This is needed to allows WPS PBC session overlap detection to work
with drivers that process Probe Request frames internally. This
code is is run in hostapd, but the wpa_supplicant AP mode did not
have call to the hostapd_probe_req_rx() function even though it
registered handlers for hostapd Probe Request RX callbacks.
An optional parameter, p2p_dev_addr, can now be given to WPS_PBC
command on P2P GO to indicate that only the P2P device with the
specified P2P Device Address is allowed to connect using PBC. If
any other device tries to use PBC, a session overlap is indicated
and the negotiation is rejected with M2D. The command format for
specifying the address is "WPS_PBC p2p_dev_addr=<address>", e.g.,
WPS_PBC p2p_dev_addr=02:03:04:05:06:07
In addition, show the PBC session overlap indication as a WPS failure
event on an AP/GO interface. This particular new case shows up as
"WPS-FAIL msg=4 config_error=12".
This makes log files much more readable if multiple interfaces
are being controlled by the same process. The interface name is
added to stdout/file/syslog entries, but not to the messages
sent to control interface monitors to avoid issues with parsing
in external programs.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Add a callback for station's authorized transitions
to allow wpa_supplicant to emit events in DBus.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
To enable making state change notifications on the WLAN_STA_AUTHORIZED
flag, introduce ap_sta_set_authorized(), and to reduce use of the flag
itself also add a wrapper for testing the flag: ap_sta_is_authorized().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
If the driver advertises max_remain_on_chan data, use it instead of
the hardcoded value of 5000. Keep the default at 5000 since that is the
value used by earlier versions of cfg80211/mac80211 and not advertised
in nl80211 for those.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
When authenticating, and the interface type is not already
NL80211_IFTYPE_STATION, we need to call wpa_driver_nl80211_set_mode()
only once. Remove the excessive call.
Signed-off-by: Eliad Peller <eliad@wizery.com>
We need to call this function after having completed the neighboring
channel scan to figure out whether HT40 can be used and if so, which
channel is the secondary channel.
ieee80211n_supported_ht_capab is called after ieee80211n_check_40mhz in
function hostapd_check_ht_capab. ieee80211n_check_40mhz can return 1 in
a valid scenario where the initialization is completed in a callback. In
this case ieee80211n_supported_ht_capab is skipped and hostapd does not
check the ht capabilities reported by the driver. Fix this issue making
sure ieee80211n_supported_ht_capab gets called.
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
If WMM is not disabled explicitly (wmm_enabled=0 in hostapd.conf),
enable WMM automatically whenever HT (ieee80211n) is enabled. Use
the default WMM parameters for AP TX queues and the EDCA parameters
advertised for stations in WMM IE if no overriding values are
included in the configuration.
We can use the P2P interface types to check if the driver supports P2P
and to tell the kernel that a given interface is going to be used for
P2P (when it is created).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
There is no real reason to maintain these in the current development
branch anymore. If someone really needs support for the obsolete
driver interfaces, these can be found in older wpa_supplicant
branches.
driver_atmel.c
- vendor-specific interface for ATMEL AT76C5XXx cards
- for some old out-of-tree driver; not for the upstream atmel*
drivers
driver_ndiswrapper.c
- vendor-specific interface for an out-of-tree driver
- ndiswrapper should work with driver_wext.c, too
driver_ipw.c
- vendor-specific interface for old ipw2100/2200 driver
- the upstream driver works with driver_wext.c (and does not work
with the old interface)
driver_hermes.c
- vendor driver that was not even included in the main wpa_supplicant
releases
In order to enable protection mechanisms for different HT opmodes the
driver needs to be aware of the current HT opmode that is calculated by
hostapd. Hence, pass the current opmode to the nl80211 driver via
the bss attribute NL80211_ATTR_BSS_HT_OPMODE.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
tdls_prohibit=1 and tdls_prohibit_chan_switch=1 and now be used to
disable use of TDLS or TDLS channel switching in the BSS using
extended cabilities IE as defined in IEEE 802.11z.
Make sure that received management frames are long enough before
processing them. This avoids a potential segmentation fault if a
driver delivers an invalid frame all the way to hostapd.
The changes are:
1. the word "and" in the hunting-and-pecking string passed to the KDF
should be capitalized.
2. the primebitlen used in the KDF should be a short not an int.
3. the computation of MK in hostap is based on an older version of the
draft and is not the way it's specified in the RFC.
4. the group being passed into computation of the Commit was not in
network order.
Previously, only the Configuration Error values were indicated in
WPS-FAIL events. Since those values are defined in the specification
it is not feasible to extend them for indicating other errors. Add
a new error indication value that is internal to wpa_supplicant and
hostapd to allow other errors to be indicated.
