Cumulative patch from commit 4a16a0bd550401a50dedfcf701f6dcc7a3598133i
4a16a0b nl80211: Add QCA vendor subcmd for NAN
f8b10c1 Fix CONFIG_AP=y build without CONFIG_P2P=y
f05cee9 P2P: Clear p2p_in_invitation on cancel
ec331d0 WNM: Fix deinit path to clean neighbor report count
679f2e7 WPS NFC: Remove NFC_RX_HANDOVER_SEL
dc39004 WPS: Remove unused WEP related functionality
9437c2d EAP-pwd peer: Fix fragmentation of PWD-Confirm-Resp
48f668e EAP-pwd: Fix memory leak on error path with fragmentation
9ff4de6 Move DROP_SA command to be within ifdef CONFIG_TESTING_OPTIONS
e1a273a Remove used KDE addition code from EAPOL-Key msg 4/4
9a147ba WNM: Fix regression in Sleep Mode exit key data parsing
76d3fb1 Remove unused wpa_sm_get_param() function
ed42993 TDLS: Add test mode for MIC failure testing
5784b9a Fix memory leaks in hostapd configuration updates
Change-Id: I7f1ec783ac791e06178f9c8b9be9119ac46aa745
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 26e64fa..6ad1ca7 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -2049,6 +2049,7 @@
#endif /* EAP_SERVER */
} else if (os_strcmp(buf, "eap_message") == 0) {
char *term;
+ os_free(bss->eap_req_id_text);
bss->eap_req_id_text = os_strdup(pos);
if (bss->eap_req_id_text == NULL) {
wpa_printf(MSG_ERROR, "Line %d: Failed to allocate memory for eap_req_id_text",
@@ -2112,6 +2113,7 @@
return 1;
}
} else if (os_strcmp(buf, "nas_identifier") == 0) {
+ os_free(bss->nas_identifier);
bss->nas_identifier = os_strdup(pos);
#ifndef CONFIG_NO_RADIUS
} else if (os_strcmp(buf, "auth_server_addr") == 0) {
@@ -2136,6 +2138,7 @@
line);
return 1;
}
+ os_free(bss->radius->auth_server->shared_secret);
bss->radius->auth_server->shared_secret = (u8 *) os_strdup(pos);
bss->radius->auth_server->shared_secret_len = len;
} else if (os_strcmp(buf, "acct_server_addr") == 0) {
@@ -2160,6 +2163,7 @@
line);
return 1;
}
+ os_free(bss->radius->acct_server->shared_secret);
bss->radius->acct_server->shared_secret = (u8 *) os_strdup(pos);
bss->radius->acct_server->shared_secret_len = len;
} else if (os_strcmp(buf, "radius_retry_primary_interval") == 0) {
@@ -2315,6 +2319,7 @@
} else if (os_strcmp(buf, "rsn_preauth") == 0) {
bss->rsn_preauth = atoi(pos);
} else if (os_strcmp(buf, "rsn_preauth_interfaces") == 0) {
+ os_free(bss->rsn_preauth_interfaces);
bss->rsn_preauth_interfaces = os_strdup(pos);
#endif /* CONFIG_RSN_PREAUTH */
#ifdef CONFIG_PEERKEY
@@ -2564,6 +2569,7 @@
}
#ifdef CONFIG_FULL_DYNAMIC_VLAN
} else if (os_strcmp(buf, "vlan_tagged_interface") == 0) {
+ os_free(bss->ssid.vlan_tagged_interface);
bss->ssid.vlan_tagged_interface = os_strdup(pos);
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
#endif /* CONFIG_NO_VLAN */
@@ -2768,6 +2774,7 @@
return 1;
}
} else if (os_strcmp(buf, "upnp_iface") == 0) {
+ os_free(bss->upnp_iface);
bss->upnp_iface = os_strdup(pos);
} else if (os_strcmp(buf, "friendly_name") == 0) {
os_free(bss->friendly_name);
diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c
index 17217a1..f165670 100644
--- a/src/ap/wps_hostapd.c
+++ b/src/ap/wps_hostapd.c
@@ -1070,18 +1070,6 @@
if (conf->ssid.security_policy == SECURITY_PLAINTEXT) {
wps->encr_types |= WPS_ENCR_NONE;
wps->auth_types |= WPS_AUTH_OPEN;
- } else if (conf->ssid.security_policy == SECURITY_STATIC_WEP) {
- wps->encr_types |= WPS_ENCR_WEP;
- if (conf->auth_algs & WPA_AUTH_ALG_OPEN)
- wps->auth_types |= WPS_AUTH_OPEN;
- if (conf->auth_algs & WPA_AUTH_ALG_SHARED)
- wps->auth_types |= WPS_AUTH_SHARED;
- } else if (conf->ssid.security_policy == SECURITY_IEEE_802_1X) {
- wps->auth_types |= WPS_AUTH_OPEN;
- if (conf->default_wep_key_len)
- wps->encr_types |= WPS_ENCR_WEP;
- else
- wps->encr_types |= WPS_ENCR_NONE;
}
if (conf->ssid.wpa_psk_file) {
@@ -1642,8 +1630,6 @@
if (encr) {
if (os_strncmp(encr, "NONE", 4) == 0)
cred.encr_type = WPS_ENCR_NONE;
- else if (os_strncmp(encr, "WEP", 3) == 0)
- cred.encr_type = WPS_ENCR_WEP;
else if (os_strncmp(encr, "TKIP", 4) == 0)
cred.encr_type = WPS_ENCR_TKIP;
else if (os_strncmp(encr, "CCMP", 4) == 0)
diff --git a/src/common/qca-vendor.h b/src/common/qca-vendor.h
index 80bad4f..cea4701 100644
--- a/src/common/qca-vendor.h
+++ b/src/common/qca-vendor.h
@@ -32,6 +32,10 @@
*
* @QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY: Command to check driver support
* for DFS offloading.
