Cumulative patch from commit 7ae7a84eefd43ed9385e2f8f520a918468f87178
7ae7a84 NFC: Workaround nfcpy message debug exception
6ceb95c Avoid NULL dereference in ieee802_1x_get_mib_sta() printf
97efe70 wpa_supplicant: Fix NULL dereference in tls_verify_cb()
c0c11af wpa_supplicant: Fix NULL dereference in eap_fast_parse_end()
93a1cae Remove unnecessary NULL check
1e2ffc6 Fix theoretical NULL dereference in debug printf
cbf21c7 P2P: Avoid compiler warning in p2p_supplicant.c
5479ff9 DFS: Avoid compiler warnings in src/ap/dfs.c
5e6aa04 wpa_supplicant: Fix memory leak in wfd_subelems error path
88853ae Fix CONFIG_WPS_NFC=y build without CONFIG_P2P=y
7ac7fd4 Add bssid/freq hint for driver-based BSS selection
92484e2 Start using unodified Developer Certificate of Origin v1.1
56ec49c Sync with wireless-testing.git include/uapi/linux/nl80211.h
b64afe2 Fix SAE state validation on AP
d6bfaaa NFC: Add summary and success file options for nfcpy scripts
25cfc6f P2P NFC: Add p2p-nfc.py --handover-only option
7bea076 P2P NFC: Clean up p2p-nfc.py error handling
b0d18bc WPS: Make UUID-from-MAC Address easily available
825fb6b P2P: Do not indicate P2P_FIND failure if p2p_scan is in progress
8c18fcc WPS: Add more debug information to M7 AP Settings
d7a15d5 WPS: Indicate current AP settings in M7 in unconfigurated state
d55fc03 P2P: Handle unexpected GO Neg Req reject message more cleanly
062a7c0 Fix persistent P2P connection failure in case channel list changes
Change-Id: I5c400a6503f9f00d259ff225999593958322a1ba
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/CONTRIBUTIONS b/CONTRIBUTIONS
new file mode 100644
index 0000000..d20a556
--- /dev/null
+++ b/CONTRIBUTIONS
@@ -0,0 +1,143 @@
+Contributions to hostap.git
+---------------------------
+
+This software is distributed under a permissive open source license to
+allow it to be used in any projects, whether open source or proprietary.
+Contributions to the project are welcome and it is important to maintain
+clear record of contributions and terms under which they are licensed.
+To help with this, following procedure is used to allow acceptance and
+recording of the terms.
+
+All contributions are expected to be licensed under the modified BSD
+license (see below). Acknowledgment of the terms is tracked through
+inclusion of Signed-off-by tag in the contributions at the end of the
+commit log message. This tag indicates that the contributor agrees with
+the Developer Certificate of Origin (DCO) version 1.1 terms (see below;
+also available from http://developercertificate.org/).
+
+
+The current requirements for contributions to hostap.git
+--------------------------------------------------------
+
+To indicate your acceptance of Developer's Certificate of Origin 1.1
+terms, please add the following line to the end of the commit message
+for each contribution you make to the project:
+
+Signed-off-by: Your Name <your@email.example.org>
+
+using your real name. Pseudonyms or anonymous contributions cannot
+unfortunately be accepted.
+
+
+History of license and contributions terms
+------------------------------------------
+
+Until February 11, 2012, in case of most files in hostap.git, "under the
+open source license indicated in the file" means that the contribution
+is licensed both under GPL v2 and modified BSD license (see below) and
+the choice between these licenses is given to anyone who redistributes
+or uses the software. As such, the contribution has to be licensed under
+both options to allow this choice.
+
+As of February 11, 2012, the project has chosen to use only the BSD
+license option for future distribution. As such, the GPL v2 license
+option is no longer used and the contributions are not required to be
+licensed until GPL v2. In case of most files in hostap.git, "under the
+open source license indicated in the file" means that the contribution
+is licensed under the modified BSD license (see below).
+
+Until February 13, 2014, the project used an extended version of the DCO
+that included the identical items (a) through (d) from DCO 1.1 and an
+additional item (e):
+
+(e) The contribution can be licensed under the modified BSD license
+ as shown below even in case of files that are currently licensed
+ under other terms.
+
+This was used during the period when some of the files included the old
+license terms. Acceptance of this extended DCO version was indicated
+with a Signed-hostap tag in the commit message. This additional item (e)
+was used to collect explicit approval to license the contribution with
+only the modified BSD license (see below), i.e., without the GPL v2
+option. This was done to allow simpler licensing terms to be used in the
+future. It should be noted that the modified BSD license is compatible
+with GNU GPL and as such, this possible move to simpler licensing option
+does not prevent use of this software in GPL projects.
+
+
+===[ start quote from http://developercertificate.org/ ]=======================
+
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+ have the right to submit it under the open source license
+ indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+ of my knowledge, is covered under an appropriate open source
+ license and I have the right under that license to submit that
+ work with modifications, whether created in whole or in part
+ by me, under the same open source license (unless I am
+ permitted to submit under a different license), as indicated
+ in the file; or
+
+(c) The contribution was provided directly to me by some other
+ person who certified (a), (b) or (c) and I have not modified
+ it.
+
+(d) I understand and agree that this project and the contribution
+ are public and that a record of the contribution (including all
+ personal information I submit with it, including my sign-off) is
+ maintained indefinitely and may be redistributed consistent with
+ this project or the open source license(s) involved.
+
+===[ end quote from http://developercertificate.org/ ]=========================
+
+
+The license terms used for hostap.git files
+-------------------------------------------
+
+Modified BSD license (no advertisement clause):
+
+Copyright (c) 2002-2014, Jouni Malinen <j@w1.fi> and contributors
+All Rights Reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+3. Neither the name(s) of the above-listed copyright holder(s) nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/README b/README
index f531698..8de14a6 100644
--- a/README
+++ b/README
@@ -7,6 +7,9 @@
These programs are licensed under the BSD license (the one with
advertisement clause removed).
+If you are submitting changes to the project, please see CONTRIBUTIONS
+file for more instructions.
