CampusWLAN
  1. CampusWLAN

hostapd

Public
AuthorCommitMessageCommit dateIssues
Sven EckelmannSven Eckelmann
b0fc2ef3a37hw_features: Fix check of supported 802.11ac channel widthThe two channel width bits in the VHT capability field can be decoded in following values (IEEE Std 802.11ac-2013 8.4.2.160.2 VHT Capabilities Info field): * 0: no 160 or 80+80 MHz support * 1: 160 MHz support * 2: 160 and 80+80 MHz support * 3: (reserved) The check must therefore not be done bitwise but instead it must checked whether the capabilities announced by the driver are at least...
Andrei OtcheretianskiAndrei Otcheretianski
9a6e2a5edeetests: Make wnm_bss_tm_req_with_mbo_ie more robustOn slow machines or inside VM it may take some time for "DISCONNECTED" event to arrive. Since the retry delay counter is started already, it may result in less than 5 seconds time between "DISCONNECTED" and "CONNECTED" events. Fix the test by taking more accurate timestamps between the events. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Avraham SternAvraham Stern
b5bf84ba39eWNM: Differentiate between WNM for station and for AP in buildPreviously, CONFIG_WNM enabled build that supports WNM for both station mode and AP mode. However, in most wpa_supplicant cases only station mode WNM is required and there is no need for AP mode WNM. Add support to differentiate between station mode WNM and AP mode WNM in wpa_supplicant builds by adding CONFIG_WNM_AP that should be used when AP mode WNM support is required in addition to stati...
Avraham SternAvraham Stern
922dcf1b457RRM: Remove duplicate frequencies from beacon report scan requestWhen setting the frequencies for beacon report request scan, it is possible that a frequency is added twice (e.g., when the same channel appears both in the channel field and in the AP channel report subelement). This may cause the scan request to fail. Make sure the frequencies array contains no duplications before requesting the scan. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
cdb3aab5696tests: Fix RRM tests to allow refused/incapable responsesSigned-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Avraham SternAvraham Stern
705e2909c63RRM: Send response when Beacon report request is not supported/refusedSend Radio Measurement response with measurement mode set to reject in the following cases: 1. Reporting conditions is not supported. 2. No valid channels found for the measurement Sending a response with an incapable indication will stop the AP from sending other measurement requests of the same type as specified in IEEE Std 802.11-2016, 11.11.6. Signed-off-by: Avraham Stern <avraham.stern...
Avraham SternAvraham Stern
3756acfd48cRRM: Send Radio Measurement response when beacon report scan failsWhen failing to trigger scan for beacon report (e.g., when the requested duration is not supported by the driver), send a Radio Measurement response with the mode set to refused and don't retry the scan. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Jouni MalinenJouni Malinen
d5571831506tests: Rejection of group-addressed RRM measurement requestSigned-off-by: Jouni Malinen <j@w1.fi>
Avraham SternAvraham Stern
b3c148e9f8aRRM: Send reject/refuse response only to unicast measurement requestIEEE Std 802.11-2016, 11.11.6 specifies that a station that is unable to make a requested measurement or refuses to make a measurement shall respond only if the measurement request was received within an individually addressed radio measurement request frame, but shall not respond if such a request was received in a group addressed frame. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Dmitry ShmidtDmitry Shmidt
51143af7e79wpa_cli: Fix global control interface for STA-FIRST/STA-NEXTIf global control interface is used and wlan doesn't support P2P, wpa_s->global->p2p == NULL, and log shows: wpa_supplicant: Failed to create interface p2p-dev-wlan0: -5 (I/O error) wpa_supplicant: nl80211: Failed to create a P2P Device interface p2p-dev-wlan0 wpa_supplicant: P2P: Failed to enable P2P Device interface Then STA-FIRST/STA-NEXT is not going to redirect to any interface, making...
Jouni MalinenJouni Malinen
809c675029fDPP: Fix build with OpenSSL 1.1.0X509_ALGOR_get0() was modified to use const ** pointer as the first argument in OpenSSL 1.1.0, so need to use different type here to avoid compilation issues. Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni MalinenJouni Malinen
89971d8b1e3OpenSSL: Clear default_passwd_cb more thoroughlyPreviously, the pointer to strdup passwd was left in OpenSSL library default_passwd_cb_userdata and even the default_passwd_cb was left set on an error path. To avoid unexpected behavior if something were to manage to use there pointers, clear them explicitly once done with loading of the private key. Signed-off-by: Jouni Malinen <j@w1.fi>
Beniamino GalvaniBeniamino Galvani
f665c93e1d2OpenSSL: Fix private key password handling with OpenSSL >= 1.1.0fSince OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the callback from the SSL object instead of the one from the CTX, so let's set the callback on both SSL and CTX. Note that SSL_set_default_passwd_cb*() is available only in 1.1.0. Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
Beniamino GalvaniBeniamino Galvani
2b9891bd6e1OpenSSL: Add build option to select default ciphersAdd a build option to select different default ciphers for OpenSSL instead of the hardcoded default "DEFAULT:!EXP:!LOW". This new option is useful on distributions where the security level should be consistent for all applications, as in Fedora [1]. In such cases the new configuration option would be set to "" or "PROFILE=SYSTEM" to select the global crypto policy by default. [1] https://fedo...