+ *
+ * @QCA_NL80211_VENDOR_SUBCMD_NAN: NAN command/event which is used to pass
+ * NAN Request/Response and NAN Indication messages. These messages are
+ * interpreted between the framework and the firmware component.
*/
enum qca_nl80211_vendor_subcmds {
QCA_NL80211_VENDOR_SUBCMD_UNSPEC = 0,
@@ -39,6 +43,7 @@
/* subcmds 2..9 not yet allocated */
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY = 10,
QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY = 11,
+ QCA_NL80211_VENDOR_SUBCMD_NAN = 12,
};
@@ -56,6 +61,8 @@
QCA_WLAN_VENDOR_ATTR_INVALID = 0,
/* used by QCA_NL80211_VENDOR_SUBCMD_DFS_CAPABILITY */
QCA_WLAN_VENDOR_ATTR_DFS = 1,
+ /* used by QCA_NL80211_VENDOR_SUBCMD_NAN */
+ QCA_WLAN_VENDOR_ATTR_NAN = 2,
/* keep last */
QCA_WLAN_VENDOR_ATTR_AFTER_LAST,
QCA_WLAN_VENDOR_ATTR_MAX = QCA_WLAN_VENDOR_ATTR_AFTER_LAST - 1,
diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
index fef4783..e4168fc 100644
--- a/src/eap_peer/eap_pwd.c
+++ b/src/eap_peer/eap_pwd.c
@@ -16,7 +16,8 @@
struct eap_pwd_data {
enum {
- PWD_ID_Req, PWD_Commit_Req, PWD_Confirm_Req, SUCCESS, FAILURE
+ PWD_ID_Req, PWD_Commit_Req, PWD_Confirm_Req,
+ SUCCESS_ON_FRAG_COMPLETION, SUCCESS, FAILURE
} state;
u8 *id_peer;
size_t id_peer_len;
@@ -57,6 +58,8 @@
return "PWD-Commit-Req";
case PWD_Confirm_Req:
return "PWD-Confirm-Req";
+ case SUCCESS_ON_FRAG_COMPLETION:
+ return "SUCCESS_ON_FRAG_COMPLETION";
case SUCCESS:
return "SUCCESS";
case FAILURE:
@@ -161,6 +164,8 @@
BN_free(data->grp->prime);
os_free(data->grp);
}
+ wpabuf_free(data->inbuf);
+ wpabuf_free(data->outbuf);
os_free(data);
}
@@ -658,13 +663,12 @@
os_free(cruft);
BN_free(x);
BN_free(y);
- ret->methodState = METHOD_DONE;
if (data->outbuf == NULL) {
+ ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL;
eap_pwd_state(data, FAILURE);
} else {
- ret->decision = DECISION_UNCOND_SUCC;
- eap_pwd_state(data, SUCCESS);
+ eap_pwd_state(data, SUCCESS_ON_FRAG_COMPLETION);
}
}
@@ -741,6 +745,11 @@
wpa_printf(MSG_DEBUG, "EAP-pwd: Send %s fragment of %d bytes",
data->out_frag_pos == 0 ? "last" : "next",
(int) len);
+ if (data->state == SUCCESS_ON_FRAG_COMPLETION) {
+ ret->methodState = METHOD_DONE;
+ ret->decision = DECISION_UNCOND_SUCC;
+ eap_pwd_state(data, SUCCESS);
+ }
return resp;
}
@@ -773,6 +782,7 @@
(int) data->in_frag_pos,
(int) wpabuf_len(data->inbuf));
wpabuf_free(data->inbuf);
+ data->inbuf = NULL;
data->in_frag_pos = 0;
return NULL;
}
@@ -824,6 +834,7 @@
*/
if (data->in_frag_pos) {
wpabuf_free(data->inbuf);
+ data->inbuf = NULL;
data->in_frag_pos = 0;
}
@@ -871,6 +882,11 @@
wpabuf_free(data->outbuf);
data->outbuf = NULL;
data->out_frag_pos = 0;
+ if (data->state == SUCCESS_ON_FRAG_COMPLETION) {
+ ret->methodState = METHOD_DONE;
+ ret->decision = DECISION_UNCOND_SUCC;
+ eap_pwd_state(data, SUCCESS);
+ }
}
return resp;
diff --git a/src/eap_peer/eap_wsc.c b/src/eap_peer/eap_wsc.c
index 6bdd341..23e9823 100644
--- a/src/eap_peer/eap_wsc.c
+++ b/src/eap_peer/eap_wsc.c
@@ -106,8 +106,10 @@
}
if (os_strncmp(pos + 9, "NONE", 4) == 0)
cred->encr_type = WPS_ENCR_NONE;
+#ifdef CONFIG_TESTING_OPTIONS
else if (os_strncmp(pos + 9, "WEP", 3) == 0)
cred->encr_type = WPS_ENCR_WEP;
+#endif /* CONFIG_TESTING_OPTIONS */
else if (os_strncmp(pos + 9, "TKIP", 4) == 0)
cred->encr_type = WPS_ENCR_TKIP;
else if (os_strncmp(pos + 9, "CCMP", 4) == 0)
diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c
index b61061b..3467dd1 100644
--- a/src/eap_server/eap_server_pwd.c
+++ b/src/eap_server/eap_server_pwd.c
