Avraham Stern [Thu, 27 Mar 2014 06:58:30 +0000 (08:58 +0200)]
P2P: Fix segfault when PBC overlap is detected
If a separate P2P group interface is used, PBC overlap during group
formation causes the group interface to be removed, which ends up with
the interface context becoming invalid. Fix this by scheduling a timeout
to process the PBC overlap and interface removal instead of removing the
interface directly before the connection operation has returned.
Jouni Malinen [Fri, 28 Mar 2014 14:56:41 +0000 (16:56 +0200)]
Add writing of network block ocsp parameter
This was forgotten from the per-network ocsp parameter addition. The new
parameter needs to be stored to the configuration file similarly to the
other EAP parameters.
Ilan Peer [Thu, 27 Mar 2014 06:58:33 +0000 (08:58 +0200)]
wpa_supplicant: Remove pending sme-connect radio work
If a new connection is attempted while there is a pending sme-connection
radio work, cancel the pending radio work and continue with the new
connection attempt. This is preferable over rejecting the new work and
continuing with the pending one, as it is possible that the previous
work is no longer valid.
Eliad Peller [Thu, 27 Mar 2014 06:58:32 +0000 (08:58 +0200)]
wpa_supplicant: Override HT A-MPDU size if VHT A-MPDU was overridden
According to the standard, if the max A-MPDU VHT cap is <= 3, we
have to adjust the max A-MPDU HT cap to the same value. Otherwise
it should be set to 3.
Take care of it when the max VHT A-MPDU value is overridden.
Sunil Dutt [Wed, 26 Mar 2014 16:04:50 +0000 (21:34 +0530)]
Pass TDLS peer capability information in tdls_mgmt
While framing the TDLS Setup Confirmation frame, the driver needs to
know if the TDLS peer is VHT/HT/WMM capable and thus shall construct the
VHT/HT operation / WMM parameter elements accordingly. Supplicant
determines if the TDLS peer is VHT/HT/WMM capable based on the presence
of the respective IEs in the received TDLS Setup Response frame.
The host driver should not need to parse the received TDLS Response
frame and thus, should be able to rely on the supplicant to indicate
the capability of the peer through additional flags while transmitting
the TDLS Setup Confirmation frame through tdls_mgmt operations.
Jouni Malinen [Tue, 25 Mar 2014 15:40:50 +0000 (17:40 +0200)]
WPS: Enable WSC 2.0 support unconditionally
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.
Rashmi Ramanna [Fri, 21 Mar 2014 12:56:02 +0000 (18:26 +0530)]
P2P: Optimize scan for GO during persistent group invocation
Scan for GO on the negotiated operating channel for few iterations
before searching on all the supported channels during persistent group
reinvocation. In addition, use the already known SSID of the group in
the scans. These optimizations reduce group formation time.
Jouni Malinen [Tue, 25 Mar 2014 11:43:56 +0000 (13:43 +0200)]
tests: P2P persistent group re-invocation with empty BSS table
This verifies P2P Client scanning behavior during group re-invocation in
a case where old scan results are not available to allow the scan to be
skipped completely.
Jouni Malinen [Tue, 25 Mar 2014 13:08:07 +0000 (15:08 +0200)]
tests: Optimize scanning in wpa_supplicant-as-AP test case
Wait for the AP to be ready before initiating the scan to avoid
unnecessary five second extra wait. In addition, disconnect the station
to avoid possibility of starting a new scan at the end of the test case.
These remove unnecessary wait time from the test cases.
Jouni Malinen [Mon, 24 Mar 2014 20:38:35 +0000 (22:38 +0200)]
ACS: Fix number of error path issues
Especially when multiple BSSes are used with ACS, number of the error
paths were not cleaning up driver initialization properly. This could
result in using freed memory and crashing the process if ACS failed.
