path: root/wpa_supplicant
Commit message (Collapse)AuthorAgeFilesLines
* WPS NFC: Use AP Channel information from credential containerJouni Malinen2014-01-271-0/+6
| | | | | | | | This allows NFC Configuration Token to indicate the current AP operating channel, so that a single channel scan can be used to speed up the initial connection. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: WPA state machine config with driver-based BSS selectionJouni Malinen2014-01-271-29/+28
| | | | | | | | | | | wpa_s->current_bss was updated too late for the wpa_supplicant_rsn_supp_set_config() call within wpa_supplicant_select_config(). Re-order code so that current_bss gets updated between current_ssid update and this call to set the WPA state machine configuration, so that the new code that determines whether the current GO support the new IP address assignment mechanism works. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Static handover with NFC Tag on clientJouni Malinen2014-01-271-9/+55
| | | | | | | | | This adds a new P2P Invitation mechanism to invite a P2P Device with an NFC Tag to an already operating group when the GO with NFC Device reads the NFC Tag. The P2P Device with the NFC Tag will then accept invitation and connect to the group automatically using its OOB Device Password. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Enable own NFC Tag on GO RegistrarJouni Malinen2014-01-271-0/+32
| | | | | | | When "P2P_SET nfc_tag 1" is used to enable the own NFC Tag for P2P, also enable it for any running GO interface. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Add GO info into handover message when in client roleJouni Malinen2014-01-271-8/+38
| | | | | | | | P2P Group ID can optionally be included in the connection handover messages when acting as a P2P Client in a group. Add this information and show it in the P2P-NFC-PEER-CLIENT event message. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Optimize join-a-group operation based on NFC informationJouni Malinen2014-01-274-37/+82
| | | | | | | | | | When the NFC connection handover message received from a peer indicates that the peer is operating as a GO on a specific channel, use that information to avoid having to go through full scan. In addition, skip the separate join-a-group scan since we already know the operating channel, GO P2P Device Address, and SSID. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Copy DH parameters to a separate group interfaceJouni Malinen2014-01-271-0/+5
| | | | | | | The DH public and private key needs to be copied for the separate group interface if that is used for a P2P group. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Update DH keys for ER operationsJouni Malinen2014-01-271-11/+9
| | | | | | | | | | Since wpa_s->conf->wps_nfc_dh_* parameters can be set in number of code paths, update the wps_context copy of the DH keys even if no new keys were generated for the request. This tries to avoid some cases where public key hash may not have matched the public key used in the ER operation. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Add processing of P2P client while NFC handover caseJouni Malinen2014-01-271-19/+53
| | | | | | | | Instead of automatically triggering a connection, provide an indication of one of the devices being a P2P client to upper layers to allow user to determine what to do next. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Do not try to join peer if both devices are already GOJouni Malinen2014-01-271-0/+11
| | | | | | | | Send a P2P-NFC-BOTH-GO event to upper layers to determine what to do in case both devices going through NFC connection handover are already operating as a GO. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Add test option to disable IP address assignment requestJouni Malinen2014-01-273-1/+9
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Add support for IP address assignment in 4-way handshakeJouni Malinen2014-01-2710-4/+94
| | | | | | | | | | | | | | | | | | | | | | | | | | | This new mechanism allows P2P Client to request an IPv4 address from the GO as part of the 4-way handshake to avoid use of DHCP exchange after 4-way handshake. If the new mechanism is used, the assigned IP address is shown in the P2P-GROUP-STARTED event on the client side with following new parameters: ip_addr, ip_mask, go_ip_addr. The assigned IP address is included in the AP-STA-CONNECTED event on the GO side as a new ip_addr parameter. The IP address is valid for the duration of the association. The IP address pool for this new mechanism is configured as global wpa_supplicant configuration file parameters ip_addr_go, ip_addr_mask, ip_addr_star, ip_addr_end. For example: ip_addr_go= ip_addr_mask= ip_addr_start= ip_addr_end= DHCP mechanism is expected to be enabled at the same time to support P2P Devices that do not use the new mechanism. The easiest way of managing the IP addresses is by splitting the IP address range into two parts and assign a separate range for wpa_supplicant and DHCP server. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Add NFC tag enabling for static handoverJouni Malinen2014-01-274-0/+71
| | | | | | | | The device with the NFC Tag can be configured to enable NFC to be used with "P2P_SET nfc_tag 1" and "P2P_LISTEN" commands to allow static handover to be used. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Report handover select from tag for static handoverJouni Malinen2014-01-273-0/+20
