From 5e6482d61a686aa7afdfedd4e10082ed87509961 Mon Sep 17 00:00:00 2001 From: Sunil Dutt Date: Thu, 30 Oct 2014 17:37:46 +0530 Subject: P2P: Delay scan operation only when P2P is not in search state With the radio work interface in place, station interface SCAN command was not scheduled (i.e., it got continously delayed with "Delay station mode scan while P2P operation is in progress") when a p2p_find was operational. Fix this be delaying station mode scan only when a P2P operation is in progress, but not in search state. CRs-fixed: 749465 Git-commit: e7ce54023926addb6be4442bd1a87698c57e7524 Git-repo: git://w1.fi/srv/git/hostap.git Change-Id : I0c897ce6902833554181d72ffd9142669ce7dc61 Signed-off-by: Jouni Malinen Change-Id: If5a53c3bd6814df8454ac4cda99d24af045040fd --- wpa_supplicant/scan.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wpa_supplicant/scan.c b/wpa_supplicant/scan.c index 40eb8d84..d9b0551a 100644 --- a/wpa_supplicant/scan.c +++ b/wpa_supplicant/scan.c @@ -593,7 +593,7 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) { struct wpa_supplicant *wpa_s = eloop_ctx; struct wpa_ssid *ssid; - int ret; + int ret, p2p_in_progress; struct wpabuf *extra_ie = NULL; struct wpa_driver_scan_params params; struct wpa_driver_scan_params *scan_params; @@ -646,7 +646,8 @@ static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) return; } - if (wpas_p2p_in_progress(wpa_s)) { + p2p_in_progress = wpas_p2p_in_progress(wpa_s); + if (p2p_in_progress && p2p_in_progress != 2) { wpa_dbg(wpa_s, MSG_DEBUG, "Delay station mode scan while P2P operation is in progress"); wpa_supplicant_req_scan(wpa_s, 5, 0); return; -- cgit v1.2.3 From c8e5c227008101d58dfee354f3c9555b5482495b Mon Sep 17 00:00:00 2001 From: Constantin Musca Date: Fri, 12 Sep 2014 10:22:19 +0300 Subject: P2P: Stop driver listen in p2p_state_timeout() When a P2P timeout occurs and p2p_state_timeout is executed, the stop_listen function can be called besides setting in_listen to zero in cases where the driver is still in ROC. That should not really happen in normal cases, but it is possible for some drivers to extend the ROC duration. If that happens, the next start_listen request may get rejected with "P2P: Reject start_listen since p2p_listen_work already exists". Change-Id: Idb4cb33e98a3bbf3cc4929272ee0bc9ca6140ba6 Signed-off-by: Constantin Musca Git-commit a902d5a64b825a778992e26c0add98479e9c3b39 Git-repo: git://w1.fi/srv/git/hostap.git Signed-off-by: Hamad Kadmany --- src/p2p/p2p.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c index e8161f7f..e3c5fda1 100644 --- a/src/p2p/p2p.c +++ b/src/p2p/p2p.c @@ -3509,6 +3509,10 @@ static void p2p_state_timeout(void *eloop_ctx, void *timeout_ctx) p2p_dbg(p2p, "Timeout (state=%s)", p2p_state_txt(p2p->state)); p2p->in_listen = 0; + if (p2p->drv_in_listen) { + p2p_dbg(p2p, "Driver is still in listen state - stop it"); + p2p->cfg->stop_listen(p2p->cfg->cb_ctx); + } switch (p2p->state) { case P2P_IDLE: -- cgit v1.2.3 From e2dcba6566a0bc33f2bad15664975740efb7550d Mon Sep 17 00:00:00 2001 From: Ahmad Masri Date: Sun, 26 Oct 2014 12:04:29 +0000 Subject: P2P: Support GCMP as part of 60 GHz support Change-Id: I8ea026a9fb474e6ad5ef20eee949b839ced6775e Signed-off-by: Jouni Malinen Git-commit: d77419d2348a9a08485dc00a09aa42dad21d6580 Git-repo: git://w1.fi/srv/git/hostap.git Signed-off-by: Hamad Kadmany --- src/ap/wps_hostapd.c | 2 +- wpa_supplicant/ap.c | 3 ++- wpa_supplicant/p2p_supplicant.c | 9 +++++++++ wpa_supplicant/wps_supplicant.c | 9 ++++++++- 4 files changed, 20 insertions(+), 3 deletions(-) diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c index 6f16f50e..c4d7194a 100644 --- a/src/ap/wps_hostapd.c +++ b/src/ap/wps_hostapd.c @@ -1049,7 +1049,7 @@ int hostapd_init_wps(struct hostapd_data *hapd, if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) wps->auth_types |= WPS_AUTH_WPA2; - if (conf->rsn_pairwise & WPA_CIPHER_CCMP) + if (conf->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) wps->encr_types |= WPS_ENCR_AES; if (conf->rsn_pairwise & WPA_CIPHER_TKIP) wps->encr_types |= WPS_ENCR_TKIP; diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c index f9aa8078..115b34db 100644 --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c @@ -317,7 +317,8 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, bss->ssid.security_policy != SECURITY_PLAINTEXT) goto no_wps; if (bss->ssid.security_policy == SECURITY_WPA_PSK && - (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2))) + (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) || + !(bss->wpa & 2))) goto no_wps; /* WPS2 does not allow WPA/TKIP-only * configuration */ bss->eap_server = 1; diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 878ff682..3e281d3b 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -1362,6 +1362,15 @@ static void wpas_start_wps_go(struct wpa_supplicant *wpa_s, ssid->key_mgmt = WPA_KEY_MGMT_PSK; ssid->proto = WPA_PROTO_RSN; ssid->pairwise_cipher = WPA_CIPHER_CCMP; + ssid->group_cipher = WPA_CIPHER_CCMP; + if (params->freq > 56160) { + /* + * Enable GCMP instead of CCMP as pairwise_cipher and + * group_cipher in 60 GHz. + */ + ssid->pairwise_cipher = WPA_CIPHER_GCMP; + ssid->group_cipher = WPA_CIPHER_GCMP; + } if (os_strlen(params->passphrase) > 0) { ssid->passphrase = os_strdup(params->passphrase); if (ssid->passphrase == NULL) { diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c index 40a5c696..40f235f7 100644 --- a/wpa_supplicant/wps_supplicant.c +++ b/wpa_supplicant/wps_supplicant.c @@ -286,7 +286,9 @@ static void wpas_wps_remove_dup_network(struct wpa_supplicant *wpa_s, /* compare security parameters */ if (ssid->auth_alg != new_ssid->auth_alg || ssid->key_mgmt != new_ssid->key_mgmt || - ssid->group_cipher != new_ssid->group_cipher) + (ssid->group_cipher != new_ssid->group_cipher && + !(ssid->group_cipher & new_ssid->group_cipher & + WPA_CIPHER_CCMP))) continue; /* @@ -471,6 +473,11 @@ static int wpa_supplicant_wps_cred(void *ctx, break; case WPS_ENCR_AES: ssid->pairwise_cipher = WPA_CIPHER_CCMP; + if (wpa_s->drv_capa_known && + (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_GCMP)) { + ssid->pairwise_cipher |= WPA_CIPHER_GCMP; + ssid->group_cipher |= WPA_CIPHER_GCMP; + } break; } -- cgit v1.2.3 From a3bdc38a16e8424585c0f105c9c2ef77988989dc Mon Sep 17 00:00:00 2001 From: Sunil Dutt Date: Thu, 30 Oct 2014 16:20:22 +0530 Subject: P2P: Set p2p_scan_running based on driver scan request result With the radio work interface, the actual request to start p2p_scan operation is scheduled from a radio work and hence the initial return value cannot provide the real result of the driver operation to trigger a scan. Introduce a new notification API to indicate the scan trigger status based on which the p2p_scan_running instance can be set using the real return value from the driver operation. CRs-Fixed: 748825 Git-Commit: b951a97454309a5078ee24a5796829a92f1df5f9 Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen Change-Id: Id22add55a3ecba93a89eaadcae8bfbef953f8bac --- src/p2p/p2p.c | 34 +++++++++++++++++++--------------- src/p2p/p2p.h | 7 +++++++ wpa_supplicant/p2p_supplicant.c | 2 ++ 3 files changed, 28 insertions(+), 15 deletions(-) diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c index e8161f7f..3bc000aa 100644 --- a/src/p2p/p2p.c +++ b/src/p2p/p2p.c @@ -958,14 +958,8 @@ static void p2p_search(struct p2p_data *p2p) p2p->num_req_dev_types, p2p->req_dev_types, p2p->find_dev_id, pw_id); if (res < 0) { - p2p_dbg(p2p, "Scan request failed"); + p2p_dbg(p2p, "Scan request schedule failed"); p2p_continue_find(p2p); - } else { - p2p_dbg(p2p, "Running p2p_scan"); - p2p->p2p_scan_running = 1; - eloop_cancel_timeout(p2p_scan_timeout, p2p, NULL); - eloop_register_timeout(P2P_SCAN_TIMEOUT, 0, p2p_scan_timeout, - p2p, NULL); } } @@ -978,6 +972,22 @@ static void p2p_find_timeout(void *eloop_ctx, void *timeout_ctx) } +void p2p_notify_scan_trigger_status(struct p2p_data *p2p, int status) +{ + if (status != 0) { + p2p_dbg(p2p, "Scan request failed"); + /* Do continue find even for the first p2p_find_scan */ + p2p_continue_find(p2p); + } else { + p2p_dbg(p2p, "Running p2p_scan"); + p2p->p2p_scan_running = 1; + eloop_cancel_timeout(p2p_scan_timeout, p2p, NULL); + eloop_register_timeout(P2P_SCAN_TIMEOUT, 0, p2p_scan_timeout, + p2p, NULL); + } +} + + static int p2p_run_after_scan(struct p2p_data *p2p) { struct p2p_device *dev; @@ -1108,17 +1118,11 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout, return -1; } - if (res == 0) { - p2p_dbg(p2p, "Running p2p_scan"); - p2p->p2p_scan_running = 1; - eloop_cancel_timeout(p2p_scan_timeout, p2p, NULL); - eloop_register_timeout(P2P_SCAN_TIMEOUT, 0, p2p_scan_timeout, - p2p, NULL); - } else if (p2p->p2p_scan_running) { + if (res != 0 && p2p->p2p_scan_running) { p2p_dbg(p2p, "Failed to start p2p_scan - another p2p_scan was already running"); /* wait for the previous p2p_scan to complete */ res = 0; /* do not report failure */ - } else { + } else if (res != 0) { p2p_dbg(p2p, "Failed to start p2p_scan"); p2p_set_state(p2p, P2P_IDLE); eloop_cancel_timeout(p2p_find_timeout, p2p, NULL); diff --git a/src/p2p/p2p.h b/src/p2p/p2p.h index 076a2ac1..284ad11a 100644 --- a/src/p2p/p2p.h +++ b/src/p2p/p2p.h @@ -948,6 +948,13 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout, unsigned int num_req_dev_types, const u8 *req_dev_types, const u8 *dev_id, unsigned int search_delay); +/** + * p2p_notify_scan_trigger_status - Indicate scan trigger status + * @p2p: P2P module context from p2p_init() + * @status: 0 on success, -1 on failure + */ +void p2p_notify_scan_trigger_status(struct p2p_data *p2p, int status); + /** * p2p_stop_find - Stop P2P Find (Device Discovery) * @p2p: P2P module context from p2p_init() diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 878ff682..ddd245d3 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -269,9 +269,11 @@ static void wpas_p2p_trigger_scan_cb(struct wpa_radio_work *work, int deinit) work->ctx = NULL; if (ret) { radio_work_done(work); + p2p_notify_scan_trigger_status(wpa_s->global->p2p, ret); return; } + p2p_notify_scan_trigger_status(wpa_s->global->p2p, ret); os_get_reltime(&wpa_s->scan_trigger_time); wpa_s->scan_res_handler = wpas_p2p_scan_res_handler; wpa_s->own_scan_requested = 1; -- cgit v1.2.3 From 54f7321493d7a1241706b79702d6447012bd7a60 Mon Sep 17 00:00:00 2001 From: Eduardo Abinader Date: Fri, 1 Aug 2014 12:31:07 -0400 Subject: P2P: Remove unreachable code in wpas_p2p_stop_find() Commit 152cff6ba6d6ac206b93a2202eab57f0a36c26cb ('P2P: Remove WPA_DRIVER_FLAGS_P2P_MGMT option') removed the only non-zero return from wpas_p2p_stop_find_oper(), but did not remove the useless return value or the return check in wpas_p2p_stop_find(). Clean these up by removing unreachable code and useless return value. Change-Id: I36bc270b154e25adef9256c07977515012eed6a8 CRs-fixed: 750852 Git-commit: 477b082cc4e9cb2025dba83bab6f9eed47eefc05 Git-repo: git://w1.fi/srv/git/hostap.git Signed-off-by: Eduardo Abinader --- wpa_supplicant/p2p_supplicant.