+
This package may include either wpa_supplicant, hostapd, or both. See
README file respective subdirectories (wpa_supplicant/README or
diff --git a/hostapd/main.c b/hostapd/main.c
index 5a1b0a9..3026929 100644
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -14,6 +14,7 @@
#include "utils/common.h"
#include "utils/eloop.h"
+#include "utils/uuid.h"
#include "crypto/random.h"
#include "crypto/tls.h"
#include "common/version.h"
@@ -91,7 +92,8 @@
if (hapd && hapd->conf && addr)
os_snprintf(format, maxlen, "%s: STA " MACSTR "%s%s: %s",
hapd->conf->iface, MAC2STR(addr),
- module_str ? " " : "", module_str, txt);
+ module_str ? " " : "", module_str ? module_str : "",
+ txt);
else if (hapd && hapd->conf)
os_snprintf(format, maxlen, "%s:%s%s %s",
hapd->conf->iface, module_str ? " " : "",
@@ -501,6 +503,27 @@
}
+#ifdef CONFIG_WPS
+static int gen_uuid(const char *txt_addr)
+{
+ u8 addr[ETH_ALEN];
+ u8 uuid[UUID_LEN];
+ char buf[100];
+
+ if (hwaddr_aton(txt_addr, addr) < 0)
+ return -1;
+
+ uuid_gen_mac_addr(addr, uuid);
+ if (uuid_bin2str(uuid, buf, sizeof(buf)) < 0)
+ return -1;
+
+ printf("%s\n", buf);
+
+ return 0;
+}
+#endif /* CONFIG_WPS */
+
+
int main(int argc, char *argv[])
{
struct hapd_interfaces interfaces;
@@ -531,7 +554,7 @@
interfaces.global_ctrl_sock = -1;
for (;;) {
- c = getopt(argc, argv, "b:Bde:f:hKP:Ttvg:G:");
+ c = getopt(argc, argv, "b:Bde:f:hKP:Ttu:vg:G:");
if (c < 0)
break;
switch (c) {
@@ -588,6 +611,10 @@
bss_config = tmp_bss;
bss_config[num_bss_configs++] = optarg;
break;
+#ifdef CONFIG_WPS
+ case 'u':
+ return gen_uuid(optarg);
+#endif /* CONFIG_WPS */
default:
usage();
break;
diff --git a/hostapd/wps-ap-nfc.py b/hostapd/wps-ap-nfc.py
index 58e538a..2fc3012 100755
--- a/hostapd/wps-ap-nfc.py
+++ b/hostapd/wps-ap-nfc.py
@@ -22,6 +22,20 @@
wpas_ctrl = '/var/run/hostapd'
continue_loop = True
+summary_file = None
+success_file = None
+
+def summary(txt):
+ print txt
+ if summary_file:
+ with open(summary_file, 'a') as f:
+ f.write(txt + "\n")
+
+def success_report(txt):
+ summary(txt)
+ if success_file:
+ with open(success_file, 'a') as f:
+ f.write(txt + "\n")
def wpas_connect():
ifaces = []
@@ -48,7 +62,7 @@
def wpas_tag_read(message):
wpas = wpas_connect()
if (wpas == None):
- return
+ return False
if "FAIL" in wpas.request("WPS_NFC_TAG_READ " + str(message).encode("hex")):
return False
return True
@@ -58,21 +72,30 @@
wpas = wpas_connect()
if (wpas == None):
return None
- return wpas.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip().decode("hex")
+ ret = wpas.request("WPS_NFC_CONFIG_TOKEN NDEF")
+ if "FAIL" in ret:
+ return None
+ return ret.rstrip().decode("hex")
def wpas_get_password_token():
wpas = wpas_connect()
if (wpas == None):
return None
- return wpas.request("WPS_NFC_TOKEN NDEF").rstrip().decode("hex")
+ ret = wpas.request("WPS_NFC_TOKEN NDEF")
+ if "FAIL" in ret:
+ return None
+ return ret.rstrip().decode("hex")
def wpas_get_handover_sel():
wpas = wpas_connect()
if (wpas == None):
return None
- return wpas.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip().decode("hex")
+ ret = wpas.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR")
+ if "FAIL" in ret:
+ return None
+ return ret.rstrip().decode("hex")
def wpas_report_handover(req, sel):
@@ -90,8 +113,25 @@
self.ho_server_processing = False
self.success = False
+ # override to avoid parser error in request/response.pretty() in nfcpy
+ # due to new WSC handover format
+ def _process_request(self, request):
+ summary("received handover request {}".format(request.type))
+ response = nfc.ndef.Message("\xd1\x02\x01Hs\x12")
+ if not request.type == 'urn:nfc:wkt:Hr':
+ summary("not a handover request")
+ else:
+ try:
+ request = nfc.ndef.HandoverRequestMessage(request)
+ except nfc.ndef.DecodeError as e:
+ summary("error decoding 'Hr' message: {}".format(e))
+ else:
+ response = self.process_request(request)
+ summary("send handover response {}".format(response.type))
+ return response
+
def process_request(self, request):
- print "HandoverServer - request received"
+ summary("HandoverServer - request received")
try:
print "Parsed handover request: " + request.pretty()
except Exception, e:
@@ -103,14 +143,17 @@
for carrier in request.carriers:
print "Remote carrier type: " + carrier.type
if carrier.type == "application/vnd.wfa.wsc":
- print "WPS carrier type match - add WPS carrier record"
+ summary("WPS carrier type match - add WPS carrier record")
data = wpas_get_handover_sel()
if data is None:
- print "Could not get handover select carrier record from hostapd"
+ summary("Could not get handover select carrier record from hostapd")
continue
print "Handover select carrier record from hostapd:"
print data.encode("hex")
- wpas_report_handover(carrier.record, data)
+ if "OK" in wpas_report_handover(carrier.record, data):
+ success_report("Handover reported successfully")
+ else:
+ summary("Handover report rejected")
message = nfc.ndef.Message(data);
sel.add_carrier(message[0], "active", message[1:])
@@ -122,7 +165,7 @@
print e
print str(sel).encode("hex")
- print "Sending handover select"
+ summary("Sending handover select")
self.success = True
return sel
@@ -133,19 +176,23 @@
for record in tag.ndef.message:
print "record type " + record.type
if record.type == "application/vnd.wfa.wsc":
- print "WPS tag - send to hostapd"
+ summary("WPS tag - send to hostapd")
success = wpas_tag_read(tag.ndef.message)
break
else:
- print "Empty tag"
+ summary("Empty tag")
+
+ if success:
+ success_report("Tag read succeeded")
return success
def rdwr_connected_write(tag):
- print "Tag found - writing"
+ summary("Tag found - writing - " + str(tag))
global write_data
tag.ndef.message = str(write_data)
+ success_report("Tag write succeeded")
print "Done - remove tag"
global only_one
if only_one:
@@ -156,12 +203,12 @@
time.sleep(0.1)
def wps_write_config_tag(clf, wait_remove=True):
- print "Write WPS config token"
+ summary("Write WPS config token")
global write_data, write_wait_remove
write_wait_remove = wait_remove
write_data = wpas_get_config_token()
if write_data == None:
- print "Could not get WPS config token from hostapd"
+ summary("Could not get WPS config token from hostapd")
return
print "Touch an NFC tag"
@@ -169,12 +216,12 @@
def wps_write_password_tag(clf, wait_remove=True):
- print "Write WPS password token"
+ summary("Write WPS password token")
global write_data, write_wait_remove
write_wait_remove = wait_remove
write_data = wpas_get_password_token()
if write_data == None:
- print "Could not get WPS password token from hostapd"
+ summary("Could not get WPS password token from hostapd")
return
print "Touch an NFC tag"
@@ -183,7 +230,7 @@
def rdwr_connected(tag):
global only_one, no_wait
- print "Tag connected: " + str(tag)
+ summary("Tag connected: " + str(tag))
if tag.ndef:
print "NDEF tag: " + tag.type
@@ -196,7 +243,8 @@
global continue_loop
continue_loop = False
else:
- print "Not an NDEF tag - remove tag"
+ summary("Not an NDEF tag - remove tag")
+ return True
return not no_wait
@@ -229,6 +277,10 @@
help='run only one operation and exit')
parser.add_argument('--no-wait', action='store_true',
help='do not wait for tag to be removed before exiting')
+ parser.add_argument('--summary',
+ help='summary file for writing status updates')
+ parser.add_argument('--success',
+ help='success file for writing success update')
parser.add_argument('command', choices=['write-config',
'write-password'],
nargs='?')
