Jouni Malinen [Sun, 5 Mar 2017 14:16:42 +0000 (16:16 +0200)]
RADIUS server: Fix error paths in new session creation
radius_server_session_free() does not remove the session from the
session list and these radius_server_get_new_session() error paths ended
up leaving a pointer to freed memory into the session list. This
resulted in the following operations failing due to use of freed memory.
Fix this by using radius_server_session_remove() which removes the entry
from the list in addition to calling radius_server_session_free().
Jouni Malinen [Sat, 4 Mar 2017 09:42:15 +0000 (11:42 +0200)]
Fix DHCP/NDISC snoop deinit followed by failing re-init
It was possible to hit a double-free on the l2_packet socket if
initialization of DHCP/NDISC snoop failed on a hostapd interface that
had previously had those enabled successfully. Fix this by clearing the
l2_packet pointers during deinit.
Hu Wang [Wed, 1 Mar 2017 14:39:30 +0000 (16:39 +0200)]
Clear scan_res_handler on no-retry failure
Previously it was possible for wpa_s->scan_res_handler to remain set to
its old value in case wpa_drv_scan() failed and no retry for the scan
trigger was scheduled (i.e., when last_scan_req == MANUAL_SCAN_REQ).
This could result in getting stuck with the next connection attempt
after a failed "SCAN TYPE=ONLY" operation when wpa_s->scan_res_handler
was set to scan_only_handler().
Fix this by clearing wpa_s->scan_res_handler if wpa_drv_scan() fails and
no retry is scheduled.
Gaole Zhang [Wed, 1 Mar 2017 07:56:32 +0000 (15:56 +0800)]
QCA nl80211 vendor attribute for specific sub-20 MHz channel width
Define a new attribute QCA_WLAN_VENDOR_ATTR_CONFIG_SUB20_CHAN_WIDTH.
This attribute can set a station device to work in 5 or 10 MHz channel
width while in disconnect state.
Jouni Malinen [Wed, 1 Mar 2017 09:25:49 +0000 (11:25 +0200)]
tests: WNM BSS TM with explicit Table E-4 indication
wnm_bss_tm_global uses an unknown country code to use Table E-4. Extend
that with otherwise identical test case wnm_bss_tm_global4, but with the
country string explicitly indicating use of Table E-4 while using a
known country code.
Jouni Malinen [Wed, 1 Mar 2017 08:58:15 +0000 (10:58 +0200)]
Make the third octet of Country String configurable
The new hostapd.conf parameter country3 can now be used to configure the
third octet of the Country String that was previously hardcoded to ' '
(= 0x20).
For example:
All environments of the current frequency band and country (default)
country3=0x20
Outdoor environment only
country3=0x4f
Indoor environment only
country3=0x49
Noncountry entity (country_code=XX)
country3=0x58
IEEE 802.11 standard Annex E table indication: 0x01 .. 0x1f
Annex E, Table E-4 (Global operating classes)
country3=0x04
Jouni Malinen [Mon, 27 Feb 2017 22:03:48 +0000 (00:03 +0200)]
tests: Fix EAPOL frame source address in protocol tests
The send_eapol() calls for delivering frames to wpa_supplicant had a
copy-paste bug from the earlier hostapd cases. These were supposed to
use the BSSID, not the address of the station, as the source address.
The local address worked for most cases since it was practically
ignored, but this could prevent the race condition workaround for
association event from working. Fix this by using the correct source
address (BSSID).
Jouni Malinen [Sun, 26 Feb 2017 23:10:02 +0000 (01:10 +0200)]
af_alg: Crypto wrappers for Linux kernel crypto (AF_ALG)
CONFIG_TLS=linux can now be used to select the crypto implementation
that uses the user space socket interface (AF_ALG) for the Linux kernel
crypto implementation. This commit includes some of the cipher, hash,
and HMAC functions. The functions that are not available through AF_ALG
(e.g., the actual TLS implementation) use the internal implementation
(CONFIG_TLS=internal).
Ashwini Patil [Fri, 24 Feb 2017 08:01:54 +0000 (13:31 +0530)]
MBO: Fix minimum length check on non_pref_chan configuration
The reason detail field in non_pref_chan attribute was removed
from MBO draft v0.0_r25. Also oper_class can be 1 character for
few country codes (e.g., country code-UK, channel number-1). So the
shortest channel configuration is 7 characters.
This was missed in the earlier commit 4a83d4b6861f6627b6b256b8c126547a19409a70 ('MBO: Do not add reason_detail
in non_pref_chan attr (STA)') that took care of other changes related to
removal of the reason detail.
Peng Xu [Wed, 22 Feb 2017 22:05:35 +0000 (14:05 -0800)]
hostapd: Get channel number from frequency based on other modes as well
When getting the channel number from a frequency, all supported modes
should be checked rather than just the current mode. This is needed when
hostapd switches to a channel in different band.
Jouni Malinen [Sun, 26 Feb 2017 10:18:29 +0000 (12:18 +0200)]
FILS: Fix fils_hlp.c build with older netinet/udp.h definitions
The __FAVOR_BSD macro was previously used in netinet/udp.h to select
between two different names of the variables in struct udphdr. Define
that to force the versions with the uh_ prefix. In addition, use the
same style consistently within fils_hlp.c.
