aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* | Sync with mac80211-next.git include/uapi/linux/nl80211.hJouni Malinen2016-02-091-3/+65
| | | | | | | | | | | | | | | | | | | | This brings in nl80211 definitions as of 2015-11-26. Signed-off-by: Jouni Malinen <j@w1.fi> Git-commit: 5ef0b843555389d5d02b85d661c7b3b9165f3c4d Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: I749e12852c48f9d99ab1f787582e61bd3f9854b0 CRs-fixed: 930855
* | Sync with mac80211-next.git include/uapi/linux/nl80211.hJouni Malinen2016-02-091-14/+19
|/ | | | | | | | | | This brings in nl80211 definitions as of 2015-05-06. Signed-off-by: Jouni Malinen <j@w1.fi> Git-commit: dd9a42efbc39a7ff425a7b3d5a69cf55d64a19f3 Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: I3c8495b2f37fe7e1091bdb8223085779944b49a6 CRs-fixed: 930855
* eap_proxy: Handle crash if eap method is nullBala Krishna Bhamidipati2016-01-291-16/+21
| | | | | | | | | While conencting to eap SIM/AKA, if eap method, is not set in config file , supplicant will crash accessing eap_method in conf. Refer to eap methoods only if they are not NULL Change-Id: Idd1f49157700948d6f3c6aa494c2dfa9ff125a41 CRs-Fixed: 969387
* HTTP (curl): OCSP with BoringSSLJouni Malinen2016-01-111-0/+33
| | | | | | | | | | | | | This adds experimental support for using OCSP with libcurl that is built against BoringSSL. This needs small modifications to libcurl to allow CURLOPT_SSL_VERIFYSTATUS to be used to call SSL_enable_ocsp_stapling(connssl->handle) in ossl_connect_step1(). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 8d27efa814e8f2c8bb4e26c1389a0cb60f8c6991 Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: Ib73d598d2f9a31adfa9881d6a0ff9afb262e7adf CRs-fixed: 960177
* HTTP (curl): Fix compilation with BoringSSLJouni Malinen2016-01-111-0/+23
| | | | | | | | | | | Define the sk_*_{num,value}() macros in BoringSSL style if BoringSSL is used instead of OpenSSL. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: cc2994024d859ecf60a48e81723e9b5838012dd3 Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: Ib63e49df46392fa677e0562ba866f9e1feb1b6f4 CRs-fixed: 960177
* BoringSSL: Move OCSP implementation into a separate fileJouni Malinen2016-01-113-820/+868
| | | | | | | | | | | | This makes it easier to share the OCSP implementation needed for BoringSSL outside tls_openssl.c. For now, this is mainly for http_curl.c. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 213e158ca8d466c5bf1403eec83b9af56cf28dff Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: Ifee0388a823c9f7312e168d33f1a0cd93ca14f4c CRs-fixed: 960177
* BoringSSL: Implement support for OCSP staplingJouni Malinen2016-01-111-0/+847
| | | | | | | | | | | | | | | | | | | | BoringSSL has removed the OpenSSL OCSP implementation (OCSP_*() functions) and instead, provides only a minimal mechanism for include the status request extension and fetching the response from the server. As such, the previous OpenSSL-based implementation for OCSP stapling is not usable with BoringSSL. Add a new implementation that uses BoringSSL to request and fetch the OCSP stapling response and then parse and validate this with the new implementation within wpa_supplicant. While this may not have identical behavior with the OpenSSL-based implementation, this should be a good starting point for being able to use OCSP stapling with BoringSSL. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: bdee6ca0e0fb66c472a6dacb1415898fc54b7f35 Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: Ib2e1f191a7c6bbdaa6a962b2440958aaf71ab138 CRs-fixed: 960177
* OpenSSL: Reject OCSP-required configuration if no OCSP supportJouni Malinen2016-01-111-0/+10
| | | | | | | | | | | This is needed at least with BoringSSL to avoid accepting OCSP-required configuration with a TLS library that does not support OCSP stapling. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 355a5c8ec55434858ee9158298a2e984c2abde5c Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: Ia72ce79f16178de5cca1116ab9bca8fc9c9ef603 CRs-fixed: 960177
* P2P: Filter control chars in group client device name similarly to peerHu Wang2016-01-043-11/+26
| | | | | | | | | | | | | | | | P2P device discovery can add peer entries based on a message directly from a peer and from a Probe Response frame from a GO for all the P2P Clients in the group. The former case for filtering out control characters from the device name while the latter was not. Make this consistent and filter both cases in the same way to avoid confusing external programs using the device name of a P2P peer. CRs-fixed: 930000 Git-commit: 5d1d69a10f60eec624689408ec85fbe93657156d Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Change-Id: I5a22c6bbcc060c5e9b30b977a04915836b04f36f
