svn commit: r289284 - in vendor/wpa/dist: hostapd hs20/client patches src src/ap src/common src/crypto src/drivers src/eap_common src/eap_peer src/eap_server src/eapol_auth src/eapol_supp src/fst s...
Rui Paulo
rpaulo at FreeBSD.org
Wed Oct 14 04:30:19 UTC 2015
Author: rpaulo
Date: Wed Oct 14 04:30:17 2015
New Revision: 289284
URL: https://svnweb.freebsd.org/changeset/base/289284
Log:
Import wpa_supplicant/hostapd 2.5.
Major changes: bunch of CVEs fixed, tab completion for wpa_cli and
misc bug fixes.
Added:
vendor/wpa/dist/patches/openssl-0.9.8zf-tls-extensions.patch
vendor/wpa/dist/src/crypto/sha384-prf.c (contents, props changed)
vendor/wpa/dist/src/fst/
vendor/wpa/dist/src/fst/Makefile (contents, props changed)
vendor/wpa/dist/src/fst/fst.c (contents, props changed)
vendor/wpa/dist/src/fst/fst.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_ctrl_aux.c (contents, props changed)
vendor/wpa/dist/src/fst/fst_ctrl_aux.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_ctrl_defs.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_ctrl_iface.c (contents, props changed)
vendor/wpa/dist/src/fst/fst_ctrl_iface.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_defs.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_group.c (contents, props changed)
vendor/wpa/dist/src/fst/fst_group.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_iface.c (contents, props changed)
vendor/wpa/dist/src/fst/fst_iface.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_internal.h (contents, props changed)
vendor/wpa/dist/src/fst/fst_session.c (contents, props changed)
vendor/wpa/dist/src/fst/fst_session.h (contents, props changed)
vendor/wpa/dist/wpa_supplicant/eapol_test.py (contents, props changed)
vendor/wpa/dist/wpa_supplicant/p2p_supplicant_sd.c (contents, props changed)
Deleted:
vendor/wpa/dist/src/crypto/crypto_cryptoapi.c
vendor/wpa/dist/src/crypto/tls_schannel.c
Modified:
vendor/wpa/dist/hostapd/ChangeLog
vendor/wpa/dist/hostapd/Makefile
vendor/wpa/dist/hostapd/config_file.c
vendor/wpa/dist/hostapd/config_file.h
vendor/wpa/dist/hostapd/ctrl_iface.c
vendor/wpa/dist/hostapd/defconfig
vendor/wpa/dist/hostapd/hlr_auc_gw.c
vendor/wpa/dist/hostapd/hlr_auc_gw.milenage_db
vendor/wpa/dist/hostapd/hostapd.conf
vendor/wpa/dist/hostapd/hostapd_cli.c
vendor/wpa/dist/hostapd/main.c
vendor/wpa/dist/hs20/client/Makefile
vendor/wpa/dist/hs20/client/osu_client.c
vendor/wpa/dist/hs20/client/spp_client.c
vendor/wpa/dist/src/Makefile
vendor/wpa/dist/src/ap/Makefile
vendor/wpa/dist/src/ap/accounting.c
vendor/wpa/dist/src/ap/acs.c
vendor/wpa/dist/src/ap/ap_config.c
vendor/wpa/dist/src/ap/ap_config.h
vendor/wpa/dist/src/ap/ap_drv_ops.c
vendor/wpa/dist/src/ap/ap_drv_ops.h
vendor/wpa/dist/src/ap/ap_list.c
vendor/wpa/dist/src/ap/ap_list.h
vendor/wpa/dist/src/ap/authsrv.c
vendor/wpa/dist/src/ap/beacon.c
vendor/wpa/dist/src/ap/beacon.h
vendor/wpa/dist/src/ap/ctrl_iface_ap.c
vendor/wpa/dist/src/ap/dfs.c
vendor/wpa/dist/src/ap/drv_callbacks.c
vendor/wpa/dist/src/ap/eap_user_db.c
vendor/wpa/dist/src/ap/hostapd.c
vendor/wpa/dist/src/ap/hostapd.h
vendor/wpa/dist/src/ap/hw_features.c
vendor/wpa/dist/src/ap/hw_features.h
vendor/wpa/dist/src/ap/ieee802_11.c
vendor/wpa/dist/src/ap/ieee802_11.h
vendor/wpa/dist/src/ap/ieee802_11_auth.c
vendor/wpa/dist/src/ap/ieee802_11_auth.h
vendor/wpa/dist/src/ap/ieee802_11_ht.c
vendor/wpa/dist/src/ap/ieee802_11_vht.c
vendor/wpa/dist/src/ap/ieee802_1x.c
vendor/wpa/dist/src/ap/ieee802_1x.h
vendor/wpa/dist/src/ap/ndisc_snoop.c
vendor/wpa/dist/src/ap/sta_info.c
vendor/wpa/dist/src/ap/sta_info.h
vendor/wpa/dist/src/ap/utils.c
vendor/wpa/dist/src/ap/vlan_init.c
vendor/wpa/dist/src/ap/vlan_init.h
vendor/wpa/dist/src/ap/vlan_util.c
vendor/wpa/dist/src/ap/wmm.c
vendor/wpa/dist/src/ap/wpa_auth.c
vendor/wpa/dist/src/ap/wpa_auth.h
vendor/wpa/dist/src/ap/wpa_auth_ft.c
vendor/wpa/dist/src/ap/wpa_auth_glue.c
vendor/wpa/dist/src/ap/wpa_auth_i.h
vendor/wpa/dist/src/ap/wpa_auth_ie.c
vendor/wpa/dist/src/ap/wps_hostapd.c
vendor/wpa/dist/src/ap/x_snoop.c
vendor/wpa/dist/src/common/Makefile
vendor/wpa/dist/src/common/common_module_tests.c
vendor/wpa/dist/src/common/defs.h
vendor/wpa/dist/src/common/hw_features_common.c
vendor/wpa/dist/src/common/hw_features_common.h
vendor/wpa/dist/src/common/ieee802_11_common.c
vendor/wpa/dist/src/common/ieee802_11_common.h
vendor/wpa/dist/src/common/ieee802_11_defs.h
vendor/wpa/dist/src/common/privsep_commands.h
vendor/wpa/dist/src/common/qca-vendor.h
vendor/wpa/dist/src/common/sae.c
vendor/wpa/dist/src/common/sae.h
vendor/wpa/dist/src/common/version.h
vendor/wpa/dist/src/common/wpa_common.c
vendor/wpa/dist/src/common/wpa_common.h
vendor/wpa/dist/src/common/wpa_ctrl.c
vendor/wpa/dist/src/common/wpa_ctrl.h
vendor/wpa/dist/src/crypto/crypto.h
vendor/wpa/dist/src/crypto/crypto_module_tests.c
vendor/wpa/dist/src/crypto/crypto_openssl.c
vendor/wpa/dist/src/crypto/dh_groups.c
vendor/wpa/dist/src/crypto/fips_prf_openssl.c
vendor/wpa/dist/src/crypto/ms_funcs.c
vendor/wpa/dist/src/crypto/ms_funcs.h
vendor/wpa/dist/src/crypto/random.c
vendor/wpa/dist/src/crypto/sha1-tlsprf.c
vendor/wpa/dist/src/crypto/sha1-tprf.c
vendor/wpa/dist/src/crypto/sha256-kdf.c
