path: root/hostapd
Commit message (Collapse)AuthorAgeFilesLines
* Preparations for 0.6.3 releaseJouni Malinen2008-02-231-1/+1
* Removed WPS supportJouni Malinen2008-02-2324-1251/+4
* Use more robust mechanism for determining when group key update is completeJouni Malinen2008-02-192-29/+16
| | | | | | | | | | | GNoStations variable was not always correct as far as number of STAs that could really complete group key update is concerned. Furthermore, the pending counter was decreased for new WPA STAs if they completed their initial group key handshake during a scheduled group rekey. The new mechanism counts the STAs that are marked with GUpdateStationKeys when iterating through the potential STAs. If a STA is not in PTKINITDONE state, group (re-)key handshake will not be started for it.
* nl80211 driver: remove bridge packets controlJohannes Berg2008-02-071-45/+1
| | | | | | | | The kernel doesn't currently offer this control and thus it will always fail anyway, make it a stub to be implemented via nl80211. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: remove ioctl definitionsJohannes Berg2008-02-071-63/+0
| | | | | | | This patch removes a number of definitions for ioctls that are no longer present in the kernel and not used. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* Internalize port control into nl80211 driverJohannes Berg2008-02-071-9/+13
| | | | | | | | The kernel no longer keeps track of whether port control is enabled or disabled so hostapd now needs to do that. This patch does that, but this code will not work for multi-BSS so this patch disables that for now. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: use nl80211 for hw infoJohannes Berg2008-02-071-113/+189
| | | | | | | | This patch changes the nl80211 driver to use the new nl80211 API for obtaining hardware information, rather than try to use the deprecated/unsupported prism2 hostapd ioctl. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: remove broken ioctlsJohannes Berg2008-02-071-129/+7
| | | | | | | | This patch removes a whole bunch of ioctls that are no longer included in the kernel and therefore always fail. For almost all of these, replacements will have to be implemented. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* nl80211 driver: use monitor rather than management interfaceJohannes Berg2008-02-076-318/+814
| | | | | | | | | This patch makes the nl80211 driver use a monitor rather than a management interface for receiving management frames. Monitor interfaces use radiotap so a radiotap parser (thanks to Andy Green) is also included. Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
* Added hostapd version of eap_testing.txtJouni Malinen2008-02-041-0/+74
* Added support for pending EAP Phase 2 processingJouni Malinen2008-02-031-0/+2
| | | | | | Store and re-use the decrypted Phase 2 data in EAP-{PEAP,TTLS,FAST} if the Phase 2 method enters pending wait state. This allows EAP-SIM and EAP-AKA to be used as the Phase 2 method.
* Allow * wildcard to be used for Phase 2 EAP identitiesJouni Malinen2008-02-032-1/+9
* Fixed EAP-SIM Start response processing for fast reauthentication caseJouni Malinen2008-02-031-0/+2
| | | | | | The AT_NONCE_MT and AT_SELECTED_VERSION attributes are only included in the SIM/Start response when using full authentication. Fixed the code not to require these to be present when fast reauthentication is used.
* Remove AT_COUNTER from EAP-SIM/AKA result indication in full authenticationJouni Malinen2008-02-031-0/+3
| | | | | | | | Previous version was incorrectly including AT_COUNTER in the Notification message even for full authentication. This caused interoperability issues and was against the RFCs, so AT_COUNTER (and the additional encryption attributes) is now only included in case the notification follows fast reauthentication.
* EAP-SIM/AKA workaround for incorrect null termination in the usernameJouni Malinen2008-02-031-0/+2
| | | | | | | | It looks like some EAP-SIM/AKA peer implementations include an extra null termination in the end of the identity/username. These implementations do not seem to include these null characters in key derivation and that would result in a key mismatch. As a workaround, drop the possible null characters from the end of the identity/username for key derivation.