* nl80211: Cancel all pending TX frame cookiesJouni Malinen2015-12-302-4/+44
| | | | | | | | | | | | These needs to be cancelled so that the kernel driver does not get left with all old entries blocking other offchannel operations Git-commit: 759a8a3a99845af1c5c10685ec7cb9cf4daa4593 Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> CRs-Fixed: 950786 Change-Id: Ia9a964c407c72384b606dbb1f033e110b8091b5c
* Merge 1a0fa705d4ab3bd90f108fe0127fb9dc7c94e396 on remote branchLinux Build Service Account2015-12-212-0/+62
|\ | | | | | | Change-Id: I449d779ba8ad9357af6942b1ea7f45b9bff8f813
| * Merge tag 'android-6.0.1_r3' into 601r3David Ng2015-12-091-0/+11
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Android 6.0.1 release 3 * tag 'android-6.0.1_r3': RSN: Stop connection attempt on apparent PMK mismatch Throttle control interface event message bursts Add wpa_supplicant EVENT_TEST control interface command hostapd: Global control interface notifications Add debug prints for wpa_supplicant ctrl_iface socket send operations Update AP WPA/RSN IE on all associations if driver can select BSS Conflicts: wpa_supplicant/ctrl_iface_unix.c Change-Id: I8c5a51afff761112ba36ae21b94fd21f07d4c18a
| | * RSN: Stop connection attempt on apparent PMK mismatchJouni Malinen2015-10-211-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If WPA2-Enterprise connection with full EAP authentication (i.e., no PMKSA caching used) results in a PMKID that does not match the one the AP/Authenticator indicates in EAPOL-Key msg 1/4, there is not much point in trying to trigger full EAP authentication by sending EAPOL-Start since this sequence was immediately after such full authentication attempt. There are known examples of authentication servers with incorrect MSK derivation when TLS v1.2 is used (e.g., FreeRADIUS 2.2.6 or 3.0.7 when built with OpenSSL 1.0.2). Write a clear debug log entry and also send it to control interface monitors when it looks likely that this case has been hit. After doing that, stop the connection attempt by disassociating instead of trying to send out EAPOL-Start to trigger new EAP authentication round (such another try can be tried with a new association). b/24253154 From upstream commit bddc51e8e422463dc96c263666b6fc4c26375cb6 Change-Id: I1e72c9d0232492103a10c0f4125170c000754ac5 Signed-off-by: Jouni Malinen <j@w1.fi>
| | * hostapd: Global control interface notificationsAnton Nayshtut2015-10-063-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit implements hostapd global control interface notifications infrastructure. hostapd global control interface clients issue ATTACH/DETACH commands to register and deregister with hostapd correspondingly - the same way as for any other hostapd/wpa_supplicant control interface. Bug: 24270573 Change-Id: I46da39e8262a446e7779a1adfbcb08b5bfa382d7 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
| * | Merge "Merge tag 'android-6.0.0_r26' into HEAD"Linux Build Service Account2015-12-091-0/+51
| |\ \
| | * | Merge tag 'android-6.0.0_r26' into HEADDavid Ng2015-11-301-0/+51
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Android 6.0.0 release 26 * tag 'android-6.0.0_r26': Update AP WPA/RSN IE on all associations if driver can select BSS Add QCA vendor command support to set band to driver nl80211: Use beacon TSF if it is newer than Probe Response TSF Conflicts: src/common/qca-vendor.h Change-Id: Ibab1bc3eda788f001e2a7a0a866c3a9af2a47dce
| | | * Add QCA vendor command support to set band to driverRavi Joshi2015-08-286-0/+127
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add vendor command to pass SET setband command to the driver and read the updated channel list from driver when this notification succeeds. This allows the driver to update its internal channel lists based on setband configuration. For merge compatibility it has 3 patches: 844dfeb Add QCA vendor command support to set band to driver 6b0ceee Add QCA vendor definitions for multi-port concurrency d71bdfb Add QCA vendor command for updating gateway parameters Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Dmitry Shmidt <dimitrysh@google.com> Bug: 23261230 Change-Id: I4ce6307c54b27d3d2f54d435fc0cae5480bdf23c
| | | * am 447c7ff8: Make sure configuration is saved to storage deviceMitchell Wills2015-08-265-0/+45
| | | |\ | | | | | | | | | | | | | | | | | | | | * commit '447c7ff83da0d89ffa70c378be2a4a58f9b14d3b': Make sure configuration is saved to storage device
