path: root/wpa_supplicant/wps_supplicant.c
Commit message (Collapse)AuthorAgeFilesLines
* WPS: Disable AP PIN after 10 consecutive failuresJouni Malinen2012-01-301-0/+2
| | | | | | | | | | | While the exponential increase in the lockout period provides an efficient mitigation mechanism against brute force attacks, this additional trigger to enter indefinite lockout period (cleared by restarting hostapd) will limit attacks even further by giving maximum of 10 attempts (without authorized user action) even in a very long term attack. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* WPS: Use single channel scan if AP channel already knownJouni Malinen2011-12-311-4/+14
| | | | | | | | | If the BSSID of the AP is specified in the WPS command, the target AP is likely already in the BSS table and its operating channel is known. Use this information to speed up connection by only scanning the known channel. Signed-hostap: Jouni Malinen <j@w1.fi>
* Disassociate when starting WPS searchJouni Malinen2011-12-111-0/+4
| | | | | | | | | | Previously, the WPS scans could have been done in associated state if we happened to be associated when the request to use WPS was received. This can slow down scanning and end up in unexpected state if no WPS association is tried. Avoid these issues by disconnecting when WPS search is started. Signed-hostap: Jouni Malinen <j@w1.fi>
* Use normal scan before sched_scan if that can speed up connectionJouni Malinen2011-11-281-0/+2
| | | | | | | | | | When normal scan can speed up operations, use that for the first three scan runs before starting the sched_scan to allow user space sleep more. We do this only if the normal scan has functionality that is suitable for this or if the sched_scan does not have better support for multiple SSIDs. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Unify hardware feature dataChristian Lamparter2011-10-231-4/+3
| | | | | | | | | The hardware feature data is required in several different places throughout the code. Previously, the data was acquired and freed on demand, but with this patch wpa_supplicant will keep a single copy around at runtime for everyone to use. Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
* WPS: Use ifdef blocks consistently for CONFIG_WPS_REG_DISABLE_OPENAndrii Bordunov2011-10-221-0/+4
| | | | | The registrar variable is used only if this macro is defined, so no need to set it otherwise.
* WPS: Set Probe Request config methods based on configurationBharat Chakravarty2011-09-011-0/+1
| | | | | | Instead of hardcoding the Config Methods attribute value in Probe Request frames, set this based on the configured parameter config_methods to allow correct set of methods to be advertised.
* WPS: Set RF bands based on driver capabilitiesBharat Chakravarty2011-08-311-1/+20
| | | | | Instead of hardcoding support for both 2.4 GHz and 5 GHz bands, use driver capabilities to figure out which bands are supported.
* WPS: Check malloc success on workaround pathJouni Malinen2011-07-151-0/+2
| | | | | ssid->ssid could be NULL here if malloc failed, so better check that consistently.
* Clear WPA and EAPOL state machine config pointer on network removalJouni Malinen2011-06-271-1/+9
| | | | | | Make sure that the WPA and EAPOL state machines do not hold a pointer to a network configuration that is about to be freed. This can fix potential issues with references to freed memory.
* P2P: Add WpsFailed signal in P2P D-BusJayant Sane2011-06-251-0/+3
| | | | | | | Signal is triggered if an error occurs during WPS provisioning phase. Signed-off-by: Jean-Michel.Bachot <jean-michelx.bachot@intel.com> Signed-off-by: Jayant Sane <jayant.sane@intel.com>
* P2P: Update D-Bus network object semantics during group formationJayant Sane2011-06-231-3/+12
| | | | | | | | | | | | | Do not emit network objects during P2P group formation since such network objects can confuse certain apps. Instead, a persistent group object is created to allow apps to keep track of persistent groups. Persistent group objects only represent the info needed to recreate the group. Also fixes a minor bug in the handling of persistent group objects during WPS operations. Signed-off-by: Jayant Sane <jayant.sane@intel.com>
* WPS: Store (secondary) device type as binaryJohannes Berg2011-03-171-47/+11
| | | | | | | Instead of converting back and forth from the string representation, always use the binary representation internally. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* WPS: Fix copying of UUID from the first interfaceJouni Malinen2011-03-171-25/+30
| | | | | | Use the first interface (last in the list), not the last added interface. In addition, use the same routine to set the UUID after reconfiguration.
