| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a possible memcpy overflow for P2P dev->oper_ssid in
p2p_add_device(). The length provided by the peer device (0..255 bytes)
was used without proper bounds checking and that could have resulted in
arbitrary data of up to 223 bytes being written beyond the end of the
dev->oper_ssid[] array (of which about 150 bytes would be beyond the
heap allocation) when processing a corrupted management frame for P2P
peer discovery purposes.
This could result in corrupted state in heap, unexpected program
behavior due to corrupted P2P peer device information, denial of service
due to process crash, exposure of memory contents during GO Negotiation,
and potentially arbitrary code execution.
Thanks to Google security team for reporting this issue and smart
hardware research group of Alibaba security team for discovering it.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
(cherry picked from commit fdb708a37d8f7f1483e3cd4e8ded974f53fedace)
Change-Id: Ibc53ff533f78cfcd7c51fbb5d5494b828f184cc8
|
| |
|
|
|
|
|
|
| |
In the mediatek platform the performance of p2p connections will
degrade significantly if different frequences are used for STA and
P2P.
Change-Id: I8bd7e4a3f10177c99d273eccb88c8590fcbe3d34
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When there is no channel preference mentioned by user, auto GO
can be started on any of the 5 GHz channels supported for P2P.
Consider operating classes 115 and 124 which do not require DFS.
CRs-Fixed: 802336
Git-repo: git://w1.fi/srv/git/hostap.git
Git-commit: 95d7b863ecab973bb0829e038c0548c1b934d96b
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I0cc086fdda6f0d779018d47c9473575dbec8447e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These were already covered in both README-HS20 for credentials and in
header files for developers' documentation, but the copy in
wpa_supplicant.conf did not include all the details. In addition, add a
clearer note pointing at subject_match not being suitable for suffix
matching domain names; domain_suffix_match must be used for that.
Signed-off-by: Jouni Malinen <j@w1.fi>
Git-repo : git://w1.fi/srv/git/hostap.git
Git-commit:394b54732ec9586f96aa91423a2da55806b0adec
CRs-Fixed: 786617
Change-Id: I0b0b7e001bcc78a6a3a347b6c23ba38d76a78c58
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Android framework maintains a state to process the scan results after
the scan is issued. If wpa_supplicant issues the scan during the
initialization, the one issued by the framework may fail (with EBUSY) if
the host driver is already processing the scan. Thus, the scan results
returned for the first scan triggered by wpa_supplicant are not
processed for getting displayed resulting in delay for the display of
the first scan results after the Wi-Fi subsystem initialization. Thus,
trigger the scan only based on the framework request on Android.
CRs-Fixed: 768336
Git-commit: ee82e33d6abdf84cadaa765dadf9e0ec06f5762b
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: Ic7fe90cb390a02c5eea1cb21ec74718c257e439d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FAIL-BUSY was already returned for the case where a scan had been
started, but with the radio work design, it would have been possible to
schedule multiple scan requests if a non-scan radio work was in
progress. Multiple back-to-back scans are not usually very helpful, so
reject this type of cases where the SCAN command would be used to build
such a sequence.
CRs-Fixed: 774291
Git-commit: e69ae5ff319f549635a87c844b8a4f20c7289ca2
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: Idd14f540e573c07e2bb7ee71927b93b51b8f1d6f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Suppose there are two APs (AP1 & AP2) and user attempted to connect to
AP2 before the previous connection with AP1 could succeed. Now, if the
connection event comes for the older AP with failed status, we should
just ignore it as the wpa_supplicant state has moved to "ASSOCIATING"
with the new AP (AP2).
This is a similar to the case where a disconnection event is ignored for
a case where local disconnect request can cause the extra event to show
up during the next association process following that command.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
Git-commit: 0d4e3d1d13b2fd28128f10bc7f455034bc1bbcbb
Git-repo : git://w1.fi/srv/git/hostap.git
Change-Id: If3190b21e0430f181ef342fabf63cd9090fa59b7
CRs-fixed: 771294
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using QCA vendor command, allow ACS function to be offloaded to the
driver. Once channels are selected, hostapd is notified to perform OBSS
operation
Conflicts:
src/ap/ap_drv_ops.c
src/common/qca-vendor.h
src/drivers/driver.h
src/drivers/driver_common.c
src/drivers/driver_nl80211.c
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Git-commit: 16689c7cfc99c66aecbf16eb2f4a8bc941cb5d0f
Git-repo : git://w1.fi/srv/git/hostap.git
Change-Id: Ib36cdc5b267901ba3e3cc373d722f9fdc5ff50bb
CRs-fixed: 752061
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit ac330cfd87397a1a01e697984f3944f427e88dad ('P2P: Reinvite with
social operation channel if no common channels') introduced a mechamisn
to reinvite a peer during a persistent group reinvocation from a GO with
a different operating channel proposal. This mechanism can fail if the
inviting device (GO) ends up getting a retransmitted, duplicated
Invitation Response frame processed second time while waiting for the
response to the retried Invitation Request (using one of the social
channels as the operating channel). IEEE 802.11 duplicate frame
detection mechanisms are supposed to prevent this type of sequence, but
not all drivers support those rules properly for pre-association frames,
including P2P Public Action frames.