| | | * | nl80211: Use beacon TSF if it is newer than Probe Response TSFSrinivas Dasari2015-08-241-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cfg80211 sends TSF information with the attribute NL80211_BSS_BEACON_TSF if the scan results include information from Beacon frame. Probe Response frame information is included in NL80211_BSS_TSF. If the device receives only Beacon frames, NL80211_BSS_TSF might not carry updated TSF, which results an older TSF being used in wpa_supplicant. Fetch both possible TSF values (if available) and choose the latest TSF for the BSS entry. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by: Dmitry Shmidt <dimitrysh@google.com> Bug: 22412559 Change-Id: I21a28265d5a9a2efec7a0deb51b353df368c4706
| * | | | FST: Make FST peer connection check more permissive in hostapdAnton Nayshtut2015-12-016-10/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Modify the FST peer connection check so it won't skip peers without MB IEs making it more permissive for peers that didn't provide MB IEs during association request. This can be helpful, e.g., in cases where a STA's interface connected before it was added to the FST group. This allows the AP to receive FST Action frames and initiate session with a STA via STA's interface that doesn't expose MB IEs. The adjusted FST protocol is still safe, as it protects itself in many other ways (checking band info and it's accordance to the interfaces, Setup IDs, connection states of the interfaces involved, etc.) effectively avoiding all types of invalid situations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: b47d05aa458ed7c7dfbfe09fc2a2af1f2fee7fc7 Git-repo : git://w1.fi/srv/git/hostap.git CRs-Fixed: 945518 Change-Id: Ie1a94890d55dcd7027947cedd4313eddebe3d487
| * | | | FST: Fix STA MB IEs creationAnton Nayshtut2015-12-011-26/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FST STA should always expose its MB IEs regardless of its connection state and whether the connected AP is currently FST-enabled or not. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: f231b3d816aa9818432b06b65e71114613b68a91 Git-repo : git://w1.fi/srv/git/hostap.git CRs-Fixed: 945518 Change-Id: Ie505405ed91b34fca17a1a6fe56b2a20357d3d64
| * | | | hostapd: Process MAC ACLs on a station association event (SME in driver)Anton Nayshtut2015-12-013-16/+44
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | now hostapd will use station MAC-based permissions according to the macaddr_acl policy also for drivers which use AP SME offload, but do not support NL80211_CMD_SET_MAC_ACL for offloading MAC ACL processing. It should be noted that in this type of case the association goes through and the station gets disconnected immediately after that. Change-Id: I88044e351c27dc5af0fc44a6e26c33c550fb84b0 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 0603bcb7fe8babf183362518238c142afe8e2036 Git-repo: git://w1.fi/srv/git/hostap.git CRs-Fixed: 934469
* | | | FST: Make FST peer connection check more permissive in hostapdAnton Nayshtut2015-12-026-10/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Modify the FST peer connection check so it won't skip peers without MB IEs making it more permissive for peers that didn't provide MB IEs during association request. This can be helpful, e.g., in cases where a STA's interface connected before it was added to the FST group. This allows the AP to receive FST Action frames and initiate session with a STA via STA's interface that doesn't expose MB IEs The adjusted FST protocol is still safe, as it protects itself in many other ways (checking band info and it's accordance to the interfaces, Setup IDs, connection states of the interfaces involved, etc.) effectively avoiding all types of invalid situations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: b47d05aa458ed7c7dfbfe09fc2a2af1f2fee7fc7 Git-repo : git://w1.fi/srv/git/hostap.git CRs-Fixed: 945518 Change-Id: Ie1a94890d55dcd7027947cedd4313eddebe3d487
* | | | FST: Fix STA MB IEs creationAnton Nayshtut2015-12-021-26/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FST STA should always expose its MB IEs regardless of its connection state and whether the connected AP is currently FST-enabled or not. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: f231b3d816aa9818432b06b65e71114613b68a91 Git-repo : git://w1.fi/srv/git/hostap.git CRs-Fixed: 945518 Change-Id: Ie505405ed91b34fca17a1a6fe56b2a20357d3d64
