Revert "[wpa_supplicant] Cumulative patch from c4e90da6d"
This reverts commit 39bc25d3a79c1375de430a7918d949c1a86f70c6.
Test: Compilation
Change-Id: Iae7670429466958911b5296cb1359bceecc0b03e
Exempt-From-Owner-Approval: Revert since it's breaking the build
diff --git a/hostapd/Android.mk b/hostapd/Android.mk
index c769bc7..9be3613 100644
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
@@ -246,12 +246,6 @@
NEED_SHA384=y
endif
-ifdef CONFIG_OCV
-L_CFLAGS += -DCONFIG_OCV
-OBJS += src/common/ocv.c
-CONFIG_IEEE80211W=y
-endif
-
ifdef CONFIG_IEEE80211W
L_CFLAGS += -DCONFIG_IEEE80211W
NEED_SHA256=y
diff --git a/hostapd/ChangeLog b/hostapd/ChangeLog
index f1366b4..d2b669b 100644
--- a/hostapd/ChangeLog
+++ b/hostapd/ChangeLog
@@ -1,60 +1,5 @@
ChangeLog for hostapd
-2018-12-02 - v2.7
- * fixed WPA packet number reuse with replayed messages and key
- reinstallation
- [http://w1.fi/security/2017-1/] (CVE-2017-13082)
- * added support for FILS (IEEE 802.11ai) shared key authentication
- * added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
- and transition mode defined by WFA)
- * added support for DPP (Wi-Fi Device Provisioning Protocol)
- * FT:
- - added local generation of PMK-R0/PMK-R1 for FT-PSK
- (ft_psk_generate_local=1)
- - replaced inter-AP protocol with a cleaner design that is more
- easily extensible; this breaks backward compatibility and requires
- all APs in the ESS to be updated at the same time to maintain FT
- functionality
- - added support for wildcard R0KH/R1KH
- - replaced r0_key_lifetime (minutes) parameter with
- ft_r0_key_lifetime (seconds)
- - fixed wpa_psk_file use for FT-PSK
- - fixed FT-SAE PMKID matching
- - added expiration to PMK-R0 and PMK-R1 cache
- - added IEEE VLAN support (including tagged VLANs)
- - added support for SHA384 based AKM
- * SAE
- - fixed some PMKSA caching cases with SAE
- - added support for configuring SAE password separately of the
- WPA2 PSK/passphrase
- - added option to require MFP for SAE associations
- (sae_require_pmf=1)
- - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
- for SAE;
- note: this is not backwards compatible, i.e., both the AP and
- station side implementations will need to be update at the same
- time to maintain interoperability
- - added support for Password Identifier
- * hostapd_cli: added support for command history and completion
- * added support for requesting beacon report
- * large number of other fixes, cleanup, and extensions
- * added option to configure EAPOL-Key retry limits
- (wpa_group_update_count and wpa_pairwise_update_count)
- * removed all PeerKey functionality
- * fixed nl80211 AP mode configuration regression with Linux 4.15 and
- newer
- * added support for using wolfSSL cryptographic library
- * fixed some 20/40 MHz coexistence cases where the BSS could drop to
- 20 MHz even when 40 MHz would be allowed
- * Hotspot 2.0
- - added support for setting Venue URL ANQP-element (venue_url)
- - added support for advertising Hotspot 2.0 operator icons
- - added support for Roaming Consortium Selection element
- - added support for Terms and Conditions
- - added support for OSEN connection in a shared RSN BSS
- * added support for using OpenSSL 1.1.1
- * added EAP-pwd server support for salted passwords
-
2016-10-02 - v2.6
* fixed EAP-pwd last fragment validation
[http://w1.fi/security/2015-7/] (CVE-2015-5314)
diff --git a/hostapd/Makefile b/hostapd/Makefile
index dd3816e..2ce8b7d 100644
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -278,12 +278,6 @@
NEED_SHA384=y
endif
-ifdef CONFIG_OCV
-CFLAGS += -DCONFIG_OCV
-OBJS += ../src/common/ocv.o
-CONFIG_IEEE80211W=y
-endif
-
ifdef CONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211W
NEED_SHA256=y
@@ -1101,9 +1095,6 @@
ifdef CONFIG_NO_RANDOM_POOL
CFLAGS += -DCONFIG_NO_RANDOM_POOL
else
-ifdef CONFIG_GETRANDOM
-CFLAGS += -DCONFIG_GETRANDOM
-endif
OBJS += ../src/crypto/random.o
HOBJS += ../src/crypto/random.o
HOBJS += ../src/utils/eloop.o
diff --git a/hostapd/README b/hostapd/README
index 1f30d7e..298391b 100644
--- a/hostapd/README
+++ b/hostapd/README
@@ -2,7 +2,7 @@
Authenticator and RADIUS authentication server
================================================================
-Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> and contributors
+Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> and contributors
All Rights Reserved.
