Jouni Malinen [Sun, 26 Feb 2012 10:06:36 +0000 (12:06 +0200)]
Generate random ANonce instead of one based on Counter
Definition of ANonce selection in IEEE Std 802.11i-2004 is somewhat
ambiguous. The Authenticator state machine uses a counter that is
incremented by one for each 4-way handshake. However, the security
analysis of 4-way handshake points out that unpredictable nonces help in
preventing precomputation attacks. Instead of the state machine
definition, use an unpredictable nonce value here to provide stronger
protection against potential precomputation attacks.
Dmitry Shmidt [Tue, 15 Nov 2011 14:02:30 +0000 (16:02 +0200)]
Android: Add build configuration files
These are from Android wpa_supplicant_8.git initial 0.8.X commit 8d520ff1dc2da35cdca849e982051b86468016d8 with some additional edits and
renaming of .config files to android.config.
Dmitry Shmidt [Tue, 16 Aug 2011 18:55:46 +0000 (11:55 -0700)]
Add CONFIG_NO_ROAMING option
This can be used to disable wpa_supplicant controlled roaming. It should
be noted that the WPA_DRIVER_FLAGS_BSS_SELECTION capability is the
preferred way for this and CONFIG_NO_ROAMING should be obsoleted once
drivers support the new NL80211_ATTR_ROAM_SUPPORT capability
advertisement.
Jithu Jance [Sat, 25 Feb 2012 15:22:48 +0000 (17:22 +0200)]
Add wpa_supplicant AP mode STA deauthenticate/disassociate commands
Move disassociate and deauthenticate commands to ctrl_iface_ap.c, so
that they ares accessible for wpa_supplicant AP mode and wpa_cli (with
CONFIG_AP option enabled).
Reinette Chatre [Sat, 25 Feb 2012 08:54:11 +0000 (10:54 +0200)]
dbus: return NULL data for peer IEs
The org.freedesktop.DBus.Properties interface is now supported for peer
properties. Ensure that GetAll will work by having the IEs property
function return NULL data instead of a failure until it is implemented.
While maintaining the original intent of that patch we make two changes
to it here:
First, 3f6e50ac282bbcb4be137023316543bd232ba350 changed the type used to
represent the WPS vendor extension data from bytes to a string. In
addition to the type change the way in which the vendor extension data
was provided to the function creating the string was incorrect and would
not present the correct vendor extension data even in string format.
Revert the type change made in 3f6e50ac282bbcb4be137023316543bd232ba350
and present the WPS vendor extension data as an array of an array of
bytes as it was before.
Second, 3f6e50ac282bbcb4be137023316543bd232ba350 changes the secondary
device types representation from an array of an array of bytes to an
array of bytes. Revert that change to make secondary device types
accessible via an array of an array of bytes again.
Jayant Sane [Sat, 25 Feb 2012 08:45:17 +0000 (10:45 +0200)]
dbus: utility to create dbus message from wpabuf array
If a wpabuf array is used to store basic typed data that we would like
to send over D-Bus then this utility will be of help when it places the
data in a variant with format aa? (array of an array of type ?, with ?
indicating any basic type).
Jouni Malinen [Sun, 19 Feb 2012 16:10:20 +0000 (18:10 +0200)]
P2P: Fix group idle timer cancellation on group removal
The wpas_p2p_group_idle_timeout was getting cancelled in the beginning
of wpas_p2p_group_delete(). However, in the case of P2P client role,
this function called wpa_supplicant_deauthenticate() next and that ended
up changing state to WPA_DISCONNECTED which resulted in
wpas_p2p_notif_disconnected() rescheduling the timeout. This left the
unexpected timeout behind after the group was removed. If another group
operation was started within P2P_MAX_CLIENT_IDLE (10) seconds, that
timeout could end up terminating the group while it was still being set
up.
Fix this by reordering wpas_p2p_group_delete() to cancel the group idle
timeout only after having called wpa_supplicant_deauthenticate(). The
group idle timeout is still rescheduled, but it gets removed immediately
afterwards when the actual group information is being cleared.
Jouni Malinen [Sun, 19 Feb 2012 14:44:30 +0000 (16:44 +0200)]
Clean up array insertion to skip unnecessary memmove
The previous elements need to be moved only if we are inserting the new
network in the middle of the list. While the memmove of zero bytes at
the end of the array does not cause real problems, some static analyzers
complain about this, so in addition to slightly optimized
implementation, this removes some analyzer warnings, too.
