Commit Graph

2359 Commits

Author SHA1 Message Date
Jouni Malinen
d56af7f8cb Fix byte order of VHT Basic MCS set for big endian hosts
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 20:49:23 +03:00
Jouni Malinen
8bea63e095 Use shared function for adding common RADIUS attributes
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 19:13:15 +03:00
Jouni Malinen
e100828b76 Return wpabuf from radius_msg_get_eap()
This simplifies the implementation by using the buffer type to which the
returned data will be converted anyway. This avoids one memory
allocation for each processed RADIUS message.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 18:14:42 +03:00
Jouni Malinen
95ac3bf49f nl80211: Share common function for scan parameters
trigger_scan and start_sched_scan can share code for building the
common attributes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 17:48:52 +03:00
Jouni Malinen
f0494d0f95 nl80211: Check nla_put_nested() return value and handle errors
Couple of functions did not verify that nla_put_nested() succeeded. Fix
these by checking the return value and handling error cases cleanly.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 17:27:55 +03:00
Jouni Malinen
6afbc3d698 nl80211: Fix netlink error paths in sched_scan() handler
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 17:11:08 +03:00
Jouni Malinen
e122bb70b8 hostapd: Add alternative format for configuring SSID
The new ssid2 parameter can be used as an alternative mechanism for
configuring SSID for hostapd. It uses the same formats that
wpa_supplicant uses in the configuration file for strings.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:27:40 +03:00
Jouni Malinen
b87d70c88a Make wpa_config_parse_string() a shared function
This will be used in future hostapd configuration parser changes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:13:51 +03:00
Jouni Malinen
986de33d5c Convert remaining SSID routines from char* to u8*
This makes it more explicit that the SSID is not a null terminated
C string.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:07:25 +03:00
Jouni Malinen
771e2f7b33 GAS server: Add forgotten break statement to a switch case
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 15:46:26 +03:00
Jouni Malinen
6bc1f95613 Use printf escaping in SSID-to-printable-string conversion
Instead of masking out non-ASCII characters with underscores, espace the
SSID data using rules compatible with printf.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 13:32:57 +03:00
Jouni Malinen
0d7773b63f Add routines for encoding/decoding printf escaping mechanism
This can be used to build ASCII strings from binary data that is
more likely to use ASCII (i.e., text format is more natural
option than hexdump, but there is possibility of some non-ASCII
characters).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 13:30:13 +03:00
Jouni Malinen
5ff72bdcab edit: Clear edit line on deinit when using readline
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 21:45:43 +03:00
Janusz Dziedzic
4307bb8c85 wpa_cli: Print nice prompt when using remote UDP
When CONFIG_CTRL_IFACE=udp-remote is used, print user frendly PS in
wpa_cli. E.g.,
localhost/wlan0>
192.168.1.1/p2p-wlan-0-0>

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:50:17 +03:00
Jouni Malinen
15b97bc3b5 edit: Add support for prompt string with readline
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 20:48:54 +03:00
Jouni Malinen
4c3b921ebf edit: Add support for prompt string with internal line edit
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 20:48:25 +03:00
Janusz Dziedzic
2d2398a11f edit: Add support for setting prompt string
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:46:34 +03:00
Janusz Dziedzic
d302edd3c4 wpa_cli: Add support for remote access
wpa_cli can be used now as a client for remote access to ctrl_interface
of wpa_supplicant when UDP and remote options are used.

You can simply run:
wpa_cli -i <hostname>:[port]
wpa_cli -i <IP>:[port]

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:09:22 +03:00
Janusz Dziedzic
afadf423db wpa_supplicant: Add optional remote access for ctrl_iface
Add new option for ctrl iface: CONFIG_CTRL_IFACE=udp-remote. This
enables remote access to control interface via UDP port(s). This should
be used for testing purpose only since there is no authentication or
access control on the commands.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:01:07 +03:00
Baruch Siach
37d428aef9 accounting: Staticise accounting_sta_interim
This routine is not used anywhere else.

Signed-hostap: Baruch Siach <baruch@tkos.co.il>
2012-08-05 19:40:49 +03:00
Jouni Malinen
55651a4bed OpenSSL: Remove trailing whitespace from lines
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 00:38:08 +03:00
Christopher Wiley
d8858cadeb OpenSSL: Fix ca_cert_verify for TPM
This bit is set in the code path that handles keys and certs from places
other than OpenSSL authentication engines. Setting this bit causes
authentication to fail when the server provides certificates that don't
match the client certificate authority.
2012-08-05 00:36:08 +03:00
Michael Braun
59dff51dc8 Fix endless loop in PSK fetching with PSK-from-RADIUS
Commit 05ab9712b9 added support for
fetching WPA PSK from an external RADIUS server and changed
hostapd_wpa_auth_get_psk() to always return the RADIUS supplied PSK (if
set) and ignore the prev_psk parameter for iteration. Fix this by
appending the RADIUS supplied PSK to the list iterated by
hostapd_get_psk and thus returning NULL when prev_psk == sta->psk
(RADIUS).

Signed-hostap: M. Braun <michael-dev@fami-braun.de>
2012-08-04 20:55:47 +03:00
Ben Greear
addde1399e Better logging for ioctl set flags failure
Let user know if the call failed setting interface up vs. down.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-08-04 20:41:35 +03:00
Ben Greear
4fdc8def88 Make UNIX socket non-blocking for ctrl_iface
This keeps wpa_cli from hanging forever if the other end of the socket
dies.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-08-04 20:34:27 +03:00
Paul Stewart
21270bb4b3 Fix a couple memory leaks
Found using valgrind.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2012-08-04 20:10:08 +03:00
Jouni Malinen
0ebb23e340 EXT PW: Add support for password parameter from external storage
This allows the password parameter for EAP methods to be fetched
from an external storage.

Following example can be used for developer testing:

ext_password_backend=test:pw1=password|pw2=testing

network={
    key_mgmt=WPA-EAP
    eap=TTLS
    identity="user"
    password=ext:pw1
    ca_cert="ca.pem"
    phase2="auth=PAP"
}

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Jouni Malinen
306ae22556 EXT PW: Add framework for supporting external password storage
This new mechanism can be used to make wpa_supplicant using external
storage (e.g., key store in the operating system) for passwords,
passphrases, and PSKs. This commit is only adding the framework part
needed to support this, i.e., no actual configuration parameter can
yet use this new mechanism. In addition, only a simple test backend
is added to allow developer testing of the functionality.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Xi Chen
c7673de462 atheros: Implement WNM-Sleep Mode driver operations
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:30 +03:00
Xi Chen
75cad1a0d4 WNM: Add WNM-Sleep Mode for station mode
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:27 +03:00
Xi Chen
d32d94dbf4 WNM: Add WNM-Sleep Mode implementation for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:23 +03:00
Xi Chen
a884be9da1 WNM: Add placeholders for WNM driver commands and events
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:20 +03:00
Jay Katabathuni
ada8a5bd60 atheros: Add HS 2.0 Action frame TX/RX support
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:17 +03:00
Jouni Malinen
5c61a2820f Fix compiler warning with wpa_supplicant AP builds without 802.11r
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-01 13:14:09 +03:00
Jay Katabathuni
e1e3b5bb34 atheros: Add support for Action frame TX/RX
This allows hostapd to send and receive various Action frames.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:11:59 +03:00
Mahesh Palivela
7d9c0cd345 Add support for using SA Query with drivers that implement MLME
This allows the SA Query mechanism in hostapd to be used with drivers
that implement authentication and association MLME/SME.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:11:56 +03:00
Shan Palanisamy
88b32a99d3 FT: Add FT AP support for drivers that manage MLME internally
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:11:53 +03:00
Jouni Malinen
e509167495 Add new drv_flag for indicating user space AP MLME
This makes it easier for hostapd to determine at runtime which
operations to use.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-01 10:34:35 +03:00
Jay Katabathuni
45ac307a2b HS 2.0: Add HS Capability element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:23 +03:00
Jay Katabathuni
26fac8b6a0 Interworking: Add Domain Name element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:19 +03:00
Jay Katabathuni
78bda93e83 Interworking: Add IP Address Type Availability element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:16 +03:00
Jay Katabathuni
550a3958f7 Interworking: Add Network Auth Type element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:14 +03:00
Jouni Malinen
8342185012 HS 2.0: Add mechanism for disabling DGAF
disable_dgaf=1 in hostapd.conf can now be used to disable downstream
group-addressed forwarding (DGAF). In this configuration, a unique
GTK (and IGTK) is provided to each STA in the BSS to make sure the
keys do not match and no STA can forge group-addressed frames.

An additional mechanism in the AP needs to be provided to handle some
group-addressed frames, e.g., by converting DHCP packets to unicast
IEEE 802.11 frames regardless of their destination IP address and by
providing Proxy ARP functionality.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:52 +03:00
Jay Katabathuni
19a8ad9944 HS 2.0: Add Hotspot 2.0 Indication for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:38 +03:00
Jay Katabathuni
159c89ab4f HS 2.0: Add configuration for Hotspot 2.0 AP support
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:11 +03:00
Thomas Pedersen
bf8d6d2430 nl80211: Support setting sched scan RSSI threshold
Allow the user to configure an RSSI threshold in dBm below which the
nl80211 driver won't report scan results. Currently only supported
during scheduled (PNO) scans.

Signed-off-by: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-25 16:56:43 +03:00
Jouni Malinen
488f4a7108 P2P: Fix provision discovery retries during p2p_find
Commit 6b56cc2d97 added retries of
provision discovery request frames in IDLE state. However, it did not
make the p2p_find case behave consistently with the new limitied retry
behavior. This can result in way too many and frequent PD retries. Fix
this by extending the previous commit to address PD retries and maximum
retry limit consistently regardless of whether p2p_find is running.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-07-23 21:59:01 +03:00
Jouni Malinen
a5ed45586c WPS SSDP: Fix socket leaks on error paths
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-07 13:01:45 +03:00
Jouni Malinen
19991e5fb2 WPS UDF: Fix fd leak on error path
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-07 13:00:00 +03:00
Jouni Malinen
c7803a0294 Fix AP build without NEED_AP_MLME
Commit 1b487b8b1e added CH_SWITCH
event for nl80211, but ended up using hostapd_hw_get_channel()
regardless of build configuration for driver interfaces. This
function is not always available, so make its use conditional
on NEED_AP_MLME.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-07 12:34:48 +03:00
Jouni Malinen
895cb1683d OpenSSL: Add support for HMAC functions with 0.9.8 and older
Commit d9cc4646eb added
crypto_hash_{init,update,finish}() wrappers for OpenSSL, but it
assumed the current HMAC API in OpenSSL. This was changed in 0.9.9
to return error codes from the functions while older versions used
void functions. Add support for the older versions, too.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-07 10:58:32 +03:00
Mahesh Palivela
990933fb1d nl80211: Save VHT capabilities from the driver
Save VHT capabilities coming through nl80211 within hostapd.

Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-07-04 21:42:56 +03:00
Jouni Malinen
80518c073b Sync with linux/nl80211.h from wireless-testing.git
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-04 21:40:31 +03:00
Jouni Malinen
4be921ac60 eloop: Fix EVENT_TYPE_WRITE with poll()-based eloop
This needs to use POLLOUT instead of POLLIN to get the correct event.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-04 21:36:38 +03:00
Jouni Malinen
daf10baf9e EAP-pwd: Replace direct OpenSSL HMAC use with wrapper
This is a step towards allowing EAP-pwd to be supported with other
crypto libraries.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-02 22:10:03 +03:00
Jouni Malinen
d9cc4646eb OpenSSL: Add support for crypto_hash_{init,update,finish}()
This adds initial support for HMAC operations using the
crypto_hash_{init,update,finish}() wrappers.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-02 22:04:25 +03:00
Masashi Honma
8f4636e41c P2P: Check memory allocation result in a Service Discovery Response
This patch adds a check of the return value of wpabuf_dup() in a large
Service Discovery Response.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2012-07-02 20:53:46 +03:00
Jouni Malinen
0cb87fdeb5 Update license notification in driver_wired.c
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Gunter Burchardt, tmisu@gmx.de,
Mon, 02 Jul 2012 17:54:28 +0200).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-02 20:50:03 +03:00
Jouni Malinen
cb2b381169 Update license notification in roboswitch interface file
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Jouke Witteveen
<j.witteveen@gmail.com>, Mon, 2 Jul 2012 11:38:34 +0200).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-02 12:43:16 +03:00
Jouni Malinen
dcc3305701 Move p2p_connect PIN format validation into a separate function
This functionality could be shared for other commands, too, so move
it to a common function. In addition, implement the validation in a
bit more strict way to avoid accepting values like '-123' as a valid
PIN.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-30 21:27:32 +03:00
Jouni Malinen
3df2f4fe99 P2P: Remove unused P2P_SCAN_SPECIFIC
This is not used anymore after the commit
e6ecfc4fd3.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-30 20:20:29 +03:00
Johannes Berg
e6ecfc4fd3 P2P: Remove GO neg/invite special cases from search
There are separate states for these, so we can't really get into this
situation unless somebody tries to do multiple things at the same
time. p2p_connect stops find and CONNECT state is used to probe the peer
on its Listen channel with GO Negotiation Request frames. Similarly,
p2p_invite() stops find and INVITE state is used to probe the peer on
its Listen channel with Invitation Request frames. The older mechanism
of using Search state functionality to find the peer can be removed.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2012-06-30 20:18:07 +03:00
Jouni Malinen
d001defeec Update license notification in files initially contributed by Sam
This updates these files to use the license notification that uses only
the BSD license. The changes were acknowledged by email (Sam Leffler
<sam@errno.com>, Sat, 30 Jun 2012 07:57:53 -0700).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-30 19:36:04 +03:00
Jouni Malinen
8350d0afd8 EAP-pwd: Avoid double-frees on some error paths
At least some error paths (e.g., hitting the limit on hunt-and-peck
iterations) could have resulted in double-freeing of some memory
allocations. Avoid this by setting the pointers to NULL after they have
been freed instead of trying to free the data structure in a location
where some external references cannot be cleared. [Bug 453]

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-30 16:16:32 +03:00
Jouni Malinen
0f27f15911 EAP-pwd: Increase maximum number of hunting-and-pecking iterations
The previously used limit (10) is too small for practical purposes since
it can result in about 1 out of 1000 authentication attempts failing.
Increase the limit to 30 to avoid such issues. [Bug 453]

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-06-30 16:12:41 +03:00
Mahesh Palivela
532b16c7a9 hostapd: Add IEEE 802.11ac VHT IEs into Beacon/Probe Response
IEEE 802.11ac VHT changes to include VHT IEs in Beacon and Probe
Response frames.

Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-06-30 13:57:52 +03:00
Mahesh Palivela
efe45d1471 hostapd: Initial IEEE 802.11ac (VHT) definitions
Add IEEE 802.11ac definitions for config, IEEE structures, constants.

Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-06-30 13:52:13 +03:00
Jouni Malinen
bfc62fe133 WPS: Share a single function for generating NFS password tokens
There is no need for both hostapd and wpa_supplicant to have their
own functions for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 21:01:37 +03:00
Jouni Malinen
72df0cd28c WPS: Use random_get_bytes() for NFC password id
os_random() may not be seeded properly, so use stronger mechanism for
generating the password id for NFC password tokens.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 20:40:16 +03:00
Jouni Malinen
ffdaa05a6b WPS: Add support for NCF password token from AP
The new hostapd ctrl_iface command WPS_NFC_TOKEN can now be used to
manage AP-as-Enrollee operations with NFC password token. WPS/NDEF
parameters to this command can be used to generate a new NFC password
token. enable/disable parameters can be used to enable/disable use of
NFC password token (instead of AP PIN) for external Registrars.

A preconfigured NFS password token can be used by providing its
parameters with new hostapd.conf fields wps_nfc_dev_pw_id,
wps_nfc_dh_pubkey, wps_nfc_dh_privkey, and wps_nfc_dev_pw. This use
will also depend on WPS_NFC_TOKEN enable/disable commands, i.e., the
configured NFS password token is disabled by default.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 19:43:29 +03:00
Jouni Malinen
e484e927a6 WPS: Allow NFC password token from AP to be used with wps_reg
The AP PIN on wps_reg command can now be replaced with special value
"nfc-pw" to use device password from a NFC password token from the AP.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 19:41:26 +03:00
Jouni Malinen
1cea09a9e2 WPS ER: Add support for building NFC configuration token
WPS_ER_NFC_CONFIG_TOKEN command can now be used to build a NFC
configuration token based on AP Settings learnt with WPS_ER_LEARN
or set with WPS_ER_CONFIG.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 16:35:51 +03:00
Jouni Malinen
d7645d239d WPS: Add support for NFC configuration token from external program
The new wpa_supplicant ctrl_iface command WPS_NFC_TAG_READ can now be
used to process NFC tags read by external programs to initiate
wpa_supplicant to use NFC Configuration Token to create a new network.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 13:59:29 +03:00
Jouni Malinen
3cf7a59d4f WPS: Add new mechanism for generation NFC configuration token
The new hostapd ctrl_iface command WPS_NFC_CONFIG_TOKEN can now be used
to fetch payload for an NFC configuration token so that an external
program can be used to write this on an NFC tag.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 13:25:48 +03:00
Jouni Malinen
0e3c16546b WPS: Use separate list of NFC Password Tokens in the Registrar
This adds a cleaner mechanism for handling NFC Password Tokens in the
WPS Registrar. There could be more than one active NFC Password Token in
use and as such, a list of tokens needs to be maintained. The old
WPS_OOB interface is still using the old mechanism that supports only a
single active NFC Password Token.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 22:15:55 +03:00
Jouni Malinen
bb45b6d79a WPS: Add new mechanism for communicating NFC tag read events
hostapd ctrl_iface can now be used to deliver payload from read
operation of an NFC tag. This allows operations without having to have
low-level NFC code within hostapd. For now, the new wps_nfc_tag_read
command can be used with NFC password tokens for the case where the AP
has an NFC device that is used to read an NFC tag from the station
Enrollee.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:13 +03:00
Jouni Malinen
3f2c8ba6d3 WPS: Add new mechanism for NFC config method using password token
Instead of requiring low-level access to an NFC device and synchronous
operations, the new WPS_NFC_TOKEN and WPS_NFC ctrl_iface commands can be
used to build a NFC password token and initiate WPS protocol run using
that token (or pre-configured values) as separate commands. The
WPS_NFC_TOKEN output can be written to a NFC tag using an external
program, i.e., wpa_supplicant does not need to have low-level code for
NFC operations for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
6b5a0c9466 WPS: Move attribute parser definitions into a new header file
This allows wps/wps_attr_parse.h to be included into files outside
src/wps.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
78e625f79a WPS: Split wps_build_oob_dev_password() into parts
This allows sharing of a function to build the attribute without
changing the OOB parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
8a13732f83 NDEF: Mark input data const when it is not modified
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
2f425090fb WPS: Allow NDEF functions to be used from outside src/wps
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
e524ebe387 NDEF: Skip unnecessary wpabuf to ptr/len conversion
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
a0d0c560c3 Add dh5_init_fixed() to allow fixed DH parameters to be used
This allows pre-configured private and public key to be used when
initializing DH for group 5.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
0965813640 WPS: Fix OOB Device Password use for EAP-WSC peer
The OOB Device Password is passed in as a hexdump of the real Device
Password (16..32 octets of arbitrary binary data). The hexdump needs to
be converted to binary form before passing it for WPS processing.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
4e0131d351 WPS: Add support for OOB dev password lengths 16..31
Previously, only the maximum length 32 octets for OOB device password
was accepted. Since the specification allows a shorter password to be
used with limited OOB mechanism (e.g., small NFC tag), we should accept
lengths 16..32.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
582143e544 WPS: Fix potential memory leak with NFC password token
The old stored public key hash needs to be freed before replacing
the pointer with the new value.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
7be6dc2e96 WPS: Fix NFC password token building with WPS 2.0
The earlier WPS 2.0 changes did not increase the wpabuf size when
adding a new attribute to the NFC password token. This could result
in aborting the application on wpabuf overflow if NFC out-of-band
mechanism is used with WPS 2.0 enabled.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-06-27 21:21:11 +03:00
Thomas Pedersen
1b487b8b1e nl80211: Handle CH_SWITCH event
Some drivers may independently decide to switch channels. Handle this by
updating the hostapd and wpa_supplicant AP and GO configuration.

Signed-hostap: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
2012-06-25 14:45:14 +03:00
Jouni Malinen
e7381b8473 Sync with include/linux/nl80211.h from wireless-testing.git
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-25 14:34:22 +03:00
Jouni Malinen
296a34f0c1 Remove STA entry from AP when starting TKIP countermeasures
Previously, the STA entry was removed only from the driver and the STA
entry within hostapd was just marked disassociated. However, this left
the WPA authenticator state machine with an entry and the session was
not terminated properly. In addition, the STA entry could have remaining
indefinitely if the STA did not reconnect after TKIP countermeasures.
Fix this by removing the STA entry from hostapd instead of just leaving
it disassociated.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-25 13:53:24 +03:00
Yoni Divinsky
9148ae58d0 hostapd: Fix PBC config method of WSC IE in Beacon/Probe Response
In AP which supports WPSv2 with only virtual push button, when PBC is
called, the WSC IE should include Selected Registrar Configuration
Methods attribute with the bit of the physical push button not set.

Signed-hostap: Yoni Divinsky <yoni.divinsky@ti.com>
2012-06-25 12:20:37 +03:00
Ben Greear
f115560c21 eloop/poll: Handle POLLER | POLLHUP in read logic
Without this, we can get into a tight loop because the
code in general doesn't add eloop exception handlers,
so socket reporting the POLLERR would never be read.

With this change, any socket with POLLERR or POLLHUP
asserted will be handled by the read logic.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-06-24 13:19:34 +03:00
Johannes Berg
cad0f50e02 nl80211: Simplify cbmsg buffer
The control message received from the kernel needs some space, but
there's no need for the strange typing that breaks clang compilation.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-06-23 20:37:09 +03:00
Jouni Malinen
ecabb132b9 atheros: Remove unused variables
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-23 20:34:29 +03:00
Baruch Siach
e2e984ea06 atheros: Fix build when WPS and IEEE80211R are both disabled
Signed-hostap: Baruch Siach <baruch@tkos.co.il>
2012-06-23 20:33:50 +03:00
Jouni Malinen
182748e4fb Copy Chargeable-User-Identity in PMKSA caching case
Maintain a copy of Chargeable-User-Identity in the PMKSA cache to allow
it to be included in accounting messages even if full authentication was
not completed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:51:57 +03:00
Jouni Malinen
302fc0a3c7 RADIUS DAS: Support Chargeable-User-Identity with Disconnect-Request
Chargeable-User-Identity can now be used in Disconnect-Request to
identify the station to be disconnected.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:44:46 +03:00
Jouni Malinen
e58b5ffed7 RADIUS: Fix a typo in attribute name in debug messages
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:39:29 +03:00
Jouni Malinen
ff7e4589ea RADIUS DAS: Add Event-Timestamp attribute into ACK/NAK messages
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:35:03 +03:00
Jouni Malinen
8047a95809 RADIUS DAS: Add support for Disconnect-Request
Calling-Station-Id, Acct-Session-Id, and User-Name attributes in a
Disconnect-Request message can now be used to indicate which station is
to be disconnected.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:30:01 +03:00