Jouni Malinen [Sun, 13 Dec 2009 16:54:11 +0000 (18:54 +0200)]
Add BSS ctx to if_add() driver op
This remove the need from driver_test.c to go through internal hostapd
structures to find the appropriate BSS when reporting events on secondary
BSSes.
Jouni Malinen [Sun, 13 Dec 2009 09:41:46 +0000 (11:41 +0200)]
Merge hostapd/sta_flags.h into sta_info.h
The separate header file is not needed since none of the driver wrappers
include it anymore. Move the WLAN_STA_* definitions back to be together
with struct sta_info definition.
Jouni Malinen [Sun, 13 Dec 2009 09:35:39 +0000 (11:35 +0200)]
Map STA flags into values defined in driver.h
This removes need for including hostapd/sta_flags.h into driver
wrappers and removes any remaining dependencies between driver flags
and internal hostapd flags.
Jouni Malinen [Sun, 13 Dec 2009 09:14:21 +0000 (11:14 +0200)]
Remove unneeded hostapd_wmm_sta_config()
The WMM STA flag is already taken care of by handle_assoc_cb() and there
is no point trying to do this unless hostapd is taking care MLME
processing, so no need to call this from drv_callbacks.c.
Jouni Malinen [Sat, 12 Dec 2009 18:52:12 +0000 (20:52 +0200)]
Remove obsolete Prism54.org driver support (driver_prism54.c)
The Prism54.org project seems have been dead for a while and it does not
look like this driver would ever be maintained again. Furthermore, it is
difficult to find a version that would work with the driver_prism54.c
wrapper and there is another driver for these card in the Linux kernel
tree.
The hostapd integration in driver_prism54.c is quite different from the
other driver wrappers and would require major effort to get it cleaned
up. Since there does not seem to be any real users for the cleaned up
version, there does not seem to be justification to spend this effort on
the wrapper. This old code is making it much more difficult to clean up
the driver interface and at this point, the best option seems to be to
remove the driver wrappers. Should someone really still need this, the
old code will continue to be available in hostapd 0.6.x.
Jouni Malinen [Sat, 12 Dec 2009 14:54:59 +0000 (16:54 +0200)]
WPS: Handle Selected Registrar as a union of info from all Registrars
Instead of using the latest selected registrar change, collect selected
registrar information separately from all registrars and use the union
of this information when building the WPS IE for Beacon and Probe
Response frames.
Note: SetSelectedRegistrar UPnP action does not include a unique
identifier, so the ER matching routine is based only on the IP address
of the ER. In theory, there could be multiple ERs using the same IP
address (but different port or URL), so there may be some corner cases
that would not always match the correct ER entry at the AP. Anyway, this
is not really expected to occur in normal use cases and even if it did
happen, the selected registrar information is not any worse than it was
before when only the last change from any registrar for being
advertized.
Jouni Malinen [Sat, 12 Dec 2009 14:48:50 +0000 (16:48 +0200)]
WPS: Move POST URL validation into web_connection_parse_post()
This is more logical location for checking the URL and potentially
handling a call to another URL handler. In addition, return 404 error,
not invalid UPnP action, if the URL does not match.
Jouni Malinen [Sat, 12 Dec 2009 14:47:39 +0000 (16:47 +0200)]
WPS: Remove unnecessary GetDevice and PutMessage callbacks
These callbacks can be handled internally within core WPS code, so there
is no need to go through wps_hostapd.c with a callback function that is
just calling back into the core WPS code.
This can be handled internally within core WPS code, so there is no
need to go through wps_hostapd.c with a callback function that is just
calling back into the core WPS code.
Jouni Malinen [Thu, 10 Dec 2009 22:15:54 +0000 (00:15 +0200)]
Merge get_seqnum_igtk() driver op with get_seqnum()
IEEE 802.11w uses distinct key indexes (4 and 5) so the same
get_seqnum() handler can be used to fetch packet number for both
TKIP/CCMP and BIP(using IGTK).
Since the new get_seqnum_igtk() handler was not actually implemented by
any driver wrapper, this may also fix BIP/IGTK sequence number reporting
with driver_nl80211.c.
Masashi Honma [Wed, 9 Dec 2009 21:42:54 +0000 (23:42 +0200)]
EAP-TTLS/PAP: User-Password obfuscation for zero length password
The password in User-Password AVP is padded to a multiple of 16 bytes
on EAP-TTLS/PAP. But when the password length is zero, no padding is
added. It doesn't cause connectivity issue. In fact, I could connect
with hostapd RADIUS server with zero length password.