Jouni Malinen [Sun, 19 Feb 2012 12:24:45 +0000 (14:24 +0200)]
Interworking: Fix SIM/USIM NAI construction
Commit 9914c96febff964374a863bbd6986ade13a2215a moved sizeof(nai) to a
helper function and broke the determination of maximum buffer length.
Fix this by moving the sizeof() to the functions that define the buffer.
Jouni Malinen [Sat, 18 Feb 2012 11:28:21 +0000 (13:28 +0200)]
wext: Filter unexpected interface added/up events
It looks like a RTM_NEWLINK event claiming the interface to be UP is
delivered just before removing an interface after having first indicated
that the interface was going down/removed. Ignore this event if the
interface is not present anymore at the moment the event is processed.
This fixes issues where an interface that was re-added after being
removed did not get reconfigured properly.
Jouni Malinen [Sat, 18 Feb 2012 11:16:17 +0000 (13:16 +0200)]
Use WPA_INTERFACE_DISABLED with interface removed events
This makes WPA_INTERFACE_DISABLED more consistent in indicating that
wpa_supplicant cannot currently control the interface regardless of
whether the interface is disabled or completely removed.
It looks like a RTM_NEWLINK event claiming the interface to be UP is
delivered just before removing an interface after having first indicated
that the interface was going down/removed. Ignore this event if the
interface is not present anymore at the moment the event is processed.
This fixes issues where an interface that was re-added after being
removed did not get reconfigured properly.
Jouni Malinen [Fri, 17 Feb 2012 20:57:13 +0000 (22:57 +0200)]
P2P: Allow channels to be removed from P2P use
A list of disallowed frequencies for P2P channel list can now be
configured with P2P_SET disallow_freq. The frequencies (or frequency
pairs) are comma separated. For example:
wpa_cli p2p_set disallow_freq 2462,5000-6000
The allowed P2P channel list is constructed by removing explicitly
disallowed channels from the channel list received from the driver.
Jouni Malinen [Fri, 17 Feb 2012 09:34:56 +0000 (11:34 +0200)]
P2P: Do not include P2P IE in association request to non-P2P AP
This was previously fixed for most cases in commit ffad8858370e297b22ff5d9e6e36372755364ec0, but the check here for
drivers that implement SME/MLME was missed in that commit.
This removes the P2P IE from (Re)Association Request frame with
drivers that do not use wpa_supplicant SME implementation and are
P2P cabable when associating with a non-P2P AP (i.e., not a GO or
P2P WLAN manager AP).
Jouni Malinen [Thu, 16 Feb 2012 21:27:01 +0000 (23:27 +0200)]
EAP-SIM/AKA server: Fix re-authentication not to update pseudonym
AT_NEXT_PSEUDONYM is supposed to be included only in the Challenge
messages, not in the Re-authentication messages. This attribute was
incorrectly included in the Re-authentication messages and could have
been used to update the pseudonym state on the server without the peer
updating its state.
Jouni Malinen [Thu, 16 Feb 2012 21:11:29 +0000 (23:11 +0200)]
hostapd: Allow 'none' driver to be started without ifname
Commit 0dcc4dc4b31d48ed32940b9adb0b9fcdcab32dc3 made driver
initialization conditional on interface name being configured. This can
break hostapd-as-RADIUS-server use case where this parameter does not
really make any sense. Fix this with a special case for the none driver.
Jouni Malinen [Thu, 16 Feb 2012 14:38:50 +0000 (16:38 +0200)]
Interworking: Allow network block -based connection without ANQP matches
Previously, network block -based connection could have been used to
override ANQP-based selection. However, if no ANQP-based matches were
present, no connection was started. Fix this by trying to connect if
any enabled network block has a match in the BSS table.
Jouni Malinen [Thu, 16 Feb 2012 14:37:21 +0000 (16:37 +0200)]
Interworking: Add support for credential priorities
This allows credentials to be set with a specific priority to allow
the automatic network selection behavior to be controlled with user
preferences. The priority values are configured to the network block
and BSS selection will select the network based on priorities from
both pre-configured network blocks and credentials.
