18 Commits

Author	SHA1	Message	Date
Sunil Ravi	77d572f143	[wpa_supplicant] Cumulative patch from commit 257b119c2 ... Bug: 265294868 Test: Verify Passpoint ANQP functionality and Passpoint association Test: Connect to Passpoint, Open, WPA2, WPA3 networks and run traffic Test: Regression test b/218404053 (Bug: TBD) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open sourcie 257b119c2 QCA vendor attribute of update roaming cached statistics info 18436f393 Enhance QCA vendor interface for Concurrent AP Policy for XR 58fba11e1 Enhance QCA vendor interface with new hang reason codes 0f3f9cdca dpp-nfc: Try to request with alternative URL in additional cases 8b36248cd Add QCA vendor command to get the monitor mode status 0dd8bcef8 QCA vendor attributes for MLO and EHT capabilities e5602989c QCA vendor attributes to configure EHT capabilities d9d5e55c5 DPP: Respond to GAS on the same channel it was received on 651c9e957 Add new status code strings 3a2d27552 Make MFPR value from an associated STA available as hostapdMFPR 546debd5e Force MFPR=1 to be used on the 6 GHz band f9c6ab834 P2P: Support preferred GO band based optimization for scanning 093bedc05 P2P: Allow persistent group join retry limit to be configured via D-Bus 8717110db Do not flush PMKSA cache on restoring dedicated per-ESS MAC address 1d4027fdb Make random MAC address style parameters use common enum values 681856c35 Check both sec and usec values to see if MAC address was changed bdbb6e003 wpa_supplicant: Handle MAC address randomization changes for same ESS 4bd1efe07 dbus: Do not bring down primary interface when removing created AP interface f4096e7cd EHT: Update EHT Operation element to P802.11be/D2.3 in AP settings e869fdfee wpa_supplicant: Use MLD address in SAE authentication 8c0f83ae8 SME: Accept Authentication frame from an MLD AP 23039f5e4 SME: Add support for handling association with MLD 8f89661df SME: Add support for handling authentication with MLD 694a1c687 SAE: Make sme_sae_auth() return IE offset 870edfd67 WPA3: Update transition disable bitmap based on port authorized event 8fdf3c447 Sync with wireless-next.git include/uapi/linux/nl80211.h f9804e306 nl80211: Enforce unique address for AP iftype 87bad8afa dbus: Pass in MAC address in CreateInterface method b0722cf75 dbus: Fix a memory leak on error path in CreateInterface method a7f6b8518 crypto: Check if crypto_bignum_to_bin() is successful 2749a2c6b nl80211: Actually get and store TX retries 998aeca3c crypto: Clear secrets from stack in hmac_sha256_vector() 909864ab1 HS 2.0: Restore ifdef for DEFINE_STACK_OF in est.c af0ab435a PASN: Use the assigned status code from IEEE P802.11az/D7.0 3d798ff2a PASN: Align RSNXE with IEEE P802.11az/D7.0 definitions ab2cb379d Define all assigned BSS membership selector values ed0a7b480 wpa_supplicant: Implement HE membership selector check 054fcfab6 hostapd: Add require_he configuration c46351d10 DFS: Clear cac_started when AP is disabled 3df42cf3c EHT: Use HE operating channel width in MCS length calculation 23e31eb68 SAE: Support cross AKM roaming between SAE AKMs in external auth case a17026707 PASN: Avoid clearing secure context for the PASN deauthentication event 75a9c4bd4 Add new attributes in SCS rule config QCA vendor subcommand 7d8b96dcf wpa_supplicant: Apply same restrictions for MLD as for 6 GHz BSS 7216f79b9 nl80211: Support get_sta_mlo_info for SME-in-wpa_supplicant drivers 06eb608d5 nl80211: Handle scan results with MLD connection 033a57d26 nl80211: Get MLO support capability 32b745448 wpa_supplicant: Make valid_links u16 a2c4c0b1b nl80211: Support MLD association request a134b4dc5 nl80211: Add support for MLD authentication e3e68668c ctrl_iface: Report RNR and ML in BSS command 5f17763ad common: Combine definitions for Multi-Link and per STA profile control 7a7ce9574 dbus: Emit more information over D-Bus ad4fa5dd3 Add more nl80211 info to struct wpa_signal_info 090f0f8c7 mbssid: Indicate MBSSID information in RNR a1c4adda1 mbssid: Add nl80211 support 54b1352ef mbssid: Make the AID space shared 10749c3c4 mbssid: Process Known BSSID element 15690faad mbssid: Add MBSSID Configuration element fc2e4bac5 mbssid: Set extended capabilities a004bf2cd mbssid: Configure parameters and element data c5a09b051 mbssid: Add Non-Inheritance element 920b56322 mbssid: Functions for building Multiple BSSID elements 931e5d4f9 mbssid: Configure all BSSes before beacon setup 78d0b9899 mbssid: Retrieve driver capabilities 7452e5447 mbssid: Add new configuration option bb67d5b52 AP: Add testing option to delay EAPOL Tx 1897abad9 dbus: Add D-Bus property for current MAC address 1a800a940 EAP-TEAP server: Allow tunneled EAP method sequence to be optimized f791b5bbc EAP-TEAP peer: Process Crypto-Binding TLV before EAP Payload TLV 5a9bd8a06 EAP-TEAP: Use EAP-FAST-MSCHAPv2 in the tunnel 364b6500b EAP-FAST: Move EAP-MSCHAPv2 special MSK handling into MSCHAPv2 81dedfbd7 nl80211: Increase the scan frequencies buffer 9a2781f24 wpa_supplicant: Support throughput estimation for EHT rates 755aaeb97 wpa_supplicant: Add missing memory allocation checks 69725c4cf OpenSSL: Fix BN_rshift() argument order e9b4ad236 OpenSSL: Apply connection flags before reading certificates bbd5a4689 SAE: Add an enum for defining sae_pwe parameter values 3a0edb2cd SAE: Enable H2E for 6 GHz BSS 20bfd4feb AP: Enable H2E on 6 GHz when SAE is used b43e19f3f WPS: Cross band overlap detection with multiple interfaces e2d88f86e DPP: Expose own and peer bootstrap info ids on authentication success 043dedee8 DPP: Expose enrollee pubkey hash for identification 2d8974e31 DPP: Move DPP_EVENT_AUTH_SUCCESS to a helper d8d2b3a33 Implement read-only mode for SSIDs from the additional config (-I) 4cb23b66d ACS: Allow selecting a better channel when using 40/80/160 MHz 472101684 ACS: introduce acs_adjust_secondary 60e2934cb ACS: Introduce acs_get_bw_center_chan() ed8e13dec ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan() 9025def55 wpa_supplicant: Add support for pregenerated MAC 5da3e1ca4 mesh: Do not allow open mode key in 6 GHz 50a9b7d3d P2P: Include only 6 GHz PSCs in full scan 0d6cd88ee DPP: Use existing TCP connection to replay duplicate Presence Announcement 6af717f73 DPP: Don't close TCP connection for duplicate Presence Announcements 46e6b72b7 Add a callback to notify added PMKSA cache entry details af1528a12 hostapd: Add RELOAD_BSS bc2b88b25 hostapd: Add config_id to GET_CONFIG output b37c3fbad hostapd: Add config_id parameter 46f6a3277 Split BSS-specific hostapd_clear_old_bss() from hostapd_clear_old() 2afb9b1a5 dbus: Add dbus notify when wpa_s->key_mgmt changes 98e9d553f nl80211: Check previous MAC address for locally-generated-deauth 87ffa1bec wpa_supplicant: Convert SSID into printable form before printing 416386060 Mark authorization completed on driver indication during 4-way HS offload da2ec9459 D-Bus: Split set_cred_properties() into two functions f5ce680ee D-Bus: Hotspot 2.0 credentials with multiple domains 2f739c71c ctrl: Fix compilation with UDP control interface 6d4548187 RSN: Split EAPOL-Key msg 3/4 processing for WPA(v1) 5b7957b7e RSN: Split EAPOL-Key msg 1/4 processing for WPA(v1) e5dfce38f RSN: Split EAPOL-Key group msg 1/2 processing more completely for WPA(v1) 5ab43c738 RSN: Split WPA(v1) processing of EAPOL-Key frames into a separate function f7fd891c7 Fix a typo in driver ops poll() documentation 3268ec0ac HS20: Use required_home_ois in hs20-osu-client 58eb905ad HS20: Support credentials with multiple home OIs 0143dc1cb OpenSSL: Load OpenSSL 3.0 legacy provider but let default be loaded fef4c6cb0 OpenSSL: Don't provide implementation of DES/RC4 for FIPS builds 1d42dafce RSN: Do not include RC4 use in FIPS builds df5ae2aad Add more detailed description of RADIUS attributes in EAP user file 0ba266d86 dbus: Add virtual interface create/remove logic to be inline with ctrl_iface 5102d7411 wpa_passphrase: Disable terminal echo when reading from stdin 86ab28217 PASN: Fix passing own address and peer address to pasn_deauthenticate() a9062432e wpa_cli: Fix PASN control interface commands b6d3fd05e FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP) ef70f814a Add a new QCA vendor attribute to configure wifi calling (wfc) state 05ec48568 WPS: Pick WPS AP based on latest received WPS IE ca4fa867d Enable PMF automatically if OCV is enabled c823197bd SAE: Use Challenge Failure status code in confirm message failure cases 65c8633d9 Allow a lower priority BSS to be tried after network disabling e91ac53d5 DFS: Do not allow channel checks to go beyond the channel list f96dfdeef PASN: Fix missing libraries for libpasn.so on Android 91d148f50 PASN: Fix is_pasn_auth_frame() for mgmt tx status frames b6c38cee9 Skip CAC if the driver switches channel to non-DFS 080afc03d Add hostapd control interface command to stop logging to file 0fd13c90e Add QCA vendor interface for AP doze mode configuration 4e1f55a11 Roam control configuration for 6 GHz in full scan only on prior discovery 34d93b0c9 HS 2.0: Deauthenticate STA on deauth-imminent more quickly if no URL 2e40f969b nl80211: Fix wrong requested links bitmap in sta_mlo_info.req_links b6e226496 MLD STA: Fix IGTK and BIGTK MLO KDEs validation 2050130be Add a vendor attribute for roam control configuration for full scan 12f16c27b TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation 802b67bce Update tls_connection_set_verify() documentation to verify_peer=2 0202b9774 DPP: Fix memory leak of intro.peer_key in station handling f723f7f8a P2P: Check dev pointer consistently when building PD Response 30403e965 WPS: Check NDEF record length fields separately cd0e8653a TDLS: Use stored FTE length in MIC calculation 7e85e24f3 TDLS: Use stored peer RSNE length in MIC calculation 40a42613e FT: Simplify FTE parsing for FT-SAE-EXT-KEY using MIC Length subfield 5ea7a2f54 DPP: Drop PMKSA entry if AP reject association due to invalid PMKID 4840b45a2 Fix empty pmksa_cache_get() 3abd0c471 SAE: Print rejection of peer element clearly in debug log 9ff778fa4 Check for own address (SPA) match when finding PMKSA entries 9f04a9c8d Store own MAC address (SPA) in supplicant PMKSA cache entries 309765eb6 PASN: Use separate variables for BSSID and peer address 42f0c44d8 PASN: Use peer address instead of BSSID as the destination for initiator 15583802b nl80211: Allow up to 64-byte PMK in NL80211_CMD_SET_PMKSA bbe5f0c1e FT: Do not try to use FT protocol between mobility domains b92f61885 Don't use default RSNE/RSNXE when the driver indicates cross SSID roaming d7febe33f MLO: Remove unnecessary debug prints about clearing AP RSNE/RSNXE 16d913bfd Define AFC vendor commands and events 46f5cf928 OpenSSL: Fix additional HPKE corner cases bdc35acd5 SAE: Allow loading of the password from an external database 48dd8994a Fix external passwords with 4-way handshake offloading e5a7c852c systemd: Use interface name in description of interface-specific units a0628f8a5 OpenSSL: Remove unused assignment from HPKE expand 3e1a04afa nl80211: Check that attribute addition succeeds in offloaded PASN case 0658a22ef GAS: Try to make buffer length determination easier for static analyzers 271ce71c7 FT: Fix PMK-R0 derivation for FT-SAE-EXT-KEY with SHA512 2f61d703a MLD STA: Group key handshake processing for GTK/IGTK/BIGTK rekeying f0760aa6d MLD STA: Use AP MLD address as destination for 4-way handshake EAPOL-Key frames 8f2e493be MLD STA: Validation of MLO KDEs for 4-way handshake EAPOL-Key frames f15cc834c MLD STA: Processing of EAPOL-Key msg 3/4 frame when using MLO 08512e5f3 MLD STA: Extend key configuration functions to support Link ID a4adb2f3e MLD STA: Configure TK to the driver using AP MLD address fa5cad61a MLD STA: Use AP MLD address in PMKSA entry 052bf8a51 MLD STA: Use AP MLD address to derive pairwise keys e78437256 MLD STA: Add MLO KDEs for EAPOL-Key msg 2/4 and 4/4 472a0b8d6 MLD STA: Set MLO connection info to wpa_sm cc2236299 nl80211: Get all requested MLO links information from (re)association events 1ca5c2ec2 PASN: Fix spelling of RSNE in debug messages a43536a72 PASN: Verify explicitly that elements are present before parsing 7e3852407 PASN: Fix MIC check not to modify const data 8481c7509 PASN: Fix Authentication frame checks f899d7f37 dbus: Apply PMK properties immediately c6f8af507 Add option to disable SAE key_mgmt without PMF 7ad757ec0 Document crypto_ec_key_get_subject_public_key() to use compressed format 6527a7656 DPP: Stop listen mode for chirp-initiated Authentication exchange 2e7339442 P2P: Discount current operating frequency when scanning new connection 00a762c26 Do not drop connection attempt when reconnecting to the same ESS 368de263b P2P: Skip Extended Listen timeout to allow scans during group formation cff55f348 P2P: Clone sae_pwe config to new group interface config ae517789f P2P: Allow PSC channel to be used for 6 GHz BW40 9c830d917 P2P: Track peer 6 GHz capability more robustly 1ca403a8b Add QCA vendor subcommand to notify about primary netdev 70d89f90e A vendor roam control configuration for delaying hand off for RX fff81a468 PASN: Change pasn_use_384() to be a non-static function ea241cbe9 PASN: Rename struct wpas_pasn to pasn_data 6be84343a PASN: Add pairing verification wrapper function for Wi-Fi Aware 325236948 PASN: Mark wpas_pasn_start() comeback argument const b1ed44b6a PASN: Allow extra elements to be added into PASN Authentication frames 08abcdf4e PASN: Makefile and Android.mk changes for libpasn.so 78c5bb7f5 PASN: Move responder functionality into a separate file c7edfce79 PASN: Move initiator changes into a separate file 975b7a02c Move SAE comeback token functionality into a separate file 1711fe912 PASN: Compute MIC from RSNE and RSNXE of the frame for Wi-Fi Aware 6f80014b1 PASN: Allow custom PMKID in Authentication frames for Wi-Fi Aware e99047da2 PASN: Add a handler func to send mgmt frames to the driver from AP 4022ffc5d PASN: Store AKMP in the PTKSA cache c55eadede PASN: Remove hapd dependency in processing PASN Authentication frames 6dc833bc5 PASN: Remove hapd dependency for PASN and SAE comeback 1861f5716 PASN: Remove hapd dependency for pasn_derive_keys() 1fa266e99 PASN: Remove hapd dependency for SAE and FILS wrapped data bc9fbe1b2 PASN: Common wpas_pasn structure for initiator and responder 14b5ebce7 PASN: Add a common header file for initiator and responder af5eec3b3 PASN: Function handler to transmit Authentication frames 629bbc91b PASN: Remove dependency of wpa_ssid for initiator e7f45ca11 PASN: Remove wpa_s dependency for wpas_pasn_start() 0be131265 PASN: Remove wpa_s dependency for wpas_pasn_build_auth_1() 086ccdc59 PASN: Remove wpa_s dependency for the functions processing RX frames e2e87b90b PASN: Remove wpa_s dependency for wpas_pasn_auth_tx_status() de4b73a36 PASN: Remove wpa_s dependency for FILS wrapped data 90bb73c51 PASN: Remove wpa_sm dependency to add an entry to PMKSA cache 5313e5a79 PASN: Remove unused wpa_s parameter for wpas_pasn_sae_setup_pt() f636cbd04 PASN: Remove wpa_s dependency for SAE wrapped data functions 5535fbcfa PASN: Add wpa_pasn_reset() to eliminate need for struct wpa_supplicant 10e455c44 Enable use of PMKSA caching independent of RSN supplicant state machine 1d0ee1908 Fix the vendor ID assignment for configuring periodic sounding b17b86da4 QCA vendor attribute to configure periodic sounding 6f3efa21c MLD STA: Fix crash caused by NULL wpa_s->current_ssid ef5a9a009 nl80211: Fix parsing PASN peer and src addresses from vendor nl attributes 2c55c9273 More debug prints for EAPOL-Key message generation (Authenticator) 90cef4f21 MLD STA: Fully clear MLO info to avoid use of uninitialized members 496a1ced1 MLD STA: Use MLD addresses for sending non-Public Action frames 17ae98873 MLD STA: Support processing of M1 received before association event 9dafad1ea EHT: Definitions for STA Control fields of Basic Multi-Link element 1fbea7d43 EHT: Multi-Link element defragmentation ec03b71ee common: Refactor element defragmentation 347ea8f0a EHT: Parse Multi-Link elements 73f540b6a MLD STA: Fetch MLO association Link ID info to core wpa_supplicant ee46b7d6d nl80211: Check MLO link status info in NL80211_CMD_CONNECT 6e015cd45 RADIUS: Add Filter-Id attribute 06800f612 Add QCA vendor attributes for EHT support in external ACS 042368663 Vendor attribute to configure QoS/AC upgrade for UDP frames e5d15e225 EHT: Allow EHT to be disabled using disable_eht=1 in wpa_supplicant 041f6cea9 SAE: Accept FT and -EXT-KEY AKMs for external auth b72922796 P2P: Get cached scan results on iface creation to avoid scan 8392ea9e7 SAE: Fix AKM suite selector check for external authentication ebe6a7c94 FT: Cover variable length KCK in function documentation eda4ba081 FT: Reassociation Response frame validation for FT-SAE-EXT-KEY 0f7253d35 FT: Response processing for FT-SAE-EXT-KEY a1eb1bb0e FT: Supplicant side FTE generation for FT-SAE-EXT-KEY 883e33594 FT: Authentication request frame processing for FT-SAE-EXT-KEY 879363bbc FT: Reassociation Request frame parsing for FT-SAE-EXT-KEY e8f23c948 FT: Association Response frame FTE generation for FT-SAE-EXT-KEY a76a314c1 FT: Extend PMK-R0 derivation for FT-SAE-EXT-KEY 79cd846b2 FT: Extend PTK derivation for FT-SAE-EXT-KEY 39b60f334 FT: Extend PMK-R1 derivation for FT-SAE-EXT-KEY fb4fc704c FT: Debug print FTE subelements during parsing 25b52e5f8 FT: Extend FTE parsing for FT-SAE-EXT-KEY 4f58afee9 FT: Extend MIC derivation for FT-SAE-EXT-KEY dcd46edf5 FT: Extend PMKR1Name derivation for FT-SAE-EXT-KEY 9fd245564 FT: Support longer SAE PMK for FT in INITPSK AP c41bd98be FT: AP mode FTE writing to support FT-SAE-KEY-EXT efa0f51d3 FT: Accept 512-bit PMK-R1 from RRB eb0821c90 Add service class id attribute in SCS rule config vendor subcommand 5607abe2e WNM: Print unsupported neighbor report subelements in debug log fcdd76fa2 Interworking: Print unsupported inner EAP-TTLS method in debug log f8a05de66 Move default action from after switch to within 7614fcebe ACS: Filter out 6 GHz channels if HE or EHT is not enabled 1864664ca Android: Delay QCA roam+auth event until NL80211_CMD_ROAM is received 5f3cdc064 Override ieee80211w from pmf for AP mode in wpa_supplicant 2b972a35b DPP: Require PMF when profile is for SAE without PSK 8219d2b7d PASN: Fix CONFIG_PASN=y build without CONFIG_IEEE80211R=y Change-Id: Ifd6be0d096df54c13162fdda164cd8e804a51692 Merged-In: Ifd6be0d096df54c13162fdda164cd8e804a51692 (cherry picked from commit 38ad1edd94)	2023-02-17 18:07:13 +00:00
Sunil Ravi	a04bd250ff	[wpa_supplicant] Cumulative patch from commit 27e828d72 ... Bug: 231272394 Test: connect/disconnect to WPA2, WPA3 networks Test: SoftAp & p2p connection Test: Regression test(b/231636895) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source 27e828d72 ACS: Send EHT enabled info to driver 82066bd36 nl80211: Don't force VHT channel definition with EHT 43fe1ce35 EHT: Add [EHT] flag into AP mode STA command 696ad5c2d EHT: Indicate wifi_generation=7 in wpa_supplicant STATUS output 4994c41f2 EHT: Indicate ieee80211be configuration in hostapd STATUS output 50d883710 EHT: Fix invalid length checking for EHT Capability element 6c7b2be42 SAE: Send real status code to the driver when AP rejects external auth 2c78f11a9 Fix compilation due to forward declaration of macaddr_acl c8e822801 OpenSSL: Fix build with old library versions that do not support TLS 1.3 c24e18e5c LibreSSL: Fix compilation issue with TLS 1.3 session ticket limit eb5e63985 LibreSSL: Fix compilation issue with RSA-OAEP 5d56cf1c7 BoringSSL: Fix compilation error due to TLS 1.3 session tickets a561d12d2 EAP peer status notification for server not supporting RFC 5746 566ce69a8 EAP peer: Workaround for servers that do not support safe TLS renegotiation ccb3206b6 Fix tls_connection_set_success_data() in TLS library wrappers decac7cd1 OpenSSL: Do not send out a TLS 1.3 session ticket if caching disabled 05406f7ae EAP-PEAP server: Fix TLS 1.3 move to Phase 2 without a new session ticket 10746875e OpenSSL: Allow no OCSP response when resuming a session with TLS 1.3 2be1bcaf7 EAP-TLS peer: Fix protected success indication check for resumed session 1c66276d9 EAP-TLS server: Send final TLS message for resumed session with TLS 1.3 81e249888 OpenSSL: Limit the number of TLS 1.3 session tickets to one d26247c3d wpa_supplicant/README-WPS: Beautifications a8d058c93 OpenSSL: SSLKEYLOGFILE capability to allow Wireshark TLS decoding 23f389068 wolfSSL: Fix OCSP stapling a2971f8d8 wolfSSL: Allow TLS version 1.3 to be disabled a40e48fbe wolfSSL: Fix TLS 1.3 session handling 0c3f68f2a wolfSSL: Check for the too-short-password error in pbkdf2_sha1() ca2622481 Check the return of pbkdf2_sha1() for errors 013cd694d wolfSSL: Fixes for FIPS builds 9d5f8168f wolfSSL: Register a FIPS callback 8f36e6c0f wolfSSL: Implement crypto_ec_key wrappers 1f7e10177 wolfSSL: Add missing free calls for wolfSSL structs ec1cd91e7 wolfSSL: Support both DER and PEM blobs 42871a5d2 EAP-SIM/AKA peer: IMSI privacy 21098e39f EAP-SIM/AKA server: IMSI privacy 36b11bbcf OpenSSL: RSA-OAEP-SHA-256 encryption/decryption c3d389b72 EHT: Channel switch command support dae7940a4 EHT: Additions to hostapd_set_freq_params() e646b11fe EHT: Indicate EHT support in Neighbor Report element f915d52de EHT: Provide EHT capabilities in STA addition path a6d1b4c46 EHT: Process (Re)Association Request frame capabilities 340c0e212 EHT: Parse elements received in Management frames d54e3d049 EHT: Add operation element in AP mode Management frames 9b7202d66 EHT: Add capabilities element in AP mode Management frames a7ea72188 EHT: Add configuration options for beamforming capabilities 8db3881c7 EHT: Add operating channel width configuration 8dcc2139f EHT: AP mode configuration options to enable/disable the support 9f7da264b nl80211: Pass station's EHT capabilities to the driver in sta_add() 0c8a9aa5d nl80211: Parse EHT capabilities from the driver c08b735fd EHT: Define EHT elements 1a716f86a defconfig: Document IEEE 802.11ax as a published amendment 86310c220 Set hostapd hw_mode automatically based on 6 GHz op_class 664fd83d5 nl80211: Increase the buffer length for debug printing channels 563162a5f QCA vendor attribute to allow eMLSR HW mode 1e34bc49c OpenSSL: Track SSL_SESSION ex data separately 734fa392f MBO: Check association disallowed in Beacon frames, if newer 284e3ad19 Determine whether Beacon frame information is newer in scan results 28c9f29a3 scan: Print SSID in scan results dump 5a0471579 Install wpa_passphrase when not disabled f1686d776 hostapd: Allow enabling background radar 08d7738bb wolfSSL: Speed up crypto_ec_point_compute_y_sqr() f50d5c9a8 wolfSSL: Fix crypto_ec_point_compute_y_sqr() error case processing 7302aa761 wolfSSL: Fix the memory leak of crypto_ec_point_compute_y_sqr() e7dd0fff1 wolfSSL: Use wc_HmacInit() to avoid potential use of uninitialized values f7be558d6 OpenSSL: Fix build with BoringSSL 6d33ef362 OpenSSL: Remove compatibility options for older versions than 1.0.2 78c2a4cd0 OpenSSL: Drop compatibility options for LibreSSL older than 2.7 b06250767 OpenSSL: Implement crypto_ecdh routines without EC_KEY for OpenSSL 3.0 fc96f6802 OpenSSL: Use new name for the EC_POINT set/get coordinate functions 0aae045af ctrl: Print the source address of the received commands f94214968 wpa_ctrl: Wait for a total of 10 seconds, not 10 seconds per iteration 0d9be8855 wolfSSL: Fix certificate commonName checking 94e0f39d9 wolfSSL: Use wolfSSL_export_keying_material() when available c31fc7a64 wolfSSL: Fix crypto_dh_init() and dh5_init() d7b8c6eef wolfSSL: Fix crypto_ecdh_* with ECC_TIMING_RESISTANT ae1fb6455 EAP-EKE server: Fix a memory leak on an error path 166acab4e wolfSSL: TLS session caching 12dee16d7 wolfSSL: Add a debug logging callback a5d190650 wolfSSL: Implement tls_get_tls_unique() a419fef36 wolfSSL: Implement tls_connection_get_cipher_suite() 364876b7d wolfSSL: Implement tls_connection_get_peer_subject() d9c716400 wolfSSL: Implement tls_connection_get_own_cert_used() d677b9dc6 wolfSSL: Conditional build for aes_wrap/aes_unwrap() b0f016b87 eapol_test: Update with src/ap/ieee802_1x.c changes 747c5f228 Include MS_FUNCS=y for EAP-pwd peer build c7f71fb86 Include HMAC-SHA384/512 KDF for SAE if SHA384/512 is included 3a759dcc8 ACS: Honor acs_exclude_dfs with hostapd's ACS implementation 3240cedd6 eapol_test: Print out names for additional known EAP types f5c711c85 OpenSSL: Unload providers only at process exit 33c4dd26c BSS coloring: Handle the collision and CCA events coming from the kernel 27b4cc712 nl80211: Handle driver events for BSS coloring 399d6e64d nl80211: Add the switch_color() handler for BSS color changes 86bd90eb3 BSS coloring: Disable BSS color during CCA f7d0b740e BSS coloring: BSS Color Change Announcement element generation 654d2395d BSS coloring: Handling of collision events and triggering CCA 52e2516f1 wpa_supplicant: Add the CONFIG_HE_OVERRIDES option to the defconfig 6a2a60f1d OpenSSL: Do not use the deprecated RSAPrivateKey function ebb3055e1 OpenSSL: Generate DH parameters automatically if not set with dh_file bcd299b32 OpenSSL: Convert DH/DSA parameter loading to new API 28c1c91d0 Remove unused dh_blob parameter 4a774cf31 Remove useless DH file configuration from TLS library wrappers 65652c67f Remove DH file configuration from TLS client functionality b94371af8 RADIUS attributes for EAPOL-Key message details 24763e3cd RADIUS: Attributes with Extended Types (RFC 6929) feed2f9e7 BoringSSL: Use accessor functions for X509 key usage flags 80be88a08 BoringSSL: Replace stack-allocated X509_STORE_CTX with heap one b95ed17f6 OpenSSL: Fix build with BoringSSL and LibreSSL 3.3.x and older ae0f6ee97 OpenSSL: CMAC using the OpenSSL library for non-FIPS cases as well 0c61f6234 OpenSSL: Implement CMAC using the EVP_MAC API 4fcd29660 OpenSSL: Extend CMAC to support 192-bit AES 117617843 OpenSSL: Remove now unused compatibility wrapper for RSA_bits() a2dbb2558 Android: Compile hs20-osu-client to /vendor/bin in test builds b0769ce61 DPP: Allow a list of supported curves to be used in bootstrapping URI ef85328a6 QCA vendor command support to reset configuration for eLNA bypass 7008c50fa OpenSSL: Implement DH using the EVP API e31500ade OpenSSL: Implement HMAC using the EVP_MAC API 097ca6bf0 OpenSSL: Unload providers on deinit 092efd45a OpenSSL: Implement AES keywrap using the EVP API 7e4984d9c OpenSSL: Use a correct EVP_CIPHER_CTX freeing function on an error path 8e0ac5366 RRM: Include passive channels in active beacon report scan 0adc67612 wpa_supplicant: Use unique IDs for networks and credentials dacb6d278 Update IEEE P802.11ax draft references to published amendment 8128ea76a Add Transmit Power Envelope element in 6 GHz bc3dc72a3 Extend 6 GHz Operation Info field in HE Operation element 0eb686637 hostapd: Add config option to specify 6 GHz regulatory AP type ee06165e9 hostapd: Extend Country element to support 6 GHz band f5ad97245 PASN: Fix build without CONFIG_TESTING_OPTIONS=y 3467a701c wpa_supplicant: Do not associate on 6 GHz with forbidden configurations 43c6eb5e4 SAE-PK: Add the option to the defconfigs 0482251a6 EAP-TLS: Allow TLSv1.3 support to be enabled with build config 7114e5606 EAP-TLS: Testing functionality to skip protected success indication 95fd54b86 Disconnect STA on continuous EAP reauth without 4-way handshake completion 9e11e746f EAP-TLS: Do not allow TLSv1.3 success without protected result indication 6135a8a6a Stop authentication attemps if AP does not disconnect us 88ab59d71 EAP-TLS: Replace the Commitment Message term with RFC 9190 language 63f311b10 EAP-TLS: Update specification references to RFC 5216 and 9190 5ab385321 Revert "Android: Compile hs20-osu-client to /vendor/bin in test builds" b746cb28b Add support for not transmitting EAPOL-Key group msg 2/2 d27f7bd94 FILS: Fix config check to allow unsolicited broadcast Probe Response 65a3a273c OWE: Reuse own DH private key in AP if STA tries OWE association again 6ff8bda99 hostapd: Add the missing CONFIG_SAE option to the defconfig 1f5b6085c Fix SIGSEGV of eapol_test 576662d27 ieee802_11_auth: Coding style cleanup - NULL comparison 945acf3ef ieee802_11_auth: Coding style cleanup - no string constant splitting 1c3438fec RADIUS ACL/PSK check during 4-way handshake 5b5c954c0 Fix AP config check to recognize all PSK AKMs c5d9f9064 QCA vendor attribute to indicate NDP interface managemtn using nl80211 a9c90475b FT: Update current_bss to target AP before check for SME-in-driver 0c88d1487 Debug print on CONFIG_NO_TKIP=y prevent RSNE with TKIP as group cipher d5a9331f9 P2P: Copy only valid opclasses while filtering out 6 GHz channels 99c91beaa Sync with wireless-next.git include/uapi/linux/nl80211.h d9121335a wpa_cli: Add ACL and BTM control commands 00622fcfe Extend ACL to install allow/deny list to the driver dynamically 077bce96f Set drv_max_acl_mac_addrs in wpa_supplicant AP mode 9828aba16 Support ACL operations in wpa_supplicant AP mode fd0d738ff Add return value to ACL functions f5ac42811 Move ACL control interface commands into shared files 930695662 Add BSS-TM-QUERY event to indicate reception of BSS TM Query febcdf324 Support BTM operations in wpa_supplicant AP mode 0f8c6e995 Move BTM control interface commands into shared file e059d8ece Update the Extended Capability element to struct sta_info eb2e6b56b Enable BSS Transition Management in wpa_supplicant AP mode 30ecf0181 DPP: Update Controller parameters when it was already started b93d1083e DPP: Fix msg_ctx for PKEX over TCP as Controller/Responder 3085e1a67 hs20-osu-client: dNSName values from OSU server certificate for PPS MO ce86f2446 DFS: Remove unnecessary variable 760a5ae26 DFS: Switch to background radar channel if available b63d953fe DFS: Enable CSA for background radar detection 25663241c DFS: Introduce hostapd_dfs_request_channel_switch() 316a9dc63 DFS: Configure background radar/CAC detection bad12effe nl80211: Radar background flag setting effd6111b DFS: Rely on channel_type in dfs_downgrade_bandwidth() f9ba3d5c8 OpenSSL 3.0: Set SSL groups using SSL_set1_groups() 09c62aaf1 OpenSSL: Determine RSA key size without low-level routines b700a56e1 OpenSSL 3.0: Determine the prime length for an EC key group using EVP_PKEY 3c61f4db4 OpenSSL: Replace EC_GROUP_get_curve_GFp() calls with EC_GROUP_get_curve() e2cb0ca1a OpenSSL 3.0: Implement crypto_ec_key_group() with new API f6a53f64a OpenSSL: Replace EVP_PKEY_cmp() with EVP_PKEY_eq() when available 5b093570d D-Bus: Add 'wep_disabled' capability 56a14cc72 DFS: Don't let cac_time_left_seconds overflow ae512c30a DPP: Fix uninitialised variable on error path 3a157fe92 dbus: Set CurrentAuthMode to INACTIVE only if network is not selected 0ce8d55a2 hs20-osu-client: Allow EST server to use different host name 5eaf596e1 HTTP: Make URL available to the cert_cb abed7978f HS 2.0 server: Event log entry on missing configuration for the realm 1192d5721 Android: Compile hs20-osu-client to /vendor/bin in test builds 1fee1c40c Enhance QCA vendor interface to indicate TWT required capability of AP a192305a4 Add QCA vendor attributes for AFC support in external ACS de5939ef5 DPP: Allow Configurator net_access_key_curve to be changed 9638452a6 DPP: Update Configurator to require same netAccessKey curve to be used 2b406eece DPP: Update Auth-I derivation operations de64dfe98 DPP: Curve change for netAccessKey fd2eb7a41 DPP: Fix a memory leak on error path e9551efe0 DPP: Missing/invalid Protocol Version in Reconfig Auth Req eeb72e7c9 DPP: Extend DPP_PKEX_ADD ver=<1/2> to cover Responder role 6c3c431bb Add QCA vendor attribute to enable Spectral FFT recapture fcbdaae8a SAE: Add support for RADIUS passphrase as the SAE password 3d86fcee0 cleanup: Remove unreachable code 9683195ee qca-vendor: Fix typos 4c9ef9322 brcm_vendor: Fix typos d65285ab8 src/drivers: Fix typos 203a027b2 nl80211: Report background radar/CAC detection capability 0a73649b6 DFS: Add capability to select radar-only channels f39765369 DFS: Introduce dfs_set_valid_channel() utility routine d001b301b Fix removal of wpa_passphrase on 'make clean' cb41c214b build: Re-enable options for libwpa_client.so and wpa_passphrase dec626109 HE: Fix invalid length checking for HE Capability element 53be64f7d HE: Fix calculation of the PPE Threshold field length 738fef2f0 Clear PSK explicitly from memory in couple more cases on deinit 567b9764f Clear PMK explicitly even without FT support in AP build 0bd29c176 Remove duplicated pointer check 007fd6111 Clear temporary results from stack in PBKDF2-SHA1 1364f322b Remove GTK/IGTK/BIGTK from memory explicitly in AP mode af1f0694e Clear last set keys (for testing purposes) from memory explicitly 6c850a1c0 nl80211: Clear bss->freq when stopping AP mode a44fa15cb Define a vendor specific NDP attribute for NAN service id 414ca953f DPP: Clear SCANNING state when starting network introduction 0b5f8e3d8 DPP: Clear netrole on starting chirping or reconfiguration 2fcc076d1 Clear wpa_s->last/current_ssid in more cases 7a7f803a9 DPP: Stop offchannel frame TX wait on DPP_STOP_LISTEN in a corner case 7e941e7a1 macsec_linux: Support cipher suite configuration 46c635910 MACsec: Support GCM-AES-256 cipher suite 42944de69 nl80211: Do not store no-wait TX frame cookies to be cancelled 340ec48cd DPP: Clear state on configuration failure in GAS server hander 7e6f59c70 nl80211: Clear the last saved TX frame cookie on wait expiration 9d5fd3328 Update QCA vendor attribute to indicate maximum PCL attributes 19169a53a atheros: Do not include p2p.h f43d31dda nl80211: Debug print association comeback event data a91072503 OCV: Don't start SA Query timer on CSA when SA Query is offloaded f5c8697c0 Sync with mac80211-next.git include/uapi/linux/nl80211.h 632a9995c Clear ignore_old_scan_res on FLUSH command Change-Id: I35fd1fb999d045ced8c153fe3d8284c9a71069b1	2022-05-21 18:49:57 +00:00
Hai Shalom	a20dcd72df	[wpa_supplicant] Cumulative patch from commit ac1e3a7f0 ... Bug: 217966931 Test: Verify Passpoint ANQP functionality and Passpoint association Test: Connect to Passpoint, Open, WPA2, WPA3 networks and run traffic Test: Regression test b/218404053 (Bug: TBD) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source ac1e3a7f0 Add QCA vendor MCC channel quota command and event 1d1e3184b Whitespace/coding style cleanup for QCA vendor attribute definitions 1646883f4 Vendor command to configure rate mask 2faaa193f Rename moderate latency level to XR latency level in vendor attributes f9905f8d9 nl80211: Clear frequency information on leaving mesh 1f26a0a34 DPP: Use a 120 second timeout for GAS query 07e26b292 GAS server: Increase query timeout to 60 seconds for DPP a6d157b6f DPP: Start a listen operation for GAS server if needed da65e7136 nl80211: Add a handler for NL80211_CMD_FRAME_WAIT_CANCEL events 9aaf3e1d1 P2P: Update GO operating frequency after interface setup is completed 033ad6ffa DPP: Allow Configurator parameters to be provided during config exchange d4961a775 GAS server: Asynchronous request handler comeback time indication 9a90aab12 DPP: Store Enrollee config request information 6751fb060 DPP: Make dpp_netrole_str() non-static 34575ad72 EAP-pwd: Fix the prefix in a debug message e07000e74 nl80211: Partial support for radio_disable 33cb47cf0 DPP: Fix connection result reporting when using TCP 1822bd378 DPP: Testing capability for invalid Protocol Version in Network Intro d7be74933 DPP3: PKEX over TCP bdcccbc27 DPP: Change PKEX version configuration design 9d3f347a2 DPP3: Add PKEX initiator retries and fallback from v2 to v1 for hostapd 3f67ab587 DPP: Handle TX status events for broadcast DPP messages 802136299 DPP3: Start with PKEXv2 and fall back to v1 f32f99df1 P2P: Send response frame on channel where the request is received b678a3aa3 Extend QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING fc4bc342e Replace "blacklist" with "denylist" in vendor interface definition bc9fd8adc Replace "whitelist" with "allowlist" in vendor interface definition ffe80cb8e wpa_supplicant: ap: Update comment c76545033 The main branch is now used for v2.11 development cff80b4f7 Preparations for v2.10 release 7a57eb315 Update copyright notices for the new year 2022 9b14aed90 crypto: Remove unused crypto_ec_point_solve_y_coord() 8c502336d EAP-pwd: Derive the y coordinate for PWE with own implementation 6c380f4c8 SAE: Derive the y coordinate for PWE with own implementation 8ebd8aacc SAE: Move sqrt() implementation into a helper function 41c7f3f20 Defined a driver interface for periodic TSF sync feature 5758d0929 Add a QCA vendor attribute to indicate ACS over EHT 7ffcbd08c Clear roam/BSS TM in progress flags for additional cases 16b5ea9e9 Reject authentication start during BSS TM requests af6d4031d D-Bus: Fix build without CONFIG_INTERWORKING 58bbcfa31 OpenSSL: Update security level drop for TLS 1.0/1.1 with OpenSSL 3.0 682fce579 OpenSSL: Fix compressed form encoding for subjectPublicKey with 3.0 ff2eccbdf OpenSSL: Load legacy provider when needed for OpenSSL 3.0 ddcdd6286 OpenSSL: Clean up EVP_PKEY_get{0,1}_EC_KEY() use 384aa245e OpenSSL: Speed up crypto_ec_point_compute_y_sqr() b26f5c0fe DPP: Remove dpp-listen radio work when stopping 3f8c83a65 SAE: Make sure BSS entry is available to determine RSNXE information 43f600a1f Add new vendor attributes to avoid coex unsafe frequencies cab51021c DPP3: Update version capability indication for hostapd bc24a8a09 Update supported channel width set (HT40) after channel switch ff7e403f0 Fix channel switch wrapper when switching from HT to VHT/HE 5606ede12 Update ieee80211ac when channel switching e6db1bc5d mesh: Make forwarding configurable 5ef9277d0 ACS/DFS: Support min_tx_power configuration 5530688b9 MBO: Fix the allowed range of mbo_assoc_disallow values c8e4283f9 D-Bus: Interworking network selection b44e19967 D-Bus: Interworking/Hotspot 2.0 credential operations 4262e6ca4 Move credential removal operations into helper functions e232d9777 HS 2.0: Crypto engine support for creds 97607de5e D-Bus: Capture group ifname before switching to global P2P instance 36973aac2 SME: No need for OBSS scan if HT40 is disabled 7db757aac Revert "Extract BSS coex 40 MHz check into a separate function" e480321f8 Revert "STA OBSS: Add check for overlapping BSSs" b57273d06 DPP2: PKEXv2 core protocol changes b21b31014 DPP: Testing functionality to omit Protocol Version from Peer Discovery 341e7cd66 DPP3: Verify version match during Network Introduction f26fd5ee6 DPP3: Use Connector version instead of current version in Peer Discovery 0cfb72689 DPP3: Add version member to Connector 77ddd38b6 DPP3: Add build option for version 3 functionality 14ab4a816 Reject ap_vendor_elements if its length is odd 2c2bfebca Fix bool type values for setband 7dc7b8814 P2P: Remove 6 GHz channels from full scan if 6 GHz not enabled for P2P 147932add Add a QCA vendor attribute to indicate puncture pattern in ACS 0b853303a Update AKMP, cipher, PMF for driver-based SME while roaming c8b94bc7b mesh: Enable 160 MHz bandwidth support for 6 GHz in IEEE 802.11s mesh ab0af709d mesh: Enable MFP by default for 6 GHz 11s mesh d10a01e22 mesh: Enable 80 MHz support for 11s mesh in 6 GHz d6c5feb8c mesh: Change channel to frequency based lookup for starting mesh b16b88acd RNR: Do not allow FILS Discovery and unsolicited Probe Response simultaneously 15f099ec7 RNR: Allow Probe Response frame for a colocated 6 GHz AP f17f7ca4e RNR: Update Beacon frames for 6 GHz colocation 01efcc292 RNR: Addition in Beacon, Probe Response, and FILS Discovery frames 0c9457ee2 RNR: Additions for a 6 GHz AP b2bbedcb2 RNR: Add co-located BSSes a7c152d6b RNR: Add data from neighbor database 847f76760 RNR: Add configuration option 3db24e4ee RNR: Define element format b389d88a7 Share a common error path for SET_NEIGHBOR control interface command 1b8eb3975 RNR: Add bss_parameters to the neighbor_db 9d0948ecc RNR: Short SSID assignment 8d881d942 Update AKMP and proto for driver-based SME while roaming f969bd22d Add QCA vendor attribute to configure ARP/NS offload feature 8f4d7e8f0 OpenSSL: Fix build with OpenSSL 1.0.2 2086ae46b DPP: Replace dpp_bootstrap_key_der() with crypto_ec_key_get_subject_public_key() e9f8f81a8 DPP: Use ECDH from crypto.h 4aed5668b OpenSSL: Clear the correct flag in crypto_ec_key_get_ecprivate_key() bf161b660 Ignore CONFIG_WIFI_DISPLAY without CONFIG_P2P b306a92df Fix compiler error on CONFIG_AP without CONFIG_P2P builds 726eda65f wolfSSL: Fix a link error when WPS NFC is disabled b8402ab08 DPP: Use crypto_ec_key_get_subject_public_key() when possible d51939f2c DPP: Move CSR routines to use crypto.h d56352b55 DPP: Move dpp_pkcs7_certs() into crypto_pkcs7_get_certificates() b89176fa6 DPP: Move debug print of EC key to crypto.h 87f2fb886 DPP: Remove direct call to OpenSSL in dpp_test_gen_invalid_key() c88b7fcae DPP: Add crypto_ec_key_cmp() in crypto.h and use it 984faf963 DPP: Use crypto_ec_key_group() to compare EC key's group f5334f9b5 DPP: Use crypto API for reconfig part eac41656e DPP: Update connector signing to use crypto.h da63d3099 DPP: Remove unused EVP_PKEY_CTX variable 4767de3a4 DPP: Use crypto.h for authentication computation 0d1d74107 DPP: Update PKEX part to use crypto.h API 50708770f DPP: Use crypto_ec_key_parse_priv() when possible e294a73d0 DPP: Use crypto_ec_key_parse_pub() in dpp_get_subject_public_key() 9c1632908 DPP: Move dpp_set_pubkey_point_group() to crypto.h e84b143e1 OpenSSL: Add Brainpool curves to crypto_ec_key_group() c6f2103ca DPP: Replace dpp_get_pubkey_point() with crypto_ec_key_get_pubkey_point() 2d5772e69 DPP: Factorize conversion to ASN.1 ECPrivateKey 63bf3d25a OpenSSL: Mark crypto_ec_key_gen() key compressed 86cde01cb DPP: Move dpp_gen_keypair() to crypto 0517948d7 DPP: Replace EVP_PKEY by struct crypto_ec_key cd0c1d256 OpenSSL: Use EVP_PKEY as struct crypto_ec_key 15275c53d Complete documentation in crypto.h cb285e80c SAE: Fix sm->cur_pmksa assignment aa5c4f932 Add QCA vendor attribute to configure priority of vendor scan aca4d4963 Fix handling of complex configuration lines with mixed "" and # 0ae677c7b eloop: Extend overflow check in eloop_register_timeout() to cover usec 979f19716 WNM: Allow specifying dialog token for BSS transition request 3f6c02f29 Use pkg-config for libpcsclite linkage flags e797959b8 systemd: Order wpa_supplicant after dbus 95bf9fc93 Remove extra slash from BIN/INC/LIBDIR defaults 5a4ae6e3a Replace "native" with a more specific description 2fb33ce4b wpa_supplicant: hostapd: Remove man-in-the-middle 2e122945f DPP2: Do not try to remove Controller TCP connection twice on error 5bac420e5 DPP2: Clean up Controller on hostapd interface removal d8b3d0815 macsec_qca: Support macsec secy id getting from driver 08bdf4f90 proxyarp: Fix compilation with Hotspot 2.0 disabled b0f457b61 SAE: Do not expire the current PMKSA cache entry f332f6951 wpa_supplicant: Try all drivers by default 4775a5f82 Add support to reconfigure or flush PMKSA cache on interface enable 6f634b003 PMKSA: Make sure reauth time is not greater than expiration time 973f3e244 Fix hostapd segfault on WPS_CONFIG control interface command to non-WPS AP 9ef8491d9 Add TWT attribute to configure TWT related parameters 321dc403e Replace "dummy" with "stub" in crypto/random 95e140e20 Replace "dummy" with "stub" in NDIS driver interface c53fa9225 Replace "dummy" with "stub" in EAP-TEAP testing 575dc1f3b Replace "dummy" with "stub" in preauth_test ed5e1b722 Replace "dummy" with "stub" in comments/documentation 3955d2af7 Replace "dummy" with "stub" in wps_testing_dummy_cred 77dd71243 Replace "dummy" with "stub" in Authenticator group keys fb1bae2a7 Replace "dummy" with "stub" in SAE e69ea242a hostap: Remove unused driver enum values with "master" in them 7b50f2f04 Replace "sanity" with "validity" 891bb1305 P2P: Enforce SAE-H2E for P2P GO in 6 GHz afcadbbf4 wpa_cli: Add support for SCS, MSCS, and DSCP commands bcaa1ea08 HE: Disable HE in hostapd_set_freq_params() if driver does not support fe1d743a1 Add QCA vendor attributes to indicate 320 MHz spectral scan capabilities 2b3e64a0f Update ciphers to address GTK renewal failures while roaming 9cf4bb0ef Vendor command to configure/trigger the roam events dd3a2960a Add TWT vendor attribute to configure announce timeout value afa0b9b6c P2P: Make p2p_check_pref_chan_no_recv() easier for static analyzers 857c4dfa8 Make get_mode() easier for static analyzers 9651deba5 Support vendor element configuration for AP mode from wpa_supplicant d144b7f34 DSCP: Add support to send DSCP Policy Query frame c903257fb DSCP: Parse WFA Capabilities element in (Re)Association Response frame a4aae9f9b DSCP: Indicate DSCP Policy support in (Re)Association Request frame d57456c1f DSCP: Allow DSCP Policy Response Action frame to be sent 2033e318e DSCP: Parsing and processing of DSCP Policy Request frames fe2a44485 DSCP: DSCP policy capability configuration 8471d940e Move pmf_in_use() into a more generic file 41ec97cd0 HE: Use a random BSS Color if not defined in the config file 1518638b7 QCA vendor command to configure the parameters for monitor mode 8f7b2c898 Add attributes to support MBSSID multi groups notifications a75fdcdcd Extend the roam reason codes in QCA vendor attribute 9ff0c8af5 Correct the documentation in enum qca_roam_reason ce267f4da P2P: DFS offload for the autonomous GO 6ba665c5c Reserve QCA vendor sub command id 201 51d73d991 Add QCA vendor interface to configure background scan parameters 61c075761 EDMG: Validate pri channel lookup result before using it a95144cf3 Add frequency to operating class determination for 5 GHz channel 144 e5173e8b1 P2P: Enable multiple channel widths for P2P in 6 GHz band f725254cc P2P: Enhance determination of secondary offset to support 6 GHz channels 575a8e6ca P2P: Clone 6 GHz related parameters to new group interface config f18433760 Add TWT attribute to send Responder PM Mode value to userspace 11a342775 Add time slice duty cycle attribute into QCA vendor command d408e3d19 Update QCA mDNS Offload vendor command 2341585c3 ACS: Fix channel 100 frequency ed369613f P2P: Align p2p_buf_add_pref_channel_list() prototype with definition 75a6d44a4 hostapd: Allow HT40 on 5 GHz channels 173 and 177 7dd2e2369 hostapd: Always allow HE AP with a 20 MHz channel width 9f2217c51 P2P: Consider p2p_no_go_freq for GO preferred frequency 882c53be5 P2P: Avoid integer overflow in channel a58f7e61c Add QCA vendor interface to configure allowed bands for roaming be81bbdc3 doc: Fix grammar in wpa_supplicant overview 362d9a49d utils: FreeBSD supports fdatasync(2) 9bd943410 nl80211: Fix send_mlme to use monitor interface only for AP interface f02ac5140 HE: Option to disable HE ER SU in HE operation in AP mode 63f043f4f Generalize the function name as it is not dealing with only TX & RX params 3cdc6d381 mesh: Show peer connected time in the wpa_cli STA cmd output for Mesh mode eddcd2753 Fix some compiler warnings on 32 bit platform 4c80937c7 nl80211: Reduce the number of nlctrl name resolution calls cce33c7e7 openssl: Support private_key blob in PEM encoded PKCS#8 format 0030590fb Generate an event when a network is added or removed f23861061 Add a --conf option to eapol_test.py 99c1789ab PASN: Fix ASAN error in ptksa_cache_add() e2e9adc3d openssl: Disable padding after initializing the cipher suite d265dd2d9 openssl: Remove deprecated functions from des_encrypt() 46b60299a wpa_supplicant: src: Replace Sane with Valid. 12388313a RADIUS client: Fix void-pointer-to-enum-cast warning e433d06dd Allow MSCS support to be disabled for testing purposes 025f8ab52 SCS: Processing of SCS Response frames b4e01ae92 Allow SCS supported to be disabled for testing purposes c005283c4 SCS: Sending of SCS Request frames 445dbe2cd P2P: Do not stop Listen state if it is moving to correct channel e99aaf706 Add QCA vendor attribute for TWT termination due to power save exit a147951ee Add QCA vendor attribute indicating the spectral scan bandwidth 51f89565f Add QCA vendor interface to fetch thermal statistics from the driver 24774dcc2 P2P: Require PMF for P2P GO in the 6 GHz band 49442194c SAE: Derive H2E PT while reconnecting to same SSID also ac79ed499 HE: Obtain correct AP mode capabilities for hw_mode with 6 GHz support dfabf1e5c QCA vendor command for mDNS offload 1071f7539 DPP2: Fix channel 6 inclusion for chirping with non-2 GHz interfaces 84b3de809 TDLS: Support TDLS operations in HE mode for 6 GHz 1990ee7ee QCA vendor attributes to configure BTWT and Rx control frame to MultiBSS f5f2985a2 Update TWT attribute to send TSF value in TWT setup command b4f7506ff FILS: Flush external-PMKSA when connection fails without ERP keys 80bcd7ecd FILS: Flush PMKSA entries on FILS connection failure 914a2f518 SAE: Report authentication rejection over control interface 9557ba336 AP: Don't increment auth_transaction upon SAE authentication failure 84f6492ea Extend QCA vendor command for TSF to enable and disable auto report 7ef420058 QCA vendor attribute to configure BSS max idle support ef83e0f90 QCA vendor attribute to use BSSID in Probe Request frame RA e2ff06c91 Add channel load percentage attribute into QCA vendor command ac6a0293d Add uplink delay attribute in QCA vendor command get_sta_info responses 84f894773 PTKSA: Fix a potential hostapd memory leak during reconfiguration 311091eb4 P2P: Use SAE+PMF for P2P connection in 6 GHz f0cdacacb P2P: Allow connection on 6 GHz channels if requested b36142a74 P2P: Add allow_6ghz parameter to control interface f7d4f1cbe P2P: Add a mechanism for allowing 6 GHz channels in channel lists 6423c23e3 P2P: Allow 6 GHz channels to be included in the P2P_FIND operation a06c7d50f P2P: Helper functions to check for WFD capability of a P2P device eaf850867 P2P: Extend channel determination/validation to 6 GHz channels 9b50746f5 P2P: Introduce 6 GHz band capability bit in P2P Device Capability 9f901e65b WNM: Ignore SSID check for hidden SSID in transition candidates 525ec045f P2P: Use correct return type for has_channel() 09fb9b0cb DFS offload: Use hostapd_is_dfs_required() to check if DFS required e8662e9d4 Use a helper function to remove struct wpa_bss_tmp_disallowed entries ecaacb47b OCE: Remove AP from driver disallow list with sufficient AP RSSI c25b50306 hostapd: Reject 40 MHz channel config if regulatory rules do not allow it 20a522b9e AP: Add user configuration for TWT responder role 9efed6684 Android: Pass the vendor events to $(BOARD_HOSTAPD_PRIVATE_LIB) 39a1d55b7 Add QCA vendor interface to transport CFR data using netlink events da3335c92 QCA vendor attribute to configure keep alive data type 98f1259cd QCA vendor attribute to configure ER SU PPDU type e2e2655ce FILS: Fix PMKID derivation for OKC 6abfb1418 Use estimated throughputs irrespective of RSSI delta for 6 GHz APs 5e1e4cceb Add QCA vendor attribute to enable/disable FT over DS 586afb8fa Add QCA interface to configure band specific RSSI thresholds for roaming 800e34550 Fix documentation for QCA_WLAN_VENDOR_ATTR_TWT_SETUP_MAC_ADDR 7d2302f87 Add EAPOL-4WAY-HS-COMPLETED indication to AP 1c5aa2579 Add EAPOL_TX command to extend ext_eapol_frame_io possibilities 7f0a2e422 Report EAPOL-RX events for testing purposes 04283cf36 Add REKEY_PTK to allow upper layer request to force PTK rekeying 82d8d631e Skip GTK rekeying request if rekeying already in process de4d62dbc Add QCA vendor definitions for DFS radar history 46f897619 Prefer 6 GHz APs for connection in BSS selection 84008457e Add support to calculate estimated throughputs for HE rates 658b6a0b0 Add support to estimate throughput for VHT 160/80+80 MHz supporting APs 1d2118b50 Check local supported features for estimating BSS throughputs accurately 2950851ac Rename the Frame Control field subfield Order define to +HTC 11821ab3d Add QCA vendor interface to query usable channels 6ae0d78b8 Determine 6 GHz bandwidth in AP mode ACS using op_class parameter 0822de037 Add AP mode ACS support for the 6 GHz band bef5eee4f Convert channel to frequency based selection for AP mode ACS 15742566f 6 GHz: Fix operating class in Supported Operating Classes element 79e8f0c16 hostapd: Update 160 MHz center freq calculation in 6 GHz 9c6b0a941 hostapd: Disable VHT/HE when WMM is not enabled 15b1831a2 nl80211: Map internal TDLS_PEER_* to NL80211_TDLS_PEER_* 742018f44 Add support to indicate TDLS peer's HE capability to driver 2be5777a9 Sync with mac80211-next.git include/uapi/linux/nl80211.h 1f2fbf41d Fix UPDATE_BEACON processing when disabled b8d337c63 DPP2: Fix channel 6 inclusion for chirping with non-2 GHz interfaces 80d975695 DPP2: Get DPP Relay Controller context based on hostapd callback context e63d45690 Add vendor reason code for TWT setup reject due to scan in progress 7d513b5b2 Add vendor hang reason code for tasklet/credit latency a6cae954e Vendor command to configure concurrent STA connection policies c2d7b027b DPP2: Close incomplete Relay connections f91680c15 OpenSSL: Fix compilation for version < 1.1.0 without CONFIG_ECC d675d3b15 Add helper functions for parsing RSNXE capabilities 663e190b7 SAE: Remove now unused password identifier argument from non-H2E case 79f87f473 PASN: Change PASN flows to use SAE H2E only 8c786e068 PASN: Derive KDK only when required 655edc19c Vendor attributes to configure broadcast TWT parameters 49ad86b0c Add vendor reason codes for TWT setup reject on roaming/channel switch 0bae16122 Set last_eapol_matches_bssid=1 on a roam+auth indication from driver 527be9ce7 SAE: Increment the Sc counter before generating each Confirm 47f51c8ba tests: Update SAE test vector to IEEE Std 802.11-2020 5f082c158 nl80211: Support larger number of MAC ACL entries f1fc9cf74 nl80211: Fix the size of the maximum MAC ACL size 93576264b WPS: Share a single error handling path in wps_set_ie() 2445e18b6 tests: assoc+auth driver event 00bec7b5b tests: IEEE 802.1X and FORCE_UNAUTH state e72e32253 hostapd: Enable WMM automatically when HE is configured 8ca330bd7 Flush pending control interface message for an interface to be removed 4a841a218 Fix WNM-Sleep Mode exit debug print of BIGTK 354f87e2e MSCS: Fix MSCS Response frame Status field parsing b8673baea Add REGISTER_FRAME hostapd control interface command for testing purposes 60974eb3f Allow AP mode extended capabilities to be overridden 7365eb43e Make hostapd_config_fill() easier to auto indent 8ca09293e Simplify extended capability determination in AP mode 37306a004 PASN: Use a helper function to free radio work data 349e9eafb PASN: Mark pubkey/comeback arguments constant for frame construction 67014b3f7 PASN: Add support for comeback flow to wpa_supplicant ab623ac75 PASN: Add support for comeback flow in AP mode 4ed10754e DPP: Fix GAS client error case handling in hostapd 3ae18d4bd EAP-SIM/AKA: Fix check for anonymous decorated identity 512d973cc DPP: Indicate authentication success on ConfReqRX if needed (hostapd) 6c8842f0e Fix full EAP authentication after PMKSA cache add failure 6bbbd9729 DPP2: Fix connection status result wait in hostapd c0c74f0c6 Testing functionality for airtime policy 2f7789149 nl80211: Debug print error from airtime weight configuration 38fa5e657 More documentation for HE Spatial Reuse Parameter Set configuration 73d9891bd EAP-SIM/AKA peer: Support decorated anonymous identity prefix 7831b10a8 Introduce reason code for TWT teardown due to concurrency eaeec4da2 PASN: Add support for deauthentication flow in station 4f436d537 nl80211: Allow sending Deauthentication frame with off channel for PASN 1ca1c3cfe AP: Handle deauthentication frame from PASN station 166e357e6 AP: Enable anti clogging handling code in PASN builds without SAE 6fe0d56e8 AP: Rename SAE anti clogging variables and functions b86678633 PASN: For testing purposes allow to corrupt MIC 2efa60344 PASN: Encode the public key properly cd0813763 PASN: Include PMKID in RSNE in PASN response from AP da3ac9809 PASN: Fix setting frame and data lengths in AP mode PASN response c733664be EAP peer: Make EAP-Success handling more robust against race conditions 72a17937c DPP: Add init/respond retries parameter configuration to hostapd 6ed0c212e TLS: Fix highest TLS version disabling with internal TLS client 57550cb27 DPP2: Use ASN.1 helper functions 626035bec TLS: Use ASN.1 helper functions d4e1d76db X509: Use ASN.1 helper functions 173e7eede RSA: Use ASN.1 helper functions 72b0217ab PKCS: Use ASN.1 helper functions a0541334a ASN.1: Validate DigestAlgorithmIdentifier parameters 94beb8e36 ASN.1: Fix AlgorithmInfo parsing for signatures ee76493bb ASN.1: Reject invalid definite long form length values in DER encoding 3af75f23b ASN.1: Reject invalid extended tags in DER encoding d6831a0e9 ASN.1: Explicitly validate constructed bit while parsing DER b421a7cf2 ASN.1: Use the helper functions for recognizing tags and debug prints 9a990e8c4 ASN.1: Add helper functions for recognizing tag values 9bf4c0539 ASN.1: Verify that NULL value has zero length f629bfe22 ASN.1: Add helper functions for debug printing identifier/length info 429f725d9 ASN.1: Define tag value for TIME 4481b03ee ASN.1: Fix a typo in a not-used tag name 2f2a57075 nl80211: Restore station mode on deinit only if station when started a746393dc TWT: Allow specifying Control field value in TWT Request a6b2007c2 nl80211: Support disabling HE in infrastructure BSS as station 01f2e54ce P2P: Clear pending_listen_freq when stopping listen 82a348eda wpa_supplicant: Don't process EAPOL frames while disconnecting e80e6a2f1 eapol_test: Add address family for IPv4 in Windows build cd2f8151e Add support to return bandwidth for channel 2 of the 6 GHz band 6b4e32da8 New vendor attribute to configure TWT mantissa in microseconds 7fd2f2496 TWT: Support sending TWT Setup and Teardown Action frames edbaffc4f wpabuf: Add helper functions for writing 64-bit integers 17d85158c Fix hostapd PMKSA_ADD with Authenticator disabled 147d6d372 Update VHT capabilities info on channel switch event dc587c479 nl80211: Determine secondary channel offset for CS to 80+80 MHz 0a8095d72 nl80211: Debug print for channel switch request parameters a20ace3a1 nl80211: Add command-to-string mapping for previously missed commands 0f37b8142 More specific set_freq_params debug prints for 80/80+80 MHz errors ab8929192 nl80211: Use process_bss_event() for the nl_connect handler 7c5442e74 DPP: Clear hapd->gas pointer on deinit 076e0abdd SQLite: Fix temporary eap_user data freeing on interface restart 2da3105ac Fix use after free with hapd->time_adv on interface restart 5ac977758 Reject authentication start during explicit roam requests 800fb6997 QCA vendor attribute to allow 6 GHz connection with all security types 1a60099f2 QCA vendor attribute to ignore SAE H2E requirement mismatch e9d598d8a Update old link to ACS wiki documentation b5e3d92ee OCV: Fix OCV-FAILURE event address for FT Reassociation Response frame 40551a15c Fix a memory leak in WPS with ap_scan=2 900adb3c9 FILS: Simplify code paths 4a5f6e88b SAE: Use more explicit IE payload validation steps 57fec19da Use more consistent iface->conf checks b8211e1e7 PASN: Avoid unreachable code with CONFIG_NO_RADIUS 9a1136b7f FILS: Fix RSN info in FD frame for no-group-addressed 6035969e0 Fix dynamic EAP library building a826ff2d9 Ignore group-addressed SA Query frames d314213f6 P2P: Pick a 5 GHz channel from more possible channels 205c35cef nl80211: Allow compilation with both vendor do_acs() handlers 61a258e78 nl80211: Add ACS support for Broadcom device 827b43b3c RADIUS client: Support SO_BINDTODEVICE 3a05f89ed Android: Add DRIVER command support on hostapd and hostapd_cli 50baf345b TDLS: Support TDLS operations in HE mode 184c82468 P2P: Add device address to the debug entry on oldest peer removal 8460e3230 P2P: Fix a corner case in peer addition based on PD Request Change-Id: Ieec0678b1a5c72fef3f3363cb54b20ac1cb8ab7f	2022-02-25 00:43:57 -08:00
Jouni Malinen	f3f8d3c8a8	Flush pending control interface message for an interface to be removed ... wpa_supplicant_ctrl_iface_deinit() was executed only if the per-interface control interface initialization had been completed. This is not the case if driver initialization fails and that could result in leaving behind references to the freed wpa_s instance in a corner case where control interface messages ended up getting queued. Fix this by calling wpa_supplicant_ctrl_iface_deinit() in all cases to cancel the potential eloop timeout for wpas_ctrl_msg_queue_timeout with the reference to the wpa_s pointer. In addition, flush any pending message from the global queue for this interface since such a message cannot be of use after this and there is no need to leave them in the queue until the global control interface gets deinitialized. Signed-off-by: Jouni Malinen <jouni@codeaurora.org> Bug: 168314741 Test: Connect to Wi-Fi networks, enable SAP, verify correctness Test: Run wifi_test PoC - verify no exception Change-Id: I2dcc00b1b1db1f30432641c7202e0353eca55722	2021-02-24 03:22:59 +00:00
Hai Shalom	899fcc7e60	[wpa_supplicant] Cumulative patch from commit d68c0dd4d ... Bug: 156933657 Test: Verify Passpoint ANQP functionality and Passpoint association Test: Connect to Passpoint, Open, WPA2, WPA3 networks and run traffic Test: Regression test passed (Bug: 171270733) BYPASS_INCLUSIVE_LANGUAGE_REASON=Merged from Open source d68c0dd4d build: lib.rules: Add common-clean d34b33451 wpa_supplicant: Fix frequency config for VHT/HE cases 0747432ef Fix spelling of "unexpected" in messages d720de929 hostapd: Fix typos 4c66894fa eap_peer: Add .gitignore with *.so 13256b8cf P2P: Stop old listen radio work before go to WAIT_PEER_IDLE state 0f7989d8a MSCS: Fix decapsulating subelements from MSCS descriptor cc3d6efa8 Add QCA interface for driver to report various connect fail reason codes 39748963d build: Fix libeap_peer.a build c3f37c35f DFS: Use helper functions for VHT/HE parameters a72599b31 hw_features: Better debug messages for some error cases 5965c7da5 wpa_supplicant: Enable VHT and HE in default config parameters df6745e8c wpa_supplicant: Handle HT40 and mode downgrade in AP mode 93da12fd9 mesh: Fix channel init order, disable pri/sec channel switch 7f8ac02e8 HE/VHT: Fix frequency setup with HE enabled 0f07230eb DPP2: Add privacyProtectionKey into Configurator backup/restore a0ccc4017 DPP2: Use ppKey to decrypt E'-id on Configurator 99d7bf234 DPP2: Use the new privacy protection key to protect E-id on Enrollee 37df40845 DPP2: Copy received ppKey into wpa_supplicant network profile a8ee2292b DPP2: Parse ppKey from Connector 2a8c92887 DPP2: Add ppKey into Connector 9c1fbff07 DPP2: Generate a privacy protection key for Configurator 1d1475845 DPP: Make dpp_keygen_configurator() a static function 1d0d8888a build: Make more library things common f4b3d14e9 build: Make a common library build ac1447ae9 build: Rebuild libs all the time 6c41d43f1 mesh: Stop SAE auth timer when mesh node is removed 154b18d95 build: Fix dependency file inclusion 79db311e8 macsec_linux: Fix receive-lowest-PN setting e3b47cdf8 DPP2: Add DPP_CHIRP commands to hostapd_cli and wpa_cli cb3b70936 P2P: Set ap_configured_cb during group reform process 0e9f62e51 P2P: Fallback to GO negotiation after running out of GO scan attempts 1a0169695 hostapd_cli: Add dpp_bootstrap_set command 7e4ed93d3 wpa_cli: Add dpp_bootstrap_set command 283eee8ee gitignore: Clean up a bit ae0b90dfa mesh: Allow channel switch command 87098d332 build: Put archive files into build/ folder too 00b5e99b6 build: Use the new build system for fuzz tests a49f62884 wolfSSL: Fix wrong types in tls_wolfssl.c 58c18bcf8 hostapd: Fix error message for radius_accept_attr config option 52a1b2834 nl80211: Unbreak mode processing due to presence of S1G band 4b96fafcd D-Bus: Share 'remove all networks' with CLI 2818e9ca9 wpa_supplicant: Do not retry scan if operation is not supported c0b88d129 P2P: Limit P2P_DEVICE name to appropriate ifname size 566ea1b7c mesh: Set correct address for mesh default broadcast/multicast keys 17d6ba4c9 DBus: Add "Roam" command support 6e757bba8 Use consistent spelling of "homogeneous" cff545720 wpa_supplicant: Clear blacklist when SSID configs change bbbb3c04e wpa_supplicant: Add new blacklist tests 164b8dd8e wpa_supplicant: Add wpa_blacklist_update() d53011002 wpa_supplicant: Implement time-based blacklisting 2fd35d985 wpa_supplicant: Track consecutive connection failures 6d6310701 Fix STA mode default TXOP Limit values for AC_VI and AC_VO dcc5288e5 gitignore: Add various things ce963433b build: Allow overriding BUILDDIR from command line ad6e4a5c5 build: Remove hostapd vs. wpa_supplicant build checks 6acda5322 build: Add .config file to dependencies 722138cd2 build: Put object files into build/ folder 0464d5d5d build: Move config file handling into build.rules 0430bc826 build: Add a common-clean target 06a6adb54 build: Use build.rules in lib.rules 3ff115db6 build: Disable built-in rules a41a29192 build: Pull common fragments into a build.rules file 21cc50a43 HS 2.0 server: Add a .gitignore file a28d127b1 AP: Reflect status code in SAE reflection attack test e8b85c078 iface match: Unspecified matched interfaces should not log driver fails 83fa0a100 op_classes: Don't report an error when there are none to add 8776551bf BSD: don't log SIOCG80211 errors during interface setup 41d20df7f D-Bus: Allow empty string in dbus network properties 4756ecabc Allow bgscan parameters to be reconfigured 922fa0997 Global parser functions to return 1 when property unchanged a87173b1d D-Bus: Skip property update actions when wpa_config_set() returns 1 1c58317f5 D-Bus: Allow changing an interface bridge via D-Bus 14318ccff P2P: Add configuration support to disable P2P in 6 GHz band debf3e216 OCV: Work around for misbehaving STAs that indicate OCVC=1 without OCI d48a3a676 FT: Modify status code in FT Reassoc frame for invalid OCI channel info 0e8d569d4 DPP2: Presence Announcement notification in STA 980c4da41 DPP2: Presence Announcement notification in AP 8b667bfa1 DPP2: Presence Announcement notification cf3d260c3 DPP2: Fix hostapd crash setting global configurator params on chirp RX a8f304228 Document the missing ignore_broadcast_ssid network profile parameter aa704020a DBus: Update dont_quote[] with ignore_broadcast_ssid parameter 88d3f43bd DPP2: Replace OneAsymmetricKey version number (v2 to v1) 8e5739c3a DPP2: Check channel 6 validity before adding it to chirp channel list 5c6c0d569 DPP: Fix GAS fragmentation for DPP Config Response from hostapd a7f55f7f6 WPS: Enable SA Query checks for WPS AP 43ef227e9 P2P: Make use wpas_p2p_reconsider_moving_go timeout gets canceled 57536a567 P2P: Fix P2P interface remuval through wpa_supplicant_remove_iface() 760d10cde P2P: Include channels 149 to 161 for operating classes 128 and 130 ac882374a SAE: Fix error path handling for SSWU e8a1e6a4a P2P: Fix a typo in a comment fa63284af Add additional roam triggers to qca_vendor_roam_triggers 13feeaa10 Add a new status code to represent an already suspended TWT session 8175c2654 Add test configuration attr to start/stop transmitting FD frames 90e478aa0 DPP2: Use the PFS fallback if multiple key_mgmt values are enabled cab139ebc Fix a typo in a comment 7e20502f7 hostapd: Resolved compiler uninitialized warning e3ba0c4cd Do not start SA Query procedure without keys a92660a00 Work around Supported Operating Classes element issues for 6 GHz fd4a58ccd Additional attributes to QCA_WLAN_VENDOR_ATTR_ROAMING_PARAM_CONTROL 8a6a2894d Add new QCA vendor attributes to get thermal level 41f818905 SAE-PK: Add support to skip sae_pk password check for testing purposes a71b100c3 OCV: Allow connecting MFP incapable OCV STA when OCV is disabled in AP 5ecb45a41 OCV: Use more granular error codes for OCI validation failures 10c3e58b2 DPP2: Include E-nonce in reconfig ke derivation 4ae5e459d DPP2: Move E-nonce to be outside wrapped data in Reconfig Auth Resp 0ebf5aa34 DPP2: Replace I/R-nonce with C/E-nonce in reconfiguration 99f8506d3 Add QCA_NL80211_VENDOR_SUBCMD_MBSSID_TX_VDEV_STATUS 93a73ce02 MSCS: Fix issues due to incorrect usage of wpa_hexdump_buf() 9afb68b03 OpenSSL: Allow systemwide secpolicy overrides for TLS version c85206ba4 QCA vendor attributes for setting ANI level d335ca953 Update QCA vendor interface for GPIO configuration 7ddb71224 DPP2: Support QR mutual auth scan-during-auth-exchange (hostapd) c043b1e00 DPP: Remove unnecessary dpp_global_config parameters 4ecb6dd16 DPP2: Controller support in hostapd cd17f6877 Add QCA vendor event for firmware statistics ba3081f1d dpp-nfc: Start listen operation more completely for NFC Tag write cases e4adbacaf GAS: Fix memory leak on some DPP error paths 8aa91282a Fix EAPOL-Key msg 1/4 processing in a corner case 96e63008f OWE: Do not add DH Params element in AssocResp with PMKSA caching 9bc881153 DPP2: Fix build without IEEE8021X_EAPOL 2caff11d7 LibreSSL: Fix build with LibreSSL versions older than 2.9.1 55a366d7a dpp-nfc: Fix recv_octets() regression 90e05626f Add test configuration to ignore SA Query timeout a2d35b49e Fix documentation for the test configuration attributes of FT-SAE/OCV 5d2218e61 Add get_sta_info vendor attrs to get BIP failure counters for STA mode c6a760b9c DPP: Add process_conf_obj into TCP connection data struct 7f366fcbd DPP: Add msg_ctx into TCP connection data struct 6aa7aa808 DPP2: hostapd/AP as Enrollee/Initiator over TCP d21dde9da MSCS: Send MSCS change/remove frames only if MSCS setup exists af8ab3208 MSCS: Parse result of MSCS setup in (Re)Association Response frames c504ff539 MSCS: Add support to populate MSCS Descriptor IE in (Re)AssocReq bbd3178af MSCS: Add support to process MSCS Response frames a11804724 MSCS: Add support to send MSCS Request frames 1733e356e dpp-nfc: Fix handover client wait for receiving handover select 596d99567 SME: Process channel switch event in SME only when supplicant's SME is used 0fa274d2b Derive seg0_idx and seg1_idx for 6 GHz when processing channel switch 5644b23de QCA vendor command to update SSID cd708e8ff Add a vendor command for medium assessment cc9fe46b3 Add AllPlay type to the QCA vendor element 170775232 ANQP: Add support to specify frequency in ANQP_GET command 43106e122 GAS: Update source MAC address on preassoc_mac_addr randomization 1289ecf4c GAS: Ignore preassoc_mac_addr when gas_rand_mac_addr enabled dbe485a35 SAE-PK: Check psk param also to look for SAE-PK acceptable BSS f5388b34e Add channel TX/RX times to QCA vendor interface of LL stats 9f9c11048 Fix QCA_WLAN_VENDOR_ATTR_LL_STATS_CH_INFO interface documentation 096456c0c Enhancements to the TWT attributes/parameters (vendor command) 3adc1c623 DPP2: Disconnect before starting reconfiguration 574a8fa6c DPP: Do not interpret unknown channel as missing channel list for NFC fc3efe083 DPP2: Support mutual auth with QR in scan-during-auth-exchange case 2e956c37d DPP2: Do not close TCP socket when waiting for full Auth Resp e4e95aabb DPP2: Allow Controller to be configured to require QR mutual auth 61c249c49 Add QCA vendor attribute to configure number of TX/RX chains 86fd6755c dpp-nfc: Use --altchan value in handover server 315422196 dpp-nfc: Update listen channel based on channel list when writing a tag 66ffe9d24 DPP2: Update Reconfig Flags attribute format 5caf4e094 DPP2: Support RA/CA functionality in Controller initiated case 9304d1b3c DPP2: Regenerate Reconfig Announcement for each transmission b591810f9 DPP2: Add DPP Status attribute into Reconfig Auth Confirm 6d0217119 DPP2: Allow iteration count to be configured for DPP_RECONFIG c6d0e5a93 DPP2: Add E-id in Reconfig Announcement e5be6e68c DPP2: Add Enrollee netAccessKey group into Reconfig Announcement 2a58968d3 SAE-PK: Allow SAE-PK password to be set using the psk parameter 7ca81190a SAE-PK: Allow SAE-PK