Commit message (Collapse)AuthorAgeFilesLines
* Add new QCA vendor attributes to get thermal levelHEADpendingmasterHu Wang29 hours1-4/+15
| | | | | | | | Add new QCA vendor attributes to get thermal level from the driver. The driver may return thermal level when userpace requests, or send a thermal event when thermal level changes. Signed-off-by: Hu Wang <huw@codeaurora.org>
* tests: SAE-PK with invalid password on APJouni Malinen8 days1-0/+31
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE-PK: Add support to skip sae_pk password check for testing purposesShaakir Mohamed8 days3-2/+17
| | | | | | | | Add support to skip sae_pk password check under compile flag CONFIG_TESTING_OPTIONS which allows AP to be configured with sae_pk enabled but a password that is invalid for sae_pk. Signed-off-by: Shaakir Mohamed <smohamed@codeaurora.org>
* OCV: Allow connecting MFP incapable OCV STA when OCV is disabled in APVeerendranath Jakkam8 days1-1/+1
| | | | | | | | | Skip check to mandate MFP capability for OCV enabled STA when OCV is disabled in AP. This is to improve interoperability with STAs in which OCV capability is advertised incorrectly without advertising MFP when OCV is disabled in AP. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* OCV: Use more granular error codes for OCI validation failuresVeerendranath Jakkam8 days12-27/+40
| | | | | | | Enhance the return values of ocv_verify_tx_params with enum to indicate different OCI verification failures to caller. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* DPP2: Include E-nonce in reconfig ke derivationJouni Malinen10 days2-15/+22
| | | | | | | This was changed in the protocol design to include nonce from both devices, so update implementation to match. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Move E-nonce to be outside wrapped data in Reconfig Auth RespJouni Malinen10 days1-15/+16
| | | | | | | This was changed in the protocol design to allow ke derivation to use E-nonce, so update implementation to match. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Replace I/R-nonce with C/E-nonce in reconfigurationJouni Malinen10 days3-70/+72
| | | | | | | These nonces were renamed/replaced in the protocol design, so update implementation to match. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Add QCA_NL80211_VENDOR_SUBCMD_MBSSID_TX_VDEV_STATUSSrinivas Pitla11 days1-0/+26
| | | | | | | | This change adds QCA_NL80211_VENDOR_SUBCMD_MBSSID_TX_VDEV_STATUS, and enum for qca_wlan_vendor_attr_mbssid_tx_vdev_status to notify Tx VDEV status. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* MSCS: Fix issues due to incorrect usage of wpa_hexdump_buf()Veerendranath Jakkam11 days3-5/+3
| | | | | | | | | | Previously wpabuf_head() of the buffer is passed to wpa_hexdump_buf() instead of the wpabuf struct itself and it was causing wpa_supplicant to crash. Fix this by using the correct pointer in the debug prints. Fixes: a118047245b0 ("MSCS: Add support to send MSCS Request frames") Fixes: c504ff5398fa ("MSCS: Add support to populate MSCS Descriptor IE in (Re)AssocReq") Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* tests: More explicit TLS version enabling in version testsJouni Malinen11 days1-4/+14
| | | | | | | This is needed to allow the test cases to work on systems using secpolicy=2 default (e.g., Ubuntu 20.04). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OpenSSL: Allow systemwide secpolicy overrides for TLS versionJouni Malinen11 days1-9/+17
| | | | | | | | | | | Explicit configuration to enable TLS v1.0 and/or v1.1 did not work with systemwide OpenSSL secpolicy=2 cases (e.g., Ubuntu 20.04). Allow such systemwide configuration to be overridden if the older TLS versions have been explicitly enabled in the network profile. The default behavior follows the systemwide policy, but this allows compatibility with old authentication servers without having to touch the systemwide policy. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* QCA vendor attributes for setting ANI levelHu Wang2020-08-311-0/+21
| | | | | | | Define QCA vendor attribute in SET(GET)_WIFI_CONFIGURATION to dynamically configure ANI level. Signed-off-by: Hu Wang <huw@codeaurora.org>
* Update QCA vendor interface for GPIO configurationChaoli Zhou2020-08-311-5/+107
