| 4d8552e9d137f0aab7d64e1476b7f892d0468aeb |
|
06-Feb-2018 |
Pavel Grafov <pgrafov@google.com> |
NIAP: Log certificate validation failure for audit.
Bug: 70886042
Test: attempt connecting to EAP-TLS wifi with self-signed cert.
Change-Id: Ic61de6bcd6b0494e5ecc0f1ff97af7c36f56d8f8
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| d2986c2e737a8441ff5a791b6b56c1c8322ef3c9 |
|
23-Oct-2017 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 3d6953288b592704484864f41791f8c67ff9aa5a
3d6953288 Extend RESEND_* test commands to allow forcing plaintext TX
4be5bc98a DPP: Update AES-SIV AD for PKEX frames
dc4d271c6 DPP: Update AES-SIV AD for DPP Authentication frames
6338c99ef FILS: Send updated connection parameters to drivers if needed
d2ba0d719 Move assoc param setting into a helper function
084131c85 FILS: Allow eap_peer_get_erp_info() to be called without config
b0a21e228 FILS: Update replay counter from roam info
693eafb15 nl80211: Update FILS roam info from vendor roam event
3c67e977d nl80211: Add support to send updated connection parameters
cddfda789 Add attributes to support roam+auth vendor event for FILS
c0fe5f125 Clear BSSID information in supplicant state machine on disconnection
006fb845b nl80211: Use NL80211_BSS_LAST_SEEN_BOOTTIME if available
a6ea66530 Additional consistentcy checks for PTK component lengths
6f234c1e2 Optional AP side workaround for key reinstallation attacks
daa409608 Allow last (Re)Association Request frame to be replayed for testing
751f5b293 Allow EAPOL-Key Request to be sent through control interface
bb06748f4 Make last received ANonce available through control interface
143b81bad Allow arbitrary key configuration for testing
d8afdb210 Allow EAPOL-Key messages 1/4 and 3/4 to be retransmitted for testing
6bc2f00f4 Allow group key handshake message 1/2 to be retransmitted for testing
16579769f Add testing functionality for resetting PN/IPN for configured keys
b488a1294 Clear PMK length and check for this when deriving PTK
00583ef11 Add debug prints on PMK configuration in WPA supplicant
a00e946c1 WPA: Extra defense against PTK reinstalls in 4-way handshake
a0bf1b68c Remove all PeerKey functionality
e76085117 FILS: Do not allow multiple (Re)Association Response frames
2f1357fb6 FILS: Accept another (Re)Association Request frame during an association
df9490620 Add MGMT_TX_STATUS_PROCESS command for testing purposes
c53eb9461 OWE: Remove forgotten developer debug prints
a34ca59e4 SAE: Allow SAE password to be configured separately (STA)
2377c1cae SAE: Allow SAE password to be configured separately (AP)
c5aeb4343 P2P: Do not mark DFS channel as invalid if DFS is offloaded to driver
58efbcbcd DPP: Fix static analyzer warnings in key generation and JWK construction
f51609022 P2P: Prefer 5/60 GHz band over 2.4 GHz during GO configuration
91cc34bf3 OWE: Allow set of enabled DH groups to be limited on AP
265bda344 OWE: Allow DH Parameters element to be overridden for testing purposes
8c19ea3f2 DPP: Add the crypto suite field to the frames
c77e2ff09 DPP: Remove C-sign-key expiry
6254045a5 DPP: Explicitly delete the PKEX secret element K upon generation of z
0e6709a4e DPP: Rename PKEX secret element from Z to K
657317179 DPP: Verify that PKEX Qi is not the point-at-infinity
a89138818 OWE: Transition mode information based on BSS ifname
109704657 OWE: Support station SME-in-driver case
5a78c3619 OWE: PMKSA caching in station mode
d90f10fa4 OWE: PMKSA caching in AP mode
8b5579e17 DPP: Fix EAPOL-Key Key MIC calculation
ec9f48377 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in station
7a12edd16 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in AP mode
6c4726189 OWE: Extend shared helper functions to support other DH curves
d8c8d8575 OWE: Include RSNE in (Re)Association Response frame
e8b964901 OWE: Transition mode support on station side
675112df1 OWE: Set PMK length properly on supplicant side
ea079153f OWE: Add AP support for transition mode
4a3746341 hostapd: Update HE capabilities and HE operation definition
63bc0ab0e P2P: Allow GO to advertise Interworking element
3567641eb Add TX/RX rate info and signal strength into STA output
fa4b605a0 WPS: Do not increment wildcard_uuid when pin is locked
e37cea308 OCE: Update default scan IEs when OCE is enabled/disabled
ee522d27c Vendor flags for 11ax channel property flags for use with external ACS
61a56c148 Add group_mgmt network parameter for PMF cipher selection
0ad5893a2 PAE: Validate input before pointer
fd35ed5bb AP: Remove unneeded check for 'added_unassociated'
d55b17460 FILS: Vendor attribute to disable driver FILS features
a7297ae5c Fix hostapd debug messages on wpa_pairwise and rsn_pairwise parsing
29c940e7a TDLS: Update the comments related to TPK derivation
3de1566db FILS: Check req_ies for NULL pointer in hostapd_notif_assoc()
1c9663cf6 OpenSSL: Force RSA 3072-bit DH prime size limit for Suite B
2ed70c758 OpenSSL: Add option to disable ECDHE with Suite B RSA
4eb8cfe06 OpenSSL: Force RSA 3072-bit key size limit for Suite B
6418400db Add hostapd tls_flags parameter
60ed2f24e Suite B: Add tls_suiteb=1 parameter for RSA 3k key case
5030d7d9f DPP: Allow raw hex PSK to be used for legacy configuration
039ab15fd DPP: Add DPP-CONFOBJ-PASS/PSK events for hostapd legacy configuration
9824de57a Fix EAPOL-Key version check for a corner case with Suite B AKM
3c7863f81 wpa_supplicant: Support dynamic update of wowlan_triggers
4cada9dcc FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS
41b819148 FILS: Update PMKID derivation rules for ERP key hierarchy establishment
303113398 mesh: Move writing of mesh_rssi_threshold inside CONFIG_MESH
2efc67207 Fix RSN pre-authentication regression with pre-connection scan results
73b3de01c macsec_linux: Exit early when missing macsec kernel module
7612e65b9 mka: Add error handling for secy_init_macsec() calls
2c66c7d11 wpa_supplicant: Check length when building ext_capability in assoc_cb
fdbfb63e4 nl80211: Fix bridge name print while removing interface from bridge
333517ac1 crypto: Fix undefined behavior in random number generator
84fccc724 Send Client-Error when AT_KDF attributes from the server are incorrect
446600c35 Add AT_KDF attributes to Synchronization-Failure in EAP-AKA'
155bf1108 PMKSA: Fix use-after-free in pmksa_cache_clone_entry()
cdf250149 dbus: Add new interface property to get mesh group
190f6f117 dbus: Add new interface property to get connected mesh peers
a9de99b1c dbus: Add MeshPeerDisconnected signal
9b0701fbf dbus: Add MeshPeerConnected signal
a39b040b4 dbus: Add MeshGroupRemoved signal
89e9cd25d dbus: Add MeshGroupStarted signal
49e6a5553 FILS: Add a space before MAC address to a HLP debug message
359166ed2 Remove the completely unused FT parameters in driver association data
3db2a82df Add SHA-384 routines to libcrypto.a
a0f19e9c7 SAE: Allow commit fields to be overridden for testing purposes (STA)
3648d8a18 SAE: Allow commit fields to be overridden for testing purposes
e75335384 SAE: Add testing code for reflection attack
e61fea6b4 SAE: Fix PMKSA caching behavior in AP mode
a6f238f21 DPP: Add base64 dependency in makefiles
c2d4f2eb5 DPP: Derive PMKID using SHA256() for all curves
64a0a75b5 nl80211: Fix auth_alg selection with FILS in the connect command
7475e80f1 FILS: Fix wpa_supplicant AP build without CONFIG_IEEE80211W
85fd8263a DPP: Use Transaction ID in Peer Discovery Request/Response frames
a28675da2 hs20-osu-client: Fix build with new OpenSSL and BoringSSL
cf39475b4 Introduce QCA_NL80211_VENDOR_SUBCMD_HANG
17385fba2 tests: JSON module tests for additional array parsing
d4488b9da JSON: Fix parsing of arrays of numbers, strings, literals
a4bf00787 DPP: Remove devices object from the connector
e77d13ef9 QCA vendor attribute to configure beacon miss penalize count for BTC
7bd88aaf3 QCA vendor attribute to configure beacon miss count
505554bbf QCA vendor attribute to enable/disable scan
ae048257c WPS: Interpret zero length ap_pin hostapd.conf parameter as "unset"
2bdbace63 Remove some obsolete information from hostapd README file
b0fc2ef3a hw_features: Fix check of supported 802.11ac channel width
b5bf84ba3 WNM: Differentiate between WNM for station and for AP in build
922dcf1b4 RRM: Remove duplicate frequencies from beacon report scan request
705e2909c RRM: Send response when Beacon report request is not supported/refused
3756acfd4 RRM: Send Radio Measurement response when beacon report scan fails
b3c148e9f RRM: Send reject/refuse response only to unicast measurement request
51143af7e wpa_cli: Fix global control interface for STA-FIRST/STA-NEXT
809c67502 DPP: Fix build with OpenSSL 1.1.0
89971d8b1 OpenSSL: Clear default_passwd_cb more thoroughly
f665c93e1 OpenSSL: Fix private key password handling with OpenSSL >= 1.1.0f
2b9891bd6 OpenSSL: Add build option to select default ciphers
65833d71a OCE: Add hostapd mode OCE capability indication if enabled
332aadb8a STA: Add OCE capability indication attribute
fb718f94d nl80211: Check if driver supports OCE specific features
46b15e470 Add vendor flags for OCE feature support indication
b377ec258 FILS: Fix issuing FILS connect to a non-FILS AP in driver-FILS case
9f44f7f3b Introduce a vendor attribute to represent the PNO/EPNO Request ID
881a92e8b FILS: Fix compilation with CONFIG_NO_WPA
1f2ae8cff EAP-TTLS: Fix a memory leak on error paths
83e003a91 EAP-TTLS: Fix possible memory leak in eap_ttls_phase2_request_mschap()
422570eec MBO: Fix possible memory leak in anqp_send_req()
96e595a9f EAP-LEAP: Fix possible memory leak in eap_leap_process_request()
23eead4d7 RRM: Filter scan results by parent TSF only if driver supports it
3f8e3a548 ap: Fix invalid HT40 channel pair fallback
6d3e24d3e ap: Fix return value in hostapd_drv_switch_channel()
d02e4c8ac P2P: Clear get_pref_freq_list_override on P2P Device
bfbc41eac DPP: Fix compilation without openssl
cc6088463 P2P: Allow auto GO on DFS channels if driver supports this
fe3e0bac1 FILS: Advertize FILS capability based on driver capability
5579c11c3 Fix a typo in vendor attribute documentation
8b5ddda5f FILS: Add HLP support with driver-based AP SME
31ec556ce FILS: Fix the IP header protocol field in HLP DHCP response
b3e567c89 FILS: ERP-based PMKSA cache addition on AP
bfe448331 FILS: Fix a frame name in a debug print
6d49aeb76 MBO: Whitespace cleanup
f2cdb41b8 OCE: Define OCE attributes and other related macros
267fc0dd3 Add wpa_supplicant ctrl iface support to scan for a specific BSSID
f522bb237 DPP: Add DPP_CONFIGURATOR_SIGN to generate own connector
dc7fc09cc DPP: Add control interface commands into hostapd_cli
a86fb43ca DPP: DPP_BOOTSTRAP_INFO for hostapd
484788b87 DPP: Share bootstrap type to string helper function
623f95685 DPP: Allow wpa_cli DPP_CONFIGURATOR_ADD without arguments
888502325 Add new key_mgmt values for wpa_supplicant STATUS command
3a5954ef9 Add mgmt_group_cipher to wpa_supplicant STATUS command
90f837b0b Update default wpa_group_rekey to once-per-day when using CCMP/GCMP
787615b38 DPP: Set PMKSA expiration based on peer connector
6b140f0fa DPP: Update hostapd configurator parameters to match wpa_supplicant
2605405aa DPP: Configurator in hostapd
efeada91a DPP: PKEX in hostapd
6095b4790 DPP: Check JWS protected header alg against C-sign-key curve
b65b22d60 DPP: Configurator parameters in responder role
31f03cb00 DPP: Update JWS algorithm strings for Brainpool curves
e0d3d3fce DPP: Rename Brainpool curve names for JSON
500ed7f00 DPP: PKEX bootstrapping
b9d47b484 DPP: Add helper functions for running hash operations
0c7cf1f50 DPP: Increase hostapd_cli buffer limits
44d6b272c DPP: Fix configuration item list
43fbb8db5 DPP: More debug for own connector configuration errors
f1f4fa797 DPP: Fix JWK debug prints
b04854cef nl80211/MBO: Set temporary disallowed BSSID list to driver
2a71673e2 ERP: Derive ERP key only after successful EAP authentication
528b65578 Add Set Wi-Fi Configuration vendor attribute to configure LRO
944f359e1 Introduce a vendor command to specify the active Type Of Service
b6ea76425 nl80211: Make KCK attribute optional in rekey data
35f064212 DPP: Allow passphrase to be set for Configurator
68cb6dcec DPP: Allow SSID to be set for Configurator
186f20489 JSON: Fix \u escaping
a82349347 DPP: Add an example python script for QR Code operations
6a7182a9c DPP: Add DPP_BOOTSTRAP_INFO command
8528994e2 DPP: Automatic network profile creation
da143f7fb FILS: Fix EVENT_ASSOC processing checks for driver-SME
3c0daa13d Make wpa_config_read_blob() easier for static analyzers
a0d5c56f8 DPP: Network Introduction protocol for wpa_supplicant
4ff89c2eb DPP: Network Introduction protocol for hostapd
650a70a72 DPP: Network Introduction protocol
56c754958 DPP: AP parameters for DPP AKM
b979caae5 DPP: Network profile parameters for DPP AKM
0c52953b0 DPP: Allow PMKSA cache entries to be added through hostapd ctrl_iface
567da5bbd DPP: Add new AKM
9c2b8204e DPP: Integration for hostapd
9beb2892d DPP: Add wpa_cli commands for DPP operations
461d39af4 DPP: Configuration exchange
30d27b048 DPP: Authentication exchange
be27e185b DPP: Bootstrap information management
