aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/config.h
Commit message (Collapse)AuthorAgeFilesLines
* wpa_supplicant: Fix typosYegor Yefremov9 days1-1/+1
| | | | Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
* Use consistent spelling of "homogeneous"Jouni Malinen2020-10-101-1/+1
| | | | | | | | | | The 'H' in HESSID was originally spelled "homogenous" in IEEE Std 802.11-2016 abbreviations and acronyms list, but that was changed in REVmd to the significantly more common spelling "homonegeneous". Update this older version to match the new spelling to be consistent throughout the repository. Signed-off-by: Jouni Malinen <j@w1.fi>
* Allow bgscan parameters to be reconfiguredMatthew Wang2020-10-091-0/+1
| | | | | | | Teach wpa_supplicant to {de,}initialize bgscans when bgscan parameters are set after initial connection. Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
* P2P: Add configuration support to disable P2P in 6 GHz bandSreeramya Soratkal2020-10-081-0/+2
| | | | | | | | | Add a new configuration parameter p2p_6ghz_disable=1 to disable P2P operation in the 6 GHz band. This avoids additional delays caused by scanning 6 GHz channels in p2p_find and p2p_join operations in the cases where user doesn't want P2P connection in the 6 GHz band. Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
* Allow TX queue parameters to be configured for wpa_supplicant AP/P2P GOSubrat Dash2020-06-081-0/+1
| | | | | | | | | | | | Allow user to configure the TX queue parameters through the wpa_supplicant configuration file similarly to the way these can be set in hostapd. Parse the tx_queue_* parameters in the wpa_supplicant configuration file and update the TX queue configuration to the AP/P2P GO interface in the function wpa_supplicant_create_ap(). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* STA: Support Extended Key IDAlexander Wetzel2020-03-231-0/+12
| | | | | | | | | | | Support Extended Key ID in wpa_supplicant according to IEEE Std 802.11-2016 for infrastructure (AP) associations. Extended Key ID allows to rekey pairwise keys without the otherwise unavoidable MPDU losses on a busy link. The standard is fully backward compatible, allowing STAs to also connect to APs not supporting it. Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
* Use size_t instead of int or unsigned int for configuration itemsJouni Malinen2020-03-221-2/+2
| | | | | | | | While int and unsigned int are not going overflow in practice as 32-bit values, these could at least in theory hit an integer overflow with 16-bit int. Use size_t to avoid such potential issue cases. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Add support for EDMG channelsAhmad Masri2019-12-191-0/+10
| | | | | | | | | | | | | | | | | | | | | | This allows a P2P connection over P802.11ay EDMG channels to achieve the highest link speed that the standard allows for channel bonding (CB) up to CB4. Let each P2P peer add its EDMG channels to the Supported Channels IE advertised in P2P GO negotiation. Give EDMG channels priority when peers negotiate for operating channel. User may add 'edmg' parameter to p2p_connect, p2p_add_group, and p2p_invite commands to prefer an EDMG channel for the P2P link. User may also set p2p_go_edmg=1 in wpa_supplicant configuration file to prefer EDMG. When EDMG is used, P2P will try to find the highest channel bonding supported channel that matches the frequency parameter, if the devices do not support EDMG, the P2P connection will use a legacy (1-6) 60 GHz channel. Signed-off-by: Ahmad Masri <amasri@codeaurora.org>
* SAE: Add sae_pwe configuration parameter for wpa_supplicantJouni Malinen2019-10-151-0/+8
| | | | | | | | This parameter can be used to specify which PWE derivation mechanism(s) is enabled. This commit is only introducing the new parameter; actual use of it will be address in separate commits. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Allow name and mudurl to be configured for Config RequestJouni Malinen2019-09-181-0/+10
| | | | | | | | | | | The new hostapd and wpa_supplicant configuration parameters dpp_name and dpp_mud_url can now be used to set a specific name and MUD URL for the Enrollee to use in the Configuration Request. dpp_name replaces the previously hardcoded "Test" string (which is still the default if an explicit configuration entry is not included). dpp_mud_url can optionally be used to add a MUD URL to describe the Enrollee device. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: Allow PMKID to be added into Association Request frame following SAEJouni Malinen2019-08-141-0/+5
| | | | | | | | | | | IEEE Std 802.11-2016 does not require this behavior from a SAE STA, but it is not disallowed either, so it is useful to have an option to identify the derived PMKSA in the immediately following Association Request frames. This is disabled by default (i.e., no change to previous behavior) and can be enabled with a global wpa_supplicant configuration parameter sae_pmkid_in_assoc=1. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* WNM: Provide option to disable/enable BTM support in STAAnkita Bajaj2019-06-141-0/+10
