A new TDLS request shall transmit TPK M1 frame with a unique INonce.
Thus a new explicit request would fail an ongoing TDLS negotiation with
the error "TDLS: FTIE SNonce in TPK M3 does not match with FTIE SNonce
used in TPK M1" if the peer happens to receive two M1 frames before an
M3 frame. Check for the ongoing negotiation with the peer and do not
start a new one if we are already in a setup negotiation with the peer.
TDLS: Use helper function for disable link operation
This is called from number of locations and it is more efficient to use
a new helper function instead of wpa_tdls_disable_link() that would do
peer address search from the list of peers.
Making this function be used only for external setup case simplifies the
implementation and makes core wpa_supplicant calls in ctrl_iface.c and
events.c consistent.
TDLS: Do not modify RNonce for an TPK M1 frame with same INonce
There is no point in updating the RNonce for every obtained TPK M1 frame
(e.g., retransmission due to timeout) with the same INonce (SNonce in
FTIE). Update RNonce only if a TPK M1 is received with a different
INonce (new TDLS session) to avoid issues with two setup exchanges
getting mixed and exchange failing due to mismatching nonces ("TDLS:
FTIE ANonce in TPK M3 does not match with FTIE ANonce used in TPK M2").
TDLS: Disable the created link on a failed TDLS handshake
Clear the peer information and disable the created link on a
failed TDLS setup negotiation. This is needed to avoid leaving
TDLS setup pending and to return to the AP path in case anything
goes wrong during the setup attempt.
Fix possible freed-memory use in BSS table updates
If there are large number of BSSes in the scan results, BSS table update
could have added a BSS entry to the last_scan_res in a case where that
BSS entry got just deleted. This would happen only if there are more
than bss_max_count (by default 200) BSSes and if at least bss_max_count
of those BSSes are known (match a configured network). In such a case,
wpa_bss_add() could end up allocating a new BSS entry and return a
pointer to that entry even if it was the one that ended up getting freed
to keep the BSS table length within the limit. This could result in
freed memory being used and the process crashing (likely with segfault)
when trying to access information from that BSS entry.
Fix the issue by removing the oldest BSS entry before linking the new
entry to the table. This makes sure the newly added entry will never get
picked up as the one to be deleted immediately.
P2P: Prefer 20 MHz operating channels on 5 GHz band over 2.4 GHz
When no other user preference is specified, opt to use an operating
channel that allows 5 GHz band to be used rather than 2.4 GHz.
Previously, this was already done in practice for HT40 channels since no
such channel is enabled for P2P on 2.4 GHz. This commit extends this to
apply 5 GHz preference for 20 MHz channels as well.
Change-Id: I2d2433464068e863c12c0a06eed269e2a8c0fc46 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
commit 62b90b3f61d96527800b43f3d467e32f06e1e8f1
Author: Ying Wang <wangying@google.com>
Date: Tue Nov 20 18:04:25 2012 -0800
Include the subdir Android.mks in fixed order.
The build fails when the include order is reversed.
On the other hand, the build system doesn't guarantee the file order
returned by all-subdir-makefiles.
WFD: Add preliminary WSD request processing and response
This commit does not yet address support for different device roles,
i.e., the same set of subelements are returned regardless of which
role was indicated in the request.
WFD: Add preliminary WSD request processing and response
This commit does not yet address support for different device roles,
i.e., the same set of subelements are returned regardless of which
role was indicated in the request.
6ea1f41 Try to set WPA-None key after IBSS-joined event 66562e9 Use cached driver capabilities instead of new fetch for each operati 55293aa TDLS: Do not overwrite the reason code in the Tear Down Request 4aa8186 Add a configration parameter for sched_scan interval 03565bc Synchronize with wireless-testing.git include/uapi/linux/nl80211.h f11b72c TDLS: Move AID=1 workaround into driver_nl80211.c 7853369 TDLS: Pass peer's AID information to kernel 55a2df4 HS 2.0: Include HS 2.0 Indication element only for HS 2.0 associatio ad0685e edit: Fix history processing on running old command 9be3714 wpa_cli: Fetch the current BSSID list when starting interactive mode 69aa334 wpa_cli: Add BSSID tab completion for set bssid_filter 2156587 wpa_cli: Replace set command help with completion routine f1fb042 wpa_cli: Allow space in the set command value f5ffc34 wpa_supplicant: Allow global scan frequencies configuration abfc3ad Synchronize build config comments for wpa_supplicant a01e10d Android: Enable WPS ER and NFC support in the build 11e5a49 WPS: Do not use void* in arithmetic 0f105f9 HS 2.0: Move Probe Request Indication IE addition to proper place 8543ed8 WPA: Print pairwise EAPOL-Key flag as a bool 7af092a hostapd: Add Key MIC in group EAPOL-Key frames corruption test optio b691dcb nl80211: Fix max_remain_on_chan capability reading 41b1a76 P2P: Clone beacon_int when initializing new group interface 741ed9f WPS: Remove duplicate networks after WPS
Author: Jouni Malinen <j@w1.fi>
Date: Sun Nov 25 22:05:32 2012 +0200
Fix REAUTHENTICATE command after PMKSA caching
The current PMKSA cache entry needs to be clear to allow EAPOL
reauthentication to be started in case this association used PMKSA
caching.