@@ -150,6 +150,8 @@
BN_free(data->grp->prime);
os_free(data->grp);
}
+ wpabuf_free(data->inbuf);
+ wpabuf_free(data->outbuf);
os_free(data);
}
@@ -523,6 +525,7 @@
*/
if (data->out_frag_pos >= wpabuf_len(data->outbuf)) {
wpabuf_free(data->outbuf);
+ data->outbuf = NULL;
data->out_frag_pos = 0;
}
@@ -949,6 +952,7 @@
*/
if (data->in_frag_pos) {
wpabuf_free(data->inbuf);
+ data->inbuf = NULL;
data->in_frag_pos = 0;
}
}
diff --git a/src/rsn_supp/peerkey.c b/src/rsn_supp/peerkey.c
index cb86dfb..88550e4 100644
--- a/src/rsn_supp/peerkey.c
+++ b/src/rsn_supp/peerkey.c
@@ -858,7 +858,7 @@
if (wpa_supplicant_send_4_of_4(sm, peerkey->addr, key, ver,
WPA_GET_BE16(key->key_info),
- NULL, 0, &peerkey->stk))
+ &peerkey->stk))
return;
_key = (u8 *) peerkey->stk.tk1;
diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
index 62a2a59..ea29369 100644
--- a/src/rsn_supp/tdls.c
+++ b/src/rsn_supp/tdls.c
@@ -33,6 +33,7 @@
#define TDLS_TESTING_NO_TPK_EXPIRATION BIT(8)
#define TDLS_TESTING_DECLINE_RESP BIT(9)
#define TDLS_TESTING_IGNORE_AP_PROHIBIT BIT(10)
+#define TDLS_TESTING_WRONG_MIC BIT(11)
unsigned int tdls_testing = 0;
#endif /* CONFIG_TDLS_TESTING */
@@ -1213,6 +1214,12 @@
/* compute MIC before sending */
wpa_tdls_ftie_mic(peer->tpk.kck, 2, (u8 *) lnkid, peer->rsnie_p,
(u8 *) &timeoutie, (u8 *) ftie, ftie->mic);
+#ifdef CONFIG_TDLS_TESTING
+ if (tdls_testing & TDLS_TESTING_WRONG_MIC) {
+ wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong MIC");
+ ftie->mic[0] ^= 0x01;
+ }
+#endif /* CONFIG_TDLS_TESTING */
skip_ies:
status = wpa_tdls_tpk_send(sm, src_addr, WLAN_TDLS_SETUP_RESPONSE,
@@ -1296,6 +1303,12 @@
/* compute MIC before sending */
wpa_tdls_ftie_mic(peer->tpk.kck, 3, (u8 *) lnkid, peer->rsnie_p,
(u8 *) &timeoutie, (u8 *) ftie, ftie->mic);
+#ifdef CONFIG_TDLS_TESTING
+ if (tdls_testing & TDLS_TESTING_WRONG_MIC) {
+ wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong MIC");
+ ftie->mic[0] ^= 0x01;
+ }
+#endif /* CONFIG_TDLS_TESTING */
if (peer->vht_capabilities)
peer_capab |= TDLS_PEER_VHT;
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 77d7991..5c00726 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -1020,27 +1020,20 @@
* @key: Pointer to the EAPOL-Key frame header
* @ver: Version bits from EAPOL-Key Key Info
* @key_info: Key Info
- * @kde: KDEs to include the EAPOL-Key frame
- * @kde_len: Length of KDEs
* @ptk: PTK to use for keyed hash and encryption
* Returns: 0 on success, -1 on failure
*/
int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
const struct wpa_eapol_key *key,
u16 ver, u16 key_info,
- const u8 *kde, size_t kde_len,
struct wpa_ptk *ptk)
{
size_t rlen;
struct wpa_eapol_key *reply;
u8 *rbuf;
- if (kde)
- wpa_hexdump(MSG_DEBUG, "WPA: KDE for msg 4/4", kde, kde_len);
-
rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, NULL,
- sizeof(*reply) + kde_len,
- &rlen, (void *) &reply);
+ sizeof(*reply), &rlen, (void *) &reply);
if (rbuf == NULL)
return -1;
@@ -1057,9 +1050,7 @@
os_memcpy(reply->replay_counter, key->replay_counter,
WPA_REPLAY_COUNTER_LEN);
- WPA_PUT_BE16(reply->key_data_length, kde_len);
- if (kde)
- os_memcpy(reply + 1, kde, kde_len);
+ WPA_PUT_BE16(reply->key_data_length, 0);
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Sending EAPOL-Key 4/4");
wpa_eapol_key_send(sm, ptk->kck, ver, dst, ETH_P_EAPOL,
@@ -1140,7 +1131,7 @@
#endif /* CONFIG_P2P */
if (wpa_supplicant_send_4_of_4(sm, sm->bssid, key, ver, key_info,
- NULL, 0, &sm->ptk)) {
+ &sm->ptk)) {
goto failed;
}
@@ -2396,44 +2387,6 @@
/**
- * wpa_sm_get_param - Get WPA state machine parameters
- * @sm: Pointer to WPA state machine data from wpa_sm_init()
- * @param: Parameter field
- * Returns: Parameter value
- */
-unsigned int wpa_sm_get_param(struct wpa_sm *sm, enum wpa_sm_conf_params param)
-{
- if (sm == NULL)
- return 0;
-
- switch (param) {
- case RSNA_PMK_LIFETIME:
- return sm->dot11RSNAConfigPMKLifetime;
- case RSNA_PMK_REAUTH_THRESHOLD:
- return sm->dot11RSNAConfigPMKReauthThreshold;
- case RSNA_SA_TIMEOUT:
- return sm->dot11RSNAConfigSATimeout;
- case WPA_PARAM_PROTO:
- return sm->proto;
- case WPA_PARAM_PAIRWISE:
- return sm->pairwise_cipher;
- case WPA_PARAM_GROUP:
- return sm->group_cipher;
- case WPA_PARAM_KEY_MGMT:
- return sm->key_mgmt;
-#ifdef CONFIG_IEEE80211W
- case WPA_PARAM_MGMT_GROUP:
- return sm->mgmt_group_cipher;
-#endif /* CONFIG_IEEE80211W */
- case WPA_PARAM_RSN_ENABLED:
- return sm->rsn_enabled;
- default:
- return 0;
- }
-}
-
-
-/**
* wpa_sm_get_status - Get WPA state machine
* @sm: Pointer to WPA state machine data from wpa_sm_init()
* @buf: Buffer for status information
@@ -2674,6 +2627,7 @@
}
+#ifdef CONFIG_TESTING_OPTIONS
void wpa_sm_drop_sa(struct wpa_sm *sm)
{
wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: Clear old PMK and PTK");
@@ -2683,6 +2637,7 @@
os_memset(&sm->ptk, 0, sizeof(sm->ptk));
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
}
+#endif /* CONFIG_TESTING_OPTIONS */
int wpa_sm_has_ptk(struct wpa_sm *sm)
diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index df10342..61d441a 100644
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -123,8 +123,6 @@
int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param,
unsigned int value);
-unsigned int wpa_sm_get_param(struct wpa_sm *sm,
- enum wpa_sm_conf_params param);
int wpa_sm_get_status(struct wpa_sm *sm, char *buf, size_t buflen,
int verbose);
@@ -240,12 +238,6 @@
return -1;
}
-static inline unsigned int wpa_sm_get_param(struct wpa_sm *sm,
- enum wpa_sm_conf_params param)
-{
- return 0;
-}
-
static inline int wpa_sm_get_status(struct wpa_sm *sm, char *buf,
size_t buflen, int verbose)
{
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index f2fd285..e20e9da 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -321,7 +321,6 @@
int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
const struct wpa_eapol_key *key,
u16 ver, u16 key_info,
- const u8 *kde, size_t kde_len,
struct wpa_ptk *ptk);
int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
diff --git a/src/wps/wps_defs.h b/src/wps/wps_defs.h
index a5ba254..f483e2e 100644
--- a/src/wps/wps_defs.h
+++ b/src/wps/wps_defs.h
@@ -179,7 +179,7 @@
/* Authentication Type Flags */
#define WPS_AUTH_OPEN 0x0001
#define WPS_AUTH_WPAPSK 0x0002
-#define WPS_AUTH_SHARED 0x0004
+#define WPS_AUTH_SHARED 0x0004 /* deprecated */
#define WPS_AUTH_WPA 0x0008
#define WPS_AUTH_WPA2 0x0010
#define WPS_AUTH_WPA2PSK 0x0020
@@ -188,7 +188,7 @@
/* Encryption Type Flags */
#define WPS_ENCR_NONE 0x0001
-#define WPS_ENCR_WEP 0x0002
+#define WPS_ENCR_WEP 0x0002 /* deprecated */
#define WPS_ENCR_TKIP 0x0004
#define WPS_ENCR_AES 0x0008
#define WPS_ENCR_TYPES (WPS_ENCR_NONE | WPS_ENCR_WEP | WPS_ENCR_TKIP | \
diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
index c47ec46..b917e6b 100644
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -1599,8 +1599,6 @@
wps->auth_type = WPS_AUTH_WPAPSK;
else if (wps->auth_type & WPS_AUTH_OPEN)
wps->auth_type = WPS_AUTH_OPEN;
- else if (wps->auth_type & WPS_AUTH_SHARED)
