Merge "EAP-pwd server: Fix last fragment length validation" into klp-dev am: a8da4f66a6 am: e2e3cab2ba am: dafadb94f6 am: 5f8f208272 am: 832a67d5e0
am: 648e8c98b6
* commit '648e8c98b6b59655009f05a25cf52ce0b614a0c8':
EAP-pwd server: Fix last fragment length validation
diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c
index 8ab2941..c606f2c 100644
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -57,6 +57,7 @@
static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
+ enum wpa_msg_type type,
const char *buf, size_t len);
@@ -2137,7 +2138,7 @@
struct hostapd_data *hapd = ctx;
if (hapd == NULL)
return;
- hostapd_ctrl_iface_send(hapd, level, txt, len);
+ hostapd_ctrl_iface_send(hapd, level, type, txt, len);
}
@@ -2360,6 +2361,58 @@
}
+static int hostapd_global_ctrl_iface_attach(struct hapd_interfaces *interfaces,
+ struct sockaddr_un *from,
+ socklen_t fromlen)
+{
+ struct wpa_ctrl_dst *dst;
+
+ dst = os_zalloc(sizeof(*dst));
+ if (dst == NULL)
+ return -1;
+ os_memcpy(&dst->addr, from, sizeof(struct sockaddr_un));
+ dst->addrlen = fromlen;
+ dst->debug_level = MSG_INFO;
+ dst->next = interfaces->global_ctrl_dst;
+ interfaces->global_ctrl_dst = dst;
+ wpa_hexdump(MSG_DEBUG, "CTRL_IFACE monitor attached (global)",
+ from->sun_path,
+ fromlen - offsetof(struct sockaddr_un, sun_path));
+ return 0;
+}
+
+
+static int hostapd_global_ctrl_iface_detach(struct hapd_interfaces *interfaces,
+ struct sockaddr_un *from,
+ socklen_t fromlen)
+{
+ struct wpa_ctrl_dst *dst, *prev = NULL;
+
+ dst = interfaces->global_ctrl_dst;
+ while (dst) {
+ if (fromlen == dst->addrlen &&
+ os_memcmp(from->sun_path, dst->addr.sun_path,
+ fromlen - offsetof(struct sockaddr_un, sun_path))
+ == 0) {
+ wpa_hexdump(MSG_DEBUG,
+ "CTRL_IFACE monitor detached (global)",
+ from->sun_path,
+ fromlen -
+ offsetof(struct sockaddr_un, sun_path));
+ if (prev == NULL)
+ interfaces->global_ctrl_dst = dst->next;
+ else
+ prev->next = dst->next;
+ os_free(dst);
+ return 0;
+ }
+ prev = dst;
+ dst = dst->next;
+ }
+ return -1;
+}
+
+
static void hostapd_ctrl_iface_flush(struct hapd_interfaces *interfaces)
{
#ifdef CONFIG_WPS_TESTING
@@ -2378,8 +2431,9 @@
int res;
struct sockaddr_un from;
socklen_t fromlen = sizeof(from);
- char reply[24];
+ char *reply;
int reply_len;
+ const int reply_size = 4096;
res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
(struct sockaddr *) &from, &fromlen);
@@ -2391,6 +2445,16 @@
buf[res] = '\0';
wpa_printf(MSG_DEBUG, "Global ctrl_iface command: %s", buf);
+ reply = os_malloc(reply_size);
+ if (reply == NULL) {
+ if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
+ fromlen) < 0) {
+ wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
+ strerror(errno));
+ }
+ return;
+ }
+
os_memcpy(reply, "OK\n", 3);
reply_len = 3;
@@ -2408,6 +2472,14 @@
} else if (os_strncmp(buf, "REMOVE ", 7) == 0) {
if (hostapd_ctrl_iface_remove(interfaces, buf + 7) < 0)
reply_len = -1;
+ } else if (os_strcmp(buf, "ATTACH") == 0) {
+ if (hostapd_global_ctrl_iface_attach(interfaces, &from,
+ fromlen))
+ reply_len = -1;
+ } else if (os_strcmp(buf, "DETACH") == 0) {
+ if (hostapd_global_ctrl_iface_detach(interfaces, &from,
+ fromlen))
+ reply_len = -1;
#ifdef CONFIG_MODULE_TESTS
} else if (os_strcmp(buf, "MODULE_TESTS") == 0) {
int hapd_module_tests(void);
@@ -2430,6 +2502,7 @@
wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
strerror(errno));
}
+ os_free(reply);
}
@@ -2567,6 +2640,7 @@
void hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interfaces)
{
char *fname = NULL;
+ struct wpa_ctrl_dst *dst, *prev;
if (interfaces->global_ctrl_sock > -1) {
eloop_unregister_read_sock(interfaces->global_ctrl_sock);
@@ -2591,13 +2665,23 @@
strerror(errno));
}
}
- os_free(interfaces->global_iface_path);
- interfaces->global_iface_path = NULL;
+ }
+
+ os_free(interfaces->global_iface_path);
+ interfaces->global_iface_path = NULL;
+
+ dst = interfaces->global_ctrl_dst;
+ interfaces->global_ctrl_dst = NULL;
+ while (dst) {
