Commit message (Collapse)AuthorAgeFilesLines
* WPS: Documented wps_er_pin MAC address optionJouni Malinen2010-09-241-1/+4
* WPS 2.0: Disable WPS if ignore_broadcast_ssid or WEP is usedJouni Malinen2010-09-241-0/+14
| | | | | These combinations are disallowed in WPS 2.0 (and do not work well (or at all) with many deployed WPS 1.0 devices either).
* WPS ER: Make sure PIN timeout does not interrupt PBC operationJouni Malinen2010-09-232-0/+14
| | | | | | | We need to clear the selected registrar timeout from wps_er_learn when stopping the protocol run at M7 (previously, this was done only when WSC_Done was being processed). In addition, we need to cancel the timeout when a new PBC operation is started.
* WPS: Add hostapd_cli get_config commandJouni Malinen2010-09-233-0/+181
| | | | This can be used by a WPS UI to display the current AP configuration.
* WPS: Add wps_check_pin command for processing PIN from user inputJouni Malinen2010-09-236-0/+168
| | | | | UIs can use this command to process a PIN entered by a user and to validate the checksum digit (if present).
* WPS: Fix hostapd reconfig to update WPS UPnP string pointersJouni Malinen2010-09-231-0/+9
| | | | | | | This is needed to update the pointers maintained within WPS code to use the new configuration data instead of maintaining pointers to the old configuration which will be freed. This fixes strings in UPnP discovery after reconfig (they used to be random freed memory..).
* WPS: Add more debug details for Credential buildingJouni Malinen2010-09-231-1/+5
* WPS ER: Fix debug message for protocol run done caseJouni Malinen2010-09-231-0/+4
| | | | | This is not a failure and should not be indicated as such in the debug log.
* WPS: Fix strict validation of encrypted data for WSC 2.0-only caseJouni Malinen2010-09-234-30/+24
| | | | | | | Need to figure out whether the message is from a WSC 2.0 -based device based on the unencrypted attributes, not the contents of the encrypted data since the Version2 subelement is only included in the unencrypted area.
* hostapd: Add virt/phy flag for Display/PushButton if needed (WPS 2.0)Jouni Malinen2010-09-231-0/+16
| | | | | | | | This seems to be the easiest way of making sure the Config Methods value is compliant with the WSC 2.0 specification without having to modify the configuration file. However, this will only add the virtual flag, so the configuration files should really be updated to specify values that match the AP design.
* WPS: Use blacklist more aggressively during WPS provisioningJouni Malinen2010-09-221-0/+5
| | | | This allows more APs to be tried during the WPS timeout.
* WPS: Making some parsing messages use excessive debug levelJouni Malinen2010-09-221-2/+2
| | | | | This makes it easier to read -dd debug logs in environments that have multiple WPS or P2P devices.
* WPS: Fix strict validation of (Re)Association ResponseJouni Malinen2010-09-221-1/+1
| | | | | This frame is supposed to include Response Type, not Request Type attribute.
* WPS 2.0: Provide (Re)Association Response WPS IE to driverJouni Malinen2010-09-228-11/+33
| | | | | | | | | | WPS 2.0 mandates the AP to include WPS IE in (Re)Association Response if the matching (Re)Association Request included WPS IE. Provide the needed WPS IE information to the driver_ops API for drivers that process association frames internally. Note: This modifies the driver_ops API by adding a new argument to set_ap_wps_ie().
* WPS: Add MAC address to validation error message for Probe RequestJouni Malinen2010-09-223-5/+6
| | | | | This makes it easier to figure out which device is sending invalid Probe Request frames.
* WPS: Make testing operations configurable at runtimeJouni Malinen2010-09-229-14/+124
| | | | | | | | | | | | | | | | | | | Instead of build time options (CONFIG_WPS_TESTING_EXTRA_CRED and CONFIG_WPS_EXTENSIBILITY_TESTING), use a single build option (CONFIG_WPS_TESTING) and runtime configuration of which testing operations are enabled. This allows a single binary to be used for various tests. The runtime configuration can be done through control interface with wpa_cli/hostapd_cli commands: Enable extensibility tests: set wps_version_number 0x57 Disable extensibility tests (WPS2 build): set wps_version_number 0x20 Enable extra credential tests: set wps_testing_dummy_cred 1 Disable extra credential tests: set wps_testing_dummy_cred 0
* WPS 2.0: Fix AuthorizedMACs check to accept wildcard addressJouni Malinen2010-09-221-1/+3
| | | | | We need to accept both our own address and the ff:ff:ff:ff:ff:ff as an indication of the AP having authorized us.
