WPA2 Help

_______________________________________________
HostAP mailing list
HostAP <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap

How to calculate the percentage of signal strength level from dBm

Hi All,

  Here's a question that I have been searching the Internet but
couldn't get an solution to it. I wanted to know all the wireless
hotspots around me and their signal strengths. I used "wpa_cli scan;
wpa_cli scan_results" to list the hotspots around me with signal
level, which were -75 and -83 in my case. I guess the unit here is
dBm. My question is how to convert dBm to percentage of signal
strength. I'm using ath9k driver. I saw a document on the internet
saying that I can use the following formula to convert dBm to
percentage:

    RSSI - 95 = dBm
    RSSI_MAX for Atheros chips is 60. So, -35 dBm is equivalent to
100%, and -95 dBm to 0%

  It doesn't look right to me because I put an access point very close
to me but got -79 dBm via wpa_cli. Please can anyone help?

Thanks and Best Regards,
CC

[PATCH] P2P When UUID gets changed and more pbc session entries are created, remove logic should check for loop entry address

When UUID gets changed between a received probe request (for wps) and the M1 message, we might endup
creating 2 entries in pbc sessions list (with same device address and different UUID). But when we try to
remove the entries, we need to compare that pbc sessions list entry->address. This will ensure that both
entries gets removed.
Please let me know if the below patch is OK or I am missing something in my understanding.

From 1785eabf9c28bcd3012cc18bc510711f7f8febb9 Mon Sep 17 00:00:00 2001
From: Neeraj Garg <neerajkg <at> broadcom.com>
Date: Thu, 24 May 2012 14:01:40 +0530
Subject: [PATCH] Patch:P2P When UUID gets changed and more pbc session entries are created, remove logic
should check for loop entry address
Signed-off-by: Neeraj Garg <neerajkg <at> broadcom.com>

---
 src/wps/wps_registrar.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)
 mode change 100644 => 100755 src/wps/wps_registrar.c

diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
old mode 100644
new mode 100755
index e6ec04c..678375b
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -313,8 +313,8 @@ static void wps_registrar_remove_pbc_session(struct wps_registrar *reg,
 	pbc = reg->pbc_sessions;
 	while (pbc) {
 		if (os_memcmp(pbc->uuid_e, uuid_e, WPS_UUID_LEN) == 0 ||
-		    (p2p_dev_addr && !is_zero_ether_addr(reg->p2p_dev_addr) &&
-		     os_memcmp(reg->p2p_dev_addr, p2p_dev_addr, ETH_ALEN) ==
+		    (p2p_dev_addr && !is_zero_ether_addr(pbc->addr) &&
+		     os_memcmp(pbc->addr, p2p_dev_addr, ETH_ALEN) ==
 		     0)) {
 			if (prev)
 				prev->next = pbc->next;
--

-- 
1.7.4.1

Regards,
-Neeraj

P2P NOA invalid parameters

Hello,

Parameter list to set NOA contains : count, start_offset, duration,
interval.  Are there any rules regarding invalid ranges or combination
of duration and interval?  Of course interval should be longer than
duration, but if duration consumes 90% of interval does it still
make sense?

Second problem is how long duration is allowed. I think when I define
90% sleep time then interval longer than 1sec also make no sense.
In other words if GO will go to sleep for too much time then there
will be a problem, with connecting/disconnecting to this group-owner.

Should the validation be performed in supplicant or in driver?

Thanks for opinions, Pawel

HostAP EAP-TLS

_______________________________________________
HostAP mailing list
HostAP <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap

wpa_supplicant consultant needed

_______________________________________________
HostAP mailing list
HostAP <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap

STA is not connecting to any ap with PIN from Access point

D/wpa_supplicant(  584): EAPOL: startWhen --> 0

D/wpa_supplicant(  584): EAPOL: SUPP_PAE entering state CONNECTING

D/wpa_supplicant(  584): EAPOL: txStart

D/wpa_supplicant(  584): TX EAPOL: dst=00:26:0b:dc:17:8d

D/wpa_supplicant(  584): EAPOL: Received EAP-Packet frame

D/wpa_supplicant(  584): EAPOL: SUPP_PAE entering state RESTART

D/wpa_supplicant(  584): EAP: EAP entering state INITIALIZE

D/wpa_supplicant(  584): EAP: EAP entering state IDLE

D/wpa_supplicant(  584): EAPOL: SUPP_PAE entering state AUTHENTICATING

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state REQUEST

D/wpa_supplicant(  584): EAPOL: getSuppRsp

D/wpa_supplicant(  584): EAP: EAP entering state RECEIVED

D/wpa_supplicant(  584): EAP: Received EAP-Request id=1 method=1 vendor=0 vendorMethod=0