d4d76d983 Fix offchannel TX done handling for sequence of TX frames
00b02149e nl80211: Register to receive DPP Public Action frames
4e19eb88a tests: Module tests for JSON parser
005be3daa Add JavaScript Object Notation (JSON) parser (RFC7159)
5b52e1adc tests: Update base64 OOM test cases to match implementation changes
0ffdc8b19 Add base64url encoding/decoding per RFC 4648
77f273c82 Extend SHA-384 and SHA-512 support to match SHA-256
2c9d92497 P2P: Debug print P2P_FIND rejection reason
618aa2290 P2P: Fix p2p_in_provisioning clearing in failure case
b5db6e5dc eap_proxy: Support multiple SIMs in get_imsi()
002087651 eap_proxy: Build realm from IMSI for proxy based EAP methods
5e0c20ff3 nl80211: Do not notify interface as re-enabled if initialization fails
8696e6170 eap_proxy: Add support for deriving ERP information
115d5e222 hostapd: Fix handling a 20/40 BSS Coexistence Management frame
2d18ab408 Add a config parameter to exclude DFS channels from ACS
3c2bd55f0 P2P: wpas_p2p_select_go_freq() to check for supported pref_freq
8d968351a Interworking: Add NULL checking for EAP name in phase2/autheap parameter
9ddba3a30 Rename vendor attribute DISABLE_OFFCHANNEL to RESTRICT_OFFCHANNEL
d506c35ef Set Wi-Fi Configuration attribute to restrict offchannel operations
4aa329298 ERP: Do not generate ERP keys when domain name is not specified
34ee12c55 Do not flush PMKSA on bssid_hint change
290834df6 nl80211: Fix race condition in detecting MAC change
04f667fcd DFS: Allow switch to DFS channel after radar detection in ETSI
aa56e36d6 driver: Make DFS domain information available to core
e8e430fe7 Vendor attributes to retain connection on a roam request failure
43a356b26 Provide option to configure BSSID hint for a network
33117656e Define a QCA vendor attribute to update the listen interval
85cff4b0d OpenSSL: Try SHA256 hash for OCSP certificate matching
d264c2e39 HTTP (curl): Try SHA256 hash for OCSP certificate matching
95818ec17 Fix compiler warning with CONFIG_IEEE80211R no-CONFIG_FILS build
613639454 Make CONFIG_MACSEC depend on IEEE8021X_EAPOL
31a856a12 mesh: Make NL80211_MESHCONF_RSSI_THRESHOLD configurable
1f3c49d41 Fix 160 MHz opclass channel to frequency conversion
9f4947466 dbus: Add method to disable channel switching with a TDLS peer
2a57b4b82 dbus: Add method to enable channel switching with a TDLS peer
193950541 dbus: Add AbortScan method to abort ongoing scan
8fed47e01 FILS: Derive FT key hierarchy on authenticator side for FILS+FT
7d440a3bc FILS: Derive FT key hierarchy on supplicant side for FILS+FT
215eaa748 FILS: Implement FILS-FT derivation
80ddf5d99 FILS: Fix Key-Auth derivation for SK+PFS for authenticator side
e6b623133 FILS: Fix Key-Auth derivation for SK+PFS for supplicant side
4d0a61c50 FILS: Debug print inputs to Key-Auth derivation
be1ece46f wpa_supplicant: Add GET_CAPABILITY for P2P redirection
853cfa873 Detect endianness when building for RTEMS
35bb8a9a5 Android: Define CONFIG_TESTING_OPTIONS if enabled in config
178553b70 MBO: Add support to set ignore assoc disallow to driver
3a46cf93d FT: Add support for wildcard R0KH/R1KH
eefe86301 FT RRB: Add msg replay and msg delay protection
245fc96e5 FT: New RRB message format
50bd8e0a9 FT: Replace inter-AP protocol with use of OUI Extended Ethertype
f2a04874c MBO: Fix possible NULL pointer dereference on candidate handling
01dd2b105 ERP: Silence static analyzer warning
d912953e3 atheros: Get rid of static analyzer warnings on 0-length memcpy
470f08b4f Enable CONFIG_WNM=y automatically for CONFIG_MBO=y builds
f54114825 Fix GAS server ifdef block use
8b49b530b Fix CONFIG_INTERWORKING=y build without CONFIG_HS20=y
0661163ef Do not blacklist the current AP on DISABLE_NETWORK
ec27b04e6 hostapd: Select a valid secondary channel if both enabled
da6a28ba6 FILS: Specify if FILS HLP was sent in connect
a38090b16 FILS: Add HLP to Connect IEs
1e6780bda Allocate dynamic memory for connect IEs
9f894823f PAE: Silence static analyzer warning about NULL pointer dereference
9a72bfe9a Add control interface command to enable/disable roaming
fa61bff6a FILS: Handle authentication/association in partial driver AP SME
5cee22ca4 FILS: Make handle_auth_fils() re-usable for driver-based AP SME
5e5f8c816 FILS: Move authentication response handling into a helper function
b8a3453ac FILS: Pass only IE area to handle_auth_fils()
9392859d7 FILS: Move AssocResp construction to a helper function
bd5993532 FILS: Move Key Confirm element validation to a helper function
087631b98 FILS: Move Session element validation to a helper function
cc20edc9f FILS: Add FILS auth_alg to driver-based AP SME association handling
957bff83c FILS: Add driver-AP SME callback to set TK after association
8acbf85fa FILS: Add FILS AEAD parameters for sta_auth() calls
f46c154c5 atheros: Add FILS AAD parameters in sta_auth() handler
6b128fb2a driver: Move sta_auth() arguments to a struct
d7cff1d87 atheros: Enable raw management frame receive for FILS builds
2b7a8ec47 atheros: Read driver FILS capability
d5444aac4 FILS: Add FILS Indication element into Beacon/Probe Response template
8befe8a99 Define a QCA attribute to specify the PCL policy for external ACS
183d3924c WPS: Add option for using random UUID
b44d1efd2 FILS: Fix key info in GTK rekey EAPOL-Key msg 2/2
04243740c FILS: Fix GTK rekey by accepting EAPOL-Key msg 1/2 with FILS AKM
bbe7969d6 FILS: Update cache identifier on association
f705f41b7 FILS: Update PMKSA cache with FILS shared key offload
01ef320f1 FILS: Update ERP next sequence number with driver offload
5538fc930 FILS: Track completion with FILS shared key authentication offload
8b0a6dba8 FILS: Connect request for offloaded FILS shared key authentication
79f3121bb FILS: Set cache identifier in current PMKSA entry for driver-SME case
15def72fa ERP: External control of ERP key information
42e69bda2 FILS: Add support for Cache Identifier in add/remove PMKSA
061a3d3d5 nl80211: Add support for FILS Cache Identifier in add/remove_pmkid()
6fbb54140 driver: Move add_pmkid() and remove_pmkid() arguments into a struct
ad295f3b8 nl80211: Add support for FILS shared key offload
199eb3a4e FILS: Add support to write FILS key_mgmt values in network blocks
16217e13d QCA vendor commands and attributes for spectral scan
5db997e34 FILS: Add FTE into FILS Authentication frame from AP when using FILS+FT
af3e362fa FILS: Add MDE into Authentication frame for FILS+FT
5aa08153a FT: Add selection of FT+FILS AKMs
c10e0ccc9 Hide *PMKSA_ADD parameters from debug log
2971da270 P2P: Do not use wait_time for SD Response TX for last fragmentation
c5fee1604 FT: Schedule wpa_ft_rrb_rx() through eloop in intra-process communication
469677367 Sync with mac80211-next.git include/uapi/linux/nl80211.h
775e986d5 hostapd: Fix crash on consecutive channel switch failures
3d5f0e916 wpa_supplicant: Avoid associating to temp disabled SSID in ap_scan=2
fbba28f8c P2P: Suppress warning on non-P2P config
127595887 QCA vendor command: Add TA max duration attribute for OCB configure
2a9ec7c69 Define attributes for QCA vendor OCB commands
6a4363f5f MBO: Fix reject reason codes
0119d4424 FILS: Fix wpa_supplicant compilation errors
4cc6574d0 FILS: Fix fils_cache_id check
a5269dc20 wpa_helpers: Ignore link-local IPv4 address while waiting for DHCP
e2f00bb5f xml: Add Value node in TNDS node conversion for empty value case
a34317b52 GAS: Handle no-ACK TX status for GAS request frames
5db86df6a macsec_linux: Fix NULL pointer dereference on error cases
e50df5d2a mka: Fix use-after-free when transmit secure channels are deleted
529d6ed72 mka: Fix use-after-free when receive secure channels are deleted
6c2056abe QCA vendor attributes to extend antenna diversity functionality
b4ae5f04d Add vendor attribute to config propagation delay's absolute value
7f5f4e46a Fix QCA_ATTR_NUD_STATS_IS_DAD value
2c0ac6d61 P2P: Run full P2P_FIND scan after pending scan completes
d3bb082a7 P2P: Continue scanning specified channel with P2P_FIND freq argument
31e130f82 FILS: Add FILS-SK-PFS capability into "GET_CAPABILITY fils" command
649835167 FILS: Check FILS Indication element against local network profile
76e20f4fa FILS: Add FILS SK auth PFS support in STA mode
1764559ee FILS: Add FILS SK auth PFS support in AP mode
cad291d67 FILS: Define authentication algorithm for FILS SK auth with PFS
611523849 OWE: Add CONFIG_OWE=y build option
07a5fe823 OWE: Use AKM 00-0F-AC:11 style parameters for EAPOL-Key frames
ef9627cbc Print the algorithms used for EAPOL-Key professing in log
ef2383859 Return success/failure result from sha384_prf()
0a6147991 OWE: Process Diffie-Hellman Parameter element in STA mode
09368515d OWE: Process Diffie-Hellman Parameter element in AP mode
f9561868e OWE: Add driver capability flag for OWE AKM
a1ea1b452 OWE: Define and parse OWE AKM selector
9c7aac738 OWE: Define and parse Diffie-Hellman Parameter element
e73244c24 tests: Extract-and-Expand HKDF (RFC 5869)
4ec833daf Extend hmac_sha256_kdf() to support HKDF-Expand() as defined in RFC 5869
ae1ec1aaf OpenSSL: Add wrapper functions for ECDH
b07ff9cb0 wpa_supplicant: Allow disabling HT in AP mode without HT overrides
2124a615e wpa_supplicant: Allow explicit wide channel configuration for AP mode
57ee04dc7 wpa_cli: Execute action file in case of WPS_EVENT_TIMEOUT
6252b981d wpa_cli: Execute action file in case of WPS_EVENT_ACTIVE
acdf50219 WPS: Notify about WPS PBC event in Enrollee mode
15e5ee0b7 wpa_supplicant: events: Don't bounce timeout reason through a buffer
e97d15b73 wpa_cli: Update wnm_bss_query auto complete message
15ab61eda WNM: Add option to configure candidates for BTM query candidate list
e044a9d1e common: Add candidate list parsing helper function
13bf18eda WNM: Use a dynamically allocated buffer for BTM query and response
34f285190 MBO: Parse MBO ANQP-element on STA
941caed98 MBO: Add MBO ANQP-element processing on AP
8ecf2231f ANQP: Extend ANQP_GET command to request without IEEE 802.11 elements
2316cb358 MBO: Add option to add MBO query list to ANQP query
7cbb5f1a4 DFS: Handle pre-CAC expired event
62c8c7f72 nl80211: Handle pre-CAC expired event from the driver
caaaee072 Sync with mac80211-next.git include/uapi/linux/nl80211.h
3dcd735c1 DFS: Handle CAC completion event from other radio
d0330d57f nl80211: Add option to delay start of schedule scan plans
b696f791a RRM: Fix wpas_rrm_send_msr_report() loop handling
891aa65b8 RRM: Use dynamically allocated buffer for beacon report
a1f11e34c Use os_memdup()
dbdda355d Introduce os_memdup()
af8bc24da MBO: Add support for transition reject reason code
3ab484928 nl80211: Driver command for checking BTM accept/reject
23cddd751 wpa_supplicant: Fix non_pref_chan example
b9fd3c244 tests: Add TEST_FAIL() to radius_msg_add_attr()
de01f254a RADIUS server: Fix error paths in new session creation
4c803dfcd ACS: Fix memory leak if interface is disabled during scan
29be2c090 ACS: Simplify code paths
fa07d2d46 tests: Add TEST_FAIL() checks in l2_packet
d4359923e Fix DHCP/NDISC snoop deinit followed by failing re-init
160dca078 Add QCA vendor command/attr for BRP antenna limit control
57d3c5913 Clear scan_res_handler on no-retry failure
e9518ae74 WFD: Add WFD R2 Subelements
21ac78279 QCA nl80211 vendor attribute for specific sub-20 MHz channel width
ff936bc75 Make the third octet of Country String configurable
511831983 trace: Look up start to cope with ASLR
206516e8c af_alg: Crypto wrappers for Linux kernel crypto (AF_ALG)
b41d3e0a7 crypto: Process des_encrypt() error returns in callers
5f0e165e8 crypto: Add return value to DES and AES encrypt/decrypt
dca4b503f MBO: Fix minimum length check on non_pref_chan configuration
5b9f46df0 hostapd: Get channel number from frequency based on other modes as well
4c8836f13 FILS: Fix fils_hlp.c build with older netinet/udp.h definitions
c4bb39707 Fix AES-SIV build dependencies
694a3a0d6 mesh: Fix CONFIG_MESH=y build without CONFIG_IEEE80211W=y
88a447556 Fix SELECT_NETWORK freq parameter
d02989f2e D-Bus: Notify mesh capability if driver supports it
57a2aacab Add option to disable broadcast deauth in hostapd on AP start/stop
21ed24f5a hostapd: Fix potential mesh-related change from impacting non-mesh cases
b7286c1b5 FILS: External management of PMKSA cache entry with Cache Identifier
869af3072 FILS: Use FILS Cache Identifier to extend PMKSA applicability
6aea02e57 SME: Clear portValid on starting authentication to fix FILS
ba9774bd7 FILS: Fix BSSID in reassociation case
7eace3787 FILS: Find PMKSA cache entries on AP based on FILS Cache Identifier
Bug: 68042382
Test: Device boots up and connects to wifi networks.
Test: Regression tests.
Change-Id: I6710d39e00c489288f8afe855868ad28aeba0100
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| a3c43f225ba4767d2d711b355ed85c828f6102a0 |
|
30-Jan-2017 |
Treehugger Robot <treehugger-gerrit@google.com> |
Merge "crypto: Read certificate chain"
|
| 50772e8622904b97ec2840383b4f7395e952344c |
|
25-Jan-2017 |
Paul Stewart <pstew@google.com> |
crypto: Read certificate chain
If the keychain holds additional certificates other than the end
certificate, read them into the certificate chain.