- wps->auth_type = WPS_AUTH_SHARED;
else {
wpa_printf(MSG_DEBUG, "WPS: Unsupported auth_type 0x%x",
wps->auth_type);
@@ -1620,10 +1618,12 @@
return -1;
}
} else {
- if (wps->encr_type & WPS_ENCR_WEP)
- wps->encr_type = WPS_ENCR_WEP;
- else if (wps->encr_type & WPS_ENCR_NONE)
+ if (wps->encr_type & WPS_ENCR_NONE)
wps->encr_type = WPS_ENCR_NONE;
+#ifdef CONFIG_TESTING_OPTIONS
+ else if (wps->encr_type & WPS_ENCR_WEP)
+ wps->encr_type = WPS_ENCR_WEP;
+#endif /* CONFIG_TESTING_OPTIONS */
else {
wpa_printf(MSG_DEBUG, "WPS: No suitable encryption "
"type for non-WPA/WPA2 mode");
diff --git a/wpa_supplicant/README-WPS b/wpa_supplicant/README-WPS
index a33b0f0..b884f67 100644
--- a/wpa_supplicant/README-WPS
+++ b/wpa_supplicant/README-WPS
@@ -381,17 +381,6 @@
message for the specified AP when wpa_supplicant is operating as a WPS
ER.
-"nfc_rx_handover_req <hexdump of payload>" is used to indicate receipt
-of NFC connection handover request. The payload may include multiple
-carriers the the applicable ones are matched based on the media
-type. The reply data is contents for the Handover Select Message
-(hexdump).
-
-"nfc_rx_handover_sel <hexdump of payload>" is used to indicate receipt
-of NFC connection handover select. The payload may include multiple
-carriers the the applicable ones are matched based on the media
-type.
-
"nfc_report_handover <INIT/RESP> WPS <carrier from handover request>
<carrier from handover select>" can be used as an alternative way for
reporting completed NFC connection handover. The first parameter
diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c
index e7d59de..b02c424 100644
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
@@ -48,6 +48,7 @@
struct hostapd_config *conf,
struct hostapd_hw_modes *mode)
{
+#ifdef CONFIG_P2P
u8 center_chan = 0;
u8 channel = conf->channel;
@@ -66,6 +67,10 @@
no_vht:
conf->vht_oper_centr_freq_seg0_idx =
channel + conf->secondary_channel * 2;
+#else /* CONFIG_P2P */
+ conf->vht_oper_centr_freq_seg0_idx =
+ conf->channel + conf->secondary_channel * 2;
+#endif /* CONFIG_P2P */
}
#endif /* CONFIG_IEEE80211N */
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index 13c0830..f50154e 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -1094,33 +1094,6 @@
}
-static int wpas_ctrl_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s,
- char *cmd)
-{
- size_t len;
- struct wpabuf *buf;
- int ret;
-
- len = os_strlen(cmd);
- if (len & 0x01)
- return -1;
- len /= 2;
-
- buf = wpabuf_alloc(len);
- if (buf == NULL)
- return -1;
- if (hexstr2bin(cmd, wpabuf_put(buf, len), len) < 0) {
- wpabuf_free(buf);
- return -1;
- }
-
- ret = wpas_wps_nfc_rx_handover_sel(wpa_s, buf);
- wpabuf_free(buf);
-
- return ret;
-}
-
-
static int wpas_ctrl_nfc_report_handover(struct wpa_supplicant *wpa_s,
char *cmd)
{
@@ -3819,6 +3792,7 @@
}
+#ifdef CONFIG_TESTING_OPTIONS
static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s)
{
wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication");
@@ -3840,6 +3814,7 @@
MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
wpa_sm_drop_sa(wpa_s->wpa);
}
+#endif /* CONFIG_TESTING_OPTIONS */
static int wpa_supplicant_ctrl_iface_roam(struct wpa_supplicant *wpa_s,
@@ -5594,6 +5569,7 @@
wpa_dbg(wpa_s, MSG_DEBUG, "Flush all wpa_supplicant state");
#ifdef CONFIG_P2P
+ wpas_p2p_cancel(wpa_s);
wpas_p2p_stop_find(wpa_s);
p2p_ctrl_flush(wpa_s);
wpas_p2p_group_remove(wpa_s, "*");
@@ -6069,8 +6045,7 @@
os_strlen(WPA_CTRL_RSP)) == 0 ?
