path: root/wpa_supplicant
Commit message (Collapse)AuthorAgeFilesLines
* mesh: Fix channel configuration in pri/sec switch caseJouni Malinen2016-12-131-7/+15
| | | | | | | | | | | | | | If 20/40 MHz co-ex scan resulted in switching primary and secondary channels, mesh setup failed to update the frequency parameters for hostapd side configuration and that could result in invalid secondary channel configuration preventing creating of the mesh network. This could happen, e.g., when trying to set up mesh on 5 GHz channel 36 and co-ex scan finding a BSS on channel 40. Switching the pri/sec channels resulted in hostapd code trying to check whether channel 32 is available. Fix this by swapping the channels for hostapd configuration when needed. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* External persistent storage for PMKSA cache entriesJouni Malinen2016-12-125-0/+174
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds new wpa_supplicant control interface commands PMKSA_GET and PMKSA_ADD that can be used to store PMKSA cache entries in an external persistent storage when terminating a wpa_supplicant process and then restore those entries when starting a new process. The previously added PMKSA-CACHE-ADDED/REMOVED events can be used to help in synchronizing the external storage with the memory-only volatile storage within wpa_supplicant. "PMKSA_GET <network_id>" fetches all stored PMKSA cache entries bound to a specific network profile. The network_id of the current profile is available with the STATUS command (id=<network_id). In addition, the network_id is included in the PMKSA-CACHE-ADDED/REMOVED events. The output of the PMKSA_GET command uses the following format: <BSSID> <PMKID> <PMK> <reauth_time in seconds> <expiration in seconds> <akmp> <opportunistic> For example: 02:00:00:00:03:00 113b8b5dc8eda16594e8274df4caa3d4 355e98681d09e0b69d3a342f96998aa765d10c4459ac592459b5efc6b563eff6 30240 43200 1 0 02:00:00:00:04:00 bbdac8607aaaac28e16aacc9152ffe23 e3dd6adc390e685985e5f40e6fe72df846a0acadc59ba15c208d9cb41732a663 30240 43200 1 0 The PMKSA_GET command uses the following format: <network_id> <BSSID> <PMKID> <PMK> <reauth_time in seconds> <expiration in seconds> <akmp> <opportunistic> (i.e., "PMKSA_ADD <network_id> " prefix followed by a line of PMKSA_GET output data; however, the reauth_time and expiration values need to be updated by decrementing them by number of seconds between the PMKSA_GET and PMKSA_ADD commands) For example: PMKSA_ADD 0 02:00:00:00:03:00 113b8b5dc8eda16594e8274df4caa3d4 355e98681d09e0b69d3a342f96998aa765d10c4459ac592459b5efc6b563eff6 30140 43100 1 0 PMKSA_ADD 0 02:00:00:00:04:00 bbdac8607aaaac28e16aacc9152ffe23 e3dd6adc390e685985e5f40e6fe72df846a0acadc59ba15c208d9cb41732a663 30140 43100 1 0 This functionality is disabled be default and can be enabled with CONFIG_PMKSA_CACHE_EXTERNAL=y build configuration option. It should be noted that this allows any process that has access to the wpa_supplicant control interface to use PMKSA_ADD command to fetch keying material (PMK), so this is for environments in which the control interface access is restricted. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add PMKSA-CACHE-ADDED/REMOVED events to wpa_supplicantJouni Malinen2016-12-121-2/+30
| | | | | | | These allow external program to monitor PMKSA cache updates in preparation to enable external persistent storage of PMKSA cache. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Set p2p_persistent_group=1 at the time of reading disabled=2Avichal Agarwal2016-12-121-0/+3
| | | | | | | | | | Configuration file network block with disabled=2 is used for storing information about a persistent group, so p2p_persitent_group should be updated according to this when creating a struct wpa_ssid instance. This will end up using D-Bus persistent network object path for the network. Signed-off-by: Avichal Agarwal <avichal.a@samsung.com> Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
* Remove MBO dependency from Supported Operating Classes elementvamsi krishna2016-12-117-331/+325
| | | | | | | | Supported Operating Classes element and its use is define in the IEEE 802.11 standard and can be sent even when MBO is disabled in the build. As such, move this functionality out from the CONFIG_MBO=y only mbo.c. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Interworking: Clear SCANNING state if no network selectedJouni Malinen2016-12-111-1/+2
| | | | | | | | | | | | | | | Commit 192ad3d7307473f14c049c1ea724e292a3f8ae24 ('Interworking: Clear SCANNING state if no match found') did this for the case where no network matched credentials, but left the SCANNING state in place if there were a match, but automatic connection was not enabled. Extend this to cover the case where INTERWORKING_SELECT is not followed by a connection attempt so that wpa_state is not left indefinitely to SCANNING. This fixes a hwsim test case failure in the following sequence: ap_anqp_sharing scan_trigger_failure Signed-off-by: Jouni Malinen <j@w1.fi>