@@ -240,6 +292,14 @@
global no_wait
no_wait = args.no_wait
+ if args.summary:
+ global summary_file
+ summary_file = args.summary
+
+ if args.success:
+ global success_file
+ success_file = args.success
+
logging.basicConfig(level=args.loglevel)
try:
diff --git a/src/ap/dfs.c b/src/ap/dfs.c
index e4c00f8..ec691db 100644
--- a/src/ap/dfs.c
+++ b/src/ap/dfs.c
@@ -566,8 +566,8 @@
wpa_printf(MSG_DEBUG, "DFS %d chans unavailable - choose other channel: %s",
res, res ? "yes": "no");
if (res) {
- int sec;
- u8 cf1, cf2;
+ int sec = 0;
+ u8 cf1 = 0, cf2 = 0;
channel = dfs_get_valid_channel(iface, &sec, &cf1, &cf2,
skip_radar);
@@ -633,8 +633,8 @@
{
struct hostapd_channel_data *channel;
int secondary_channel;
- u8 vht_oper_centr_freq_seg0_idx;
- u8 vht_oper_centr_freq_seg1_idx;
+ u8 vht_oper_centr_freq_seg0_idx = 0;
+ u8 vht_oper_centr_freq_seg1_idx = 0;
int skip_radar = 0;
int err = 1;
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 0f67883..c755265 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -471,6 +471,7 @@
HOSTAPD_LEVEL_DEBUG,
"SAE confirm before commit");
resp = WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION;
+ goto failed;
}
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG,
@@ -502,6 +503,7 @@
resp = WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION;
}
+failed:
sta->auth_alg = WLAN_AUTH_SAE;
send_auth_reply(hapd, mgmt->sa, mgmt->bssid, WLAN_AUTH_SAE,
@@ -1127,8 +1129,7 @@
reply->u.assoc_resp.capab_info =
host_to_le16(hostapd_own_capab_info(hapd, sta, 0));
reply->u.assoc_resp.status_code = host_to_le16(status_code);
- reply->u.assoc_resp.aid = host_to_le16((sta ? sta->aid : 0)
- | BIT(14) | BIT(15));
+ reply->u.assoc_resp.aid = host_to_le16(sta->aid | BIT(14) | BIT(15));
/* Supported rates */
p = hostapd_eid_supp_rates(hapd, reply->u.assoc_resp.variable);
/* Extended supported rates */
diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index 49b30e4..21f815a 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -1953,6 +1953,8 @@
int len = 0, ret;
struct eapol_state_machine *sm = sta->eapol_sm;
struct os_reltime diff;
+ const char *name1;
+ const char *name2;
if (sm == NULL)
return 0;
@@ -2088,13 +2090,15 @@
return len;
len += ret;
+ name1 = eap_server_get_name(0, sm->eap_type_authsrv);
+ name2 = eap_server_get_name(0, sm->eap_type_supp);
ret = os_snprintf(buf + len, buflen - len,
"last_eap_type_as=%d (%s)\n"
"last_eap_type_sta=%d (%s)\n",
sm->eap_type_authsrv,
- eap_server_get_name(0, sm->eap_type_authsrv),
+ name1 ? name1 : "",
sm->eap_type_supp,
- eap_server_get_name(0, sm->eap_type_supp));
+ name2 ? name2 : "");
if (ret < 0 || (size_t) ret >= buflen - len)
return len;
len += ret;
diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c
index 1b1dce4..8aafa63 100644
--- a/src/ap/wps_hostapd.c
+++ b/src/ap/wps_hostapd.c
@@ -471,6 +471,8 @@
hapd->wps->ssid_len = cred->ssid_len;
hapd->wps->encr_types = cred->encr_type;
hapd->wps->auth_types = cred->auth_type;
+ hapd->wps->ap_encr_type = cred->encr_type;
+ hapd->wps->ap_auth_type = cred->auth_type;
if (cred->key_len == 0) {
os_free(hapd->wps->network_key);
hapd->wps->network_key = NULL;
@@ -1146,6 +1148,8 @@
wps->psk_set = 1;
}
+ wps->ap_auth_type = wps->auth_types;
+ wps->ap_encr_type = wps->encr_types;
if (conf->wps_state == WPS_STATE_NOT_CONFIGURED) {
/* Override parameters to enable security by default */
wps->auth_types = WPS_AUTH_WPA2PSK | WPS_AUTH_WPAPSK;
diff --git a/src/common/sae.c b/src/common/sae.c
index 08bf054..674cb65 100644
--- a/src/common/sae.c
+++ b/src/common/sae.c
@@ -503,6 +503,8 @@
const u8 *password, size_t password_len,
struct sae_data *sae)
{
+ if (sae->tmp == NULL)
+ return -1;
if (sae->tmp->ec && sae_derive_pwe_ecc(sae, addr1, addr2, password,
password_len) < 0)
return -1;
@@ -634,7 +636,8 @@
int sae_process_commit(struct sae_data *sae)
{
u8 k[SAE_MAX_PRIME_LEN];
- if ((sae->tmp->ec && sae_derive_k_ecc(sae, k) < 0) ||
+ if (sae->tmp == NULL ||
+ (sae->tmp->ec && sae_derive_k_ecc(sae, k) < 0) ||
(sae->tmp->dh && sae_derive_k_ffc(sae, k) < 0) ||
sae_derive_keys(sae, k) < 0)
return -1;
@@ -646,6 +649,10 @@
const struct wpabuf *token)
{
u8 *pos;
+
+ if (sae->tmp == NULL)
+ return;
+
wpabuf_put_le16(buf, sae->group); /* Finite Cyclic Group */
if (token)
wpabuf_put_buf(buf, token);
@@ -990,6 +997,9 @@
{
const u8 *sc;
+ if (sae->tmp == NULL)
+ return;
+
/* Send-Confirm */
sc = wpabuf_put(buf, 0);
wpabuf_put_le16(buf, sae->send_confirm);
@@ -1021,6 +1031,11 @@
wpa_printf(MSG_DEBUG, "SAE: peer-send-confirm %u", WPA_GET_LE16(data));
+ if (sae->tmp == NULL) {
+ wpa_printf(MSG_DEBUG, "SAE: Temporary data not yet available");
+ return -1;
+ }
+
if (sae->tmp->ec)
sae_cn_confirm_ecc(sae, data, sae->peer_commit_scalar,
sae->tmp->peer_commit_element_ecc,
diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 4cfa5f4..64a20ce 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -1373,6 +1373,9 @@
const char *err_str;
err_cert = X509_STORE_CTX_get_current_cert(x509_ctx);
+ if (!err_cert)
+ return 0;
+
err = X509_STORE_CTX_get_error(x509_ctx);
depth = X509_STORE_CTX_get_error_depth(x509_ctx);
ssl = X509_STORE_CTX_get_ex_data(x509_ctx,
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index 7ad8576..d4136d7 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -404,6 +404,16 @@
const u8 *bssid;
/**
+ * bssid_hint - BSSID of a proposed AP
+ *
+ * This indicates which BSS has been found a suitable candidate for
+ * initial association for drivers that use driver/firmwate-based BSS
+ * selection. Unlike the @bssid parameter, @bssid_hint does not limit
+ * the driver from selecting other BSSes in the ESS.
+ */
+ const u8 *bssid_hint;
+
+ /**
* ssid - The selected SSID
*/
const u8 *ssid;
@@ -421,6 +431,16 @@
int freq;
/**
+ * freq_hint - Frequency of the channel the proposed AP is using
+ *
+ * This provides a channel on which a suitable BSS has been found as a
+ * hint for the driver. Unlike the @freq parameter, @freq_hint does not
+ * limit the driver from selecting other channels for
+ * driver/firmware-based BSS selection.
+ */
+ int freq_hint;
+
+ /**
* bg_scan_period - Background scan period in seconds, 0 to disable
* background scan, or -1 to indicate no change to default driver
* configuration
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 5978568..f4bb31c 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8391,6 +8391,13 @@
NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
}
+ if (params->bssid_hint) {
+ wpa_printf(MSG_DEBUG, " * bssid_hint=" MACSTR,
+ MAC2STR(params->bssid_hint));
+ NLA_PUT(msg, NL80211_ATTR_MAC_HINT, ETH_ALEN,
+ params->bssid_hint);
+ }
+
if (params->freq) {
wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
@@ -8398,6 +8405,12 @@
} else
drv->assoc_freq = 0;
+ if (params->freq_hint) {
+ wpa_printf(MSG_DEBUG, " * freq_hint=%d", params->freq_hint);
+ NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ_HINT,
+ params->freq_hint);
+ }
+
if (params->bg_scan_period >= 0) {
wpa_printf(MSG_DEBUG, " * bg scan period=%d",
params->bg_scan_period);
diff --git a/src/drivers/nl80211_copy.h b/src/drivers/nl80211_copy.h
index 91054fd..a12e6ca 100644
--- a/src/drivers/nl80211_copy.h
+++ b/src/drivers/nl80211_copy.h
@@ -418,8 +418,18 @@
* %NL80211_ATTR_SSID attribute, and can optionally specify the association
* IEs in %NL80211_ATTR_IE, %NL80211_ATTR_AUTH_TYPE, %NL80211_ATTR_USE_MFP,
* %NL80211_ATTR_MAC, %NL80211_ATTR_WIPHY_FREQ, %NL80211_ATTR_CONTROL_PORT,
- * %NL80211_ATTR_CONTROL_PORT_ETHERTYPE and
- * %NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT.
+ * %NL80211_ATTR_CONTROL_PORT_ETHERTYPE,
+ * %NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT, %NL80211_ATTR_MAC_HINT, and
+ * %NL80211_ATTR_WIPHY_FREQ_HINT.
+ * If included, %NL80211_ATTR_MAC and %NL80211_ATTR_WIPHY_FREQ are
+ * restrictions on BSS selection, i.e., they effectively prevent roaming
+ * within the ESS. %NL80211_ATTR_MAC_HINT and %NL80211_ATTR_WIPHY_FREQ_HINT
+ * can be included to provide a recommendation of the initial BSS while
+ * allowing the driver to roam to other BSSes within the ESS and also to
+ * ignore this recommendation if the indicated BSS is not ideal. Only one
+ * set of BSSID,frequency parameters is used (i.e., either the enforcing
+ * %NL80211_ATTR_MAC,%NL80211_ATTR_WIPHY_FREQ or the less strict
+ * %NL80211_ATTR_MAC_HINT and %NL80211_ATTR_WIPHY_FREQ_HINT).
* Background scan period can optionally be
* specified in %NL80211_ATTR_BG_SCAN_PERIOD,
* if not specified default background scan configuration
@@ -1555,6 +1565,16 @@
* data is in the format defined for the payload of the QoS Map Set element
* in IEEE Std 802.11-2012, 8.4.2.97.
*
+ * @NL80211_ATTR_MAC_HINT: MAC address recommendation as initial BSS
+ * @NL80211_ATTR_WIPHY_FREQ_HINT: frequency of the recommended initial BSS
+ *
+ * @NL80211_ATTR_MAX_AP_ASSOC_STA: Device attribute that indicates how many
+ * associated stations are supported in AP mode (including P2P GO); u32.
+ * Since drivers may not have a fixed limit on the maximum number (e.g.,
+ * other concurrent operations may affect this), drivers are allowed to
+ * advertise values that cannot always be met. In such cases, an attempt
+ * to add a new station entry with @NL80211_CMD_NEW_STATION may fail.
+ *
* @NL80211_ATTR_MAX: highest attribute number currently defined
* @__NL80211_ATTR_AFTER_LAST: internal use
*/
@@ -1883,6 +1903,11 @@
NL80211_ATTR_QOS_MAP,
+ NL80211_ATTR_MAC_HINT,
+ NL80211_ATTR_WIPHY_FREQ_HINT,
+
+ NL80211_ATTR_MAX_AP_ASSOC_STA,
+
/* add attributes here, update the policy in nl80211.c */
__NL80211_ATTR_AFTER_LAST,
@@ -2412,7 +2437,10 @@
* in KHz. This is not a center a frequency but an actual regulatory
* band edge.
* @NL80211_ATTR_FREQ_RANGE_MAX_BW: maximum allowed bandwidth for this
- * frequency range, in KHz.
+ * frequency range, in KHz. If not present or 0, maximum available
+ * bandwidth should be calculated base on contiguous rules and wider
+ * channels will be allowed to cross multiple contiguous/overlapping
+ * frequency ranges.
* @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN: the maximum allowed antenna gain
* for a given frequency range. The value is in mBi (100 * dBi).
* If you don't have one then don't send this.
@@ -2442,9 +2470,15 @@
* enum nl80211_sched_scan_match_attr - scheduled scan match attributes
* @__NL80211_SCHED_SCAN_MATCH_ATTR_INVALID: attribute number 0 is reserved
* @NL80211_SCHED_SCAN_MATCH_ATTR_SSID: SSID to be used for matching,
- * only report BSS with matching SSID.
+ * only report BSS with matching SSID.
* @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI: RSSI threshold (in dBm) for reporting a
- * BSS in scan results. Filtering is turned off if not specified.
+ * BSS in scan results. Filtering is turned off if not specified. Note that
+ * if this attribute is in a match set of its own, then it is treated as
+ * the default value for all matchsets with an SSID, rather than being a
+ * matchset of its own without an RSSI filter. This is due to problems with
+ * how this API was implemented in the past. Also, due to the same problem,
+ * the only way to create a matchset with only an RSSI filter (with this
+ * attribute) is if there's only a single matchset with the RSSI attribute.
* @NL80211_SCHED_SCAN_MATCH_ATTR_MAX: highest scheduled scan filter
* attribute number currently defined
* @__NL80211_SCHED_SCAN_MATCH_ATTR_AFTER_LAST: internal use
@@ -3131,6 +3165,7 @@
* in an array of MCS numbers.
* @NL80211_TXRATE_VHT: VHT rates allowed for TX rate selection,
* see &struct nl80211_txrate_vht
+ * @NL80211_TXRATE_GI: configure GI, see &enum nl80211_txrate_gi
* @__NL80211_TXRATE_AFTER_LAST: internal
* @NL80211_TXRATE_MAX: highest TX rate attribute
*/
@@ -3139,6 +3174,7 @@
NL80211_TXRATE_LEGACY,
NL80211_TXRATE_HT,
NL80211_TXRATE_VHT,
+ NL80211_TXRATE_GI,
/* keep last */
__NL80211_TXRATE_AFTER_LAST,
@@ -3156,6 +3192,12 @@
__u16 mcs[NL80211_VHT_NSS_MAX];
};
+enum nl80211_txrate_gi {
+ NL80211_TXRATE_DEFAULT_GI,
+ NL80211_TXRATE_FORCE_SGI,
+ NL80211_TXRATE_FORCE_LGI,
+};
+
/**
* enum nl80211_band - Frequency band
* @NL80211_BAND_2GHZ: 2.4 GHz ISM band
diff --git a/src/eap_peer/eap_fast_pac.c b/src/eap_peer/eap_fast_pac.c
index 8c480b9..21d6098 100644
--- a/src/eap_peer/eap_fast_pac.c
+++ b/src/eap_peer/eap_fast_pac.c
@@ -330,6 +330,8 @@
static const char * eap_fast_parse_pac_type(struct eap_fast_pac *pac,
char *pos)
{
+ if (!pos)
+ return "Cannot parse pac type";
pac->pac_type = atoi(pos);
if (pac->pac_type != PAC_TYPE_TUNNEL_PAC &&
pac->pac_type != PAC_TYPE_USER_AUTHORIZATION &&
diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index c103c02..3010377 100644
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -1049,6 +1049,7 @@
} else if (p2p->p2p_scan_running) {
p2p_dbg(p2p, "Failed to start p2p_scan - another p2p_scan was already running");
/* wait for the previous p2p_scan to complete */
+ res = 0; /* do not report failure */
} else {
p2p_dbg(p2p, "Failed to start p2p_scan");
p2p_set_state(p2p, P2P_IDLE);
diff --git a/src/p2p/p2p_go_neg.c b/src/p2p/p2p_go_neg.c
index e28f93e..2e40db1 100644
--- a/src/p2p/p2p_go_neg.c
+++ b/src/p2p/p2p_go_neg.c
@@ -594,6 +594,25 @@
if (msg.status && *msg.status) {
p2p_dbg(p2p, "Unexpected Status attribute (%d) in GO Negotiation Request",
*msg.status);
+ if (dev && p2p->go_neg_peer == dev &&
+ *msg.status == P2P_SC_FAIL_REJECTED_BY_USER) {
+ /*
+ * This mechanism for using Status attribute in GO
+ * Negotiation Request is not compliant with the P2P
+ * specification, but some deployed devices use it to
+ * indicate rejection of GO Negotiation in a case where
+ * they have sent out GO Negotiation Response with
+ * status 1. The P2P specification explicitly disallows
+ * this. To avoid unnecessary interoperability issues
+ * and extra frames, mark the pending negotiation as
+ * failed and do not reply to this GO Negotiation
+ * Request frame.