style wpa_passphrase if SAE-PK is enabled with same 844ecc70a Additional TWT attributes for response path and resume 0a9d7b169 SAE-PK: Update design for fingerprint encoding into password 2f858254c Extend GET_PMK to check PMKSA cache on the AP b28b9dfcb OCV: OCI channel override support for testing (STA) d309dd52b Fix the documentation for QCA_WLAN_VENDOR_ATTR_CONFIG_UDP_QOS_UPGRADE 87971ff05 SAE-PK: Fix SAE confirm writing in some AP cases with transition mode 240e9af4d SAE-PK: Make no-KEK debug prints distinct 38ef655eb dpp-nfc: Report negotiated connection handover result 4d5461842 dpp-nfc: Stop only_one run after failed handover attempt f7b5a1d34 dpp-nfc: Do not indicate no initial HS as failure if alt HR will be sent 475b34665 dpp-nfc: Improved version of HandoverServer::serve() dc0795e4f dpp-nfc: Stop process after successful handover client completion b00bbbfe5 dpp-nfc: Optimize HandoverClient message receiving for alternative HR case bbfb7b9fe dpp-nfc: Use a single handover client thread aaa8638ed dpp-nfc: Add a class for maintaining connection handover state 66d74626b dpp-nfc: Reuse the same handover client for alternative URI 6e904441c dpp-nfc: Add peer URI into the HS in testing mode 3021b14c4 dpp-nfc: Enable more verbose nfcpy debugging 7c04bab71 tests: AES-CTR encrypt test vectors 1d3e16d0b dpp-nfc: Skip P2P management interfaces e9c192ffc dpp-nfc: Ignore (no) response to initial handover request 7d27bcb8e dpp-nfc: Do not allow more than one alternative channel proposal 6eaee933d dpp-nfc: Add test mode for negotiated connection handover 730fc307b Update documentation for vendor attributes to ignore BSSIDs during roaming f4877083e Rename driver op for temporarily disallowed BSSIDs f8c756c5b FT: Rename temporary blocking of nonresponsive R0KH 15018d4f4 DPP2: Fix auth termination after receiving Configurator backup 74cd38ac6 dpp-nfc: Return failure status if operation fails 7e2edfbc1 dpp-nfc: Add color and details for interactive operations 09c22bb78 dpp-nfc: Fix regression in NFC Tag writing 1e4a42c74 dpp-nfc: Detect a non-NDEF tag when trying to write 288c0ffaa dpp-nfc: Do not hardcode netrole for NFC Tag writing cases ebd5e764f Vendor attribute to configure QoS/AC upgrade for UDP frames d91fb3ce3 Add a vendor command to fetch the currently enabled band(s) 29e47c416 Vendor command to configure TWT 8f396ad68 Enhance the qca_set_band enum values to be used as a bitmap cc6153a8a nl80211: Fix sending proper VLAN ID attr value when using VLAN offload a57f98754 Fix enabling 40/80 MHz bandwidth support in the 6 GHz band 885097125 mesh: Fix peer link counting when removing a mesh peer 8632dea4a DPP2: Make sure dpp_auth gets cleared with external config processing a7ae42296 DPP2: Do not allow reconfiguration to be started with pending auth d93df9989 DPP2: Debug print reason for rejecting reconfiguration 5d8c5f344 SAE-PK: Fix password validation check for Sec 0ce6883f6 tests: Fix SAE-PK password module tests c9dc075fc dpp-nfc: Fix connection handover renegotiation d0819a11c FILS: Use FILS auth alg when connecting using PMKSA caching 70b80c31f nl80211: Do not send FILS ERP sequence number without rRK 52a325762 6 GHz: Change 6 GHz channels per IEEE P802.11ax/D6.1 5908fedc1 dpp-nfc: Support channel list negotiation eddf22e1f dpp-nfc: Update debug print for tag-read-only operation b62e46f69 DPP2: Fix DPP_CA_SET processing with authentication not having peer BI 4f4a52c3c DPP: Clear bootstrap entries only after clearing authentication state 67efd19e0 nl80211: Use control port TX (status) in AP mode if possible 569497bf4 nl80211: Work around misdelivered control port TX status 87065881b nl80211: Use ext ack handler for TX control port 6f19cc4d7 nl80211: Handle control port TX status events over nl80211 f7c657b79 nl80211: Add custom ack handler arguments to send_and_recv() 73ea1ad7f nl80211: Clean up SO_WIFI_STATUS error reporting cd99a8c43 EAP-TEAP (server): Allow Phase 2 skip based on client certificate 519629392 EAP-TEAP (client): Allow Phase 2 to be skipped if certificate is used 9593ce658 OpenSSL: Provide access to peer subject and own certificate use b5dab03a1 Convert int to bool for throughput estimate tables b97aa038b Add WPA_EVENT_{DO,SKIP}_ROAM events d6b450e89 Refactor wpa_supplicant_need_to_roam() 2ff5a1fdb Use lookup-table instead of macro for TX rate estimates fa09b85c4 DPP2: Remove forgetten development time debug prints 0bbab6465 DPP2: Fix dot1x config object parsing without trustedEapServerName 8f88dcf05 DPP2: Add an automatic peer_bi entry for CSR matching if needed b25ddfe9d DPP2: Add Enrollee name into CSR as the commonName 11aa77e00 DPP2: GAS comeback response processing for Enrollee over TCP 18e013a93 DPP2: GAS comeback request processing for Configurator over TCP 68d9586a4 DPP2: GAS Comeback Request for the TCP case a352c7230 DPP2: Comeback delay response for certificate in over TCP case 0f9463d6e DPP2: CSR wait in Configurator when using TCP 1f86b2c24 DPP2: CSR generation in TCP Client/Enrollee 697fa0c4b DPP2: Do not try to proceed with GAS client if CSR building fails ffc8ae507 Define a new QCA vendor attribute for Optimized Power Management 3a3eded0d DPP2: Allow CSR processing by CA/RA to reject configuration 3b60f1174 DPP2: Validate CSR on Configurator before forwarding to CA/RA c98db9f1f DPP2: Add challengePassword into CSR dbbb0d5b8 OpenSSL: Use EVP-based interface for ECDSA sign/verify ace3723d9 DPP2: Enterprise provisioning (Enrollee) 6568e5d20 DPP2: Enterprise provisioning (Configurator) 4643b2fee DPP2: Enterprise provisioning definitions for dot1x AKM 812d52ae2 OpenSSL: Support EC key from private_key blob 4b834df5e OpenSSL: Support PEM encoded chain from client_cert blob 68ac45d53 GAS server: Support comeback delay from the request handler 608adae5b JSON: Add base64 helper functions c7e6dbdad base64: Add no-LF variant for encoding 6dc2c0118 Update DFS terminology in attribute value documentation 621745917 Allow HE-without-VHT to add the Channel Switch Wrapper element d51b1b7a6 Move hostapd_eid_wb_chsw_wrapper() to non-VHT-specific file 1f72bbbef AP: Reject association request upon invalid HE capabilities 088bef178 AP: Restrict Vendor VHT to 2.4 GHz only 6a34bd300 HE: Use device HE capability instead of HT/VHT for 6 GHz IEs 9272ebae8 nl80211: Fetch HE 6 GHz capability from the driver f25c51a9f Sync with mac80211-next.git include/uapi/linux/nl80211.h 518be614f SAE-PK: Advertise RSNXE capability bit in STA mode a77d6d220 SAE-PK: Update SAE confirm IE design 363dbf1ec SAE-PK: Remove requirement of SAE group matching SAE-PK (K_AP) group 2e80aeae4 WPS UPnP: Support build on OS X f119f8a04 WPS UPnP: Fix FreeBSD build cc2d03601 HS 2.0: Use global pmf=2 for the created network block 790026c3d Allow TX queue parameters to be configured for wpa_supplicant AP/P2P GO c7cb42d53 Remove unused enum values 411e42673 Move local TX queue parameter parser into a common file fcef598ea Do not try to connect with zero-length SSID 85aac526a WPS UPnP: Handle HTTP initiation failures for events more properly f7d268864 WPS UPnP: Fix event message generation using a long URL path 5b78c8f96 WPS UPnP: Do not allow event subscriptions with URLs to other networks e30dcda3b SAE-PK: Fix FILS Public Key element Key Type for ECDSA 4c3fbb234 SAE-PK: Check minimum password length more accurate 43a191b89 tests: Remove too short SAE-PK passwords 4ff0df39e SAE-PK: Testing functionality to allow behavior overrides 0c4ffce46 Allow transition_disable updates during the lifetime of a BSS 5f48d36b4 SAE-PK: Select SAE-PK network over SAE without PK d654ca24d Clean up wpa_scan_res_match() 9ad010c29 SAE-PK: Allow automatic SAE-PK to be disabled 85ca13ebc wpa_cli: Add all_bss command to print all scan results (BSS entries) 215b4d8a7 FT: Do not add PMKID to the driver for FT-EAP if caching is disabled 5cf91afee QCA vendor attribute for dynamic bandwidth adjustment 1a28589b2 QCA vendor attributes for setting channel width 63653307d Add support for indicating missing driver AKM capability flags 18f3f99ac Add vendor attributes to configure testing functionality for FT/OCV/SAE e53756a64 Fix a typo vendor attribute documentation 960e8e533 QCA vendor attribute to configure NSS 8d1cbaaff SAE-PK: Transition mode disabled indication processing a75269529 SAE: Add sae_h2e and sae_pk to wpa_supplicant STATUS command cc22fb1b8 SAE: Move H2E and PK flags to main sae_data bc908daac Document more network profile parameters 1c846d647 SAE-PK: Allow SAE authentication without PK to be disabled 40240735b WPS UPnP: Do not update Beacon frames unnecessarily on subscription removal c85b39ec5 SAE-PK: Increment the minimum password length to 9 2c7b5a2c5 tests: Skip too short SAE-PK passwords in positive testing d777156e1 SAE-PK: Determine hash algorithm from K_AP group instead of SAE group fb09ec87f SAE-PK: A tool for generating SAE-PK Modifier and password b6bcd74e5 Show SAE capabilities in control interface 9bf576870 Show SAE flags in scan results e7aeb6d8a SAE-PK: STA functionality 20ccf97b3 SAE-PK: AP functionality 00e4fbdcc tests: Module test for SAE-PK 6b9e99e57 SAE-PK: Extend SAE functionality for AP validation b6dcbd01a SAE-PK: Identifier definitions aed01b82d OpenSSL: Additional EC functionality for SAE-PK 8c1f61e82 OCV: Report OCI validation failures with OCV-FAILURE messages (STA) 661e66118 OCV: Allow OCI channel to be overridden for testing (AP) d10a57f6e DPP2: Derive a separate key for enveloped data 32d3360f3 DPP: Fix a typo in a comment 5a7bcb772 OSEN: Do not send the actual BIGTK to OSEN STAs 2d6cc0e67 FT: Do not expose GTK/IGTK in FT Reassociation Response frame in OSEN a99833789 WNM: Do not expose GTK/IGTK in WNM Sleep Mode Response frame in OSEN d578e890e OWE: Skip beacon update of transition BSS if it is not yet enabled 88436baaa Add a vendor attribute to get OEM data 3f9a89ca1 Vendor attributes for configuring LDPC, TX STBC, RX STBC 8ee0bc622 OCV: Disconnect STAs that do not use SA Query after CSA 01ceb88c7 OCV: Report validation errors for (Re)Association Request frames a3556d581 OCV: Report validation errors for EAPOL-Key messages in AP mode d52067a5b OCV: Report validation errors for SA Query Request/Response in AP mode 52579be86 OCV: Move "OCV failed" prefix to callers 2d118f557 OCV: Add support to override channel info OCI element (STA) c2080e865 Clear current PMKSA cache selection on association/roam d9532eb70 Debug print PMK-R0/R1 and PMKR0/R1Name in the helper functions 5ab8ad4cf Vendor attributes for ssetting TX A-MSDU and RX A-MSDU parameters f7a904a28 QCA vendor command for adding and deleting TSPEC 82867456e Vendor attributes to configure PMF protection and disassoc Tx for testing e5e275745 Add QCA vendor interface support to configure PHY modes db0d0b84a nl80211: Control the registration for RRM frame with driver_param Change-Id: I07d9feb8f019a22917ffc0088126c04b7d80115a	2020-10-21 21:53:50 +00:00
Hai Shalom	fdcde76682	[wpa_supplicant] Cumulative patch from commit e4eb009d9 ... Bug: 153102274 Test: Device boots up and connects to wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Regression test passed (Bug: 153163800) e4eb009d9 DPP2: Add Connector and C-sign-key in psk/sae credentials for reconfig 1dcfbab25 DPP2: Clear requirement for QR Code mutual authentication for chirping a371164f8 Process received WNM Notification Request for beacon protection failures 0e794989e Beacon frame protection event for incorrect protection 7c8f540ee wpa_supplicant: Add HE override support e149051ce hostapd: Validate the country_code parameter value d4f5d1f0c DPP: Add some more details on how to use DPP 66e20bb1a Fix the dpp_configurator_sign example command 91498a122 hostapd: DFS for channel switch in repeater mode c60717f83 hostapd: Add support for DFS channels in CHAN_SWITCH 683e7c755 DFS: Add new hostapd_is_dfs_overlap() helper 798876739 DFS: Rename and export hostapd_config_dfs_chan_available helper 30b6d4bb7 hostapd: Basic channel check for CHAN_SWITCH parameters 3f88d2ba0 AP: Drop not needed condition to delete PTK ID 1 80914e9eb DPP2: Fix build with OpenSSL 1.0.2 (EVP_PKEY_get0_EC_KEY() wrapper) 54e2961f8 Add a hostapd testing option for skipping association pruning 1a18f8df6 nl80211: Allow full AP client state capability to be disabled 7b156a3c5 wpa_auth: Use printf format %zu instead of type casts f83d3491b wpa_auth: Do not split strings into multiple lines 9385f03fe wpa_auth: Coding style cleanup for pointer is NULL comparisons 62e12afcf wpa_auth: Clean up pointer dereferences bbf94a095 nl80211: Configure PMKSA lifetime and reauth threshold timer to driver 1f4e9946b Sync with mac80211-next.git include/uapi/linux/nl80211.h 5058f771d DPP2: Allow station to require or not allow PFS 7c021dec3 DPP2: Allow AP to require or reject PFS ca57d5f55 Return an enum from wpa_validate_wpa_ie() 2b4f9ce28 hostapd: Add HE bit in BSSID Information field of own Neighbor Report 80d0e50dc DPP2: Use a helper function for encapsulating TCP message fa5143feb DPP2: Presence Announcement processing in Controller db1ef8253 DPP2: Presence Announcement processing in AP/Relay 06dd32903 DPP2: Presence Announcement processing at Configurator 6f5bc15be DPP2: Configurator Connectivity indication 562f77144 DPP2: Chirping in wpa_supplicant Enrollee 1f0226770 DPP2: Add a helper function for building Presence Announcement frame 7cba35b0e DPP2: New identifier definitions 547dc7eaa DPP: Add DPP_BOOTSTRAP_SET command 804fc268a DPP: Allow per-peer configurator parameters to be set 514cc49ba DPP: Store global pointers in struct dpp_authentication bc95d5833 Fix a typo in function documentation b7275a814 Update STA flags to the driver immediately on disconnection 8ca6f924d STA: Fix wpa_clear_keys() PTK key deletion logic ff5434090 AP: Fix Extended Key ID parameter check 96686e637 wpa_supplicant AP mode configuration for Transition Disable KDE 9d1857cf3 Process Transition Disable KDE in station mode 82cc0b0cc Allow hostapd AP to advertise Transition Disable KDE 3eb9ddc65 Transition Disable KDE definitions a72ec4c22 Add addition CFR capture type to filter all NDPA NDP frames a163bfe2b Change CFR attributes from required to optional e520de8db Add ACS support for 60 GHz channel bonding 00f6a2762 nl80211: Fix offloaded ACS regression for the 60 GHz band 1e8ea0833 HE: Add HE support to hostapd_set_freq_params() bb08be757 Extend vendor attributes to support enhanced CFR capture 30ac8ddaf Add QCA vendor attributes for ACS over EDMG (IEEE 802.11ay) 41c3f0cd5 Allow last configured Key ID for TK to be fetched from wpa_supplicant 8b63a5816 Use a shared helper function for RSN supplicant capabilities b17b7a8e5 STA: Support Extended Key ID 862aac1fc AP: Support Extended Key ID b967b5e85 Limit scan frequency list to 100 entries 9f9a148af Convert int_array to use size_t instead of int as the length 749add5c6 Limit freq_range_list_parse() result to UINT_MAX entries 2f0600856 loop: Use size_t for eloop.count 7858f493f eloop: Use size_t for socket table->count 3f45b8dae hs20-osu-client: Use size_t for certificate components 913220cbb eloop: Use size_t for signal_count ae7193611 Limit maximum number of pending SA Queries 02b43c557 RADIUS: Use size_t instead of int for message attributes a2c23195a D-Bus: Use size_t for values theoretically larger than 16-bit int d2d16e310 Use size_t instead of int or unsigned int for configuration items 4391ddd63 Use size_t instead of unsigned_int for last_scan_res 22f0318db Interpolate rate calculation functions 3a25897ef Adjust max bitrate SNR floors eb26a6997 Allow SA Query to be disabled for testing purposes 7546c489a nl80211: Fix RTM NEW/DELLINK IFLA_IFNAME copy for maximum ifname length 22547c314 More details to the vendor specific driver internal failure reporting 51e8f5d63 Ignore duplicated SSID element when parsing 5a296129f Set beacon protection config irrespective of macro CONFIG_FILS cc79eb725 Check against integer overflow in int_array functions a55ecfeab Allow RSNXE to be removed from Beacon frames for testing purposes b7366a942 FT: Omit RSNXE from FT protocol Reassociation Response when needed 6140cca81 FT: Omit RSNXE from FT protocol Reassociation Request when needed 35936cd2c FT: Verify that RSNXE is used consistently in Reassociation Response 497ae9f00 FT: Verify that RSNXE is used consistently in Reassociation Request 51d1924bd FT: Set the new RSNXE Used subfield in FT reassociation 796253a65 nl80211: Debug print set_key() command names ac2224153 nl80211: Extended Key ID support a1afa2df8 Remove unnecessary and confusing length check from the PMKID KDE case 094c9cdc7 Add parsing of Key ID KDE for Extended Key ID f5c0104f3 Add KEY_FLAG_MODIFY for Extended Key ID support 9e30180a3 nl80211: Allow scanning in wpa_supplicant AP mode fab94f16e Indicate scan completion in active AP mode even when ignoring results 037e004c1 nl80211: Remove extraneous space from send_mlme debug print 81fa7730d nl80211: Add more TX status details in debug log in AP mode f21fbfb97 Allow RSNE in EAPOL-Key msg 2/4 to be overridden for testing purposes 46e147fcd Allow RSNE/RSNXE to be replaced in FT protocol Reassocation Response frame 1a8e9334c FT: Check RSNE/RSNXE match in FT protocol Reassociation Response frame 839bab785 nl80211: Debug print driver capabilities e861fa1f6 Move the "WPA: AP key_mgmt" debug print to be after final changes 1d9cff86b Multi-AP: Set 4-address mode after network selection e0fb468a7 HS 2.0 server: Add a note on OCSP server hostname 440dac755 hs20-osu-client: Use more specific debug message on OSU connection 2b9713d61 Fill the current opclass in (Re)AssocRequest depending on HT/VHT IEs d9a7b71a7 AP: Fix regression in frequency check for a usable EDMG channel 1f13c1393 mesh: Fix CONFIG_HT_OVERRIDES build without CONFIG_VHT_OVERRIDES 52efde2aa WPS: Do not set auth_alg=OPEN for PSK+SAE case 10223b501 SAE: Expose sae_write_commit() error cases to callers 7f1f69e89 SAE: Check hmac_sha256() result in sae_token_hash() b0927e5d0 nl80211: Fix error print for hapd_send_eapol() a17cbcd69 os_unix: Call srandom() only if os_get_random() succeeds 17ba51b14 nl80211: Fix tx_control_port error print bb2ea8e5e DPP: Remove unreachable return statement 7dcc5f7fe SAE: Check sta pointer more consistently in testing code 15d63c604 Clean up hostapd_get_he_twt_responder() processing 7aa47fe5f DPP: Fix connectorTemplate addition fe0429a58 Replace systemd install Alias with WantedBy c7d293024 RSN: Stop 4-way handshake if scan results are not available f4bf6a5d4 OWE: Allow BSS entry with different SSID to be used in transition mode 3c7381150 OWE: Mark BSS for transition mode based on active OWE network profiles ecb5219d8 OWE: Avoid incorrect profile update in transition mode 785f99b68 FT: Silence debug prints when FT is not actually used 33a28170a Recognize OWE Transition Mode element in IE parser fad044943 Report RSNXE mismatch in EAPOL-Key msg 3/4 more consistently with RSNE 4d64fd37b Allow RSNE in EAPOL-Key msg 3/4 to be replaced for testing purposes 9128b6726 Extend hostapd rsnxe_override_eapol to allow IE removal 43ededa9c Do not override WDS VLAN assignment for STA 87998f80e HS 2.0 server: Allow OCSP responder to continue running after errors ca8a51c4b webkit2: Fix http://localhost:12345/ redirect handling be15f33d0 Replace WPA_ALG_PMK with KEY_FLAG_PMK 11b1fcd6c nl80211: Drop outdated TDLS set_key() hack 2dd72315d wpa_cli: Add missing quote around interface name f64b601c4 DFS: Add support for 80+80 MHz when going through channel switch 0a76a0b96 OWE: Fix PTK derivation workaround for interoperability 87775e32f Fix segmentation fault for NULL confname in SAVE_CONFIG 81621eab7 nl80211: Migrate from set_tx to key_flag API 9757f18db nl80211: Don't ignore when SET_KEY returns ENOENT 98b8275d9 nl80211: Remove not needed netlink key attribute 8563f6f56 nl80211: Fix wrong return code in set_key error path adf550ee4 nl80211: Ignore seq number for key deletion e9e69221c Validity checking function for key_flag API 5eb163256 nl80211: Add a missing key_flag for WEP shared key authentication 82eaa3e68 Remove the not yet needed KEY_FLAG_MODIFY 982b9cf02 Fix a wrong key_flag when deleting 802.1X WEP keys d37c05e5b AP: Don't try to set NULL WEP default key fa1a6aff2 Fix unicast argument for set_wep_key() from EAPOL supplicant 11dab0f37 WPS: Remove expired PINs on Selected Registrar timeout 8f89e57ab DFS: More debug prints on channel selection after radar detection 4b37d2428 hostapd: Fix to downgrade bandwidth in radar detection 7242087d1 DFS: Do not process radar event while disabling an interface 5fdacce46 Allow wildcard SSID to be enforced for a specific BSSID scan 43282f732 mesh: Fix HE enablement on 5 GHz with VHT 21f835e64 SAE: Allow SAE-only network profile with sae_password to be written 5bad30056 privsep: Mask out control port capability flag c1a6b1e47 privsep: Add key_flag to set_key() 852d370f6 Silence a compiler warning in no-WEP and no-EAP builds 101da59aa common: Add support for element defragmentation e636bc855 WPA: Rename FILS wrapped data 94773d40f crypto: Add a function to get the ECDH prime length e8ae97aeb nl80211: Allow TX status for Authentication frames c4988e73c driver: Extend send_mlme() with wait option d046f2a9f nl80211: Register for SAE Authentication frames more strictly 7a9c36722 DBus: Add "sae" to interface key_mgmt capabilities 200c7693c Make WEP functionality an optional build parameter bca44f4e4 WPS: Remove static-WEP-only workaround b7f1d4f4d ACS: Allow hw_mode=any to be used with internal ACS algorithm d07f1ade9 ACS: Determine mode when using hw_mode=any c60362e6e ACS: Extend acs_find_ideal_chan() to support multiple modes 141a8815e ACS: Extend acs_request_scan() to support multiple modes f3c44a196 ACS: Extend interference factor calculation for all modes 070522e5b ACS: Extend acs_find_chan() for all modes 4c1ffb45e ACS: Extend acs_surveys_are_sufficient() for all modes 3d09be41a ACS: Clear all modes in acs_cleanup() 499c37b72 ACS: Extend hostapd_get_mode_channel() to find from any mode a62d76185 ACS: Fix spelling of "interference" 167205d45 os_unix: Seed random() for os_random() 74db49d74 SAE: Do not use PMKSA entry after its reauth threshold bb93ea234 SAE: Do not clone PMKSA entry for OKC after its reauth threshold 114d12418 SAE: Fix PMKID derivation for OKC 3f10f716a common: Provide the BIT() macro locally b8f6b0713 Add attribute for dwell time in QCA vendor scan ec303e2cb Introduce QCA_WLAN_VENDOR_ATTR_CONFIG_ROAM_REASON 34640a88d Fix enum qca_wlan_vendor_attr_config value prefix 3fadb1dcc WPS: Ignore other APs if PBC is used with a specific BSSID f1d385609 nl80211: Beacon protection capability flag and default key type 2e34f6a53 Sync with mac80211-next.git include/uapi/linux/nl80211.h 0f84a93f6 Fix a type in wpa_supplicant defconfig 0e05e8781 Simplify wpa_deny_ptk0_rekey documentation a5944db04 Add wpa_deny_ptk0_rekey to AP get_config() output 8a1660b60 common: Add missing driver flag strings 4b04223f2 hostapd: Replace UDP ctrl_iface global cookies with per-instance ones 12fb9698a Use IFNAME= prefix for global UDP control interface events 293631f17 IBSS RSN: Coding style cleanup 1f90a49d0 STA: Allow PTK rekeying without Ext KeyID to be disabled as a workaround 1a7963e36 AP: Allow PTK rekeying without Ext KeyID to be disabled as a workaround 35da7c20a nl80211: Add driver capability flag for CAN_REPLACE_PTK0 7b26238d4 Do not skip MBO PMF check with the WPS special case WPA check exception fae7e64aa Save RM enabled capability of station with AP SME e9ac44fcb Make INTERWORKING_CONNECT more reliable in testing environment 1074d4241 Fix a typo in a comment 8fe7ec664 Remove Secondary Channel Offset element from Beacon/Probe Response frames 7f1529d2a Fix HE element order in Beacon and Probe Response frames f3bcd6960 Remove CONFIG_IEEE80211N build option 640d59942 Fix location of MDE and RSNXE in Beacon and Probe Response frames 2d4c78aef Configure received BIGTK on station/supplicant side ecbf59e69 wpa_supplicant configuration for Beacon protection 16889aff4 Add BIGTK KDE and subelement similarly to IGTK 555dcd75c Generate BIGTK and rekey it with IGTK 323d06187 Parsing of BIGTK KDE in EAPOL-Key frames 3937378ab Parsing of BIGTK subelement in FTE d2e77310d driver: Document use of set_key() for BIGTK c1df321b6 AP mode indication of Beacon protection being enabled 92d407dbd hostapd configuration for Beacon protection cb86e8bac nl80211: Remove an extra closing parenthesis from a debug message 46cb04650 nl80211: Check nla_nest_start() result for NL80211_ATTR_HE_OBSS_PD 0b0ee0f15 HE: Propagate BSS color settings to nl80211 8155b36fa Fix VERSION_STR printf() calls in case the postfix strings include % dd74ddd0d nl80211: Handle AKM suite selectors for AP configuration 139f6deaf Remove duplicated wpa_akm_to_suite() entry 10655d1bc nl80211: Add NLA_F_NESTED to nla_nest_start() with older libnl versions 5db5290ab webkit: Clean up USE_WEBKIT2 blocks 26ad26c8c webkit2: Split decide-policy into a separate function 02ed737ee webkit2: Split resource-load-started handler into a separate function 7de8bd508 webkit: Track gtk_main()/gtk_main_quit() calls de0a8906f webkit2: Remove TODO not for download-started ae07bc46c webkit2: Do not register notify::load-status handler 9ea9d18de webkit2: Replace notfy::progress with notify::estimated-load-progress c0c4685d5 webkit2: Implement notify::title handler ffeafc087 webkit2: Use mouse-target-changed to replace hovering-over-link e33a0eece hs20-osu-client: Validate HTTPS server certificate by default (browser) 61bf9819c hs20_web_browser() to allow TLS server validation to be enabled 921ea4962 hs20-osu-client: Ignore TLS errors with webkit2 b4b1b122e hs20-osu-client: Enable webkit2 support 466e48dcd HT: Remove SMPS in AP mode 8de0ff0fa HE: Add TWT responder extended capabilities field ab8c55358 HE: Dynamically turn on TWT responder support 0cb39f4fd HE: Extend BSS color support 458162a27 Sync with mac80211-next.git include/uapi/linux/nl80211.h 981b96caa WPS: Mark added PSK entry with wps=1 tag for per-Enrollee PSK case b05627511 Fix exception checking in a wpa_supplicant P2P example script 2bab073df WPS: Add new PSK entries with wps=1 tag fde8e7946 WPS: Make it possible to use PSKs loaded from the PSK file b1977a652 WPS: Use PMK_LEN instead of hardcoded 32 b27ed050d Do not split strings into multiple lines 838180877 Use PMK_LEN macro instead of hardcoded value 64 (= 2 * 32) f5da5810c Check pbkdf2_sha1() result when generating PSK from PSK file e7d8842e6 OWE: Rename owe_assoc_req_process() parameter reason to status 877d9a02b Additional get_sta_info attrs for Beacon/Probe Response/disconnect reasons 8162d98f2 Introduce QCA_NL80211_VENDOR_SUBCMD_DRIVER_DISCONNECT_REASON 32551066b Introduce QCA_NL80211_VENDOR_SUBCMD_UPDATE_STA_INFO dae85e655 P2P: Increase number of channels per operating class 75d0ec470 P2P: Fix a possible buffer overflow in struct p2p_reg_class 555131783 Introduce QCA_WLAN_VENDOR_ATTR_BEACON_REPORT_FAIL c304bddcf DPP: Stop Action frame sequence on DPP_STOP_LISTEN and PKEX failure de08fae66 DPP: Do not require dpp_configurator_params to start with a space c7cc80fbc DPP: Reset DPP_AUTH_INIT netrole back to STA by default adf3de44c Add check to consider band in enabling connection_vht flag 490d90db4 Define macro BIT() in qca_vendor.h 9a0edf170 wlantest: Add PTK derivation support with SAE, OWE, DPP 96a2a9a88 Send RM Enabled Capabilities element in (Re)Association Response frame 23dc196fd Check for FT support when selecting FT suites 85f3ab758 Replace deprecated readdir_r() with readdir() 641d79f16 SAE: Special test mode sae_pwe=3 for looping with password identifier 31d7fe917 Add GET_PMK for fetching the current PMK for a STA from hostapd ca1cecc54 SAE: Verify that appropriate Status Code is used in SAE commit (SME) c248ebaf4 DPP: Fix encryptedContent DER encoding 4dc3b70de DPP: Try to negotiate different parameters if NFC handover fails 61c049da3 DPP: Allow local channel list to be set e2b1e7dce DPP: Require conf=configurator to allow Configurator provisioning 1ba4a10a0 DPP: Initialize conf_resp_status to non-OK 18714af2d DPP: Ignore unexpected duplicated Authentication Confirm 8f8473ceb SAE: Fix peer-commit-scalar reuse check c4bab72d9 Use secondary channel provided by ACS for HT40 if valid 16b789eef Fix wmm compile on fedora-17 (gcc 4.7.2) d240c74b6 nl80211: Fix regulatory limits for WMM cwmin/cwmax values bc1289b07 nl80211: Fix WMM queue mapping for regulatory limit fee28410d scan_est_throughput: Use ie_len instead of res->ie_len b2b7f8dcf BSD: Fix the maximum size of a route(4) msg to 2048 25c247684 BSD: Remove an outdated comment d807e289d BSD: Don't set or remove IFF_UP 4692e87b2 BSD: Share route(4) processing with hostapd and wpa_supplicant. d20b34b43 BSD: Driver does not need to know about both wpa and hostap contexts aad414e95 nl80211: Fix send_mlme for SAE external auth 1a9d270d4 Additional stats through QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO c025c2eb5 DPP: DPPEnvelopedData generation for Configurator backup 7d9e32005 DPP: Received Configurator backup processing ea91ddb08 DPP: DPPEnvelopedData parsing for Configurator backup/restore 312eac1d1 DPP: Add ASN.1 support into build 31b5950d0 ASN.1: Helper functions for building DER encoded data ce1f47739 ASN.1: More OID definitions 8006742fa ASN.1: Add a helper for parsing AlgorithmIdentifier f7f2843c4 ASN.1: Add a helper for parsing SEQUENCE 3393d94d0 ASN.1: Add a helper for parsing INTEGER 5e98998ec DPP2: Add Protocol Version attr to Auth Resp only if peer is R2 or newer 505797b45 Add a vendor attribute for RTPL instance primary frequency 76162b182 TLS: Fix bounds checking in certificate policy parser 703c2b645 DPP: Example script for NFC bootstrapping method 566972fd6 DPP: Show selected negotiation channel in DPP_BOOTSTRAP_INFO 5e287724e DPP: NFC negotiated connection handover 2bbe6ad3a DPP: Helper function for bootstrapping URI generation 12da39b38 crypto: Allow up to 10 fragments for hmac_sha*_vector() d165b32f3 TLS: TOD-STRICT and TOD-TOFU certificate policies cd66b8295 TLS: Fix a typo in a debug message a62940904 Add vendor interface QCA_NL80211_VENDOR_SUBCMD_REQUEST_SAR_LIMITS_EVENT 0ecf73563 Add new QCA vendor attribute to set thermal level 8b138d282 OWE: PTK derivation workaround in STA mode 65a44e849 OWE: PTK derivation workaround in AP mode bd50805e4 OWE: Select KDF hash algorithm based on the length of the prime 10bdce692 Fix a typo in an example configuration file comment 0d445cd39 Fix a typo in a comment ce26f0086 Fix coloc_intf_reporting config param in hostapd in non-OWE builds 1011c7990 Do not enable HT/VHT for 6 GHz band 20 MHz width channels also d0e116f61 Enhance get_mode() to return correct hw_mode with 6 GHz support 4658eb77d Remove deprecated text for ap_scan=0 5e32fb017 SAE: Use Anti-Clogging Token Container element with H2E e36a5894d SAE: Use H2E whenever Password Identifier is used c56b7a2fd SAE: Mark sae_derive_pt_ecc() static 29dd0b316 SAE H2E: Check H2E-only BSS membership selector only if SAE is enabled 4ee5a5035 trace: Handle binutils bfd.h breakage fa308a649 hostapd: Fix a typo in sample configuration d20365db1 EAP-SIM/AKA peer: Add support for EAP Method prefix 4bf78a79d ACS: Populate channel config from external ACS per documented behavior fe1552d93 ACS: Update documentation of external ACS results event parameters 881177201 6 GHz: Fix Channel Width value for 80+80 in 6 GHZ Operation Info field b4fe37c4f Silence compiler warning in no-NEED_AP_MLME builds dd530b873 Silence compiler warning with CONFIG_NO_ROAMING=y e1650a7b0 tests: Set key_flag when using SET_KEY a919a2603 Introduce and add key_flag 3df4c05ae nl80211: Pass set_key() parameter struct to wpa_driver_nl80211_set_key() 99d8c4dca hostapd: Support VLAN offload to the driver 0f903f37d nl80211: VLAN offload support 4d3ae54fb Add vlan_id to driver set_key() operation f82254645 driver: Move set_key() parameters into a struct 3912cbd88 SAE: A bit optimized sae_confirm_immediate=2 for testing purposes 33c8a1049 Do not select APs found on disabled channels for connection aa663baf4 Fix QCA_WLAN_VENDOR_ATTR_ACS_VHT_SEG1_CENTER_CHANNEL NULL check f7b2fe99e tests: Fix undefined behavior in module tests 297d69161 OpenSSL: Fix memory leak in TOD policy validation 8296ee180 RSN IBSS: Fix EAPOL TX using control port c52129bed nl80211: Allow control port to be disabled with a driver param 781c5a062 nl80211: Use control port TX for AP mode d8252a981 nl80211: Report control port RX events a79ed0687 Add no_encrypt flag for control port TX 144314eaa wpa_supplicant: Send EAPOL frames over nl80211 where available 8759e9116 nl80211: Control port over nl80211 helpers ccaabeaa0 driver: Remove unused send_ether() driver op 3d41dd7c5 WPS: Add application extension data to WPS IE b7bb2c020 P2P: Move p2p_long_listen into struct wpa_global 9ad3c12dd P2P: Always use global p2p_long_listen 9bedf9004 nl80211: Use monitor interface for sending no-encrypt test frames 8d84c75f7 Allow testing override for GTK/IGTK RSC from AP to STA af670cb41 SME: Postpone current BSSID clearing until IEs are prepared ff7743118 nl80211: Don't set offchan-OK flag if doing on-channel frame in AP mode d5798e43f nl80211: Use current command for NL80211_CMD_REGISTER_ACTION 81ae8820a nl80211: Rename send_action_cookie to send_frame_cookie 5ad372cc3 nl80211: Clean up nl80211_send_frame_cmd() callers 0dae4354f nl80211: Get rid of separate wpa_driver_nl80211_send_frame() e69592786 driver: Remove unused send_frame() driver op ce0180487 Convert the only remaining send_frame() users to send_mlme() 27cc06d07 nl80211: Support no_encrypt=1 with send_mlme() 665a3007f driver: Add no_encrypt argument to send_mlme() 371002746 Make hostapd_drv_send_mlme() more generic b3525dc17 P2P Manager: Use send_mlme() instead of send_frame() for Deauthentication 947465475 IBSS RSN: Use send_mlme() instead of send_frame() for Authentication frames 14cc3d10c nl80211: Simplify hapd_send_eapol() with monitor interface 16a266720 nl80211: Don't accept interrupted dump responses 6c5701937 Test functionality to override driver reported signal levels c8eb7fe66 Fix signal_poll based roaming skip a8b00423e BSD: Use struct ip rather than struct iphdr 3ea58a054 nl80211: Fix libnl error string fetching 139f7ab31 mac80211_linux: Fix libnl error string fetching 25ebd538a Drop support for libnl 1.1 1ace2f7c0 Drop debug print level for informative debug messages ad2f09660 Maintain BSS entries for 5 seconds after interface is disabled 988f14448 Indicated if the selected BSS is the current BSS a8ad9c31d Make min_diff determination from cur_level more readable 41f72d735 Use sel_est consistently with cur_sel in wpa_supplicant_need_to_roam() a2c1bebd4 Improve roaming logic 9c8d550b7 Allow roam to lower signal level if throughput benefit is significant 9fafefb9e Skip roaming based on signal level difference if current SNR is good f4f7600ad Use signal_poll noise information for roaming, if available f97baef25 Clear SME auth_alg on FLUSH 568950c6e RSN: Do not add PMKSA candidates unnecessarily 0d1d1f0d2 Clear last Michael MIC error timer on FLUSH 69ccc557d wpa_supplicant: Fall back to avg_signal in roaming decision 7e7b23e22 Update throughput estimate for the current BSS based on signal poll ad06ac0b0 Move throughput estimation into a helper function ef1a45f28 Move scan/roaming related defines to a header file 98ea9d5d5 Use local variables for current BSS signal strength in roaming 22319c7fe RADIUS client: fix extra retry before failover 02c21c02d wpa_supplicant: Do not disconnect on deinit if WoWLAN is enabled 82ba4f2d1 nl80211: Add a driver ops function to check WoWLAN status 59536a33d wpa_cli: WPS-PIN-ACTIVE and WPS-CANCEL events for action scripts b0621b083 Call hostapd_allowed_address() directly from handle_probe_req() 963681723 Fix possible memory leak of RADIUS data in handle_auth() d4ceaafc2 Make hostapd_copy_psk_list() non-static 29024efd1 Move the RADIUS cached attributes into a struct 3cd4db231 FT: Do not deliver RRB messages locally without matching FT/SSID c133c785d FT: Check mobility domain when sending RRB message to local managed BSS a422d9b4c RRB: More debug prints for local delivery 7b1105afe RRB: Do not reorder locally delivered messages 4834c6869 FT: Fix hostapd_wpa_auth_oui_iter() iteration for multicast packets 18780c6d6 OpenSSL: Add support for TPM2-wrapped keys 974f84bb7 Fix ignore_broadcast_ssid behavior with SSID List and Short SSID List 1c7f652f9 AP: Support Short SSID List element in Probe Request frames 522450b7b AP: Determine Short SSID value for the BSS 41b06b065 mesh: Fix race condition in mesh mpm new peer handling ef48f1bfb Ensure authenticator session timer is applied with wired driver a383db064 defconfig: Enable MACsec 53661e3a9 Allow debug log to be written to both syslog and file 68f9f480e wpa_gui: Silence a compiler warning eadfeb0e9 wpa_gui: Show entire list of networks a3b59fa11 wpa_cli: Let LAST_ID argument to be used for LIST_NETWORKS 078217a2d STA OBSS: Update secondary channel info after CSA Change-Id: I194039d27c1467a20aa4a28c0612ff9ba52ac7f9	2020-04-06 16:34:24 +00:00
Hai Shalom	81f62d8b15	[wpa_supplicant] Cumulative patch from b8491ae5a ... Also revert local solution for encrypted IMSI and use the upstream version. Bug: 134177972 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Regression test passed (Bug: 137653009) Change-Id: Ie34a0138a3a2039b03101c788b43acbb33f8332a	2019-07-23 08:38:09 -07:00
Hai Shalom	f1c9764c0e	Revert "[wpa_supplicant] Cumulative patch from b8491ae5a" ... This reverts commit 878cf7bcbf. Reason for revert: git_master/sdk_phone_armv7-sdk Change-Id: I6070fc5c1f9c20867f6dfce90e529e35578d572e	2019-07-19 23:44:14 +00:00
Hai Shalom	878cf7bcbf	[wpa_supplicant] Cumulative patch from b8491ae5a ... Also revert local solution for encrypted IMSI and use the upstream version. Bug: 134177972 Test: Device boots up and connects to WPA3/OWE wifi networks, run traffic. Test: Able to turn on/off softap, associate wifi STA, run traffic. Test: Regression test passed (Bug: 137653009) Change-Id: Ibf6b6ef3495287156c397daa89d02923f981889b	2019-07-19 20:14:50 +00:00
Roshan Pius	3a1667e255	Cumulative patch from commit 7bf86e44161fe1bcadaf4ca2cc3b6358fb7f3bf9 ... 7bf86e441 Define test config QCA vendor attribute for HE MU EDCA params 6cc77193c Define test config QCA vendor attribute for Tx beamformee NSTS 73d3f8841 HS 2.0: CoA-Request from Terms and Conditions server abed6136a RADIUS: Add DAC implementation in hostapd(AS) 72aad113c RADIUS: Allow 0.0.0.0 to be used as wildard radius_das_client 2122fc83a RADIUS server: Add current_sessions SQLite table d4e39c51f HS 2.0: Move Terms and Conditions Server URL generation from AP to AS de3885fcc HS 2.0: Process Credential/UsernamePassword/EAPMethod nodes in PPS MO 3a8dd390c SAE: Allow authentication restart on AP a10f5714c HS 2.0: Allow Hotspot 2.0 version number to be overridden for build e8cf9fc33 P2P: Use more compact debug print of common group frequencies 26eac0a99 P2P: Improve common group channel selection if GO needs to be moved 616178a2a P2P/AP: More detailed debug prints on HT/VHT parameter selection c6f01fbf2 nl80211: Add more command/event names to debug prints 4a0e01156 AP: Fix HT 20/40 co-ex transition timer cancellation on iface removal b915f2cdf nl80211: Handle NL80211_CMD_WIPHY_REG_CHANGE event c3e4f40cd FT: Derive PMKR0Name/PMKR1Name using SHA-384 with AKM 00-0F-AC:13 e8d08cf37 SAE: Do not drop STA entry on reauthentication in infrastructure BSS ef13b33af FT: Support BIP-CMAC-256, BIP-GMAC-128, BIP-GMAC-256 in STA case ff168f8c2 FT: Support 256-bit IGTK in AP case 2cf36d608 FT: Handle AssocResp generation failures as fatal errors 657b4c45a FILS: Fix KEK2 use in FT-FILS use cases 88bf44be4 FT: Fix potential NULL pointer dereference in MDE addition 661afb2ed FT: Fix RRB error path handling df3bf6870 FT: Debug print of IE parsing element details d8e8c992c FT: Add key management value FT-EAP-SHA384 for wpa_supplicant c6f2eceb8 FT: Add key management value FT-EAP-SHA384 for hostapd 3d9cd0841 FT: Add support for variable length PMK-R1 receiving in RRB a7968ea56 FT: FTE generation for SHA384-based AKM on AP 06f128660 FT: FTE generation for SHA384-based AKM on STA 9a33737a0 FT: FTE parsing for SHA384-based AKM 8c2715b35 FT: Connection settings for SHA384-based AKM 994eac7e6 FT: PMK-R0 derivation using SHA384-based AKM 1655e81c9 FT: PMKID derivation using SHA384-based AKM 40a2eb116 FT: PTK derivation using SHA384-based AKM 7880a6a2b FT: PMK-R1 derivation using SHA384-based AKM b327026a7 FT: FTE MIC calculation using SHA384-based AKM c49a9d6b9 FT: EAPOL-Key MIC calculation using SHA384-based AKM 9f12271b2 FT: XXKey derivation for SHA384-based AKM a3e18dbb6 FT: Support variable length keys c22bb5bba FT: SHA384-based AKM in RSNE processing 3a11c69e0 EAP-TLS: Derive Session-Id using TLS-Exporter when TLS v1.3 is used 2d26434ac EAP-TLS server: Fix EMSK derivation with TLS v1.3 f8aed720e EAP-TLS: Update key derivation label per draft-ietf-emu-eap-tls13-00 20c2ea412 wpa_supplicant: Fix parsing of max_oper_chwidth 8fd29a043 mesh: Fix crash with CONFIG_TAXONOMY enabled 8518326b2 Add some missing driver flags strings b375b04b6 WNM: Fix time_zone advertisement without time_zone configuration 0928b6294 nl80211: Allow mesh interface to send channel switch request f5a602168 HS 2.0: Allow OSEN connection to be used in an RSN BSS 8d660a4ba HS 2.0: Allow OSEN connection to be enabled in an RSN BSS 0fe3ede0a macsec_qca: Fix byte order of TX SCI port 22ac3dfeb EAP-pwd: Mask timing of PWE derivation b8acd5011 EAP-pwd peer: Add SHA512 hash based salt mechanism fb3675848 EAP-pwd peer: Add SHA256 hash based salt mechanism 7ef8adc7d EAP-pwd peer: Add SHA-1 hash based salt mechanism 7280723fb EAP-pwd peer: Check for unexpected state for ID exchange 44136f6ca EAP-pwd peer: Add support for salted password databases 0744e303c EAP-pwd peer: Move PWE derivation to commit exchange d52ead3db EAP-pwd server: Add support for salted password databases a8712ce5b EAP-pwd: Pre-processing method definitions from RFC 8146 2a5c29188 EAP-pwd: Move EC group initialization to earlier step b829e4b69 Add a QCA vendor command attribute to enable/disable GTX 833bb2ab1 FT: Disable PMKSA caching with FT 91db940ff fst: Fix compile error in fst_ctrl_aux.h with C++ compilers 9be19d0b9 SAE: Add support for using the optional Password Identifier d6a65a83f mesh: Register msg_ctx for hostapd/AP code 4e47eec5a Add QCA NAN vendor attributes to provide IPv6 information 997312964 wolfSSL: Fix crypto_bignum_rshift() wrapper 4b2e03c42 wolfSSL: DH initialization to call TEST_FAIL() for error tests 2b01270c8 wolfSSL: Fix ECDH set peer to use the index when importing point ffff7f709 OWE: Mark connection failed in the unlikely no-bss-entry case 0cc41ee63 Move wpa_supplicant_event() EVENT_ASSOC_REJECT handling into a function bda9c0859 hostapd: Fix CHAN_SWITCH command for VHT20 and VHT40 16d5c9637 OWE: Get the bss from bssid of assoc_reject to try for next group c4dd3afa3 ACS: Avoid invalid interference factor when survey channel time is zero 6965705bf Fix style issues in qca-vendor.h 7d66e7c40 Define new QCA feature flag for self managed regulatory support 38f60142d Define test config vendor attribute for Tx beamformee configuration d109aa6ca SAE: Flush PMKSA if an assoc reject without timeout is received 46053a4c9 wext: Avoid gcc warnings on restricted pointer aliasing ce2a9644b Silence a gcc warning on switch statement fallthrough d267bdf9b Silence new gcc warnings on switch statement fallthroughs 60a5737e8 FT: Clear SME FT data on disassoc 98b806b03 Add QCA vendor attribute for spectral hardware generation d57e06170 wpa_supplicant: Make channel switch event available for non-AP builds d7f038ded wpa_supplicant: Add ieee80211ac information in STATUS ab35793ec wolfSSL: Fix EAP-FAST key derivation 71faf06cb wolfSSL: Do not free cert store after setting it b7f5b0ec6 wolfSSL: Fix OCSP ifdefs ca620a364 wolfSSL: Fix altSubjectName handling 7be462084 wolfSSL: Use defines from wolfssl/options.h 312212174 wolfSSL: Remove aes-omac1.o from hostapd build 385dd7189 wolfSSL: Use wolfSSL memory allocation in dh5_init() 6590d8466 wolfSSL: Load certificates using 'chain' APIs fc5e88e3e wolfSSL: Changes for memory allocation failure testing 06657d316 wolfSSL: Fix crypto_hash_init() memory clearing d39605710 wolfSSL: Fix crypto_ec_point_y_sqr() e3501ac18 wolfSSL: Fix crypto_ec_point_solve_y_coord() 187ad3a30 wolfSSL: Add crypto_ecdh_*() 3d2f638d6 wolfSSL: Use new digest namespace 847665ebe wolfSSL: Fix conditional EAP-FAST compilation issue d501c27cf EAP-TLS server: Disable TLS v1.3 by default e8a7af9a3 EAP-TLS peer: Disable TLS v1.3 by default bbbc7e801 EAP-TLS: Extend TLS version config to allow TLS v1.3 to be disabled 53b34578f OpenSSL: Move server vs. client information into connection data 0de820b33 EAP-TLS peer: MSK/EMSK derivation with TLS v1.3 1854981c7 EAP-TLS peer: Allow NewSessionTicket after Client Finished with TLS v1.3 6dd98483e EAP-TLS peer: Support fragmentation of last message a80423b52 EAP-TLS server: MSK/EMSK derivation with TLS v1.3 bac1bdba3 EAP-TLS peer: Determine whether TLS v1.3 or newer is used fe7b06c5e EAP-TLS server: Determine whether TLS v1.3 or newer is used c26ac1895 Mark eap_server_tls_derive_key() label argument const 34c6949fb EAP-TLS server: Remove trailing whitespace 4a576c473 OpenSSL: Terminate TLS handshake if ClientHello cannot be generated 2439714f9 DPP: Fix testing code for invalid keys with OpenSSL 1.1.1 c456e6e3f HS 2.0: Terms and Conditions server and management 42f416916 HS 2.0: Update server SQL DB initialization to cover new fields 5bd5eb54d HS 2.0: Update server instructions for Ubuntu 16.04 04ee197f8 HS 2.0: Maintain a database of pending T&C acceptance sessions 625a8c86b wpa_cli: Indicate HS20-T-C-ACCEPTANCE to action scripts 6b21df0bb Add QCA vendor command/attr to filter frames from other BSSs 452603809 HS 2.0: Terms and Conditions testing feature in authentication server f456940ef HS 2.0: CoA-Request processing for Terms and Conditions filtering d239ab396 DFS: Mark channels required DFS based on reg-domain info from the driver 7fc6a024f HS 2.0: Process received Terms and Conditions Acceptance notification 8760b9848 HS 2.0: Send Terms and Conditions Acceptance notification 6cb8f4f38 HS 2.0: Terms and Conditions attributes in Access-Request messages 1952b626b hostapd: Add ctrl iface indications for WDS STA interface 2598e6930 FILS: Enable SHA256 KDF even without PMF/SAE in the build 1baa130bd nl80211: Print NL80211_CMD_SET_POWER_SAVE errors in debug log 72b6e5d1e Do not remove CCMP group cipher if any CCMP/GCMP cipher is enabled c4315e662 AP: Handle AP initalization failure in async flow 86c998d37 FT: Add FT auth algorithm to connect params when roaming 3dc3afe29 FT: Add MDE to assoc request IEs in connect params b55c623e4 Make CENTER_FRQ1 available independently in SIGNAL_POLL 4204669c6 HS 2.0: Add Roaming Consortium Selection element into AssocReq 6311547e7 HS 2.0: Add Roaming Consortium Selection network profile parameter 5b7695275 HS 2.0: Use roaming_consortiums list to match OIs for access 2e88032f1 HS 2.0: OSU client to send HomeSP/RoamingConsortiumOI to wpa_supplicant 909a948b0 HS 2.0: Add a new cred block parameter roaming_consortiums 9b6f93e4d HS 2.0: Document credential parameter required_roaming_consortium 67cca3464 HS 2.0: Copy Roaming Consortium OI from (Re)AssocReq to Access-Request 0e450db28 HS 2.0: Allow configuration of operator icons 6a8a04d74 HS 2.0: Add fetching of Operator Icon Metadata ANQP-element 37547ad63 wpa_supplicant: Increase authentication timeout if CAC is started 2dd5fbbff wpa_supplicant: Rename wpas_event_*() to wpas_ap_event_*() f875da044 nl80211: Add MLME auth work-around for -EEXIST errno 4449efeb1 Fix building nt_password_hash with gnutls 5ecdf06c8 DPP: Fix build with LibreSSL v2.5 4b603f01d DPP: Fix X509_ALGOR_get0() use with LibreSSL dee566d98 OpenSSL: Skip SSL_OP_NO_TLSv1_3 if not defined to fix LibreSSL build ba3658cff Fix build with LibreSSL 2.7 a2ab37308 Fix sae_password documentation in wpa_supplicant to refer correct field d5906fbb7 mesh: Properly handle sae_password d6d7debb5 Fix wpa_supplicant build with CONFIG_NO_WPA 852b2f273 SAE: Only allow SAE AKMP for PMKSA caching attempts 06b1a1043 SAE: Fix default PMK configuration for PMKSA caching case 8e402d165 WPA: Fix a typo in a debug message 1bd131105 Clear pmk_len more consistently for extra protection 66dbc8d9c Add more debug prints for wpa_sm_set_pmk() calls 26e0ada47 Define new test config attribute for HE LTF configuration 4d6eb9f2e Fix hostapd wmm_enabled setup on config reload path a6509e850 FT: Add session_timeout to push/resp 3cb286ca4 FT: Add set/get session_timeout callback functions 13f118dc5 Convert STA session_timeout to os_reltime 069b4e304 FT: Include identity and radius_cui in pull/resp frames 9fbe292ff FT: Move wpa_ft_rrb_build_r0() special case to caller 8c345234f FT: Add set/get identity/radius_cui callback functions 17a8a9893 Fix potential memory leak with identity/radius_cui 17010c38d FT: Add IEEE VLAN support (including tagged VLANs) 47a039b01 FT: Add set_vlan()/get_vlan() callback functions 3a3e28320 FT: Add expiration to PMK-R0 and PMK-R1 cache 09211c989 FT: Use dl_list for PMK-R0/R1 cache 89dea17e1 FT: Add helper function for FILS key storing 83fe4bd3b FT: Convert r0_key_lifetime to seconds ee2c6bb5e Remove CONFIG_IEEE80211R_AP=y build option from wpa_supplicant c6b5b9a33 hostapd: Add more authentication error case debugging e2fc13d0a hostapd: Add logging around Michael MIC related failures e7525a295 hostapd: Add send_auth_reply() caller info in debug logging d89edb611 wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST 8fb2b3573 Clean up setting of iface->p2p_mgmt flag d53401c54 dbus: Redirect signal processing to the management device if present e48021276 dbus: Add FILS to global capabilities 208263c01 Add config information related to MACsec e360010c3 dbus: Add mesh to global capabilities 9f917339c tests: Fix clearing of IGTK PN in handshake retransmit test functions 45f7574d3 Propagate the EAP method error code 77a020a11 wpa_supplicant: Fix auth failure when the MAC is updated externally 2ff9696d3 Add definitions for RADIUS attributes standardised in RFC 7055 c17915462 nl80211: Add DFS offload support using upstream nl80211 definitions 1841086ad Sync with mac80211-next.git include/uapi/linux/nl80211.h 7cfe2f001 Add SAR V2 power selection capability (QCA vendor attributes) 7e1d3ee96 Add hostapd.conf venue_url to set Venue URL ANQP-element 64624f31c OWE: Fix CONFIG_OWE=y build without CONFIG_IEEE80211R=y d555c39c4 FILS: Fix CONFIG_FILS=y build without CONFIG_IEEE80211R=y f6de72534 Add NOTE control interface command for hostapd 2f3738781 FILS: Add more complete support for FT-FILS use cases 4ddca8142 FT: Derive PMK-R1 locally if requested PMKR0Name is found 1dc0945cc FT: Do not send PMK-R1 pull request to own R0KH address 1778f1e9a SAE: Fix PTK derivation to use KDF-SHA256 9d94e4bb6 SAE: Fix PMKID in EAPOL-Key msg 1/4 a03f9d17e SAE: Fix FT-SAE key derivation for a case where PMKID in msg 1/4 matches 0fa669bca Fix a resource leak on hostapd maclist parsing error path 10949e248 Do not disable 40 MHz based on co-ex report with matching primary channel 8cbd9c3ed Support multiple 20/40 BSS Intolerant Channel Report elements 8127a0ac0 Ignore intra-BSS 20/40 BSS Coexistence Management from not-associated STA 8aa599d45 Add more debug prints for 20/40 BSS Coexistence Management frame Rx d58c3bd8b hostapd: Ignore LOW_ACK event for co-operative steering clients ec2b5173c Make STA opmode change event available to upper layers e8ada1600 nl80211: Add support for STA opmode change events 72123a84c hostapd: Add last_ack_rssi into ctrl iface cmd STA 2df73f52e Add hostapd_cli poll_sta command f5701cc66 OWE: Clean up pointer check in a testing code path ebe61e564 Sync with mac80211-next.git include/uapi/linux/nl80211.h 8179ae3a2 DPP: Support retrieving of configurator's private key 4bc801ab4 SAE: Fix EAPOL-Key integrity and key-wrap algorithm selection d74963d41 DPP: Extend dpp_test 89 functionality to transmit side f8bfc9cbd Use correct WPA_ALG_* values to compare for enum wpa_alg cce16e43f mka: Mark ieee802_1x_kay_create_mka() ckn and cak arguments const 22151b111 wpa_supplicant: Fix memory leaks in ieee802_1x_create_preshared_mka() 3a52f6b38 mka: Do not print contents of SAK to debug log 77977b3d5 mka: Detect duplicate MAC addresses during key server election 5762855ab mka: Loss of live peers to result in connect PENDING not AUTHENTICATED 8fb546d8e mka: Ignore MACsec SAK Use Old Key parameter if we don't have our old key b54b53e64 mka: When matching CKNs ensure that lengths are identical fec03f983 Add support for wolfSSL cryptographic library 92eb00aec Extend ACL check for Probe Request frames 01542e651 Add new WiFi test config attributes to configure BA params ba6080441 Add new WiFi test config attribute to allow WEP/TKIP in HE c05f96a38 FILS: Check kde more consistently to avoid static analyzer warnings 087474512 SAE: Debug print group support in the crypto library f5e0a3324 SAE: Fix potential infinite loop in mismatching PMK case on AP 427729ee6 Reject eap_server_erp hostapd.conf parameter without CONFIG_ERP=y c54cc8bb1 BoringSSL: Set appropriate sigalgs for Suite B RSA 3K cases aa6de8e6b BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate sigalgs 7a47f34b1 BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate parameters 355250234 OpenSSL: Replace SSL_set1_curves_list() with SSL_set1_curves() 4ab0f11b8 Allow HT40 on 5 GHz channels 165 and 169 299d21e8e nl80211: Use the new NL80211_MFP_OPTIONAL option b8e88d357 wpa_supplicant: Handle port authorized event a8c45d47d nl80211: Handle port authorized event 0a20bd7d9 driver: Add port authorized event 05fc7c68f nl80211: Add API to set the PMK to the driver 0ff08f963 nl80211: Check 4-way handshake offload support 730c5a1d0 nl80211: Support passing PSK on connect 14dcb22a5 wpa_passphrase: Include $(LIBS) for linking 4b07484c3 DPP: Do not include common/dpp.h without CONFIG_DPP=y 9ec0dfa31 Define host_to_le64() for Windows builds 6e3726c09 Fix a typo in disassoc_low_ack documentation 19e20c14f Add ap_isolate configuration option for wpa_supplicant AP mode a4016163e Extend APF interface for read/write and enable/disable ops b2e4074ca OpenSSL: Fix EAP-FAST with OpenSSL 1.1.1-pre1 a22e235fd OWE: Add testing RSNE for OWE assoc response with driver SME/MLME aca4d84e3 DPP: Use wildcard BSSID in GAS query frames 0887215d9 nl80211: Do not try to add too large NL80211_ATTR_PMK for set/del PMKSA e7f6e6ee1 nl80211: Print NL80211_CMD_{SET,DEL}_PMKSA failures in debug log 3988046de hostapd: Dynamic MAC ACL management over control interface 6a252ece2 DPP: Fix GAS query removal race condition on DPP_STOP_LISTEN 3b50f8a46 DPP: PKEX initiation on other bands 659ac96d7 ieee802_11_mgmt: Handle frame info more consistently 458d8984d SAE: Reject request with mismatching PMKID (no PMKSA cache entry) 5ac434642 Define new QCA vendor sub command for wifi test configuration 70e190137 DPP: Require use of PMF for DPP AKM 79ce2d519 OWE: Rename function to match use (driver-SME/MLME) 759da93a8 OWE: Check for ECDH availability before use (driver-SME/MLME) af65ef28f OWE: Add RSNE when not using PMKSA caching (driver-SME/MLME) 5850cba38 OWE: Support DH groups 20 and 21 with driver-SME/MLME f9854c183 hostapd: Fix wpa_psk_file support for FT-PSK 3bd35b681 wpa_supplicant: Fix parsing errors on additional config file 9c5fe742a wpa_supplicant: Free config only if it was allocated in same call 9f8d459d4 OWE: Fix association IEs for transition mode open AP connection c6096c6ee wpa_cli: Enable add/remove/get vendor elements without P2P d1e3d40d0 common: Fix the description of wpa_ctrl_request() function 82424732a Fix compiler issue with CONFIG_TESTING_OPTIONS ebf404373 D-Bus: Report error on starting P2P find 66b9f3ca8 wpa_cli: Fix cred_fields[] declaration 5ff39c138 SAE: Support external authentication offload for driver-SME cases 40a68f338 nl80211: Create a netlink socket handle for the Connect interface ba71cb821 nl80211: Introduce the interface for external authentication 8678b14fa Add new QCA vendor commands for thermal shutdown 99576f6f3 Sync with mac80211-next.git include/uapi/linux/nl80211.h cd483be25 OWE: Use PMKSA caching if available with driver AP MLME a4668c681 OWE: Handle unsupported finite cyclic group with driver MLME f811cc83b atheros: Send correct SSID length to the driver e005725a6 nl80211: Add DPP and OWE AKM selectors to CONNECT/ASSOC request 2cc2a0a7e Extend QCA vendor NDP params to support schedule update indication a7769f6da Update QCA vendor commands to match ASOP 18e3e9c6e OWE: Transition mode with non-AP-MLME 92b6e0c58 hostapd: Send broadcast Public Action frame with wildcard BSSID address fe3f81e6a DPP: Update PKEX role-specific points b4cd8b7e1 Add QCA vendor command and attributes for MSDU queue depth threshold 703470bfa FILS: Fix extended capability bit setting for FILS in AP mode 9e834fc64 EAP-SIM/AKA: Separate identity for MK derivation b6b5e3554 DPP: Get rid of compiler warnings on signed/unsigned comparison 630ea1334 DPP: Track M.x/N.x/L.x availability for ke derivation c1790a5ff OWE: Allow station in transition mode to connect to an open BSS c103c0b51 Extend NUD Stats to collect the data packet statistics 5d5ee699a Copy WLAN-Reason-Code value from Access-Reject to Deauthentication f75ed556c RADIUS: Add WLAN-Reason-Code attribute to Access-Reject 727e9aacb HS 2.0: Set appropriate permission(s) for cert file/folders on Android feba5848b Replace RSNE group key management mismatch status/reason codes 9cc8303d3 Add QCA vendor command to get the WLAN MAC information fd9209549 DPP: Report reception of Config Request to upper layers 80f71b71d DPP: Authentication exchange retries and channel iteration in hostapd c5cc7a59a Report offchannel RX frame frequency to hostapd b7ed94834 GnuTLS: Add option to build with libnettle instead of libgcrypt c36d82241 GnuTLS: Suite B validation dd227e67a GnuTLS: Add support for disabling TLS versions 5d292fcfb GnuTLS: Implement tls_get_cipher() 5791d2117 GnuTLS: Make debug prints clearer for cert/key parsing 622d4d49e GnuTLS: Add TEST_FAIL() to crypto routines for testing purposes f8697e810 GnuTLS: Implement tls_get_version() 133f8d09f GnuTLS: Implement HMAC functions using libgcrypt 85c12a62e GnuTLS: Implement sha{256,384,512}_vector() using libgcrypt cc3e7bfc3 GnuTLS: Use a helper function for hash functions 2cb40e9f4 OWE: Try all supported DH groups automatically on STA 02b38d0ad Fix MFP-enabled test for disallowed TKIP ba3d435fe SAE: Add option to require MFP for SAE associations c4fc7e31c SAE: Set special Sc value when moving to Accepted state abcbd0604 SAE: Add Rc variable and peer send-confirm validation 9249afc8e SAE: Print state changes in debug log d8b841eba SAE: Make dot11RSNASAESync configurable 9596a7565 PAE: Remove OpenSSL header dependency 04b1bcc5f EAP-pwd: Use abstract crypto API 0c3d49afd EAP-EKE: Use abstract crypto API c335507c8 Enhance crypto abstract API for DH 0e02f2a9f crypto: Implement new crypto API functions for DH eac084cb3 OpenSSL: Implement new crypto API functions 23ff5d73d Enhance crypto abstract API 441e8bfbb Fix copy-paste errors in function comments 47e966aba DH: Remove trailing whitespace 3546ef510 EAP-pwd: Remove trailing empty line 61536b5f4 Add new QCA vendor attribute for getting preferred channel 1a2cb20d5 Fix couple of QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS comments 2fca2d214 Vendor parameter for forcing RSNE override 12bce14b1 wpa_cli: Add completion for get/set cred commands 6240424a7 dbus: Add FILS key mgmt values into BSS security properties 2d942ec4a Define a QCA vendor command to retrieve SAR Power limits d98038bb0 FILS: Driver configuration to disable/enable FILS features af832aa99 hostapd: Add average channel utilization in STATUS 802c0fd0c hostapd: Update BSS load update period dynamically 778d87054 Fix error handling in bss_load_update_period parser dff5ab97e hostapd_cli: Add dpp_listen and dpp_stop_listen 5f30b69cd OWE: Allow DH Parameters element overriding with driver SME 04ded82ef OWE: Fix error case handling with drivers that implement AP SME c23e87d0d OpenSSL: Replace EVP_PKEY_paramgen() with EC_KEY_new_by_curve_name() 7641d485d BoringSSL: Use EC_KEY_new_by_curve_name() to simplify implementation a5da39607 Revert "BoringSSL: Add DPP special cases regardless of claimed version number" 0f3084472 Revert "BoringSSL: Define RSA_bits() helper" a2c442be2 OpenSSL: Allow cipher list to be overridden for tls_suiteb=1 case e5c7c2f28 Fix ap-mgmt-fuzzer build 63942cf0f OpenSSL: Avoid SSL*_use_default_passwd_cb() 149143e31 OpenSSL: Remove unnecessary os_strdup() from password callback b65353a76 Android: Set CONFIG_NO_RANDOM_POOL=y ff28df739 Android: Move hostapd to vendor partition 9b0de99fa Add new QCA vendor attribute for WLAN Latency Module (WLM) 055cd3978 tests: DPP P-256 test vectors f55269753 DPP: Allow protocol key to be overridden for testing purposes afd3cf14a WPS: Add GCMP-256 and CCMP-256 cipher options on Enrollee 5f481b6fd WPS: Check BSS table against current BSSID if credential does not match 402c8e00b WPS: Map GCMP-256 and CCMP-256 to AES encryption type a2660890a WPS: Allow WPS to be enabled in CCMP-256 and GCMP-256 only cases 163fc3d56 DPP: Indicate to upper layers whether mutual authentication was used 34603767b DPP: Extend protocol testing to allow exchange termination ed2c493e9 DPP: Change Authentication Response retry time to 1 second 963d3149a nl80211: Fix NL80211_MESHCONF_AUTO_OPEN_PLINKS encoding a2426829c nl80211: Fix NL80211_ATTR_SMPS_MODE encoding f0a383a98 DPP: Extend dpp_test with invalid E-Nonce in Config Req 55c6c8585 DPP: Extend dpp_test with invalid Transaction ID in Peer Disc Req 364039d22 Add QCA vendor command and attributes for RROP 0e19300d5 nl80211: Use consistent "0x" prefix for the cookie values fa5c90749 DPP: Call wpas_dpp_stop() from wpas_dpp_deinit() 1866dfb52 DPP: Stop pending GAS client operation on DPP_STOP_LISTEN f981ce729 DPP: Do not continue if public key hash derivation fails 8a37d54ea DPP: Fix memory leak on dpp_auth_build_conf() error paths 281f480c5 JSON: Fix a memory leak on an error path 622934128 DPP: Fix a memory leak on an error path ed62d4011 DPP: Deinit PKEX instance on DPP_STOP_LISTEN 634a130a5 DPP: Clear authentication instance on configuration completion in AP d3cb7ebe1 DPP: Do not process dpp_auth_ok_on_ack multiple times dc2f24f1b DPP: Fix compilation without CONFIG_TESTING_OPTIONS=y 82feacced DPP: Ignore GAS server status callback for unknown response a2588be82 DPP: Add DPP_CONFIGURATOR_SIGN support to hostapd 7eb6bfb45 DPP: Move hostapd Configurator/bootstrap data into global context 73f21929a DPP: Auto-generate Initiator bootstrapping info if needed 725a953ae nl80211: Filter global events based on wiphy 0bd7f104c hostapd: Add supported rate information into STATUS and STA 1489fcf87 FILS: Do not leave error value in left counter beae255a7 WPA: Check wpa_eapol_key_mic() result on TX acc555f9e DPP: Allow PKEX x/X and y/Y keypairs to be overridden d722c50d0 DPP: Print more interim EC_POINT results into debug log 2bdc47a94 DPP: Allow PKEX own/peer MAC addresses to be overridden af4103e5e DPP: Provide peer_mac to PKEX Initiator through function argument 918a2ac40 DPP: Work around missing EVP_PKEY_CTX_set_ec_param_enc() 3ca4be1ea DPP: Remove compiler warnings about signed/unsigned comparisons 116454f46 DPP: Fix error return value in dpp_auth_conf_rx() 63dc0f9c4 hostapd: Disassoc STA without WPA/RSN IE if AP proto is WPA/RSN cc79e06f0 hostapd: Add wpa_msg_ctrl() to report Probe Request frames from STA 0db637ca8 DPP: Fix number of Authentication Request retry cases 921f5acd1 DPP: Take response wait time into account for init retries 248264c62 DPP: Stop Authentication Request attempts if no response after ACK e3a5882b3 DPP: Add SAE credential support to Configurator 5dd745b73 DPP: Add akm=sae and akm=psk+sae support in Enrollee role a44467395 DPP: Protocol testing capability to send invalid I-Nonce in Auth Req 00d2d13db DPP: Retry PKEX Exchange Request frame up to five times ab0375508 TDLS: Add testing capability to send TPK M2 twice 4b8de0c92 DPP: Protocol testing for invalid Peer Discovery Req/Resp values f9cf7d03f DPP: Protocol testing for invalid Config Attrib Object value 3f35ec2dc DPP: Protocol testing for invalid DPP Status value 9efa53149 DPP: Use helper functions to build Bootstrap Key Hash attributes acdf703d5 DPP: Replace custom undefined attr with DPP Status in after-wrapped data 56f24d1da DPP: Use a helper function to build DPP Status attribute 65ecce87f DPP: Protocol testing for writing invalid I/R Bootstrap Key Hash b6b4226bd DPP: Protocol testing capability to generate invalid Protocol Key c6eb3e34b Stronger GTK derivation routine 94619905c DPP: Fix dpp_test_gen_invalid_key() with BoringSSL 746c1792a DPP: Build bootstrapping key DER encoding using custom routine f2d27ef94 DPP: Use a helper function to DER encode bootstrapping key c1564149a BoringSSL: Add AES support with 192-bit keys edd72f55f OpenSSL: Debug message if requested AES key length is not supported 5548453a2 BoringSSL: Add DPP special cases regardless of claimed version number f29761297 BoringSSL: Implement crypto_ecdh_init() 7721fe082 BoringSSL: Comment out SSL_set_default_passwd_cb*() calls b9dc63c26 BoringSSL: Comment out SSL_set1_sigalgs_list() call 3cfbd3b0f BoringSSL: Define RSA_bits() helper 27781c0ab Allow group cipher selection to be overridden af6614ca1 Fix block comment style in QCA vendor attribute definition 2115603a4 Add QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING 27987b67f Add new QCA vendor attribute for LL stats 41db74cf7 atheros: Process SAE authentication frames using EVENT_RX_MGMT 3d9dd4b77 atheros: Generate EVENT_TX_STATUS events for management frames f5b74b966 common: Avoid conflict with __bitwise macro from linux/types.h 4109555ef DPP: Fix compiler warning of testing code 1d624a070 Reject PMK-to-PTK derivation with unsupported cipher 762fb4f06 DPP: Testing capability to send unexpected Authentication Response 03abb6b54 DPP: Reject unexpected Req/Resp message based on Auth/PKEX role 95b0104a3 DPP: Retransmit DPP Authentication Response frame if it is not ACKed c1d377396 DPP: Stop authentication exchange of DPP_STOP_LISTEN d1f082644 DPP: Allowed initiator to indicate either role f97ace34c DPP: Support multiple channels for initiating DPP Authentication de0298618 DPP: Share a helper function for PKEX final steps a306ed5a5 DPP: Protocol testing to allow missing attributes in peer discovery 1fafdf112 DPP: Add DPP_LISTEN and DPP_STOP_LISTEN to hostapd fbfceef3a Add QCA vendor commands for spectral scan bb9808fa9 P2P: Continue P2P_WAIT_PEER_(IDLE/CONNECT) sequence on a listen cancel 37ed3254d P2P: ACS offload for the autonomous GO 962b8fcf4 Add new QCA vendor attributes for MAC counters af7f10fcd DPP: Protocol testing for invalid Config Resp attribute values 8c99e6264 DPP: Report Config Request/Response failure reasons on control interface f411ad1b8 DPP: Protocol testing to remove attributes from Config Req/Resp 7e0ebe21b DPP: Protocol testing - invalid I/R-Auth value in PKEX Commit-Reveal 89d0bf678 DPP: Protocol testing - invalid Bootstrap Key value in PKEX Commit-Reveal f31ef96dc DPP: Protocol testing - invalid Status value in PKEX Exchange Response d05c82c4d DPP: Move PKEX z derivation on Responder to earlier phase 578c9ea1a DPP: Fix a typo in a debug print 5f5fff436 DPP: Explicitly check that PKEX Qr is not the point-at-infinity 29ab69e4b DPP: PKEX counter t 039b8e736 DPP: Terminate PKEX exchange on detection of a mismatching code fc0efa2a1 DPP: Use dpp_bn2bin_pad() helper to simplify code e0247e798 DPP: PKEX and STATUS_BAD_GROUP 2265353a4 DPP: Remove obsolete TODO comment on discovery object fe12ae777 Fix Status Code in TKIP countermeasures case 1cfcbd32a DPP: Testing capability to generate invalid PKEX encrypted key (M and N) d7e7b7122 DPP: Report PKEX failure reasons over control interface 61f9f27f8 DPP: Extend protocol testing to cover missing attributes in PKEX b3e4cc5cb DPP: Move PKEX Commit-Reveal Response building to a helper function b0626c2a6 DPP: Move PKEX Commit-Reveal Request building to a helper function a5c3b41b2 DPP: Move PKEX Exchange Response building to a helper function 60b9dd86f DPP: Fix couple of typos in debug messages 06f2df069 DPP: Fix hostapd control interface events for initiator case 219d4c9fc DPP: Report possible PKEX code mismatch in control interface 69d8d029f DPP: Enable PMF when adding wpa_supplicant network profile 0c3bc1be0 Fix test build breakage when not compiling with ieee80211w support ea4ace9c7 hostapd: Add max_txpower into STATUS command bf6c65afc hostapd: Add Beacon interval and DTIM period into STATUS command c7ae2b310 hostapd: Add HT/VHT capability info into STATUS command 1f91a8bde hostapd: Add HT/VHT capability info into STA command 65f9db6bc hostapd: Add extended capabilities into STA command d1f3a8144 hostapd: Add [HT] flag into STA command ba72b4b12 hostapd: Add Min/Max Transmit Power Capability into STA command 33c8bbd8c OWE: Add AP mode handling of OWE with drivers that implement SME 28d126413 Check hostapd current_mode before dereferencing it in additional places 348c93847 AP-side workaround for WNM-Sleep Mode GTK/IGTK reinstallation issues 3f5a1860a wpa_auth: Deplete group rekey eloop handler for strict rekeying 92662fb28 Allow forcing group rekeying for testing purposes d27092069 DPP: Negotiation channel change request from Initiator b7dddab7b DPP: Allow testing override values to be cleared e85b66012 DPP: Add DPP Status attribute into Peer Discovery Response 19ef4289c DPP: Process Authentication Confirm failure cases 7d917ab04 DPP: Send Authentication Confirm failure reports 978bc3f2a DPP: Auth Resp/Conf incorrect attribute values for protocol testing 9b5111203 DPP: Allow Responder to decide not to use mutual authentication dcdaeab79 DPP: Report Auth Conf failures in control interface f9c7d7702 DPP: Omission of Auth Conf attributes for protocol testing 26806abe8 DPP: Report invalid messages and failure conditions in control interface ce9acce00 DPP: Omission of Auth Resp attributes for protocol testing a03406dbe DPP: Move Authentication Response building into a separate function 0e7cb8c6c DPP: Omission of Auth Req attributes for protocol testing 606a8e8d5 DPP: Move Authentication Request building into a separate function 3749ad0e1 DPP: Explicitly check and reject 0x00 and 0x03 I/R-capab role af48810ba DPP: Report transmitted messages as control interface events a70739349 DPP: Report received messages as control interface events 27fefbbb7 DPP: Remove unnecessary Wrapped Data checks from callers 0c881807b DPP: Verify that Wrapped Data attribute is the last one in the message 60239f60a DPP: Protocol testing framework 7ed5337d8 Fix a typo in a debug message 5f7c9e50f EAP server: Add event messages for more EAP states a68e0d869 Fix a typo in a comment (the variable is ptk, not pkt) de41b960b wpa_supplicant: Increase UDP control interface RX buffer 74e55b658 Fix test build breakage when not compiling with mesh support 3d0fb9558 WNM: Ignore BSS Transition Management frames in bss_transition=0 case 114f2830d WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0 case Bug: 111131936 Test: Device boots up and connects to wifi networks. Test: Able to turn on/off softap. Test: Sent for regression tests (b/111209415). Change-Id: I85cbeeee6a4ff52a5e23f8917b15633c896c0cf3 Signed-off-by: Roshan Pius <rpius@google.com>	2018-07-12 16:40:59 +00:00
Dmitry Shmidt	d2986c2e73	Cumulative patch from commit 3d6953288b592704484864f41791f8c67ff9aa5a ... 3d6953288 Extend RESEND_* test commands to allow forcing plaintext TX 4be5bc98a DPP: Update AES-SIV AD for PKEX frames dc4d271c6 DPP: Update AES-SIV AD for DPP Authentication frames 6338c99ef FILS: Send updated connection parameters to drivers if needed d2ba0d719 Move assoc param setting into a helper function 084131c85 FILS: Allow eap_peer_get_erp_info() to be called without config b0a21e228 FILS: Update replay counter from roam info 693eafb15 nl80211: Update FILS roam info from vendor roam event 3c67e977d nl80211: Add support to send updated connection parameters cddfda789 Add attributes to support roam+auth vendor event for FILS c0fe5f125 Clear BSSID information in supplicant state machine on disconnection 006fb845b nl80211: Use NL80211_BSS_LAST_SEEN_BOOTTIME if available a6ea66530 Additional consistentcy checks for PTK component lengths 6f234c1e2 Optional AP side workaround for key reinstallation attacks daa409608 Allow last (Re)Association Request frame to be replayed for testing 751f5b293 Allow EAPOL-Key Request to be sent through control interface bb06748f4 Make last received ANonce available through control interface 143b81bad Allow arbitrary key configuration for testing d8afdb210 Allow EAPOL-Key messages 1/4 and 3/4 to be retransmitted for testing 6bc2f00f4 Allow group key handshake message 1/2 to be retransmitted for testing 16579769f Add testing functionality for resetting PN/IPN for configured keys b488a1294 Clear PMK length and check for this when deriving PTK 00583ef11 Add debug prints on PMK configuration in WPA supplicant a00e946c1 WPA: Extra defense against PTK reinstalls in 4-way handshake a0bf1b68c Remove all PeerKey functionality e76085117 FILS: Do not allow multiple (Re)Association Response frames 2f1357fb6 FILS: Accept another (Re)Association Request frame during an association df9490620 Add MGMT_TX_STATUS_PROCESS command for testing purposes c53eb9461 OWE: Remove forgotten developer debug prints a34ca59e4 SAE: Allow SAE password to be configured separately (STA) 2377c1cae SAE: Allow SAE password to be configured separately (AP) c5aeb4343 P2P: Do not mark DFS channel as invalid if DFS is offloaded to driver 58efbcbcd DPP: Fix static analyzer warnings in key generation and JWK construction f51609022 P2P: Prefer 5/60 GHz band over 2.4 GHz during GO configuration 91cc34bf3 OWE: Allow set of enabled DH groups to be limited on AP 265bda344 OWE: Allow DH Parameters element to be overridden for testing purposes 8c19ea3f2 DPP: Add the crypto suite field to the frames c77e2ff09 DPP: Remove C-sign-key expiry 6254045a5 DPP: Explicitly delete the PKEX secret element K upon generation of z 0e6709a4e DPP: Rename PKEX secret element from Z to K 657317179 DPP: Verify that PKEX Qi is not the point-at-infinity a89138818 OWE: Transition mode information based on BSS ifname 109704657 OWE: Support station SME-in-driver case 5a78c3619 OWE: PMKSA caching in station mode d90f10fa4 OWE: PMKSA caching in AP mode 8b5579e17 DPP: Fix EAPOL-Key Key MIC calculation ec9f48377 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in station 7a12edd16 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in AP mode 6c4726189 OWE: Extend shared helper functions to support other DH curves d8c8d8575 OWE: Include RSNE in (Re)Association Response frame e8b964901 OWE: Transition mode support on station side 675112df1 OWE: Set PMK length properly on supplicant side ea079153f OWE: Add AP support for transition mode 4a3746341 hostapd: Update HE capabilities and HE operation definition 63bc0ab0e P2P: Allow GO to advertise Interworking element 3567641eb Add TX/RX rate info and signal strength into STA output fa4b605a0 WPS: Do not increment wildcard_uuid when pin is locked e37cea308 OCE: Update default scan IEs when OCE is enabled/disabled ee522d27c Vendor flags for 11ax channel property flags for use with external ACS 61a56c148 Add group_mgmt network parameter for PMF cipher selection 0ad5893a2 PAE: Validate input before pointer fd35ed5bb AP: Remove unneeded check for 'added_unassociated' d55b17460 FILS: Vendor attribute to disable driver FILS features a7297ae5c Fix hostapd debug messages on wpa_pairwise and rsn_pairwise parsing 29c940e7a TDLS: Update the comments related to TPK derivation 3de1566db FILS: Check req_ies for NULL pointer in hostapd_notif_assoc() 1c9663cf6 OpenSSL: Force RSA 3072-bit DH prime size limit for Suite B 2ed70c758 OpenSSL: Add option to disable ECDHE with Suite B RSA 4eb8cfe06 OpenSSL: Force RSA 3072-bit key size limit for Suite B 6418400db Add hostapd tls_flags parameter 60ed2f24e Suite B: Add tls_suiteb=1 parameter for RSA 3k key case 5030d7d9f DPP: Allow raw hex PSK to be used for legacy configuration 039ab15fd DPP: Add DPP-CONFOBJ-PASS/PSK events for hostapd legacy configuration 9824de57a Fix EAPOL-Key version check for a corner case with Suite B AKM 3c7863f81 wpa_supplicant: Support dynamic update of wowlan_triggers 4cada9dcc FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS 41b819148 FILS: Update PMKID derivation rules for ERP key hierarchy establishment 303113398 mesh: Move writing of mesh_rssi_threshold inside CONFIG_MESH 2efc67207 Fix RSN pre-authentication regression with pre-connection scan results 73b3de01c macsec_linux: Exit early when missing macsec kernel module 7612e65b9 mka: Add error handling for secy_init_macsec() calls 2c66c7d11 wpa_supplicant: Check length when building ext_capability in assoc_cb fdbfb63e4 nl80211: Fix bridge name print while removing interface from bridge 333517ac1 crypto: Fix undefined behavior in random number generator 84fccc724 Send Client-Error when AT_KDF attributes from the server are incorrect 446600c35 Add AT_KDF attributes to Synchronization-Failure in EAP-AKA' 155bf1108 PMKSA: Fix use-after-free in pmksa_cache_clone_entry() cdf250149 dbus: Add new interface property to get mesh group 190f6f117 dbus: Add new interface property to get connected mesh peers a9de99b1c dbus: Add MeshPeerDisconnected signal 9b0701fbf dbus: Add MeshPeerConnected signal a39b040b4 dbus: Add MeshGroupRemoved signal 89e9cd25d dbus: Add MeshGroupStarted signal 49e6a5553 FILS: Add a space before MAC address to a HLP debug message 359166ed2 Remove the completely unused FT parameters in driver association data 3db2a82df Add SHA-384 routines to libcrypto.a a0f19e9c7 SAE: Allow commit fields to be overridden for testing purposes (STA) 3648d8a18 SAE: Allow commit fields to be overridden for testing purposes e75335384 SAE: Add testing code for reflection attack e61fea6b4 SAE: Fix PMKSA caching behavior in AP mode a6f238f21 DPP: Add base64 dependency in makefiles c2d4f2eb5 DPP: Derive PMKID using SHA256() for all curves 64a0a75b5 nl80211: Fix auth_alg selection with FILS in the connect command 7475e80f1 FILS: Fix wpa_supplicant AP build without CONFIG_IEEE80211W 85fd8263a DPP: Use Transaction ID in Peer Discovery Request/Response frames a28675da2 hs20-osu-client: Fix build with new OpenSSL and BoringSSL cf39475b4 Introduce QCA_NL80211_VENDOR_SUBCMD_HANG 17385fba2 tests: JSON module tests for additional array parsing d4488b9da JSON: Fix parsing of arrays of numbers, strings, literals a4bf00787 DPP: Remove devices object from the connector e77d13ef9 QCA vendor attribute to configure beacon miss penalize count for BTC 7bd88aaf3 QCA vendor attribute to configure beacon miss count 505554bbf QCA vendor attribute to enable/disable scan ae048257c WPS: Interpret zero length ap_pin hostapd.conf parameter as "unset" 2bdbace63 Remove some obsolete information from hostapd README file b0fc2ef3a hw_features: Fix check of supported 802.11ac channel width b5bf84ba3 WNM: Differentiate between WNM for station and for AP in build 922dcf1b4 RRM: Remove duplicate frequencies from beacon report scan request 705e2909c RRM: Send response when Beacon report request is not supported/refused 3756acfd4 RRM: Send Radio Measurement response when beacon report scan fails b3c148e9f RRM: Send reject/refuse response only to unicast measurement request 51143af7e wpa_cli: Fix global control interface for STA-FIRST/STA-NEXT 809c67502 DPP: Fix build with OpenSSL 1.1.0 89971d8b1 OpenSSL: Clear default_passwd_cb more thoroughly f665c93e1 OpenSSL: Fix private key password handling with OpenSSL >= 1.1.0f 2b9891bd6 OpenSSL: Add build option to select default ciphers 65833d71a OCE: Add hostapd mode OCE capability indication if enabled 332aadb8a STA: Add OCE capability indication attribute fb718f94d nl80211: Check if driver supports OCE specific features 46b15e470 Add vendor flags for OCE feature support indication b377ec258 FILS: Fix issuing FILS connect to a non-FILS AP in driver-FILS case 9f44f7f3b Introduce a vendor attribute to represent the PNO/EPNO Request ID 881a92e8b FILS: Fix compilation with CONFIG_NO_WPA 1f2ae8cff EAP-TTLS: Fix a memory leak on error paths 83e003a91 EAP-TTLS: Fix possible memory leak in eap_ttls_phase2_request_mschap() 422570eec MBO: Fix possible memory leak in anqp_send_req() 96e595a9f EAP-LEAP: Fix possible memory leak in eap_leap_process_request() 23eead4d7 RRM: Filter scan results by parent TSF only if driver supports it 3f8e3a548 ap: Fix invalid HT40 channel pair fallback 6d3e24d3e ap: Fix return value in hostapd_drv_switch_channel() d02e4c8ac P2P: Clear get_pref_freq_list_override on P2P Device bfbc41eac DPP: Fix compilation without openssl cc6088463 P2P: Allow auto GO on DFS channels if driver supports this fe3e0bac1 FILS: Advertize FILS capability based on driver capability 5579c11c3 Fix a typo in vendor attribute documentation 8b5ddda5f FILS: Add HLP support with driver-based AP SME 31ec556ce FILS: Fix the IP header protocol field in HLP DHCP response b3e567c89 FILS: ERP-based PMKSA cache addition on AP bfe448331 FILS: Fix a frame name in a debug print 6d49aeb76 MBO: Whitespace cleanup f2cdb41b8 OCE: Define OCE attributes and other related macros 267fc0dd3 Add wpa_supplicant ctrl iface support to scan for a specific BSSID f522bb237 DPP: Add DPP_CONFIGURATOR_SIGN to generate own connector dc7fc09cc DPP: Add control interface commands into hostapd_cli a86fb43ca DPP: DPP_BOOTSTRAP_INFO for hostapd 484788b87 DPP: Share bootstrap type to string helper function 623f95685 DPP: Allow wpa_cli DPP_CONFIGURATOR_ADD without arguments 888502325 Add new key_mgmt values for wpa_supplicant STATUS command 3a5954ef9 Add mgmt_group_cipher to wpa_supplicant STATUS command 90f837b0b Update default wpa_group_rekey to once-per-day when using CCMP/GCMP 787615b38 DPP: Set PMKSA expiration based on peer connector 6b140f0fa DPP: Update hostapd configurator parameters to match wpa_supplicant 2605405aa DPP: Configurator in hostapd efeada91a DPP: PKEX in hostapd 6095b4790 DPP: Check JWS protected header alg against C-sign-key curve b65b22d60 DPP: Configurator parameters in responder role 31f03cb00 DPP: Update JWS algorithm strings for Brainpool curves e0d3d3fce DPP: Rename Brainpool curve names for JSON 500ed7f00 DPP: PKEX bootstrapping b9d47b484 DPP: Add helper functions for running hash operations 0c7cf1f50 DPP: Increase hostapd_cli buffer limits 44d6b272c DPP: Fix configuration item list 43fbb8db5 DPP: More debug for own connector configuration errors f1f4fa797 DPP: Fix JWK debug prints b04854cef nl80211/MBO: Set temporary disallowed BSSID list to driver 2a71673e2 ERP: Derive ERP key only after successful EAP authentication 528b65578 Add Set Wi-Fi Configuration vendor attribute to configure LRO 944f359e1 Introduce a vendor command to specify the active Type Of Service b6ea76425 nl80211: Make KCK attribute optional in rekey data 35f064212 DPP: Allow passphrase to be set for Configurator 68cb6dcec DPP: Allow SSID to be set for Configurator 186f20489 JSON: Fix \u escaping a82349347 DPP: Add an example python script for QR Code operations 6a7182a9c DPP: Add DPP_BOOTSTRAP_INFO command 8528994e2 DPP: Automatic network profile creation da143f7fb FILS: Fix EVENT_ASSOC processing checks for driver-SME 3c0daa13d Make wpa_config_read_blob() easier for static analyzers a0d5c56f8 DPP: Network Introduction protocol for wpa_supplicant 4ff89c2eb DPP: Network Introduction protocol for hostapd 650a70a72 DPP: Network Introduction protocol 56c754958 DPP: AP parameters for DPP AKM b979caae5 DPP: Network profile parameters for DPP AKM 0c52953b0 DPP: Allow PMKSA cache entries to be added through hostapd ctrl_iface 567da5bbd DPP: Add new AKM 9c2b8204e DPP: Integration for hostapd 9beb2892d DPP: Add wpa_cli commands for DPP operations 461d39af4 DPP: Configuration exchange 30d27b048 DPP: Authentication exchange be27e185b DPP: Bootstrap information management d4d76d983 Fix offchannel TX done handling for sequence of TX frames 00b02149e nl80211: Register to receive DPP Public Action frames 4e19eb88a tests: Module tests for JSON parser 005be3daa Add JavaScript Object Notation (JSON) parser (RFC7159) 5b52e1adc tests: Update base64 OOM test cases to match implementation changes 0ffdc8b19 Add base64url encoding/decoding per RFC 4648 77f273c82 Extend SHA-384 and SHA-512 support to match SHA-256 2c9d92497 P2P: Debug print P2P_FIND rejection reason 618aa2290 P2P: Fix p2p_in_provisioning clearing in failure case b5db6e5dc eap_proxy: Support multiple SIMs in get_imsi() 002087651 eap_proxy: Build realm from IMSI for proxy based EAP methods 5e0c20ff3 nl80211: Do not notify interface as re-enabled if initialization fails 8696e6170 eap_proxy: Add support for deriving ERP information 115d5e222 hostapd: Fix handling a 20/40 BSS Coexistence Management frame 2d18ab408 Add a config parameter to exclude DFS channels from ACS 3c2bd55f0 P2P: wpas_p2p_select_go_freq() to check for supported pref_freq 8d968351a Interworking: Add NULL checking for EAP name in phase2/autheap parameter 9ddba3a30 Rename vendor attribute DISABLE_OFFCHANNEL to RESTRICT_OFFCHANNEL d506c35ef Set Wi-Fi Configuration attribute to restrict offchannel operations 4aa329298 ERP: Do not generate ERP keys when domain name is not specified 34ee12c55 Do not flush PMKSA on bssid_hint change 290834df6 nl80211: Fix race condition in detecting MAC change 04f667fcd DFS: Allow switch to DFS channel after radar detection in ETSI aa56e36d6 driver: Make DFS domain information available to core e8e430fe7 Vendor attributes to retain connection on a roam request failure 43a356b26 Provide option to configure BSSID hint for a network 33117656e Define a QCA vendor attribute to update the listen interval 85cff4b0d OpenSSL: Try SHA256 hash for OCSP certificate matching d264c2e39 HTTP (curl): Try SHA256 hash for OCSP certificate matching 95818ec17 Fix compiler warning with CONFIG_IEEE80211R no-CONFIG_FILS build 613639454 Make CONFIG_MACSEC depend on IEEE8021X_EAPOL 31a856a12 mesh: Make NL80211_MESHCONF_RSSI_THRESHOLD configurable 1f3c49d41 Fix 160 MHz opclass channel to frequency conversion 9f4947466 dbus: Add method to disable channel switching with a TDLS peer 2a57b4b82 dbus: Add method to enable channel switching with a TDLS peer 193950541 dbus: Add AbortScan method to abort ongoing scan 8fed47e01 FILS: Derive FT key hierarchy on authenticator side for FILS+FT 7d440a3bc FILS: Derive FT key hierarchy on supplicant side for FILS+FT 215eaa748 FILS: Implement FILS-FT derivation 80ddf5d99 FILS: Fix Key-Auth derivation for SK+PFS for authenticator side e6b623133 FILS: Fix Key-Auth derivation for SK+PFS for supplicant side 4d0a61c50 FILS: Debug print inputs to Key-Auth derivation be1ece46f wpa_supplicant: Add GET_CAPABILITY for P2P redirection 853cfa873 Detect endianness when building for RTEMS 35bb8a9a5 Android: Define CONFIG_TESTING_OPTIONS if enabled in config 178553b70 MBO: Add support to set ignore assoc disallow to driver 3a46cf93d FT: Add support for wildcard R0KH/R1KH eefe86301 FT RRB: Add msg replay and msg delay protection 245fc96e5 FT: New RRB message format 50bd8e0a9 FT: Replace inter-AP protocol with use of OUI Extended Ethertype f2a04874c MBO: Fix possible NULL pointer dereference on candidate handling 01dd2b105 ERP: Silence static analyzer warning d912953e3 atheros: Get rid of static analyzer warnings on 0-length memcpy 470f08b4f Enable CONFIG_WNM=y automatically for CONFIG_MBO=y builds f54114825 Fix GAS server ifdef block use 8b49b530b Fix CONFIG_INTERWORKING=y build without CONFIG_HS20=y 0661163ef Do not blacklist the current AP on DISABLE_NETWORK ec27b04e6 hostapd: Select a valid secondary channel if both enabled da6a28ba6 FILS: Specify if FILS HLP was sent in connect a38090b16 FILS: Add HLP to Connect IEs 1e6780bda Allocate dynamic memory for connect IEs 9f894823f PAE: Silence static analyzer warning about NULL pointer dereference 9a72bfe9a Add control interface command to enable/disable roaming fa61bff6a FILS: Handle authentication/association in partial driver AP SME 5cee22ca4 FILS: Make handle_auth_fils() re-usable for driver-based AP SME 5e5f8c816 FILS: Move authentication response handling into a helper function b8a3453ac FILS: Pass only IE area to handle_auth_fils() 9392859d7 FILS: Move AssocResp construction to a helper function bd5993532 FILS: Move Key Confirm element validation to a helper function 087631b98 FILS: Move Session element validation to a helper function cc20edc9f FILS: Add FILS auth_alg to driver-based AP SME association handling 957bff83c FILS: Add driver-AP SME callback to set TK after association 8acbf85fa FILS: Add FILS AEAD parameters for sta_auth() calls f46c154c5 atheros: Add FILS AAD parameters in sta_auth() handler 6b128fb2a driver: Move sta_auth() arguments to a struct d7cff1d87 atheros: Enable raw management frame receive for FILS builds 2b7a8ec47 atheros: Read driver FILS capability d5444aac4 FILS: Add FILS Indication element into Beacon/Probe Response template 8befe8a99 Define a QCA attribute to specify the PCL policy for external ACS 183d3924c WPS: Add option for using random UUID b44d1efd2 FILS: Fix key info in GTK rekey EAPOL-Key msg 2/2 04243740c FILS: Fix GTK rekey by accepting EAPOL-Key msg 1/2 with FILS AKM bbe7969d6 FILS: Update cache identifier on association f705f41b7 FILS: Update PMKSA cache with FILS shared key offload 01ef320f1 FILS: Update ERP next sequence number with driver offload 5538fc930 FILS: Track completion with FILS shared key authentication offload 8b0a6dba8 FILS: Connect request for offloaded FILS shared key authentication 79f3121bb FILS: Set cache identifier in current PMKSA entry for driver-SME case 15def72fa ERP: External control of ERP key information 42e69bda2 FILS: Add support for Cache Identifier in add/remove PMKSA 061a3d3d5 nl80211: Add support for FILS Cache Identifier in add/remove_pmkid() 6fbb54140 driver: Move add_pmkid() and remove_pmkid() arguments into a struct ad295f3b8 nl80211: Add support for FILS shared key offload 199eb3a4e FILS: Add support to write FILS key_mgmt values in network blocks 16217e13d QCA vendor commands and attributes for spectral scan 5db997e34 FILS: Add FTE into FILS Authentication frame from AP when using FILS+FT af3e362fa FILS: Add MDE into Authentication frame for FILS+FT 5aa08153a FT: Add selection of FT+FILS AKMs c10e0ccc9 Hide *PMKSA_ADD parameters from debug log 2971da270 P2P: Do not use wait_time for SD Response TX for last fragmentation c5fee1604 FT: Schedule wpa_ft_rrb_rx() through eloop in intra-process communication 469677367 Sync with mac80211-next.git include/uapi/linux/nl80211.h 775e986d5 hostapd: Fix crash on consecutive channel switch failures 3d5f0e916 wpa_supplicant: Avoid associating to temp disabled SSID in ap_scan=2 fbba28f8c P2P: Suppress warning on non-P2P config 127595887 QCA vendor command: Add TA max duration attribute for OCB configure 2a9ec7c69 Define attributes for QCA vendor OCB commands 6a4363f5f MBO: Fix reject reason codes 0119d4424 FILS: Fix wpa_supplicant compilation errors 4cc6574d0 FILS: Fix fils_cache_id check a5269dc20 wpa_helpers: Ignore link-local IPv4 address while waiting for DHCP e2f00bb5f xml: Add Value node in TNDS node conversion for empty value case a34317b52 GAS: Handle no-ACK TX status for GAS request frames 5db86df6a macsec_linux: Fix NULL pointer dereference on error cases e50df5d2a mka: Fix use-after-free when transmit secure channels are deleted 529d6ed72 mka: Fix use-after-free when receive secure channels are deleted 6c2056abe QCA vendor attributes to extend antenna diversity functionality b4ae5f04d Add vendor attribute to config propagation delay's absolute value 7f5f4e46a Fix QCA_ATTR_NUD_STATS_IS_DAD value 2c0ac6d61 P2P: Run full P2P_FIND scan after pending scan completes d3bb082a7 P2P: Continue scanning specified channel with P2P_FIND freq argument 31e130f82 FILS: Add FILS-SK-PFS capability into "GET_CAPABILITY fils" command 649835167 FILS: Check FILS Indication element against local network profile 76e20f4fa FILS: Add FILS SK auth PFS support in STA mode 1764559ee FILS: Add FILS SK auth PFS support in AP mode cad291d67 FILS: Define authentication algorithm for FILS SK auth with PFS 611523849 OWE: Add CONFIG_OWE=y build option 07a5fe823 OWE: Use AKM 00-0F-AC:11 style parameters for EAPOL-Key frames ef9627cbc Print the algorithms used for EAPOL-Key professing in log ef2383859 Return success/failure result from sha384_prf() 0a6147991 OWE: Process Diffie-Hellman Parameter element in STA mode 09368515d OWE: Process Diffie-Hellman Parameter element in AP mode f9561868e OWE: Add driver capability flag for OWE AKM a1ea1b452 OWE: Define and parse OWE AKM selector 9c7aac738 OWE: Define and parse Diffie-Hellman Parameter element e73244c24 tests: Extract-and-Expand HKDF (RFC 5869) 4ec833daf Extend hmac_sha256_kdf() to support HKDF-Expand() as defined in RFC 5869 ae1ec1aaf OpenSSL: Add wrapper functions for ECDH b07ff9cb0 wpa_supplicant: Allow disabling HT in AP mode without HT overrides 2124a615e wpa_supplicant: Allow explicit wide channel configuration for AP mode 57ee04dc7 wpa_cli: Execute action file in case of WPS_EVENT_TIMEOUT 6252b981d wpa_cli: Execute action file in case of WPS_EVENT_ACTIVE acdf50219 WPS: Notify about WPS PBC event in Enrollee mode 15e5ee0b7 wpa_supplicant: events: Don't bounce timeout reason through a buffer e97d15b73 wpa_cli: Update wnm_bss_query auto complete message 15ab61eda WNM: Add option to configure candidates for BTM query candidate list e044a9d1e common: Add candidate list parsing helper function 13bf18eda WNM: Use a dynamically allocated buffer for BTM query and response 34f285190 MBO: Parse MBO ANQP-element on STA 941caed98 MBO: Add MBO ANQP-element processing on AP 8ecf2231f ANQP: Extend ANQP_GET command to request without IEEE 802.11 elements 2316cb358 MBO: Add option to add MBO query list to ANQP query 7cbb5f1a4 DFS: Handle pre-CAC expired event 62c8c7f72 nl80211: Handle pre-CAC expired event from the driver caaaee072 Sync with mac80211-next.git include/uapi/linux/nl80211.h 3dcd735c1 DFS: Handle CAC completion event from other radio d0330d57f nl80211: Add option to delay start of schedule scan plans b696f791a RRM: Fix wpas_rrm_send_msr_report() loop handling 891aa65b8 RRM: Use dynamically allocated buffer for beacon report a1f11e34c Use os_memdup() dbdda355d Introduce os_memdup() af8bc24da MBO: Add support for transition reject reason code 3ab484928 nl80211: Driver command for checking BTM accept/reject 23cddd751 wpa_supplicant: Fix non_pref_chan example b9fd3c244 tests: Add TEST_FAIL() to radius_msg_add_attr() de01f254a RADIUS server: Fix error paths in new session creation 4c803dfcd ACS: Fix memory leak if interface is disabled during scan 29be2c090 ACS: Simplify code paths fa07d2d46 tests: Add TEST_FAIL() checks in l2_packet d4359923e Fix DHCP/NDISC snoop deinit followed by failing re-init 160dca078 Add QCA vendor command/attr for BRP antenna limit control 57d3c5913 Clear scan_res_handler on no-retry failure e9518ae74 WFD: Add WFD R2 Subelements 21ac78279 QCA nl80211 vendor attribute for specific sub-20 MHz channel width ff936bc75 Make the third octet of Country String configurable 511831983 trace: Look up start to cope with ASLR 206516e8c af_alg: Crypto wrappers for Linux kernel crypto (AF_ALG) b41d3e0a7 crypto: Process des_encrypt() error returns in callers 5f0e165e8 crypto: Add return value to DES and AES encrypt/decrypt dca4b503f MBO: Fix minimum length check on non_pref_chan configuration 5b9f46df0 hostapd: Get channel number from frequency based on other modes as well 4c8836f13 FILS: Fix fils_hlp.c build with older netinet/udp.h definitions c4bb39707 Fix AES-SIV build dependencies 694a3a0d6 mesh: Fix CONFIG_MESH=y build without CONFIG_IEEE80211W=y 88a447556 Fix SELECT_NETWORK freq parameter d02989f2e D-Bus: Notify mesh capability if driver supports it 57a2aacab Add option to disable broadcast deauth in hostapd on AP start/stop 21ed24f5a hostapd: Fix potential mesh-related change from impacting non-mesh cases b7286c1b5 FILS: External management of PMKSA cache entry with Cache Identifier 869af3072 FILS: Use FILS Cache Identifier to extend PMKSA applicability 6aea02e57 SME: Clear portValid on starting authentication to fix FILS ba9774bd7 FILS: Fix BSSID in reassociation case 7eace3787 FILS: Find PMKSA cache entries on AP based on FILS Cache Identifier Bug: 68042382 Test: Device boots up and connects to wifi networks. Test: Regression tests. Change-Id: I6710d39e00c489288f8afe855868ad28aeba0100 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2017-10-24 13:02:12 -07:00
Dmitry Shmidt	293335998d	Cumulative patch from commit 05e5e615e6a26d7a9f5bd0569a0baeae1bcdee49 ... 05e5e615e AP: Skip authentication/deauthentication phase for DMG/IEEE 802.11ad 0c4b9025c AP: Do not look for supported rates in DMG/IEEE 802.11ad e72faadb4 bgscan_simple: Fix short_scan_count comparison 517b5f928 nl80211: Zero num_modes if nl80211_get_hw_feature_data() fails 39c5da328 nl80211: Use correct attribute for scan flags in vendor scan c167662d7 eap_proxy: On SIM error flush PMKSAs only for SIM/AKA/AKA' networks 6657bb158 Fix OOM handling in neighbor report response handling 7187e2093 Allow LCI request with no subelements d73420143 RRM: Enable beacon report with active/passive scan for all drivers ec45927b8 Report received beacon report with BEACON-RESP-RX event f3383366a Report beacon request TX status as control interface event 90d9d7c32 Beacon request through hostapd control interface 73a27a634 Add hostapd configuration parameter rrm_beacon_report de6ec8b55 Enable Beacon Report using beacon table for all drivers 6774c6a9f Update copyright notices for the new year 2017 f56877414 Do not add own BSS in neighbor report with invalid op_class/channel aeff0645d FILS: Fix FILS Realm Information ANQP-element construction 76196ddb2 wpa_supplicant: Add support for Beacon Report Radio Measurement b3060bf99 common: Add helper function to convert RSSI to RCPI 1ac4dba31 wpa_supplicant: Extend verify_channel() and make it global c9ff8e5f6 common: Add function to get an operating class by its number and country e4f1d879c common: Add non-global to global operating classes conversion 96a5f14ee nl80211: Add support for additional scan parameters for beacon report c16b9f8d3 driver: Add scan support to beacon report 3c716fdbd wpa_supplicant: Refactor wpas_rrm_build_lci_report() e1b96e112 wpa_supplicant: Send rejection for unsupported radio measurements 0c73e410d wpa_supplicant: Limit RRM response size to MMPDU size 9664ab8b7 wpa_supplicant: Refactor Radio Measurement Request handling 332bf5d3f wpa_supplicant: Validate RRM request frame format ec493469f wpa_supplicant: Move RRM implementation to a dedicated file d1c74f8c9 Add RRM definitions for beacon report measurement 6a31440b8 Fix LCI request subelement processing ce691a8d9 Add CONFIG_MESH into wpa_supplicant defconfig 67129ab9e wpa_cli: Add commands to use PMKSA_GET/ADD bbad185c1 P2P: Fix compilation warning in p2p_add_device() 2977f5193 GAS: Remove unnecessarily duplicate gas_frag_limit configuration 1940559ea FT: Drop FT Action frames if ft_over_ds=0 d8de90487 Remove deprecated tx_queue_* params from hostapd.conf notes 78022c836 Fix memory leak on hostapd eap_user_file parsing error paths 02f999c6d hostapd: Remove unnecessary NULL check from parser functions fd5f29e7e Fix memory leak in hostapd BSS_TM_REQ error path handling 95de34a10 Remove trailing whitespace 45997cce4 hostapd: Add TERMINATE as per-interface command 546680f81 hostapd: Do not update dtim_period with invalid value 356773058 RADIUS server: Increase maximum number of sessions a5861afcb hostapd: Do not update invalid wep_key_len_unicast f78402ace hostapd: Do not update rejected wep_key_len_broadcast e0ba7efe5 hostapd: Do not update eapol_version with rejected value 9266d00bf hostapd: Reject invalid macaddr_acl value 8628555f9 hostapd: Check driver parameter before replacing previous value 1dfd25a68 Fix hostapd SIGHUP processing before interface is enabled 34e29dfd4 Remove unnecessary NULL check from hostapd_config_read_wpa_psk() call 65dfa8728 mka: Make MKA actor priority configurable 9bcfd5be8 Document new D-Bus WPS properties 77fcbf7ff D-Bus: Use a helper function to get possibly NULL strings dbf524946 D-Bus: Add DeviceType in WPS property 266097fda D-Bus: Add device serial number in WPS property 3ee6a3ab3 D-Bus: Add model number in WPS property ae66822cd D-Bus: Add WPS model name as property 318d4b5be D-Bus: Add WPS manufacturer as property b20f031c6 D-Bus: Add WPS device name as property 4a45dc192 mesh: Show [MESH] flag in print_bss_info() c04a67deb hostapd_cli: Add completion for get command bf4167b9d hostapd_cli: Add completion for set command 86adff09e hostapd_cli: Completion for further commands with STA parameter 4f59ad069 hostapd_cli: Use common completion for commands that use stations 62b95eb67 hostapd_cli: Add missing command help descriptions 04f02faac Fix wpa_cipher_to_alg() return type 9187b13ad wpa_supplicant: Add BSS CURRENT control interface command d7f12e4eb OpenSSL: Make sure local certificate auto chaining is enabled 4be02b71b OpenSSL: Remove SSL_{CTX_,}_clear_options ifdefs 7655bd738 P2P: Do not use wait_time for SD Response TX without fragmentation 1f0fdaf0e Fix race condition between AssocResp callback and 4addr event a6f3761f7 eap_proxy: Add support for SIM state change indication from eap_proxy 79a54ab9f eap_proxy: Fix eap_proxy_init() prototype to use const eapol_cb 4e118c847 D-Bus: Add 'freq' option to P2P Find method to specify starting channel e414f4f02 PeerKey: Fix STK 4-way handshake regression 28fb9bb19 PeerKey: Fix EAPOL-Key processing dfc773172 Android: Add p2p_add_cli_chan=1 option 7508c2ad9 PAE: Make KaY specific details available via control interface b54f43390 FILS: Make FILS Indication element information available in BSS output 8183aee6c FILS: Add support for building FILS Realm Information ANQP-element 9cad61867 FILS: Add Realm Information ANQP-element in BSS data 26bf70e3d FILS: Separate FILS realm configuration from ERP domain 42b847ac1 FILS: Fix hashed realm name derivation 29062f293 Update various definitions based on IEEE Std 802.11-2016 aaa9c60bc Fix preauth_test build by updating add_pmkid/remove_pmkid callbacks 0babae87a Fix wpa_supplicant build error with IEEE8021X_EAPOL unset 19810d29b Make Beacon IEs available in wpa_supplicant BSS command 274e76f22 mesh: Fix channel configuration in pri/sec switch case cebda0e3e Make debug print clearer for AP/mesh mode secondary channel issues 3459381dd External persistent storage for PMKSA cache entries c57931273 Add PMKSA-CACHE-ADDED/REMOVED events to wpa_supplicant 655dc4a43 Send "TERMINATING" event from hostapd 5149a0f04 P2P: Set p2p_persistent_group=1 at the time of reading disabled=2 065c029a5 Remove MBO dependency from Supported Operating Classes element 62cd9d792 nl80211: Specify the BSSID in the QCA vendor scan 444930e5b Define an attribute to do a specific BSSID QCA vendor scan cea761472 Add QCA vendor command definitions for IDs 61-73 cb0cc6efa Define QCA Beacon miss threshold attributes for 2.4 and 5 GHz bands c313c8a5d Fix QCA vendor command values for SAR power limits a5c723adc Interworking: Clear SCANNING state if no network selected a1836de64 SME: Fix IBSS setup after shared key/FT/FILS association f49c852b5 P2P: Fix a theoretical out of bounds read in wpas_p2p_select_go_freq() 944d48588 P2P: Fix a theoretical out of bounds read in wpas_p2p_setup_freqs() 0a6c9dc70 P2P: Send P2P-DEVICE-FOUND event on peer changing device name 9a431d493 WFD: Clear wfd_subelems when P2P peer stops sending them 6e374bd44 Ignore scan results from ongoing scan when FLUSH command is issued 71ac93453 Make update_idx available in BSS control interface command 49aa88bb5 P2P: Clear PEER_WAITING_RESPONSE on GO Negotiation success c79238b6a Define a QCA vendor command to configure SAR Power limits 0f5eb69f8 Use eloop timeout for post-EAP-Failure wait before disconnection 20b1a9e23 Allow hostapd wep_key# parameters to be cleared 5ec3d510e wpa_passphrase: Reject invalid passphrase Test: Wifi Suite Change-Id: Ida52ca4e43bbc326a89d4c9848529df2d545b692 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2017-01-09 12:28:05 -08:00
Dmitry Shmidt	1d755d025b	Cumulative patch from commit 01a025937c67f0eca6021d94b8ec3b144f8b1730 ... 01a0259 WPS: Add support for 60 GHz band 0ef1e29 WPS: Fix shorter authentication timeout during no-SelReg iteration 3465176 nl80211: Verify that cipher suite conversion succeeds a250722 Try to set PMK only with key mgmt offload support in the driver 4a7ce98 Make IPv6 NA multicast-to-unicast conversion configurable 9f390f4 Interworking: Fix network selection warning without SIM/USIM support a0ad9e8 Remove WPA per-VLAN groups when no more stations remain 87b5b53 Make VLAN ID available in STA info over control interface 5678a2d P2P: Allow wpa_supplicant to start if social channels are not supported 209214b vlan: Move CONFIG_FULL_DYNAMIC_VLAN includes to proper places a6da824 Do not use C++ reserved words as variable names eaa3728 wpa_gui: Themed icon loader 9a3cb41 Fix wpa_priv (CONFIG_PRIVSEP=y) build 8b423ed Declare all read only data structures as const fd4fb28 OpenSSL: Try to ensure we don't throw away the PIN unnecessarily fabc6dd mesh: Retransmit the last Commit Message in the Committed state 068669f vlan: Verify RADIUS returned VLAN-ID and dynamic_vlan=required 5add410 WPS: Use shorter authentication timeout during no-SelReg iteration e7d2034 WPS: Enforce five second minimum time before AP iteration bd143cc Remove trailing whitespace from Makefile 74802c0 P2P: Do not create a P2P Device interface if P2P is disabled 579674e Document p2p_disabled option in wpa_supplicant.conf 8ea8a89 nl80211: Extend unique MAC address assignment for station iftype Change-Id: I8bc8a63f37c0892b83376b9d5a5859827ae50554 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2015-04-28 10:34:29 -07:00
Dmitry Shmidt	fb79edc9df	Cumulative patch from commit 95fb2db2420d8fa291fd6423cc6dbcd042f4eb46 ... 95fb2db P2P: Reject group formation on WPS provisioning failure 6fc61e1 Fix TX status processing during AP mode shutdown in wpa_supplicant 90a545c nl80211: Clean up netlink parsing and debug prints b6a9590 Interworking: Keep up to two pending GAS_REQUEST responses 090b8e3 Update copyright notices for the new year 2014 991aa9c nl80211: Move CS supported flag to wpa_driver_capa f0cbb98 Add DRIVER-STATUS command for hostapd 188ebcd EAP-IKEv2 peer: Fix a memory leak in notify round a190189 Remove PEAPv2 support 16a19dd EAP-pwd peer: Allow fragmentation limit to be configured 60bf585 EAP-IKEv2 peer: Allow fragmentation limit to be configured ea6fc58 WPS: Convert printf() debug print to use wpa_printf() c4b8c71 EAP-GPSK: Report CSuite negotiation failure properly 5a0f596 EAP-GPSK: Allow forced algorithm selection to be configured 5f01c3c EAP peer: Improve failure reporting from METHOD with no eapRespData 7271ee8 Fix EAP-GPSK server compilation for SHA256 cipher suite 356d148 Interworking: Add optional freq argument to INTERWORKING_SELECT a09ffd5 Fix req_scan-deplete-timeout and update eloop API for this 083916c P2P: Clear p2p_disabled and p2p_per_sta_psk on FLUSH command 3f45fc4 P2P: Clear services on FLUSH command 1f965e6 Allow external programs to request wpa_radio work items 6428d0a Do not start wpa_radio work during externally triggered scan 6470f47 Remove unneeded scan delay on connection-in-progress 4bb2321 Remove unneeded GAS query delay on connection-in-progress 6ac4b15 Use wpa_radio work for connection b9e6d70 Use radio work for GAS requests e05e130 P2P: Use radio work to protect offchannel Action frame exchanges e1d1c8e Use radio work for P2P Listen requests 1b5d471 Use radio work for P2P scan requests d12a51b Use radio work for scan requests b1ae396 Add framework for exclusive radio operations dd43aaa Add helper functions for cloning and freeing scan parameters 06f9acc Ignore externally triggered scan results with scan_res_handler c9b5559 Clean up ctrl_iface debug prints for monitor events d31b5ac Use cleaner debug print for ctrl_iface commands with private info 9595151 Remove duplicated RX ctrl_iface hexdump 9b85079 Fix scan-cache-clearing operation to avoid unnecessary cases 2f30cac Avoid unnecessary key clearing operations 466bcf9 Remove some unnecessary EAPOL port (un)authorized callbacks 949938a Ask driver to report only new scan results if requested a1a31b6 Remove hostapd dump_file functionality ea23df6 Make EAPOL dump data available through ctrl_iface STA command 96ea74b Convert EAPOL authenticator dump into easier to parse format ca3b71c Remove hostapd dump_file data that is available through ctrl_iface 4c03a2b Make RADIUS server MIB available through control interface f538be3 Add more STA information into the ctrl_iface STA command 101bdc2 Remove forgotten notes about already removed driver wrappers 7006753 Update EAP-FAST note regarding OpenSSL support 17b79e6 nl80211: Initial support for vendor commands and events 5890fa8 WPS: Fix clear-from-timeout handling to avoid race condition c64e3a0 P2P: Send received Presence Response information to ctrl_iface monitors f7fb676 ACS: Mark acs_fail() static 3cf06c9 OpenSSL: Include sha1/sha256 header files to verify declarations 5ace51a WNM: Clean up le16 variable use to avoid sparse warnings c583868 Mark wpas_wps_er_nfc_handover_sel() static 8cf1e68 Move declaration of hostapd_acs_completed() into correct header file 0187c41 Declare wpa_debug_* variables in src/utils/wpa_debug.h fcc6123 Declare wpa_drivers in src/drivers/driver.h 0d79b50 Clear EAPOL Logoff state on FLUSH command 327b01d nl80211: Add driver param for forcing monitor and connect APIs 6f06766 nl80211: Fix nl_mgmt handling in partial error case 4ea6a47 nl80211: Prefer newer scan result over older during duplicate removal 2eef517 nl80211: Report set_supp_port failures in debug log a0bdd19 nl80211: Share a helper function for connect and associate commands e00d546 Remove unnecessary build #ifdef from definitions 4848a38 Get rid of duplicated cipher suite and AKM definitions de4ed4a nl80211: Use helper functions for cipher suite mapping a565084 nl80211: Set control port for NL80211_CMD_COMMAND ef93abd WPS: Clean up UUID debug print 35f3d3e nl80211: Clean up regulatory rule debug prints 880de88 nl80211: Print frame registration match on same debug line 03ed332 Interworking: Allow cred blocks not to be saved to a file 04f7ecc Reset WPA parameters to default values on FLUSH command 152cff6 P2P: Remove WPA_DRIVER_FLAGS_P2P_MGMT option 538d6f4 WPS: Use shorter scan interval during pre-provisioning search 3187fd9 WPS: Replace wpas_wps_in_progress with identical wpas_wps_searching 4414d9e SAE: Fix ECC element y coordinate validation step 069fb47 EAP-EKE: Allow forced algorithm selection to be configured 3a88914 Remove unused information element parsing data dbfb8e8 Remove unnecessary EVENT_RX_ACTION 1450e1e Define __maybe_unused 912b34f Do not process Action frames twice in hostapd SME/MLME 006309b Fix whitespace style 6780713 WPS: Remove unused send_wpabuf() e912986 tests: Verify concurrent WPS protocol run with assigned PIN 8aaafce Make local UUID available through ctrl_iface STATUS command 0e22b8d WPS: Make sure reconfiguration timeout is not left behind on deinit 75d1d0f WPS: Allow testing mode to disable 2.0 functionality f7e2542 Remove unused wps_device_data_dup() c89d9db Remove unnecessary extra tracking of eloop registration c86bf16 Replace unnecessary hex_value() with hex2byte() 7b02375 Clear wps_fragment_size on FLUSH command aa189ac Enable FT with SAE 2d2ecf5 nl80211: Fix protected Action frame reporting for AP mode db76aa6 Fix PeerKey 4-way handshake 7732729 Fix PeerKey deinit behavior 8d321a7 WNM: Move disassociation imminent sending to wnm_ap.c b76f4c2 hostapd: Make STA flags available through ctrl_iface STA command aa03dbd Remove IEEE80211_REQUIRE_AUTH_ACK 121f2ab Remove unused STA flags 3578e66 WNM: Add STA flag to indicate the current WNM-Sleep-Mode state 4776897 WNM: Fix AP processing without wnm_oper driver callback 2025cad WNM: Move ESS Disassoc Imminent sending to a helper function 28ab64a WNM: Minimal processing of BSS Transition Management Query/Response 2cd0f6a WNM: Add Target BSSID into BSS Transition Management Response a8a6a35 WNM: Use nonzero dialog token in BSS Transition Management Query 629edfe WNM: Fix Sleep Mode AP processing in open network 3c1060f WNM: Add debug logs to get the RSSI from the scan results dff1e28 Initial handling of GTK-not-used cipher suite 51e3eaf OpenSSL: Do not accept SSL Client certificate for server 6bf61fb OpenSSL: Use certificates from TLS authentication in OCSP stapling c962947 WPS ER: Fix deinit timeout handling with delayed/failing unsubscribe 7b75c30 WPS: Reschedule AP configuration reload on EAP completion c511b32 WPS: Remove old duplicate network even if key is different 9d2cb3e Make CONFIG_TESTING_OPTIONS=y enable all testing options 662b40b WPS: Reduce scan wait time during WPS processing 015af91 Do not use results from externally requested scan for network selection 1cd93ff Reschedule own scan request if an externally started one is in progress dc3906c Show timing information about scan requests in debug log d81c73b Optional scan id for ctrl_iface SCAN requests a5f40ef Track whether scan was started by us or an external program 18ae237 Fix comment format 88c2d48 Allow passive scan to be requested with SCAN passive=1 3ae3ec2 nl80211: Add scanned frequencies/SSIDs into debug log 69278f7 Remove unused last_scan_full 1f5d2dd Interworking: Allow EAP-FAST to be used 6ffa168 Add GAS-QUERY-START and GAS-QUERY-DONE event messages 93827f4 hostapd: Allow external management frame processing or testing fee5234 Allow channel list to be specified for SCAN command 98eda9c Move int_array helpfer functions to utils/common.c a4cfb48 Add make lcov-html to generate code coverage report bee25cc nl80211: Fetch cipher capabilities from the driver 4daa011 Clean up cipher capability prints 35c2006 Convert wpa_hexdump functions to use void pointer instead of u8 * 5f9c134 Remove obsolete license notifications bd1e328 Android: Remove old WEXT extensions bad5cdf Verify that beacon setup succeeds before proceeding 7d7f7be Verify group key configuration for WPA group 30675c3 Add definitions for new cipher suites from IEEE Std 802.11ac-2013 13b24a7 VHT: Use status code 104 to indicate VHT required ab41595 wpa_supplicant: Fix crash when terminating all interfaces 76aab03 Add secondary channel IE for CSA 8f4713c Store entire CS freq_params and not only freq 13daed5 Include driver.h in hostapd.h a12d345 wpa_supplicant: Use monotonic time for last_scan check 51bffab WPS: Use monotonic time for AP connection attempt 6473e5c wpa_supplicant: Use relative time for TKIP Michael MIC failures 4e1eae1 wpa_supplicant: Use monotonic time for temp-disabled networks 151ab80 P2P: Use monotonic time for GO client waiting 3326f19 IBSS RSN: Use monotonic time for reinit detection 196a217 WPS_UPNP: Use monotonic time for event debouncing 864c9af wps_registrar: Use monotonic time for PBC workaround 61e98e9 wps_registrar: Use monotonic time for PBC session timeout 3647e5a wps_registrar: Use monotonic time for PIN timeout 3618618 rsn_supp: Use monotonic time for PMKSA cache expiry c2be937 wpa_supplicant: Use monotonic time for EAPOL RX workaround e72a001 bgscan: Use monotonic time e05f060 rsn_supp: Do not track expiration time 5870717 RADIUS server: Use monotonic time 4012804 RADIUS client: Use monotonic time acb69ce wpa_supplicant: Use monotonic time for RX/BSS times 46b8d4c wpa_supplicant: Use monotonic time for SA query timeout f073fde EAP server: Remove SIM-DB pending timestamp 636e19a wpa_ctrl: Use monotonic time for request retry loop 7ffe7d2 AP: Use monotonic time for MMIC failure/TKIP countermeasures dd4e32b AP: Use monotonic time for PMKSA cache 0fc545a AP: Use monotonic time for STA accounting 3e06180 bgscan_learn: Start scanning from the first freq f4c73ae bgscan_learn: Fix initial interval 7dab119 bgscan_learn: Avoid redundant frequencies 3727123 bgscan: Stop bgscan only on disassociation b2838ba Update IBSS documentation to include RSN option 429dd9a Advertise QoS Map support based on driver capability 049105b nl80211: Add support for QoS Map configuration 74ddd64 nl80211: Sync with mac80211-next.git 9fcd300 nl80211: Sync with wireless-testing.git Change-Id: Iabdd88d9cabd478a41c3cb0a8d061b425cc1beca Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2014-01-14 10:56:46 -08:00
Dmitry Shmidt	64f47c5c24	wpa_supplicant: Add option -I for additional config file ... This option can be used only for global parameters that is not going to be changed from settings. Change-Id: I4f18aa0a8503cf8cc3a847ac9fcc15419291edf0 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com> Signed-off-by: Iliyan Malchev <malchev@google.com>	2013-04-22 17:13:04 -07:00
Dmitry Shmidt	d5e4923d04	Accumulative patch from commit f5f37d3a4fc2df2a24676b4f95afca15ed793cba ... Author: Jouni Malinen <j@w1.fi> Date: Sun Nov 25 22:05:32 2012 +0200 Fix REAUTHENTICATE command after PMKSA caching The current PMKSA cache entry needs to be clear to allow EAPOL reauthentication to be started in case this association used PMKSA caching. - Remove old WPS_OOB NCF - WPS: Add preliminary NFC connection handover support for Enrollee - WPS: Reenable the networks disabled during wpa_wpas_reassoc - P2P: Avoid multi-channel scans when they are not needed - P2P: Allow discoverable interval for p2p_find to be configured - P2P: Allow all channels with multi-channel concurrency - Bonjour changes - Remove disassociate - HS 2.0 changes - Add preliminary support for using SQLite for eap_user database - Add SAE support - Add disallow_aps parameter to disallow BSSIDs/SSIDs Change-Id: I85358a05b39d46b8db49acdad667e771c580b05c Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2012-12-20 10:35:12 -08:00
Dmitry Shmidt	c5ec7f57ea	Update to new version 0.8.22 from BRCM ... - Based on 0c01d65 : Ignore TX status for Data frames from not associated STA Change-Id: I2776ff8e292593f407bf5b9177640c512e06bf0d Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2012-03-06 16:33:24 -08:00
Dmitry Shmidt	8d520ff1dc	wpa_supplicant: Initial Revision 0.8.X ... Based on: commit 0725cc7b7efc434910e89865c42eda7ce61bbf08 Author: Jouni Malinen <j@w1.fi> Date: Thu Apr 21 20:41:01 2011 +0300 Enable CONFIG_DRIVER_NL80211=y in the default configuration nl80211 should be preferred over WEXT with any recent Linux kernel version. Change-Id: I26aec5afbbd4f4a1f5fd900912545b6f5050de64 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>	2011-05-09 14:24:08 -07:00