| | | | | | | WPS_NFC_TAG_READ can be used to report static connection handover where the connection handover select message was read from an NFC tag. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Report connection handover as trigger for P2PJouni Malinen2014-01-276-6/+338
| | | | | | | | "NFC_REPORT_HANDOVER {INIT,RESP} P2P <req> <sel>" can now be used to report completed NFC negotiated connection handover in which the P2P alternative carrier was selected. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Build connection handover messagesJouni Malinen2014-01-273-0/+170
| | | | | | | | | | | | | | "NFC_GET_HANDOVER_{REQ,SEL} NDEF P2P-CR" can now be used to build P2P alternative carrier record for NFC connection handover request/select messages. Static connection handover case can be enabled by configuring the DH parameters (either with wps_nfc_* configuration parameters or with WPS_NFC_TOKEN command at run time. The NFC Tag contents can be generated with "NFC_GET_HANDOVER_SEL NDEF P2P-CR-TAG" after having configured Listen channel (p2p_listen_reg_class/p2p_listen_channel). Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P NFC: Pass OOB Device Password ID to P2PJouni Malinen2014-01-271-2/+2
| | | | | | | GO Negotiation needs to know which OOB Device Password ID is assigned for the peer when NFC is used as the trigger. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* NFC: Update WPS ER to use the new connection handover designJouni Malinen2014-01-273-6/+136
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Add support for wpa_supplicant AP/GO mode to use handoverJouni Malinen2014-01-273-0/+20
| | | | | | | | New functionality is needed for this with the update NFC connection handover design that depends on the AP side using the public key hash from the handover request. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Process new style handover selectJouni Malinen2014-01-271-13/+101
| | | | | | | | | The new WPS connection handover select includes Registrar public key hash instead of credential. Use the new information to start abbreviated WPS handshake instead of configuring a new network directly from the old Credential-from-NFC design. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Build new style carrier record for connection handover requestJouni Malinen2014-01-274-14/+40
| | | | | | | | | | | | | It is more useful to be able to build a single NFC carrier record instead of the full connection handover request message to allow external components to decide whether to negotiate which alternative carrier is used. This updates the carrier record contents to the new design to include Enrollee public key hash and provides this as a carrier record instead of full message. An external program is expected to be used to build the full NFC connection handover message with potentially other alternative carrier records included. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Preparations for allowing SSID filtering for provisioning stepJouni Malinen2014-01-273-7/+19
| | | | | | | | If the SSID of the WPS AP is known, it should be possible to limit AP selection based on this when searching for an active WPS AP. This commit adds a mechanism to specify SSID for this type of uses. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS NFC: Validate peer public key hash on EnrolleeJouni Malinen2014-01-273-15/+41
| | | | | | | Since the Enrollee can now get the public key hash from the Registrar, there is need to validate this during the WPS protocol run. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Make group operating channel availableJouni Malinen2014-01-271-0/+1
| | | | | | | Provide local GO channel to the P2P module so that it can be used in messages that indicate the current operating channel. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Apply unsafe frequency rules to available channelsArif Hussain2014-01-274-0/+59
| | | | | | | | | | | | | | | | This adds a QCA vendor specific nl80211 event to allow the driver to indicate a list of frequency ranges that should be avoided due to interference or possible known co-existance constraints. Such frequencies are marked as not allowed for P2P use to force groups to be formed on different channels. If a P2P GO is operating on a channel that the driver recommended not to use, a notification about this is sent on the control interface and upper layer code may decide to tear down the group and optionally restart it on another channel. As a TODO item, this could also be changed to use CSA to avoid removing the group. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Increase global ctrl_iface buffer to same size as per-interfaceJouni Malinen2014-01-231-1/+1
| | | | | | | | | | Since the global ctrl_iface can be used with IFNAME= prefix to send commands to be processed by per-interface code, it should have the same (well, close to same since the prefix takes some space) limits on command length as the per-interface ctrl_iface. Increase the buffer from 256 to 4096 to achieve this. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* GAS client: Use Protected Dual of Public Action frames with PMFJouni Malinen2014-01-233-8/+41