- Remove old WPS_OOB NCF
- WPS: Add preliminary NFC connection handover support for Enrollee
- WPS: Reenable the networks disabled during wpa_wpas_reassoc
- P2P: Avoid multi-channel scans when they are not needed
- P2P: Allow discoverable interval for p2p_find to be configured
- P2P: Allow all channels with multi-channel concurrency
- Bonjour changes
- Remove disassociate
- HS 2.0 changes
- Add preliminary support for using SQLite for eap_user database
- Add SAE support
- Add disallow_aps parameter to disallow BSSIDs/SSIDs
- P2P: Send P2P-FIND-STOPPED event in the new continue-search states
- P2P: Add some more details on Service Query TLV format
- P2P: Use the same Dialog Token value for every GO Negotiation retry
- P2P: Publish more connected clients info in Probe Response frames
- P2P: Fix some memory leaks in p2p_add_device()
- P2P: Use the same Dialog Token value for every PD retry
- P2P: Document operating channel selection functions
- P2P: Always re-select operating channel if not hard coded
- P2P: Do not allow re-selection of GO channel if forced_freq in use
- P2P: Set FORCE_FREQ flag as part of p2p_prepare_channel()
- P2P: Share a single function for GO channel selection
- P2P: Prefer operating channels where HT40 is possible
- P2P: Be more careful with wpa_config_update_psk() call
- P2P: Allow PSK to be used instead of passphrase for persistent GO
- P2P: Consider age for the P2P scan results
- Move some P2P offchannel operations to offchannel.c
- P2P: Add more complete description of p2p_cancel
- P2P: Allow p2p_cancel to be used to stop p2p_connect-join operation
- Interworking changes
- WNM changes
- WPS changes
- SAE changes
Author: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Sat Feb 16 19:54:09 2013 +0200
Interworking: Select highest priority cred if multiple matches
Interworking: Select highest priority cred if multiple matches
GAS server: Fix a regression in GAS server callback
hostapd: Fix Max SP Length derivation from QoS Info
nl80211: Configure STA Capabilities and Extended Capabilities
Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
WPS: Fix build without CONFIG_WPS_NFC
WPS: Add support for NFC handover select generation with wpa_supplicant
WPS: Update NFC connection handover documentation
WPS: Add support for config token generation with wpa_supplicant
WPS: Allow password token to be written with nfcpy
WPS: Use pre-configured NFC password token instead of overriding it
TDLS: Pass peer's Capability and Ext Capability info during sta_add
TDLS: Pass peer's HT Capability and QOS information during sta_add
nl80211: Add debug prints for STA add/set operations
TDLS: Fix add/set STA operation
Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
WPS: Allow Device Password to be changed from M1 to M2
WPS: Fix wps_reg nfc-pw option
TDLS: Tear down peers when disconnecting from the AP
P2P: Do not use old scan result data for peer discovery
Use more accurate timestamps for scan results
P2P: Postpone P2P-DEVICE-FOUND if config_methods not known
P2P: Do not allow peer update to clear config_methods
WPS: Report NFC connection handover completion differently
P2P: Avoid concurrent scans during all steps of group formation
P2P: Cancel group formation timeout on group removal (on client)
WPS: Change listen time to match nfcpy default (250 ms)
