aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant
Commit message (Collapse)AuthorAgeFilesLines
* Skip connection attempt for non-RSN networks if PMF is set to requiredSunil Dutt2016-05-051-0/+8
| | | | | | | | Since ieee80211w=2 is an explicit configuration to wpa_supplicant, the connection attempt for such non-PMF (non-RSN) capable networks should be skipped. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Ignore pmf=1/2 parameter for non-RSN networksJouni Malinen2016-05-053-5/+21
| | | | | | | | | PMF is available only with RSN and pmf=2 could have prevented open network connections. Change the global wpa_supplicant pmf parameter to be interpreted as applying only to RSN cases to allow it to be used with open networks. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Reject SET commands with newline characters in the string valuesJouni Malinen2016-05-021-0/+6
| | | | | | | | | | | | | | | | | | | | | | | Many of the global configuration parameters are written as strings without filtering and if there is an embedded newline character in the value, unexpected configuration file data might be written. This fixes an issue where wpa_supplicant could have updated the configuration file global parameter with arbitrary data from the control interface or D-Bus interface. While those interfaces are supposed to be accessible only for trusted users/applications, it may be possible that an untrusted user has access to a management software component that does not validate the value of a parameter before passing it to wpa_supplicant. This could allow such an untrusted user to inject almost arbitrary data into the configuration file. Such configuration file could result in wpa_supplicant trying to load a library (e.g., opensc_engine_path, pkcs11_engine_path, pkcs11_module_path, load_dynamic_eap) from user controlled location when starting again. This would allow code from that library to be executed under the wpa_supplicant process privileges. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Reject SET_CRED commands with newline characters in the string valuesJouni Malinen2016-05-021-1/+8
| | | | | | | | | | | | | | | | | | | | | | | Most of the cred block parameters are written as strings without filtering and if there is an embedded newline character in the value, unexpected configuration file data might be written. This fixes an issue where wpa_supplicant could have updated the configuration file cred parameter with arbitrary data from the control interface or D-Bus interface. While those interfaces are supposed to be accessible only for trusted users/applications, it may be possible that an untrusted user has access to a management software component that does not validate the credential value before passing it to wpa_supplicant. This could allow such an untrusted user to inject almost arbitrary data into the configuration file. Such configuration file could result in wpa_supplicant trying to load a library (e.g., opensc_engine_path, pkcs11_engine_path, pkcs11_module_path, load_dynamic_eap) from user controlled location when starting again. This would allow code from that library to be executed under the wpa_supplicant process privileges. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Remove newlines from wpa_supplicant config network outputPaul Stewart2016-05-021-2/+13
| | | | | | | | | | Spurious newlines output while writing the config file can corrupt the wpa_supplicant configuration. Avoid writing these for the network block parameters. This is a generic filter that cover cases that may not have been explicitly addressed with a more specific commit to avoid control characters in the psk parameter. Signed-off-by: Paul Stewart <pstew@google.com>
