Commit Graph

1863 Commits

Author SHA1 Message Date
Arik Nemtsov
45b722f150 TDLS: Add peer as a STA during link setup
Before commencing setup, add a new STA entry to the driver representing
the peer. Later during setup, update the STA entry using information
received from the peer.

Extend sta_add() callback for adding/modifying a TDLS peer entry and
connect it to the TDLS state machine. Implement this callback for the
nl80211 driver and send peer information to kernel.

Mark TDLS peer entries with a new flag and translate it to a
corresponding nl80211 flag in the nl80211 driver.

In addition, correct TDLS related documentation in the wpa_driver_ops
structure.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:19:35 +03:00
Arik Nemtsov
979bcccf64 TDLS: Collect peer capabilities and supp-rates during link setup
Record the capabilities and supported rates of the TDLS peer during
link setup. These are given in the IEs passed in Setup Request and
Setup Response frames.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:19:13 +03:00
Arik Nemtsov
8f15f711c5 TDLS: Implement low-ack event for lost TDLS peers
Disable the direct connection when a TDLS peer stops responding
to packets, as indicated by the "LOW ACK" event coming from a driver.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:19:08 +03:00
Arik Nemtsov
7a1486cd31 TDLS: Support sending TDLS discovery requests
Allow sending a TDLS discovery request as a frame through the driver.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:19:05 +03:00
Arik Nemtsov
7de27409a2 TDLS: Support sending a teardown frame from usermode
When a driver does not implement the TDLS_TEARDOWN operation internally,
send an explicit TDLS link teardown frame to the driver.

Change all teardown calls to use these calling semantics.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:18:49 +03:00
Arik Nemtsov
35287637cc TDLS/nl80211: Support receiving TDLS discovery response frames
Register for the TDLS discovery response public action frame in nl80211.
Print out a debug message when a Discovery Resp frame is received and
validated.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:18:35 +03:00
Arik Nemtsov
4d0d6b37f9 TDLS: Process discovery requests and send discovery responses
When a discovery request is received, add the peer to the TDLS peer
cache and send a response containing minimal data. Mandatory IEs in
the discovery response frame will be filled out by the driver.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:18:27 +03:00
Arik Nemtsov
c58ab8f249 TDLS: Get TDLS related capabilities from driver
Put glue code in place to propagate TDLS related driver capabilities to
the TDLS state machine.

If the driver doesn't support capabilities, assume TDLS is supported
internally.

When TDLS is explicitly not supported, disable all user facing TDLS
operations.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:15:15 +03:00
Arik Nemtsov
03ea178603 nl80211: Implement TDLS callback functions and propagate capabilities
Allow passing high-level TDLS commands and TDLS frames to kernel
via new nl80211 commands.

Propagate TDLS related nl80211 capability flags from kernel and add them
as driver capability flags.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:15:05 +03:00
Arik Nemtsov
568526f1ea TDLS: Use a valid dialog-token in a setup request
A zero dialog-token is considered invalid by IEEE Std 802.11z-2010.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:14:42 +03:00
Jouni Malinen
8c66e18511 nl80211: Handle special TDLS direct link key index use
An ugly hack is currently used to indicate keys for TDLS direct link:
key_idx == -1. That needs to be converted to 0 for cfg80211 to accept
the key.
2011-10-23 22:14:05 +03:00
Jouni Malinen
33d8a77a39 Remove incorrect statement about get_hw_feature_data() driver_ops
This function is actually needed for quite a bit more than just
user space MLME implementation. The old comment here has not been
accurate for a long time, so get rid of it.
2011-10-23 20:09:40 +03:00
Jouni Malinen
edc3a7c414 Remove unused driver_ops client MLME functions
These driver_ops functions set_channel, set_ssid, set_bssid,
mlme_add_sta, and mlme_remove_sta were used with the user space
MLME implementation in wpa_supplicant. That was only for testing
purposes and was removed, but these driver_ops were forgotten.
Remove them now to remove confusing driver_ops definitions.
2011-10-23 20:07:57 +03:00
Jouni Malinen
e3b473eb4e Allow driver wrappers to indicate whether HT info is known
This is needed to be able to figure out whether the driver is known
not to support HT.
2011-10-23 17:21:39 +03:00
Jouni Malinen
3803bd331d TLS: Validate RSA ClientKeyExchange length field
Instead of using implicit length based on the received buffer, validate
RSA ClientKeyExchange based on the explicit length field.
2011-10-23 13:04:32 +03:00
Jouni Malinen
46eeedac61 Remove unused variables 2011-10-23 12:42:55 +03:00
Jouni Malinen
2683690d91 Fix hostapd_wpa_auth_send_ether() return value
This was not currently used for anything, but better return the correct
value instead of hardcoded -1.
2011-10-23 12:33:17 +03:00
Jouni Malinen
fe4c43ce95 Remove unused variable from os_gmtime() 2011-10-23 12:22:40 +03:00
Jouni Malinen
bd2df8921b nl80211: Remove some unnecessary ifdef HOSTAPD blocks 2011-10-22 22:51:49 +03:00
Jouni Malinen
17fbb751e1 Remove user space client MLME
This code was used only with driver_test.c to allow MLME operations
in hostapd to be tested without having to use a real radio. There
are no plans on extending this to any other use than testing and
mac80211_hwsim has now obsoled the need for this type of testing.
As such, we can drop this code from wpa_supplicant to clean up the
implementation of unnecessary complexity.
2011-10-22 22:45:38 +03:00
Jouni Malinen
9e0e6902a2 Share a single wpa_scan_results_free() implementation
There is not really a very good location for this anywhere, but the
function is small enough to live as an inline function for now.
2011-10-22 22:09:40 +03:00
Andrii Bordunov
d01b205378 Remove unused variable and function 2011-10-22 21:59:17 +03:00
Ben Greear
f935bd4dc5 Fix typo in comment related to EAPOL
Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-10-22 21:41:09 +03:00
Ben Greear
c81eff1a61 nl80211: Use one global ioctl socket
Saves sockets when using multiple VIFS in a single
wpa_supplicant process.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-10-22 21:39:42 +03:00
Ben Greear
276e2d671c nl80211: Use a global netlink command object
Netlink sockets can be shared among all driver instances, saving
sockets and memory when using multiple interfaces in a single process.
2011-10-22 20:06:32 +03:00
Ben Greear
2a7b66f574 nl80211: Use global nl_cb template
All interfaces can share a single nl_cb template.
2011-10-22 20:06:30 +03:00
Ben Greear
dac12351d8 nl80211: Clean up error path in wpa_driver_nl80211_init
No need to duplicate the deinit code since wpa_driver_nl80211_deinit()
can be used here to clean up after a failure.
2011-10-22 18:28:06 +03:00
Johannes Berg
a92dfde818 nl80211: Abstract handle/cache (de)allocation
This is a cleanup now and makes it easier to add more sockets in the
future.
2011-10-22 16:56:43 +03:00
Johannes Berg
7635bfb071 nl80211: Fix hostapd error path
i802_init() tries to clean up everything manually, call
wpa_driver_nl80211_deinit() instead and also handle the
EAPOL socket properly.
2011-10-22 13:04:47 +03:00
Ben Greear
36d84860bb nl80211: Use global netlink rtm event object
Netlink sockets can be shared among all driver instances, saving lots
of sockets, spurious log messages, memory, and CPU usage when using
multiple interfaces in a single process.
2011-10-22 12:39:05 +03:00
Jouni Malinen
4b24282a17 hostapd: Call global_init/global_deinit driver_ops
Now both wpa_supplicant and hostapd allow the driver wrappers to use the
global context similarly.
2011-10-22 12:22:59 +03:00
Jouni Malinen
9fb0407055 nl80211: Use a wrapper for genlmsg_put
This reduces the code size by a kilobyte or so and makes it easier
to replace the netlink instances to be shared among interfaces.
2011-10-22 11:29:03 +03:00
Dmitry Shmidt
bd43938102 wext: Do not set SSID on disconnect on Android
Some drivers seem to try to associate using the random SSID, so
do not use this hack on Android.
2011-10-21 19:11:07 +03:00
Jouni Malinen
724950836f wext: Clean up the disconnect BSSID/SSID clearing 2011-10-21 19:09:25 +03:00
Dmitry Shmidt
8f5b9aa19a Set ANDROID_LOG_NAME depending on application
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-10-21 18:59:42 +03:00
Jouni Malinen
bdc4c18e0a wext: Remove trailing whitespace 2011-10-21 18:58:01 +03:00
Jouni Malinen
122ba57936 Interworking: Filter Probe Request frames based on HESSID and ANT
Do not reply to Interworking-enabled Probe Request frames if they
request mismatching HESSID or ANT.
2011-10-21 12:43:53 +03:00
Jouni Malinen
538958ae9c Interworking: Add Interworking element to IE parser 2011-10-21 12:43:24 +03:00
Jouni Malinen
16991cffd6 Interworking: Include Access Network Type in set_ap() driver_ops
This may be needed for drivers that process Probe Request frames
internally.
2011-10-21 12:12:36 +03:00
Johannes Berg
e8b5e24e04 nl80211: Clean up capability querying
There's no need to store everything once and then copy it. Just fill the
capa struct directly in the function that parses the info from nl80211.
2011-10-20 21:57:32 +03:00
Johannes Berg
9b90955ec7 AP: Pass only bssid/addr/wds to EVENT_RX_FROM_UNKNOWN 2011-10-20 21:51:32 +03:00
Johannes Berg
9236ba4cb5 Move get_hdr_bssid() to make it easier to share for other uses 2011-10-20 21:50:23 +03:00
Jouni Malinen
6e8183d714 nl80211: Stop more quickly on initialization errors
Stop on fatal errors like an attempt to use a non-existing interface or
not have root privileges to avoid producing confusing error messages.
2011-10-20 21:36:36 +03:00
Johannes Berg
40442f5b48 nl80211: Compat code for genl_ctrl_alloc_cache
It's really a waste of bits to duplicate the code for
genl_ctrl_alloc_cache() again and again -- just add a
wrapper like in iw.
2011-10-20 21:08:26 +03:00
Johannes Berg
bcf24348ed AP: Do station poll in driver wrapper
This offloads the station polling to driver wrappers, which may offload
it again to the driver. The hostap driver wrapper uses "real" data
frames while nl80211 uses null data frames.

Also add a specific event to indicate that a poll was successful for
future use with the nl80211 driver.
2011-10-20 21:03:08 +03:00
Jouni Malinen
180cdf45a4 wext: Increase scan timeout from 5 to 10 seconds
Some dualband cards can use more than five seconds to run through
a full scan, so increase the timeout to avoid hitting the missing
scan completed event workaround.
2011-10-18 23:04:36 +03:00
Jouni Malinen
54e9c5fc69 EAP: Clear ClientTimeout back to default value in INITIALIZE
This fixes an issue where WPS run leaves a small ClientTimeout
value (2) configured and the next EAPOL authentication is started
with that small value even for Identity exchange. This can cause
problems when an EAPOL packet gets dropped immediately after
association and a retry of that packet is needed (which may take
more than two seconds).
2011-10-18 18:44:35 +03:00
Dmitry Shmidt
ed3eecd786 Android: Add wpa_ctrl_cleanup()
This function can be used to clean up local UNIX domain socket files
that may be left over from clients that were previously connected to
wpa_supplicant. At least for now, this is only available for Android
builds.
2011-10-18 17:27:53 +03:00
Jouni Malinen
ea08bfe384 netlink: Do not use void pointer for pointer arithmetic
This is a non-standard extension in gcc, so better not depend on it.
2011-10-18 17:00:08 +03:00
Jouni Malinen
39b97072b2 Add support for Time Advertisement
This adds preliminary support for IEEE 802.11v Time Advertisement
mechanism with UTC TSF offset.
2011-10-18 00:24:16 +03:00
Jouni Malinen
96b2cb226a Add os_gmtime() as wrapper for gmtime() 2011-10-18 00:23:42 +03:00
Jouni Malinen
4b2a77aba2 Interworking: Add support for configuring Roaming Consortium List 2011-10-17 23:55:50 +03:00
Jouni Malinen
c7c178e15e Interworking: Add Advertisement Protocol element
For now, assume that ANQP will always be enabled with Interworking.
This may be made separately configurable in the future.
2011-10-17 23:19:52 +03:00
Jouni Malinen
3c11382b6c Remove set_intra_bss() driver_ops
This has been replaced by the isolate parameter available through
set_ap() calls.
2011-10-17 23:04:27 +03:00
Jouni Malinen
ecff342716 atheros: Add a placeholder function for set_ap() driver_ops 2011-10-17 21:36:28 +03:00
Jouni Malinen
8a33a63f58 Add Interworking configuration in set_ap() driver_ops
Drivers that implement SME/MLME may find it easier to use separated
information to configure Interworking related parameters.
2011-10-17 21:35:41 +03:00
Jouni Malinen
a194b06c81 Add Ext Capab and Interworking elements to extra IEs
These need to be provided to drivers that implement SME/MLME.
2011-10-17 21:30:44 +03:00
Jouni Malinen
06c4d2472f Move Ext Capab and Interworking element construction into shared file
These needs to be available for drivers that implement SME/MLME.
2011-10-17 21:03:52 +03:00
Jouni Malinen
c2ff13c533 Clean up AP mode extra IE construction
Make it easier to add more IEs into the buffers.
2011-10-17 20:55:06 +03:00
Jouni Malinen
6c0575c322 Remove unused function argument 2011-10-17 20:10:07 +03:00
Jouni Malinen
31357268e5 Move AP BSS configuration parameters into set_ap()
Remove the separate driver_ops functions set_cts_protect(),
set_preamble(), set_short_slot_time(), and set_ht_params(). These
belong into same set of operations as set_ap(), so there is no need
to maintain separate functions that just make the driver wrapper
more complex.

Since these have only been used with driver_nl80211.c, the driver_ops
can be removed immediately instead of maintaining backwards
compatibility period with the old functions.
2011-10-17 19:31:33 +03:00
Jouni Malinen
fd13a54180 Deprecate set_intra_bss() driver_ops
The AP client isolation parameter is now available through set_ap().
driver_nl80211.c was the only driver wrapper using the set_intra_bss()
call in hostap.git, but some external trees may have used this. Once
those are cleared, the set_infra_bss() driver_ops can be removed
completely. The only remaining use case for it currently is in P2P
GO mode with wpa_supplicant.
2011-10-17 18:58:46 +03:00
Jouni Malinen
5ce0f8b31b Remove unused P2P device discovery hack from Beacon configuration
AP mode operations were used for P2P device discovery Listen state
only during early experiments. This has now been cleaned up and
ieee802_11_set_beacon() is not called for P2P device discovery.
As such, this hack to skip Beacon configuration can be removed.
2011-10-17 18:39:31 +03:00
Jouni Malinen
062390efd4 Start deprecating various AP mode driver_ops
The preferred way of configuring AP mode will be to use set_ap() instead
of number of separate operations hostapd has collected over the years.
2011-10-17 18:35:25 +03:00
Jouni Malinen
9e85b1ed49 atheros: Add debug hexdumps for IE configuration 2011-10-17 17:56:59 +03:00
Mahesh Palivela
d4370eac2e Move SA Query mechanism into a file that can be shared more easily
This is the first step in allowing SA Query mechanism in hostapd to be
used with drivers that implement authentication and association MLME/SME
(i.e., do not use ieee802_11.c).
2011-10-17 17:33:17 +03:00
Jouni Malinen
73c41a8fab Interworking: Parse NAI Realms and match against home realm 2011-10-16 23:55:34 +03:00
Jouni Malinen
b02fe7ff32 Interworking: Add commands for network selection
This adds the basic mechanism for running through network selection:
scan, ANQP fetch, network selection, and connection. Actual rules for
network selection and the creation of the network block are still
missing, but will be added in separate commits.
2011-10-16 23:55:34 +03:00
Jouni Malinen
69fbdfe48d GAS: Export gas_build_initial_resp()
This is needed for some GAS error response messages where the ANQP
Advertisement Protocol element is not used.
2011-10-16 23:55:34 +03:00
Jouni Malinen
696be77eee Define new IEEE 802.11u status codes 2011-10-16 23:55:34 +03:00
Jouni Malinen
71269b3708 WNM: Add BSS Transition Management Request for ESS Disassoc Imminent
"hostapd_cli ess_disassoc (STA addr) (URL)" can now be used to send
an ESS Dissassociation Imminent notification to the STA. This event
is shown in wpa_supplicant ctrl_iface monitors (e.g., wpa_cli):
"WNM: ESS Disassociation Imminent - session_info_url=http://example.com/session/"
2011-10-16 23:55:34 +03:00
Jouni Malinen
4fe9fa0d29 nl80211: Register GAS frames for Interworking
The GAS frames are used both with P2P and Interworking, so register
them if CONFIG_INTERWORKING is used without CONFIG_P2P.
2011-10-16 23:55:34 +03:00
Jouni Malinen
46ee0427b1 IEEE 802.11u: Allow Interworking and HESSID to be configured
The new wpa_supplicant.conf file global parameters interworking and
hessid can be used to configure wpa_supplicant to include
Interworking element in Probe Request frames.
2011-10-16 23:55:34 +03:00
Jouni Malinen
b83e3e93c8 IEEE 802.11u: Add configuration and advertisement for Interworking 2011-10-16 23:55:34 +03:00
Jouni Malinen
08a74e6a61 Use a common error handler in hostapd_notif_assoc() 2011-10-16 17:57:27 +03:00
Jouni Malinen
2bb20281cb Clean up IE processing in hostapd_notif_assoc() 2011-10-16 17:49:02 +03:00
Jouni Malinen
fa15d405c7 WPS: Fix WPS IE processing
Commit 17f6b90056 moved the concatenation
of WPS IEs, but did not include the validation that the IE buffer is not
NULL. In addition, the concatenation needs to be done based on the full
IE buffer instead of the parsed pointer that includes only a single
WPS IE.
2011-10-16 17:10:48 +03:00
Jouni Malinen
1472d32f72 Remove unused function argument 2011-10-16 14:00:30 +03:00
Jouni Malinen
619e6726ba base64: Stop decoding at the first sequence of pad characters
The base64 encoded data cannot included pad characters in the middle, so
we can stop the loop at the first sequence of pad characters. If the
sequence includes more than two pad characters, the encoding is invalid
and we can indicate failure.
2011-10-16 12:36:21 +03:00
Jouni Malinen
c3b75919fa Fix double free with CONFIG_WPS_STRICT=y
Commit 17f6b90056 extended the use of
the concatenated WPS IE outside the CONFIG_WPS_STRICT block, but
forgot to remove the old wpabuf_free(wps) call.
2011-10-16 12:11:00 +03:00
Luciano Coelho
bd525934e5 nl80211: Add support for sched_scan filtering
Use the SSID filter list passed in the scheduled scan request down to
the kernel driver, so it can use the list to return only the wanted
SSIDs. Some kernel drivers can use this information to offload the
SSID filter to the hardware, helping with reducing the power
consumption.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:14 +03:00
Luciano Coelho
b59e6f267b Add filter support to scheduled scans
Pass SSIDs to be matched in scheduled scan results. Only the SSIDs
that are included in the match lists will be reported by the driver,
so the filtering can be offloaded to the hardware and the power
consumption can be reduced.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:14 +03:00
Luciano Coelho
35b741fdf7 Increase maximum number of SSIDs per scan
With scheduled scan support, we may need to pass more than 10 SSIDs in
a single scan request. Some drivers (e.g., wl12xx) support up to 16
SSIDs at once.

Change WPAS_MAX_SCAN_SSIDS from 10 to 16.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:13 +03:00
Luciano Coelho
d21c63b925 nl80211: Add scheduled scan support
This commit adds scheduled scan support in the nl80211 driver.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:13 +03:00
Luciano Coelho
cbdf3507e9 Add scheduled scan driver operations
In new Linux kernel versions (>=3.0), nl80211 adds scheduled scan
capability. In order to use this feature to its full extent, we need
to support it in the wpa_supplicant core, so that it can also be used
by other drivers.

This commit adds initial scheduled scan support operations and events.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:13 +03:00
Jouni Malinen
1e1a0a4dc9 edit: Fix history prev/next selection
Commit 19ec1f262e tried to fix some
cases for history prev selection, but it broke others. Fix this
properly by using a separate entry for the current edit line that
is not yet in history buffer.
2011-10-15 14:03:35 +03:00
Jouni Malinen
44dc872ee5 nl80211: Add debug print for channel changes 2011-10-15 13:29:56 +03:00
Jouni Malinen
dcd1eb5be5 Fix some forgotten comments in set_beacon to set_ap change 2011-10-15 13:15:24 +03:00
Jithu Jance
6758b1677a nl80211: Use shorter monitor interface name for P2P GO
Currently the P2P Interface name[p2p-%s-%d] is reset when the P2P
Interface name reaches the "IFNAMSIZ" limit. Monitor interface name is
derived from p2p interface name with the addition of few characters
[mon.p2p-%s-%d] and hence Monitor interface name hits IFNAMSIZ limit
before P2P Interface name. Rename the monitor interface name to
mon-%s-%d to reduce the length to same with p2p-%s-%d.
2011-10-15 13:07:30 +03:00
Yogesh Ashok Powar
8666585b9e Disconnect STA when it fails to get added in kernel driver/firmware
Data path for stations that get successfully associated to the
hostapd but fail to get added in the driver/firmware, will not
work. In such cases, hostapd should deauth and disconnect such
stations. In such scenario, hostapd should disconnect the STAs.

Sample output with following patch
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: authenticated
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: associated (aid 1)
wlan0: AP-STA-CONNECTED 0c:74:c2:9a:4c:59
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: Could not add STA to kernel driver
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: deauthenticated due to local deauth request

Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
2011-10-15 12:41:28 +03:00
B. J
5dd80dd661 Fix NT-hash password use with integrated authentication server
The password_hash parameter was not copied in case of the integrated
authentication server (but was for RADIUS server). This broke EAP
authentication when the user entry used NT-hash.
2011-10-15 12:13:27 +03:00
Janusz Dziedzic
f1afcb391e P2P: Fix wpabuf reuse on p2p_group_notif_noa()
This currently unused function would have triggered wpabuf overflows
due to incorrect variable being reset to zero in the case the old
NoA wpabuf was large enough for the new data.
2011-10-13 01:06:11 +03:00
Jouni Malinen
fd8e4fda50 EAPOL auth: Disconnect after IEEE 802.1X failure
The EAPOL authenticator was previously forcing disconnection in the WPS
use case. However, this can be benefitial operation with any IEEE 802.1X
authentication mechanism and need not be limited to WPS. This helps some
use cases like EAP-FAST where provisioning may require two
authentication runs if the authentication server does not allow the PAC
provisioning step to be used for normal data connection. While the
station would be free to decide to re-associate in such a case, not all
stations do and as such, it helps if the AP does that instead of leaving
the association up with EAPOL state machine in HELD state for 60
seconds.
2011-10-12 20:07:16 +03:00
Jouni Malinen
88dc899a1b EAP-FAST: Allow unprotected EAP-Failure in provisioning case
While EAP-FAST uses protected success notification, RFC 5422, Section
3.5 points out a possibility of EAP-Failure being sent out even after
protected success notification in case of provisioning. Change the
EAP-FAST peer implementation to accept that exception to the protected
success notification. This allows the station to re-connect more quickly
to complete EAP-FAST connection in the case the server rejects the
initial attempt by only allowing it to use to provision a new PAC.
2011-10-12 20:05:02 +03:00
Jouni Malinen
4458d91554 P2P: Do not change SSID during GO negotiation
If GO Negotiation Request (or in theory, also GO Negotiation Response)
frame is delivered multiple time for processing, the SSID of the group
could end up getting changed. This could result in possible issues if
the peer ended up using different SSID. To avoid this, make sure the
SSID does not get changed unless the negotiation is for a new group.
2011-10-11 18:29:31 +03:00
Jouni Malinen
c3fea27274 Clear OKC-based PMKSA caching entries if PMK is changed
Whenever PMK gets changed (e.g., due to re-authentication), all PMKSA
caching entries that were created using the previous PMK needs to be
replaced. Previously, only the entry for the current AP was cleared.
Flush the other entries based on network_ctx matches to get rid of the
OKC entries. These entries can then be re-creating using OKC with the
new PMK.
2011-10-02 19:36:37 +03:00
Jouni Malinen
15e2c77d03 Sync with wireless-testing.git linux/nl80211.h 2011-10-02 13:16:42 +03:00
Johannes Berg
1473f95e98 AP: Use QoS nullfunc for connection poll
When polling a station that has been inactive for a while, hostapd currently
always uses a null data frame. This is a bit strange with uAPSD clients
(though it seems to mostly work) since the EOSP bit can never be set in a
non-QoS frame. Make hostapd use QoS null data frames for probing when the
station is a QoS STA.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-10-01 21:04:11 +03:00
Marek Kwaczynski
ed908a55da P2P: Refresh peer entries on Probe Request RX
Do not expire P2P peer entries if Probe Request frames are received from
them.
2011-10-01 20:40:14 +03:00
Zhi Chen
56aa082a1d WPS: Send AP Settings as a wrapped Credential attribute to ctrl_iface
Wrap self-generated WPS credential for new AP settings and send that to
control interface to provide the needed information in
WPS-NEW-AP-SETTINGS for external processing.
2011-09-30 22:26:37 +03:00