Johannes Berg [Thu, 5 Dec 2013 22:22:10 +0000 (23:22 +0100)]
tests: VM test script: Copy gcov data if present
If there's code coverage analysis data, copy it out of the VM
to be able to analyse it later. Also add a description to the
README file about how to use it.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Naresh Jayaram [Tue, 3 Dec 2013 06:37:24 +0000 (12:07 +0530)]
eap_proxy: Extend Android.mk to support additional libraries
Allow addition static and shared libraries to be specified from the
eap_proxy_*.mk file for Android build. In addition use $(LOCAL_PATH) as
a prefix for that Android makefile part.
Jouni Malinen [Sun, 24 Nov 2013 18:55:15 +0000 (20:55 +0200)]
tests: Remove special start.sh option for concurrent P2P tests
These were not really used in practice and better quality test cases for
concurrent P2P operations are now available in tests_p2p_concurrency.py
using the standard test framework design. Remove the special concurrent
option for start.sh and the run-all.sh concurrent and
concurrent-valgrind operations to clean up scripts.
Jouni Malinen [Sun, 24 Nov 2013 16:26:05 +0000 (18:26 +0200)]
EAP server: Handle EAP method initialization failures more cleanly
Allow another EAP method to be tried if one of the enabled methods
fails. If all the remaining methods fail, reject connection by adding a
new METHOD_REQUEST -> FAILURE transition. Previously, this case resulted
in the state machine trying to send a message when none was available
and then waiting for a following event until timeout.
Jouni Malinen [Sun, 24 Nov 2013 16:08:45 +0000 (18:08 +0200)]
EAP server: Initialize TLS context based on private_key
It is possible for the authentication server to be configured with a
PKCS #12 file that includes a private key, a server certificate, and a
CA certificate. This combination could result in server_cert and ca_cert
parameters not being present and that should still result in TLS context
getting initialized.
Jouni Malinen [Sun, 24 Nov 2013 16:01:12 +0000 (18:01 +0200)]
Reject TLS-based EAP server method if TLS context not initialized
It was possible to configure hostapd in a way that could try to
initialize a TLS-based EAP method even when TLS library context was not
initialized (e.g., due to not configuring server or CA certificate).
Such a case could potentially result in NULL pointer dereference in the
TLS library, so check for this condition and reject EAP method
initialization.
Jouni Malinen [Sun, 24 Nov 2013 10:41:32 +0000 (12:41 +0200)]
nl80211: Fix regression in P2P group interface removal
Commit 390e489c0d9415caf103367136eaa534b559837c extended hostapd BSS
interface removal capabilities. However, it ended up causing a
regression in wpa_supplicant P2P group interface handling. That P2P
group interface is removed through another driver_nl80211.c BSS context
and as such, the bss->added_if is not set. Fix this by verifying whether
the request is for another ifindex and if so, removing the interface
even if added_if is not marked.
Ilan Peer [Mon, 2 Sep 2013 12:40:59 +0000 (15:40 +0300)]
P2P: Handle INTERFACE_DISABLED event on a P2P GO interface
An INTERFACE_DISABLED event received on an interface that is
currently operating a P2P GO means that the group session ended.
In such a case, if the interface was dynamically added remove it, and
if not, remove all the network blocks that are temporary, assuming
that if needed a new session will be started by an external entity.
The use case was triggering rfkill (both SW and HW). This case popped up
as part of a testing cycle, where after a toggle in the rfkill state,
the result was that the interface was not deleted, but on the other hand
the wpa_supplicant did not configure the kernel to re-start the AP
functionality again.
AP: Fix inactivity STA timer trigger for driver offload case
Some non-mac80211 drivers, such as ath6kl, support STA inactivity timer
in firmware and may not provide connected stations' idle time to the
userspace. If the driver indicates support for offloaded operation, do
not start the inactivity timer in the hostapd.
Signed-hostap: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
Loic Poulain [Fri, 31 May 2013 10:15:56 +0000 (12:15 +0200)]
Restore scan_req if sta scan is rescheduled in the scan results event
On scan results event if a concurrent P2P scan was triggered previously,
scan results processing is canceled, p2p_find executed, and a new sta
scan is triggered (pending scan). However, this new sta scan does not
restore the scan_req value of the previous scan (whose scan result has
been canceled).