WPA_CTRL_RSP : "SET_NETWORK");
} else if (os_strncmp(buf, "WPS_NFC_TAG_READ", 16) == 0 ||
- os_strncmp(buf, "NFC_REPORT_HANDOVER", 19) == 0 ||
- os_strncmp(buf, "NFC_RX_HANDOVER_SEL", 19) == 0) {
+ os_strncmp(buf, "NFC_REPORT_HANDOVER", 19) == 0) {
wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
(const u8 *) buf, os_strlen(buf));
} else {
@@ -6208,9 +6183,6 @@
} else if (os_strncmp(buf, "NFC_GET_HANDOVER_SEL ", 21) == 0) {
reply_len = wpas_ctrl_nfc_get_handover_sel(
wpa_s, buf + 21, reply, reply_size);
- } else if (os_strncmp(buf, "NFC_RX_HANDOVER_SEL ", 20) == 0) {
- if (wpas_ctrl_nfc_rx_handover_sel(wpa_s, buf + 20))
- reply_len = -1;
} else if (os_strncmp(buf, "NFC_REPORT_HANDOVER ", 20) == 0) {
if (wpas_ctrl_nfc_report_handover(wpa_s, buf + 20))
reply_len = -1;
@@ -6540,8 +6512,10 @@
wpas_notify_suspend(wpa_s->global);
} else if (os_strcmp(buf, "RESUME") == 0) {
wpas_notify_resume(wpa_s->global);
+#ifdef CONFIG_TESTING_OPTIONS
} else if (os_strcmp(buf, "DROP_SA") == 0) {
wpa_supplicant_ctrl_iface_drop_sa(wpa_s);
+#endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strncmp(buf, "ROAM ", 5) == 0) {
if (wpa_supplicant_ctrl_iface_roam(wpa_s, buf + 5))
reply_len = -1;
diff --git a/wpa_supplicant/dbus/dbus_new.c b/wpa_supplicant/dbus/dbus_new.c
index a0653f0..aab2225 100644
--- a/wpa_supplicant/dbus/dbus_new.c
+++ b/wpa_supplicant/dbus/dbus_new.c
@@ -709,9 +709,9 @@
DBusMessage *msg;
DBusMessageIter iter, dict_iter;
struct wpas_dbus_priv *iface;
- char *auth_type[6]; /* we have six possible authorization types */
+ char *auth_type[5]; /* we have five possible authentication types */
int at_num = 0;
- char *encr_type[4]; /* we have four possible encryption types */
+ char *encr_type[3]; /* we have three possible encryption types */
int et_num = 0;
iface = wpa_s->global->dbus;
@@ -734,20 +734,15 @@
auth_type[at_num++] = "open";
if (cred->auth_type & WPS_AUTH_WPAPSK)
auth_type[at_num++] = "wpa-psk";
- if (cred->auth_type & WPS_AUTH_SHARED)
- auth_type[at_num++] = "shared";
if (cred->auth_type & WPS_AUTH_WPA)
auth_type[at_num++] = "wpa-eap";
if (cred->auth_type & WPS_AUTH_WPA2)
auth_type[at_num++] = "wpa2-eap";
if (cred->auth_type & WPS_AUTH_WPA2PSK)
- auth_type[at_num++] =
- "wpa2-psk";
+ auth_type[at_num++] = "wpa2-psk";
if (cred->encr_type & WPS_ENCR_NONE)
encr_type[et_num++] = "none";
- if (cred->encr_type & WPS_ENCR_WEP)
- encr_type[et_num++] = "wep";
if (cred->encr_type & WPS_ENCR_TKIP)
encr_type[et_num++] = "tkip";
if (cred->encr_type & WPS_ENCR_AES)
diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 303b7fe..49b2cd2 100644
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -823,6 +823,7 @@
wpa_s->global->p2p_group_formation = NULL;
wpa_s->p2p_in_provisioning = 0;
}
+ wpa_s->p2p_in_invitation = 0;
if (!success) {
wpa_msg_global(wpa_s->parent, MSG_INFO,
@@ -6480,6 +6481,11 @@
wpas_p2p_group_delete(wpa_s,
P2P_GROUP_REMOVAL_REQUESTED);
break;
+ } else if (wpa_s->p2p_in_invitation) {
+ wpa_printf(MSG_DEBUG, "P2P: Interface %s in invitation found - cancelling",
+ wpa_s->ifname);
+ found = 1;
+ wpas_p2p_group_formation_failed(wpa_s);
}
}
@@ -6669,6 +6675,7 @@
wpa_s->p2p_go_group_formation_completed = 1;
