aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Initialize iface->sta_seen on allocationJouni Malinen2016-09-212-3/+17
| | | | | | | | | | | | Previously, struct hostapd_iface sta_seen list head was initialized only when completing interface setup. This left a window for operation that could potentially iterate through the list before the list head has been initialized. While the existing code checked iface->num_sta_seen to avoid this case, it is much cleaner to initialize the list when struct hostapd_iface is allocated to avoid any accidental missing of the extra checks before list iteration. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove unused generation of Request Authenticator in Account-RequestNick Lowe2016-09-211-5/+0
| | | | | | | | | Do not generate an unused and invalid Request Authenticator (random value) when constructing Accounting-Request packets. The correct Request Authenticator is calculated subsequently in radius_msg_finish_acct() using MD5(msg + shared secret). Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* Revert "nl80211: Remove duplicated check in nl80211_setup_ap()"Rafał Miłecki2016-09-171-1/+2
| | | | | | | | | | | | | | | | | This reverts commit 647862eb60c324015ea31293cc052558b5185ca4. The second check of device_ap_sme looks like duplicated, but it isn't actually. The trick is nl80211_create_monitor_interface may change that variable value and the second evaluation may give a different result. This definitely isn't a very clear code, but that change caused a regression for drivers that: 1) Don't report NL80211_ATTR_DEVICE_AP_SME 2) Don't support monitor mode 3) Don't support subscribing for PROBE_REQ and/or ACTION frames like brcmfmac. With such drivers hostapd doesn't start anymore. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* Fix typos in wpa_supplicant configuration parameter documentationJouni Malinen2016-09-101-3/+3
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* nl80211: Use the monitor interface only without device_ap_sme supportSunil Dutt2016-09-081-19/+2
| | | | | | | | | | | | | | | | | The places using drv->use_monitor were already skipping creation of the monitor interface if drv->device_ap_sme == 0. This means that the monitor interface operations would not have worked anyway and it is safe to set drv->use_monitor to zero for all such cases. This fixes an issue with management frame subscription not happening properly for the case where the AP SME is in the driver and the driver supports monitor interfaces (for other purposes). This commit also removes the check for monitor support and the previously used workaround that cleared drv->use_monitor in drv->device_ap_sme == 1 case if monitor interface was not supported since that condition cannot occur anymore. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FST: Fix search for peer's "other" connectionDedy Lansky2016-09-083-115/+175
| | | | | | | | | | | | | Upon receiving FST Setup Request from some peer on some interface, search is made to see if same peer is connected on other interface with specific band_id. With multiple peers, bug in fst_group_does_iface_appear_in_other_mbies() caused wrong peer address to be returned sometimes. Fix this with a modified, simplified search algorithm of peer's "other" connection. Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
* Fix mistakes in definition of QCA vendor commands for indoor locationLior David2016-09-061-2/+3
| | | | | | | | | | | | | | Fix some mistakes in the previous commit for adding QCA vendor commands for indoor location. Note: The renamed enum value does not change the ABI, but the addition of QCA_WLAN_VENDOR_ATTR_FTM_MEAS_INVALID in the beginning of enum qca_wlan_vendor_attr_ftm_meas does renumber QCA_WLAN_VENDOR_ATTR_FTM_MEAS_* values. The previous values were committed yesterday and have not been used in any released code yet, so this is a justifiable quick fix. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* Handle NULL return from os_zalloc() in sta_track_add()Joel Cunningham2016-09-061-0/+2
| | | | | | This adds handling for a memory allocation failure in sta_track_add(). Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
* Add QCA vendor commands/attributes for indoor locationLior David2016-09-051-0/+439
| | | | | | | | | | | | | | | | | | | | | | | Assign QCA vendor specific commands, attributes, and events for supporting indoor location features. These features include: 1. Fine timing measurement (FTM) - allows measurement of distance between two stations. Based on IEEE P802.11-REVmc/D7.0, 11.24.6 FTM is performed between two stations: one is an initiator, typically a client that wants to measure distance to another AP, and one is a responder, typically an AP which responds to measurement requests from other clients. The responder can be configured to report its location, either in absolute coordinates (LCI) or free-form description (LCR). 2. Angle of arrival (AOA) - allows measurement of azimuth and elevation between two stations. The above features can be combined to allow a station to get an accurate indoor location. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* hostapd: Allow FTM functionality to be publishedLior David2016-09-052-0/+12