+ */
+ p2p->cfg->send_action_done(p2p->cfg->cb_ctx);
+ p2p_go_neg_failed(p2p, dev, *msg.status);
+ p2p_parse_free(&msg);
+ return;
+ }
goto fail;
}
diff --git a/src/wps/wps.h b/src/wps/wps.h
index 574fb60..192d283 100644
--- a/src/wps/wps.h
+++ b/src/wps/wps.h
@@ -668,6 +668,16 @@
u16 auth_types;
/**
+ * encr_types - Current AP encryption type (WPS_ENCR_*)
+ */
+ u16 ap_encr_type;
+
+ /**
+ * ap_auth_type - Current AP authentication types (WPS_AUTH_*)
+ */
+ u16 ap_auth_type;
+
+ /**
* network_key - The current Network Key (PSK) or %NULL to generate new
*
* If %NULL, Registrar will generate per-device PSK. In addition, AP
diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c
index 9d48ca5..70d6a17 100644
--- a/src/wps/wps_enrollee.c
+++ b/src/wps/wps_enrollee.c
@@ -243,54 +243,30 @@
static int wps_build_cred_auth_type(struct wps_data *wps, struct wpabuf *msg)
{
- u16 auth_type = wps->wps->auth_types;
-
- /* Select the best authentication type */
- if (auth_type & WPS_AUTH_WPA2PSK)
- auth_type = WPS_AUTH_WPA2PSK;
- else if (auth_type & WPS_AUTH_WPAPSK)
- auth_type = WPS_AUTH_WPAPSK;
- else if (auth_type & WPS_AUTH_OPEN)
- auth_type = WPS_AUTH_OPEN;
- else if (auth_type & WPS_AUTH_SHARED)
- auth_type = WPS_AUTH_SHARED;
-
- wpa_printf(MSG_DEBUG, "WPS: * Authentication Type (0x%x)", auth_type);
+ wpa_printf(MSG_DEBUG, "WPS: * Authentication Type (0x%x)",
+ wps->wps->ap_auth_type);
wpabuf_put_be16(msg, ATTR_AUTH_TYPE);
wpabuf_put_be16(msg, 2);
- wpabuf_put_be16(msg, auth_type);
+ wpabuf_put_be16(msg, wps->wps->ap_auth_type);
return 0;
}
static int wps_build_cred_encr_type(struct wps_data *wps, struct wpabuf *msg)
{
- u16 encr_type = wps->wps->encr_types;
-
- /* Select the best encryption type */
- if (wps->wps->auth_types & (WPS_AUTH_WPA2PSK | WPS_AUTH_WPAPSK)) {
- if (encr_type & WPS_ENCR_AES)
- encr_type = WPS_ENCR_AES;
- else if (encr_type & WPS_ENCR_TKIP)
- encr_type = WPS_ENCR_TKIP;
- } else {
- if (encr_type & WPS_ENCR_WEP)
- encr_type = WPS_ENCR_WEP;
- else if (encr_type & WPS_ENCR_NONE)
- encr_type = WPS_ENCR_NONE;
- }
-
- wpa_printf(MSG_DEBUG, "WPS: * Encryption Type (0x%x)", encr_type);
+ wpa_printf(MSG_DEBUG, "WPS: * Encryption Type (0x%x)",
+ wps->wps->ap_encr_type);
wpabuf_put_be16(msg, ATTR_ENCR_TYPE);
wpabuf_put_be16(msg, 2);
- wpabuf_put_be16(msg, encr_type);
+ wpabuf_put_be16(msg, wps->wps->ap_encr_type);
return 0;
}
static int wps_build_cred_network_key(struct wps_data *wps, struct wpabuf *msg)
{
- wpa_printf(MSG_DEBUG, "WPS: * Network Key");
+ wpa_printf(MSG_DEBUG, "WPS: * Network Key (len=%u)",
+ (unsigned int) wps->wps->network_key_len);
wpabuf_put_be16(msg, ATTR_NETWORK_KEY);
wpabuf_put_be16(msg, wps->wps->network_key_len);
wpabuf_put_data(msg, wps->wps->network_key, wps->wps->network_key_len);
@@ -310,6 +286,9 @@
static int wps_build_ap_settings(struct wps_data *wps, struct wpabuf *plain)
{
+ const u8 *start, *end;
+ int ret;
+
if (wps->wps->ap_settings) {
wpa_printf(MSG_DEBUG, "WPS: * AP Settings (pre-configured)");
wpabuf_put_data(plain, wps->wps->ap_settings,
@@ -317,11 +296,19 @@
return 0;
}
- return wps_build_cred_ssid(wps, plain) ||
+ wpa_printf(MSG_DEBUG, "WPS: * AP Settings based on current configuration");
+ start = wpabuf_put(plain, 0);
+ ret = wps_build_cred_ssid(wps, plain) ||
wps_build_cred_mac_addr(wps, plain) ||
wps_build_cred_auth_type(wps, plain) ||
wps_build_cred_encr_type(wps, plain) ||
wps_build_cred_network_key(wps, plain);
+ end = wpabuf_put(plain, 0);
+
+ wpa_hexdump_key(MSG_DEBUG, "WPS: Plaintext AP Settings",
+ start, end - start);
+
+ return ret;
}
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index c0ad1c1..663f409 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -951,6 +951,7 @@
}
+#ifdef CONFIG_P2P
static int wpas_ctrl_nfc_get_handover_req_p2p(struct wpa_supplicant *wpa_s,
char *reply, size_t max_len,
int ndef)
@@ -973,6 +974,7 @@
return res;
}
+#endif /* CONFIG_P2P */
static int wpas_ctrl_nfc_get_handover_req(struct wpa_supplicant *wpa_s,
@@ -1001,10 +1003,12 @@
wpa_s, reply, max_len, ndef);
}
+#ifdef CONFIG_P2P
if (os_strcmp(pos, "P2P-CR") == 0) {
return wpas_ctrl_nfc_get_handover_req_p2p(
wpa_s, reply, max_len, ndef);
}
+#endif /* CONFIG_P2P */
return -1;
}
@@ -1032,6 +1036,7 @@
}
+#ifdef CONFIG_P2P
static int wpas_ctrl_nfc_get_handover_sel_p2p(struct wpa_supplicant *wpa_s,
char *reply, size_t max_len,
int ndef, int tag)
@@ -1052,6 +1057,7 @@
return res;
}
+#endif /* CONFIG_P2P */
static int wpas_ctrl_nfc_get_handover_sel(struct wpa_supplicant *wpa_s,
@@ -1084,6 +1090,7 @@
os_strcmp(pos, "WPS-CR") == 0, pos2);
}
+#ifdef CONFIG_P2P
if (os_strcmp(pos, "P2P-CR") == 0) {
return wpas_ctrl_nfc_get_handover_sel_p2p(
wpa_s, reply, max_len, ndef, 0);
@@ -1093,6 +1100,7 @@
return wpas_ctrl_nfc_get_handover_sel_p2p(
wpa_s, reply, max_len, ndef, 1);
}
+#endif /* CONFIG_P2P */
return -1;
}
@@ -1160,6 +1168,7 @@
struct wpabuf *req, *sel;
int ret;
char *pos, *role, *type, *pos2;
+#ifdef CONFIG_P2P
char *freq;
int forced_freq = 0;
@@ -1169,6 +1178,7 @@
freq += 6;
forced_freq = atoi(freq);
}
+#endif /* CONFIG_P2P */
role = cmd;
pos = os_strchr(role, ' ');
@@ -1237,11 +1247,14 @@
if (os_strcmp(role, "INIT") == 0 && os_strcmp(type, "WPS") == 0) {
ret = wpas_wps_nfc_report_handover(wpa_s, req, sel);
+#ifdef CONFIG_AP
} else if (os_strcmp(role, "RESP") == 0 && os_strcmp(type, "WPS") == 0)
{
ret = wpas_ap_wps_nfc_report_handover(wpa_s, req, sel);
if (ret < 0)
ret = wpas_er_wps_nfc_report_handover(wpa_s, req, sel);
+#endif /* CONFIG_AP */
+#ifdef CONFIG_P2P
} else if (os_strcmp(role, "INIT") == 0 && os_strcmp(type, "P2P") == 0)
{
ret = wpas_p2p_nfc_report_handover(wpa_s, 1, req, sel, 0);
@@ -1249,6 +1262,7 @@
{
ret = wpas_p2p_nfc_report_handover(wpa_s, 0, req, sel,
forced_freq);
+#endif /* CONFIG_P2P */
} else {
wpa_printf(MSG_DEBUG, "NFC: Unsupported connection handover "
"reported: role=%s type=%s", role, type);
@@ -3490,8 +3504,10 @@
WFD_IE_VENDOR_TYPE);
if (wfd) {
ret = os_snprintf(pos, end - pos, "wfd_subelems=");
- if (ret < 0 || ret >= end - pos)
+ if (ret < 0 || ret >= end - pos) {
+ wpabuf_free(wfd);
return 0;
+ }
pos += ret;
pos += wpa_snprintf_hex(pos, end - pos,
@@ -4391,7 +4407,7 @@
return -1;
}
- return wpas_p2p_group_add_persistent(wpa_s, ssid, 0, freq, ht40, vht,
+ return wpas_p2p_group_add_persistent(wpa_s, ssid, 0, freq, 0, ht40, vht,
NULL, 0);
}
diff --git a/wpa_supplicant/dbus/dbus_new_handlers_p2p.c b/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
index 5150a76..2b83637 100644
--- a/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
+++ b/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
@@ -346,7 +346,7 @@
if (ssid == NULL || ssid->disabled != 2)
goto inv_args;
- if (wpas_p2p_group_add_persistent(wpa_s, ssid, 0, freq, 0, 0,
+ if (wpas_p2p_group_add_persistent(wpa_s, ssid, 0, freq, 0, 0, 0,
NULL, 0)) {
reply = wpas_dbus_error_unknown_error(
message,
diff --git a/wpa_supplicant/examples/p2p-nfc.py b/wpa_supplicant/examples/p2p-nfc.py
index 848f79f..91eba28 100644
