| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Simplify licensing terms for hostap.git by selecting the BSD license
alternative for any future distribution. This drops the GPL v2
alternative from distribution terms and from contribution requirements.
The BSD license alternative that has been used in hostap.git (the one
with advertisement clause removed) is compatible with GPL and as such
the software in hostap.git can still be used with GPL projects. In
addition, any new contribution to hostap.git is expected to be licensed
under the BSD terms that allow the changes to be merged into older
hostap repositories that still include the GPL v2 alternative.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
| |
Signed-hostap: Dan Harkins <dharkins@lounge.org>
|
| |
|
|
| |
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
hostapd uses the poll method to check if the station is alive
after the station has been inactive for ap_max_inactivity seconds.
Make the poll mechanism configurable so that user can choose to
disconnect idle clients.
This can be especially useful when some devices/firmwares have
restrictions on the number of clients that can connect to the AP
and that limit is smaller than the total number of stations trying
to use the AP.
Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This allows per-device PSK to be configured for WPA-Personal using a
RADIUS authentication server. This uses RADIUS-based MAC address ACL
(macaddr_acl=2), i.e., Access-Request uses the MAC address of the
station as the User-Name and User-Password. The WPA passphrase is
returned in Tunnel-Password attribute in Access-Accept. This
functionality can be enabled with the new hostapd.conf parameter,
wpa_psk_radius.
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
|
| |
|
|
|
| |
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
|
| |
|
|
|
|
|
| |
This generates better log messages when running multiple
interfaces in one process.
Signed-off-by: Ben Greear <greearb@candelatech.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Testing code can now be enabled in the hostapd RADIUS server to dump
each derived MSK into a text file (e.g., to be used as an input to
wlantest). This functionality is not included in the default build
and can be enabled by adding the following line to hostapd/.config:
CFLAGS += -DCONFIG_RADIUS_TEST
The MSK dump file is specified with dump_msk_file parameter in
hostapd.conf (path to the dump file). If this variable is not set,
MSK dump mechanism is not enabled at run time.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
|
| |
A new hostapd.conf parameter, wps_rf_bands, can now be used to fix the
RF Bands value in cases where hw_mode is not set or when operating a
dual band dual concurrent AP.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
| |
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
| |
wpa_supplicant was already doing this and hostapd will need to define
this for future additions.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
| |
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
| |
This is part of commit e61a2d6db6113da5fad91660764afdb0596dbc46 from
Android wpa_supplicant_8.git.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
|
| |
|
|
|
| |
This is commit bbda627478b0e9a312fea4662cd7cd8d6bdf82bf from
Android wpa_supplicant_8.git.
|
| |
|
|
|
|
|
|
|
|
| |
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
|
| | |
|
| |
|
|
|
|
|
|
| |
This cleans up the code a bit by not having to deal with theoretical
possibility of maximum number of EAP methods to be different between
various components in hostapd.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
| |
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
| |
The libnl_2 library uses static linking and different path for
header files in the Android ICS release.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
|
| |
|
|
| |
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
|
| |
|
|
| |
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
|
| |
|
|
|
|
|
| |
Replace the inline helper function with a new C file that can be used
for common driver API related function.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
| |
This avoids allocating global driver state for driver wrappers that
are built in but not used. This can save some resources and avoids
failures with driver_nl80211.c that is now initializing netlink
connections for nl80211 in global_init().
|
| |
|
|
|
| |
Now both wpa_supplicant and hostapd allow the driver wrappers to use the
global context similarly.
|
| |
|
|
| |
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
|
| |
|
|
|
| |
This adds preliminary support for IEEE 802.11v Time Advertisement
mechanism with UTC TSF offset.
|
| | |
|
| |
|
|
|
| |
The preferred way of configuring AP mode will be to use set_ap() instead
of number of separate operations hostapd has collected over the years.
|
| |
|
|
|
|
| |
This is the first step in allowing SA Query mechanism in hostapd to be
used with drivers that implement authentication and association MLME/SME
(i.e., do not use ieee802_11.c).
|
| |
|
|
|
|
|
| |
"hostapd_cli ess_disassoc (STA addr) (URL)" can now be used to send
an ESS Dissassociation Imminent notification to the STA. This event
is shown in wpa_supplicant ctrl_iface monitors (e.g., wpa_cli):
"WNM: ESS Disassociation Imminent - session_info_url=http://example.com/session/"
|
| | |
|
| |
|
|
|
|
|
| |
If CONFIG_NO_RANDOM_POOL is unset, src/crypto/random.o is linked
into hlr_auc_gw. However, in this configuration, random.o requires
symbols defined in src/utils/eloop.o. So add eloop.o to the object
file list for hlr_auc_gw.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
These protocols seem to be abandoned: latest IETF drafts have expired
years ago and it does not seem likely that EAP-TTLSv1 would be
deployed. The implementation in hostapd/wpa_supplicant was not complete
and not fully tested. In addition, the TLS/IA functionality was only
available when GnuTLS was used. Since GnuTLS removed this functionality
in 3.0.0, there is no available TLS/IA implementation in the latest
version of any supported TLS library.
Remove the EAP-TTLSv1 and TLS/IA implementation to clean up unwanted
complexity from hostapd and wpa_supplicant. In addition, this removes
any potential use of the GnuTLS extra library.
|
| |
|
|
|
| |
This is disabled by defautl and can be enabled with CONFIG_TLSV11=y
build configuration parameter.
|
| |
|
|
| |
Signed-off-by: Pavel Roskin <proski@gnu.org>
|
| |
|
|
|
|
| |
This is needed to avoid confusing configuration in some nl80211
drivers that the new AP mode configuration alternatives for
setting security policy.
|
| |
|
|
|
|
|
|
|
| |
os_*() wrappers should be used instead of functions from time.h.
Removing the header from includes.h enforces this. os_unix.c can
include this its uses are valid wrapper calls. wps_upnp.c uses
gmtime() for which there is no os_*() wrapper available yet, so
allow it to use time.h, too. Similarly, allow dump_state.c to
use time.h for ctime().
|
| |
|
|
|
|
|
|
|
|
|
| |
Extend the code that waits for the station to send EAPOL-Start before
initiating EAPOL authenticator operations to cover the case where the
station includes WPS IE in (Re)Association Request frame if that IE
does not include support for WPS 2.0. While this should not really
be needed, this may help with some deployed WPS 1.0 stations that do
not support EAPOL operations correctly and may get confused of the
EAP-Request/Identity packets that would show up twice if EAPOL-Start
is transmitted.
|
| |
|
|
|
| |
This is more likely to work if someone tests the example file with
no or minimal changes.
|
| |
|
|
| |
Signed-off-by: Pavel Roskin <proski@gnu.org>
|
| | |
|
| |
|
|
|
| |
This brings hostapd_cli closer to the design used in wpa_cli
and allows command history and editing mechanisms to be added.
|
| |
|
|
|
|
|
| |
A new hostapd configuration parameter, disable_pmksa_caching=1, can now
be used to disable PMKSA caching on the Authenticator. This forces the
stations to complete EAP authentication on every association when WPA2
is being used.
|
| |
|
|
|
|
|
| |
This can be used to avoid rejection of first two 4-way handshakes every
time hostapd (or wpa_supplicant in AP/IBSS mode) is restarted. A new
command line parameter, -e, can now be used to specify an entropy file
that will be used to maintain the needed state.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Windows 7 uses incorrect way of figuring out AP's WPS capabilities by
acting as a Registrar and using M1 from the AP. The config methods
attribute in that message is supposed to indicate only the configuration
method supported by the AP in Enrollee role, i.e., to add an external
Registrar. For that case, PBC shall not be used and as such, the
PushButton config method is removed from M1 by default. If pbc_in_m1=1
is included in the configuration file, the PushButton config method is
left in M1 (if included in config_methods parameter) to allow Windows 7
to use PBC instead of PIN (e.g., from a label in the AP).
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Set all the interfaces.iface pointers to NULL after the allocation of
that memory block for cases those pointers are accessed during each of
the interfaces initialization process (hostapd_interface_init()). One
example for such case is during WPS initialization when the code tries
to fetch the uuid from each of the interfaces.
Signed-off-by: Guy Eilam <guy@wizery.com>
|
| | |
|
| |
|
|
|
|
| |
This makes it more likely to be able to fetch the 20 octet seed from
/dev/random in cases where other programs may also be competing for
this.
|
