path: root/hostapd/Android.mk
Commit message (Collapse)AuthorAgeFilesLines
* hostapd: Handle Neighbor Report Request frameDavid Spinadel2016-04-171-0/+1
| | | | | | | Process Neighbor Report Request frame and send Neighbor Report Response frame based on the configured neighbor report data. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Add a database of neighboring APsDavid Spinadel2016-04-161-0/+1
| | | | | | | | | | | | | | | | | Add a configurable neighbor database that includes the content of Nighbor Report element, LCI and Location Civic subelements and SSID. All parameters for a neighbor must be updated at once; Neighbor Report element and SSID are mandatory, LCI and civic are optional. The age of LCI is set to the time of neighbor update. The control interface API is: SET_NEIGHBOR <BSSID> <ssid=SSID> <nr=data> [lci=<data>] [civic=<data>] To delete a neighbor use: REMOVE_NEIGHBOR <BSSID> <SSID> Signed-off-by: David Spinadel <david.spinadel@intel.com>
* vlan: Move ifconfig helpers to a separate fileJouni Malinen2016-03-251-0/+1
| | | | | | This removes final ioctl() use within vlan_init.c. Signed-off-by: Jouni Malinen <j@w1.fi>
* vlan: Move CONFIG_FULL_DYNAMIC_VLAN functionality into a separate fileJouni Malinen2016-03-251-0/+1
| | | | | | | This cleans up vlan_init.c by removing number of C pre-processor dependencies. Signed-off-by: Jouni Malinen <j@w1.fi>
* vlan: Clean up netlink vs. ioctl API implementationJouni Malinen2016-03-251-8/+6
| | | | | | | | | | | Move the ioctl-based VLAN implementation to a separate file to avoid need for conditional blocks within vlan_ioctl.c. This removes the internal CONFIG_VLAN_NETLINK define, i.e., this is now used only in build configuration (.config) to select whether to include the vlan_util.c (netlink) or vlan_ioctl.c (ioctl) implementation of the functions. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Use common functions for ctrl_ifaceJanusz Dziedzic2016-03-051-0/+1
| | | | | | Use the common functions, structures when UNIX socket ctrl_iface used. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* Android: Remove superfluous OpenSSL include pathsAdam Langley2016-03-031-1/+0
| | | | | | | | The libcrypto and libssl modules (and their respective static and host versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module is sufficient. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* MBO: Track STA cellular data capability from association requestJouni Malinen2016-02-221-0/+1
| | | | | | | | This makes hostapd parse the MBO attribute in (Re)Association Request frame and track the cellular data capability (mbo_cell_capa=<val> in STA control interface command). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Add MBO IE to Beacon, Probe Response, Association ResponseAvraham Stern2016-02-221-0/+4
| | | | | | | | | | | | | | | | | | Add MBO IE with AP capability attribute to Beacon, Probe Response, and (Re)Association Response frames to indicate the AP supports MBO. Add option to add Association Disallowed attribute to Beacon, Probe Response, and (Re)Association Response frames. Usage: SET mbo_assoc_disallow <reason code> Valid reason code values are between 1-5. Setting the reason code to 0 will remove the Association Disallowed attribute from the MBO IE and will allow new associations. MBO functionality is enabled by setting "mbo=1" in the config file. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* VLAN: Separate station grouping and uplink configurationMichael Braun2016-02-171-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Separate uplink configuration (IEEE 802.1q VID) and grouping of stations into AP_VLAN interfaces. The int vlan_id will continue to identify the AP_VLAN interface the station should be assigned to. Each AP_VLAN interface corresponds to an instance of struct hostapd_vlan that is uniquely identified by int vlan_id within an BSS. New: Each station and struct hostapd_vlan holds a struct vlan_description vlan_desc member that describes the uplink configuration requested. Currently this is just an int untagged IEEE 802.1q VID, but can be extended to tagged VLANs and other settings easily. When the station was about to be assigned its vlan_id, vlan_desc and vlan_id will now be set simultaneously by ap_sta_set_vlan(). So sta->vlan_id can still be tested for whether the station needs to be moved to an