WPS: Report only the carrier record from NFC to wpa_supplicant
WPS: Fetch only the carrier record from wpa_supplicant for NFC
WPS: Update nfcpy script to support AP mode NFC connection handover
WPS: Add command for fetching carrier record for NFC handover
WPS: Clean up debug prints with nfcpy
WPS: Remove 0.5 sec extra wait from NFC handover with nfcpy
WPS: Use alternating poll/listen for NFC peer discovery with nfcpy
WPS: Configure logging to show nfcpy log message
WPS: Add an example python script for NFC operations with hostapd
hostapd: Do not change HT40 capability due to OBSS scan
dbus: Add missing signal description for WPS (7)
EAP peer: Add Session-Id derivation to more EAP methods
EAP peer: Add Session-Id derivation
EAP-IKEV2 server: Fix invalid memory freeing operation
eap_proxy: Add a dummy implementation for compilation testing
eap_proxy: Add mechanism for allowing EAP methods to be offloaded
Android: Allow setgroups to be overridden from build configuration
P2P: Send p2p_stop_find event on failure to start pending p2p_find
P2P: Fix GO Probe Response IEs when Wi-Fi Display is enabled
Capability matching for 60 GHz band
nl80211: Add ctrl_iface message for AP mode connection rejection
P2P: Allow local configuration to use 5 GHz band 40 MHz channels
Fix BSS RANGE command for no exact id match cases
- P2P: Send P2P-FIND-STOPPED event in the new continue-search states
- P2P: Add some more details on Service Query TLV format
- P2P: Use the same Dialog Token value for every GO Negotiation retry
- P2P: Publish more connected clients info in Probe Response frames
- P2P: Fix some memory leaks in p2p_add_device()
- P2P: Use the same Dialog Token value for every PD retry
- P2P: Document operating channel selection functions
- P2P: Always re-select operating channel if not hard coded
- P2P: Do not allow re-selection of GO channel if forced_freq in use
- P2P: Set FORCE_FREQ flag as part of p2p_prepare_channel()
- P2P: Share a single function for GO channel selection
- P2P: Prefer operating channels where HT40 is possible
- P2P: Be more careful with wpa_config_update_psk() call
- P2P: Allow PSK to be used instead of passphrase for persistent GO
- P2P: Consider age for the P2P scan results
- Move some P2P offchannel operations to offchannel.c
- P2P: Add more complete description of p2p_cancel
- P2P: Allow p2p_cancel to be used to stop p2p_connect-join operation
- Interworking changes
- WNM changes
- WPS changes
- SAE changes
Author: Jouni Malinen <j@w1.fi>
Date: Sun Nov 25 22:05:32 2012 +0200
Fix REAUTHENTICATE command after PMKSA caching
The current PMKSA cache entry needs to be clear to allow EAPOL
reauthentication to be started in case this association used PMKSA
caching.
- Remove old WPS_OOB NCF
- WPS: Add preliminary NFC connection handover support for Enrollee
- WPS: Reenable the networks disabled during wpa_wpas_reassoc
- P2P: Avoid multi-channel scans when they are not needed
- P2P: Allow discoverable interval for p2p_find to be configured
- P2P: Allow all channels with multi-channel concurrency
- Bonjour changes
- Remove disassociate
- HS 2.0 changes
- Add preliminary support for using SQLite for eap_user database
- Add SAE support
- Add disallow_aps parameter to disallow BSSIDs/SSIDs
wps_pbc with interface command stripped out ends up as a null character.