Ashwini PatilAshwini Patil
65833d71a5fOCE: Add hostapd mode OCE capability indication if enabledAdd OCE IE in Beacon, Probe Response, and (Re)Association Response frames if OCE is enabled in the configuration. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashwini PatilAshwini Patil
332aadb8a22STA: Add OCE capability indication attributeAdd OCE capability indication attribute in Probe Request and (Re)Association Request frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashwini PatilAshwini Patil
fb718f94d60nl80211: Check if driver supports OCE specific featuresCheck if device supports OCE STA/STA-CFON/AP specific mandatory features. This commit includes checking based on the QCA vendor attributes. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
vamsi krishnavamsi krishna
46b15e470e7Add vendor flags for OCE feature support indicationSigned-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Vidyullatha KanchanapallyVidyullatha Kanchanapally
b377ec2585bFILS: Fix issuing FILS connect to a non-FILS AP in driver-FILS caseIf an AP is not FILS capable and wpa_supplicant has a saved network block for the network with FILS key management and a saved erp info, wpa_supplicant might end up issuing a FILS connection to a non-FILS AP. Fix this by looking for the presence of FILS AKMs in wpa_s->key_mgmt, i.e., after deciding on the AKM suites to use for the current connection. Signed-off-by: Jouni Malinen <jouni@qca.qua...
Sunil DuttSunil Dutt
9f44f7f3b52Introduce a vendor attribute to represent the PNO/EPNO Request IDThis request ID was wrongly referred from the REQUEST_ID in enum qca_wlan_vendor_attr_gscan_config_params which is mapped to QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_LIST_PARAM_NUM in PNO Config. Hence define a different attribute to represent the request ID for PNO Config. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Emmanuel GrumbachEmmanuel Grumbach
881a92e8b85FILS: Fix compilation with CONFIG_NO_WPAwpa_fils_is_completed() was not defined. Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Jouni MalinenJouni Malinen
c1361765fd2tests: Additional EAP-TTLS error pathThis is a regression test for a memory leak on an error path. Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni MalinenJouni Malinen
1f2ae8cff5dEAP-TTLS: Fix a memory leak on error pathsThe allocated challenge needs to be freed on these error paths as well. Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan PeerIlan Peer
83e003a9132EAP-TTLS: Fix possible memory leak in eap_ttls_phase2_request_mschap()The msg buffer needs to be freed on these two error paths. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan PeerIlan Peer
422570eec80MBO: Fix possible memory leak in anqp_send_req()In case that an mbo object is allocated, but there is a failure to resize the wpabuf, need to free the mbo object. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni MalinenJouni Malinen
e4e99927bf6tests: Additional LEAP error pathThis is a regression test for a memory leak on an error path. Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan PeerIlan Peer
96e595a9f12EAP-LEAP: Fix possible memory leak in eap_leap_process_request()Free 'resp' object in case of a failure to derive the response. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Avraham SternAvraham Stern
23eead4d748RRM: Filter scan results by parent TSF only if driver supports itScan results with parent TSF older than the scan start TSF are not added to the beacon report since they are considered as scan results from previous scans. However, for drivers that report the scan start TSF but not the parent TSF of each scan result, the parent TSF will be zero so valid scan results will be dropped. Fix this by filtering scan results by the parent TSF only if the driver supp...
Naftali GoldsteinNaftali Goldstein
3f8e3a5486aap: Fix invalid HT40 channel pair fallbackIn case of incorrect HT40 configuration as part of an attempt to create a 80 MHz AP, iface->conf->vht_oper_centr_freq_seg0_idx and iface->conf->vht_oper_centr_freq_seg1_idx are zero'ed, but iface->conf->vht_oper_chwidth remains VHT_CHANWIDTH_80MHZ. This causes the logic in dfs_get_start_chan_idx to fail. Fix this by setting iface->conf->vht_oper_chwidth to VHT_CHANWIDTH_USE_HT when zero'ing th...