AP_VLAN interface. To ease addition of tagged VLAN support, a member notempty is added to struct vlan_description. Is is set to 1 if an untagged or tagged VLAN assignment is requested and needs to be validated. The inverted form allows os_zalloc() to initialize an empty description. Though not depended on by the code, vlan_id assignment ensures: * vlan_id = 0 will continue to mean no AP_VLAN interface * vlan_id < 4096 will continue to mean vlan_id = untagged vlan id with no per_sta_vif and no extra tagged vlan. * vlan_id > 4096 will be used for per_sta_vif and/or tagged vlans. This way struct wpa_group and drivers API do not need to be changed in order to implement tagged VLANs or per_sta_vif support. DYNAMIC_VLAN_* will refer to (struct vlan_description).notempty only, thus grouping of the stations for per_sta_vif can be used with DYNAMIC_VLAN_DISABLED, but not with CONFIG_NO_VLAN, as struct hostapd_vlan is still used to manage AP_VLAN interfaces. MAX_VLAN_ID will be checked in hostapd_vlan_valid and during setup of VLAN interfaces and refer to IEEE 802.1q VID. VLAN_ID_WILDCARD will continue to refer to int vlan_id. Renaming vlan_id to vlan_desc when type changed from int to struct vlan_description was avoided when vlan_id was also used in a way that did not depend on its type (for example, when passed to another function). Output of "VLAN ID %d" continues to refer to int vlan_id, while "VLAN %d" will refer to untagged IEEE 802.1q VID. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* BoringSSL: Move OCSP implementation into a separate fileJouni Malinen2015-12-041-0/+1
| | | | | | | | This makes it easier to share the OCSP implementation needed for BoringSSL outside tls_openssl.c. For now, this is mainly for http_curl.c. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add SHA384 and SHA512 implementations from LibTomCrypt libraryPali Rohár2015-11-291-0/+12
| | | | | | | These will be used with the internal TLS implementation to extend hash algorithm support for new certificates and TLS v1.2. Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
* Fix key derivation for Suite B 192-bit AKM to use SHA384Jouni Malinen2015-08-271-0/+1
| | | | | | | | | While the EAPOL-Key MIC derivation was already changed from SHA256 to SHA384 for the Suite B 192-bit AKM, KDF had not been updated similarly. Fix this by using HMAC-SHA384 instead of HMAC-SHA256 when deriving PTK from PMK when using the Suite B 192-bit AKM. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add build option to remove all internal RC4 usesJouni Malinen2015-08-021-0/+6
| | | | | | | | | | | | The new CONFIG_NO_RC4=y build option can be used to remove all internal hostapd and wpa_supplicant uses of RC4. It should be noted that external uses (e.g., within a TLS library) do not get disabled when doing this. This removes capability of supporting WPA/TKIP, dynamic WEP keys with IEEE 802.1X, WEP shared key authentication, and MSCHAPv2 password changes. Signed-off-by: Jouni Malinen <j@w1.fi>
* OpenSSL: Add SHA256 support in openssl_tls_prf() for TLSv1.2Jouni Malinen2015-07-281-0/+2
| | | | | | | | This is needed when enabling TLSv1.2 support for EAP-FAST since the SSL_export_keying_material() call does not support the needed parameters for TLS PRF and the external-to-OpenSSL PRF needs to be used instead. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Add build options for selecting eloop typeJouni Malinen2015-07-231-0/+9
| | | | | | | | This adds CONFIG_ELOOP_POLL=y and CONFIG_ELOOP_EPOLL=y options to hostapd build options similarly to how these were implemented for wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FST: Testing supportAnton Nayshtut2015-07-161-0/+3
| | | | | | This patch introduces infrastructure needed for FST module tests. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FST: Add build rules for hostapdAnton Nayshtut2015-07-161-0/+13
| | | | | | This patch integrates the FST into the hostapd. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Rename ANDROID_P2P_STUB to ANDROID_LIB_STUBKevin Cernekee2015-06-261-1/+2
| | | | | | | | | | If BOARD_HOSTAPD_PRIVATE_LIB is not used on an Android build, we will need to replace both the p2p functions *and* wpa_driver_nl80211_driver_cmd in order to successfully link. Let's make the name more generic so it is more obvious what it is used for. Suggested-by: Dmitry Shmidt <dimitrysh@google.com> Signed-off-by: Kevin Cernekee <cernekee@google.com>