+ prev = dst;
+ dst = dst->next;
+ os_free(prev);
}
}
static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
+ enum wpa_msg_type type,
const char *buf, size_t len)
{
struct wpa_ctrl_dst *dst, *next;
@@ -2605,9 +2689,17 @@
int idx;
struct iovec io[2];
char levelstr[10];
+ int s;
- dst = hapd->ctrl_dst;
- if (hapd->ctrl_sock < 0 || dst == NULL)
+ if (type != WPA_MSG_ONLY_GLOBAL) {
+ s = hapd->ctrl_sock;
+ dst = hapd->ctrl_dst;
+ } else {
+ s = hapd->iface->interfaces->global_ctrl_sock;
+ dst = hapd->iface->interfaces->global_ctrl_dst;
+ }
+
+ if (s < 0 || dst == NULL)
return;
os_snprintf(levelstr, sizeof(levelstr), "<%d>", level);
@@ -2628,16 +2720,22 @@
offsetof(struct sockaddr_un, sun_path));
msg.msg_name = &dst->addr;
msg.msg_namelen = dst->addrlen;
- if (sendmsg(hapd->ctrl_sock, &msg, 0) < 0) {
+ if (sendmsg(s, &msg, 0) < 0) {
int _errno = errno;
wpa_printf(MSG_INFO, "CTRL_IFACE monitor[%d]: "
"%d - %s",
idx, errno, strerror(errno));
dst->errors++;
if (dst->errors > 10 || _errno == ENOENT) {
- hostapd_ctrl_iface_detach(
- hapd, &dst->addr,
- dst->addrlen);
+ if (type != WPA_MSG_ONLY_GLOBAL)
+ hostapd_ctrl_iface_detach(
+ hapd, &dst->addr,
+ dst->addrlen);
+ else
+ hostapd_global_ctrl_iface_detach(
+ hapd->iface->interfaces,
+ &dst->addr,
+ dst->addrlen);
}
} else
dst->errors = 0;
diff --git a/hostapd/main.c b/hostapd/main.c
index e36c948..62d0775 100644
--- a/hostapd/main.c
+++ b/hostapd/main.c
@@ -561,6 +561,7 @@
interfaces.global_iface_path = NULL;
interfaces.global_iface_name = NULL;
interfaces.global_ctrl_sock = -1;
+ interfaces.global_ctrl_dst = NULL;
for (;;) {
c = getopt(argc, argv, "b:Bde:f:hKP:Ttu:vg:G:");
diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h
index be5c7a8..dc71694 100644
--- a/src/ap/hostapd.h
+++ b/src/ap/hostapd.h
@@ -41,6 +41,7 @@
size_t count;
int global_ctrl_sock;
+ struct wpa_ctrl_dst *global_ctrl_dst;
char *global_iface_path;
char *global_iface_name;
#ifndef CONFIG_NATIVE_WINDOWS
diff --git a/src/common/defs.h b/src/common/defs.h
index 5b2d7c4..eb080ea 100644
--- a/src/common/defs.h
+++ b/src/common/defs.h
@@ -328,4 +328,10 @@
PLINK_BLOCKED,
};
+enum set_band {
+ WPA_SETBAND_AUTO,
+ WPA_SETBAND_5G,
+ WPA_SETBAND_2G
+};
+
#endif /* DEFS_H */
diff --git a/src/common/qca-vendor.h b/src/common/qca-vendor.h
index 3c35e79..2a6e242 100644
--- a/src/common/qca-vendor.h
+++ b/src/common/qca-vendor.h
@@ -152,6 +152,10 @@
QCA_NL80211_VENDOR_SUBCMD_DCC_UPDATE_NDL = 99,
QCA_NL80211_VENDOR_SUBCMD_DCC_STATS_EVENT = 100,
QCA_NL80211_VENDOR_SUBCMD_LINK_PROPERTIES = 101,
+ QCA_NL80211_VENDOR_SUBCMD_GW_PARAM_CONFIG = 102,
+ QCA_NL80211_VENDOR_SUBCMD_GET_PREFERRED_FREQ_LIST = 103,
+ QCA_NL80211_VENDOR_SUBCMD_SET_PROBABLE_OPER_CHANNEL = 104,
+ QCA_NL80211_VENDOR_SUBCMD_SETBAND = 105,
};
@@ -172,6 +176,15 @@
/* used by QCA_NL80211_VENDOR_SUBCMD_GET_FEATURES */
QCA_WLAN_VENDOR_ATTR_FEATURE_FLAGS = 7,
QCA_WLAN_VENDOR_ATTR_TEST = 8,
+ /* used by QCA_NL80211_VENDOR_SUBCMD_GET_FEATURES */
+ /* Unsigned 32-bit value. */
+ QCA_WLAN_VENDOR_ATTR_CONCURRENCY_CAPA = 9,
+ /* Unsigned 32-bit value */
+ QCA_WLAN_VENDOR_ATTR_MAX_CONCURRENT_CHANNELS_2_4_BAND = 10,
+ /* Unsigned 32-bit value */
+ QCA_WLAN_VENDOR_ATTR_MAX_CONCURRENT_CHANNELS_5_0_BAND = 11,
+ /* Unsigned 32-bit value from enum qca_set_band. */
+ QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE = 12,
/* keep last */
QCA_WLAN_VENDOR_ATTR_AFTER_LAST,
QCA_WLAN_VENDOR_ATTR_MAX = QCA_WLAN_VENDOR_ATTR_AFTER_LAST - 1,
@@ -262,4 +275,52 @@
QCA_WLAN_VENDOR_ATTR_DATA_OFFLOAD_IND_MAX =
QCA_WLAN_VENDOR_ATTR_DATA_OFFLOAD_IND_AFTER_LAST - 1
};
+
+enum qca_vendor_attr_get_preferred_freq_list {
+ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_INVALID,
+ /* A 32-unsigned value; the interface type/mode for which the preferred
+ * frequency list is requested (see enum qca_iface_type for possible
+ * values); used in GET_PREFERRED_FREQ_LIST command from user-space to
+ * kernel and in the kernel response back to user-space.
