[wpa_supplicant] Cumulative patch from 6151c9b90
Bug: 130813391
Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic.
Test: Able to turn on/off softap, associate wifi STA, run traffic.
Test: DPP test: act.py -c ../WifiDppConfig.json -tc WifiDppTest
Test: Regression test passed (Bug: 130831127)
6151c9b90 EAP-pwd server: Remove unused srandom() call
d2d1a324c EAP-pwd peer: Fix reassembly buffer handling
fe76f487e EAP-pwd server: Fix reassembly buffer handling
a9d224f56 EAP-pwd server: Fix a memory leak on error path
90ee1bf5f EAP-MSCHAPv2: Propagate GetAsymetricStartKey() failures up from getKey()
824cb5a53 RSN: Ignore IGTK configuration errors with swapped KeyID values
dfdabd917 RSN: Report completion only after IGTK configuration
bce3d4f70 autoscan: Disable when we move above WPA_SCANNING state
eb3234c07 SAE: Use open authentication to reassociate for PMKSA caching
fe01cd006 Fix FILS ERP association event with 4-way HS offload drivers
323a51cc0 nl80211: Handle NL80211_CMD_PROBE_CLIENT command response
28f19a3ae nl80211: More detailed PROBE_CLIENT debug print
31cf52bf2 Do not clear FT IEs twice in sme_deinit()
01ac337b3 Stop SA Query on disconnection
7a206c504 Add debug print on stopping SA Query procedure
710c69238 P2PS: Cleanup pending_p2ps_group flag
0be8b9238 mka: Avoid memory leak in unexpected case in RECEIVE
984d5b7e1 mesh: Fix random llid generation in an error case
10cf866ba mesh: Fix operations after SAE state machine removing the STA
153d4c501 mesh: Fix SAE reauthentication processing
2f6805139 Fix hostapd BSS_TM_REQ handling of bss_term parameter
e6ac47b47 Fix debug print in GET_PREF_FREQ_LIST handler
2e70e807c D-Bus: Fix P2P GroupStarted signal not to use uninitialized IP buffer
c5fff8bbd nl80211: Update assoc_freq and bss->freq based on real association info
091c22771 nl80211: Clear bss->freq on station mode disconnection
cb5db189e Remove the unused crypto_ec_cofactor() function
8b093db2c EAP-pwd: Remove unused checks for cofactor > 1 cases
92e1b96c2 EAP-pwd: Disallow ECC groups with a prime under 256 bits
6fe3ee722 tests: EAP-pwd local failure in crypto_bignum_rand()
6570949b2 OpenSSL: Fix server side openssl_ecdh_curves configuration with 1.0.2
52b1cb5d7 tests: crypto_hash_finish() failure in eap_pwd_kdf()
56ac1f9df RRM: Set last beacon report indication in the last element only
6f484978f Document BSS expiration configurables
8f36c84a2 bsd: Fix a typo in error message
dd1a8cef4 Remove unnecessary copying of SSID and BSSID for external_auth
4ffb0fefe hostapd: Support external authentication offload in AP mode
236e793e7 nl80211: External authentication in driver-based AP SME mode
2ab19f4be Reset beacon_set_done on disabling interface
Change-Id: I5642b46d79aee83dd4f4307bf781d57b318831bd
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 23423d9..e7c8f31 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2156,17 +2156,19 @@
* use %WLAN_STATUS_UNSPECIFIED_FAILURE if wpa_supplicant cannot give
* the real status code for failures. Used only for the request interface
* from user space to the driver.
+ * @pmkid: Generated PMKID as part of external auth exchange (e.g., SAE).