Ilan PeerIlan Peer
6d3e24d3e38ap: Fix return value in hostapd_drv_switch_channel()The documentation in driver.h state that in case of an error -1 is returned. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Adiel AloniAdiel Aloni
0b6cbc4e645tests: Use global control interface in test_p2p_channel.pyPreviously p2p_channel_drv_pref_* tests would fail if dedicated P2P device is used, since the SET commands were sent to incorrect interface. Fix this by using a global control interface instead. Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
d02e4c8ac8cP2P: Clear get_pref_freq_list_override on P2P DeviceClear the get_pref_freq_list_override in p2p_ctrl_flush(). This fixes the case when a dedicated P2P device interface is used. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Johannes BergJohannes Berg
100d334f43dtests: Print higher debug level on consoleWe capture the dmesg that contains everything, but if a test causes a kernel crash we will miss all logging at higher levels like debug. Change the printk level to catch all of that too. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes BergJohannes Berg
a95d5fdbe15tests: Catch various lockdep warningsLockdep no longer prints "INFO:" but now prints "WARNING:". Also add the "*** DEADLOCK ***" string it usually prints so if it changes again we can keep finding that string. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
bfbc41eace0DPP: Fix compilation without openssldpp.h file requires openssl in order to compile, which breaks compilation on systems without it. Move DPP_OUI_TYPE to ieee802_11_defs.h and don't include dpp.h when not really needed. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
4874f5bad32tests: Skip dpp_pkex_config dpp_pkex_config2 tests correctlyWhen CONFIG_DPP is not defined these tests would fail. Skip them. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Sunil DuttSunil Dutt
cc6088463a2P2P: Allow auto GO on DFS channels if driver supports thisIf a DFS forced frequency is provided in 'p2p_group_add' and the driver supports DFS offload, the frequency was rejected in wpas_p2p_init_go_params(). However, it was accepted in wpas_p2p_select_go_freq() and wpas_p2p_group_add(). To make the behavior consistent, the DFS frequency is now accepted in wpas_p2p_init_go_params() similar to the way done in wpas_p2p_select_go_freq(). Redundant check...
Vidyullatha KanchanapallyVidyullatha Kanchanapally
fe3e0bac1f3FILS: Advertize FILS capability based on driver capabilityAdd changes to control interface command get_capability to advertize FILS capability, FILS AKMs suites, and FILS Authentication algorithms based on the driver capabilities. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
5579c11c3edFix a typo in vendor attribute documentationThe attribute is QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SAR_ENABLE, not QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jeffin MammenJeffin Mammen
8b5ddda5fbaFILS: Add HLP support with driver-based AP SMEThis allows HLP processing to postpone association processing in hostapd_notify_assoc(). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jeffin MammenJeffin Mammen
31ec556cefbFILS: Fix the IP header protocol field in HLP DHCP responseThe IP header should indicate that UDP is used in the message. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Vidyullatha KanchanapallyVidyullatha Kanchanapally
9d3eb21ec47tests: FILS ERP authentication followed by PMKSA cachingThis test case verifies that both wpa_supplicant and hostapd are adding a PMKSA cache entry based on FILS shared key authentication using ERP. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
b3e567c890dFILS: ERP-based PMKSA cache addition on APhostapd did not add a new PMKSA cache entry when FILS shared key authentication was used, i.e., only the initial full authentication resulted in a PMKSA cache entry being created. Derive the PMKID for the ERP case as well and add a PMKSA cache entry if the ERP exchange succeeds. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
bfe448331f3FILS: Fix a frame name in a debug printThe EAP message included in FILS Wrapped Data from the non-AP STA to the AP is EAP-Initiate/Re-auth. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
6d49aeb7624MBO: Whitespace cleanupFix couple of previously missed whitespace issues. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashwini PatilAshwini Patil
f2cdb41b81fOCE: Define OCE attributes and other related macrosSigned-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
1c13be83d38tests: Scan for a specific BSSIDSigned-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashwini PatilAshwini Patil
267fc0dd336Add wpa_supplicant ctrl iface support to scan for a specific BSSIDAdd support to scan for a specific BSSID through the wpa_supplicant control interface. Usage: wpa_cli scan bssid=ab:bc:cd:de:ef:12 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
854d0de3d7ctests: DPP configurator signing own connectorSigned-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
f522bb2377bDPP: Add DPP_CONFIGURATOR_SIGN to generate own connectorThe DPP Configurator can use this new command to generate its own signed connector for the network that it manages. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>