* SME: Fix IBSS setup after shared key/FT/FILS associationJouni Malinen2016-12-111-0/+7
| | | | | | | | | | | | | wpa_s->sme.auth_alg could have been left to a previously value other than WPA_AUTH_ALG_OPEN if IBSS network is used after an association that used shared key, FT, or FILS authentication algorithm. This could result in the IBSS setup failing due to incorrect authentication processing steps. Fix this by setting wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN whenever starting an IBSS (or mesh, for that matter) network. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Fix a theoretical out of bounds read in wpas_p2p_select_go_freq()Amit Purwar2016-12-111-3/+3
| | | | | | | | | | | | | | | | | | | | | | Commit 8e84921efe652233703588852bc43c36ccb241df ('P2P: Support driver preferred freq list for Autonomous GO case') introduced this loop to go through preferred channel list from the driver. The loop does bounds checking of the index only after having read a value from the array. That could in theory read one entry beyond the end of the stack buffer. Fix this by moving the index variable check to be done before using it to fetch a value from the array. This code is used only if wpa_supplicant is build with CONFIG_DRIVER_NL80211_QCA=y and if the driver supports the vendor extension (get_pref_freq_list() driver op). In addition, the driver would need to return more than P2P_MAX_PREF_CHANNELS (= 100) preferred channels for this to actually be able to read beyond the buffer. No driver is known to return that many preferred channels, so this does not seem to be reachable in practice. Signed-off-by: Amit Purwar <amit.purwar@samsung.com> Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
* P2P: Fix a theoretical out of bounds read in wpas_p2p_setup_freqs()Amit Purwar2016-12-111-3/+3
| | | | | | | | | | | | | | | | | | | | | | Commit 370017d968e071522357ea88c0c6aaed02853222 ('P2P: Use preferred frequency list from the local driver') introduced this loop to go through preferred channel list from the driver. The loop does bounds checking of the index only after having read a value from the array. That could in theory read one entry beyond the end of the stack buffer. Fix this by moving the index variable check to be done before using it to fetch a value from the array. This code is used only if wpa_supplicant is build with CONFIG_DRIVER_NL80211_QCA=y and if the driver supports the vendor extension (get_pref_freq_list() driver op). In addition, the driver would need to return more than P2P_MAX_PREF_CHANNELS (= 100) preferred channels for this to actually be able to read beyond the buffer. No driver is known to return that many preferred channels, so this does not seem to be reachable in practice. Signed-off-by: Amit Purwar <amit.purwar@samsung.com> Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
* Ignore scan results from ongoing scan when FLUSH command is issuedJouni Malinen2016-12-114-1/+17
| | | | | | | | | | | | | This makes wpa_supplicant behavior more consistent with FLUSH command to clear all state. Previously, it was possible for an ongoing scan to be aborted when the FLUSH command is issued and the scan results from that aborted scan would still be processed and that would update the BSS table which was supposed to cleared by the FLUSH command. This could result in hwsim test case failures due to unexpected BSS table entries being present after the FLUSH command. Signed-off-by: Jouni Malinen <j@w1.fi>
* Make update_idx available in BSS control interface commandJouni Malinen2016-12-101-0/+8
| | | | | | This can be used to perform more accurate tests on BSS entry updates. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_passphrase: Reject invalid passphraseJouni Malinen2016-12-051-1/+7
| | | | | | | | Reject a passphrase with control characters instead of trying to write out an example network configuration block with such control characters included. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Defer scans while PNO is in progress instead of skipping themArik Nemtsov2016-12-041-5/+15
| | | | | | | | Skipping the scan altogether will hurt auto-reconnect. Also move the PNO check down since the scan might be canceled for other reasons before we defer it. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
* nl80211: Move duplicate scan result removal to bss.cJouni Malinen2016-12-031-0/+36