* Reject psk parameter set with invalid passphrase characterJouni Malinen2016-05-021-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | WPA/WPA2-Personal passphrase is not allowed to include control characters. Reject a passphrase configuration attempt if that passphrase includes an invalid passphrase. This fixes an issue where wpa_supplicant could have updated the configuration file psk parameter with arbitrary data from the control interface or D-Bus interface. While those interfaces are supposed to be accessible only for trusted users/applications, it may be possible that an untrusted user has access to a management software component that does not validate the passphrase value before passing it to wpa_supplicant. This could allow such an untrusted user to inject up to 63 characters of almost arbitrary data into the configuration file. Such configuration file could result in wpa_supplicant trying to load a library (e.g., opensc_engine_path, pkcs11_engine_path, pkcs11_module_path, load_dynamic_eap) from user controlled location when starting again. This would allow code from that library to be executed under the wpa_supplicant process privileges. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Remove EAP-FAST optionDmitry Shmidt2016-04-281-1/+1
| | | | | | Current BoringSSL version is not suitable for EAP-FAST. Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* P2P: Copy config from p2pdev when not using dedicated group interfaceAndrei Otcheretianski2016-04-241-21/+12
| | | | | | | | | | | | | | | | | | | | When the P2P Device interface is used and an existing interface is used for P2P GO/Client, the P2P Device configuration was not cloned to the configuration of the existing interface. Thus, configuration parameters such as idle_group_time, etc., were not propagated to the P2P GO/Client interface. Handle this by copying all configuration parameters of the P2P device interface to the reused interface, with the following exceptions: 1. Copy the NFC key data only if it was not set in the configuration file. 2. The WPS string fields are set only if they were not previously set in the configuration of the destination interface (based on the assumption that these fields should be identical among all interfaces). Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* P2P: Fix wpas_p2p_nfc_auth_join()Andrei Otcheretianski2016-04-241-9/+9
| | | | | | | | | Use the p2pdev pointer instead of the parent pointer to comply with the flows when a dedicated P2P Device interface is used and p2p_no_group_iface == 1 (in which case the parent of the reused interface isn't necessary the same as p2pdev). Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* WNM: Fetch scan results before checking transition candidatesKanchanapally, Vidyullatha2016-04-233-26/+151
| | | | | | | | | | | | | On receiving a WNM BSS Transition Management Request frame with a candidate list, fetch the latest scan results from the kernel to see if there are any recent scan results for the candidates and initiate a connection if found. This helps to avoid triggering a new scan in cases where a scan initiated by something else (e.g., an internal beacon measurement report functionality in a driver) has processed Beacon or Probe Response frames without wpa_supplicant having received a notification of such an update yet. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* systemd: Update service files according to D-Bus interface versionMarcin Niestroj2016-04-182-4/+8
| | | | | | | | | | | | | | systemd service files were supplied with old D-Bus bus name. After service activation systemd was waiting for appearance of specified bus name to consider it started successfully. However, if wpa_supplicant was compiled only with the new D-Bus interface name, systemd didn't notice configured (old) D-Bus bus name appearance. In the end, service was considered malfunctioning and it was deactivated. Update systemd service BusName property according to supported D-Bus interface version. Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
* P2P: Add P2P_GROUP_MEMBER command to fetch client interface addressPurushottam Kushwaha2016-04-182-0/+37
| | | | | | | | | | | | | | | This allows local GO to fetch the P2P Interface Address of a P2P Client in the group based on the P2P Device Address for the client. This command should be sent only on a group interface (the same peer may be in multiple concurrent groups). Usage: P2P_GROUP_MEMBER <P2P Device Address> Output: <P2P Interface Address> Signed-off-by: Purushottam Kushwaha <pkushwah@qti.qualcomm.com>
* P2P: Trigger event when invitation is acceptedLior David2016-04-181-0/+19
| | | | | | | | | | Trigger an event when wpa_supplicant accepts an invitation to re-invoke a persistent group. Previously wpa_supplicant entered group formation without triggering any specific events and it could confuse clients, especially when operating with a driver that does not support concurrency between P2P and infrastructure connection. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* RRM: Modify the processing of a received neighbor reportIlan Peer2016-04-171-6/+94