vendor/wpa/dist/src/crypto/sha384.h
vendor/wpa/dist/src/crypto/tls.h
vendor/wpa/dist/src/crypto/tls_gnutls.c
vendor/wpa/dist/src/crypto/tls_internal.c
vendor/wpa/dist/src/crypto/tls_none.c
vendor/wpa/dist/src/crypto/tls_openssl.c
vendor/wpa/dist/src/drivers/driver.h
vendor/wpa/dist/src/drivers/driver_atheros.c
vendor/wpa/dist/src/drivers/driver_bsd.c
vendor/wpa/dist/src/drivers/driver_hostap.c
vendor/wpa/dist/src/drivers/driver_hostap.h
vendor/wpa/dist/src/drivers/driver_ndis.c
vendor/wpa/dist/src/drivers/driver_nl80211.c
vendor/wpa/dist/src/drivers/driver_nl80211.h
vendor/wpa/dist/src/drivers/driver_nl80211_android.c
vendor/wpa/dist/src/drivers/driver_nl80211_capa.c
vendor/wpa/dist/src/drivers/driver_nl80211_event.c
vendor/wpa/dist/src/drivers/driver_nl80211_scan.c
vendor/wpa/dist/src/drivers/driver_privsep.c
vendor/wpa/dist/src/drivers/driver_wext.c
vendor/wpa/dist/src/drivers/drivers.c
vendor/wpa/dist/src/drivers/drivers.mak
vendor/wpa/dist/src/drivers/linux_ioctl.c
vendor/wpa/dist/src/drivers/linux_ioctl.h
vendor/wpa/dist/src/drivers/nl80211_copy.h
vendor/wpa/dist/src/eap_common/Makefile
vendor/wpa/dist/src/eap_common/eap_common.c
vendor/wpa/dist/src/eap_common/eap_fast_common.c
vendor/wpa/dist/src/eap_common/eap_pwd_common.c
vendor/wpa/dist/src/eap_common/eap_pwd_common.h
vendor/wpa/dist/src/eap_common/eap_sake_common.c
vendor/wpa/dist/src/eap_common/ikev2_common.c
vendor/wpa/dist/src/eap_peer/Makefile
vendor/wpa/dist/src/eap_peer/eap.c
vendor/wpa/dist/src/eap_peer/eap.h
vendor/wpa/dist/src/eap_peer/eap_aka.c
vendor/wpa/dist/src/eap_peer/eap_eke.c
vendor/wpa/dist/src/eap_peer/eap_fast.c
vendor/wpa/dist/src/eap_peer/eap_gpsk.c
vendor/wpa/dist/src/eap_peer/eap_i.h
vendor/wpa/dist/src/eap_peer/eap_mschapv2.c
vendor/wpa/dist/src/eap_peer/eap_pax.c
vendor/wpa/dist/src/eap_peer/eap_peap.c
vendor/wpa/dist/src/eap_peer/eap_pwd.c
vendor/wpa/dist/src/eap_peer/eap_sake.c
vendor/wpa/dist/src/eap_peer/eap_sim.c
vendor/wpa/dist/src/eap_peer/eap_tls.c
vendor/wpa/dist/src/eap_peer/eap_tls_common.c
vendor/wpa/dist/src/eap_peer/eap_tls_common.h
vendor/wpa/dist/src/eap_peer/eap_ttls.c
vendor/wpa/dist/src/eap_peer/eap_wsc.c
vendor/wpa/dist/src/eap_server/Makefile
vendor/wpa/dist/src/eap_server/eap.h
vendor/wpa/dist/src/eap_server/eap_i.h
vendor/wpa/dist/src/eap_server/eap_server.c
vendor/wpa/dist/src/eap_server/eap_server_eke.c
vendor/wpa/dist/src/eap_server/eap_server_fast.c
vendor/wpa/dist/src/eap_server/eap_server_mschapv2.c
vendor/wpa/dist/src/eap_server/eap_server_peap.c
vendor/wpa/dist/src/eap_server/eap_server_pwd.c
vendor/wpa/dist/src/eap_server/eap_server_tls.c
vendor/wpa/dist/src/eap_server/eap_server_tls_common.c
vendor/wpa/dist/src/eap_server/eap_server_ttls.c
vendor/wpa/dist/src/eap_server/eap_tls_common.h
vendor/wpa/dist/src/eapol_auth/Makefile
vendor/wpa/dist/src/eapol_auth/eapol_auth_sm.c
vendor/wpa/dist/src/eapol_auth/eapol_auth_sm.h
vendor/wpa/dist/src/eapol_supp/Makefile
vendor/wpa/dist/src/eapol_supp/eapol_supp_sm.c
vendor/wpa/dist/src/l2_packet/Makefile
vendor/wpa/dist/src/p2p/Makefile
vendor/wpa/dist/src/p2p/p2p.c
vendor/wpa/dist/src/p2p/p2p.h
vendor/wpa/dist/src/p2p/p2p_build.c
vendor/wpa/dist/src/p2p/p2p_dev_disc.c
vendor/wpa/dist/src/p2p/p2p_go_neg.c
vendor/wpa/dist/src/p2p/p2p_group.c
vendor/wpa/dist/src/p2p/p2p_i.h
vendor/wpa/dist/src/p2p/p2p_invitation.c
vendor/wpa/dist/src/p2p/p2p_parse.c
vendor/wpa/dist/src/p2p/p2p_pd.c
vendor/wpa/dist/src/p2p/p2p_utils.c
vendor/wpa/dist/src/radius/Makefile
vendor/wpa/dist/src/radius/radius.c
vendor/wpa/dist/src/radius/radius_das.c
vendor/wpa/dist/src/radius/radius_server.c
vendor/wpa/dist/src/radius/radius_server.h
vendor/wpa/dist/src/rsn_supp/Makefile
vendor/wpa/dist/src/rsn_supp/tdls.c
vendor/wpa/dist/src/rsn_supp/wpa.c
vendor/wpa/dist/src/rsn_supp/wpa_ft.c
vendor/wpa/dist/src/rsn_supp/wpa_ie.c
vendor/wpa/dist/src/rsn_supp/wpa_ie.h
vendor/wpa/dist/src/tls/libtommath.c
vendor/wpa/dist/src/tls/tlsv1_client.c
vendor/wpa/dist/src/tls/tlsv1_client.h
vendor/wpa/dist/src/tls/tlsv1_server.c
vendor/wpa/dist/src/tls/tlsv1_server.h
vendor/wpa/dist/src/tls/x509v3.c
vendor/wpa/dist/src/utils/browser-wpadebug.c
vendor/wpa/dist/src/utils/common.c
vendor/wpa/dist/src/utils/common.h
vendor/wpa/dist/src/utils/eloop.c
vendor/wpa/dist/src/utils/http_curl.c
vendor/wpa/dist/src/utils/includes.h
vendor/wpa/dist/src/utils/os.h
vendor/wpa/dist/src/utils/os_internal.c
vendor/wpa/dist/src/utils/os_none.c
vendor/wpa/dist/src/utils/os_unix.c
vendor/wpa/dist/src/utils/os_win32.c
vendor/wpa/dist/src/utils/radiotap.c
vendor/wpa/dist/src/utils/utils_module_tests.c
vendor/wpa/dist/src/utils/wpa_debug.c
vendor/wpa/dist/src/utils/wpa_debug.h
vendor/wpa/dist/src/utils/wpabuf.c
vendor/wpa/dist/src/wps/Makefile
vendor/wpa/dist/src/wps/http_client.c
vendor/wpa/dist/src/wps/http_server.c
vendor/wpa/dist/src/wps/httpread.c
vendor/wpa/dist/src/wps/ndef.c
vendor/wpa/dist/src/wps/wps.c
vendor/wpa/dist/src/wps/wps.h
vendor/wpa/dist/src/wps/wps_attr_parse.c
vendor/wpa/dist/src/wps/wps_attr_parse.h
vendor/wpa/dist/src/wps/wps_common.c
vendor/wpa/dist/src/wps/wps_defs.h
vendor/wpa/dist/src/wps/wps_enrollee.c
vendor/wpa/dist/src/wps/wps_er.c