Bug: 34688653
Test: Enterprise regression tests
Change-Id: I86857ccf25b37b80f9da20f4d5cf3d81e6025d6f
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 293335998d38c497293b1c41f7ad8342b507d458 |
|
09-Jan-2017 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 05e5e615e6a26d7a9f5bd0569a0baeae1bcdee49
05e5e615e AP: Skip authentication/deauthentication phase for DMG/IEEE 802.11ad
0c4b9025c AP: Do not look for supported rates in DMG/IEEE 802.11ad
e72faadb4 bgscan_simple: Fix short_scan_count comparison
517b5f928 nl80211: Zero num_modes if nl80211_get_hw_feature_data() fails
39c5da328 nl80211: Use correct attribute for scan flags in vendor scan
c167662d7 eap_proxy: On SIM error flush PMKSAs only for SIM/AKA/AKA' networks
6657bb158 Fix OOM handling in neighbor report response handling
7187e2093 Allow LCI request with no subelements
d73420143 RRM: Enable beacon report with active/passive scan for all drivers
ec45927b8 Report received beacon report with BEACON-RESP-RX event
f3383366a Report beacon request TX status as control interface event
90d9d7c32 Beacon request through hostapd control interface
73a27a634 Add hostapd configuration parameter rrm_beacon_report
de6ec8b55 Enable Beacon Report using beacon table for all drivers
6774c6a9f Update copyright notices for the new year 2017
f56877414 Do not add own BSS in neighbor report with invalid op_class/channel
aeff0645d FILS: Fix FILS Realm Information ANQP-element construction
76196ddb2 wpa_supplicant: Add support for Beacon Report Radio Measurement
b3060bf99 common: Add helper function to convert RSSI to RCPI
1ac4dba31 wpa_supplicant: Extend verify_channel() and make it global
c9ff8e5f6 common: Add function to get an operating class by its number and country
e4f1d879c common: Add non-global to global operating classes conversion
96a5f14ee nl80211: Add support for additional scan parameters for beacon report
c16b9f8d3 driver: Add scan support to beacon report
3c716fdbd wpa_supplicant: Refactor wpas_rrm_build_lci_report()
e1b96e112 wpa_supplicant: Send rejection for unsupported radio measurements
0c73e410d wpa_supplicant: Limit RRM response size to MMPDU size
9664ab8b7 wpa_supplicant: Refactor Radio Measurement Request handling
332bf5d3f wpa_supplicant: Validate RRM request frame format
ec493469f wpa_supplicant: Move RRM implementation to a dedicated file
d1c74f8c9 Add RRM definitions for beacon report measurement
6a31440b8 Fix LCI request subelement processing
ce691a8d9 Add CONFIG_MESH into wpa_supplicant defconfig
67129ab9e wpa_cli: Add commands to use PMKSA_GET/ADD
bbad185c1 P2P: Fix compilation warning in p2p_add_device()
2977f5193 GAS: Remove unnecessarily duplicate gas_frag_limit configuration
1940559ea FT: Drop FT Action frames if ft_over_ds=0
d8de90487 Remove deprecated tx_queue_* params from hostapd.conf notes
78022c836 Fix memory leak on hostapd eap_user_file parsing error paths
02f999c6d hostapd: Remove unnecessary NULL check from parser functions
fd5f29e7e Fix memory leak in hostapd BSS_TM_REQ error path handling
95de34a10 Remove trailing whitespace
45997cce4 hostapd: Add TERMINATE as per-interface command
546680f81 hostapd: Do not update dtim_period with invalid value
356773058 RADIUS server: Increase maximum number of sessions
a5861afcb hostapd: Do not update invalid wep_key_len_unicast
f78402ace hostapd: Do not update rejected wep_key_len_broadcast
e0ba7efe5 hostapd: Do not update eapol_version with rejected value
9266d00bf hostapd: Reject invalid macaddr_acl value
8628555f9 hostapd: Check driver parameter before replacing previous value
1dfd25a68 Fix hostapd SIGHUP processing before interface is enabled
34e29dfd4 Remove unnecessary NULL check from hostapd_config_read_wpa_psk() call
65dfa8728 mka: Make MKA actor priority configurable
9bcfd5be8 Document new D-Bus WPS properties
77fcbf7ff D-Bus: Use a helper function to get possibly NULL strings
dbf524946 D-Bus: Add DeviceType in WPS property
266097fda D-Bus: Add device serial number in WPS property
3ee6a3ab3 D-Bus: Add model number in WPS property
ae66822cd D-Bus: Add WPS model name as property
318d4b5be D-Bus: Add WPS manufacturer as property
b20f031c6 D-Bus: Add WPS device name as property
4a45dc192 mesh: Show [MESH] flag in print_bss_info()
c04a67deb hostapd_cli: Add completion for get command
bf4167b9d hostapd_cli: Add completion for set command
86adff09e hostapd_cli: Completion for further commands with STA parameter
4f59ad069 hostapd_cli: Use common completion for commands that use stations
62b95eb67 hostapd_cli: Add missing command help descriptions
04f02faac Fix wpa_cipher_to_alg() return type
9187b13ad wpa_supplicant: Add BSS CURRENT control interface command
d7f12e4eb OpenSSL: Make sure local certificate auto chaining is enabled
4be02b71b OpenSSL: Remove SSL_{CTX_,}_clear_options ifdefs
7655bd738 P2P: Do not use wait_time for SD Response TX without fragmentation
1f0fdaf0e Fix race condition between AssocResp callback and 4addr event
a6f3761f7 eap_proxy: Add support for SIM state change indication from eap_proxy
79a54ab9f eap_proxy: Fix eap_proxy_init() prototype to use const eapol_cb
4e118c847 D-Bus: Add 'freq' option to P2P Find method to specify starting channel
e414f4f02 PeerKey: Fix STK 4-way handshake regression
28fb9bb19 PeerKey: Fix EAPOL-Key processing
dfc773172 Android: Add p2p_add_cli_chan=1 option
7508c2ad9 PAE: Make KaY specific details available via control interface
b54f43390 FILS: Make FILS Indication element information available in BSS output
8183aee6c FILS: Add support for building FILS Realm Information ANQP-element
9cad61867 FILS: Add Realm Information ANQP-element in BSS data
26bf70e3d FILS: Separate FILS realm configuration from ERP domain
42b847ac1 FILS: Fix hashed realm name derivation
29062f293 Update various definitions based on IEEE Std 802.11-2016
aaa9c60bc Fix preauth_test build by updating add_pmkid/remove_pmkid callbacks
0babae87a Fix wpa_supplicant build error with IEEE8021X_EAPOL unset
19810d29b Make Beacon IEs available in wpa_supplicant BSS command
274e76f22 mesh: Fix channel configuration in pri/sec switch case
cebda0e3e Make debug print clearer for AP/mesh mode secondary channel issues
3459381dd External persistent storage for PMKSA cache entries
c57931273 Add PMKSA-CACHE-ADDED/REMOVED events to wpa_supplicant
655dc4a43 Send "TERMINATING" event from hostapd
5149a0f04 P2P: Set p2p_persistent_group=1 at the time of reading disabled=2
065c029a5 Remove MBO dependency from Supported Operating Classes element
62cd9d792 nl80211: Specify the BSSID in the QCA vendor scan
444930e5b Define an attribute to do a specific BSSID QCA vendor scan
cea761472 Add QCA vendor command definitions for IDs 61-73
cb0cc6efa Define QCA Beacon miss threshold attributes for 2.4 and 5 GHz bands
c313c8a5d Fix QCA vendor command values for SAR power limits
a5c723adc Interworking: Clear SCANNING state if no network selected
a1836de64 SME: Fix IBSS setup after shared key/FT/FILS association
f49c852b5 P2P: Fix a theoretical out of bounds read in wpas_p2p_select_go_freq()
944d48588 P2P: Fix a theoretical out of bounds read in wpas_p2p_setup_freqs()
0a6c9dc70 P2P: Send P2P-DEVICE-FOUND event on peer changing device name
9a431d493 WFD: Clear wfd_subelems when P2P peer stops sending them
6e374bd44 Ignore scan results from ongoing scan when FLUSH command is issued
71ac93453 Make update_idx available in BSS control interface command
49aa88bb5 P2P: Clear PEER_WAITING_RESPONSE on GO Negotiation success
c79238b6a Define a QCA vendor command to configure SAR Power limits
0f5eb69f8 Use eloop timeout for post-EAP-Failure wait before disconnection
20b1a9e23 Allow hostapd wep_key# parameters to be cleared
5ec3d510e wpa_passphrase: Reject invalid passphrase
Test: Wifi Suite
Change-Id: Ida52ca4e43bbc326a89d4c9848529df2d545b692
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 9839ecd75c832023d4d13fd2917a8c28261ff668 |
|
07-Nov-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 4ec1fd8e42bad9390f14a58225b6e5f6fb691950
4ec1fd8 FT: Differentiate between FT for station and for AP in build
f0259c3 hostapd: Fix own wide bandwidth subelement generation (neighbor report)
0a63635 AP: Use valid status code in wpa_ft_send_rrb_auth_resp()
e4b48b7 Extend ieee80211_freq_to_channel_ext() to cover channels 52-64
c433c50 wpa_supplicant: Make CONFIG_MBO independent of CONFIG_AP
d044d2f wpa_supplicant: Get scan_result IE also from Beacon frames
451a27b hostapd: Add a configuration to set an AP as stationary
5cb5937 hostapd: Clear location configuration when it is reset
f5ec346 hostapd: Fix adding neighbor entry
99b82bf mka: Implement reference counting on data_key
23c3528 mka: Add support for removing SAs
6b6175b mka: Sync structs definitions with IEEE Std 802.1X-2010
6f551ab mka: Remove "channel" hacks from the stack and the macsec_qca driver
7d8f795 Fix typo in DigestAlgorithn
f5c15dc Fix typo in eap_example_server.c
59d7cff AP: Disable VHT in TKIP-only configuration
847ee1a wpa_supplicant: Use correct interface type when creating P2P interface
78a3b23 P2P: Clear old P2PS provision data
f69939e P2P: Clear listen state during PD-in-FIND
4cc0f90 P2P: Clear P2PS provision state on P2P flush
a818425 hostapd: Added signal level to STA tracking
a1047f5 Remove duplicate dl_list_init() for global_ctrl_dst
3765c97 hostapd_cli: Remove duplicate const in hostapd_cli_cmd()
8c88922 TDLS: Fix checks on prohibit bits
c2ad5b9 nl80211: Update channel information after channel switch notification
913c3e1 Add CONFIG_IBSS_RSN=y into wpa_supplicant defconfig
81a10a9 Do not try to start/join RSN IBSS without CONFIG_IBSS_RSN=y
ea06a08 HS 2.0 server: Remove redundant NULL check
5f99d96 Removed redundant NULL check for sta in hostapd_event_sta_low_ack()
230b2b2 Removed redundant NULL check for b in wpabuf_concat()
641c73f driver.h: Fix a typo in a comment
2e4e4fb nl80211: Allow TDLS trigger modes to be configured to the host driver
14cd203 QCA vendor command to configure the TDLS behavior in the host driver
a18563d Extend QCA vendor attribute link layer statistics attribute
95f3703 Add more QCA vendor attribute definitions into qca-vendor.h
87416ea QCA vendor attribute to report frame aggregation failure
befdb2d nl80211: Check driver FILS capability
40a4572 nl80211: FILS KEK and nonces for NL80211_CMD_ASSOCIATE
d8f9342 nl80211: Add support for setting FILS authentication algorithm
e76e950 Sync with mac80211-next.git include/uapi/linux/nl80211.h
2a0b86d Note set_key(WPA_ALG_NONE) failure in debug log
061dac1 FILS: Claim FILS capability only if driver supports it
ff338fa FILS: Setup EAPOL state machines properly after FILS association (AP)
da24c5a FILS: Set TK after association (AP)
07e0117 FILS: Mark connection fully authorized after FILS Association (AP)
706df42 FILS: Association Response processing (STA)
e73ffa0 FILS: Add Association Response frame elements and encrypt them (AP)
78815f3 FILS: Decrypt Association Request elements and check Key-Auth (AP)
86cd692 FILS: Add elements to FILS Association Request frame
ac56c39 driver: Add option to pass FILS KEK/AAD to the driver for association
783c292 P2P: Check if the pref_freq reported by the driver supports P2P
a660993 FILS: Authentication frame processing (STA)
c4fd6d8 FILS: Process FILS Authentication frame (AP)
ffb62f2 FILS: Add a helper function for status code conversion
c1bd4ba FILS: Extend wpa_auth_pmksa_get() to support PMKID matching
c30bd28 FILS: Export IEEE 802.1X helper functions
a6228b8 ERP: Update client identity based on EAP-Initiate/Re-auth
f00b9b8 FILS: Try to use FILS authentication if PMKSA or ERP entry is available
2c2c557 SME: Clear possibly used WPA/RSN IE for new connection
0866ed0 WPA: Add debug print for not-update-own-IEs case
14de9e3 FILS: Include wpa_insert_pmkid() in non-FT builds
de57d87 ERP: Make eap_peer_finish() callable
c28767e ERP: Make eap_peer_erp_reauth_start() available
5b092fb nl80211: Make full (Re)Association Response frame available
2aa1e48 FILS: Do not clear PTK on FILS Auth/Assoc (AP)
a852ab4 FILS: Key-Auth derivation function for FILS SK
c089bc5 FILS: PMK-to-PTK key derivation for FILS authentication
ce16c48 Rename sae_data to more generic auth_data
6eb1a56 Add QCA vendor command/attr for low level DMG(11ad) RF sector control
a2675b3 wpa_cli: Mark number of char *cmd constant
e097556 hostapd_cli: Mark number of char *cmd constant
c43cf33 wpa_cli: Add completion for ssid config commands
624259d wpa_cli: Add completion for sta, deauthenticate and disassociate
4c43f44 cli: Add list_sta command
85bab32 hostapd_cli: Process events received following control iface commands
e054a43 hostapd_cli: Refactor control iface reconnects with common helper
aa2ab91 hostapd_cli: Refresh stations list on control interface reconnect
839e4a8 hostapd_cli: Add completion for sta command
bc4b680 hostapd_cli: Enable command completion and history for Android
cf296a2 hostapd_cli: Add support for cli history file
c650f92 hostapd: Add CONFIG_WPA_CLI_EDIT to defconfig
5d30f92 wpa_supplicant: Restore permanent MAC address on reassociation
e3e2fe3 Always propagate scan results to all interfaces
33111c9 Check for NULL qsort() base pointers
4b5b8a5 WPS: Force BSSID for WPS provisioning step connection
bf07e05 ERP: Do not pass full EAP header to eap_peer_erp_reauth_start()
2449791 FILS: Update EAPOL-Key Descriptor Version RX rules (AP)
16eb485 FILS: Handle Group Key msg 1/2 without MIC when using AEAD cipher (STA)
75c8563 FILS: Perform AEAD processing after PTK has been confirmed
0ab1dd0 FILS: Use AEAD cipher to check received EAPOL-Key frames (STA)
b729fd8 FILS: Use AEAD cipher to protect EAPOL-Key frames (AP)
3b5b7aa FILS: Use AEAD cipher to check received EAPOL-Key frames (AP)
2022f1d FILS: Use AEAD cipher to protect EAPOL-Key frames (STA)
1049af7 RSN: Pass full PTK to wpa_eapol_key_send() instead of KCK only
b986648 FILS: Update EAPOL-Key RX rules for FILS (AP)
352caf0 FILS: Update EAPOL-Key descriptor version rules for RX (STA)
36a50fd FILS: Set EAPOL-Key Key Descriptor Version to 0 with FILS AKMs (AP)
4a26ccd FILS: Set EAPOL-Key Key Info MIC=0 when using AEAD cipher (supplicant)
f5ff8ae FILS: Do not add Key MIC field in supplicant when using AEAD cipher
dc5bad4 RSN authenticator: Add more debug print details on EAPOL-Key RX
555ff85 wlantest: Recognize EAPOL-Key frames without MIC bit for FILS
6d014ff Make struct wpa_eapol_key easier to use with variable length MIC
94f66e8 FILS: Advertise ERP domain in FILS Indication element
c30ed45 FILS: Allow hostapd to select FILS AKM for connection
b8ae56e FILS: Allow wpa_supplicant to select FILS AKM for connection
7147a83 FILS: Add FILS flags into wpa_supplicant BSS command output
379e2b4 FILS: Add 'GET_CAPABILITY fils' for runtime check
e4d2ce1 FILS: Set FILS Capability bit in management frames from station
f55acd9 FILS: Set FILS Capability bit in management frames from AP
198a942 FILS: Add FILS Indication element to Beacon and Probe Response frames
9b7a2b8 FILS: Add wpa_supplicant configuration options
903ecbe FILS: Add hostapd configuration options
274d8b7 FILS: Add definitions for new frames and values
94318a0 FILS: Add AKM definitions
1d29163 FILS: Add new information elements
325a85b Extend AES-SIV implementation to support different key lengths
e2991ee Move CRC-32 routine from wlantest to src/utils
150948e test: FT: EAP test for mismatching keys
d0175d6 test: FT with locally generated PMK-R0/PMK-R1 from PSK
9659056 FT: Allow PMK-R0 and PMK-R1 for FT-PSK to be generated locally
a25e4ef mka: Add driver op to get macsec capabilities
53b2555 EAP-pwd: Validate Prep field in EAP-pwd-ID/Response
2875e32 EAP-pwd: Fix Prep in EAP-pwd-ID/Response when EAP_PWD_PREP_MS is used
5f5ca28 mka: Pass full structures down to macsec drivers' receive SC ops
8ebfc7c mka: Pass full structures down to macsec drivers' transmit SC ops
b70d508 LibreSSL: Fix compatibility for EAP-FAST
df42673 LibreSSL: Fix TLS initialization/deinitialization
0d42179 LibreSSL: Fix dh5 code
32d08d5 Add QCA vendor attributes for measurement frequency for FTM/AOA
cecdecd mka: Pass full structures down to macsec drivers' receive SA ops
909c1b9 mka: Pass full structures down to macsec drivers' transmit SA ops
7fa5eff mka: Pass full structures down to macsec drivers' packet number ops
f75f6e2 mka: Move structs {transmit,receive}_{sa,sc} to a common header
9d3f4a7 autoscan: Add more debug prints for cases where autoscan is not used
98529f3 The master branch is now used for v2.7 development
2462f34 Change version number to v2.6 for the release
5ac8f86 Fix PNO restart flow
14f34a7 Continue scanning if sched_scan stops unexpectedly
1ac3886 Remove disconnected APs from BSS table if likely out-of-range
ebf59eb Restart PNO/sched_scan on channel list update
746e5c2 Fix spelling mistakes in number of comments
8b66888 Add explicit enum values for QCA vendor config attributes
8f47917 MBO: Add support to send ANQP request to get cellular preference
Test: Wifi Test Suite: b/32709661
Change-Id: I249f5fec85ad69ce3879247b07f0db84136ab996
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| fe31a9a8fff325bfddbf06fc3e9edaf480824bee |
|
09-Nov-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Revert "Cumulative patch from commit 4ec1fd8e42bad9390f14a58225b6e5f6fb691950"
This reverts commit 78a5dac804c22aa6e4ec8226a864d3b0d6ccddbb.
Test: None
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 78a5dac804c22aa6e4ec8226a864d3b0d6ccddbb |
|
07-Nov-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 4ec1fd8e42bad9390f14a58225b6e5f6fb691950
4ec1fd8 FT: Differentiate between FT for station and for AP in build
f0259c3 hostapd: Fix own wide bandwidth subelement generation (neighbor report)
0a63635 AP: Use valid status code in wpa_ft_send_rrb_auth_resp()
e4b48b7 Extend ieee80211_freq_to_channel_ext() to cover channels 52-64
c433c50 wpa_supplicant: Make CONFIG_MBO independent of CONFIG_AP
d044d2f wpa_supplicant: Get scan_result IE also from Beacon frames
451a27b hostapd: Add a configuration to set an AP as stationary
5cb5937 hostapd: Clear location configuration when it is reset
f5ec346 hostapd: Fix adding neighbor entry
99b82bf mka: Implement reference counting on data_key
23c3528 mka: Add support for removing SAs
6b6175b mka: Sync structs definitions with IEEE Std 802.1X-2010
6f551ab mka: Remove "channel" hacks from the stack and the macsec_qca driver
7d8f795 Fix typo in DigestAlgorithn
f5c15dc Fix typo in eap_example_server.c
59d7cff AP: Disable VHT in TKIP-only configuration
847ee1a wpa_supplicant: Use correct interface type when creating P2P interface
78a3b23 P2P: Clear old P2PS provision data
f69939e P2P: Clear listen state during PD-in-FIND
4cc0f90 P2P: Clear P2PS provision state on P2P flush
a818425 hostapd: Added signal level to STA tracking
a1047f5 Remove duplicate dl_list_init() for global_ctrl_dst
3765c97 hostapd_cli: Remove duplicate const in hostapd_cli_cmd()
8c88922 TDLS: Fix checks on prohibit bits
c2ad5b9 nl80211: Update channel information after channel switch notification
913c3e1 Add CONFIG_IBSS_RSN=y into wpa_supplicant defconfig
81a10a9 Do not try to start/join RSN IBSS without CONFIG_IBSS_RSN=y
ea06a08 HS 2.0 server: Remove redundant NULL check
5f99d96 Removed redundant NULL check for sta in hostapd_event_sta_low_ack()
230b2b2 Removed redundant NULL check for b in wpabuf_concat()
641c73f driver.h: Fix a typo in a comment
2e4e4fb nl80211: Allow TDLS trigger modes to be configured to the host driver
14cd203 QCA vendor command to configure the TDLS behavior in the host driver
a18563d Extend QCA vendor attribute link layer statistics attribute
95f3703 Add more QCA vendor attribute definitions into qca-vendor.h
87416ea QCA vendor attribute to report frame aggregation failure
befdb2d nl80211: Check driver FILS capability
40a4572 nl80211: FILS KEK and nonces for NL80211_CMD_ASSOCIATE
d8f9342 nl80211: Add support for setting FILS authentication algorithm
e76e950 Sync with mac80211-next.git include/uapi/linux/nl80211.h
2a0b86d Note set_key(WPA_ALG_NONE) failure in debug log
061dac1 FILS: Claim FILS capability only if driver supports it
ff338fa FILS: Setup EAPOL state machines properly after FILS association (AP)
da24c5a FILS: Set TK after association (AP)
07e0117 FILS: Mark connection fully authorized after FILS Association (AP)
706df42 FILS: Association Response processing (STA)
e73ffa0 FILS: Add Association Response frame elements and encrypt them (AP)
78815f3 FILS: Decrypt Association Request elements and check Key-Auth (AP)
86cd692 FILS: Add elements to FILS Association Request frame
ac56c39 driver: Add option to pass FILS KEK/AAD to the driver for association
783c292 P2P: Check if the pref_freq reported by the driver supports P2P
a660993 FILS: Authentication frame processing (STA)
c4fd6d8 FILS: Process FILS Authentication frame (AP)
ffb62f2 FILS: Add a helper function for status code conversion
c1bd4ba FILS: Extend wpa_auth_pmksa_get() to support PMKID matching
c30bd28 FILS: Export IEEE 802.1X helper functions
a6228b8 ERP: Update client identity based on EAP-Initiate/Re-auth
f00b9b8 FILS: Try to use FILS authentication if PMKSA or ERP entry is available
2c2c557 SME: Clear possibly used WPA/RSN IE for new connection
0866ed0 WPA: Add debug print for not-update-own-IEs case
14de9e3 FILS: Include wpa_insert_pmkid() in non-FT builds
de57d87 ERP: Make eap_peer_finish() callable
c28767e ERP: Make eap_peer_erp_reauth_start() available
5b092fb nl80211: Make full (Re)Association Response frame available
2aa1e48 FILS: Do not clear PTK on FILS Auth/Assoc (AP)
a852ab4 FILS: Key-Auth derivation function for FILS SK
c089bc5 FILS: PMK-to-PTK key derivation for FILS authentication
ce16c48 Rename sae_data to more generic auth_data
6eb1a56 Add QCA vendor command/attr for low level DMG(11ad) RF sector control
a2675b3 wpa_cli: Mark number of char *cmd constant
e097556 hostapd_cli: Mark number of char *cmd constant
c43cf33 wpa_cli: Add completion for ssid config commands
624259d wpa_cli: Add completion for sta, deauthenticate and disassociate
4c43f44 cli: Add list_sta command
85bab32 hostapd_cli: Process events received following control iface commands
e054a43 hostapd_cli: Refactor control iface reconnects with common helper
aa2ab91 hostapd_cli: Refresh stations list on control interface reconnect
839e4a8 hostapd_cli: Add completion for sta command
bc4b680 hostapd_cli: Enable command completion and history for Android
cf296a2 hostapd_cli: Add support for cli history file
c650f92 hostapd: Add CONFIG_WPA_CLI_EDIT to defconfig
5d30f92 wpa_supplicant: Restore permanent MAC address on reassociation
e3e2fe3 Always propagate scan results to all interfaces
33111c9 Check for NULL qsort() base pointers
4b5b8a5 WPS: Force BSSID for WPS provisioning step connection
bf07e05 ERP: Do not pass full EAP header to eap_peer_erp_reauth_start()
2449791 FILS: Update EAPOL-Key Descriptor Version RX rules (AP)
16eb485 FILS: Handle Group Key msg 1/2 without MIC when using AEAD cipher (STA)
75c8563 FILS: Perform AEAD processing after PTK has been confirmed
0ab1dd0 FILS: Use AEAD cipher to check received EAPOL-Key frames (STA)
b729fd8 FILS: Use AEAD cipher to protect EAPOL-Key frames (AP)
3b5b7aa FILS: Use AEAD cipher to check received EAPOL-Key frames (AP)
2022f1d FILS: Use AEAD cipher to protect EAPOL-Key frames (STA)
1049af7 RSN: Pass full PTK to wpa_eapol_key_send() instead of KCK only
b986648 FILS: Update EAPOL-Key RX rules for FILS (AP)
352caf0 FILS: Update EAPOL-Key descriptor version rules for RX (STA)
36a50fd FILS: Set EAPOL-Key Key Descriptor Version to 0 with FILS AKMs (AP)
4a26ccd FILS: Set EAPOL-Key Key Info MIC=0 when using AEAD cipher (supplicant)
f5ff8ae FILS: Do not add Key MIC field in supplicant when using AEAD cipher
dc5bad4 RSN authenticator: Add more debug print details on EAPOL-Key RX
555ff85 wlantest: Recognize EAPOL-Key frames without MIC bit for FILS
6d014ff Make struct wpa_eapol_key easier to use with variable length MIC
94f66e8 FILS: Advertise ERP domain in FILS Indication element
c30ed45 FILS: Allow hostapd to select FILS AKM for connection
b8ae56e FILS: Allow wpa_supplicant to select FILS AKM for connection
7147a83 FILS: Add FILS flags into wpa_supplicant BSS command output
379e2b4 FILS: Add 'GET_CAPABILITY fils' for runtime check
e4d2ce1 FILS: Set FILS Capability bit in management frames from station
f55acd9 FILS: Set FILS Capability bit in management frames from AP
198a942 FILS: Add FILS Indication element to Beacon and Probe Response frames