| | | | | | | | | | | | Parse a received neighbor report and report for each neighbor report the data received for it: RRM-NEIGHBOR-REP-RECEIVED bssid=<BSSID> info=0x<hex> op_class=<class> chan=<chan> [lci=hex] [civic=hex] Note that this modifies the previous format that originally reported only the length of the received frame. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* SME: Add support for global RRM flagBeni Lev2016-04-171-3/+4
| | | | | | Add RRM to SME authentication/association if the global RRM flag is set. Signed-off-by: Beni Lev <beni.lev@intel.com>
* wpa_supplicant: Handle LCI requestDavid Spinadel2016-04-175-0/+194
| | | | | | | | | | | | | | Handle radio measurement request that contains LCI request. Send measurement report based on a configurable LCI report element. The LCI report element is configured over the control interface with SET lci <hexdump of the element> and cleared with SET lci "" Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Handle Neighbor Report Request frameDavid Spinadel2016-04-172-0/+2
| | | | | | | Process Neighbor Report Request frame and send Neighbor Report Response frame based on the configured neighbor report data. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Add a database of neighboring APsDavid Spinadel2016-04-162-0/+2
| | | | | | | | | | | | | | | | | Add a configurable neighbor database that includes the content of Nighbor Report element, LCI and Location Civic subelements and SSID. All parameters for a neighbor must be updated at once; Neighbor Report element and SSID are mandatory, LCI and civic are optional. The age of LCI is set to the time of neighbor update. The control interface API is: SET_NEIGHBOR <BSSID> <ssid=SSID> <nr=data> [lci=<data>] [civic=<data>] To delete a neighbor use: REMOVE_NEIGHBOR <BSSID> <SSID> Signed-off-by: David Spinadel <david.spinadel@intel.com>
* Fix spelling of "neighbor" in a function nameJouni Malinen2016-04-161-3/+3
| | | | | | The missing letter 'h' made it more difficult to find this function. Signed-off-by: Jouni Malinen <j@w1.fi>
* wpa_supplicant: Add LCI and civic request to Neighbor Report RequestDavid Spinadel2016-04-164-13/+108
| | | | | | | | | | | | | | | | Add an option to request LCI and Location Civic Measurement in Neighbor Report Request frame, as described in IEEE P802.11-REVmc/D5.0, 9.6.7.6. Note: This changes the encoding format of the NEIGHBOR_REP_REQUEST ssid=<val> parameter. This used to be parsed as raw SSID data which is problematic for accepting additional parameters. The new encoding allows either a string within double-quotation marks or a hexdump of the raw SSID. Thew new format: NEIGHBOR_REP_REQUEST [ssid=<SSID>] [lci] [civic] Signed-off-by: David Spinadel <david.spinadel@intel.com>
* utils: Add ssid_parse() functionDavid Spinadel2016-04-161-5/+0
| | | | | | | | | | Add a function that parses SSID in text or hex format. In case of the text format, the SSID is enclosed in double quotes. In case of the hex format, the SSID must include only hex digits and not be enclosed in double quotes. The input string may include other arguments after the SSID. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* utils: Rename hostapd_parse_bin to wpabuf_parse_bin and move itDavid Spinadel2016-04-091-12/+2
| | | | | | | Make the function available as part of the wpabuf API. Use this renamed function where possible. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* Extend VENDOR_ELEM parameters to cover non-P2P Probe Request frameJouni Malinen2016-04-081-0/+7
| | | | | | | | | | | | The new VENDOR_ELEM value 14 can now be used to add a vendor element into Probe Request frames used by non-P2P active scans. For example: VENDOR_ELEM_ADD 14 dd05001122330a and to clear that: VENDOR_ELEM_REMOVE 14 * Signed-off-by: Jouni Malinen <j@w1.fi>
* HS 2.0: Add support for configuring frame filtersMatti Gottlieb2016-04-085-1/+61
| | | | | | | | | | | | | | | When a station starts an association to a Hotspot 2.0 network, request the driver to do the following, based on the BSS capabilities: 1. Enable gratuitous ARP filtering 2. Enable unsolicited Neighbor Advertisement filtering 3. Enable unicast IP packet encrypted with GTK filtering if DGAF disabled bit is zero Clear the filter configuration when the station interface is disassociated. Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