* Clear allocated debug message buffers explicitlyJouni Malinen2015-06-171-0/+1
| | | | | | | | | | | | When hostapd or wpa_supplicant is run in debug more with key material prints allowed (-K on the command line), it is possible for passwords and keying material to show up in debug prints. Since some of the debug cases end up allocating a temporary buffer from the heap for processing purposes, a copy of such password may remain in heap. Clear these temporary buffers explicitly to avoid causing issues for hwsim test cases that verify contents of memory against unexpected keys. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Implement AES-128 CBC using EVP APIJouni Malinen2015-03-291-0/+2
| | | | | | | | This replaces the internal CBC mode implementation in aes_128_cbc_encrypt() and aes_128_cbc_decrypt() with the OpenSSL implementation for CONFIG_TLS=openssl builds. Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix hlr_auc_gw build with OpenSSLJouni Malinen2015-03-201-0/+2
| | | | | | | | Commit 983c6a606bc839248ea0c69090e60c095a655bc6 ('OpenSSL: Replace internal HMAC-MD5 implementation') forgot to make inclusion of md5.o conditional for hlr_auc_gw build. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Remove SChannel supportJouni Malinen2015-03-181-11/+0
| | | | | | | | | SChannel/CryptoAPI as a TLS/crypto library alternative was never completed. Critical functionality is missing and there are bugs in this implementation. Since there are no known plans of completing this support, it is better to remove this code. Signed-off-by: Jouni Malinen <j@w1.fi>
* OpenSSL: Implement aes_wrap() and aes_unwrap()Jouni Malinen2015-01-281-0/+4
| | | | | | | | This replaces the implementation in aes-wrap.c and aes-unwrap.c with OpenSSL AES_wrap_key() and AES_unwrap_key() functions when building hostapd or wpa_supplicant with OpenSSL. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Replace internal HMAC-MD5 implementationJouni Malinen2015-01-281-2/+4
| | | | | | | Use OpenSSL HMAC_* functions to implement HMAC-MD5 instead of depending on the src/crypto/md5.c implementation. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add Suite B 192-bit AKMJouni Malinen2015-01-261-0/+5
| | | | | | | WPA-EAP-SUITE-B-192 can now be used to select 192-bit level Suite B into use as the key management method. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add HMAC-SHA384Jouni Malinen2015-01-261-0/+3
| | | | | | For now, this is only implemented with OpenSSL. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove Network Security Service (NSS) supportJouni Malinen2015-01-101-16/+0
| | | | | | | | | | NSS as a TLS/crypto library alternative was never completed and this barely functional code does not even build with the current NSS version. Taken into account that there has not been much interest in working on this crypto wrapper over the years, it is better to just remove this code rather than try to get it into somewhat more functional state. Signed-off-by: Jouni Malinen <j@w1.fi>
* Introduce common hw featuresJanusz Dziedzic2015-01-101-0/+1
| | | | | | Introduce wpa_supplicant/hostapd hw features. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* Android: Add Hotspot 2.0 into hostapd makefileJouni Malinen2014-11-251-0/+14
| | | | | | | This makes the Android.mk for hostapd match the Makefile changes for optional Hotspot 2.0 support. Signed-off-by: Jouni Malinen <j@w1.fi>
* Suite B: PMKID derivation for AKM 00-0F-AC:11Jouni Malinen2014-11-161-0/+6
| | | | | | | | | The new AKM uses a different mechanism of deriving the PMKID based on KCK instead of PMK. hostapd was already doing this after the KCK had been derived, but wpa_supplicant functionality needs to be moved from processing of EAPOL-Key frame 1/4 to 3/4 to have the KCK available. Signed-off-by: Jouni Malinen <j@w1.fi>
* AP: Add support for BSS load element (STA Count, Channel Utilization)Kyeyoon Park2014-10-211-0/+1
| | | | | | | | | | | | | | | The new "bss_load_update_period" parameter can be used to configure hostapd to advertise its BSS Load element in Beacon and Probe Response frames. This parameter is in the units of BUs (Beacon Units). When enabled, the STA Count and the Channel Utilization value will be updated periodically in the BSS Load element. The AAC is set to 0 sinze explicit admission control is not supported. Channel Utilization is calculated based on the channel survey information from the driver and as such, requires a driver that supports providing that information for the current operating channel. Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