| | | | | | | Add support to disable/enable BTM support using configuration and wpa_cli command. This is useful mainly for testing purposes. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* WPS: Allow SAE configuration to be added automatically for PSKJouni Malinen2019-03-061-0/+10
| | | | | | | | | | The new wpa_supplicant configuration parameter wps_cred_add_sae=1 can be used to request wpa_supplicant to add SAE configuration whenever WPS is used to provision WPA2-PSK credentials and the credential includes a passphrase (instead of PSK). This can be used to enable WPA3-Personal transition mode with both SAE and PSK enabled and also with PMF enabled. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* P2P: support random interface addressJimmy Chen2019-01-121-0/+10
| | | | | | | | | | To enhance privacy, generate a random interface for each group. There are two configurations are introduced: * p2p_interface_random_mac_addr enable interface random MAC address feature, default disable. Signed-off-by: Jimmy Chen <jimmycmchen@google.com>
* P2P: Support random device addressJimmy Chen2019-01-121-0/+19
| | | | | | | | | | | | | | | To enhance privacy, generate a random device address for P2P interface. If there is no saved persistent group, it generate a new random MAC address on bringing up p2p0. If there is saved persistent group, it will use last MAC address to avoid breaking group reinvoke behavior. There are two configurations are introduced: * p2p_device_random_mac_addr enable device random MAC address feature, default disable. * p2p_device_persistent_mac_addr store last used random MAC address. Signed-off-by: Jimmy Chen <jimmycmchen@google.com>
* P2P: Add 802.11ax support for P2P GOPeng Xu2019-01-121-0/+10
| | | | | | | | An optional parameter "he" is added to p2p_connect, p2p_group_add, and p2p_invite to enable 11ax HE support. The new p2p_go_he=1 configuration parameter can be used to request this to be enabled by default. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* WNM: Collocated Interference ReportingJouni Malinen2018-10-301-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for negotiating WNM Collocated Interference Reporting. This allows hostapd to request associated STAs to report their collocated interference information and wpa_supplicant to process such request and reporting. The actual values (Collocated Interference Report Elements) are out of scope of hostapd and wpa_supplicant, i.e., external components are expected to generated and process these. For hostapd/AP, this mechanism is enabled by setting coloc_intf_reporting=1 in configuration. STAs are requested to perform reporting with "COLOC_INTF_REQ <addr> <Automatic Report Enabled> <Report Timeout>" control interface command. The received reports are indicated as control interface events "COLOC-INTF-REPORT <addr> <dialog token> <hexdump of report elements>". For wpa_supplicant/STA, this mechanism is enabled by setting coloc_intf_reporting=1 in configuration and setting Collocated Interference Report Elements as a hexdump with "SET coloc_intf_elems <hexdump>" control interface command. The hexdump can contain one or more Collocated Interference Report Elements (each including the information element header). For additional testing purposes, received requests are reported with "COLOC-INTF-REQ <dialog token> <automatic report enabled> <report timeout>" control interface events and unsolicited reports can be sent with "COLOC_INTF_REPORT <hexdump>". This commit adds support for reporting changes in the collocated interference (Automatic Report Enabled == 1 and partial 3), but not for periodic reports (2 and other part of 3). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* HS 2.0: Add a new cred block parameter roaming_consortiumsJouni Malinen2018-04-171-0/+25
| | | | | | | | | | This new string parameter contains a comma delimited list of OIs (hexdump) in a string. This is used to store Hotspot 2.0 PerProviderSubscription/<X+>/HomeSP/RoamingConsortiumOI. This commit includes the configuration changes to parse and write the parameter. The actual values are not yet used in Interworking network selection. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* HS 2.0: Document credential parameter required_roaming_consortiumJouni Malinen2018-04-171-0/+11
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Fix a typo in disassoc_low_ack documentationJouni Malinen2018-02-171-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Add ap_isolate configuration option for wpa_supplicant AP modeDanilo Ravotto2018-02-171-0/+15