This program is licensed under the BSD license (the one with
diff --git a/hostapd/android.config b/hostapd/android.config
index 4502a60..49cfe94 100644
--- a/hostapd/android.config
+++ b/hostapd/android.config
@@ -50,9 +50,6 @@
# Driver support is also needed for IEEE 802.11w.
CONFIG_IEEE80211W=y
-# Support Operating Channel Validation
-#CONFIG_OCV=y
-
# Integrated EAP server
#CONFIG_EAP=y
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index aeec1d9..b26da71 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -37,7 +37,7 @@
const char *fname)
{
FILE *f;
- char buf[128], *pos, *pos2, *pos3;
+ char buf[128], *pos, *pos2;
int line = 0, vlan_id;
struct hostapd_vlan *vlan;
@@ -82,10 +82,7 @@
pos2 = pos;
while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0')
pos2++;
-
- if (*pos2 != '\0')
- *(pos2++) = '\0';
-
+ *pos2 = '\0';
if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) {
wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d "
"in '%s'", line, fname);
@@ -93,13 +90,6 @@
return -1;
}
- while (*pos2 == ' ' || *pos2 == '\t')
- pos2++;
- pos3 = pos2;
- while (*pos3 != ' ' && *pos3 != '\t' && *pos3 != '\0')
- pos3++;
- *pos3 = '\0';
-
vlan = os_zalloc(sizeof(*vlan));
if (vlan == NULL) {
wpa_printf(MSG_ERROR, "Out of memory while reading "
@@ -112,7 +102,6 @@
vlan->vlan_desc.untagged = vlan_id;
vlan->vlan_desc.notempty = !!vlan_id;
os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
- os_strlcpy(vlan->bridge, pos2, sizeof(vlan->bridge));
vlan->next = bss->vlan;
bss->vlan = vlan;
}
@@ -1379,14 +1368,6 @@
#endif /* CONFIG_IEEE80211AC */
-#ifdef CONFIG_IEEE80211AX
-static u8 set_he_cap(int val, u8 mask)
-{
- return (u8) (mask & (val << ffs(mask)));
-}
-#endif /* CONFIG_IEEE80211AX */
-
-
#ifdef CONFIG_INTERWORKING
static int parse_roaming_consortium(struct hostapd_bss_config *bss, char *pos,
int line)
@@ -2273,16 +2254,10 @@
flags |= TLS_CONN_DISABLE_TIME_CHECKS;
if (os_strstr(val, "[DISABLE-TLSv1.0]"))
flags |= TLS_CONN_DISABLE_TLSv1_0;
- if (os_strstr(val, "[ENABLE-TLSv1.0]"))
- flags |= TLS_CONN_ENABLE_TLSv1_0;
if (os_strstr(val, "[DISABLE-TLSv1.1]"))
flags |= TLS_CONN_DISABLE_TLSv1_1;
- if (os_strstr(val, "[ENABLE-TLSv1.1]"))
- flags |= TLS_CONN_ENABLE_TLSv1_1;
if (os_strstr(val, "[DISABLE-TLSv1.2]"))
flags |= TLS_CONN_DISABLE_TLSv1_2;
- if (os_strstr(val, "[ENABLE-TLSv1.2]"))
- flags |= TLS_CONN_ENABLE_TLSv1_2;
if (os_strstr(val, "[DISABLE-TLSv1.3]"))
flags |= TLS_CONN_DISABLE_TLSv1_3;
if (os_strstr(val, "[ENABLE-TLSv1.3]"))
@@ -2503,10 +2478,6 @@
bss->private_key_passwd = os_strdup(pos);
} else if (os_strcmp(buf, "check_crl") == 0) {
bss->check_crl = atoi(pos);
- } else if (os_strcmp(buf, "check_crl_strict") == 0) {
- bss->check_crl_strict = atoi(pos);
- } else if (os_strcmp(buf, "crl_reload_interval") == 0) {
- bss->crl_reload_interval = atoi(pos);
} else if (os_strcmp(buf, "tls_session_lifetime") == 0) {
bss->tls_session_lifetime = atoi(pos);
} else if (os_strcmp(buf, "tls_flags") == 0) {
@@ -2523,9 +2494,6 @@
} else if (os_strcmp(buf, "openssl_ciphers") == 0) {
os_free(bss->openssl_ciphers);
bss->openssl_ciphers = os_strdup(pos);
- } else if (os_strcmp(buf, "openssl_ecdh_curves") == 0) {
- os_free(bss->openssl_ecdh_curves);
- bss->openssl_ecdh_curves = os_strdup(pos);
} else if (os_strcmp(buf, "fragment_size") == 0) {
bss->fragment_size = atoi(pos);
#ifdef EAP_SERVER_FAST
@@ -3180,7 +3148,7 @@
line, val);
return 1;
}
- bss->send_probe_response = val;
+ conf->send_probe_response = val;
} else if (os_strcmp(buf, "supported_rates") == 0) {
if (hostapd_parse_intlist(&conf->supported_rates, pos)) {
wpa_printf(MSG_ERROR, "Line %d: invalid rate list",
@@ -3348,12 +3316,6 @@
return 1;
}
#endif /* CONFIG_IEEE80211W */
-#ifdef CONFIG_OCV
- } else if (os_strcmp(buf, "ocv") == 0) {
- bss->ocv = atoi(pos);
- if (bss->ocv && !bss->ieee80211w)
- bss->ieee80211w = 1;
-#endif /* CONFIG_OCV */
#ifdef CONFIG_IEEE80211N
} else if (os_strcmp(buf, "ieee80211n") == 0) {
conf->ieee80211n = atoi(pos);
@@ -3407,90 +3369,6 @@
conf->he_op.he_twt_required = atoi(pos);
} else if (os_strcmp(buf, "he_rts_threshold") == 0) {
conf->he_op.he_rts_threshold = atoi(pos);
- } else if (os_strcmp(buf, "he_mu_edca_qos_info_param_count") == 0) {
- conf->he_mu_edca.he_qos_info |=
- set_he_cap(atoi(pos), HE_QOS_INFO_EDCA_PARAM_SET_COUNT);
