Cumulative patch from commit 3e7f1c7980c6e9fc7173f78aa72b2761fcd8924d (DO NOT MERGE)
3e7f1c7 GnuTLS: Add TLS event callbacks for chain success/failure and peer cert
0eb2ed0 GnuTLS: Add support for OCSP stapling as a client
cf08e9b Add MESH to modes capabilities
db5adfe Add SAE to auth_alg capabilities
0e1bb94 GnuTLS: Verify that server certificate EKU is valid for a server
d4d1f5c GnuTLS: Fix tls_disable_time_checks=1 processing
594d1fc GnuTLS: Add support for private_key and client_cert as blobs
79b1dd9 GnuTLS: Fix DER encoding certificate parsing
a165145 Add "GET tls_library" to provide information on TLS library and version
c3bb84b GnuTLS: Add event callbacks
8ddcd6b GnuTLS: Add support for domain_suffix_match
4bc13bf GnuTLS: Check for any unknown verification failure
e0d431a GnuTLS: Add more debug prints for version and session status
65ec7f4 GnuTLS: Move peer certificate validation into callback function
7c82457 GnuTLS: Remove support for versions older than 2.12.x
e1d63f6 GnuTLS: Remove old version number checks for 1.3.2
ae0a23a GnuTLS: Remove GNUTLS_INTERNAL_STRUCTURE_HACK
db4cf40 GnuTLS: Add support for ca_cert as a blob
224104d TLS: Reject openssl_ciphers parameter in non-OpenSSL cases
b09baf3 Work around Windows build issues
6dbbef9 Define host_to_le32() for Windows builds
7d28e46 Fix os_win32 build
0b40247 Remove Network Security Service (NSS) support
d166947 schannel: Reject subject_match, altsubject_match, suffix_match
59051f8 TLS: Reject subject_match, altsubject_match, suffix_match
f8717ac GnuTLS: Reject subject_match, altsubject_match, suffix_match
e24aef1 Fix a typo in domain_suffix_match documentation
394b547 Improve subject_match and domain_suffix_match documentation
8a42a07 trace: Fix out-of-memory testing logic
79cd993 Add address masks to BSSID lists
b83e455 Add network specific BSSID black and white lists
b3d6a0a Add generic parser for MAC address lists
21c74e8 nl80211: Use a helper function to put mesh_id
85e1fad nl80211: Use a helper function for putting beacon interval
6dfc557 Remove mesh_ht_mode network block parameter
54fe48b mesh: Use the shared function with IBSS to determine channel parameters
f7e889f mesh: Convert channel configuration to use common routines
6334330 mesh: Use a separate variable to track whether HT is enabled
1fc4ab2 nl80211: Move debug prints into nl80211_put_freq_params()
cae87ab nl80211: Add a helper function for putting basic rates
6b8b077 ibss/mesh: Enable HT40 if supported
a828f62 Make check_40mhz_2g4 common
fdd989d Make check_20mhz_bss common
0e550fe Make check_40mhz_5g common
6d5d098 Make get_pri_sec_chan() common
5144274 Introduce common allowed_ht40_channel_pair()
5f10b7f Use common hw_get_freq/hw_get_chan helpers in hostapd
269dfe2 Introduce common hw features
1830817 IBSS: Add WPA_DRIVER_FLAGS_HT_IBSS
f3b8ad4 SAE: Implement retransmission timer
a206e2a SAE: Centralize function for sending initial COMMIT
28c91ee bsd: Fix parsing of ieee80211req_scan_result on FreeBSD and DragonFly
96d1d97 Android: Remove hardcoded ICU include paths from hs20-osu-client
a354bcc D-Bus: Use NoMemory error message from CreateInterface
635874b Handle interface disabled/enabled more consistently
8f2cf37 P2P: Indicate reason=UNAVAILABLE for group netdev going down
86a7fbb Verify that eloop_register_read_sock() succeeds for ctrl_iface setup