* P2P: Fill in default Config Methods in Invitation RequestJouni Malinen2010-09-221-1/+1
| | | | | | If the peer is not authorized for GO Negotiation, wps_method is not actually set. In that case, it is better to fill in our default config methods rather than end up leaving the field to be zero.
* WPS: Fix Beacon WPS IE on concurrent dualband AP in PBC modeJouni Malinen2010-09-203-1/+44
| | | | | | The Beacon frame must include UUID-E and RF Bands attributes when in active PBC mode to allow stations to figure out that two BSSes in PBC mode is not a PBC session overlap.
* WPS: Add more verbose debug info on PBC session overlap detectionJouni Malinen2010-09-201-3/+20
* WPS: Add BSSID to strict validation error messagesJouni Malinen2010-09-203-5/+8
| | | | | This makes it easier to figure out which AP is sending invalid Beacon or Probe Response frames.
* WPS: Use same UUID in multi-interface caseJouni Malinen2010-09-201-4/+45
| | | | | | When generating the UUID based on MAC address, share the same UUID with all interfaces. This fixes a potential issue with concurrent dualband APs where the UUID needs to be same for PBC to work properly.
* WPS: Fix CONFIG_WPS_OOB buildJouni Malinen2010-09-201-2/+2
| | | | | The Version2 attribute was previous changed to a subelement and the OOB code was missed during the change.
* WPS: Cancel WPS operation on PBC session overlap detectionJouni Malinen2010-09-201-1/+1
| | | | | | | Previously, wpa_supplicant remaining in scanning state without trying to connect, but there is no particular need to do that. Instead, cancel WPS operation completely whenever PBC session overlap is detected.
* EAP-pwd: Fix couple of memory leaksJouni Malinen2010-09-153-4/+19
* EAP-pwd: Move bnctx into per-protocol instance structureJouni Malinen2010-09-152-41/+53
| | | | This avoids double frees of bnctx and related crashes.
* EAP-pwd: Add support for EAP-pwd server and peer functionalityDan Harkins2010-09-1523-0/+2038
| | | | | This adds an initial EAP-pwd (RFC 5931) implementation. For now, this requires OpenSSL.
* Allow auto-connect to request scan in associating stateJouni Malinen2010-09-141-1/+1
| | | | | | | | | | Disconnection event may be received while in associating state. Previously, wpa_supplicant could get stuck not trying to reconnect in that case at least with nl80211. Allow scan request in this state to avoid the issue. This helps especially with APs that do load balancing by sending Deauthentication frame as a response to Reassociation Request frame after successful Authentication frame exchange.
* P2P: Add option for disabling intra BSS distributionSudhakar Swaminathan2010-09-1012-2/+57
| | | | | | p2p_intra_bss configuration parameter can now be used to disable/enable intra BSS distribution (bridging of frames between the clients in a group).
* Add option for disabling automatic reconnection on disconnectionArdong Chen2010-09-104-2/+47
| | | | | | | ctrl_interface STA_AUTOCONNECT command can now be used to disable automatic reconnection on receiving disconnection event. The default behavior is for wpa_supplicant to try to reconnect automatically, i.e., to maintain previous behavior.
* P2P: Fix invitation_received callback to use NULL bssid (if not known)Ardong Chen2010-09-102-2/+2
| | | | | Previously, the storage buffer for the Group BSSID was returned regardless of whether it was included in the invitation or not.
* P2P: Do not process configuration changes on non-P2P interfacesKuko Li2010-09-101-0/+3
* P2P: Make sure parsed Device Name gets null terminatedJouni Malinen2010-09-101-0/+1
| | | | | | | | If the msg->device_name buffer is filled from two different sources, the copy from the P2P Device Info attribute needs to make sure that the values gets null terminated to match the length of the correct string should the other place use another string (which is not really allowed by the spec, but could happen).