Jouni Malinen [Thu, 16 Feb 2012 14:36:00 +0000 (16:36 +0200)]
Interworking: Add ctrl_iface commands for managing credentials
New wpa_cli commands list_creds, add_cred, remove_cred, and set_cred
can now be used to manage credentials similarly to the commands used
with network blocks.
Jouni Malinen [Thu, 16 Feb 2012 14:32:00 +0000 (16:32 +0200)]
Interworking: Add support for home vs. visited SP determination
Use Domain Name List (ANQP) and the new home_domain configuration
parameter to figure out whether a network is operated by the home
service provider and if so, prefer it over networks that would
require roaming.
Jouni Malinen [Thu, 16 Feb 2012 14:30:13 +0000 (16:30 +0200)]
Add BSSID filter for testing purposes
wpa_supplicant can now be configured to filter out scan results based
on a BSSID filter. Space-separated set of allowed BSSIDs can be set
with wpa_cli set bssid_filter command. Filtering mechanism can be
disabled by setting this variable to an empty list. When set, only
the BSSes that have a matching entry in this list will be accepted
from scan results.
Jouni Malinen [Wed, 15 Feb 2012 18:39:54 +0000 (20:39 +0200)]
WPS: Do not use sched_scan for provisioning step
Normal scan is more reliable and faster for WPS operations and since
these are for short periods of time, the benefit of trying to use
sched_scan would be limited. This can fix WPS connectivity issues
with some drivers.
The TX status event may be received after a station has been
disassociated in cases where the disassociation is following a
transmission of a Data frame. Ignore such events if the STA is not
associated at the moment the event is being processed. This avoids
confusing debug entries and rescheduling of the EAPOL TX timeouts for
STAs that are still in the STA table, but are not really in active EAPOL
session.
Jouni Malinen [Mon, 13 Feb 2012 21:02:57 +0000 (23:02 +0200)]
WPS: Fix clearing of SetSelectedRegistrar with multiple interfaces
The SetSelectedRegistrar timeout was registered for each registrar
instance, but the only context pointer (struct subscription *) was
shared with each registrar which resulted in the timeout getting
cancelled for some of the registrar instances before the selected
registrar (ER) information was cleared.
In addition, when an ER unsubscribed from receiving events, the
selected registrar information got cleared only from a single
registrar.
Fix these issues by registering a pointer to the registrar
instance in the timeout and by iterating over all UPnP interfaces
when removing a subscription.
In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new
stations. This patch makes wpa_supplicant notify the driver when a
station can be considered authorized.
Signed-hostap: Antonio Quartulli <ordex@autistici.org>
Ben Greear [Sun, 12 Feb 2012 15:47:23 +0000 (17:47 +0200)]
eloop: Support poll() in eloop
When using more than around 200 virtual stations, we start hitting the
max number of file descriptors supported by select(). This patch adds
support for poll(), which has no hard upper limit.
Signed-hostap: Ben Greear <greearb@candelatech.com>
Jouni Malinen [Sun, 12 Feb 2012 11:54:15 +0000 (13:54 +0200)]
WPS: Fix regression in post-WPS scan optimization
Commit 3c85f144ce7aa3967f881a7584a5b125061ca436 fixed issues with P2P
Action frame TX after disconnection by clearing wpa_s->assoc_freq.
This resulted in a regression to the post-WPS scan optimization that
used wpa_s->assoc_freq to enable fast single-channel scan. Fix this by
copying wpa_s->assoc_freq to a local variable before calling
wpa_supplicant_deauthenticate() that ends up calling
wpa_supplicant_mark_disassoc() which will clear assoc_freq.
Jouni Malinen [Sat, 11 Feb 2012 12:19:26 +0000 (14:19 +0200)]
Remove the GPL notification from EAP-pwd implementation
Remove the GPL notification text from EAP-pwd implementation per
approval from Dan Harkins who contributed these files.
(email from Dan Harkins <dharkins@lounge.org> dated
Wed, 4 Jan 2012 16:25:48 -0800)
Jouni Malinen [Sat, 11 Feb 2012 12:04:12 +0000 (14:04 +0200)]
Select the BSD license terms as the only license alternative
Simplify licensing terms for hostap.git by selecting the BSD license
alternative for any future distribution. This drops the GPL v2
alternative from distribution terms and from contribution requirements.