--- a/wpa_supplicant/examples/p2p-nfc.py
+++ b/wpa_supplicant/examples/p2p-nfc.py
@@ -33,6 +33,20 @@
srv = None
continue_loop = True
terminate_now = False
+summary_file = None
+success_file = None
+
+def summary(txt):
+ print txt
+ if summary_file:
+ with open(summary_file, 'a') as f:
+ f.write(txt + "\n")
+
+def success_report(txt):
+ summary(txt)
+ if success_file:
+ with open(success_file, 'a') as f:
+ f.write(txt + "\n")
def wpas_connect():
ifaces = []
@@ -63,7 +77,7 @@
def wpas_tag_read(message):
wpas = wpas_connect()
if (wpas == None):
- return
+ return False
cmd = "WPS_NFC_TAG_READ " + str(message).encode("hex")
global force_freq
if force_freq:
@@ -77,16 +91,19 @@
wpas = wpas_connect()
if (wpas == None):
return None
- res = wpas.request("NFC_GET_HANDOVER_REQ NDEF P2P-CR").rstrip().decode("hex")
+ res = wpas.request("NFC_GET_HANDOVER_REQ NDEF P2P-CR").rstrip()
if "FAIL" in res:
return None
- return res
+ return res.decode("hex")
def wpas_get_handover_req_wps():
wpas = wpas_connect()
if (wpas == None):
return None
- return wpas.request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip().decode("hex")
+ res = wpas.request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
+ if "FAIL" in res:
+ return None
+ return res.decode("hex")
def wpas_get_handover_sel(tag=False):
@@ -94,8 +111,12 @@
if (wpas == None):
return None
if tag:
- return wpas.request("NFC_GET_HANDOVER_SEL NDEF P2P-CR-TAG").rstrip().decode("hex")
- return wpas.request("NFC_GET_HANDOVER_SEL NDEF P2P-CR").rstrip().decode("hex")
+ res = wpas.request("NFC_GET_HANDOVER_SEL NDEF P2P-CR-TAG").rstrip()
+ else:
+ res = wpas.request("NFC_GET_HANDOVER_SEL NDEF P2P-CR").rstrip()
+ if "FAIL" in res:
+ return None
+ return res.decode("hex")
def wpas_get_handover_sel_wps():
@@ -137,7 +158,7 @@
if include_p2p_req:
data = wpas_get_handover_req()
if (data == None):
- print "Could not get handover request carrier record from wpa_supplicant"
+ summary("Could not get handover request carrier record from wpa_supplicant")
return
print "Handover request carrier record from wpa_supplicant: " + data.encode("hex")
datamsg = nfc.ndef.Message(data)
@@ -166,31 +187,33 @@
client = nfc.handover.HandoverClient(llc)
try:
- print "Trying handover";
+ summary("Trying to initiate NFC connection handover")
client.connect()
- print "Connected for handover"
+ summary("Connected for handover")
except nfc.llcp.ConnectRefused:
- print "Handover connection refused"
+ summary("Handover connection refused")
client.close()
return
except Exception, e:
- print "Other exception: " + str(e)
+ summary("Other exception: " + str(e))
client.close()
return
- print "Sending handover request"
+ summary("Sending handover request")
if not client.send(message):
- print "Failed to send handover request"
+ summary("Failed to send handover request")
+ client.close()
+ return
- print "Receiving handover response"
+ summary("Receiving handover response")
message = client._recv()
if message is None:
- print "No response received"
+ summary("No response received")
client.close()
return
if message.type != "urn:nfc:wkt:Hs":
- print "Response was not Hs - received: " + message.type
+ summary("Response was not Hs - received: " + message.type)
client.close()
return
@@ -201,7 +224,7 @@
print e
print str(message).encode("hex")
message = nfc.ndef.HandoverSelectMessage(message)
- print "Handover select received"
+ summary("Handover select received")
try:
print message.pretty()
except Exception, e:
@@ -211,7 +234,10 @@
print "Remote carrier type: " + carrier.type
if carrier.type == "application/vnd.wfa.p2p":
print "P2P carrier type match - send to wpa_supplicant"
- wpas_report_handover(data, carrier.record, "INIT")
+ if "OK" in wpas_report_handover(data, carrier.record, "INIT"):
+ success_report("P2P handover reported successfully (initiator)")
+ else:
+ summary("P2P handover report rejected")
break
print "Remove peer"
@@ -237,6 +263,23 @@
self.ho_server_processing = False
self.success = False
+ # override to avoid parser error in request/response.pretty() in nfcpy
+ # due to new WSC handover format
+ def _process_request(self, request):
+ summary("received handover request {}".format(request.type))
+ response = nfc.ndef.Message("\xd1\x02\x01Hs\x12")
+ if not request.type == 'urn:nfc:wkt:Hr':
+ summary("not a handover request")
+ else:
+ try:
+ request = nfc.ndef.HandoverRequestMessage(request)
+ except nfc.ndef.DecodeError as e:
+ summary("error decoding 'Hr' message: {}".format(e))
+ else:
+ response = self.process_request(request)
+ summary("send handover response {}".format(response.type))
+ return response
+
def process_request(self, request):
self.ho_server_processing = True
clear_raw_mode()
@@ -268,8 +311,11 @@
print "Handover select carrier record from wpa_supplicant:"
print data.encode("hex")
self.sent_carrier = data
- wpas_report_handover(self.received_carrier, self.sent_carrier,
- "RESP")
+ if "OK" in wpas_report_handover(self.received_carrier, self.sent_carrier, "RESP"):
+ success_report("P2P handover reported successfully (responder)")
+ else:
+ summary("P2P handover report rejected")
+ break
message = nfc.ndef.Message(data);
sel.add_carrier(message[0], "active", message[1:])
@@ -295,8 +341,11 @@
print "Handover select carrier record from wpa_supplicant:"
print data.encode("hex")
self.sent_carrier = data
- wpas_report_handover_wsc(self.received_carrier,
- self.sent_carrier, "RESP")
+ if "OK" in wpas_report_handover_wsc(self.received_carrier, self.sent_carrier, "RESP"):
+ success_report("WSC handover reported successfully")
+ else:
+ summary("WSC handover report rejected")
+ break
message = nfc.ndef.Message(data);
sel.add_carrier(message[0], "active", message[1:])
@@ -310,7 +359,7 @@
print e
print str(sel).encode("hex")
- print "Sending handover select"
+ summary("Sending handover select")
self.success = True
return sel
@@ -349,23 +398,27 @@
for record in tag.ndef.message:
print "record type " + record.type
if record.type == "application/vnd.wfa.wsc":
- print "WPS tag - send to wpa_supplicant"
+ summary("WPS tag - send to wpa_supplicant")
success = wpas_tag_read(tag.ndef.message)
break
if record.type == "application/vnd.wfa.p2p":
- print "P2P tag - send to wpa_supplicant"
+ summary("P2P tag - send to wpa_supplicant")
success = wpas_tag_read(tag.ndef.message)
break
else:
- print "Empty tag"
+ summary("Empty tag")
+
+ if success:
+ success_report("Tag read succeeded")
return success
def rdwr_connected_p2p_write(tag):
- print "Tag found - writing"
+ summary("Tag found - writing - " + str(tag))
global p2p_sel_data
tag.ndef.message = str(p2p_sel_data)
+ success_report("Tag write succeeded")
print "Done - remove tag"
global only_one
if only_one:
@@ -378,7 +431,7 @@
print "Write P2P handover select"
data = wpas_get_handover_sel(tag=True)
if (data == None):
- print "Could not get P2P handover select from wpa_supplicant"
+ summary("Could not get P2P handover select from wpa_supplicant")
return
global p2p_sel_wait_remove
@@ -400,7 +453,7 @@