Work around this issue by checking that the dialog token in the
Invitation Response frame matches the one from the last Invitation
Request if the special invitation retry mechanism is used. This is safer
to do now than to enable dialog token matching for all invitation cases.
CRs-fixed: 768932
Git-commit: 36b5c3335ad512061d2b39af03bb7e3508209951
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I131608ccc18597ecf1579e994c41026ec5fd2742
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert the driver flags variable to u64 since there was no room for
more flags.
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Conflicts:
src/drivers/driver.h
src/drivers/driver_nl80211.c
Git-commit: 24bd4e0be56ef0371a71f4749808a44b3aeffe16
Git-repo : git://w1.fi/srv/git/hostap.git
Change-Id: Ic4cc033fcc3eea368e32f230f37be96b713d1316
CRs-fixed: 752061
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some flag already using a bit larger than 32, so extend the hostapd
drv_flags type similarly to the earlier wpa_supplicant change to get the
full flag content.
Signed-off-by: Yanbo Li <yanbol@qti.qualcomm.com>
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Git-commit: e3a8ad44055d5b453c7f080958137eb718a60b6e
Git-repo : git://w1.fi/srv/git/hostap.git
Change-Id: I48c71d11a5f7e774c678d95d8fe2e276eda5f05c
CRs-fixed: 752061
|
| |\
| |
| |
| | |
git://codeaurora.org/platform/external/wpa_supplicant_8 into cm-12.0
|
| | |\
| | |
| | |
| | | |
LA.BF.1.1_rb1.16
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adding size_of wpa_buf to the eap response from the modem is
reflecting in extra bytes to the identity and some radius servers
are unable to map the identity, further causing a failure.
This fix will remove the extra length being added to the response
frame.
Change-Id: Ie3c8db99b4de5d94491c329ff63adfb48527c1aa
CRs-Fixed: 765232
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
wpa_bss_in_use() used to determine that a BSS with BSSID of
00:00:00:00:00:00 is in use in almost every case since either
wpa_s->bssid or wpa_s->pending_bssid was likely to be cleared. This
could result in a corner case of a BSS entry remaining in the BSS table
indefinitely if one was added there with a (likely bogus) address of
00:00:00:00:00:00. Fix this by ignore wpa_s->bssid and
wpa_s->pending_bssid if the BSSID in the BSS table entry is
00:00:00:00:00:00.
In theory, that address is a valid BSSID, but it is unlikely to be used
in any production AP, so the potential expiration of a BSS entry with
that address during a connection attempt would not be a concern
(especially when a new scan would be enough to recover from that).
CRs-Fixed: 766537
Git-commit: 44177b69e8854177044aad4c57cf9cce8269b306
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: Ie70a0aa2ba3a8b942f7f9798b1d15d87391547a8
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If invitation to reinvoke a persistent group from the GO fails with the
peer indicating that there are no common channels, there is no defined
means for the peer to indicate which channel could have worked. Since
this type of issue with available channels changing over time can
happen, try to work around this by retrying invitation using one of the
social channels as the operating channel unless a specific operating
channel was forced for the group.
CRs-fixed: 764464
Git-commit: ac330cfd87397a1a01e697984f3944f427e88dad
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I40106f91e0e7bc3b2dfddcac75c7034a34773e95
|
| | |\ \
| | |/
| |/| |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
On Android, the control socket being used may be the socket that is
created when wpa_supplicant is started as a /init.*.rc service. Such a
socket is maintained as a key-value pair in Android's environment.
Closing this control socket would leave wpa_supplicant in a bad state.
When wpa_supplicant re-opens the ctrl_iface socket, it will query the
Android's environment, and will be returned with the same socket
descriptor that has already been closed.
CRs-fixed: 755459
Git-commit: 3a7414b6a65403ca1b857aa8950a384adaec5f13
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: Ide6901d7fe7ed9fa0f62920365b5e1acf3208da9
|
| | |\ \
| | |/
| |/| |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changing the P2P state to P2P_IDLE on GO Negotiation Failure would stop
the previously issued P2P_FIND operation without notifying the upper
layers. Leave the search operation running if in P2P_SEARCH state to
avoid unexpected behavior in case the upper layers issued a new P2P_FIND
while waiting for GO Negotiation to complete.
CRs-fixed: 759557
Git-commit: 9d11832090d6c8cc2f5d1586354d8c6b2e082703
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I39421ce48c957d71f2f8e8bdf18e5fd544b3800c
|
| | |\ \
| | |/
| |/| |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
macsec_validate variable was set incorrectly to FALSE(0) or TRUE(1)
instead of the enum validate_frames values (Disabled(0), Checked(1),
Strict(2). This ended up policy == SHOULD_SECURE to be mapped to
macsec_validate == Checked instead of Strict. This could have resulted
in unintended SecY forwarding of invalid packets rather than dropping
them.
Change-Id: I5959392657b3ae73a4b4bb1196c03127325dba4e
CRs-fixed: 748991
Git-commit: 43d859271894f83c5de6294685b5919889541bab
Git-repo: git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It looks like some APs are incorrectly selecting descriptor version 3
(AES-128-CMAC) for EAPOL-Key frames when version 2 (HMAC-SHA1) was
expected to be used. This is likely triggered by an attempt to negotiate
PMF with SHA1-based AKM.
Since AES-128-CMAC is considered stronger than HMAC-SHA1, allow the
incorrect, but stronger, option to be used in these cases to avoid
interoperability issues with deployed APs.
This issue shows up with "WPA: CCMP is used, but EAPOL-Key descriptor
version (3) is not 2" in debug log. With the new workaround, this issue
is ignored and "WPA: Interoperability workaround: allow incorrect
(should have been HMAC-SHA1), but stronger (is AES-128-CMAC), descriptor
version to be used" is written to the log.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Git-commit: 9f6a7cddc42811883d6035032854089475f2fc65
Git-repo : git://w1.fi/srv/git/hostap.git
CRs-fixed: 758207
Change-Id: If33e34aa0583a3a39f15cc5714eb1fe0ed28e361
|
| | |\ \
| | |/
| |/| |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If "STA_AUTOCONNECT 0" has been used to disable automatic connection on
disconnection event and the driver indicates multiple disconnection
events for the disconnection from the current AP when WPS is started, it
could have been possible to hit a case where wpa_s->disconnected was set
to 1 during WPS processing and the following scan result processing
would stop the operation.
wpa_s->key_mgmt == WPA_KEY_MGMT_WPS check was trying to avoid to skip
autoconnect when WPS was in use, but that does not seem to work anymore.
Fix this by checking through wpas_wps_searching() as well to avoid
setting wpa_s->disconnect = 1 when there is an ongoing WPS operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Git-commit: 6e252b0db3cfbc345384feaeac7b7a934610448a
Git-repo : git://w1.fi/srv/git/hostap.git
CRs-fixed: 758089
Change-Id: I7ce7f68c47f611e8e3e819959b2d234f6e2e3d75
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Change-Id: I8ea026a9fb474e6ad5ef20eee949b839ced6775e
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Git-commit: d77419d2348a9a08485dc00a09aa42dad21d6580
Git-repo: git://w1.fi/srv/git/hostap.git
Signed-off-by: Hamad Kadmany <hkadmany@codeaurora.org>
|
| | |\| |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a P2P timeout occurs and p2p_state_timeout is executed, the
stop_listen function can be called besides setting in_listen to zero in
cases where the driver is still in ROC. That should not really happen in
normal cases, but it is possible for some drivers to extend the ROC
duration. If that happens, the next start_listen request may get
rejected with "P2P: Reject start_listen since p2p_listen_work already
exists".
Change-Id: Idb4cb33e98a3bbf3cc4929272ee0bc9ca6140ba6
Signed-off-by: Constantin Musca <constantin.musca@intel.com>
Git-commit a902d5a64b825a778992e26c0add98479e9c3b39
Git-repo: git://w1.fi/srv/git/hostap.git
Signed-off-by: Hamad Kadmany <hkadmany@codeaurora.org>
|
| | |\ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If p2p_stop_find is issued after the p2p_scan request is triggered to
the host driver, the obtained scan results are also considered to update
the P2P peer entries. This is not always desired behavior, i.e., it can
be clearer if no P2P-DEVICE-FOUND events are generated based of that
final pending scan.
Change-Id: Ia3d19990dd58c79b2252de0e5e145d8d711beae8
CRs-fixed: 750852
Git-commit: 477b082cc4e9cb2025dba83bab6f9eed47eefc05
Git-repo: git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
|
| | |\| | |
|
| | | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Commit 152cff6ba6d6ac206b93a2202eab57f0a36c26cb ('P2P: Remove
WPA_DRIVER_FLAGS_P2P_MGMT option') removed the only non-zero return from
wpas_p2p_stop_find_oper(), but did not remove the useless return value
or the return check in wpas_p2p_stop_find(). Clean these up by removing
unreachable code and useless return value.
Change-Id: I36bc270b154e25adef9256c07977515012eed6a8
CRs-fixed: 750852
Git-commit: 477b082cc4e9cb2025dba83bab6f9eed47eefc05
Git-repo: git://w1.fi/srv/git/hostap.git
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
|
| | |\ \ |
|
| | | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
With the radio work interface, the actual request to start p2p_scan
operation is scheduled from a radio work and hence the initial return
value cannot provide the real result of the driver operation to trigger
a scan. Introduce a new notification API to indicate the scan trigger
status based on which the p2p_scan_running instance can be set using the
real return value from the driver operation.
CRs-Fixed: 748825
Git-Commit: b951a97454309a5078ee24a5796829a92f1df5f9
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: Id22add55a3ecba93a89eaadcae8bfbef953f8bac
|
| | |\ \
| | |/
| |/| |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
With the radio work interface in place, station interface SCAN command
was not scheduled (i.e., it got continously delayed with "Delay station
mode scan while P2P operation is in progress") when a p2p_find was
operational. Fix this be delaying station mode scan only when a P2P
operation is in progress, but not in search state.
CRs-fixed: 749465
Git-commit: e7ce54023926addb6be4442bd1a87698c57e7524
Git-repo: git://w1.fi/srv/git/hostap.git
Change-Id : I0c897ce6902833554181d72ffd9142669ce7dc61
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: If5a53c3bd6814df8454ac4cda99d24af045040fd
|
| |\ \
| | |
| | |
| | | |
Android 5.0.1 release 1
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It looks like some APs are incorrectly selecting descriptor version 3
(AES-128-CMAC) for EAPOL-Key frames when version 2 (HMAC-SHA1) was
expected to be used. This is likely triggered by an attempt to negotiate
PMF with SHA1-based AKM.
Since AES-128-CMAC is considered stronger than HMAC-SHA1, allow the
incorrect, but stronger, option to be used in these cases to avoid
interoperability issues with deployed APs.
This issue shows up with "WPA: CCMP is used, but EAPOL-Key descriptor
version (3) is not 2" in debug log. With the new workaround, this issue
is ignored and "WPA: Interoperability workaround: allow incorrect
(should have been HMAC-SHA1), but stronger (is AES-128-CMAC), descriptor
version to be used" is written to the log.
Bug: 18411110
Change-Id: I9ae12e8882adc9e785f6e4cef9f30b89bf72dcd2
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It looks like some APs are incorrectly selecting descriptor version 3
(AES-128-CMAC) for EAPOL-Key frames when version 2 (HMAC-SHA1) was
expected to be used. This is likely triggered by an attempt to negotiate
PMF with SHA1-based AKM.
Since AES-128-CMAC is considered stronger than HMAC-SHA1, allow the
incorrect, but stronger, option to be used in these cases to avoid
interoperability issues with deployed APs.
This issue shows up with "WPA: CCMP is used, but EAPOL-Key descriptor
version (3) is not 2" in debug log. With the new workaround, this issue
is ignored and "WPA: Interoperability workaround: allow incorrect
(should have been HMAC-SHA1), but stronger (is AES-128-CMAC), descriptor
version to be used" is written to the log.
Change-Id: I3f2c75e21a0a0098258df0a64d618ea6e5cf59bf
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: Michael Evans <michaelcevans10@gmail.com>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Most devices hate this. To support it, a device needs NVRAM
setup for it.