vendor/wpa/dist/src/wps/wps_er_ssdp.c
vendor/wpa/dist/src/wps/wps_module_tests.c
vendor/wpa/dist/src/wps/wps_registrar.c
vendor/wpa/dist/src/wps/wps_upnp.c
vendor/wpa/dist/src/wps/wps_upnp_ap.c
vendor/wpa/dist/src/wps/wps_upnp_event.c
vendor/wpa/dist/src/wps/wps_upnp_ssdp.c
vendor/wpa/dist/src/wps/wps_upnp_web.c
vendor/wpa/dist/src/wps/wps_validate.c
vendor/wpa/dist/wpa_supplicant/ChangeLog
vendor/wpa/dist/wpa_supplicant/Makefile
vendor/wpa/dist/wpa_supplicant/ap.c
vendor/wpa/dist/wpa_supplicant/ap.h
vendor/wpa/dist/wpa_supplicant/bss.c
vendor/wpa/dist/wpa_supplicant/bss.h
vendor/wpa/dist/wpa_supplicant/config.c
vendor/wpa/dist/wpa_supplicant/config.h
vendor/wpa/dist/wpa_supplicant/config_file.c
vendor/wpa/dist/wpa_supplicant/config_ssid.h
vendor/wpa/dist/wpa_supplicant/ctrl_iface.c
vendor/wpa/dist/wpa_supplicant/ctrl_iface_named_pipe.c
vendor/wpa/dist/wpa_supplicant/ctrl_iface_udp.c
vendor/wpa/dist/wpa_supplicant/ctrl_iface_unix.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new.h
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers.h
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_p2p.h
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_handlers_wps.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_helpers.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_new_introspect.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_old.c
vendor/wpa/dist/wpa_supplicant/dbus/dbus_old_handlers.c
vendor/wpa/dist/wpa_supplicant/defconfig
vendor/wpa/dist/wpa_supplicant/doc/docbook/eapol_test.8
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_background.8
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_cli.8
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.8
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_gui.sgml
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_passphrase.8
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_priv.8
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.8
vendor/wpa/dist/wpa_supplicant/doc/docbook/wpa_supplicant.conf.5
vendor/wpa/dist/wpa_supplicant/driver_i.h
vendor/wpa/dist/wpa_supplicant/eapol_test.c
vendor/wpa/dist/wpa_supplicant/events.c
vendor/wpa/dist/wpa_supplicant/hs20_supplicant.c
vendor/wpa/dist/wpa_supplicant/ibss_rsn.c
vendor/wpa/dist/wpa_supplicant/interworking.c
vendor/wpa/dist/wpa_supplicant/main.c
vendor/wpa/dist/wpa_supplicant/mesh.c
vendor/wpa/dist/wpa_supplicant/mesh_mpm.c
vendor/wpa/dist/wpa_supplicant/mesh_rsn.c
vendor/wpa/dist/wpa_supplicant/notify.c
vendor/wpa/dist/wpa_supplicant/notify.h
vendor/wpa/dist/wpa_supplicant/p2p_supplicant.c
vendor/wpa/dist/wpa_supplicant/p2p_supplicant.h
vendor/wpa/dist/wpa_supplicant/preauth_test.c
vendor/wpa/dist/wpa_supplicant/scan.c
vendor/wpa/dist/wpa_supplicant/sme.c
vendor/wpa/dist/wpa_supplicant/wpa_cli.c
vendor/wpa/dist/wpa_supplicant/wpa_priv.c
vendor/wpa/dist/wpa_supplicant/wpa_supplicant.c
vendor/wpa/dist/wpa_supplicant/wpa_supplicant.conf
vendor/wpa/dist/wpa_supplicant/wpa_supplicant_i.h
vendor/wpa/dist/wpa_supplicant/wpas_glue.c
vendor/wpa/dist/wpa_supplicant/wpas_glue.h
vendor/wpa/dist/wpa_supplicant/wps_supplicant.c
vendor/wpa/dist/wpa_supplicant/wps_supplicant.h
Modified: vendor/wpa/dist/hostapd/ChangeLog
==============================================================================
--- vendor/wpa/dist/hostapd/ChangeLog Wed Oct 14 02:43:04 2015 (r289283)
+++ vendor/wpa/dist/hostapd/ChangeLog Wed Oct 14 04:30:17 2015 (r289284)
@@ -1,5 +1,41 @@
ChangeLog for hostapd
+2015-09-27 - v2.5
+ * fixed WPS UPnP vulnerability with HTTP chunked transfer encoding
+ [http://w1.fi/security/2015-2/] (CVE-2015-4141)
+ * fixed WMM Action frame parser
+ [http://w1.fi/security/2015-3/] (CVE-2015-4142)
+ * fixed EAP-pwd server missing payload length validation
+ [http://w1.fi/security/2015-4/]
+ (CVE-2015-4143, CVE-2015-4144, CVE-2015-4145)
+ * fixed validation of WPS and P2P NFC NDEF record payload length
+ [http://w1.fi/security/2015-5/]
+ * nl80211:
+ - fixed vendor command handling to check OUI properly
+ * fixed hlr_auc_gw build with OpenSSL
+ * hlr_auc_gw: allow Milenage RES length to be reduced
+ * disable HT for a station that does not support WMM/QoS
+ * added support for hashed password (NtHash) in EAP-pwd server
+ * fixed and extended dynamic VLAN cases
+ * added EAP-EKE server support for deriving Session-Id
+ * set Acct-Session-Id to a random value to make it more likely to be
+ unique even if the device does not have a proper clock
+ * added more 2.4 GHz channels for 20/40 MHz HT co-ex scan
+ * modified SAE routines to be more robust and PWE generation to be
+ stronger against timing attacks
+ * added support for Brainpool Elliptic Curves with SAE
+ * increases maximum value accepted for cwmin/cwmax
+ * added support for CCMP-256 and GCMP-256 as group ciphers with FT
+ * added Fast Session Transfer (FST) module
+ * removed optional fields from RSNE when using FT with PMF
+ (workaround for interoperability issues with iOS 8.4)
+ * added EAP server support for TLS session resumption
+ * fixed key derivation for Suite B 192-bit AKM (this breaks
+ compatibility with the earlier version)
+ * added mechanism to track unconnected stations and do minimal band