D/wpa_supplicant(  584): EAP: EAP entering state IDENTITY

I/wpa_supplicant(  584): wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started

D/wpa_supplicant(  584): EAP: EAP entering state SEND_RESPONSE

D/wpa_supplicant(  584): EAP: EAP entering state IDLE

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state RESPONSE

D/wpa_supplicant(  584): EAPOL: txSuppRsp

D/wpa_supplicant(  584): TX EAPOL: dst=00:26:0b:dc:17:8d

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state RECEIVE

D/wpa_supplicant(  584): EAPOL: Received EAP-Packet frame

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state REQUEST

D/wpa_supplicant(  584): EAPOL: getSuppRsp

D/wpa_supplicant(  584): EAP: EAP entering state RECEIVED

D/wpa_supplicant(  584): EAP: Received EAP-Request id=2 method=254 vendor=14122 vendorMethod=1

D/wpa_supplicant(  584): EAP: EAP entering state GET_METHOD

I/wpa_supplicant(  584): wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=14122 method=1

D/wpa_supplicant(  584): EAP: Initialize selected EAP method: vendor 14122 method 1 (WSC)

D/wpa_supplicant(  584): EAP-WSC: Fragment size limit 1398

I/wpa_supplicant(  584): wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 14122 method 1 (WSC) selected

D/wpa_supplicant(  584): EAP: EAP entering state METHOD

D/wpa_supplicant(  584): EAP-WSC: Received packet: Op-Code 1 Flags 0x0 Message Length 0

D/wpa_supplicant(  584): EAP-WSC: Received start

D/wpa_supplicant(  584): EAP-WSC: WAIT_START -> MESG

D/wpa_supplicant(  584): Get randomness: len=16 entropy=182

D/wpa_supplicant(  584): WPS: Building Message M1

D/wpa_supplicant(  584): WPS:  * Version (hardcoded 0x10)

D/wpa_supplicant(  584): WPS:  * Message Type (4)

D/wpa_supplicant(  584): WPS:  * UUID-E

D/wpa_supplicant(  584): WPS:  * MAC Address

D/wpa_supplicant(  584): WPS:  * Enrollee Nonce

D/wpa_supplicant(  584): WPS:  * Public Key

D/wpa_supplicant(  584): WPS: Generate new DH keys

D/wpa_supplicant(  584): WPS:  * Authentication Type Flags

D/wpa_supplicant(  584): WPS:  * Encryption Type Flags

D/wpa_supplicant(  584): WPS:  * Connection Type Flags

D/wpa_supplicant(  584): WPS:  * Config Methods (2108)

D/wpa_supplicant(  584): WPS:  * Wi-Fi Protected Setup State (1)

D/wpa_supplicant(  584): WPS:  * Manufacturer

D/wpa_supplicant(  584): WPS:  * Model Name

D/wpa_supplicant(  584): WPS:  * Model Number

D/wpa_supplicant(  584): WPS:  * Serial Number

D/wpa_supplicant(  584): WPS:  * Primary Device Type

D/wpa_supplicant(  584): WPS:  * Device Name

D/wpa_supplicant(  584): WPS:  * RF Bands (1)

D/wpa_supplicant(  584): WPS:  * Association State

D/wpa_supplicant(  584): WPS:  * Device Password ID (0)

D/wpa_supplicant(  584): WPS:  * Configuration Error (0)

D/wpa_supplicant(  584): WPS:  * OS Version

D/wpa_supplicant(  584): WPS:  * Version2 (0x20)

D/wpa_supplicant(  584): EAP-WSC: MESG -> MESG

D/wpa_supplicant(  584): EAP-WSC: Generating Response

D/wpa_supplicant(  584): EAP-WSC: Sending out 362 bytes (message sent completely)