Jouni Malinen [Sun, 23 Mar 2014 23:35:58 +0000 (01:35 +0200)]
tests: Add scripts to allow parallel execution of tests in VMs
"parallel-vm.sh <number of VMs> [arguments..]" can now be used to run
multiple VMs in parallel to speed up full test cycle significantly. In
addition, the "--split srv/total" argument used in this design would
also make it possible to split this to multiple servers to speed up
testing.
Jouni Malinen [Sun, 23 Mar 2014 21:54:50 +0000 (23:54 +0200)]
SME: Fix OBSS scan result processing for 20/40 MHz co-ex report
The 40 MHz intolerant bit needs to be checked before skipping the BSS
based on the channel already being in the lost (which could have
happened due to another BSS that does not indicate 40 MHz intolerant).
This fixed the 20/40 MHz co-ex report to indicate 20 MHz request
properly if there are both 40 MHz tolerant and intolerant BSSes on the
same channel.
Jouni Malinen [Sun, 23 Mar 2014 21:50:37 +0000 (23:50 +0200)]
Allow hostapd to advertise 40 MHz intolerant HT capability
ht_capab=[40-INTOLERANT] can now be used to advertise that the BSS is 40
MHz intolerant to prevent other 20/40 MHz co-ex compliant APs from using
40 MHz channel bandwidth.
Jouni Malinen [Sun, 23 Mar 2014 16:13:03 +0000 (18:13 +0200)]
FT: Add support for postponing FT response
If the PMK-R1 needs to be pulled for the R0KH, the previous
implementation ended up rejecting the over-the-air authentication and
over-the-DS action frame unnecessarily while waiting for the RRB
response. Improve this by postponing the Authentication/Action frame
response until the pull response is received.
Jouni Malinen [Sun, 23 Mar 2014 09:59:43 +0000 (11:59 +0200)]
tests: Allow test cases to receive additional parameters
The optional third argument to the test case functions can now be used
to receive additional parameters from run-tests.py. As the initial
parameter, logdir value is provided so that test cases can use it to
review the debug logs from the test run.
Jouni Malinen [Sat, 22 Mar 2014 21:31:39 +0000 (23:31 +0200)]
WPS: Comment out unused AP WEP config write with WPS 2.0
The main WPS code rejects WEP parameters, so this code is not used and
can be commented out from WPS 2.0 builds. This is similar to the earlier
commit that commented out in-memory update.
Arif Hussain [Sat, 22 Mar 2014 19:50:55 +0000 (12:50 -0700)]
P2P: Update op_reg_class in random social channel case
Commit 94b84bc7253680a2b201d5c88d36ada91a3e20b4 missed one path where
p2p->op_reg_class should have been updated. Set this to 81 during
operating channel selection from 2.4 GHz.
Amar Singhal [Sat, 22 Mar 2014 19:31:15 +0000 (21:31 +0200)]
hostapd: Check driver DFS offload capability for channel disablement
If the driver supports full offloading of DFS operations, do not disable
a channel marked for radar detection. The driver will handle the needed
operations for such channels.
Arif Hussain [Fri, 21 Mar 2014 07:38:23 +0000 (00:38 -0700)]
P2P: Avoid unsafe pre-configured channel as channel preference
Do not select pre-configured channel as operating channel preference if
it is unavailable maybe due to interference or possible known
co-existence constraints, and try to select random available channel.
Pawel Kulakowski [Fri, 21 Mar 2014 07:18:00 +0000 (08:18 +0100)]
Don't overwrite channel on hostapd config reload
There was possibility that the current channel in Beacon information
element was incorrectly set. This problem was easily observed when
primary and secondary channel were switched and then some of hostapd
settings (for example password) were changed using WPS External
Registrar. This caused hostapd_reload_config() function overwrite the
current channel information from config file.
This patch prevents this situation and does not allow to overwrite
channel and some other settings when config is reloaded.
Eduardo Abinader [Thu, 20 Mar 2014 12:43:31 +0000 (08:43 -0400)]
P2P: Fix GO failed interface init
Whenever an ongoing GO Neg has failed, due to interface init, the P2P
Device should cancel timeouts and issue wpas_p2p_group_formation_failed,
so the other peer detects faster group formation has failed.
Jouni Malinen [Thu, 20 Mar 2014 15:01:37 +0000 (17:01 +0200)]
WPS: Clear WPS data on init failure
It was possible for hapd->wps_beacon_ie and hapd->wps_probe_resp_ie to
be set if WPS initialization in hostapd failed after having set these
parameters (e.g., during UPnP configuration). In addition, many of the
other WPS configuration parameters that were allocated during the first
part of the initialization were not properly freed on error paths.
Jouni Malinen [Thu, 20 Mar 2014 13:13:48 +0000 (15:13 +0200)]
WPS: Do not advertise WPA/WPA2-Enterprise Auth Type Flags
While the device itself may support WPA/WPA2-Enterprise, enrollment of
credentials for EAP authentication is not supported through WPS. As
such, there is no need to claim support for these capabilities within
WPS information.
Jouni Malinen [Tue, 18 Mar 2014 20:45:07 +0000 (22:45 +0200)]
nl80211: Do not indicate scan started event on scan_for_auth
The scan_for_auth workaround for cfg80211 missing a BSS entry for the
target BSS during authentication uses a single channel scan controlled
within driver_nl80211.c. This operation does not indicate
EVENT_SCAN_RESULTS to the upper layer code. However, it did report
EVENT_SCAN_STARTED and this resulted in the radio work protection code
assuming that an external program triggered a scan, but that scan never
completed. This resulted in all new radio work items getting stuck
waiting for this scan to complete.
Fix this by handling the scan_for_auth situation consistently within
driver_nl80211.c by filtering both the EVENT_SCAN_STARTED and
EVENT_SCAN_RESULTS.
Jouni Malinen [Mon, 17 Mar 2014 22:03:59 +0000 (00:03 +0200)]
HS 2.0R2: Do not mandate OCSP response for EST operations
OCSP validation is required only for the OSU operations and since the
EST server may use a different server certificate, it may not
necessarily support OCSP.
Jouni Malinen [Mon, 17 Mar 2014 21:46:12 +0000 (23:46 +0200)]
HS 2.0R2: Configure OSU client trust root more consistently
Some of the code paths could have ended up ignoring CA file name from
command line due to overly complex way of setting ctx->ca_fname.
Configure this more consistently in osu_client.c as soon as the CA file
name has been determined.
Jouni Malinen [Mon, 17 Mar 2014 21:12:25 +0000 (23:12 +0200)]
HS 2.0R2: Clean up debug from libcurl
Do not truncate CURLINFO entries on first linefeed to get full IN/OUT
headers and data into debug log. Use wpa_hexdump_ascii() if any
non-displayable characters are included. Remove the separate header/data
debug dumps since all that information is now available from the debug
callback.
Jouni Malinen [Mon, 17 Mar 2014 16:23:13 +0000 (18:23 +0200)]
Fix AP mode default TXOP Limit values for AC_VI and AC_VO
These were previous set to 3.0 and 1.5 ms which ended up using values 93
and 46 in 36 usec inits. However, the default values for these are
actually defined as 3.008 ms and 1.504 ms (94/47) and those values are
also listed in the hostapd.conf example.
Jouni Malinen [Sun, 16 Mar 2014 10:28:49 +0000 (12:28 +0200)]
TLS testing: Add new test cases for RSA-DHE primes
test-tls-4: Short 511-bit RSA-DHE prime
test-tls-5: Short 767-bit RSA-DHE prime
test-tls-6: Bogus RSA-DHE "prime" 15
test-tls-7: Very short 58-bit RSA-DHE prime in a long container
test-tls-8: Non-prime as RSA-DHE prime
projects / thirdparty / hostap.git / log