| | | | | | | | | | | Add configuration options that control publishing of fine timing measurement (FTM) responder and initiator functionality via bits 70, 71 of Extended Capabilities element. Typically, FTM functionality is controlled by a location framework outside hostapd. When framework is activated, it will use hostapd to configure the AP to publish the FTM functionality. See IEEE P802.11-REVmc/D7.0, 9.4.2.27. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* hostapd: Use stations nsts capability in (Re)Association Response frameTamizh chelvam2016-09-055-6/+35
| | | | | | | | | | | | | | | Some deployed stations incorrectly consider nsts capability in (Re)Association Response frame as required capability instead of maximum capability and if it is greater than station's capability then beamform will not happen in uplink traffic. This commit adds support for an optional workaround to use station's nsts capability in (Re)Association Response frame if the station's nsts is less than AP by using the use_sta_nsts=1 configuration parameter. This configuration is introduced in this commit and it is disabled by default. Signed-off-by: Tamizh chelvam <c_traja@qti.qualcomm.com>
* QCA vendor subcommand for LL_STATS extensionZhang Qian2016-09-051-0/+46
| | | | | | | | | | | | | Some user space monitor wants to offload link layer statistics to firmware. A new command QCA_NL80211_VENDOR_SUBCMD_LL_STATS_EXT and associcated attributes are added. The monitor will use this new command to configure monitoring paramters and get link layer statistics. Attributes added in this change: 1. Parameters for FW to trigger the statistics report 2. Peer STA power state 3. TX failure statistics Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
* mka: Clean up key allocationSabrina Dubroca2016-08-282-133/+64
| | | | | | | | | | | | | Assign cs in ieee802_1x_mka_decode_dist_sak_body and reuse it. Cleanup of key allocation: ieee802_1x_kay_generate_new_sak() and ieee802_1x_mka_decode_dist_sak_body() both allocate a struct key_conf, fill it, and ask ieee802_1x_kay_init_data_key() to allocate and set up a struct data_key. They also allocate multiple key buffers and copy the same data around. Stop moving data from buffer to buffer, and just allocate what we really need. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Get rid of struct ieee802_1x_cp_confSabrina Dubroca2016-08-284-60/+10
| | | | | | | Instead of copying from kay to a temporary struct, and then from the struct to the sm, just copy from kay to cp. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Store cipher suite ID in a u64 instead of u8 pointerSabrina Dubroca2016-08-2810-40/+34
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Make csindex unsignedJouni Malinen2016-08-282-6/+7
| | | | | | | This avoids unnecessary typecasting while still being able to compare the value to CS_TABLE_SIZE without compiler warnings. Signed-off-by: Jouni Malinen <j@w1.fi>
* mka: Reorganize live peer creation and key server electionSabrina Dubroca2016-08-281-29/+11
| | | | | | | This modifies ieee802_1x_kay_decode_mkpdu() check for peer including me in its peer list. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Share a single delete mka implementationSabrina Dubroca2016-08-281-15/+12
| | | | | | | Share mka deletion implementation in ieee802_1x_participant_timer() for the cak_life and mka_life expiration cases. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Introduce compare_priorities()Sabrina Dubroca2016-08-281-16/+18
| | | | | | | This takes care of priority comparison followed by MAC address comparison if the priorities are identical. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Clean up ieee802_1x_kay_mkpdu_sanity_check()Sabrina Dubroca2016-08-281-10/+8
| | | | | | This drops one indentation level and makes the code a bit more readable. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Simplify ieee802_1x_mka_dist_sak_body_present()Sabrina Dubroca2016-08-281-4/+1
| | | | | | No need for an if statement to figure out Boolean return value. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Replace participant->kay with a local kay variableSabrina Dubroca2016-08-281-64/+55
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Fix typos in grammar in variable names and commentsSabrina Dubroca2016-08-281-10/+10
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Use named initializers for mka_body_handler[]Sabrina Dubroca2016-08-281-46/+46
| | | | | | Also move the struct definition to be next to this array definition. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Remove unused enum mka_created_mode valuesSabrina Dubroca2016-08-281-2/+0
| | | | | | DISTRIBUTED and CACHED were not used anywhere. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Remove cs_len argument from the set_current_cipher_suite functionsSabrina Dubroca2016-08-286-14/+9
| | | | | | | | This is a known constant value (CS_ID_LEN, i.e., the length of the EUI64 identifier) and does not need to be provided separately in these function calls. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Clean up ieee802_1x_mka_decode_potential_peer_body()Sabrina Dubroca2016-08-281-9/+9