D/wpa_supplicant(  584): EAP-WSC: MESG -> MESG

D/wpa_supplicant(  584): EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL

D/wpa_supplicant(  584): EAP: EAP entering state SEND_RESPONSE

D/wpa_supplicant(  584): EAP: EAP entering state IDLE

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state RESPONSE

D/wpa_supplicant(  584): EAPOL: txSuppRsp

D/wpa_supplicant(  584): TX EAPOL: dst=00:26:0b:dc:17:8d

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state RECEIVE

D/wpa_supplicant(  584): EAPOL: Received EAP-Packet frame

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state REQUEST

D/wpa_supplicant(  584): EAPOL: getSuppRsp

D/wpa_supplicant(  584): EAP: EAP entering state RECEIVED

D/wpa_supplicant(  584): EAP: Received EAP-Request id=3 method=254 vendor=14122 vendorMethod=1

D/wpa_supplicant(  584): EAP: EAP entering state METHOD

D/wpa_supplicant(  584): EAP-WSC: Received packet: Op-Code 4 Flags 0x0 Message Length 0

D/wpa_supplicant(  584): WPS: Processing received message (len=310 op_code=4)

D/wpa_supplicant(  584): WPS: Received WSC_MSG

D/wpa_supplicant(  584): WPS: attr type=0x104a len=1

D/wpa_supplicant(  584): WPS: attr type=0x1022 len=1

D/wpa_supplicant(  584): WPS: attr type=0x101a len=16

D/wpa_supplicant(  584): WPS: attr type=0x1039 len=16

D/wpa_supplicant(  584): WPS: attr type=0x1048 len=16

D/wpa_supplicant(  584): WPS: attr type=0x1004 len=2

D/wpa_supplicant(  584): WPS: attr type=0x1010 len=2

D/wpa_supplicant(  584): WPS: attr type=0x100d len=1

D/wpa_supplicant(  584): WPS: attr type=0x1008 len=2

D/wpa_supplicant(  584): WPS: attr type=0x1021 len=32

D/wpa_supplicant(  584): WPS: attr type=0x1023 len=32

D/wpa_supplicant(  584): WPS: attr type=0x1024 len=32

D/wpa_supplicant(  584): WPS: attr type=0x1042 len=32

D/wpa_supplicant(  584): WPS: attr type=0x1054 len=8

D/wpa_supplicant(  584): WPS: attr type=0x1011 len=32

D/wpa_supplicant(  584): WPS: attr type=0x103c len=1

D/wpa_supplicant(  584): WPS: attr type=0x1002 len=2

D/wpa_supplicant(  584): WPS: attr type=0x1009 len=2

D/wpa_supplicant(  584): WPS: attr type=0x102d len=4

D/wpa_supplicant(  584): WPS: Received M2D

I/wpa_supplicant(  584): wlan0: WPS-M2D dev_password_id=0 config_error=0

D/wpa_supplicant(  584): EAP-WSC: MESG -> MESG

D/wpa_supplicant(  584): WPS: Building Message WSC_ACK

D/wpa_supplicant(  584): WPS:  * Version (hardcoded 0x10)

D/wpa_supplicant(  584): WPS:  * Message Type (13)

D/wpa_supplicant(  584): WPS:  * Enrollee Nonce

D/wpa_supplicant(  584): WPS:  * Registrar Nonce

D/wpa_supplicant(  584): WPS:  * Version2 (0x20)

D/wpa_supplicant(  584): EAP-WSC: MESG -> MESG

D/wpa_supplicant(  584): EAP-WSC: Generating Response

D/wpa_supplicant(  584): EAP-WSC: Sending out 60 bytes (message sent completely)

D/wpa_supplicant(  584): EAP-WSC: MESG -> MESG

D/wpa_supplicant(  584): EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL

D/wpa_supplicant(  584): EAP: EAP entering state SEND_RESPONSE

D/wpa_supplicant(  584): EAP: EAP entering state IDLE

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state RESPONSE

D/wpa_supplicant(  584): EAPOL: txSuppRsp

D/wpa_supplicant(  584): TX EAPOL: dst=00:26:0b:dc:17:8d

D/wpa_supplicant(  584): EAPOL: SUPP_BE entering state RECEIVE

E/        (  112): MSMFB_HISTOGRAM failed!

_______________________________________________
HostAP mailing list
HostAP <at> lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap

reconfiguring the access point..

Hi,

I want to use wpa_cli and wps_reg to reconfigure access point of mine but

when i am doing sudo wpa_cli wps_reg 02:34:56:78:9a:bc 12345670

its showing "unknown command" . I do not why. Is here any help?

--

-- 
With Warm Regards

Harish Mandowara

-------------------------------------------------------------------------------------------------------------------------------

This e-mail is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. If you are not the
intended recipient, please contact the sender by reply e-mail and destroy
all copies and the original message. Any unauthorized review, use,
disclosure, dissemination, forwarding, printing or copying of this email
is strictly prohibited and appropriate legal action will be taken.
-------------------------------------------------------------------------------------------------------------------------------

[PATCH] P2P: Race condition in GO-NEG process if both peers enter p2p_connect at the same time

Hello,

We hit a case where both the peers assumed that other peer will be GO. Let us assume that p2p_connect command
was given on both the peers using a script at the same time. Also assume that P1 has higher mac address than
P2. 
1. P1 will send a GO-NEG-REQ and P2 will also send a GO-NEG-REQ.
2. Before P2 could get a callback p2p_go_neg_req_cb to update the variable go_neg_req_sent, P2 receives a
GO-NEG request of P1 in the dwell time of its own request.
3. So P2 prepares the GO-NEG-RSP and send it even though its mac address is lower than P1 because
go_neg_req_sent variable is NOT yet incremented.
4. Now P1 will get P2's GO-NEG-REQ and will reply it since it has higher mac address.
5. Both peers end up in sending GO-CONF frame.

To resolve this race, we propose that we increment go_neg_req_sent as soon as p2p_send_action is called
for GO-NEG-REQ. And then decrement go_neg_req_sent if because of some reason the success is not reported
in the callback p2p_go_neg_req_cb.

From 65193927d34fbbb9e84109b450268150867adbe5 Mon Sep 17 00:00:00 2001
From: Neeraj Garg <neerajkg <at> broadcom.com>
Date: Mon, 21 May 2012 11:53:46 +0530
Subject: [PATCH] P2P: Race condition in GO-NEG process if both peers enter p2p_connect at the same time
 Signed-off-by: Neeraj Garg <neerajkg <at> broadcom.com>

---
 src/p2p/p2p.c        |    4 +++-
 src/p2p/p2p_go_neg.c |    1 +
 2 files changed, 4 insertions(+), 1 deletions(-)
 mode change 100644 => 100755 src/p2p/p2p.c
 mode change 100644 => 100755 src/p2p/p2p_go_neg.c

diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
old mode 100644
new mode 100755
index deccfc0..37a33dd
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -2704,12 +2704,14 @@ static void p2p_go_neg_req_cb(struct p2p_data *p2p, int success)
 	}

 	if (success) {
-		dev->go_neg_req_sent++;
 		if (dev->flags & P2P_DEV_USER_REJECTED) {
 			p2p_set_state(p2p, P2P_IDLE);
 			return;
 		}
 	}
+	else {
+		dev->go_neg_req_sent--;
+	}

 	if (!success &&
 	    (dev->info.dev_capab & P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY) &&
diff --git a/src/p2p/p2p_go_neg.c b/src/p2p/p2p_go_neg.c
old mode 100644
new mode 100755
index 2bf48b3..727d445
--- a/src/p2p/p2p_go_neg.c
+++ b/src/p2p/p2p_go_neg.c
@@ -220,6 +220,7 @@ int p2p_connect_send(struct p2p_data *p2p, struct p2p_device *dev)
 	p2p->go_neg_peer = dev;
 	dev->flags |= P2P_DEV_WAIT_GO_NEG_RESPONSE;
 	dev->connect_reqs++;
+	dev->go_neg_req_sent++;
 	if (p2p_send_action(p2p, freq, dev->info.p2p_device_addr,
 			    p2p->cfg->dev_addr, dev->info.p2p_device_addr,
 			    wpabuf_head(req), wpabuf_len(req), 200) < 0) {
--

-- 
1.7.4.1

Regards,
-Neeraj

[PATCH] Speed up connection time during ASSOC retry

In current implementation, authentication timer continues to run even after the
driver has reported ASSOC_REJECT. Then the association is retried on authentication
timeout which is 10secs.