* Fixed EAP-SIM/AKA realm processing to allow decorated usernames to be usedJouni Malinen2008-02-031-0/+2
| | | | | | The identity length needs to be compared to IMSI length only after the possible realm has been removed to avoid rejecting decorated usernames (e.g., 1<IMSI>@wlan.mnc###.mcc###.3gppnetwork.org).
* Fixed a crash on no-RADIUS-server-reply timeoutJouni Malinen2008-02-012-0/+8
| | | | | | | | | | Fixed EAPOL state machine to handle a case in which no response is received from the RADIUS authentication server; previous version could have triggered a crash in some cases after a timeout. The aaaEapResp variable may be set (or left) to TRUE even if aaaEapRespData is NULL. This triggered a segmentation fault in wpabuf_head() call when trying to send out the empty buffer.
* RADIUS server: Copy optional Proxy-State attribute(s) into responseJouni Malinen2008-01-241-0/+2
| | | | | RFC 2865 requires that these attributes are copied unmodified and in order into the response packet.
* WPS: Added reference to README-WPS into ChangeLogJouni Malinen2008-01-201-1/+2
* WPS: Added a README file describing WPS use with hostapdJouni Malinen2008-01-161-0/+173
* WPS: Fixed double-freeing of hostapd configuration entries on exitJouni Malinen2008-01-161-1/+0
* WPS: Make sure SHA256 and crypto support gets included in the buildJouni Malinen2008-01-161-0/+2
* FT: Use AES-128-CMAC for MIC regardless of pairwise cipher suiteJouni Malinen2008-01-152-8/+7
| | | | | | | | IEEE 802.11r was changed to use AES-128-CMAC for MIC in EAPOL-Key and FT Action frames regardless of the negotiated pairwise cipher suite. This changed couple of drafts back, but the implementation here was still using the old version that had different MIC algorithm for cases when CCMP was not the negotiated cipher suite.
* FT: Use new key name labels from IEEE 802.11r/D9.0Jouni Malinen2008-01-151-0/+1
* WPS: Added callbacks to notify hostapd about new AP SettingsJouni Malinen2008-01-141-0/+27
| | | | | | | hostapd_wps_cred_cb() in wps_hostapd.c is now called when a Registrar has configured the AP. This function is currently only showing the new configuration in debug output and sending a notification to ctrl_iface monitors, i.e., the configuration is not yet taken into use or stored.
* WPS: Move device-specific data from Registrar to generic WPS contextJouni Malinen2008-01-146-60/+98
| | | | | | | | | | | | | | This adds a new struct wps_context for device-specific data that fits better for number of variables than struct wps_registrar. This allows AP configuration to be provided to Enrollee code so that M7 can be built with current AP configuration for external Registrar registration. In addition, Network Key is now hex encoded in wps_hostapd.c if needed to use correct fixed-PSK/passphrase setting. It should be noted that the option of using per-device PSK works only when the supplicant is acting as an Enrollee. If the supplicant is acting as a Registrar, generating a new per-device PSK would likely not work since the external Registrar could provision that PSK to other devices.
* WPS: Added initial part for configuring hostapd to act as an EnrolleeJouni Malinen2008-01-133-0/+21
| | | | | The new ap_pin configuration option is used to set the AP PIN for initial setup or for registering a new external Registrar.
* Use clearer title line for Multiple BSSID supportJouni Malinen2008-01-131-1/+1
* madwifi: Deliver received Probe Request frames for WPS processingJouni Malinen2008-01-131-2/+54
* madwifi: Enable delivery of Probe Request frames to userspaceTed Merrill2008-01-131-1/+27
| | | | (jm: cleaned up version of the patch from Ted)
* madwifi: Add names for new ioctls for debug printsJouni Malinen2008-01-131-4/+4
* madwifi: No need to include extra code for figuring out last ioctl numberTed Merrill2008-01-131-3/+1
| | | | | | | | The array index is already verified to be within the bounds of the array, so the extra validation for 'last' was not really needed. Since the last value had not been updated for the old driver version, some of the ioctls were already potentially missed. Better just remove this extra code to get rid of such problems.