If we are currently connected to an AP and use ap_scan=2, the new
triggered scan will cause an associtation-without-scan in
wpa_supplicant_scan:
(ap_scan == 2 & scan_req != MANUAL_SCAN_REQ)
=> wpa_supplicant_assoc_try()
causing an association error and a disconnection.
This patch fixes this issue by restoring the previous scan_req value.
Janusz Dziedzic [Fri, 22 Nov 2013 20:21:25 +0000 (21:21 +0100)]
Clear beacon_data before usage
struct beacon_data contains a lot of pointers. Make sure it gets cleared
to zero if hostapd_build_beacon_data() gets called from a path that does
not clear the structure first.
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Jouni Malinen [Thu, 7 Nov 2013 14:16:15 +0000 (16:16 +0200)]
Android: Add driver_cmd for arbitrary driver commands
This is a mechanism used in Android to extend driver interface in vendor
specific ways. This is included only for the purpose of Android
compatibility. Proper interface commands should be used for any new
functionality.
Sunil Dutt [Thu, 21 Nov 2013 15:37:50 +0000 (21:07 +0530)]
TDLS: Do not reenable TDLS link on retransmitted setup frame
A reenable of the TDLS link while the host driver is already processing
the same (due to the retransmitted M2/M3 frames) might result in a
failed TDLS setup handshake due to some host driver's implementation.
Thus, issue enable link only when the peer's TDLS status signifies no
prior link (tpk_success=0).
Jouni Malinen [Fri, 22 Nov 2013 11:48:02 +0000 (13:48 +0200)]
VHT: Fix memory leak in STA entry
Commit de3cdf354a30256ece16866ff5a283b66e1471ae adding copying of the
STA's VHT capabilities into the STA entry on the AP. This was done in
allocated memory, but that new memory allocation was not freed anywhere.
Johannes Berg [Wed, 20 Nov 2013 10:01:09 +0000 (11:01 +0100)]
Use monotonic clock for relative time for eloop if available
Relative time shouldn't be calculated based on gettimeofday
because that clock can jump (e.g., when the time is adjusted
by the system administrator.)
On systems where that is available, use CLOCK_BOOTTIME (on
fairly recent Linux systems, this clock takes into account
the time spend suspended) or CLOCK_MONOTONIC (on Linux and
some POSIX systems, this clock is just freely running with
no adjustments.)
Reported-by: Holger Schurig <holgerschurig@gmail.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Jithu Jance [Wed, 20 Nov 2013 13:50:56 +0000 (19:20 +0530)]
STA: Cancel sched_scan while initiating wps_reassoc
Scan initiated from wps_nfc command context was ketp on
getting rescheduled due to an on-going scheduled scan. So
cancel sched_scan before issuing a reassociation scan.
Rashmi Ramanna [Tue, 12 Nov 2013 14:17:35 +0000 (19:47 +0530)]
P2P: Short scan wait to speed up the group re-invocation
The shorter 250 ms wait for the next scan request can be used also for
the case of persistent group re-invocation instead of just formation of
a new group. This speeds up the process and makes this more robust
especially in cases where the GO is using MCC.
Jouni Malinen [Wed, 20 Nov 2013 10:08:09 +0000 (12:08 +0200)]
Fix QoS Map Configure frame use
The QoS Map Set element was passed in full to the driver instead of just
the payload of the element. This resulted in the updated QoS Map being
rejected. Validate the element id/len and send only the payload to the
driver.
Jouni Malinen [Tue, 19 Nov 2013 11:04:21 +0000 (13:04 +0200)]
P2P: Prefer U-NII-3 over U-NII-1 during channel selection
Some devices disable use of U-NII-1 (channels 36-48) for P2P due to it
being indoor use only in number of locations. If U-NII-3 (channels
149-161) is available, try to pick a channel from that range first
during random channel selection to reduce likelihood of interoperability
issues.