* driver: Add a packet filtering function declarationMatti Gottlieb2016-04-081-0/+9
| | | | | | | | | | | | | | Add a new function declaration that will allow wpa_supplicant to request the driver to configure data frame filters for specific cases. Add definitions that will allow frame filtering for stations as required by Hotspot 2.0: 1. Gratuitous ARP 2. Unsolicited NA 3. Unicast IP packets encrypted with GTK Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
* wpa_supplicant: "don't care" value for pbss in ssid structureLior David2016-04-087-9/+36
| | | | | | | | | | Add a new value 2 to the pbss parameter of wpa_ssid structure, which means "don't care". This value is used in infrastructure mode to request connection to either AP or PCP, whichever is available in the scan results. The value is also used in regular WPS (not P2P group formation) to make WPS work with devices running as either AP or PCP. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* Mark wpa_supplicant_{start,stop}_sched_scan() staticJouni Malinen2016-04-072-6/+4
| | | | | | | | With the only callers in wpas_{start,stop}_pno() moved into scan.c, there is no need to call these helper functions from outside scan.c anymore. Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix race condition with PNO stop followed immediately by PNO startHu Wang2016-04-061-1/+0
| | | | | | | | | | | | | | | | | | | | Commit dd271857a5b501cd88143efe8ca0f0dce4519a91 ('Skip normal scan when PNO is already in progress') fixed issues with normal scans getting rejected by the driver when PNO scan is already running. The part about skipping such a scan request is fine, but the part about clearing wpa_s->pno back to 0 in EVENT_SCHED_SCAN_STOPPED handler is problematic. If PNO is stopped ("SET pno 0") and then restarted ("SET pno 1") immediately, it is possible for the EVENT_SCHED_SCAN_STOPPED event from the stopping part to be received only after the new PNO instance has been started. This would have resulted in clearing wpa_s->pno and the driver and wpa_supplicant getting out of sync. This would then prevent PNO from being stopped with "SET pno 0" (that fails if wpa_s->pno == 0). Fix this race condition by reverting the wpa_s->pno = 0 addition from the EVENT_SCHED_SCAN_STOPPED handler. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Android: Fix max number of sched scan SSIDs based on driver capabilityDmitry Shmidt2016-04-021-3/+11
| | | | | | | | This adds use of the driver capability (instead of hardcoded WPAS_MAX_SCAN_SSIDS) in wpas_start_pno() similarly to what was already done in wpa_supplicant_req_sched_scan(). Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
* binder: Implement interface add/remove methodsRoshan Pius2016-04-028-0/+262
| | | | | | | | | | | | | This commit implements the methods defined in Supplicant service: 1. CreateInterface 2. RemoveInterface 3. GetInterface The binder service returns the corresponding iface binder object references which can be used by clients to control a specific interface. Signed-off-by: Roshan Pius <rpius@google.com>
* binder: Add binder skeletal code for AndroidRoshan Pius2016-04-0216-0/+458
| | | | | | | | | | | | | | | | | | | | | | | | Create the skeletal binder interface for wpa_supplicant. The interface hierarchy is based off the existing dbus interface(https://w1.fi/wpa_supplicant/devel/dbus.html). Since we use libbinder, the binder interface codebase needs to be written in C++ and can only be compiled on Android platform for now. The aidl files define binder RPC interfaces. The Android build system generates the corresponding C++ interface classes which needs to be implemented by the server process. The clients can obtain a reference to the binder service (root object) using: android::String16 service_name("fi.w1.wpa_supplicant"); android::sp<android::IBinder> binder = android::defaultServiceManager()->getService(service_name); Once a reference to the root object is retrieved, the clients can obtain references to other RPC objects using that root object methods. Signed-off-by: Roshan Pius <rpius@google.com>
* wpa_supplicant: Do not use struct ieee80211_mgmt::u.probe_reqJouni Malinen2016-04-021-10/+13