27d9701 Fix a memory leak on WPA authenticator error path
c1c07dc Fix hostapd interface addition error path
a156ffd Add support for testing memory allocation failures
52b3943 D-Bus: Fix interface unregistration on error path
96dc9a6 D-Bus (old): Fix interface unregistration on error path
ef03557 Fix memory leak on wpa_supplicant_init_wpa() error path
52a8058 TDLS: Fix an interface addition error path
f2d5728 D-Bus: Fix string array dict entry parser in out-of-memory case
c61bc23 D-Bus: Fix byte array dict entry parser in out-of-memory case
dacf605 D-Bus: Fix Introspect() in case of os_strdup() failure
68a8669 D-Bus (old): Fix wpsReg error message
f0614bc D-Bus (old): Fix message handler error paths
a2af1c7 D-Bus (old): Fix memory leak on error path
3d2e2d5 trace: Fix compiler warning on 32-bit builds with bfd support
b9f6560 eloop: Fix WPA_TRACE tracking in case of realloc failure
e10422c Fix memory leak on hostapd BSS addition error path
2801659 Fix hostapd initialization error path on allocation failure
d58ade2 nl80211: Fix compilation with libnl 1.1 and 2.0
51f3427 crypto: Clear temporary stack buffers after use
77a2c39 crypto: Clear temporary heap allocations before freeing
a15a7fc DH: Clear memory explicitly on private key deinit
77c45e2 Add wpabuf_clear_free() to allow clearing of freed memory
a90c7d9 OpenSSL: Fix pbkdf2_sha1() wrapper
f6ebbcf AES-SIV: Make aes_s2v() static
dcf8fbc nl80211: Simplify event processing error paths
38751d8 nl80211: Remove cfg80211 state mismatch workaround for authentication
64ae244 nl80211: Check support for rekey offload on first use
Change-Id: Ice94c3cf8e39a6d2cac993aacd0f6d45b31c7c15
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 8527e90..c180f15 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -1583,6 +1583,14 @@
drv->ctx = ctx;
drv->hostapd = !!hostapd;
drv->eapol_sock = -1;
+
+ /*
+ * There is no driver capability flag for this, so assume it is
+ * supported and disable this on first attempt to use if the driver
+ * rejects the command due to missing support.
+ */
+ drv->set_rekey_offload = 1;
+
drv->num_if_indices = sizeof(drv->default_if_indices) / sizeof(int);
drv->if_indices = drv->default_if_indices;
@@ -3070,9 +3078,25 @@
}
+static int nl80211_put_basic_rates(struct nl_msg *msg, const int *basic_rates)
+{
+ u8 rates[NL80211_MAX_SUPP_RATES];
+ u8 rates_len = 0;
+ int i;
+
+ if (!basic_rates)
+ return 0;
+
+ for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0; i++)
+ rates[rates_len++] = basic_rates[i] / 5;
+
+ return nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len, rates);
+}
+
+
static int nl80211_set_bss(struct i802_bss *bss, int cts, int preamble,
int slot, int ht_opmode, int ap_isolate,
- int *basic_rates)
+ const int *basic_rates)
{
struct wpa_driver_nl80211_data *drv = bss->drv;
struct nl_msg *msg;
@@ -3087,27 +3111,13 @@
(ht_opmode >= 0 &&
nla_put_u16(msg, NL80211_ATTR_BSS_HT_OPMODE, ht_opmode)) ||
(ap_isolate >= 0 &&
- nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)))
- goto fail;
-
- if (basic_rates) {
- u8 rates[NL80211_MAX_SUPP_RATES];
- u8 rates_len = 0;
- int i;
-
- for (i = 0; i < NL80211_MAX_SUPP_RATES && basic_rates[i] >= 0;
- i++)
- rates[rates_len++] = basic_rates[i] / 5;
-
- if (nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len,
- rates))
- goto fail;