Jouni Malinen [Sun, 26 Feb 2017 10:02:21 +0000 (12:02 +0200)]
Fix AES-SIV build dependencies
aes-siv.c needs functions from aes-ctr.c and aes-omac1.c, so set
NEED_AES_CTR=y and NEED_AES_OMAC1=y if NEED_AES_SIV is defined. This
fixes some build configuration combinations where either of those
dependencies were not pulled in through other parameters. For example,
some CONFIG_FILS=y cases were impacted.
Jouni Malinen [Sat, 25 Feb 2017 17:15:24 +0000 (19:15 +0200)]
Fix SELECT_NETWORK freq parameter
This functionality was originally added in commit 204c9ac4eed9f0ad69497f2efcd0d095dfd6e61c ('Extend select_network command
with freq= to reduce scan time') re-using wpa_s->manual_scan_freqs and
MANUAL_SCAN_REQ. That got broken when commit 35d403096eb63c787bd736dd8ba0902c34398fa8 ('Set NORMAL_SCAN_REQ on
SELECT_NETWORK/ENABLE_NETWORK') started overriding wpa_s->scan_req for
SELECT_NETWORK.
Fix this by adding a new scan frequency list specifically for
SELECT_NETWORK so that this does not need to depend on any specific
wpa_s->scan_req value.
Jouni Malinen [Wed, 22 Feb 2017 22:03:00 +0000 (00:03 +0200)]
Add option to disable broadcast deauth in hostapd on AP start/stop
The new broadcast_deauth parameter can be used to disable sending of the
Deauthentication frame whenever AP is started or stopped. The default
behavior remains identical to the past behavior (broadcast_deauth=1).
Jouni Malinen [Wed, 22 Feb 2017 22:19:10 +0000 (00:19 +0200)]
hostapd: Fix potential mesh-related change from impacting non-mesh cases
Commit 01e2231fdc4fbec61fbc382238e3606a1d2826e4 ('hostapd: Skip some
configuration steps for mesh cases') removed some operations based on
hapd->iface->mconf being NULL. This was within #ifdef CONFIG_MESH, so it
should not impact hostapd, but it can impact AP mode with
wpa_supplicant. That does not sound intentional, so make these
conditional on hapd->conf->mesh being enabled.
Jouni Malinen [Tue, 21 Feb 2017 10:49:16 +0000 (12:49 +0200)]
SME: Clear portValid on starting authentication to fix FILS
The ft_completed for FILS authentication case in
wpa_supplicant_event_assoc() depends on something having cleared
portValid so that setting it TRUE ends up authorizing the port. This
clearing part did not happen when using FILS authentication during a
reassociation within an ESS. Fix this by clearing portValid in
sme_send_authentication() just before the keys are cleared (i.e., the
old connection would not be usable anyway).
Jouni Malinen [Tue, 21 Feb 2017 10:25:02 +0000 (12:25 +0200)]
FILS: Fix BSSID in reassociation case
The RSN supplicant implementation needs to be updated to use the new
BSSID whenever doing FILS authentication. Previously, this was only done
when notifying association and that was too late for the case of
reassociation. Fix this by providing the new BSSID when calling
fils_process_auth(). This makes PTK derivation use the correct BSSID.
Jouni Malinen [Tue, 21 Feb 2017 10:18:58 +0000 (12:18 +0200)]
FILS: Find PMKSA cache entries on AP based on FILS Cache Identifier
This allows PMKSA cache entries to be shared between all the BSSs
operated by the same hostapd process when those BSSs use the same FILS
Cache Identifier value.
The RSN pre-authentication case ended up ignoring the initial
startPeriod value and delayed EAPOL-Start message by two seconds. Fix
this by forcing the first EAPOL-Start message to be sent when running
pre-authentication.
nl80211: Notify reason for connection timeout failure
This adds reason for timeout in event CTRL-EVENT-ASSOC-REJECT whenever
connection failure happens because of timeout. This extends the
"timeout" parameter in the event to include the reason, if available:
timeout=scan, timeout=auth, timeout=assoc.
Peng Xu [Tue, 25 Oct 2016 17:23:24 +0000 (10:23 -0700)]
hostapd: Add IEEE 802.11ax HE IEs into Beacon/Probe Response frames
IEEE 802.11ax HE changes to include HE IEs in Beacon and Probe Response
frames. These elements are using vendor specific forms for now since the
IEEE 802.11ax draft is not yet finalized and the element contents is
subject to change.
Masashi Honma [Wed, 15 Feb 2017 10:07:02 +0000 (19:07 +0900)]
mesh: Use correct rate in VHT and HT mixed environment
Let mesh STA A be a STA which has config disable_ht=0 and disable_vht=1.
Let mesh STA B be a STA which has config disable_ht=0 and disable_vht=0.
The mesh STA A and B was connected.
Previously, the mesh STA A sent frame with VHT rate even though its VHT
was disabled. This commit fixes the issue by checking the local BSS VHT
configuration.