+ steering
+ * number of small fixes
+
2015-03-15 - v2.4
* allow OpenSSL cipher configuration to be set for internal EAP server
(openssl_ciphers parameter)
Modified: vendor/wpa/dist/hostapd/Makefile
==============================================================================
--- vendor/wpa/dist/hostapd/Makefile Wed Oct 14 02:43:04 2015 (r289283)
+++ vendor/wpa/dist/hostapd/Makefile Wed Oct 14 04:30:17 2015 (r289284)
@@ -107,7 +107,16 @@ LIBS_h += -lrt
LIBS_n += -lrt
endif
+ifdef CONFIG_ELOOP_POLL
+CFLAGS += -DCONFIG_ELOOP_POLL
+endif
+
+ifdef CONFIG_ELOOP_EPOLL
+CFLAGS += -DCONFIG_ELOOP_EPOLL
+endif
+
OBJS += ../src/utils/common.o
+OBJS_c += ../src/utils/common.o
OBJS += ../src/utils/wpa_debug.o
OBJS_c += ../src/utils/wpa_debug.o
OBJS += ../src/utils/wpabuf.o
@@ -227,6 +236,7 @@ CFLAGS += -DCONFIG_SAE
OBJS += ../src/common/sae.o
NEED_ECC=y
NEED_DH_GROUPS=y
+NEED_AP_MLME=y
endif
ifdef CONFIG_WNM
@@ -531,8 +541,14 @@ HOBJS += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o
endif
+NEED_SHA256=y
+NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto
LIBS_h += -lcrypto
+ifdef CONFIG_TLS_ADD_DL
+LIBS += -ldl
+LIBS_h += -ldl
+endif
endif
ifeq ($(CONFIG_TLS), gnutls)
@@ -553,17 +569,6 @@ CONFIG_INTERNAL_RC4=y
CONFIG_INTERNAL_DH_GROUP5=y
endif
-ifeq ($(CONFIG_TLS), schannel)
-ifdef TLS_FUNCS
-OBJS += ../src/crypto/tls_schannel.o
-endif
-OBJS += ../src/crypto/crypto_cryptoapi.o
-OBJS_p += ../src/crypto/crypto_cryptoapi.o
-CONFIG_INTERNAL_SHA256=y
-CONFIG_INTERNAL_RC4=y
-CONFIG_INTERNAL_DH_GROUP5=y
-endif
-
ifeq ($(CONFIG_TLS), internal)
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=internal
@@ -694,8 +699,10 @@ endif
endif
ifdef NEED_AES_CBC
NEED_AES_DEC=y
+ifneq ($(CONFIG_TLS), openssl)
AESOBJS += ../src/crypto/aes-cbc.o
endif
+endif
ifdef NEED_AES_DEC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-dec.o
@@ -754,11 +761,17 @@ OBJS += ../src/crypto/des-internal.o
endif
endif
+ifdef CONFIG_NO_RC4
+CFLAGS += -DCONFIG_NO_RC4
+endif
+
ifdef NEED_RC4
ifdef CONFIG_INTERNAL_RC4
+ifndef CONFIG_NO_RC4
OBJS += ../src/crypto/rc4.o
endif
endif
+endif
ifdef NEED_SHA256
CFLAGS += -DCONFIG_SHA256
@@ -778,6 +791,7 @@ endif
endif
ifdef NEED_SHA384
CFLAGS += -DCONFIG_SHA384
+OBJS += ../src/crypto/sha384-prf.o
endif
ifdef NEED_DH_GROUPS
@@ -803,8 +817,10 @@ OBJS += ../src/crypto/random.o
HOBJS += ../src/crypto/random.o
HOBJS += ../src/utils/eloop.o
HOBJS += $(SHA1OBJS)
+ifneq ($(CONFIG_TLS), openssl)
HOBJS += ../src/crypto/md5.o
endif
+endif
ifdef CONFIG_RADIUS_SERVER
CFLAGS += -DRADIUS_SERVER
@@ -903,6 +919,21 @@ LIBS += -lsqlite3
LIBS_h += -lsqlite3
endif
+ifdef CONFIG_FST
+CFLAGS += -DCONFIG_FST
+OBJS += ../src/fst/fst.o
+OBJS += ../src/fst/fst_group.o
+OBJS += ../src/fst/fst_iface.o
+OBJS += ../src/fst/fst_session.o
+OBJS += ../src/fst/fst_ctrl_aux.o
+ifdef CONFIG_FST_TEST
+CFLAGS += -DCONFIG_FST_TEST
+endif
+ifndef CONFIG_NO_CTRL_IFACE
+OBJS += ../src/fst/fst_ctrl_iface.o
+endif
+endif
+
ALL=hostapd hostapd_cli
all: verify_config $(ALL)
@@ -965,9 +996,11 @@ NOBJS = nt_password_hash.o ../src/crypto
NOBJS += ../src/utils/common.o
ifdef NEED_RC4
ifdef CONFIG_INTERNAL_RC4
+ifndef CONFIG_NO_RC4
NOBJS += ../src/crypto/rc4.o
endif
endif
+endif
ifdef CONFIG_INTERNAL_MD5
NOBJS += ../src/crypto/md5-internal.o
endif
Modified: vendor/wpa/dist/hostapd/config_file.c
==============================================================================
--- vendor/wpa/dist/hostapd/config_file.c Wed Oct 14 02:43:04 2015 (r289283)
+++ vendor/wpa/dist/hostapd/config_file.c Wed Oct 14 04:30:17 2015 (r289284)
@@ -222,9 +222,15 @@ static int hostapd_config_read_eap_user(
return 0;
if (os_strncmp(fname, "sqlite:", 7) == 0) {
+#ifdef CONFIG_SQLITE
os_free(conf->eap_user_sqlite);
conf->eap_user_sqlite = os_strdup(fname + 7);
return 0;
+#else /* CONFIG_SQLITE */
+ wpa_printf(MSG_ERROR,
+ "EAP user file in SQLite DB, but CONFIG_SQLITE was not enabled in the build.");
+ return -1;
+#endif /* CONFIG_SQLITE */
}
f = fopen(fname, "r");
@@ -775,6 +781,24 @@ static int hostapd_config_read_wep(struc
}
+static int hostapd_parse_chanlist(struct hostapd_config *conf, char *val)
+{
+ char *pos;
+
+ /* for backwards compatibility, translate ' ' in conf str to ',' */
+ pos = val;
+ while (pos) {
+ pos = os_strchr(pos, ' ');
+ if (pos)
+ *pos++ = ',';
+ }
+ if (freq_range_list_parse(&conf->acs_ch_list, val))
+ return -1;
+
+ return 0;
+}
+
+
static int hostapd_parse_intlist(int **int_list, char *val)
{
int *list;
@@ -875,7 +899,9 @@ static int hostapd_config_read_int10(con
static int valid_cw(int cw)
{
return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 ||
- cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023);
+ cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023 ||
+ cw == 2047 || cw == 4095 || cw == 8191 || cw == 16383 ||
+ cw == 32767);
}
@@ -886,11 +912,11 @@ enum {
IEEE80211_TX_QUEUE_DATA3 = 3 /* used for EDCA AC_BK data */
};
-static int hostapd_config_tx_queue(struct hostapd_config *conf, char *name,
- char *val)
+static int hostapd_config_tx_queue(struct hostapd_config *conf,
+ const char *name, const char *val)
{
int num;
- char *pos;