* madwifi: Work around bogus IEEE80211_IOCTL_GETWPAIE data if no WPA/RSN IEJouni Malinen2008-01-131-0/+10
| | | | | | | | madwifi driver seems to return some random data if WPA/RSN IE is not set. Assume the IE was not included if the IE type is unknown. This is needed to cleanly handle WPS association that does not include WPA/RSN IE. If the bogus data starts with a matching IE type field, the association is still likely to fail, but at least it is much less likely to happen now.
* WPS: Add WPS to hostapd ChangeLogJouni Malinen2008-01-121-0/+8
| | | | | The current implementation is complete enough to allow a successful configuration of a WPS Enrollee for WPA-PSK.
* WPS: Allow Response Type to be configured (AP vs. Registrar)Jouni Malinen2008-01-121-0/+1
* Added support for configuring WPS IE for Host AP driverJouni Malinen2008-01-121-7/+77
* WPS: Added more details about the Enrollee into PIN needed notificationsJouni Malinen2008-01-121-9/+16
* WPS: Moved common processing of device attributes into wps_dev_attr.cJouni Malinen2008-01-121-0/+1
* WPS: Moved device attributes into a common data structureJouni Malinen2008-01-121-6/+30
| | | | | This makes it easier to pass full set of attributes to functions and to share common functions for processing these attributes.
* Fixed printf format for size_t on 64-bit targetsJouni Malinen2008-01-122-2/+4
* WPS: Fixed WPS builds to include dh_groups.oJouni Malinen2008-01-121-0/+1
* WPS: Allow device information to be configured in hostapd.confJouni Malinen2008-01-114-0/+92
* WPS: Added WPS IE handling for Probe Request messagesJouni Malinen2008-01-103-7/+67
| | | | | | | wpa_supplicant is now adding WPS IE to Probe Request messages if WPS is enabled. hostapd delivers concatenated WPS IE Data fields to WPS Registrar code to process to allow detection of overlapping PBC attempts. The actual collection of active PBC sessions list is not yet included in this commit.
* WPS: Added notification for button pushes and ctrl_iface command for thisJouni Malinen2008-01-094-0/+19
| | | | 'hostapd_cli wps_pbc' can now be used to initiate PBC.
* WPS: Notification for Enrollee PIN requestsJouni Malinen2008-01-084-0/+46
| | | | | | | | | | | Send a ctrl_iface monitor event and optionally write an entry to a text file (wps_pin_requests in hostapd.conf) when an Enrollee requests WPS negotiation and no Device Password (PIN) is available for the specified Enrollee UUID. This version is only providing E-UUID in the callback. Additional information about the Enrollee (Manufacturer, device type, etc.) should also be added to the callback (and ctrl_iface/text file logging).
* WPS: Added support for setting AP Setup Locked attributeJouni Malinen2008-01-084-0/+9
| | | | | | | Since hostapd does not yet support external Registrars, this does not really disable such functionality, but in theory, the current functionality looks more or less the same as a locked setup would look like, so setting ap_setup_locked=1 in configuration is reasonable option for the time being.
* madwifi: Allow association without WPA/RSN IE if WPS is enabledJouni Malinen2008-01-081-0/+9
* madwifi: Added support for configuring WPS IE for Beacon and Probe RespTed Merrill2008-01-081-0/+41
| | | | | (based on patch from Ted Merrill with some minor cleanup and changes to match with the current driver handler function prototypes)
* Fixed Reassociation Response callback processingJouni Malinen2008-01-082-2/+6
| | | | | | | | | The function was verifying callback buffer length against incorrect frame, (Re)Association Request, when processing (Re)Association Response callback. Since Reassociation Request is longer than Reassociation Response, this prevented Reassociation Response callbacks from being processed and broke re-association. This affected all drivers that use the internal MLME for association (driver_{hostap,nl80211,test}.c).
* WPS: Initialize WPS Registrar before IEEE 802.1X to fix EAPOL ctx pointerJouni Malinen2008-01-071-3/+3