- } else if (os_strcmp(buf, "he_mu_edca_qos_info_q_ack") == 0) {
- conf->he_mu_edca.he_qos_info |=
- set_he_cap(atoi(pos), HE_QOS_INFO_Q_ACK);
- } else if (os_strcmp(buf, "he_mu_edca_qos_info_queue_request") == 0) {
- conf->he_mu_edca.he_qos_info |=
- set_he_cap(atoi(pos), HE_QOS_INFO_QUEUE_REQUEST);
- } else if (os_strcmp(buf, "he_mu_edca_qos_info_txop_request") == 0) {
- conf->he_mu_edca.he_qos_info |=
- set_he_cap(atoi(pos), HE_QOS_INFO_TXOP_REQUEST);
- } else if (os_strcmp(buf, "he_mu_edca_ac_be_aifsn") == 0) {
- conf->he_mu_edca.he_mu_ac_be_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_be_acm") == 0) {
- conf->he_mu_edca.he_mu_ac_be_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
- } else if (os_strcmp(buf, "he_mu_edca_ac_be_aci") == 0) {
- conf->he_mu_edca.he_mu_ac_be_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
- } else if (os_strcmp(buf, "he_mu_edca_ac_be_ecwmin") == 0) {
- conf->he_mu_edca.he_mu_ac_be_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_be_ecwmax") == 0) {
- conf->he_mu_edca.he_mu_ac_be_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
- } else if (os_strcmp(buf, "he_mu_edca_ac_be_timer") == 0) {
- conf->he_mu_edca.he_mu_ac_be_param[HE_MU_AC_PARAM_TIMER_IDX] =
- atoi(pos) & 0xff;
- } else if (os_strcmp(buf, "he_mu_edca_ac_bk_aifsn") == 0) {
- conf->he_mu_edca.he_mu_ac_bk_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_bk_acm") == 0) {
- conf->he_mu_edca.he_mu_ac_bk_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
- } else if (os_strcmp(buf, "he_mu_edca_ac_bk_aci") == 0) {
- conf->he_mu_edca.he_mu_ac_bk_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
- } else if (os_strcmp(buf, "he_mu_edca_ac_bk_ecwmin") == 0) {
- conf->he_mu_edca.he_mu_ac_bk_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_bk_ecwmax") == 0) {
- conf->he_mu_edca.he_mu_ac_bk_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
- } else if (os_strcmp(buf, "he_mu_edca_ac_bk_timer") == 0) {
- conf->he_mu_edca.he_mu_ac_bk_param[HE_MU_AC_PARAM_TIMER_IDX] =
- atoi(pos) & 0xff;
- } else if (os_strcmp(buf, "he_mu_edca_ac_vi_aifsn") == 0) {
- conf->he_mu_edca.he_mu_ac_vi_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vi_acm") == 0) {
- conf->he_mu_edca.he_mu_ac_vi_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vi_aci") == 0) {
- conf->he_mu_edca.he_mu_ac_vi_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vi_ecwmin") == 0) {
- conf->he_mu_edca.he_mu_ac_vi_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vi_ecwmax") == 0) {
- conf->he_mu_edca.he_mu_ac_vi_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vi_timer") == 0) {
- conf->he_mu_edca.he_mu_ac_vi_param[HE_MU_AC_PARAM_TIMER_IDX] =
- atoi(pos) & 0xff;
- } else if (os_strcmp(buf, "he_mu_edca_ac_vo_aifsn") == 0) {
- conf->he_mu_edca.he_mu_ac_vo_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vo_acm") == 0) {
- conf->he_mu_edca.he_mu_ac_vo_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vo_aci") == 0) {
- conf->he_mu_edca.he_mu_ac_vo_param[HE_MU_AC_PARAM_ACI_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vo_ecwmin") == 0) {
- conf->he_mu_edca.he_mu_ac_vo_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vo_ecwmax") == 0) {
- conf->he_mu_edca.he_mu_ac_vo_param[HE_MU_AC_PARAM_ECW_IDX] |=
- set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
- } else if (os_strcmp(buf, "he_mu_edca_ac_vo_timer") == 0) {
- conf->he_mu_edca.he_mu_ac_vo_param[HE_MU_AC_PARAM_TIMER_IDX] =
- atoi(pos) & 0xff;
#endif /* CONFIG_IEEE80211AX */
} else if (os_strcmp(buf, "max_listen_interval") == 0) {
bss->max_listen_interval = atoi(pos);
@@ -3839,16 +3717,6 @@
#ifdef CONFIG_HS20
} else if (os_strcmp(buf, "hs20") == 0) {
bss->hs20 = atoi(pos);
- } else if (os_strcmp(buf, "hs20_release") == 0) {
- int val = atoi(pos);
-
- if (val < 1 || val > (HS20_VERSION >> 4) + 1) {
- wpa_printf(MSG_ERROR,
- "Line %d: Unsupported hs20_release: %s",
- line, pos);
- return 1;
- }
- bss->hs20_release = val;
} else if (os_strcmp(buf, "disable_dgaf") == 0) {
bss->disable_dgaf = atoi(pos);
} else if (os_strcmp(buf, "na_mcast_to_ucast") == 0) {
@@ -3939,9 +3807,6 @@
} else if (os_strcmp(buf, "hs20_t_c_server_url") == 0) {
os_free(bss->t_c_server_url);
bss->t_c_server_url = os_strdup(pos);
- } else if (os_strcmp(buf, "hs20_sim_provisioning_url") == 0) {