+ const char *pos;
struct hostapd_tx_queue_params *queue;
/* skip 'tx_queue_' prefix */
@@ -1134,13 +1160,23 @@ static int hostapd_config_vht_capab(stru
if (os_strstr(capab, "[BF-ANTENNA-2]") &&
(conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE))
conf->vht_capab |= (1 << VHT_CAP_BEAMFORMEE_STS_OFFSET);
+ if (os_strstr(capab, "[BF-ANTENNA-3]") &&
+ (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE))
+ conf->vht_capab |= (2 << VHT_CAP_BEAMFORMEE_STS_OFFSET);
+ if (os_strstr(capab, "[BF-ANTENNA-4]") &&
+ (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE))
+ conf->vht_capab |= (3 << VHT_CAP_BEAMFORMEE_STS_OFFSET);
if (os_strstr(capab, "[SOUNDING-DIMENSION-2]") &&
(conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE))
conf->vht_capab |= (1 << VHT_CAP_SOUNDING_DIMENSION_OFFSET);
+ if (os_strstr(capab, "[SOUNDING-DIMENSION-3]") &&
+ (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE))
+ conf->vht_capab |= (2 << VHT_CAP_SOUNDING_DIMENSION_OFFSET);
+ if (os_strstr(capab, "[SOUNDING-DIMENSION-4]") &&
+ (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE))
+ conf->vht_capab |= (3 << VHT_CAP_SOUNDING_DIMENSION_OFFSET);
if (os_strstr(capab, "[MU-BEAMFORMER]"))
conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
- if (os_strstr(capab, "[MU-BEAMFORMEE]"))
- conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE;
if (os_strstr(capab, "[VHT-TXOP-PS]"))
conf->vht_capab |= VHT_CAP_VHT_TXOP_PS;
if (os_strstr(capab, "[HTC-VHT]"))
@@ -1699,7 +1735,7 @@ static int hs20_parse_osu_ssid(struct ho
char *str;
str = wpa_config_parse_string(pos, &slen);
- if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) {
+ if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) {
wpa_printf(MSG_ERROR, "Line %d: Invalid SSID '%s'", line, pos);
os_free(str);
return -1;
@@ -1900,7 +1936,7 @@ fail:
static int hostapd_config_fill(struct hostapd_config *conf,
struct hostapd_bss_config *bss,
- char *buf, char *pos, int line)
+ const char *buf, char *pos, int line)
{
if (os_strcmp(buf, "interface") == 0) {
os_strlcpy(conf->bss[0]->iface, pos,
@@ -1946,7 +1982,7 @@ static int hostapd_config_fill(struct ho
line);
} else if (os_strcmp(buf, "ssid") == 0) {
bss->ssid.ssid_len = os_strlen(pos);
- if (bss->ssid.ssid_len > HOSTAPD_MAX_SSID_LEN ||
+ if (bss->ssid.ssid_len > SSID_MAX_LEN ||
bss->ssid.ssid_len < 1) {
wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
line, pos);
@@ -1957,7 +1993,7 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "ssid2") == 0) {
size_t slen;
char *str = wpa_config_parse_string(pos, &slen);
- if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) {
+ if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) {
wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
line, pos);
os_free(str);
@@ -2043,6 +2079,8 @@ static int hostapd_config_fill(struct ho
bss->private_key_passwd = os_strdup(pos);
} else if (os_strcmp(buf, "check_crl") == 0) {
bss->check_crl = atoi(pos);
+ } else if (os_strcmp(buf, "tls_session_lifetime") == 0) {
+ bss->tls_session_lifetime = atoi(pos);
} else if (os_strcmp(buf, "ocsp_stapling_response") == 0) {
os_free(bss->ocsp_stapling_response);
bss->ocsp_stapling_response = os_strdup(pos);
@@ -2515,13 +2553,17 @@ static int hostapd_config_fill(struct ho
conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
else if (os_strcmp(pos, "ad") == 0)
conf->hw_mode = HOSTAPD_MODE_IEEE80211AD;
+ else if (os_strcmp(pos, "any") == 0)
+ conf->hw_mode = HOSTAPD_MODE_IEEE80211ANY;
else {
wpa_printf(MSG_ERROR, "Line %d: unknown hw_mode '%s'",
line, pos);
return 1;
}
} else if (os_strcmp(buf, "wps_rf_bands") == 0) {
- if (os_strcmp(pos, "a") == 0)
+ if (os_strcmp(pos, "ad") == 0)
+ bss->wps_rf_bands = WPS_RF_60GHZ;
+ else if (os_strcmp(pos, "a") == 0)
bss->wps_rf_bands = WPS_RF_50GHZ;
else if (os_strcmp(pos, "g") == 0 ||
os_strcmp(pos, "b") == 0)
@@ -2542,12 +2584,15 @@ static int hostapd_config_fill(struct ho
line);
return 1;
#else /* CONFIG_ACS */
+ conf->acs = 1;
conf->channel = 0;
#endif /* CONFIG_ACS */
- } else
+ } else {
conf->channel = atoi(pos);
+ conf->acs = conf->channel == 0;
+ }
} else if (os_strcmp(buf, "chanlist") == 0) {
- if (hostapd_parse_intlist(&conf->chanlist, pos)) {
+ if (hostapd_parse_chanlist(conf, pos)) {
wpa_printf(MSG_ERROR, "Line %d: invalid channel list",
line);
return 1;
@@ -2810,7 +2855,7 @@ static int hostapd_config_fill(struct ho
os_free(bss->wps_pin_requests);
bss->wps_pin_requests = os_strdup(pos);
} else if (os_strcmp(buf, "device_name") == 0) {
- if (os_strlen(pos) > 32) {
+ if (os_strlen(pos) > WPS_DEV_NAME_MAX_LEN) {
wpa_printf(MSG_ERROR, "Line %d: Too long "
"device_name", line);
return 1;
@@ -3111,6 +3156,8 @@ static int hostapd_config_fill(struct ho
bss->disable_dgaf = atoi(pos);
} else if (os_strcmp(buf, "proxy_arp") == 0) {
bss->proxy_arp = atoi(pos);
+ } else if (os_strcmp(buf, "na_mcast_to_ucast") == 0) {
+ bss->na_mcast_to_ucast = atoi(pos);
} else if (os_strcmp(buf, "osen") == 0) {
bss->osen = atoi(pos);
} else if (os_strcmp(buf, "anqp_domain_id") == 0) {
@@ -3223,6 +3270,24 @@ static int hostapd_config_fill(struct ho
bss->bss_load_test_set = 1;
} else if (os_strcmp(buf, "radio_measurements") == 0) {