The BSD license alternative that has been used in hostap.git (the one
with advertisement clause removed) is compatible with GPL and as such
the software in hostap.git can still be used with GPL projects. In
addition, any new contribution to hostap.git is expected to be licensed
under the BSD terms that allow the changes to be merged into older
hostap repositories that still include the GPL v2 alternative.
Flávio Ceolin [Sat, 11 Feb 2012 09:36:50 +0000 (11:36 +0200)]
dbus: Make the P2P peer's properties accessible separately
Since there is the method org.freedesktop.DBus.Properties.GetAll that
returns all properties from a specific interface, it makes more sense to
separate the properties to make it possible to get only a single
property using the method org.freedesktop.DBus.Properties.Get as well.
Jouni Malinen [Sat, 11 Feb 2012 08:51:31 +0000 (10:51 +0200)]
Fix CONFIG_NO_SCAN_PROCESSING=y build
This fixes a build regression from commit cd2f4ddfb91c330c778d7464a393c5f26f07d432 by moving
wpa_supplicant_assoc_update_ie() outside the no-scan-processing ifdef
block.
Fix pmksa_cache_get() arguments in !IEEE80211_X_EAPOL builds
In case of !defined(IEEE8021X_EAPOL) the definition of the stub
pmksa_cache_get() in rsn_supp/pmksa_cache.h is not correct. This patch
adds the missing argument to the function definition to fix a
regression from commit 96efeeb66bd8762ab9fccd9fe2b5c3e276ff220c.
Signed-hostap: Antonio Quartulli <ordex@autistici.org>
Jouni Malinen [Thu, 9 Feb 2012 10:49:36 +0000 (12:49 +0200)]
P2P: Avoid re-starting p2p_search in some corner cases
Search (p2p_scan) could already have been started at the point
remain-on-channel end event is being processed, e.g., if an Action frame
TX is reported immediately aftet the end of an earlier remain-on-channel
operation and the response frame is sent using an offchannel operation
while p2p_find is still in progress. Avoid trying to re-run p2p_scan
while the previous one is still running.
Jouni Malinen [Thu, 9 Feb 2012 10:46:44 +0000 (12:46 +0200)]
P2P: Fix p2p_scan() error processing in p2p_search()
Commit 39185dfa549f076a6be114e0149a3649d302f477 changed the p2p_scan()
callback to return 1 in some cases, but forgot to change this p2p_scan()
call to handle that properly. Fix this by processing any non-zero value
as an error. This regression could leave the P2P module in state where
it believed a P2P scan was still running and refused to start some
operations until that scan gets completed (which would never happen
since it was not really started).
Ganesh Prasadh [Wed, 8 Feb 2012 10:37:57 +0000 (12:37 +0200)]
WPS: Allow wildcard UUID PIN to be used twice
Previously, PINs that are added with a wildcard UUID were allowed to
be used only by a single Enrollee. However, there may be more than one
Enrollee trying to connect when an AP indicates that active Registrar
is present. As a minimal workaround, allow two Enrollees to try to use
the wildcard PIN. More complete extension could use timeout and allow
larger set of Enrollees to try to connect (while still keeping in mind
PIN disabling requirement after 10 failed attempts).
Jouni Malinen [Wed, 8 Feb 2012 10:07:54 +0000 (12:07 +0200)]
Show BSS entry age (seconds since last update)
The BSS ctrl_iface command can sow the age of a BSS table entry to
make it easier for external programs to figure out whether an entry
is still current depending on the use case.
Jouni Malinen [Tue, 7 Feb 2012 14:23:21 +0000 (16:23 +0200)]
P2P: Allow BSS entry to be fetched based on GO P2P Device Address
"BSS p2p_dev_addr=<P2P Device Address>" can now be used to fetch a
specific BSS entry based on the P2P Device Address of the GO to avoid
having to iterate through the full BSS table when an external program
needs to figure out whether a specific peer is currently operating as
a GO.
Jouni Malinen [Mon, 6 Feb 2012 19:54:36 +0000 (21:54 +0200)]
P2P: Set Invitation Type to 1 for GO inviting to a persistent group
When a GO is operating a persistent group and invites a peer that has
been a P2P client in that persistent group, the Invitation Type in the
Invitation Request frame can be set to 1 to indicate that this is a
reinvocation of a persistent group. Do this based on the maintained
list of P2P clients that have been provided the credentials to this
group.
