path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* VLAN: Actually add tagged VLANs to AP_VLANMichael Braun2016-02-171-4/+40
| | | | | | | | | | | This makes vlan_newlink() and vlan_dellink() add tagged VLANs to AP_VLAN interfaces as given by struct vlan_description. hostapd_vlan_if_remove() is done in vlan_dellink() as tagged interfaces need to be removed before the interface can be deleted and a DELLINK message can be generated. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* VLAN: Factor out per-vid code in newlink/dellinkMichael Braun2016-02-171-112/+139
| | | | | | | | To prepare for adding tagged VLAN support in vlan_init.c, vlan_newlink() and vlan_dellink() are split into multiple functions. This reduces indention and eases adding tagged VLANs as well. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* radius: Add tagged VLAN parsingMichael Braun2016-02-179-29/+129
| | | | | | | | | | | | | | 1. Add tagged VLAN to struct vlan_description (compile limited number of tagged VLANs per description) For k tagged VLANs, the first k entries in vlan_description.tagged are used. They are sorted in ascending order. All other entries are zero. This way os_memcmp() can find identical configurations. 2. Let tagged VLANs be parsed from RADIUS Access-Accept 3. Print VLAN %d+ with %d=untagged VID if tagged VLANs are set 4. Select an unused vlan_id > 4096 for new tagged VLAN configurations 5. Add EGRESS_VLAN RADIUS attribute parsing also for untagged VLANs Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* VLAN: Separate station grouping and uplink configurationMichael Braun2016-02-1715-105/+278
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Separate uplink configuration (IEEE 802.1q VID) and grouping of stations into AP_VLAN interfaces. The int vlan_id will continue to identify the AP_VLAN interface the station should be assigned to. Each AP_VLAN interface corresponds to an instance of struct hostapd_vlan that is uniquely identified by int vlan_id within an BSS. New: Each station and struct hostapd_vlan holds a struct vlan_description vlan_desc member that describes the uplink configuration requested. Currently this is just an int untagged IEEE 802.1q VID, but can be extended to tagged VLANs and other settings easily. When the station was about to be assigned its vlan_id, vlan_desc and vlan_id will now be set simultaneously by ap_sta_set_vlan(). So sta->vlan_id can still be tested for whether the station needs to be moved to an AP_VLAN interface. To ease addition of tagged VLAN support, a member notempty is added to struct vlan_description. Is is set to 1 if an untagged or tagged VLAN assignment is requested and needs to be validated. The inverted form allows os_zalloc() to initialize an empty description. Though not depended on by the code, vlan_id assignment ensures: * vlan_id = 0 will continue to mean no AP_VLAN interface * vlan_id < 4096 will continue to mean vlan_id = untagged vlan id with no per_sta_vif and no extra tagged vlan. * vlan_id > 4096 will be used for per_sta_vif and/or tagged vlans. This way struct wpa_group and drivers API do not need to be changed in order to implement tagged VLANs or per_sta_vif support. DYNAMIC_VLAN_* will refer to (struct vlan_description).notempty only, thus grouping of the stations for per_sta_vif can be used with DYNAMIC_VLAN_DISABLED, but not with CONFIG_NO_VLAN, as struct hostapd_vlan is still used to manage AP_VLAN interfaces. MAX_VLAN_ID will be checked in hostapd_vlan_valid and during setup of VLAN interfaces and refer to IEEE 802.1q VID. VLAN_ID_WILDCARD will continue to refer to int vlan_id. Renaming vlan_id to vlan_desc when type changed from int to struct vlan_description was avoided when vlan_id was also used in a way that did not depend on its type (for example, when passed to another function). Output of "VLAN ID %d" continues to refer to int vlan_id, while "VLAN %d" will refer to untagged IEEE 802.1q VID. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* OpenSSL: Fix PKCS#12 parsing of extra certificates with OpenSSL 1.0.1Jouni Malinen2016-02-161-1/+0