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 878ff682..0daa2329 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -119,7 +119,7 @@ static void wpas_p2p_group_formation_timeout(void *eloop_ctx, static void wpas_p2p_group_freq_conflict(void *eloop_ctx, void *timeout_ctx); static void wpas_p2p_fallback_to_go_neg(struct wpa_supplicant *wpa_s, int group_added); -static int wpas_p2p_stop_find_oper(struct wpa_supplicant *wpa_s); +static void wpas_p2p_stop_find_oper(struct wpa_supplicant *wpa_s); static void wpas_stop_listen(void *ctx); static void wpas_p2p_psk_failure_removal(void *eloop_ctx, void *timeout_ctx); static void wpas_p2p_group_deinit(struct wpa_supplicant *wpa_s); @@ -5759,7 +5759,7 @@ int wpas_p2p_find(struct wpa_supplicant *wpa_s, unsigned int timeout, } -static int wpas_p2p_stop_find_oper(struct wpa_supplicant *wpa_s) +static void wpas_p2p_stop_find_oper(struct wpa_supplicant *wpa_s) { wpas_p2p_clear_pending_action_tx(wpa_s); wpa_s->p2p_long_listen = 0; @@ -5768,15 +5768,12 @@ static int wpas_p2p_stop_find_oper(struct wpa_supplicant *wpa_s) if (wpa_s->global->p2p) p2p_stop_find(wpa_s->global->p2p); - - return 0; } void wpas_p2p_stop_find(struct wpa_supplicant *wpa_s) { - if (wpas_p2p_stop_find_oper(wpa_s) > 0) - return; + wpas_p2p_stop_find_oper(wpa_s); wpas_p2p_remove_pending_group_interface(wpa_s); } -- cgit v1.2.3 From 7ded1dad4115d36850ca1b0101dfeb024a5c94a8 Mon Sep 17 00:00:00 2001 From: Sunil Dutt Date: Thu, 30 Oct 2014 20:51:52 +0530 Subject: P2P: Do not consider the p2p_scan results after p2p_stop_find If p2p_stop_find is issued after the p2p_scan request is triggered to the host driver, the obtained scan results are also considered to update the P2P peer entries. This is not always desired behavior, i.e., it can be clearer if no P2P-DEVICE-FOUND events are generated based of that final pending scan. Change-Id: Ia3d19990dd58c79b2252de0e5e145d8d711beae8 CRs-fixed: 750852 Git-commit: 477b082cc4e9cb2025dba83bab6f9eed47eefc05 Git-repo: git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen --- wpa_supplicant/ctrl_iface.c | 1 + wpa_supplicant/p2p_supplicant.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index d9123bae..5310eb7e 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -4976,6 +4976,7 @@ static void p2p_ctrl_flush(struct wpa_supplicant *wpa_s) { os_memset(wpa_s->p2p_auth_invite, 0, ETH_ALEN); wpa_s->force_long_sd = 0; + wpas_p2p_stop_find(wpa_s); if (wpa_s->global->p2p) p2p_flush(wpa_s->global->p2p); } diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 0daa2329..2613ed38 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -5759,6 +5759,28 @@ int wpas_p2p_find(struct wpa_supplicant *wpa_s, unsigned int timeout, } +static void wpas_p2p_scan_res_ignore_search(struct wpa_supplicant *wpa_s, + struct wpa_scan_results *scan_res) +{ + wpa_printf(MSG_DEBUG, "P2P: Ignore scan results"); + + if (wpa_s->p2p_scan_work) { + struct wpa_radio_work *work = wpa_s->p2p_scan_work; + wpa_s->p2p_scan_work = NULL; + radio_work_done(work); + } + + if (wpa_s->global->p2p_disabled || wpa_s->global->p2p == NULL) + return; + + /* + * Indicate that results have been processed so that the P2P module can + * continue pending tasks. + */ + p2p_scan_res_handled(wpa_s->global->p2p); +} + + static void wpas_p2p_stop_find_oper(struct wpa_supplicant *wpa_s) { wpas_p2p_clear_pending_action_tx(wpa_s); @@ -5768,6 +5790,12 @@ static void wpas_p2p_stop_find_oper(struct wpa_supplicant *wpa_s) if (wpa_s->global->p2p) p2p_stop_find(wpa_s->global->p2p); + + if (wpa_s->scan_res_handler == wpas_p2p_scan_res_handler) { + wpa_printf(MSG_DEBUG, + "P2P: Do not consider the scan results after stop_find"); + wpa_s->scan_res_handler = wpas_p2p_scan_res_ignore_search; + } } -- cgit v1.2.3 From c1eb4a27762301ef7f7049b3137a00de78152486 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 27 Sep 2014 22:41:28 +0300 Subject: WPS: Fix WPS-in-search check when STA_AUTOCONNECT is disabled If "STA_AUTOCONNECT 0" has been used to disable automatic connection on disconnection event and the driver indicates multiple disconnection events for the disconnection from the current