| | | | | | | Add a new vendor attribute for GPIO configuration. In addition, document the previously defined attributes. Signed-off-by: Chaoli Zhou <zchaoli@codeaurora.org>
* tests: DPP Controller in hostapdJouni Malinen2020-08-251-35/+47
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Support QR mutual auth scan-during-auth-exchange (hostapd)Jouni Malinen2020-08-251-0/+4
| | | | | | | | | Extend DPP authentication session search for the DPP_QR_CODE command to cover the ongoing exchanges in Controller/Responder. This was previously done for wpa_supplicant, but not for hostapd, so complete this support on the hostapd side. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Remove unnecessary dpp_global_config parametersJouni Malinen2020-08-255-9/+4
| | | | | | | | | These were not really used anymore since the AP/Relay case did not set msg_ctx or process_conf_obj in the global DPP context. Get the appropriate pointers more directly from the more specific data structures instead and remove these global values. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Controller support in hostapdJouni Malinen2020-08-256-3/+68
| | | | | | | | Extend hostapd support for DPP Controller to cover the DPP_CONTROLLER_* cases that were previously implemented only in wpa_supplicant. This allows hostapd/AP to be provisioned using DPP over TCP. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Add QCA vendor event for firmware statisticsChaithanya Garrepalli2020-08-251-0/+12
| | | | | | | | | Firmware statistics are received in the driver as opaque data. The host target needs to send this opaque data to userspace wifistats application. This new event is used to transfer this opaque data to the application. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* dpp-nfc: Start listen operation more completely for NFC Tag write casesJouni Malinen2020-08-241-25/+28
| | | | | | | | | Share the same setup steps from the negotiated connection handover to fix issues with NFC Tag write cases in AP mode. This addresses issues in the AP mode DPP listen operation not actually receiving anything when the write-a-tag code path was used. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* GAS: Fix memory leak on some DPP error pathsJouni Malinen2020-08-221-1/+3
| | | | | | | One of the code paths left behind a response buffer. Free this properly on this missed code path as well. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Additional coverage for OWE PMKSA cachingJouni Malinen2020-08-221-5/+18
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix EAPOL-Key msg 1/4 processing in a corner caseJouni Malinen2020-08-221-2/+5
| | | | | | | | | | | | | | | | If reassoc_same_bss_optim=1 is used to optimize reassociation back to the same BSS, it was possible for sm->pmk_len to be 0 due to a disconnection event getting processed after sending out the reassociation request. This resulted in wpa_sm_rx_eapol() calling wpa_mic_len() with incorrect PMK length when PMKSA caching was being attempted. That resulted in incorrect mic_len getting determined and not finding the correct Key Data Length field value. This could result in failing to complete 4-way handshake successfully. Fix this by updating the current PMK length based on the selected PMKSA cache entry if sm->pmk_len is not set when processing EAPOL-Key msg 1/4. Signed-off-by: Jouni Malinen <j@w1.fi>
* OWE: Do not add DH Params element in AssocResp with PMKSA cachingChittur Subramanian Raman2020-08-221-1/+2
| | | | | | | | | | | | | | | | As per RFC 8110 (Opportunistic Wireless Encryption), if the AP has the PMK identified by the PMKID and wishes to perform PMK caching, it will include the PMKID in the Association Response frame RSNE but does not include the Diffie-Hellman Parameter element. This was already addressed for most cases with owe_process_assoc_req() not setting sta->owe_ecdh in case PMKSA caching is used. However, it was possible to an old STA entry to maintain the initial sta->owe_ecdh value if reassociation back to the same AP was used to initiate the PMKSA caching attempt. Cover that case by adding an explicit check for the time when the Association Response frame is being generated. Signed-off-by: Chittur Subramanian Raman <craman@maxlinear.com>
* gitignore: Ignore ctags tags fileYegor Yefremov2020-08-221-0/+1
| | | | Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
* DPP2: Fix build without IEEE8021X_EAPOLJouni Malinen2020-08-221-2/+2
| | | | | | | | The local network profile parameters for EAP are not available without IEEE8021X_EAPOL, so do not try to set these in builds that do not include any EAP support. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Avoid heap-overflow on unexpected dataBrian Norris2020-08-221-2/+2
| | | | | | | | | | We're doing a sort of bounds check, based on the previous loop, but only after we've already tried to read off the end. This squashes some ASAN errors I'm seeing when running the ap_ft hwsim test module. Signed-off-by: Brian Norris <briannorris@chromium.org>
* LibreSSL: Fix build with LibreSSL versions older than 2.9.1Jouni Malinen2020-08-221-0/+5
| | | | | | | | SSL_add0_chain_cert() was not available in LibreSSL before version 2.9.1. Fixes: 4b834df5e08a ("OpenSSL: Support PEM encoded chain from client_cert blob") Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Fix wnm fuzzer build regressionJouni Malinen2020-08-221-0/+1
| | | | | | | | Addition of MSCS support broke the test tool build due to references to a functions from a new file. Fix this by bringing in that file to the fuzzer build as well. Signed-off-by: Jouni Malinen <j@w1.fi>
* dpp-nfc: Fix recv_octets() regressionJouni Malinen2020-08-141-1/+1
| | | | | | | | The updated socket.poll() loop did not terminate properly in cases where no response is available. Fix that to check for both False and None. Fixes: 1733e356e421 ("dpp-nfc: Fix handover client wait for receiving handover select") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Add test configuration to ignore SA Query timeoutVeerendranath Jakkam2020-08-141-0/+11
| | | | | | | | | Add a new QCA vendor attribute to configure the driver/firmware to ignore SA Query timeout. If this configuration is enabled the driver/firmware shall not send Deauthentication frame when SA Query times out. This is required to support STA testbed role. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* Fix documentation for the test configuration attributes of FT-SAE/OCVVeerendranath Jakkam2020-08-141-9/+6
| | | | | | | | | These vendor attributes for FT/OCV/SAE testing can be configured only when the STA is in connected state. Update the documentation of the attributes to reflect the same. Fixes: 18f3f99ac467 ("Add vendor attributes to configure testing functionality for FT/OCV/SAE") Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* Add get_sta_info vendor attrs to get BIP failure counters for STA modeVeerendranath Jakkam2020-08-141-0/+24
| | | | | | | | | | | Add support to get number of MIC errors, missing MME incidents, and packet replay incidents observed while using IGTK/BIGTK keys when PMF and/or beacon protection features are enabled. These counters are applicable only for STA mode and can be fetched through the QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO vendor command. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* tests: sigma_dut DPP AP as TCP Enrollee/initiatorJouni Malinen2020-08-141-0/+31
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Add process_conf_obj into TCP connection data structJouni Malinen2020-08-144-7/+42
| | | | | | | This is needed to avoid issues with hostapd not having set this function pointer in dpp_global. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Add msg_ctx into TCP connection data structJouni Malinen2020-08-144-26/+20
| | | | | | | This is needed to avoid issues with hostapd not having set msg_ctx in dpp_global. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: hostapd/AP as Enrollee/Initiator over TCPJouni Malinen2020-08-144-19/+53
| | | | | | | Extend DPP support in hostapd to allow AP Enrollee role when initiating the exchange using TCP. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* MSCS: Send MSCS change/remove frames only if MSCS setup existsVinita S. Maloo2020-08-144-0/+12
| | | | | | | Allow MSCS change/remove request to be sent only after an initial setup, i.e., after an add request has been accepted. Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
