path: root/hostapd
Commit message (Collapse)AuthorAgeFilesLines
* WPS: Added WPS configuration entries into hostapd.confJouni Malinen2008-01-0611-28/+101
| | | | | | | | | | | | | | | | | | | | Add new configuration parameters wps_state and uuid into hostapd.conf and create a new per-BSS instance of WPS Registrar with this information (and more to be added later). Replaced CONFIG_EAP_WSC configuration option with more generic CONFIG_WPS for hostapd. This enabled EAP-WSC and adds setup for WPS Registrar. Changed EAP user configuration for WPS to be done automatically based on WPS configuration (wps_state != 0). hostapd.eap_user file does not include the special WPS identities anymore. Moved RADIUS server initialization to correct place. It is configured per-BSS and as such, it should be initialized in hostapd_setup_bss(). It was already deinitialized in per-BSS hostapd_cleanup() so this may fix some corner cases where RADIUS server is configured to a secondary BSS. Anyway, the main reason for the change was to make sure RADIUS server is initialized after WPS Registrar (which is a per-BSS element).
* WPS: Implemented Registrar functionalityJouni Malinen2008-01-061-0/+3
| | | | | This commit adds WPS Registrar functionality that is complete enough to allow full EAP-WSC handshake to be run with hardcoded configuration data.
* Preparations for v0.6.2 release.hostap_0_6_2Jouni Malinen2008-01-021-1/+1
* Moved the dummy WPS code into a shared file in a new directory as aJouni Malinen2008-01-011-0/+1
| | | | placeholder for proper WPS implementation.
* Enforce return value validation for AES functions and resolve the generatedJouni Malinen2008-01-012-3/+10
| | | | warnings.
* Moved common EAP-IKEv2 functions into a shared file.Jouni Malinen2007-12-311-1/+1
* Added EAP-IKEv2 server implementation.Jouni Malinen2007-12-313-0/+16
| | | | | | | | This version is limited to only using shared secret authentication for both server and peer authentication. In addition, only a single, hardcoded SAi proposal is currently supported and SK{IDr} from SA_INIT is not used to update user identity (i.e., identity privacy is not supported and the real identity has to be included in EAP-Response/Identity in plaintext).
* Added bit more text for 'driver' option.Jouni Malinen2007-12-251-1/+4
* Remove madwifi.conf since the same information is available in hostapd.confJouni Malinen2007-12-251-275/+0
| | | | | and madwifi.conf has not been updated with all the configuration file changes.
* Deprecated 'debug' configuration parameter since the old debug printingJouni Malinen2007-12-256-12/+6
| | | | mechanism is not used anymore.
* Replaced HOSTAPD_DEBUG() macro with wpa_printf() to get rid of the oldJouni Malinen2007-12-2519-492/+376
| | | | | | debug macros in hostapd. All new code should use functions from src/utils/wpa_debug.[ch] instead. As a bonus, this also changes some of the direct printf() calls to use wpa_printf().
* Removed HOSTAPD_DEBUG_COND() macro as a step towards getting rid ofJouni Malinen2007-12-255-34/+6
| | | | | the old debug printing infrastructure from hostapd. All new code should use functions from src/utils/wpa_debug.[ch] instead.
* hanged ieee802_11_print_ssid() to write the SSID to a memory buffer inJouni Malinen2007-12-253-23/+28
| | | | | printable form instead of using printf(). This makes it easier to convert debug code not to use printf().
* hostapd: use nl80211 to set interface to master modeJohannes Berg2007-12-251-8/+31
| | | | | | | | There's no point to allow this setting via wext in the kernel because it's not usable w/o hostapd anyway. Hence, hostapd needs to set the mode with nl80211. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: use nl80211 for station managementJohannes Berg2007-12-251-120/+251
| | | | | | | Use the new station management facilities provided by the kernel with nl80211 rather than the prism2 ioctls. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* Minor coding style cleanup that I forgot to save before the previousJouni Malinen2007-12-251-1/+5
| | | | commit..