wpa_s->global->p2p_group_formation = NULL;
wpa_s->p2p_in_provisioning = 0;
+ wpa_s->p2p_in_invitation = 0;
}
wpa_s->global->p2p_go_wait_client.sec = 0;
if (addr == NULL)
diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
index 7db6eb6..1ca4c71 100644
--- a/wpa_supplicant/wnm_sta.c
+++ b/wpa_supplicant/wnm_sta.c
@@ -235,16 +235,20 @@
const u8 *frm, int len)
{
/*
- * Action [1] | Diaglog Token [1] | Key Data Len [2] | Key Data |
+ * Action [1] | Dialog Token [1] | Key Data Len [2] | Key Data |
* WNM-Sleep Mode IE | TFS Response IE
*/
u8 *pos = (u8 *) frm; /* point to payload after the action field */
- u16 key_len_total = le_to_host16(*((u16 *)(frm+2)));
+ u16 key_len_total;
struct wnm_sleep_element *wnmsleep_ie = NULL;
/* multiple TFS Resp IE (assuming consecutive) */
u8 *tfsresp_ie_start = NULL;
u8 *tfsresp_ie_end = NULL;
+ if (len < 3)
+ return;
+ key_len_total = WPA_GET_LE16(frm + 1);
+
wpa_printf(MSG_DEBUG, "WNM-Sleep Mode Response token=%u key_len_total=%d",
frm[0], key_len_total);
pos += 3 + key_len_total;
@@ -315,6 +319,7 @@
os_free(wpa_s->wnm_neighbor_report_elements[i].mul_bssid);
}
+ wpa_s->wnm_num_neighbor_report = 0;
os_free(wpa_s->wnm_neighbor_report_elements);
wpa_s->wnm_neighbor_report_elements = NULL;
}
diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c
index 83817f9..28e186e 100644
--- a/wpa_supplicant/wpa_cli.c
+++ b/wpa_supplicant/wpa_cli.c
@@ -842,32 +842,6 @@
}
-static int wpa_cli_cmd_nfc_rx_handover_sel(struct wpa_ctrl *ctrl, int argc,
- char *argv[])
-{
- int ret;
- char *buf;
- size_t buflen;
-
- if (argc != 1) {
- printf("Invalid 'nfc_rx_handover_sel' command - one argument "
- "is required.\n");
- return -1;
- }
-
- buflen = 21 + os_strlen(argv[0]);
- buf = os_malloc(buflen);
- if (buf == NULL)
- return -1;
- os_snprintf(buf, buflen, "NFC_RX_HANDOVER_SEL %s", argv[0]);
-
- ret = wpa_ctrl_command(ctrl, buf);
- os_free(buf);
-
- return ret;
-}
-
-
static int wpa_cli_cmd_nfc_report_handover(struct wpa_ctrl *ctrl, int argc,
char *argv[])
{
@@ -1738,10 +1712,12 @@
}
+#ifdef CONFIG_TESTING_OPTIONS
static int wpa_cli_cmd_drop_sa(struct wpa_ctrl *ctrl, int argc, char *argv[])
{
return wpa_ctrl_command(ctrl, "DROP_SA");
}
+#endif /* CONFIG_TESTING_OPTIONS */
static int wpa_cli_cmd_roam(struct wpa_ctrl *ctrl, int argc, char *argv[])
@@ -2702,9 +2678,6 @@
{ "nfc_get_handover_sel", wpa_cli_cmd_nfc_get_handover_sel, NULL,
cli_cmd_flag_none,
"<NDEF> <WPS> = create NFC handover select" },
- { "nfc_rx_handover_sel", wpa_cli_cmd_nfc_rx_handover_sel, NULL,
- cli_cmd_flag_none,
- "<hexdump of payload> = report received NFC handover select" },
{ "nfc_report_handover", wpa_cli_cmd_nfc_report_handover, NULL,
cli_cmd_flag_none,
"<role> <type> <hexdump of req> <hexdump of sel> = report completed "
@@ -2768,8 +2741,10 @@
"= notification of suspend/hibernate" },
{ "resume", wpa_cli_cmd_resume, NULL, cli_cmd_flag_none,
"= notification of resume/thaw" },
+#ifdef CONFIG_TESTING_OPTIONS
{ "drop_sa", wpa_cli_cmd_drop_sa, NULL, cli_cmd_flag_none,
"= drop SA without deauth/disassoc (test command)" },
+#endif /* CONFIG_TESTING_OPTIONS */
{ "roam", wpa_cli_cmd_roam, wpa_cli_complete_bss,