def rdwr_connected(tag):
global only_one, no_wait
- print "Tag connected: " + str(tag)
+ summary("Tag connected: " + str(tag))
if tag.ndef:
print "NDEF tag: " + tag.type
@@ -413,7 +466,8 @@
global continue_loop
continue_loop = False
else:
- print "Not an NDEF tag - remove tag"
+ summary("Not an NDEF tag - remove tag")
+ return True
return not no_wait
@@ -504,8 +558,14 @@
help='do not use stdout input to initiate handover')
parser.add_argument('--tag-read-only', '-t', action='store_true',
help='tag read only (do not allow connection handover)')
+ parser.add_argument('--handover-only', action='store_true',
+ help='connection handover only (do not allow tag read)')
parser.add_argument('--freq', '-f',
help='forced frequency of operating channel in MHz')
+ parser.add_argument('--summary',
+ help='summary file for writing status updates')
+ parser.add_argument('--success',
+ help='success file for writing success update')
parser.add_argument('command', choices=['write-p2p-sel'],
nargs='?')
args = parser.parse_args()
@@ -533,6 +593,14 @@
global include_wps_req
include_wps_req = False
+ if args.summary:
+ global summary_file
+ summary_file = args.summary
+
+ if args.success:
+ global success_file
+ success_file = args.success
+
if args.no_input:
global no_input
no_input = True
@@ -557,6 +625,11 @@
if args.tag_read_only:
if not clf.connect(rdwr={'on-connect': rdwr_connected}):
break
+ elif args.handover_only:
+ if not clf.connect(llcp={'on-startup': llcp_startup,
+ 'on-connect': llcp_connected},
+ terminate=terminate_loop):
+ break
else:
if not clf.connect(rdwr={'on-connect': rdwr_connected},
llcp={'on-startup': llcp_startup,
diff --git a/wpa_supplicant/examples/wps-nfc.py b/wpa_supplicant/examples/wps-nfc.py
index 35d1270..7459eb9 100755
--- a/wpa_supplicant/examples/wps-nfc.py
+++ b/wpa_supplicant/examples/wps-nfc.py
@@ -26,6 +26,20 @@
srv = None
continue_loop = True
terminate_now = False
+summary_file = None
+success_file = None
+
+def summary(txt):
+ print txt
+ if summary_file:
+ with open(summary_file, 'a') as f:
+ f.write(txt + "\n")
+
+def success_report(txt):
+ summary(txt)
+ if success_file:
+ with open(success_file, 'a') as f:
+ f.write(txt + "\n")
def wpas_connect():
ifaces = []
@@ -84,14 +98,19 @@
wpas = wpas_connect()
if (wpas == None):
return None
- return wpas.request("WPS_NFC_TOKEN NDEF").rstrip().decode("hex")
-
+ ret = wpas.request("WPS_NFC_TOKEN NDEF")
+ if "FAIL" in ret:
+ return None
+ return ret.rstrip().decode("hex")
def wpas_get_handover_req():
wpas = wpas_connect()
if (wpas == None):
return None
- return wpas.request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip().decode("hex")
+ ret = wpas.request("NFC_GET_HANDOVER_REQ NDEF WPS-CR")
+ if "FAIL" in ret:
+ return None
+ return ret.rstrip().decode("hex")
def wpas_get_handover_sel(uuid):
@@ -123,9 +142,26 @@
self.ho_server_processing = False
self.success = False
+ # override to avoid parser error in request/response.pretty() in nfcpy
+ # due to new WSC handover format
+ def _process_request(self, request):
+ summary("received handover request {}".format(request.type))
+ response = nfc.ndef.Message("\xd1\x02\x01Hs\x12")
+ if not request.type == 'urn:nfc:wkt:Hr':
+ summary("not a handover request")
+ else:
+ try:
+ request = nfc.ndef.HandoverRequestMessage(request)
+ except nfc.ndef.DecodeError as e:
+ summary("error decoding 'Hr' message: {}".format(e))
+ else:
+ response = self.process_request(request)
+ summary("send handover response {}".format(response.type))
+ return response
+
def process_request(self, request):
self.ho_server_processing = True
- print "HandoverServer - request received"
+ summary("HandoverServer - request received")
try:
print "Parsed handover request: " + request.pretty()
except Exception, e:
@@ -136,15 +172,18 @@
for carrier in request.carriers:
print "Remote carrier type: " + carrier.type
if carrier.type == "application/vnd.wfa.wsc":
- print "WPS carrier type match - add WPS carrier record"
+ summary("WPS carrier type match - add WPS carrier record")
data = wpas_get_handover_sel(self.uuid)
if data is None:
- print "Could not get handover select carrier record from wpa_supplicant"
+ summary("Could not get handover select carrier record from wpa_supplicant")
continue
print "Handover select carrier record from wpa_supplicant:"
print data.encode("hex")
self.sent_carrier = data
- wpas_report_handover(carrier.record, self.sent_carrier, "RESP")
+ if "OK" in wpas_report_handover(carrier.record, self.sent_carrier, "RESP"):
+ success_report("Handover reported successfully (responder)")
+ else:
+ summary("Handover report rejected (responder)")
message = nfc.ndef.Message(data);
sel.add_carrier(message[0], "active", message[1:])
@@ -156,17 +195,17 @@
print e
print str(sel).encode("hex")
- print "Sending handover select"
+ summary("Sending handover select")
self.success = True
return sel
def wps_handover_init(llc):
- print "Trying to initiate WPS handover"
+ summary("Trying to initiate WPS handover")
data = wpas_get_handover_req()
if (data == None):
- print "Could not get handover request carrier record from wpa_supplicant"
+ summary("Could not get handover request carrier record from wpa_supplicant")
return
print "Handover request carrier record from wpa_supplicant: " + data.encode("hex")
@@ -184,27 +223,33 @@
client = nfc.handover.HandoverClient(llc)
try:
- print "Trying handover";
+ summary("Trying to initiate NFC connection handover")
client.connect()
- print "Connected for handover"
+ summary("Connected for handover")
except nfc.llcp.ConnectRefused:
- print "Handover connection refused"
+ summary("Handover connection refused")
+ client.close()
+ return
+ except Exception, e:
+ summary("Other exception: " + str(e))
client.close()
return
- print "Sending handover request"
+ summary("Sending handover request")
if not client.send(message):
- print "Failed to send handover request"
+ summary("Failed to send handover request")
+ client.close()
+ return
- print "Receiving handover response"
+ summary("Receiving handover response")
message = client._recv()
if message is None:
- print "No response received"
+ summary("No response received")
client.close()
return
if message.type != "urn:nfc:wkt:Hs":
- print "Response was not Hs - received: " + message.type
+ summary("Response was not Hs - received: " + message.type)
client.close()
return
@@ -215,7 +260,7 @@
print e
print str(message).encode("hex")
message = nfc.ndef.HandoverSelectMessage(message)
- print "Handover select received"
+ summary("Handover select received")
try:
print message.pretty()
except Exception, e:
@@ -225,7 +270,10 @@
print "Remote carrier type: " + carrier.type
if carrier.type == "application/vnd.wfa.wsc":
print "WPS carrier type match - send to wpa_supplicant"
- wpas_report_handover(data, carrier.record, "INIT")
+ if "OK" in wpas_report_handover(data, carrier.record, "INIT"):
+ success_report("Handover reported successfully (initiator)")
+ else:
+ summary("Handover report rejected (initiator)")