Masashi Honma [Wed, 15 Feb 2017 10:07:01 +0000 (19:07 +0900)]
mesh: Use correct rate in HT and legacy mixed environment
Let mesh STA A be a STA which has config disable_ht=1.
Let mesh STA B be a STA which has config disable_ht=0.
The mesh STA A and B was connected.
Previously, the mesh STA A sent frame with HT rate even though its HT
was disabled. This commit fixes the issue by checking the local BSS HT
configuration.
Jouni Malinen [Sun, 19 Feb 2017 10:28:33 +0000 (12:28 +0200)]
Define eapol_sm_get_eap_proxy_imsi() only with CONFIG_EAP_PROXY=y
This function is called only from locations within ifdef
CONFIG_EAP_PROXY, so there is no need to try to cover the not-defined
case here and the function can simply be removed completely if
CONFIG_EAP_PROXY=y is not used.
Jouni Malinen [Sat, 18 Feb 2017 19:14:10 +0000 (21:14 +0200)]
FT: Support addition of RIC elements into Reassociation Request frame
The new "SET ric_ies <hexdump>" control interface command can now be
used to request wpa_supplicant to add the specified RIC elements into
Reassociation Request frame when using FT protocol. This is mainly for
testing purposes.
Jouni Malinen [Thu, 16 Feb 2017 19:18:18 +0000 (21:18 +0200)]
FILS: Fix PMK length for initial connection with FILS SHA384 AKM
While the FILS authentication cases were already using the proper PMK
length (48 octets instead of the old hardcoded 32 octet), the initial
association case had not yet been updated to cover the new FILS SHA384
AKM and ended up using only a 32-octet PMK. Fix that to use 48-octet PMK
when using FILS SHA384 AKM.
Jouni Malinen [Thu, 16 Feb 2017 18:38:09 +0000 (20:38 +0200)]
OpenSSL: Fix hmac_sha384_vector() implementation
The output length was incorrect (32 from the copy-pasted SHA256
version). Fix this to return the correct number of octets (48) for
SHA384. This fixes incorrect key derivation in FILS when using the
SHA384-based AKM.
browser-wpadebug: Send HTTP response with HTTP/1.1 header
HTTP response was previously sent as a plaintext without the HTTP header
on port 12345. By default Android webview/Chrome assumes plaintext as
HTTP/0.9 data. Android webview/Chrome has removed support of HTTP/0.9
request/response on non-standard ports, i.e., other than port 80. This
results in error while opening URL 'http://localhost:12345/'.
Fix this by prefixing the HTTP response with the HTTP/1.1 header.
Jouni Malinen [Thu, 16 Feb 2017 09:42:47 +0000 (11:42 +0200)]
P2P: Verify local driver preferred frequencies for P2P use cases
Previously the peer operating channel preference was accepted if the
indicated frequency was listed in the local preference list from the
driver. This was assuming that the driver included only channels that
are currently enabled for GO operation. Since that might not be the
case, filter the local preference list by doing an explicit validation
of the indicated channels for P2P support.
This moves the similar validation steps from two other code paths in
p2p_check_pref_chan_recv() and p2p_check_pref_chan_no_recv() into a
common filtering step in p2p_check_pref_chan() for all three cases.
This avoids issues to start the GO in cases where the preferred
frequency list from the driver may include channels that are not
currently enabled for P2P GO use (e.g., 5 GHz band in world roaming
configuration).
Jouni Malinen [Wed, 15 Feb 2017 14:07:13 +0000 (16:07 +0200)]
P2P: Add P2P_SET override_pref_op_chan to allow overriding preference
This new P2P_SET parameter uses <op_class>:<channel> format and is used
mainly for testing purposes to allow overriding the value of the GO
Negotiation Response frame Operating Channel attribute.
Jouni Malinen [Thu, 16 Feb 2017 09:09:04 +0000 (11:09 +0200)]
Use throughput estimate-based BSS selection with larger SNR difference
Previously, the est_throughput comparison was done only when SNR
difference was less than 5 dB. Since the throughput estimation take into
account SNR, this can be done in more cases. For now, add a conservative
2 dB more to the difference so that any SNR difference below 7 dB
results in BSS selection based on throughput estimates.
In addition, the throughput estimates require SNR values to be
available, so separate this from the 5 GHz preference that can be done
based on either SNR or qual values.
Jouni Malinen [Thu, 16 Feb 2017 09:07:12 +0000 (11:07 +0200)]
Drop GREAT_SNR definition from 30 to 25 dB
This allows throughput estimates and 5 GHz preference over 2.4 GHz band
to be used in more cases. The previously used value of 30 was
significantly more conservative than the SNR limits used for the highest
rate in scan_est_throughput() and this resulted in cases where 5 GHz AP
was ignored while SNR with it would have been close to reaching the
maximum TX rate.
Jouni Malinen [Mon, 13 Feb 2017 17:45:51 +0000 (19:45 +0200)]
FILS: Remove CRC32 dependency from build
The published P802.11ai version does not use CRC32 anymore, so remove
inclusion of crc32.o into wpa_supplicant and hostapd builds based on
CONFIG_FILS=y.
projects / thirdparty / hostap.git / log