| | | | | | | | | | | | Commit 8bcf8de827e841a35841034edd6f8281a7a3aeba ('OpenSSL: Fix memory leak in PKCS12 additional certificate parsing') tried to fix a memory leak in both the 1.0.2(and newer) and 1.0.1 branches of PKCS12 parsing. However, the 1.0.1 case was not properly tested and freeing of the certificate after a successful SSL_CTX_add_extra_chain_cert() call resulted in use of freed memory when going through the TLS handshake. Fix this by not freeing the certificate in that specific case. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* TDLS: Clean up os_memcmp useJouni Malinen2016-02-161-3/+3
| | | | | | | | | | Ciuple of the nonce comparisons used a strange '!os_memcmp() == 0' to check if the values were different. While this resulted in correct behavior, the construction is not exactly clear and clang has started warning about this (-Wlogical-not-parentheses). Clean this up by using 'os_mecmp() != 0'. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* trace: Free symbols on program exitJouni Malinen2016-02-163-0/+10
| | | | | | | This makes valgrind memleak checks with CONFIG_WPA_TRACE=y somewhat cleaner. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Fix memory leak in PKCS12 additional certificate parsingJouni Malinen2016-02-161-2/+6
| | | | | | | | The additional PKCS12 certificates were not freed properly in the loop added in commit de2a7b796d82d92120aa9532450863f503e1885a ('OpenSSL: Use connection certificate chain with PKCS#12 extra certs'). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Fix memory leak in HMAC_CTX compatibility wrapper functionJouni Malinen2016-02-161-0/+1
| | | | | | | | | | | Commit 5c9a33702fd9e9ae9c349d6461a6621801d4f9cb ('OpenSSL: Clean up crypto_hash_*() to use a single implementation') added a wrapper function to allow the new OpenSSL API to be used with older OpenSSL versions. However, the HMAC_CTX_free() wrapper was incorrectly skipping the call to HMAC_CTX_cleanup() which is still needed to free the resources OpenSSL allocated internally. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Fix memory leak in OCSP parsingJouni Malinen2016-02-152-0/+4
| | | | | | The result from OCSP_cert_to_id() needs to be freed. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Do not use library init/deinit functions with 1.1.0Jouni Malinen2016-02-151-0/+4
| | | | | | | | | | SSL_library_init() does not work properly after EVP_cleanup() starting from OpenSSL 1.1.0 pre release 3. The automated library init/deinit functions in that pre release are supposed to handle all initialization and deinitialiation, so comment out the explicit calls to these function with OpenSSL 1.1.0 and newer. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Fix memory leak in subjectAltName parsingJouni Malinen2016-02-151-0/+5
| | | | | | The parsed data from X509_get_ext_d2i() needs to be freed. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* curl: Fix memory leak in subjectAltName parsingJouni Malinen2016-02-151-1/+3
| | | | | | The parsed data from X509_get_ext_d2i() needs to be freed. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Fix memory leak with EVP_CIPHER_CTX_new()Jouni Malinen2016-02-151-16/+8
| | | | | | | | | | | | Commit 1eb87ae48d829b77e805de9ba71f958b53930c88 ('OpenSSL: Use EVP_CIPHER_CTX_new() to work with OpenSSL 1.1.0') started using EVP_CIPHER_CTX_new() to allocate EVP_CIPHER_CTX from heap instead of using stack memory. This commit used incorrect EVP_CIPHER_CTX_reset() function in number of cases when the allocated memory was supposed to be freed instead of just reset for reuse. Fix this by using EVP_CIPHER_CTX_free() properly. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* rfkill: Fix a memory leakJouni Malinen2016-02-151-0/+1
| | | | | | | rfkill_init() uses realpath() which allocates memory and that memory was not freed on the success path. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* OpenSSL: Fix memory leak on error pathJouni Malinen2016-02-151-0/+1
| | | | | | | If SSL_CTX_new(SSLv23_method()) fails, tls_init() error path did not free the allocated struct tls_data instance. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Basic support for PBSS/PCPLior David2016-02-082-0/+3
| | | | | | | | | | | | | | | | | | | | | PBSS (Personal Basic Service Set) is a new BSS type for DMG networks. It is similar to infrastructure BSS, having an AP-like entity called PCP (PBSS Control Point), but it has few differences. PBSS support is mandatory for IEEE 802.11ad devices. Add a new "pbss" argument to network block. The argument is used in the following scenarios: 1. When network has mode=2 (AP), when pbss flag is set will start as a PCP instead of an AP. 2. When network has mode=0 (station), when pbss flag is set will connect to PCP instead of AP. The function wpa_scan_res_match() was modified to match BSS according to the pbss flag in the network block (wpa_ssid structure). When pbss flag is set it will match only PCPs, and when it is clear it will match only APs. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* nl80211: Basic support for PBSS/PCPLior David2016-02-082-0/+24
| | | | | | | | | | | | | PBSS (Personal Basic Service Set) is a new BSS type for DMG networks. It is similar to infrastructure BSS, having an AP-like entity called PCP (PBSS Control Point), but it has few differences. PBSS support is mandatory for IEEE 802.11ad devices. Add a pbss flag to the relevant structures to support starting a PCP and connecting to a PCP. Implement support in the nl80211 driver by using the new PBSS flag attribute. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* Sync with mac80211-next.git include/uapi/linux/nl80211.hJouni Malinen2016-02-081-0/+6
| | | | | | This brings in nl80211 definitions as of 2016-01-28. Signed-off-by: Jouni Malinen <j@w1.fi>
* EAP peer: Simplify buildNotify returnJouni Malinen2016-02-071-8/+2
| | | | | | There is no need for the local variable and two return statements. Signed-off-by: Jouni Malinen <j@w1.fi>
* Clean up EAP peer PCSC identity functionsJouni Malinen2016-02-071-21/+18
| | | | | | | Leave out more code if PCSC_FUNCS is not defined since config->pcsc != 0 case cannot be used with such a build. Signed-off-by: Jouni Malinen <j@w1.fi>
* Use stronger PRNG for MS-MPPE-Send/Recv-Key saltNick Lowe2016-02-071-1/+3
| | | | | | | When generating a MS-MPPE-Send/Recv-Key, don't use a weak PRNG for the salt. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* eloop: Clean up coding style for eloop debug printsJouni Malinen2016-02-071-5/+5
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Implement kqueue(2) support via CONFIG_ELOOP_KQUEUERoy Marples2016-02-071-41/+237
| | | | | | | | | | | NOTE: kqueue has to be closed and re-build after forking. epoll *should* do the same, but it seems that wpa_supplicant doesn't need it at least. I have re-worked a little bit of the epoll code (moved into a similar kqueue function) so it's trivial to requeue epoll if needed in the future. Signed-off-by: Roy Marples <roy@marples.name>
* eloop: Add eloop_sock_requeue()Roy Marples2016-02-073-0/+20
| | | | | | | This function can be used to re-build eloop socket tables after forking for eloop implementations that need this. Signed-off-by: Roy Marples <roy@marples.name>
* wpa_ctrl: Retry select() on EINTRJörg Krause2016-02-071-0/+2
| | | | | | Retry select() if it was interrupted by a signal. Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
* mesh: Fix peer link counting when a mesh peer reconnectsSrinivasa Duvvuri2016-02-062-2/+3
| | | | | | | | | | | | | | | | | | | When a mesh point reconnects by starting from Authentication frame sequence, the plink count was not decremented from its last connection. This resulted in leaking peer link count and causing wpa_supplicant to reject the connection after max_peer_links (default: 99) reconnects. This was reproduced by pre-configuring 2 mesh points with mesh credentials. Boot both mesh points and make sure they connect to each other. Then in a loop reboot one of the mesh points after it successfully connects while leaving the other mesh point up and running. After 99 iterations the supplicant on mesh point that is not rebooting will reject the connection request from the other mesh point. Fix this by decrementing num_plinks when freeing a STA entry that is still in PLINK_ESTAB state. Signed-off-by: Srinivasa Duvvuri <sduvvuri@chromium.org>