*/
struct external_auth {
enum {
EXT_AUTH_START,
EXT_AUTH_ABORT,
} action;
- u8 bssid[ETH_ALEN];
- u8 ssid[SSID_MAX_LEN];
+ const u8 *bssid;
+ const u8 *ssid;
size_t ssid_len;
unsigned int key_mgmt_suite;
u16 status;
+ const u8 *pmkid;
};
/**
diff --git a/src/drivers/driver_bsd.c b/src/drivers/driver_bsd.c
index 8621aa0..4675496 100644
--- a/src/drivers/driver_bsd.c
+++ b/src/drivers/driver_bsd.c
@@ -143,7 +143,7 @@
ireq->i_data = arg;
if (ioctl(drv->global->sock, SIOCG80211, ireq) < 0) {
- wpa_printf(MSG_ERROR, "ioctl[SIOCS80211, op=%u, "
+ wpa_printf(MSG_ERROR, "ioctl[SIOCG80211, op=%u, "
"arg_len=%u]: %s", op, arg_len, strerror(errno));
return -1;
}
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 661e34e..21d1398 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -307,6 +307,7 @@
os_memcpy(drv->prev_bssid, drv->bssid, ETH_ALEN);
drv->associated = 0;
os_memset(drv->bssid, 0, ETH_ALEN);
+ drv->first_bss->freq = 0;
}
@@ -2469,6 +2470,16 @@
if (nl80211_action_subscribe_ap(bss))
goto out_err;
+ if (bss->drv->device_ap_sme) {
+ u16 type = (WLAN_FC_TYPE_MGMT << 2) | (WLAN_FC_STYPE_AUTH << 4);
+
+ /* Register for all Authentication frames */
+ if (nl80211_register_frame(bss, bss->nl_mgmt, type, NULL, 0)
+ < 0)
+ wpa_printf(MSG_DEBUG,
+ "nl80211: Failed to subscribe to handle Authentication frames - SAE offload may not work");
+ }
+
nl80211_mgmt_handle_register_eloop(bss);
return 0;
@@ -4160,6 +4171,9 @@
nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
goto fail;
+ if (drv->device_ap_sme && (params->key_mgmt_suites & WPA_KEY_MGMT_SAE))
+ nla_put_flag(msg, NL80211_ATTR_EXTERNAL_AUTH_SUPPORT);
+
wpa_printf(MSG_DEBUG, "nl80211: pairwise_ciphers=0x%x",
params->pairwise_ciphers);
num_suites = wpa_cipher_to_cipher_suites(params->pairwise_ciphers,
@@ -8272,6 +8286,7 @@
struct i802_bss *bss = priv;
struct wpa_driver_nl80211_data *drv = bss->drv;
struct nl_msg *msg;
+ u64 cookie;
int ret;
if (!drv->poll_command_supported) {
@@ -8285,11 +8300,16 @@
return;
}
- ret = send_and_recv_msgs(drv, msg, NULL, NULL);
+ ret = send_and_recv_msgs(drv, msg, cookie_handler, &cookie);
if (ret < 0) {
wpa_printf(MSG_DEBUG, "nl80211: Client probe request for "
MACSTR " failed: ret=%d (%s)",
MAC2STR(addr), ret, strerror(-ret));
+ } else {
+ wpa_printf(MSG_DEBUG,
+ "nl80211: Client probe request addr=" MACSTR
+ " cookie=%llu", MAC2STR(addr),
+ (long long unsigned int) cookie);
}
}
@@ -10792,15 +10812,27 @@
struct nl_msg *msg = NULL;
int ret = -1;
+ /* External auth command/status is intended for drivers that implement
+ * intenral SME but want to offload authentication processing (e.g.,
+ * SAE) to hostapd/wpa_supplicant. Do nott send the status to drivers
+ * which do not support AP SME or use wpa_supplicant/hostapd SME.
+ */
+ if (!bss->drv->device_ap_sme ||
+ (drv->capa.flags & WPA_DRIVER_FLAGS_SME))
+ return -1;
+
wpa_dbg(drv->ctx, MSG_DEBUG,
"nl80211: External auth status: %u", params->status);
msg = nl80211_drv_msg(drv, 0, NL80211_CMD_EXTERNAL_AUTH);
if (!msg ||
nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, params->status) ||
- nla_put(msg, NL80211_ATTR_SSID, params->ssid_len,
- params->ssid) ||
- nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid))
+ (params->ssid && params->ssid_len &&
+ nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid)) ||
+ (params->pmkid &&
+ nla_put(msg, NL80211_ATTR_PMKID, PMKID_LEN, params->pmkid)) ||
+ (params->bssid &&
+ nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid)))
goto fail;
ret = send_and_recv_msgs(drv, msg, NULL, NULL);
msg = NULL;
diff --git a/src/drivers/driver_nl80211_event.c b/src/drivers/driver_nl80211_event.c
index ffddd94..ee7b4da 100644
--- a/src/drivers/driver_nl80211_event.c
+++ b/src/drivers/driver_nl80211_event.c
@@ -267,8 +267,6 @@
event.assoc_info.req_ies_len = nla_len(req_ie);
}
- event.assoc_info.freq = drv->assoc_freq;
-
/* When this association was initiated outside of wpa_supplicant,
* drv->ssid needs to be set here to satisfy later checking. */
ssid_len = nl80211_get_assoc_ssid(drv, drv->ssid);
@@ -279,6 +277,9 @@
wpa_ssid_txt(drv->ssid, drv->ssid_len));
}
+ event.assoc_info.freq = drv->assoc_freq;
+ drv->first_bss->freq = drv->assoc_freq;
+
nl80211_parse_wmm_params(wmm, &event.assoc_info.wmm_params);
wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
@@ -408,6 +409,7 @@
}
event.assoc_info.freq = nl80211_get_assoc_freq(drv);
+ drv->first_bss->freq = drv->assoc_freq;
if ((!ssid || ssid[1] == 0 || ssid[1] > 32) &&
(ssid_len = nl80211_get_assoc_ssid(drv, drv->ssid)) > 0) {
@@ -1436,16 +1438,23 @@
struct nlattr **tb)
{
union wpa_event_data data;
+ const u8 *addr;
+ u64 cookie = 0;
- wpa_printf(MSG_DEBUG, "nl80211: Probe client event");
-
- if (!tb[NL80211_ATTR_MAC] || !tb[NL80211_ATTR_ACK])
+ addr = nla_data(tb[NL80211_ATTR_MAC]);
+ if (!addr)
+ return;
+ if (tb[NL80211_ATTR_COOKIE])
+ cookie = nla_get_u64(tb[NL80211_ATTR_COOKIE]);
+ wpa_printf(MSG_DEBUG, "nl80211: Probe client event (addr=" MACSTR
+ " ack=%d cookie=%llu)", MAC2STR(addr),
+ tb[NL80211_ATTR_ACK] != NULL,
+ (long long unsigned int) cookie);
+ if (!tb[NL80211_ATTR_ACK])
return;
os_memset(&data, 0, sizeof(data));
- os_memcpy(data.client_poll.addr,
- nla_data(tb[NL80211_ATTR_MAC]), ETH_ALEN);
-
+ os_memcpy(data.client_poll.addr, addr, ETH_ALEN);
wpa_supplicant_event(drv->ctx, EVENT_DRIVER_CLIENT_POLL_OK, &data);
}
@@ -2269,11 +2278,9 @@
event.external_auth.ssid_len = nla_len(tb[NL80211_ATTR_SSID]);
if (event.external_auth.ssid_len > SSID_MAX_LEN)
return;
- os_memcpy(event.external_auth.ssid, nla_data(tb[NL80211_ATTR_SSID]),
- event.external_auth.ssid_len);
+ event.external_auth.ssid = nla_data(tb[NL80211_ATTR_SSID]);
- os_memcpy(event.external_auth.bssid, nla_data(tb[NL80211_ATTR_BSSID]),
- ETH_ALEN);
+ event.external_auth.bssid = nla_data(tb[NL80211_ATTR_BSSID]);
wpa_printf(MSG_DEBUG,
"nl80211: External auth action: %u, AKM: 0x%x",