cli_cmd_flag_none,
"<addr> = roam to the specified BSS" },
diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c
index dfcc069..22b8e71 100644
--- a/wpa_supplicant/wps_supplicant.c
+++ b/wpa_supplicant/wps_supplicant.c
@@ -278,7 +278,6 @@
{
struct wpa_supplicant *wpa_s = ctx;
struct wpa_ssid *ssid = wpa_s->current_ssid;
- u8 key_idx = 0;
u16 auth_type;
#ifdef CONFIG_WPS_REG_DISABLE_OPEN
int registrar = 0;
@@ -324,7 +323,6 @@
}
if (auth_type != WPS_AUTH_OPEN &&
- auth_type != WPS_AUTH_SHARED &&
auth_type != WPS_AUTH_WPAPSK &&
auth_type != WPS_AUTH_WPA2PSK) {
wpa_printf(MSG_DEBUG, "WPS: Ignored credentials for "
@@ -387,38 +385,6 @@
switch (cred->encr_type) {
case WPS_ENCR_NONE:
break;
- case WPS_ENCR_WEP:
- if (cred->key_len <= 0)
- break;
- if (cred->key_len != 5 && cred->key_len != 13 &&
- cred->key_len != 10 && cred->key_len != 26) {
- wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key length "
- "%lu", (unsigned long) cred->key_len);
- return -1;
- }
- if (cred->key_idx > NUM_WEP_KEYS) {
- wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key index %d",
- cred->key_idx);
- return -1;
- }
- if (cred->key_idx)
- key_idx = cred->key_idx - 1;
- if (cred->key_len == 10 || cred->key_len == 26) {
- if (hexstr2bin((char *) cred->key,
- ssid->wep_key[key_idx],
- cred->key_len / 2) < 0) {
- wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key "
- "%d", key_idx);
- return -1;
- }
- ssid->wep_key_len[key_idx] = cred->key_len / 2;
- } else {
- os_memcpy(ssid->wep_key[key_idx], cred->key,
- cred->key_len);
- ssid->wep_key_len[key_idx] = cred->key_len;
- }
- ssid->wep_tx_keyidx = key_idx;
- break;
case WPS_ENCR_TKIP:
ssid->pairwise_cipher = WPA_CIPHER_TKIP;
break;
@@ -443,11 +409,6 @@
}
#endif /* CONFIG_WPS_REG_DISABLE_OPEN */
break;
- case WPS_AUTH_SHARED:
- ssid->auth_alg = WPA_AUTH_ALG_SHARED;
- ssid->key_mgmt = WPA_KEY_MGMT_NONE;
- ssid->proto = 0;
- break;
case WPS_AUTH_WPAPSK:
ssid->auth_alg = WPA_AUTH_ALG_OPEN;
ssid->key_mgmt = WPA_KEY_MGMT_PSK;
@@ -1920,8 +1881,10 @@
if (os_strcmp(settings->encr, "NONE") == 0)
cred.encr_type = WPS_ENCR_NONE;
+#ifdef CONFIG_TESTING_OPTIONS
else if (os_strcmp(settings->encr, "WEP") == 0)
cred.encr_type = WPS_ENCR_WEP;
+#endif /* CONFIG_TESTING_OPTIONS */
else if (os_strcmp(settings->encr, "TKIP") == 0)
cred.encr_type = WPS_ENCR_TKIP;
else if (os_strcmp(settings->encr, "CCMP") == 0)
@@ -2399,8 +2362,8 @@
}
-int wpas_wps_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s,
- const struct wpabuf *data)
+static int wpas_wps_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s,
+ const struct wpabuf *data)
{
struct wpabuf *wps;
int ret = -1;
diff --git a/wpa_supplicant/wps_supplicant.h b/wpa_supplicant/wps_supplicant.h
index 39df2fb..2263512 100644
--- a/wpa_supplicant/wps_supplicant.h
+++ b/wpa_supplicant/wps_supplicant.h
@@ -75,8 +75,6 @@
int ndef);
struct wpabuf * wpas_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
int ndef, int cr, const char *uuid);
-int wpas_wps_nfc_rx_handover_sel(struct wpa_supplicant *wpa_s,
- const struct wpabuf *data);
int wpas_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
const struct wpabuf *req,
const struct wpabuf *sel);