| | | | | | | Allow client isolation to be configured with ap_isolate inside wpa_supplicant configuration file. Signed-off-by: Danilo Ravotto <danilo.ravotto@zirak.it>
* P2P: Allow GO to advertise Interworking elementSunil Dutt2017-10-051-0/+28
| | | | | | | | | This adds new wpa_supplicant configuration parameters (go_interworking, go_access_network_type, go_internet, go_venue_group, go_venue_type) to add a possibility of configuring the P2P GO to advertise Interworking element. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Support dynamic update of wowlan_triggersLior David2017-09-131-0/+1
| | | | | | | Previously, wowlan_triggers were updated in kernel only during startup. Also update it whenever it is set from the control interface. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* STA: Add OCE capability indication attributeAshwini Patil2017-07-141-0/+8
| | | | | | | Add OCE capability indication attribute in Probe Request and (Re)Association Request frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* MBO: Whitespace cleanupJouni Malinen2017-07-041-1/+1
| | | | | | Fix couple of previously missed whitespace issues. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* DPP: Automatic network profile creationJouni Malinen2017-06-211-0/+15
| | | | | | | | | | | | | | | | | wpa_supplicant can now be configured to generate a network profile automatically based on DPP configuration. The following dpp_config_processing values can be used to specify the behavior: 0 = report received configuration to an external program for processing; do not generate any network profile internally (default) 1 = report received configuration to an external program and generate a network profile internally, but do not automatically connect to the created (disabled) profile; the network profile id is reported to external programs 2 = report received configuration to an external program, generate a network profile internally, try to connect to the created profile automatically Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Add option for using random UUIDJouni Malinen2017-04-131-0/+7
| | | | | | | | | | | If the uuid configuration parameter is not set, wpa_supplicant generates an UUID automatically to allow WPS operations to proceed. This was previously always using an UUID generated from the MAC address. This commit adds an option to use a random UUID instead. The type of the automatically generated UUID is set with the auto_uuid parameter: 0 = based on MAC address (default; old behavior), 1 = random UUID. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* nl80211: Add option to delay start of schedule scan plansPurushottam Kushwaha2017-03-091-0/+9
| | | | | | | | | | | | The userspace may want to delay the the first scheduled scan. This enhances sched_scan to add initial delay (in seconds) before starting first scan cycle. The driver may optionally choose to ignore this parameter and start immediately (or at any other time). This uses NL80211_ATTR_SCHED_SCAN_DELAY to add this via user global configurable option: sched_scan_start_delay. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* MBO: Add support for transition reject reason codeKanchanapally, Vidyullatha2017-03-061-0/+7
| | | | | | | | | | Add support for rejecting a BSS transition request using MBO reject reason codes. A candidate is selected or rejected based on whether it is found acceptable by both wpa_supplicant and the driver. Also accept any candidate meeting a certain threshold if disassoc imminent is set in BTM Request frame. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* GAS: Add support to randomize transmitter addressVamsi Krishna2017-02-071-0/+15
| | | | | | | | | | | | | | | | | Add support to send GAS requests with a randomized transmitter address if supported by the driver. The following control interface commands (and matching configuration file parameters) can be used to configure different types of randomization: "SET gas_rand_mac_addr 0" to disable randomizing TX MAC address, "SET gas_rand_mac_addr 1" to randomize the complete TX MAC address, "SET gas_rand_mac_addr 2" to randomize the TX MAC address except for OUI. A new random MAC address will be generated for every gas_rand_addr_lifetime seconds and this can be configured with "SET gas_rand_addr_lifetime <timeout>". Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Allow FTM functionality to be publishedLior David2016-09-051-0/+26
| | | | | | | | | | | | Add configuration options that control publishing of fine timing measurement (FTM) responder and initiator functionality via bits 70, 71 of Extended Capabilities element. Typically, FTM functionality is controlled by a location framework outside wpa_supplicant. When framework is activated, it will use wpa_supplicant to configure the STA/AP to publish the FTM functionality. See IEEE P802.11-REVmc/D7.0, 9.4.2.27. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* wpa_supplicant: Make GAS Address3 field selection behavior configurableJouni Malinen2016-06-101-0/+10
| | | | | | | | | | | | | | | | | | | | IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies that the wildcard BSSID value is used in Public Action frames that are transmitted to a STA that is not a member of the same BSS. wpa_supplicant used to use the actual BSSID value for all such frames regardless of whether the destination STA is a member of the BSS. P2P does not follow this rule, so P2P Public Action frame construction must not be changed. However, the cases using GAS/ANQP for non-P2P purposes should follow the standard requirements. Unfortunately, there are deployed AP implementations that do not reply to a GAS request sent using the wildcard BSSID value. The previously used behavior (Address3 = AP BSSID even when not associated) continues to be the default, but the IEEE 802.11 standard compliant addressing behavior can now be configured with gas_address3=1. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Ignore pmf=1/2 parameter for non-RSN networksJouni Malinen2016-05-051-1/+2
| | | | | | | | | PMF is available only with RSN and pmf=2 could have prevented open network connections. Change the global wpa_supplicant pmf parameter to be interpreted as applying only to RSN cases to allow it to be used with open networks. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* MBO: Add cellular capability to MBO IEDavid Spinadel2016-02-221-0/+6
| | | | | | | | Add cellular capability attribute to MBO IE and add MBO IE with cellular capabilities to Probe Request frames. By default, cellular capability value is set to Not Cellular capable (3). Signed-off-by: David Spinadel <david.spinadel@intel.com>
* MBO: Add non-preferred channel configuration in wpa_supplicantDavid Spinadel2016-02-211-0/+10
| | | | | | Add non-preferred channel configuration to wpa_config for MBO. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* Allow sched_scan_plans to be updated at runtimeJouni Malinen2015-11-301-0/+1
| | | | | | | | This allows the control interface SET command to be used to update the sched_scan_plans parameter at runtime. In addition, an empty string can be used to clear the previously configured plan. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add support for configuring scheduled scan plansAvraham Stern2015-11-301-0/+11
| | | | | | | | | | | | Add the option to configure scheduled scan plans in the config file. Each scan plan specifies the interval between scans and the number of scan iterations. The last plan will run infinitely and thus specifies only the interval between scan iterations. usage: sched_scan_plans=<interval:iterations> <interval2:iterations2> ... <interval> Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* wpa_supplicant: Add GTK RSC relaxation workaroundMax Stepanov2015-11-011-0/+11
| | | | | | | | | | | | | | | | | | | | | | Some APs may send RSC octets in EAPOL-Key message 3 of 4-Way Handshake or in EAPOL-Key message 1 of Group Key Handshake in the opposite byte order (or by some other corrupted way). Thus, after a successful EAPOL-Key exchange the TSC values of received multicast packets, such as DHCP, don't match the RSC one and as a result these packets are dropped on replay attack TSC verification. An example of such AP is Sapido RB-1732. Work around this by setting RSC octets to 0 on GTK installation if the AP RSC value is identified as a potentially having the byte order issue. This may open a short window during which older (but valid) group-addressed frames could be replayed. However, the local receive counter will be updated on the first received group-addressed frame and the workaround is enabled only if the common invalid cases are detected, so this workaround is acceptable as not decreasing security significantly. The wpa_rsc_relaxation global configuration property allows the GTK RSC workaround to be disabled if it's not needed. Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
* dbus: Expose interface globals via D-Bus propertiesDan Williams2015-10-281-0/+3
| | | | | | | All interface globals are now exposed as D-Bus properties of type string, and parsed via the normal interface global parsing functions. Signed-off-by: Dan Williams <dcbw@redhat.com>
* P2P: Implement P2P_GO_FREQ_MOVE_SCM_ECSA policyAndrei Otcheretianski2015-10-031-1/+6
| | | | | | | | Add new GO frequency move policy. The P2P_GO_FREQ_MOVE_SCM_ECSA prefers SCM if all the clients advertise eCSA support and the candidate frequency is one of the group common frequencies. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* Make it clearer that ap_scan=2 mode should not be used with nl80211Jouni Malinen2015-09-041-0/+5