9b7a2b8 FILS: Add wpa_supplicant configuration options
903ecbe FILS: Add hostapd configuration options
274d8b7 FILS: Add definitions for new frames and values
94318a0 FILS: Add AKM definitions
1d29163 FILS: Add new information elements
325a85b Extend AES-SIV implementation to support different key lengths
e2991ee Move CRC-32 routine from wlantest to src/utils
150948e test: FT: EAP test for mismatching keys
d0175d6 test: FT with locally generated PMK-R0/PMK-R1 from PSK
9659056 FT: Allow PMK-R0 and PMK-R1 for FT-PSK to be generated locally
a25e4ef mka: Add driver op to get macsec capabilities
53b2555 EAP-pwd: Validate Prep field in EAP-pwd-ID/Response
2875e32 EAP-pwd: Fix Prep in EAP-pwd-ID/Response when EAP_PWD_PREP_MS is used
5f5ca28 mka: Pass full structures down to macsec drivers' receive SC ops
8ebfc7c mka: Pass full structures down to macsec drivers' transmit SC ops
b70d508 LibreSSL: Fix compatibility for EAP-FAST
df42673 LibreSSL: Fix TLS initialization/deinitialization
0d42179 LibreSSL: Fix dh5 code
32d08d5 Add QCA vendor attributes for measurement frequency for FTM/AOA
cecdecd mka: Pass full structures down to macsec drivers' receive SA ops
909c1b9 mka: Pass full structures down to macsec drivers' transmit SA ops
7fa5eff mka: Pass full structures down to macsec drivers' packet number ops
f75f6e2 mka: Move structs {transmit,receive}_{sa,sc} to a common header
9d3f4a7 autoscan: Add more debug prints for cases where autoscan is not used
98529f3 The master branch is now used for v2.7 development
2462f34 Change version number to v2.6 for the release
5ac8f86 Fix PNO restart flow
14f34a7 Continue scanning if sched_scan stops unexpectedly
1ac3886 Remove disconnected APs from BSS table if likely out-of-range
ebf59eb Restart PNO/sched_scan on channel list update
746e5c2 Fix spelling mistakes in number of comments
8b66888 Add explicit enum values for QCA vendor config attributes
8f47917 MBO: Add support to send ANQP request to get cellular preference
Test: Wifi Test Suite: b/32709661
Change-Id: If11d88f812812543dab6839879e815892a39f963
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| d5ab1b53af720d05586ccc0addabe93459f1f388 |
|
21-Jun-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 3b208346ec56342fda736e62601df485ed002493
3b20834 ctrl_iface: BSS command to skip info items if parsing fails
a9c52e8 HS 2.0R2: No longer use HTTP_RAW_POST_DATA
04c18fa curl: Don't free memory for subjectAltName before calling callback
5a8e48f mesh: Use MESH_CAP_* macros for mesh capability
d70a8ab mesh: Ignore crowded peer
a151b0e mesh: Select pairwise and group cipher based on network profile
3b6deac mesh: Avoid use of hardcoded cipher
f868d56 mesh: Clean up AMPE element encoding and parsing
4367eec mesh: Do not use RX MGTK as RX IGTK
a4eec3c mesh: Use variable length MGTK for RX
fccba2c mesh: Generate a separate TX IGTK if PMF is enabled
696f792 mesh: Support variable length TX MGTK
b02f4d0 mesh: Add variable length MTK support
846201d mesh: Coding style cleanup for MTK derivation
0f76d82 mesh: Fix MTK derivation to use AKM suite selector
f5ba692 mesh: Coding style cleanup for AEK derivation
a59c5e9 mesh: Fix AEK derivation to use AKM suite selector
18aca1a mesh: Use ieee80211w profile parameter
b8b499e mesh: Use WPA_NONCE_LEN macro
bb4e19e hostapd: Skip hostapd ACL check for drivers supporting ACL offload
00ec535 WPS: Fix memory leak with wps_ie in wpa_bss_is_wps_candidate()
d1296da Reserve QCA vendor specific nl80211 command 121
fae7b37 WPS: Do not expire probable BSSes for WPS connection
52a6c9c Add a QCA vendor command to configure AP parameters
31d3692 hostapd: Add comment about '-i' parameter in hostapd.conf
40f6282 hostapd: Accept interface names as a command line parameter
cc27c8e hostapd: Fix early init failure path
976dfb3 FST: Make fst_global_deinit() more robust
7a69fad mesh: Sync max peer links with kernel
f7cb6e9 Update PKCS#11 references in template wpa_supplicant.conf
c3d7fb7 OpenSSL: Initialise PKCS#11 engine even if found with ENGINE_by_id()
fdc1188 nl80211: Fix use-after-free in qca_nl80211_get_features()
8359472 hostapd Make GAS Address3 field selection behavior configurable
6996ff7 hostapd: Fix Public Action frame TX status processing for wildcard BSSID
78a3632 hostapd: Fix Public Action frame addressing (BSSID field)
c86bef2 wpa_supplicant: Make GAS Address3 field selection behavior configurable
a5a187b nl80211: Add TEST_FAIL() to command generation and set_mode
ee854ff mesh: Remove extra newline from the end of an error message
331f077 mesh: Allow 160 MHz channel to be configured
92a515b nl80211: Update drv->assoc_freq on mesh join
d2cc8bb mesh: Remove unreachable code
cc9a257 nl80211: Use extended capabilities per interface type
c6edea0 Sync with mac80211-next.git include/uapi/linux/nl80211.h
9a5160f Report connection timeouts in CTRL-EVENT-ASSOC-REJECT
dad0129 mesh: Support simple SAE group negotiation case
b4c738e mesh: Fix error path handling for RSN (MGTK init)
f4b4ddf D-Bus: Remove unused wpas_dbus_signal_p2p_group_started() parameter
4fe50bb D-Bus: Indicate whether created group is persistent or not
62fc8e6 mesh: Fix MESH_INTERFACE_ADD error path cleanup
9c10be3 mesh: Fix error path handling in init OOM cases
7012e25 Remove dead code from wpas_sched_scan_plans_set()
8e909fa Improve reattach scan OOM failure handling
f37d8a4 Indicate scan failure event on parameter cloning failure
9356823 wpaspy: Fix potentially referencing non existing attribute
Change-Id: I656be560523c206195a5bf8649e73d8aa70bd8f9
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 849734c8d1847920ed7042463f7480b1e0c1dfea |
|
27-May-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 8960afa4bfa423774a8ca58cc21a4a7c1ab6089e
8960afa wpa_cli: Run action file in case of an AP event
1cece2f OpenSSL: Comment out tls_connection_get_eap_fast_key without EAP-FAST
7358170 TLS: Split tls_connection_prf() into two functions
f150db6 OpenSSL: Remove two more accesses of ssl_ctx->cert_store
6dc3206 scan: Fix a memory leak on an error path
9ce3e61 nl80211: Add TEST_FAIL() to nl80211_set_mac_addr()
8880240 scan: Clean up code a bit - phase1 is used in all WPS cases
e1ae287 scan: Clean up code a bit - ssid cannot be NULL here
a170394 Update ChangeLog files for v2.6
a26c9c2 Fix sending non-Public Action frames over P2P Device interface
4d916ed nl80211: Register for only for specific Action frames in AP mode
31d7fb1 P2PS: Allow P2P_CONNECT command for P2PS connection with/without PIN
467fc14 P2PS: Correct config_methods for different P2P cases
9d136b0 EAP-SAKE: Do not debug print result if eap_sake_compute_mic() fails
0884633 EAP-PAX: Do not debug print result if eap_pax_mac() fails
92abe37 EAP-FAST: Check sha1_t_prf() result in eap_fast_get_cmk()
636a238 WPS: Check sha256_vector() result in wps_build_oob_dev_pw()
2c3d95c Check md5_vector() result in decrypt_ms_key()
38eee0f Check hmac_md5() result in radius_msg_verify_msg_auth()
05dad94 Check md5_vector() result in radius_msg_verify()
aae125e WPS: Fix debug prints in wps_derive_psk() error case
7d1007a Fix external radio work debug printing on removal
b6317b4 wpa_supplicant: Add wps_disabled parameter to network block
23d71a0 Set wpa_psk_set in wpa_supplicant AP mode is PSK is available
6641954 Fix AP mode key_mgmt configuration in wpa_supplicant default case
ad6cee3 P2P: Do not enable P2P group processing for non-P2P AP mode
a185e9b tests/remote: Add hwsim wrapper
ff9bb8a tests/remote: Add test_example.py
a73fa13 tests/remote: Add utils file
ede4719 tests/remote: Add monitor.py
3b11ad3 Send CTRL-EVENT-REGDOM-CHANGE event on the parent interface
4de70e2 Add MGMT_RX_PROCESS test command for wpa_supplicant
f42c3ce mesh: Calculate MTK before sending it to MAC in case Open is dropped
baa1213 mesh: Add missing action to cancel timer
e8a1b6b D-Bus: Check driver capability for IBSS in Modes property of Capabilities
7a1887f wpa_cli: Add backspace key process for some terminal
3dd0e9e wpa_supplicant: Fix CONFIG_AP build without CTRL_IFACE
d58b60d drivers: Add NEED_RADIOTAP
6a9681e OpenSSL: Make dh5_init() match the generic implementation
46bac65 WPS: Fix segmentation fault in new DH key derivation
e447133 OpenSSL: BoringSSL has SSL_get_client_random(), etc.
03626e9 Skip connection attempt for non-RSN networks if PMF is set to required
2295004 Ignore pmf=1/2 parameter for non-RSN networks
2a3f565 Reject SET commands with newline characters in the string values
b166cd8 Reject SET_CRED commands with newline characters in the string values
0fe5a23 Remove newlines from wpa_supplicant config network output
73e4abb Reject psk parameter set with invalid passphrase character
ecbb0b3 WPS: Reject a Credential with invalid passphrase
f4830be nl80211: Try running without mgmt frame subscription (driver AP SME)
df5bde8 Android: Remove EAP-FAST option
60d9f67 WPS: Explicitly clear wpabuf memory with key information
9b377be P2P: Copy config from p2pdev when not using dedicated group interface
3c88d26 P2P: Fix wpas_p2p_nfc_auth_join()
2f19563 WNM: Fetch scan results before checking transition candidates
4ac3398 Use a shared helper function for parsing hostapd.conf IEs
a911227 Add assocresp_elements parameter for hostapd
49fe2ad OpenSSL: Support OpenSSL 1.1.0 DH opacity
b92d2a5 FT: Fix RRB for FT over-the-air case
9e5a5de systemd: Update service files according to D-Bus interface version
ac7aea8 Assign QCA vendor command/attributes for set/get wifi configuration
57b3888 P2P: Add P2P_GROUP_MEMBER command to fetch client interface address
0ee8925 P2P: Trigger event when invitation is accepted
bd86ea0 nl80211: Get rid of unused assignment warning
18ae3a6 bsd: Set level correctly for non FreeBSD systems
cf667c6 RRM: Modify the processing of a received neighbor report
00ed0aa SME: Add support for global RRM flag
b5d172e nl80211: Add support for global RRM flag
a7f0bb7 driver: Add global RRM support flag
864b952 nl80211: Register to receive Radio Measurement Request frames
4a74201 wpa_supplicant: Handle LCI request
220754c hostapd: Add FTM range request
f4f185a hostapd: Add LCI request
629e180 hostapd: Save RM enabled capability of station
2572df3 hostapd: Handle Neighbor Report Request frame
061269b hostapd: Add own neighbor report data to neighbor database
9b4b226 hostapd: Add a database of neighboring APs
0101821 hostapd: Extend the configuration of RRM capabilities
6a4f0ed Fix spelling of "neighbor" in a function name
d41a535 wpa_supplicant: Add LCI and civic request to Neighbor Report Request
624b8a0 utils: Add ssid_parse() function
e4fbc8d Add measurement and neighbor report definitions
9d955f7 utils: Rename hostapd_parse_bin to wpabuf_parse_bin and move it
74e982d hostapd: Set LCI and Location Civic information in configuration
1854eec Add POLL_STA command to check connectivity in AP mode
3dbfb28 Allow AP to disconnect STA without sending Deauth/Disassoc frame
de92314 Add inactive_msec into STA output
61c1011 Extend VENDOR_ELEM parameters to cover non-P2P Probe Request frame
6922d44 nl80211: Implement configure_data_frame_filters() callback
ece4ac5 HS 2.0: Add support for configuring frame filters
e42adb9 driver: Add a packet filtering function declaration
ae33239 AP: Pass station P2P PS capabilities info during station add/set
7405bb0 Sync with mac80211-next.git include/uapi/linux/nl80211.h
90f1496 wpa_supplicant: "don't care" value for pbss in ssid structure
e52a698 RADIUS: Fix a possible memory leak on an error path
f1863f2 RADIUS: Fix possible memory leak when parsing per-STA passphrase
3433721 P2P: Continue p2p_find after sending non-success Invitation Response
0f34665 Mark wpa_supplicant_{start,stop}_sched_scan() static
Also reverting:
c7f648c wpa_supplicant_8: Add a temporary hack to work around BoringSSL incompatibility
1e1c48d2 Update AP IE regardless WPA_DRIVER_FLAGS_BSS_SELECTION flag
Change-Id: Idb9bfa80e9d9a4d10323dab5ce2bb24f4baf550c
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 57c2d39d85825f38c5fdac9b73bb0088406ffc85 |
|
23-Feb-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 077dcfb8c48d2509a6e116c0de3ad57d2fbfe4fe
077dcfb AP: Debug print management frame TX result
ca911d6 MBO: Parse non-preferred channel list on the AP