+ */
+ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_IFACE_TYPE,
+ /* An array of 32-unsigned values; values are frequency (MHz); sent
+ * from kernel space to user space.
+ */
+ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST,
+ /* keep last */
+ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_AFTER_LAST,
+ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_MAX =
+ QCA_WLAN_VENDOR_ATTR_GET_PREFERRED_FREQ_LIST_AFTER_LAST - 1
+};
+
+enum qca_vendor_attr_probable_oper_channel {
+ QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_INVALID,
+ /* 32-bit unsigned value; indicates the connection/iface type likely to
+ * come on this channel (see enum qca_iface_type).
+ */
+ QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_IFACE_TYPE,
+ /* 32-bit unsigned value; the frequency (MHz) of the probable channel */
+ QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_FREQ,
+ /* keep last */
+ QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_AFTER_LAST,
+ QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_MAX =
+ QCA_WLAN_VENDOR_ATTR_PROBABLE_OPER_CHANNEL_AFTER_LAST - 1
+};
+
+enum qca_iface_type {
+ QCA_IFACE_TYPE_STA,
+ QCA_IFACE_TYPE_AP,
+ QCA_IFACE_TYPE_P2P_CLIENT,
+ QCA_IFACE_TYPE_P2P_GO,
+ QCA_IFACE_TYPE_IBSS,
+ QCA_IFACE_TYPE_TDLS,
+};
+
+enum qca_set_band {
+ QCA_SETBAND_AUTO,
+ QCA_SETBAND_5G,
+ QCA_SETBAND_2G,
+};
+
#endif /* QCA_VENDOR_H */
diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index d452d8c..7fe736b 100644
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -3386,6 +3386,14 @@
* indicates support for such offloading (WPA_DRIVER_FLAGS_ACS_OFFLOAD).
*/
int (*do_acs)(void *priv, struct drv_acs_params *params);
+
+ /**
+ * set_band - Notify driver of band selection
+ * @priv: Private driver interface data
+ * @band: The selected band(s)
+ * Returns 0 on success, -1 on failure
+ */
+ int (*set_band)(void *priv, enum set_band band);
};
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index f74422b..2a05a3b 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -8423,6 +8423,53 @@
}
+static int nl80211_set_band(void *priv, enum set_band band)
+{
+ struct i802_bss *bss = priv;
+ struct wpa_driver_nl80211_data *drv = bss->drv;
+ struct nl_msg *msg;
+ struct nlattr *data;
+ int ret;
+ enum qca_set_band qca_band;
+
+ if (!drv->setband_vendor_cmd_avail)
+ return -1;
+
+ switch (band) {
+ case WPA_SETBAND_AUTO:
+ qca_band = QCA_SETBAND_AUTO;
+ break;
+ case WPA_SETBAND_5G:
+ qca_band = QCA_SETBAND_5G;
+ break;
+ case WPA_SETBAND_2G:
+ qca_band = QCA_SETBAND_2G;
+ break;
+ default:
+ return -1;
+ }
+
+ if (!(msg = nl80211_drv_msg(drv, 0, NL80211_CMD_VENDOR)) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_ID, OUI_QCA) ||
+ nla_put_u32(msg, NL80211_ATTR_VENDOR_SUBCMD,
+ QCA_NL80211_VENDOR_SUBCMD_SETBAND) ||
+ !(data = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA)) ||
+ nla_put_u32(msg, QCA_WLAN_VENDOR_ATTR_SETBAND_VALUE, qca_band)) {
+ nlmsg_free(msg);
+ return -ENOBUFS;
+ }
+ nla_nest_end(msg, data);
+
+ ret = send_and_recv_msgs(drv, msg, NULL, NULL);
+ if (ret) {
+ wpa_printf(MSG_DEBUG,
+ "nl80211: Driver setband function failed: %s",
+ strerror(errno));
+ }
+ return ret;
+}
+
+
const struct wpa_driver_ops wpa_driver_nl80211_ops = {
.name = "nl80211",
.desc = "Linux nl80211/cfg80211",
@@ -8530,4 +8577,5 @@
.add_tx_ts = nl80211_add_ts,
.del_tx_ts = nl80211_del_ts,
.do_acs = wpa_driver_do_acs,
+ .set_band = nl80211_set_band,
};
diff --git a/src/drivers/driver_nl80211.h b/src/drivers/driver_nl80211.h
index acfe959..1536d2f 100644
--- a/src/drivers/driver_nl80211.h
+++ b/src/drivers/driver_nl80211.h
@@ -145,6 +145,7 @@
unsigned int get_features_vendor_cmd_avail:1;