* P2P: Reduce off channel wait time for some P2P Action framesAvraham Stern2016-02-063-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | Setting a long off channel wait time for P2P Action frames when we know we are already on the right channel may cause a delay in sending the Action frame (because the driver may not be able to satisfy the request for long wait time until previous off channel requests are over). This may be crucial for P2P response frames that must be sent within 100 milliseconds of receiving the request. Fix this by adjusting P2P Action frame wait times as follows: 1. For GO Negotiation Response frame, shorten the wait time to 100 ms. This is reasonable because the peer has just sent us the GO Negotiation Request frame, so it is known to be on the right channel and is probably ready to send us the GO Negotiation Confirmation frame without delay. 2. For GO Negotiation Confirmation, P2P Invitation Response, and Provision Discovery Response frames, there is no need for wait time at all as this is the last frame in the exchange. So set the wait time to 50 ms to ensure there is enough time to send the frame. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* RADIUS: Share a single function for generating session IDsJouni Malinen2016-02-064-21/+21
| | | | | | | There is no need to maintain three copies of this functionality even if it is currently implemented as a single function call. Signed-off-by: Jouni Malinen <j@w1.fi>
* RADIUS: Redesign Request Authenticator generationNick Lowe2016-02-065-26/+16
| | | | | | | Simplify and make properly random the generation of the Request Authenticator. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* Send an Acct-Multi-Session-Id attribute in Access-Request packetsNick Lowe2016-02-062-15/+15
| | | | | | Previously, this was included only in Accounting-Request packets. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* Add Acct-Session-Id to Accounting-On/OffNick Lowe2016-02-062-0/+20
| | | | | | | An Acct-Session-Id is required on Accounting-On and Accounting-Off forms of Accounting-Request. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* RADIUS: Use more likely unique accounting Acct-{,Multi-}Session-IdNick Lowe2016-02-0611-81/+62
| | | | | | | | | | | | | | | | Rework the Acct-Session-Id and Acct-Multi-Session-Id implementation to give better global and temporal uniqueness. Previously, only 32-bits of the Acct-Session-Id would contain random data, the other 32-bits would be incremented. Previously, the Acct-Multi-Session-Id would not use random data. Switch from two u32 variables to a single u64 for the Acct-Session-Id and Acct-Multi-Session-Id. Do not increment, this serves no legitimate purpose. Exclusively use os_get_random() to get quality random numbers, do not use or mix in the time. Inherently take a dependency on /dev/urandom working properly therefore. Remove the global Acct-Session-Id and Acct-Multi-Session-Id values that serve no legitimate purpose. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* EAPOL auth: Move radius_cui/identity freeing to eapol_auth_free()Jouni Malinen2016-02-062-2/+3
| | | | | | | | These can get allocated within eapol_auth_alloc(), so it is more logical to free them in eapol_auth_free() instead of ieee802_1x_free_station() that ends up calling eapol_auth_free(). Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_supplicant: Fix couple of C++ compiler errors with header filesRoshan Pius2016-02-062-20/+21
| | | | | | | | | | | Need to include these headers in C++ files for adding a binder interface to wpa_supplicant. So, fix the following C++ compiler errors in them: 1. Add explicit C-style casts in wpa_buf.h header. 2. Move the nested definition of wpa_driver_scan_ssid in driver.h outside of wpa_driver_scan_params because it is used in another structure below. Signed-off-by: Roshan Pius <rpius@google.com>
* Add Event-Timestamp to all Accounting-Request packetsNick Lowe2016-02-051-8/+9