bss->radio_measurements = atoi(pos);
+ } else if (os_strcmp(buf, "own_ie_override") == 0) {
+ struct wpabuf *tmp;
+ size_t len = os_strlen(pos) / 2;
+
+ tmp = wpabuf_alloc(len);
+ if (!tmp)
+ return 1;
+
+ if (hexstr2bin(pos, wpabuf_put(tmp, len), len)) {
+ wpabuf_free(tmp);
+ wpa_printf(MSG_ERROR,
+ "Line %d: Invalid own_ie_override '%s'",
+ line, pos);
+ return 1;
+ }
+
+ wpabuf_free(bss->own_ie_override);
+ bss->own_ie_override = tmp;
#endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strcmp(buf, "vendor_elements") == 0) {
struct wpabuf *elems;
@@ -3276,6 +3341,74 @@ static int hostapd_config_fill(struct ho
} else if (os_strcmp(buf, "wowlan_triggers") == 0) {
os_free(bss->wowlan_triggers);
bss->wowlan_triggers = os_strdup(pos);
+#ifdef CONFIG_FST
+ } else if (os_strcmp(buf, "fst_group_id") == 0) {
+ size_t len = os_strlen(pos);
+
+ if (!len || len >= sizeof(conf->fst_cfg.group_id)) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: Invalid fst_group_id value '%s'",
+ line, pos);
+ return 1;
+ }
+
+ if (conf->fst_cfg.group_id[0]) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: Duplicate fst_group value '%s'",
+ line, pos);
+ return 1;
+ }
+
+ os_strlcpy(conf->fst_cfg.group_id, pos,
+ sizeof(conf->fst_cfg.group_id));
+ } else if (os_strcmp(buf, "fst_priority") == 0) {
+ char *endp;
+ long int val;
+
+ if (!*pos) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: fst_priority value not supplied (expected 1..%u)",
+ line, FST_MAX_PRIO_VALUE);
+ return -1;
+ }
+
+ val = strtol(pos, &endp, 0);
+ if (*endp || val < 1 || val > FST_MAX_PRIO_VALUE) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: Invalid fst_priority %ld (%s) (expected 1..%u)",
+ line, val, pos, FST_MAX_PRIO_VALUE);
+ return 1;
+ }
+ conf->fst_cfg.priority = (u8) val;
+ } else if (os_strcmp(buf, "fst_llt") == 0) {
+ char *endp;
+ long int val;
+
+ if (!*pos) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: fst_llt value not supplied (expected 1..%u)",
+ line, FST_MAX_LLT_MS);
+ return -1;
+ }
+ val = strtol(pos, &endp, 0);
+ if (*endp || val < 1 || val > FST_MAX_LLT_MS) {
+ wpa_printf(MSG_ERROR,
+ "Line %d: Invalid fst_llt %ld (%s) (expected 1..%u)",
+ line, val, pos, FST_MAX_LLT_MS);
+ return 1;
+ }
+ conf->fst_cfg.llt = (u32) val;
+#endif /* CONFIG_FST */
+ } else if (os_strcmp(buf, "track_sta_max_num") == 0) {
+ conf->track_sta_max_num = atoi(pos);
+ } else if (os_strcmp(buf, "track_sta_max_age") == 0) {
+ conf->track_sta_max_age = atoi(pos);
+ } else if (os_strcmp(buf, "no_probe_resp_if_seen_on") == 0) {
+ os_free(bss->no_probe_resp_if_seen_on);
+ bss->no_probe_resp_if_seen_on = os_strdup(pos);
+ } else if (os_strcmp(buf, "no_auth_if_seen_on") == 0) {
+ os_free(bss->no_auth_if_seen_on);
+ bss->no_auth_if_seen_on = os_strdup(pos);
} else {
wpa_printf(MSG_ERROR,
"Line %d: unknown configuration item '%s'",
@@ -3378,7 +3511,8 @@ struct hostapd_config * hostapd_config_r
int hostapd_set_iface(struct hostapd_config *conf,
- struct hostapd_bss_config *bss, char *field, char *value)
+ struct hostapd_bss_config *bss, const char *field,
+ char *value)
{
int errors;
size_t i;
Modified: vendor/wpa/dist/hostapd/config_file.h
==============================================================================
--- vendor/wpa/dist/hostapd/config_file.h Wed Oct 14 02:43:04 2015 (r289283)
+++ vendor/wpa/dist/hostapd/config_file.h Wed Oct 14 04:30:17 2015 (r289284)
@@ -11,7 +11,7 @@
struct hostapd_config * hostapd_config_read(const char *fname);
int hostapd_set_iface(struct hostapd_config *conf,
- struct hostapd_bss_config *bss, char *field,
+ struct hostapd_bss_config *bss, const char *field,
char *value);
#endif /* CONFIG_FILE_H */
Modified: vendor/wpa/dist/hostapd/ctrl_iface.c
==============================================================================
--- vendor/wpa/dist/hostapd/ctrl_iface.c Wed Oct 14 02:43:04 2015 (r289283)
+++ vendor/wpa/dist/hostapd/ctrl_iface.c Wed Oct 14 04:30:17 2015 (r289284)
@@ -25,6 +25,7 @@
#include "common/ieee802_11_defs.h"
#include "crypto/tls.h"
#include "drivers/driver.h"
+#include "eapol_auth/eapol_auth_sm.h"
#include "radius/radius_client.h"
#include "radius/radius_server.h"
#include "l2_packet/l2_packet.h"
@@ -43,10 +44,13 @@
#include "ap/beacon.h"
#include "wps/wps_defs.h"
#include "wps/wps.h"
+#include "fst/fst_ctrl_iface.h"
#include "config_file.h"
#include "ctrl_iface.h"
+#define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
+
struct wpa_ctrl_dst {
struct wpa_ctrl_dst *next;
struct sockaddr_un addr;
@@ -57,6 +61,7 @@ struct wpa_ctrl_dst {
static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
+ enum wpa_msg_type type,
const char *buf, size_t len);
@@ -1055,6 +1060,97 @@ static int hostapd_ctrl_iface_bss_tm_req
#endif /* CONFIG_WNM */
+static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd,
+ char *buf, size_t buflen)
+{
+ int ret = 0;
+ char *pos, *end;
+
+ pos = buf;
+ end = buf + buflen;
+
+ WPA_ASSERT(hapd->conf->wpa_key_mgmt);
+
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
+ ret = os_snprintf(pos, end - pos, "WPA-PSK ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