unsigned int set_rekey_offload:1;
unsigned int p2p_go_ctwindow_supported:1;
+ unsigned int setband_vendor_cmd_avail:1;
u64 remain_on_chan_cookie;
u64 send_action_cookie;
diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c
index e23c57e..4929cea 100644
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -593,6 +593,9 @@
drv->capa.flags |=
WPA_DRIVER_FLAGS_ACS_OFFLOAD;
break;
+ case QCA_NL80211_VENDOR_SUBCMD_SETBAND:
+ drv->setband_vendor_cmd_avail = 1;
+ break;
}
}
diff --git a/src/drivers/driver_nl80211_scan.c b/src/drivers/driver_nl80211_scan.c
index 9cd3162..f3d45e5 100644
--- a/src/drivers/driver_nl80211_scan.c
+++ b/src/drivers/driver_nl80211_scan.c
@@ -583,6 +583,11 @@
r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
if (bss[NL80211_BSS_TSF])
r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
+ if (bss[NL80211_BSS_BEACON_TSF]) {
+ u64 tsf = nla_get_u64(bss[NL80211_BSS_BEACON_TSF]);
+ if (tsf > r->tsf)
+ r->tsf = tsf;
+ }
if (bss[NL80211_BSS_SEEN_MS_AGO])
r->age = nla_get_u32(bss[NL80211_BSS_SEEN_MS_AGO]);
r->ie_len = ie_len;
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 8adeef4..faffe36 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -249,6 +249,17 @@
"RSN: the new PMK matches with the "
"PMKID");
abort_cached = 0;
+ } else if (sa && !sm->cur_pmksa && pmkid) {
+ /*
+ * It looks like the authentication server
+ * derived mismatching MSK. This should not
+ * really happen, but bugs happen.. There is not
+ * much we can do here without knowing what
+ * exactly caused the server to misbehave.
+ */
+ wpa_dbg(sm->ctx->msg_ctx, MSG_INFO,
+ "RSN: PMKID mismatch - authentication server may have derived different MSK?!");
+ return -1;
}
if (!sm->cur_pmksa)
diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c
index b7a6dba..3c26301 100644
--- a/src/utils/wpa_debug.c
+++ b/src/utils/wpa_debug.c
@@ -749,6 +749,33 @@
bin_clear_free(buf, buflen);
}
+
+void wpa_msg_global_only(void *ctx, int level, const char *fmt, ...)
+{
+ va_list ap;
+ char *buf;
+ int buflen;
+ int len;
+
+ va_start(ap, fmt);
+ buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
+ va_end(ap);
+
+ buf = os_malloc(buflen);
+ if (buf == NULL) {
+ wpa_printf(MSG_ERROR, "%s: Failed to allocate message buffer",
+ __func__);
+ return;
+ }
+ va_start(ap, fmt);
+ len = vsnprintf(buf, buflen, fmt, ap);
+ va_end(ap);
+ wpa_printf(level, "%s", buf);
+ if (wpa_msg_cb)
+ wpa_msg_cb(ctx, level, WPA_MSG_ONLY_GLOBAL, buf, len);
+ os_free(buf);
+}
+
#endif /* CONFIG_NO_WPA_MSG */
diff --git a/src/utils/wpa_debug.h b/src/utils/wpa_debug.h
index 5fdc50e..87bd7fa 100644
--- a/src/utils/wpa_debug.h
+++ b/src/utils/wpa_debug.h
@@ -164,6 +164,7 @@
#define wpa_msg_global(args...) do { } while (0)
#define wpa_msg_global_ctrl(args...) do { } while (0)
#define wpa_msg_no_global(args...) do { } while (0)
+#define wpa_msg_global_only(args...) do { } while (0)
#define wpa_msg_register_cb(f) do { } while (0)
#define wpa_msg_register_ifname_cb(f) do { } while (0)
#else /* CONFIG_NO_WPA_MSG */
@@ -243,10 +244,25 @@
void wpa_msg_no_global(void *ctx, int level, const char *fmt, ...)
PRINTF_FORMAT(3, 4);
+/**
+ * wpa_msg_global_only - Conditional printf for ctrl_iface monitors
+ * @ctx: Pointer to context data; this is the ctx variable registered
+ * with struct wpa_driver_ops::init()
+ * @level: priority level (MSG_*) of the message
+ * @fmt: printf format string, followed by optional arguments
+ *
+ * This function is used to print conditional debugging and error messages.
+ * This function is like wpa_msg_global(), but it sends the output only as a
+ * global event.
+ */
+void wpa_msg_global_only(void *ctx, int level, const char *fmt, ...)