| | | | | | | | | | This struct in the union is empty, but the design of using a zero-length u8 array here is not fully compatible with C++ and can result in undesired compiler warnings. Since there are no non-IE fields in the Probe Request frames, get the location of the variable length IEs simply by using the pointer to the frame header and the known header length. Signed-off-by: Jouni Malinen <j@w1.fi>
* Do not clear PMKSA entry or EAP session cache if config does not changeBala Krishna Bhamidipati2016-03-312-7/+82
| | | | | | | | | | | | | | | | | | | This avoids unnecessary flushing of the PMKSA cache entry and EAP session data when processing SET_NETWORK commands that set a network profile parameter to the same value that the parameter already has. Introduce a new wpa_config_set() and wpa_config_set_quoted() return value (==1) signifying that the new value being set for the corresponding field equals to the already configured one so that the caller can determine that nothing changed in the profile. For now, this does not cover all the network profile parameters, but number of the most commonly used parameters are included to cover the Android use cases where the framework may have issued SET_NETWORK commands that would have unnecessarily prevented use of PMKSA caching or EAP fast reauthentication. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Fix CONFIG_CTRL_IFACE=udp6/udp6-remote buildsJouni Malinen2016-03-271-1/+7
| | | | | | | | | wpa_supplicant_global_ctrl_iface_receive() did not handle the from address properly for the IPv6 case. This was broken by commit d60886cdafbf839be05ca5f7d4877565d4958a44 ('wpa_supplicant: Add monitor support for global UDP ctrl_iface'). Signed-off-by: Jouni Malinen <j@w1.fi>
* Use TIOCOUTQ instead of SIOCOUTQ to avoid need for linux/sockios.hJouni Malinen2016-03-261-3/+2
| | | | | | | | All that the kernel header was doing here is defining SIOCOUTQ to be TIOCOUTQ. Instead of pulling in the header, we might as well use TIOCOUTQ directly. Signed-off-by: Jouni Malinen <j@w1.fi>
* P2P: Fix persistent group for 60 GHz networksLior David2016-03-251-3/+6
| | | | | | | | | | | Fix two problems with storage of 60 GHz P2P persistent groups: 1. pbss flag was not stored in the network block. 2. When recreating the persistent group from storage, in addition to the missing pbss flag, the pairwise_cipher and group_cipher were initialized to CCMP which does not work in 60 GHz since the default in 60 GHz should be GCMP. Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
* Make it a bit easier to roam from 2.4 GHz to 5 GHz within ESSJouni Malinen2016-03-251-1/+12
| | | | | | | | | | The initial connection to an ESS was already explicitly increasing the likelihood of picking a 5 GHz BSS. While the throughput estimation is likely to do same for the roaming decision, it might be possible that that does not cover all cases. Add couple of dB extra preference for 5 GHz in case the roaming decision falls back to comparing signal levels. Signed-off-by: Jouni Malinen <j@w1.fi>
* Fix a typo in a commentJouni Malinen2016-03-251-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Include previous BSSID in connection request to indicate reassociationJouni Malinen2016-03-242-1/+10
| | | | | | | | This allows the SME-in-the-driver case to get similar information about reassociation that was already available for the SME-in-wpa_supplicant case. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* WNM: Verify BSS TM target match against the current network profileJouni Malinen2016-03-241-0/+11
| | | | | | | Reject a BSS transition management candidate if it does not match the current network profile, e.g., due to incompatible security parameters. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add interface matching support with -M, guarded by CONFIG_MATCH_IFACERoy Marples2016-03-227-2/+205
| | | | | | | | | The new wpa_supplicant command line argument -M can be used to describe matching rules with a wildcard interface name (e.g., "wlan*"). This is very useful for systems without udev (Linux) or devd (FreeBSD). Signed-off-by: Roy Marples <roy@marples.name>
* Find correct driver for interface additions/removalsRoy Marples2016-03-223-8/+77