* | | | hostapd: Process MAC ACLs on a station association event (SME in driver)Anton Nayshtut2015-12-023-16/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | now hostapd will use station MAC-based permissions according to the macaddr_acl policy also for drivers which use AP SME offload, but do not support NL80211_CMD_SET_MAC_ACL for offloading MAC ACL processing. It should be noted that in this type of case the association goes through and the station gets disconnected immediately after that. Change-Id: I88044e351c27dc5af0fc44a6e26c33c550fb84b0 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 0603bcb7fe8babf183362518238c142afe8e2036 Git-repo: git://w1.fi/srv/git/hostap.git CRs-Fixed: 934469
* | | | EAP-pwd server: Fix last fragment length validationJouni Malinen2015-12-021-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | All but the last fragment had their length checked against the remaining room in the reassembly buffer. This allowed a suitably constructed last fragment frame to try to add extra data that would go beyond the buffer. The length validation code in wpabuf_put_data() prevents an actual buffer write overflow from occurring, but this results in process termination. (CVE-2015-5314) Signed-off-by: Jouni Malinen <j@w1.fi> Git-commit: bef802ece03f9ae9d52a21f0cf4f1bc2c5a1f8aa Git-repo: git://w1.fi/srv/git/hostap.git Change-Id: Ia283ce184fc880e2fcf7e60e40952cbfc2961709 CRs-Fixed: 937515
* | | | EAP-pwd peer: Fix last fragment length validationJouni Malinen2015-12-021-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | All but the last fragment had their length checked against the remaining room in the reassembly buffer. This allowed a suitably constructed last fragment frame to try to add extra data that would go beyond the buffer. The length validation code in wpabuf_put_data() prevents an actual buffer write overflow from occurring, but this results in process termination. (CVE-2015-5315) Signed-off-by: Jouni Malinen <j@w1.fi> Git-commit: 8057821706784608b828e769ccefbced95591e50 Git-repo: git://w1.fi/srv/git/hostap.git Change-Id: I565a55bd5a672be60af5b11dac4e78aa421d4772 CRs-Fixed: 937515
* | | | EAP-pwd peer: Fix error path for unexpected Confirm messageJouni Malinen2015-12-021-1/+2
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the Confirm message is received from the server before the Identity exchange has been completed, the group has not yet been determined and data->grp is NULL. The error path in eap_pwd_perform_confirm_exchange() did not take this corner case into account and could end up dereferencing a NULL pointer and terminating the process if invalid message sequence is received. (CVE-2015-5316) Signed-off-by: Jouni Malinen <j@w1.fi> Git-commit: 95577884ca4fa76be91344ff7a8d5d1e6dc3da61 Git-repo: git://w1.fi/srv/git/hostap.git Change-Id: I134a6ac3240d63fe43e5041fb462fa7288b1e4b6 CRs-Fixed: 937525
* | | Merge "TDLS: Do not send error case of TPK M3 if TX fails"Linux Build Service Account2015-11-011-1/+2
|\ \ \
| * | | TDLS: Do not send error case of TPK M3 if TX failsSunil Dutt2015-10-291-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no point in sending TPK M3 (TDLS Setup Confirm) with a failure status if the first transmission attempt fails. Instead, just return a failure by disabling the link rather than retransmitting the TPK M3 frame with an error status. CRs-Fixed: 930704 Change-Id: Id592ee93b2264cb10e934a6ebb477f8d580284cb Git-commit: f67d1a009963e9d7c3071950e77237a9d290e4eb Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* | | | Merge "Fix TK configuration to the driver in EAPOL-Key 3/4 retry case"Linux Build Service Account2015-11-012-0/+9
|\ \ \ \
| * | | | Fix TK configuration to the driver in EAPOL-Key 3/4 retry caseJouni Malinen2015-10-292-0/+9
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 7d711541dced759b34313477d5d163e65c5b0131 ('Clear TK part of PTK after driver key configuration') started clearing TK from memory immediately after having configured it to the driver when processing EAPOL-Key message 3/4. While this covered the most common case, it did not take into account the possibility of the authenticator having to retry EAPOL-Key message 3/4 in case the first EAPOL-Key message 4/4 response is lost. That case ended up trying to reinstall the same TK to the driver, but the key was not available anymore. Fix the EAPOL-Key message 3/4 retry case by configuring TK to the driver only once. There was no need to try to set the same key after each EAPOL-Key message 3/4 since TK could not change. If actual PTK rekeying is used, the new TK will be configured once when processing the new EAPOL-Key message 3/4 for the first time. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: ad00d64e7d8827b3cebd665a0ceb08adabf15e1e Git-repo: git://w1.fi/srv/git/hostap.git Change-Id: Iab4ecf5ab94e6ee4c3059723af4a3613f3468715 CRs-Fixed: 932655
