- 09 Nov, 2015 7 commits
-
-
-
-
-
Jouni Malinen authored
am: 5060e1c0 * commit '5060e1c0': EAP-pwd peer: Fix last fragment length validation
-
Jouni Malinen authored
am: bc454293 * commit 'bc454293': EAP-pwd peer: Fix last fragment length validation
-
Jouni Malinen authored
am: 9c5ac8d9 * commit '9c5ac8d9': EAP-pwd peer: Fix last fragment length validation
-
Jouni Malinen authored
am: 3aa9ad54 * commit '3aa9ad54': EAP-pwd peer: Fix last fragment length validation
-
- 06 Nov, 2015 1 commit
-
-
Jouni Malinen authored
All but the last fragment had their length checked against the remaining room in the reassembly buffer. This allowed a suitably constructed last fragment frame to try to add extra data that would go beyond the buffer. The length validation code in wpabuf_put_data() prevents an actual buffer write overflow from occurring, but this results in process termination. (CVE-2015-5315) Bug: 25510821 Change-Id: Ic509a6efedc3da9ff40f2842fab5547d087f64de Signed-off-by:
Jouni Malinen <j@w1.fi> Signed-off-by:
Dmitry Shmidt <dimitrysh@google.com>
-
- 03 Nov, 2015 2 commits
-
-
-
Bill Yi authored
-
- 02 Nov, 2015 6 commits
-
-
Gaurav Shah authored
am: 27fb6061 * commit '27fb6061': Fix pointer arithmetic on a void*
-
Gaurav Shah authored
am: 960eaf83 * commit '960eaf83': external/wpa_supplicant8: Use libdbus rather than dbus-1
-
Gaurav Shah authored
am: 306b1d9d * commit '306b1d9d': Fix pointer arithmetic on a void*
-
Gaurav Shah authored
am: aadc6ee0 * commit 'aadc6ee0': external/wpa_supplicant8: Use libdbus rather than dbus-1
-
Gaurav Shah authored
-
Gaurav Shah authored
-
- 01 Nov, 2015 2 commits
-
-
Lee Campbell authored
Fails to compile on x86 gcc due to pointer arithmetic on a void* Change-Id: Icae95d28d82c1a406ec684aa03327c0f523e3985
-
Samuel Tan authored
The upstream wpa_supplicant uses the dbus-1 library when it is compiled with D-Bus support. In Android, we imported the D-Bus shared libraries under the name "libdbus", so use this shared library instead of dbus-1 when compiling WPA supplicant with D-Bus support. CQ-DEPEND=CL:746796 BUG: 22957177 TEST: Compile brillo for dragon/emulator succeeds. Change-Id: I1b30f0c2302e6c95815508e43a69bd78cf218e16
-
- 23 Oct, 2015 1 commit
-
-
Jouni Malinen authored
am: 6ec3038c * commit '6ec3038c': RSN: Stop connection attempt on apparent PMK mismatch
-
- 21 Oct, 2015 1 commit
-
-
Jouni Malinen authored
If WPA2-Enterprise connection with full EAP authentication (i.e., no PMKSA caching used) results in a PMKID that does not match the one the AP/Authenticator indicates in EAPOL-Key msg 1/4, there is not much point in trying to trigger full EAP authentication by sending EAPOL-Start since this sequence was immediately after such full authentication attempt. There are known examples of authentication servers with incorrect MSK derivation when TLS v1.2 is used (e.g., FreeRADIUS 2.2.6 or 3.0.7 when built with OpenSSL 1.0.2). Write a clear debug log entry and also send it to control interface monitors when it looks likely that this case has been hit. After doing that, stop the connection attempt by disassociating instead of trying to send out EAPOL-Start to trigger new EAP authentication round (such another try can be tried with a new association). b/24253154 From upstream commit bddc51e8e422463dc96c263666b6fc4c26375cb6 Change-Id: I1e72c9d0232492103a10c0f4125170c000754ac5 Signed-off-by:
-
- 13 Oct, 2015 4 commits
-
-
Jouni Malinen authored
* commit 'd9191ea1': Throttle control interface event message bursts
-
Jouni Malinen authored
* commit 'c4818368': Add wpa_supplicant EVENT_TEST control interface command
-
Anton Nayshtut authored
* commit 'f715e8df': hostapd: Global control interface notifications
-
Jouni Malinen authored
* commit '26c152a3': Add debug prints for wpa_supplicant ctrl_iface socket send operations
-
- 07 Oct, 2015 4 commits
-
-
Jouni Malinen authored
Some operations like a new scan result processing can result in large number of wpa_supplicant control interface messages being generated. Especially with multiple control interface monitors, this could result in hitting the output queue length maximum and event messages getting dropped. In worst case, that could even result in hitting ten consecutive sendto() errors which could result in an attached monitor socket getting detached. Avoid this type of issues by throttling monitor event transmission based on the output queue length. If more than half of the maximum send buffer is used, postpone sending of following event messages until the pending output queue has dropped below the limit. Bug: 24270573 Change-Id: I3905f3ec925ee3bdc67f7fb93991e620a2a6ee57 Signed-off-by:
-
Jouni Malinen authored
This testing command makes it easier to debug bursts of event message. Bug: 24270573 Change-Id: I2fca154a6a290f23d947bb36515a4d26c4e46ba2 Signed-off-by:
-
Anton Nayshtut authored
This commit implements hostapd global control interface notifications infrastructure. hostapd global control interface clients issue ATTACH/DETACH commands to register and deregister with hostapd correspondingly - the same way as for any other hostapd/wpa_supplicant control interface. Bug: 24270573 Change-Id: I46da39e8262a446e7779a1adfbcb08b5bfa382d7 Signed-off-by:
Jouni Malinen <jouni@qca.qualcomm.com> Signed-off-by:
-
Jouni Malinen authored
This makes it easier to track the output queue state on a control interface socket and determine what could be causing issues with running out of space in the buffer. Bug: 24270573 Change-Id: Iad7b6b7c96dca45edd6734594a11c97376942bd9 Signed-off-by:
-
- 19 Sep, 2015 1 commit
-
-
Amarnath Hullur Subramanyam authored
* commit 'a82c83cf': Update AP WPA/RSN IE on all associations if driver can select BSS
-
- 18 Sep, 2015 1 commit
-
-
Amarnath Hullur Subramanyam authored
It is possible for driver-based BSS selection to end up reassociating back to the current AP. If wpa_supplicant preferred another BSS, it would have updated the internal knowledge of the AP's WPA/RSN IE when requesting a new connection. In the special case of existing association and new association being with the same BSS that is different from the wpa_supplicant preference, association event processing skipped the WPA/RSN IE update. This could result in the following 4-way handshake getting rejected due to incorrectly detected mismatch with AP's RSN/WPA IE between Beacon/Probe Response frame and EAPOL-Key msg 3/4. Fix this by updating the AP WPA/RSN IE on all association events when driver-based BSS selection is used regardless of whether the BSSID changes. This could also cover a theoretical case of the AP changing its RSN/WPA IE at the very moment we try to reassociate back to the same BSS. Signed-off-by:
-
- 28 Aug, 2015 2 commits
-
-
Ravi Joshi authored
* commit 'e6ccb164': Add QCA vendor command support to set band to driver
-
Ravi Joshi authored
Add vendor command to pass SET setband command to the driver and read the updated channel list from driver when this notification succeeds. This allows the driver to update its internal channel lists based on setband configuration. For merge compatibility it has 3 patches: 844dfeb Add QCA vendor command support to set band to driver 6b0ceee Add QCA vendor definitions for multi-port concurrency d71bdfb Add QCA vendor command for updating gateway parameters Signed-off-by:
-
- 27 Aug, 2015 3 commits
-
-
Mitchell Wills authored
* commit 'dca87543':
-
Jouni Malinen authored
* commit '23b29b83':
-
Sasha Levitskiy authored
am 5f6ca22c: (-s ours) am daa60e5c: The P2P configuration file is wrongly set as STA configuration file * commit '5f6ca22c':
-
- 26 Aug, 2015 3 commits
-
-
Mitchell Wills authored
* commit '289d1289': Make sure configuration is saved to storage device
-
Mitchell Wills authored
* commit '447c7ff8': Make sure configuration is saved to storage device
-
Mitchell Wills authored
* commit '447c7ff8': Make sure configuration is saved to storage device
-
- 25 Aug, 2015 1 commit
-
-
Mitchell Wills authored
Bug: 20891664 Change-Id: I9bec042155f13bec678944466082a9969e559851 Signed-off-by:
-
- 24 Aug, 2015 1 commit
-
-
Srinivas Dasari authored
* commit 'f8467ce3': nl80211: Use beacon TSF if it is newer than Probe Response TSF
-
