Constantin Musca [Fri, 12 Sep 2014 07:22:19 +0000 (10:22 +0300)]
P2P: Stop driver listen in p2p_state_timeout()
When a P2P timeout occurs and p2p_state_timeout is executed, the
stop_listen function can be called besides setting in_listen to zero in
cases where the driver is still in ROC. That should not really happen in
normal cases, but it is possible for some drivers to extend the ROC
duration. If that happens, the next start_listen request may get
rejected with "P2P: Reject start_listen since p2p_listen_work already
exists".
Signed-off-by: Constantin Musca <constantin.musca@intel.com>
Mikael Kanstrup [Tue, 21 Oct 2014 10:08:30 +0000 (12:08 +0200)]
P2P: Use neg_freq when re-establish persistent group as GC
When GC receives invitation response and tries to re-establish
connection to a persistent group channels from passive list should
be allowed. A missing check for operation mode triggered reselection
of operating channel from active channels only to happen and thus fail
the connect attempt.
Add a check for operation mode and if GC instead use negotiated
frequency (i.e. GO operating channel from invitation response).
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
Thomas Pedersen [Mon, 1 Sep 2014 04:23:26 +0000 (00:23 -0400)]
mesh: Add user_mpm config option
Add user_mpm config parameter, when this is set to 1 (the default) the
peer link management is done on userspace, otherwise the peer management
will be done by the kernel.
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Thomas Pedersen <thomas@noack.us>
Thomas Pedersen [Mon, 1 Sep 2014 04:23:21 +0000 (00:23 -0400)]
mesh: Add mesh mode routines
Add routines to (de)initialize mesh interface data structures and
join and leave mesh networks.
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Thomas Pedersen <thomas@noack.us>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Do not try to change supported rates
For mesh mode to work properly, set supported rates only once.
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Add STA flag WPA_STA_AUTHENTICATED
This is needed for managing STA entries for mesh use cases.
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Add plink_action_field to hostapd_sta_add_params
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Reject deauth/disassoc for mesh interface
sta_info call these to send out the disassoc and deauth frame
which are both not relevent to mesh. So don't send them.
Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com> Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Register to receive mesh frames
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Jouni Malinen [Sat, 25 Oct 2014 09:09:02 +0000 (12:09 +0300)]
tests: Channel switch with HT40
ap_ht40_csa and ap_ht40_csa3 seem to show a cfg80211/mac80211 issue
where a CSA from HT40+ to HT40- channel results in HT getting disabled
due to cfg80211_chandef_compatible() check on c1->width == c2->width
claiming that the new channel is not compatible. For now, comment out
the FAIL case for these known issues to avoid constant failure for cases
that are not wpa_supplicant/hostapd issues. Once the kernel side design
has been reviewed, these error cases can be enabled here.
Jouni Malinen [Sat, 25 Oct 2014 08:27:48 +0000 (11:27 +0300)]
Fix channel switch to disable VHT with HT
If both HT and VHT was enabled on AP and channel switch event from the
driver indicated that HT was disabled, VHT was left enabled. This
resulted in the following channel configuration failing. Fix this by
disabling VHT if HT gets disabled.
Eliad Peller [Mon, 20 Oct 2014 03:21:39 +0000 (23:21 -0400)]
HT: Let the driver advertise its supported SMPS modes for AP mode
Add smps_modes field, and let the driver fill it with its supported SMPS
modes (static/dynamic). This will let us start an AP with specific SMPS
mode (e.g., dynamic) that will allow it to reduce its power usage.
Jouni Malinen [Thu, 23 Oct 2014 18:52:05 +0000 (21:52 +0300)]
P2P: Stop TX wait on SD query TX status failure
The previous TX operation could be on another channel if there are
multiple peers with pending SD queries. To avoid failing to send the
following query, stop the last one to allow any Listen channel to be
used for the following query during p2p_find iteration.