| | | | | | | | | | | | | | | | The way the removal of duplicated (one per frequency) BSS entries in the cfg80211 scan results were removed in driver_nl80211_scan.c bss_info_handler() depended on having the full scan results available to allow iteration through the other entries. This is problematic for the goal of being able to optimize memory allocations for scan result fetching in a manner that would not build the full result buffer in memory. Move this duplicate removal into bss.c since it has sufficient information available for doing the same determination of which one of two BSS entries is more current. Signed-off-by: Jouni Malinen <j@w1.fi>
* privsep: Support frequency list for scan requestsJouni Malinen2016-12-031-0/+12
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* privsep: Support multiple scan SSIDsJouni Malinen2016-12-031-5/+18
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* privsep: Fix scan result fetching with Beacon frame IEsJouni Malinen2016-12-031-1/+1
| | | | | | | | | wpa_priv did not yet support Beacon frame IEs (res->beacon_ie_len) which resulted in invalid scan data being accepted in driver_privsep.c. Add support for res->beacon_ie_len and also fix the validation step to take this new variable length field into account. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Document reduced functionalityJouni Malinen2016-12-031-0/+11
| | | | | | | | | wpa_priv has never really been fully up-to-date with the wpa_supplicant driver interface extensions. This does not seem like something that would change in the future either, so document this reduced functionality as a potential drawback. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Handler driver global_deinit() on termination pathJouni Malinen2016-12-031-2/+6
| | | | | | | This avoids a theoretical resource leak on exit path if wpa_priv is killed while there is a wpa_supplicant process using it. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Explicitly clear padding in message structuresJouni Malinen2016-12-031-1/+2
| | | | | | | This avoids some valgrind warnings about use of uninitialized memory in cases where a struct may have padding octets between the fields. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Use fromlen instead sizeof(struct sockaddr_un)Jouni Malinen2016-12-031-38/+45
| | | | | | | | | This gets rid of some dependencies on how extra octets at the end of the struct sockaddr_un get "uninitialized" consistently by only using the exact length of the address data from the recvfrom() call. This resolves number of valgrind warnings about use of uninitialized memory. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_priv: Add support for multiple l2_packet connectionsJouni Malinen2016-12-031-38/+92
| | | | | | | | This is needed to be able to work with many wpa_supplicant use cases, e.g., due to use of TDLS or RSN pre-authentication needing a separate l2_packet socket. Signed-off-by: Jouni Malinen <j@w1.fi>
* mka: Remove references to macsec_qca from wpa_supplicant.confSabrina Dubroca2016-11-301-6/+4
| | | | | | | Make the documentation generic, as this is no longer the only macsec driver. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* Add support to abort vendor scanSunil Dutt2016-11-303-8/+29
| | | | | | | | | | | | | | | | | | | This commit enhances the existing implementation of abort scan to also abort concurrent active vendor scans. This is achieved by passing the the scan_cookie to the driver interface with the intention to abort the specific scan request. This scan_cookie is returned from the driver interface when the scan request is scheduled. This scan_cookie is 0 if the scan is triggered through the upstream cfg80211 interface. Thus, the scan_cookie is used to determine whether to abort the cfg80211 or vendor scan request. Also, the previous implementation of relying on scan_work/p2p_scan_work for the active work to trigger the abort scan is enhanced to check for the started state of either of these work operations. This should also help to abort the concurrent active scan/p2p-scan operations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* nl80211: Enhance abort scan to also abort the vendor scanSunil Dutt2016-11-302-3/+4
| | | | | | | This commit enhances the abort scan implementation to also abort the vendor scan, if one was used to trigger the scan. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Use random MAC address for scanning only in non-connected stateSrinivas Dasari2016-11-251-3/+6
| | | | | | | | | | | cfg80211 rejects the scans issued with random MAC address if the STA is in connected state. This resulted in failures when using MAC_RAND_SCAN while connected (CTRL-EVENT-SCAN-FAILED ret=-95). Enable random MAC address functionality only if the STA is not in connected state to avoid this. The real MAC address of the STA is already revealed in the association, so this is an acceptable fallback mechanism for now. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* D-Bus: Send P2P IP address assignment info with GroupStarted eventNishant Chaprana2016-11-215-9/+22
| | | | | | | This commit adds IP address information into GroupStarted event on the P2P client side like it is sent over the control interface. Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
* D-Bus: Add getter and setter for P2P IP address config parametersNishant Chaprana2016-11-201-0/+61
| | | | | | | | | | This patch adds setter and getter for P2P IP address config parameters: 1. ip_addr_go 2. ip_addr_mask 3. ip_addr_start 4. ip_addr_end Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
* wpa_supplicant: Allow configuring the MACsec port for MKASabrina Dubroca2016-11-196-2/+18
| | | | | | | Previously, wpa_supplicant only supported hardcoded port == 1 in the SCI, but users may want to choose a different port. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Add enable_encrypt op and call it from CP state machineSabrina Dubroca2016-11-192-0/+15
| | | | | | This allows MKA to turn encryption on/off down to the driver. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* wpa_supplicant: Add macsec_integ_only setting for MKASabrina Dubroca2016-11-196-1/+30
| | | | | | | | | So that the user can turn encryption on (MACsec provides confidentiality+integrity) or off (MACsec provides integrity only). This commit adds the configuration parameter while the actual behavior change to disable encryption in the driver is handled in the following commit. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* wpa_supplicant: Allow pre-shared (CAK,CKN) pair for MKASabrina Dubroca2016-11-197-1/+193
| | | | | | | | | | | | This enables configuring key_mgmt=NONE + mka_ckn + mka_cak. This allows wpa_supplicant to work in a peer-to-peer mode, where peers are authenticated by the pre-shared (CAK,CKN) pair. In this mode, peers can act as key server to distribute keys for the MACsec instances. This is what some MACsec switches support, and even without HW support, it's a convenient way to setup a network. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* Android: Remove BoringSSL guardKenny Root2016-11-191-2/+0
| | | | | | | BoringSSL is the only supported version of SSL, so remove this guard so we can continue to compile when the flavor.mk is removed. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Debug print scan results matching the currently selected networkJouni Malinen2016-11-133-112/+206
| | | | | | | | | | This provides more details on BSS selection process in the debug log. Previously, the BSSs that were not either the current or the selected one were not necessarily printed at all. Now all BSSs that match the currently selected network are listed with their frequency and signal strength details. Signed-off-by: Jouni Malinen <j@w1.fi>
* Use estimated throughput to avoid signal based roaming decisionJouni Malinen2016-11-131-10/+42
| | | | | | | | | | | | | | | | | Previously, the estimated throughput was used to enable roaming to a better AP. However, this information was not used when considering a roam to an AP that has better signal strength, but smaller estimated throughput. This could result in allowing roaming from 5 GHz band to 2.4 GHz band in cases where 2.4 GHz band has significantly higher signal strength, but still a lower throughput estimate. Make this less likely to happen by increasing/reducing the minimum required signal strength difference based on the estimated throughputs of the current and selected AP. In addition, add more details about the selection process to the debug log to make it easier to determine whaty happened and why. Signed-off-by: Jouni Malinen <j@w1.fi>
* FT: Differentiate between FT for station and for AP in buildIlan Peer2016-10-293-3/+17
| | | | | | | | | | | | | | Previously, CONFIG_IEEE80211R enabled build that supports FT for both station mode and AP mode. However, in most wpa_supplicant cases only station mode FT is required and there is no need for AP mode FT. Add support to differentiate between station mode FT and AP mode FT in wpa_supplicant builds by adding CONFIG_IEEE80211R_AP that should be used when AP mode FT support is required in addition to station mode FT. This allows binary size to be reduced for builds that require only the station side FT functionality. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* wpa_supplicant: Make CONFIG_MBO independent of CONFIG_APAvrahams Stern2016-10-292-10/+10
| | | | | | | | | | CONFIG_MBO was defined inside ifdef CONFIG_AP, so when AP support was not compiled, MBO was not compiled either. However, CONFIG_MBO is not related AP support, so it should not depend on CONFIG_AP. Fix this by moving CONFIG_MBO outside of ifdef CONFIG_AP. Signed-off-by: Avrahams Stern <avraham.stern@intel.com>