3f48274 WNM: Fix a memory leak on AP error path
f5ca176 VLAN: Fix vlan_compare() for tagged VLANs
1260564 hostapd_cli: Add support for RAW command
940491c MBO: Mandate use of PMF for WPA2+MBO association (STA)
4c57228 MBO: Mandate use of PMF for WPA2+MBO association (AP)
8dd49f0 MBO: Update STA cellular data capability based on WNM Notification
6332aaf MBO: Track STA cellular data capability from association request
f3cb7a6 WNM: Minimal processing for WNM Notification Request frames on AP
e578343 MBO: Indicate WNM-Notification support on AP when MBO is enabled
990b7b6 Simplify hostapd_build_ap_extra_ies() with helper functions
d010048 MBO: Expire non-matching bss_tmp_disallowed entries as part of check
f4c74e1 MBO: Parse MBO IE in ieee802_11_parse_elems()
016082e MBO: Send WNM-Notification when cellular capabilities change
c0e2a17 hostapd: Add MBO IE to BSS Transition Management Request frame
fb9a1c3 hostapd: Add MBO IE to Beacon, Probe Response, Association Response
c484b19 Move Hotspot 2.0 element in (Re)Association Request frames
a0c38e5 Re-order elements in (Re)Association Request frames
9a493fa WNM: Add candidate list to BSS transition query
84d1c0f WNM: Add candidate list to BSS transition response
cf11ab7 utils: Derive phy type by frequency and bandwidth
c8082d2 MBO: Add MBO IE to BSS Transition Management Response frame
dd59990 MBO: Parse MBO IE in BSS Transition Management Request frames
5e57ba2 MBO: Add Supported Operating Classes element to Association Request
7d46f58 MBO: Add global operating class definitions
cb06cf3 MBO: Prevent association to APs that explicitly disallow this
c5d193d MBO: Add cellular capability to MBO IE
2d5b861 MBO: Send MBO WNM-Notification Request frames to notify changes
92c6e2e MBO: Implement MBO non-preferred channel report in Association Request
facf2c7 MBO: Add non-preferred channel configuration in wpa_supplicant
425dd78 MBO: Add Multi Band Operation definitions
a159958 ndis: Use the new get_ie() helper to avoid duplicated code
231b04b utils: Share a single helper function to get IE by ID
ea69d97 wpa_supplicant: Share a single get_mode() implementation
75cc211 VLAN: Check vlan_desc validity in a failure debug print
43022ab Use 64-bit TX/RX byte counters for statistics
3f81ac0 AP: Set STA assoc flag in the driver before sending Assoc Resp frame
bb598c3 AP: Add support for full station state
dc55b6b nl80211: Add support for full station state operations
5558b99 EAP-FAST peer: Remove fixed return value from eap_fast_parse_phase1()
4b16c15 EAP-pwd server: Use os_get_random() for unpredictable token
239952b DFS: Remove the os_random() fallback
98a516e WPS: Use only os_get_random() for PIN generation
f441e5a Use os_get_random() for Shared Key authentication challenge
8c676b5 Add RADIUS Service-Type attribute with a value of Framed
09d96de mesh: Drop Authentication frames from BLOCKED STA
70c9396 SAE: Fix PMKID calculation for PMKSA cache
1492fbb Print Acct-Session-Id and Acct-Multi-Session-Id 64-bit values
e21ceca kqueue: Use 0 instead of NULL for udata
640b0b9 ctype functions require an unsigned char
a5a3efc Fix compile on NetBSD for vlan
a084c24 wired: Fix compile on NetBSD for wired driver
634e2e2 Add CONFIG_ELOOP_KQUEUE to defconfig
99a94f5 nl80211: Avoid wpa_printf %s call with NULL pointer in set_param()
ba91e92 wpa_supplicant: Parse ifname argument from DATA_TEST_CONFIG
8be640b VLAN: Add per-STA vif option
d0bdc96 VLAN: Actually add tagged VLANs to AP_VLAN
f9c0018 VLAN: Factor out per-vid code in newlink/dellink
8e44c19 radius: Add tagged VLAN parsing
1889af2 VLAN: Separate station grouping and uplink configuration
3a583e0 OpenSSL: Fix PKCS#12 parsing of extra certificates with OpenSSL 1.0.1
ddd0032 wpa_cli: Clean up logical operation
24c382a TDLS: Clean up os_memcmp use
6136d43 trace: Free symbols on program exit
8bcf8de OpenSSL: Fix memory leak in PKCS12 additional certificate parsing
03e3ddf OpenSSL: Fix memory leak in HMAC_CTX compatibility wrapper function
d9a0f69 OpenSSL: Fix memory leak in OCSP parsing
29bc76e OpenSSL: Do not use library init/deinit functions with 1.1.0
0f09637 OpenSSL: Fix memory leak in subjectAltName parsing
e60913b curl: Fix memory leak in subjectAltName parsing
6014890 OpenSSL: Fix memory leak with EVP_CIPHER_CTX_new()
99a1735 rfkill: Fix a memory leak
1f1e599 OpenSSL: Fix memory leak on error path
b907491 wpa_supplicant: Basic support for PBSS/PCP
86b5c40 nl80211: Basic support for PBSS/PCP
afa453a Sync with mac80211-next.git include/uapi/linux/nl80211.h
d1d8a2b EAP peer: Simplify buildNotify return
1314bc1 Clean up EAP peer PCSC identity functions
Change-Id: I9db475a2a4ebc88d2ee024319ed59a850636bb16
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| b97e428f8acf1ecb93f38f8d0063d2f2fd0bc36e |
|
08-Feb-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit c06c9099f0d0827feae5622097bd8ac946eca5ea
c06c909 Use stronger PRNG for MS-MPPE-Send/Recv-Key salt
9e1f1bd eloop: Clean up coding style for eloop debug prints
f9982b3 Implement kqueue(2) support via CONFIG_ELOOP_KQUEUE
2e69bdd eloop: Add eloop_sock_requeue()
70f4f05 wpa_ctrl: Retry select() on EINTR
df9e2c2 D-Bus: Don't do <deny send_interface="..." /> in dbus service file
9684c75 mesh: Fix peer link counting when a mesh peer reconnects
83fe38b P2P: Fall back to no VHT when starting AP/P2P GO
360a9d5 P2P: Reduce off channel wait time for some P2P Action frames
1fc63fe RADIUS: Share a single function for generating session IDs
2cbc6ff RADIUS: Redesign Request Authenticator generation
b71a64a Send an Acct-Multi-Session-Id attribute in Access-Request packets
4260e1a Add Acct-Session-Id to Accounting-On/Off
d72a005 RADIUS: Use more likely unique accounting Acct-{,Multi-}Session-Id
d689317 EAPOL auth: Move radius_cui/identity freeing to eapol_auth_free()
0ae86f9 wpa_supplicant: Fix couple of C++ compiler errors with header files
9b6177a Add Event-Timestamp to all Accounting-Request packets
d179089 GAS: Calculate response buffer length of ANQP elements
dda091c OpenSSL: Fix server side PKCS#12 processing with extra certificates
443c8e1 OpenSSL: Fix possible null pointer dereference on an OCSP error path
a3cc64f Remove -w support from wpa_supplicant README
e265838 EAP-FAST: Fix an error path in PAC binary format parsing
f91e11f D-Bus: Fix p2p interface capability message
479f46c Do not send Acct-Authentic in Accounting-On/Off
696544e RADIUS: Do not include Acct-Terminate-Cause in Accounting-On/Off
236053e Make fallback from HT40 to HT20 work
cb22e3b BSD: Zero ifindex on interface removal
a8ef133 Android: Support multiple CA certs when connecting to EAP network
80ce804 WNM: Workaround for broken AP operating class behavior
af06093 BSD: Disable interface on down
dc0ad60 BSD: Use correct ifindex from route messages
5f17b2c BSD: __FUNCTION__ -> __func__
2088ecb OSU: Add debug printing of more LogotypeExtn fields
0b905c8 Add the selector suite into wpa_parse_wpa_ie_rsn() "invalid group cipher"
03a72ea VHT: Add an interoperability workaround for 80+80 and 160 MHz channels
Change-Id: Ief9174bdec380e81025e1467c47bf1656eb39cd9
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 1d6bf427f4769edb60865a3999d01eeb8f8fcb19 |
|
20-Jan-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit e15dcf6d1bc2725388555523effca75b1ffab735
e15dcf6 nl8021: Avoid potential memory leak on error path
17d32eb Allow re-write of ip_addr* configurations to conf file.
bcce934 dbus: Restrict DeviceName size to 32 characters in setter
7c70fe2 Sort options and reduce printf calls in wpa_supplicant usage text
6b418ce Fix wpa_supplicant build with IEEE8021X_EAPOL=y and CONFIG_NO_WPA=y
03269d5 AP: Print interface name in more STA events
9e8fde2 AP: Fix Deauth/Disassoc TX status timeout handling
269f9d5 EAP peer: Use ifdef PCSC_FUNCS to get rid of compiler warnings
c6e0b4b FST: Get rid of gcc extensions in structure/array initialization
2e3a41a hs20-osu-client: Fix check for osu_nai being available
ac2053b OpenSSL: Clean up openssl_digest_vector() to use a single implementation
5c9a337 OpenSSL: Clean up crypto_hash_*() to use a single implementation
587b045 LibreSSL: Fix build with LibreSSL
0daa9f6 EAP-TTLS peer: Fix success after fragmented final Phase 2 message
1eb87ae OpenSSL: Use EVP_CIPHER_CTX_new() to work with OpenSSL 1.1.0
3fb3bea OpenSSL: Update session_secret callback to match OpenSSL 1.1.0 API
814f43c EAP server: Simplify EAP method registration call
49a26bb EAP peer: Simplify EAP method registration call
7ce5603 EAP-WSC peer: Remove unused state values
449a316 bsd: Optimize socket use
4653ceb nl80211: Report disassociated STA / lost peer for the correct BSS
38af042 Drop OpenSSL 0.9.8 patches to add EAP-FAST support
Change-Id: Ib88c54b382c322d6151ed77e08f83329f918e3e8
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| de47be75037bccd4a11b62eedb3d4aed1b36fa67 |
|
07-Jan-2016 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 21cb63fffd1e766c8b989125394ed0bfb05e5a4b
21cb63f OpenSSL: Fix client certificate chain building after PKCS#12 use
12a81b6 ACS: Remove unreachable case from a debug print
896607d Remove a pointer check that can never be true
a95cc47 ACS: Be more consistent with iface->current_mode checks
6014e59 P2P: Print find_start in debug log when ignoring old scan results
64845c1 l2_packet: Extend bridge workaround RX processing to cover two frames
4a539ab l2_packet: Improve bridge workaround RX processing
7a36f11 EAP-PAX: Check hmac_sha1_vector() return value
1d20c66 P2P: Clear groups first on FLUSH command
27446e4 mesh: Do not force another peering exchange on driver event
cc64fe7 mesh: Do not clear link state on driver event if exchange was started
b5f5c32 mesh: Add some more details to MPM debug messages
7d41907 nl80211: Add a missing space to a debug message
6174de6 mesh: Connection and group started/removed events into debug log
2da4a56 Add more hostapd.conf documentation for hw_mode with HT/VHT
acc3943 EAP-PEAP peer: Cryptobinding in fast-reconnect case with inner EAP
cba9ebf P2P: Try SD Query with each non-ACK peer only once per search iteration
e9ccfc3 Clear wpa_supplicant state to DISCONNECTED on FLUSH command
aeb408f HS 2.0: Add some documentation for OSEN and network block use
4f6cd3f Fix wpa_supplicant AP mode P2P IE handling if P2P is disabled
92acb40 Fix wpa_supplicant build with CONFIG_L2_PACKET=pcap
15c5606 Update copyright notices for the new year 2016
6e379c6 WPS: Testing mechanism to force auth/encr type flags
ea31912 WPS: Add a workaround for WPA2PSK missing from Enrollee auth flags
db671e0 WPS: Do not build Credential with unsupported encr combination on AP
d7c3347 HS 2.0: Postpone WNM-Notification sending by 100 ms
750f5d9 EAP-FAST: Enable AES256-based TLS cipher suites with OpenSSL
1ebb24b OpenSSL: Share a single openssl_tls_prf() implementation
dea2051 OpenSSL: Clean up function to fetch client/server random
9a42d85 OpenSSL: Drop support for OpenSSL 1.0.0
de213e8 OpenSSL: Drop support for OpenSSL 0.9.8
e79eb0c P2P: Fix P2P_FIND while waiting for listen ROC to start in the driver
944f693 P2P: Stop offchannel TX wait on P2P_STOP_FIND/P2P_LISTEN
8edd9f1 P2P: Add an option to specify group SSID in P2P_CONNECT join case
70e0cb3 P2P: Provide group SSID, if specified, to P2P Client join step
438be60 P2P: Do not accept any GO BSS entry if SSID is specified for join
35510d5 P2P: Use join SSID in the skip-PD cases
8b8d4f4 P2P: Do not accept any BSS entry for join if SSID is already known
b875276 P2P: Use group SSID, if known, for join operation even if no BSS entry
aa256cb P2PS: Add group SSID, if known, to the P2PS-PROV-DONE event
071e3bf FST: Fix handling of Rx FST Setup Request when session already exists
Change-Id: Ia48764e8663232291160fb24153fa367b9ed3015
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 014a3ff83915745d57480e99b47e281a82143c79 |
|
28-Dec-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 324ade51e168f28430f4429849becd0f08d507c0 (DO NOT MERGE)
324ade5 TLS: Make tls_cert_chain_failure_event() more robust
c6231b5 TLS: Remove storing of never-read value
15a6813 Remove unnecessary cleanup assignment in SHA1Final()
ef3866a nl80211: Don't call linux_iface_up() for a dedicated P2P Device
c2ed779 mesh: Document Mesh Peering Management element structure in more detail