| | | | | | | | | | When GAS is used with PMF negotiated, Protected Dual of Public Action frames are expected to be used instead of Public Action frames, i.e., the GAS/ANQP frames are expected to be encrypted. Conver Public Action GAS queries to use Dual of Public Action frame if PMF has been negotiated with the AP to which the frame is being sent. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* GAS server: Add support for Protected Dual of Public Action framesJouni Malinen2014-01-231-0/+2
| | | | | | | | | | | | | When GAS is used with PMF negotiated, Protected Dual of Public Action frames are expected to be used instead of Public Action frames, i.e., the GAS/ANQP frames are expected to be encrypted. Add support for this different category of Action frames being used for GAS. The payload after the Category field is identical, so the only change is in using the Category field based on what was received in the request frames. For backwards compatibility, do not enforce protected dual to be used on the AP side, i.e., follow what the station does. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Clear more configuration parameters to default on FLUSHJouni Malinen2014-01-231-0/+3
| | | | | | | | This makes it more convenient for test scripts to change parameters for a specific test case without having to separately clear them between each test case. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Schedule PNO on completion of ongoing sched_scanRaja Mani2014-01-224-8/+29
| | | | | | | | | | | | | | | | | | When start PNO request comes from control interface, wpa_supplicant should wait until ongoing sched_scan (triggered by wpa_supplicant) gets cancelled. Issuing cancel sched_scan and start PNO scan one after another from pno_start() would lead wpa_supplicant to clear wps->sched_scanning flag while getting sched_scan stopped event from driver for cancel sched_scan request. In fact, PNO scan will be in progress in driver and wpa_s->sched_scanning will not be set in such cases. In addition to this change, RSSI threshold limit is passed as part of start sched_scan request. This was previously set only in pno_start(), but the same parameter should be available for generic sched_scan calls as well and this can now be reached through the new PNO start sequence. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Fix seg fault in wpas_ctrl_radio_work_flush() in error caseMax Stepanov2014-01-221-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Verify wpa_s->radio pointer before accessing it. If interface addition fails, this could get called before wpa_s->radio has been set. The segmentation fault details: Program received signal SIGSEGV, Segmentation fault. 0x00000000004b9591 in wpas_ctrl_radio_work_flush (wpa_s=0x77fff0) at ctrl_iface.c:5754 5754 dl_list_for_each_safe(work, tmp, &wpa_s->radio->work, Call stack: 0 wpas_ctrl_radio_work_flush (wpa_s=0x77fff0) at ctrl_iface.c:5754 1 wpa_supplicant_deinit_iface (wpa_s=0x77fff0, notify=0, terminate=0) at wpa_supplicant.c:3619 2 wpa_supplicant_add_iface (global=0x75db10, iface=0x7fffffffe270) at wpa_supplicant.c:3691 3 wpas_p2p_add_p2pdev_interface (wpa_s=0x75dd20) at p2p_supplicant.c:3700 4 main (argc=<optimized out>, argv=<optimized out>) at main.c:317 Function: 5750 void wpas_ctrl_radio_work_flush(struct wpa_supplicant *wpa_s) 5751 { 5752 struct wpa_radio_work *work, *tmp; 5753 5754 dl_list_for_each_safe(work, tmp, &wpa_s->radio->work, 5755 struct wpa_radio_work, list) { 5756 struct wpa_external_work *ework; 5757 5758 if (os_strncmp(work->type, "ext:", 4) != 0) Root cause: (gdb) p wpa_s->radio $1 = (struct wpa_radio *) 0x0 Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
* P2P: Clone dtim_period to a new interfaceDavid Spinadel2014-01-221-0/+1
| | | | | | Cloning dtim_period is needed for P2P GO. Signed-hostap: David Spinadel <david.spinadel@intel.com>
* Update copyright years in the manpagesJouni Malinen2014-01-216-6/+6
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* Sync manpages and command-line optionsDan Winship2014-01-212-4/+78
| | | | Signed-hostap: Dan Williams <dcbw@redhat.com>
* Add manpage for eapol_testDan Williams2014-01-212-1/+207
| | | | Signed-hostap: Dan Williams <dcbw@redhat.com>
* wpa_supplicant: Fix usage text based on build optionsDan Williams2014-01-211-3/+14
| | | | Signed-hostap: Dan Williams <dcbw@redhat.com>
* Skip normal scan when PNO is already in progressRaja Mani2014-01-212-0/+6
| | | | | | | | | | | | | | | | | | | Scan request failures are observed in wpa_supplicant debug log when Android framework starts PNO scan in driver via ctrl interface command 'set pno 1' and wpa_supplicant also tries to issue a scan request after PNO has started in the driver. Some drivers may reject a normal scan request when PNO is already in progress. wpa_supplicant should consider PNO status before issuing start scan request to the driver. Otherwise, wpa_supplicant will get failures from driver for the scan request and it will end up rescheduling scan request in periodic interval and get a start scan request failure for each attempt. In order to avoid unnecessary scan attempt when PNO scan is already running, PNO status is checked before issuing scan request to driver. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Extend the listen time based on the active concurrent sessionRashmi Ramanna2014-01-201-0/+16