Supplicant tries to interpret that as a bssid. Fix it to ignore null
character as empty bssid
853b49a tests: Increase test_ap_wps_init connection timeout 28de68a P2P: Update peer operating channel from GO Negotiation Confirm 6701fdc P2P: Use the first pref_chan entry as operating channel preference 99d7c76 P2P: Add more debug info on operating channel selection 8d660e0 P2P: Add GO negotiation results into the P2P-GO-NEG-SUCCESS event 2c6f8cf Replace perror() with wpa_printf(strerror) in ctrl_iface calls e743db4 IBSS RSN: Add IBSS-RSN-COMPLETED event message 4c55901 P2P: Add state info to global STATUS command ae8c27f Add STATUS command to global control interface 42868f1 Add SAVE_CONFIG command to global control interface 1b9b31c Add SET command for global control interface 0185007 hostapd: Add survey dump support 245e026 hostapd: Split up channel checking into helpers ba873bd wired: Wait for the link to become active before sending packets d393de1 P2P: Validate the freq in p2p_group_add 973622c wpa_supplicant: Fix AP mode frequency initialization d99ca89 P2P: Skip non-P2P interface in p2p_group_remove * 239abaf WPS: Set currently used RF band in RF Bands attribute bf83eab nl80211: Start P2P Device when rfkill is unblocked 60b13c2 nl80211: Do not change type to station on P2P interfaces e0591c3 wpa_supplicant: Reduce wait time for control interfaces 5046eb4 P2P: Allow separate interface GO to disconnect low-ack STAs 5bcd5c5 FT RRB: Clear pad field to avoid sending out uninitialized data b378c41 nl80211: Fix deinit path to unregister nl_mgmt socket a235aca Fix DETACH command debug prints to avoid use of freed memory 8d6e035 Make global UNIX socket non-blocking for ctrl_iface 86bd141 Change WEP network selection to reject WPA/WPA2 APs 2e145e9 WPS: Fix failure path to allow WSC_NACK and EAP-Failure to be exchan 3351a38 WPS: Add control interface command for fetching latest status e96872a WPS: Track peer MAC address from the last operations ae23935 WPS: Track PBC status 61b6520 WPS: Track result of the latest WPS operation 50396e2 WPS: Add PBC mode activated/disabled events 961750c WPS: Share a common function for error strings 30158a0 nl80211: Update the assoc_freq during connect 83e7bb0 nl80211: Add more debug prints for DEL_STATION commands
wpa_supplicant: Update to Version 0.8.27 from BRCM
- Fix crash during TRUE pbc overlap
- Fix p2p_stop_find event
- Avoid race condition in GO-NEG process if both peers enter
p2p_connect at the same time
- Retry assoc immediately on ASSOC-REJECT. Previously assoc was
retried on authentication timeout (which occurs after 10secs).
Now on assoc reject, we cancel the auth timer and then initiate
a assoc scan.
Jouni Malinen [Fri, 1 Nov 2013 10:52:17 +0000 (12:52 +0200)]
AOSP: Leftover edits from old commit
This came in as a part of the following AOSP commit. The actual
change was since then removed, but the remaining code was not
restored to match the upstream version. This should be reverted.
- Add 'conc_priority' command
- Fix handling a single channel concurrency case: If conc_priority
is not set, advertise the frequency conflict to the framework and
disable the new connection attempted
- When P2P Interface gets removed due to single channel frequency
conflict, show GROUP_REMOVE reason=FREQ_CONFLICT
- Fix sched scan processing
Dongles can be slow to respond and a quick turn around time on packets does
Allow for upto 350ms on retry attempts for provision discovery, negotiation
This will catch slow responses within the first attempt and prevent any kind
with sequence number handling
Author: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Sat Feb 16 19:54:09 2013 +0200
Interworking: Select highest priority cred if multiple matches
Interworking: Select highest priority cred if multiple matches
GAS server: Fix a regression in GAS server callback
hostapd: Fix Max SP Length derivation from QoS Info
nl80211: Configure STA Capabilities and Extended Capabilities
Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
WPS: Fix build without CONFIG_WPS_NFC
WPS: Add support for NFC handover select generation with wpa_supplicant
WPS: Update NFC connection handover documentation
WPS: Add support for config token generation with wpa_supplicant
WPS: Allow password token to be written with nfcpy
WPS: Use pre-configured NFC password token instead of overriding it
TDLS: Pass peer's Capability and Ext Capability info during sta_add
TDLS: Pass peer's HT Capability and QOS information during sta_add
nl80211: Add debug prints for STA add/set operations
TDLS: Fix add/set STA operation
Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
WPS: Allow Device Password to be changed from M1 to M2
WPS: Fix wps_reg nfc-pw option