b2817cd mesh: Check PMKID in AMPE Action frames
6c33eed mesh: Fix PMKID to match the standard
ede7770 wpa_supplicant: Do not wait for monitor on P2P Device interface
1c94570 Do not wait for monitor to attach if no control interface
f98674a Clone default LIBS value to LIBS_* for other tools
7d2f674 Add "GET_CAPABILITY acs" to allow ACS build option to be detected
d990971 wpa_supplicant: Enable Automatic Channel Selection support for AP mode
96bc508 Handle survey event properly in wpa_supplicant
d39f796 EAP-TNC peer: Remove dead code related to fragmentation
662512e P2PS: Remove dead code
abbbaa4 TNC: Print received IF-TNCCS message as debug ASCII hexdump
d745f02 EAP-TNC peer: Allow fragment_size to be configured
a67e7e5 RADIUS: Add EACCES to list of recognized send() errno values
5bd9be4 Fix RADIUS Called-Station-Id to not escape SSID
0764dd6 TLS client: Multi-OCSP check to cover intermediate CAs
d6b536f Add ocsp=3 configuration parameter for multi-OCSP
0268383 TLS: Move variable declaration to the beginning of the block
b567775 TLS client: OCSP stapling with ocsp_multi option (RFC 6961)
8ea6a27 TLS server: OCSP stapling with ocsp_multi option (RFC 6961)
5addb0d Server configuration for OCSP stapling with ocsp_multi (RFC 6961)
bca0872 TLS server: OCSP stapling
9532bd2 GnuTLS: OCSP stapling on the server side
6241766 Use wpa_msg() for the "RSN: PMKID mismatch" message
e161451 EAP-EKE: Merge identical error return paths
13cb0a6 EAP-EKE: Reject too long Prot() data when building a frame
0ab0de8 Document previously missing key_mgmt values
Change-Id: I9ac7d0da03d8baf4542e276ab20cb56e44bfa33c
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 55840adb6cd32ca52064f327b72a40e769f70661 |
|
14-Dec-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 06f14421ea8644d12a7b0be6b583114869f9c451 (DO NOT MERGE)
06f1442 TLS: Parse OCSPResponse to extract BasicOCSPResponse
d560288 TLS: Parse CertificateStatus message
eeba168 TLS: Add status_request ClientHello extension if OCSP is requested
4303d53 TLS: Parse ServerHello extensions
6b7bb42 TLS: Add minimal support for PKCS #12
5ce2941 TLS: Extend PKCS #5 to support PKCS #12 style key decryption
f6a62df TLS: Fix and complete ASN.1 tag list
3c108b7 EAP peer: External server certificate chain validation
b6e5e14 EAP-FAST peer: Fix PAC parser error messages
5b904b3 EAP-FAST: Check T-PRF result in MSK/EMSK derivation
b1d8c5c EAP-FAST peer: Fix error path handling for Session-Id
36478a1 OpenSSL: Support new API for HMAC/EVP_MD_CTX in OpenSSL 1.1.x-pre1
9257610 FT: Fix FTIE generation for EAPOL-Key msg 3/4
e44bd28 FT: Fix sm->assoc_resp_ftie storing on the AP side
59e78c2 FT: Fix FTIE generation for 4-way handshake after FT protocol run
b0ecbd3 AP: Use more readable version of management group cipher in error cases
651c6a8 Add TEST_ASSOC_IE for WPA/RSN IE testing on AP side
58059e6 FST: Print debug entry on MB IE update based on EVENT_AUTH
af041f9 dbus: Add support for vendor specific elements
5c8acf7 EAP-IKEv2: Check HMAC SHA1/MD5 result
7b991b4 Use proper build config for parsing proxy_arp
4db29e6 TLS: Add support for PKCS #5 v2.0 PBES2
Change-Id: I10b71e4d3573ef60a52ea6ff56afcd3a06a0b7b0
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| d7ff03d48f825360eec2a371e3361306f2fd721b |
|
04-Dec-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit bf3214b59321f67375df1ee85722b2beb74e1f7a
bf3214b P2P: Fix re-invoked client interface completion on data connection
63502c6 P2P: Fix P2P_CANCEL for p2p_in_invitation case
e007d53 EST: Comment out X509_REQ_print calls on Android with BoringSSL
e6f4832 EST: Add CSR generation support with BoringSSL
ed2566a EST: Implement pkcs7_to_cert() with BoringSSL
8d27efa HTTP (curl): OCSP with BoringSSL
213e158 BoringSSL: Move OCSP implementation into a separate file
f846211 BoringSSL: Support new SHA_CTX definition for EAP-SIM PRF
b34c623 OpenSSL: Fix build with current OpenSSL master branch snapshot
759a8a3 nl80211: Cancel all pending TX frame cookies
9ea91cd EAP-EKE peer: Fix memory leak on error path
328f49a P2P: Complete group formation on client data connection
0e559dc WPS: Support parallel UPnP WPS protocol runs
bea48f7 Allow sched_scan_plans to be updated at runtime
32c0226 Add support for configuring scheduled scan plans
09ea430 nl80211: Add support for multiple scan plans for scheduled scan
dd895e9 P2P: Make p2p_go_configured() more robust against unexpected calls
8811988 TLS client: Fix session_resumed status after TLS session ticket use
7fff91a Fix tls_connection_prf() regression with CONFIG_TLS=internal
1adf262 TLS: Add support for extKeyUsage X.509v3 extension
0755577 Add TEST_FAIL() support for internal hash functions
4104267 Fix memory leak on NFC DH generation error path
c5864dc TLS client: Add certificate chain validation failure callbacks
896a97d TLS client: Add support for disabling TLS versions
0cbc22b TLS client: Use TLS_CONN_* flags
20804fe TLS: Add support for tls_get_version()
f2a6ad0 TLS client: Add support for server certificate probing
b115eeb TLS: Add TLS v1.2 signature algorithm support for SHA384 and SHA512
c0acec3 crypto: Add CRYPTO_HASH_ALG_SHA384 and CRYPTO_HASH_ALG_SHA512
0aed915 TLS client: Add signature_algorithms extension into ClientHello
9e8809a TLS client: Validate certificates with SHA384 and SHA512 hashes
6bb6a9c Add SHA384 and SHA512 implementations from LibTomCrypt library
fdc1614 TLS client: Add support for validating server certificate hash
3665776 TLS client: Do not verify CA certificates when ca_cert is not specified
11c9ddb Add TEST_FAIL() condition to aes_128_cbc_encrypt/decrypt()
ea52a46 EAP-SIM peer: Fix memory leak on reauth error path
1a33c94 EAP-SAKE: Fix a typo in attribute parser debug print
53401e9 Abort ongoing scans on FLUSH command
e929eb3 wlantest: Add -N command line argument to remove write buffering
3c41749 hostapd: Add Transmit Power Envelope IE when VHT is enabled
2ea2166 Add control interface command for aborting an ongoing scan
4ead7cf Abort an ongoing scan before connect
4f30add nl80211: Add support for aborting an ongoing scan
5ef0b84 Sync with mac80211-next.git include/uapi/linux/nl80211.h
0530eb1 mesh: Clear wpa_s cipher selection on starting mesh
1d6955e nl80211: Fix SIGNAL_POLL in IBSS and mesh
0f29bc6 IBSS/mesh: Add support for VHT80P80 configuration
c27f4c9 P2P: Add support for VHT 80+80 MHz and 160 MHz
bee5d8e nl80211: Add VHT 160 MHz channel flags
5e1da9c P2P: Define operating classes for VHT 80+80 and 160
ea70811 FST: Improve parsing of Multiband IEs
b47d05a FST: Make FST peer connection check more permissive in hostapd
39c3c9b Remove wpa_supplicant/tests
9b635d0 Remove link_test and test_wpa
9e68742 Fix CONFIG_NO_WPA=y build
eb926f1 Comment out wpas_reenabled_network_time with CONFIG_NO_SCAN_PROCESSING
f231b3d FST: Fix STA MB IEs creation
ed7820b P2P: Add a testing option to force P2P GO CSA
6cbbae2 P2P: Set p2p_go_wait_client in invitation_result() cb
83702b6 Android: Give user the option for selecting browser for HS 2.0 OSU
cadffac wpa_cli: Add an option to set created interface type
0f039e3 Add an option to create interface of a certain type with INTERFACE_ADD
d8a3b66 driver: Make setting up AP optional when creating AP interface
36e8206 Check for LIBRESSL_VERSION_NUMBER in tls_openssl.c
2c51c0b P2P: Clear send action work without waiting on find/stop/listen
6bdc43c AP: Avoid 20/40 MHz co-ex scan if PRI/SEC switch is not allowed
757785d nl80211: Clear ignore_next_local_deauth flag
cb2a926 nl80211: Clear ignore_next_local_deauth and ignore_deauth_event
f32227e Add QCA vendor attribute and event to indicate subnet change status
d38c7be Skip SELECT_NETWORK steps only if already connected or connecting
25eb7fc Fix EAPOL reauth after FT protocol or offloaded PMKSA cache use
f68d491 FT auth: Fix EAPOL reauthentication after FT protocol run
a65efbf Add VHT support for Mesh
a73c984 Set WMM flag to Mesh STA by default
9a8d9f7 Assign QCA vendor command and attribute for Tx power reduction in dB
747ba10 nl80211: Do not return incomplete hw capability info
5e238cc WPS: Reconnect for a failed data connection when STA_AUTOCONNECT is 0
442cc8c dbus: Fix memory leak in sending InvitationReceived signal
0603bcb hostapd: Process MAC ACLs on a station association event (SME in driver)
89a11ad RSN: Remove check for proactive_key_caching while setting PMK offload
d381963 Extend QCA roam event with subnet change indication
Change-Id: I122220f59ef56e25ed2749a37370a40afafa177a
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| d80a401aed31d06f261efd19223cf55d1a2a8228 |
|
06-Nov-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit f10ff62e4eda7917a8e28fe492fd98723a5e97c4
f10ff62 Describe preferred mechanism for submitting contributions
fcdb359 Use "STATUS-NO_EVENTS" instead of "STATUS" in get_wpa_status function
73ed03f wpa_supplicant: Add GTK RSC relaxation workaround
ea6030c Restore previous wpa_state in scan-only result handler
1e74ae4 WNM: Clear BSS TM data if already associated with preferred candidate
d129b02 EAP-pwd: Add support for Brainpool Elliptic Curves
a34eace dbus: Remove unused dict helper functions
cdcb2d0 wpa_cli: Add support for vendor_elem_* commands
17b7032 EAP peer: Clear ignore flag in INITIALIZE state
1f1e619 Add test programs for checking libwpa_client linking
736b7cb wpa_supplicant/Makefile: Fix libwpa_client build
2e38079 TLS: Fix memory leak with multiple TLS server instances
7b0f550 eap_sim_db: Implement eap_sim_db_expire_pending()
45c3e72 Add frequency to operating class determination for 5 GHz 100..140
e50c50d dbus: Expose interface globals via D-Bus properties
1aa0fb7 dbus: Pass property description to getters/setters
c93b7e1 RSN: Check result of EAPOL-Key frame send request
95be79f Allow -1 as value to disable frag_threshold
bc50bb0 Extend the range of values for the RTS threshold
053693d hostapd: Add feature to start all interfaces at the same time in sync
9578413 Reserve QCA vendor specific nl80211 commands 110..114
5d4c508 Assign QCA commands and attributes for Tx power scaling and OTA testing
5d1d69a P2P: Filter control chars in group client device name similarly to peer
f67d1a0 TDLS: Do not send error case of TPK M3 if TX fails
1248e58 wpa_supplicant: Reopen debug log file upon receipt of SIGHUP signal
d8fd633 Do not write ERROR level log entries if debug file is not used
67deaa5 l2_packet: Add build option to disable Linux packet socket workaround
fa46426 RSN: Do not try to connect if PMF disabled and AP requires it
8acbe7f WNM: Verify WNM Sleep Mode element length
dacd789 WNM: Mark set TFS buffer const
...
f24b979 OpenSSL: Merge error returns
84d6a17 TLS: Remove unused tls_capabilities()
7867227 ms_funcs: Merge similar return cases
3596361 hw_features: Merge similar return case in check_40mhz_2g4()
aac1efe Reject the initial 4-way handshake if initial GTK setup fails
2da5256 Add backtrace-based error path testing mechanism
55413ce P2P: Do not allow 40 MHz co-ex PRI/SEC switch to force MCC
Next patches were skipped due to explicit cherry-pick:
bddc51e RSN: Stop connection attempt on apparent PMK mismatch
3fdaaa8 Throttle control interface event message bursts
a530fe7 Add wpa_supplicant EVENT_TEST control interface command
ee1e3f5 hostapd: Global control interface notifications
2e95cfc Add debug prints for wpa_supplicant ctrl_iface socket send operations
ce7d0eb Update AP WPA/RSN IE on all associations if driver can select BSS
844dfeb QCA vendor command support to set band to driver
Change-Id: I909996c5afcd3b5d123ea1e23c0e1212021f7625
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| f291c682d490cef0b520b68e694a2bf97126b441 |
|
17-Aug-2015 |
Jouni Malinen <jouni@qca.qualcomm.com> |
BoringSSL: Fix session resumption
BoringSSL commit 533ef7304d9b48aad38805f1997031a0a034d7fe ('Remove
SSL_clear calls in handshake functions.') triggered a regression for
EAP-TLS/TTLS/PEAP session resumption in wpa_supplicant due to the
removed SSL_clear() call in ssl3_connect() going away and wpa_supplicant
not calling SSL_clear() after SSL_shutdown(). Fix this by adding the
SSL_clear() call into wpa_supplicant after SSL_shutdown() when preparing
the ssl instance for another connection.