* MSCS: Parse result of MSCS setup in (Re)Association Response framesVinita S. Maloo2020-08-144-5/+44
| | | | | | | | | | | | | Add support to parse the (Re)Association Response frames to check if the AP has accepted/declined the MSCS request in response to the corresponding (Re)Association Request frame. AP indicates the result by setting it in the optional MSCS Status subelement of MSCS Descriptor element in (Re)Association Response frame. This MSCS Status subelement is defined in the process of being added into P802.11-REVmd/D4.0 (11-20-0516-17-000m-cr-mscs-and-cid4158). Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
* MSCS: Add support to populate MSCS Descriptor IE in (Re)AssocReqVinita S. Maloo2020-08-142-0/+70
| | | | | | | Include the MSCS Descriptor IE in the (Re)Association Request frames to setup MSCS between the AP and the STA during association. Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
* MSCS: Add support to process MSCS Response framesVinita S. Maloo2020-08-145-0/+39
| | | | | | | Add support to receive and process MSCS Response frames from the AP and indicate the status to upper layers. Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
* MSCS: Add support to send MSCS Request framesVinita S. Maloo2020-08-147-1/+215
| | | | | | | Add support to send MSCS add/change/remove types of Action frames to the connected AP. Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
* dpp-nfc: Fix handover client wait for receiving handover selectJouni Malinen2020-08-131-2/+12
| | | | | | | | | | | | | | This was supposed to wait for up to 3.0 seconds for the handover select, but the incorrect loop terminated ended up limiting this to a single iteration of 0.1 second wait. This was too fast for some cases like the AP mode operation where it may take significant time to enable the radio for listening to DPP authentication messages. Fix the loop to allow that full three second wait for the response to be used. In addition, report the amount of time it takes to receive the response. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SME: Process channel switch event in SME only when supplicant's SME is usedVeerendranath Jakkam2020-08-131-1/+3
| | | | | | | | Do not process channel switch event in wpa_supplicant's SME when SME is offloaded to the driver/firmware to avoid SA Query initiation from both wpa_supplicant and the driver/firmware for the OCV case. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Derive seg0_idx and seg1_idx for 6 GHz when processing channel switchRohan2020-08-131-2/+11
| | | | | | | | | | The function hostapd_event_ch_switch() derived the seg0_idx and seg1_idx values only for the 5 GHz and 2.4 GHz bands and the 6 GHz case ended up using incorrect calculation based on the 5 GHz channel definitions. Fix this by adding support for 6 GHz frequencies. Signed-off-by: Rohan <drohan@codeaurora.org>
* QCA vendor command to update SSIDPooventhiran G2020-08-131-0/+5
| | | | | | | | Add a QCA vendor subcommand QCA_NL80211_VENDOR_SUBCMD_UPDATE_SSID to update the new SSID in hostapd. NL80211_ATTR_SSID is used to encapsulate the new SSID. Signed-off-by: Pooventhiran G <pooventh@codeaurora.org>
* Add a vendor command for medium assessmentMin Liu2020-08-131-0/+98
| | | | | | | Introduce a vendor command for medium assessment through QCA_NL80211_VENDOR_SUBCMD_MEDIUM_ASSESS. Signed-off-by: Min Liu <minliu@codeaurora.org>
* Add AllPlay type to the QCA vendor elementHarshal Udas2020-08-131-1/+4
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: GAS/ANQP query without scanJouni Malinen2020-08-131-0/+19
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* ANQP: Add support to specify frequency in ANQP_GET commandVeerendranath Jakkam2020-08-133-10/+26
| | | | | | | | | | | | | | Previously, wpa_supplicant fetched BSS channel info from scan results to send ANQP Query frames. If the scan results for the specified BSS are not available, the ANQP_GET command request was getting rejected. Add support to send ANQP Query frame on the specified frequency without requiring the scan results to be available. The control interface command format: - ANQP_GET <dst_addr> [freq=<freq in MHz>] <Query ID1>[,<Query ID2>,..] Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>