37 Commits

Author	SHA1	Message	Date
Sunil Ravi	036cec531d	[wpa_supplicant] cumilative patch from commit bb945b98f ... Bug: 275651698 Test: Connect to open, WPA2, WPA3 and passpoint network Test: Establish P2P connection Test: Basic SoftAp tests Test: Regression test (b/275948027) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from opne source bb945b98f Add 40 and 80 MHz channels 165 and 173 for 5 GHz IBSS/mesh 0059fa5ba 6 GHz: Fix secondary channel setting 744295c8b Add 6 GHz channel validation during channel switching 5349a45d3 Set interface state as inactive if mesh bringup fails a4af79624 Handle signal termination in hostapd_cli for all cases cf8f13ac8 Add support to send 320 MHz bandwidth through vendor subcmd a0403c023 EHT: Validate the puncturing bitmap for ACS af0f60e7d EHT: Calculate puncturing bitmap for ACS f3206fbe9 EHT: Configuration option for ACS puncturing threshold e3621867c EHT: Process puncturing bitmap from channel switch event e277e577c nl80211: Send EHT puncturing bitmap to the driver for switch command 29a882bed EHT: Configure puncturing bitmap during channel switch 4942b19ff EHT: Send puncturing bitmap to the driver for AP bring up f9fc2eabb EHT: Add puncturing bitmap to EHT Operation element 46a5d989d EHT: Downgrade bandwidths for VHT and HE when using puncturing 7618269ec EHT: Validate puncturing bitmap 9102fda31 EHT: Add configuration option for puncturing in AP mode 9e79439fc nl80211: Retrieve driver support for EHT puncturing 507be376c Sync with wireless-next.git include/uapi/linux/nl80211.h 591256a8c FILS: 320 MHz support in FD frame 903e3a1e6 FILS: Fix maximum NSS calculation for FD frame ecae45ff6 FILS: Make HE a requirement for FILS discovery 4e86692ff AP: Fix 6 GHz AP setup after disable-enable a34b8477a ml80211: Put wiphy idx to obtain correct country code 1491fc64a Define QCA vendor per-enum 64-bit pad attributes 55e31699e qca-vendor: Add QCA_WLAN_VENDOR_ATTR_LL_STATS_IFACE_NF_CAL_VAL b1f85957c Add QCA vendor commands to set and get MLO links state information 44b32a752 mesh: Add EHT support c4cb62ca8 WPA_AUTH: MLO: Add functions to get the AA and SPA cab963e9f AP: Split check_assoc_ies() 7a7a2256c common: Support parsing link specific association request b39e35693 common: Add support for clearing elements 0b2fc4268 common: Split ieee8021_parse_elems() df6561ec0 nl80211: AP MLD support for adding multi link stations b8b4ceb8d nl80211: Properly stop and deinit MLO AP 2f8fc46ed nl80211: Provide link_id in EAPOL_RX and RX_MGMT events 821374d43 nl80211: Introduce and implement a callback to add an MLO link for AP MLD 47269be36 nl80211: Refactor i802_bss to support multiple links eb146ee80 AP: Add some bridge port attribute settings f628e6b30 nl80211: Make sure scan frequency debug buffer is NUL terminated 41d23254b nl80211: Fix frequencies array boundary check for scanned frequencies a9012070a Android: Add wowlan_disconnect_on_deinit to template configuration e2ea0fd70 EST: Write the RSA private key using the standard PRIVATE KEY format bfd236df2 webkit2: Avoid deprecated function call 2c3202682 P2P: Filter out 6 GHz frequencies if not allowed for P2P connection b2bf7e39e Update PMK in wpa_sm when roam+auth event indicated with authorized flag 6b9c86466 nl80211: Replace the channel flags for VHT support 6f63aca7b DPP: Allow both STA and AP configObject to be set 7292e30b7 DPP: Fix @CONF-OBJ-SEP@ parsing for multiple configs c31600ce1 P2P: Allow GO BSSID to be specified for P2P_GROUP_ADD commands 0430756e6 P2P: Optimize join scan frequency b3921db42 nl80211: Add frequency info in start AP command 40c139664 macsec_linux: Add support for MACsec hardware offload 6d24673ab mka: Allow configuration of MACsec hardware offload 3081a9cb6 hostapd: Output country_code and country3 when using STATUS 91ad7a309 FT: Store PTKSA entry for the correct BSSID in the FT protocol case 3f3e356fa Mark addr argument to storing PTKSA const 242c3ad99 FT: Store PTKSA from FT protocol ba6954874 Mark wpa_auth_remove_ptksa() static 3b1ad1334 FT: Include KDK in FT specific PTK derivation on the AP 870a5bdc0 nl80211: Report guard interval and dual carrier modulation edcad193a dbus: Add inactive time to D-Bus signal info a678a510f dbus: Add D-Bus signal for PSK mismatch heuristics 691f729d5 P2P: Make invitation flow less aggressive f4a7e2a07 Rework IBSS/mesh 80 MHz channel selection f91f971bd Fix creating 6 GHz IBSS/mesh on 5/6 GHz-capable PHYs c623cee42 Make arrays static const in ibss_mesh_select_*() 64043e615 Split ibss_mesh_setup_freq() into multiple functions 8085a7e65 wpa_supplicant: Add option to explicitly set 4addr mode 1ffc7d1c6 Apply bias towards 6 GHz in roaming faa410292 WNM: Event report handling for BSS color collision and in-use 97405be96 Small textual improvements to wpa_supplicant man page ec02a0e93 hostapd: Output hw_mode when using STATUS 390e24c6c EAP-TTLS server: Add Ident field to MS-CHAP-Error 4ae798a22 P2P: Pick the best driver pref freq for invitation process 6c75f1dfa Send broadcast Probe Response frames on the 6 GHz band edfcb2f1a MLD STA: Indicate MLO support in NL80211_CMD_CONNECT c91852044 MLD STA: Add support for SAE external authentication offload to userspace 575712450 qca-vendor: Add QCA_WLAN_VENDOR_MCC_QUOTA_TYPE_LOW_LATENCY ba150059d FT: Store PMK-R0/PMK-R1 after EAPOL-Key msg 2/4 MIC validation 56662f36d Refine vendor subcmd QCA_NL80211_VENDOR_SUBCMD_ROAM_STATS 72b8193f4 MACsec: Remove EAP Session-Id length constraint 3915e8834 hostapd: Report error on unknown ACCEPT_ACL/DENY_ACL commands 2cff340d1 utils: Move log2pcap to python3 12de8112b Fix BSS age underflow d31c2b43a Fix segfault in case of an invalid configuration a32b424a3 MLD STA: Use AP MLD address in PMKSA cache attempts for driver-SME case 8c4790cef MLD STA: Store PMKSA with AP MLD address for MLO connection event bf124a03d SAE: Update PT value at later point for SME cases, if needed 1aadcca0a P2P: Enable SAE-H2E for client when joining a 6 GHz group 37f8257c4 SAE: Extend automatic enabling of H2E on 6 GHz to additional cases 89377c6b9 OCV: Fix build without CONFIG_OCV=y 2e47ea22c P2P: Fix handling Service Discovery Response received by GO device dc7e330e0 Set OCV capability based on Association Request frame RSNE 831be6514 WPS: Do not indicate incorrect PBC overlap based on partner link c9fc12425 P2P: Make wpas_p2p_notif_pbc_overlap() static Change-Id: I1eb61fc82b98b937a2ff37a30e60e28129fe143d Merged-In: I1eb61fc82b98b937a2ff37a30e60e28129fe143d	2023-04-12 21:23:46 +00:00
Sunil	8cd6f4d587	[wpa_supplicant] Cumulative patch from commit 09a281e52 ... Bug: 237446599 Test: connect/disconnect to WPA2, WPA3 networks Test: SoftAp & p2p connection Test: Regression test(b/237480760) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source 09a281e52 Add QCA vendor interface for PASN offload to userspace 809fb96fa Add a vendor attribute to configure concurrency policy for AP interface a5754f531 Rename QCA_NL80211_VENDOR_SUBCMD_CONCURRENT_MULTI_STA_POLICY 085a3fc76 EHT: Add 320 channel width support bafe35df0 Move CHANWIDTH_* definitions from ieee80211_defs.h to defs.h 3c2ba98ad Add QCA vendor event to indicate driver recovery after internal failures 6b461f68c Set current_ssid before changing state to ASSOCIATING 8dd826741 QCA vendor attribute to configure direct data path for audio traffic 504be2f9d QCA vendor command support to get WLAN radio combinations d5905dbc8 OCV: Check the Frequency Segment 1 Channel Number only on 80+80 MHz 4383528e0 P2P: Use weighted preferred channel list for channel selection f2c5c8d38 QCA vendor attribute to configure RX link speed threshold for roaming 94bc94b20 Add QCA vendor attribute for DO_ACS to allow using existing scan entries b9e2826b9 P2P: Filter 6 GHz channels if peer doesn't support them d5a9944b8 Reserve QCA vendor sub command id 206..212 ed63c286f Remove space before tab in QCA vendor commands e4015440a ProxyARP: Clear bridge parameters on deinit only if hostapd set them 02047e9c8 hs20-osu-client: Explicit checks for snprintf() result cd92f7f98 FIPS PRF: Avoid duplicate SHA1Init() functionality 5c87fcc15 OpenSSL: Use internal FIPS 186-2 PRF with OpenSSL 3.0 9e305878c SAE-PK: Fix build without AES-SIV c41004d86 OpenSSL: Convert more crypto_ec_key routines to new EVP API 667a2959c OpenSSL: crypto_ec_key_get_public_key() using new EVP_PKEY API 5b97395b3 OpenSSL: crypto_ec_key_get_private_key() using new EVP_PKEY API 177ebfe10 crypto: Convert crypto_ec_key_get_public_key() to return new ec_point 26780d92f crypto: Convert crypto_ec_key_get_private_key() to return new bignum c9c2c2d9c OpenSSL: Fix a memory leak on crypto_hash_init() error path 6d19dccf9 OpenSSL: Free OSSL_DECODER_CTX in tls_global_dh() 4f4479ef9 OpenSSL: crypto_ec_key_parse_{priv,pub}() without EC_KEY API 563699174 EAP-SIM/AKA peer: IMSI privacy attribute 1004fb7ee tests: Testing functionality to discard DPP Public Action frames 99165cc4b Rename wpa_supplicant imsi_privacy_key configuration parameter 35eda6e70 EAP-SIM peer: Free imsi_privacy_key on an error path 1328cdeb1 Do not try to use network profile with invalid imsi_privacy_key d1652dc7c OpenSSL: Refuse to accept expired RSA certificate 866e7b745 OpenSSL: Include rsa.h for OpenSSL 3.0 bc99366f9 OpenSSL: Drop security level to 0 with OpenSSL 3.0 when using TLS 1.0/1.1 ed325ff0f DPP: Allow TCP destination (address/port) to be used from peer URI 37bb4178b DPP: Host information in bootstrapping URI 1142b6e41 EHT: Do not check HE PHY capability info reserved fields bc3699179 Use Secure=1 in PTK rekeying EAPOL-Key msg 1/4 and 2/4 b859b9bce Simplify wpa_bss_get_vendor_ie_multi_beacon() bounds checking fc9648a6a DPP: Debug print if not relay is available for PKEX exchange 1739d50c2 FST: More robust bounds checking of local data in fst_dump_mb_ies() 63eb98a8e SAE: Make Anti-Clogging token element parsing simpler a6e04a067 Simplify DSCP policy parsing 77bb12a60 P2P: Maintain ip_pool bitfield index separately 3f3ce0571 Check sscanf() return value in TWT_SETUP parsing 2982e50c1 EAP-SAKA: Simplify attribute parser for static analyzers 6e8518749 GAS: Limit maximum comeback delay value fe1dc9ba7 WNM: Try to make bounds checking easier for static analyzers f8615990e Simplify wpa_parse_kde_ies() 61d37f44b Simplify wpa_parse_generic() 469528a6e BSS coloring: Fix bitmap check 8392c86df Check he_cap pointer in hostapd_set_freq_params() consistently 2227c85a9 DPP: Verify that crypto_ec_point_to_bin() succeeds a8c319952 nl80211: Verify that nla_put_flag() succeeds for background radar 993eb1240 FST: Make sure get_hw_modes() callback is set for hostapd 4537fe124 P2P: Explicit nul termination of the generated passphrase 79dc7f619 scan: Add option to disable 6 GHz collocated scanning 3b8d9da9b nl80211: Set NL80211_SCAN_FLAG_COLOCATED_6GHZ in scan 96a7f3832 hostapd: Add the destination address of unsolicited Probe Response frame 16e755754 Add -q flag to hostapd in order to control log level 869037443 Discard unencrypted EAPOL/EAP when TK is set and PMF is enabled (AP) 3c2fbe9f5 Discard unencrypted EAPOL-EAP when TK is set and PMF is enabled 872a57500 Discard unencrypted EAPOL-Key msg 1/4 when TK is set and PMF is enabled e6c0e1215 Do not prevent Michael MIC error report based on disallowed PTK0 rekey 18c0ac890 Provide information about the encryption status of received EAPOL frames 7ee814201 FILS: Set pairwise_set when configuring TK after association 98278c0de Fix no_encrypt flag in control port TX for rekeying b1172c19e WPA: Discard EAPOL-Key msg 1/4 with corrupted information elements 7a7a4ea57 Check need for SA Query/assoc comeback before updating RSNE parameters Change-Id: Ifbfe69676b38499a221aeb242cdb3eac3deee375	2022-07-11 18:13:37 +00:00
Sunil Ravi	a04bd250ff	[wpa_supplicant] Cumulative patch from commit 27e828d72 ... Bug: 231272394 Test: connect/disconnect to WPA2, WPA3 networks Test: SoftAp & p2p connection Test: Regression test(b/231636895) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source 27e828d72 ACS: Send EHT enabled info to driver 82066bd36 nl80211: Don't force VHT channel definition with EHT 43fe1ce35 EHT: Add [EHT] flag into AP mode STA command 696ad5c2d EHT: Indicate wifi_generation=7 in wpa_supplicant STATUS output 4994c41f2 EHT: Indicate ieee80211be configuration in hostapd STATUS output 50d883710 EHT: Fix invalid length checking for EHT Capability element 6c7b2be42 SAE: Send real status code to the driver when AP rejects external auth 2c78f11a9 Fix compilation due to forward declaration of macaddr_acl c8e822801 OpenSSL: Fix build with old library versions that do not support TLS 1.3 c24e18e5c LibreSSL: Fix compilation issue with TLS 1.3 session ticket limit eb5e63985 LibreSSL: Fix compilation issue with RSA-OAEP 5d56cf1c7 BoringSSL: Fix compilation error due to TLS 1.3 session tickets a561d12d2 EAP peer status notification for server not supporting RFC 5746 566ce69a8 EAP peer: Workaround for servers that do not support safe TLS renegotiation ccb3206b6 Fix tls_connection_set_success_data() in TLS library wrappers decac7cd1 OpenSSL: Do not send out a TLS 1.3 session ticket if caching disabled 05406f7ae EAP-PEAP server: Fix TLS 1.3 move to Phase 2 without a new session ticket 10746875e OpenSSL: Allow no OCSP response when resuming a session with TLS 1.3 2be1bcaf7 EAP-TLS peer: Fix protected success indication check for resumed session 1c66276d9 EAP-TLS server: Send final TLS message for resumed session with TLS 1.3 81e249888 OpenSSL: Limit the number of TLS 1.3 session tickets to one d26247c3d wpa_supplicant/README-WPS: Beautifications a8d058c93 OpenSSL: SSLKEYLOGFILE capability to allow Wireshark TLS decoding 23f389068 wolfSSL: Fix OCSP stapling a2971f8d8 wolfSSL: Allow TLS version 1.3 to be disabled a40e48fbe wolfSSL: Fix TLS 1.3 session handling 0c3f68f2a wolfSSL: Check for the too-short-password error in pbkdf2_sha1() ca2622481 Check the return of pbkdf2_sha1() for errors 013cd694d wolfSSL: Fixes for FIPS builds 9d5f8168f wolfSSL: Register a FIPS callback 8f36e6c0f wolfSSL: Implement crypto_ec_key wrappers 1f7e10177 wolfSSL: Add missing free calls for wolfSSL structs ec1cd91e7 wolfSSL: Support both DER and PEM blobs 42871a5d2 EAP-SIM/AKA peer: IMSI privacy 21098e39f EAP-SIM/AKA server: IMSI privacy 36b11bbcf OpenSSL: RSA-OAEP-SHA-256 encryption/decryption c3d389b72 EHT: Channel switch command support dae7940a4 EHT: Additions to hostapd_set_freq_params() e646b11fe EHT: Indicate EHT support in Neighbor Report element f915d52de EHT: Provide EHT capabilities in STA addition path a6d1b4c46 EHT: Process (Re)Association Request frame capabilities 340c0e212 EHT: Parse elements received in Management frames d54e3d049 EHT: Add operation element in AP mode Management frames 9b7202d66 EHT: Add capabilities element in AP mode Management frames a7ea72188 EHT: Add configuration options for beamforming capabilities 8db3881c7 EHT: Add operating channel width configuration 8dcc2139f EHT: AP mode configuration options to enable/disable the support 9f7da264b nl80211: Pass station's EHT capabilities to the driver in sta_add() 0c8a9aa5d nl80211: Parse EHT capabilities from the driver c08b735fd EHT: Define EHT elements 1a716f86a defconfig: Document IEEE 802.11ax as a published amendment 86310c220 Set hostapd hw_mode automatically based on 6 GHz op_class 664fd83d5 nl80211: Increase the buffer length for debug printing channels 563162a5f QCA vendor attribute to allow eMLSR HW mode 1e34bc49c OpenSSL: Track SSL_SESSION ex data separately 734fa392f MBO: Check association disallowed in Beacon frames, if newer 284e3ad19 Determine whether Beacon frame information is newer in scan results 28c9f29a3 scan: Print SSID in scan results dump 5a0471579 Install wpa_passphrase when not disabled f1686d776 hostapd: Allow enabling background radar 08d7738bb wolfSSL: Speed up crypto_ec_point_compute_y_sqr() f50d5c9a8 wolfSSL: Fix crypto_ec_point_compute_y_sqr() error case processing 7302aa761 wolfSSL: Fix the memory leak of crypto_ec_point_compute_y_sqr() e7dd0fff1 wolfSSL: Use wc_HmacInit() to avoid potential use of uninitialized values f7be558d6 OpenSSL: Fix build with BoringSSL 6d33ef362 OpenSSL: Remove compatibility options for older versions than 1.0.2 78c2a4cd0 OpenSSL: Drop compatibility options for LibreSSL older than 2.7 b06250767 OpenSSL: Implement crypto_ecdh routines without EC_KEY for OpenSSL 3.0 fc96f6802 OpenSSL: Use new name for the EC_POINT set/get coordinate functions 0aae045af ctrl: Print the source address of the received commands f94214968 wpa_ctrl: Wait for a total of 10 seconds, not 10 seconds per iteration 0d9be8855 wolfSSL: Fix certificate commonName checking 94e0f39d9 wolfSSL: Use wolfSSL_export_keying_material() when available c31fc7a64 wolfSSL: Fix crypto_dh_init() and dh5_init() d7b8c6eef wolfSSL: Fix crypto_ecdh_* with ECC_TIMING_RESISTANT ae1fb6455 EAP-EKE server: Fix a memory leak on an error path 166acab4e wolfSSL: TLS session caching 12dee16d7 wolfSSL: Add a debug logging callback a5d190650 wolfSSL: Implement tls_get_tls_unique() a419fef36 wolfSSL: Implement tls_connection_get_cipher_suite() 364876b7d wolfSSL: Implement tls_connection_get_peer_subject() d9c716400 wolfSSL: Implement tls_connection_get_own_cert_used() d677b9dc6 wolfSSL: Conditional build for aes_wrap/aes_unwrap() b0f016b87 eapol_test: Update with src/ap/ieee802_1x.c changes 747c5f228 Include MS_FUNCS=y for EAP-pwd peer build c7f71fb86 Include HMAC-SHA384/512 KDF for SAE if SHA384/512 is included 3a759dcc8 ACS: Honor acs_exclude_dfs with hostapd's ACS implementation 3240cedd6 eapol_test: Print out names for additional known EAP types f5c711c85 OpenSSL: Unload providers only at process exit 33c4dd26c BSS coloring: Handle the collision and CCA events coming from the kernel 27b4cc712 nl80211: Handle driver events for BSS coloring 399d6e64d nl80211: Add the switch_color() handler for BSS color changes 86bd90eb3 BSS coloring: Disable BSS color during CCA f7d0b740e BSS coloring: BSS Color Change Announcement element generation 654d2395d BSS coloring: Handling of collision events and triggering CCA 52e2516f1 wpa_supplicant: Add the CONFIG_HE_OVERRIDES option to the defconfig 6a2a60f1d OpenSSL: Do not use the deprecated RSAPrivateKey function ebb3055e1 OpenSSL: Generate DH parameters automatically if not set with dh_file bcd299b32 OpenSSL: Convert DH/DSA parameter loading to new API 28c1c91d0 Remove unused dh_blob parameter 4a774cf31 Remove useless DH file configuration from TLS library wrappers 65652c67f Remove DH file configuration from TLS client functionality b94371af8 RADIUS attributes for EAPOL-Key message details 24763e3cd RADIUS: Attributes with Extended Types (RFC 6929) feed2f9e7 BoringSSL: Use accessor functions for X509 key usage flags 80be88a08 BoringSSL: Replace stack-allocated X509_STORE_CTX with heap one b95ed17f6 OpenSSL: Fix build with BoringSSL and LibreSSL 3.3.x and older ae0f6ee97 OpenSSL: CMAC using the OpenSSL library for non-FIPS cases as well 0c61f6234 OpenSSL: Implement CMAC using the EVP_MAC API 4fcd29660 OpenSSL: Extend CMAC to support 192-bit AES 117617843 OpenSSL: Remove now unused compatibility wrapper for RSA_bits() a2dbb2558 Android: Compile hs20-osu-client to /vendor/bin in test builds b0769ce61 DPP: Allow a list of supported curves to be used in bootstrapping URI ef85328a6 QCA vendor command support to reset configuration for eLNA bypass 7008c50fa OpenSSL: Implement DH using the EVP API e31500ade OpenSSL: Implement HMAC using the EVP_MAC API 097ca6bf0 OpenSSL: Unload providers on deinit 092efd45a OpenSSL: Implement AES keywrap using the EVP API 7e4984d9c OpenSSL: Use a correct EVP_CIPHER_CTX freeing function on an error path 8e0ac5366 RRM: Include passive channels in active beacon report scan 0adc67612 wpa_supplicant: Use unique IDs for networks and credentials dacb6d278 Update IEEE P802.11ax draft references to published amendment 8128ea76a Add Transmit Power Envelope element in 6 GHz bc3dc72a3 Extend 6 GHz Operation Info field in HE Operation element 0eb686637 hostapd: Add config option to specify 6 GHz regulatory AP type ee06165e9 hostapd: Extend Country element to support 6 GHz band f5ad97245 PASN: Fix build without CONFIG_TESTING_OPTIONS=y 3467a701c wpa_supplicant: Do not associate on 6 GHz with forbidden configurations 43c6eb5e4 SAE-PK: Add the option to the defconfigs 0482251a6 EAP-TLS: Allow TLSv1.3 support to be enabled with build config 7114e5606 EAP-TLS: Testing functionality to skip protected success indication 95fd54b86 Disconnect STA on continuous EAP reauth without 4-way handshake completion 9e11e746f EAP-TLS: Do not allow TLSv1.3 success without protected result indication 6135a8a6a Stop authentication attemps if AP does not disconnect us 88ab59d71 EAP-TLS: Replace the Commitment Message term with RFC 9190 language 63f311b10 EAP-TLS: Update specification references to RFC 5216 and 9190 5ab385321 Revert "Android: Compile hs20-osu-client to /vendor/bin in test builds" b746cb28b Add support for not transmitting EAPOL-Key group msg 2/2 d27f7bd94 FILS: Fix config check to allow unsolicited broadcast Probe Response 65a3a273c OWE: Reuse own DH private key in AP if STA tries OWE association again 6ff8bda99 hostapd: Add the missing CONFIG_SAE option to the defconfig 1f5b6085c Fix SIGSEGV of eapol_test 576662d27 ieee802_11_auth: Coding style cleanup - NULL comparison 945acf3ef ieee802_11_auth: Coding style cleanup - no string constant splitting 1c3438fec RADIUS ACL/PSK check during 4-way handshake 5b5c954c0 Fix AP config check to recognize all PSK AKMs c5d9f9064 QCA vendor attribute to indicate NDP interface managemtn using nl80211 a9c90475b FT: Update current_bss to target AP before check for SME-in-driver 0c88d1487 Debug print on CONFIG_NO_TKIP=y prevent RSNE with TKIP as group cipher d5a9331f9 P2P: Copy only valid opclasses while filtering out 6 GHz channels 99c91beaa Sync with wireless-next.git include/uapi/linux/nl80211.h d9121335a wpa_cli: Add ACL and BTM control commands 00622fcfe Extend ACL to install allow/deny list to the driver dynamically 077bce96f Set drv_max_acl_mac_addrs in wpa_supplicant AP mode 9828aba16 Support ACL operations in wpa_supplicant AP mode fd0d738ff Add return value to ACL functions f5ac42811 Move ACL control interface commands into shared files 930695662 Add BSS-TM-QUERY event to indicate reception of BSS TM Query febcdf324 Support BTM operations in wpa_supplicant AP mode 0f8c6e995 Move BTM control interface commands into shared file e059d8ece Update the Extended Capability element to struct sta_info eb2e6b56b Enable BSS Transition Management in wpa_supplicant AP mode 30ecf0181 DPP: Update Controller parameters when it was already started b93d1083e DPP: Fix msg_ctx for PKEX over TCP as Controller/Responder 3085e1a67 hs20-osu-client: dNSName values from OSU server certificate for PPS MO ce86f2446 DFS: Remove unnecessary variable 760a5ae26 DFS: Switch to background radar channel if available b63d953fe DFS: Enable CSA for background radar detection 25663241c DFS: Introduce hostapd_dfs_request_channel_switch() 316a9dc63 DFS: Configure background radar/CAC detection bad12effe nl80211: Radar background flag setting effd6111b DFS: Rely on channel_type in dfs_downgrade_bandwidth() f9ba3d5c8 OpenSSL 3.0: Set SSL groups using SSL_set1_groups() 09c62aaf1 OpenSSL: Determine RSA key size without low-level routines b700a56e1 OpenSSL 3.0: Determine the prime length for an EC key group using EVP_PKEY 3c61f4db4 OpenSSL: Replace EC_GROUP_get_curve_GFp() calls with EC_GROUP_get_curve() e2cb0ca1a OpenSSL 3.0: Implement crypto_ec_key_group() with new API f6a53f64a OpenSSL: Replace EVP_PKEY_cmp() with EVP_PKEY_eq() when available 5b093570d D-Bus: Add 'wep_disabled' capability 56a14cc72 DFS: Don't let cac_time_left_seconds overflow ae512c30a DPP: Fix uninitialised variable on error path 3a157fe92 dbus: Set CurrentAuthMode to INACTIVE only if network is not selected 0ce8d55a2 hs20-osu-client: Allow EST server to use different host name 5eaf596e1 HTTP: Make URL available to the cert_cb abed7978f HS 2.0 server: Event log entry on missing configuration for the realm 1192d5721 Android: Compile hs20-osu-client to /vendor/bin in test builds 1fee1c40c Enhance QCA vendor interface to indicate TWT required capability of AP a192305a4 Add QCA vendor attributes for AFC support in external ACS de5939ef5 DPP: Allow Configurator net_access_key_curve to be changed 9638452a6 DPP: Update Configurator to require same netAccessKey curve to be used 2b406eece DPP: Update Auth-I derivation operations de64dfe98 DPP: Curve change for netAccessKey fd2eb7a41 DPP: Fix a memory leak on error path e9551efe0 DPP: Missing/invalid Protocol Version in Reconfig Auth Req eeb72e7c9 DPP: Extend DPP_PKEX_ADD ver=<1/2> to cover Responder role 6c3c431bb Add QCA vendor attribute to enable Spectral FFT recapture fcbdaae8a SAE: Add support for RADIUS passphrase as the SAE password 3d86fcee0 cleanup: Remove unreachable code 9683195ee qca-vendor: Fix typos 4c9ef9322 brcm_vendor: Fix typos d65285ab8 src/drivers: Fix typos 203a027b2 nl80211: Report background radar/CAC detection capability 0a73649b6 DFS: Add capability to select radar-only channels f39765369 DFS: Introduce dfs_set_valid_channel() utility routine d001b301b Fix removal of wpa_passphrase on 'make clean' cb41c214b build: Re-enable options for libwpa_client.so and wpa_passphrase dec626109 HE: Fix invalid length checking for HE Capability element 53be64f7d HE: Fix calculation of the PPE Threshold field length 738fef2f0 Clear PSK explicitly from memory in couple more cases on deinit 567b9764f Clear PMK explicitly even without FT support in AP build 0bd29c176 Remove duplicated pointer check 007fd6111 Clear temporary results from stack in PBKDF2-SHA1 1364f322b Remove GTK/IGTK/BIGTK from memory explicitly in AP mode af1f0694e Clear last set keys (for testing purposes) from memory explicitly 6c850a1c0 nl80211: Clear bss->freq when stopping AP mode a44fa15cb Define a vendor specific NDP attribute for NAN service id 414ca953f DPP: Clear SCANNING state when starting network introduction 0b5f8e3d8 DPP: Clear netrole on starting chirping or reconfiguration 2fcc076d1 Clear wpa_s->last/current_ssid in more cases 7a7f803a9 DPP: Stop offchannel frame TX wait on DPP_STOP_LISTEN in a corner case 7e941e7a1 macsec_linux: Support cipher suite configuration 46c635910 MACsec: Support GCM-AES-256 cipher suite 42944de69 nl80211: Do not store no-wait TX frame cookies to be cancelled 340ec48cd DPP: Clear state on configuration failure in GAS server hander 7e6f59c70 nl80211: Clear the last saved TX frame cookie on wait expiration 9d5fd3328 Update QCA vendor attribute to indicate maximum PCL attributes 19169a53a atheros: Do not include p2p.h f43d31dda nl80211: Debug print association comeback event data a91072503 OCV: Don't start SA Query timer on CSA when SA Query is offloaded f5c8697c0 Sync with mac80211-next.git include/uapi/linux/nl80211.h 632a9995c Clear ignore_old_scan_res on FLUSH command Change-Id: I35fd1fb999d045ced8c153fe3d8284c9a71069b1	2022-05-21 18:49:57 +00:00