* / / / Move debug level string conversion functions to wpa_debug.cJouni Malinen2015-10-272-0/+42
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes it possible to use these helper functions from hostapd as well as the current use in wpa_supplicant CRs-Fixed: 891515 Git-repo: git://w1.fi/srv/git/hostap.git Git-commit: ab62f96f55ebdda69a8fd173980c181adce0a1bf Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Change-Id: Icc4e48bf211ee67b7d732dfacc875afaba4a2209
* | | Merge "TDLS: On a TPK timeout, tear down the link before renewal by the ↵Linux Build Service Account2015-10-251-1/+7
|\ \ \ | | | | | | | | | | | | initiator"
| * | | TDLS: On a TPK timeout, tear down the link before renewal by the initiatorPradeep Reddy POTTETI2015-10-201-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On TPK lifetime expiration, tear down the direct link before renewing the link in the case of TDLS initiator processing. The expired key cannot be used anymore, so it is better to explicitly tear down the old link first. CRs-fixed: 926482 Change-Id: I1890103c5b754c94e9525b74703a5c149117fa07 Git-commit: 2bd5bdcd4b1822d0fe4c88f3dd02d0a4ea5913bb Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* | | | Merge "eap_proxy: Remove the reference to deprecated qmi_uim_srvc.h"Linux Build Service Account2015-10-231-4/+3
|\ \ \ \ | |/ / / |/| | |
| * | | eap_proxy: Remove the reference to deprecated qmi_uim_srvc.hAshwini Patil2015-10-151-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | As migrated to new qcci interface with modem, remove reference to deprecated qmi interface. Change-Id: Idc36aa5df0f01e0fa31736ba260b780cfc5850f1
* | | | Merge "BoringSSL: Fix PKCS12_parse() segfault when used without password"Linux Build Service Account2015-10-161-0/+2
|\ \ \ \
| * | | | BoringSSL: Fix PKCS12_parse() segfault when used without passwordJouni Malinen2015-10-091-0/+2
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unlike OpenSSL PKCS12_parse(), the BoringSSL version seems to require the password pointer to be non-NULL even if no password is present. Map passwrd == NULL to passwd = "" to avoid a NULL pointer dereference within BoringSSL. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: c07e7b43e91f8058b38e5534a53302f69d037dc8 Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: I37b2e1a04877ec7a2b2c3d3473ac5f9c92041cca CRs-fixed: 915372
* / / / Android: Set ctrl_iface client socket group (AID_WIFI) separatelyAmarnath Hullur Subramanyam2015-10-081-0/+2
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Split chown() call in wpa_ctrl_open() and wpa_ctrl_open2() to allow the group id to be set even if the process does not have privileges to change the owner. This is needed for modules that need to communicate with wpa_supplicant since without the group change, wpa_supplicant may not have privileges to send the response to a control interface command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 10cac5b1a2549a3731e870c574bdd64df7d92877 Git-repo: git://w1.fi/srv/git/hostap.git Change-Id: Ic04d9996c51c514f1aa1bef6fd104a3e5c8d7668 CRs-Fixed: 913406
* | | tls_openssl: check if key_id is NULL in tls_engine_initAhmad Kholaif2015-10-061-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Add a check for NULL and return if the key_id passed to tsl_engine_init() is NULL. Change-Id: I7e4b3b4ce1115ec5c2f99fd60ab03dd587768b1b CRs-Fixed: 915372
* | | Allow wpa_cli/hostapd_cli client socket directory to be specifiedManikandan Mohan2015-10-062-4/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a new helper function wpa_ctrl_open2() that can be used instead of wpa_ctrl_open() to override the default client socket directory. Add optional -s<directory path> argument to hostapd_cli and wpa_cli to allow the client socket directory to be specified. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 4ae7120919b16b8994212cd2675364159eeac5c7 Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: I07f81b365d4f02d4590f91baa5de9f493612a9da CRs-fixed: 908558
* | | nl80211: Use beacon TSF if it is newer than Probe Response TSFSrinivas Dasari2015-10-061-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cfg80211 sends TSF information with the attribute NL80211_BSS_BEACON_TSF if the scan results include information from Beacon frame. Probe Response frame information is included in NL80211_BSS_TSF. If the device receives only Beacon frames, NL80211_BSS_TSF might not carry updated TSF, which results an older TSF being used in wpa_supplicant. Fetch both possible TSF values (if available) and choose the latest TSF for the BSS entry. CRs-Fixed: 889889 Git-repo: git://w1.fi/srv/git/hostap.git Git-commit: 75055a538b344425c91f0b70e99121f1e758fef5 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Change-Id: I14153490ca9891eed7688333ac561dbd029fd434