* wpa_supplicant: Get scan_result IE also from Beacon framesEliad Peller2016-10-291-1/+7
| | | | | | No reason to require ie_len if only beacon_ie_len is given. Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
* mka: Add support for removing SAsSabrina Dubroca2016-10-292-0/+30
| | | | | | | So that the core can notify drivers that need to perform some operations when an SA is deleted. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Remove "channel" hacks from the stack and the macsec_qca driverSabrina Dubroca2016-10-292-32/+0
| | | | | | | | | | | | | | | | | | This is specific to the macsec_qca driver. The core implementation shouldn't care about this, and only deal with the complete secure channel, and pass this down to the driver. Drivers that have such limitations should take care of these in their ->create functions and throw an error. Since the core MKA no longer saves the channel number, the macsec_qca driver must be able to recover it. Add a map (which is just an array since it's quite short) to match SCIs to channel numbers, and lookup functions that will be called in every place where functions would get the channel from the core code. Getting an available channel should be part of channel creation, instead of being a preparation step. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* wpa_supplicant: Use correct interface type when creating P2P interfaceAvrahams Stern2016-10-281-1/+1
| | | | | | | | | | | | | | | When starting ASP provisioning with connection capability set to NEW, don't create the pending P2P interface as a GO interface because Go negotiation will determine which side will be the GO and it is possible that eventually this interface will become the client. In this case, when the P2P client is started it will start scanning and do other station specific operations while the interface type is AP. Instead, use type WPA_IF_P2P_GROUP when creating the interface which means the interface type will be determined later. Signed-off-by: Avrahams Stern <avraham.stern@intel.com>
* Add CONFIG_IBSS_RSN=y into wpa_supplicant defconfigJouni Malinen2016-10-281-0/+5
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Do not try to start/join RSN IBSS without CONFIG_IBSS_RSN=yJouni Malinen2016-10-282-0/+28
| | | | | | | | | | | Previously, a build without IBSS RSN support tried to start/join an IBSS even if the profile was configured with RSN parameters. This does not work and resulted in quite confusing debug log. Make this clearer by explicitly checking for this case and reject the connection attempt with a clearer debug log entry instead of trying something that is known to fail. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* nl80211: Allow TDLS trigger modes to be configured to the host driverSunil Dutt2016-10-272-0/+11
| | | | | | | | This commit adds a control interface command to configure the TDLS trigger mode to the host driver. This TDLS mode is configured through the "SET tdls_trigger_control" control interface command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Claim FILS capability only if driver supports itJouni Malinen2016-10-251-1/+2
| | | | | | | | "GET_CAPABILITY fils" used to return "FILS" based on wpa_supplicant configuration. This can be made more useful by checking both for wpa_supplicant and driver support for FILS. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Association Response processing (STA)Jouni Malinen2016-10-251-0/+20
| | | | | | | Decrypt the AES-SIV protected elements and verify Key-Auth. Parse and configure keys to the driver. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Add elements to FILS Association Request frameJouni Malinen2016-10-252-1/+35
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Check if the pref_freq reported by the driver supports P2PSunil Dutt2016-10-241-2/+4
| | | | | | | | | | | | Filter out get_pref_freq_list() (i.e., QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST) output in case of channel negotiation by removing channels that do not allow P2P operation at all. Previously, only the explicitly disallowed channels were removed and that could have resulted in selecting an operating channel that is not allowed for P2P and failing to complete the operation to start the group. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Authentication frame processing (STA)Jouni Malinen2016-10-221-0/+18
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Extend wpa_auth_pmksa_get() to support PMKID matchingJouni Malinen2016-10-222-3/+3
| | | | | | This is needed for FILS processing to enable PMKSA caching. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>