Jouni Malinen [Sun, 5 Feb 2012 18:52:24 +0000 (20:52 +0200)]
P2P: Wait for PD-before-join response
Even though the Provision Discovery Response frame from PD-before-join
does not really provide any additional information, it can be better to
wait for it before starting the join operation. This adds a minimal
extra latency in the most common case and cleans up the sequence of
driver operations and debug log by avoiding potential processing of the
Provision Discovery Response while already running a scan for the actual
connection.
If transmission of Provision Discovery Request fails, join operation is
started without the additional wait. In addition, a new timeout is used
to start the join if Provision Discovery Response is lost for any
reason.
Jouni Malinen [Sun, 5 Feb 2012 18:20:36 +0000 (20:20 +0200)]
P2P: Skip event notification on PD Response in join-group case
Provision Discovery is used as a notification to the GO in the case we
are about join a running group. In such case, there is not much point in
indicating the provision discovery response events to external programs
especially when the PIN-to-be-displayed was different from the one
returned for the p2p_connect command. Skip this confusing event
completely for join-a-running-group case.
Paul Stewart [Sun, 5 Feb 2012 16:43:06 +0000 (18:43 +0200)]
bgscan_simple: Refinements to fast-scan backoff
These changes account for situations where the CQM threshold
might be approximately the same as the currently received signal,
and thus CQM events are triggered often due to measurement
error/small fluctuations. This results in scanning occurring
too frequently.
Firstly, inhibit the immediate scan when the short-scan count
is at the maximum. This keeps bursts of CQM toggling from
causing a torrent of back-to-back scans. This does not inhibit
immediate scans if the CQM triggers a second time (if the signal
falls lower past the hysteresis). This reduces the scan rate in
the worst case (fast-rate toggling high/low CQM events) to the
short scan interval.
Secondly, change the behavior of the short scan count so it acts like
a "leaky bucket". As we perform short-scans, the bucket fills until
it reaches a maximal short-scan count, at which we back-off and
revert to a long scan interval. The short scan count decreases by
one (emptying the bucket) every time we complete a long scan interval
without a low-RSSI CQM event.
This reduces the impact of medium-rate toggling of high/low CQM
events, reducing the number of short-interval scans that occur before
returning to a long-interval if the system was recently doing
short scans.
Dan Williams [Sat, 4 Feb 2012 18:09:00 +0000 (20:09 +0200)]
Try fallback drivers if global init for preferred drivers fails
Driver global init was considered a hard failure. Thus if, for example,
you used the Broadcom STA driver and didn't have nl80211 or cfg80211
loaded into the kernel, and specified a driver value of "nl80211,wext",
the nl80211 driver's global init would fail with the following message:
nl80211: 'nl80211' generic netlink not found
Failed to initialize driver 'nl80211'
but since global init was a hard failure, creating the supplicant
interface would fail and the WEXT driver would not be tried.
Give other drivers a chance instead.
Signed-hostap: Dan Williams <dcbw@redhat.com>
intended-for: hostap-1
Todd Previte [Sat, 4 Feb 2012 11:13:59 +0000 (13:13 +0200)]
P2P: Fix the setter function for DBus group properties
The setter function uses the same hostapd_data structure as the getter
which causes it to crash if called on a P2P client. To overcome this
issue, the role is checked to ensure it is called on a group owner and
the pointer is examined for validity. The function will return an error
if called on a non-GO system.
Todd Previte [Sat, 4 Feb 2012 11:08:12 +0000 (13:08 +0200)]
P2P: Fix DBus crash and return additional P2P group properties
When using DBus to get group properties, a segmentation fault is
generated on P2P clients due to a NULL pointer for the ap_iface struct.
The current implementation only returns vendor extensions when called on
a P2P group owner.
The code now checks the P2P role which allows for role-specific
information to be provided. This also fixes the crash issue by only
looking for the correct structures based on the current P2P role.
Jouni Malinen [Sat, 4 Feb 2012 10:32:35 +0000 (12:32 +0200)]
Use PMKSA cache entries with only a single network context
When looking for PMKSA cache entries to use with a new association, only
accept entries created with the same network block that was used to
create the cache entry.
Jouni Malinen [Sat, 4 Feb 2012 10:28:16 +0000 (12:28 +0200)]
Delay scan request on select_network if disconnecting
The disconnection command results in disassociation and deauthentication
events which were previously processed during the scan in case of
select_network command being used while associated with another network.