Jouni Malinen [Tue, 19 Nov 2013 10:39:29 +0000 (12:39 +0200)]
P2P: Fix channel preference use for MCC p2p_connect
Only force_freq was used in the wpas_p2p_set_own_freq_preference() call
which allowed the P2P module channel re-selection to ignore the
preference for using a channel we are already using. Fix this by setting
either force_freq or pref_freq as the preference based on which one is
set. This allows p2p_ignore_shared_freq parameter to be used whether to
prefer the shared frequency in this case.
Jouni Malinen [Tue, 19 Nov 2013 10:29:25 +0000 (12:29 +0200)]
P2P: Optimize default case for own freq preference setting
There is no need to use wpas_p2p_num_unused_channels() here in the
default configuration of p2p_ignore_sahred_freq=0, so re-order the
conditions to skip that operation. This is a bit more efficient and the
debug log is also a bit cleaner in the default case.
Jouni Malinen [Tue, 19 Nov 2013 10:26:16 +0000 (12:26 +0200)]
P2P: Fix p2p_ignore_shared_freq=1 when inviting a peer
p2p_ignore_shared_freq=1 was supposed to allow a MCC-capable device to
ignore a preference for using the same channel on multiple interfaces.
However, it was not used when inviting a peer to re-invoke a persistent
group. This case needs special handling since the peer's channel list is
not available to perform channel reselection and the operating channel
indicated in the Invitation Request frames ends up getting used as the
operating channel if the transmitted of that frames becomes the GO.
Jouni Malinen [Tue, 19 Nov 2013 10:15:45 +0000 (12:15 +0200)]
P2P: Fix p2p_ignore_shared_freq=1 during invitation processing
p2p_ignore_shared_freq=1 was supposed to allow a MCC-capable device to
ignore a preference for using the same channel on multiple interfaces.
However, it was not used during processing of an Invitation Request. Fix
that case to use channel preference instead of channel forcing if free
channels are available. This allows p2p_ignore_shared_freq=1 case to
ignore the preference.
Jouni Malinen [Mon, 18 Nov 2013 16:16:27 +0000 (18:16 +0200)]
P2P: Clean up wpas_p2p_setup_freqs() debug message
It is confusing to talk about current operating channels being
unavailable for P2P when there are no current operating channels. Make
the debug message easier to understand.
Jouni Malinen [Mon, 18 Nov 2013 16:13:15 +0000 (18:13 +0200)]
P2P: Clean up wpas_p2p_init_go_params()
It is clearer if there is only a single loop of the channel list and
shared debug prints. In addition, the note about current operating
channels not being available is quite confusing if there are no
operating group, so make that part of the message conditional.
Jouni Malinen [Mon, 18 Nov 2013 15:58:14 +0000 (17:58 +0200)]
P2P: Prefer VHT channels for initial pick
If there are no other preferences from local configuration or driver,
prefer a random VHT channel instead of falling back to the fixed
pre-configured channel or 5 GHz/HT40 channel preference.
Jouni Malinen [Mon, 18 Nov 2013 15:57:07 +0000 (17:57 +0200)]
P2P: Prefer HT40 channels for initial pick
If there are no other preferences from local configuration or driver,
prefer a random HT40 channel instead of falling back to the fixed
pre-configured channel or 5 GHz channel preference.
Jouni Malinen [Mon, 18 Nov 2013 15:55:04 +0000 (17:55 +0200)]
P2P: Prefer 5 GHz channels for initial pick
If there are no other preferences from local configuration or driver,
prefer a random 5 GHz channel instead of falling back to the fixed
pre-configured channel (which is selected by default to be 1, 6, or 11).
Jouni Malinen [Mon, 18 Nov 2013 15:41:39 +0000 (17:41 +0200)]
P2P: Move random channel selection into a helper function
The new p2p_channel_select() function can be re-used to implement
random channel selection from a set of operating classes in all
places that need such functonality.
Jouni Malinen [Mon, 18 Nov 2013 14:53:44 +0000 (16:53 +0200)]
P2P: Fix channel selection for MCC case
Commit 0d08efa447a5c5fb20bbed18a2ced36a8afe9221 modified
wpas_p2p_setup_freqs() design to use number of MCC channels capability
from the driver. However, it resulted in regression on how the preferred
vs. forced channel selection is done in the case of a MCC device.
force_freq was set unconditionally even though this was supposed to be
done only if no additional channels are available. pref_freq needs to be
used when possible to avoid preventing connection.
Jithu Jance [Thu, 17 Oct 2013 06:26:02 +0000 (11:56 +0530)]
Handle legacy scan interruption of sched_scan/PNO
While starting from PNO start context, the scheduled scan was not
setting the flag wpa_s->scanning. This was resulting in the subsequent
SCAN command to proceed further and send command to nl80211/cfg80211.
The expected behavior of cancelling sched_scan was not happening here.
While sched_scan is in progress and a legacy scan comes on the
cli/socket, the sched_scan is cancelled and normal scan is allowed to
continue. However, sometimes sched_scan cancelled event comes a bit
delayed and we will send out the scan command before the wpa_s->scanning
is cleared. Instead, reschedule the incoming scan req if the
wpa_s->scanning shows that it is still in progress.
Jouni Malinen [Sun, 17 Nov 2013 21:43:11 +0000 (23:43 +0200)]
wlantest: Add more pcapng notes on EAPOL processing
Some of the MIC validation steps were not logged in the pcapng notes.
Add these to make the entries more consistent and to provide more
information to ease debugging.
Jouni Malinen [Sun, 17 Nov 2013 20:52:15 +0000 (22:52 +0200)]
wlantest: Allow additional PTKs to be specified from a file
A text file with a hexdump of PTK (KCK|KEK=TK with 48 octets for CCMP or
64 octets for TKIP or alternative 16 or 32 octet TK for CCMP/TKIP) can
now be read from a file specified with the -T command line argument. If
the current known PTK fails to decrypt a frame (or if no current PTK is
known) all listed PTKs are iterated to see if any of them matches.
Jouni Malinen [Sun, 17 Nov 2013 18:23:51 +0000 (20:23 +0200)]
Extend GCMP test vectors to include both MPDUs
IEEE Std 802.11ad-2012 includes two test vectors for GCMP. Verify both
of those and also verify that the results match the values in the
standard instead of just verifying that decrypted frame matches
original.
Build CSA settings and call the driver to perform the switch. Construct
Beacon, Probe Response, and (Re)Association Response frames both for CSA
period and for the new channel. These frames are built based on the
current configuration. Add CSA IE in Beacon and Probe Response frames.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add csa_settings struct which holds parameters for CSA. Change driver
interface for switch_channel(), so that it will receive this struct and
not only the new frequency as it was before. This allows wpa_supplicant
to provide all the required parameters (beacons, proberesp, assocresp,
CSA IE) which are required by cfg80211 implementation.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Jouni Malinen [Sun, 17 Nov 2013 13:51:28 +0000 (15:51 +0200)]
eloop: Remove eloop_none.c
This was supposed to be a minimal sample of eloop wrapper, but it is
unclear whether this is of that much use and the file has not been kept
up-to-date. Remove this file to reduce maintenance effort. The other
eloop*.c files can be used as a starting point if something new is
needed.
Masashi Honma [Sun, 17 Nov 2013 10:17:09 +0000 (12:17 +0200)]
SCARD: Clean up SIM/USIM selection
Commit eb324600295a570199a5e25eb64e60781a04fb74 left an unneeded
sim_type argument to scard_init(). Remove that unnecessary argument to
clean up the implementation.
Paul Stewart [Mon, 11 Nov 2013 20:13:55 +0000 (12:13 -0800)]
dbus_new: Add DBus TDLS methods
Add DBus methods for TDLS operations similar to those available
for the control interface. This includes Discover, Setup, and
Teardown commands. While here, add a method to query the TDLS
link status and add a DBus method for it.
Tested with CONFIG_TDLS enabled, on a TDLS-enabled host and
peer capable of TDLS:
Jithu Jance [Sun, 17 Nov 2013 10:23:09 +0000 (12:23 +0200)]
Request new scan only for the original interface
Request new scan only for the interface for which the original scan
request and results has come. Otherwise while sharing scan results along
with P2P interfaces, the new scan will be requested on P2P interfaces.
Jouni Malinen [Sun, 17 Nov 2013 10:52:08 +0000 (12:52 +0200)]
Remove old mechanism of skipping scan request rescheduling
Since eloop_deplete_timeout() is doing practically same in
wpa_supplicant_req_scan(), revert the old mechanism from commit 7e1488494e0150ee7fdef83355266b5633c5c1b0 to avoid unnecessary work in
this function.
P2P: Use negotiated channel from invitation for persistent GO
During persistent group re-invocation, GO may end up using a different
channel as the operation channel compared to what was indicated in the
invitation frames. This may break the connection if the peer device ends
up scanning the GO only on the channel from the invitation frame. Fix
this by using the negotiated channel (if available) on the GO as the
operating channel instead of the channel that was provided in the
p2p_invite command to start negotiation.
Sunil Dutt [Wed, 13 Nov 2013 11:35:44 +0000 (17:05 +0530)]
TDLS: Provide external control to specify the peers for setup
There are use cases requesting the host driver to initiate the TDLS
setup with the peer only when configured by the external applications.
Thus, enable this control by tdls_external_control=1 and pass the
requisite information for the specific TDLS operation to the driver
on the request from such use cases.
This operation mode expects the driver to initiate TDLS link
automatically based on signal strength and traffic to a peer and tear
down links whenever they are not used or suitable due to signal strength
etc. The list of peers with which such operations are to be performed
are provided with the TDLS driver operations.
Abhishek Singh [Wed, 13 Nov 2013 12:00:27 +0000 (17:30 +0530)]
hostapd: Filter channel list updated events after country code change
We were not filtering the EVENT_CHANNEL_LIST_CHANGED events based on the
regulatory hint initiator. So wait for EVENT_CHANNEL_LIST_CHANGED event
after our own change was triggered even when regulatory hint initiator
was the driver. This could result in the wait for the channel list to be
updated to be terminated before the real change has occurred and as
such, old channel list remaining in use when configuring
hostapd/wpa_supplicant country parameter. Fix this by filtering the
hints according to the initiator and only regulatory hints initiated by
user will be used to stop the wait.
Jouni Malinen [Sat, 9 Nov 2013 15:29:32 +0000 (17:29 +0200)]
nl80211: Do not for station mode on hostapd deinit
If hostapd was started with the interface already in AP mode, leave the
interface in AP mode on deinit instead of unconditionally forcing it to
station mode.
Jouni Malinen [Sat, 9 Nov 2013 15:22:49 +0000 (17:22 +0200)]
nl80211: Remove build time condition on HOSTAPD define
It is common to build wpa_supplicant with AP mode support and it is
justifiable to clean up driver_nl80211.c by removing the conditional
build blocks based on hostapd vs. wpa_supplicant builds.
Jouni Malinen [Sat, 9 Nov 2013 15:02:05 +0000 (17:02 +0200)]
nl80211: Remove read-only last_freq/last_freq_ht
These variables were originally used in hostapd to clear HT channel
information when exiting. However, that functionality was lost with
commit f019981aee20f53d29ee1079973e609517d6d7e6 when moving to a common
code for setting the channel. Taken into account that no one seems to
have missed this functionality over the last four years, it seems safe
to drop this rather than try to fix the old hostapd behavior.
Jouni Malinen [Sat, 9 Nov 2013 13:40:06 +0000 (15:40 +0200)]
tests: Do not override existing .config from build.sh
This allows the build.sh script to be used to rebuild binaries based on
existing configuration in addition to the initial case of preparing
suitable build configuration.
Michal Kazior [Fri, 8 Nov 2013 07:13:14 +0000 (08:13 +0100)]
tests: Use proper admin group in start.sh
wpa_supplicant configuration files had a hardcoded GROUP=admin. The
start.sh script failed on a system without admin group (some systems
have it named adm).
Generate configuration files with appropriate GROUP in the log dir
and use them.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>