Tomasz Bursztyka | 24 Apr 14:41 2014
Picon

Regression on rfkill handling

Hi,

I have noticed a regression recently on how wpa_supplicant handles 
rfkill status.
Let's say 2 devices, one is hard "rfkillable" and the other one is not.
In most cases: internal wifi card + a usb wifi dongle, for instance.

Before the regression, wpa_supplicant was able to work so:
- one device gets hard-rfkilled, the second is not
- it can still manage to get the second one working properly

The regression I have experienced is:
- one device gets hard-rfkilled, the second is not
- wpa_supplicant assumes all cards are hard-rfkilled thus does nothing 
with the second one

git bisect ended up on that commit: 8c06db703d8cfd630a8eb738443a3d9134a3fc4a

I would like a bit more explanation about that patch, which says:
"On RF-kill, we should not request the kernel to start a P2P device."

Well, afaik the kernel properly handles rfkill. So, to me, it's up to 
the kernel
to handle that: you can ask to start the P2P device, it will do it or 
not depending on
the rfkill status for that device. As it does for setting it up non-P2P 
device.

Could you clarify the point of this patch then?

(Continue reading)

Drasko DRASKOVIC | 24 Apr 10:37 2014
Picon

Differences between hostapd and wpa_supplicant

Hi all,
I can see that wpa_supplicant can be put to AP mode via D-Bus (connman
does it for it's tethering mode).

What are differences and limitations of this approach compared to full hostapd?

Best regards,
Drasko
Ilan Peer | 24 Apr 07:45 2014
Picon

[PATCH] nl80211: take ownership of dynamically added interfaces

Indicate to cfg80211 that interfaces created by the wpa_supplicant
or hostapd are owned by them, and that in case that the socket that
created them closes, these interfaces should be removed.

Signed-off-by: Ilan Peer <ilan.peer <at> intel.com>

---
Requires update nl80211.h from mac80211-next

 src/drivers/driver_nl80211.c |    6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index ad5cc4d..d22be48 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
 <at>  <at>  -7704,6 +7704,12  <at>  <at>  static int nl80211_create_iface_once(struct wpa_driver_nl80211_data *drv,
 		NLA_PUT_U8(msg, NL80211_ATTR_4ADDR, wds);
 	}

+	/*
+	 * tell cfg80211 that the interface belongs to the socket that created
+	 * it, and the interface should be deleted when the socket is closed.
+	 */
+	NLA_PUT_FLAG(msg, NL80211_ATTR_IFACE_SOCKET_OWNER);
+
 	ret = send_and_recv_msgs(drv, msg, handler, arg);
 	msg = NULL;
 	if (ret) {
--

-- 
(Continue reading)

Maxime Bizon | 23 Apr 23:23 2014
Picon

[PATCH] Interworking: don't filter probe requests when interworking is disabled.

With hidden SSID (ignore_broadcast_ssid), an IOS device trying to
connect to the AP will send a probe request with ANT == 2.

If interworking support is just compiled (not enabled), we will drop
the probe request since default ANT is 0.

Check that interworking is enabled before filtering to match the
behaviour of code without CONFIG_INTERWORKING

Signed-off-by: Maxime Bizon <mbizon <at> freebox.fr>
---
 src/ap/beacon.c |    2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/ap/beacon.c b/src/ap/beacon.c
index e06ce77..16685c7 100644
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
 <at>  <at>  -603,6 +603,7  <at>  <at>  void handle_probe_req(struct hostapd_data *hapd,
 	if (elems.interworking && elems.interworking_len >= 1) {
 		u8 ant = elems.interworking[0] & 0x0f;
 		if (ant != INTERWORKING_ANT_WILDCARD &&
+		    hapd->conf->interworking &&
 		    ant != hapd->conf->access_network_type) {
 			wpa_printf(MSG_MSGDUMP, "Probe Request from " MACSTR
 				   " for mismatching ANT %u ignored",
 <at>  <at>  -619,6 +620,7  <at>  <at>  void handle_probe_req(struct hostapd_data *hapd,
 		else
 			hessid = elems.interworking + 1 + 2;
 		if (!is_broadcast_ether_addr(hessid) &&
(Continue reading)

Maxime Bizon | 23 Apr 22:48 2014
Picon

[PATCH] Interworking: don't filter probe requests when interworking is disabled.

With hidden SSID (ignore_broadcast_ssid), an IOS device trying to
connect to the AP will send a probe request with ANT == 2.

If interworking support is just compiled (not enabled), we will drop
the probe request since default ANT is 0.