Hai Shalom	a20dcd72df	[wpa_supplicant] Cumulative patch from commit ac1e3a7f0 ... Bug: 217966931 Test: Verify Passpoint ANQP functionality and Passpoint association Test: Connect to Passpoint, Open, WPA2, WPA3 networks and run traffic Test: Regression test b/218404053 (Bug: TBD) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source ac1e3a7f0 Add QCA vendor MCC channel quota command and event 1d1e3184b Whitespace/coding style cleanup for QCA vendor attribute definitions 1646883f4 Vendor command to configure rate mask 2faaa193f Rename moderate latency level to XR latency level in vendor attributes f9905f8d9 nl80211: Clear frequency information on leaving mesh 1f26a0a34 DPP: Use a 120 second timeout for GAS query 07e26b292 GAS server: Increase query timeout to 60 seconds for DPP a6d157b6f DPP: Start a listen operation for GAS server if needed da65e7136 nl80211: Add a handler for NL80211_CMD_FRAME_WAIT_CANCEL events 9aaf3e1d1 P2P: Update GO operating frequency after interface setup is completed 033ad6ffa DPP: Allow Configurator parameters to be provided during config exchange d4961a775 GAS server: Asynchronous request handler comeback time indication 9a90aab12 DPP: Store Enrollee config request information 6751fb060 DPP: Make dpp_netrole_str() non-static 34575ad72 EAP-pwd: Fix the prefix in a debug message e07000e74 nl80211: Partial support for radio_disable 33cb47cf0 DPP: Fix connection result reporting when using TCP 1822bd378 DPP: Testing capability for invalid Protocol Version in Network Intro d7be74933 DPP3: PKEX over TCP bdcccbc27 DPP: Change PKEX version configuration design 9d3f347a2 DPP3: Add PKEX initiator retries and fallback from v2 to v1 for hostapd 3f67ab587 DPP: Handle TX status events for broadcast DPP messages 802136299 DPP3: Start with PKEXv2 and fall back to v1 f32f99df1 P2P: Send response frame on channel where the request is received b678a3aa3 Extend QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING fc4bc342e Replace "blacklist" with "denylist" in vendor interface definition bc9fd8adc Replace "whitelist" with "allowlist" in vendor interface definition ffe80cb8e wpa_supplicant: ap: Update comment c76545033 The main branch is now used for v2.11 development cff80b4f7 Preparations for v2.10 release 7a57eb315 Update copyright notices for the new year 2022 9b14aed90 crypto: Remove unused crypto_ec_point_solve_y_coord() 8c502336d EAP-pwd: Derive the y coordinate for PWE with own implementation 6c380f4c8 SAE: Derive the y coordinate for PWE with own implementation 8ebd8aacc SAE: Move sqrt() implementation into a helper function 41c7f3f20 Defined a driver interface for periodic TSF sync feature 5758d0929 Add a QCA vendor attribute to indicate ACS over EHT 7ffcbd08c Clear roam/BSS TM in progress flags for additional cases 16b5ea9e9 Reject authentication start during BSS TM requests af6d4031d D-Bus: Fix build without CONFIG_INTERWORKING 58bbcfa31 OpenSSL: Update security level drop for TLS 1.0/1.1 with OpenSSL 3.0 682fce579 OpenSSL: Fix compressed form encoding for subjectPublicKey with 3.0 ff2eccbdf OpenSSL: Load legacy provider when needed for OpenSSL 3.0 ddcdd6286 OpenSSL: Clean up EVP_PKEY_get{0,1}_EC_KEY() use 384aa245e OpenSSL: Speed up crypto_ec_point_compute_y_sqr() b26f5c0fe DPP: Remove dpp-listen radio work when stopping 3f8c83a65 SAE: Make sure BSS entry is available to determine RSNXE information 43f600a1f Add new vendor attributes to avoid coex unsafe frequencies cab51021c DPP3: Update version capability indication for hostapd bc24a8a09 Update supported channel width set (HT40) after channel switch ff7e403f0 Fix channel switch wrapper when switching from HT to VHT/HE 5606ede12 Update ieee80211ac when channel switching e6db1bc5d mesh: Make forwarding configurable 5ef9277d0 ACS/DFS: Support min_tx_power configuration 5530688b9 MBO: Fix the allowed range of mbo_assoc_disallow values c8e4283f9 D-Bus: Interworking network selection b44e19967 D-Bus: Interworking/Hotspot 2.0 credential operations 4262e6ca4 Move credential removal operations into helper functions e232d9777 HS 2.0: Crypto engine support for creds 97607de5e D-Bus: Capture group ifname before switching to global P2P instance 36973aac2 SME: No need for OBSS scan if HT40 is disabled 7db757aac Revert "Extract BSS coex 40 MHz check into a separate function" e480321f8 Revert "STA OBSS: Add check for overlapping BSSs" b57273d06 DPP2: PKEXv2 core protocol changes b21b31014 DPP: Testing functionality to omit Protocol Version from Peer Discovery 341e7cd66 DPP3: Verify version match during Network Introduction f26fd5ee6 DPP3: Use Connector version instead of current version in Peer Discovery 0cfb72689 DPP3: Add version member to Connector 77ddd38b6 DPP3: Add build option for version 3 functionality 14ab4a816 Reject ap_vendor_elements if its length is odd 2c2bfebca Fix bool type values for setband 7dc7b8814 P2P: Remove 6 GHz channels from full scan if 6 GHz not enabled for P2P 147932add Add a QCA vendor attribute to indicate puncture pattern in ACS 0b853303a Update AKMP, cipher, PMF for driver-based SME while roaming c8b94bc7b mesh: Enable 160 MHz bandwidth support for 6 GHz in IEEE 802.11s mesh ab0af709d mesh: Enable MFP by default for 6 GHz 11s mesh d10a01e22 mesh: Enable 80 MHz support for 11s mesh in 6 GHz d6c5feb8c mesh: Change channel to frequency based lookup for starting mesh b16b88acd RNR: Do not allow FILS Discovery and unsolicited Probe Response simultaneously 15f099ec7 RNR: Allow Probe Response frame for a colocated 6 GHz AP f17f7ca4e RNR: Update Beacon frames for 6 GHz colocation 01efcc292 RNR: Addition in Beacon, Probe Response, and FILS Discovery frames 0c9457ee2 RNR: Additions for a 6 GHz AP b2bbedcb2 RNR: Add co-located BSSes a7c152d6b RNR: Add data from neighbor database 847f76760 RNR: Add configuration option 3db24e4ee RNR: Define element format b389d88a7 Share a common error path for SET_NEIGHBOR control interface command 1b8eb3975 RNR: Add bss_parameters to the neighbor_db 9d0948ecc RNR: Short SSID assignment 8d881d942 Update AKMP and proto for driver-based SME while roaming f969bd22d Add QCA vendor attribute to configure ARP/NS offload feature 8f4d7e8f0 OpenSSL: Fix build with OpenSSL 1.0.2 2086ae46b DPP: Replace dpp_bootstrap_key_der() with crypto_ec_key_get_subject_public_key() e9f8f81a8 DPP: Use ECDH from crypto.h 4aed5668b OpenSSL: Clear the correct flag in crypto_ec_key_get_ecprivate_key() bf161b660 Ignore CONFIG_WIFI_DISPLAY without CONFIG_P2P b306a92df Fix compiler error on CONFIG_AP without CONFIG_P2P builds 726eda65f wolfSSL: Fix a link error when WPS NFC is disabled b8402ab08 DPP: Use crypto_ec_key_get_subject_public_key() when possible d51939f2c DPP: Move CSR routines to use crypto.h d56352b55 DPP: Move dpp_pkcs7_certs() into crypto_pkcs7_get_certificates() b89176fa6 DPP: Move debug print of EC key to crypto.h 87f2fb886 DPP: Remove direct call to OpenSSL in dpp_test_gen_invalid_key() c88b7fcae DPP: Add crypto_ec_key_cmp() in crypto.h and use it 984faf963 DPP: Use crypto_ec_key_group() to compare EC key's group f5334f9b5 DPP: Use crypto API for reconfig part eac41656e DPP: Update connector signing to use crypto.h da63d3099 DPP: Remove unused EVP_PKEY_CTX variable 4767de3a4 DPP: Use crypto.h for authentication computation 0d1d74107 DPP: Update PKEX part to use crypto.h API 50708770f DPP: Use crypto_ec_key_parse_priv() when possible e294a73d0 DPP: Use crypto_ec_key_parse_pub() in dpp_get_subject_public_key() 9c1632908 DPP: Move dpp_set_pubkey_point_group() to crypto.h e84b143e1 OpenSSL: Add Brainpool curves to crypto_ec_key_group() c6f2103ca DPP: Replace dpp_get_pubkey_point() with crypto_ec_key_get_pubkey_point() 2d5772e69 DPP: Factorize conversion to ASN.1 ECPrivateKey 63bf3d25a OpenSSL: Mark crypto_ec_key_gen() key compressed 86cde01cb DPP: Move dpp_gen_keypair() to crypto 0517948d7 DPP: Replace EVP_PKEY by struct crypto_ec_key cd0c1d256 OpenSSL: Use EVP_PKEY as struct crypto_ec_key 15275c53d Complete documentation in crypto.h cb285e80c SAE: Fix sm->cur_pmksa assignment aa5c4f932 Add QCA vendor attribute to configure priority of vendor scan aca4d4963 Fix handling of complex configuration lines with mixed "" and # 0ae677c7b eloop: Extend overflow check in eloop_register_timeout() to cover usec 979f19716 WNM: Allow specifying dialog token for BSS transition request 3f6c02f29 Use pkg-config for libpcsclite linkage flags e797959b8 systemd: Order wpa_supplicant after dbus 95bf9fc93 Remove extra slash from BIN/INC/LIBDIR defaults 5a4ae6e3a Replace "native" with a more specific description 2fb33ce4b wpa_supplicant: hostapd: Remove man-in-the-middle 2e122945f DPP2: Do not try to remove Controller TCP connection twice on error 5bac420e5 DPP2: Clean up Controller on hostapd interface removal d8b3d0815 macsec_qca: Support macsec secy id getting from driver 08bdf4f90 proxyarp: Fix compilation with Hotspot 2.0 disabled b0f457b61 SAE: Do not expire the current PMKSA cache entry f332f6951 wpa_supplicant: Try all drivers by default 4775a5f82 Add support to reconfigure or flush PMKSA cache on interface enable 6f634b003 PMKSA: Make sure reauth time is not greater than expiration time 973f3e244 Fix hostapd segfault on WPS_CONFIG control interface command to non-WPS AP 9ef8491d9 Add TWT attribute to configure TWT related parameters 321dc403e Replace "dummy" with "stub" in crypto/random 95e140e20 Replace "dummy" with "stub" in NDIS driver interface c53fa9225 Replace "dummy" with "stub" in EAP-TEAP testing 575dc1f3b Replace "dummy" with "stub" in preauth_test ed5e1b722 Replace "dummy" with "stub" in comments/documentation 3955d2af7 Replace "dummy" with "stub" in wps_testing_dummy_cred 77dd71243 Replace "dummy" with "stub" in Authenticator group keys fb1bae2a7 Replace "dummy" with "stub" in SAE e69ea242a hostap: Remove unused driver enum values with "master" in them 7b50f2f04 Replace "sanity" with "validity" 891bb1305 P2P: Enforce SAE-H2E for P2P GO in 6 GHz afcadbbf4 wpa_cli: Add support for SCS, MSCS, and DSCP commands bcaa1ea08 HE: Disable HE in hostapd_set_freq_params() if driver does not support fe1d743a1 Add QCA vendor attributes to indicate 320 MHz spectral scan capabilities 2b3e64a0f Update ciphers to address GTK renewal failures while roaming 9cf4bb0ef Vendor command to configure/trigger the roam events dd3a2960a Add TWT vendor attribute to configure announce timeout value afa0b9b6c P2P: Make p2p_check_pref_chan_no_recv() easier for static analyzers 857c4dfa8 Make get_mode() easier for static analyzers 9651deba5 Support vendor element configuration for AP mode from wpa_supplicant d144b7f34 DSCP: Add support to send DSCP Policy Query frame c903257fb DSCP: Parse WFA Capabilities element in (Re)Association Response frame a4aae9f9b DSCP: Indicate DSCP Policy support in (Re)Association Request frame d57456c1f DSCP: Allow DSCP Policy Response Action frame to be sent 2033e318e DSCP: Parsing and processing of DSCP Policy Request frames fe2a44485 DSCP: DSCP policy capability configuration 8471d940e Move pmf_in_use() into a more generic file 41ec97cd0 HE: Use a random BSS Color if not defined in the config file 1518638b7 QCA vendor command to configure the parameters for monitor mode 8f7b2c898 Add attributes to support MBSSID multi groups notifications a75fdcdcd Extend the roam reason codes in QCA vendor attribute 9ff0c8af5 Correct the documentation in enum qca_roam_reason ce267f4da P2P: DFS offload for the autonomous GO 6ba665c5c Reserve QCA vendor sub command id 201 51d73d991 Add QCA vendor interface to configure background scan parameters 61c075761 EDMG: Validate pri channel lookup result before using it a95144cf3 Add frequency to operating class determination for 5 GHz channel 144 e5173e8b1 P2P: Enable multiple channel widths for P2P in 6 GHz band f725254cc P2P: Enhance determination of secondary offset to support 6 GHz channels 575a8e6ca P2P: Clone 6 GHz related parameters to new group interface config f18433760 Add TWT attribute to send Responder PM Mode value to userspace 11a342775 Add time slice duty cycle attribute into QCA vendor command d408e3d19 Update QCA mDNS Offload vendor command 2341585c3 ACS: Fix channel 100 frequency ed369613f P2P: Align p2p_buf_add_pref_channel_list() prototype with definition 75a6d44a4 hostapd: Allow HT40 on 5 GHz channels 173 and 177 7dd2e2369 hostapd: Always allow HE AP with a 20 MHz channel width 9f2217c51 P2P: Consider p2p_no_go_freq for GO preferred frequency 882c53be5 P2P: Avoid integer overflow in channel a58f7e61c Add QCA vendor interface to configure allowed bands for roaming be81bbdc3 doc: Fix grammar in wpa_supplicant overview 362d9a49d utils: FreeBSD supports fdatasync(2) 9bd943410 nl80211: Fix send_mlme to use monitor interface only for AP interface f02ac5140 HE: Option to disable HE ER SU in HE operation in AP mode 63f043f4f Generalize the function name as it is not dealing with only TX & RX params 3cdc6d381 mesh: Show peer connected time in the wpa_cli STA cmd output for Mesh mode eddcd2753 Fix some compiler warnings on 32 bit platform 4c80937c7 nl80211: Reduce the number of nlctrl name resolution calls cce33c7e7 openssl: Support private_key blob in PEM encoded PKCS#8 format 0030590fb Generate an event when a network is added or removed f23861061 Add a --conf option to eapol_test.py 99c1789ab PASN: Fix ASAN error in ptksa_cache_add() e2e9adc3d openssl: Disable padding after initializing the cipher suite d265dd2d9 openssl: Remove deprecated functions from des_encrypt() 46b60299a wpa_supplicant: src: Replace Sane with Valid. 12388313a RADIUS client: Fix void-pointer-to-enum-cast warning e433d06dd Allow MSCS support to be disabled for testing purposes 025f8ab52 SCS: Processing of SCS Response frames b4e01ae92 Allow SCS supported to be disabled for testing purposes c005283c4 SCS: Sending of SCS Request frames 445dbe2cd P2P: Do not stop Listen state if it is moving to correct channel e99aaf706 Add QCA vendor attribute for TWT termination due to power save exit a147951ee Add QCA vendor attribute indicating the spectral scan bandwidth 51f89565f Add QCA vendor interface to fetch thermal statistics from the driver 24774dcc2 P2P: Require PMF for P2P GO in the 6 GHz band 49442194c SAE: Derive H2E PT while reconnecting to same SSID also ac79ed499 HE: Obtain correct AP mode capabilities for hw_mode with 6 GHz support dfabf1e5c QCA vendor command for mDNS offload 1071f7539 DPP2: Fix channel 6 inclusion for chirping with non-2 GHz interfaces 84b3de809 TDLS: Support TDLS operations in HE mode for 6 GHz 1990ee7ee QCA vendor attributes to configure BTWT and Rx control frame to MultiBSS f5f2985a2 Update TWT attribute to send TSF value in TWT setup command b4f7506ff FILS: Flush external-PMKSA when connection fails without ERP keys 80bcd7ecd FILS: Flush PMKSA entries on FILS connection failure 914a2f518 SAE: Report authentication rejection over control interface 9557ba336 AP: Don't increment auth_transaction upon SAE authentication failure 84f6492ea Extend QCA vendor command for TSF to enable and disable auto report 7ef420058 QCA vendor attribute to configure BSS max idle support ef83e0f90 QCA vendor attribute to use BSSID in Probe Request frame RA e2ff06c91 Add channel load percentage attribute into QCA vendor command ac6a0293d Add uplink delay attribute in QCA vendor command get_sta_info responses 84f894773 PTKSA: Fix a potential hostapd memory leak during reconfiguration 311091eb4 P2P: Use SAE+PMF for P2P connection in 6 GHz f0cdacacb P2P: Allow connection on 6 GHz channels if requested b36142a74 P2P: Add allow_6ghz parameter to control interface f7d4f1cbe P2P: Add a mechanism for allowing 6 GHz channels in channel lists 6423c23e3 P2P: Allow 6 GHz channels to be included in the P2P_FIND operation a06c7d50f P2P: Helper functions to check for WFD capability of a P2P device eaf850867 P2P: Extend channel determination/validation to 6 GHz channels 9b50746f5 P2P: Introduce 6 GHz band capability bit in P2P Device Capability 9f901e65b WNM: Ignore SSID check for hidden SSID in transition candidates 525ec045f P2P: Use correct return type for has_channel() 09fb9b0cb DFS offload: Use hostapd_is_dfs_required() to check if DFS required e8662e9d4 Use a helper function to remove struct wpa_bss_tmp_disallowed entries ecaacb47b OCE: Remove AP from driver disallow list with sufficient AP RSSI c25b50306 hostapd: Reject 40 MHz channel config if regulatory rules do not allow it 20a522b9e AP: Add user configuration for TWT responder role 9efed6684 Android: Pass the vendor events to $(BOARD_HOSTAPD_PRIVATE_LIB) 39a1d55b7 Add QCA vendor interface to transport CFR data using netlink events da3335c92 QCA vendor attribute to configure keep alive data type 98f1259cd QCA vendor attribute to configure ER SU PPDU type e2e2655ce FILS: Fix PMKID derivation for OKC 6abfb1418 Use estimated throughputs irrespective of RSSI delta for 6 GHz APs 5e1e4cceb Add QCA vendor attribute to enable/disable FT over DS 586afb8fa Add QCA interface to configure band specific RSSI thresholds for roaming 800e34550 Fix documentation for QCA_WLAN_VENDOR_ATTR_TWT_SETUP_MAC_ADDR 7d2302f87 Add EAPOL-4WAY-HS-COMPLETED indication to AP 1c5aa2579 Add EAPOL_TX command to extend ext_eapol_frame_io possibilities 7f0a2e422 Report EAPOL-RX events for testing purposes 04283cf36 Add REKEY_PTK to allow upper layer request to force PTK rekeying 82d8d631e Skip GTK rekeying request if rekeying already in process de4d62dbc Add QCA vendor definitions for DFS radar history 46f897619 Prefer 6 GHz APs for connection in BSS selection 84008457e Add support to calculate estimated throughputs for HE rates 658b6a0b0 Add support to estimate throughput for VHT 160/80+80 MHz supporting APs 1d2118b50 Check local supported features for estimating BSS throughputs accurately 2950851ac Rename the Frame Control field subfield Order define to +HTC 11821ab3d Add QCA vendor interface to query usable channels 6ae0d78b8 Determine 6 GHz bandwidth in AP mode ACS using op_class parameter 0822de037 Add AP mode ACS support for the 6 GHz band bef5eee4f Convert channel to frequency based selection for AP mode ACS 15742566f 6 GHz: Fix operating class in Supported Operating Classes element 79e8f0c16 hostapd: Update 160 MHz center freq calculation in 6 GHz 9c6b0a941 hostapd: Disable VHT/HE when WMM is not enabled 15b1831a2 nl80211: Map internal TDLS_PEER_* to NL80211_TDLS_PEER_* 742018f44 Add support to indicate TDLS peer's HE capability to driver 2be5777a9 Sync with mac80211-next.git include/uapi/linux/nl80211.h 1f2fbf41d Fix UPDATE_BEACON processing when disabled b8d337c63 DPP2: Fix channel 6 inclusion for chirping with non-2 GHz interfaces 80d975695 DPP2: Get DPP Relay Controller context based on hostapd callback context e63d45690 Add vendor reason code for TWT setup reject due to scan in progress 7d513b5b2 Add vendor hang reason code for tasklet/credit latency a6cae954e Vendor command to configure concurrent STA connection policies c2d7b027b DPP2: Close incomplete Relay connections f91680c15 OpenSSL: Fix compilation for version < 1.1.0 without CONFIG_ECC d675d3b15 Add helper functions for parsing RSNXE capabilities 663e190b7 SAE: Remove now unused password identifier argument from non-H2E case 79f87f473 PASN: Change PASN flows to use SAE H2E only 8c786e068 PASN: Derive KDK only when required 655edc19c Vendor attributes to configure broadcast TWT parameters 49ad86b0c Add vendor reason codes for TWT setup reject on roaming/channel switch 0bae16122 Set last_eapol_matches_bssid=1 on a roam+auth indication from driver 527be9ce7 SAE: Increment the Sc counter before generating each Confirm 47f51c8ba tests: Update SAE test vector to IEEE Std 802.11-2020 5f082c158 nl80211: Support larger number of MAC ACL entries f1fc9cf74 nl80211: Fix the size of the maximum MAC ACL size 93576264b WPS: Share a single error handling path in wps_set_ie() 2445e18b6 tests: assoc+auth driver event 00bec7b5b tests: IEEE 802.1X and FORCE_UNAUTH state e72e32253 hostapd: Enable WMM automatically when HE is configured 8ca330bd7 Flush pending control interface message for an interface to be removed 4a841a218 Fix WNM-Sleep Mode exit debug print of BIGTK 354f87e2e MSCS: Fix MSCS Response frame Status field parsing b8673baea Add REGISTER_FRAME hostapd control interface command for testing purposes 60974eb3f Allow AP mode extended capabilities to be overridden 7365eb43e Make hostapd_config_fill() easier to auto indent 8ca09293e Simplify extended capability determination in AP mode 37306a004 PASN: Use a helper function to free radio work data 349e9eafb PASN: Mark pubkey/comeback arguments constant for frame construction 67014b3f7 PASN: Add support for comeback flow to wpa_supplicant ab623ac75 PASN: Add support for comeback flow in AP mode 4ed10754e DPP: Fix GAS client error case handling in hostapd 3ae18d4bd EAP-SIM/AKA: Fix check for anonymous decorated identity 512d973cc DPP: Indicate authentication success on ConfReqRX if needed (hostapd) 6c8842f0e Fix full EAP authentication after PMKSA cache add failure 6bbbd9729 DPP2: Fix connection status result wait in hostapd c0c74f0c6 Testing functionality for airtime policy 2f7789149 nl80211: Debug print error from airtime weight configuration 38fa5e657 More documentation for HE Spatial Reuse Parameter Set configuration 73d9891bd EAP-SIM/AKA peer: Support decorated anonymous identity prefix 7831b10a8 Introduce reason code for TWT teardown due to concurrency eaeec4da2 PASN: Add support for deauthentication flow in station 4f436d537 nl80211: Allow sending Deauthentication frame with off channel for PASN 1ca1c3cfe AP: Handle deauthentication frame from PASN station 166e357e6 AP: Enable anti clogging handling code in PASN builds without SAE 6fe0d56e8 AP: Rename SAE anti clogging variables and functions b86678633 PASN: For testing purposes allow to corrupt MIC 2efa60344 PASN: Encode the public key properly cd0813763 PASN: Include PMKID in RSNE in PASN response from AP da3ac9809 PASN: Fix setting frame and data lengths in AP mode PASN response c733664be EAP peer: Make EAP-Success handling more robust against race conditions 72a17937c DPP: Add init/respond retries parameter configuration to hostapd 6ed0c212e TLS: Fix highest TLS version disabling with internal TLS client 57550cb27 DPP2: Use ASN.1 helper functions 626035bec TLS: Use ASN.1 helper functions d4e1d76db X509: Use ASN.1 helper functions 173e7eede RSA: Use ASN.1 helper functions 72b0217ab PKCS: Use ASN.1 helper functions a0541334a ASN.1: Validate DigestAlgorithmIdentifier parameters 94beb8e36 ASN.1: Fix AlgorithmInfo parsing for signatures ee76493bb ASN.1: Reject invalid definite long form length values in DER encoding 3af75f23b ASN.1: Reject invalid extended tags in DER encoding d6831a0e9 ASN.1: Explicitly validate constructed bit while parsing DER b421a7cf2 ASN.1: Use the helper functions for recognizing tags and debug prints 9a990e8c4 ASN.1: Add helper functions for recognizing tag values 9bf4c0539 ASN.1: Verify that NULL value has zero length f629bfe22 ASN.1: Add helper functions for debug printing identifier/length info 429f725d9 ASN.1: Define tag value for TIME 4481b03ee ASN.1: Fix a typo in a not-used tag name 2f2a57075 nl80211: Restore station mode on deinit only if station when started a746393dc TWT: Allow specifying Control field value in TWT Request a6b2007c2 nl80211: Support disabling HE in infrastructure BSS as station 01f2e54ce P2P: Clear pending_listen_freq when stopping listen 82a348eda wpa_supplicant: Don't process EAPOL frames while disconnecting e80e6a2f1 eapol_test: Add address family for IPv4 in Windows build cd2f8151e Add support to return bandwidth for channel 2 of the 6 GHz band 6b4e32da8 New vendor attribute to configure TWT mantissa in microseconds 7fd2f2496 TWT: Support sending TWT Setup and Teardown Action frames edbaffc4f wpabuf: Add helper functions for writing 64-bit integers 17d85158c Fix hostapd PMKSA_ADD with Authenticator disabled 147d6d372 Update VHT capabilities info on channel switch event dc587c479 nl80211: Determine secondary channel offset for CS to 80+80 MHz 0a8095d72 nl80211: Debug print for channel switch request parameters a20ace3a1 nl80211: Add command-to-string mapping for previously missed commands 0f37b8142 More specific set_freq_params debug prints for 80/80+80 MHz errors ab8929192 nl80211: Use process_bss_event() for the nl_connect handler 7c5442e74 DPP: Clear hapd->gas pointer on deinit 076e0abdd SQLite: Fix temporary eap_user data freeing on interface restart 2da3105ac Fix use after free with hapd->time_adv on interface restart 5ac977758 Reject authentication start during explicit roam requests 800fb6997 QCA vendor attribute to allow 6 GHz connection with all security types 1a60099f2 QCA vendor attribute to ignore SAE H2E requirement mismatch e9d598d8a Update old link to ACS wiki documentation b5e3d92ee OCV: Fix OCV-FAILURE event address for FT Reassociation Response frame 40551a15c Fix a memory leak in WPS with ap_scan=2 900adb3c9 FILS: Simplify code paths 4a5f6e88b SAE: Use more explicit IE payload validation steps 57fec19da Use more consistent iface->conf checks b8211e1e7 PASN: Avoid unreachable code with CONFIG_NO_RADIUS 9a1136b7f FILS: Fix RSN info in FD frame for no-group-addressed 6035969e0 Fix dynamic EAP library building a826ff2d9 Ignore group-addressed SA Query frames d314213f6 P2P: Pick a 5 GHz channel from more possible channels 205c35cef nl80211: Allow compilation with both vendor do_acs() handlers 61a258e78 nl80211: Add ACS support for Broadcom device 827b43b3c RADIUS client: Support SO_BINDTODEVICE 3a05f89ed Android: Add DRIVER command support on hostapd and hostapd_cli 50baf345b TDLS: Support TDLS operations in HE mode 184c82468 P2P: Add device address to the debug entry on oldest peer removal 8460e3230 P2P: Fix a corner case in peer addition based on PD Request Change-Id: Ieec0678b1a5c72fef3f3363cb54b20ac1cb8ab7f	2022-02-25 00:43:57 -08:00
Hai Shalom	6084025bf4	[wpa_supplicant] Cumulative patch from commit 59e9794c7 ... Bug: 180762886 Test: Verify Passpoint ANQP functionality and Passpoint association Test: Connect to Passpoint, Open, WPA2, WPA3 networks and run traffic Test: Regression test passed (Bug: 180943193) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source 59e9794c7 QCA vendor attribute to configure Punctured Preamble Rx in HE cap 875d7be38 QCA vendor attribute to disable data and management frame Tx ecb7590f3 QCA vendor attribute to configure RU 242 tone for data Tx 8d2329712 QCA vendor attribute to configure BSS max idle period dc72854fe Fix handle_auth_cb() message length check regression f03580e31 Restore permanent MAC address on the FLUSH command 976c3c161 DPP2: Accept Config Result before GAS response TX status 6518c72b0 Multi-AP: Fix backhaul SSID printing condition 1ba8a315c Avoid use of C++ keyword in a header file 10502ad59 radiotap: Fix compiler issues with packed structures 0dee287c8 EAP server: Extend EAP-TLS Commitment Message use to PEAP and EAP-TTLS fae4eafe4 EAP-TTLS peer: Handle Commitment Message for TLS 1.3 155125b02 EAP-TLS peer: Handle Commitment Message for TLS 1.3 3a457509d EAP: Extend Session-Id derivation with TLS 1.3 to PEAP and EAP-TTLS 647db6a6b EAP-TTLS: Key derivation per draft-ietf-emu-tls-eap-types-00 c74f23020 EAP-PEAP: Key derivation per draft-ietf-emu-tls-eap-types-00 872609c15 EAP-TTLS/PEAP peer: Fix failure when using session tickets under TLS 1.3 8265f8453 nl80211: Unconditionally clear nl_msg 6c7b0a965 PASN: Correctly set RSNXE bits from AP 85eb47e3a PASN: Correctly set RSNXE bits from STA be5f7f374 wpa_supplicant: Fix potential memleak on an error path 8f248d1ac Check for message truncation in RADIUS client 5cb25307e Set RADIUS message length to reflect RFC 2865 7df089b56 Create RADIUS_MAX_MSG_LEN param in the shared radius.h 98a52b09c Add new attributes in get_sta_info QCA vendor command 8f204f69a Show OCV and beacon protection capabilities in control interface 6f92f81da AP: Check driver's capability to enable OCV when driver SME is used 73ebd58fc STA: Check driver capability to enable OCV when driver SME is used f3dfe42c7 Clean up RSN parameter setting for PASN d36d4209f Enable beacon protection only when driver indicates support 9d99814e2 Update sgml to generate reproducible manpages e680a51e9 ext_password: Implement new file-based backend e9f449ba5 wpa_supplicant: Move wpa_config_get_line() into utils b1c23d3f2 HE: Fall back to 20 MHz on 2.4 GHz if 40 MHz is not supported f1c6c9d3e ACS: Allow downgrading to 20 MHz based on OBSS results 9bb2f7529 Sync with mac80211-next.git include/uapi/linux/nl80211.h cfc45a98d nl80211: Unsolicited broadcast Probe Response configuration 024b4b2a2 AP: Unsolicited broadcast Probe Response configuration 6fb626412 P2P: Clear unexpected HT40 configuration on 2.4 GHz band 6b59e63f0 Include secondary channel config in no-hw-channel-found message d76ba2b31 nl80211: Add FILS Discovery frame configuration 9c02a0f5a FILS: Add generation of FILS Discovery frame template c4c529e9c Add a helper function for determining RSN capabilities field value 272466518 Define FILS Discovery frame subfields 3eb5f7128 Do not include VHT elements in Beacon frames on the 6 GHz band 2c2b6d265 Add Transmit Power Envelope also for 6 GHz HE AP 6c2b729de Use hostapd_get_oper_chwidth() when build Transmit Power Envelope element 5d3c4496f Make VHT Transmit Power Envelope element helper more generic 58bbbb598 nl80211: Ignore 4addr mode enabling error if it was already enabled 1b45b8d3f wpa_supplicant: Don't exit scanning state on config reload 581df2d52 DPP2: Defer chirp scan if other scan is queued up 35756c02e mesh: Assign channel in frequency params in all bands b1c3e4d07 nl80211: Send HE 6 GHz capability parameters to the driver 8d10831dc wolfSSL: wolfSSL_use_PrivateKey_* correct return codes 7e823d4df DPP: Expose config object PSK/passphrase in wpa_supplicant 1029f16a9 DPP: Expose config object AKM in wpa_supplicant control interface ad59639ed DPP2: Fix Authentication Request destination in the chirping case 598f67132 SAE: Avoid driver STA entry removal unnecessarily when using H2E/PK 99cd45372 hw_feature: Correctly select mode in case of the 6 GHz band f728c867e AP: Extend Spatial Reuse Parameter Set 9f9d3d362 Allow HE MCS rate selection for Beacon frames 7f2f262e6 nl80211: Support the 6 GHz band for beacon rate configuration c3d557b4d hostapd: Add HE 6 GHz band capability configuration bd8b17030 EAP-AKA: Check that ID message storing succeeds e781f7c86 Fix compiler warning on CONFIG_AP without CONFIG_P2P builds 4c9b16602 Update Visual Studio projects to match file renaming 48cfb52b7 Rename blacklist.[ch] to bssid_ignore.[ch] 626fc0dcd Rename wpa_blacklist to wpa_bssid_ignore b58ac90c3 Rename INTERWORKING_BLACKLISTED define 72cd4293f Rename the control interface BLACKLIST command to BSSID_IGNORE 752b1c608 Rename network profiles parameters for ignoring/accepted BSSIDs e6ac26943 radiotap: Update radiotap parser 136bbf15c wlantest: Add more details about protected FTM frames f56eec7c1 wlantest: Process Action No Ack frames like Action frames ef26fc19f DFS: Allow switch to an available channel f98fe2fd0 hostapd: Report errors ACCEPT_ACL/DENY_ACL control interface commands 15251c658 hostapd: Fix dynamic ACCEPT_ACL management over control interface 871d6648f hostapd: Add multi_ap settings to get_config() output f95ccc102 WPS: Reconfigure credentials on hostapd config reload 2fd90eb09 WPS: Use helper variables to clean up code f7bbad576 wpa_supplicant: Configurable fast-associate timer threshold b829b7003 wpa_supplicant: Notify freq change on CH_SWITCH 3a00a86bb hostapd: Fix dpp_listen in DPP responder scenario 4a7e0ac26 hostapd: Add an option to notify management frames on ctrl_iface e79febb3f P2P: Adding option to manage device drivers creating random MAC addresses a579642bc BSD: If route socket overflows, sync drivers to system interfaces fa859ebb1 RSN+WPA: Fix RSNE removing in EAPOL-Key msg 3/4 when RSNXE is included dc1977959 RSN: Validate RSNXE match in EAPOL-Key msg 3/4 only when RSN is used 0b7895750 DPP: Silence compiler warning about signed/unsigned comparison 8f557d204 Make wpa_bss_ext_capab() handle NULL bss argument 2cadb60ab robust_av: Use wpa_bss_ext_capab() helper a287c2078 Disable HE capabilities when using unacceptable security config 56c192c5e nl80211: Skip frame filter config for P2P-Device 2b916c9fd dbus: Fix IEs getter to use wpa_bss_ie_ptr() 9416b5f32 Add HE in ieee80211_freq_to_channel_ext() documentation 2acfd15a2 hostapd: Generalize channel switch methods to incorperated HE mode 2908dc91c hostapd: Enable HE for channel switch commmand 1c3e71d14 P2P: Add a maximum length limit for peer vendor IEs 947272feb P2P: Fix copying of secondary device types for P2P group client 25df656a8 Remove pointless defines for ext capab bits 11355a122 Reset external_scan_running on interface deletion 630b1fdba AP: Add 6 GHz security constraints df0bfe475 mesh: Fix for leaving mesh 24f0507af WPA: Support deriving KDK based on capabilities (Authenticator) dccb6cde0 WPA: Support deriving KDK based on capabilities 9e7b980d6 PASN: Include RSNXE in the PASN negotiation d8cd20e37 RSN: Add RSNXE new definitions 2eb2fb8bd AP: Support PASN with FT key derivation 5c65ad6c0 PASN: Support PASN with FT key derivation 62edb79a0 AP: Support PASN with FILS key derivation 8c6d2e252 PASN: Support PASN with FILS key derivation da35e1214 AP: Support PASN with SAE key derivation a93ec28d1 PASN: Support PASN with SAE key derivation 3040c8a2d AP: Add support for PASN processing to the SME f2f8e4f45 Add PTKSA cache to hostapd 2c963a117 AP: Add support for configuring PASN ad338cfe5 ctrl_iface: Add support for PASN authentication 363768c8a PASN: Add support for PASN processing to wpa_supplicant d70060f96 WPA: Add PTKSA cache to wpa_supplicant for PASN a4e369161 WPA: Add PTKSA cache implementation a84ba92fa WPA: Add a function to get PMKSA cache entry 6709b4ceb common: Add PASN parsing to ieee802_11_parse_extension() 46bfc3a84 tests: Add module tests for PASN PTK derivation 9ce123cdb PASN: Add common Authentication frame build/validation functions c6d1a33bb PASN: Add functions to compute PTK, MIC and hash d87f4aea1 FILS: Extend the fils_pmk_to_ptk() function to also derive KDK 6e834db74 FT: Extend the wpa_pmk_r1_to_ptk() function to also derive KDK 46c232eb7 WPA: Extend the wpa_pmk_to_ptk() function to also derive KDK 019507e10 common: Allow WPA_CIPHER_GTK_NOT_USED as a valid group management cipher 244721221 nl80211: Always register for RX authentication frames with PASN a728449a0 nl80211: Allow off-channel of PASN authentication frames in send_mlme() 367e79231 PASN: Add some specification definitions 833cdbe97 Add support for new 5 GHz channels 173 and 177 21fdb454d P2P: Fix channel selection for operating class 129 959af4f57 DPP: Abort authentication if no Auth Confirm is received within a second 62657365f Add a configuration to disconnect on deinit if WoWLAN is enabled 8f5897294 dbus: Export new 'suiteb192' capability 9cdcc8823 DBus: Add 'owe' to interface Capabilities 8e8406469 wpa_cli: Add WPS_EVENT_OVERLAP to action scripts 41fae6e0b nl80211: Add missing WPA3-SAE auth_data in auth retry case 71718b628 FT: Update key mgmt properly in RSNE during roaming ea77568d8 Add user configured vendor IEs to default scan IEs b6947f01a Android: Pass the vendor events to $(BOARD_WPA_SUPPLICANT_PRIVATE_LIB) 7b121af26 P2P: Delay P2P scan when an external scan is in progress f39d6aacb P2P: Recover p2p_find operation in case of failure to fetch scan results 74818ca63 Process QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH after NL80211_CMD_ROAM b4a41abad nl80211: Do not ignore disconnection event after a connection event 084b3d2f8 Drop unexpected connection event while disconnected 73c7c2da9 Vendor feature capability to notify TWT asynchronous response support a337c1d7c New TWT operations and attributes to TWT Setup and Nudge b709bb40f DPP2: Add DPP_CONTROLLER commands to hostapd_cli and wpa_cli 6ead8b897 Use bool for is_6ghz variables and functions 7131fede3 Extend the setband support for 6 GHz and band combinations 2a37cda74 scan: Add a helper function to append supported freqs from a given band bba926350 Fix gcc-10 build with -Werror=array-bounds and dl_list_for_each() 0225301fd wolfSSL: Client cert loading API fix 297050b46 nl80211: Report invalid signal and noise when info is unavailable be96f4e8d wlantest: Allow missing RSNE in S1G beacon d83eaa351 Add option to ignore Probe Request frames when RSSI is too low f2a010140 wpa_supplicant: Initial connection speedup 4683b7218 DFS: Enter DFS state if no available channel is found eee0d242b hostapd: Add ability to disable HT/VHT/HE per BSS 89ad24379 mesh: Move mesh frequency setting to its own function 7c2cad969 mesh: Fix DFS deinit/init 0896c442d mesh: Fix for mesh init/deinit 06161d4f1 mesh: Fix mesh_oom test 12ae3e3db mesh: Inform kernel driver about DFS handler in userspace a27faf2c9 mesh: Fix channel switch error during CAC 872590978 nl80211: Do not set offchanok on DFS channels in non-ETSI for mesh e3608040c mesh: Update ssid->frequency as pri/sec channels switch f1df4fbfc mesh: Use setup completion callback to complete mesh join 3c9abc785 QCA vendor attributes to configure TX and RX NSS ed24bad1d AP: Check driver support while auto-selecting bandwidth for AP/P2P GO 5b782ff62 Add bus failure reason code to vendor indication 1c77f3d3f Indicate whether additional ANQP elements were protected 90ca804e4 Add vendor attributes for TWT nudge request 454ebb504 BSS: Use variable length array for IEs at the end of struct wpa_bss be7ee264f BSS: Use wrapper function for getting a pointer to the IE buffer 95edd8144 BSS: Add wpa_bss_get_ie_ext() wrapper dba4f7a54 Mark wpa_bss_get_fils_cache_id() argument const 2a7023ba6 Change list arguments to const where possible fdf114641 nl80211: Send the sae_pwe value to the driver 2576f27e0 P2P: Disable P2P in the 6 GHz band for now 2ffd3bb4b P2P: Include p2p_6ghz_disable in global configuration 60c902f40 Add connect fail reason code from the driver to assoc reject event 7423fa6e8 Vendor feature capability to support concurrent sessions on Wi-Fi bands 1934ad9b2 Add extra parameters to vendor command GPIO attribute d0e0d2283 Sync with mac80211-next.git include/uapi/linux/nl80211.h c2c468622 Set NLA_F_NESTED flag with NL80211_ATTR_VENDOR_DATA conditionally cd3aa54a3 Add test configuration attr to enable/disable full bandwidth UL MU-MIMO f4de21a77 BSS/scan: More conversions to for_each_element_id() aa06444f2 dbus: Check eloop registration failure in add_watch handler 56a1df71e BSS: Convert wpa_bss_get_vendor_ie() to use for_each_element_id() ec1f4f3c8 Make GTK length validation for RSN Group 1/2 easier to analyze c42d41bf3 EAP-IKEv2: Try to make transform parser simpler to understand ec0d99c00 HS 2.0: Clarify OSU Friendly Name length validation 05962099c TDLS: Fix error path for TPK M1 send failure in testing functionality a9fed5f5b Avoid undefined behavior with memcpy PMK/PSK update c643c3928 nl80211: Fix filtering of unsupported bands/modes a86078c87 TDLS: Fix error path handling for TPK M1 send failures 3d490296b DPP2: Fix error path handling in enterprise provisioning f724dd1bf Remove unused variable update 589bf1f7a DPP2: Fix ppkey parsing 79e3f08d3 6 GHz: Add support for missing 6 GHz operating classes 66bed14b2 6 GHz: Fix opclasses mapping in ieee80211_freq_to_channel_ext() 5e779873e EAP-SIM peer: Send AT_IDENTITY first 0577e8e67 nl80211: Check for proper nlmsg allocation in send_and_recv_msgs_owner() 02289ab53 DPP2: Explicitly check EC_KEY before dereferencing it c57590476 P2P: Consider BSS entry pending for P2P joining as a known BSS 106d67a93 nl80211: Filter out unsupported bands 9c39c1a6d P2P: Include p2p_add_cli_chan parameter while cloning the configuration 8f0ed71ff Vendor specific feature capability for Adaptive 11r 45ae6ae8e Add additional vendor specific hang reason codes d2190cdc6 DPP2: Update the default port number for DPP-over-TCP 5d988b4a5 Fix couple more typos b439b21a2 wpa_supplicant: Fix typos 183e72ae1 SAE-PK: Do not accept SAE-PK status code when no PK is configured 80662accb SAE: Don't use potentially uninitialized keys b4c7114cf wpa_supplicant: Remove unfeasible conditions in config parsing ff7e0c1cf wpa_cli: Don't access uninitialized variables e364a34c6 OpenSSL: Make openssl_debug_dump_certificate() more robust Change-Id: Ia7e3838712a621fe0341464dd04671f708d8cde4	2021-02-23 22:13:31 +00:00
