aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/hostapd.h
Commit message (Collapse)AuthorAgeFilesLines
* Remove IAPP functionality from hostapdJouni Malinen2019-09-111-2/+0
| | | | | | | | | | | | | | IEEE Std 802.11F-2003 was withdrawn in 2006 and as such it has not been maintained nor is there any expectation of the withdrawn trial-use recommended practice to be maintained in the future. Furthermore, implementation of IAPP in hostapd was not complete, i.e., only parts of the recommended practice were included. The main item of some real use long time ago was the Layer 2 Update frame to update bridges when a STA roams within an ESS, but that functionality has, in practice, been moved to kernel drivers to provide better integration with the networking stack. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove CONFIG_IEEE80211W build parameterJouni Malinen2019-09-081-2/+0
| | | | | | | | | Hardcode this to be defined and remove the separate build options for PMF since this functionality is needed with large number of newer protocol extensions and is also something that should be enabled in all WPA2/WPA3 networks. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP server: Use struct eap_config to avoid duplicated definitionsJouni Malinen2019-08-181-0/+1
| | | | | | | | | Use struct eap_config as-is within struct eap_sm and EAPOL authenticator to avoid having to duplicate all the configuration variables at each interface. Split the couple of session specific variables into a separate struct to allow a single const struct eap_config to be used. Signed-off-by: Jouni Malinen <j@w1.fi>
* Extra RADIUS request attributes from SQLiteTerry Burton2019-07-301-0/+8
| | | | | | | | | | | | | | | Add an SQLite table for defining per station MAC address version of radius_auth_req_attr/radius_acct_req_attr information. Create the necessary table and index where this doesn't exist. Select attributes from the table keyed by station MAC address and request type (auth or acct), parse and apply to a RADIUS message. Add radius_req_attr_sqlite hostapd config option for SQLite database file. Open/close RADIUS attribute database for a lifetime of a BSS and invoke functions to add extra attributes during RADIUS auth and accounting request generation. Signed-off-by: Terry Burton <tez@terryburton.co.uk>
* macsec: Support IEEE 802.1X(EAP)/PSK MACsec Key Agreement in hostapdleiwei2019-06-031-0/+4
| | | | Signed-off-by: leiwei <leiwei@codeaurora.org>
* AP: Consider regulatory limitation when filling WMM elementHaim Dreyfuss2019-05-281-0/+3
| | | | | | | | | In case the current channel has regulatory WMM limitations, take them into account when filling the WMM element. Also check if the new WMM element is different from the previous one and if so change the parameter_set_count to imply stations to look into it. Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
* Enforce that IEEE 802.1X EAPOL-Key Replay Counter increasesJouni Malinen2019-05-041-0/+2
| | | | | | | | | While this should not happen in practical use cases, wpa_get_ntp_timestamp() could return the same value when called twice in a row quickly. Work around that case by enforcing a new Replay Counter value based on stored last value. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Add airtime policy configuration supportToke Høiland-Jørgensen2019-05-021-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | This adds support to hostapd for configuring airtime policy settings for stations as they connect to the access point. This is the userspace component of the airtime policy enforcement system PoliFi described in this paper: https://arxiv.org/abs/1902.03439 The Linux kernel part has been merged into mac80211 for the 5.1 dev cycle. The configuration mechanism has three modes: Static, dynamic and limit. In static mode, weights can be set in the configuration file for individual MAC addresses, which will be applied when the configured stations connect. In dynamic mode, weights are instead set per BSS, which will be scaled by the number of active stations on that BSS, achieving the desired aggregate weighing between the configured BSSes. Limit mode works like dynamic mode, except that any BSS *not* marked as 'limited' is allowed to exceed its configured share if a per-station fairness share would assign more airtime to that BSS. See the paper for details on these modes. Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
* Make channel switch started event available over control interfaceOmer Dagan2019-04-221-1/+2
| | | | | | | | This makes it easier to upper layer components to manage operating channels in cases where the same radio is shared for both station and AP mode virtual interfaces. Signed-off-by: Omer Dagan <omer.dagan@tandemg.com>
* DPP: Common configurator/bootstrapping data managementJouni Malinen2019-03-241-3/+1
| | | | | | | | | | Merge the practically copy-pasted implementations in wpa_supplicant and hostapd into a single shared implementation in dpp.c for managing configurator and boostrapping information. This avoid unnecessary code duplication and provides a convenient location for adding new global DPP data. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: Enforce single use for anti-clogging tokensJouni Malinen2019-03-061-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | Add a 16-bit token index into the anti-clogging token. This can be used to enforce only a single use of each issued anti-clogging token request. The token value is now token-index | last-30-octets-of(HMAC-SHA256(sae_token_key, STA-MAC-address | token-index)), i.e., the first two octets of the SHA256 hash value are replaced with the token-index and token-index itself is protected as part of the HMAC context data. Track the used 16-bit token index values and accept received tokens only if they use an index value that has been requested, but has not yet been used. This makes it a bit more difficult for an attacker to perform DoS attacks against the heavy CPU operations needed for processing SAE commit since the attacker cannot simply replay the same frame multiple times and instead, needs to request each token separately. While this does not add significant extra processing/CPU need for the attacker, this can be helpful in combination with the queued processing of SAE commit messages in enforcing more delay during flooding of SAE commit messages since the new anti-clogging token values are not returned before the new message goes through the processing queue. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: Process received commit message through a queueJouni Malinen2019-03-061-0/+8
| | | | | | | | | | | | | | This allows better control of processing new SAE sessions so that other operations can be given higher priority during bursts of SAE requests, e.g., during a potential DoS attack. The receive commit messages are queued (up to maximum of 15 entries) and processed from eloop callback. If the queue has multiple pending entries, more wait time is used to go through the each new entry to reduce heavy CPU load from SAE processing. Enable anti-clogging token use also based on the pending commit message queue and not only based on the already started sessions. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* OCE: Move OCE checks to IE formation from hostapd initializationAnkita Bajaj2018-10-301-5/+7
| | | | | | | | | | Earlier, the OCE flags were checked during hostapd initialization. This doesn't address few cases like for example when the interface is added from control interface. Move the OCE flag checks to the functions that are forming the MBO/OCE IEs to cover all the different paths for enabling a BSS. Also use macros as appropriate for readability. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Re-configure WEP keys on hostapd interface re-enableHu Wang2018-08-211-0/+1
| | | | | | | This allows WEP mode AP to be re-enabled automatically after external ifconfig down + up on netdev used by hostapd. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* hostapd: Fix CHAN_SWITCH command for VHT20 and VHT40Sathishkumar Muruganandam2018-05-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, hostapd CHAN_SWITCH command did not effect VHT configuration for the following: When VHT is currently disabled (ieee80211ac=0), 1. hostapd_cli -p /var/run/hostapd chan_switch 10 5180 \ sec_channel_offset=1 center_freq1=5190 bandwidth=40 ht ====> Comes up in HT40 2. hostapd_cli -p /var/run/hostapd chan_switch 10 5765 \ sec_channel_offset=-1 center_freq1=5775 bandwidth=40 vht ====> Comes up in HT40 3. hostapd_cli -p /var/run/hostapd chan_switch 10 5200 center_freq1=5200 \ bandwidth=20 vht ====> Comes up in HT20 When VHT is currently enabled (ieee80211ac=1), 1. hostapd_cli -p /var/run/hostapd chan_switch 10 5180 \ sec_channel_offset=1 center_freq1=5190 bandwidth=40 ht ====> Comes up in VHT40 2. hostapd_cli -p /var/run/hostapd chan_switch 10 5200 center_freq1=5200 \ bandwidth=20 ht ====> Comes up in VHT20 This is since VHT config from chan_switch is processed only for bandwidths 80 and above (80P80, 160) and for VHT20, VHT40 cases, only NLA chan type and chan width are updated. There is no NL attribute for determining if it is HT or VHT for bandwidths 20 & 40 and currently they are updated as HT20, HT40 (+ or - depending on offset). Same is notified back via NL80211_CMD_CH_SWITCH_NOTIFY. Instead of adding new NL attribute for tracking HT/VHT enabled config, we are adding new hostapd VHT config parameter to save the chan_switch config and use only for chan_switch case of VHT20 and VHT40. Tested with all combinations of chan_switch (noHT->20->40->80->) HT/VHT and confirmed to be working. Signed-off-by: Sathishkumar Muruganandam <murugana@codeaurora.org>
* Make STA opmode change event available to upper layersTamizh chelvam2018-03-191-0/+3
| | | | | | | | | | | | | Add an event callback for EVENT_STATION_OPMODE_CHANGED to allow user/application to get the notification whenever there is a change in a station's HT/VHT op mode. The new events: STA-OPMODE-MAX-BW-CHANGED <addr> <20(no-HT)|20|40|80|80+80|160> STA-OPMODE-SMPS-MODE-CHANGED <addr> <automatic|off|dynamic|static> STA-OPMODE-N_SS-CHANGED <addr> <N_SS> Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
* DPP: Authentication exchange retries and channel iteration in hostapdJouni Malinen2018-01-081-0/+8
| | | | | | | | This extends hostapd with previoiusly implemented wpa_supplicant functionality to retry DPP Authentication Request/Response and to iterate over possible negotiation channels. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Report offchannel RX frame frequency to hostapdJouni Malinen2018-01-081-0/+1
| | | | | | | | | | Not all code paths for management frame RX reporting delivered the correct frequency for offchannel RX cases. This is needed mainly for Public Action frame processing in some special cases where AP is operating, but an exchange is done on a non-operational channel. For example, DPP Initiator role may need to do this. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* hostapd: Add average channel utilization in STATUSBhagavathi Perumal S2017-12-111-0/+4
| | | | | | | | | | This allows external programs to get the average channel utilization. The average channel utilization is calculated and reported through STATUS command. Users need to configure chan_util_avg_period and bss_load_update_period in hostapd config to get the average channel utilization. Signed-off-by: Bhagavathi Perumal S <bperumal@qti.qualcomm.com>
* hostapd: Update BSS load update period dynamicallyBhagavathi Perumal S2017-12-111-3/+0
| | | | | | | | | | | Recalculate the timeout value for each event instead of calculating this once and then not allowing the timeout configuration to be changed without fully stopping and restarting the interface. This allows the bss_load_update_period configuration parameter to be modified while a BSS continues operating. Signed-off-by: Bhagavathi Perumal S <bperumal@qti.qualcomm.com>
* DPP: Move hostapd Configurator/bootstrap data into global contextJouni Malinen2017-11-271-2/+6
| | | | | | | | | This moves the Configurator and Bootstrapping Information data from struct hostapd_data (per-BSS) to struct hapd_interfaces (per-hostapd process). This allows the information to be maintained over interface restarts and shared between interfaces. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add testing functionality for resetting PN/IPN for configured keysJouni Malinen2017-10-161-0/+12
| | | | | | | | | | | | | This can be used to test replay protection. The "RESET_PN" command in wpa_supplicant and "RESET_PN <addr>" command in hostapd resets the local counters to zero for the last configured key. For hostapd, the address parameter specifies which STA this operation is for or selects GTK ("ff:ff:ff:ff:ff:ff") or IGTK ("ff:ff:ff:ff:ff:ff IGTK"). This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
* OWE: Transition mode information based on BSS ifnameJouni Malinen2017-10-091-0/+1
| | | | | | | | | The owe_transition_bssid and owe_transition_ssid parameters can now be replace with owe_transition_ifname to clone the BSSID/SSID information automatically in case the same hostapd process manages both the OWE and open BSS for transition mode. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Remove devices object from the connectorJouni Malinen2017-08-221-1/+0
| | | | | | | This was removed from the draft DPP tech spec, so remove it from the implementation as well. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OCE: Add hostapd mode OCE capability indication if enabledAshwini Patil2017-07-141-0/+5
| | | | | | | Add OCE IE in Beacon, Probe Response, and (Re)Association Response frames if OCE is enabled in the configuration. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FILS: Add HLP support with driver-based AP SMEJeffin Mammen2017-07-061-0/+2
| | | | | | | This allows HLP processing to postpone association processing in hostapd_notify_assoc(). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Update hostapd configurator parameters to match wpa_supplicantJouni Malinen2017-07-031-0/+1
| | | | | | | This updates the previously copied implementation to be up-to-date with the more recent wpa_supplicant changes. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Configurator in hostapdJouni Malinen2017-07-031-0/+1
| | | | | | | This integrates DPP configuration request processing into hostapd GAS server implementation. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: PKEX in hostapdJouni Malinen2017-07-031-0/+5
| | | | | | | Allow hostapd to initiate and respond with PKEX bootstrapping similarly to how this was implemented in wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Integration for hostapdJouni Malinen2017-06-191-0/+17
| | | | | | | This adds DPP bootstrapping, authentication, and configuration into hostapd similarly to how the design was integrated in wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DFS: Allow switch to DFS channel after radar detection in ETSIVasanthakumar Thiagarajan2017-05-131-0/+2
| | | | | | | | | | | | This is to comply with uniform spreading requirement for ETSI domain (section 4.7.2.7 in EN 301 893 - V1.8.1). ETSI uniform spreading requires equal probability for the usable channels. The previous channel selection logic after a radar detection did not fully comply with the uniform spreading requirement for the domain by ignoring DFS channels. Consider DFS channels also during channel selection when the current DFS domain is ETSI. Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
* FT: New RRB message formatMichael Braun2017-05-031-0/+2
| | | | | | | | | | | | | | Convert FT RRB into a new TLV based format. Use AES-SIV as AEAD cipher to protect the messages. This needs at least 32 byte long keys. These can be provided either by a config file change or letting a KDF derive the 32 byte key used from the 16 byte key given. This breaks backward compatibility, i.e., hostapd needs to be updated on all APs at the same time to allow FT to remain functional. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FT: Replace inter-AP protocol with use of OUI Extended EthertypeMichael Braun2017-05-031-0/+7
| | | | | | | | | | | | | | | | | | Replace the previously used extension of IEEE 802.11 managed Ethertype 89-0d (originally added for Remote Request/Response in IEEE 802.11r) with Ethertype 88-b7 (OUI Extended EtherType) for FT inter-AP communication. The new design uses a more properly assigned identifier for the messages. This assigns the OUI 00:13:74 vendor-specific subtype 0x0001 for the new hostapd AP-to-AP communication purposes. Subtypes 1 (PULL), 2 (RESP), and 3 (PUSH) are also assigned in this commit for the R0KH-R1KH protocol. This breaks backward compatibility, i.e., hostapd needs to be updated on all APs at the same time to allow FT to remain functional. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FT: Schedule wpa_ft_rrb_rx() through eloop in intra-process communicationMichael Braun2017-04-011-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | With AP-AP communication, when hapd0 sends a packet, hapd1 can receive it immediately and send a response. But hapd0 will only read and process the response after it has returned from the sending context, that is entered eloop again. So one does not need to consider the RX function of the reply to run for the request sending hapd before the send calling function has returned. Previously, with intra-process communication, the packet is not scheduled through eloop. Thus the RX handler of the reply might be run while the sending context of the original request has not returned. This might become problematic, e.g., when deferring a management frame processing until an RRB response is received and then have the request restarted and finished before the original request handling has been stopped. I'm not aware of any concrete bug this is currently triggering but came across it while thinking of FT RRB AP-AP sequence numbering. I think the non-eloop scheduling approach might be error-prone and thus propose to model it more closely to the way the message would be received from a socket. Additionally, this ensures that the tests model AP-AP communication more closely to real world. Solution: queue these packets through eloop. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FILS: DHCP relay for HLP requestsJouni Malinen2017-02-011-0/+2
| | | | | | | | | | | | | | | The new dhcp_server configuration parameter can now be used to configure hostapd to act as a DHCP relay for DHCPDISCOVER messages received as FILS HLP requests. The dhcp_rapid_commit_proxy=1 parameter can be used to configure hostapd to convert 4 message DHCP exchange into a 2 message exchange in case the DHCP server does not support DHCP rapid commit option. The fils_hlp_wait_time parameter can be used to set the time hostapd waits for an HLP response. This matches the dot11HLPWaitTime in IEEE Std 802.11ai-2016. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Beacon request through hostapd control interfaceJouni Malinen2017-01-031-0/+1
| | | | | | | | | | The new control interface command "REQ_BEACON <STA addr> [req_mode=<mode>] <beacon request>" can now be used to request hostapd to transmit a measurement request to request a beacon report from an associated STA. This command returns the assigned dialog token (1-255) or FAIL on failure. Signed-off-by: Jouni Malinen <j@w1.fi>
* GAS: Remove unnecessarily duplicate gas_frag_limit configurationJouni Malinen2016-12-291-3/+0
| | | | | | | | The actual BSS configuration parameter can be updated with the SET control interface command, so there is no need to maintain a separate per-BSS parameter and a separate control interface handling for this. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Add a configuration to set an AP as stationaryDavid Spinadel2016-10-291-0/+1
| | | | | | | | | | | Add a configuration option in hostapd.conf and in neighbor report that sets an AP as stationary. To enable this option on the current AP set the config option stationary_ap to 1. To set a neighbor entry to be marked as stationary add the word stat to the SET_NEIGHBOR command. This option tells hostapd to send LCI data even if it is older than requested by max age subelement in RRM request. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Added signal level to STA trackingKevin Mahoney2016-10-281-0/+1
| | | | | | | Add signal level information to the station tracking information. Also make it available via the "TRACK_STA_LIST" control command. Signed-off-by: Kevin Mahoney <k.mahoney@cablelabs.com>
* taxonomy: Store Probe Request frames in hostapd_sta_infoDenton Gentry2016-09-211-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | A weakness in the initial client taxonomy mechanism is from storing both the Probe and Associate in struct sta_info. struct sta_info is created after a client associates (or starts authentication frame exchange), which means that any Probe Request frames sent prior to association are not retained. The Associate Request frame has to be seen, and then another Probe Request frame after association, before we have a signature for the client. Most clients send lots of Probe Request frames (lots and lots and lots of Probes, actually), but a few do not. ChromeOS is notably sparing in sending Probe Request frames, it can take a long time before a signature for a ChromeOS device is available. Store the most recent Probe Request frame in struct hostapd_sta_info tracking list. When a struct sta_info is created, move the Probe Request frame information from struct hostapd_sta_info to struct sta_info. Signed-off-by: dgentry@google.com (Denton Gentry) Signed-off-by: denny@geekhold.com (Denton Gentry) Signed-off-by: rofrankel@google.com (Richard Frankel) Signed-off-by: richard@frankel.tv (Richard Frankel)
* Initialize iface->sta_seen on allocationJouni Malinen2016-09-211-0/+1
| | | | | | | | | | | | Previously, struct hostapd_iface sta_seen list head was initialized only when completing interface setup. This left a window for operation that could potentially iterate through the list before the list head has been initialized. While the existing code checked iface->num_sta_seen to avoid this case, it is much cleaner to initialize the list when struct hostapd_iface is allocated to avoid any accidental missing of the extra checks before list iteration. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Fix early init failure pathJouni Malinen2016-06-121-0/+1
| | | | | | | eloop deinit calls could trigger segmentation fault if the early error path is hit before eloop_init() gets called. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Add FTM range requestDavid Spinadel2016-04-171-0/+2
| | | | | | | | | | | | | | | | | | | | Add FTM range request via RRM. The AP sends Radio measurement request with FTM range request as a request for the receiving STA to send FTM requests to the given list of APs. The neighbor report part of the request is taken from the neighbor database. The control interface command is: REQ_RANGE <dst addr> <rand_int> <min_ap> <responder> [<responder>..] dst addr: MAC address of an associated STA rand_int: Randomization Interval (0..65535) in TUs min_ap: Minimum AP Count (1..15); minimum number of requested FTM ranges between the associated STA and the listed APs responder: List of BSSIDs for neighboring APs for which a measurement is requested Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Add LCI requestDavid Spinadel2016-04-171-0/+3
| | | | | | | Add a hostapd control interface command REQ_LCI to request LCI from an associated station using radio measurement. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Add a database of neighboring APsDavid Spinadel2016-04-161-0/+12
| | | | | | | | | | | | | | | | | Add a configurable neighbor database that includes the content of Nighbor Report element, LCI and Location Civic subelements and SSID. All parameters for a neighbor must be updated at once; Neighbor Report element and SSID are mandatory, LCI and civic are optional. The age of LCI is set to the time of neighbor update. The control interface API is: SET_NEIGHBOR <BSSID> <ssid=SSID> <nr=data> [lci=<data>] [civic=<data>] To delete a neighbor use: REMOVE_NEIGHBOR <BSSID> <SSID> Signed-off-by: David Spinadel <david.spinadel@intel.com>
* mesh: Add support for PMKSA cachingMasashi Honma2016-03-201-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This patch add functionality of mesh SAE PMKSA caching. If the local STA already has peer's PMKSA entry in the cache, skip SAE authentication and start AMPE with the cached value. If the peer does not support PMKSA caching or does not have the local STA's PMKSA entry in the cache, AMPE will fail and the PMKSA cache entry of the peer will be removed. Then STA retries with ordinary SAE authentication. If the peer does not support PMKSA caching and the local STA uses no_auto_peer=1, the local STA can not retry SAE authentication because NEW_PEER_CANDIDATE event cannot start SAE authentication when no_auto_peer=1. So this patch extends MESH_PEER_ADD command to use duration(sec). Throughout the duration, the local STA can start SAE authentication triggered by NEW_PEER_CANDIDATE even though no_auto_peer=1. This commit requires commit 70c93963edefa37ef84b73efb9d04ea10268341c ('SAE: Fix PMKID calculation for PMKSA cache'). Without that commit, chosen PMK comparison will fail. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* hostapd: Use common functions for ctrl_ifaceJanusz Dziedzic2016-03-051-2/+2
| | | | | | Use the common functions, structures when UNIX socket ctrl_iface used. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* hostapd: Add MBO IE to Beacon, Probe Response, Association ResponseAvraham Stern2016-02-221-0/+4
| | | | | | | | | | | | | | | | | | Add MBO IE with AP capability attribute to Beacon, Probe Response, and (Re)Association Response frames to indicate the AP supports MBO. Add option to add Association Disallowed attribute to Beacon, Probe Response, and (Re)Association Response frames. Usage: SET mbo_assoc_disallow <reason code> Valid reason code values are between 1-5. Setting the reason code to 0 will remove the Association Disallowed attribute from the MBO IE and will allow new associations. MBO functionality is enabled by setting "mbo=1" in the config file. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* mesh: Fix peer link counting when a mesh peer reconnectsSrinivasa Duvvuri2016-02-061-1/+2
| | | | | | | | | | | | | | | | | | | When a mesh point reconnects by starting from Authentication frame sequence, the plink count was not decremented from its last connection. This resulted in leaking peer link count and causing wpa_supplicant to reject the connection after max_peer_links (default: 99) reconnects. This was reproduced by pre-configuring 2 mesh points with mesh credentials. Boot both mesh points and make sure they connect to each other. Then in a loop reboot one of the mesh points after it successfully connects while leaving the other mesh point up and running. After 99 iterations the supplicant on mesh point that is not rebooting will reject the connection request from the other mesh point. Fix this by decrementing num_plinks when freeing a STA entry that is still in PLINK_ESTAB state. Signed-off-by: Srinivasa Duvvuri <sduvvuri@chromium.org>
* Add Acct-Session-Id to Accounting-On/OffNick Lowe2016-02-061-0/+1
| | | | | | | An Acct-Session-Id is required on Accounting-On and Accounting-Off forms of Accounting-Request. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>