Jouni Malinen [Thu, 23 Oct 2014 18:49:42 +0000 (21:49 +0300)]
P2P: Limit number of SD retries during find
Commit 7139cf4a4f1fecfd03d0daff9bb33adb80cc3530 ('P2P: Decrement
sd_pending_bcast_queries when sd returns success') added support for
retrying P2P SD queries. However, it did this without limiting how many
retries are allowed. This can result in excessive number of retries if a
peer device does not show up on its Listen channel and there is a
pending SD query to it. Limit the maximum number of SD retries to 100
per p2p_find operation for each peer to avoid unlimited retries.
Jouni Malinen [Thu, 23 Oct 2014 18:30:32 +0000 (21:30 +0300)]
P2P: Iterate through all peers in pending pre-find operation
Commit 7139cf4a4f1fecfd03d0daff9bb33adb80cc3530 ('P2P: Decrement
sd_pending_bcast_queries when sd returns success') changed P2P SD
behavior in a way that the P2P search loop ended up in continuing with
the first peer entry until it acknowledged receipt of a pending
broadcast SD request while the previous design went through all peers
once. While it is reasonable to retry SD, getting stuck with the first
peer is not really desirable. Change the p2p_continue_find() loop to
continue from the next peer in each iteration to allow progress through
all peers that have pending operations if any other peer is not
acknowledging frames (e.g., due to not being on Listen channel).
Chet Lanctot [Thu, 23 Oct 2014 15:21:49 +0000 (18:21 +0300)]
Add support for offloading key management operations to the driver
This commit introduces a QCA vendor command and event to provide an
option to use extended versions of the nl80211 connect/roam operations
in a way that allows drivers to offload key management operations to the
driver/firmware.
Jouni Malinen [Thu, 23 Oct 2014 13:33:25 +0000 (16:33 +0300)]
tests: Allow time for go_neg_pbc() GO Neg Resp to go out
It was possible for the not-pre-authorized GO Negotiation case to end up
starting new GO Negotiation before the GO Negotiation Response frame
with status=1 was transmitted. While this works for group formation, it
could reduce test coverage for the common case where that response is
received. At a small sleep to make it less likely for this unexpected
sequence to happen during testing.
Jouni Malinen [Wed, 22 Oct 2014 17:02:48 +0000 (20:02 +0300)]
P2P: Search all 2.4 GHz social channels regardless of disallow_freq
Commit 1595eb93aee0239de51f1090d4528e4b2cfe3add ('P2P: Add support for
60 GHz social channel') had an unintended change to how P2P search scans
2.4 GHz social channels. Use of p2p_supported_freq() to filter the list
of social channels ended up using the disallow_freq setting to remove
social channels from the P2P search scans. This is not desired since
peers need to be found on any of the social channels even if those
channels have been disabled from P2P operating channel use. Restore the
previous behavior by included all the 2.4 GHz social channels in P2P
search scans if the driver indicated support for the 2.4 GHz band.
Jouni Malinen [Tue, 21 Oct 2014 09:16:47 +0000 (12:16 +0300)]
GAS: Do not reply to P2P SD query from generic GAS/ANQP server
This avoids an issue where a wpa_supplicant build with CONFIG_P2P=y and
CONFIG_HS20=y ended up processing a P2P SD query twice when operating as
a GO and sending out two replies. Only the P2P SD implementation should
reply to P2P SD query in such a case.
The kernel now has full support for this (and it is turned off
by default for hwsim) so wpa_supplicant should really go back
to autodetecting this so clients don't have to figure out what
to do.
Also add a debug message stating that P2P_DEVICE support is used.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 20 Oct 2014 10:00:07 +0000 (12:00 +0200)]
tests: Disable support_p2p_device by default
When loading the hwsim module, disable support_p2p_device by default.
This will also become the default in the kernel, but until then it
makes sure it's not turned on by default.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Wed, 22 Oct 2014 07:50:57 +0000 (10:50 +0300)]
tests: Run run-tests.py as root from run-all.sh
This will be needed to be able to control dynamic mac80211_hwsim
operations like adding and removing a phy. In the past, it has been
possible to start the main programs as root and then use non-root
account for run-tests.py. However, there is already a large number of
cases within the test scripts where sudo is needed. Moving that
requirement to execution of run-tests.py allows those to be simplified
as well.
Jouni Malinen [Tue, 21 Oct 2014 11:16:06 +0000 (14:16 +0300)]
browser-android: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.
In addition, fix the /system/bin/input execution by using system() for
it instead of execv() through os_exec(). /system/bin/input is a script
that execv() won't be able to run. Since the full command line is
specified, system() can be used for this. The keycode is also changed
from 3 to KEYCODE_HOME to make this work with current Android version.
Jouni Malinen [Tue, 21 Oct 2014 11:04:25 +0000 (14:04 +0300)]
browser-wpadebug: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.
Jouni Malinen [Tue, 21 Oct 2014 09:59:47 +0000 (12:59 +0300)]
browser-system: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.
Kyeyoon Park [Wed, 15 Oct 2014 23:36:04 +0000 (16:36 -0700)]
AP: Add support for BSS load element (STA Count, Channel Utilization)
The new "bss_load_update_period" parameter can be used to configure
hostapd to advertise its BSS Load element in Beacon and Probe Response
frames. This parameter is in the units of BUs (Beacon Units).
When enabled, the STA Count and the Channel Utilization value will be
updated periodically in the BSS Load element. The AAC is set to 0 sinze
explicit admission control is not supported. Channel Utilization is
calculated based on the channel survey information from the driver and
as such, requires a driver that supports providing that information for
the current operating channel.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Jouni Malinen [Mon, 20 Oct 2014 09:42:27 +0000 (12:42 +0300)]
P2P: Support dynamic addition of P2P Device triggering interface
This moves the addition of P2P Device interface into
wpa_supplicant_add_iface() so that this operation can be done
dynamically when adding an interface to an already running
wpa_supplicant process.
Jouni Malinen [Mon, 20 Oct 2014 09:40:29 +0000 (12:40 +0300)]
P2P: Remove all child interfaces when removing the parent
This is needed to allow dynamic removal of an interface that adds the
P2P Device interface without leaving behind the management interface
with invalid wpa_s->parent pointer.
Jouni Malinen [Mon, 20 Oct 2014 09:38:43 +0000 (12:38 +0300)]
tests: Remove wlan5-related interfaces based on list
Instead of hardcoding reset_devs() to remove wlan5, remove all wlan*
interfaces renaming in the wpa_supplicant process to support the case of
dynamically added hwsim phy.
Jouni Malinen [Sun, 19 Oct 2014 17:57:08 +0000 (20:57 +0300)]
tests: Use internal DATA_TEST_* functionality instead of hwsim_test
This replaces use of the external hwsim_test tool for most data
connectivity test cases. Only the cases where a special interface
(bridge/VLAN) is used are still executed through hwsim_test.
The internal DATA_TEST_* functionality makes it easier to extend the
connectivity test cases through an external device with real WLAN
hardware instead of the hwsim test setup. In addition, the error reports
from this code can be made more informative.
Jouni Malinen [Sun, 19 Oct 2014 17:55:02 +0000 (20:55 +0300)]
tests: Add own_addr() for both Hostapd and WpaSupplicant classes
This makes it easier to use instances of control interfaces in common
code without having to separately address hostapd and wpa_supplicant
behavior differences.
Jouni Malinen [Sun, 19 Oct 2014 17:51:45 +0000 (20:51 +0300)]
Add data test functionality
It is now possible to run hwsim_test like data connectivity test through
wpa_supplicant/hostapd control interface if CONFIG_TESTING_OPTIONS=y is
used for the build. Test functionality is enabled/disabled at runtime
with "DATA_TEST_CONFIG <1/0>". The "DATA_TEST_TX <dst> <src> <tos>"
command can be used to request a test frame to be transmitted.
"DATA-TEST-RX <dst> <src>" event is generated when the test frame is
received.
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Add new peer candidate event for mesh
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Add support for sta_add flags_mask
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Add new commands to support mesh interfaces
Create init_mesh, mesh_join, and mesh_leave actions to kernel.
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland [Mon, 1 Sep 2014 04:23:23 +0000 (00:23 -0400)]
nl80211: Add driver flag to indicate mesh support
Convert the driver flags variable to u64 since there was no room for
more flags.
Signed-off-by: Javier Lopez <jlopex@gmail.com> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: Jason Mobarak <x@jason.mobarak.name> Signed-off-by: Bob Copeland <me@bobcopeland.com>
Mikael Kanstrup [Fri, 17 Oct 2014 11:16:35 +0000 (13:16 +0200)]
P2P: Include passive channels in invitation response
Patch 51e9f22809b0f412c9c10baa34ddc46cf5df4f33 added the option
p2p_add_cli_chan to allow P2P GC to connect on passive channels
assuming the GO should know whether allowed to send on these channels.
This patch adds missing cli_channels to invitation response messages
to allow re-connecting to a persistent group as GC on passive
channels.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
Jouni Malinen [Sat, 18 Oct 2014 13:20:51 +0000 (16:20 +0300)]
P2P: Fix group interface removal through interface ctrl_iface
It was possible to issue the P2P_GROUP_REMOVE command through the
per-interface control interface. This resulted in freed memory getting
accessed when trying to send the control interface response to the
operation that ended up deleting the group interface. Fix this by
postponing the removal operation until the caller has returned.
Jouni Malinen [Sat, 18 Oct 2014 10:02:02 +0000 (13:02 +0300)]
SAE: Add support for PMKSA caching on the station side
This makes wpa_supplicant SME create PMKSA cache entries from SAE
authentication and try to use PMKSA caching if an entry is found for the
AP. If the AP rejects the attempt, fall back to SAE authentication is
used.
Jouni Malinen [Sat, 18 Oct 2014 07:20:24 +0000 (10:20 +0300)]
Add Acct-Multi-Session-Id into RADIUS Accounting messages
This allows multiple sessions using the same PMKSA cache entry to be
combined more easily at the server side. Acct-Session-Id is still a
unique identifier for each association, while Acct-Multi-Session-Id will
maintain its value for all associations that use the same PMKSA.
Jouni Malinen [Sat, 18 Oct 2014 07:35:33 +0000 (10:35 +0300)]
Remove duplicated Acct-Session-Id from Accounting-Request
Commit 8b2486115479582b2ab164a4508f22ed23a9a4cb ('Add Acct-Session-Id
into Access-Request messages') added Acct-Session-Id building into the
helper function shared between authentication and accounting messages.
However, it forgot to remove the same code from the generation of
accounting messages and as such, ended up with Accounting-Request
messages containing two copies of this attribute. Fix this by removing
the addition of this attribute from the accounting specific function.
Justin Shen [Mon, 13 Oct 2014 07:40:08 +0000 (15:40 +0800)]
WPS: Extend startWhen to 2 if peer AP supports WPS 2.0
Increase EAPOL startWhen to 2 for the case where the AP/GO has
advertised it supports WPS 2.0. This is done to make it less likely for
the EAPOL-Start frame to be sent out since that is only required for WPS
1.0. Not sending it can remove one unnecessary round trip from the EAP
exchange when the AP is going to start with EAP-Request/Identity
immediately based on the Association Request frame.
Jouni Malinen [Sun, 12 Oct 2014 18:49:36 +0000 (21:49 +0300)]
tests: Add Python-version of parallel-vm.sh
This is a more advanced version of the simple parallel-vm.sh script.
Status of each VM is printed out during the test and results are
provided in more convenient format in the end.