TDLS: Tear down peers when disconnecting from the AP
P2P: Do not use old scan result data for peer discovery
Use more accurate timestamps for scan results
P2P: Postpone P2P-DEVICE-FOUND if config_methods not known
P2P: Do not allow peer update to clear config_methods
WPS: Report NFC connection handover completion differently
P2P: Avoid concurrent scans during all steps of group formation
P2P: Cancel group formation timeout on group removal (on client)
WPS: Change listen time to match nfcpy default (250 ms)
WPS: Report only the carrier record from NFC to wpa_supplicant
WPS: Fetch only the carrier record from wpa_supplicant for NFC
WPS: Update nfcpy script to support AP mode NFC connection handover
WPS: Add command for fetching carrier record for NFC handover
WPS: Clean up debug prints with nfcpy
WPS: Remove 0.5 sec extra wait from NFC handover with nfcpy
WPS: Use alternating poll/listen for NFC peer discovery with nfcpy
WPS: Configure logging to show nfcpy log message
WPS: Add an example python script for NFC operations with hostapd
hostapd: Do not change HT40 capability due to OBSS scan
dbus: Add missing signal description for WPS (7)
EAP peer: Add Session-Id derivation to more EAP methods
EAP peer: Add Session-Id derivation
EAP-IKEV2 server: Fix invalid memory freeing operation
eap_proxy: Add a dummy implementation for compilation testing
eap_proxy: Add mechanism for allowing EAP methods to be offloaded
Android: Allow setgroups to be overridden from build configuration
P2P: Send p2p_stop_find event on failure to start pending p2p_find
P2P: Fix GO Probe Response IEs when Wi-Fi Display is enabled
Capability matching for 60 GHz band
nl80211: Add ctrl_iface message for AP mode connection rejection
P2P: Allow local configuration to use 5 GHz band 40 MHz channels
Fix BSS RANGE command for no exact id match cases
Sync with main tree commit b8349523e460493fa0b4de36c689595109e45e91
Author: Neeraj Kumar Garg <neerajkg@broadcom.com>
Date: Tue Dec 27 23:21:45 2011 +0200
P2P: Reject p2p_group_add if forced frequency is not acceptable
Sync with main tree commit b8349523e460493fa0b4de36c689595109e45e91
Author: Neeraj Kumar Garg <neerajkg@broadcom.com>
Date: Tue Dec 27 23:21:45 2011 +0200
P2P: Reject p2p_group_add if forced frequency is not acceptable
Sync with main tree commit b8349523e460493fa0b4de36c689595109e45e91
Author: Neeraj Kumar Garg <neerajkg@broadcom.com>
Date: Tue Dec 27 23:21:45 2011 +0200
P2P: Reject p2p_group_add if forced frequency is not acceptable
b2b688d P2P: Fix crash when failed to create GO interface 6197169 WPS NFC: Fix build without CONFIG_AP=y e1ae5d7 SAE: Fix build without CONFIG_AP=y 813e7b3 P2P: Remove group from timeout on PSK failure 5bf9a6c P2P: Add event messages for possible PSK failures on P2P groups eac8dab P2P: Document per-client keys and p2p_remove_client 43c693c P2P: Do not store duplicate PSK entries for the same device f2c5660 P2P: Add a command for removing a client from all groups 01a57fe P2P: Maintain list of per-client PSKs for persistent groups 759fd76 P2P: Select PSK based on Device Address instead of Interface Address 94ddef3 P2P: Make peer's P2P Device Address available to authenticator 52177fb P2P: Store P2P Device Address in per-device PSK records 05766ed P2P: Allow per-device PSK to be assigned 698e921 wpa_cli: Add tab completion for p2p_set field values 0b5fb86 P2P: Stop listen state when listen-only duration is over 02a3e5c wpa_cli: Allow first DISCONNECTED event to be reported cdf8bfa Disallow WEP configuration in WPA network 731ef43 D-Bus: Fix per-iface object unregistration on not existing objects 447969e D-Bus: Do not send network notification for all P2P groups eb32460 Fix switching from EAP-SIM to EAP-AKA/AKA' f2b3f4d P2P: Allow P2P functionality to be disabled per interface 50f4f2a hostapd: Add Automatic Channel Selection (ACS) support 43ee470 P2P: Immediate group removal in GC in case of deauthentication fcf2052 Fix MNC length for Swisscom SIM cards
WFD: Add preliminary WSD request processing and response
This commit does not yet address support for different device roles,
i.e., the same set of subelements are returned regardless of which
role was indicated in the request.
Kenny Root [Wed, 26 Jun 2013 21:57:31 +0000 (14:57 -0700)]
Remove obsolete keystore path
It's not possible to get a raw private key from keystore anymore, so
this would fail every time anyway. Remove it so it doesn't confuse
anyone that looks at this code.
Kenny Root [Wed, 21 Mar 2012 00:00:47 +0000 (17:00 -0700)]
Use keystore ENGINE for private key operations
The new keystore ENGINE is usable to perform private key operations when
we can't get the actual private key data. This is the case when hardware
crypto is enabled: the private key never leaves the hardware.