- os_free(bss->hs20_sim_provisioning_url);
- bss->hs20_sim_provisioning_url = os_strdup(pos);
#endif /* CONFIG_HS20 */
#ifdef CONFIG_MBO
} else if (os_strcmp(buf, "mbo") == 0) {
@@ -4246,22 +4111,6 @@
} else if (os_strcmp(buf, "coloc_intf_reporting") == 0) {
bss->coloc_intf_reporting = atoi(pos);
#endif /* CONFIG_OWE */
- } else if (os_strcmp(buf, "multi_ap") == 0) {
- int val = atoi(pos);
-
- if (val < 0 || val > 3) {
- wpa_printf(MSG_ERROR, "Line %d: Invalid multi_ap '%s'",
- line, buf);
- return -1;
- }
-
- bss->multi_ap = val;
- } else if (os_strcmp(buf, "rssi_reject_assoc_rssi") == 0) {
- conf->rssi_reject_assoc_rssi = atoi(pos);
- } else if (os_strcmp(buf, "rssi_reject_assoc_timeout") == 0) {
- conf->rssi_reject_assoc_timeout = atoi(pos);
- } else if (os_strcmp(buf, "pbss") == 0) {
- bss->pbss = atoi(pos);
} else {
wpa_printf(MSG_ERROR,
"Line %d: unknown configuration item '%s'",
diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c
index df2524a..e539a09 100644
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -1488,63 +1488,6 @@
}
-static int
-hostapd_ctrl_iface_kick_mismatch_psk_sta_iter(struct hostapd_data *hapd,
- struct sta_info *sta, void *ctx)
-{
- struct hostapd_wpa_psk *psk;
- const u8 *pmk;
- int pmk_len;
- int pmk_match;
- int sta_match;
- int bss_match;
- int reason;
-
- pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
-
- for (psk = hapd->conf->ssid.wpa_psk; pmk && psk; psk = psk->next) {
- pmk_match = PMK_LEN == pmk_len &&
- os_memcmp(psk->psk, pmk, pmk_len) == 0;
- sta_match = psk->group == 0 &&
- os_memcmp(sta->addr, psk->addr, ETH_ALEN) == 0;
- bss_match = psk->group == 1;
-
- if (pmk_match && (sta_match || bss_match))
- return 0;
- }
-
- wpa_printf(MSG_INFO, "STA " MACSTR
- " PSK/passphrase no longer valid - disconnect",
- MAC2STR(sta->addr));
- reason = WLAN_REASON_PREV_AUTH_NOT_VALID;
- hostapd_drv_sta_deauth(hapd, sta->addr, reason);
- ap_sta_deauthenticate(hapd, sta, reason);
-
- return 0;
-}
-
-
-static int hostapd_ctrl_iface_reload_wpa_psk(struct hostapd_data *hapd)
-{
- struct hostapd_bss_config *conf = hapd->conf;
- int err;
-
- hostapd_config_clear_wpa_psk(&conf->ssid.wpa_psk);
-
- err = hostapd_setup_wpa_psk(conf);
- if (err < 0) {
- wpa_printf(MSG_ERROR, "Reloading WPA-PSK passwords failed: %d",
- err);
- return -1;
- }
-
- ap_for_each_sta(hapd, hostapd_ctrl_iface_kick_mismatch_psk_sta_iter,
- NULL);
-
- return 0;
-}
-
-
#ifdef CONFIG_TESTING_OPTIONS
static int hostapd_ctrl_iface_radar(struct hostapd_data *hapd, char *cmd)
@@ -2191,7 +2134,7 @@
if (!pos)
return -1;
pos++;
- if (hexstr2bin(pos, seq, sizeof(seq)) < 0)
+ if (hexstr2bin(pos, seq, sizeof(6)) < 0)
return -1;
pos += 2 * 6;
if (*pos != ' ')
@@ -3070,9 +3013,6 @@
} else if (os_strncmp(buf, "ENABLE", 6) == 0) {
if (hostapd_ctrl_iface_enable(hapd->iface))
reply_len = -1;
- } else if (os_strcmp(buf, "RELOAD_WPA_PSK") == 0) {
- if (hostapd_ctrl_iface_reload_wpa_psk(hapd))
- reply_len = -1;
} else if (os_strncmp(buf, "RELOAD", 6) == 0) {
if (hostapd_ctrl_iface_reload(hapd->iface))
reply_len = -1;
@@ -3289,7 +3229,7 @@
if (hostapd_dpp_configurator_remove(hapd, buf + 24) < 0)
reply_len = -1;
} else if (os_strncmp(buf, "DPP_CONFIGURATOR_SIGN ", 22) == 0) {
- if (hostapd_dpp_configurator_sign(hapd, buf + 21) < 0)
+ if (hostapd_dpp_configurator_sign(hapd, buf + 22) < 0)
reply_len = -1;
} else if (os_strncmp(buf, "DPP_CONFIGURATOR_GET_KEY ", 25) == 0) {
reply_len = hostapd_dpp_configurator_get_key(hapd,
@@ -3566,18 +3506,18 @@
}
if (hapd->conf->ctrl_interface_gid_set &&
- lchown(hapd->conf->ctrl_interface, -1,
- hapd->conf->ctrl_interface_gid) < 0) {
- wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
+ chown(hapd->conf->ctrl_interface, -1,
+ hapd->conf->ctrl_interface_gid) < 0) {
+ wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
strerror(errno));
return -1;
}
if (!hapd->conf->ctrl_interface_gid_set &&
hapd->iface->interfaces->ctrl_iface_group &&
- lchown(hapd->conf->ctrl_interface, -1,
- hapd->iface->interfaces->ctrl_iface_group) < 0) {
- wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
+ chown(hapd->conf->ctrl_interface, -1,
+ hapd->iface->interfaces->ctrl_iface_group) < 0) {
+ wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
strerror(errno));
return -1;
}
@@ -3650,16 +3590,16 @@
}
if (hapd->conf->ctrl_interface_gid_set &&