+ nla_put_u8(msg, NL80211_ATTR_AP_ISOLATE, ap_isolate)) ||
+ nl80211_put_basic_rates(msg, basic_rates)) {
+ nlmsg_free(msg);
+ return -ENOBUFS;
}
return send_and_recv_msgs(drv, msg, NULL, NULL);
-fail:
- nlmsg_free(msg);
- return -ENOBUFS;
}
@@ -3158,6 +3168,18 @@
}
+static int nl80211_put_beacon_int(struct nl_msg *msg, int beacon_int)
+{
+ if (beacon_int > 0) {
+ wpa_printf(MSG_DEBUG, " * beacon_int=%d", beacon_int);
+ return nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
+ beacon_int);
+ }
+
+ return 0;
+}
+
+
static int wpa_driver_nl80211_set_ap(void *priv,
struct wpa_driver_ap_params *params)
{
@@ -3193,8 +3215,7 @@
params->head) ||
nla_put(msg, NL80211_ATTR_BEACON_TAIL, params->tail_len,
params->tail) ||
- nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
- params->beacon_int) ||
+ nl80211_put_beacon_int(msg, params->beacon_int) ||
nla_put_u32(msg, NL80211_ATTR_DTIM_PERIOD, params->dtim_period) ||
nla_put(msg, NL80211_ATTR_SSID, params->ssid_len, params->ssid))
goto fail;
@@ -3382,12 +3403,17 @@
static int nl80211_put_freq_params(struct nl_msg *msg,
const struct hostapd_freq_params *freq)
{
+ wpa_printf(MSG_DEBUG, " * freq=%d", freq->freq);
if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq->freq))
return -ENOBUFS;
+ wpa_printf(MSG_DEBUG, " * vht_enabled=%d", freq->vht_enabled);
+ wpa_printf(MSG_DEBUG, " * ht_enabled=%d", freq->ht_enabled);
+
if (freq->vht_enabled) {
enum nl80211_chan_width cw;
+ wpa_printf(MSG_DEBUG, " * bandwidth=%d", freq->bandwidth);
switch (freq->bandwidth) {
case 20:
cw = NL80211_CHAN_WIDTH_20;
@@ -3408,6 +3434,11 @@
return -EINVAL;
}
+ wpa_printf(MSG_DEBUG, " * channel_width=%d", cw);
+ wpa_printf(MSG_DEBUG, " * center_freq1=%d",
+ freq->center_freq1);
+ wpa_printf(MSG_DEBUG, " * center_freq2=%d",
+ freq->center_freq2);
if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, cw) ||
nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1,
freq->center_freq1) ||
@@ -3418,6 +3449,8 @@
} else if (freq->ht_enabled) {
enum nl80211_channel_type ct;
+ wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
+ freq->sec_channel_offset);
switch (freq->sec_channel_offset) {
case -1:
ct = NL80211_CHAN_HT40MINUS;
@@ -3430,6 +3463,7 @@
break;
}
+ wpa_printf(MSG_DEBUG, " * channel_type=%d", ct);
if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ct))
return -ENOBUFS;
}
@@ -4207,24 +4241,10 @@
os_memcpy(drv->ssid, params->ssid, params->ssid_len);
drv->ssid_len = params->ssid_len;
- wpa_printf(MSG_DEBUG, " * freq=%d", params->freq.freq);
- wpa_printf(MSG_DEBUG, " * ht_enabled=%d", params->freq.ht_enabled);
- wpa_printf(MSG_DEBUG, " * sec_channel_offset=%d",
- params->freq.sec_channel_offset);
- wpa_printf(MSG_DEBUG, " * vht_enabled=%d", params->freq.vht_enabled);
- wpa_printf(MSG_DEBUG, " * center_freq1=%d", params->freq.center_freq1);
- wpa_printf(MSG_DEBUG, " * center_freq2=%d", params->freq.center_freq2);
- wpa_printf(MSG_DEBUG, " * bandwidth=%d", params->freq.bandwidth);
- if (nl80211_put_freq_params(msg, ¶ms->freq) < 0)
+ if (nl80211_put_freq_params(msg, ¶ms->freq) < 0 ||
+ nl80211_put_beacon_int(msg, params->beacon_int))
goto fail;
- if (params->beacon_int > 0) {
- wpa_printf(MSG_DEBUG, " * beacon_int=%d", params->beacon_int);
- if (nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
- params->beacon_int))
- goto fail;
- }
-
ret = nl80211_set_conn_keys(params, msg);
if (ret)
goto fail;
@@ -6736,7 +6756,12 @@
struct wpa_driver_nl80211_data *drv = bss->drv;
struct nlattr *replay_nested;
struct nl_msg *msg;
+ int ret;
+ if (!drv->set_rekey_offload)
+ return;
+
+ wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload");
if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) ||
!(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) ||
nla_put(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek) ||
@@ -6750,7 +6775,12 @@
nla_nest_end(msg, replay_nested);
- send_and_recv_msgs(drv, msg, NULL, (void *) -1);
+ ret = send_and_recv_msgs(drv, msg, NULL, (void *) -1);
+ if (ret == -EOPNOTSUPP) {
+ wpa_printf(MSG_DEBUG,
+ "nl80211: Driver does not support rekey offload");
+ drv->set_rekey_offload = 0;
+ }
}
@@ -7767,6 +7797,19 @@
}
+static int nl80211_put_mesh_id(struct nl_msg *msg, const u8 *mesh_id,
+ size_t mesh_id_len)
+{
+ if (mesh_id) {
+ wpa_hexdump_ascii(MSG_DEBUG, " * Mesh ID (SSID)",
+ mesh_id, mesh_id_len);
+ return nla_put(msg, NL80211_ATTR_MESH_ID, mesh_id_len, mesh_id);
+ }
+
+ return 0;
+}
+
+
static int
wpa_driver_nl80211_join_mesh(void *priv,
struct wpa_driver_mesh_join_params *params)
@@ -7779,72 +7822,12 @@
wpa_printf(MSG_DEBUG, "nl80211: mesh join (ifindex=%d)", drv->ifindex);
msg = nl80211_drv_msg(drv, 0, NL80211_CMD_JOIN_MESH);
- if (!msg)
+ if (!msg ||
+ nl80211_put_freq_params(msg, ¶ms->freq) ||
+ nl80211_put_basic_rates(msg, params->basic_rates) ||
+ nl80211_put_mesh_id(msg, params->meshid, params->meshid_len) ||
+ nl80211_put_beacon_int(msg, params->beacon_int))
goto fail;
- if (params->freq) {
- wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
- if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq))
- goto fail;
- }
-
- if (params->ht_mode) {
- unsigned int ht_value;
- char *ht_mode = "";
-
- switch (params->ht_mode) {
- default:
- case CHAN_NO_HT:
- ht_value = NL80211_CHAN_NO_HT;
- ht_mode = "NOHT";
- break;
- case CHAN_HT20:
- ht_value = NL80211_CHAN_HT20;
- ht_mode = "HT20";
- break;
- case CHAN_HT40PLUS:
- ht_value = NL80211_CHAN_HT40PLUS;
- ht_mode = "HT40+";
- break;
- case CHAN_HT40MINUS:
- ht_value = NL80211_CHAN_HT40MINUS;
- ht_mode = "HT40-";
- break;
- }
- wpa_printf(MSG_DEBUG, " * ht_mode=%s", ht_mode);
- if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, ht_value))
- goto fail;
- }
-
- if (params->basic_rates) {
- u8 rates[NL80211_MAX_SUPP_RATES];
- u8 rates_len = 0;
- int i;
-
- for (i = 0; i < NL80211_MAX_SUPP_RATES; i++) {
- if (params->basic_rates[i] < 0)
- break;
- rates[rates_len++] = params->basic_rates[i] / 5;
- }
-
- if (nla_put(msg, NL80211_ATTR_BSS_BASIC_RATES, rates_len,
- rates))
- goto fail;
- }
-
- if (params->meshid) {
- wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
- params->meshid, params->meshid_len);
- if (nla_put(msg, NL80211_ATTR_MESH_ID, params->meshid_len,
- params->meshid))
- goto fail;
- }
-
- if (params->beacon_int > 0) {
- wpa_printf(MSG_DEBUG, " * beacon_int=%d", params->beacon_int);
- if (nla_put_u32(msg, NL80211_ATTR_BEACON_INTERVAL,
- params->beacon_int))
- goto fail;
- }
wpa_printf(MSG_DEBUG, " * flags=%08X", params->flags);
@@ -7893,7 +7876,7 @@
goto fail;
}
ret = 0;
- bss->freq = params->freq;
+ bss->freq = params->freq.freq;
wpa_printf(MSG_DEBUG, "nl80211: mesh join request send successfully");
fail: