Commit Graph

69 Commits

Author SHA1 Message Date
Jouni Malinen
0282a8c46a Use helper function for writing cipher suite names
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:31:36 +02:00
Jouni Malinen
2049a875bc WNM: Additional BSS Transition Management capability
Add some more functionality for BSS Transition Management:
- advertise support for BSS Transition Management in extended
  capabilities element
- add hostapd.conf parameter bss_transition=1 for enabling support
  for BSS Transition Management
- add "hostapd_cli disassoc_imminent <STA> <num TBTTs>" for sending
  disassociation imminent notifications for testing purposes
- wpa_supplicant: trigger a new scan to find another BSS if the
  current AP indicates disassociation imminent (TODO: the old AP needs
  to be marked to use lower priority to avoid re-selecting it)

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 20:27:30 +02:00
Pontus Fuchs
5bbf590a58 hostapd: Android: Force group access to ctrl_iface directory
Same fix as d49ea68284 in
wpa_supplicant.

From original commit:

wpa_supplicant is started from /init.*.rc on Android and that seems
to be using umask 0077 which would leave the control interface
directory without group access. This breaks things since Wi-Fi
framework assumes that this directory can be accessed by other
applications in the wifi group. Fix this by adding group access even
if umask value would prevent this.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2012-12-17 16:30:44 +02:00
Pontus Fuchs
9cbd5845d0 hostapd: Don't chown control interface to root
If ctrl_interface_group in the config file is set hostapd tries to
chown the dir and socket to uid 0. This causes the chown to fail
if hostapd is run as non-root.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2012-12-17 16:27:04 +02:00
Jouni Malinen
207fb86411 WPS: Remove deprecated UFD config method and OOB ctrl_iface
The UFD (USB flash drive) configuration method was deprecated in WSC
2.0. Since this is not known to be used, remove the UFD implementation
from hostapd and wpa_supplicant to allow the WPS implementation to be
cleaned up. This removes the now unused OOB operations and ctrl_iface
commands that had already been deprecated by the new NFC operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 13:01:06 +02:00
Jouni Malinen
9f36eac6e5 WPS: Remove old OOB NFC interface
The old WPS interface for using NFC has no known deployments and even
the binary libraries referenced here are not easily available anymore.
Since the new interface for using NFC with WPS covers the same
functionality, remove the old implementation to clean up WPS
implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-28 18:20:03 +02:00
Jouni Malinen
eb7719ff22 Add support for using GCMP cipher from IEEE 802.11ad
This allows both hostapd and wpa_supplicant to be used to derive and
configure keys for GCMP. This is quite similar to CCMP key
configuration, but a different cipher suite and somewhat different rules
are used in cipher selection. It should be noted that GCMP is not
included in default parameters at least for now, so explicit
pairwise/group configuration is needed to enable it. This may change in
the future to allow GCMP to be selected automatically in cases where
CCMP could have been used.

This commit does not included changes to WPS or P2P to allow GCMP to be
used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 11:52:15 +03:00
Shan Palanisamy
06bb8c62ff hostapd: Add global ctrl_iface commands for adding/removing interfaces
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 13:47:49 +03:00
Shan Palanisamy
7554565299 hostapd: Add ctrl_iface for enabling/reloading/disabling interface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 13:47:36 +03:00
Shan Palanisamy
c90fd48514 hostapd: Add global control interface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 13:47:24 +03:00
Jouni Malinen
986de33d5c Convert remaining SSID routines from char* to u8*
This makes it more explicit that the SSID is not a null terminated
C string.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:07:25 +03:00
Jouni Malinen
ffdaa05a6b WPS: Add support for NCF password token from AP
The new hostapd ctrl_iface command WPS_NFC_TOKEN can now be used to
manage AP-as-Enrollee operations with NFC password token. WPS/NDEF
parameters to this command can be used to generate a new NFC password
token. enable/disable parameters can be used to enable/disable use of
NFC password token (instead of AP PIN) for external Registrars.

A preconfigured NFS password token can be used by providing its
parameters with new hostapd.conf fields wps_nfc_dev_pw_id,
wps_nfc_dh_pubkey, wps_nfc_dh_privkey, and wps_nfc_dev_pw. This use
will also depend on WPS_NFC_TOKEN enable/disable commands, i.e., the
configured NFS password token is disabled by default.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 19:43:29 +03:00
Jouni Malinen
3cf7a59d4f WPS: Add new mechanism for generation NFC configuration token
The new hostapd ctrl_iface command WPS_NFC_CONFIG_TOKEN can now be used
to fetch payload for an NFC configuration token so that an external
program can be used to write this on an NFC tag.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 13:25:48 +03:00
Jouni Malinen
bb45b6d79a WPS: Add new mechanism for communicating NFC tag read events
hostapd ctrl_iface can now be used to deliver payload from read
operation of an NFC tag. This allows operations without having to have
low-level NFC code within hostapd. For now, the new wps_nfc_tag_read
command can be used with NFC password tokens for the case where the AP
has an NFC device that is used to read an NFC tag from the station
Enrollee.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:13 +03:00
Ben Greear
9d05374796 Make bind failure messages unique
This helps someone know which part of the code is complaining.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 12:10:36 +03:00
Anirban Sirkhell
4c374cde2f Add wps_cancel for hostapd_cli
Implement wps_cancel for hostapd similarly to how it was already
supported in wpa_supplicant AP mode.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-30 11:11:35 +03:00
Jay Katabathuni
dca30c3fb7 Interworking: Add GAS server support for AP mode
This adds GAS/ANQP implementation into hostapd. This commit brings in
the basic GAS/ANQP functionality, but only the ANQP Capability List
element is supported.

For testing purposes, hostapd control interface SET command can be used
to set the gas_frag_limit parameter dynamically.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-26 22:52:53 +02:00
Jithu Jance
e60b295186 Add wpa_supplicant AP mode STA deauthenticate/disassociate commands
Move disassociate and deauthenticate commands to ctrl_iface_ap.c, so
that they ares accessible for wpa_supplicant AP mode and wpa_cli (with
CONFIG_AP option enabled).

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-02-25 17:22:48 +02:00
Shan Palanisamy
9e7d033ef4 hostapd: Make sure ctrl_iface is not initialized multiple times
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:44:43 +02:00
Shan Palanisamy
31b79e1197 hostapd: Allow config parameters to be set through ctrl_iface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:36:48 +02:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Ben Greear
e04a163180 AP: Convert some wpa_printf to wpa_msg/dbg
This generates better log messages when running multiple
interfaces in one process.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-12-10 16:28:14 +02:00
Helmut Schaa
8cfa3527e1 Allow MLME frames to be sent without expecting an ACK (no retries)
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2011-11-19 19:02:05 +02:00
Jouni Malinen
895c643407 Remove unused header file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-17 20:01:19 +02:00
Jouni Malinen
71269b3708 WNM: Add BSS Transition Management Request for ESS Disassoc Imminent
"hostapd_cli ess_disassoc (STA addr) (URL)" can now be used to send
an ESS Dissassociation Imminent notification to the STA. This event
is shown in wpa_supplicant ctrl_iface monitors (e.g., wpa_cli):
"WNM: ESS Disassociation Imminent - session_info_url=http://example.com/session/"
2011-10-16 23:55:34 +03:00
Jouni Malinen
d601247ca9 P2P: Allow WPS_PBC command on GO to select on P2P Device Address
An optional parameter, p2p_dev_addr, can now be given to WPS_PBC
command on P2P GO to indicate that only the P2P device with the
specified P2P Device Address is allowed to connect using PBC. If
any other device tries to use PBC, a session overlap is indicated
and the negotiation is rejected with M2D. The command format for
specifying the address is "WPS_PBC p2p_dev_addr=<address>", e.g.,
WPS_PBC p2p_dev_addr=02:03:04:05:06:07

In addition, show the PBC session overlap indication as a WPS failure
event on an AP/GO interface. This particular new case shows up as
"WPS-FAIL msg=4 config_error=12".
2011-02-07 18:28:36 +02:00
Ben Greear
b41a47c03f hostapd: Allow logging to file
Also supports 'relog' CLI command to re-open the log file.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-06 20:24:16 +02:00
Jouni Malinen
51e2a27a21 hostapd_driver_ops reduction
set_sta_vlan, get_inact_sec, sta_deauth, sta_disassoc, and sta_remove
to use inline functions instead of extra abstraction.
2010-11-24 15:36:02 +02:00
Jouni Malinen
5bf49c346c Drop local stations on broadcast deauth/disassoc request
When hostapd_cli deauth/disassoc is used with ff:ff:ff:ff:ff:ff
address, drop all local STA entries in addition to sending out the
broadcast deauth/disassoc frame.
2010-11-10 17:09:31 +02:00
Jouni Malinen
acec8d3203 Add ctrl_iface command 'GET version'
This can be used to fetch the wpa_supplicant/hostapd version
string.
2010-10-31 17:07:31 +02:00
Jouni Malinen
450eddcfae hostapd: Add wps_config ctrl_interface command for configuring AP
This command can be used to configure the AP using the internal
WPS registrar. It works in the same way as new AP settings received
from an ER.
2010-10-21 16:49:41 +03:00
Jouni Malinen
2c8a4eef41 WPS: Update Beacon/ProbeResp IE on wps_version_number changes
This test command is supposed to change the WPS version number in all
places immediately, so make sure that the IEs used in management
frames get updated immediately.
2010-10-19 19:57:01 +03:00
Jouni Malinen
088a225586 Fix hostapd_cli get_config not to show key when WPA is disabled
Previously, incorrectly configured passphrase or group cipher type
could be shown even if WPA was disabled.
2010-10-08 17:36:52 +03:00
Jouni Malinen
235f69fcd6 Mark ctrl_iface RX debug for PING commands excessive
This cleans up debug log from unnecessary entries when using
wpa_cli/hostapd_cli or other ctrl_iface monitors that PING
periodically to check connectivity.
2010-09-24 15:50:13 -07:00
Jouni Malinen
403b96fe4f WPS: Add hostapd_cli get_config command
This can be used by a WPS UI to display the current AP configuration.
2010-09-23 12:02:28 -07:00
Jouni Malinen
3981cb3cb8 WPS: Add wps_check_pin command for processing PIN from user input
UIs can use this command to process a PIN entered by a user and to
validate the checksum digit (if present).
2010-09-23 10:30:52 -07:00
Jouni Malinen
b4e34f2fdf WPS: Make testing operations configurable at runtime
Instead of build time options (CONFIG_WPS_TESTING_EXTRA_CRED and
CONFIG_WPS_EXTENSIBILITY_TESTING), use a single build option
(CONFIG_WPS_TESTING) and runtime configuration of which testing
operations are enabled. This allows a single binary to be used
for various tests.

The runtime configuration can be done through control interface
with wpa_cli/hostapd_cli commands:
Enable extensibility tests:
set wps_version_number 0x57
Disable extensibility tests (WPS2 build):
set wps_version_number 0x20
Enable extra credential tests:
set wps_testing_dummy_cred 1
Disable extra credential tests:
set wps_testing_dummy_cred 0
2010-09-21 19:51:23 -07:00
Jouni Malinen
962473c136 P2P: Add preliminary P2P Manager AP support for hostapd 2010-09-09 07:17:18 -07:00
Jouni Malinen
31fcea931d WPS 2.0: Add support for AuthorizedMACs attribute
Advertize list of authorized enrollee MAC addresses in Beacon and
Probe Response frames and use these when selecting the AP. In order
to provide the list, the enrollee MAC address should be specified
whenever adding a new PIN. In addition, add UUID-R into
SetSelectedRegistrar action to make it potentially easier for an AP
to figure out which ER sent the action should there be multiple ERs
using the same IP address.
2010-09-09 06:07:47 -07:00
Jouni Malinen
5a1cc30f1a WPS: Add support for dynamic AP PIN management
A new hostapd_cli command, wps_ap_pin, can now be used to manage
AP PIN at runtime. This can be used to generate a random AP PIN and
to only enable the AP PIN for short period (e.g., based on user
action on the AP device). Use of random AP PIN that is only enabled
for short duration is highly recommended to avoid security issues
with a static AP PIN.
2010-08-24 16:35:37 +03:00
Jouni Malinen
a33c5f96b8 Fix a typo in Disassociation frame building
This did not really change any behavior since Deauthentication frame
uses the same format.
2010-07-17 20:23:20 -07:00
Jouni Malinen
b91ab76e8c Add test commands for sending deauth/disassoc without dropping state
This can be used to test 802.11w by sending a protected or unprotected
deauth/disassoc frame.

hostapd_cli deauth <dst addr> test=<0/1>
hostapd_cli disassoc <dst addr> test=<0/1>

test=0: unprotected
test=1: protected
2010-03-29 12:01:40 -07:00
Jouni Malinen
90a3206a14 Add deauthenticate/disassociate ctrl_iface commands 2010-03-29 11:14:57 -07:00
Jouni Malinen
f5455a2dbd Verify that os_get_random() success for SA Query id 2010-01-10 22:28:21 +02:00
Jouni Malinen
81f4f6195e Include header files explicitly in *.c, not via header files 2009-12-26 00:31:51 +02:00
Jouni Malinen
6226e38d00 Rename some src/ap files to avoid duplicate file names
Doxygen and some build tools may get a bit confused about same file
name being used in different directories. Clean this up a bit by
renaming some of the duplicated file names in src/ap.
2009-12-26 00:05:40 +02:00
Jouni Malinen
0e2d35c614 Move ctrl_iface_ap.c into src/ap 2009-12-25 12:25:55 +02:00
Jouni Malinen
32da61d9c9 Move wps_hostapd.c into src/ap 2009-12-25 01:26:37 +02:00
Jouni Malinen
1057d78eb8 Move generic AP functionality implementation into src/ap
This code can be shared by both hostapd and wpa_supplicant and this
is an initial step in getting the generic code moved to be under the
src directories. Couple of generic files still remain under the
hostapd directory due to direct dependencies to files there. Once the
dependencies have been removed, they will also be moved to the src/ap
directory to allow wpa_supplicant to be built without requiring anything
from the hostapd directory.
2009-12-25 01:12:50 +02:00
Jouni Malinen
74784010af Remove conditional no-RADIUS build from src/radius
Make it responsibility of the src/radius user to handle conditional
build rules.
2009-12-06 17:53:59 +02:00