While this works in most cases, it can result in confusing event
messages in ctrl_iface and debug log. Avoid this by using a short delay
between the disconnection and scan request to allow the disconnection
events to be processed prior to starting the new scan.
Jouni Malinen [Sat, 4 Feb 2012 10:21:42 +0000 (12:21 +0200)]
Clear EAPOL authenticator authFail for PMKSA caching/FT
This fixes a corner case where a STA that has PMKSA cache entry (or
valid FT keys) could try to use full EAPOL/EAP authentication and fail.
If the STA will then try to use the still valid PMKSA cache entry (or
FT) before the STA entry has been cleared, authFail could have been left
to TRUE. That will make EAPOL authenticator PAE state machine enter HELD
state even though authSuccess was already forced to TRUE. This results
in the STA getting disconnected even though it should be allowed to
continue with 4-way handshake. While this is unlikely to happen in
practice, it is better to get this fixed by clearing authFail when
setting authSuccess.
Jouni Malinen [Sat, 4 Feb 2012 10:18:56 +0000 (12:18 +0200)]
Ignore TX status for Data frames from not associated STA
The TX status event may be received after a stations has been
disassociated in cases where the disassociation is following a
transmission of a Data frame. Ignore such events if the STA is not
associated at the moment the event is being processed. This avoids
confusing debug entries and rescheduling of the EAPOL TX timeouts for
STAs that are still in the STA table, but are not really in active EAPOL
session.
Jouni Malinen [Mon, 30 Jan 2012 15:31:06 +0000 (17:31 +0200)]
WPS: Disable AP PIN after 10 consecutive failures
While the exponential increase in the lockout period provides an
efficient mitigation mechanism against brute force attacks, this
additional trigger to enter indefinite lockout period (cleared by
restarting hostapd) will limit attacks even further by giving maximum of
10 attempts (without authorized user action) even in a very long term
attack.
Ben Greear [Sun, 29 Jan 2012 19:01:31 +0000 (21:01 +0200)]
Support HT capability overrides
This allows HT capabilities overrides on kernels that
support these features.
MCS Rates can be disabled to force to slower speeds when using HT.
Rates cannot be forced higher.
HT can be disabled, forcing an 802.11a/b/g/n station to act like
an 802.11a/b/g station.
HT40 can be disabled.
MAX A-MSDU can be disabled.
A-MPDU Factor and A-MPDU Density can be modified.
Please note that these are suggestions to the kernel. Only mac80211
drivers will work at all. The A-MPDU Factor can only be decreased and
the A-MPDU Density can only be increased currently.
Signed-hostap: Ben Greear <greearb@candelatech.com>
Jouni Malinen [Sun, 29 Jan 2012 18:23:07 +0000 (20:23 +0200)]
Remove duplicated TERMINATING event
Now that CTRL-EVENT-TERMINATING even is sent at the end of interface
removal in case wpa_supplicant process is going to terminate, there
is no need for this duplicated event in the signal handler.
Dmitry Shmidt [Sun, 29 Jan 2012 18:21:07 +0000 (20:21 +0200)]
Move ctrl_iface deinit into the end of interface deinit
This allows TERMINATING ctrl_iface event to be sent at the end of the
deinit sequence to avoid race conditions with new operations that this
event may trigger while wpa_supplicant would still be running through
the deinitialization path.
Dmitry Shmidt [Sun, 29 Jan 2012 18:18:48 +0000 (20:18 +0200)]
Deinit driver before notifying interface has been removed
This avoids issues with some external program starting to use the
interface based on the interface removal event before wpa_supplicant
has completed deinitialization of the driver interface.
wpa_auth: Fix race in rejecting 4-way handshake for entropy
When there is not enough entropy and there are two station associating
at the same time, one of the stations will be rejected, but during
that rejection, the "reject_4way_hs_for_entropy" flag gets cleared. This
may allow the second station to avoid rejection and complete a 4-Way
Handshake with a GTK that will be cleared as soon as more entropy is
available and another station connects.
This reworks the logic to ban all 4-way handshakes until enough entropy
is available.
Signed-hostap: Nicolas Cavallari <cavallar@lri.fr>
projects / thirdparty / hostap.git / log