Jouni Malinen [Sun, 12 Oct 2014 16:07:17 +0000 (19:07 +0300)]
netlink: Fix RTM_SETLINK padding at the end of the message
While the kernel seems to have accepted the message to set linkmode and
operstate without the final attribute getting padded to 32-bit length,
it is better to get this cleaned up to match expected format. The double
NLMSG_ALIGN() followed by RTA_LENGTH() did not make much sense here.
hostapd_cli: Add CLI commands enable, reload, and disable
Commands are already present in ctrl_iface.c (and parsed in
hostapd_ctrl_iface_receive() function) but not in hostapd_cli.c. This
patch updates hostapd_cli.c with matching functions.
P2P: Remove unreachable code in wpas_p2p_stop_find()
Commit 152cff6ba6d6ac206b93a2202eab57f0a36c26cb ('P2P: Remove
WPA_DRIVER_FLAGS_P2P_MGMT option') removed the only non-zero return from
wpas_p2p_stop_find_oper(), but did not remove the useless return value
or the return check in wpas_p2p_stop_find(). Clean these up by removing
unreachable code and useless return value.
Jouni Malinen [Sun, 12 Oct 2014 14:03:25 +0000 (17:03 +0300)]
Include ieee802_11_common.c in wpa_supplicant build unconditionally
This is needed for number of items and it was possible to make a build
configuration that did not include ieee802_11_common.c while still
trying to use functions from there. While it would be possible to add
NEED_80211_COMMON=y to all the cases where this file is needed, the
extra complexity from this is not really justifiable anymore, so include
the file unconditionally.
Jouni Malinen [Sun, 12 Oct 2014 13:56:23 +0000 (16:56 +0300)]
Fix build without IEEE8021X_EAPOL
The MACsec addition placed one of the calls outside the #ifdef
IEEE802X_EAPOL block while the variable needed for this was defined only
within the block.
Toby Gray [Fri, 10 Oct 2014 16:35:27 +0000 (17:35 +0100)]
Make wpa_ctrl_get_remote_ifname declaration conditional.
The definition of wpa_ctrl_get_remote_ifname is conditional on
CONFIG_CTRL_IFACE_UDP. This change makes the header declaration of
this function also conditional on the same define.
Toby Gray [Fri, 10 Oct 2014 16:34:18 +0000 (17:34 +0100)]
Fix warning about unused parameter if CONFIG_DEBUG_FILE is not defined.
This change adds a cast to void to indicate that the path parameter is
unused when CONFIG_DEBUG_FILE is not defined. This fixes a compiler
warning about unused parameters.
Jouni Malinen [Sun, 12 Oct 2014 13:45:33 +0000 (16:45 +0300)]
P2P: Add new=0/1 flag to P2P-DEVICE-FOUND events
This information can be used to determine whether the event is generated
for a new peer that was added or due to an update in the information for
an existing peer.
Jouni Malinen [Sun, 12 Oct 2014 08:53:51 +0000 (11:53 +0300)]
wpa_supplicant: Allow OpenSSL cipherlist string to be configured
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled for TLS-based EAP methods when
OpenSSL is used as the TLS library. This parameter can be used both as a
global parameter to set the default for all network blocks and as a
network block parameter to override the default for each network
profile.
Jouni Malinen [Sun, 12 Oct 2014 08:52:05 +0000 (11:52 +0300)]
hostapd: Allow OpenSSL cipherlist string to be configured
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled when hostapd is used as an EAP
server with OpenSSL as the TLS library.
Jouni Malinen [Sun, 12 Oct 2014 08:45:21 +0000 (11:45 +0300)]
OpenSSL: Add a mechanism to configure cipher suites
This extends the TLS wrapper code to allow OpenSSL cipherlist string to
be configured. In addition, the default value is now set to
DEFAULT:!EXP:!LOW to ensure cipher suites with low and export encryption
algoriths (40-64 bit keys) do not get enabled in default configuration
regardless of how OpenSSL build was configured.
projects / thirdparty / hostap.git / log