* WPS: Add secondary device types into Probe Request framesJean-Michel Bachot2011-03-171-0/+39
| | | | | | | The secondary device type list is an optional attribute in the WSC IE. Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* WPS: Copy UUID from the first interfaceJouni Malinen2011-03-101-4/+15
| | | | | | | | Instead of generating a different UUID for each interface, use the same UUID that was either configured of generated for the first interface. This avoids potential issues with PBC session overlap detection should multiple interfaces end up running a PBC scan at the same time which may happen at least in some P2P use cases.
* P2P: Notify WPS-M2D event on parent interface and handle PBC overlapJouni Malinen2011-02-221-0/+24
| | | | | | | | | GO may use M2D to notify that PBC overlap was detected if the GO was configured to allow only a specific P2P Device to connect using PBC. We need to report the M2D message on the parent interface if a separate group interface is used. In addition, we can stop the P2P operation if PBC overlap was indicated similarly to what we are already doing in th case the overlap is detected locally.
* WPS ER: Stop eloop only on the last terminate_cbBen Greear2011-02-211-1/+5
| | | | | | This allows all WPS ER instances to be cleaned up properly if more than one interface has an active WPS ER when wpa_supplicant is being killed.
* DBus: Publish provisioned keys in network propertiesJohannes Berg2011-02-021-0/+2
| | | | | | | | | When the network was provisioned, we need to get the keys to be able to reconnect without new provisioning. To be able to publish those keys but not normally configured ones, add a new attribute to struct wpa_ssid indicating whether or not keys may be exported. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* WPS: Indicate WPS-FAIL event on EAPOL timeout-based failure callbackChao-Wen Yang2011-01-131-0/+2
| | | | | | | If the EAPOL processing times out (e.g., if the AP stops replying to messages for some reason) during WPS negotiation, we need to indicate WPS-FAIL event from eapol_cb since no other WPS failure is reported for this particular case.
* WPS: Add mechanism for indicating non-standard WPS errorsChao-Wen Yang2011-01-131-5/+26
| | | | | | | | | | | Previously, only the Configuration Error values were indicated in WPS-FAIL events. Since those values are defined in the specification it is not feasible to extend them for indicating other errors. Add a new error indication value that is internal to wpa_supplicant and hostapd to allow other errors to be indicated. Use the new mechanism to indicate if negotiation fails because of WEP or TKIP-only configurations being disallows by WPS 2.0.
* WPS: Make WPS-AP-AVAILABLE* events a bit more consistentJouni Malinen2011-01-051-9/+14
| | | | | | | The BSS table entries may be in more or less random order and it is better to show the most likely WPS configuration method in a way that is somewhat more consistent instead of just showing the method of the first BSS entry found in the table.
* WPS: Add option to disable open networks by defaultJouni Malinen2010-12-301-0/+22
| | | | | | | | | CONFIG_WPS_REG_DISABLE_OPEN=y can be used to configure wpa_supplicant to disable open networks by default when wps_reg command is used to learn the current AP settings. When this is enabled, there will be a WPS-OPEN-NETWORK ctrl_iface event and the user will need to explicitly enable the network (e.g., with "select_network <id>") to connect to the open network.
* WPS: Add wps_ap_pin ctrl_iface command for wpa_supplicant AP modeJouni Malinen2010-11-171-0/+4
| | | | | This can be used to control the AP PIN in wpa_supplicant AP mode in the same way as the identical command in hostapd ctrl_iface.
* WPS ER: Show SetSelectedRegistrar events as ctrl_iface eventsJouni Malinen2010-10-251-0/+31
| | | | | This makes it easier to figure out if something goes wrong in preparing the AP for enrolling a station.
* WPS ER: Add wps_er_set_config to use local configurationJouni Malinen2010-10-201-0/+43
| | | | | | This command can be used to enroll a network based on a local network configuration block instead of having to (re-)learn the current AP settings with wps_er_learn.
* WPS: Add virtual flags in Config Methods for WPS 2.0 if neededJouni Malinen2010-10-161-0/+25
| | | | | | | This is a workaround for incorrect configuration (missing virtual/physical identifier for config methods) for WPS 2.0 to allow unmodified configuration from WPS 1.0 to be used while enforcing compliant WPS 2.0 values.
* P2P: Send WPS-FAIL event to parent interface, tooJouni Malinen2010-10-141-0/+4
| | | | | This makes it easier to figure out what went wrong during group formation when per-group interfaces are used.
* WPS: Add Config Error into WPS-FAIL eventsJouni Malinen2010-10-141-1/+2
| | | | | | This makes it easier to figure out what could have failed in the WPS protocol and potentially provide more information for the user on how to resolve the issue.