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Simplify ieee802_1x_mka_encode_icv_body() memory copyingSabrina Dubroca2016-08-281-6/+3
| | | | | | | There is no need to maintain two os_memcpy() calls to cover different cmac lengths. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Simplify ieee802_1x_mka_sak_use_body_present()Sabrina Dubroca2016-08-281-4/+1
| | | | | | | to_use_sak is a Boolean variable, so there is no need for an if statement to figure out whether to return TRUE or FALSE. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Reorganize loops in number of KaY functionsSabrina Dubroca2016-08-281-48/+35
| | | | | | | | | Use for loop to remove unnecessary goto use and similar cleanup to simplify the loops in ieee802_1x_mka_i_in_peerlist(), ieee802_1x_mka_decode_live_peer_body(), and ieee802_1x_kay_decode_mkpdu(). Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Remove unused body_peer incrementationSabrina Dubroca2016-08-281-2/+0
| | | | | | | Each loop iteration resets body_peer in the beginning, so there is no need to increment this pointer in the end. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Add reset_participant_mi() helperSabrina Dubroca2016-08-281-18/+19
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Clean up printf formatsSabrina Dubroca2016-08-281-32/+32
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Use named initializers for static structsSabrina Dubroca2016-08-281-15/+19
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Add MKA_ALIGN_LENGTH macroSabrina Dubroca2016-08-281-14/+9
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Add helper functions for dumping and creating peerSabrina Dubroca2016-08-281-29/+36
| | | | | | | This allows more code reuse for creating live/potential peer and dumping peer entries. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Clean up ieee802_1x_kay_get_cipher_suite() lookup functionSabrina Dubroca2016-08-281-4/+2
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Refactor the get_*_peer() functionsSabrina Dubroca2016-08-281-20/+27
| | | | | | | | Add ieee802_1x_kay_get_potential_peer() similarly to the previously used ieee802_1x_kay_get_live_peer() and use these helper functions more consistently to avoid multiple implementations of peer lookups. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Fix a typo in mka_body_handler (mak to mka)Sabrina Dubroca2016-08-281-12/+12
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Add a helper function, sci_equal(), for sci comparisonSabrina Dubroca2016-08-281-10/+13
| | | | Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Use less bitfields in the IEEE 802.1X-2010 structsSabrina Dubroca2016-08-281-68/+68
| | | | | | | This splits the u32 bitfields into u8 variables and using bitfields only for the cases where under 8-bit fields are used. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* mka: Fix a typo in macsec_capbilitySabrina Dubroca2016-08-282-10/+10
| | | | | | Spell "capability" correctly in the variable name. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
* Initialize hapd->nr_db in hostapd_alloc_bss_data()Jouni Malinen2016-08-221-1/+1
| | | | | | | | | | Previously, this was initialized in hostapd_setup_bss() which made it possible for a REMOVE_NEIGHBOR control interface command to be issued prior to the list head pointers having been set. That resulted in a NULL pointer dereference. Fix this by initializing the list head at the time the data structure gets allocated. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Check for driver initialization before doing driver operationsJouni Malinen2016-08-193-11/+11
| | | | | | | | | Number of hostapd control interface commands (e.g., STATUS-DRIVER) could result in NULL pointer dereference when issued on not yet enabled BSS. Fix this by checking that the driver interface has been initialized before calling the driver_ops function. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* radius: Sanity check for NULL pointer segfaultEduardo Abinader2016-08-191-1/+6
| | | | | | | When the RADIUS client has not yet been fully enabled, MIB command was segfaulting hostapd. Signed-off-by: Eduardo Abinader <eduardoabinader@gmail.com>
* mesh: Report HT operation mode to kernelMasashi Honma2016-08-182-0/+58
| | | | | | | Report HT operation mode to kernel to broadcast correct IE in beacon (for example HT operation IE). Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Use WPA_DRIVER_MESH_CONF_FLAG_* as modification flagMasashi Honma2016-08-182-7/+15
| | | | Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Do NL80211_MESHCONF_* setting in single functionMasashi Honma2016-08-181-21/+33
| | | | Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Move max_peer_links parameter to appropriate structMasashi Honma2016-08-182-2/+2
| | | | | | | Accoding to the comment of struct wpa_driver_mesh_bss_params, the max_peer_links parameter should be under that struct. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* IAPP: Set SO_REUSEADDR on listening socketPetko Bordjukov2016-08-181-0/+13
| | | | | | | Make it possible for several instances of hostapd to listen on the same network interface. Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>