The below patch cancels the authentication timeout on ASSOC_REJECT and initiates an
scan for association. Kindly see whether the patch is fine.

[PATCH] Speed up connection time during ASSOC retry

Avoid waiting for authentication timeout, If driver reports
ASSOC-REJECT

Signed-off-by: Jithu Jance <jithu <at> broadcom.com>
---
 wpa_supplicant/events.c           |   19 +++++++++++++++++++
 wpa_supplicant/wpa_supplicant.c   |    3 +++
 wpa_supplicant/wpa_supplicant_i.h |    1 +
 3 files changed, 23 insertions(+), 0 deletions(-)

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 407407a..25c8f90 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2238,6 +2238,25 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
 				data->assoc_reject.status_code);
 		if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
 			sme_event_assoc_reject(wpa_s, data);
+
+		/* If assoc reject is reported by the driver, then avoid
+		 * waiting for  the authentication timeout. Cancel the
+		 * authentication timeout and retry the assoc.
+		 */
+		if(wpa_s->assoc_retries++ < 3) {
+			wpa_printf(MSG_ERROR, "Retrying assoc "
+			"Iteration:%d", wpa_s->assoc_retries);
+			wpa_supplicant_cancel_auth_timeout(wpa_s);
+
+			/* Clear the states */
+			wpa_sm_notify_disassoc(wpa_s->wpa);
+			wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
+
+			wpa_s->reassociate = 1;
+			wpa_supplicant_req_scan(wpa_s, 1, 0);
+		} else {
+			wpa_s->assoc_retries = 0;
+		}
 		break;
 	case EVENT_AUTH_TIMED_OUT:
 		if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 09b1640..12adb1b 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -585,6 +585,9 @@ void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
 		wpa_supplicant_state_txt(wpa_s->wpa_state),
 		wpa_supplicant_state_txt(state));

+	if(state == WPA_ASSOCIATED || (state <= WPA_INACTIVE))
+		wpa_s->assoc_retries = 0;
+
 	if (state != WPA_SCANNING)
 		wpa_supplicant_notify_scanning(wpa_s, 0);

diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index 23ffd7d..07837e2 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -286,6 +286,7 @@ struct wpa_supplicant {
 	struct wpa_bss *current_bss;
 	int ap_ies_from_associnfo;
 	unsigned int assoc_freq;
+	unsigned int assoc_retries;

 	/* Selected configuration (based on Beacon/ProbeResp WPA IE) */
 	int pairwise_cipher;
--

-- 
1.7.4.1

Thanks,

Jithu Jance

[PATCH] Set default P2P_MAX_CLIENT_IDLE to 20

Consider the disconnect event generated due to EAP-FAILURE(after WPS handshake) during the P2P connection.

In this disconnect context, the group idle timer will be set to 10 and assoc retry starts. If the connection
doesn't go through in
the first attempt the group will be removed. This is because the authentication timeout happens at 10secs
and the assoc
will be retried only after that.

I feel setting to twenty seconds will help to retry at least two times. Please see whether it is okay.

Setting authentication timeout to 5secs is also another option. But not sure whether there are some
systems requiring 10secs
time.

[PATCH] Set default P2P_MAX_CLIENT_IDLE to 20

Signed-hostap: Jithu Jance <jithu <at> broadcom.com>
---
 wpa_supplicant/p2p_supplicant.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c
index 44aadf1..4054b3b 100644
--- a/wpa_supplicant/p2p_supplicant.c
+++ b/wpa_supplicant/p2p_supplicant.c
@@ -44,7 +44,7 @@
  * How many seconds to try to reconnect to the GO when connection in P2P client
  * role has been lost.
  */
-#define P2P_MAX_CLIENT_IDLE 10
+#define P2P_MAX_CLIENT_IDLE 20
 #endif /* P2P_MAX_CLIENT_IDLE */

 #ifndef P2P_MAX_INITIAL_CONN_WAIT
--

-- 
1.7.4.1

Thanks,

Jithu Jance