Check that interworking is enabled before filtering to match the
behaviour of code without CONFIG_INTERWORKING
---
 src/ap/beacon.c |    2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/ap/beacon.c b/src/ap/beacon.c
index e06ce77..16685c7 100644
--- a/src/ap/beacon.c
+++ b/src/ap/beacon.c
 <at>  <at>  -603,6 +603,7  <at>  <at>  void handle_probe_req(struct hostapd_data *hapd,
 	if (elems.interworking && elems.interworking_len >= 1) {
 		u8 ant = elems.interworking[0] & 0x0f;
 		if (ant != INTERWORKING_ANT_WILDCARD &&
+		    hapd->conf->interworking &&
 		    ant != hapd->conf->access_network_type) {
 			wpa_printf(MSG_MSGDUMP, "Probe Request from " MACSTR
 				   " for mismatching ANT %u ignored",
 <at>  <at>  -619,6 +620,7  <at>  <at>  void handle_probe_req(struct hostapd_data *hapd,
 		else
 			hessid = elems.interworking + 1 + 2;
 		if (!is_broadcast_ether_addr(hessid) &&
+		    hapd->conf->interworking &&
 		    os_memcmp(hessid, hapd->conf->hessid, ETH_ALEN) != 0) {
(Continue reading)

刘涵宇 | 18 Apr 10:25 2014
Picon

Why does hostapd takeover control frame from mac80211?

Hi everyone,

I'm working on a WLAN program running on access point. It needs to capture control frame(ack) which not belong to its BSS. So I use a monitor interface to capture it in mac80211 with netlink socket. All that seem to be fine until I use hostapd to create a access point. It deliver all control frames to its user space daemon, but it looks like that it does nothing with control frame.

Why should hostapd do that? Is there any way to let it do not snatch control frame or get ack from its user space?

Thanks very much.

--
Regards,

Hanyu Liu
_______________________________________________
HostAP mailing list
HostAP <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
Zeeshan Ali (Khattak | 17 Apr 18:36 2014
Picon

Fwd: Geoclue & permissions

Hi everyone,

I'm forwarding my short discussion with Jouni about permissions on
D-Bus interface, as per his suggestion to bring the discussion to this
list.

Forwarded conversation
Subject: Geoclue & permissions
------------------------

From: Zeeshan Ali (Khattak) <zeeshanak <at> gnome.org>
Date: Thu, Apr 17, 2014 at 4:14 PM
To: Jouni Malinen <jouni <at> qca.qualcomm.com>

Moi Jouni,

For wifi-geolocation in geoclue project[1], I'm currently using
NetworkManager for getting list of WiFis in the area. Someone
suggested that I use wpa_supplicant directly for greater portability
and adoption so I'm looking into that.

I see that you have restricted all of your D-Bus API to root user
only. Geoclue is supposed to typically run as a special user
('geoclue') without admin preveleges so goeclue can't readily use
wpa_supplicant.

I see 3 options:

1. Geoclue installs a dbus policy file that gives its user permissions
on needed API.
2. wpa_supplicant give permissions in its policy file to geoclue user
specifically.
3. wpa_supplicant give permissions to readonly API (getting list of
interfaces, BSSs etc) to everyone.

I'm going to go for #1 for now but keeping in mind that its likely not
to work in post-kdbus world, I thought I should consult you on this.

--
Regards,

Zeeshan Ali (Khattak)
FSF member#5124

[1] http://www.freedesktop.org/wiki/Software/GeoClue/

----------
From: Jouni Malinen <jouni <at> qca.qualcomm.com>
Date: Thu, Apr 17, 2014 at 4:40 PM
To: "Zeeshan Ali (Khattak)" <zeeshanak <at> gnome.org>

On Thu, Apr 17, 2014 at 04:14:35PM +0100, Zeeshan Ali (Khattak) wrote:
> For wifi-geolocation in geoclue project[1], I'm currently using
> NetworkManager for getting list of WiFis in the area. Someone
> suggested that I use wpa_supplicant directly for greater portability
> and adoption so I'm looking into that.
>
> I see that you have restricted all of your D-Bus API to root user
> only. Geoclue is supposed to typically run as a special user
> ('geoclue') without admin preveleges so goeclue can't readily use
> wpa_supplicant.

You may want to bring this up on the hostap mailing list. I did not
design the D-Bus API or the permissions set in the configuration file
for this.

> I see 3 options:
>
> 1. Geoclue installs a dbus policy file that gives its user permissions
> on needed API.
> 2. wpa_supplicant give permissions in its policy file to geoclue user
> specifically.
> 3. wpa_supplicant give permissions to readonly API (getting list of
> interfaces, BSSs etc) to everyone.
>
> I'm going to go for #1 for now but keeping in mind that its likely not
> to work in post-kdbus world, I thought I should consult you on this.