+PRINTF_FORMAT(3, 4);
+
enum wpa_msg_type {
WPA_MSG_PER_INTERFACE,
WPA_MSG_GLOBAL,
WPA_MSG_NO_GLOBAL,
+ WPA_MSG_ONLY_GLOBAL,
};
typedef void (*wpa_msg_cb_func)(void *ctx, int level, enum wpa_msg_type type,
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index d0d70e9..bab10ad 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -284,6 +284,30 @@
}
+static int wpas_ctrl_set_band(struct wpa_supplicant *wpa_s, char *band)
+{
+ union wpa_event_data event;
+
+ if (os_strcmp(band, "AUTO") == 0)
+ wpa_s->setband = WPA_SETBAND_AUTO;
+ else if (os_strcmp(band, "5G") == 0)
+ wpa_s->setband = WPA_SETBAND_5G;
+ else if (os_strcmp(band, "2G") == 0)
+ wpa_s->setband = WPA_SETBAND_2G;
+ else
+ return -1;
+
+ if (wpa_drv_setband(wpa_s, wpa_s->setband) == 0) {
+ os_memset(&event, 0, sizeof(event));
+ event.channel_list_changed.initiator = REGDOM_SET_BY_USER;
+ event.channel_list_changed.type = REGDOM_TYPE_UNKNOWN;
+ wpa_supplicant_event(wpa_s, EVENT_CHANNEL_LIST_CHANGED, &event);
+ }
+
+ return 0;
+}
+
+
static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
char *cmd)
{
@@ -447,14 +471,7 @@
ret = wpas_ctrl_set_blob(wpa_s, value);
#endif /* CONFIG_NO_CONFIG_BLOBS */
} else if (os_strcasecmp(cmd, "setband") == 0) {
- if (os_strcmp(value, "AUTO") == 0)
- wpa_s->setband = WPA_SETBAND_AUTO;
- else if (os_strcmp(value, "5G") == 0)
- wpa_s->setband = WPA_SETBAND_5G;
- else if (os_strcmp(value, "2G") == 0)
- wpa_s->setband = WPA_SETBAND_2G;
- else
- ret = -1;
+ ret = wpas_ctrl_set_band(wpa_s, value);
} else {
value[-1] = '=';
ret = wpa_config_process_global(wpa_s->conf, cmd, -1);
@@ -7562,6 +7579,33 @@
#endif /* WPA_TRACE_BFD */
}
+
+static void wpas_ctrl_event_test_cb(void *eloop_ctx, void *timeout_ctx)
+{
+ struct wpa_supplicant *wpa_s = eloop_ctx;
+ int i, count = (intptr_t) timeout_ctx;
+
+ wpa_printf(MSG_DEBUG, "TEST: Send %d control interface event messages",
+ count);
+ for (i = 0; i < count; i++) {
+ wpa_msg_ctrl(wpa_s, MSG_INFO, "TEST-EVENT-MESSAGE %d/%d",
+ i + 1, count);
+ }
+}
+
+
+static int wpas_ctrl_event_test(struct wpa_supplicant *wpa_s, const char *cmd)
+{
+ int count;
+
+ count = atoi(cmd);
+ if (count <= 0)
+ return -1;
+
+ return eloop_register_timeout(0, 0, wpas_ctrl_event_test_cb, wpa_s,
+ (void *) (intptr_t) count);
+}
+
#endif /* CONFIG_TESTING_OPTIONS */
@@ -8579,6 +8623,9 @@
reply_len = -1;
} else if (os_strcmp(buf, "GET_ALLOC_FAIL") == 0) {
reply_len = wpas_ctrl_get_alloc_fail(wpa_s, reply, reply_size);
+ } else if (os_strncmp(buf, "EVENT_TEST ", 11) == 0) {
+ if (wpas_ctrl_event_test(wpa_s, buf + 11) < 0)
+ reply_len = -1;
#endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strncmp(buf, "VENDOR_ELEM_ADD ", 16) == 0) {
if (wpas_ctrl_vendor_elem_add(wpa_s, buf + 16) < 0)
diff --git a/wpa_supplicant/ctrl_iface_unix.c b/wpa_supplicant/ctrl_iface_unix.c
index f49ba07..160a6f0 100644
--- a/wpa_supplicant/ctrl_iface_unix.c
+++ b/wpa_supplicant/ctrl_iface_unix.c
@@ -13,6 +13,10 @@
#include <stddef.h>
#include <unistd.h>
#include <fcntl.h>
+#ifdef __linux__
+#include <sys/ioctl.h>
+#include <linux/sockios.h>
+#endif /* __linux__ */
#ifdef ANDROID
#include <cutils/sockets.h>
#endif /* ANDROID */
@@ -48,6 +52,8 @@
int sock;
struct dl_list ctrl_dst;
int android_control_socket;
+ struct dl_list msg_queue;
+ unsigned int throttle_count;
};
@@ -56,6 +62,17 @@
int sock;
struct dl_list ctrl_dst;
int android_control_socket;
+ struct dl_list msg_queue;
+ unsigned int throttle_count;
+};
+
+struct ctrl_iface_msg {
+ struct dl_list list;
+ struct wpa_supplicant *wpa_s;
+ int level;
+ enum wpa_msg_type type;
+ const char *txt;
+ size_t len;
};
@@ -72,6 +89,32 @@
struct ctrl_iface_global_priv *priv);
+static void wpas_ctrl_sock_debug(const char *title, int sock, const char *buf,
+ size_t len)
+{
+#ifdef __linux__
+ socklen_t optlen;
+ int sndbuf, outq;
+ int level = MSG_DEBUG;
+
+ if (len >= 5 && os_strncmp(buf, "PONG\n", 5) == 0)
+ level = MSG_EXCESSIVE;
+
+ optlen = sizeof(sndbuf);
+ sndbuf = 0;
+ if (getsockopt(sock, SOL_SOCKET, SO_SNDBUF, &sndbuf, &optlen) < 0)
+ sndbuf = -1;
+
+ if (ioctl(sock, SIOCOUTQ, &outq) < 0)
+ outq = -1;
+
+ wpa_printf(level,
+ "CTRL-DEBUG: %s: sock=%d sndbuf=%d outq=%d send_len=%d",
+ title, sock, sndbuf, outq, (int) len);
+#endif /* __linux__ */
+}
+
+
static int wpa_supplicant_ctrl_iface_attach(struct dl_list *ctrl_dst,
struct sockaddr_un *from,
socklen_t fromlen, int global)
@@ -215,6 +258,8 @@
}
if (reply) {
+ wpas_ctrl_sock_debug("ctrl_sock-sendto", sock, reply,
+ reply_len);
if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
fromlen) < 0) {
int _errno = errno;
@@ -302,32 +347,209 @@
}
+static int wpas_ctrl_iface_throttle(int sock)
+{
+#ifdef __linux__
+ socklen_t optlen;
+ int sndbuf, outq;
+
+ optlen = sizeof(sndbuf);
+ sndbuf = 0;
+ if (getsockopt(sock, SOL_SOCKET, SO_SNDBUF, &sndbuf, &optlen) < 0 ||
+ ioctl(sock, SIOCOUTQ, &outq) < 0 ||
+ sndbuf <= 0 || outq < 0)
+ return 0;
+ return outq > sndbuf / 2;
+#else /* __linux__ */
+ return 0;
+#endif /* __linux__ */
+}
+
+
+static void wpas_ctrl_msg_send_pending_global(struct wpa_global *global)
+{
+ struct ctrl_iface_global_priv *gpriv;
+ struct ctrl_iface_msg *msg;
+
+ gpriv = global->ctrl_iface;
+ while (gpriv && !dl_list_empty(&gpriv->msg_queue) &&
+ !wpas_ctrl_iface_throttle(gpriv->sock)) {
+ msg = dl_list_first(&gpriv->msg_queue, struct ctrl_iface_msg,
+ list);
+ if (!msg)
+ break;
+ dl_list_del(&msg->list);
+ wpa_supplicant_ctrl_iface_send(
+ msg->wpa_s,
+ msg->type != WPA_MSG_PER_INTERFACE ?
+ NULL : msg->wpa_s->ifname,
+ gpriv->sock, &gpriv->ctrl_dst, msg->level,
+ msg->txt, msg->len, NULL, gpriv);
+ os_free(msg);
+ }
+}
+
+
+static void wpas_ctrl_msg_send_pending_iface(struct wpa_supplicant *wpa_s)
+{
+ struct ctrl_iface_priv *priv;
+ struct ctrl_iface_msg *msg;
+
+ priv = wpa_s->ctrl_iface;
+ while (priv && !dl_list_empty(&priv->msg_queue) &&
+ !wpas_ctrl_iface_throttle(priv->sock)) {
+ msg = dl_list_first(&priv->msg_queue, struct ctrl_iface_msg,
+ list);
+ if (!msg)
+ break;
+ dl_list_del(&msg->list);
+ wpa_supplicant_ctrl_iface_send(wpa_s, NULL, priv->sock,
+ &priv->ctrl_dst, msg->level,
+ msg->txt, msg->len, priv, NULL);
+ os_free(msg);
+ }
+}
+
+
+static void wpas_ctrl_msg_queue_timeout(void *eloop_ctx, void *timeout_ctx)
+{
+ struct wpa_supplicant *wpa_s = eloop_ctx;
+ struct ctrl_iface_priv *priv;
+ struct ctrl_iface_global_priv *gpriv;
+ int sock = -1, gsock = -1;
+
+ wpas_ctrl_msg_send_pending_global(wpa_s->global);
+ wpas_ctrl_msg_send_pending_iface(wpa_s);
+
+ priv = wpa_s->ctrl_iface;
+ if (priv && !dl_list_empty(&priv->msg_queue))
+ sock = priv->sock;
+
+ gpriv = wpa_s->global->ctrl_iface;
+ if (gpriv && !dl_list_empty(&gpriv->msg_queue))
+ gsock = gpriv->sock;
+
+ if (sock > -1 || gsock > -1) {
+ /* Continue pending message transmission from a timeout */
+ wpa_printf(MSG_MSGDUMP,
+ "CTRL: Had to throttle pending event message transmission for (sock %d gsock %d)",
+ sock, gsock);
+ eloop_register_timeout(0, 20000, wpas_ctrl_msg_queue_timeout,
+ wpa_s, NULL);
+ }
+}
+
+
+static void wpas_ctrl_msg_queue(struct dl_list *queue,
+ struct wpa_supplicant *wpa_s, int level,
+ enum wpa_msg_type type,
+ const char *txt, size_t len)
+{
+ struct ctrl_iface_msg *msg;
+
+ msg = os_zalloc(sizeof(*msg) + len);
+ if (!msg)
+ return;
+
+ msg->wpa_s = wpa_s;