| | | | | | | | Event-Timestamp should be sent for all Accounting-Request packets and only after the system clock has a sane value, not where there's a value close to the Unix time epoch. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* GAS: Calculate response buffer length of ANQP elementsMax Stepanov2016-02-051-1/+19
| | | | | | | | Calculate the required length needed for the extra ANQP elements added to GAS response buffer instead of using fixed size and truncating the response if there was not sufficient space. Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
* OpenSSL: Fix server side PKCS#12 processing with extra certificatesAyala Beker2016-02-051-5/+17
| | | | | | | | Fix a possible null pointer dereference in tls_parse_pkcs12() when loading a PKCS#12 file for the server keys and the file includes extra certificates. Signed-off-by: Ayala Beker <ayala.beker@intel.com>
* OpenSSL: Fix possible null pointer dereference on an OCSP error pathAyala Beker2016-02-051-0/+2
| | | | | | | Fix possible null pointer dereference in check_ocsp_resp() if an memory allocation fails. Signed-off-by: Ayala Beker <ayala.beker@intel.com>
* EAP-FAST: Fix an error path in PAC binary format parsingJouni Malinen2016-02-051-1/+3
| | | | | | | Need to clear the pac pointer for the first error case to avoid freeing the previous PAC entry if the following entry has an invalid header. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Do not send Acct-Authentic in Accounting-On/OffNick Lowe2016-02-051-10/+11
| | | | | | | Acct-Authentic is used to indicate how the user was authenticated and as such, should not be sent in Accounting-On and Accounting-Off. Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* RADIUS: Do not include Acct-Terminate-Cause in Accounting-On/OffNick Lowe2016-02-051-8/+0
| | | | | | | | Per RFC 2866, 5.10, it is invalid to send Acct-Terminate-Cause in Accounting-On and Accounting-Off (this is included only when Acct-Status-Type is set to Stop). Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
* Make fallback from HT40 to HT20 workEduardo Abinader2016-02-051-0/+1
| | | | | | | Ensure that if it is not possible to configure an allowed 20 MHz channel pair, hostapd falls back to a single 20 MHz channel. Signed-off-by: Eduardo Abinader <eabinader@ocedo.com>
* BSD: Zero ifindex on interface removalRoy Marples2016-02-051-8/+19
| | | | | | | If an interface is removed, zero the remembered ifindex. Don't try to set properties on the interface when it is removed. Signed-off-by: Roy Marples <roy@marples.name>
* Android: Support multiple CA certs when connecting to EAP networkRubin Xu2016-02-051-19/+89
| | | | | | | | | In the Android-specific case, make ca_cert directive parse a space-separated list of hex-encoded CA certificate aliases following the "keystores://" prefix. Server certificate validation should succeed as long as the chain ends with one of them. Signed-off-by: Rubin Xu <rubinxu@google.com>
* BSD: Disable interface on downRoy Marples2016-02-051-7/+15
| | | | | | | Instead of removing the interface when downed, disable it. Enable it when it comes back up again. Signed-off-by: Roy Marples <roy@marples.name>
* BSD: Use correct ifindex from route messagesRoy Marples2016-02-051-16/+25
| | | | | | | Use the interface index from the correct structure according to the message instead of assuming rtm_index is correct. Signed-off-by: Roy Marples <roy@marples.name>
* BSD: __FUNCTION__ -> __func__Roy Marples2016-02-051-2/+2
| | | | Signed-off-by: Roy Marples <roy@marples.name>
* OSU: Add debug printing of more LogotypeExtn fieldsJouni Malinen2016-02-041-2/+14
| | | | | | | Couple of the image info fields were not printed previously in debug log. Add those to make this more complete. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add the selector suite into wpa_parse_wpa_ie_rsn() "invalid group cipher"Jouni Malinen2016-02-031-2/+4
| | | | | | | | This makes it easier to debug AP selection issues in case of a invalid RSN element or use of customer cipher suites that are not supported by wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>