* P2P: Stop connection attempt on PBC session overlapJouni Malinen2010-09-103-0/+18
| | | | | | The overlap condition cannot disappear before group formation timeout hits, so there is no point in continuing in this case and failure can be indicated immediately.
* P2P: Use group formation timeout (but longer one) with join-a-groupJouni Malinen2010-09-101-0/+9
| | | | | | This allows the pending group interface to be removed if we fail to join a running group. A longer than 15 second timeout is needed here since the GO may not have authorized our connection yet.
* P2P: Add peer timeout into group formation 15 second timeoutJouni Malinen2010-09-105-3/+21
| | | | | This adds some more time for WPS provisioning step in case the peer takes long time to start group interface operations.
* WPS: Allow pending WPS operation to be cancelledArdong Chen2010-09-108-20/+146
| | | | | | | A new ctrl_interface command, WPS_CANCEL, can now be used to cancel a pending or ongoing WPS operation. For now, this is only available with wpa_supplicant (either in station or AP mode). Similar functionality should be added for hostapd, too.
* P2P: Provide local event on GO Neg Req rejectionJouni Malinen2010-09-102-0/+6
| | | | | | | | | If an authorized (p2p_connect used locally) GO Negotiation is rejected when receiving GO Negotiation Request from the peer, indicate the failure with a ctrl_interface P2P-GO-NEG-FAILURE event. Previously, this event was only shown on the peer (i.e., the device receiving the GO Negotiation Response with non-zero Status code).
* WPS: Fix timeout event to be sent over ctrl_interfaceArdong Chen2010-09-101-2/+2
| | | | | This was supposed to be sent to external event monitors, i.e., to use wpa_msg instead of wpa_printf.
* P2P: Process Invitation Request from previously unknown peerArdong Chen2010-09-101-4/+19
| | | | | | Since this message now includes P2P Device Info attribute, it is reasonable to learn the peer data and process the message instead of rejecting the message.
* Allow bssid parameter to be cleared through ctrl_interfaceWei-Jen Lin2010-09-101-0/+6
| | | | | | Setting bssid to an empty string, "", or any can now be used to clear the bssid_set flag in a network block, i.e., to remove bssid filtering.
* wpa_cli action: Add WPS_EVENT_SUCCESS and WPS_EVENT_FAIL handlersArdong Chen2010-09-101-0/+4
* P2P: Add frequency into group started ctrl_interface eventsArdong Chen2010-09-101-13/+17
* P2P: Add peer entry based on Provision Discovery RequestArdong Chen2010-09-103-4/+14
| | | | | | | Add (or complete Probe Request only) P2P peer entry when receiving Provision Discovery Request from a previously unknown peer. This is especially of use for a GO when a P2P client is requesting to join a running group.
* Fix build without CONFIG_P2P=yJouni Malinen2010-09-093-2/+8
* P2P: Use SSID from GO Negotiation to limit WPS provisioning stepJouni Malinen2010-09-094-3/+37
| | | | | In order to avoid picking incorrect SSID from old scan results, use SSID from GO Negotiation to select the AP.
* P2P: Deinit GO group data before global P2P deinitJouni Malinen2010-09-091-0/+9
| | | | This avoids issues with using freed memory in p2p_group_deinit().
* P2P: Use operating frequency from peer table as backup for joinJouni Malinen2010-09-093-1/+28
| | | | | | | The scan operation before Provision Discovery Request may not include the GO. However, we are likely to have the GO in our P2P peer table, so use that information to figure out the operating channel if BSS table entry is not available.
* P2P: Fix connect-to-running-group if Action TX status is delayedJouni Malinen2010-09-091-0/+9
| | | | | | The following operations (scan and associate) were not run if the Provisioning Discovery Response is received before the TX Action status.
* P2P: Add a workaround for Extended Listen Timing getting stuckJouni Malinen2010-09-091-0/+14
| | | | | | | This should not really happen, but it looks like the Listen command may fail is something else (e.g., a scan) was running at an inconvenient time. As a workaround, allow new Extended Listen operation to be started if this state is detected.