Hai Shalom	899fcc7e60	[wpa_supplicant] Cumulative patch from commit d68c0dd4d ... Bug: 156933657 Test: Verify Passpoint ANQP functionality and Passpoint association Test: Connect to Passpoint, Open, WPA2, WPA3 networks and run traffic Test: Regression test passed (Bug: 171270733) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source d68c0dd4d build: lib.rules: Add common-clean d34b33451 wpa_supplicant: Fix frequency config for VHT/HE cases 0747432ef Fix spelling of "unexpected" in messages d720de929 hostapd: Fix typos 4c66894fa eap_peer: Add .gitignore with *.so 13256b8cf P2P: Stop old listen radio work before go to WAIT_PEER_IDLE state 0f7989d8a MSCS: Fix decapsulating subelements from MSCS descriptor cc3d6efa8 Add QCA interface for driver to report various connect fail reason codes 39748963d build: Fix libeap_peer.a build c3f37c35f DFS: Use helper functions for VHT/HE parameters a72599b31 hw_features: Better debug messages for some error cases 5965c7da5 wpa_supplicant: Enable VHT and HE in default config parameters df6745e8c wpa_supplicant: Handle HT40 and mode downgrade in AP mode 93da12fd9 mesh: Fix channel init order, disable pri/sec channel switch 7f8ac02e8 HE/VHT: Fix frequency setup with HE enabled 0f07230eb DPP2: Add privacyProtectionKey into Configurator backup/restore a0ccc4017 DPP2: Use ppKey to decrypt E'-id on Configurator 99d7bf234 DPP2: Use the new privacy protection key to protect E-id on Enrollee 37df40845 DPP2: Copy received ppKey into wpa_supplicant network profile a8ee2292b DPP2: Parse ppKey from Connector 2a8c92887 DPP2: Add ppKey into Connector 9c1fbff07 DPP2: Generate a privacy protection key for Configurator 1d1475845 DPP: Make dpp_keygen_configurator() a static function 1d0d8888a build: Make more library things common f4b3d14e9 build: Make a common library build ac1447ae9 build: Rebuild libs all the time 6c41d43f1 mesh: Stop SAE auth timer when mesh node is removed 154b18d95 build: Fix dependency file inclusion 79db311e8 macsec_linux: Fix receive-lowest-PN setting e3b47cdf8 DPP2: Add DPP_CHIRP commands to hostapd_cli and wpa_cli cb3b70936 P2P: Set ap_configured_cb during group reform process 0e9f62e51 P2P: Fallback to GO negotiation after running out of GO scan attempts 1a0169695 hostapd_cli: Add dpp_bootstrap_set command 7e4ed93d3 wpa_cli: Add dpp_bootstrap_set command 283eee8ee gitignore: Clean up a bit ae0b90dfa mesh: Allow channel switch command 87098d332 build: Put archive files into build/ folder too 00b5e99b6 build: Use the new build system for fuzz tests a49f62884 wolfSSL: Fix wrong types in tls_wolfssl.c 58c18bcf8 hostapd: Fix error message for radius_accept_attr config option 52a1b2834 nl80211: Unbreak mode processing due to presence of S1G band 4b96fafcd D-Bus: Share 'remove all networks' with CLI 2818e9ca9 wpa_supplicant: Do not retry scan if operation is not supported c0b88d129 P2P: Limit P2P_DEVICE name to appropriate ifname size 566ea1b7c mesh: Set correct address for mesh default broadcast/multicast keys 17d6ba4c9 DBus: Add "Roam" command support 6e757bba8 Use consistent spelling of "homogeneous" cff545720 wpa_supplicant: Clear blacklist when SSID configs change bbbb3c04e wpa_supplicant: Add new blacklist tests 164b8dd8e wpa_supplicant: Add wpa_blacklist_update() d53011002 wpa_supplicant: Implement time-based blacklisting 2fd35d985 wpa_supplicant: Track consecutive connection failures 6d6310701 Fix STA mode default TXOP Limit values for AC_VI and AC_VO dcc5288e5 gitignore: Add various things ce963433b build: Allow overriding BUILDDIR from command line ad6e4a5c5 build: Remove hostapd vs. wpa_supplicant build checks 6acda5322 build: Add .config file to dependencies 722138cd2 build: Put object files into build/ folder 0464d5d5d build: Move config file handling into build.rules 0430bc826 build: Add a common-clean target 06a6adb54 build: Use build.rules in lib.rules 3ff115db6 build: Disable built-in rules a41a29192 build: Pull common fragments into a build.rules file 21cc50a43 HS 2.0 server: Add a .gitignore file a28d127b1 AP: Reflect status code in SAE reflection attack test e8b85c078 iface match: Unspecified matched interfaces should not log driver fails 83fa0a100 op_classes: Don't report an error when there are none to add 8776551bf BSD: don't log SIOCG80211 errors during interface setup 41d20df7f D-Bus: Allow empty string in dbus network properties 4756ecabc Allow bgscan parameters to be reconfigured 922fa0997 Global parser functions to return 1 when property unchanged a87173b1d D-Bus: Skip property update actions when wpa_config_set() returns 1 1c58317f5 D-Bus: Allow changing an interface bridge via D-Bus 14318ccff P2P: Add configuration support to disable P2P in 6 GHz band debf3e216 OCV: Work around for misbehaving STAs that indicate OCVC=1 without OCI d48a3a676 FT: Modify status code in FT Reassoc frame for invalid OCI channel info 0e8d569d4 DPP2: Presence Announcement notification in STA 980c4da41 DPP2: Presence Announcement notification in AP 8b667bfa1 DPP2: Presence Announcement notification cf3d260c3 DPP2: Fix hostapd crash setting global configurator params on chirp RX a8f304228 Document the missing ignore_broadcast_ssid network profile parameter aa704020a DBus: Update dont_quote[] with ignore_broadcast_ssid parameter 88d3f43bd DPP2: Replace OneAsymmetricKey version number (v2 to v1) 8e5739c3a DPP2: Check channel 6 validity before adding it to chirp channel list 5c6c0d569 DPP: Fix GAS fragmentation for DPP Config Response from hostapd a7f55f7f6 WPS: Enable SA Query checks for WPS AP 43ef227e9 P2P: Make use wpas_p2p_reconsider_moving_go timeout gets canceled 57536a567 P2P: Fix P2P interface remuval through wpa_supplicant_remove_iface() 760d10cde P2P: Include channels 149 to 161 for operating classes 128 and 130 ac882374a SAE: Fix error path handling for SSWU e8a1e6a4a P2P: Fix a typo in a comment fa63284af Add additional roam triggers to qca_vendor_roam_triggers 13feeaa10 Add a new status code to represent an already suspended TWT session 8175c2654 Add test configuration attr to start/stop transmitting FD frames 90e478aa0 DPP2: Use the PFS fallback if multiple key_mgmt values are enabled cab139ebc Fix a typo in a comment 7e20502f7 hostapd: Resolved compiler uninitialized warning e3ba0c4cd Do not start SA Query procedure without keys a92660a00 Work around Supported Operating Classes element issues for 6 GHz fd4a58ccd Additional attributes to QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_CONTROL 8a6a2894d Add new QCA vendor attributes to get thermal level 41f818905 SAE-PK: Add support to skip sae_pk password check for testing purposes a71b100c3 OCV: Allow connecting MFP incapable OCV STA when OCV is disabled in AP 5ecb45a41 OCV: Use more granular error codes for OCI validation failures 10c3e58b2 DPP2: Include E-nonce in reconfig ke derivation 4ae5e459d DPP2: Move E-nonce to be outside wrapped data in Reconfig Auth Resp 0ebf5aa34 DPP2: Replace I/R-nonce with C/E-nonce in reconfiguration 99f8506d3 Add QCA_NL80211_VENDOR_SUBCMD_MBSSID_TX_VDEV_STATUS 93a73ce02 MSCS: Fix issues due to incorrect usage of wpa_hexdump_buf() 9afb68b03 OpenSSL: Allow systemwide secpolicy overrides for TLS version c85206ba4 QCA vendor attributes for setting ANI level d335ca953 Update QCA vendor interface for GPIO configuration 7ddb71224 DPP2: Support QR mutual auth scan-during-auth-exchange (hostapd) c043b1e00 DPP: Remove unnecessary dpp_global_config parameters 4ecb6dd16 DPP2: Controller support in hostapd cd17f6877 Add QCA vendor event for firmware statistics ba3081f1d dpp-nfc: Start listen operation more completely for NFC Tag write cases e4adbacaf GAS: Fix memory leak on some DPP error paths 8aa91282a Fix EAPOL-Key msg 1/4 processing in a corner case 96e63008f OWE: Do not add DH Params element in AssocResp with PMKSA caching 9bc881153 DPP2: Fix build without IEEE8021X_EAPOL 2caff11d7 LibreSSL: Fix build with LibreSSL versions older than 2.9.1 55a366d7a dpp-nfc: Fix recv_octets() regression 90e05626f Add test configuration to ignore SA Query timeout a2d35b49e Fix documentation for the test configuration attributes of FT-SAE/OCV 5d2218e61 Add get_sta_info vendor attrs to get BIP failure counters for STA mode c6a760b9c DPP: Add process_conf_obj into TCP connection data struct 7f366fcbd DPP: Add msg_ctx into TCP connection data struct 6aa7aa808 DPP2: hostapd/AP as Enrollee/Initiator over TCP d21dde9da MSCS: Send MSCS change/remove frames only if MSCS setup exists af8ab3208 MSCS: Parse result of MSCS setup in (Re)Association Response frames c504ff539 MSCS: Add support to populate MSCS Descriptor IE in (Re)AssocReq bbd3178af MSCS: Add support to process MSCS Response frames a11804724 MSCS: Add support to send MSCS Request frames 1733e356e dpp-nfc: Fix handover client wait for receiving handover select 596d99567 SME: Process channel switch event in SME only when supplicant's SME is used 0fa274d2b Derive seg0_idx and seg1_idx for 6 GHz when processing channel switch 5644b23de QCA vendor command to update SSID cd708e8ff Add a vendor command for medium assessment cc9fe46b3 Add AllPlay type to the QCA vendor element 170775232 ANQP: Add support to specify frequency in ANQP_GET command 43106e122 GAS: Update source MAC address on preassoc_mac_addr randomization 1289ecf4c GAS: Ignore preassoc_mac_addr when gas_rand_mac_addr enabled dbe485a35 SAE-PK: Check psk param also to look for SAE-PK acceptable BSS f5388b34e Add channel TX/RX times to QCA vendor interface of LL stats 9f9c11048 Fix QCA_WLAN_VENDOR_ATTR_LL_STATS_CH_INFO interface documentation 096456c0c Enhancements to the TWT attributes/parameters (vendor command) 3adc1c623 DPP2: Disconnect before starting reconfiguration 574a8fa6c DPP: Do not interpret unknown channel as missing channel list for NFC fc3efe083 DPP2: Support mutual auth with QR in scan-during-auth-exchange case 2e956c37d DPP2: Do not close TCP socket when waiting for full Auth Resp e4e95aabb DPP2: Allow Controller to be configured to require QR mutual auth 61c249c49 Add QCA vendor attribute to configure number of TX/RX chains 86fd6755c dpp-nfc: Use --altchan value in handover server 315422196 dpp-nfc: Update listen channel based on channel list when writing a tag 66ffe9d24 DPP2: Update Reconfig Flags attribute format 5caf4e094 DPP2: Support RA/CA functionality in Controller initiated case 9304d1b3c DPP2: Regenerate Reconfig Announcement for each transmission b591810f9 DPP2: Add DPP Status attribute into Reconfig Auth Confirm 6d0217119 DPP2: Allow iteration count to be configured for DPP_RECONFIG c6d0e5a93 DPP2: Add E-id in Reconfig Announcement e5be6e68c DPP2: Add Enrollee netAccessKey group into Reconfig Announcement 2a58968d3 SAE-PK: Allow SAE-PK password to be set using the psk parameter 7ca81190a SAE-PK: Allow SAE-PK style wpa_passphrase if SAE-PK is enabled with same 844ecc70a Additional TWT attributes for response path and resume 0a9d7b169 SAE-PK: Update design for fingerprint encoding into password 2f858254c Extend GET_PMK to check PMKSA cache on the AP b28b9dfcb OCV: OCI channel override support for testing (STA) d309dd52b Fix the documentation for QCA_WLAN_VENDOR_ATTR_CONFIG_UDP_QOS_UPGRADE 87971ff05 SAE-PK: Fix SAE confirm writing in some AP cases with transition mode 240e9af4d SAE-PK: Make no-KEK debug prints distinct 38ef655eb dpp-nfc: Report negotiated connection handover result 4d5461842 dpp-nfc: Stop only_one run after failed handover attempt f7b5a1d34 dpp-nfc: Do not indicate no initial HS as failure if alt HR will be sent 475b34665 dpp-nfc: Improved version of HandoverServer::serve() dc0795e4f dpp-nfc: Stop process after successful handover client completion b00bbbfe5 dpp-nfc: Optimize HandoverClient message receiving for alternative HR case bbfb7b9fe dpp-nfc: Use a single handover client thread aaa8638ed dpp-nfc: Add a class for maintaining connection handover state 66d74626b dpp-nfc: Reuse the same handover client for alternative URI 6e904441c dpp-nfc: Add peer URI into the HS in testing mode 3021b14c4 dpp-nfc: Enable more verbose nfcpy debugging 7c04bab71 tests: AES-CTR encrypt test vectors 1d3e16d0b dpp-nfc: Skip P2P management interfaces e9c192ffc dpp-nfc: Ignore (no) response to initial handover request 7d27bcb8e dpp-nfc: Do not allow more than one alternative channel proposal 6eaee933d dpp-nfc: Add test mode for negotiated connection handover 730fc307b Update documentation for vendor attributes to ignore BSSIDs during roaming f4877083e Rename driver op for temporarily disallowed BSSIDs f8c756c5b FT: Rename temporary blocking of nonresponsive R0KH 15018d4f4 DPP2: Fix auth termination after receiving Configurator backup 74cd38ac6 dpp-nfc: Return failure status if operation fails 7e2edfbc1 dpp-nfc: Add color and details for interactive operations 09c22bb78 dpp-nfc: Fix regression in NFC Tag writing 1e4a42c74 dpp-nfc: Detect a non-NDEF tag when trying to write 288c0ffaa dpp-nfc: Do not hardcode netrole for NFC Tag writing cases ebd5e764f Vendor attribute to configure QoS/AC upgrade for UDP frames d91fb3ce3 Add a vendor command to fetch the currently enabled band(s) 29e47c416 Vendor command to configure TWT 8f396ad68 Enhance the qca_set_band enum values to be used as a bitmap cc6153a8a nl80211: Fix sending proper VLAN ID attr value when using VLAN offload a57f98754 Fix enabling 40/80 MHz bandwidth support in the 6 GHz band 885097125 mesh: Fix peer link counting when removing a mesh peer 8632dea4a DPP2: Make sure dpp_auth gets cleared with external config processing a7ae42296 DPP2: Do not allow reconfiguration to be started with pending auth d93df9989 DPP2: Debug print reason for rejecting reconfiguration 5d8c5f344 SAE-PK: Fix password validation check for Sec 0ce6883f6 tests: Fix SAE-PK password module tests c9dc075fc dpp-nfc: Fix connection handover renegotiation d0819a11c FILS: Use FILS auth alg when connecting using PMKSA caching 70b80c31f nl80211: Do not send FILS ERP sequence number without rRK 52a325762 6 GHz: Change 6 GHz channels per IEEE P802.11ax/D6.1 5908fedc1 dpp-nfc: Support channel list negotiation eddf22e1f dpp-nfc: Update debug print for tag-read-only operation b62e46f69 DPP2: Fix DPP_CA_SET processing with authentication not having peer BI 4f4a52c3c DPP: Clear bootstrap entries only after clearing authentication state 67efd19e0 nl80211: Use control port TX (status) in AP mode if possible 569497bf4 nl80211: Work around misdelivered control port TX status 87065881b nl80211: Use ext ack handler for TX control port 6f19cc4d7 nl80211: Handle control port TX status events over nl80211 f7c657b79 nl80211: Add custom ack handler arguments to send_and_recv() 73ea1ad7f nl80211: Clean up SO_WIFI_STATUS error reporting cd99a8c43 EAP-TEAP (server): Allow Phase 2 skip based on client certificate 519629392 EAP-TEAP (client): Allow Phase 2 to be skipped if certificate is used 9593ce658 OpenSSL: Provide access to peer subject and own certificate use b5dab03a1 Convert int to bool for throughput estimate tables b97aa038b Add WPA_EVENT_{DO,SKIP}_ROAM events d6b450e89 Refactor wpa_supplicant_need_to_roam() 2ff5a1fdb Use lookup-table instead of macro for TX rate estimates fa09b85c4 DPP2: Remove forgetten development time debug prints 0bbab6465 DPP2: Fix dot1x config object parsing without trustedEapServerName 8f88dcf05 DPP2: Add an automatic peer_bi entry for CSR matching if needed b25ddfe9d DPP2: Add Enrollee name into CSR as the commonName 11aa77e00 DPP2: GAS comeback response processing for Enrollee over TCP 18e013a93 DPP2: GAS comeback request processing for Configurator over TCP 68d9586a4 DPP2: GAS Comeback Request for the TCP case a352c7230 DPP2: Comeback delay response for certificate in over TCP case 0f9463d6e DPP2: CSR wait in Configurator when using TCP 1f86b2c24 DPP2: CSR generation in TCP Client/Enrollee 697fa0c4b DPP2: Do not try to proceed with GAS client if CSR building fails ffc8ae507 Define a new QCA vendor attribute for Optimized Power Management 3a3eded0d DPP2: Allow CSR processing by CA/RA to reject configuration 3b60f1174 DPP2: Validate CSR on Configurator before forwarding to CA/RA c98db9f1f DPP2: Add challengePassword into CSR dbbb0d5b8 OpenSSL: Use EVP-based interface for ECDSA sign/verify ace3723d9 DPP2: Enterprise provisioning (Enrollee) 6568e5d20 DPP2: Enterprise provisioning (Configurator) 4643b2fee DPP2: Enterprise provisioning definitions for dot1x AKM 812d52ae2 OpenSSL: Support EC key from private_key blob 4b834df5e OpenSSL: Support PEM encoded chain from client_cert blob 68ac45d53 GAS server: Support comeback delay from the request handler 608adae5b JSON: Add base64 helper functions c7e6dbdad base64: Add no-LF variant for encoding 6dc2c0118 Update DFS terminology in attribute value documentation 621745917 Allow HE-without-VHT to add the Channel Switch Wrapper element d51b1b7a6 Move hostapd_eid_wb_chsw_wrapper() to non-VHT-specific file 1f72bbbef AP: Reject association request upon invalid HE capabilities 088bef178 AP: Restrict Vendor VHT to 2.4 GHz only 6a34bd300 HE: Use device HE capability instead of HT/VHT for 6 GHz IEs 9272ebae8 nl80211: Fetch HE 6 GHz capability from the driver f25c51a9f Sync with mac80211-next.git include/uapi/linux/nl80211.h 518be614f SAE-PK: Advertise RSNXE capability bit in STA mode a77d6d220 SAE-PK: Update SAE confirm IE design 363dbf1ec SAE-PK: Remove requirement of SAE group matching SAE-PK (K_AP) group 2e80aeae4 WPS UPnP: Support build on OS X f119f8a04 WPS UPnP: Fix FreeBSD build cc2d03601 HS 2.0: Use global pmf=2 for the created network block 790026c3d Allow TX queue parameters to be configured for wpa_supplicant AP/P2P GO c7cb42d53 Remove unused enum values 411e42673 Move local TX queue parameter parser into a common file fcef598ea Do not try to connect with zero-length SSID 85aac526a WPS UPnP: Handle HTTP initiation failures for events more properly f7d268864 WPS UPnP: Fix event message generation using a long URL path 5b78c8f96 WPS UPnP: Do not allow event subscriptions with URLs to other networks e30dcda3b SAE-PK: Fix FILS Public Key element Key Type for ECDSA 4c3fbb234 SAE-PK: Check minimum password length more accurate 43a191b89 tests: Remove too short SAE-PK passwords 4ff0df39e SAE-PK: Testing functionality to allow behavior overrides 0c4ffce46 Allow transition_disable updates during the lifetime of a BSS 5f48d36b4 SAE-PK: Select SAE-PK network over SAE without PK d654ca24d Clean up wpa_scan_res_match() 9ad010c29 SAE-PK: Allow automatic SAE-PK to be disabled 85ca13ebc wpa_cli: Add all_bss command to print all scan results (BSS entries) 215b4d8a7 FT: Do not add PMKID to the driver for FT-EAP if caching is disabled 5cf91afee QCA vendor attribute for dynamic bandwidth adjustment 1a28589b2 QCA vendor attributes for setting channel width 63653307d Add support for indicating missing driver AKM capability flags 18f3f99ac Add vendor attributes to configure testing functionality for FT/OCV/SAE e53756a64 Fix a typo vendor attribute documentation 960e8e533 QCA vendor attribute to configure NSS 8d1cbaaff SAE-PK: Transition mode disabled indication processing a75269529 SAE: Add sae_h2e and sae_pk to wpa_supplicant STATUS command cc22fb1b8 SAE: Move H2E and PK flags to main sae_data bc908daac Document more network profile parameters 1c846d647 SAE-PK: Allow SAE authentication without PK to be disabled 40240735b WPS UPnP: Do not update Beacon frames unnecessarily on subscription removal c85b39ec5 SAE-PK: Increment the minimum password length to 9 2c7b5a2c5 tests: Skip too short SAE-PK passwords in positive testing d777156e1 SAE-PK: Determine hash algorithm from K_AP group instead of SAE group fb09ec87f SAE-PK: A tool for generating SAE-PK Modifier and password b6bcd74e5 Show SAE capabilities in control interface 9bf576870 Show SAE flags in scan results e7aeb6d8a SAE-PK: STA functionality 20ccf97b3 SAE-PK: AP functionality 00e4fbdcc tests: Module test for SAE-PK 6b9e99e57 SAE-PK: Extend SAE functionality for AP validation b6dcbd01a SAE-PK: Identifier definitions aed01b82d OpenSSL: Additional EC functionality for SAE-PK 8c1f61e82 OCV: Report OCI validation failures with OCV-FAILURE messages (STA) 661e66118 OCV: Allow OCI channel to be overridden for testing (AP) d10a57f6e DPP2: Derive a separate key for enveloped data 32d3360f3 DPP: Fix a typo in a comment 5a7bcb772 OSEN: Do not send the actual BIGTK to OSEN STAs 2d6cc0e67 FT: Do not expose GTK/IGTK in FT Reassociation Response frame in OSEN a99833789 WNM: Do not expose GTK/IGTK in WNM Sleep Mode Response frame in OSEN d578e890e OWE: Skip beacon update of transition BSS if it is not yet enabled 88436baaa Add a vendor attribute to get OEM data 3f9a89ca1 Vendor attributes for configuring LDPC, TX STBC, RX STBC 8ee0bc622 OCV: Disconnect STAs that do not use SA Query after CSA 01ceb88c7 OCV: Report validation errors for (Re)Association Request frames a3556d581 OCV: Report validation errors for EAPOL-Key messages in AP mode d52067a5b OCV: Report validation errors for SA Query Request/Response in AP mode 52579be86 OCV: Move "OCV failed" prefix to callers 2d118f557 OCV: Add support to override channel info OCI element (STA) c2080e865 Clear current PMKSA cache selection on association/roam d9532eb70 Debug print PMK-R0/R1 and PMKR0/R1Name in the helper functions 5ab8ad4cf Vendor attributes for ssetting TX A-MSDU and RX A-MSDU parameters f7a904a28 QCA vendor command for adding and deleting TSPEC 82867456e Vendor attributes to configure PMF protection and disassoc Tx for testing e5e275745 Add QCA vendor interface support to configure PHY modes db0d0b84a nl80211: Control the registration for RRM frame with driver_param Change-Id: I07d9feb8f019a22917ffc0088126c04b7d80115a	2020-10-21 21:53:50 +00:00
Hai Shalom	b755a2a1f9	[wpa_supplicant] Cumulative patch from commit 0c5ededed ... Merge to enable randomized source MAC address for ANQP/GAS messages. Addresses an issue with DPP when GAS MAC randomization is enabled. Enable GAS MAC randomization in HIDL. Bug: 154393320 Test: Device boots up and connects to wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Confirm ANQP messages are randomized from logs: wpa_supplicant: GAS: Use a new random transmitter address ae:a2:5f:5e:65:11 Test: act.py -c ../WifiDppConfig.json -tc WifiDppTest Test: Wi-Fi direct tests in CtsVerifier Test: Regression test passed (Bug: 154769005) 0c5ededed DPP: Fix config exchange with gas_rand_mac_addr 60a2de568 EAP server: Convert Boolean to C99 bool 4d2ec436e DPP: Add driver operation for enabling/disabling listen mode 99cf89555 Include stdbool.h to allow C99 bool to be used 3e6383f31 DPP2: Silence compiler warning with no-CONFIG_DPP2 and OpenSSL 1.0.2 f23b70f16 Silence compiler warning in no-NEED_AP_MLME hostapd builds 011526874 nl80211: Move nl80211_init_connect_handle() to avoid forward declaration 2c70b7d0b Do not open l2_packet(EAPOL) for receive unnecessarily 7a880b129 l2_packet: Allow initialization without RX handling 95cbf4509 nl80211: Do not open EAPOL RX socket when using control port for RX (AP) c3bb8865a Clean up l2_packet_get_own_addr() call 9d6334e81 Do not open l2_packet bridge workaround socket if control port is used c1bc0dd80 nl80211: Disable EAPOL TX over control port in AP mode by default 12ea7dee3 nl80211: Use nl80211 control port for receiving EAPOL frames 8609aa5ba nl80211: Tie connect handle to bss init/destroy b4a70018e nl80211: Handle control port frame in bss events 6f70fcd98 nl80211: Check ethertype for control port RX 932546ac2 nl80211: Add a separate driver capability for control port RX bb9e3935d driver: Add second driver capability flags bitmap 6255a8ac1 WPS: Convert WPA/TKIP-only to WPA+WPA2 mixed mode credential 6b1c590eb Allow TKIP support to be removed from build a6c689d35 FT: Testing override for RSNXE Used subfield in FTE (AP) 9b222b613 nl80211: Remove unnecessary inclusion of l2_packet.h b2d8dc59f FT: Testing override for RSNXE Used subfield in FTE 5344af7d2 FT: Discard ReassocReq with mismatching RSNXE Used value af0178c75 Add vendor attributes indicating number of spectral detectors 7a510a97b Add an attribute for secondary 80 MHz span of agile spectral scan 24a6bca70 PKCS#1: Debug dump invalid Signature EB eac6eb702 X509: Use unique debug prints for unused bits entries 153333ef6 FT RRB: Remove confusing debug print about extra data d867e1181 FT: Remove and re-add STA entry after FT protocol success with PMF 97beccc83 SAE: Fix build without DPP/OWE/ERP c7a9a5745 P2P: Start group with user configured params after accepting invitation 512b6c02e DPP: Mandate mutual auth with NFC negotiated connection handover 872299f4b DPP2: Store netAccessKey in psk/sae credentials for reconfig bf9f49396 OWE: Remove check for unexpected DH Parameter IE use with other AKMs e4eb009d9 DPP2: Add Connector and C-sign-key in psk/sae credentials for reconfig 1dcfbab25 DPP2: Clear requirement for QR Code mutual authentication for chirping Change-Id: Iecf7494c1be132e006dee9ec0a40283765bdddbb	2020-04-23 21:51:48 -07:00
Jeff Chang	a5ae4a7eeb	Revert "[wpa_supplicant] Cumulative patch from commit 0c5ededed" ... This reverts commit 1a1e642fd6. Reason for revert: Droidcop: Potential culprit for Bug 154881734 - verifying through Forrest before revert submission Change-Id: I85f75adeb43554b0ebbf295fea51e1b68b169ed2	2020-04-24 03:47:18 +00:00
Hai Shalom	1a1e642fd6	[wpa_supplicant] Cumulative patch from commit 0c5ededed ... Merge to enable randomized source MAC address for ANQP/GAS messages. Addresses an issue with DPP when GAS MAC randomization is enabled. Enable GAS MAC randomization in HIDL. Bug: 154393320 Test: Device boots up and connects to wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Confirm ANQP messages are randomized from logs: wpa_supplicant: GAS: Use a new random transmitter address ae:a2:5f:5e:65:11 Test: act.py -c ../WifiDppConfig.json -tc WifiDppTest Test: Wi-Fi direct tests in CtsVerifier Test: Regression test passed (Bug: 154769005) 0c5ededed DPP: Fix config exchange with gas_rand_mac_addr 60a2de568 EAP server: Convert Boolean to C99 bool 4d2ec436e DPP: Add driver operation for enabling/disabling listen mode 99cf89555 Include stdbool.h to allow C99 bool to be used 3e6383f31 DPP2: Silence compiler warning with no-CONFIG_DPP2 and OpenSSL 1.0.2 f23b70f16 Silence compiler warning in no-NEED_AP_MLME hostapd builds 011526874 nl80211: Move nl80211_init_connect_handle() to avoid forward declaration 2c70b7d0b Do not open l2_packet(EAPOL) for receive unnecessarily 7a880b129 l2_packet: Allow initialization without RX handling 95cbf4509 nl80211: Do not open EAPOL RX socket when using control port for RX (AP) c3bb8865a Clean up l2_packet_get_own_addr() call 9d6334e81 Do not open l2_packet bridge workaround socket if control port is used c1bc0dd80 nl80211: Disable EAPOL TX over control port in AP mode by default 12ea7dee3 nl80211: Use nl80211 control port for receiving EAPOL frames 8609aa5ba nl80211: Tie connect handle to bss init/destroy b4a70018e nl80211: Handle control port frame in bss events 6f70fcd98 nl80211: Check ethertype for control port RX 932546ac2 nl80211: Add a separate driver capability for control port RX bb9e3935d driver: Add second driver capability flags bitmap 6255a8ac1 WPS: Convert WPA/TKIP-only to WPA+WPA2 mixed mode credential 6b1c590eb Allow TKIP support to be removed from build a6c689d35 FT: Testing override for RSNXE Used subfield in FTE (AP) 9b222b613 nl80211: Remove unnecessary inclusion of l2_packet.h b2d8dc59f FT: Testing override for RSNXE Used subfield in FTE 5344af7d2 FT: Discard ReassocReq with mismatching RSNXE Used value af0178c75 Add vendor attributes indicating number of spectral detectors 7a510a97b Add an attribute for secondary 80 MHz span of agile spectral scan 24a6bca70 PKCS#1: Debug dump invalid Signature EB eac6eb702 X509: Use unique debug prints for unused bits entries 153333ef6 FT RRB: Remove confusing debug print about extra data d867e1181 FT: Remove and re-add STA entry after FT protocol success with PMF 97beccc83 SAE: Fix build without DPP/OWE/ERP c7a9a5745 P2P: Start group with user configured params after accepting invitation 512b6c02e DPP: Mandate mutual auth with NFC negotiated connection handover 872299f4b DPP2: Store netAccessKey in psk/sae credentials for reconfig bf9f49396 OWE: Remove check for unexpected DH Parameter IE use with other AKMs e4eb009d9 DPP2: Add Connector and C-sign-key in psk/sae credentials for reconfig 1dcfbab25 DPP2: Clear requirement for QR Code mutual authentication for chirping Change-Id: I3e808e1d17162f0d4ce71536addf28790f0b24d2	2020-04-24 02:27:23 +00:00
Ahmed ElArabawy	0ff61c5e4c	Cumulative patch from commit ee48f48ba ... The following commits are merged as well as changes in ./wpa_supplicant/hidl/1.3 to fix compilation errors. ee48f48ba hostapd: Support showing neighbor list through hostapd_cli 3204795d7 STA OBSS: Add check for overlapping BSSs 3af78a4e0 Extract BSS coex 40 MHz check into a separate function 70755e658 Allow removing neighbor DB entries by BSSID alone bf3ab50f4 Change some RRM debug messages from wpa_printf() to wpa_dbg() a737e40b5 drivers: Support of dynamic VLAN requires Linux ioctls 9b391715c mesh: Allow group management cipher to be configured 65d0b67c2 mesh: Increase plink action frame AMPY buffer length for max GTK/IGTK b1b62a136 WPS: Add WPS-PIN-ACTIVE and WPS-CANCEL events 0b1839405 Add "reconnect" cmdline argument to hostapd_cli/wpa_cli 4318a635a DBus: Update dont_quote[] with new network profile parameters 26a00ba8b DBus: Remove not existing network profile params from dont_quote[] 23d87687c dbus: Move roam metrics to the correct interface 8e111157e nl80211: Relax bridge setup 3626e72c8 l2_packet: Fix bridge workaround for repeater configuration 84972999b FT: More debug prints for RSNE modification for EAPOL-Key msg 2/4 4cfa8b92b Fix wpa_insert_pmkid() when buffer includes extra IEs 32289112c wpa_passphrase: Output errors to stderr 07fe134d9 EAP-SIM peer: Do not accept SIM/Challenge without SIM/Start b2e2a8588 OpenSSL: Extend key_block size determination to support GCM/CCM ciphers efaa6256e More detailed documentation on ieee80211w configuration parameter 1730a6a5e nl80211: Fix couple of typos in a comment 307cfc328 Strip trailing zero data in EAPOL-Key msg 1/4 when no PMKID to send 2c5ccfa60 nl80211: Initialize full channel info struct even if channel is not known e6d3aca9c WPS: Add prefixes to public event_* functions 2ba6aa604 Fix memory leak in case allocation of token fails during JSON parsing 84877f253 wpa_supplicant: Do not try to detect PSK mismatch during PTK rekeying 78d338d1b DPP: Fix a memory leak on an error path 9be30ffc1 DPP: Abort ongoing scan if connection status needs to be sent 3f3876344 SAE: Enable NEED_DH_GROUPS_ALL for CONFIG_TESTING_OPTIONS=y builds 1f1567d2a QCA vendor command for getting STA information e5620bf02 6 GHz: Select channel width using configured op_class 0bfc04b8d Do not enable HT/VHT when operating in 6 GHz band da8570f4c Allow non-PCS 6 GHz channels to be excluded from ACS 59bb72642 Allow ACS channel list to be configured as frequencies (in MHz) 5f9b4afdf Use frequency in HT/VHT validation steps done before starting AP 59e33b4a9 ACS: Select current hw_mode based on the selected frequency bb781c763 AP: Populate iface->freq before starting AP 41cac481a ACS: Use frequency params in ACS (offload) completed event interface 840532aea Search through all hw_features sets in hw_get_channel_freq() 15d356873 ACS: Add channels from all modes matching with configured hw mode 996662250 P2P: Add support for EDMG channels f86e34168 Update operating classes and channels for the 60 GHz band a19277a28 Add EDMG bandwidth to channel frequency APIs 5a563a3d3 Avoid compiler warning on shadowing a local variable e3c476bd8 SAE H2E: Fix RSNXE override in EAPOL-Key msg 2/4 for testing purposes 7fde39fb1 Add sae_rejected_groups to hostapd STA control interface command 5661ebd77 DPP: Configurator netRole for Enrollee 740457445 DPP: Replace ap boolean with netRole enum in Configurator params f2c4b44b4 SAE H2E: RSNXE override in EAPOL-Key msg 3/4 132565539 SAE H2E: RSNXE override for testing purposes a889e9a70 SAE: Reject invalid rejected group report in SAE commit explicitly (AP) c88e01e1b SAE H2E: Fix validation of rejected groups list b834e9700 SAE H2E: Testing option to report extra rejected groups 918df2227 SAE: Reject unexpected Status Code in SAE commit explicitly (AP) 405946d76 SAE: Testing option to ignore H2E requirement mismatch 23acdd9f3 Fix memory leak in ACS offload operation e86ba912a ACS: Remove redundant ch_list parameters from do_acs interface 3cf360b8e DFS: Don't handle DFS ops for 6 GHz channels ee0030e81 6 GHz: Do not check for HT capability on 6 GHz channels e780b4bf2 DPP: Bootstrapping via NFC URI Record 3c0d6eb8a Sync with mac80211-next.git include/uapi/linux/nl80211.h 38203148e Extend hostapd to support setband to driver via QCA vendor command 3c13af557 hostapd: Register wpa_msg callback even if only global ctrl_iface is used e92080568 hostapd: Extend global control interface notifications 9f50538e1 SAE H2E: Do not use sae_h2e param in AP mode if SAE is disabled 181bf9336 DPP2: Report received ssid_charset as DPP-CONFOBJ-SSID-CHARSET event 71e2848ea DPP2: ssid64/ssid_charset in Configurator 57a63b131 DPP2: Add parsing of ssid64/ssid_charset in Config Object 590bc64d6 DPP: Use JSON token builder helpers e75ab5322 JSON: Add helper functions for building tokens 8e5e36a18 Clean up base64_{encode,decode} pointer types b22608423 Clean up base64_url_{encode,decode} pointer types a4255a207 Simplify base64_url_encode() prototype c54227c26 DPP2: Replace connectionStatus object ssid with ssid64 31b6eb417 tests: Update SAE H2E test case to match SSWU parameter z change 0432237a4 SAE H2E: Update SSWU curve-specific parameter z values 5b50265e1 WMM: Do not modify input TSPEC buffer during processing 783a99b73 HS2.0: Skip check for roaming_consortium for NAI realm query f3c077929 P2P: Fix listen state machine getting stuck in send_action() scheduled case 530b8ee3c hostapd: Update DFS status in VHT80+80 mode 93ba13bcf Fix status code in SAE/DPP association PMKID mismatch (driver-AP-SME) b90d2f7ff Fix a typo in a comment Bug: 146900007 Test: Device boots up and connects to wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Regression test Passed (Bug: 146905211) Change-Id: Idc3584b491429a2e4935068a293bff572fc9d62e	2020-01-08 20:59:22 -08:00
Hai Shalom	c3565926fc	[wpa_supplicant] Cumulative patch from 9fde14607 ... Changes include required updates to DPP R2. Bug: 143479699 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Regression test Passed (Bug: 143485775) 9fde14607 Allow scans triggered by D-Bus to use MAC address randomization 10f8351d6 D-Bus: Add MAC address randomization endpoints bb66d4675 Move ownership of MAC address randomization mask to scan params 6c2f70cc6 DPP: Mention ssid and pass parameters for DPP_AUTH_INIT in documentation 1030dec1f JSON: Fix escaping of characters that have MSB=1 with signed char 7800725af dbus: Export OWE capability and OWE BSS key_mgmt b2ad4e6b2 D-Bus: Fix P2P NULL dereference after interface removal 937644aa2 nl80211: Indicate SUITE_B_192 capa only when CCMP-256/GCMP-256 supported 1b5865a53 SAE: Ignore commit message when waiting for confirm in STA mode 50a2c8c90 Do not indicate possible PSK failure when using SAE df3b2e22a nl80211: Add STA node details in AP through QCA vendor subcommand f273b2a5c Add QCA vendor cmd for setting BT coex chain mode 4dc860680 Extend QCA OEM data vendor subcmd to allow use as an event 93a1e275a SAE: Determine H2E vs. looping when restarting SAE auth in AP mode de580bf6c crypto: Remove unused crypto_bignum_sqrtmod() 9b292a48f SAE: Drop sqrt() alternative from SSWU (H2E) 305369038 wpa_supplicant: Fix arithmetic on void pointer 00ddc1cc2 common: Fix same expression checked twice in fils_key_auth_sk() 327d09aa0 HE: Add 11ax info to ap mode ctrl iface STATUS command d7678a084 Fix AP Extended Capability length determination a592f2a9e P2P: Continue listening next request if no post-PD operations a32acf391 Fix hostapd build with CONFIG_WPA_TRACE but no CONFIG_WPA_TRACE_BFD b38c8c9cb dbus: Suppress to show NULL string 6807eee9c Interworking: Check NULL string to avoid compiler warning ec1c0d154 Fix name of DBus interface in defconfig f73dd0a69 FT-SAE: Add RSNXE into FT MIC cb9925977 Add RSNXE into (Re)Association Response frames 865721c69 Merge wpa_supplicant and hostapd EAPOL-Key KDE parsers 898b6d58f SAE: Verify that STA negotiated H2E if it claims to support it 74866f537 RSN: Verify RSNXE match between (Re)AssocReq and EAPOL-Key msg 2/4 9981d5bf3 Add RSNXE into AP KDE parser d3516cad7 Store a copy of Association Request RSNXE in AP mode for later use 6d6c88775 SAE: Add RSNXE in Association Request and EAPOL-Key msg 2/4 8401cdc8d Add RSNXE into IE parser 0b0ed907d WPS: Check SHA256 result success 8dda97c75 QCA vendor command for adding a STA node b41dc61af Add a new QCA vendor attribute to carry device info for OEM data bf185bfd5 QCA vendor attributes to indicate BW-based agile spectral capability 1317ea2c0 nl80211: Allow external auth based on SAE/FT-SAE key mgmt cdb5774f4 FST: Update FST about MAC address change 49e95ee1e AP: Publish only HE capabilities and operation IEs on 6 GHz band d7c2c5c98 AP: Add initial support for 6 GHz band a5b2faa71 AP: Add op_class config item to specify 6 GHz channels uniquely 89450024a wpa_supplicant: Pass in operating class for channel validity checks 032c8264d SAE: Check that peer's rejected groups are not enabled in AP a5dc2a5c1 SAE: H2E version of SAE commit message handling for AP 43b20b437 SAE: Derive H2E PT in AP when starting the AP 444d76f74 SAE: Check that peer's rejected groups are not enabled cfe1ea5c9 SAE: H2E version of SAE commit message handling for STA 447cd5f2d SAE: Collect list of rejected groups for H2E in STA 05a2fb0d1 SAE: Derive H2E PT in STA before connection 146889e3c RSN: Verify RSNXE match between Beacon/ProbeResp and EAPOL-Key msg 3/4 3134bb13a SAE: Advertise Extended RSN Capabilities when H2E is enabled 293a01f3b SAE: Handle BSS membership selector indication for H2E-only in STA mode cc0da0ff4 SAE: Advertise BSS membership selector for H2E-only case 85e64e634 SAE: Add sae_pwe configuration parameter for wpa_supplicant a36e13a7c SAE: Add sae_pwe configuration parameter for hostapd af4487148 tests: Module test for SAE hash-to-element crypto routines cf84246eb SAE: Add Rejected Groups element into H2E Commit efd428529 SAE: Hash algorithm selection for H2E KCK/CN() aeb022f8e SAE: Implement hash-to-element PT/PWE crypto routines ecd711407 SAE: Parse Rejected Groups element from H2E SAE commit 86f608486 SAE: Tell sae_parse_commit() whether H2E is used 316156739 SAE: H2E protocol defines 1766e608b wolfSSL: Fix crypto_bignum_sub() 2a1c84f4e crypto: Add more bignum/EC helper functions 9c08bfbd9 DPP: Fix confusing debug entry from Configurator f7fe05522 SAE: Allow AP behavior for SAE Confirm to be configured d6a7de60c wpa_cli: Clean up unnecessarily complex CONFIG_MESH use 8b426ab1e wpa_supplicant: Pass AP mode EDMG config to hostapd struct a82aee1f4 wpa_supplicant: Add support for EDMG channels 35aed771f Indicate EDMG in scan results f6f8c6ade AP: Show EDMG channel info in STATUS output 241dd76cf hostapd: Check EDMG configuration against capability dc3457cc4 hostapd: Check usability of EDMG channel bebd91e9c Add EDMG parameters to set_freq functions fdd0fef2c EDMG: Helper functions for parameter encoding/checking e8ff22f47 wpa_supplicant: Add EDMG channel configuration parameters 5c5ff22ef hostapd: Add EDMG channel configuration parameters dda5d9e31 nl80211: Add support for EDMG channels a19913c17 IEEE P802.11ay/D4.0 defines for EDMG c34917403 MBO/OCE: Update disable_mbo_oce flag after association b719a1568 DPP2: Parse AKM suite selector version of akm node 68fea9603 DPP2: Allow Configurator to use AKM suite selectors in Config Object 52d469de1 DPP2: Support multiple Config Objects in Enrollee 7eb06a336 DPP2: Allow multiple Config Objects to be build on Configurator 99918e069 DPP: Cleaned up netrole indication for config object building e0d22c842 FILS+FT: Fix MFPR flag in RSNE during FILS exchange for FT d0a4ed6a1 Allow SAE to be used in wpa_supplicant AP mode 7846e8d60 NetBSD: Fix compile 2e06cef80 MBO/OCE: Work around misbehaving MBO/OCE APs that use RSN without PMF 722c7d195 wlantest: Process VLAN tagged Data frames 83b83b461 nl80211: Migrate to current netlink key message format 7a4b01c87 AP: Provide correct keyid to wpa_send_eapol() for EAPOL-Key msg 3/4 a3ebf7175 BSD: Add support for route(4) message filtering d9286d099 ACS: Stop before scan if no channels in chanlist are available f32aa244e DPP: Debug print configRequest bandSupport on Configurator 8f8c423a5 DPP: Add bandSupport JSON array into config request 6d3dc9ba1 mka: Check OLPN for exhaustion on SAKuse decode 84851007d mka: Check OLPN for exhaustion on SAKuse encode 547ba732d mka: Clear out old/latest key values on CHANGE in CP state machine 536a7cfcf mka: Don't set newSAK to FALSE on ABANDON in CP state machine 0fedfba2e mka: Change RECEIVE and RETIRE states to match the standard 3f2641e7a Fix wpa_supplicant build with CONFIG_PCSC=y 5a5639b06 DPP: Allow name and mudurl to be configured for Config Request 3394def5a More consistent SA check for unexpected Data frames 16ef233bf DPP2: Connection status result (Enrollee) b10e01a79 DPP2: Connection status result (Configurator) e501a2eb5 DPP2: Connection status result defines cc8399528 DPP2: Move dpp_build_conf_result() to be within ifdef block 3a6736fe8 DPP2: Fix a memory leak on error path for Config Result 21dc1627f wpa_supplicant: Don't return an error when successfully parsing WMM rules 8214b45ba P2P: Use latest BSS entry if multiple P2P Device Addr matches found dc6c3be4e wpa_supplicant: Add support for 60 GHz band channels 5 and 6 018edec9b Remove IAPP functionality from hostapd d86d66dc0 AP: Silently ignore management frame from unexpected source address a84bf4438 HE: Send the AP's OBSS PD settings to the kernel 262b71eea Sync with mac80211-next.git include/uapi/linux/nl80211.h 8788a314d WPS: Update MAC address on address changes 39042d7f7 os_sleep: Use nanosleep for POSIX versions 2008 and higher a69742c2f wpa_cli: Do not pick p2p-dev-* interfaces by default d842e00bd SAE: Return result from confirm CN() operation to the caller a8bfc6fff FILS: Update connect params after sending connection notification 0df82a3da Correct the type/usage of QCA_ATTR_ROAM_CONTROL_SCAN_FREQ_LIST 6bf6c6fec DPP: Fix hostapd build dependencies for DPP-only build 1eff2e7bf DPP2: Fix wpa_supplicant build dependencies for CONFIG_AP=y build d2bae5763 DPP: Fix wpa_supplicant build dependencies for DPP-only build 7d2ed8bae Remove CONFIG_IEEE80211W build parameter 022926187 DFS offload: Fix hostapd state and CAC info in STATUS output 4d78ba990 EAP-TEAP peer: Clear Phase 2 EAP method on new Identity exchange 681618246 EAP-TEAP peer: Add support for machine credentials using certificates ebee8232d Do not try to include net/ethernet.h in MinGW/Windows builds bf15b1559 Fix Windows error code definition workaround 043de65f1 EAP peer config: Move ocsp param to phase1/phase2 8d76e0ad7 EAP server: Configurable maximum number of authentication message rounds b99c4cadb EAP peer: Move certificate configuration params into shared struct 6e711e7ab mesh: Do not enable HE on 5 GHz without VHT 0497e4148 HE: Fix HE Capabilities element size a2e0cc9e0 Add nl80211 vendor ACS trigger reasons related to interference 69e8e7817 HS 2.0: Do not add two copies of OSEN element into Beacon/Probe Resp a762ba8b1 HS 2.0 AP: Do not mandate PMF for HS 2.0 Indication in open OSU network e49ce2990 IEEE 802.1X authenticator: Coding style cleanup 31aaddc90 Clean up IEEE 802.1X authentication debug messages for EAP code 71419119f EAP-TEAP peer: Fix protected indication of inner EAP method failure 93cd29d2b EAP-TEAP server: Add support for requiring user and machine credentials c38c62ff7 wlantest: Derive PMK-R1 and PTK for FT protocol cases c41936566 EAP-TEAP peer: Add support for machine authentication c724a0a16 EAP peer: Add a concept of a separate machine credential 9ce3bfaf4 RADIUS server: Abort startup on allocation failures fa1f0751c RADIUS server: Use struct eap_config to avoid duplicated definitions a00cb1b1f EAP-TEAP server: Fix eap_teap_pac_no_inner configuration 986033ff3 EAP-TEAP server: Fix Crypto-Binding check in PAC no-inner-auth case e54cfbb56 EAP-TEAP server: Allow a specific Identity-Type to be requested/required f186ec54c EAP-TEAP peer: Support Identity-Type TLV cc661c160 EAP-TEAP: Add parsing and generation routines for Identity-Type TLV 100b2edb2 OpenSSL: Write peer certificate chain details in debug log 7eb157f1e EAP: Increase the maximum number of message exchanges 822e7c66a EAP server: Use struct eap_config to avoid duplicated definitions 62af2b18f EAP-TEAP peer: Support vendor EAP method in Phase 2 aba8dc82f EAP-PEAP server: Support vendor EAP types in Phase 2 357c1062d EAP-FAST peer: Support vendor EAP method in Phase 2 f32f76231 EAP-FAST server: Support vendor EAP types in Phase 2 887d8703b EAP-PEAP peer: Support vendor EAP method in Phase 2 f2ef4f255 EAP peer: Allow VENDOR-TEST method in Phase 2 5ddbd9e96 EAP-TTLS peer: Support vendor EAP method in Phase 2 5e94e7f23 EAP-TTLS server: Support vendor EAP types in Phase 2 5f2301a6d Replace EapType typedef with enum eap_type 76ddfae6e EAP-TEAP server: Testing mechanism for Result TLV in a separate message 4c327146f EAP-TEAP peer: Allow Result TLV without Crypto-Binding TLV 128d46be9 EAP-TEAP: Add parsing of Error TLV 234489efd EAP-TEAP server: Require Intermediate-Result TLV even with Result TLV 0f7c91f2b EAP-TEAP peer: Add Intermediate-Result TLV with Crypto-Binding TLV a66e53c41 EAP-TEAP: Fix TLS-PRF for TLS ciphersuites that use SHA384 52069c7ef Add TLS-PRF using HMAC with P_SHA384 for TEAP a647a0ad7 Extend server certificate TOD policy reporting to include TOD-TOFU 346d10cf8 SAE: Conditionally set PMKID while notifying the external auth status b7cd64876 SAE: Use BSSID stored in ext_auth_bssid for set_pmk e0b331d89 OWE: Update connect params with new DH attributes to the driver c574a3ff1 nl80211: Request update connection params only for drivers with SME 528f263c4 FT: Reject over-the-DS response with MFPC=0 if PMF is required ae05b6a21 RSN: Do not allow connection to proceed without MFPC=1 if PMF required ded56f2fa FT: Fix MFPR flag in RSNE during FT protocol 0028d627c OCE: Mandate PMF for WPA2 association with OCE AP 84ebc759a HS 2.0: Match credentials based on required_roaming_consortium d2b208384 SAE: Allow PMKID to be added into Association Request frame following SAE 2ca23faf1 Make wpa_insert_pmkid() more generic 05822609d HE: MCS size is always a minimum of 4 bytes df4f95998 nl80211: Don't force VHT channel definition with HE dd0153fce Check for LEAP before doing FT 6126e5f97 Fix a typo in hostapd config documentation 698a0067c Fix check_crl_strict documentation 485dd425b Add QCA vendor command for avoid frequency feature 6ae1247bf Update QCA vendor attributes for 6 GHz band support aa23ece3d Add QCA vendor channel attribute to restart AP 85508ecf6 Add QCA vendor command to configure ACS policy 2395fdb67 Add QCA vendor attributes to enhance roaming configuration 1425caac2 Rename qca_wlan_vendor_attr_roam_subcmd to represent subcmds f13119631 Document the attributes used by QCA_NL80211_VENDOR_SUBCMD_ROAM b0b25c5bb Clear external eapSuccess setting in driver-authorized cases fa1d5ec18 The master branch is now used for v2.10 development ca8c2bd28 Preparations for v2.8 release 3263fca28 Set the default scan IEs on interface restart d776bf8c6 EAP-TEAP peer: Fix fragmentation of final message 1c7e61a35 wolfssl: Avoid void pointer arithmetic 7122a02fa SAE: Fix order_len for FFC groups 422e73d62 DPP: Indicate authentication success on ConfReqRX if needed d001fe31a OpenSSL: Handle EVP_PKEY_derive() secret_len changes for ECDH 29ef1c5ee DPP: Use a common helper function for ECDH operations ac734a342 SAE: Fix KCK, PMK, and PMKID derivation for groups 22, 23, 24 c65168ccd OpenSSL: Fix crypto_bignum_to_bin() with padlen == 0 cb28bd52e nl80211: Use separate flag for 4-way handshake offload 6bb11c7a4 EAP-SIM/AKA server: Allow pseudonym/fast reauth to be disabled c1b236521 EAP-SIM/AKA: Do not allow anonymous@realm "pseudonym" to be cleared cc2fd9425 D-Bus: Demote timeout/flush messages to MSG_MSGDUMP 3b726df82 nl80211: Missing sysctl flags aren't fatal f4111ff3d Extra RADIUS request attributes from SQLite 74707def8 Move hostapd_parse_radius_attr() into ap_config.c 1e5ea68d1 mka: Accept last two used MNs in Peers List of a received MKPDU 013686403 P2P: Pass HE flag to GO negotiation result 876c5eaa6 dragonfly: Disable use of groups using Brainpool curves 968520da8 nl80211: Add WMM parameters while updating TDLS peer entry 5a511924b wpa_cli: Add support to process DPP action events in action script 64e37be94 Avoid nested enum wpas_mode declaration to allow C++ compilation fe2e1edf4 EAP-SIM server: Avoid void pointer arithmetic cfc9ebea0 EAP-AKA server: Avoid void pointer arithmetic bd0414043 trace: Avoid void pointer arithmetic fc03ea2c1 DPP: Avoid void pointer arithmetic d1b1f9fa9 Report WPA/RSN protocol and AKM suite selector in STA MIB 43aafef8d Add missed wpa_akm_to_suite() selectors bfb6a482f dragonfly: SAE/EAP-pwd min PWE derivation iteration count to shared code 226da33d7 EAP-pwd peer: Configurable set of groups with reduced default 6a4406c01 Add QCA vendor attributes for ELNA bypass 176c133e9 Add a vendor attribute to configure disconnect IEs 123895228 Add QCA vendor command to support OEM data Change-Id: Iaa497edcda7c5dcdad19db9d09ab09ef74e508bd	2019-11-05 19:22:40 +00:00
Hai Shalom	81f62d8b15	[wpa_supplicant] Cumulative patch from b8491ae5a ... Also revert local solution for encrypted IMSI and use the upstream version. Bug: 134177972 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Regression test passed (Bug: 137653009) Change-Id: Ie34a0138a3a2039b03101c788b43acbb33f8332a	2019-07-23 08:38:09 -07:00
Hai Shalom	f1c9764c0e	Revert "[wpa_supplicant] Cumulative patch from b8491ae5a" ... This reverts commit 878cf7bcbf. Reason for revert: git_master/sdk_phone_armv7-sdk Change-Id: I6070fc5c1f9c20867f6dfce90e529e35578d572e	2019-07-19 23:44:14 +00:00
Hai Shalom	878cf7bcbf	[wpa_supplicant] Cumulative patch from b8491ae5a ... Also revert local solution for encrypted IMSI and use the upstream version. Bug: 134177972 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Regression test passed (Bug: 137653009) Change-Id: Ibf6b6ef3495287156c397daa89d02923f981889b	2019-07-19 20:14:50 +00:00
Hai Shalom	021b0b5d02	[wpa_supplicant] Cumulative patch from 89bbe6f87 ... Bug: 130294744 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: DPP test: act.py -c ../WifiDppConfig.json -tc WifiDppTest Test: Regression test passed (Bug: 130312227) 89bbe6f87 EAP-pwd: Get rid of unnecessary allocation of temporary buffer 4396f74a3 EAP-pwd: Enforce 1 < rand,mask < r and rand+mask mod r > 1 72056f69a tests: Module tests for const_time_*() functions 16d4f1069 EAP-pwd: Check element x,y coordinates explicitly 8ad8585f9 EAP-pwd client: Verify received scalar and element d63edfa90 EAP-pwd server: Detect reflection attacks 70ff850e8 EAP-pwd server: Verify received scalar and element ac8fa9ef1 SAE: Fix confirm message validation in error cases cff138b07 SAE: Use constant time operations in sae_test_pwd_seed_ffc() f8f20717f SAE: Use const_time selection for PWE in FFC 90839597c SAE: Mask timing of MODP groups 22, 23, 24 362704dda SAE: Avoid branches in is_quadratic_residue_blind() 6513db3e9 SAE: Minimize timing differences in PWE derivation aaf65feac EAP-pwd: Use constant time and memory access for finding the PWE c93461c1d OpenSSL: Use constant time selection for crypto_bignum_legendre() 6e34f618d Add helper functions for constant time operations d42c477cc OpenSSL: Use constant time operations for private bignums 242e85728 Extend domain_match and domain_suffix_match to allow list of values dcc0ccd5b wolfSSL: Fix dNSName matching with domain_match and domain_suffix_match 83f13e4ff tests: Fix build without CONFIG_SAE 3580ed826 RADIUS server: Accept ERP keyName-NAI as user identity bbde461d7 Fix a typo in the Multiple BSSID Index element ID define 1326cb765 DPP: Fix a regression in non-DPP, non-OpenSSL builds db54db11a SAE: Reject unsuitable groups based on REVmd changes 6bb9d9a8d AP: Avoid NULL use with snprintf string 0a42f1ede scan: Use normal scans after connection failure bbed23aee hostapd: Reduce minimum beacon interval from 15 to 10 TUs 048796715 OWE: Fix a possible memory leak on error path 277fa92b3 crypto: Fix unreachable code in tls_prf_sha1_md5() 3d93e26e6 tests: SAE test vector from IEEE P802.11-REVmd/D2.1, Annex J.10 e5711b618 Add a QCA vendor attribute to carry the reason for roaming 005585d60 nl80211: Add SAE, FT-SAE, FT-EAP-SHA384 AKMs in connect request edcaf16f9 P2P: Enable HE for both 2G and 5G bands 822c756e8 MBO: Update connect params with new MBO attributes to driver 74f8e768f MBO: Always include Non-preferred Channel Report attribute in AssocReq bd23daa8e DPP: Move GAS encapsulation into dpp_build_conf_req() be609c6fc SAE: Fix commit message override with external authentication 9af1eea37 Prefer FT-SAE over FT-PSK if both are enabled 853bd19f2 Add more debug prints on suite selector selection 6d77014e7 Suite B: Prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 ab3aebcce SAE: Fix PMKSA cache entry search for FT-SAE case 253ce212e Add AKM info in the debug message noting PMKSA caching entry addition 6fe3f0f79 FT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used bcf190005 FT-SAE: Enable external auth support for FT-SAE also 6d14b98fc nl80211: Do not add WMM parameters when updating an existing STA entry 2ffd8076d FT/RRB: Pad RRB messages to at least minimum Ethernet frame length 555c93e2d FT/RRB: Add more debug prints for RRB message encryption/decryptiom 76fd782ab SAE: Reorder SAE and FT-SAE AKM selection to prefer the FT option 322d328e7 FT: Fix SAE + FT-SAE behavior in association parameter selection 87d8435cf DPP: Common configurator/bootstrapping data management 08dc8efd2 Fix memcpy regression in PMK handling 130444738 FILS: Fix KEK2 derivation for FILS+FT bf84e78cb OpenSSL: Fix build with current BoringSSL b750dde64 OWE: Move Association Response frame IE addition to appropriate place 10ec6a5f3 DPP2: PFS for PTK derivation ecacd9ccd DPP2: Extend wpa_pmk_to_ptk() to support extra Z.x component in context 16a4e931f OWE: Allow Diffie-Hellman Parameter element to be included with DPP 808bdb308 Add TEST_FAIL() to aes_encrypt_init() with internal crypto 32f476066 TLS: Add support for RFC 5705 TLS exporter context with internal TLS a916ff5cd Add support for an optional context parameter to TLS exporter 18015fc8a DPP2: Support new legacy+DPP config object credentials dd6c59800 DPP: Support DPP and SAE in the same network profile 9305c2332 DPP: Clean up configuration parsing f5db77504 Remove pending connect and sme-connect radio works on disconnect c675397cc OpenSSL: Fix build with OpenSSL 1.0.2 ff5f54e15 SAE: Reduce queue wait time for pending Authentication frames 5e3a759cd SAE: Improved queuing policy for pending authentication frames 67b3bcc95 DPP2: Testing option for Config Object rejction 22f90b32f DPP2: Configuration Result message generation and processing c98617b48 DPP2: Make DPP version number support available over control interface 673631b8a More robust timer_tick_enabled tracking b5e57699a FILS+FT: STA mode validation of PMKR1Name in initial MD association 365366393 FILS+FT: AP mode processing of PMKR1Name in initial MD association aabbdb818 FILS: Do not try to add PMKSA cache entry if caching is disabled 02bde9581 Vendor attribute to enable or disable TWT request support 4efade315 nl80211: Clear keys from heap memory before freeing it for get_seqnum 2b7fa0355 P2P: Fix ACS offloading behavior with p2p_no_group_iface=1 c6ec9759c nl80211: Exclude PMK when sending NL80211_CMD_DEL_PMKSA explicitly 0b4a906de DPP2: Protocol version indication ce7effd08 DPP2: Build configuration flags for DPP version 2 support bf0021ede Allow fragmentation/RTS threshold to be disabled explicitly 48102f65e Add a vendor subcommand QCA_NL80211_VENDOR_SUBCMD_MPTA_HELPER_CONFIG f10a4af1b Add QCA vendor command/event and attributes for peer rate statistics 56a33496f Sync with mac80211-next.git include/uapi/linux/nl80211.h 841205a1c OpenSSL: Add 'check_cert_subject' support for TLS server 0173423f4 Use char pointers for EAP configuration parameters without length cd6a5866e Remove forgotten os_strncpy() implementations ca9efe113 roboswitch: Check some read operation results 9571f945c mesh: Check that SAE state initialization succeeded for PMKID check fafad8527 defconfig: Enable DBus 6a8dee76d wpa_supplicant: Drop the old D-Bus interface support 954c535a5 DPP: Update wpa_supplicant configuration file after provisioning 4d379be4a Clarify AP mode Action frame handling cc833a236 Minor cleanup to return after WNM Action frame handling 700b3f395 Move SA Query frame length check to the shared handler function 002edb630 Fix AP MLME in driver handling of FT and SA Query Action frames 1e653daa3 EAP-pwd server: Fix memory leak with salted passwords 96d6dfa8e SAE: Add Finite Cyclic Group field in status code 77 response fda766010 EAP-pwd: Fix a memory leak in hunting-and-pecking loop 339dc8bd6 WPS: Allow SAE configuration to be added automatically for PSK fc30f99b3 WPS: Allow AP SAE configuration to be added automatically for PSK b9cd4f5e7 Vendor feature capability for TWT (Target Wake Time) 877502a6a Vendor attribute to indicate a set_blacklist of BSSID only as a hint a9247bcdf Vendor attribute to configure HE testbed default capabilities 8a7510cc0 Vendor attribute to configure support to enable VHT in 2.4G band 8919ec616 Vendor attribute to configure HE OMI UL MU data disable f21436158 SAE: Reuse previously generated PWE on a retry with the same STA fd8308912 SAE: Reuse previously generated PWE on a retry with the same AP a9af1da0b SAE: Enforce single use for anti-clogging tokens ff9f40aee SAE: Process received commit message through a queue a9fe13035 SAE: Enable only groups 19, 20, and 21 in station mode 941bad5ef SAE: Enable only group 19 by default in AP mode b11fa98bc Add explicit checks for peer's DH public key 4a9531a75 bignum: Fix documentation for bignum_cmp_d() 611308365 defconfig: Enable IEEE 802.11w management frame protection (wpa_supplicant) 9515fa925 defconfig: enable IEEE 802.11r fast BSS transition (wpa_supplicant) 6b7a0da75 defconfig: Enable IEEE 802.11n and 802.11ac (wpa_supplicant) 467004d63 defconfig: Enable Hotspot 2.0 (wpa_supplicant) ec52faa2b defconfig: Enable RSN on IBSS networks (wpa_supplicant) 67d99d2e0 defconfig: Remove obsolete notes about OpenSSL requirements for EAP-FAST eafc5fec2 defconfig: Enable a handful of EAP methods (wpa_supplicant) f64050da0 defconfig: Enable logging to file and syslog (wpa_supplicant) ae5240db8 defconfig: Enable simple bgscan module (wpa_supplicant) 2d6d47219 defconfig: Enable AP (wpa_supplicant) f87450a73 defconfig: Enable WPS (wpa_supplicant) d989e67d0 defconfig: Fix typos in Wi-Fi Display description c4eafad09 defconfig: Enable P2P and Wi-Fi Display (wpa_supplicant) bf46c6fca defconfig: Add SAE (wpa_supplicant) ca098ee45 defconfig: Add DPP (wpa_supplicant) 2f7bc0681 UBSan: Avoid a warning on unsigned integer overflow bb05d0360 Fix a regression from VLAN assignment using WPA/WPA2 passphrase/PSK 429ed54a3 UBSan: Avoid a warning on signed left shift b3957edbe UBSan: Split loop index decrementation into a separate step 5ac13f6d0 atheros: Avoid clang compiler warning on address of array check aaa6b1498 Avoid compiler warning about potentially unaligned pointer value cce974d36 UBSan: Define FST LLT macros without integer overflow 9140caf5f UBSan: Avoid integer overflow in a loop index counter 8fc22fdde UBSan: Avoid NULL pointer dereferences on an error path 43216777e UBSan: Avoid unsigned integer overflow in base64 encoding fed7d8fcb UBSan: Avoid unsigned integer overflow in utf8_{,un}escape() cc4cdefc7 UBSan: Avoid unnecessary warning a9377bc38 UBSan: Avoid memcpy(ptr, NULL, 0) 5a23c2528 UBSan: Avoid an unsigned integer overflow warning abde4eba4 UBSan: Pack MACsec peer id structure c4fccfc7a UBSan: Avoid memcmp(ptr, NULL, 0) 1b85cad29 UBSan: Use typecast to avoid unsigned integer overflow e3b5bd81b UBSan: Fix RRM beacon processing attempt without scan_info 01d01a311 UBSan: Avoid size_t variable overflow in control interface ec2e7c4cf UBSan: Avoid unsigned integer overflow is throughput estimation 3b6b3ae58 Modify dl_list_for_each() to not use unaligned access with WPA_TRACE 1415d4b82 Multi-AP: Avoid memcpy(ptr, NULL, 0) in WPS Registrar initialization 2c129a1b7 Fix cipher suite selector default value in RSNE for DMG 239794018 Add new QCA vendor attributes for coex configuration d939a8cb4 Add a vendor attribute for specifying ethernet protocol type 8682f384c hostapd: Add README-MULTI-AP 66819b07b hostapd: Support Multi-AP backhaul STA onboarding with WPS 83ebf5586 wpa_supplicant: Support Multi-AP backhaul STA onboarding with WPS 56a2d788f WPS: Add multi_ap_subelem to wps_build_wfa_ext() bfcdac1c8 Multi-AP: Don't reject backhaul STA on fronthaul BSS 7ad7aa0e1 HS 2.0: Make hs20-osu-client SP and <FQDN> directories group writable 0f9632ceb mesh: More consistent checking of wpa_s->ifmsh in completion handler 2fae58fdc Fix wpa_psk_file parser error case handling b0e91e387 SAE: VLAN assignment based on SAE Password Identifier 947b5a153 P2P: Stop listen state if Action frame TX is needed on another channel b3e8ca65a P2P: Fix a typo in a debug message 464064c7e hostapd: Document openssl_ecdh_curves configuration parameter 31ee2992c Add QCA vendor subcmd/attribute to check wlan firmware state 3f8ceff54 Indicate wifi_generation in wpa_supplicant STATUS output ccaf77476 Add HE Capabilities into ieee802_11_parse_elems() 5d68c0acd nl80211: (Re)Association Request frame IEs from association event dbfa691df VLAN assignment based on used WPA/WPA2 passphrase/PSK dd2aedeb5 HS 2.0 server: Add X-WFA-Hotspot20-Filtering header line to T&C Change-Id: I4efde950845354673694f025ca07c3dddb6039e9	2019-04-10 23:32:43 +00:00
Hai Shalom	74f70d4688	[wpa_supplicant] Cumulative patch from fe468b071 ... Bug: 124017368 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: DPP functional test. Test: Regression test passed (Bug: 124301325) fe468b071 HE: Fix set_he_cap() parsing of config options for MU EDCA Params f3a841bbf Do not disassociate not-associated STA on timeout 91205c8eb OpenSSL: Fix uninitialized variable in CRL reloading corner case 092a19222 Use for_each_element() in ieee802_11_parse_elems() b50a63896 common: Use for_each_element_id/_extid for get_ie/get_ie_ext/get_vendor_ie b64479742 common: Use for_each_element_id() in mb_ies_info_by_ies() 9008048f0 common: Use for_each_element_id() in ieee802_11_vendor_ie_concat() eb84238df common: Use for_each_element() in ieee802_11_ie_count() 0e0c31bdc common: Add strongly typed element iteration macros 525923b1d tests: EAPOL-Key fuzzing tool 02a0a2393 RSN: Do not start preauthentication timer without candidates 1e5506588 JSON: Fix string parsing when \\ escape is at the end of buffer 0dedcb315 JSON: Fix parsing of a number from the end of the buffer 79fa1b453 tests: JSON parser fuzzer 62269c8d8 TLS: Fix X.509 certificate name conversion into empty string 3eae9766b TLS: Fix ASN.1 parsing with no room for the header fbc2123a1 TLS: Fix AlertDescription for missing partial processing case 1ac9c020b tests: TLS fuzzing tool f3cca8b1e TLS server: Check credentials have been configured before using them 19dd7a736 TLS server: Local failure information on verify_data mismatch f08ab18bf TLS server: Add internal callbacks get_failed, get_*_alerts b642ab406 TLS server: More complete logging of ClientHello decode errors fdd8a2f0b TLS client: Fix peer certificate event checking for probing e5bffe1aa OpenSSL: Add more handshake message names to debug 21cd8f831 nl80211: Use wpa_ssid_txt() for debug messages more consistently bbdb50146 Note HT overrides in debug log only if set f2a6ac63e P2P: Update find_start timer only when p2p_scan is started. c4e90da6d MBO: Move the WNM-Notification subtype definitions to common location 105b14f54 HS 2.0: Update the T&C Acceptance subtype value 65b487ae5 HS 2.0: Add QUIET=1 support for building hs20-osu-client 73f285dad Add FT-PSK to GET_CAPABILITY key_mgmt 6110753b1 nl80211: Clear PMKID add command message buffer 0fa33e05b nl80211: Clear connect command message buffer b14e8ea1d nl80211: Request kernel to trim off payload of netlink requests from acks 789b48bb4 EAP peer: Clear temporary message buffers before freeing 8f99a3c26 Clear config item writing buffer before freeing it a68e9b698 D-Bus: Fix P2P DeleteService dict iteration 0607346f1 D-Bus: Fix a memory leak in DeleteService handler d05dda61d PEAP: Explicitly clear temporary keys from memory when using CMK 4e1cd3468 EAP-PEAP: Derive EMSK and use 128-octet derivation for MSK d8c20ec59 DPP: Clear dpp_listen_freq on remain-on-channel failure 59fa20538 P2P: Allow the avoid channels for P2P discovery/negotiation e34cd9f06 WNM: Fix WNM-Sleep Mode Request bounds checking 159a7fbde crl_reload_interval: Add CRL reloading support 83c860813 AP: Add wpa_psk_file reloading in runtime ec5c39a55 AP: Allow identifying which passphrase station used with wpa_psk_file b08c9ad0c AP: Expose PMK outside of wpa_auth module 89896c000 tests: Use python3 compatible print statement bab493b90 tests: Use python3 compatible "except" statement 0dab47733 Write multi_ap_backhaul_sta to wpa_supplicant config 98251c6f2 dbus: Document more possible BSS/RSA/KeyMgmt values 1e591df06 Check supported types in wpas_mac_addr_rand_scan_set() c85249aa1 Fix test compilation error related to sme_event_unprot_disconnect() 42d308635 SAE: Advertise Password Identifier use 59c693064 HS 2.0 server: Command line option to fetch the version information 2d1762fa4 HS 2.0 server: Alternative subrem updateNode for certificate credentials d97cf2a11 HS 2.0 server: Use noMOUpdate in client certificate subrem 13a200a92 FILS: Remove notes about experimental implementation 86d4e0537 dbus: Expose support of SAE key management in BSS properties Change-Id: Id507b73f1f4a2e356cbcd3bfcfb9dcd23c8fd9e0	2019-02-15 14:56:52 +00:00
Hai Shalom	bf6e0baa89	Revert "[wpa_supplicant] Cumulative patch from c4e90da6d" ... This reverts commit 39bc25d3a7. Test: Compilation Change-Id: Iae7670429466958911b5296cb1359bceecc0b03e Exempt-From-Owner-Approval: Revert since it's breaking the build	2019-02-11 22:30:04 +00:00
Hai Shalom	39bc25d3a7	[wpa_supplicant] Cumulative patch from c4e90da6d ... Bug: 124017368 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: DPP functional test. Test: Regression test passed (Bug: 124052942) c4e90da6d MBO: Move the WNM-Notification subtype definitions to common location 105b14f54 HS 2.0: Update the T&C Acceptance subtype value 65b487ae5 HS 2.0: Add QUIET=1 support for building hs20-osu-client 73f285dad Add FT-PSK to GET_CAPABILITY key_mgmt 6110753b1 nl80211: Clear PMKID add command message buffer 0fa33e05b nl80211: Clear connect command message buffer b14e8ea1d nl80211: Request kernel to trim off payload of netlink requests from acks 789b48bb4 EAP peer: Clear temporary message buffers before freeing 8f99a3c26 Clear config item writing buffer before freeing it a68e9b698 D-Bus: Fix P2P DeleteService dict iteration 0607346f1 D-Bus: Fix a memory leak in DeleteService handler d05dda61d PEAP: Explicitly clear temporary keys from memory when using CMK 4e1cd3468 EAP-PEAP: Derive EMSK and use 128-octet derivation for MSK d8c20ec59 DPP: Clear dpp_listen_freq on remain-on-channel failure 59fa20538 P2P: Allow the avoid channels for P2P discovery/negotiation e34cd9f06 WNM: Fix WNM-Sleep Mode Request bounds checking 159a7fbde crl_reload_interval: Add CRL reloading support 83c860813 AP: Add wpa_psk_file reloading in runtime ec5c39a55 AP: Allow identifying which passphrase station used with wpa_psk_file b08c9ad0c AP: Expose PMK outside of wpa_auth module 89896c000 tests: Use python3 compatible print statement bab493b90 tests: Use python3 compatible "except" statement 0dab47733 Write multi_ap_backhaul_sta to wpa_supplicant config 98251c6f2 dbus: Document more possible BSS/RSA/KeyMgmt values 1e591df06 Check supported types in wpas_mac_addr_rand_scan_set() c85249aa1 Fix test compilation error related to sme_event_unprot_disconnect() 42d308635 SAE: Advertise Password Identifier use 59c693064 HS 2.0 server: Command line option to fetch the version information 2d1762fa4 HS 2.0 server: Alternative subrem updateNode for certificate credentials d97cf2a11 HS 2.0 server: Use noMOUpdate in client certificate subrem 13a200a92 FILS: Remove notes about experimental implementation 86d4e0537 dbus: Expose support of SAE key management in BSS properties Change-Id: I83ffca34ff5349c226db6215ff1ae35c3b7ab335	2019-02-11 18:36:10 +00:00
Roshan Pius	3a1667e255	Cumulative patch from commit 7bf86e44161fe1bcadaf4ca2cc3b6358fb7f3bf9 ... 7bf86e441 Define test config QCA vendor attribute for HE MU EDCA params 6cc77193c Define test config QCA vendor attribute for Tx beamformee NSTS 73d3f8841 HS 2.0: CoA-Request from Terms and Conditions server abed6136a RADIUS: Add DAC implementation in hostapd(AS) 72aad113c RADIUS: Allow 0.0.0.0 to be used as wildard radius_das_client 2122fc83a RADIUS server: Add current_sessions SQLite table d4e39c51f HS 2.0: Move Terms and Conditions Server URL generation from AP to AS de3885fcc HS 2.0: Process Credential/UsernamePassword/EAPMethod nodes in PPS MO 3a8dd390c SAE: Allow authentication restart on AP a10f5714c HS 2.0: Allow Hotspot 2.0 version number to be overridden for build e8cf9fc33 P2P: Use more compact debug print of common group frequencies 26eac0a99 P2P: Improve common group channel selection if GO needs to be moved 616178a2a P2P/AP: More detailed debug prints on HT/VHT parameter selection c6f01fbf2 nl80211: Add more command/event names to debug prints 4a0e01156 AP: Fix HT 20/40 co-ex transition timer cancellation on iface removal b915f2cdf nl80211: Handle NL80211_CMD_WIPHY_REG_CHANGE event c3e4f40cd FT: Derive PMKR0Name/PMKR1Name using SHA-384 with AKM 00-0F-AC:13 e8d08cf37 SAE: Do not drop STA entry on reauthentication in infrastructure BSS ef13b33af FT: Support BIP-CMAC-256, BIP-GMAC-128, BIP-GMAC-256 in STA case ff168f8c2 FT: Support 256-bit IGTK in AP case 2cf36d608 FT: Handle AssocResp generation failures as fatal errors 657b4c45a FILS: Fix KEK2 use in FT-FILS use cases 88bf44be4 FT: Fix potential NULL pointer dereference in MDE addition 661afb2ed FT: Fix RRB error path handling df3bf6870 FT: Debug print of IE parsing element details d8e8c992c FT: Add key management value FT-EAP-SHA384 for wpa_supplicant c6f2eceb8 FT: Add key management value FT-EAP-SHA384 for hostapd 3d9cd0841 FT: Add support for variable length PMK-R1 receiving in RRB a7968ea56 FT: FTE generation for SHA384-based AKM on AP 06f128660 FT: FTE generation for SHA384-based AKM on STA 9a33737a0 FT: FTE parsing for SHA384-based AKM 8c2715b35 FT: Connection settings for SHA384-based AKM 994eac7e6 FT: PMK-R0 derivation using SHA384-based AKM 1655e81c9 FT: PMKID derivation using SHA384-based AKM 40a2eb116 FT: PTK derivation using SHA384-based AKM 7880a6a2b FT: PMK-R1 derivation using SHA384-based AKM b327026a7 FT: FTE MIC calculation using SHA384-based AKM c49a9d6b9 FT: EAPOL-Key MIC calculation using SHA384-based AKM 9f12271b2 FT: XXKey derivation for SHA384-based AKM a3e18dbb6 FT: Support variable length keys c22bb5bba FT: SHA384-based AKM in RSNE processing 3a11c69e0 EAP-TLS: Derive Session-Id using TLS-Exporter when TLS v1.3 is used 2d26434ac EAP-TLS server: Fix EMSK derivation with TLS v1.3 f8aed720e EAP-TLS: Update key derivation label per draft-ietf-emu-eap-tls13-00 20c2ea412 wpa_supplicant: Fix parsing of max_oper_chwidth 8fd29a043 mesh: Fix crash with CONFIG_TAXONOMY enabled 8518326b2 Add some missing driver flags strings b375b04b6 WNM: Fix time_zone advertisement without time_zone configuration 0928b6294 nl80211: Allow mesh interface to send channel switch request f5a602168 HS 2.0: Allow OSEN connection to be used in an RSN BSS 8d660a4ba HS 2.0: Allow OSEN connection to be enabled in an RSN BSS 0fe3ede0a macsec_qca: Fix byte order of TX SCI port 22ac3dfeb EAP-pwd: Mask timing of PWE derivation b8acd5011 EAP-pwd peer: Add SHA512 hash based salt mechanism fb3675848 EAP-pwd peer: Add SHA256 hash based salt mechanism 7ef8adc7d EAP-pwd peer: Add SHA-1 hash based salt mechanism 7280723fb EAP-pwd peer: Check for unexpected state for ID exchange 44136f6ca EAP-pwd peer: Add support for salted password databases 0744e303c EAP-pwd peer: Move PWE derivation to commit exchange d52ead3db EAP-pwd server: Add support for salted password databases a8712ce5b EAP-pwd: Pre-processing method definitions from RFC 8146 2a5c29188 EAP-pwd: Move EC group initialization to earlier step b829e4b69 Add a QCA vendor command attribute to enable/disable GTX 833bb2ab1 FT: Disable PMKSA caching with FT 91db940ff fst: Fix compile error in fst_ctrl_aux.h with C++ compilers 9be19d0b9 SAE: Add support for using the optional Password Identifier d6a65a83f mesh: Register msg_ctx for hostapd/AP code 4e47eec5a Add QCA NAN vendor attributes to provide IPv6 information 997312964 wolfSSL: Fix crypto_bignum_rshift() wrapper 4b2e03c42 wolfSSL: DH initialization to call TEST_FAIL() for error tests 2b01270c8 wolfSSL: Fix ECDH set peer to use the index when importing point ffff7f709 OWE: Mark connection failed in the unlikely no-bss-entry case 0cc41ee63 Move wpa_supplicant_event() EVENT_ASSOC_REJECT handling into a function bda9c0859 hostapd: Fix CHAN_SWITCH command for VHT20 and VHT40 16d5c9637 OWE: Get the bss from bssid of assoc_reject to try for next group c4dd3afa3 ACS: Avoid invalid interference factor when survey channel time is zero 6965705bf Fix style issues in qca-vendor.h 7d66e7c40 Define new QCA feature flag for self managed regulatory support 38f60142d Define test config vendor attribute for Tx beamformee configuration d109aa6ca SAE: Flush PMKSA if an assoc reject without timeout is received 46053a4c9 wext: Avoid gcc warnings on restricted pointer aliasing ce2a9644b Silence a gcc warning on switch statement fallthrough d267bdf9b Silence new gcc warnings on switch statement fallthroughs 60a5737e8 FT: Clear SME FT data on disassoc 98b806b03 Add QCA vendor attribute for spectral hardware generation d57e06170 wpa_supplicant: Make channel switch event available for non-AP builds d7f038ded wpa_supplicant: Add ieee80211ac information in STATUS ab35793ec wolfSSL: Fix EAP-FAST key derivation 71faf06cb wolfSSL: Do not free cert store after setting it b7f5b0ec6 wolfSSL: Fix OCSP ifdefs ca620a364 wolfSSL: Fix altSubjectName handling 7be462084 wolfSSL: Use defines from wolfssl/options.h 312212174 wolfSSL: Remove aes-omac1.o from hostapd build 385dd7189 wolfSSL: Use wolfSSL memory allocation in dh5_init() 6590d8466 wolfSSL: Load certificates using 'chain' APIs fc5e88e3e wolfSSL: Changes for memory allocation failure testing 06657d316 wolfSSL: Fix crypto_hash_init() memory clearing d39605710 wolfSSL: Fix crypto_ec_point_y_sqr() e3501ac18 wolfSSL: Fix crypto_ec_point_solve_y_coord() 187ad3a30 wolfSSL: Add crypto_ecdh_*() 3d2f638d6 wolfSSL: Use new digest namespace 847665ebe wolfSSL: Fix conditional EAP-FAST compilation issue d501c27cf EAP-TLS server: Disable TLS v1.3 by default e8a7af9a3 EAP-TLS peer: Disable TLS v1.3 by default bbbc7e801 EAP-TLS: Extend TLS version config to allow TLS v1.3 to be disabled 53b34578f OpenSSL: Move server vs. client information into connection data 0de820b33 EAP-TLS peer: MSK/EMSK derivation with TLS v1.3 1854981c7 EAP-TLS peer: Allow NewSessionTicket after Client Finished with TLS v1.3 6dd98483e EAP-TLS peer: Support fragmentation of last message a80423b52 EAP-TLS server: MSK/EMSK derivation with TLS v1.3 bac1bdba3 EAP-TLS peer: Determine whether TLS v1.3 or newer is used fe7b06c5e EAP-TLS server: Determine whether TLS v1.3 or newer is used c26ac1895 Mark eap_server_tls_derive_key() label argument const 34c6949fb EAP-TLS server: Remove trailing whitespace 4a576c473 OpenSSL: Terminate TLS handshake if ClientHello cannot be generated 2439714f9 DPP: Fix testing code for invalid keys with OpenSSL 1.1.1 c456e6e3f HS 2.0: Terms and Conditions server and management 42f416916 HS 2.0: Update server SQL DB initialization to cover new fields 5bd5eb54d HS 2.0: Update server instructions for Ubuntu 16.04 04ee197f8 HS 2.0: Maintain a database of pending T&C acceptance sessions 625a8c86b wpa_cli: Indicate HS20-T-C-ACCEPTANCE to action scripts 6b21df0bb Add QCA vendor command/attr to filter frames from other BSSs 452603809 HS 2.0: Terms and Conditions testing feature in authentication server f456940ef HS 2.0: CoA-Request processing for Terms and Conditions filtering d239ab396 DFS: Mark channels required DFS based on reg-domain info from the driver 7fc6a024f HS 2.0: Process received Terms and Conditions Acceptance notification 8760b9848 HS 2.0: Send Terms and Conditions Acceptance notification 6cb8f4f38 HS 2.0: Terms and Conditions attributes in Access-Request messages 1952b626b hostapd: Add ctrl iface indications for WDS STA interface 2598e6930 FILS: Enable SHA256 KDF even without PMF/SAE in the build 1baa130bd nl80211: Print NL80211_CMD_SET_POWER_SAVE errors in debug log 72b6e5d1e Do not remove CCMP group cipher if any CCMP/GCMP cipher is enabled c4315e662 AP: Handle AP initalization failure in async flow 86c998d37 FT: Add FT auth algorithm to connect params when roaming 3dc3afe29 FT: Add MDE to assoc request IEs in connect params b55c623e4 Make CENTER_FRQ1 available independently in SIGNAL_POLL 4204669c6 HS 2.0: Add Roaming Consortium Selection element into AssocReq 6311547e7 HS 2.0: Add Roaming Consortium Selection network profile parameter 5b7695275 HS 2.0: Use roaming_consortiums list to match OIs for access 2e88032f1 HS 2.0: OSU client to send HomeSP/RoamingConsortiumOI to wpa_supplicant 909a948b0 HS 2.0: Add a new cred block parameter roaming_consortiums 9b6f93e4d HS 2.0: Document credential parameter required_roaming_consortium 67cca3464 HS 2.0: Copy Roaming Consortium OI from (Re)AssocReq to Access-Request 0e450db28 HS 2.0: Allow configuration of operator icons 6a8a04d74 HS 2.0: Add fetching of Operator Icon Metadata ANQP-element 37547ad63 wpa_supplicant: Increase authentication timeout if CAC is started 2dd5fbbff wpa_supplicant: Rename wpas_event_*() to wpas_ap_event_*() f875da044 nl80211: Add MLME auth work-around for -EEXIST errno 4449efeb1 Fix building nt_password_hash with gnutls 5ecdf06c8 DPP: Fix build with LibreSSL v2.5 4b603f01d DPP: Fix X509_ALGOR_get0() use with LibreSSL dee566d98 OpenSSL: Skip SSL_OP_NO_TLSv1_3 if not defined to fix LibreSSL build ba3658cff Fix build with LibreSSL 2.7 a2ab37308 Fix sae_password documentation in wpa_supplicant to refer correct field d5906fbb7 mesh: Properly handle sae_password d6d7debb5 Fix wpa_supplicant build with CONFIG_NO_WPA 852b2f273 SAE: Only allow SAE AKMP for PMKSA caching attempts 06b1a1043 SAE: Fix default PMK configuration for PMKSA caching case 8e402d165 WPA: Fix a typo in a debug message 1bd131105 Clear pmk_len more consistently for extra protection 66dbc8d9c Add more debug prints for wpa_sm_set_pmk() calls 26e0ada47 Define new test config attribute for HE LTF configuration 4d6eb9f2e Fix hostapd wmm_enabled setup on config reload path a6509e850 FT: Add session_timeout to push/resp 3cb286ca4 FT: Add set/get session_timeout callback functions 13f118dc5 Convert STA session_timeout to os_reltime 069b4e304 FT: Include identity and radius_cui in pull/resp frames 9fbe292ff FT: Move wpa_ft_rrb_build_r0() special case to caller 8c345234f FT: Add set/get identity/radius_cui callback functions 17a8a9893 Fix potential memory leak with identity/radius_cui 17010c38d FT: Add IEEE VLAN support (including tagged VLANs) 47a039b01 FT: Add set_vlan()/get_vlan() callback functions 3a3e28320 FT: Add expiration to PMK-R0 and PMK-R1 cache 09211c989 FT: Use dl_list for PMK-R0/R1 cache 89dea17e1 FT: Add helper function for FILS key storing 83fe4bd3b FT: Convert r0_key_lifetime to seconds ee2c6bb5e Remove CONFIG_IEEE80211R_AP=y build option from wpa_supplicant c6b5b9a33 hostapd: Add more authentication error case debugging e2fc13d0a hostapd: Add logging around Michael MIC related failures e7525a295 hostapd: Add send_auth_reply() caller info in debug logging d89edb611 wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST 8fb2b3573 Clean up setting of iface->p2p_mgmt flag d53401c54 dbus: Redirect signal processing to the management device if present e48021276 dbus: Add FILS to global capabilities 208263c01 Add config information related to MACsec e360010c3 dbus: Add mesh to global capabilities 9f917339c tests: Fix clearing of IGTK PN in handshake retransmit test functions 45f7574d3 Propagate the EAP method error code 77a020a11 wpa_supplicant: Fix auth failure when the MAC is updated externally 2ff9696d3 Add definitions for RADIUS attributes standardised in RFC 7055 c17915462 nl80211: Add DFS offload support using upstream nl80211 definitions 1841086ad Sync with mac80211-next.git include/uapi/linux/nl80211.h 7cfe2f001 Add SAR V2 power selection capability (QCA vendor attributes) 7e1d3ee96 Add hostapd.conf venue_url to set Venue URL ANQP-element 64624f31c OWE: Fix CONFIG_OWE=y build without CONFIG_IEEE80211R=y d555c39c4 FILS: Fix CONFIG_FILS=y build without CONFIG_IEEE80211R=y f6de72534 Add NOTE control interface command for hostapd 2f3738781 FILS: Add more complete support for FT-FILS use cases 4ddca8142 FT: Derive PMK-R1 locally if requested PMKR0Name is found 1dc0945cc FT: Do not send PMK-R1 pull request to own R0KH address 1778f1e9a SAE: Fix PTK derivation to use KDF-SHA256 9d94e4bb6 SAE: Fix PMKID in EAPOL-Key msg 1/4 a03f9d17e SAE: Fix FT-SAE key derivation for a case where PMKID in msg 1/4 matches 0fa669bca Fix a resource leak on hostapd maclist parsing error path 10949e248 Do not disable 40 MHz based on co-ex report with matching primary channel 8cbd9c3ed Support multiple 20/40 BSS Intolerant Channel Report elements 8127a0ac0 Ignore intra-BSS 20/40 BSS Coexistence Management from not-associated STA 8aa599d45 Add more debug prints for 20/40 BSS Coexistence Management frame Rx d58c3bd8b hostapd: Ignore LOW_ACK event for co-operative steering clients ec2b5173c Make STA opmode change event available to upper layers e8ada1600 nl80211: Add support for STA opmode change events 72123a84c hostapd: Add last_ack_rssi into ctrl iface cmd STA 2df73f52e Add hostapd_cli poll_sta command f5701cc66 OWE: Clean up pointer check in a testing code path ebe61e564 Sync with mac80211-next.git include/uapi/linux/nl80211.h 8179ae3a2 DPP: Support retrieving of configurator's private key 4bc801ab4 SAE: Fix EAPOL-Key integrity and key-wrap algorithm selection d74963d41 DPP: Extend dpp_test 89 functionality to transmit side f8bfc9cbd Use correct WPA_ALG_* values to compare for enum wpa_alg cce16e43f mka: Mark ieee802_1x_kay_create_mka() ckn and cak arguments const 22151b111 wpa_supplicant: Fix memory leaks in ieee802_1x_create_preshared_mka() 3a52f6b38 mka: Do not print contents of SAK to debug log 77977b3d5 mka: Detect duplicate MAC addresses during key server election 5762855ab mka: Loss of live peers to result in connect PENDING not AUTHENTICATED 8fb546d8e mka: Ignore MACsec SAK Use Old Key parameter if we don't have our old key b54b53e64 mka: When matching CKNs ensure that lengths are identical fec03f983 Add support for wolfSSL cryptographic library 92eb00aec Extend ACL check for Probe Request frames 01542e651 Add new WiFi test config attributes to configure BA params ba6080441 Add new WiFi test config attribute to allow WEP/TKIP in HE c05f96a38 FILS: Check kde more consistently to avoid static analyzer warnings 087474512 SAE: Debug print group support in the crypto library f5e0a3324 SAE: Fix potential infinite loop in mismatching PMK case on AP 427729ee6 Reject eap_server_erp hostapd.conf parameter without CONFIG_ERP=y c54cc8bb1 BoringSSL: Set appropriate sigalgs for Suite B RSA 3K cases aa6de8e6b BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate sigalgs 7a47f34b1 BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate parameters 355250234 OpenSSL: Replace SSL_set1_curves_list() with SSL_set1_curves() 4ab0f11b8 Allow HT40 on 5 GHz channels 165 and 169 299d21e8e nl80211: Use the new NL80211_MFP_OPTIONAL option b8e88d357 wpa_supplicant: Handle port authorized event a8c45d47d nl80211: Handle port authorized event 0a20bd7d9 driver: Add port authorized event 05fc7c68f nl80211: Add API to set the PMK to the driver 0ff08f963 nl80211: Check 4-way handshake offload support 730c5a1d0 nl80211: Support passing PSK on connect 14dcb22a5 wpa_passphrase: Include $(LIBS) for linking 4b07484c3 DPP: Do not include common/dpp.h without CONFIG_DPP=y 9ec0dfa31 Define host_to_le64() for Windows builds 6e3726c09 Fix a typo in disassoc_low_ack documentation 19e20c14f Add ap_isolate configuration option for wpa_supplicant AP mode a4016163e Extend APF interface for read/write and enable/disable ops b2e4074ca OpenSSL: Fix EAP-FAST with OpenSSL 1.1.1-pre1 a22e235fd OWE: Add testing RSNE for OWE assoc response with driver SME/MLME aca4d84e3 DPP: Use wildcard BSSID in GAS query frames 0887215d9 nl80211: Do not try to add too large NL80211_ATTR_PMK for set/del PMKSA e7f6e6ee1 nl80211: Print NL80211_CMD_{SET,DEL}_PMKSA failures in debug log 3988046de hostapd: Dynamic MAC ACL management over control interface 6a252ece2 DPP: Fix GAS query removal race condition on DPP_STOP_LISTEN 3b50f8a46 DPP: PKEX initiation on other bands 659ac96d7 ieee802_11_mgmt: Handle frame info more consistently 458d8984d SAE: Reject request with mismatching PMKID (no PMKSA cache entry) 5ac434642 Define new QCA vendor sub command for wifi test configuration 70e190137 DPP: Require use of PMF for DPP AKM 79ce2d519 OWE: Rename function to match use (driver-SME/MLME) 759da93a8 OWE: Check for ECDH availability before use (driver-SME/MLME) af65ef28f OWE: Add RSNE when not using PMKSA caching (driver-SME/MLME) 5850cba38 OWE: Support DH groups 20 and 21 with driver-SME/MLME f9854c183 hostapd: Fix wpa_psk_file support for FT-PSK 3bd35b681 wpa_supplicant: Fix parsing errors on additional config file 9c5fe742a wpa_supplicant: Free config only if it was allocated in same call 9f8d459d4 OWE: Fix association IEs for transition mode open AP connection c6096c6ee wpa_cli: Enable add/remove/get vendor elements without P2P d1e3d40d0 common: Fix the description of wpa_ctrl_request() function 82424732a Fix compiler issue with CONFIG_TESTING_OPTIONS ebf404373 D-Bus: Report error on starting P2P find 66b9f3ca8 wpa_cli: Fix cred_fields[] declaration 5ff39c138 SAE: Support external authentication offload for driver-SME cases 40a68f338 nl80211: Create a netlink socket handle for the Connect interface ba71cb821 nl80211: Introduce the interface for external authentication 8678b14fa Add new QCA vendor commands for thermal shutdown 99576f6f3 Sync with mac80211-next.git include/uapi/linux/nl80211.h cd483be25 OWE: Use PMKSA caching if available with driver AP MLME a4668c681 OWE: Handle unsupported finite cyclic group with driver MLME f811cc83b atheros: Send correct SSID length to the driver e005725a6 nl80211: Add DPP and OWE AKM selectors to CONNECT/ASSOC request 2cc2a0a7e Extend QCA vendor NDP params to support schedule update indication a7769f6da Update QCA vendor commands to match ASOP 18e3e9c6e OWE: Transition mode with non-AP-MLME 92b6e0c58 hostapd: Send broadcast Public Action frame with wildcard BSSID address fe3f81e6a DPP: Update PKEX role-specific points b4cd8b7e1 Add QCA vendor command and attributes for MSDU queue depth threshold 703470bfa FILS: Fix extended capability bit setting for FILS in AP mode 9e834fc64 EAP-SIM/AKA: Separate identity for MK derivation b6b5e3554 DPP: Get rid of compiler warnings on signed/unsigned comparison 630ea1334 DPP: Track M.x/N.x/L.x availability for ke derivation c1790a5ff OWE: Allow station in transition mode to connect to an open BSS c103c0b51 Extend NUD Stats to collect the data packet statistics 5d5ee699a Copy WLAN-Reason-Code value from Access-Reject to Deauthentication f75ed556c RADIUS: Add WLAN-Reason-Code attribute to Access-Reject 727e9aacb HS 2.0: Set appropriate permission(s) for cert file/folders on Android feba5848b Replace RSNE group key management mismatch status/reason codes 9cc8303d3 Add QCA vendor command to get the WLAN MAC information fd9209549 DPP: Report reception of Config Request to upper layers 80f71b71d DPP: Authentication exchange retries and channel iteration in hostapd c5cc7a59a Report offchannel RX frame frequency to hostapd b7ed94834 GnuTLS: Add option to build with libnettle instead of libgcrypt c36d82241 GnuTLS: Suite B validation dd227e67a GnuTLS: Add support for disabling TLS versions 5d292fcfb GnuTLS: Implement tls_get_cipher() 5791d2117 GnuTLS: Make debug prints clearer for cert/key parsing 622d4d49e GnuTLS: Add TEST_FAIL() to crypto routines for testing purposes f8697e810 GnuTLS: Implement tls_get_version() 133f8d09f GnuTLS: Implement HMAC functions using libgcrypt 85c12a62e GnuTLS: Implement sha{256,384,512}_vector() using libgcrypt cc3e7bfc3 GnuTLS: Use a helper function for hash functions 2cb40e9f4 OWE: Try all supported DH groups automatically on STA 02b38d0ad Fix MFP-enabled test for disallowed TKIP ba3d435fe SAE: Add option to require MFP for SAE associations c4fc7e31c SAE: Set special Sc value when moving to Accepted state abcbd0604 SAE: Add Rc variable and peer send-confirm validation 9249afc8e SAE: Print state changes in debug log d8b841eba SAE: Make dot11RSNASAESync configurable 9596a7565 PAE: Remove OpenSSL header dependency 04b1bcc5f EAP-pwd: Use abstract crypto API 0c3d49afd EAP-EKE: Use abstract crypto API c335507c8 Enhance crypto abstract API for DH 0e02f2a9f crypto: Implement new crypto API functions for DH eac084cb3 OpenSSL: Implement new crypto API functions 23ff5d73d Enhance crypto abstract API 441e8bfbb Fix copy-paste errors in function comments 47e966aba DH: Remove trailing whitespace 3546ef510 EAP-pwd: Remove trailing empty line 61536b5f4 Add new QCA vendor attribute for getting preferred channel 1a2cb20d5 Fix couple of QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS comments 2fca2d214 Vendor parameter for forcing RSNE override 12bce14b1 wpa_cli: Add completion for get/set cred commands 6240424a7 dbus: Add FILS key mgmt values into BSS security properties 2d942ec4a Define a QCA vendor command to retrieve SAR Power limits d98038bb0 FILS: Driver configuration to disable/enable FILS features af832aa99 hostapd: Add average channel utilization in STATUS 802c0fd0c hostapd: Update BSS load update period dynamically 778d87054 Fix error handling in bss_load_update_period parser dff5ab97e hostapd_cli: Add dpp_listen and dpp_stop_listen 5f30b69cd OWE: Allow DH Parameters element overriding with driver SME 04ded82ef OWE: Fix error case handling with drivers that implement AP SME c23e87d0d OpenSSL: Replace EVP_PKEY_paramgen() with EC_KEY_new_by_curve_name() 7641d485d BoringSSL: Use EC_KEY_new_by_curve_name() to simplify implementation a5da39607 Revert "BoringSSL: Add DPP special cases regardless of claimed version number" 0f3084472 Revert "BoringSSL: Define RSA_bits() helper" a2c442be2 OpenSSL: Allow cipher list to be overridden for tls_suiteb=1 case e5c7c2f28 Fix ap-mgmt-fuzzer build 63942cf0f OpenSSL: Avoid SSL*_use_default_passwd_cb() 149143e31 OpenSSL: Remove unnecessary os_strdup() from password callback b65353a76 Android: Set CONFIG_NO_RANDOM_POOL=y ff28df739 Android: Move hostapd to vendor partition 9b0de99fa Add new QCA vendor attribute for WLAN Latency Module (WLM) 055cd3978 tests: DPP P-256 test vectors f55269753 DPP: Allow protocol key to be overridden for testing purposes afd3cf14a WPS: Add GCMP-256 and CCMP-256 cipher options on Enrollee 5f481b6fd WPS: Check BSS table against current BSSID if credential does not match 402c8e00b WPS: Map GCMP-256 and CCMP-256 to AES encryption type a2660890a WPS: Allow WPS to be enabled in CCMP-256 and GCMP-256 only cases 163fc3d56 DPP: Indicate to upper layers whether mutual authentication was used 34603767b DPP: Extend protocol testing to allow exchange termination ed2c493e9 DPP: Change Authentication Response retry time to 1 second 963d3149a nl80211: Fix NL80211_MESHCONF_AUTO_OPEN_PLINKS encoding a2426829c nl80211: Fix NL80211_ATTR_SMPS_MODE encoding f0a383a98 DPP: Extend dpp_test with invalid E-Nonce in Config Req 55c6c8585 DPP: Extend dpp_test with invalid Transaction ID in Peer Disc Req 364039d22 Add QCA vendor command and attributes for RROP 0e19300d5 nl80211: Use consistent "0x" prefix for the cookie values fa5c90749 DPP: Call wpas_dpp_stop() from wpas_dpp_deinit() 1866dfb52 DPP: Stop pending GAS client operation on DPP_STOP_LISTEN f981ce729 DPP: Do not continue if public key hash derivation fails 8a37d54ea DPP: Fix memory leak on dpp_auth_build_conf() error paths 281f480c5 JSON: Fix a memory leak on an error path 622934128 DPP: Fix a memory leak on an error path ed62d4011 DPP: Deinit PKEX instance on DPP_STOP_LISTEN 634a130a5 DPP: Clear authentication instance on configuration completion in AP d3cb7ebe1 DPP: Do not process dpp_auth_ok_on_ack multiple times dc2f24f1b DPP: Fix compilation without CONFIG_TESTING_OPTIONS=y 82feacced DPP: Ignore GAS server status callback for unknown response a2588be82 DPP: Add DPP_CONFIGURATOR_SIGN support to hostapd 7eb6bfb45 DPP: Move hostapd Configurator/bootstrap data into global context 73f21929a DPP: Auto-generate Initiator bootstrapping info if needed 725a953ae nl80211: Filter global events based on wiphy 0bd7f104c hostapd: Add supported rate information into STATUS and STA 1489fcf87 FILS: Do not leave error value in left counter beae255a7 WPA: Check wpa_eapol_key_mic() result on TX acc555f9e DPP: Allow PKEX x/X and y/Y keypairs to be overridden d722c50d0 DPP: Print more interim EC_POINT results into debug log 2bdc47a94 DPP: Allow PKEX own/peer MAC addresses to be overridden af4103e5e DPP: Provide peer_mac to PKEX Initiator through function argument 918a2ac40 DPP: Work around missing EVP_PKEY_CTX_set_ec_param_enc() 3ca4be1ea DPP: Remove compiler warnings about signed/unsigned comparisons 116454f46 DPP: Fix error return value in dpp_auth_conf_rx() 63dc0f9c4 hostapd: Disassoc STA without WPA/RSN IE if AP proto is WPA/RSN cc79e06f0 hostapd: Add wpa_msg_ctrl() to report Probe Request frames from STA 0db637ca8 DPP: Fix number of Authentication Request retry cases 921f5acd1 DPP: Take response wait time into account for init retries 248264c62 DPP: Stop Authentication Request attempts if no response after ACK e3a5882b3 DPP: Add SAE credential support to Configurator 5dd745b73 DPP: Add akm=sae and akm=psk+sae support in Enrollee role a44467395 DPP: Protocol testing capability to send invalid I-Nonce in Auth Req 00d2d13db DPP: Retry PKEX Exchange Request frame up to five times ab0375508 TDLS: Add testing capability to send TPK M2 twice 4b8de0c92 DPP: Protocol testing for invalid Peer Discovery Req/Resp values f9cf7d03f DPP: Protocol testing for invalid Config Attrib Object value 3f35ec2dc DPP: Protocol testing for invalid DPP Status value 9efa53149 DPP: Use helper functions to build Bootstrap Key Hash attributes acdf703d5 DPP: Replace custom undefined attr with DPP Status in after-wrapped data 56f24d1da DPP: Use a helper function to build DPP Status attribute 65ecce87f DPP: Protocol testing for writing invalid I/R Bootstrap Key Hash b6b4226bd DPP: Protocol testing capability to generate invalid Protocol Key c6eb3e34b Stronger GTK derivation routine 94619905c DPP: Fix dpp_test_gen_invalid_key() with BoringSSL 746c1792a DPP: Build bootstrapping key DER encoding using custom routine f2d27ef94 DPP: Use a helper function to DER encode bootstrapping key c1564149a BoringSSL: Add AES support with 192-bit keys edd72f55f OpenSSL: Debug message if requested AES key length is not supported 5548453a2 BoringSSL: Add DPP special cases regardless of claimed version number f29761297 BoringSSL: Implement crypto_ecdh_init() 7721fe082 BoringSSL: Comment out SSL_set_default_passwd_cb*() calls b9dc63c26 BoringSSL: Comment out SSL_set1_sigalgs_list() call 3cfbd3b0f BoringSSL: Define RSA_bits() helper 27781c0ab Allow group cipher selection to be overridden af6614ca1 Fix block comment style in QCA vendor attribute definition 2115603a4 Add QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING 27987b67f Add new QCA vendor attribute for LL stats 41db74cf7 atheros: Process SAE authentication frames using EVENT_RX_MGMT 3d9dd4b77 atheros: Generate EVENT_TX_STATUS events for management frames f5b74b966 common: Avoid conflict with __bitwise macro from linux/types.h 4109555ef DPP: Fix compiler warning of testing code 1d624a070 Reject PMK-to-PTK derivation with unsupported cipher 762fb4f06 DPP: Testing capability to send unexpected Authentication Response 03abb6b54 DPP: Reject unexpected Req/Resp message based on Auth/PKEX role 95b0104a3 DPP: Retransmit DPP Authentication Response frame if it is not ACKed c1d377396 DPP: Stop authentication exchange of DPP_STOP_LISTEN d1f082644 DPP: Allowed initiator to indicate either role f97ace34c DPP: Support multiple channels for initiating DPP Authentication de0298618 DPP: Share a helper function for PKEX final steps a306ed5a5 DPP: Protocol testing to allow missing attributes in peer discovery 1fafdf112 DPP: Add DPP_LISTEN and DPP_STOP_LISTEN to hostapd fbfceef3a Add QCA vendor commands for spectral scan bb9808fa9 P2P: Continue P2P_WAIT_PEER_(IDLE/CONNECT) sequence on a listen cancel 37ed3254d P2P: ACS offload for the autonomous GO 962b8fcf4 Add new QCA vendor attributes for MAC counters af7f10fcd DPP: Protocol testing for invalid Config Resp attribute values 8c99e6264 DPP: Report Config Request/Response failure reasons on control interface f411ad1b8 DPP: Protocol testing to remove attributes from Config Req/Resp 7e0ebe21b DPP: Protocol testing - invalid I/R-Auth value in PKEX Commit-Reveal 89d0bf678 DPP: Protocol testing - invalid Bootstrap Key value in PKEX Commit-Reveal f31ef96dc DPP: Protocol testing - invalid Status value in PKEX Exchange Response d05c82c4d DPP: Move PKEX z derivation on Responder to earlier phase 578c9ea1a DPP: Fix a typo in a debug print 5f5fff436 DPP: Explicitly check that PKEX Qr is not the point-at-infinity 29ab69e4b DPP: PKEX counter t 039b8e736 DPP: Terminate PKEX exchange on detection of a mismatching code fc0efa2a1 DPP: Use dpp_bn2bin_pad() helper to simplify code e0247e798 DPP: PKEX and STATUS_BAD_GROUP 2265353a4 DPP: Remove obsolete TODO comment on discovery object fe12ae777 Fix Status Code in TKIP countermeasures case 1cfcbd32a DPP: Testing capability to generate invalid PKEX encrypted key (M and N) d7e7b7122 DPP: Report PKEX failure reasons over control interface 61f9f27f8 DPP: Extend protocol testing to cover missing attributes in PKEX b3e4cc5cb DPP: Move PKEX Commit-Reveal Response building to a helper function b0626c2a6 DPP: Move PKEX Commit-Reveal Request building to a helper function a5c3b41b2 DPP: Move PKEX Exchange Response building to a helper function 60b9dd86f DPP: Fix couple of typos in debug messages 06f2df069 DPP: Fix hostapd control interface events for initiator case 219d4c9fc DPP: Report possible PKEX code mismatch in control interface 69d8d029f DPP: Enable PMF when adding wpa_supplicant network profile 0c3bc1be0 Fix test build breakage when not compiling with ieee80211w support ea4ace9c7 hostapd: Add max_txpower into STATUS command bf6c65afc hostapd: Add Beacon interval and DTIM period into STATUS command c7ae2b310 hostapd: Add HT/VHT capability info into STATUS command 1f91a8bde hostapd: Add HT/VHT capability info into STA command 65f9db6bc hostapd: Add extended capabilities into STA command d1f3a8144 hostapd: Add [HT] flag into STA command ba72b4b12 hostapd: Add Min/Max Transmit Power Capability into STA command 33c8bbd8c OWE: Add AP mode handling of OWE with drivers that implement SME 28d126413 Check hostapd current_mode before dereferencing it in additional places 348c93847 AP-side workaround for WNM-Sleep Mode GTK/IGTK reinstallation issues 3f5a1860a wpa_auth: Deplete group rekey eloop handler for strict rekeying 92662fb28 Allow forcing group rekeying for testing purposes d27092069 DPP: Negotiation channel change request from Initiator b7dddab7b DPP: Allow testing override values to be cleared e85b66012 DPP: Add DPP Status attribute into Peer Discovery Response 19ef4289c DPP: Process Authentication Confirm failure cases 7d917ab04 DPP: Send Authentication Confirm failure reports 978bc3f2a DPP: Auth Resp/Conf incorrect attribute values for protocol testing 9b5111203 DPP: Allow Responder to decide not to use mutual authentication dcdaeab79 DPP: Report Auth Conf failures in control interface f9c7d7702 DPP: Omission of Auth Conf attributes for protocol testing 26806abe8 DPP: Report invalid messages and failure conditions in control interface ce9acce00 DPP: Omission of Auth Resp attributes for protocol testing a03406dbe DPP: Move Authentication Response building into a separate function 0e7cb8c6c DPP: Omission of Auth Req attributes for protocol testing 606a8e8d5 DPP: Move Authentication Request building into a separate function 3749ad0e1 DPP: Explicitly check and reject 0x00 and 0x03 I/R-capab role af48810ba DPP: Report transmitted messages as control interface events a70739349 DPP: Report received messages as control interface events 27fefbbb7 DPP: Remove unnecessary Wrapped Data checks from callers 0c881807b DPP: Verify that Wrapped Data attribute is the last one in the message 60239f60a DPP: Protocol testing framework 7ed5337d8 Fix a typo in a debug message 5f7c9e50f EAP server: Add event messages for more EAP states a68e0d869 Fix a typo in a comment (the variable is ptk, not pkt) de41b960b wpa_supplicant: Increase UDP control interface RX buffer 74e55b658 Fix test build breakage when not compiling with mesh support 3d0fb9558 WNM: Ignore BSS Transition Management frames in bss_transition=0 case 114f2830d WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0 case Bug: 111131936 Test: Device boots up and connects to wifi networks. Test: Able to turn on/off softap. Test: Sent for regression tests (b/111209415). Change-Id: I85cbeeee6a4ff52a5e23f8917b15633c896c0cf3 Signed-off-by: Roshan Pius <rpius@google.com>	2018-07-12 16:40:59 +00:00
Dmitry Shmidt	d2986c2e73	Cumulative patch from commit 3d6953288b592704484864f41791f8c67ff9aa5a ... 3d6953288 Extend RESEND_* test commands to allow forcing plaintext TX 4be5bc98a DPP: Update AES-SIV AD for PKEX frames dc4d271c6 DPP: Update AES-SIV AD for DPP Authentication frames 6338c99ef FILS: Send updated connection parameters to drivers if needed d2ba0d719 Move assoc param setting into a helper function 084131c85 FILS: Allow eap_peer_get_erp_info() to be called without config b0a21e228 FILS: Update replay counter from roam info 693eafb15 nl80211: Update FILS roam info from vendor roam event 3c67e977d nl80211: Add support to send updated connection parameters cddfda789 Add attributes to support roam+auth vendor event for FILS c0fe5f125 Clear BSSID information in supplicant state machine on disconnection 006fb845b nl80211: Use NL80211_BSS_LAST_SEEN_BOOTTIME if available a6ea66530 Additional consistentcy checks for PTK component lengths 6f234c1e2 Optional AP side workaround for key reinstallation attacks daa409608 Allow last (Re)Association Request frame to be replayed for testing 751f5b293 Allow EAPOL-Key Request to be sent through control interface bb06748f4 Make last received ANonce available through control interface 143b81bad Allow arbitrary key configuration for testing d8afdb210 Allow EAPOL-Key messages 1/4 and 3/4 to be retransmitted for testing 6bc2f00f4 Allow group key handshake message 1/2 to be retransmitted for testing 16579769f Add testing functionality for resetting PN/IPN for configured keys b488a1294 Clear PMK length and check for this when deriving PTK 00583ef11 Add debug prints on PMK configuration in WPA supplicant a00e946c1 WPA: Extra defense against PTK reinstalls in 4-way handshake a0bf1b68c Remove all PeerKey functionality e76085117 FILS: Do not allow multiple (Re)Association Response frames 2f1357fb6 FILS: Accept another (Re)Association Request frame during an association df9490620 Add MGMT_TX_STATUS_PROCESS command for testing purposes c53eb9461 OWE: Remove forgotten developer debug prints a34ca59e4 SAE: Allow SAE password to be configured separately (STA) 2377c1cae SAE: Allow SAE password to be configured separately (AP) c5aeb4343 P2P: Do not mark DFS channel as invalid if DFS is offloaded to driver 58efbcbcd DPP: Fix static analyzer warnings in key generation and JWK construction f51609022 P2P: Prefer 5/60 GHz band over 2.4 GHz during GO configuration 91cc34bf3 OWE: Allow set of enabled DH groups to be limited on AP 265bda344 OWE: Allow DH Parameters element to be overridden for testing purposes 8c19ea3f2 DPP: Add the crypto suite field to the frames c77e2ff09 DPP: Remove C-sign-key expiry 6254045a5 DPP: Explicitly delete the PKEX secret element K upon generation of z 0e6709a4e DPP: Rename PKEX secret element from Z to K 657317179 DPP: Verify that PKEX Qi is not the point-at-infinity a89138818 OWE: Transition mode information based on BSS ifname 109704657 OWE: Support station SME-in-driver case 5a78c3619 OWE: PMKSA caching in station mode d90f10fa4 OWE: PMKSA caching in AP mode 8b5579e17 DPP: Fix EAPOL-Key Key MIC calculation ec9f48377 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in station 7a12edd16 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in AP mode 6c4726189 OWE: Extend shared helper functions to support other DH curves d8c8d8575 OWE: Include RSNE in (Re)Association Response frame e8b964901 OWE: Transition mode support on station side 675112df1 OWE: Set PMK length properly on supplicant side ea079153f OWE: Add AP support for transition mode 4a3746341 hostapd: Update HE capabilities and HE operation definition 63bc0ab0e P2P: Allow GO to advertise Interworking element 3567641eb Add TX/RX rate info and signal strength into STA output fa4b605a0 WPS: Do not increment wildcard_uuid when pin is locked e37cea308 OCE: Update default scan IEs when OCE is enabled/disabled ee522d27c Vendor flags for 11ax channel property flags for use with external ACS 61a56c148 Add group_mgmt network parameter for PMF cipher selection 0ad5893a2 PAE: Validate input before pointer fd35ed5bb AP: Remove unneeded check for 'added_unassociated' d55b17460 FILS: Vendor attribute to disable driver FILS features a7297ae5c Fix hostapd debug messages on wpa_pairwise and rsn_pairwise parsing 29c940e7a TDLS: Update the comments related to TPK derivation 3de1566db FILS: Check req_ies for NULL pointer in hostapd_notif_assoc() 1c9663cf6 OpenSSL: Force RSA 3072-bit DH prime size limit for Suite B 2ed70c758 OpenSSL: Add option to disable ECDHE with Suite B RSA 4eb8cfe06 OpenSSL: Force RSA 3072-bit key size limit for Suite B 6418400db Add hostapd tls_flags parameter 60ed2f24e Suite B: Add tls_suiteb=1 parameter for RSA 3k key case 5030d7d9f DPP: Allow raw hex PSK to be used for legacy configuration 039ab15fd DPP: Add DPP-CONFOBJ-PASS/PSK events for hostapd legacy configuration 9824de57a Fix EAPOL-Key version check for a corner case with Suite B AKM 3c7863f81 wpa_supplicant: Support dynamic update of wowlan_triggers 4cada9dcc FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS 41b819148 FILS: Update PMKID derivation rules for ERP key hierarchy establishment 303113398 mesh: Move writing of mesh_rssi_threshold inside CONFIG_MESH 2efc67207 Fix RSN pre-authentication regression with pre-connection scan results 73b3de01c macsec_linux: Exit early when missing macsec kernel module 7612e65b9 mka: Add error handling for secy_init_macsec() calls 2c66c7d11 wpa_supplicant: Check length when building ext_capability in assoc_cb fdbfb63e4 nl80211: Fix bridge name print while removing interface from bridge 333517ac1 crypto: Fix undefined behavior in random number generator 84fccc724 Send Client-Error when AT_KDF attributes from the server are incorrect 446600c35 Add AT_KDF attributes to Synchronization-Failure in EAP-AKA' 155bf1108 PMKSA: Fix use-after-free in pmksa_cache_clone_entry() cdf250149 dbus: Add new interface property to get mesh group 190f6f117 dbus: Add new interface property to get connected mesh peers a9de99b1c dbus: Add MeshPeerDisconnected signal 9b0701fbf dbus: Add MeshPeerConnected signal a39b040b4 dbus: Add MeshGroupRemoved signal 89e9cd25d dbus: Add MeshGroupStarted signal 49e6a5553 FILS: Add a space before MAC address to a HLP debug message 359166ed2 Remove the completely unused FT parameters in driver association data 3db2a82df Add SHA-384 routines to libcrypto.a a0f19e9c7 SAE: Allow commit fields to be overridden for testing purposes (STA) 3648d8a18 SAE: Allow commit fields to be overridden for testing purposes e75335384 SAE: Add testing code for reflection attack e61fea6b4 SAE: Fix PMKSA caching behavior in AP mode a6f238f21 DPP: Add base64 dependency in makefiles c2d4f2eb5 DPP: Derive PMKID using SHA256() for all curves 64a0a75b5 nl80211: Fix auth_alg selection with FILS in the connect command 7475e80f1 FILS: Fix wpa_supplicant AP build without CONFIG_IEEE80211W 85fd8263a DPP: Use Transaction ID in Peer Discovery Request/Response frames a28675da2 hs20-osu-client: Fix build with new OpenSSL and BoringSSL cf39475b4 Introduce QCA_NL80211_VENDOR_SUBCMD_HANG 17385fba2 tests: JSON module tests for additional array parsing d4488b9da JSON: Fix parsing of arrays of numbers, strings, literals a4bf00787 DPP: Remove devices object from the connector e77d13ef9 QCA vendor attribute to configure beacon miss penalize count for BTC 7bd88aaf3 QCA vendor attribute to configure beacon miss count 505554bbf QCA vendor attribute to enable/disable scan ae048257c WPS: Interpret zero length ap_pin hostapd.conf parameter as "unset" 2bdbace63 Remove some obsolete information from hostapd README file b0fc2ef3a hw_features: Fix check of supported 802.11ac channel width b5bf84ba3 WNM: Differentiate between WNM for station and for AP in build 922dcf1b4 RRM: Remove duplicate frequencies from beacon report scan request 705e2909c RRM: Send response when Beacon report request is not supported/refused 3756acfd4 RRM: Send Radio Measurement response when beacon report scan fails b3c148e9f RRM: Send reject/refuse response only to unicast measurement request 51143af7e wpa_cli: Fix global control interface for STA-FIRST/STA-NEXT 809c67502 DPP: Fix build with OpenSSL 1.1.0 89971d8b1 OpenSSL: Clear default_passwd_cb more thoroughly f665c93e1 OpenSSL: Fix private key password handling with OpenSSL >= 1.1.0f 2b9891bd6 OpenSSL: Add build option to select default ciphers 65833d71a OCE: Add hostapd mode OCE capability indication if enabled 332aadb8a STA: Add OCE capability indication attribute fb718f94d nl80211: Check if driver supports OCE specific features 46b15e470 Add vendor flags for OCE feature support indication b377ec258 FILS: Fix issuing FILS connect to a non-FILS AP in driver-FILS case 9f44f7f3b Introduce a vendor attribute to represent the PNO/EPNO Request ID 881a92e8b FILS: Fix compilation with CONFIG_NO_WPA 1f2ae8cff EAP-TTLS: Fix a memory leak on error paths 83e003a91 EAP-TTLS: Fix possible memory leak in eap_ttls_phase2_request_mschap() 422570eec MBO: Fix possible memory leak in anqp_send_req() 96e595a9f EAP-LEAP: Fix possible memory leak in eap_leap_process_request() 23eead4d7 RRM: Filter scan results by parent TSF only if driver supports it 3f8e3a548 ap: Fix invalid HT40 channel pair fallback 6d3e24d3e ap: Fix return value in hostapd_drv_switch_channel() d02e4c8ac P2P: Clear get_pref_freq_list_override on P2P Device bfbc41eac DPP: Fix compilation without openssl cc6088463 P2P: Allow auto GO on DFS channels if driver supports this fe3e0bac1 FILS: Advertize FILS capability based on driver capability 5579c11c3 Fix a typo in vendor attribute documentation 8b5ddda5f FILS: Add HLP support with driver-based AP SME 31ec556ce FILS: Fix the IP header protocol field in HLP DHCP response b3e567c89 FILS: ERP-based PMKSA cache addition on AP bfe448331 FILS: Fix a frame name in a debug print 6d49aeb76 MBO: Whitespace cleanup f2cdb41b8 OCE: Define OCE attributes and other related macros 267fc0dd3 Add wpa_supplicant ctrl iface support to scan for a specific BSSID f522bb237 DPP: Add DPP_CONFIGURATOR_SIGN to generate own connector dc7fc09cc DPP: Add control interface commands into hostapd_cli a86fb43ca DPP: DPP_BOOTSTRAP_INFO for hostapd 484788b87 DPP: Share bootstrap type to string helper function 623f95685 DPP: Allow wpa_cli DPP_CONFIGURATOR_ADD without arguments 888502325 Add new key_mgmt values for wpa_supplicant STATUS command 3a5954ef9 Add mgmt_group_cipher to wpa_supplicant STATUS command 90f837b0b Update default wpa_group_rekey to once-per-day when using CCMP/GCMP 787615b38 DPP: Set PMKSA expiration based on peer connector 6b140f0fa DPP: Update hostapd configurator parameters to match wpa_supplicant 2605405aa DPP: Configurator in hostapd efeada91a DPP: PKEX in hostapd 6095b4790 DPP: Check JWS protected header alg against C-sign-key curve b65b22d60 DPP: Configurator parameters in responder role 31f03cb00 DPP: Update JWS algorithm strings for Brainpool curves e0d3d3fce DPP: Rename Brainpool curve names for JSON 500ed7f00 DPP: PKEX bootstrapping b9d47b484 DPP: Add helper functions for running hash operations 0c7cf1f50 DPP: Increase hostapd_cli buffer limits 44d6b272c DPP: Fix configuration item list 43fbb8db5 DPP: More debug for own connector configuration errors f1f4fa797 DPP: Fix JWK debug prints b04854cef nl80211/MBO: Set temporary disallowed BSSID list to driver 2a71673e2 ERP: Derive ERP key only after successful EAP authentication 528b65578 Add Set Wi-Fi Configuration vendor attribute to configure LRO 944f359e1 Introduce a vendor command to specify the active Type Of Service b6ea76425 nl80211: Make KCK attribute optional in rekey data 35f064212 DPP: Allow passphrase to be set for Configurator 68cb6dcec DPP: Allow SSID to be set for Configurator 186f20489 JSON: Fix \u escaping a82349347 DPP: Add an example python script for QR Code operations 6a7182a9c DPP: Add DPP_BOOTSTRAP_INFO command 8528994e2 DPP: Automatic network profile creation da143f7fb FILS: Fix EVENT_ASSOC processing checks for driver-SME 3c0daa13d Make wpa_config_read_blob() easier for static analyzers a0d5c56f8 DPP: Network Introduction protocol for wpa_supplicant 4ff89c2eb DPP: Network Introduction protocol for hostapd 650a70a72 DPP: Network Introduction protocol 56c754958 DPP: AP parameters for DPP AKM b979caae5 DPP: Network profile parameters for DPP AKM 0c52953b0 DPP: Allow PMKSA cache entries to be added through hostapd ctrl_iface 567da5bbd DPP: Add new AKM 9c2b8204e DPP: Integration for hostapd 9beb2892d DPP: Add wpa_cli commands for DPP operations 461d39af4 DPP: Configuration exchange 30d27b048 DPP: Authentication exchange be27e185b DPP: Bootstrap information management d4d76d983 Fix offchannel TX done handling for sequence of TX frames 00b02149e nl80211: Register to receive DPP Public Action frames 4e19eb88a tests: Module tests for JSON parser 005be3daa Add JavaScript Object Notation (JSON) parser (RFC7159) 5b52e1adc tests: Update base64 OOM test cases to match implementation changes 0ffdc8b19 Add base64url encoding/decoding per RFC 4648 77f273c82 Extend SHA-384 and SHA-512 support to match SHA-256 2c9d92497 P2P: Debug print P2P_FIND rejection reason 618aa2290 P2P: Fix p2p_in_provisioning clearing in failure case b5db6e5dc eap_proxy: Support multiple SIMs in get_imsi() 002087651 eap_proxy: Build realm from IMSI for proxy based EAP methods 5e0c20ff3 nl80211: Do not notify interface as re-enabled if initialization fails 8696e6170 eap_proxy: Add support for deriving ERP information 115d5e222 hostapd: Fix handling a 20/40 BSS Coexistence Management frame 2d18ab408 Add a config parameter to exclude DFS channels from ACS 3c2bd55f0 P2P: wpas_p2p_select_go_freq() to check for supported pref_freq 8d968351a Interworking: Add NULL checking for EAP name in phase2/autheap parameter 9ddba3a30 Rename vendor attribute DISABLE_OFFCHANNEL to RESTRICT_OFFCHANNEL d506c35ef Set Wi-Fi Configuration attribute to restrict offchannel operations 4aa329298 ERP: Do not generate ERP keys when domain name is not specified 34ee12c55 Do not flush PMKSA on bssid_hint change 290834df6 nl80211: Fix race condition in detecting MAC change 04f667fcd DFS: Allow switch to DFS channel after radar detection in ETSI aa56e36d6 driver: Make DFS domain information available to core e8e430fe7 Vendor attributes to retain connection on a roam request failure 43a356b26 Provide option to configure BSSID hint for a network 33117656e Define a QCA vendor attribute to update the listen interval 85cff4b0d OpenSSL: Try SHA256 hash for OCSP certificate matching d264c2e39 HTTP (curl): Try SHA256 hash for OCSP certificate matching 95818ec17 Fix compiler warning with CONFIG_IEEE80211R no-CONFIG_FILS build 613639454 Make CONFIG_MACSEC depend on IEEE8021X_EAPOL 31a856a12 mesh: Make NL80211_MESHCONF_RSSI_THRESHOLD configurable 1f3c49d41 Fix 160 MHz opclass channel to frequency conversion 9f4947466 dbus: Add method to disable channel switching with a TDLS peer 2a57b4b82 dbus: Add method to enable channel switching with a TDLS peer 193950541 dbus: Add AbortScan method to abort ongoing scan 8fed47e01 FILS: Derive FT key hierarchy on authenticator side for FILS+FT 7d440a3bc FILS: Derive FT key hierarchy on supplicant side for FILS+FT 215eaa748 FILS: Implement FILS-FT derivation 80ddf5d99 FILS: Fix Key-Auth derivation for SK+PFS for authenticator side e6b623133 FILS: Fix Key-Auth derivation for SK+PFS for supplicant side 4d0a61c50 FILS: Debug print inputs to Key-Auth derivation be1ece46f wpa_supplicant: Add GET_CAPABILITY for P2P redirection 853cfa873 Detect endianness when building for RTEMS 35bb8a9a5 Android: Define CONFIG_TESTING_OPTIONS if enabled in config 178553b70 MBO: Add support to set ignore assoc disallow to driver 3a46cf93d FT: Add support for wildcard R0KH/R1KH eefe86301 FT RRB: Add msg replay and msg delay protection 245fc96e5 FT: New RRB message format 50bd8e0a9 FT: Replace inter-AP protocol with use of OUI Extended Ethertype f2a04874c MBO: Fix possible NULL pointer dereference on candidate handling 01dd2b105 ERP: Silence static analyzer warning d912953e3 atheros: Get rid of static analyzer warnings on 0-length memcpy 470f08b4f Enable CONFIG_WNM=y automatically for CONFIG_MBO=y builds f54114825 Fix GAS server ifdef block use 8b49b530b Fix CONFIG_INTERWORKING=y build without CONFIG_HS20=y 0661163ef Do not blacklist the current AP on DISABLE_NETWORK ec27b04e6 hostapd: Select a valid secondary channel if both enabled da6a28ba6 FILS: Specify if FILS HLP was sent in connect a38090b16 FILS: Add HLP to Connect IEs 1e6780bda Allocate dynamic memory for connect IEs 9f894823f PAE: Silence static analyzer warning about NULL pointer dereference 9a72bfe9a Add control interface command to enable/disable roaming fa61bff6a FILS: Handle authentication/association in partial driver AP SME 5cee22ca4 FILS: Make handle_auth_fils() re-usable for driver-based AP SME 5e5f8c816 FILS: Move authentication response handling into a helper function b8a3453ac FILS: Pass only IE area to handle_auth_fils() 9392859d7 FILS: Move AssocResp construction to a helper function bd5993532 FILS: Move Key Confirm element validation to a helper function 087631b98 FILS: Move Session element validation to a helper function cc20edc9f FILS: Add FILS auth_alg to driver-based AP SME association handling 957bff83c FILS: Add driver-AP SME callback to set TK after association 8acbf85fa FILS: Add FILS AEAD parameters for sta_auth() calls f46c154c5 atheros: Add FILS AAD parameters in sta_auth() handler 6b128fb2a driver: Move sta_auth() arguments to a struct d7cff1d87 atheros: Enable raw management frame receive for FILS builds 2b7a8ec47 atheros: Read driver FILS capability d5444aac4 FILS: Add FILS Indication element into Beacon/Probe Response template 8befe8a99 Define a QCA attribute to specify the PCL policy for external ACS 183d3924c WPS: Add option for using random UUID b44d1efd2 FILS: Fix key info in GTK rekey EAPOL-Key msg 2/2 04243740c FILS: Fix GTK rekey by accepting EAPOL-Key msg 1/2 with FILS AKM bbe7969d6 FILS: Update cache identifier on association f705f41b7 FILS: Update PMKSA cache with FILS shared key offload 01ef320f1 FILS: Update ERP next sequence number with driver offload 5538fc930 FILS: Track completion with FILS shared key authentication offload 8b0a6dba8 FILS: Connect request for offloaded FILS shared key authentication 79f3121bb FILS: Set cache identifier in current PMKSA entry for driver-SME case 15def72fa ERP: External control of ERP key information 42e69bda2 FILS: Add support for Cache Identifier in add/remove PMKSA 061a3d3d5 nl80211: Add support for FILS Cache Identifier in add/remove_pmkid() 6fbb54140 driver: Move add_pmkid() and remove_pmkid() arguments into a struct ad295f3b8 nl80211: Add support for FILS shared key offload 199eb3a4e FILS: Add support to write FILS key_mgmt values in network blocks 16217e13d QCA vendor commands and attributes for spectral scan 5db997e34 FILS: Add FTE into FILS Authentication frame from AP when using FILS+FT af3e362fa FILS: Add MDE into Authentication frame for FILS+FT 5aa08153a FT: Add selection of FT+FILS AKMs c10e0ccc9 Hide *PMKSA_ADD parameters from debug log 2971da270 P2P: Do not use wait_time for SD Response TX for last fragmentation c5fee1604 FT: Schedule wpa_ft_rrb_rx() through eloop in intra-process communication 469677367 Sync with mac80211-next.git include/uapi/linux/nl80211.h 775e986d5 hostapd: Fix crash on consecutive channel switch failures 3d5f0e916 wpa_supplicant: Avoid associating to temp disabled SSID in ap_scan=2 fbba28f8c P2P: Suppress warning on non-P2P config 127595887 QCA vendor command: Add TA max duration attribute for OCB configure 2a9ec7c69 Define attributes for QCA vendor OCB commands 6a4363f5f MBO: Fix reject reason codes 0119d4424 FILS: Fix wpa_supplicant compilation errors 4cc6574d0 FILS: Fix fils_cache_id check a5269dc20 wpa_helpers: Ignore link-local IPv4 address while waiting for DHCP e2f00bb5f xml: Add Value node in TNDS node conversion for empty value case a34317b52 GAS: Handle no-ACK TX status for GAS request frames 5db86df6a macsec_linux: Fix NULL pointer dereference on error cases e50df5d2a mka: Fix use-after-free when transmit secure channels are deleted 529d6ed72 mka: Fix use-after-free when receive secure channels are deleted 6c2056abe QCA vendor attributes to extend antenna diversity functionality b4ae5f04d Add vendor attribute to config propagation delay's absolute value 7f5f4e46a Fix QCA_ATTR_NUD_STATS_IS_DAD value 2c0ac6d61 P2P: Run full P2P_FIND scan after pending scan completes d3bb082a7 P2P: Continue scanning specified channel with P2P_FIND freq argument 31e130f82 FILS: Add FILS-SK-PFS capability into "GET_CAPABILITY fils" command 649835167 FILS: Check FILS Indication element against local network profile 76e20f4fa FILS: Add FILS SK auth PFS support in STA mode 1764559ee FILS: Add FILS SK auth PFS support in AP mode cad291d67 FILS: Define authentication algorithm for FILS SK auth with PFS 611523849 OWE: Add CONFIG_OWE=y build option 07a5fe823 OWE: Use AKM 00-0F-AC:11 style parameters for EAPOL-Key frames ef9627cbc Print the algorithms used for EAPOL-Key professing in log ef2383859 Return success/failure result from sha384_prf() 0a6147991 OWE: Process Diffie-Hellman Parameter element in STA mode 09368515d OWE: Process Diffie-Hellman Parameter element in AP mode f9561868e OWE: Add driver capability flag for OWE AKM a1ea1b452 OWE: Define and parse OWE AKM selector 9c7aac738 OWE: Define and parse Diffie-Hellman Parameter element e73244c24 tests: Extract-and-Expand HKDF (RFC 5869) 4ec833daf Extend hmac_sha256_kdf() to support HKDF-Expand() as defined in RFC 5869 ae1ec1aaf OpenSSL: Add wrapper functions for ECDH b07ff9cb0 wpa_supplicant: Allow disabling HT in AP mode without HT overrides 2124a615e wpa_supplicant: Allow explicit wide channel configuration for AP mode 57ee04dc7 wpa_cli: Execute action file in case of WPS_EVENT_TIMEOUT 6252b981d wpa_cli: Execute action file in case of WPS_EVENT_ACTIVE acdf50219 WPS: Notify about WPS PBC event in Enrollee mode 15e5ee0b7 wpa_supplicant: events: Don't bounce timeout reason through a buffer e97d15b73 wpa_cli: Update wnm_bss_query auto complete message 15ab61eda WNM: Add option to configure candidates for BTM query candidate list e044a9d1e common: Add candidate list parsing helper function 13bf18eda WNM: Use a dynamically allocated buffer for BTM query and response 34f285190 MBO: Parse MBO ANQP-element on STA 941caed98 MBO: Add MBO ANQP-element processing on AP 8ecf2231f ANQP: Extend ANQP_GET command to request without IEEE 802.11 elements 2316cb358 MBO: Add option to add MBO query list to ANQP query 7cbb5f1a4 DFS: Handle pre-CAC expired event 62c8c7f72 nl80211: Handle pre-CAC expired event from the driver caaaee072 Sync with mac80211-next.git include/uapi/linux/nl80211.h 3dcd735c1 DFS: Handle CAC completion event from other radio d0330d57f nl80211: Add option to delay start of schedule scan plans b696f791a RRM: Fix wpas_rrm_send_msr_report() loop handling 891aa65b8 RRM: Use dynamically allocated buffer for beacon report a1f11e34c Use os_memdup() dbdda355d Introduce os_memdup() af8bc24da MBO: Add support for transition reject reason code 3ab484928 nl80211: Driver command for checking BTM accept/reject 23cddd751 wpa_supplicant: Fix non_pref_chan example b9fd3c244 tests: Add TEST_FAIL() to radius_msg_add_attr() de01f254a RADIUS server: Fix error paths in new session creation 4c803dfcd ACS: Fix memory leak if interface is disabled during scan 29be2c090 ACS: Simplify code paths fa07d2d46 tests: Add TEST_FAIL() checks in l2_packet d4359923e Fix DHCP/NDISC snoop deinit followed by failing re-init 160dca078 Add QCA vendor command/attr for BRP antenna limit control 57d3c5913 Clear scan_res_handler on no-retry failure e9518ae74 WFD: Add WFD R2 Subelements 21ac78279 QCA nl80211 vendor attribute for specific sub-20 MHz channel width ff936bc75 Make the third octet of Country String configurable 511831983 trace: Look up start to cope with ASLR 206516e8c af_alg: Crypto wrappers for Linux kernel crypto (AF_ALG) b41d3e0a7 crypto: Process des_encrypt() error returns in callers 5f0e165e8 crypto: Add return value to DES and AES encrypt/decrypt dca4b503f MBO: Fix minimum length check on non_pref_chan configuration 5b9f46df0 hostapd: Get channel number from frequency based on other modes as well 4c8836f13 FILS: Fix fils_hlp.c build with older netinet/udp.h definitions c4bb39707 Fix AES-SIV build dependencies 694a3a0d6 mesh: Fix CONFIG_MESH=y build without CONFIG_IEEE80211W=y 88a447556 Fix SELECT_NETWORK freq parameter d02989f2e D-Bus: Notify mesh capability if driver supports it 57a2aacab Add option to disable broadcast deauth in hostapd on AP start/stop 21ed24f5a hostapd: Fix potential mesh-related change from impacting non-mesh cases b7286c1b5 FILS: External management of PMKSA cache entry with Cache Identifier 869af3072 FILS: Use FILS Cache Identifier to extend PMKSA applicability 6aea02e57 SME: Clear portValid on starting authentication to fix FILS ba9774bd7 FILS: Fix BSSID in reassociation case 7eace3787 FILS: Find PMKSA cache entries on AP based on FILS Cache Identifier Bug: 68042382 Test: Device boots up and connects to wifi networks. Test: Regression tests. Change-Id: I6710d39e00c489288f8afe855868ad28aeba0100 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2017-10-24 13:02:12 -07:00
Dmitry Shmidt	ebd93af924	Cumulative patch from commit 128f6a98b3d4d6ed103db759707309f451db9682 ... 128f6a98b mka: Fix the order of operations in secure channel deletion 213eb1885 dbus: Set mode to mesh in bss properties when mesh is supported 21fda4ee7 RSN: Fix pre-authentication EAPOL-Start startPeriod configuration 3f23260da nl80211: Notify reason for connection timeout failure ca1ab9db2 hostapd: Get vendor HE capabilities 7785c70bb QCA vendor command for fetching HE capabilities d512f406f hostapd: Add IEEE 802.11ax HE IEs into Beacon/Probe Response frames 94380cb40 hostapd: Initial IEEE 802.11ax (HE) definitions 5972dc73c mesh: Use correct rate in VHT and HT mixed environment 84ea61cff mesh: Use correct rate in HT and legacy mixed environment 025c6a47f VHT: Remove a redundant check a7a638c2c hw_features: Move VHT capabilities checks to common e01cf2afc Define eapol_sm_get_eap_proxy_imsi() only with CONFIG_EAP_PROXY=y a8e25deeb FT: Merge similar error paths to use common steps c6c41f6ea FT: Support addition of RIC elements into Reassociation Request frame ecbdc1a1f Mark RSN msg 1/2 key data debug dump as key material 834c5d681 FILS: Fix PMK length for initial connection with FILS SHA384 AKM e491389eb FILS: Fix ifdef for PTK derivation with SHA384-based AKM 62944f7d2 Add HMAC-SHA384 with internal crypto aeecd4eae OpenSSL: Fix hmac_sha384_vector() implementation 5db32adc9 browser-wpadebug: Send HTTP response with HTTP/1.1 header 79329ae0a P2P: Verify local driver preferred frequencies for P2P use cases 3a7819f0a P2P: Add P2P_SET override_pref_op_chan to allow overriding preference c06fca04f Add wpa_supplicant SET get_pref_freq_list_override b4d56efb1 Use throughput estimate-based BSS selection with larger SNR difference 142041487 Drop GREAT_SNR definition from 30 to 25 dB 364c064a4 FT: Check key derivation results explicitly in AP operations b5562a1a6 FILS: Remove CRC32 dependency from build 5cf0930f9 testS: Additional BSS TM error case coverage 885bbd4de WNM: Remove unused code from BSS TM Req generation e7ddd86a9 WNM: Use a common error path in ieee802_11_send_wnmsleep_resp() d6d5970e2 WNM: Fix WNM-Sleep Mode Request parsing for WNM-Sleep element 8492cc79c PeerKey: Remove dead code related to STSL negotiation state e37c0aa5d OSU server: Remove invalid options from documentation 0d6056703 WMM: Fix estimated medium time calculation for some corner cases ae26d3021 Fix "IEEE 802.11: Ignored Action frame" debug message 4ead4c7ec WMM: Remove obsolete TODO comments 577e794eb Sync android.config with wpa_supplicant defconfig changes 784710b7f Add bgscan options to wpa_supplicant defconfig 212a8f487 Fix wpa_supplicant defconfig copy-paste description 57c3a605c Add support to sched scan to report relatively better BSSs 20c846d9e nl80211: sched_scan relative RSSI parameters 37e9f511e mka: Send MKPDUs forever if mode is PSK 76aa31838 EAP: Call deinit_for_reauth() for Phase 2 EAP methods 02156b98b EAP-AKA: Don't use anonymous identity in phase2 9e2afe10e EAP-SIM: Don't use anonymous identity in phase2 ed9b1c16d EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA' 5f11880f6 SME: Remove null ie param from CTRL-EVENT-AUTH-REJECT 4d70b2a4e RRM: Fix a memory leak in beacon request handling 401243b73 RRM: Fix range request overriding fb81c0a3d RRM: Merge similar error returns to a single one 13b30052d RRM: Fix Range Request max age parsing bd6ec7f7c Fix MAC ACL query freeing on deinit b4fd1f0ed Allow PNO scan also in connection completed state 4c6f450ca Add radio_work_is_connect() helper 85b6b6b6e Serialize scan/p2p-scan if already scheduled on the same interface fcb303a57 P2P: Clear driver scan cache after BSS_FLUSH 0d6dc6830 FILS: Clean up HLP resize check 1d9d21f37 GAS: Add support to randomize transmitter address 8331c9b31 nl80211: Add support for mgmt_tx with random TA 14fa723a9 Sync with mac80211-next.git include/uapi/linux/nl80211.h 65ab7eb1f GAS: Fix OSU Providers List response with invalid configuration f3e157057 VHT: Fill VHT capability with hardware capability 4bb9b674c Add a log message when GTK rekeying failed 41f140d38 Add hostapd options wpa_group_update_count and wpa_pairwise_update_count e54691106 mka: Some bug fixes for MACsec in PSK mode 7faf403f9 mka: Fix an incorrect update of participant->to_use_sak 00e0f0b01 hs20-osu-client: Hide a trivial compiler warning 276e93654 hw_features: Clean center freq for falling back HT40 channels f47f93617 P2P: Override P2P_PEER group_capab with 0 if no matching BSS entry found bcf66493c Fix estimated throughput based skip-roam case 84bb12aa6 FILS: Fix send_assoc_resp() HLP extension to cover sta == NULL 275cc9428 FILS: Stop processing if fils_rmsk_to_pmk() fails caab23f19 Set EAPOL-Key Key Length field to 0 for group message 1/2 in RSN b0fb2be77 Do not send GNonce in EAPOL-Key group message 1/2 3bbc47050 Fix EAPOL-Key Install bit in Group Key 1/2 with FT and FILS auth db5e53cb0 mesh: Fix struct hostapd_data initialization 9b170991a mesh: Fix mesh interface removal fix 945604a35 Update wpaspy.py to be python3 compatible 4d6e79f86 Use defines in hostapd_set_freq_params() 0217b8d87 eloop: Fix comments mismatch eloop_event/timeout_handler definitions 09a97eb27 Update the copyright notice years for QCA vendor definitions 841e9a8c7 QCA vendor command to set the trace levels for the specific QCA module d77f33041 FILS: Fix AES-SIV AAD for (Re)Association Request frame decryption 7a6c3de23 ERP: Use macro for EMSKname length instead of hardcoded integer value bb3ea71a2 ERP: Fix rIK derivation 124ddfa19 FILS: Parse and report received FILS HLP Containers from response 91d91abf6 FILS: DHCP relay for HLP requests 54b04d6f3 FILS: Move HLP request handling into a separate file 5a9d50493 ProxyARP: Use more robust DHCP option parsing e64c13feb Move DHCP definitions into a common file 70407ee5c Add QCA vendor definitions for BSS transition status 53d171440 AP: Check ACL upon association request for 802.11ad 4cc61c386 GAS: Set temporary session timeout bigger than gas_comeback_delay Test: Wifi Suite Change-Id: Id597d7cba5d2b3875f2dbbeb9a10fd5e69a6a7c2 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2017-02-27 08:39:52 -08:00
Dmitry Shmidt	293335998d	Cumulative patch from commit 05e5e615e6a26d7a9f5bd0569a0baeae1bcdee49 ... 05e5e615e AP: Skip authentication/deauthentication phase for DMG/IEEE 802.11ad 0c4b9025c AP: Do not look for supported rates in DMG/IEEE 802.11ad e72faadb4 bgscan_simple: Fix short_scan_count comparison 517b5f928 nl80211: Zero num_modes if nl80211_get_hw_feature_data() fails 39c5da328 nl80211: Use correct attribute for scan flags in vendor scan c167662d7 eap_proxy: On SIM error flush PMKSAs only for SIM/AKA/AKA' networks 6657bb158 Fix OOM handling in neighbor report response handling 7187e2093 Allow LCI request with no subelements d73420143 RRM: Enable beacon report with active/passive scan for all drivers ec45927b8 Report received beacon report with BEACON-RESP-RX event f3383366a Report beacon request TX status as control interface event 90d9d7c32 Beacon request through hostapd control interface 73a27a634 Add hostapd configuration parameter rrm_beacon_report de6ec8b55 Enable Beacon Report using beacon table for all drivers 6774c6a9f Update copyright notices for the new year 2017 f56877414 Do not add own BSS in neighbor report with invalid op_class/channel aeff0645d FILS: Fix FILS Realm Information ANQP-element construction 76196ddb2 wpa_supplicant: Add support for Beacon Report Radio Measurement b3060bf99 common: Add helper function to convert RSSI to RCPI 1ac4dba31 wpa_supplicant: Extend verify_channel() and make it global c9ff8e5f6 common: Add function to get an operating class by its number and country e4f1d879c common: Add non-global to global operating classes conversion 96a5f14ee nl80211: Add support for additional scan parameters for beacon report c16b9f8d3 driver: Add scan support to beacon report 3c716fdbd wpa_supplicant: Refactor wpas_rrm_build_lci_report() e1b96e112 wpa_supplicant: Send rejection for unsupported radio measurements 0c73e410d wpa_supplicant: Limit RRM response size to MMPDU size 9664ab8b7 wpa_supplicant: Refactor Radio Measurement Request handling 332bf5d3f wpa_supplicant: Validate RRM request frame format ec493469f wpa_supplicant: Move RRM implementation to a dedicated file d1c74f8c9 Add RRM definitions for beacon report measurement 6a31440b8 Fix LCI request subelement processing ce691a8d9 Add CONFIG_MESH into wpa_supplicant defconfig 67129ab9e wpa_cli: Add commands to use PMKSA_GET/ADD bbad185c1 P2P: Fix compilation warning in p2p_add_device() 2977f5193 GAS: Remove unnecessarily duplicate gas_frag_limit configuration 1940559ea FT: Drop FT Action frames if ft_over_ds=0 d8de90487 Remove deprecated tx_queue_* params from hostapd.conf notes 78022c836 Fix memory leak on hostapd eap_user_file parsing error paths 02f999c6d hostapd: Remove unnecessary NULL check from parser functions fd5f29e7e Fix memory leak in hostapd BSS_TM_REQ error path handling 95de34a10 Remove trailing whitespace 45997cce4 hostapd: Add TERMINATE as per-interface command 546680f81 hostapd: Do not update dtim_period with invalid value 356773058 RADIUS server: Increase maximum number of sessions a5861afcb hostapd: Do not update invalid wep_key_len_unicast f78402ace hostapd: Do not update rejected wep_key_len_broadcast e0ba7efe5 hostapd: Do not update eapol_version with rejected value 9266d00bf hostapd: Reject invalid macaddr_acl value 8628555f9 hostapd: Check driver parameter before replacing previous value 1dfd25a68 Fix hostapd SIGHUP processing before interface is enabled 34e29dfd4 Remove unnecessary NULL check from hostapd_config_read_wpa_psk() call 65dfa8728 mka: Make MKA actor priority configurable 9bcfd5be8 Document new D-Bus WPS properties 77fcbf7ff D-Bus: Use a helper function to get possibly NULL strings dbf524946 D-Bus: Add DeviceType in WPS property 266097fda D-Bus: Add device serial number in WPS property 3ee6a3ab3 D-Bus: Add model number in WPS property ae66822cd D-Bus: Add WPS model name as property 318d4b5be D-Bus: Add WPS manufacturer as property b20f031c6 D-Bus: Add WPS device name as property 4a45dc192 mesh: Show [MESH] flag in print_bss_info() c04a67deb hostapd_cli: Add completion for get command bf4167b9d hostapd_cli: Add completion for set command 86adff09e hostapd_cli: Completion for further commands with STA parameter 4f59ad069 hostapd_cli: Use common completion for commands that use stations 62b95eb67 hostapd_cli: Add missing command help descriptions 04f02faac Fix wpa_cipher_to_alg() return type 9187b13ad wpa_supplicant: Add BSS CURRENT control interface command d7f12e4eb OpenSSL: Make sure local certificate auto chaining is enabled 4be02b71b OpenSSL: Remove SSL_{CTX_,}_clear_options ifdefs 7655bd738 P2P: Do not use wait_time for SD Response TX without fragmentation 1f0fdaf0e Fix race condition between AssocResp callback and 4addr event a6f3761f7 eap_proxy: Add support for SIM state change indication from eap_proxy 79a54ab9f eap_proxy: Fix eap_proxy_init() prototype to use const eapol_cb 4e118c847 D-Bus: Add 'freq' option to P2P Find method to specify starting channel e414f4f02 PeerKey: Fix STK 4-way handshake regression 28fb9bb19 PeerKey: Fix EAPOL-Key processing dfc773172 Android: Add p2p_add_cli_chan=1 option 7508c2ad9 PAE: Make KaY specific details available via control interface b54f43390 FILS: Make FILS Indication element information available in BSS output 8183aee6c FILS: Add support for building FILS Realm Information ANQP-element 9cad61867 FILS: Add Realm Information ANQP-element in BSS data 26bf70e3d FILS: Separate FILS realm configuration from ERP domain 42b847ac1 FILS: Fix hashed realm name derivation 29062f293 Update various definitions based on IEEE Std 802.11-2016 aaa9c60bc Fix preauth_test build by updating add_pmkid/remove_pmkid callbacks 0babae87a Fix wpa_supplicant build error with IEEE8021X_EAPOL unset 19810d29b Make Beacon IEs available in wpa_supplicant BSS command 274e76f22 mesh: Fix channel configuration in pri/sec switch case cebda0e3e Make debug print clearer for AP/mesh mode secondary channel issues 3459381dd External persistent storage for PMKSA cache entries c57931273 Add PMKSA-CACHE-ADDED/REMOVED events to wpa_supplicant 655dc4a43 Send "TERMINATING" event from hostapd 5149a0f04 P2P: Set p2p_persistent_group=1 at the time of reading disabled=2 065c029a5 Remove MBO dependency from Supported Operating Classes element 62cd9d792 nl80211: Specify the BSSID in the QCA vendor scan 444930e5b Define an attribute to do a specific BSSID QCA vendor scan cea761472 Add QCA vendor command definitions for IDs 61-73 cb0cc6efa Define QCA Beacon miss threshold attributes for 2.4 and 5 GHz bands c313c8a5d Fix QCA vendor command values for SAR power limits a5c723adc Interworking: Clear SCANNING state if no network selected a1836de64 SME: Fix IBSS setup after shared key/FT/FILS association f49c852b5 P2P: Fix a theoretical out of bounds read in wpas_p2p_select_go_freq() 944d48588 P2P: Fix a theoretical out of bounds read in wpas_p2p_setup_freqs() 0a6c9dc70 P2P: Send P2P-DEVICE-FOUND event on peer changing device name 9a431d493 WFD: Clear wfd_subelems when P2P peer stops sending them 6e374bd44 Ignore scan results from ongoing scan when FLUSH command is issued 71ac93453 Make update_idx available in BSS control interface command 49aa88bb5 P2P: Clear PEER_WAITING_RESPONSE on GO Negotiation success c79238b6a Define a QCA vendor command to configure SAR Power limits 0f5eb69f8 Use eloop timeout for post-EAP-Failure wait before disconnection 20b1a9e23 Allow hostapd wep_key# parameters to be cleared 5ec3d510e wpa_passphrase: Reject invalid passphrase Test: Wifi Suite Change-Id: Ida52ca4e43bbc326a89d4c9848529df2d545b692 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2017-01-09 12:28:05 -08:00
Dmitry Shmidt	7d17530e22	Cumulative patch from commit fcd85d9a3f2d9d63d0fa57e93446ad467db75b23 ... fcd85d9 Add QCA vendor commands/attributes for indoor location d1723c5 wpa_supplicant: Allow FTM functionality to be published faecb39 hostapd: Allow FTM functionality to be published fc72a48 hostapd: Use stations nsts capability in (Re)Association Response frame 22950d0 QCA vendor subcommand for LL_STATS extension b44d9c7 D-Bus: Add ConfigFile parameter into the interface properties 7dcec24 mka: Clean up key allocation 95e9460 mka: Get rid of struct ieee802_1x_cp_conf 07a6bfe mka: Store cipher suite ID in a u64 instead of u8 pointer 535a8b8 mka: Make csindex unsigned 343eb3b mka: Reorganize live peer creation and key server election 34dbe90 mka: Share a single delete mka implementation 0dabf79 mka: Introduce compare_priorities() 53080f7 mka: Clean up ieee802_1x_kay_mkpdu_sanity_check() 05283e7 mka: Simplify ieee802_1x_mka_dist_sak_body_present() 87b19c8 mka: Replace participant->kay with a local kay variable f9ea083 mka: Fix typos in grammar in variable names and comments 921171f mka: Use named initializers for mka_body_handler[] 86bef17 mka: Remove unused enum mka_created_mode values ec958ae mka: Remove cs_len argument from the set_current_cipher_suite functions 46bbda2 mka: Clean up ieee802_1x_mka_decode_potential_peer_body() cf375eb mka: Simplify ieee802_1x_mka_encode_icv_body() memory copying 8b4a148 mka: Simplify ieee802_1x_mka_sak_use_body_present() b3df783 mka: Reorganize loops in number of KaY functions de7f533 mka: Remove unused body_peer incrementation 2b13bca mka: Add reset_participant_mi() helper 3ceb458 mka: Clean up printf formats 8fab9e1 mka: Use named initializers for static structs d4f668f mka: Add MKA_ALIGN_LENGTH macro 1de7a9f mka: Add helper functions for dumping and creating peer d9639d1 mka: Clean up ieee802_1x_kay_get_cipher_suite() lookup function 7c547cf mka: Refactor the get_*_peer() functions 515bc1a mka: Fix a typo in mka_body_handler (mak to mka) a33e3c3 mka: Add a helper function, sci_equal(), for sci comparison cefeb8e mka: Use less bitfields in the IEEE 802.1X-2010 structs 2e94489 mka: Fix a typo in macsec_capbility f2f8616 Initialize hapd->nr_db in hostapd_alloc_bss_data() 30e0745 Fix TRACK_STA_LIST before BSS enabled 1f3b8b4 Check for driver initialization before doing driver operations 833d0d4 radius: Sanity check for NULL pointer segfault Change-Id: I500fe4f62e1a0010ea82c277f73becd2ac2dfa43 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2016-09-06 13:11:34 -07:00
Dmitry Shmidt	d13095b921	Cumulative patch from commit d015bb05df1e1c2b12060bd7ffa51dc980585f4f ... d015bb0 Move network add/remove operations to a common function 052b8d3 mesh: Report HT operation mode to kernel 2bd6217 mesh: Use WPA_DRIVER_MESH_CONF_FLAG_* as modification flag 4ffb3f8 mesh: Do NL80211_MESHCONF_* setting in single function a1431ef mesh: Move max_peer_links parameter to appropriate struct 72a652d IAPP: Set SO_REUSEADDR on listening socket 9d5d1c5 Add init fragment for hostapd on Android ecba450 mesh: Simplify HT40 check code 05aed43 mesh: Set correct secondary channel offset if HT40 is disabled 81372e3 ap: Use is_multicast_ether_addr() more 647862e nl80211: Remove duplicated check in nl80211_setup_ap() e3429c0 nl80211: Fix control port protocol no-encrypt setting Change-Id: Icaa3ad65fcf69a347e71c5f1953a29a47a8ab178 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2016-08-22 14:02:19 -07:00
Dmitry Shmidt	58d12adcdf	Cumulative patch from commit f5728d0a82d5c5fb5347e41ce761fdf4a79772ec ... f5728d0 nl80211: Fix segfault when params->freq is NULL for AP mode start 3388e7b mesh: Remove HT IEs if HT is disabled 4ac2ea5 mesh: Make DTIM period configurable fac72f9 mesh: Stop joining to different frequency network 7035162 mesh: Join an existing MBSS instead of creating a new one 58fe015 gitignore static library files 0f282c7 P2Ps: Clear existing value when peer stops sending adv_service_instance 4d7aab7 Make driver flags available through control interface 77d468e P2P: Cleanup by removing unnecessary os_free() call from p2p_deinit() e347caf mesh: Report mesh peer AID to kernel e3227c3 Sync with mac80211-next.git include/uapi/linux/nl80211.h 6c34b9c Assign QCA vendor attribute for setting TX fail count threshold 52fec36 Assign QCA vendor attributes for set retry configuration 1c8fe68 QCA vendor command to configure conditional switch channel for AP 34a5014 MBO: Remove unused assignment f8608fa SME: Fix SA Query local failure handling ab6ab07 Clear wpa_s->sme.last_unprot_disconnect.sec on FLUSH command 9636b07 HS 2.0: Add an event message to note failed OSU provider write 460e5cd OpenSSL: Fix OpenSSL 1.1.0 DH operation dd20eab HS 2.0: Add optional no-scan parameter to FETCH_OSU f465c32 Interworking: Define control interface message prefixes in wpa_ctrl.h 99a9423 HS 2.0: Make hs20_build_anqp_req() static 75b2a87 HS 2.0: Fix hs20_get_icon() error path 0da9869 Interworking: Remove unused allow_excluded from interworking_connect() 8329ad4 Fix wpa_config_get_all() error path f7c04e5 Interworking: Combine identical error returns into a single one a6f5b19 P2P: Allow P2P listen being offloaded to the driver/firmware 35d6655 nl80211: P2P Listen offload vendor command definitions ef60f64 Do not exceed scan ssid max size advertised by driver 4ac5f2f Add text name for WPA_KEY_MGMT_WPA_NONE key_mgmt value f0e8405 nl80211: Provide frequency in EVENT_ASSOC when IBSS is joined 653d227 MBO: Improve supported operating class generation 9607a1a nl80211: Keep QCA vendor extensions together 8bd9099 mesh: Add debug prints on my/peer lid mismatches 78ac368 mesh: Add MPM FSM transitions from ESTAB to HOLDING for {OPN,CNF}_RJCT 0202256 mesh: Update MPM FSM events to match the standard d02e549 mesh: Rename MPM FSM states to match the standard 1f2f3f1 mesh: Indicate OPN_RJCT event if AES-SIV decrypt fails e8afaad mesh: Write close reason from Mesh Peering Close to debug log ee0ad45 mesh: Remove GTKdata and IGTKdata from Mesh Peering Confirm/Close Change-Id: Ia720dc2e4db8539d566cbc826a5c6cfd26f169e1 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2016-07-28 10:07:03 -07:00
Dmitry Shmidt	4ae50e65ef	Cumulative patch from commit 37fd0be2d3ca50c9035e67041328099356a46860 ... 37fd0be Add CTRL-EVENT-CHANNEL-SWITCH event to indicate channel changes 1574fa1 GAS: Fix double-free on an error path d6e93d3 GAS: Remove unused gas_query_cancel() ae2b482 GAS: Check protected/unprotected drop after action code check 9c21b2b GAS: Report GAS-QUERY-DONE event on initial req TX failure e6804fe OpenSSL: Update to match the modified DH_get0_key() API fc1e2c0 D-Bus: Make the CurrentAuthMode property getter more robust 82b9ec3 D-Bus: Add DeviceFoundProperties signal for discovered peers 4976618 mesh: Mark wpa_state COMPLETED when mesh join has been performed b94fff1 wpa_supplicant: Configurable EAP fragment size in AP mode 617593c Assign vendor specific elements for early HE testing 4874b78 PAE: Use big endian version in current_peer_id.mn to be more consistent ce256b4 PAE: Use sci->port more consistently 2f13e54 wired: Silence sparse warning on redefinition of IFNAMSIZ 82ffcba Move extern declarations for ext_password backends into a header file affdd33 Move extern declarations for autoscan modules into a header file 9eece21 Move extern declarations for bgscan modules into a header file 39ab6a5 Move extern declarations for driver ops into a header file 4775471 nl80211: Mark wpa_driver_nl80211_get_macaddr() static ebae413 Fix a debug print in p2p_manager_disconnect() f367c08 Mark internal functions static 582121b OpenSSL: Silence sparse warnings in fips186_2_prf() 451e094 dhcp_snoop: Silence a sparse warning bbae0f0 ndisc_snoop: Include ndisc_snoop.h to check prototypes 99a716a TNCS: Mark functions static 799a7ed PAE: Mark ieee802_1x_kay_deinit_data_key() static 4e7f5a4 PAE: Use be16/be32 instead of u16/u32 for spartse ac36b13 TNCC: Mark functions static fad6485 radiotap: Silence sparse warnings about byte order swapping 94c4d78 FST: Make fst_action_names static 82c734c FST: Fix byte order of couple of fields on big endian hosts 0dbe22b Mark wpas_data_test_rx() static 4d8d710 Fix byte order for CONFIG_VHT_OVERRIDES parameters 3787c91 OpenSSL: Pull in header files to check function prototypes 39cdd3a FST: Mark wpa_supplicant callback functions get_peer_{first,next} static 6013bbe TDLS: Declare tdls_testing as extern in a header file 0e672b8 trace: Define externs in a header file 6527b52 Undefine __bitwise before defining it for sparse 468b7b1 Fix hostapd_sta_add() call to use NULL as the pointer instead of 0 0558bec MBO: Mark verify_channel() static 9e080bf WNM: Use NULL instead of 0 as the pointer return value Change-Id: Ia18f0c09fafb7bf0a3a91cd72dc81c370c2644ac Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2016-06-27 13:48:39 -07:00
Dmitry Shmidt	d5ab1b53af	Cumulative patch from commit 3b208346ec56342fda736e62601df485ed002493 ... 3b20834 ctrl_iface: BSS command to skip info items if parsing fails a9c52e8 HS 2.0R2: No longer use HTTP_RAW_POST_DATA 04c18fa curl: Don't free memory for subjectAltName before calling callback 5a8e48f mesh: Use MESH_CAP_* macros for mesh capability d70a8ab mesh: Ignore crowded peer a151b0e mesh: Select pairwise and group cipher based on network profile 3b6deac mesh: Avoid use of hardcoded cipher f868d56 mesh: Clean up AMPE element encoding and parsing 4367eec mesh: Do not use RX MGTK as RX IGTK a4eec3c mesh: Use variable length MGTK for RX fccba2c mesh: Generate a separate TX IGTK if PMF is enabled 696f792 mesh: Support variable length TX MGTK b02f4d0 mesh: Add variable length MTK support 846201d mesh: Coding style cleanup for MTK derivation 0f76d82 mesh: Fix MTK derivation to use AKM suite selector f5ba692 mesh: Coding style cleanup for AEK derivation a59c5e9 mesh: Fix AEK derivation to use AKM suite selector 18aca1a mesh: Use ieee80211w profile parameter b8b499e mesh: Use WPA_NONCE_LEN macro bb4e19e hostapd: Skip hostapd ACL check for drivers supporting ACL offload 00ec535 WPS: Fix memory leak with wps_ie in wpa_bss_is_wps_candidate() d1296da Reserve QCA vendor specific nl80211 command 121 fae7b37 WPS: Do not expire probable BSSes for WPS connection 52a6c9c Add a QCA vendor command to configure AP parameters 31d3692 hostapd: Add comment about '-i' parameter in hostapd.conf 40f6282 hostapd: Accept interface names as a command line parameter cc27c8e hostapd: Fix early init failure path 976dfb3 FST: Make fst_global_deinit() more robust 7a69fad mesh: Sync max peer links with kernel f7cb6e9 Update PKCS#11 references in template wpa_supplicant.conf c3d7fb7 OpenSSL: Initialise PKCS#11 engine even if found with ENGINE_by_id() fdc1188 nl80211: Fix use-after-free in qca_nl80211_get_features() 8359472 hostapd Make GAS Address3 field selection behavior configurable 6996ff7 hostapd: Fix Public Action frame TX status processing for wildcard BSSID 78a3632 hostapd: Fix Public Action frame addressing (BSSID field) c86bef2 wpa_supplicant: Make GAS Address3 field selection behavior configurable a5a187b nl80211: Add TEST_FAIL() to command generation and set_mode ee854ff mesh: Remove extra newline from the end of an error message 331f077 mesh: Allow 160 MHz channel to be configured 92a515b nl80211: Update drv->assoc_freq on mesh join d2cc8bb mesh: Remove unreachable code cc9a257 nl80211: Use extended capabilities per interface type c6edea0 Sync with mac80211-next.git include/uapi/linux/nl80211.h 9a5160f Report connection timeouts in CTRL-EVENT-ASSOC-REJECT dad0129 mesh: Support simple SAE group negotiation case b4c738e mesh: Fix error path handling for RSN (MGTK init) f4b4ddf D-Bus: Remove unused wpas_dbus_signal_p2p_group_started() parameter 4fe50bb D-Bus: Indicate whether created group is persistent or not 62fc8e6 mesh: Fix MESH_INTERFACE_ADD error path cleanup 9c10be3 mesh: Fix error path handling in init OOM cases 7012e25 Remove dead code from wpas_sched_scan_plans_set() 8e909fa Improve reattach scan OOM failure handling f37d8a4 Indicate scan failure event on parameter cloning failure 9356823 wpaspy: Fix potentially referencing non existing attribute Change-Id: I656be560523c206195a5bf8649e73d8aa70bd8f9 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2016-06-22 15:41:55 -07:00
Dmitry Shmidt	e4663044d3	Cumulative patch from commit f89c32e63f71e66d7b55e284016762b603ae02db ... f89c32e Android: Fix max number of sched scan SSIDs based on driver capability f1a5a34 binder: Implement interface add/remove methods 7b4bbb9 binder: Add binder skeletal code for Android 5914ebf Remove struct ieee80211_mgmt::u.probe_req 094e949 atheros: Do not use struct ieee80211_mgmt::u.probe_req c01120a wpa_supplicant: Do not use struct ieee80211_mgmt::u.probe_req e1b9962 AP: Do not use struct ieee80211_mgmt::u.probe_req 5cd317d Do not clear PMKSA entry or EAP session cache if config does not change f933216 Revert "Assign QCA vendor command and attribute for Tx/Rx aggregation" bde9a4e Comment out UDP/UNIX socket code from common ctrl_iface based on build a6fbff2 Fix CONFIG_CTRL_IFACE=udp6/udp6-remote builds 0741c48 SAE: Check SHA256-PRF operation result ea86a34 SAE: Remove dead code in FFC pwd-value derivation 87faf1f nl80211: Fix libnl-tiny build with CONFIG_LIBNL20=y 31afdd2 Use TIOCOUTQ instead of SIOCOUTQ to avoid need for linux/sockios.h 6d07e76 wlantest: Use local ETH_P_IP define instead of linux/if_ether.h 795abc8 Drop USE_KERNEL_HEADERS define 9b7cd57 Use a separate header file for Linux bridge interface definitions c815fab Use own header file for defining Linux VLAN kernel interface 81606ab vlan: Fix musl libc conflict with Linux kernel headers f347429 P2P: Fix persistent group for 60 GHz networks e868599 vlan: Move if_nametoindex() use out of vlan_init.c 7c03c08 vlan: Move ifconfig helpers to a separate file 59d6390 vlan: Move CONFIG_FULL_DYNAMIC_VLAN functionality into a separate file 0fe28dd vlan: Remove unnecessary header includes from netlink implementation 84d6755 vlan: Clean up netlink vs. ioctl API implementation cb38bc8 vlan: Fix musl build error 954e10e Make it a bit easier to roam from 2.4 GHz to 5 GHz within ESS 585141b Fix a typo in a comment 1126c07 nl80211: Ignore deauth/disassoc event during Connect reassociation 6a5ee81 Include previous BSSID in connection request to indicate reassociation 00c3c4a nl80211: Add NL80211_ATTR_PREV_BSSID with Connect command cbc3d6f WNM: Verify BSS TM target match against the current network profile 8854f90 mesh: Simplify wpa_auth_pmksa_set_to_sm() 32d4fe9 privsep: Fix a compiler warning on unsigned/signed comparison 2e997ee Add interface matching support with -M, guarded by CONFIG_MATCH_IFACE 45e3fc7 Find correct driver for interface additions/removals 9037702 wpa_supplicant: Fix CONFIG_IBSS_RSN=y build without CONFIG_AP=y 5ae65de wpa_supplicant: Fix p2p_group_add when UDP-based ctrl_iface is used 24bce46 FST: Fix a compiler warning e567c58 Fix nfc_pw_token build with CONFIG_FST=y d774c46 mesh: Use appropriate BLOCKED state duration 9f2cf23 mesh: Add support for PMKSA caching 4c522c7 PMKSA: Flush AP/mesh PMKSA cache by PMKSA_FLUSH command b8daac1 PMKSA: Show AP/mesh PMKSA list in PMKSA command 2604edb mesh: Add MESH_PEER_ADD command e174ef3 mesh: Add MESH_PEER_REMOVE command f7648c8 P2P: Advertise IP Address Allocation only if it is enabled on GO 7f46ad9 BSD: Only down the interface once we are sure we can work with it 192964d Handle OSEN IE in Assoc Request info if req_ies exists 29eddc3 nl80211: Fix error path in if_indices_reason reallocation ee298f1 nl80211: Do not add NL80211_ATTR_SMPS_MODE attribute if HT is disabled 4ca16b5 Assign QCA vendor command and attribute for Tx/Rx aggregation 64ce590 libxml2: Check for xmlDocDumpFormatMemory() error case 8b827c3 BoringSSL: Keep static analyzers happier with X509_get0_pubkey_bitstr() 42a9553 hs20-osu-client: Fix pol_upd command line parsing ec1eae8 hs20-osu-client: Remove dead code from sub_rem command line parsing c3dc68e Do not invalidate EAP session cache on all network block parameter changes 9231c24 wlantest: Fix bip_protect() memory allocation c6c29be Interworking: Add credential realm to EAP-TLS identity Change-Id: I870f325171d00fed9c4fcd82a695fe5e2efee792 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2016-04-04 10:07:49 -07:00
Dmitry Shmidt	0e58d9be26	Cumulative patch from commit c24f8e8e75b46f0b191cca788b6f4c10bed81861 ... c24f8e8 GAS: Do not cancel initial offchannel wait with comeback delay 1 364282c GAS: Retry full GAS query if comeback response is not received a587666 GAS server: Replenish temporary STA entry timeout on comeback request 8fb718a GAS: Shorten the duration of the wait for GAS comeback response c012567 GAS: Clear offchannel_tx_started when ending remain-on-channel cb73008 EAP-TTLS/PEAP/FAST: Reject unsupported Phase 2 method in configuration 18704f6 EAP-TLS: Merge common error paths 4f5c86e EAP-PEAP peer: Fix a memory leak on an error path e7160bd Drop any pending EAPOL RX frame when starting a new connection cd5895e WPA: Explicitly clear the buffer used for decrypting Key Data 4b90fcd EAP-PEAP peer: Check SHA1 result when deriving Compond_MAC 6ca5838 EAP-PEAP server: Add support for fast-connect crypto binding 6560caf EAP-PEAP peer: Remove unused return value and error path 61f25f8 HS 2.0: Remove duplicate icon entries ca9968a HS 2.0: Convert icon storage to use dl_list 8dd5c1b HS 2.0: Add a command to retrieve icon with in-memory storage 0e92fb8 rfkill: Match only the correct expected wiphy rfkill 6da504a nl80211: Handle rfkill for P2P Device interface 96e8d83 wpa_supplicant: Add SIGNAL_MONITOR command 2c0d0ae GAS: End remain-on-channel due to delayed GAS comeback request dabdef9 TDLS: Ignore incoming TDLS Setup Response retries 0fc5707 hlr_auc_gw: Simplify string parsers with str_token() d67e63d hlr_auc_gw: Fix a typo in an error message 59e7120 hlr_auc_gw: Remove unnecessary assignment 685ea2f wpa_cli: Send ALL_STA command to the correct interface 0e6a2cf Disconnect before trying to switch to a different network 706e11a Avoid network selection from scan during connection 819ad5b utils: Fix NULL pointer dereference with unexpected kernel behavior 1b3dd69 P2P: Fix possible NULL pointer dereference f24e488 EAP-TTLS peer: Fix parsing auth= and autheap= phase2 params 47c1de2 atheros: Unify memory processing functions d06a350 mesh: Fix VHT Operation information in peering messages 8ba8c01 TLS: Report OCSP rejection cases when no valid response if found f163ed8 TLS: Process OCSP SingleResponse(s) 8e3271d TLS: Store DER encoded version of Subject DN for X.509 certificates 32ce690 TLS: Share digest OID checkers from X.509 b72a367 TLS: Support longer X.509 serialNumber values af4eba1 TLS: Parse and validate BasicOCSPResponse Change-Id: I0fadef8993a548d64a4280372bc105fefa11e62a Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-12-22 10:59:44 -08:00
Dmitry Shmidt	d7ff03d48f	Cumulative patch from commit bf3214b59321f67375df1ee85722b2beb74e1f7a ... bf3214b P2P: Fix re-invoked client interface completion on data connection 63502c6 P2P: Fix P2P_CANCEL for p2p_in_invitation case e007d53 EST: Comment out X509_REQ_print calls on Android with BoringSSL e6f4832 EST: Add CSR generation support with BoringSSL ed2566a EST: Implement pkcs7_to_cert() with BoringSSL 8d27efa HTTP (curl): OCSP with BoringSSL 213e158 BoringSSL: Move OCSP implementation into a separate file f846211 BoringSSL: Support new SHA_CTX definition for EAP-SIM PRF b34c623 OpenSSL: Fix build with current OpenSSL master branch snapshot 759a8a3 nl80211: Cancel all pending TX frame cookies 9ea91cd EAP-EKE peer: Fix memory leak on error path 328f49a P2P: Complete group formation on client data connection 0e559dc WPS: Support parallel UPnP WPS protocol runs bea48f7 Allow sched_scan_plans to be updated at runtime 32c0226 Add support for configuring scheduled scan plans 09ea430 nl80211: Add support for multiple scan plans for scheduled scan dd895e9 P2P: Make p2p_go_configured() more robust against unexpected calls 8811988 TLS client: Fix session_resumed status after TLS session ticket use 7fff91a Fix tls_connection_prf() regression with CONFIG_TLS=internal 1adf262 TLS: Add support for extKeyUsage X.509v3 extension 0755577 Add TEST_FAIL() support for internal hash functions 4104267 Fix memory leak on NFC DH generation error path c5864dc TLS client: Add certificate chain validation failure callbacks 896a97d TLS client: Add support for disabling TLS versions 0cbc22b TLS client: Use TLS_CONN_* flags 20804fe TLS: Add support for tls_get_version() f2a6ad0 TLS client: Add support for server certificate probing b115eeb TLS: Add TLS v1.2 signature algorithm support for SHA384 and SHA512 c0acec3 crypto: Add CRYPTO_HASH_ALG_SHA384 and CRYPTO_HASH_ALG_SHA512 0aed915 TLS client: Add signature_algorithms extension into ClientHello 9e8809a TLS client: Validate certificates with SHA384 and SHA512 hashes 6bb6a9c Add SHA384 and SHA512 implementations from LibTomCrypt library fdc1614 TLS client: Add support for validating server certificate hash 3665776 TLS client: Do not verify CA certificates when ca_cert is not specified 11c9ddb Add TEST_FAIL() condition to aes_128_cbc_encrypt/decrypt() ea52a46 EAP-SIM peer: Fix memory leak on reauth error path 1a33c94 EAP-SAKE: Fix a typo in attribute parser debug print 53401e9 Abort ongoing scans on FLUSH command e929eb3 wlantest: Add -N command line argument to remove write buffering 3c41749 hostapd: Add Transmit Power Envelope IE when VHT is enabled 2ea2166 Add control interface command for aborting an ongoing scan 4ead7cf Abort an ongoing scan before connect 4f30add nl80211: Add support for aborting an ongoing scan 5ef0b84 Sync with mac80211-next.git include/uapi/linux/nl80211.h 0530eb1 mesh: Clear wpa_s cipher selection on starting mesh 1d6955e nl80211: Fix SIGNAL_POLL in IBSS and mesh 0f29bc6 IBSS/mesh: Add support for VHT80P80 configuration c27f4c9 P2P: Add support for VHT 80+80 MHz and 160 MHz bee5d8e nl80211: Add VHT 160 MHz channel flags 5e1da9c P2P: Define operating classes for VHT 80+80 and 160 ea70811 FST: Improve parsing of Multiband IEs b47d05a FST: Make FST peer connection check more permissive in hostapd 39c3c9b Remove wpa_supplicant/tests 9b635d0 Remove link_test and test_wpa 9e68742 Fix CONFIG_NO_WPA=y build eb926f1 Comment out wpas_reenabled_network_time with CONFIG_NO_SCAN_PROCESSING f231b3d FST: Fix STA MB IEs creation ed7820b P2P: Add a testing option to force P2P GO CSA 6cbbae2 P2P: Set p2p_go_wait_client in invitation_result() cb 83702b6 Android: Give user the option for selecting browser for HS 2.0 OSU cadffac wpa_cli: Add an option to set created interface type 0f039e3 Add an option to create interface of a certain type with INTERFACE_ADD d8a3b66 driver: Make setting up AP optional when creating AP interface 36e8206 Check for LIBRESSL_VERSION_NUMBER in tls_openssl.c 2c51c0b P2P: Clear send action work without waiting on find/stop/listen 6bdc43c AP: Avoid 20/40 MHz co-ex scan if PRI/SEC switch is not allowed 757785d nl80211: Clear ignore_next_local_deauth flag cb2a926 nl80211: Clear ignore_next_local_deauth and ignore_deauth_event f32227e Add QCA vendor attribute and event to indicate subnet change status d38c7be Skip SELECT_NETWORK steps only if already connected or connecting 25eb7fc Fix EAPOL reauth after FT protocol or offloaded PMKSA cache use f68d491 FT auth: Fix EAPOL reauthentication after FT protocol run a65efbf Add VHT support for Mesh a73c984 Set WMM flag to Mesh STA by default 9a8d9f7 Assign QCA vendor command and attribute for Tx power reduction in dB 747ba10 nl80211: Do not return incomplete hw capability info 5e238cc WPS: Reconnect for a failed data connection when STA_AUTOCONNECT is 0 442cc8c dbus: Fix memory leak in sending InvitationReceived signal 0603bcb hostapd: Process MAC ACLs on a station association event (SME in driver) 89a11ad RSN: Remove check for proactive_key_caching while setting PMK offload d381963 Extend QCA roam event with subnet change indication Change-Id: I122220f59ef56e25ed2749a37370a40afafa177a Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-12-04 14:49:35 -08:00
Dmitry Shmidt	d80a401aed	Cumulative patch from commit f10ff62e4eda7917a8e28fe492fd98723a5e97c4 ... f10ff62 Describe preferred mechanism for submitting contributions fcdb359 Use "STATUS-NO_EVENTS" instead of "STATUS" in get_wpa_status function 73ed03f wpa_supplicant: Add GTK RSC relaxation workaround ea6030c Restore previous wpa_state in scan-only result handler 1e74ae4 WNM: Clear BSS TM data if already associated with preferred candidate d129b02 EAP-pwd: Add support for Brainpool Elliptic Curves a34eace dbus: Remove unused dict helper functions cdcb2d0 wpa_cli: Add support for vendor_elem_* commands 17b7032 EAP peer: Clear ignore flag in INITIALIZE state 1f1e619 Add test programs for checking libwpa_client linking 736b7cb wpa_supplicant/Makefile: Fix libwpa_client build 2e38079 TLS: Fix memory leak with multiple TLS server instances 7b0f550 eap_sim_db: Implement eap_sim_db_expire_pending() 45c3e72 Add frequency to operating class determination for 5 GHz 100..140 e50c50d dbus: Expose interface globals via D-Bus properties 1aa0fb7 dbus: Pass property description to getters/setters c93b7e1 RSN: Check result of EAPOL-Key frame send request 95be79f Allow -1 as value to disable frag_threshold bc50bb0 Extend the range of values for the RTS threshold 053693d hostapd: Add feature to start all interfaces at the same time in sync 9578413 Reserve QCA vendor specific nl80211 commands 110..114 5d4c508 Assign QCA commands and attributes for Tx power scaling and OTA testing 5d1d69a P2P: Filter control chars in group client device name similarly to peer f67d1a0 TDLS: Do not send error case of TPK M3 if TX fails 1248e58 wpa_supplicant: Reopen debug log file upon receipt of SIGHUP signal d8fd633 Do not write ERROR level log entries if debug file is not used 67deaa5 l2_packet: Add build option to disable Linux packet socket workaround fa46426 RSN: Do not try to connect if PMF disabled and AP requires it 8acbe7f WNM: Verify WNM Sleep Mode element length dacd789 WNM: Mark set TFS buffer const ... f24b979 OpenSSL: Merge error returns 84d6a17 TLS: Remove unused tls_capabilities() 7867227 ms_funcs: Merge similar return cases 3596361 hw_features: Merge similar return case in check_40mhz_2g4() aac1efe Reject the initial 4-way handshake if initial GTK setup fails 2da5256 Add backtrace-based error path testing mechanism 55413ce P2P: Do not allow 40 MHz co-ex PRI/SEC switch to force MCC Next patches were skipped due to explicit cherry-pick: bddc51e RSN: Stop connection attempt on apparent PMK mismatch 3fdaaa8 Throttle control interface event message bursts a530fe7 Add wpa_supplicant EVENT_TEST control interface command ee1e3f5 hostapd: Global control interface notifications 2e95cfc Add debug prints for wpa_supplicant ctrl_iface socket send operations ce7d0eb Update AP WPA/RSN IE on all associations if driver can select BSS 844dfeb QCA vendor command support to set band to driver Change-Id: I909996c5afcd3b5d123ea1e23c0e1212021f7625 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-11-06 11:07:16 -08:00
Dmitry Shmidt	9d9e60286e	Cumulative security patch from commit ca68a8b561c48393c8ba25055ce294caaa3ac008 ... ca68a8b WPS: Explicitly reject Public Key attribute with unexpected length 6b94f71 WPS: Truncate variable length string attributes to maximum length f4b64c6 Simplify VHT Operation element parsing d6fefd6 Simplify HT Operation element parsing 40baac0 Simplify VHT Capabilities element parsing baae4cb Simplify HT Capabilities element parsing b39a059 Simplify Timeout Interval element parsing e8997b9 Simplify ERP element parsing f87c99c Simplify DSSS Parameter Set element parsing ae7a42b FT: Check FT, MD, and Timeout Interval length in the parser c9bf7b6 Fix a memory leak on mesh_attr_text() error path 2531036 FT: Fix WMM TSPEC validation in driver-based AP MLME case 632931c P2P: Use WPS_SEC_DEV_TYPE_MAX_LEN in P2P array definition 0f5acfb Use common is_ctrl_char() helper function 5a041ac WPS: Ignore too long SSID attribute d6c3067 Replace SSID_LEN with SSID_MAX_LEN eaa8eef Replace MAX_SSID_LEN with SSID_MAX_LEN 81847c2 Replace HOSTAPD_MAX_SSID_LEN with SSID_MAX_LEN 6fb761c Replace WPA_MAX_SSID_LEN with SSID_MAX_LEN d9d1b95 Use SSID_MAX_LEN define instead of value 32 when comparing SSID length 65b1025 WPS: Ignore too long Device Name attribute cc6f243 Add WPS_DEV_NAME_MAX_LEN define and use it when comparing length dd3d857 P2PS: Check for maximum SSID length in Persistent Group Info 05e46a9 Ignore too long SSID element value in parser 90758f0 Mark QCA vendor command id 53 reserved, but not used anymore f41ded6 Remove unused leftover from multi-SSID design cb71a83 OpenSSL: Clean up TLS PRF implementation 7f90a23 Add QCA vendor subcmd for OCB 897418a eap_example: Fix configuration by added DH parameters Change-Id: If688231edfce41163ef0c1f0ad75291a9bdfbe81 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-04-23 10:40:14 -07:00
Dmitry Shmidt	4dd28dc258	Cumulative patch from commit 00033a0903f69b2f0e0c048840bff059f5a3eab9 ... 00033a0 OpenSSL: Always accept pinned certificates b2329e4 Add QCA vendor subcmd for Data Offload 1d246a1 Make rate-not-supported debug print more useful 761396e Reject Group Key message 1/2 prior to completion of 4-way handshake 3f0e6ec nl80211: Extend NL80211_CMD_TDLS_OPER to support discovery c10ca2a TDLS: Allow driver to request TDLS Discovery Request initiation 41312fc mesh: Leave mesh in driver setup if initialization fails ac8e074 Clear RSN timers for preauth and PTK rekeying on disassociation f2f65dd Reserve QCA vendor specific nl80211 commands 61..90 088a210 HS 2.0: Add NULL check before dereferencing in hs20-osu-client bea8d9a nl80211: Use the new bridge port option proxyarp_wifi Change-Id: I1ef819ab4efa554f059787e02570f48be39819a6 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-03-10 11:23:54 -07:00
Dmitry Shmidt	203eadb9ed	Cumulative patch from commit 6e9023ea499ea9a89b0e858c85e32b455d57264c ... 6e9023e DFS: Allow wpa_supplicant AP mode to use non-offloaded DFS 02e42ab nl80211: Add vendor event parsing for DFS offload events bd0f68c DFS: wpa_supplicant event processing d7f1aa8 DFS offload: P2P changes for autonomous GO 1e2aaff DFS offload: Indicate AP-CSA-FINISHED for DFS offloaded case c13578c DFS offload: Add main DFS handler for offloaded case 5de81d7 DFS offload: Skip user space processing for CAC operations 192ad3d Interworking: Clear SCANNING state if no match found 95d7b86 P2P: Consider 5 GHz channels also for auto GO a51c40a P2P: Fix regression in start-GO/AP through a "fake" scan dd5c155 eap_proxy: Callback to notify any updates from eap_proxy 9a05d98 atheros: Add a new flag for OSEN support 9feadba Remove unnecessary NULL check to make function more consistent 1772d34 P2P: Fix interface deinit for failed group interface initialization 3f9ebc4 P2P: Allow AP/GO interface to be started while P2P-in-progress b4a9292 RADIUS client: Fix server failover on return-to-primary on error case 9836cb5 Add option to force a specific RADIUS client address to be used 1a7ed38 RADIUS client: Fix a copy-paste error in accounting server failover de7c06e P2P: Continue find in GO-Neg-Resp-fail status corner cases c280590 Do not add blacklist entries based on normal disconnect request cases bdf0518 P2P: Direct P2P_CONNECT command to proper interface 44b9ea5 P2P: Do not allow scan or normal association on cfg80211 P2P Device 9542f21 Clean up p2p_find command parsing and execution fa9f381 P2P: Allow a specific channel to be specified in P2P_FIND eb78a8d P2P: Restore P2P_SCAN_SPECIFIC d988ff7 hostapd: Disable VHT caps for STAs when no valid VHT MCS found 70fd828 RADIUS client: Fix previous failover change c3dabf5 Fix merge issue with IBSS VHT support 8b2b718 Fix minor issue in HT40 max rate determination 347c55e RADIUS client: Re-try connection if socket is closed on retransmit 94b39e5 RADIUS client: Fix server connection recovery after initial failure bbee36e Allow RADIUS server address to be replaced efb4008 TLS: Remove placeholders for SIGN_ALG_DSA support Change-Id: I8e5d0dfd5fddb6de2f8d8211b708c3bb6674098b Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-03-10 11:04:48 -07:00
Dmitry Shmidt	2f74e36e84	Cumulative patch from commit fb09ed338919db09f3990196171fa73b37e7a17f (DO NOT MERGE) ... fb09ed3 Interworking: Notify the ANQP parsing status d10b01d HS20: Provide appropriate permission to the OSU related files 73f1ee0 HS20: Fix TrustRoot path for PolicyUpdate node in PPS MO 54a0ac0 HS20: Return result of cmd_sub_rem in hs20-osu-client b62b0cb WNM: Fix possible memory leak by free buf 9bd0273 EAP: Fix possible memory leak in eap_ttls_process_decrypted() b760e64 eap_server: Avoid NULL pointer dereference in eap_fast_encrypt_phase2() 948d3a8 hostapd: Remove unused variable from hostapd_get_hw_features dd09e42 Fix memory leak in wpa_supplicant global bgscan configuration 30f459c wpa_cli: Fix NULL dereference on printf string argument 414f23d Avoid NULL string in printf on EAP method names in authenticator b72b2ad P2P: Stop p2p_listen/find on wpas_p2p_invite 7b7b444 nl80211: Fix reading of the extended capabilities mask 7e608d1 P2P: Use the correct wpa_s interface to handle P2P state flush fd83335 AP: Enable HT Tx STBC for AP/GO if supported by driver d90bfa9 Move external_scan_running to wpa_radio 0c5f01f Clear reattach flag in fast associate flow 8ad8bc5 NFC: Redirect NFC commands on global control interface 57ae1f5 P2P: Fix P2P invitation with NFC 07565ab WNM: Fix the length of WNM_BSS_QUERY control interface command 2d9c99e Retry scan-for-connect if driver trigger fails 911942e Add a test framework for various wpa_supplicant failure cases 6b46bfa WPS: Re-fix an interoperability issue with mixed mode and AP Settings 1648cc6 ACS: Allow subset of channels to be configured 95ff306 nl80211: Allow HT/VHT to be disabled for IBSS 7451a21 mesh: Return negative value on join failed 5a2a6de mesh: Make inactivity timer configurable b9749ba AP: Expire STA without entry in kernel a114c72 AP: Remove redundant condition for STA expiration 0d787f0 Fix RADIUS client with out-of-memory and missing shared secret 0efcad2 Print in debug log whether attached monitor is for global interface 8266e6c HS 2.0: Try to use same BSS entry for storing GAS results 6c69991 Make wpa_supplicant FLUSH command more likely to clear all BSS entries 2dbe63a Write reason for scan only_new_results into debug log 242b83a eapol_test: Fix cert_cb() function arguments a8826b1 Interworking: Avoid busy loop in scan result mismatch corner cases edd5939 Interworking: Start ANQP fetch from eloop callback cbc210d RADIUS DAS: Allow PMKSA cache entry to be removed without association 4e871ed RADIUS DAS: Support Acct-Multi-Session-Id as a session identifier b52c0d4 Add authMultiSessionId into hostapd STA info 861beb7 RADIUS DAS: Check for single session match for Disconnect-Request 783b2a9 Interworking: Fix INTERWORKING_CONNECT with zero-length SSID BSS entry 1fef85c nl80211: Fix AP-scan-in-STA-mode error path behavior cebee30 Add domain_match network profile parameter d07d3fb Add peer certificate alt subject name information to EAP events 98a4cd4 D-Bus: Clear cached EAP data on network profile changes 483dd6a Include peer certificate always in EAP events dd5f902 Get rid of a compiler warning d29fa3a Extend VENDOR_ELEM parameters to cover non-P2P Association Request e7d0e97 hostapd: Add vendor specific VHT extension for the 2.4 GHz band Change-Id: I45436c49986cd6bddbd869db3f474871a29ce1dc Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-01-21 13:26:50 -08:00
Dmitry Shmidt	ff787d557d	Cumulative patch from commit 3e7f1c7980c6e9fc7173f78aa72b2761fcd8924d (DO NOT MERGE) ... 3e7f1c7 GnuTLS: Add TLS event callbacks for chain success/failure and peer cert 0eb2ed0 GnuTLS: Add support for OCSP stapling as a client cf08e9b Add MESH to modes capabilities db5adfe Add SAE to auth_alg capabilities 0e1bb94 GnuTLS: Verify that server certificate EKU is valid for a server d4d1f5c GnuTLS: Fix tls_disable_time_checks=1 processing 594d1fc GnuTLS: Add support for private_key and client_cert as blobs 79b1dd9 GnuTLS: Fix DER encoding certificate parsing a165145 Add "GET tls_library" to provide information on TLS library and version c3bb84b GnuTLS: Add event callbacks 8ddcd6b GnuTLS: Add support for domain_suffix_match 4bc13bf GnuTLS: Check for any unknown verification failure e0d431a GnuTLS: Add more debug prints for version and session status 65ec7f4 GnuTLS: Move peer certificate validation into callback function 7c82457 GnuTLS: Remove support for versions older than 2.12.x e1d63f6 GnuTLS: Remove old version number checks for 1.3.2 ae0a23a GnuTLS: Remove GNUTLS_INTERNAL_STRUCTURE_HACK db4cf40 GnuTLS: Add support for ca_cert as a blob 224104d TLS: Reject openssl_ciphers parameter in non-OpenSSL cases b09baf3 Work around Windows build issues 6dbbef9 Define host_to_le32() for Windows builds 7d28e46 Fix os_win32 build 0b40247 Remove Network Security Service (NSS) support d166947 schannel: Reject subject_match, altsubject_match, suffix_match 59051f8 TLS: Reject subject_match, altsubject_match, suffix_match f8717ac GnuTLS: Reject subject_match, altsubject_match, suffix_match e24aef1 Fix a typo in domain_suffix_match documentation 394b547 Improve subject_match and domain_suffix_match documentation 8a42a07 trace: Fix out-of-memory testing logic 79cd993 Add address masks to BSSID lists b83e455 Add network specific BSSID black and white lists b3d6a0a Add generic parser for MAC address lists 21c74e8 nl80211: Use a helper function to put mesh_id 85e1fad nl80211: Use a helper function for putting beacon interval 6dfc557 Remove mesh_ht_mode network block parameter 54fe48b mesh: Use the shared function with IBSS to determine channel parameters f7e889f mesh: Convert channel configuration to use common routines 6334330 mesh: Use a separate variable to track whether HT is enabled 1fc4ab2 nl80211: Move debug prints into nl80211_put_freq_params() cae87ab nl80211: Add a helper function for putting basic rates 6b8b077 ibss/mesh: Enable HT40 if supported a828f62 Make check_40mhz_2g4 common fdd989d Make check_20mhz_bss common 0e550fe Make check_40mhz_5g common 6d5d098 Make get_pri_sec_chan() common 5144274 Introduce common allowed_ht40_channel_pair() 5f10b7f Use common hw_get_freq/hw_get_chan helpers in hostapd 269dfe2 Introduce common hw features 1830817 IBSS: Add WPA_DRIVER_FLAGS_HT_IBSS f3b8ad4 SAE: Implement retransmission timer a206e2a SAE: Centralize function for sending initial COMMIT 28c91ee bsd: Fix parsing of ieee80211req_scan_result on FreeBSD and DragonFly 96d1d97 Android: Remove hardcoded ICU include paths from hs20-osu-client a354bcc D-Bus: Use NoMemory error message from CreateInterface 635874b Handle interface disabled/enabled more consistently 8f2cf37 P2P: Indicate reason=UNAVAILABLE for group netdev going down 86a7fbb Verify that eloop_register_read_sock() succeeds for ctrl_iface setup 27d9701 Fix a memory leak on WPA authenticator error path c1c07dc Fix hostapd interface addition error path a156ffd Add support for testing memory allocation failures 52b3943 D-Bus: Fix interface unregistration on error path 96dc9a6 D-Bus (old): Fix interface unregistration on error path ef03557 Fix memory leak on wpa_supplicant_init_wpa() error path 52a8058 TDLS: Fix an interface addition error path f2d5728 D-Bus: Fix string array dict entry parser in out-of-memory case c61bc23 D-Bus: Fix byte array dict entry parser in out-of-memory case dacf605 D-Bus: Fix Introspect() in case of os_strdup() failure 68a8669 D-Bus (old): Fix wpsReg error message f0614bc D-Bus (old): Fix message handler error paths a2af1c7 D-Bus (old): Fix memory leak on error path 3d2e2d5 trace: Fix compiler warning on 32-bit builds with bfd support b9f6560 eloop: Fix WPA_TRACE tracking in case of realloc failure e10422c Fix memory leak on hostapd BSS addition error path 2801659 Fix hostapd initialization error path on allocation failure d58ade2 nl80211: Fix compilation with libnl 1.1 and 2.0 51f3427 crypto: Clear temporary stack buffers after use 77a2c39 crypto: Clear temporary heap allocations before freeing a15a7fc DH: Clear memory explicitly on private key deinit 77c45e2 Add wpabuf_clear_free() to allow clearing of freed memory a90c7d9 OpenSSL: Fix pbkdf2_sha1() wrapper f6ebbcf AES-SIV: Make aes_s2v() static dcf8fbc nl80211: Simplify event processing error paths 38751d8 nl80211: Remove cfg80211 state mismatch workaround for authentication 64ae244 nl80211: Check support for rekey offload on first use Change-Id: Ice94c3cf8e39a6d2cac993aacd0f6d45b31c7c15 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-01-15 12:54:35 -08:00
Dmitry Shmidt	6c0da2bb83	Cumulative patch from commit 8b48e3200680f71ae083b84793e6bdc2099416d2 [DO NOT MERGE] ... 8b48e32 wpa_cli: Add MAC address randomization in scan fb37588 ctrl_iface: Add MAC address randomization in scan processing 56c76fa scan: Add MAC address randomization in scan handling 86056fe nl80211: Handle MAC address randomization in scan/sched_scan ff23ed2 driver: Add definitions for MAC address randomization in scan 7db53bb wpa_cli: Implement TDLS start/cancel channel switching commands 72b2605 nl80211: Pass TDLS channel-switch start/stop params to kernel 6b90dea TDLS: Propagate enable/disable channel-switch commands to driver d9d3b78 TDLS: Track TDLS channel switch prohibition in BSS 4daa572 TDLS: Add channel-switch capability flag ca16586 Sync with wireless-testing.git include/uapi/linux/nl80211.h 8c42b36 WMM AC: Reconfigure tspecs on reassociation to the same BSS 677e7a9 WMM AC: Do not fail on unknown IEs in Association Response fecc2bb WMM AC: Delete tspecs on roaming 20fe745 WMM AC: Print user-priority in wmm_ac_status 730a0d1 nl80211: Always register management frames handler ... 209702d Add possibility to set the setband parameter ee82e33 Do not trigger the scan during initialization on Android platforms e69ae5f Reject new SCAN commands if there is a pending request ... 59d7148 nl80211: Provide subtype and reason code for AP SME drivers 9d4ff04 Add external EAPOL transmission option for testing purposes 61fc904 P2P: Handle improper WPS termination on GO during group formation 58b40fd P2P: Clear p2p_go_group_formation_completed on GO start c155305 Complete sme-connect radio work when clearing connection state debb2da P2P: Report group removal reason PSK_FAILURE in timeout case 51465a0 The master branch is now used for v2.4 development Change-Id: I9b9cfa5c5cd4d26b2f3f5595f7c226ac60de6258	2015-01-13 12:08:30 -08:00