+ msg->level = level;
+ msg->type = type;
+ os_memcpy(msg + 1, txt, len);
+ msg->txt = (const char *) (msg + 1);
+ msg->len = len;
+ dl_list_add_tail(queue, &msg->list);
+ eloop_cancel_timeout(wpas_ctrl_msg_queue_timeout, wpa_s, NULL);
+ eloop_register_timeout(0, 0, wpas_ctrl_msg_queue_timeout, wpa_s, NULL);
+}
+
+
+static void wpas_ctrl_msg_queue_limit(unsigned int throttle_count,
+ struct dl_list *queue)
+{
+ struct ctrl_iface_msg *msg;
+
+ if (throttle_count < 2000)
+ return;
+
+ msg = dl_list_first(queue, struct ctrl_iface_msg, list);
+ if (msg) {
+ wpa_printf(MSG_DEBUG, "CTRL: Dropped oldest pending message");
+ dl_list_del(&msg->list);
+ os_free(msg);
+ }
+}
+
+
static void wpa_supplicant_ctrl_iface_msg_cb(void *ctx, int level,
enum wpa_msg_type type,
const char *txt, size_t len)
{
struct wpa_supplicant *wpa_s = ctx;
+ struct ctrl_iface_priv *priv;
+ struct ctrl_iface_global_priv *gpriv;
if (wpa_s == NULL)
return;
- if (type != WPA_MSG_NO_GLOBAL && wpa_s->global->ctrl_iface) {
- struct ctrl_iface_global_priv *priv = wpa_s->global->ctrl_iface;
- if (!dl_list_empty(&priv->ctrl_dst)) {
+ gpriv = wpa_s->global->ctrl_iface;
+
+ if (type != WPA_MSG_NO_GLOBAL && gpriv &&
+ !dl_list_empty(&gpriv->ctrl_dst)) {
+ if (!dl_list_empty(&gpriv->msg_queue) ||
+ wpas_ctrl_iface_throttle(gpriv->sock)) {
+ if (gpriv->throttle_count == 0) {
+ wpa_printf(MSG_MSGDUMP,
+ "CTRL: Had to throttle global event message for sock %d",
+ gpriv->sock);
+ }
+ gpriv->throttle_count++;
+ wpas_ctrl_msg_queue_limit(gpriv->throttle_count,
+ &gpriv->msg_queue);
+ wpas_ctrl_msg_queue(&gpriv->msg_queue, wpa_s, level,
+ type, txt, len);
+ } else {
+ if (gpriv->throttle_count) {
+ wpa_printf(MSG_MSGDUMP,
+ "CTRL: Had to throttle %u global event message(s) for sock %d",
+ gpriv->throttle_count, gpriv->sock);
+ }
+ gpriv->throttle_count = 0;
wpa_supplicant_ctrl_iface_send(
wpa_s,
- type == WPA_MSG_GLOBAL ? NULL : wpa_s->ifname,
- priv->sock, &priv->ctrl_dst, level, txt, len,
- NULL, priv);
+ type != WPA_MSG_PER_INTERFACE ?
+ NULL : wpa_s->ifname,
+ gpriv->sock, &gpriv->ctrl_dst, level,
+ txt, len, NULL, gpriv);
}
}
- if (wpa_s->ctrl_iface == NULL)
- return;
- wpa_supplicant_ctrl_iface_send(wpa_s, NULL, wpa_s->ctrl_iface->sock,
- &wpa_s->ctrl_iface->ctrl_dst,
- level, txt, len, wpa_s->ctrl_iface,
- NULL);
+ priv = wpa_s->ctrl_iface;
+
+ if (type != WPA_MSG_ONLY_GLOBAL && priv) {
+ if (!dl_list_empty(&priv->msg_queue) ||
+ wpas_ctrl_iface_throttle(priv->sock)) {
+ if (priv->throttle_count == 0) {
+ wpa_printf(MSG_MSGDUMP,
+ "CTRL: Had to throttle event message for sock %d",
+ priv->sock);
+ }
+ priv->throttle_count++;
+ wpas_ctrl_msg_queue_limit(priv->throttle_count,
+ &priv->msg_queue);
+ wpas_ctrl_msg_queue(&priv->msg_queue, wpa_s, level,
+ type, txt, len);
+ } else {
+ if (priv->throttle_count) {
+ wpa_printf(MSG_MSGDUMP,
+ "CTRL: Had to throttle %u event message(s) for sock %d",
+ priv->throttle_count, priv->sock);
+ }
+ priv->throttle_count = 0;
+ wpa_supplicant_ctrl_iface_send(wpa_s, NULL, priv->sock,
+ &priv->ctrl_dst, level,
+ txt, len, priv, NULL);
+ }
+ }
}
@@ -545,6 +767,7 @@
if (priv == NULL)
return NULL;
dl_list_init(&priv->ctrl_dst);
+ dl_list_init(&priv->msg_queue);
priv->wpa_s = wpa_s;
priv->sock = -1;
@@ -591,6 +814,8 @@
void wpa_supplicant_ctrl_iface_deinit(struct ctrl_iface_priv *priv)
{
struct wpa_ctrl_dst *dst, *prev;
+ struct ctrl_iface_msg *msg, *prev_msg;
+ struct ctrl_iface_global_priv *gpriv;
if (priv->sock > -1) {
char *fname;
@@ -646,6 +871,22 @@
dl_list_for_each_safe(dst, prev, &priv->ctrl_dst, struct wpa_ctrl_dst,
list)
os_free(dst);
+ dl_list_for_each_safe(msg, prev_msg, &priv->msg_queue,
+ struct ctrl_iface_msg, list) {
+ dl_list_del(&msg->list);
+ os_free(msg);
+ }
+ gpriv = priv->wpa_s->global->ctrl_iface;
+ if (gpriv) {
+ dl_list_for_each_safe(msg, prev_msg, &gpriv->msg_queue,
+ struct ctrl_iface_msg, list) {
+ if (msg->wpa_s == priv->wpa_s) {
+ dl_list_del(&msg->list);
+ os_free(msg);
+ }
+ }
+ }
+ eloop_cancel_timeout(wpas_ctrl_msg_queue_timeout, priv->wpa_s, NULL);
os_free(priv);
}
@@ -715,6 +956,7 @@
offsetof(struct sockaddr_un, sun_path));
msg.msg_name = (void *) &dst->addr;
msg.msg_namelen = dst->addrlen;
+ wpas_ctrl_sock_debug("ctrl_sock-sendmsg", sock, buf, len);
if (sendmsg(sock, &msg, MSG_DONTWAIT) >= 0) {
wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor sent successfully to %s",
addr_txt);
@@ -871,6 +1113,8 @@
}
if (reply) {
+ wpas_ctrl_sock_debug("global_ctrl_sock-sendto",
+ sock, reply, reply_len);
if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
fromlen) < 0) {
wpa_printf(MSG_DEBUG, "ctrl_iface sendto failed: %s",
@@ -1071,6 +1315,7 @@
if (priv == NULL)
return NULL;
dl_list_init(&priv->ctrl_dst);
+ dl_list_init(&priv->msg_queue);
priv->global = global;
priv->sock = -1;
@@ -1120,6 +1365,7 @@
wpa_supplicant_global_ctrl_iface_deinit(struct ctrl_iface_global_priv *priv)
{
struct wpa_ctrl_dst *dst, *prev;
+ struct ctrl_iface_msg *msg, *prev_msg;
if (priv->sock >= 0) {
eloop_unregister_read_sock(priv->sock);
@@ -1130,5 +1376,10 @@
dl_list_for_each_safe(dst, prev, &priv->ctrl_dst, struct wpa_ctrl_dst,
list)
os_free(dst);
+ dl_list_for_each_safe(msg, prev_msg, &priv->msg_queue,
+ struct ctrl_iface_msg, list) {
+ dl_list_del(&msg->list);
+ os_free(msg);
+ }
os_free(priv);
}
diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h
index 1fcb180..d1f9f8b 100644
--- a/wpa_supplicant/driver_i.h
+++ b/wpa_supplicant/driver_i.h
@@ -885,4 +885,12 @@
}
#endif /* CONFIG_MACSEC */
+static inline int wpa_drv_setband(struct wpa_supplicant *wpa_s,
+ enum set_band band)
+{
+ if (!wpa_s->driver->set_band)
+ return -1;
+ return wpa_s->driver->set_band(wpa_s->drv_priv, band);
+}
+
#endif /* DRIVER_I_H */
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 2dbc39f..6b0c685 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2043,6 +2043,7 @@
{
u8 bssid[ETH_ALEN];
int ft_completed;
+ int new_bss = 0;
#ifdef CONFIG_AP
if (wpa_s->ap_iface) {
@@ -2074,6 +2075,7 @@
if (os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) {
wpa_dbg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID="
MACSTR, MAC2STR(bssid));
+ new_bss = 1;
random_add_randomness(bssid, ETH_ALEN);
os_memcpy(wpa_s->bssid, bssid, ETH_ALEN);
os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
@@ -2087,17 +2089,17 @@
wpa_s, WLAN_REASON_DEAUTH_LEAVING);
return;
}
+ }
#ifdef ANDROID
- if (wpa_s->conf->ap_scan == 1) {
+ if (wpa_s->conf->ap_scan == 1) {
#else
- if (wpa_s->conf->ap_scan == 1 &&
- wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) {
+ if (wpa_s->conf->ap_scan == 1 &&
+ wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) {
#endif
- if (wpa_supplicant_assoc_update_ie(wpa_s) < 0)
- wpa_msg(wpa_s, MSG_WARNING,
- "WPA/RSN IEs not updated");
- }
+ if (wpa_supplicant_assoc_update_ie(wpa_s) < 0 && new_bss)
+ wpa_msg(wpa_s, MSG_WARNING,
+ "WPA/RSN IEs not updated");
}
#ifdef CONFIG_SME
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index dd5b245..4f63456 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -482,7 +482,7 @@
struct wpa_ssid_value *disallow_aps_ssid;
size_t disallow_aps_ssid_count;
- enum { WPA_SETBAND_AUTO, WPA_SETBAND_5G, WPA_SETBAND_2G } setband;
+ enum set_band setband;
/* Preferred network for the next connection attempt */
struct wpa_ssid *next_ssid;