autoscan: Fix potential freeing of uninitialized pointer
Commit 7c865c68536825d91e64e1545a1f6ed51526ebff introduced a code
path that can skip extra_ie initialization in wpa_supplicant_scan().
This could result in semi-random crashes when using the autoscan
mechanism. Fix this by initializing extra_ie to NULL.
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Gunter Burchardt, tmisu@gmx.de,
Mon, 02 Jul 2012 17:54:28 +0200).
Update license notification in signalbar implementation
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Kel Modderman <kel@otaku42.de>,
Mon, 2 Jul 2012 20:02:37 +1000).
Update license notification in roboswitch interface file
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Jouke Witteveen
<j.witteveen@gmail.com>, Mon, 2 Jul 2012 11:38:34 +0200).
Update license notification in D-Bus interface files
This updates these files to use the license notification that uses only
the BSD license. The changes were acknowledged by email (Dan Williams
<dcbw@redhat.com>, Sun, 01 Jul 2012 15:53:36 -0500).
Jouni Malinen [Sat, 30 Jun 2012 18:27:32 +0000 (21:27 +0300)]
Move p2p_connect PIN format validation into a separate function
This functionality could be shared for other commands, too, so move
it to a common function. In addition, implement the validation in a
bit more strict way to avoid accepting values like '-123' as a valid
PIN.
Masashi Honma [Sat, 30 Jun 2012 18:19:12 +0000 (21:19 +0300)]
P2P: Add error message for invalid PIN
Reject invalid PIN value in p2p_connect command. Before this, typos
like "pbd" as the third parameter could have resulted in OK return
value since this parameter was interpreted as the PIN.
Jouni Malinen [Sat, 30 Jun 2012 17:30:40 +0000 (20:30 +0300)]
Do not share special scan results with virtual interfaces
When a special scan_res_handler is used the scan parameters may not have
been suitable for other purposes (e.g., during a p2p_find operation). As
such, do not indicate such scan results to other virtual interfaces
using the same radio.
Johannes Berg [Sat, 30 Jun 2012 17:18:07 +0000 (20:18 +0300)]
P2P: Remove GO neg/invite special cases from search
There are separate states for these, so we can't really get into this
situation unless somebody tries to do multiple things at the same
time. p2p_connect stops find and CONNECT state is used to probe the peer
on its Listen channel with GO Negotiation Request frames. Similarly,
p2p_invite() stops find and INVITE state is used to probe the peer on
its Listen channel with Invitation Request frames. The older mechanism
of using Search state functionality to find the peer can be removed.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sat, 30 Jun 2012 16:36:04 +0000 (19:36 +0300)]
Update license notification in files initially contributed by Sam
This updates these files to use the license notification that uses only
the BSD license. The changes were acknowledged by email (Sam Leffler
<sam@errno.com>, Sat, 30 Jun 2012 07:57:53 -0700).
Gary Morain [Sat, 30 Jun 2012 13:43:50 +0000 (16:43 +0300)]
Export disconnect reason code to dbus
In the properties changed signal, added a new property
"DisconnectReason", which carries the IEEE 802.11 reason code of the
most recent disassociation or deauthentication event. The reason code is
negative if it is locally generated. The property is sent to the DBUS
immediately so as to prevent it from being coalesced with other
disconnect events.
Jouni Malinen [Sat, 30 Jun 2012 13:16:32 +0000 (16:16 +0300)]
EAP-pwd: Avoid double-frees on some error paths
At least some error paths (e.g., hitting the limit on hunt-and-peck
iterations) could have resulted in double-freeing of some memory
allocations. Avoid this by setting the pointers to NULL after they have
been freed instead of trying to free the data structure in a location
where some external references cannot be cleared. [Bug 453]
Jouni Malinen [Sat, 30 Jun 2012 13:12:41 +0000 (16:12 +0300)]
EAP-pwd: Increase maximum number of hunting-and-pecking iterations
The previously used limit (10) is too small for practical purposes since
it can result in about 1 out of 1000 authentication attempts failing.
Increase the limit to 30 to avoid such issues. [Bug 453]
Michael Naumov [Sat, 30 Jun 2012 10:11:26 +0000 (13:11 +0300)]
P2P: Add dbus python scripts to perform p2p_find and p2p_connect
Two DBUS scripts using python glib are added to perform p2p_find and
p2p_connect operations respectively. p2p_connect script just performs
the traditional connect to create a new p2p group. Additional updates
will be required to perform join, auth etc. al.
Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Jouni Malinen [Thu, 28 Jun 2012 17:42:50 +0000 (20:42 +0300)]
WPS: Add a standalone tool for building NFC password tokens
nfc_pw_token can be used to build random NFC password token for WPS.
This tool prints out the wpa_supplicant.conf (or hostapd.conf)
parameters and the hexdump of the WPS password token (with and without
NDEF encapsulation) so that it can be written to a NFC tag with an
external program.
Jouni Malinen [Thu, 28 Jun 2012 16:43:29 +0000 (19:43 +0300)]
WPS: Add support for NCF password token from AP
The new hostapd ctrl_iface command WPS_NFC_TOKEN can now be used to
manage AP-as-Enrollee operations with NFC password token. WPS/NDEF
parameters to this command can be used to generate a new NFC password
token. enable/disable parameters can be used to enable/disable use of
NFC password token (instead of AP PIN) for external Registrars.
A preconfigured NFS password token can be used by providing its
parameters with new hostapd.conf fields wps_nfc_dev_pw_id,
wps_nfc_dh_pubkey, wps_nfc_dh_privkey, and wps_nfc_dev_pw. This use
will also depend on WPS_NFC_TOKEN enable/disable commands, i.e., the
configured NFS password token is disabled by default.
Jouni Malinen [Thu, 28 Jun 2012 13:35:51 +0000 (16:35 +0300)]
WPS ER: Add support for building NFC configuration token
WPS_ER_NFC_CONFIG_TOKEN command can now be used to build a NFC
configuration token based on AP Settings learnt with WPS_ER_LEARN
or set with WPS_ER_CONFIG.
Jouni Malinen [Thu, 28 Jun 2012 10:59:29 +0000 (13:59 +0300)]
WPS: Add support for NFC configuration token from external program
The new wpa_supplicant ctrl_iface command WPS_NFC_TAG_READ can now be
used to process NFC tags read by external programs to initiate
wpa_supplicant to use NFC Configuration Token to create a new network.
Jouni Malinen [Thu, 28 Jun 2012 10:25:48 +0000 (13:25 +0300)]
WPS: Add new mechanism for generation NFC configuration token
The new hostapd ctrl_iface command WPS_NFC_CONFIG_TOKEN can now be used
to fetch payload for an NFC configuration token so that an external
program can be used to write this on an NFC tag.
Jouni Malinen [Wed, 27 Jun 2012 19:15:55 +0000 (22:15 +0300)]
WPS: Use separate list of NFC Password Tokens in the Registrar
This adds a cleaner mechanism for handling NFC Password Tokens in the
WPS Registrar. There could be more than one active NFC Password Token in
use and as such, a list of tokens needs to be maintained. The old
WPS_OOB interface is still using the old mechanism that supports only a
single active NFC Password Token.
Jouni Malinen [Wed, 27 Jun 2012 17:54:56 +0000 (20:54 +0300)]
WPS: Add new mechanism for communicating NFC tag read events
hostapd ctrl_iface can now be used to deliver payload from read
operation of an NFC tag. This allows operations without having to have
low-level NFC code within hostapd. For now, the new wps_nfc_tag_read
command can be used with NFC password tokens for the case where the AP
has an NFC device that is used to read an NFC tag from the station
Enrollee.
Jouni Malinen [Wed, 27 Jun 2012 15:56:41 +0000 (18:56 +0300)]
WPS: Add new mechanism for NFC config method using password token
Instead of requiring low-level access to an NFC device and synchronous
operations, the new WPS_NFC_TOKEN and WPS_NFC ctrl_iface commands can be
used to build a NFC password token and initiate WPS protocol run using
that token (or pre-configured values) as separate commands. The
WPS_NFC_TOKEN output can be written to a NFC tag using an external
program, i.e., wpa_supplicant does not need to have low-level code for
NFC operations for this.
Jouni Malinen [Wed, 27 Jun 2012 18:15:29 +0000 (21:15 +0300)]
WPS: Fix OOB Device Password use for EAP-WSC peer
The OOB Device Password is passed in as a hexdump of the real Device
Password (16..32 octets of arbitrary binary data). The hexdump needs to
be converted to binary form before passing it for WPS processing.
Jouni Malinen [Wed, 27 Jun 2012 15:28:13 +0000 (18:28 +0300)]
WPS: Add support for OOB dev password lengths 16..31
Previously, only the maximum length 32 octets for OOB device password
was accepted. Since the specification allows a shorter password to be
used with limited OOB mechanism (e.g., small NFC tag), we should accept
lengths 16..32.
Jouni Malinen [Wed, 27 Jun 2012 15:19:29 +0000 (18:19 +0300)]
WPS: Fix NFC password token building with WPS 2.0
The earlier WPS 2.0 changes did not increase the wpabuf size when
adding a new attribute to the NFC password token. This could result
in aborting the application on wpabuf overflow if NFC out-of-band
mechanism is used with WPS 2.0 enabled.
Jouni Malinen [Tue, 26 Jun 2012 16:57:03 +0000 (19:57 +0300)]
Cancel pending scan request on DISCONNECT command
Previously, a pending scan request could be left running when processing
DISCONNECT command from control interface. This can result in unexpected
scan, so cancel the request to avoid this.
Jouni Malinen [Tue, 26 Jun 2012 16:52:46 +0000 (19:52 +0300)]
Start autoscan for first connection attempt
Use wpa_supplicant_set_state() to initialize state to DISCONNECT so that
autoscan gets initialized properly. This needs a change in
autoscan_init() to avoid extra scan request that would postpone the
first scan request when an interface is added.
Tomasz Bursztyka [Tue, 26 Jun 2012 15:55:41 +0000 (18:55 +0300)]
Add automatic scanning support
Like bgscan, autoscan is an optional module based feature to automate
scanning but while disconnected or inactive.
Instead of requesting directly a scan, it only sets the scan_interval
and the sched_scan_interval. So, if the driver supports sched_scan,
autoscan will be able to tweak its interval. Otherwise, the tweaked
scan_interval will be used. If scan parameters needs to be tweaked, an
autoscan_params pointer in wpa_s will provide those. So req_scan /
req_sched_scan will not set the scan parameters as they usually do, but
instead will use this pointer.
Modules will not have to request a scan directly, like bgscan does.
Instead, it will need to return the interval it wants after each
notification.
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Jouni Malinen [Mon, 25 Jun 2012 11:23:25 +0000 (14:23 +0300)]
Set state to DISCONNECTED on auth/assoc failures
Some of the authentication/association failure paths left wpa_state to
its previous value. This can result in unexpected behavior when
wpa_supplicant tries to find an AP to connect to since the uncleared
state can result the in the selected BSS being ignored if it is same as
the previously used BSS. This could happen, e.g., when wpa_supplicant
SME was used and the AP rejected authentication. Fix this by explicitly
setting state to DISCONNECTED on auth/assoc failures that did not yet do
this.
Jouni Malinen [Mon, 25 Jun 2012 10:53:24 +0000 (13:53 +0300)]
Remove STA entry from AP when starting TKIP countermeasures
Previously, the STA entry was removed only from the driver and the STA
entry within hostapd was just marked disassociated. However, this left
the WPA authenticator state machine with an entry and the session was
not terminated properly. In addition, the STA entry could have remaining
indefinitely if the STA did not reconnect after TKIP countermeasures.
Fix this by removing the STA entry from hostapd instead of just leaving
it disassociated.
Yoni Divinsky [Mon, 25 Jun 2012 09:20:37 +0000 (12:20 +0300)]
hostapd: Fix PBC config method of WSC IE in Beacon/Probe Response
In AP which supports WPSv2 with only virtual push button, when PBC is
called, the WSC IE should include Selected Registrar Configuration
Methods attribute with the bit of the physical push button not set.
Ben Greear [Sun, 24 Jun 2012 10:19:34 +0000 (13:19 +0300)]
eloop/poll: Handle POLLER | POLLHUP in read logic
Without this, we can get into a tight loop because the
code in general doesn't add eloop exception handlers,
so socket reporting the POLLERR would never be read.
With this change, any socket with POLLERR or POLLHUP
asserted will be handled by the read logic.
Signed-hostap: Ben Greear <greearb@candelatech.com>
P2P: Fix fallback to GO Negotiation to avoid PD-before-join timeout
The wpas_p2p_pd_before_join_timeout could be left behind if the PD
Request in p2p_connect-auto case does not succeed. This timeout can
result in unexpected operations since it could trigger join operation
while going through GO Negotiation. Fix this by canceling the timeout
when falling back to GO Negotiation.
Jouni Malinen [Sun, 17 Jun 2012 16:51:57 +0000 (19:51 +0300)]
Copy Chargeable-User-Identity in PMKSA caching case
Maintain a copy of Chargeable-User-Identity in the PMKSA cache to allow
it to be included in accounting messages even if full authentication was
not completed.
Jouni Malinen [Sun, 17 Jun 2012 16:30:01 +0000 (19:30 +0300)]
RADIUS DAS: Add support for Disconnect-Request
Calling-Station-Id, Acct-Session-Id, and User-Name attributes in a
Disconnect-Request message can now be used to indicate which station is
to be disconnected.
Jouni Malinen [Sun, 17 Jun 2012 14:43:36 +0000 (17:43 +0300)]
RADIUS DAS: Validate Event-Timestamp
DAS will now validate Event-Timestamp value to be within an acceptable
time window (300 seconds by default; can be set using
radius_das_time_window parameter). In addition, Event-Timestamp can be
required in Disconnect-Request and CoA-Request messages with
radius_das_require_event_timestamp=1.
Masashi Honma [Sun, 17 Jun 2012 08:58:46 +0000 (11:58 +0300)]
P2P: Add p2p_client_list support for FullMAC Persistent GO
Currently, FullMAC Persistent GO can't use p2p_client_list because its
own hapd->p2p_group is NULL at ap_sta_set_authorized(). This patch
changes the processing to use sta->p2p_ie instead of
p2p_group_get_dev_addr() on FullMAC GO.
Jouni Malinen [Sat, 16 Jun 2012 17:17:39 +0000 (20:17 +0300)]
P2P: Fix P2P Client Discoverability bit updates
The P2P Client Discoverability bit is reserved in most frames and its
value in the local P2P peer table should only be updated based on P2P
Group Info attribute from a GO. Fix this by avoiding changes to this
dev_capab bit based on other P2P frames. It would be more correct to
track this separately for each group in which the peer is a member, but
since we do not do that for the other group specific information either,
this can do for now.
It should be noted that prior to commit 18485b5469c5eeea6a552264fbfaabb089a0a557 wpa_supplicant set this bit in
all P2P frames. However, that commit changed this to match the
specification, i.e., the bit is not set in frames which are received
from P2P Device role. As such, this fix is needed to be able to figure
out that a peer supports client discoverability capability after that
commit.
