of CCMP when operating on the 60 GHz band. Signed-off-by: Hamad Kadmany <qca_hkadmany@qca.qualcomm.com>
* WPS: Enforce five second minimum time before AP iterationHu Wang2015-04-241-3/+18
| | | | | | | | | | | | | | Previously, wpa_supplicant was using number of scan iterations (WPS_PIN_SCAN_IGNORE_SEL_REG = 3) to give some time for finding a WPS AP with Selected Registrar TRUE before starting to iterate through all WPS APs. While this works fine in most cases, some drivers may return the initial three scan results so quickly that the total amount of time is only couple of seconds in case none of the APs are initially advertising Selected Registrar TRUE. To give some more time for APs (WPS Registrars) to become ready, add an additional constraint on the iteration based on time (WPS_PIN_TIME_IGNORE_SEL_REG = 5 seconds). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Use SSID_MAX_LEN define instead of value 32 when comparing SSID lengthJouni Malinen2015-04-221-1/+1
| | | | | | This makes the implementation easier to understand. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Do not add blacklist entries based on normal disconnect request casesJouni Malinen2015-03-011-1/+7
| | | | | | | | | | There are number of cases where wpa_supplicant requests the current connection to be disconnected before starting a new operation. Such cases do not really indicate that there was an error in connecting or a disconnection initiated by the AP, so do not add a temporary blacklist entry in such sequences. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Reject station-mode WPS operations when AP mode is enabledJouni Malinen2015-01-021-0/+22
| | | | | | | | | | Start of station-mode WPS PBC/PIN/Registrar/NFC operation would result in the AP mode getting disabled. This can be particularly confusing for the P2P GO case where the group would need to be stopped cleanly. As such, it is better to reject these invalid operations rather than trying to handle all corner cases needed to allow this to work robustly. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS ER: Explicitly clear PSK from stack after useJouni Malinen2014-12-291-1/+4
| | | | | | | | There is no need to leave the PSK from temporary Credential structure that was built in stack after that Credential has been passed to the WPS module. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Do not indicate PBC overlap for the same BSSJouni Malinen2014-12-251-0/+4
| | | | | | | | | | | Even if the UUID would have a mismatch, e.g., due to no UUID known for the target in a new WPS PBC instance, do not indicate PBC session overlap if the BSSID is same in the two entries. This should not really happen in normal use cases, but can happen at least in some test scenarios where the same BSSID is used in consecutive test cases and the old BSS entry remains in cfg80211 cache. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS ER: Remove unnecessary return valueJouni Malinen2014-12-141-2/+1
| | | | | | | wps_er_deinit() cannot fail and it does not return anything, so neither should wpas_wps_er_stop(). Signed-off-by: Jouni Malinen <j@w1.fi>
* Check os_snprintf() result more consistently - automatic 1Jouni Malinen2014-12-081-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This converts os_snprintf() result validation cases to use os_snprintf_error() where the exact rule used in os_snprintf_error() was used. These changes were done automatically with spatch using the following semantic patch: @@ identifier E1; expression E2,E3,E4,E5,E6; statement S1; @@ ( E1 = os_snprintf(E2, E3, ...); | int E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else if (E6) E1 = os_snprintf(E2, E3, ...); else E1 = 0; | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else if (E6) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... E1 = os_snprintf(E2, E3, ...); } ) ? os_free(E4); - if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \)) + if (os_snprintf_error(E3, E1)) ( S1 | { ... } ) Signed-off-by: Jouni Malinen <j@w1.fi>
* Check os_snprintf() result more consistently - success caseJouni Malinen2014-12-081-1/+1
| | | | | | | | | | | | | | | | | | | This converts os_snprintf() result validation cases to use os_snprintf_error() in cases where success condition was used to execute a step. These changes were done automatically with spatch using the following semantic patch: @@ expression E1,E2,E3; statement S1; @@ E1 = os_snprintf(E2, E3, ...); - if (\( E1 >= 0 \| E1 > 0 \) && \( (size_t) E1 < E3 \| E1 < (int) E3 \| E1 < E3 \)) + if (!os_snprintf_error(E3, E1)) S1 Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Fix current_ssid clearing on duplicate network removalJouni Malinen2014-11-301-0/+2
| | | | | | | | | | | It was possible for the current network profile to be deleted when merging duplicated WPS credentials. However, this did not clear wpa_s->current_ssid and it was possible for something else to end up dereferencing that pointer to now freed memory. This could be hit, e.g., with ap_wps_mixed_cred. Fix this by clearing current_ssid also in this code path similarly to other cases of network block getting removed. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Support GCMP as part of 60 GHz supportAhmad Masri2014-10-271-1/+8
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Merge mixed-WPA/WPA2 credentials if received in same sessionHu Wang2014-08-291-2/+49
| | | | | | | | | | | Some deployed APs send two credentials when in mixed-WPA/WPA2 configuration; one for the WPA-Personal/TKIP and the other for WPA2-Personal/CCMP. Previously, this would result in two network blocks getting added for the single AP. This can be somewhat confusing and unnecessary, so merge such credentials into a single one that allows both WPA and WPA2 to be used. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Clean up by moving ifdef CONFIG_P2P to p2p_suppplicant.hJouni Malinen2014-06-151-6/+0
| | | | | | | | This removes number of unnecessary #ifdef CONFIG_P2P blocks from generic code by hiding the conditional build into p2p_supplicant.h with empty inline functions. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove leftover timeouts on cleanupAlexandru Costache2014-05-121-0/+4
| | | | Signed-off-by: Alexandru Costache <alexandru.costache.100@gmail.com>
* WPS: Split eapol_cb reconnect to a separate code pathJouni Malinen2014-04-131-3/+32
| | | | | | | | | | Use eloop timeout to run the reconnect command after eapol_cb has returned. This reduces stack use and can simplify the driver command/event sequence by allowing the disconnection events from the provisioning step to be processed before starting the actual data connection. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Close p2p_group and temporary parameters to all network blocksJouni Malinen2014-04-131-0/+11
| | | | | | | | If a P2P GO issues multiple credentials for some reason, clone the p2p_group and temporary parameters to all those based on the initial network block that gets used for the first credential. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS NFC: Remove NFC_RX_HANDOVER_SELJouni Malinen2014-04-061-2/+2
| | | | | | | | | | | The newer NFC_REPORT_HANDOVER command is more general version that handles the cases where NFC_RX_HANDOVER_SEL could potentially have been used. In addition, with the new WPS NFC design, it is important to receive the handover request message that was used in the handover in addition to the select message, so the NFC_RX_HANDOVER_SEL command on its own would not be sufficient for this. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Remove unused WEP related functionalityJouni Malinen2014-04-061-39/+2
| | | | | | | | | | | Now that WPS 2.0 support is enabled unconditionally, WEP and Shared auth type are not allowed. This made some of the older code unused and that can now be removed to clean up the implementation. There is still one place where WEP is allowed for testing purposes: wpa_supplicant as Registrar trying to configure an AP to use WEP. That is now only allowed in CONFIG_TESTING_OPTIONS=y builds, though. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Fix segfault when PBC overlap is detectedAvraham Stern2014-03-281-10/+1
| | | | | | | | | | If a separate P2P group interface is used, PBC overlap during group formation causes the group interface to be removed, which ends up with the interface context becoming invalid. Fix this by scheduling a timeout to process the PBC overlap and interface removal instead of removing the interface directly before the connection operation has returned. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* WPS: Enable WSC 2.0 support unconditionallyJouni Malinen2014-03-251-2/+0
| | | | | | | | | There is not much point in building devices with WPS 1.0 only supported nowadays. As such, there is not sufficient justification for maintaining extra complexity for the CONFIG_WPS2 build option either. Remove this by enabling WSC 2.0 support unconditionally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Remove unused NFC_RX_HANDOVER_REQJouni Malinen2014-02-151-8/+0
| | | | | | | | The more generic NFC_REPORT_HANDOVER is now used to report completed NFC connection handover operations in either role and NFC_RX_HANDOVER_REQ did not have any implementation within wpa_supplicant. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Remove unused Credential AP Channel processingJouni Malinen2014-02-041-19/+9
| | | | | | | | | | | | | | | | Commit bd3a3737672aaf6eb50dba2b8caa3941c8df42e9 added a mechanism to use AP Channel attribute from within a Credential attribute to optimize scans. However, this design is not actually used with the WPS NFC use cases. With configuration token, the AP Channel attribute is in the same container with the Credential attribute (and that was also handled in the previous implementation). With connection handover, AP Channel information is outside the Credential attribute as well. Simplify implementation by removing the AP Channel within Credential case. This allows wpas_wps_use_cred() to get the AP Channel from the container instead of having to find this during credential iteration. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Add support for freq option in NFC ctrl_iface commandsJouni Malinen2014-01-271-2/+3
| | | | | | | This can be used to force an operating channel for P2P group formation triggered by NFC operations. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Use BSSID and AP Channel from handover selectJouni Malinen2014-01-271-11/+50
| | | | | | | These optional attributes, if present, can be used to speed up the initial connection by using a single channel scan. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Use AP Channel information from credential containerJouni Malinen2014-01-271-0/+6
| | | | | | | | This allows NFC Configuration Token to indicate the current AP operating channel, so that a single channel scan can be used to speed up the initial connection. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Optimize join-a-group operation based on NFC informationJouni Malinen2014-01-271-10/+21
| | | | | | | | | | When the NFC connection handover message received from a peer indicates that the peer is operating as a GO on a specific channel, use that information to avoid having to go through full scan. In addition, skip the separate join-a-group scan since we already know the operating channel, GO P2P Device Address, and SSID. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Update DH keys for ER operationsJouni Malinen2014-01-271-11/+9
| | | | | | | | | | Since wpa_s->conf->wps_nfc_dh_* parameters can be set in number of code paths, update the wps_context copy of the DH keys even if no new keys were generated for the request. This tries to avoid some cases where public key hash may not have matched the public key used in the ER operation. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Report handover select from tag for static handoverJouni Malinen2014-01-271-0/+8
| | | | | | | WPS_NFC_TAG_READ can be used to report static connection handover where the connection handover select message was read from an NFC tag. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* NFC: Update WPS ER to use the new connection handover designJouni Malinen2014-01-271-6/+131
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Process new style handover selectJouni Malinen2014-01-271-13/+101
| | | | | | | | | The new WPS connection handover select includes Registrar public key hash instead of credential. Use the new information to start abbreviated WPS handshake instead of configuring a new network directly from the old Credential-from-NFC design. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Build new style carrier record for connection handover requestJouni Malinen2014-01-271-4/+22
| | | | | | | | | | | | | It is more useful to be able to build a single NFC carrier record instead of the full connection handover request message to allow external components to decide whether to negotiate which alternative carrier is used. This updates the carrier record contents to the new design to include Enrollee public key hash and provides this as a carrier record instead of full message. An external program is expected to be used to build the full NFC connection handover message with potentially other alternative carrier records included. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Preparations for allowing SSID filtering for provisioning stepJouni Malinen2014-01-271-5/+16
| | | | | | | | If the SSID of the WPS AP is known, it should be possible to limit AP selection based on this when searching for an active WPS AP. This commit adds a mechanism to specify SSID for this type of uses. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Validate peer public key hash on EnrolleeJouni Malinen2014-01-271-13/+37
| | | | | | | Since the Enrollee can now get the public key hash from the Registrar, there is need to validate this during the WPS protocol run. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Reject group formation on WPS provisioning failureJouni Malinen2014-01-071-1/+6
| | | | | | | | | There is no need to wait for the 15 second group formation timeout to clear the state if WPS failure is detected during P2P group formation. Allow the WPS exchange steps (WSC_NACK and EAP-Failure) to be completed and remove the group to get rid of the extra wait. Signed-hostap: Jouni Malinen <j@w1.fi>