I think it's better for obfuscation to pad the 16 bytes data when the
password length is zero with this patch.
There was code for configuring this, but no driver wrapper actually
implements the actual setting. Remove this for now to reduce potential
confusion and to simply the driver interface.
Jouni Malinen [Wed, 9 Dec 2009 19:57:50 +0000 (21:57 +0200)]
Remove struct hostapd_rate_data from driver API
In addition to the bitrate, the only other variable in this structure
is used internally in hostapd. Move this structure into hostapd.h and
make the driver API use simpler data structure (array of bitrates).
Jouni Malinen [Wed, 9 Dec 2009 19:38:14 +0000 (21:38 +0200)]
Remove unused rate flags from driver use
These are not really used and can be removed to clean up the driver
interface definition. The only remaining flag (HOSTAPD_RATE_BASIC) can
be removed once the basic rate set indication can be handled
differently.
Jouni Malinen [Wed, 9 Dec 2009 14:49:28 +0000 (16:49 +0200)]
Merge bss_add/bss_remove drivers ops into if_add/if_remove
if_add/if_remove can now be used as the generic driver ops for adding
and removing virtual interfaces of various types. In addition,
driver_nl80211.c is now including this code unconditionally, so that
the functions are not limited only for hostapd.
Masashi Honma [Mon, 7 Dec 2009 19:35:35 +0000 (21:35 +0200)]
Fix driver_bsd.c build
On NetBSD 5.0.1, driver_bsd.c build fails with message below.
../src/drivers/driver_bsd.c: In function 'wpa_driver_bsd_associate':
../src/drivers/driver_bsd.c:1170: warning: implicit declaration of function 'wpa_driver_bsd_set_auth_alg'
../src/drivers/driver_bsd.c: At top level:
../src/drivers/driver_bsd.c:1204: error: static declaration of 'wpa_driver_bsd_set_auth_alg' follows non-static declaration
../src/drivers/driver_bsd.c:1170: error: previous implicit declaration of 'wpa_driver_bsd_set_auth_alg' was here
gmake: *** [../src/drivers/driver_bsd.o] Error 1
Jouni Malinen [Sun, 6 Dec 2009 15:18:28 +0000 (17:18 +0200)]
Resolve circular library references with --start-group
src/crypto/libcrypto.a and src/tls/libtls.a have circular references
and will need special handling with the linker at least for the time
being. This could be cleaned up eventually, but for now, provide a
mechanism to get the programs linked.
Jouni Malinen [Sun, 6 Dec 2009 14:45:36 +0000 (16:45 +0200)]
Move asn1_test.c into tests subdirectory and split it in two
The new test-asn1 and test-x509 tools are built using libraries
from src/{utils,crypto,tls}. Currently, cross dependencies between
crypto and tls are still preventing the test-x509 from being linked
properly.
Jouni Malinen [Sun, 6 Dec 2009 14:33:19 +0000 (16:33 +0200)]
Move hlr_auc_gw into hostapd directory
This is a separate program and is used mainly with hostapd, so it is
better to move this into the hostapd subdirectory now that Milenage
code has already been moved into src/crypto. Milenage was the only
generic component in hlr_auc_gw.
Jouni Malinen [Sun, 6 Dec 2009 14:27:54 +0000 (16:27 +0200)]
Add rules for building src/tls/libtls.a and use it with eap_example
eap_example is now using src/crypto/libcrypto.a and src/tls/libtls.a
instead of providing own rules for building the files for these
components. TLS library selection is temporarily disabled for
eap_example (it will be built using internal crypto/TLS), but the
configuration option for this will eventually be restored with a new
libcrypto.a configuration option.
Jouni Malinen [Sun, 6 Dec 2009 14:20:32 +0000 (16:20 +0200)]
Include functionality to support EAP-FAST unconditionally
Clean up the internal TLS implementation by removing conditional
build blocks for (mostly) EAP-FAST specific functionality. This
will increase the size a big for non-EAP-FAST builds, but is quite
helpful in making src/tls/libtls.a with single build options. If
the potential size reduction is considered significant in the future,
this can be reconsider with a more library compatible way (e.g.,
external file with registration function, etc.).
Jouni Malinen [Sun, 6 Dec 2009 11:49:31 +0000 (13:49 +0200)]
Use thin archives to allow libraries to be merged
This allows libeap.a and libeap.so to be built by merging in multiple
libraries from src subdirectories. In addition, this avoids wasting
extra space and time for local builds.
Jouni Malinen [Sun, 6 Dec 2009 10:02:28 +0000 (12:02 +0200)]
Increase EAP server extra room for encryption overhead (for GnuTLS)
This fixes issues with some GnuTLS versions that seem to be adding
quite a bit of extra data into TLS messages. The EAP server code is
now using the same 300 byte extra room that was already used in the
EAP peer implementation.
Jouni Malinen [Sat, 5 Dec 2009 20:51:08 +0000 (22:51 +0200)]
Remove unnecessary defines
The following defines are not really needed in most places, so
remove them to clean up source code and build scripts:
EAP_TLS_FUNCS
EAP_TLS_OPENSSL
EAP_TLS_GNUTLS
CONFIG_TLS_INTERNAL
Jouni Malinen [Fri, 4 Dec 2009 20:09:06 +0000 (22:09 +0200)]
IBSS RSN: Wait for connection event and do not use auth timeout
Wait for connection (IBSS join completed) event before marking state
completed. In addition, do not use the station mode authentication
timeout since that can trigger full disconnection from IBSS when
there is a timeout with just one of the peers.
Witold Sowa [Thu, 3 Dec 2009 19:17:49 +0000 (21:17 +0200)]
dbus: switch dbus APIs initialization order
Initialize the new DBus API before the old one, so new applications
which can use both, the old and the new API will be notified first
that new API is available.
Jouni Malinen [Wed, 2 Dec 2009 15:54:57 +0000 (17:54 +0200)]
nl80211: Clear BSS state mismatches with deauth as a workaround
There seem to be some cases in which wpa_supplicant and
cfg80211/mac80211 seem to have different understanding on
authentication/association state. Since cfg80211/mac80211 is very strict
on when it accepts new authentication/association/scan commands, try our
best at clearing such state mismatches by explicitly deauthenticating
from BSSes with which the driver claims we are associated with if we do
not have local information about such association.
Jouni Malinen [Wed, 2 Dec 2009 15:26:28 +0000 (17:26 +0200)]
SME: Deauthenticate to clear state after disassociation events
cfg80211/mac80211 can get into somewhat confused state if the AP only
disassociates us and leaves us in authenticated state. For now, force
the state to be cleared with deauthentication to avoid confusing errors
if we try to associate with the AP again. This gets rid of 30 second
delay (scan timeout) in cases where only a disassociation frame is
received from the AP.
Jouni Malinen [Wed, 2 Dec 2009 14:45:31 +0000 (16:45 +0200)]
nl80211: Add debug prints for BSS status in scan results
Print what the kernel believes the current BSS status (authenticated
or associated) is in scan results. In addition, check whether this
matches with the state that wpa_supplicant believes the driver to be
in.
This does not change the actual behavior, but will provide information
that will help in debugging potential issues where cfg80211/mac80211
seems to get into a different state from wpa_supplicant. In addition,
this provides an easy location for a workaround that could be added to
clear cfg80211/mac80211 state for unknown BSSes.
Jouni Malinen [Wed, 2 Dec 2009 14:43:09 +0000 (16:43 +0200)]
Fix driver initialization not to crash if driver does not use init2()
8a5ab9f5e56cd2f5781c2d92f41495e60d544780 fixed global driver context
for init2(), but it also broke driver initialization with driver
wrappers that do not use init2().. Fix this by setting wpa_s->global
before it gets dereferenced.
Jouni Malinen [Sun, 29 Nov 2009 21:16:04 +0000 (23:16 +0200)]
Move internal EAPOL authenticator defines into their own file
This is an initial step in further cleaning up the EAPOL authenticator
use to avoid requiring direct accesses to the internal data structures.
For now, number of external files are still including the internal
definitions from eapol_auth_sm_i.h, but eventually, these direct
references should be removed.
Jouni Malinen [Sun, 29 Nov 2009 21:04:43 +0000 (23:04 +0200)]
Remove src/crypto from default include path
In addition, start ordering header file includes to be in more
consistent order: system header files, src/utils, src/*, same
directory as the *.c file.