* Android: Use extended P2P functionality (ANDROID_P2P) for all vendorsDmitry Shmidt2014-04-291-9/+3
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Disable unused parameter warningsGreg Hackmann2014-04-241-0/+3
| | | | | | | This avoids large number of undesired compiler warnings since Android build system is added -Wextra. Signed-off-by: Greg Hackmann <ghackmann@google.com>
* WPS: Enable WSC 2.0 support unconditionallyJouni Malinen2014-03-251-4/+0
| | | | | | | | | There is not much point in building devices with WPS 1.0 only supported nowadays. As such, there is not sufficient justification for maintaining extra complexity for the CONFIG_WPS2 build option either. Remove this by enabling WSC 2.0 support unconditionally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Use internal FIPS 186-2 PRF if neededJouni Malinen2014-03-111-2/+4
| | | | | | | | | | | | Previously, EAP-SIM/AKA/AKA' did not work with number of crypto libraries (GnuTLS, CryptoAPI, NSS) since the required FIPS 186-2 PRF function was not implemented. This resulted in somewhat confusing error messages since the placeholder functions were silently returning an error. Fix this by using the internal implementation of FIP 186-2 PRF (including internal SHA-1 implementation) with crypto libraries that do not implement this in case EAP-SIM/AKA/AKA' is included in the build. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2: Add common OSEN definitionsJouni Malinen2014-02-251-0/+4
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Use external libnl 2.0 dynamic libraryDmitry Shmidt2014-02-191-0/+8
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Remove hostapd dump_file functionalityDmitry Shmidt2014-01-141-1/+0
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Fix EAP-GPSK server compilation for SHA256 cipher suiteJouni Malinen2014-01-071-1/+1
| | | | | | | | Need to use common EAP_GPSK_SHA256 define for this instead of the server-specific EAP_SERVER_GPSK_SHA256 which was not really used anywhere. Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove hostapd dump_file functionalityJouni Malinen2014-01-021-2/+3
| | | | | | | | | | This debugging mechanism has now been deprecated by the control interface commands that can be used to fetch same internal information from hostapd in a more convenient way. Leave the empty USR1 signal handler and configuration file parameter for backwards compatibility. They can be removed in future versions of hostapd. Signed-hostap: Jouni Malinen <j@w1.fi>
* Android: Sync Android.mk with MakefileJouni Malinen2013-11-081-0/+4
| | | | | | | This brings in commit 0648c3b8f5c38bc2206758738278e074f6f5b11b changes to add Linux tracing option for hostapd. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Sync Android.mk with MakefileJouni Malinen2013-11-081-4/+0
| | | | | | | This brings in commit fd2f2d0489635d590930bc0945fbc438ba1387e2 changes to remove optional gnutls-extra dependency. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Set proper path to keystore include dirDmitry Shmidt2013-11-081-4/+1
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Add CONFIG_ACS option to makefileDmitry Shmidt2013-11-081-0/+6
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Add liblogYing Wang2013-11-081-2/+2
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Restore OpenSSL ENGINE supportKenny Root2013-11-081-3/+0
| | | | | | We now use an OpenSSL ENGINE to support keystore functionality. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* Android: Remove obsolete WPA_UNICODE_SSID defineDmitry Shmidt2013-11-071-3/+0
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* hostapd: Allow hostapd_cli to work on AndroidJeff Johnson2013-11-071-0/+4
| | | | | | | | Add definitions of the Android specific directories used for control interface sockets so that hostapd_cli can connect to the Android hostapd. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Add ANDROID_P2P define under BOARD_WLAN_DEVICEDmitry Shmidt2013-11-071-0/+12
| | | | Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>