AP when WPS is started, it could have been possible to hit a case where wpa_s->disconnected was set to 1 during WPS processing and the following scan result processing would stop the operation. wpa_s->key_mgmt == WPA_KEY_MGMT_WPS check was trying to avoid to skip autoconnect when WPS was in use, but that does not seem to work anymore. Fix this by checking through wpas_wps_searching() as well to avoid setting wpa_s->disconnect = 1 when there is an ongoing WPS operation. Signed-off-by: Jouni Malinen Git-commit: 6e252b0db3cfbc345384feaeac7b7a934610448a Git-repo : git://w1.fi/srv/git/hostap.git CRs-fixed: 758089 Change-Id: I7ce7f68c47f611e8e3e819959b2d234f6e2e3d75 --- wpa_supplicant/events.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 43d60046..a9e6439c 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -2163,10 +2163,12 @@ static void wpa_supplicant_event_disassoc_finish(struct wpa_supplicant *wpa_s, } if (!wpa_s->disconnected && (!wpa_s->auto_reconnect_disabled || - wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)) { + wpa_s->key_mgmt == WPA_KEY_MGMT_WPS || + wpas_wps_searching(wpa_s))) { wpa_dbg(wpa_s, MSG_DEBUG, "Auto connect enabled: try to " - "reconnect (wps=%d wpa_state=%d)", + "reconnect (wps=%d/%d wpa_state=%d)", wpa_s->key_mgmt == WPA_KEY_MGMT_WPS, + wpas_wps_searching(wpa_s), wpa_s->wpa_state); if (wpa_s->wpa_state == WPA_COMPLETED && wpa_s->current_ssid && -- cgit v1.2.3 From acc9f5bc1a3e687fa95a6cc8b1908faf5b6197f0 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 14 Nov 2014 20:57:05 +0200 Subject: Work around AP misbehavior on EAPOL-Key descriptor version It looks like some APs are incorrectly selecting descriptor version 3 (AES-128-CMAC) for EAPOL-Key frames when version 2 (HMAC-SHA1) was expected to be used. This is likely triggered by an attempt to negotiate PMF with SHA1-based AKM. Since AES-128-CMAC is considered stronger than HMAC-SHA1, allow the incorrect, but stronger, option to be used in these cases to avoid interoperability issues with deployed APs. This issue shows up with "WPA: CCMP is used, but EAPOL-Key descriptor version (3) is not 2" in debug log. With the new workaround, this issue is ignored and "WPA: Interoperability workaround: allow incorrect (should have been HMAC-SHA1), but stronger (is AES-128-CMAC), descriptor version to be used" is written to the log. Signed-off-by: Jouni Malinen Git-commit: 9f6a7cddc42811883d6035032854089475f2fc65 Git-repo : git://w1.fi/srv/git/hostap.git CRs-fixed: 758207 Change-Id: If33e34aa0583a3a39f15cc5714eb1fe0ed28e361 --- src/rsn_supp/wpa.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 7e095751..56718b1b 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1752,6 +1752,9 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Backwards compatibility: allow invalid " "version for non-CCMP group keys"); + } else if (ver == WPA_KEY_INFO_TYPE_AES_128_CMAC) { + wpa_msg(sm->ctx->msg_ctx, MSG_INFO, + "WPA: Interoperability workaround: allow incorrect (should have been HMAC-SHA1), but stronger (is AES-128-CMAC), descriptor version to be used"); } else goto out; } else if (sm->pairwise_cipher == WPA_CIPHER_GCMP && -- cgit v1.2.3 From dddb6a5696a6ec6846d5927eb52878a5c3649441 Mon Sep 17 00:00:00 2001 From: Rashmi Ramanna Date: Mon, 17 Nov 2014 16:07:24 +0530 Subject: P2P: Do not change P2P state on GO Neg failure if it is P2P_SEARCH Changing the P2P state to P2P_IDLE on GO Negotiation Failure would stop the previously issued P2P_FIND operation without notifying the upper layers. Leave the search operation running if in P2P_SEARCH state to avoid unexpected behavior in case the upper layers issued a new P2P_FIND while waiting for GO Negotiation to complete. CRs-fixed: 759557 Git-commit: 9d11832090d6c8cc2f5d1586354d8c6b2e082703 Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen Change-Id: I39421ce48c957d71f2f8e8bdf18e5fd544b3800c --- src/p2p/p2p.