- lchown(fname, -1, hapd->conf->ctrl_interface_gid) < 0) {
- wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
+ chown(fname, -1, hapd->conf->ctrl_interface_gid) < 0) {
+ wpa_printf(MSG_ERROR, "chown[ctrl_interface/ifname]: %s",
strerror(errno));
goto fail;
}
if (!hapd->conf->ctrl_interface_gid_set &&
hapd->iface->interfaces->ctrl_iface_group &&
- lchown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
- wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
+ chown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
+ wpa_printf(MSG_ERROR, "chown[ctrl_interface/ifname]: %s",
strerror(errno));
goto fail;
}
@@ -4333,9 +4273,9 @@
goto fail;
}
} else if (interface->ctrl_iface_group &&
- lchown(interface->global_iface_path, -1,
- interface->ctrl_iface_group) < 0) {
- wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
+ chown(interface->global_iface_path, -1,
+ interface->ctrl_iface_group) < 0) {
+ wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
strerror(errno));
goto fail;
}
@@ -4392,8 +4332,8 @@
}
if (interface->ctrl_iface_group &&
- lchown(fname, -1, interface->ctrl_iface_group) < 0) {
- wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
+ chown(fname, -1, interface->ctrl_iface_group) < 0) {
+ wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
strerror(errno));
goto fail;
}
diff --git a/hostapd/defconfig b/hostapd/defconfig
index ea5e2c9..c67c662 100644
--- a/hostapd/defconfig
+++ b/hostapd/defconfig
@@ -31,7 +31,7 @@
#CONFIG_LIBNL20=y
# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
-CONFIG_LIBNL32=y
+#CONFIG_LIBNL32=y
# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
@@ -53,9 +53,6 @@
# IEEE 802.11w (management frame protection)
CONFIG_IEEE80211W=y
-# Support Operating Channel Validation
-#CONFIG_OCV=y
-
# Integrated EAP server
CONFIG_EAP=y
@@ -252,11 +249,6 @@
# requirements described above.
#CONFIG_NO_RANDOM_POOL=y
-# Should we attempt to use the getrandom(2) call that provides more reliable
-# yet secure randomness source than /dev/random on Linux 3.17 and newer.
-# Requires glibc 2.25 to build, falls back to /dev/random if unavailable.
-#CONFIG_GETRANDOM=y
-
# Should we use poll instead of select? Select is used by default.
#CONFIG_ELOOP_POLL=y
@@ -364,6 +356,8 @@
#CONFIG_TAXONOMY=y
# Fast Initial Link Setup (FILS) (IEEE 802.11ai)
+# Note: This is an experimental and not yet complete implementation. This
+# should not be enabled for production use.
#CONFIG_FILS=y
# FILS shared key authentication with PFS
#CONFIG_FILS_SK_PFS=y
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index ab37f03..a005217 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -438,13 +438,6 @@
wmm_ac_vo_acm=0
# Note: for IEEE 802.11b mode: cWmin=3 cWmax=4 burst=102
-# Enable Multi-AP functionality
-# 0 = disabled (default)
-# 1 = AP support backhaul BSS
-# 2 = AP support fronthaul BSS
-# 3 = AP supports both backhaul BSS and fronthaul BSS
-#multi_ap=0
-
# Static WEP key configuration
#
# The key number to use when transmitting.
@@ -801,30 +794,6 @@
# unsigned integer = duration in units of 16 us
#he_rts_threshold=0
-#he_mu_edca_qos_info_param_count
-#he_mu_edca_qos_info_q_ack
-#he_mu_edca_qos_info_queue_request=1
-#he_mu_edca_qos_info_txop_request
-#he_mu_edca_ac_be_aifsn=0
-#he_mu_edca_ac_be_ecwmin=15
-#he_mu_edca_ac_be_ecwmax=15
-#he_mu_edca_ac_be_timer=255
-#he_mu_edca_ac_bk_aifsn=0
-#he_mu_edca_ac_bk_aci=1
-#he_mu_edca_ac_bk_ecwmin=15
-#he_mu_edca_ac_bk_ecwmax=15
-#he_mu_edca_ac_bk_timer=255
-#he_mu_edca_ac_vi_ecwmin=15
-#he_mu_edca_ac_vi_ecwmax=15
-#he_mu_edca_ac_vi_aifsn=0
-#he_mu_edca_ac_vi_aci=2
-#he_mu_edca_ac_vi_timer=255
-#he_mu_edca_ac_vo_aifsn=0
-#he_mu_edca_ac_vo_aci=3
-#he_mu_edca_ac_vo_ecwmin=15
-#he_mu_edca_ac_vo_ecwmax=15
-#he_mu_edca_ac_vo_timer=255
-
##### IEEE 802.1X-2004 related configuration ##################################
# Require IEEE 802.1X authorization
@@ -922,57 +891,18 @@
# valid CRL signed by the CA is required to be included in the ca_cert file.
# This can be done by using PEM format for CA certificate and CRL and
# concatenating these into one file. Whenever CRL changes, hostapd needs to be
-# restarted to take the new CRL into use. Alternatively, crl_reload_interval can
-# be used to configure periodic updating of the loaded CRL information.
+# restarted to take the new CRL into use.