Use the new mechanism to indicate if negotiation fails because of
WEP or TKIP-only configurations being disallows by WPS 2.0.
This needs to be done both in the more normal location in
p2p_timeout_connect_listen() (internal timeout after driver event) and
in p2p_listen_end() as a workaround for the case where the driver event
is delayed to happen after the internal timeout.
Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).
When hostapd is removing a virtual BSS interface, the loop here was
incorrectly not updating the iterator during list traversal and
ended up in an infinite loop in some cases.
Use NULL instead of (u8 *) "" as the seq value and make sure the
driver wrapper implementations can handle NULL value. This was
previously already done in number of places, but not everywhere.
wpa_supplicant seems to crash from time to time on a NetBSD 4.0 MIPS
platform. The root cause turned out to be a MIPS alignment issue.
In my wpa_supplicant crash case, in function
wpa_driver_bsd_event_receive (from driver_bsd.c), the buf[2048] address
is started from i.e. 0x7fffd546, which is not 4 bytes aligned. Later
when it is casted to (struct if_msghdr *), and rtm->rtm_flags is used.
rtm->rtm_flags is "int" type, but its address is not 4 bytes aligned.
This is because the start address of rtm is not 4 bytes aligned.
Unfortunately in NetBSD MIPS kernel (unlike Linux MIPS kernel emulates
unaligned access in its exception handler), the default behavior is to
generate a memory fault to the application that accesses unaligned
memory address. Thus comes the early mentioned wpa_supplicant crash. An
interesting note is when I'm using the wpa_supplicant version 0.4.9, I
never saw this problem. Maybe the stack layout is different. But I
didn't look into details.
I used below patch to resolve this problem. Now it runs correctly for at
least several hours. But you might have a better fix (maybe we can use
malloc/free so that it is at least cache line aligned?). I'm also not
sure if other drivers should have the same problem.
This adds partial callbacks and events to allow P2P management to be
implemented in a driver/firmware. This is not yet complete and is
very much subject to change in the future.
CONFIG_WPS_REG_DISABLE_OPEN=y can be used to configure wpa_supplicant
to disable open networks by default when wps_reg command is used to
learn the current AP settings. When this is enabled, there will be a
WPS-OPEN-NETWORK ctrl_iface event and the user will need to explicitly
enable the network (e.g., with "select_network <id>") to connect to
the open network.
If the underlying driver supports off-channel TX, it will now be used by
the nl80211 driver wrapper, setting WPA_DRIVER_FLAGS_OFFCHANNEL_TX
accordingly.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
With the new kernel functionality coming to Linux to allow off-channel
TX, we can take advantage of that in the P2P code that currently uses
remain-on-channel. If a driver advertises support for it, it will be
asked to handle off-channel TX by itself.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The nl80211 driver can report low ACK condition (in fact it reports
complete loss right now only). Use that, along with a config option, to
disconnect stations when the data connection is not working properly,
e.g., due to the STA having went outside the range of the AP. This is
disabled by default and can be enabled with disassoc_low_ack=1 in
hostapd or wpa_supplicant configuration file.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
ClientTimeout changes from EAP peer methods were not supposed to
change behavior for other EAP peer methods or even other sessions
of the same method. Re-initialize ClientTimeout whenever an EAP
peer method is initialized to avoid this. This addresses problems
where WPS (EAP-WSC) reduces the timeout and consecutive EAP runs
may fail due to too small timeout.
If the peer you want to connect to is no longer available (does not
acknowledge frames) when wpa_supplicant sends GO Negotition Request
frames, retransmission of this frame is done until the associated
p2p_device structure is removed on timeout. In that case, no signal
is emitted to inform the GO Negotiation has failed.
When sending an Invitation Request frame, the same retransmission
mechanism is in place but limit the transmission to 100 and hitting
the limit generates an event.
This patch adds the same mechanism as the one in place for Invitation
Request, but with limit of 120 to match the existing wait_count for
for GO Negotiation.
If a station received unprotected Deauthentication or Disassociation
frame with reason code 6 or 7 from the current AP, there may be a
mismatch in association state between the AP and STA. Verify whether
this is the case by using SA Query procedure. If not response is
received from the AP, deauthenticate.
This implementation is only for user space SME with
driver_nl80211.c.
Some new code will require access to P2P group members, so add API to
retrieve the number of members and iterate the members themselves.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
If there is a pending GO Negotiation when p2p_cancel is used,
unauthorize the peer to avoid immediate reconnection from being
accepted without a new p2p_connect command.
This can be used by external programs (e.g., wlantest_cli) to inject
raw frames (hex dump of the frame header and body). The data can be
requested to be sent as-is or protected with the current key.