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c index 7e12866a..9f3cff4c 100644 --- a/src/p2p/p2p.c +++ b/src/p2p/p2p.c @@ -215,9 +215,16 @@ void p2p_go_neg_failed(struct p2p_data *p2p, struct p2p_device *peer, int status) { struct p2p_go_neg_results res; - p2p_clear_timeout(p2p); eloop_cancel_timeout(p2p_go_neg_wait_timeout, p2p, NULL); - p2p_set_state(p2p, P2P_IDLE); + if (p2p->state != P2P_SEARCH) { + /* + * Clear timeouts related to GO Negotiation if no new p2p_find + * has been started. + */ + p2p_clear_timeout(p2p); + p2p_set_state(p2p, P2P_IDLE); + } + if (p2p->go_neg_peer) { p2p->go_neg_peer->flags &= ~P2P_DEV_PEER_WAITING_RESPONSE; p2p->go_neg_peer->wps_method = WPS_NOT_READY; -- cgit v1.2.3 From 497aa9894cf02f626216e9c661b2820ce4593cf3 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Thu, 30 Oct 2014 11:43:47 +0200 Subject: MACsec: Fix policy configuration macsec_validate variable was set incorrectly to FALSE(0) or TRUE(1) instead of the enum validate_frames values (Disabled(0), Checked(1), Strict(2). This ended up policy == SHOULD_SECURE to be mapped to macsec_validate == Checked instead of Strict. This could have resulted in unintended SecY forwarding of invalid packets rather than dropping them. Change-Id: I5959392657b3ae73a4b4bb1196c03127325dba4e CRs-fixed: 748991 Git-commit: 43d859271894f83c5de6294685b5919889541bab Git-repo: git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen --- src/pae/ieee802_1x_kay.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c index 56c195ab..0f961282 100644 --- a/src/pae/ieee802_1x_kay.c +++ b/src/pae/ieee802_1x_kay.c @@ -3159,7 +3159,7 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, kay->macsec_capable = MACSEC_CAP_NOT_IMPLEMENTED; kay->macsec_desired = FALSE; kay->macsec_protect = FALSE; - kay->macsec_validate = FALSE; + kay->macsec_validate = Disabled; kay->macsec_replay_protect = FALSE; kay->macsec_replay_window = 0; kay->macsec_confidentiality = CONFIDENTIALITY_NONE; @@ -3167,7 +3167,7 @@ ieee802_1x_kay_init(struct ieee802_1x_kay_ctx *ctx, enum macsec_policy policy, kay->macsec_capable = MACSEC_CAP_INTEG_AND_CONF_0_30_50; kay->macsec_desired = TRUE; kay->macsec_protect = TRUE; - kay->macsec_validate = TRUE; + kay->macsec_validate = Strict; kay->macsec_replay_protect = FALSE; kay->macsec_replay_window = 0; kay->macsec_confidentiality = CONFIDENTIALITY_OFFSET_0; -- cgit v1.2.3 From f3d1d404e7a85a394e8dddffc507f68615aa7d62 Mon Sep 17 00:00:00 2001 From: Neelansh Mittal Date: Tue, 25 Nov 2014 15:41:28 +0530 Subject: Do not re-open Android control sockets On Android, the control socket being used may be the socket that is created when wpa_supplicant is started as a /init.*.rc service. Such a socket is maintained as a key-value pair in Android's environment. Closing this control socket would leave wpa_supplicant in a bad state. When wpa_supplicant re-opens the ctrl_iface socket, it will query the Android's environment, and will be returned with the same socket descriptor that has already been closed. CRs-fixed: 755459 Git-commit: 3a7414b6a65403ca1b857aa8950a384adaec5f13 Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen Change-Id: Ide6901d7fe7ed9fa0f62920365b5e1acf3208da9 --- wpa_supplicant/ctrl_iface_unix.