# 0 = do not verify CRLs (default)
# 1 = check the CRL of the user certificate
# 2 = check all CRLs in the certificate path
#check_crl=1
-# Specify whether to ignore certificate CRL validity time mismatches with
-# errors X509_V_ERR_CERT_HAS_EXPIRED and X509_V_ERR_CERT_NOT_YET_VALID.
-#
-# 0 = ignore errors
-# 1 = do not ignore errors (default)
-#check_crl_strict=1
-
-# CRL reload interval in seconds
-# This can be used to reload ca_cert file and the included CRL on every new TLS
-# session if difference between last reload and the current reload time in
-# seconds is greater than crl_reload_interval.
-# Note: If interval time is very short, CPU overhead may be negatively affected
-# and it is advised to not go below 300 seconds.
-# This is applicable only with check_crl values 1 and 2.
-# 0 = do not reload CRLs (default)
-# crl_reload_interval = 300
-
# TLS Session Lifetime in seconds
# This can be used to allow TLS sessions to be cached and resumed with an
# abbreviated handshake when using EAP-TLS/TTLS/PEAP.
# (default: 0 = session caching and resumption disabled)
#tls_session_lifetime=3600
-# TLS flags
-# [ALLOW-SIGN-RSA-MD5] = allow MD5-based certificate signatures (depending on
-# the TLS library, these may be disabled by default to enforce stronger
-# security)
-# [DISABLE-TIME-CHECKS] = ignore certificate validity time (this requests
-# the TLS library to accept certificates even if they are not currently
-# valid, i.e., have expired or have not yet become valid; this should be
-# used only for testing purposes)
-# [DISABLE-TLSv1.0] = disable use of TLSv1.0
-# [ENABLE-TLSv1.0] = explicitly enable use of TLSv1.0 (this allows
-# systemwide TLS policies to be overridden)
-# [DISABLE-TLSv1.1] = disable use of TLSv1.1
-# [ENABLE-TLSv1.1] = explicitly enable use of TLSv1.1 (this allows
-# systemwide TLS policies to be overridden)
-# [DISABLE-TLSv1.2] = disable use of TLSv1.2
-# [ENABLE-TLSv1.2] = explicitly enable use of TLSv1.2 (this allows
-# systemwide TLS policies to be overridden)
-# [DISABLE-TLSv1.3] = disable use of TLSv1.3
-# [ENABLE-TLSv1.3] = enable TLSv1.3 (experimental - disabled by default)
-#tls_flags=[flag1][flag2]...
-
# Cached OCSP stapling response (DER encoded)
# If set, this file is sent as a certificate status response by the EAP server
# if the EAP peer requests certificate status in the ClientHello message.
@@ -1174,8 +1104,8 @@
# Tunnel-Medium-Type (value 6 = IEEE 802), Tunnel-Private-Group-ID (value
# VLANID as a string). Optionally, the local MAC ACL list (accept_mac_file) can
# be used to set static client MAC address to VLAN ID mapping.
-# 0 = disabled (default); only VLAN IDs from accept_mac_file will be used
-# 1 = optional; use default interface if RADIUS server does not include VLAN ID
+# 0 = disabled (default)
+# 1 = option; use default interface if RADIUS server does not include VLAN ID
# 2 = required; reject authentication if RADIUS server does not include VLAN ID
#dynamic_vlan=0
@@ -1198,7 +1128,6 @@
# white space (space or tab).
# If no entries are provided by this file, the station is statically mapped
# to <bss-iface>.<vlan-id> interfaces.
-# Each line can optionally also contain the name of a bridge to add the VLAN to
#vlan_file=/etc/hostapd.vlan
# Interface where 802.1q tagged packets should appear when a RADIUS server is
@@ -1489,13 +1418,6 @@
# dot11AssociationSAQueryRetryTimeout, 1...4294967295
#assoc_sa_query_retry_timeout=201
-# ocv: Operating Channel Validation
-# This is a countermeasure against multi-channel man-in-the-middle attacks.
-# Enabling this automatically also enables ieee80211w, if not yet enabled.
-# 0 = disabled (default)
-# 1 = enabled
-#ocv=1
-
# disable_pmksa_caching: Disable PMKSA caching
# This parameter can be used to disable caching of PMKSA created through EAP
# authentication. RSN preauthentication may still end up using PMKSA caching if
@@ -2351,21 +2273,6 @@
# Default is 0 = OCE disabled
#oce=0
-# RSSI-based assocition rejection
-#
-# Reject STA association if RSSI is below given threshold (in dBm)
-# Allowed range: -60 to -90 dBm; default = 0 (rejection disabled)
-# Note: This rejection happens based on a signal strength detected while
-# receiving a single frame and as such, there is significant risk of the value
-# not being accurate and this resulting in valid stations being rejected. As
-# such, this functionality is not recommended to be used for purposes other than
-# testing.
-#rssi_reject_assoc_rssi=-75
-#
-# Association retry delay in seconds allowed by the STA if RSSI has not met the
-# threshold (range: 0..255, default=30).