Masashi Honma [Sat, 16 Jun 2012 16:54:47 +0000 (19:54 +0300)]
P2P: Fix setting of P2P Client Discoverability bit
In the P2P specification v1.1, the P2P Client Discoverability bit is
described in Table 12 "Device Capability Bitmap definition". The table
says "Within a P2P Group Info attribute and a (Re)association request
frame the P2P Client Discoverability field shall be set to 1 when the
P2P Device supports P2P Client Discoverability, and is set to 0
otherwise. This field shall be reserved and set to 0 in all other frames
or uses.". To match with this, filter out P2P Client Discoverability bit
from frames where its use is reserved.
Jouni Malinen [Fri, 15 Jun 2012 15:49:54 +0000 (18:49 +0300)]
EAP-SIM/AKA server: Allow pseudonym to be used after unknown reauth id
If the peer uses an unknown reauth id, it would still be possible to use
pseudonym instead of permanent id. Allow this by changing the
AT_PERMANENT_ID_REQ to AT_FULLAUTH_ID_REQ in case unknown reauth id is
used in EAP-Response/Identity.
Jouni Malinen [Sun, 10 Jun 2012 16:51:36 +0000 (19:51 +0300)]
P2P: Do not use reassociation after getting disassociated
This avoids issues with some APs rejecting a reassociation if the
station is not currently associated as reported by Yossi Wortzel.
The change is based on a patch from Arik Nemtsov.
Jouni Malinen [Sat, 9 Jun 2012 15:31:24 +0000 (18:31 +0300)]
P2P: Ignore unexpected GO Neg Resp is we have sent Resp
There is a race condition in GO Negotiation Request frame sending and
processing that may end up with both devices sending GO Negotiation
Response. This response frame was previously accepted even if a response
had already been sent. This could result in two GO Negotiation Confirm
frames being exchanged and consequently, with two separate GO
Negotiations completing concurrently. These negotiations could result in
getting mismatching parameters (e.g., both device could believe it was
the GO).
Fix this by ignoring GO Negotiation Response from the peer if twe have
already sent a GO Negotiation Response frame and we have the higher P2P
Device Address. This is similar to the rule used to determine whether to
reply to GO Negotiation Request frame when Request was already sent,
i.e., the same direction of GO Negotiation is maintained here to enforce
that only the negotiation initiated by the device with smaller P2P
Device Address is completed.
P2P: Address race condition with GO Negotiation Request TX status
If both peers initiate GO Negotiation at about the same time, it is
possible for the GO Negotiation Request frame from the peer to be
received between the local attempt to send the GO Negotiation Request
and TX status event for that. This could result in both devices sending
GO Negotiation Response frames even though one of them should have
skipped this based which device uses a higher MAC address.
Resolve this race by incrementing go_neg_req_sent when p2p_send_action()
returns success instead of doing this from the TX status callback. If
the frame is not acknowledged, go_neg_req_sent is cleared in TX status
handler.
Jouni Malinen [Fri, 8 Jun 2012 15:24:08 +0000 (18:24 +0300)]
P2P: Assume GO Negotiation failed if GO Neg Conf wait times out
Stop the connection attempt if GO Negotiation Confirm is not received
within 100 ms of the GO Negotiation Response getting acknowledged.
Previously, we would have continued trying to connect to the peer even
in this case which could result in confusing second GO Negotiation
Request frame and unnecessarily long wait before indicating failure.
Jouni Malinen [Fri, 8 Jun 2012 15:22:03 +0000 (18:22 +0300)]
P2P: Fix group formation timeout on GO during WPS step
Commit 361cdf34009c7407ddf22dee6f5e6ce82e81bcae changed the way the
group formation timeout is used on P2P client. However, it resulted in
clearing the timeout on the GO when the GO started beaconing. This is
not correct since the timeout is supposed to be maintained until at
least the completion of the WPS provisioning step. Fix this regression
by clearing the timeout here only in the case we are not GO in group
formation phase.
projects / thirdparty / hostap.git / log