| | | | | | | Add more details into configuration comments and a runtime info message if ap_scan=2 is used with the nl80211 driver interface. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Move a GO from its operating frequencyIlan Peer2015-08-031-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | Upon any change in the currently used channels evaluate if a GO should move to a different operating frequency, where the possible scenarios: 1. The frequency that the GO is currently using is no longer valid, due to regulatory reasons, and thus the GO must be moved to some other frequency. 2. Due to Multi Concurrent Channel (MCC) policy considerations, it would be preferable, based on configuration settings, to prefer Same Channel Mode (SCM) over concurrent operation in multiple channels. The supported policies: - prefer SCM: prefer moving the GO to a frequency used by some other interface. - prefer SCM if Peer supports: prefer moving the GO to a frequency used by some other station interface iff the other station interface is using a frequency that is common between the local and the peer device (based on the GO Negotiation/Invitation signaling). - Stay on the current frequency. Currently, the GO transition to another frequency is handled by a complete tear down and re-setup of the GO. Still need to add CSA flow to the considerations. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* mesh: Fix mesh SAE auth on low spec devicesMasashi Honma2015-08-021-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | The mesh SAE auth often fails with master branch. By bisect I found commit eb5fee0bf50444419ac12d3c7f38f27a47523a47 ('SAE: Add side-channel protection to PWE derivation with ECC') causes this issue. This does not mean the commit has a bug. This is just a CPU resource issue. After the commit, sae_derive_pwe_ecc() spends 101(msec) on my PC (Intel Atom N270 1.6GHz). But dot11RSNASAERetransPeriod is 40(msec). So auth_sae_retransmit_timer() is always called and it can causes continuous frame exchanges. Before the commit, it was 23(msec). On the IEEE 802.11 spec, the default value of dot11RSNASAERetransPeriod is defined as 40(msec). But it looks short because generally mesh functionality will be used on low spec devices. Indeed Raspberry Pi B+ (ARM ARM1176JZF-S 700MHz) requires 287(msec) for new sae_derive_pwe_ecc(). So this patch makes the default to 1000(msec) and makes it configurable. This issue does not occur on infrastructure SAE because the dot11RSNASAERetransPeriod is not used on it. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* FST: wpa_supplicant configuration parametersAnton Nayshtut2015-07-161-0/+16
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2PS: Enable Probe Request frame processing by P2P ClientMax Stepanov2015-06-141-0/+12
| | | | | | | | | | | | | | | | 1. Add global p2p_cli_probe property to enable/disable Probe Request frame RX reporting for connected P2P Clients. The property can be set to 0 - disable or 1 - enable. The default value is 0. 2. Enable Probe Request frame RX reporting for P2P Client on WPA_COMPLETED state if p2p_cli_probe property is set to 1. Disable it when an interface state is changing to any other state. 3. Don't cancel Probe Request frame RX reporting on wpa_stop_listen for a connected P2P Client handling Probe Request frames. Signed-off-by: Max Stepanov <Max.Stepanov@intel.com> Reviewed-by: Ilan Peer <ilan.peer@intel.com>
* WPS: Allow the priority for the WPS networks to be configuredSunil Dutt2015-06-041-0/+8
| | | | | | | This commit adds a configurable parameter (wps_priority) to specify the priority for the networks derived through WPS connection. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Replace MAX_SSID_LEN with SSID_MAX_LENJouni Malinen2015-04-221-1/+2
| | | | | | | | This makes source code more consistent. The use within Android driver interface is left as-is to avoid changes in the old PNO interface definition. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Allow configuring CTWindow when working as GOEliad Peller2015-02-211-0/+9
| | | | | | | | | Read p2p_go_ctwindow (0-127 TUs) from the config file, and pass it to the driver on GO start. Use p2p_go_ctwindow=0 (no CTWindow) by default. Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
* Add optional reassoc-to-same-BSS optimizationJouni Malinen2015-02-191-0/+5
| | | | | | | | | | The new reassoc_same_bss_optim=1 configuration parameter can now be used to request wpa_supplicant to bypass the unnecessary Authentication frame exchange when reassociating back to the same BSS with which the device is already associated. This functionality is disabled by default since it may cause undesired interoperability issues with some APs. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add control interface commands for fetching wpa_config valuesOla Olsson2015-02-081-0/+5
| | | | | | | The new "DUMP" and "SET <variable>" control interface commands can be used to fetch global wpa_supplicant configuration parameters. Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>