This reverts commit 6b7661db4e2e3c0a37e3935f906ef9013ddef824.
Conflicts:
wpa_supplicant/wpa_supplicant_template.conf
Change-Id: I1e91c9116c22483049e95c25f6166d2472164d18
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The timeout check while waiting for the peer to accept the GO
Negotiation depended on the WAIT_PEER_IDLE or WAIT_PEER_CONNECT states
being in use. Any P2P command to alter such states would have resulted
in the failure to time out GO Negotiation and thus ended up in not
indicating GO Negotiation failure or left the selected peer available
for new GO negotiation after the expected two minute timeout.
Fix this by using a separate timer to time out GO Negotiation
irrespective of the P2P state.
CRs-fixed: 748090
Git-commit: 0c6eee8b751de95f2adf27c3dbb535251c642c19
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: Ida803864778ab0f443c68f6d0cfd51143c952439
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It is possible for scan result processing or BSS entry removal to occur
while there is a pending connect or sme-connect radio work with a
previously selected BSS entry. The BSS pointer was previously verified
to be valid, i.e., still point to a BSS entry, at the time the actual
connection operation is started. However, that BSS entry could have
changed to point to another BSS if the old BSS entry was either removed
or reallocated and a new BSS entry was added at the same location in
memory. This could result in the connection attempt failing to configure
parameters properly due to different BSS information (e.g., different
BSSID).
Fix this by updated the pending connect radio work data on BSS entry
updates similarly to how the last_scan_res array was updated. If the
selected BSS entry is removed, this will still result in a failed
connection, but reallocated BSS entry is now followed properly and used
when the connection work starts.
CRs-fixed: 720732
Git-commit: a7f5271d52e7aabf6c6aee54da2fdcb65df89cdc
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I47a03f7de74346fdd4b4286083260cc1113a84f0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit fixes couple of connection failure paths where
wpas_connect_work_done() was not called, thus enabling the radio work
interface to proceed with the other queued actions.
CRs-fixed: 720732
Git-commit: 7465640066ce3215348ab94df8a6cfef8fff90b8
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I5b700cb6d7d93cc111e4272991b4c5df3f5d971c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The previous TX operation could be on another channel if there are
multiple peers with pending SD queries. To avoid failing to send the
following query, stop the last one to allow any Listen channel to be
used for the following query during p2p_find iteration.
CRs-fixed: 746126
Git-commit: 4db207518de5b2988abfcb548809f3af1da3ecb0
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: If27ce54c7c09676dc1eb0a75113491d6c13bb892
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit 7139cf4a4f1fecfd03d0daff9bb33adb80cc3530 ('P2P: Decrement
sd_pending_bcast_queries when sd returns success') added support for
retrying P2P SD queries. However, it did this without limiting how many
retries are allowed. This can result in excessive number of retries if a
peer device does not show up on its Listen channel and there is a
pending SD query to it. Limit the maximum number of SD retries to 100
per p2p_find operation for each peer to avoid unlimited retries.
CRs-fixed: 746126
Git-commit: 44abecbf0256c78f33bd0e87a7ce264ebbc70cf8
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: Id3abd323ea1214d0c5377f9c5875d900af741fbb
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit 7139cf4a4f1fecfd03d0daff9bb33adb80cc3530 ('P2P: Decrement
sd_pending_bcast_queries when sd returns success') changed P2P SD
behavior in a way that the P2P search loop ended up in continuing with
the first peer entry until it acknowledged receipt of a pending
broadcast SD request while the previous design went through all peers
once. While it is reasonable to retry SD, getting stuck with the first
peer is not really desirable. Change the p2p_continue_find() loop to
continue from the next peer in each iteration to allow progress through
all peers that have pending operations if any other peer is not
acknowledging frames (e.g., due to not being on Listen channel).
CRs-fixed: 746126
Git-commit: e706b8c8e5da0c6456e3b52f84585193232e79aa
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I61318abc3888d65c24d6cbca2528ab63cb3dd832
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This avoids an issue where a wpa_supplicant build with CONFIG_P2P=y and
CONFIG_HS20=y ended up processing a P2P SD query twice when operating as
a GO and sending out two replies. Only the P2P SD implementation should
reply to P2P SD query in such a case.
CRs-fixed: 746126
Git-commit: a6b1215769ce9bb9f33ba5c59d4926773e9b99a8
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I4060642288a58fede3113223a15f1094702ff983
|