* nl80211 driver: use nl80211 for key informationJohannes Berg2007-12-251-32/+75
| | | | | | | This patch makes the nl80211 driver use nl80211 for getting key information, currently only the sequence number. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: use nl80211 for beaconsJohannes Berg2007-12-251-37/+110
| | | | | | | This patch makes the nl80211 driver use nl80211 for beacons rather than the prism2 ioctl. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: use nl80211 for keysJohannes Berg2007-12-251-29/+72
| | | | | | | This patch makes the nl80211 driver use nl80211 for key management rather than the prism2 ioctls. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: remove Michael MIC failure codeJohannes Berg2007-12-251-20/+0
| | | | | | | | This notification is currently not sent from the kernel at all and never will be sent via this path since the management interface no longer exists. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: receive EAPOL Frames on the data interfaceJohannes Berg2007-12-251-7/+116
| | | | | | | | | | | | With recent kernel changes, EAPOL frames are no longer visible on the (deprecated) management interface but are shown on the data interfaces instead. This patch makes the nl80211 driver register an EAPOL socket and keep track of all data interfaces so that it can receive EAPOL frames for the supplicant. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* hostapd: rename driver_devicescape to driver_nl80211Johannes Berg2007-12-255-23/+16
| | | | | | | This patch renames driver_devicescape to driver_nl80211 in the hope that we'll at some point be able to use it with non-mac80211 chipsets too. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* Added support for configuring EAP-TTLS phase 2 non-EAP methods in EAPJouni Malinen2007-12-246-1/+36
| | | | | | server configuration; previously all four were enabled for every phase 2 user, now all four are disabled by default and need to be enabled with new method names TTLS-PAP, TTLS-CHAP, TTLS-MSCHAP, TTLS-MSCHAPV2.
* Move definitions from the header file that was originally shared with theJohannes Berg2007-12-241-7/+179
| | | | | | | | kernel into the file directly, those things will be removed gradually as time permits. jkm: Added number of definitions that were needed to allow this to be compiled.
* Share the same CHAP-MD5 implementation for EAP-MD5 and EAP-TTLS to avoidJouni Malinen2007-12-241-1/+7
| | | | code duplication.
* Added support for protected result indication with AT_RESULT_IND forJouni Malinen2007-12-218-0/+13
| | | | | | EAP-SIM and EAP-AKA. This is disabled by default, but can be enabled in configuration file (hostapd: eap_sim_aka_result_ind=1 and wpa_supplicant: phase1="result_ind=1").
* Added support for protecting EAP-AKA/Identity messages with AT_CHECKCODEJouni Malinen2007-12-191-0/+2
| | | | (optional feature in RFC 4187).
* Fixed a memory leak in decapsulation of EAP message from a RADIUS message.Jouni Malinen2007-12-161-1/+1
| | | | | | | radius_msg_get_eap() returns an allocated buffer and the caller is responsible for freeing it. Consequently, we can use wpabuf_alloc_ext_data() here to maintain reference to the buffer and to avoid an extra allocation and copy.
* Added 'struct wpabuf' data structure for presenting data buffers.Jouni Malinen2007-12-164-28/+19
| | | | | | | | | | | | | | This can be used to clean up various code areas that are storing a pointer to an allocated buffer and a length field separately. wpabuf.h defines number of helper functions to make it simpler to use wpabuf. In addition, this adds some bounds checking to buffer writes since wpabuf_put*() functions will abort the program should something try to write beyond the end of a buffer. This commit is also changing EAP and EAPOL interfaces to use struct wpabuf which makes the number of changes quite large. This will, obviously, also mean that 0.6.x branch is not anymore source code compatible with 0.5.x as far as EAP method interface is concerned.
* hostapd: allow bssid config on default interfaceJohannes Berg2007-12-144-6/+44
| | | | | | | | | This patch makes hostapd accept bssid= on the default interface for those drivers that are changed to support it and changes driver_devicescape to support it. In order to support such a setting the driver must provide an init_bssid() in addition to the init() routine. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* hostapd: make driver_devicescape set multi-BSS interfaces upJohannes Berg2007-12-141-5/+13
| | | | | | | | | | | | It seems that I forgot this when converting the driver to nl80211, it should of course set IFF_UP on all secondary BSS interfaces as well. I will handle the MTU issue in a separate patch as this isn't really working right now anyway. Also note that in another forthcoming patch I will change it to receive EAPOL frames via the regular data interface. As I've noted before, this is also necessary for proper MAC address setting in multi-BSS scenarios. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* hostapd: use wext's privacy_invoked instead of prism ioctlJohannes Berg2007-12-141-3/+11
| | | | | | | This patch changes driver_devicescape to use IW_AUTH_PRIVACY_INVOKED rather than PRISM2_PARAM_PRIVACY_INVOKED. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* Fixed eap_sim_parse_attr() to verify that the attribute length field isJouni Malinen2007-12-131-0/+4
| | | | | | | non-zero before calculating the unsigned attribute length as 'len * 4 - 2' which would result in a very large (when unsigned) integer. This fixes the parser not to trigger a crash due to buffer read overflow on invalid EAP-SIM and EAP-AKA messages.