* | | eloop: Fix cases where a socket is reopened from a timeout/signal handlerJouni Malinen2015-10-061-7/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It was possible for a registered eloop socket handler to be unregistered and re-registered for a re-opened socket with the same fd from a timeout or signal handler. If such a case happened with the old socket having a pending event waiting for processing, some eloop combinations could end up calling the new handler function with the new socket and get stuck waiting for an event that has not yet happened on the new socket. This happened with timeout and signal handlers with all eloop.c types. In addition to that, the epoll case could also trigger this when a socket handler re-registered a re-opened socket. Fix these by checking whether there has been socket handler changes during processing and break the processing round by going back to select/poll/epoll for an updated result if any changes are done during the eloop handler calls before processing the old socket results. CRs-Fixed: 879781 Git-repo: git://w1.fi/srv/git/hostap.git Git-commit: 7c524a64c1cf67729ee6308adccb4a1449389560 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Change-Id: Ibef05ba18a01f989aa9cab76729e224ffe147f30
* | | nl80211: Use nla_put_nested() to set NL80211_ATTR_MAC_ADDRSJouni Malinen2015-10-061-11/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows an empty nested list (i.e., no MAC addresses) to be included in the NL80211_CMD_SET_MAC_ACL message unlike with nla_nest_start()/nla_nest_end() where the current libnl implementation removes the "empty" attribute and causes cfg80211 to reject the command. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: f429ec443f4166c747fbf31944f05b51fffbc735 Git-repo : git://w1.fi/srv/git/hostap.git Change-Id: I68be7d7ddee575509c3354ad8f0ddb38b59c7c03 CRs-fixed: 898046
* | | Fallback to single sim functionality if subscription bind failes.Bala Krishna Bhamidipati2015-10-061-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Subscription binding is not needed for single SIM builds and is only needed for dual SIM builds. Thus, if the subscription fails , fall back for the single SIM functionality, rather than failing to initialize Change-Id: I53e0966f1ccb9169fa7d3c1f2dd7fa9357968579 CRs-Fixed: 894569
* | | Move the global data structures to eap_proxy contextBala Krishna Bhamidipati2015-10-061-5/+13
| | | | | | | | | | | | | | | | | | | | | | | | This commit moves the global data structures to eap_proxy context to provision multiple instances of eap_proxy exist per interface. Change-Id: I93be75b7f2888571e113bee2a6f42945100ba038 CRs-Fixed: 873821
* | | eap_proxy: set mnc_len properlyBala Krishna Bhamidipati2015-10-061-8/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 4th byte of EF-AD contains mnc length. But, only lower 4 bits will give the length. Other 4 bits can be set to 1111 in some cards. In 2G sim cards EF-AD will have only 3 bytes, and mnc_len will not be present. Also some 3G sim cards may have 4th byte with some invalid data. This fix will correct mnc_len to take only lower 4 bits of the 4th byte of EF-AD and also handle 2G and other cases Change-Id: I8f9154bc86f6580eb158ccd4e5afac081dff1bc4 CRs-Fixed: 871057
* | | FST: Mark fst_ies buffer constJouni Malinen2015-10-064-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This buffer is owned by the FST module, so mark it const in the set_ies() callback to make it clearer which component is responsible for modifying and freeing this. Change-Id: I85ba3b57a539f1eee9628b9d8f5691a03b58f1d1 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 84bcb4e7a97c758900abebce4382c81ed2b70b75 Git-repo: git://w1.fi/srv/git/hostap.git CRs-Fixed: 891455
* | | FST: Fix MB IE clearing on detachAnton Nayshtut2015-10-061-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes an issue where freed MB IEs buffer memory could potentially have been accessed after an interface is detached from FST group. Without this fix, if an interface is detached from FST group, it can use MB IEs buffer previously set by fst_iface_set_ies(), although the buffer was released by fst_iface_delete(). Change-Id: Iaaf680c78c588e8692c6fae21920a10d8800585d Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> Git-commit: 5e09f24a344d5043703a8d93cf51d9369247172f Git-repo: git://w1.fi/srv/git/hostap.git CRs-Fixed: 891455