* Fix build with CONFIG_WPS_OOBJouni Malinen2010-10-061-1/+2
* WPS: Add more verbose debug info on PBC session overlap detectionJouni Malinen2010-09-201-3/+20
* WPS: Add BSSID to strict validation error messagesJouni Malinen2010-09-201-1/+1
| | | | | This makes it easier to figure out which AP is sending invalid Beacon or Probe Response frames.
* WPS: Allow pending WPS operation to be cancelledArdong Chen2010-09-101-0/+27
| | | | | | | A new ctrl_interface command, WPS_CANCEL, can now be used to cancel a pending or ongoing WPS operation. For now, this is only available with wpa_supplicant (either in station or AP mode). Similar functionality should be added for hostapd, too.
* WPS: Fix timeout event to be sent over ctrl_interfaceArdong Chen2010-09-101-2/+2
| | | | | This was supposed to be sent to external event monitors, i.e., to use wpa_msg instead of wpa_printf.
* Fix build without CONFIG_P2P=yJouni Malinen2010-09-091-0/+4
* P2P: Use SSID from GO Negotiation to limit WPS provisioning stepJouni Malinen2010-09-091-0/+21
| | | | | In order to avoid picking incorrect SSID from old scan results, use SSID from GO Negotiation to select the AP.
* Trigger WPS configuration update on string changesJouni Malinen2010-09-091-1/+2
| | | | | | Previously, only Device Name string was handled, but similar trigger is needed on Manufacturer, Model Name, Model Number, and Serial Number changes.
* WPS: Fix configuration strings on config reloadJouni Malinen2010-09-091-0/+9
| | | | | Previously, freed memory could be used as device name (and other similar parameters) when building WPS IE after SIGHUP.
* P2P: Set Device Password ID in WPS M1/M2 per new rulesJouni Malinen2010-09-091-3/+5
| | | | | If the P2P client (WPS Enrollee) uses a PIN from the GO (Registrar), Device Password ID in M1 & M2 is set to Registrar-specified.
* P2P: Add initial version of P2P ModuleJouni Malinen2010-09-091-0/+4
* P2P: Do not save temporary networksJouni Malinen2010-09-091-0/+4
* P2P: Do not filter BSSes based on SSID during P2P ProvisioningJouni Malinen2010-09-091-0/+9
| | | | TODO: Use group id from GO Neg instead(?)
* P2P: Let WPS code know if it is used in a P2P groupJouni Malinen2010-09-091-3/+8
* Allow ctrl_iface SET command to change global config parametersJouni Malinen2010-09-091-0/+41
* WPS: Make fragment size configurable for EAP-WSC peerJouni Malinen2010-09-091-0/+6
| | | | | "wpa_cli set wps_fragment_size <val>" can now be used to configure the fragment size limit for EAP-WSC.
* WPS 2.0: Make sure PHY/VIRT flag gets set for PBCJouni Malinen2010-09-091-0/+3
* WPS 2.0: Validate WPS attributes in management frames and WSC messagesJouni Malinen2010-09-091-0/+22
| | | | | | | | If CONFIG_WPS_STRICT is set, validate WPS IE(s) in management frames and reject the frames if any of the mandatory attributes is missing or if an included attribute uses an invalid value. In addition, verify that all mandatory attributes are included and have valid values in the WSC messages.
* WPS 2.0: Add support for AuthorizedMACs attributeJouni Malinen2010-09-091-10/+17
| | | | | | | | | | Advertize list of authorized enrollee MAC addresses in Beacon and Probe Response frames and use these when selecting the AP. In order to provide the list, the enrollee MAC address should be specified whenever adding a new PIN. In addition, add UUID-R into SetSelectedRegistrar action to make it potentially easier for an AP to figure out which ER sent the action should there be multiple ERs using the same IP address.
* WPS: Do not allow Label and Display config methods to be enabledJouni Malinen2010-07-181-0/+7
| | | | | It is unclear which PIN is used if both Label and Display config methods are advertised. Avoid this by not allowing such configuration.
* WPS: Use different scan result sorting rules when doing WPS provisioningJouni Malinen2010-06-111-0/+13
| | | | | | | | | The AP configuration may change after provisioning, so it is better not to use the current security policy to prioritize results. Instead, use WPS Selected Registrar attribute as the main sorting key and use signal strength next without considering security policy or rate sets. The non-WPS provisioning case remains as-is, i.e., this change applies only when trying to find an AP for WPS provisioning.