* Share a common eap_wsc_build_frag_ack() implementation between EAP-WSCJouni Malinen2007-12-081-1/+1
| | | | server and peer.
* Added EAP Transport of Registration Protocol for Wi-Fi Protected SetupJouni Malinen2007-12-023-0/+12
| | | | | | | | | (WPS). This version is only including the EAP specific code and there is no proper support for the WPS Registration Protocol itself. A minimal test implementation for simulating the registration is included for testing the EAP transport. That will need to be replaced with either an in-process WPS Registration implementation or an interface to an external process using pending EAP processing.
* hostapd: handle invalid driver settingJohannes Berg2007-12-011-0/+2
| | | | | | | If the driver setting is invalid then the default is used rather than creating an error. This changes that. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* hostapd: fix multi-BSS codeJohannes Berg2007-12-011-1/+3
| | | | | | | The multi-BSS code has no chance of working, it insists on passing a NULL priv pointer to the drivers. This patch fixes it. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* driver_devicescape: fix init error handlingJohannes Berg2007-12-011-0/+1
| | | | | | | When setting the interface to master mode fails we don't return an error as we should. Fix that. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* Added 'os_' prefix to common C library functions.Jouni Malinen2007-12-0121-1030/+1041
| | | | Converted some printf() calls to use wpa_printf().
* Replaced the old hostapd_get_rand() calls with os_get_random().Jouni Malinen2007-12-014-14/+13
* Fixed deinit code to cancel ieee802_1x_rekey timer to avoid potentialJouni Malinen2007-11-261-0/+2
| | | | | references to freed data should the configuration be changed without restarting hostapd when rekeying of dynamic WEP keys is enabled.
* Simplified the interface between EAP Full Authenticator and EAPOL/AAA byJouni Malinen2007-11-266-287/+137
| | | | | | | | | replacing the wrapper functions with a shared structure of interface variables. This reduces data copying and extra overhead from unnecessary function calls. In addition, updated eapKeyAvailable/aaaEapKeyAvailable usage to match more closely with the description in EAP state machine RFC 4137.
* Basic EAP functionality is now required for EAPOL even if full EAP serverJouni Malinen2007-11-251-1/+6
| | | | is not included in the build.
* Cleaned up EAPOL/EAP/AAA interfaces in hostapd. This updates the EAP serverJouni Malinen2007-11-254-282/+128
| | | | | | state machine to follow the Full Authenticator model and updates EAPOL state machines to IEEE 802.1X-2004. Some of EAP related functionality was in practice moved from ieee802_1x.c into eap.c.
* Moved EAPOL state machine procedures to use callback functions instead ofJouni Malinen2007-11-253-4/+38
| | | | direct calls to ieee802_1x.c.
* Added logger() callback function to avoid direct calls to hostapd_logger()Jouni Malinen2007-11-253-25/+90
| | | | from eapol_sm.c.
* Removed direct ap_get_sta() call from eapol_sm.c by adding a newJouni Malinen2007-11-253-14/+25
| | | | sta_entry_alive() callback function.
* Moved direct hostapd_get_eap_user() call from eapol_sm.c to ieee802_1x.cJouni Malinen2007-11-253-29/+45
| | | | by adding a new get_eap_user() EAPOL callback function.
* Added 'finished' callback to avoid direct calls to rsn_preauth_finished()Jouni Malinen2007-11-254-16/+25
| | | | and ieee802_1x_finished() from eapol_sm.c.
* Moved EAPOL specific entries from wpa_common.h to eapol_common.h so thatJouni Malinen2007-11-251-0/+1
| | | | wpa_supplicant/eapol_sm.c does not need to include WPA header file.