Subsequently, we need to be able to talk to OpenSSL ENGINEs that aren't
PKCS#11 or OpenSC. This just changes a few #define variables to allow us
to talk to our keystore engine without having one of those enabled and
without using a PIN.
wpa_supplicant: Update to Version 0.8.27 from BRCM
- Fix crash during TRUE pbc overlap
- Fix p2p_stop_find event
- Avoid race condition in GO-NEG process if both peers enter
p2p_connect at the same time
- Retry assoc immediately on ASSOC-REJECT. Previously assoc was
retried on authentication timeout (which occurs after 10secs).
Now on assoc reject, we cancel the auth timer and then initiate
a assoc scan.
- Allow AP_SME support
- Do not send disassoc after EAP failure since AP_SME is enabled
and del_station will be called
- Allow group idle timeout to run during WPS disconnect
wpa_supplicant crashes if driver configuration for AP mode interface
configuration fails after group negotiation. This is because of a
regression from commit 1075b2957169d8f9d6dddd7679339c751dc9515b that
ends up freeing the wpa_s instance from within
wpa_supplicant_create_ap() without the caller knowing.
Fix this by using an eloop timeout to free remove the P2P group so that
wpa_supplicant_create_ap() and especially wpa_supplicant_associate()
callers do not need to know about interface getting possibly removed. In
addition, move the P2P specific code into p2p_supplicant.c where it
really belongs. This allows the already existing group formation timeout
to be used by reducing the timeout to zero.
tests: Check wpa_supplicant connection after reset
Some test runs have resulted in wpa_supplicant being unresponsive or
very slow on the control interface. Check for that type of issues as
part of the reset sequence that is done between each test case.
Avoid potential issues with removing a P2P group on PSK failure directly
from the wpa_supplicant_event() call since the caller (in driver_*.c)
may not be prepared for the interface disappearing at that point in
time.
P2P: Add event messages for possible PSK failures on P2P groups
It is possible for the GO of a persistent group to change the PSK or
remove a client when per-client PSKs are used and this can happen
without the SSID changing (i.e., the group is still valid, but just not
for a specific client). If the client side of such persistent group ends
up trying to use an invalidated persistent group information, the
connection will fail in 4-way handshake. A new WPS provisioning step is
needed to recover from this.
Detect this type of case based on two 4-way handshake failures when
acting as a P2P client in a persistent group. A new
"P2P-PERSISTENT-PSK-FAIL id=<persistent group id>" event is used to
indicate when this happens. This makes it easier for upper layers to
remove the persistent group information with "REMOVE_NETWORK <persistent
group id>" if desired (e.g., based on user confirmation).
In addition to indicating the error cases for persistent groups, all
this type of PSK failures end up in the client removing the group with
the new reason=PSK_FAILURE information in the P2P-GROUP-REMOVED event.
P2P: Add a command for removing a client from all groups
The new control interface command P2P_REMOVE_CLIENT <P2P Device
Address|iface=Address> can now be used to remove the specified client
from all groups (ongoing and persistent) in which the local device is a
GO. This will remove any per-client PSK entries and deauthenticate the
device.
P2P: Maintain list of per-client PSKs for persistent groups
Record all generated per-client PSKs in the persistent group network
block and configure these for the GO Authenticator whenever re-starting
the persistent group. This completes per-client PSK support for
persistent groups.
P2P: Select PSK based on Device Address instead of Interface Address
When using per-device PSKs, select the PSK based on the P2P Device
Address of the connecting client if that client is a P2P Device. This
allows the P2P Interface Address to be changed between P2P group
connections which may happen especially when using persistent groups.
P2P: Store P2P Device Address in per-device PSK records
This makes the P2P Device Address of the Enrollee available with the PSK
records to allow P2P Device Address instead of P2P Interface Address to
be used for finding the correct PSK.
"wpa_cli p2p_set per_sta_psk <0/1>" can now be used to disable/enable
use of per-device PSKs in P2P groups. This is disabled by default.
When enabled, a default passphrase is still generated by the GO for
legacy stations, but all P2P and non-P2P devices using WPS will get
a unique PSK.
This gives more protection for the P2P group by preventing clients from
being able to derive the unicast keys used by other clients. This is
also a step towards allowing specific clients to be removed from a group
reliably without having to tear down the full group to do so.
projects / thirdparty / hostap.git / log