-#rssi_reject_assoc_timeout=30
-
##### Fast Session Transfer (FST) support #####################################
#
# The options in this section are only available when the build configuration
diff --git a/hostapd/hostapd.wpa_psk b/hostapd/hostapd.wpa_psk
index 834d441..0a9499a 100644
--- a/hostapd/hostapd.wpa_psk
+++ b/hostapd/hostapd.wpa_psk
@@ -3,10 +3,7 @@
# Special MAC address 00:00:00:00:00:00 can be used to configure PSKs that
# anyone can use. PSK can be configured as an ASCII passphrase of 8..63
# characters or as a 256-bit hex PSK (64 hex digits).
-# An optional key identifier can be added by prefixing the line with
-# keyid=<keyid_string>
00:00:00:00:00:00 secret passphrase
00:11:22:33:44:55 another passphrase
00:22:33:44:55:66 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
-keyid=example_id 00:11:22:33:44:77 passphrase with keyid
00:00:00:00:00:00 another passphrase for all STAs
diff --git a/hostapd/hostapd_cli.c b/hostapd/hostapd_cli.c
index 23c592a..fbec5d2 100644
--- a/hostapd/hostapd_cli.c
+++ b/hostapd/hostapd_cli.c
@@ -1,6 +1,6 @@
/*
* hostapd - command line interface for hostapd daemon
- * Copyright (c) 2004-2019, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -21,7 +21,7 @@
static const char *const hostapd_cli_version =
"hostapd_cli v" VERSION_STR "\n"
-"Copyright (c) 2004-2019, Jouni Malinen <j@w1.fi> and contributors";
+"Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> and contributors";
static struct wpa_ctrl *ctrl_conn;
static int hostapd_cli_quit = 0;
@@ -1443,13 +1443,6 @@
}
-static int hostapd_cli_cmd_dpp_configurator_sign(struct wpa_ctrl *ctrl,
- int argc, char *argv[])
-{
- return hostapd_cli_cmd(ctrl, "DPP_CONFIGURATOR_SIGN", 1, argc, argv);
-}
-
-
static int hostapd_cli_cmd_dpp_pkex_add(struct wpa_ctrl *ctrl, int argc,
char *argv[])
{
@@ -1487,20 +1480,6 @@
}
-static int hostapd_cli_cmd_req_beacon(struct wpa_ctrl *ctrl, int argc,
- char *argv[])
-{
- return hostapd_cli_cmd(ctrl, "REQ_BEACON", 2, argc, argv);
-}
-
-
-static int hostapd_cli_cmd_reload_wpa_psk(struct wpa_ctrl *ctrl, int argc,
- char *argv[])
-{
- return wpa_ctrl_command(ctrl, "RELOAD_WPA_PSK");
-}
-
-
struct hostapd_cli_cmd {
const char *cmd;
int (*handler)(struct wpa_ctrl *ctrl, int argc, char *argv[]);
@@ -1658,11 +1637,9 @@
{ "dpp_configurator_remove", hostapd_cli_cmd_dpp_configurator_remove,
NULL,
"*|<id> = remove DPP configurator" },
- { "dpp_configurator_get_key", hostapd_cli_cmd_dpp_configurator_get_key,
+ { "dpp_configurator_remove", hostapd_cli_cmd_dpp_configurator_get_key,
NULL,
"<id> = Get DPP configurator's private key" },
- { "dpp_configurator_sign", hostapd_cli_cmd_dpp_configurator_sign, NULL,
- "conf=<role> configurator=<id> = generate self DPP configuration" },
{ "dpp_pkex_add", hostapd_cli_cmd_dpp_pkex_add, NULL,
"add PKEX code" },
{ "dpp_pkex_remove", hostapd_cli_cmd_dpp_pkex_remove, NULL,
@@ -1674,10 +1651,6 @@
"=Add/Delete/Show/Clear deny MAC ACL" },
{ "poll_sta", hostapd_cli_cmd_poll_sta, hostapd_complete_stations,
"<addr> = poll a STA to check connectivity with a QoS null frame" },
- { "req_beacon", hostapd_cli_cmd_req_beacon, NULL,
- "<addr> [req_mode=] <measurement request hexdump> = send a Beacon report request to a station" },
- { "reload_wpa_psk", hostapd_cli_cmd_reload_wpa_psk, NULL,
- "= reload wpa_psk_file only" },
{ NULL, NULL, NULL, NULL }
};
diff --git a/hostapd/main.c b/hostapd/main.c
index e613c04..dbe065e 100644
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -1,6 +1,6 @@
/*
* hostapd / main()
- * Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi>
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
@@ -255,7 +255,7 @@
*
* This function is used to parse configuration file for a full interface (one
* or more BSSes sharing the same radio) and allocate memory for the BSS
- * interfaces. No actual driver operations are started.
+ * interfaces. No actiual driver operations are started.
*/
static struct hostapd_iface *
hostapd_interface_init(struct hapd_interfaces *interfaces, const char *if_name,
@@ -458,7 +458,7 @@
"hostapd v" VERSION_STR "\n"
"User space daemon for IEEE 802.11 AP management,\n"
"IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
- "Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi> "
+ "Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> "
"and contributors\n");
}
@@ -877,8 +877,27 @@
*/
interfaces.terminate_on_error = interfaces.count;
for (i = 0; i < interfaces.count; i++) {
- if (hostapd_driver_init(interfaces.iface[i]) ||
- hostapd_setup_interface(interfaces.iface[i]))
+ if (hostapd_driver_init(interfaces.iface[i]))
+ goto out;
+#ifdef CONFIG_MBO
+ for (j = 0; j < interfaces.iface[i]->num_bss; j++) {
+ struct hostapd_data *hapd = interfaces.iface[i]->bss[j];
+
+ if (hapd && (hapd->conf->oce & OCE_STA_CFON) &&
+ (interfaces.iface[i]->drv_flags &
+ WPA_DRIVER_FLAGS_OCE_STA_CFON))
+ hapd->enable_oce = OCE_STA_CFON;
+
+ if (hapd && (hapd->conf->oce & OCE_AP) &&
+ (interfaces.iface[i]->drv_flags &
+ WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
+ /* TODO: Need to add OCE-AP support */
+ wpa_printf(MSG_ERROR,
+ "OCE-AP feature is not yet supported");
+ }
+ }
+#endif /* CONFIG_MBO */
+ if (hostapd_setup_interface(interfaces.iface[i]))
goto out;
}
diff --git a/hostapd/wps-ap-nfc.py b/hostapd/wps-ap-nfc.py
index 258d841..2fc3012 100755
--- a/hostapd/wps-ap-nfc.py
+++ b/hostapd/wps-ap-nfc.py
@@ -26,7 +26,7 @@
success_file = None
def summary(txt):
- print(txt)
+ print txt
if summary_file:
with open(summary_file, 'a') as f:
f.write(txt + "\n")
@@ -42,19 +42,19 @@
if os.path.isdir(wpas_ctrl):
try:
ifaces = [os.path.join(wpas_ctrl, i) for i in os.listdir(wpas_ctrl)]
- except OSError as error:
- print("Could not find hostapd: ", error)
+ except OSError, error:
+ print "Could not find hostapd: ", error
return None
if len(ifaces) < 1:
- print("No hostapd control interface found")
+ print "No hostapd control interface found"
return None
for ctrl in ifaces:
try:
wpas = wpaspy.Ctrl(ctrl)
return wpas
- except Exception as e:
+ except Exception, e:
pass
return None
@@ -133,23 +133,23 @@
def process_request(self, request):
summary("HandoverServer - request received")
try:
- print("Parsed handover request: " + request.pretty())
- except Exception as e:
- print(e)
- print(str(request).encode("hex"))
+ print "Parsed handover request: " + request.pretty()
+ except Exception, e:
+ print e
+ print str(request).encode("hex")
sel = nfc.ndef.HandoverSelectMessage(version="1.2")
for carrier in request.carriers:
- print("Remote carrier type: " + carrier.type)
+ print "Remote carrier type: " + carrier.type
if carrier.type == "application/vnd.wfa.wsc":
summary("WPS carrier type match - add WPS carrier record")
data = wpas_get_handover_sel()
if data is None:
summary("Could not get handover select carrier record from hostapd")
continue
- print("Handover select carrier record from hostapd:")
- print(data.encode("hex"))
+ print "Handover select carrier record from hostapd:"
+ print data.encode("hex")
if "OK" in wpas_report_handover(carrier.record, data):
success_report("Handover reported successfully")
else:
@@ -158,12 +158,12 @@
message = nfc.ndef.Message(data);
sel.add_carrier(message[0], "active", message[1:])
- print("Handover select:")
+ print "Handover select:"
try:
- print(sel.pretty())
- except Exception as e:
- print(e)
- print(str(sel).encode("hex"))
+ print sel.pretty()
+ except Exception, e:
+ print e
+ print str(sel).encode("hex")
summary("Sending handover select")
self.success = True
@@ -174,7 +174,7 @@
success = False
if len(tag.ndef.message):
for record in tag.ndef.message:
- print("record type " + record.type)
+ print "record type " + record.type
if record.type == "application/vnd.wfa.wsc":
summary("WPS tag - send to hostapd")
success = wpas_tag_read(tag.ndef.message)
@@ -193,7 +193,7 @@
global write_data
tag.ndef.message = str(write_data)
success_report("Tag write succeeded")
- print("Done - remove tag")
+ print "Done - remove tag"
global only_one
if only_one:
global continue_loop
@@ -211,7 +211,7 @@
summary("Could not get WPS config token from hostapd")
return
- print("Touch an NFC tag")
+ print "Touch an NFC tag"
clf.connect(rdwr={'on-connect': rdwr_connected_write})
@@ -224,7 +224,7 @@
summary("Could not get WPS password token from hostapd")
return
- print("Touch an NFC tag")
+ print "Touch an NFC tag"
clf.connect(rdwr={'on-connect': rdwr_connected_write})
@@ -233,11 +233,11 @@
summary("Tag connected: " + str(tag))
if tag.ndef:
- print("NDEF tag: " + tag.type)
+ print "NDEF tag: " + tag.type
try:
- print(tag.ndef.message.pretty())
- except Exception as e:
- print(e)
+ print tag.ndef.message.pretty()
+ except Exception, e:
+ print e
success = wps_tag_read(tag)
if only_one and success:
global continue_loop
@@ -250,13 +250,13 @@
def llcp_startup(clf, llc):
- print("Start LLCP server")
+ print "Start LLCP server"
global srv
srv = HandoverServer(llc)
return llc
def llcp_connected(llc):
- print("P2P LLCP connected")
+ print "P2P LLCP connected"
global wait_connection
wait_connection = False
global srv
@@ -304,7 +304,7 @@
try:
if not clf.open("usb"):
- print("Could not open connection with an NFC device")
+ print "Could not open connection with an NFC device"
raise SystemExit
if args.command == "write-config":
@@ -317,15 +317,15 @@
global continue_loop
while continue_loop:
- print("Waiting for a tag or peer to be touched")
+ print "Waiting for a tag or peer to be touched"
wait_connection = True
try:
if not clf.connect(rdwr={'on-connect': rdwr_connected},
llcp={'on-startup': llcp_startup,
'on-connect': llcp_connected}):
break
- except Exception as e:
- print("clf.connect failed")
+ except Exception, e:
+ print "clf.connect failed"
global srv
if only_one and srv and srv.success: