Johannes Berg [Tue, 23 Apr 2013 14:19:20 +0000 (17:19 +0300)]
nl80211: Fix nla_nest_start conversion
Dmitry reported that the kernel could no longer parse the
scheduled scan attributes correctly after my patch to use
nla_nest_start/nla_nest_end. The reason is that the wrong
attribute is closed I accidentally made it close the full
scan config instead of just the SSID match set.
Reported-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Bruno Randolf [Tue, 23 Apr 2013 13:55:54 +0000 (16:55 +0300)]
wpa_supplicant: Add get_capability freq
Add "get_capability freq" command to print a more verbose list of
channels and frequencies in MHz. The tag "NO_IBSS" is added, if IBSS
mode is not allowed on a channel. This allows userspace programs to get
the frequencies and limitations associated with each channel.
This extends the information already provided in "get_capability
channels" but a new interface is chosen because of backwards
compatibility considerations.
A kernel commit ("mac80211: fix FT roaming") started validating that the
STA entry is marked associated when adding a key. While this is needed
to fix some FT use cases with hardware crypto, it has a side effect of
breaking TDLS key configuration. Work around this by trying to
re-configure the key for the direct link after the STA entry has been
set with all information. In addition, try to tear down the link if
anything goes wrong in key configuration (if both attempts fail) or
enabling the link in the driver.
WPS: Fix use of pre-configured DH keys with multiple operations
wps_build_public_key() takes the dh_ctx into use and another attempt to
use the same DH keys fails with wps->dh_ctx being set to NULL. Avoid
this by using the DH parameters only if dh_ctx is valid. This fixes
cases where a use of local pre-configured DH keys followed by an
operating using peer DH keys would faild due to unexpected attempt to
use local keys again.
Interworking: Try to use same BSS entry for storing GAS results
There may be cases where multiple BSS entries for a single BSSID are in
the table. This is mostly in automated test cases due to the AP
configuration changes, but something similar could potentially happen as
a corner case in more realistic networks, too, e.g., when an AP changes
its operating channel. Make network selection more robust by trying to
find the exact BSS entry instead of any BSS entry with a matching BSSID
when storing GAS/ANQP response.
Jouni Malinen [Sun, 31 Mar 2013 21:59:50 +0000 (00:59 +0300)]
tests: Stop wpa_supplicant before hostapd
Stopping the AP first was not ideal for the test cases since it could
result in wpa_supplicant trying to connect back and start a scan at the
end of a test case and cause problems for the following test case that
tried to scan in the beginning while the previously started scan was
still in progress.
Johannes Berg [Sun, 31 Mar 2013 18:51:44 +0000 (21:51 +0300)]
hostapd/wpa_s: Use driver's extended capabilities
Some extended capabilities (I'm currently interested in "Operating Mode
Notification" for VHT) are implemented by the kernel driver and exported
in nl80211. Use these in hostapd/wpa_supplicant.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Masashi Honma [Sun, 31 Mar 2013 17:06:42 +0000 (20:06 +0300)]
WPS: Skip rescanning after provisioning if AP was configured
If WPS provisioning step is completed with an AP that is in WPS
configured state, we can skip a second scan after the provisioning step
since the AP is unlikely to change its configuration in such a case.
This can speed up WPS connection a bit by removing an unneeded scan.
Jouni Malinen [Sun, 31 Mar 2013 14:55:16 +0000 (17:55 +0300)]
tests: Fix BSS table flushing and old result ignoring for WPS tests
The WPS tests are more prone to fail if scan results from the previous
test cases are allowed to remain in the wpa_supplicant BSS table during
the consecutive test since the test setup uses the same BSSID for the
test APs that change their configuration. Avoid these mostly bogus
issues by enforcing wpa_supplicant to drop and ignore old scan results
during the WPS test cases.
