Rashmi Ramanna [Fri, 21 Mar 2014 12:56:02 +0000 (18:26 +0530)]
P2P: Optimize scan for GO during persistent group invocation
Scan for GO on the negotiated operating channel for few iterations
before searching on all the supported channels during persistent group
reinvocation. In addition, use the already known SSID of the group in
the scans. These optimizations reduce group formation time.
Jouni Malinen [Tue, 25 Mar 2014 11:43:56 +0000 (13:43 +0200)]
tests: P2P persistent group re-invocation with empty BSS table
This verifies P2P Client scanning behavior during group re-invocation in
a case where old scan results are not available to allow the scan to be
skipped completely.
Jouni Malinen [Tue, 25 Mar 2014 13:08:07 +0000 (15:08 +0200)]
tests: Optimize scanning in wpa_supplicant-as-AP test case
Wait for the AP to be ready before initiating the scan to avoid
unnecessary five second extra wait. In addition, disconnect the station
to avoid possibility of starting a new scan at the end of the test case.
These remove unnecessary wait time from the test cases.
Jouni Malinen [Mon, 24 Mar 2014 20:38:35 +0000 (22:38 +0200)]
ACS: Fix number of error path issues
Especially when multiple BSSes are used with ACS, number of the error
paths were not cleaning up driver initialization properly. This could
result in using freed memory and crashing the process if ACS failed.
Jouni Malinen [Sun, 23 Mar 2014 23:35:58 +0000 (01:35 +0200)]
tests: Add scripts to allow parallel execution of tests in VMs
"parallel-vm.sh <number of VMs> [arguments..]" can now be used to run
multiple VMs in parallel to speed up full test cycle significantly. In
addition, the "--split srv/total" argument used in this design would
also make it possible to split this to multiple servers to speed up
testing.
Jouni Malinen [Sun, 23 Mar 2014 21:54:50 +0000 (23:54 +0200)]
SME: Fix OBSS scan result processing for 20/40 MHz co-ex report
The 40 MHz intolerant bit needs to be checked before skipping the BSS
based on the channel already being in the lost (which could have
happened due to another BSS that does not indicate 40 MHz intolerant).
This fixed the 20/40 MHz co-ex report to indicate 20 MHz request
properly if there are both 40 MHz tolerant and intolerant BSSes on the
same channel.
Jouni Malinen [Sun, 23 Mar 2014 21:50:37 +0000 (23:50 +0200)]
Allow hostapd to advertise 40 MHz intolerant HT capability
ht_capab=[40-INTOLERANT] can now be used to advertise that the BSS is 40
MHz intolerant to prevent other 20/40 MHz co-ex compliant APs from using
40 MHz channel bandwidth.
Jouni Malinen [Sun, 23 Mar 2014 16:13:03 +0000 (18:13 +0200)]
FT: Add support for postponing FT response
If the PMK-R1 needs to be pulled for the R0KH, the previous
implementation ended up rejecting the over-the-air authentication and
over-the-DS action frame unnecessarily while waiting for the RRB
response. Improve this by postponing the Authentication/Action frame
response until the pull response is received.
Jouni Malinen [Sun, 23 Mar 2014 09:59:43 +0000 (11:59 +0200)]
tests: Allow test cases to receive additional parameters
The optional third argument to the test case functions can now be used
to receive additional parameters from run-tests.py. As the initial
parameter, logdir value is provided so that test cases can use it to
review the debug logs from the test run.
Jouni Malinen [Sat, 22 Mar 2014 21:31:39 +0000 (23:31 +0200)]
WPS: Comment out unused AP WEP config write with WPS 2.0
The main WPS code rejects WEP parameters, so this code is not used and
can be commented out from WPS 2.0 builds. This is similar to the earlier
commit that commented out in-memory update.
Arif Hussain [Sat, 22 Mar 2014 19:50:55 +0000 (12:50 -0700)]
P2P: Update op_reg_class in random social channel case
Commit 94b84bc7253680a2b201d5c88d36ada91a3e20b4 missed one path where
p2p->op_reg_class should have been updated. Set this to 81 during
operating channel selection from 2.4 GHz.
Amar Singhal [Sat, 22 Mar 2014 19:31:15 +0000 (21:31 +0200)]
hostapd: Check driver DFS offload capability for channel disablement
If the driver supports full offloading of DFS operations, do not disable
a channel marked for radar detection. The driver will handle the needed
operations for such channels.
Arif Hussain [Fri, 21 Mar 2014 07:38:23 +0000 (00:38 -0700)]
P2P: Avoid unsafe pre-configured channel as channel preference
Do not select pre-configured channel as operating channel preference if
it is unavailable maybe due to interference or possible known
co-existence constraints, and try to select random available channel.
Pawel Kulakowski [Fri, 21 Mar 2014 07:18:00 +0000 (08:18 +0100)]
Don't overwrite channel on hostapd config reload
There was possibility that the current channel in Beacon information
element was incorrectly set. This problem was easily observed when
primary and secondary channel were switched and then some of hostapd
settings (for example password) were changed using WPS External
Registrar. This caused hostapd_reload_config() function overwrite the
current channel information from config file.
This patch prevents this situation and does not allow to overwrite
channel and some other settings when config is reloaded.
Eduardo Abinader [Thu, 20 Mar 2014 12:43:31 +0000 (08:43 -0400)]
P2P: Fix GO failed interface init
Whenever an ongoing GO Neg has failed, due to interface init, the P2P
Device should cancel timeouts and issue wpas_p2p_group_formation_failed,
so the other peer detects faster group formation has failed.
Jouni Malinen [Thu, 20 Mar 2014 15:01:37 +0000 (17:01 +0200)]
WPS: Clear WPS data on init failure
It was possible for hapd->wps_beacon_ie and hapd->wps_probe_resp_ie to
be set if WPS initialization in hostapd failed after having set these
parameters (e.g., during UPnP configuration). In addition, many of the
other WPS configuration parameters that were allocated during the first
part of the initialization were not properly freed on error paths.
Jouni Malinen [Thu, 20 Mar 2014 13:13:48 +0000 (15:13 +0200)]
WPS: Do not advertise WPA/WPA2-Enterprise Auth Type Flags
While the device itself may support WPA/WPA2-Enterprise, enrollment of
credentials for EAP authentication is not supported through WPS. As
such, there is no need to claim support for these capabilities within
WPS information.
Jouni Malinen [Tue, 18 Mar 2014 20:45:07 +0000 (22:45 +0200)]
nl80211: Do not indicate scan started event on scan_for_auth
The scan_for_auth workaround for cfg80211 missing a BSS entry for the
target BSS during authentication uses a single channel scan controlled
within driver_nl80211.c. This operation does not indicate
EVENT_SCAN_RESULTS to the upper layer code. However, it did report
EVENT_SCAN_STARTED and this resulted in the radio work protection code
assuming that an external program triggered a scan, but that scan never
completed. This resulted in all new radio work items getting stuck
waiting for this scan to complete.
Fix this by handling the scan_for_auth situation consistently within
driver_nl80211.c by filtering both the EVENT_SCAN_STARTED and
EVENT_SCAN_RESULTS.
Jouni Malinen [Mon, 17 Mar 2014 22:03:59 +0000 (00:03 +0200)]
HS 2.0R2: Do not mandate OCSP response for EST operations
OCSP validation is required only for the OSU operations and since the
EST server may use a different server certificate, it may not
necessarily support OCSP.
Jouni Malinen [Mon, 17 Mar 2014 21:46:12 +0000 (23:46 +0200)]
HS 2.0R2: Configure OSU client trust root more consistently
Some of the code paths could have ended up ignoring CA file name from
command line due to overly complex way of setting ctx->ca_fname.
Configure this more consistently in osu_client.c as soon as the CA file
name has been determined.
Jouni Malinen [Mon, 17 Mar 2014 21:12:25 +0000 (23:12 +0200)]
HS 2.0R2: Clean up debug from libcurl
Do not truncate CURLINFO entries on first linefeed to get full IN/OUT
headers and data into debug log. Use wpa_hexdump_ascii() if any
non-displayable characters are included. Remove the separate header/data
debug dumps since all that information is now available from the debug
callback.
Jouni Malinen [Mon, 17 Mar 2014 16:23:13 +0000 (18:23 +0200)]
Fix AP mode default TXOP Limit values for AC_VI and AC_VO
These were previous set to 3.0 and 1.5 ms which ended up using values 93
and 46 in 36 usec inits. However, the default values for these are
actually defined as 3.008 ms and 1.504 ms (94/47) and those values are
also listed in the hostapd.conf example.
Jouni Malinen [Sun, 16 Mar 2014 10:28:49 +0000 (12:28 +0200)]
TLS testing: Add new test cases for RSA-DHE primes
test-tls-4: Short 511-bit RSA-DHE prime
test-tls-5: Short 767-bit RSA-DHE prime
test-tls-6: Bogus RSA-DHE "prime" 15
test-tls-7: Very short 58-bit RSA-DHE prime in a long container
test-tls-8: Non-prime as RSA-DHE prime
Jouni Malinen [Sat, 15 Mar 2014 14:42:29 +0000 (16:42 +0200)]
Fix HT40 co-ex scan for some pri/sec channel switches
Secondary channel was compared incorrectly (-4/4 vs. actual channel
number) which broke matching neighboring 40 MHz BSSes and only the
no-beacons-on-secondary-channel rule was applied in practice. Once
sec_chan was fixed, this triggered another issue in this function where
both rules to switch pri/sec channels could end up getting applied in a
way that effectively canceled the switch.
Jouni Malinen [Sat, 15 Mar 2014 10:38:08 +0000 (12:38 +0200)]
tests: Go to listen state in go_neg_pin_authorized
Previusly, the responding device was left in p2p_find state as a
consequence of using discover_peer() if the peer was not already known.
This was not the sequence that was supposed to be used here. Go to
listen-only state when waiting for the peer to initiate a previously
authorized GO Negotiation.
Jouni Malinen [Fri, 14 Mar 2014 19:10:47 +0000 (21:10 +0200)]
Fix hostapd_add_iface error path to deinit partially initialized BSS
It was possible for the control interface and some of the BSS setup to
be left partially initialized in failure cases while the BSS structures
were still freed. Fix this by properly cleaning up anything that may
have passed initialization successfully before freeing memory.
Jouni Malinen [Fri, 14 Mar 2014 18:33:56 +0000 (20:33 +0200)]
Fix external radio_work deinit path
The radio_work type was stored within the dynamically allocated
wpa_radio_work buffer and that buffer ended up getting freed before the
final use of the type string within radio_work_done(). This resulted in
freed memory being used for a debug print. Avoid this by freeing the
wpa_external_work instance after having completed radio_work_done() for
the related work.
Jouni Malinen [Wed, 12 Mar 2014 18:26:37 +0000 (20:26 +0200)]
Allow management group cipher to be configured
This allows hostapd to set a different management group cipher than the
previously hardcoded default BIP (AES-128-CMAC). The new configuration
file parameter group_mgmt_cipher can be set to BIP-GMAC-128,
BIP-GMAC-256, or BIP-CMAC-256 to select one of the ciphers defined in
IEEE Std 802.11ac-2013.
Paul Stewart [Fri, 14 Mar 2014 04:33:43 +0000 (21:33 -0700)]
wpa_supplicant: Apply VHT_OVERRIDES to wpas_start_assoc_cb()
A previous patch "Support VHT capability overrides" missed one
place where HT overrides were being applied and where it would
also be useful to apply VHT overrides.
Paul Stewart [Wed, 12 Mar 2014 22:28:39 +0000 (15:28 -0700)]
hostapd: Supply default parameters for OBSS scan
For some client OBSS implementations that are performed in
firmware, all OBSS parameters need to be set to valid values.
Do this, as well as supplying the "20/40 Coex Mgmt Support"
flag in the extended capabilities IE.
Johannes Berg [Fri, 14 Mar 2014 14:48:13 +0000 (16:48 +0200)]
tests: Verify VHT20 with center freq seq0 set to zero
This was found through a mac80211 bug which didn't correctly accept a
center segment 0 value of zero, so the test will fail until the mac80211
bug is fixed.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 14 Mar 2014 14:45:21 +0000 (16:45 +0200)]
hostapd: For VHT 20/40, allow center segment 0 to be zero
The 802.11ac amendment specifies that that the center segment 0 field
is reserved, so it should be zero. Hostapd previously required it to
be set, which is likely a good idea for interoperability, but allow it
to be unset. However, don't allow it to be set to a random value, only
allow zero and the correct channel.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
projects / thirdparty / hostap.git / log