+ ret = os_snprintf(pos, end - pos, "WPA-EAP ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+#ifdef CONFIG_IEEE80211R
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
+ ret = os_snprintf(pos, end - pos, "FT-PSK ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
+ ret = os_snprintf(pos, end - pos, "FT-EAP ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+#ifdef CONFIG_SAE
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
+ ret = os_snprintf(pos, end - pos, "FT-SAE ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+#endif /* CONFIG_SAE */
+#endif /* CONFIG_IEEE80211R */
+#ifdef CONFIG_IEEE80211W
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
+ ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
+ ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+#endif /* CONFIG_IEEE80211W */
+#ifdef CONFIG_SAE
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
+ ret = os_snprintf(pos, end - pos, "SAE ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+#endif /* CONFIG_SAE */
+ if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
+ ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+ if (hapd->conf->wpa_key_mgmt &
+ WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
+ ret = os_snprintf(pos, end - pos,
+ "WPA-EAP-SUITE-B-192 ");
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+
+ if (pos > buf && *(pos - 1) == ' ') {
+ *(pos - 1) = '\0';
+ pos--;
+ }
+
+ return pos - buf;
+}
+
+
static int hostapd_ctrl_iface_get_config(struct hostapd_data *hapd,
char *buf, size_t buflen)
{
@@ -1104,82 +1200,20 @@ static int hostapd_ctrl_iface_get_config
}
#endif /* CONFIG_WPS */
+ if (hapd->conf->wpa) {
+ ret = os_snprintf(pos, end - pos, "wpa=%d\n", hapd->conf->wpa);
+ if (os_snprintf_error(end - pos, ret))
+ return pos - buf;
+ pos += ret;
+ }
+
if (hapd->conf->wpa && hapd->conf->wpa_key_mgmt) {
ret = os_snprintf(pos, end - pos, "key_mgmt=");
if (os_snprintf_error(end - pos, ret))
return pos - buf;
pos += ret;
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
- ret = os_snprintf(pos, end - pos, "WPA-PSK ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
- ret = os_snprintf(pos, end - pos, "WPA-EAP ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
-#ifdef CONFIG_IEEE80211R
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
- ret = os_snprintf(pos, end - pos, "FT-PSK ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
- ret = os_snprintf(pos, end - pos, "FT-EAP ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
-#ifdef CONFIG_SAE
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
- ret = os_snprintf(pos, end - pos, "FT-SAE ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
-#endif /* CONFIG_SAE */
-#endif /* CONFIG_IEEE80211R */
-#ifdef CONFIG_IEEE80211W
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
- ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
- ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
-#endif /* CONFIG_IEEE80211W */
-#ifdef CONFIG_SAE
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
- ret = os_snprintf(pos, end - pos, "SAE ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
-#endif /* CONFIG_SAE */
- if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
- ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
- if (hapd->conf->wpa_key_mgmt &
- WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
- ret = os_snprintf(pos, end - pos,
- "WPA-EAP-SUITE-B-192 ");
- if (os_snprintf_error(end - pos, ret))
- return pos - buf;
- pos += ret;
- }
+ pos += hostapd_ctrl_iface_get_key_mgmt(hapd, pos, end - pos);
ret = os_snprintf(pos, end - pos, "\n");
if (os_snprintf_error(end - pos, ret))
@@ -1528,7 +1562,7 @@ void hostapd_data_test_rx(void *ctx, con
{
struct hostapd_data *hapd = ctx;
const struct ether_header *eth;
- const struct iphdr *ip;
+ struct iphdr ip;
const u8 *pos;
unsigned int i;
@@ -1536,14 +1570,14 @@ void hostapd_data_test_rx(void *ctx, con
return;
eth = (const struct ether_header *) buf;
- ip = (const struct iphdr *) (eth + 1);
- pos = (const u8 *) (ip + 1);
+ os_memcpy(&ip, eth + 1, sizeof(ip));
+ pos = &buf[sizeof(*eth) + sizeof(ip)];
- if (ip->ihl != 5 || ip->version != 4 ||
- ntohs(ip->tot_len) != HWSIM_IP_LEN)
+ if (ip.ihl != 5 || ip.version != 4 ||
+ ntohs(ip.tot_len) != HWSIM_IP_LEN)
return;
- for (i = 0; i < HWSIM_IP_LEN - sizeof(*ip); i++) {
+ for (i = 0; i < HWSIM_IP_LEN - sizeof(ip); i++) {
if (*pos != (u8) i)
return;
pos++;
@@ -1599,7 +1633,7 @@ static int hostapd_ctrl_iface_data_test_
int used;
long int val;
u8 tos;
- u8 buf[HWSIM_PACKETLEN];
+ u8 buf[2 + HWSIM_PACKETLEN];
struct ether_header *eth;
struct iphdr *ip;
u8 *dpos;
@@ -1627,7 +1661,7 @@ static int hostapd_ctrl_iface_data_test_
return -1;
tos = val;
- eth = (struct ether_header *) buf;
+ eth = (struct ether_header *) &buf[2];
os_memcpy(eth->ether_dhost, dst, ETH_ALEN);
os_memcpy(eth->ether_shost, src, ETH_ALEN);
eth->ether_type = htons(ETHERTYPE_IP);
@@ -1639,14 +1673,14 @@ static int hostapd_ctrl_iface_data_test_
ip->tos = tos;
ip->tot_len = htons(HWSIM_IP_LEN);
ip->protocol = 1;
- ip->saddr = htonl(192 << 24 | 168 << 16 | 1 << 8 | 1);
- ip->daddr = htonl(192 << 24 | 168 << 16 | 1 << 8 | 2);