I'm not using the D-Bus interface that much myself, but if (3) can be
done easily and safely, that sounds like a reasonable approach to me.
Anyway, this should be discussed with the people who use the D-Bus
interface, so the hostap mailing list would be more appropriate
destination for this.

--
Jouni Malinen                                            PGP id EFC895FA

--

-- 
Regards,

Zeeshan Ali (Khattak)
FSF member#5124
Marek Puzyniak | 16 Apr 12:22 2014

[PATCH] ap: Fix checking if DFS is required

Sometimes function hostapd_is_dfs_required returns -1 what indicates
that it was not possible to check if dfs was required. It happens
for channels from 2,4 GHz band where DFS checking should not happen.
This can be fixed by returning DFS not required for mode different than
IEEE80211A and when DFS support is not available (ieee80211h not set).

Signed-off-by: Marek Puzyniak <marek.puzyniak <at> tieto.com>
---
 src/ap/dfs.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/ap/dfs.c b/src/ap/dfs.c
index 3fb1881..abec652 100644
--- a/src/ap/dfs.c
+++ b/src/ap/dfs.c
 <at>  <at>  -916,8 +916,11  <at>  <at>  int hostapd_is_dfs_required(struct hostapd_iface *iface)
 {
 	int n_chans, start_chan_idx;

-	if (!iface->current_mode)
-		return -1;
+	if (!iface->conf->ieee80211h)
+		return 0;
+
+	if (!iface->current_mode || iface->current_mode->mode != HOSTAPD_MODE_IEEE80211A)
+		return 0;

 	/* Get start (first) channel for current configuration */
 	start_chan_idx = dfs_get_start_chan_idx(iface);
--

-- 
1.8.1.2
kiran k | 16 Apr 07:53 2014
Picon

GTK and 802.11R Fast BSS Transition

Hi,
When Fast BSS Transition is enabled on an AP1 and AP2, do we support GTK timeout. The scenario I have is
1 ) Station1 associates to AP1 enabled for Fast BSS Transition (11R). Station1 does initial authentication.Do we support GTK rekey timeout after initial authentication.
2) Station2 initally associates to AP2 using FT and roams to AP1. Now in this case if GTK rekey times out on AP1 do we need to rerun group key state machine and generate new GTK key. Station2 in my case does not seem to honor EAPOL key messages for GTK key refresh from AP1.

Can you let me know how does hostapd work in this case.

Thanks,
Kiran


_______________________________________________
HostAP mailing list
HostAP <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
Drasko DRASKOVIC | 15 Apr 19:15 2014
Picon

wpa_supplicant to hostapd dynamically

Hi all,
Staring wpa_supplicant daemon and hostapd over the same interface at
the same time is not possible.

I have however application that has to use an interface in STA mode
for some time, and then in AP mode, then back to STA, etc... Currently
to have this mode change I am killing wpa_supplicant and starting
hostapd process, and vice versa. But this looks like an ugly solution.

I was wondering is it possible to start wpa_supplicant and then turn
it to be hostapd somehow via D-Bus API?

Best regards,
Drasko
Greg Hackmann | 15 Apr 02:06 2014
Picon

[PATCH] Android: disable unused parameter warnings

Change-Id: I721b4a7de62a569d272fa31dfe6f3bb66192984a
Signed-off-by: Greg Hackmann <ghackmann <at> google.com>
---
 hostapd/Android.mk        | 3 +++
 wpa_supplicant/Android.mk | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/hostapd/Android.mk b/hostapd/Android.mk
index 6db82f8..74c9b27 100644
--- a/hostapd/Android.mk
+++ b/hostapd/Android.mk
 <at>  <at>  -24,6 +24,9  <at>  <at>  L_CFLAGS += -DVERSION_STR_POSTFIX=\"-$(PLATFORM_VERSION)\"
 # Set Android log name
 L_CFLAGS += -DANDROID_LOG_NAME=\"hostapd\"

+# Disable unused parameter warnings
+L_CFLAGS += -Wno-unused-parameter
+
 ifeq ($(BOARD_WLAN_DEVICE), bcmdhd)
 L_CFLAGS += -DANDROID_P2P
 endif
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index c8fe1c2..f56267c 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
 <at>  <at>  -24,6 +24,9  <at>  <at>  L_CFLAGS += -DVERSION_STR_POSTFIX=\"-$(PLATFORM_VERSION)\"
 # Set Android log name
 L_CFLAGS += -DANDROID_LOG_NAME=\"wpa_supplicant\"

+# Disable unused parameter warnings
+L_CFLAGS += -Wno-unused-parameter
+
 # Disable roaming in wpa_supplicant
 ifdef CONFIG_NO_ROAMING
 L_CFLAGS += -DCONFIG_NO_ROAMING
--

-- 
1.9.1.423.g4596e3a

Gmane