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/wpa_supplicant/ctrl_iface_unix.c b/wpa_supplicant/ctrl_iface_unix.c index 40082e24..99f3e538 100644 --- a/wpa_supplicant/ctrl_iface_unix.c +++ b/wpa_supplicant/ctrl_iface_unix.c @@ -47,6 +47,7 @@ struct ctrl_iface_priv { struct wpa_supplicant *wpa_s; int sock; struct dl_list ctrl_dst; + int android_control_socket; }; @@ -54,6 +55,7 @@ struct ctrl_iface_global_priv { struct wpa_global *global; int sock; struct dl_list ctrl_dst; + int android_control_socket; }; @@ -340,8 +342,10 @@ static int wpas_ctrl_iface_open_sock(struct wpa_supplicant *wpa_s, os_snprintf(addr.sun_path, sizeof(addr.sun_path), "wpa_%s", wpa_s->conf->ctrl_interface); priv->sock = android_get_control_socket(addr.sun_path); - if (priv->sock >= 0) + if (priv->sock >= 0) { + priv->android_control_socket = 1; goto havesock; + } #endif /* ANDROID */ if (os_strncmp(buf, "DIR=", 4) == 0) { dir = buf + 4; @@ -556,6 +560,16 @@ static int wpas_ctrl_iface_reinit(struct wpa_supplicant *wpa_s, if (priv->sock <= 0) return -1; + /* + * On Android, the control socket being used may be the socket + * that is created when wpa_supplicant is started as a /init.*.rc + * service. Such a socket is maintained as a key-value pair in + * Android's environment. Closing this control socket would leave us + * in a bad state with an invalid socket descriptor. + */ + if (priv->android_control_socket) + return priv->sock; + eloop_unregister_read_sock(priv->sock); close(priv->sock); priv->sock = -1; @@ -870,6 +884,7 @@ static int wpas_global_ctrl_iface_open_sock(struct wpa_global *global, } wpa_printf(MSG_DEBUG, "Using Android control socket '%s'", ctrl + 9); + priv->android_control_socket = 1; goto havesock; } @@ -884,6 +899,7 @@ static int wpas_global_ctrl_iface_open_sock(struct wpa_global *global, wpa_printf(MSG_DEBUG, "Using Android control socket '%s'", ctrl); + priv->android_control_socket = 1; goto havesock; } } @@ -1064,6 +1080,16 @@ static int wpas_ctrl_iface_global_reinit(struct wpa_global *global, if (priv->sock <= 0) return -1; + /* + * On Android, the control socket being used may be the socket + * that is created when wpa_supplicant is started as a /init.*.rc + * service. Such a socket is maintained as a key-value pair in + * Android's environment. Closing this control socket would leave us + * in a bad state with an invalid socket descriptor. + */ + if (priv->android_control_socket) + return priv->sock; + eloop_unregister_read_sock(priv->sock); close(priv->sock); priv->sock = -1; -- cgit v1.2.3 From 5331659e57c7aab29f85c30ba7378f2430473ad7 Mon Sep 17 00:00:00 2001 From: Rashmi Ramanna Date: Wed, 26 Nov 2014 21:23:55 +0530 Subject: P2P: Reinvite with social operation channel if no common channels If invitation to reinvoke a persistent group from the GO fails with the peer indicating that there are no common channels, there is no defined means for the peer to indicate which channel could have worked. Since this type of issue with available channels changing over time can happen, try to work around this by retrying invitation using one of the social channels as the operating channel unless a specific operating channel was forced for the group. CRs-fixed: 764464 Git-commit: ac330cfd87397a1a01e697984f3944f427e88dad Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen Change-Id: I40106f91e0e7bc3b2dfddcac75c7034a34773e95 --- src/p2p/p2p_i.h | 2 ++ src/p2p/p2p_invitation.c | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/src/p2p/p2p_i.h b/src/p2p/p2p_i.h index 19f4a803..11359316 100644 --- a/src/p2p/p2p_i.h +++ b/src/p2p/p2p_i.h @@ -269,6 +269,8 @@ struct p2p_data { u8 invite_go_dev_addr_buf[ETH_ALEN]; int invite_dev_pw_id; + unsigned int retry_invite_req; + /** * sd_peer - Pointer to Service Discovery peer */ diff --git a/src/p2p/p2p_invitation.c b/src/p2p/p2p_invitation.c index ef01a668..cfd95ab1 100644 --- a/src/p2p/p2p_invitation.c +++ b/src/p2p/p2p_invitation.c @@ -431,6 +431,22 @@ void p2p_process_invitation_resp(struct p2p_data *p2p, const u8 *sa, return; } + if (*msg.status == P2P_SC_FAIL_NO_COMMON_CHANNELS && + p2p->retry_invite_req && + p2p_channel_random_social(&p2p->cfg->channels, &p2p->op_reg_class, + &p2p->op_channel) == 0) { + p2p->retry_invite_req = 0; + p2p->cfg->stop_listen(p2p->cfg->cb_ctx); + p2p_set_state(p2p, P2P_INVITE); + p2p_dbg(p2p, "Resend Invitation Request setting op_class %u channel %u as operating channel", + p2p->op_reg_class, p2p->op_channel); + p2p_invite_send(p2p, p2p->invite_peer, p2p->invite_go_dev_addr, + p2p->invite_dev_pw_id); + p2p_parse_free(&msg); + return; + } + p2p->retry_invite_req = 0; + if (!msg.channel_list && *msg.status == P2P_SC_SUCCESS) { p2p_dbg(p2p, "Mandatory Channel List attribute missing in Invitation Response from " MACSTR, MAC2STR(sa)); @@ -592,6 +608,8 @@ int p2p_invite(struct p2p_data *p2p, const u8 *peer, enum p2p_invite_role role, dev_pw_id); } p2p->invite_dev_pw_id = dev_pw_id; + p2p->retry_invite_req = role == P2P_INVITE_ROLE_GO && + persistent_group && !force_freq; dev = p2p_get_device(p2p, peer); if (dev == NULL || (dev->listen_freq <= 0 && dev->oper_freq <= 0 && -- cgit v1.2.3 From 98be21929a86b9d4d985928dc7a83245b2bb9f9c Mon Sep 17 00:00:00 2001 From: Bala Krishna Bhamidipati Date: Wed, 3 Dec 2014 12:45:41 +0530 Subject: eap_proxy: Remove extra bytes in EAP-Response/Identity Adding size_of wpa_buf to the eap response from the modem is reflecting in extra bytes to the identity and some radius servers are unable to map the identity, further causing a failure. This fix will remove the extra length being added to the response frame. Change-Id: Ie3c8db99b4de5d94491c329ff63adfb48527c1aa CRs-Fixed: 765232 --- src/eap_peer/eap_proxy_qmi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/eap_peer/eap_proxy_qmi.c b/src/eap_peer/eap_proxy_qmi.c index 8f834b1b..912b252a 100644 --- a/src/eap_peer/eap_proxy_qmi.c +++ b/src/eap_peer/eap_proxy_qmi.c @@ -1317,7 +1317,7 @@ struct wpabuf * eap_proxy_get_eapRespData(struct eap_proxy_sm *eap_proxy) return NULL; } - resp->used = sizeof(struct wpabuf) + len; + resp->used = len; os_memcpy(resp->buf, eap_proxy->qmi_resp_data.eap_send_pkt_resp.resp_data, len); /* -- cgit v1.2.3 From d469524ab80b02f14dd18097c8460cbf5d29926e Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 2 Dec 2014 19:42:23 +0200 Subject: Allow a BSS entry with all-zeros BSSID to expire wpa_bss_in_use() used to determine that a BSS with BSSID of 00:00:00:00:00:00 is in use in almost every case since either wpa_s->bssid or wpa_s->pending_bssid was likely to be cleared. This could result in a corner case of a BSS entry remaining in the BSS table indefinitely if one was added there with a (likely bogus) address of 00:00:00:00:00:00. Fix this by ignore wpa_s->bssid and wpa_s->pending_bssid if the BSSID in the BSS table entry is 00:00:00:00:00:00. In theory, that address is a valid BSSID, but it is unlikely to be used in any production AP, so the potential expiration of a BSS entry with that address during a connection attempt would not be a concern (especially when a new scan would be enough to recover from that). CRs-Fixed: 766537 Git-commit: 44177b69e8854177044aad4c57cf9cce8269b306 Git-repo : git://w1.fi/srv/git/hostap.git Signed-off-by: Jouni Malinen Change-Id: Ie70a0aa2ba3a8b942f7f9798b1d15d87391547a8 --- wpa_supplicant/bss.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wpa_supplicant/bss.c b/wpa_supplicant/bss.c index d731a801..73d3ed65 100644 --- a/wpa_supplicant/bss.c +++ b/wpa_supplicant/bss.c @@ -306,8 +306,9 @@ static int wpa_bss_known(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) static int wpa_bss_in_use(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) { return bss == wpa_s->current_bss || - os_memcmp(bss->bssid, wpa_s->bssid, ETH_ALEN) == 0 || - os_memcmp(bss->bssid, wpa_s->pending_bssid, ETH_ALEN) == 0; + (!is_zero_ether_addr(bss->bssid) && + (os_memcmp(bss->bssid, wpa_s->bssid, ETH_ALEN) == 0 || + os_memcmp(bss->bssid, wpa_s->pending_bssid, ETH_ALEN) == 0)); } -- cgit v1.2.3