+ ip->saddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
+ ip->daddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
ip->check = ipv4_hdr_checksum(ip, sizeof(*ip));
dpos = (u8 *) (ip + 1);
for (i = 0; i < HWSIM_IP_LEN - sizeof(*ip); i++)
*dpos++ = i;
- if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, buf,
+ if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, &buf[2],
HWSIM_PACKETLEN) < 0)
return -1;
@@ -1746,6 +1780,45 @@ static int hostapd_ctrl_get_alloc_fail(s
#endif /* WPA_TRACE_BFD */
}
+
+static int hostapd_ctrl_test_fail(struct hostapd_data *hapd, char *cmd)
+{
+#ifdef WPA_TRACE_BFD
+ extern char wpa_trace_test_fail_func[256];
+ extern unsigned int wpa_trace_test_fail_after;
+ char *pos;
+
+ wpa_trace_test_fail_after = atoi(cmd);
+ pos = os_strchr(cmd, ':');
+ if (pos) {
+ pos++;
+ os_strlcpy(wpa_trace_test_fail_func, pos,
+ sizeof(wpa_trace_test_fail_func));
+ } else {
+ wpa_trace_test_fail_after = 0;
+ }
+
+ return 0;
+#else /* WPA_TRACE_BFD */
+ return -1;
+#endif /* WPA_TRACE_BFD */
+}
+
+
+static int hostapd_ctrl_get_fail(struct hostapd_data *hapd,
+ char *buf, size_t buflen)
+{
+#ifdef WPA_TRACE_BFD
+ extern char wpa_trace_test_fail_func[256];
+ extern unsigned int wpa_trace_test_fail_after;
+
+ return os_snprintf(buf, buflen, "%u:%s", wpa_trace_test_fail_after,
+ wpa_trace_test_fail_func);
+#else /* WPA_TRACE_BFD */
+ return -1;
+#endif /* WPA_TRACE_BFD */
+}
+
#endif /* CONFIG_TESTING_OPTIONS */
@@ -1847,41 +1920,134 @@ static int hostapd_ctrl_iface_vendor(str
}
-static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
- void *sock_ctx)
+static int hostapd_ctrl_iface_eapol_reauth(struct hostapd_data *hapd,
+ const char *cmd)
{
- struct hostapd_data *hapd = eloop_ctx;
- char buf[4096];
- int res;
- struct sockaddr_un from;
- socklen_t fromlen = sizeof(from);
- char *reply;
- const int reply_size = 4096;
- int reply_len;
- int level = MSG_DEBUG;
+ u8 addr[ETH_ALEN];
+ struct sta_info *sta;
- res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
- (struct sockaddr *) &from, &fromlen);
- if (res < 0) {
- wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
- strerror(errno));
- return;
+ if (hwaddr_aton(cmd, addr))
+ return -1;
+
+ sta = ap_get_sta(hapd, addr);
+ if (!sta || !sta->eapol_sm)
+ return -1;
+
+ eapol_auth_reauthenticate(sta->eapol_sm);
+ return 0;
+}
+
+
+static int hostapd_ctrl_iface_eapol_set(struct hostapd_data *hapd, char *cmd)
+{
+ u8 addr[ETH_ALEN];
+ struct sta_info *sta;
+ char *pos = cmd, *param;
+
+ if (hwaddr_aton(pos, addr) || pos[17] != ' ')
+ return -1;
+ pos += 18;
+ param = pos;
+ pos = os_strchr(pos, ' ');
+ if (!pos)
+ return -1;
+ *pos++ = '\0';
+
+ sta = ap_get_sta(hapd, addr);
+ if (!sta || !sta->eapol_sm)
+ return -1;
+
+ return eapol_auth_set_conf(sta->eapol_sm, param, pos);
+}
+
+
+static int hostapd_ctrl_iface_log_level(struct hostapd_data *hapd, char *cmd,
+ char *buf, size_t buflen)
+{
+ char *pos, *end, *stamp;
+ int ret;
+
+ /* cmd: "LOG_LEVEL [<level>]" */
+ if (*cmd == '\0') {
+ pos = buf;
+ end = buf + buflen;
+ ret = os_snprintf(pos, end - pos, "Current level: %s\n"
+ "Timestamp: %d\n",
+ debug_level_str(wpa_debug_level),
+ wpa_debug_timestamp);
+ if (os_snprintf_error(end - pos, ret))
+ ret = 0;
+
+ return ret;
}
- buf[res] = '\0';
- if (os_strcmp(buf, "PING") == 0)
- level = MSG_EXCESSIVE;
- wpa_hexdump_ascii(level, "RX ctrl_iface", (u8 *) buf, res);
- reply = os_malloc(reply_size);
- if (reply == NULL) {
- if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
- fromlen) < 0) {
- wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
- strerror(errno));
+ while (*cmd == ' ')
+ cmd++;
+
+ stamp = os_strchr(cmd, ' ');
+ if (stamp) {
+ *stamp++ = '\0';
+ while (*stamp == ' ') {
+ stamp++;
}
- return;
}
+ if (os_strlen(cmd)) {
+ int level = str_to_debug_level(cmd);
+ if (level < 0)
+ return -1;
+ wpa_debug_level = level;
+ }
+
+ if (stamp && os_strlen(stamp))
+ wpa_debug_timestamp = atoi(stamp);
+
+ os_memcpy(buf, "OK\n", 3);
+ return 3;
+}
+
+
+#ifdef NEED_AP_MLME
+static int hostapd_ctrl_iface_track_sta_list(struct hostapd_data *hapd,
+ char *buf, size_t buflen)
+{
+ struct hostapd_iface *iface = hapd->iface;
+ char *pos, *end;
+ struct hostapd_sta_info *info;
+ struct os_reltime now;
+
+ sta_track_expire(iface, 0);
+
+ pos = buf;
+ end = buf + buflen;
+
+ os_get_reltime(&now);
+ dl_list_for_each_reverse(info, &iface->sta_seen,
+ struct hostapd_sta_info, list) {
+ struct os_reltime age;
+ int ret;
+
+ os_reltime_sub(&now, &info->last_seen, &age);
+ ret = os_snprintf(pos, end - pos, MACSTR " %u\n",
+ MAC2STR(info->addr), (unsigned int) age.sec);
+ if (os_snprintf_error(end - pos, ret))
+ break;
+ pos += ret;
+ }
+
+ return pos - buf;
+}
+#endif /* NEED_AP_MLME */
+
+
+static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd,
+ char *buf, char *reply,
+ int reply_size,
+ struct sockaddr_un *from,
+ socklen_t fromlen)
+{
+ int reply_len, res;
+
os_memcpy(reply, "OK\n", 3);
reply_len = 3;
@@ -1938,13 +2104,13 @@ static void hostapd_ctrl_iface_receive(i
reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
reply_size);
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-vendor
mailing list