| | | | | | | | | | A P2P Device while in the Listen state waiting to respond for the obtained group negotiation request shall give a fair chance for other concurrent sessions to use the shared radio by inducing an idle time between the successive listen states. However, if there are no concurrent operations, this idle time can be reduced. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Add missing direct global ctrl_iface commands for P2PDmitry Shmidt2014-01-171-0/+8
| | | | | | | | | | | It should be noted that these commands are not exclusively used for P2P or in the global context, so use of these commands through the global control interface for operations that are specific to a single interface have undefined behavior and that behavior may change in the future. As such, these are recommend only for operations that are in the global context (e.g., for P2P management). Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* P2P: Use GO's operating channel to optimize scan during joinJithu Jance2014-01-171-0/+12
| | | | | | | Use P2P GO's operating channel information, if known, to do a single channel scan during the join operation. Signed-hostap: Jithu Jance <jithu@broadcom.com>
* Use minimal scan delay upon EVENT_INTERFACE_ADDEDArend van Spriel2014-01-172-1/+4
| | | | | | | | | | | | | | This patch resets the static interface_count to zero in case of wpa_supplicant_driver_init() call for wpa_s which is in INTERFACE_DISABLED state. This interface_count is used for the delay of the scan which is now minimal for dynamically added interfaces. This may collide with a scan for another interface, but the same is true for any chosen delay in this scenario. Also the state change to DISCONNECTED is moved to wpa_supplicant_driver_init() so it will move from INTERFACE_DISABLED to INACTIVE when there are no enabled networks. Tested-by: Hante Meuleman <meuleman@broadcom.com> Signed-off-by: Arend van Spriel <arend@broadcom.com>
* Reset normal_scans counter upon entering INTERFACE_DISABLED stateArend van Spriel2014-01-171-0/+5
| | | | | | | | | | | | | Depending on the implementation, the scheduled scan may not give results quickly when in DISCONNECTED state. This patch resets wpa_s::normal_scans upon entering to the INTERFACE_DISABLED state so a normal scan is assured upon going to DISCONNECTED state after the interface has been re-enabled. This mainly solves a long reconnect time observed upon repeated kernel driver reloads, i.e., third reload resulted in a scheduled scan. Reviewed-by: Hante Meuleman <meuleman@broadcom.com> Signed-hostap: Arend van Spriel <arend@broadcom.com>
* TDLS: Pass peer's Supported channel and oper class info during sta_addSunil Dutt2014-01-141-1/+7
| | | | | | | | | The information of the peer's supported channel and operating class is required for the driver to do TDLS off channel operations with a compatible peer. Pass this information to the driver when the peer station is getting added. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Limit join-a-group scans based on SSID from invitationJouni Malinen2014-01-132-16/+49
| | | | | | | | | | If we already know the SSID of the P2P group we are trying to join, use that SSID to limit scan responses and BSS selection since we do not really look for any other network in this case. In addition, this can fix cases where the peer has just changed its SSID (e.g., started a new group) and there may be multiple BSS entries for the same BSSID. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Flush secondary device types on FLUSH commandJouni Malinen2014-01-081-0/+1
| | | | | | | This makes it possible to clear previously configured secondary device types. Signed-hostap: Jouni Malinen <j@w1.fi>
* P2P: Allow requested device type to be specified with p2p_findJouni Malinen2014-01-082-3/+17
| | | | | | | This allows filtering of P2P peers that reply to the device discovery Probe Request frames. Signed-hostap: Jouni Malinen <j@w1.fi>
* Clear configuration blobs on FLUSH commandJouni Malinen2014-01-083-12/+19
| | | | | | | | All te network blocks and credentials were already cleared, but configurations blobs should also be cleared here, e.g., to get more consistent behavior test cases using EAP-FAST PACs. Signed-hostap: Jouni Malinen <j@w1.fi>
* Skip network disabling on expected EAP failureJouni Malinen2014-01-085-11/+34
| | | | | | | | | | Some EAP methods can go through a step that is expected to fail and as such, should not trigger temporary network disabling when processing EAP-Failure or deauthentication. EAP-WSC for WPS was already handled as a special case, but similar behavior is needed for EAP-FAST with unauthenticated provisioning. Signed-hostap: Jouni Malinen <j@w1.fi>
* nl80211: Document how to configure for libnl 2.0 and 3.2Ben Greear2014-01-071-0/+13
| | | | | | Reported-by: Xose Vazquez Perez <xose.vazquez@gmail.com> Signed-hostap: Ben Greear <greearb@candelatech.com>
* P2P: Reject group formation on WPS provisioning failureJouni Malinen2014-01-074-3/+53
| | | | | | | | | There is no need to wait for the 15 second group formation timeout to clear the state if WPS failure is detected during P2P group formation. Allow the WPS exchange steps (WSC_NACK and EAP-Failure) to be completed and remove the group to get rid of the extra wait. Signed-hostap: Jouni Malinen <j@w1.fi>