| | | | | | | | | Interface additions/removals are not guaranteed to be for the driver listening to the kernel events. As such, send the events to wpa_supplicant_event_global() which can then pick the correct interface registered with wpa_supplicant to send the event to. Signed-off-by: Roy Marples <roy@marples.name>
* wpa_supplicant: Fix CONFIG_IBSS_RSN=y build without CONFIG_AP=yJouni Malinen2016-03-212-0/+2
| | | | | | | | | | | | | | | | Commit 1889af2e0f89f9a98171761683eb1c244584daf8 ('VLAN: Separate station grouping and uplink configuration') added an ap_sta_set_vlan() function that gets called from pmksa_cache_auth.c. This broke CONFIG_IBSS_RSN=y build if src/ap/sta_info.c did not get included in the build, i.e., if CONFIG_AP=y was not set. Fix this by making the ap_sta_set_vlan() call conditional on CONFIG_NO_VLAN being undefined and define this for CONFIG_IBSS_RSN=y builds. This is fine for wpa_supplicant since CONFIG_AP=y case was already defining this. For hostapd, this function call is not needed for CONFIG_NO_VLAN case either. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Fix p2p_group_add when UDP-based ctrl_iface is usedJanusz Dziedzic2016-03-201-2/+11
| | | | | | | | | While p2p_group_add ctrl_interface name could be derived from the main interface (simple p2p_group_add command), we failed to bind the same UDP port. Fix this problem and also update the correct ctrl_interface name (port decrement). Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* Fix nfc_pw_token build with CONFIG_FST=yJouni Malinen2016-03-201-0/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* mesh: Use appropriate BLOCKED state durationMasashi Honma2016-03-202-9/+5
| | | | | | | | | | | | | | Previously, BLOCKED state duration slightly increased up to 3600. Though the BLOCKED state could be canceled by ap_handle_timer(). Because the timer timeouts in ap_max_inactivity(default=300sec) and remove STA objects (the object retains BLOCKED state). This patch re-designs my commit bf51f4f82bdb50356de5501acac53fe1b91a7b86 ('mesh: Fix remaining BLOCKED state after SAE auth failure') to replace mesh_auth_block_duration by ap_max_inactivity and remove incremental duration. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Add support for PMKSA cachingMasashi Honma2016-03-207-11/+89
| | | | | | | | | | | | | | | | | | | | | | | | | This patch add functionality of mesh SAE PMKSA caching. If the local STA already has peer's PMKSA entry in the cache, skip SAE authentication and start AMPE with the cached value. If the peer does not support PMKSA caching or does not have the local STA's PMKSA entry in the cache, AMPE will fail and the PMKSA cache entry of the peer will be removed. Then STA retries with ordinary SAE authentication. If the peer does not support PMKSA caching and the local STA uses no_auto_peer=1, the local STA can not retry SAE authentication because NEW_PEER_CANDIDATE event cannot start SAE authentication when no_auto_peer=1. So this patch extends MESH_PEER_ADD command to use duration(sec). Throughout the duration, the local STA can start SAE authentication triggered by NEW_PEER_CANDIDATE even though no_auto_peer=1. This commit requires commit 70c93963edefa37ef84b73efb9d04ea10268341c ('SAE: Fix PMKID calculation for PMKSA cache'). Without that commit, chosen PMK comparison will fail. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* PMKSA: Flush AP/mesh PMKSA cache by PMKSA_FLUSH commandMasashi Honma2016-03-203-1/+25
| | | | | | | | | This extends the wpa_supplicant PMKSA_FLUSH control interface command to allow the PMKSA list from the authenticator side to be flushed for AP and mesh mode. In addition, this adds a hostapd PMKSA_FLUSH control interface command to flush the PMKSA entries. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* PMKSA: Show AP/mesh PMKSA list in PMKSA commandMasashi Honma2016-03-203-2/+56
| | | | | | | | | This extends the wpa_supplicant PMKSA control interface command to allow the PMKSA list from the authenticator side to be listed for AP and mesh mode. In addition, this adds a hostapd PMKSA control interface command to show the same list for the AP case. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* mesh: Add MESH_PEER_ADD commandMasashi Honma2016-03-206-0/+77
| | | | | | | | This allows a mesh peer connection to be initiated manually in no_auto_peer mesh networks. Signed-off-by: Natsuki Itaya <Natsuki.Itaya@jp.sony.com> Signed-off-by: Masashi Honma <masashi.honma@gmail.com>