# nfcpy does not support the new format..
#wifi = nfc.ndef.WifiConfigRecord(carrier.record)
#print wifi.pretty()
@@ -250,11 +298,14 @@
for record in tag.ndef.message:
print "record type " + record.type
if record.type == "application/vnd.wfa.wsc":
- print "WPS tag - send to wpa_supplicant"
+ summary("WPS tag - send to wpa_supplicant")
success = wpas_tag_read(tag.ndef.message)
break
else:
- print "Empty tag"
+ summary("Empty tag")
+
+ if success:
+ success_report("Tag read succeeded")
if wait_remove:
print "Remove tag"
@@ -265,9 +316,10 @@
def rdwr_connected_write(tag):
- print "Tag found - writing"
+ summary("Tag found - writing - " + str(tag))
global write_data
tag.ndef.message = str(write_data)
+ success_report("Tag write succeeded")
print "Done - remove tag"
global only_one
if only_one:
@@ -318,7 +370,7 @@
def rdwr_connected(tag):
global only_one, no_wait
- print "Tag connected: " + str(tag)
+ summary("Tag connected: " + str(tag))
if tag.ndef:
print "NDEF tag: " + tag.type
@@ -331,7 +383,8 @@
global continue_loop
continue_loop = False
else:
- print "Not an NDEF tag - remove tag"
+ summary("Not an NDEF tag - remove tag")
+ return True
return not no_wait
@@ -398,6 +451,10 @@
help='UUID of an AP (used for WPS ER operations)')
parser.add_argument('--id',
help='network id (used for WPS ER operations)')
+ parser.add_argument('--summary',
+ help='summary file for writing status updates')
+ parser.add_argument('--success',
+ help='success file for writing success update')
parser.add_argument('command', choices=['write-config',
'write-er-config',
'write-password'],
@@ -413,6 +470,14 @@
global no_wait
no_wait = args.no_wait
+ if args.summary:
+ global summary_file
+ summary_file = args.summary
+
+ if args.success:
+ global success_file
+ success_file = args.success
+
logging.basicConfig(level=args.loglevel)
try:
diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 2928b6f..1495ea4 100644
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -3055,7 +3055,7 @@
if (s) {
int go = s->mode == WPAS_MODE_P2P_GO;
wpas_p2p_group_add_persistent(
- wpa_s, s, go, go ? op_freq : 0, 0, 0, NULL,
+ wpa_s, s, go, 0, go ? op_freq : 0, 0, 0, NULL,
go ? P2P_MAX_INITIAL_CONN_WAIT_GO_REINVOKE : 0);
} else if (bssid) {
wpa_s->user_initiated_pd = 0;
@@ -3168,7 +3168,6 @@
{
struct wpa_supplicant *wpa_s = ctx;
struct wpa_ssid *ssid;
- int freq;
if (bssid) {
wpa_msg_global(wpa_s, MSG_INFO, P2P_EVENT_INVITATION_RESULT
@@ -3224,17 +3223,10 @@
"starting persistent group");
os_sleep(0, 50000);
- freq = wpa_s->p2p_persistent_go_freq;
- if (neg_freq > 0 && ssid->mode == WPAS_MODE_P2P_GO &&
- freq_included(channels, neg_freq)) {
- wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Use frequence %d MHz from invitation for GO mode",
- neg_freq);
- freq = neg_freq;
- }
-
wpas_p2p_group_add_persistent(wpa_s, ssid,
ssid->mode == WPAS_MODE_P2P_GO,
- freq,
+ wpa_s->p2p_persistent_go_freq,
+ neg_freq,
wpa_s->p2p_go_ht40, wpa_s->p2p_go_vht,
channels,
ssid->mode == WPAS_MODE_P2P_GO ?
@@ -3469,7 +3461,7 @@
struct hostapd_hw_modes *mode,
u8 channel, u8 bw)
{
- int flag;
+ int flag = 0;
enum chan_allowed res, res2;
res2 = res = has_channel(wpa_s->global, mode, channel, &flag);
@@ -5174,12 +5166,12 @@
int wpas_p2p_group_add_persistent(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid, int addr_allocated,
- int freq, int ht40, int vht,
- const struct p2p_channels *channels,
+ int force_freq, int neg_freq, int ht40,
+ int vht, const struct p2p_channels *channels,
int connection_timeout)
{
struct p2p_go_neg_results params;
- int go = 0;
+ int go = 0, freq;
if (ssid->disabled != 2 || ssid->ssid == NULL)
return -1;
@@ -5205,9 +5197,15 @@
if (ssid->mode != WPAS_MODE_P2P_GO)
return -1;
- freq = wpas_p2p_select_go_freq(wpa_s, freq);
- if (freq < 0)
- return -1;
+ if (force_freq > 0) {
+ freq = wpas_p2p_select_go_freq(wpa_s, force_freq);
+ if (freq < 0)
+ return -1;
+ } else {
+ freq = wpas_p2p_select_go_freq(wpa_s, neg_freq);
+ if (freq < 0 || (freq > 0 && !freq_included(channels, freq)))
+ freq = 0;
+ }
if (wpas_p2p_init_go_params(wpa_s, ¶ms, freq, ht40, vht, channels))
return -1;
diff --git a/wpa_supplicant/p2p_supplicant.h b/wpa_supplicant/p2p_supplicant.h
index 685313c..d3d36b1 100644
--- a/wpa_supplicant/p2p_supplicant.h
+++ b/wpa_supplicant/p2p_supplicant.h
@@ -36,8 +36,8 @@
int freq, int ht40, int vht);
int wpas_p2p_group_add_persistent(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid, int addr_allocated,
- int freq, int ht40, int vht,
- const struct p2p_channels *channels,
+ int force_freq, int neg_freq, int ht40,
+ int vht, const struct p2p_channels *channels,
int connection_timeout);
struct p2p_group * wpas_p2p_group_init(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid);
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 455b158..e21c653 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1656,6 +1656,8 @@
params.bssid = bss->bssid;
params.freq = bss->freq;
}
+ params.bssid_hint = bss->bssid;
+ params.freq_hint = bss->freq;
} else {
params.ssid = ssid->ssid;
params.ssid_len = ssid->ssid_len;