Jouni Malinen [Sun, 31 Mar 2013 14:52:23 +0000 (17:52 +0300)]
Add ignore_old_scan_res configuration parameter
This can be used to configure wpa_supplicant to ignore old scan results
from the driver cache in cases where such results were not updated after
the scan trigger from wpa_supplicant. This can be useful in some cases
where the driver may cache information for a significant time and the AP
configuration is changing. Many such cases are for testing scripts, but
this could potentially be useful for some WPS use cases, too.
Jouni Malinen [Sun, 31 Mar 2013 14:17:08 +0000 (17:17 +0300)]
WPS: Clear after_wps on new WPS connection
The after_wps counter could have potentially be left in its old non-zero
value in some WPS sequences which could result in a single-channel scan
being used based on obsolete information. Clear after_wps in
wpas_wps_reassoc() to make sure this does not happen.
Jouni Malinen [Sun, 31 Mar 2013 14:15:39 +0000 (17:15 +0300)]
WPS: Use latest updated BSS entry if multiple BSSID matches found
If the AP (P2P GO) has changes its channel of SSID recently, the BSS
table may have multiple entries for a BSSID. Select the one which was
most recently updated for WPS/P2P operations in such case to increase
the likelihood of using current information.
Jouni Malinen [Sun, 31 Mar 2013 13:22:28 +0000 (16:22 +0300)]
tests: Use a single set of scripts for running both P2P and AP tests
This removes the unnecessary separation of P2P (no hostapd) and AP
tests. The same scripts can be used to prepare for these tests and to
execute the tests.
Jouni Malinen [Sun, 31 Mar 2013 08:48:52 +0000 (11:48 +0300)]
WPS: Allow hostapd process to control independent WPS interfaces
The new wps_independent=1 configuration parameter can be used to remove
interfaces from the shared hostapd process WPS control (i.e., to apply
WPS operations only to a subset of interfaces instead of all).
Jouni Malinen [Sun, 31 Mar 2013 08:26:29 +0000 (11:26 +0300)]
WPS AP: Add support for reconfiguration with in-memory config
This allows WPS to update AP configuration in the case no hostapd
configuration file is used (i.e., dynamic configuration through the
control interface).
Johannes Berg [Sat, 30 Mar 2013 18:37:44 +0000 (20:37 +0200)]
nl80211: Use nla_nest_start/end instead of nla_put_nested
Instead of allocating a new message and then moving that into
the message being built, use nla_nest_start() and put the data
into the message directly.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sat, 30 Mar 2013 18:31:22 +0000 (20:31 +0200)]
tests: Fix test_discovery to force full device discovery
P2P_PROV_DISC fails if the peer is not fully discovered and the previous
version of the test cases did not force this (i.e., it could have
started PD just based on having seen a Probe Request frame from the
peer).
Michael Braun [Sat, 30 Mar 2013 17:53:22 +0000 (19:53 +0200)]
AP: Fix infinite loop in WPA state machine when out of random bytes
When the OS is out of random bytes in SM_STATE(WPA_PTK, AUTHENTICATION2)
in ap/wpa_auth.c, hostapd sends the sm to state DISCONNECT without
clearing ReAuthenticationRequest, resulting in an infinite loop.
Clearing sm->ReAuthenticationRequest using gdb fixes the running hostapd
instance for me. Also sm->Disconnect = TRUE should be used instead of
wpa_sta_disconnect() to make sure that the incomplete ANonce does not
get used.
Fix this issue by resetting sm->ReAuthenticationRequest even if the STA
gets disconnected and use sm->Disconnect instead of
wpa_sta_disconnect().
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
Jouni Malinen [Sat, 30 Mar 2013 16:05:18 +0000 (18:05 +0200)]
Fix OLBC non-HT AP detection to check channel
A non-HT capable AP on any channel could have triggered us to enable
protection regardless of own operating channel if the driver delivered
Beacon frames from other channels. The channel detection in ap_list is
not exactly ideal, but most cases can be handled by checking ap->channel
against the currently configured channel (or secondary channel in case
of HT40).
Jouni Malinen [Sat, 30 Mar 2013 14:10:43 +0000 (16:10 +0200)]
P2P: Fix provision discovery response handling in some cases
Commit 6b56cc2d97fe9efd1feea8d418714b4658b056f1 added a possible call to
p2p_reset_pending_pd() prior to checking config_methods match between
our request and peer response. That reset call could clear
dev->req_config_methods and as such, result in unexpected
P2P-PROV-DISC-FAILURE report here even in cases where the peer accepts
the provision discovery. Fix this by using a local copy of the
req_config_methods variable.
Jouni Malinen [Fri, 29 Mar 2013 15:09:31 +0000 (17:09 +0200)]
hostapd: Allow ctrl_iface group to be specified on command line
The new -G<group> command line argument can now be used to set the group
for the control interfaces to enable cases where hostapd is used without
a configuration file and the controlling program is not running with
root user privileges.
Sunil Dutt [Thu, 28 Mar 2013 13:05:10 +0000 (15:05 +0200)]
TDLS: Support both external and internal setup in disabling link
Enhance TDLS Setup Request processing to support both external and
internal TDLS setup for the case where concurrent TDLS initialization
results in the TDLS Setup Request from the peer getting accepted.
Jouni Malinen [Thu, 28 Mar 2013 10:38:24 +0000 (12:38 +0200)]
TDLS: Fix TDLS Setup Request processing in existing-peer cases
wpa_tdls_peer_free() ended up getting called after some of the
parameters from the TDLS Setup Request frame were copied into the struct
wpa_tdls_peer information. This could result in continuing with cleared
information in case the new exchange was the one that is used in
concurrent initialization case or if this is to re-negotiated an
existing TDLS link. The driver would not be provided with all the peer
capabilities correctly in such case.
Fix this by moving the existing_peer check to happen before the
information from the TDLS Setup Request frame is copied.
Vivek Natarajan [Mon, 25 Mar 2013 22:28:56 +0000 (00:28 +0200)]
P2P: Ignore Tx acknowledgment status for Invitation Response
In some cases where the ack for Invitation response is lost,
the device is stuck in invited state but the peer device starts
GO. In line with the implementation of Negotiation Confirm,
assume invitation response was actually received by the peer
even though ack was not reported.
Jouni Malinen [Thu, 21 Mar 2013 13:52:41 +0000 (15:52 +0200)]
Add ap_vendor_elements for wpa_supplicant AP/P2P GO mode
This new parameter allows wpa_supplicant AP mode operations to use
similar design to the vendor_elements parameter in hostapd to add
vendor_elements into Beacon/Probe Response IE parameters.
Jouni Malinen [Thu, 21 Mar 2013 13:41:27 +0000 (15:41 +0200)]
Add vendor_elements into Beacon/Probe Response IE parameters
Commit b52f084cfaae5a10bf5886cfa159d2df0dfc350a introduced a mechanism
for adding arbitrary vendor-specific elements into the Beacon and Probe
Response frames. However, this information was not added to the separate
buffers used for specifying Beacon and Probe Response IEs for drivers
that build the frames internally. Add vendor_elements to these values,
too, to support such drivers in addition to drivers that use the full
Beacon tail/head buffers.
Jouni Malinen [Tue, 19 Mar 2013 08:58:28 +0000 (10:58 +0200)]
tests: Add concurrent version of P2P test setup
A virtual station interface in scanning state can change the P2P
operations quite a bit, so running all the P2P tests also in such
setup can increase testing coverage quite a bit.
Johannes Berg [Tue, 19 Mar 2013 00:01:46 +0000 (02:01 +0200)]
nl80211: Fix mode settings with split wiphy dump
When the wiphy information is split, there's no guarantee that the
channels are processed before the bitrates; in fact, with the current
kernel it happens the other way around. Therefore, the mode information
isn't set up correctly and there's no 11g mode.
Fix this by doing the 11b/11g determination as part of the
postprocessing.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Mon, 18 Mar 2013 23:53:09 +0000 (01:53 +0200)]
wpaspy: Add native Python implementation of ctrl_iface access
This can be used as a replacement for the wpaspy.c module that uses
wpa_ctrl.c to access wpa_supplicant/hostapd control interface. Only
the UNIX domain socket version of the control interface is currently
supported.
Jouni Malinen [Mon, 18 Mar 2013 18:31:47 +0000 (20:31 +0200)]
P2P: Stop P2P_PD_DURING_FIND wait on PD Response RX
Previously, P2P_PD_DURING_FIND state was scheduled for 200 ms and the
P2P state was not change until that timeout regardless of whether the PD
Response for recieved or not. There is no need to wait for that timeout
if the response is received, so allow the next operation to be performed
immediately after the response has been processed.
Jouni Malinen [Mon, 18 Mar 2013 15:36:12 +0000 (17:36 +0200)]
tests: Use social channel scan to speed up tests
The discovery and group formation test cases do not need to run the full
scan as the first step, so get rid of it to make the tests complete more
quickly.
Jouni Malinen [Mon, 18 Mar 2013 15:11:15 +0000 (17:11 +0200)]
P2P: Postpone P2P scan only if station mode scan is pending
sta_scan_pending was supposed to be accurate enough for determining
whether a P2P scan needs to be postponed. However, it has turned out
that there were cases where sta_scan_pending was not cleared properly.
While the known cases have now been addressed, it is possible that some
other cases may still exist. To avoid issues with P2P operationg getting
stuck, verify more carefully that there is a real pending station mode
scan (either in progress or scheduled to be requested).
Jouni Malinen [Mon, 18 Mar 2013 15:07:09 +0000 (17:07 +0200)]
Use special scan result processing steps only on requesting interface
Scan result events are shared between all virtual interfaces sharing the
same radio. However, some of the steps are not really appropriate on
virtual interfaces that did not issue the scan request. Fix this by
making these steps conditional on the scan results being processed on
the interface that requested them.
Jouni Malinen [Mon, 18 Mar 2013 15:04:23 +0000 (17:04 +0200)]
P2P: Re-start P2P operation if station mode scanning is stopped
There were couple of code paths that could end up stopping station mode
scanning without clearing sta_scan_pending. This could result in P2P
search getting stuck waiting for completion of station mode scan which
would never show up. Fix this by calling wpas_p2p_continue_after_scan()
in cases where station mode scans are stopped. This allows
sta_scan_pending to be cleared and P2P search operation continued.
Jouni Malinen [Mon, 18 Mar 2013 14:31:09 +0000 (16:31 +0200)]
P2P: Use common function for re-starting P2P scan after station scan
Make the implementation more consistent and cleaner by using a single
function for addressing all the cases where completion of a station mode
scan operation allows a P2P operation (search) to be re-started.
Jouni Malinen [Mon, 18 Mar 2013 14:05:24 +0000 (16:05 +0200)]
nl80211: Include interface name in more debug prints
This makes it easier to understand how scan operations and events occur
when multiple interfaces is being controlled by a single wpa_supplicant
process.
Jouni Malinen [Sun, 17 Mar 2013 18:13:46 +0000 (20:13 +0200)]
Android: Use CONFIG_WNM mode consistently
Replace CONFIG_IEEE80211V with CONFIG_WNM to get more consistent build
options for WNM-Sleep Mode operations. This is similar to the Makefile
change in commit ad3872a3720df13d8fc1a4345a5f0a8c3a204b4e.
Jouni Malinen [Sun, 17 Mar 2013 18:10:44 +0000 (20:10 +0200)]
Android: Fix CONFIG_WNM use in Android.mk
This code was within ifdef CONFIG_AP and did not get included unless
AP mode support was also enabled. This is similar to the Makefile
change in commit 2dfb9a447c7b71e03d4f4a318b4f8d67244d57d1.
This fixes the lookup of a usable PMKSA entry in the cache. Using
wpa_s->current_ssid often returns nothing when a usable PMKSA exists in
the cache since wpa_s->current_ssid does not necessarily point to the
correct network entry at this point in time (prior to association).