While OpenSSL is still call SSL_clear() in ssl3_connect(), it looks to
be safe to add this call to wpa_supplicant unconditionally.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 4171258d30a612645aa061cede62233b5c58ca2a |
|
29-Jun-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 8c43ef8449bd4d2d0983db394770bd73f572b12d
8c43ef8 P2PS: Fix attribute addition in p2p_buf_add_service_instance()
a9ea609 P2PS: Fix p2p_find last parameter handling
6c73149 AP: Increase maximum value accepted for cwmin/cwmax
575e4f5 SAE: Reject FFC commit-element with value p-1
a406244 P2PS: Do not reply to ProbeReq on another channel when starting Listen
0c2b3f6 SAE: Reject commit-scalar value 1
4f39908 Send CTRL-EVENT-NETWORK-NOT-FOUND if no suitable network was found
123df27 D-Bus: Fix typos in debug print
ded14ce Android: Fix nl80211 build if BOARD_*_PRIVATE_LIB is unspecified
a140721 Android: Rename ANDROID_P2P_STUB to ANDROID_LIB_STUB
2ba4de3 D-Bus: Add documentation for wpas_dbus_signal_peer_groups_changed()
e48b5e2 D-Bus: Fix typo in dbus signal function documentation
09d5048 D-Bus: Add function documentation for wpas_dbus_unregister_interface()
adfbbd2 D-Bus: Add function documentation for wpas_dbus_register_interface()
c5967f0 D-Bus: Fix wpas_dbus_signal_p2p_invitation_result() documentation
4457f41 radius: Fix NULL dereference issue on allocation failure
f826fb1 OpenSSL: Handle EC_POINT_is_on_curve() error case
bbb5008 SAE: Use random "password" in extra hunting-and-pecking loops
eb5fee0 SAE: Add side-channel protection to PWE derivation with ECC
16841ab crypto: Add functions for computing the Legendre symbol and EC y^2
c4a13b4 OpenSSL: Add support for Brainpool Elliptic Curves
4584b66 SAE: Increase security parameter k to 40 based on Dragonfly recommendation
fdd731b SAE: Fix PWE generation to use minimum loop count (k) properly
8ec3332 SAE: Merge sae_derive_commit() error case return statements
d93abd4 SAE: Merge sae_get_rand() error case return statements
6a58444 SAE: Verify that own/peer commit-scalar and COMMIT-ELEMENT are different
4e7e688 Add crypto_ec_point_cmp()
8e2a3a4 dbus: Do not initialize variable twice
c1a14ef Do not check unsigned size is less than zero
fdc5608 OpenSSL: Remove SSL_CTX_{get,set}_app_data() compatibility wrapper
ba54933 libtommath: Fix mp_init_multi() stdarg use on error path
f6332b0 wpa_gui: Initialize WpaGuiApp::w in the constructor
f6df3f3 Use os_* wrapper more consistently
91b7a5e Use unsigned/signed printf format more consistently
59bae74 HS 2.0R2: Fix memory leak on error path in hs20-osu-client
c5ca73d P2P: Use offsetof() instead of local implementation
c3c5b5f ERP server: Make erp_send_finish_reauth() easier for static analyzers
6ce1bea bsd: Remove redundant NULL check in bsd_init()
c99df20 Remove redundant NULL check in ieee802_1x_encapsulate_radius()
2eb5967 AP: Add more 2.4 GHz channels for 20/40 MHz HT co-ex scan
5ed6519 hw_features: Merge similar return cases
4e37dd6 SAE: Simplify sae_prepare_commit() error path
04e6c4c Fix SAE group selection in an error case
3dce85c HS 2.0: Add WLAN RADIUS attributes in OSEN case
efd5d26 Remove unnecessary wpa_ie_len check from wpa_parse_wpa_ie_wpa()
ce8963f Remove WEP40/WEP104 cipher suite support for WPA/WPA2
ee140ef FT: Stop association attempt if Auth response processing fails (SME)
1887be4 Make check_20mhz_bss() static
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Bug: 22062116
Change-Id: Ie1d175f1faab24bf39ce81ead7a078e1e236badd
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| a3dc30964aa24aea2b518246f6812663a1103490 |
|
23-Jun-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit f43c1ae7989c38fe15756f12a9196a1cf798b4d7
f43c1ae P2P: Handle P2P Device dedicated interface parent removal
1ac977b nl8021: Allow sending wowlan configuration on any interface
4899702 nl80211: Remove android_genl_ctrl_resolve()
38dcc86 P2P: Consider ht/vht on P2P_GROUP_ADD command (with no params)
29292d5 ctrl_iface: Make p2p_ctrl_group_add() more robust
e4a80d8 P2P: Fix secondary channel selection for HT40
4e71758 dbus: Add RemoveClient method to remove a client from local GO
f0a79c9 D-Bus: Fix wpas_dbus_register_peer() documentation
95d62a6 D-Bus: Add missing params in WPS function documentation
790429b D-Bus: Fix function documentation for wpas_dbus_signal_p2p_go_neg_resp()
92fe746 D-Bus: Add function documentation for wpas_dbus_signal_p2p_go_neg_req()
e1dffa3 P2P: Fix PBC overlap detection
de7b02f P2P: Use the P2P Device interface in wpas_p2p_fallback_to_go_neg()
6b5147a P2P: Fix memory leak in p2p_process_nfc_connection_handover()
33ba27d EAP-FAST peer: Stop immediately on key derivation failure
144b6a0 OpenSSL: Fix memory leak on an openssl_tls_prf() error path
50a9efe P2PS: Fix Probe Response frame building in error cases
509f269 P2PS: Fix org.wi-fi.wfds matching when building the response
5fa5f84 P2PS: Add more debug prints for service info building
fdde3db P2PS: Remove unnecessary service hash filtering from p2p_reply_probe()
f2e0eec P2PS: Do not ignore other hashes if org.wi-fi.wfds hash is included
ebdc32f P2PS: Fix service hash matching for org.wi-fi.wfds
24533f7 P2PS: Fix p2p_find handling to allow "wildcard" with other hash values
f33a31b P2PS: Verify service name length in P2P_FIND command
129b621 P2PS: Fix P2P_FIND seek parameter parsing
83e520e P2PS: Add a wildcard with other advertised service info
c5d3cad P2PS: Re-factor p2p_buf_add_service_instance function
13f6f61 wpa_cli: Fix process termination in wpa_cli action mode case
b4c0f58 Clear allocated debug message buffers explicitly
14fd033 Clear control interface command explicitly from stack
d95c599 P2P: Fix group interface addition failure properly for concurrent case
e12c400 P2PS: Refactor p2p_data::query_hash and p2p_data::query_count use
4839da4 P2P: Add vendor elements into Invitation Response frames
886f583 P2PS: Delete p2ps_svc_found from struct p2p_data
3f048aa P2PS: Add a function to free a PD context
8f52409 P2P: Prefer direct Probe Response frames over GO's client list
4e8817f P2P: Use more precise device timestamping for group clients
0799b3f P2P: Specify frequency when sending Probe Response frame
5d180a7 drivers: Add freq parameter to send_mlme() function
5143e7e P2P: Fix return value of p2p_reply_probe() and p2p_probe_req_rx()
07c1e98 P2PS: Enable Probe Request frame processing by P2P Client
734ddf6 P2P: Add rx_freq parameter to Probe Request frame handler
e6012e8 P2P: Update target GO Device Address from BSS entry during join
a9a4841 Remove duplicated country code from operating class lists
132dfbe Fix removal of tagged interface and bridge when multiple BSS share them
e11776a Combine multiple function calls to a single statement
b649c0a dbus: Add Reconnect command to D-Bus Interface
f4a234a doc: Update D-Bus GONegotiationRequest Signal: add device_go_intent
0c9fb14 P2P: Add Operating class 125 for P2P supported channels
Change-Id: I782c1403985248ff994f484282efa6519fd369e9
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 7a53dbb56693ee9f55c0cab1a8297436511e8613 |
|
11-Jun-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 57e832de37ea0a82e650d8230457e0868a01b72e
57e832d GAS: Remove all radio works before calling gas_query_deinit()
661888b P2P: Fix persistent group profile on manual disabled=2 change
1a2f7ca D-Bus: Add WPS pbc-overlap Event
4f36965 P2P: Add ModelNumber and SerialNumber info into D-Bus peer interface
2899cba P2P: Add ModelName info into D-Bus peer interface
8bb5cfe doc: Add missing ListenChannel to P2P information
995a3a0 Document the wpa_msg_cb "global" parameter
e66bced Do not set own_disconnect_req flag if not connected
8d2ed87 wpa_gui: Port to Qt5
e1ede80 eapol_test: Support IPv6 for authentication server
e19c1d2 Fix pairwise cipher suite bitfields to the driver in mixed mode
ee120ff Remove [MU-BEAMFORMEE] option from hostapd vht_capab parameter
c5ee4dd Fix spelling of initialize in a comment and an error message
aa2b125 P2P: Add GO Intent of connecting device in GO Negotiation Request event
cf60962 doc: Fix a typo in D-Bus API document
f13e815 Set Acct-Session-Id from os_get_random() instead of os_get_time()
92f190a OpenSSL: Fix build iwth OpenSSL 0.9.8
a80651d Add support to request a scan with specific SSIDs
94687a0 WPS: Allow the priority for the WPS networks to be configured
09d57ce wpa_supplicant: Remove trailing whitespace
0980c7f hostapd: Make sure band selection does not result in NULL dereference
Change-Id: I32154fcf606169fc1e3e3a653e80c99f058f8e95
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 1d755d025b206e22b06aeb322e25a79f98ca7777 |
|
28-Apr-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 01a025937c67f0eca6021d94b8ec3b144f8b1730
01a0259 WPS: Add support for 60 GHz band
0ef1e29 WPS: Fix shorter authentication timeout during no-SelReg iteration
3465176 nl80211: Verify that cipher suite conversion succeeds
a250722 Try to set PMK only with key mgmt offload support in the driver
4a7ce98 Make IPv6 NA multicast-to-unicast conversion configurable
9f390f4 Interworking: Fix network selection warning without SIM/USIM support
a0ad9e8 Remove WPA per-VLAN groups when no more stations remain
87b5b53 Make VLAN ID available in STA info over control interface
5678a2d P2P: Allow wpa_supplicant to start if social channels are not supported
209214b vlan: Move CONFIG_FULL_DYNAMIC_VLAN includes to proper places
a6da824 Do not use C++ reserved words as variable names
eaa3728 wpa_gui: Themed icon loader
9a3cb41 Fix wpa_priv (CONFIG_PRIVSEP=y) build
8b423ed Declare all read only data structures as const
fd4fb28 OpenSSL: Try to ensure we don't throw away the PIN unnecessarily
fabc6dd mesh: Retransmit the last Commit Message in the Committed state
068669f vlan: Verify RADIUS returned VLAN-ID and dynamic_vlan=required
5add410 WPS: Use shorter authentication timeout during no-SelReg iteration
e7d2034 WPS: Enforce five second minimum time before AP iteration
bd143cc Remove trailing whitespace from Makefile
74802c0 P2P: Do not create a P2P Device interface if P2P is disabled
579674e Document p2p_disabled option in wpa_supplicant.conf
8ea8a89 nl80211: Extend unique MAC address assignment for station iftype
Change-Id: I8bc8a63f37c0892b83376b9d5a5859827ae50554
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 1eb02edb319d462031f0c2f1f3548498558e95a5 |
|
22-Apr-2015 |
Adam Langley <agl@google.com> |
wpa_supplicant_8: fix keystore-backed keys
The switch to BoringSSL broke keystore backed keys because I didn't
realise that wpa_supplicant was using the dynamic ENGINE loading to load
the keystore module.
The ENGINE-like functionality in BoringSSL is much simplier and this
change should enable it. However, I don't have a suitable AP to test
against.
BUG=20460625
Change-Id: I798deb29264484788c6222385bcc104a34245e2b
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 9d9e60286e05ae45025b672636490bd12586138d |
|
23-Apr-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative security patch from commit ca68a8b561c48393c8ba25055ce294caaa3ac008
ca68a8b WPS: Explicitly reject Public Key attribute with unexpected length
6b94f71 WPS: Truncate variable length string attributes to maximum length
f4b64c6 Simplify VHT Operation element parsing
d6fefd6 Simplify HT Operation element parsing
40baac0 Simplify VHT Capabilities element parsing
baae4cb Simplify HT Capabilities element parsing
b39a059 Simplify Timeout Interval element parsing
e8997b9 Simplify ERP element parsing
f87c99c Simplify DSSS Parameter Set element parsing
ae7a42b FT: Check FT, MD, and Timeout Interval length in the parser
c9bf7b6 Fix a memory leak on mesh_attr_text() error path
2531036 FT: Fix WMM TSPEC validation in driver-based AP MLME case
632931c P2P: Use WPS_SEC_DEV_TYPE_MAX_LEN in P2P array definition
0f5acfb Use common is_ctrl_char() helper function
5a041ac WPS: Ignore too long SSID attribute
d6c3067 Replace SSID_LEN with SSID_MAX_LEN
eaa8eef Replace MAX_SSID_LEN with SSID_MAX_LEN
81847c2 Replace HOSTAPD_MAX_SSID_LEN with SSID_MAX_LEN
6fb761c Replace WPA_MAX_SSID_LEN with SSID_MAX_LEN
d9d1b95 Use SSID_MAX_LEN define instead of value 32 when comparing SSID length
65b1025 WPS: Ignore too long Device Name attribute
cc6f243 Add WPS_DEV_NAME_MAX_LEN define and use it when comparing length
dd3d857 P2PS: Check for maximum SSID length in Persistent Group Info
05e46a9 Ignore too long SSID element value in parser
90758f0 Mark QCA vendor command id 53 reserved, but not used anymore
f41ded6 Remove unused leftover from multi-SSID design
cb71a83 OpenSSL: Clean up TLS PRF implementation
7f90a23 Add QCA vendor subcmd for OCB
897418a eap_example: Fix configuration by added DH parameters
Change-Id: If688231edfce41163ef0c1f0ad75291a9bdfbe81
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| af9da3180dc20f57df1fc1e1811f3df9fa9e6ab5 |
|
03-Apr-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 681278246232029c334117bd6dc7e74c6b179f96
6812782 hlr_auc_gw: Allow Milenage RES length to be reduced
4839f7c wpa_cli: Fix a typo in usage text
a20a361 wpa_supplicant: Clear blacklist on connect
0144ecb Android: wpa_ctrl missing include for sys/stat.h
0bb20ef HS 2.0R2: Allow user to specify spp.xsd file location
97c9991 HS 2.0R2: Add more debugging messages to hs20-osu-client
93c2e60 HS 2.0R2 CA: Improve setup.sh and .conf for more flexibility
02e122a Reschedule scan from wpas_stop_pno if it was postponed
80fd9c3 EAP-PEAP server: Add support for negotiating vendor for Phase 2
a867082 EAP peer: Use 32-bit EAP method type for Phase 2 processing
56dfc49 Fix a typo in configuration parameter documentation
c4b45c6 TLS: Fix memory leaks on tls_connection_set_params() error paths
af85191 Make tls_connection_get_keyblock_size() internal to tls_*.c
94f1fe6 Remove master key extraction from tls_connection_get_keys()
fa0e715 Use tls_connection_prf() for all EAP TLS-based key derivation
df8191d Rename HT 20/40 coex variable to be more descriptive
1d0f42a EAP server: Add debug prints to help asleap testing
2c1cf90 Add wpa_snprintf_hex_sep()
5955cfa ms_funcs: Make challenge_hash() non-static
Change-Id: I0f3e5e5170a61e458949a675641946d95598dc5d
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 4dd28dc25895165566a1c8a9cac7bcd755ff8fe3 |
|
10-Mar-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 00033a0903f69b2f0e0c048840bff059f5a3eab9
00033a0 OpenSSL: Always accept pinned certificates
b2329e4 Add QCA vendor subcmd for Data Offload
1d246a1 Make rate-not-supported debug print more useful
761396e Reject Group Key message 1/2 prior to completion of 4-way handshake
3f0e6ec nl80211: Extend NL80211_CMD_TDLS_OPER to support discovery
c10ca2a TDLS: Allow driver to request TDLS Discovery Request initiation
41312fc mesh: Leave mesh in driver setup if initialization fails
ac8e074 Clear RSN timers for preauth and PTK rekeying on disassociation
f2f65dd Reserve QCA vendor specific nl80211 commands 61..90
088a210 HS 2.0: Add NULL check before dereferencing in hs20-osu-client
bea8d9a nl80211: Use the new bridge port option proxyarp_wifi
Change-Id: I1ef819ab4efa554f059787e02570f48be39819a6
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 7f65602d49069f96a7bb44da8bd79ffe8d4c6a98 |
|
25-Feb-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit f51f54a007e0de1d413dee3523472d3bbeed2ecc
f51f54a nl80211: Resubscribe to nl80211 events on global nl_event socket
48ec694 Fix Linux packet socket workaround to not close the socket too easily
0d2030e Use estimated throughput to improve roaming selection
1d747e2 Add snr and est_throughput to the BSS entries
a1b790e Select AP based on estimated maximum throughput
ab647ff Add wpa_supplicant Makefile target libwpa_ctrl.a
abae2d1 trace: Initialize alloc_list even without os_program_init() call
891dfb3 Add helper function to clear and free wpa_psk list
71d77ad Update current BSS level when signal change event occurs
f1609f1 wpa_supplicant: Cancel sched_scan when stopping countermeasures
abb8d08 nl80211: Add support for configuring P2P GO CTWindow
0b8bcaa P2P: Allow configuring CTWindow when working as GO
c77ffc6 TDLS: Ignore extra padding in all packets
5ce6ac1 Inteworking: Add support to update the ANQP Capability List into the BSS
185ada4 HS 2.0: Add support to update the HS20 Capability List into the BSS
7fe7a3a wpa_gui: Debug enhancement
2b892d4 Add forgotten network profile parameters to config file writing
563ee18 IBSS: Add support for VHT80 configuration
ada157f Make hostapd_set_freq_params() common
98479dc IBSS: Update operating frequency if joining an existing IBSS
4d9e6fb IBSS: Add fixed_freq network parameter
6f5e1b0 Use priority list instead of global for PNO
97fc2dc Allow libnl-3.0 include path be specified
f92446f P2PS: Add P2PS interface info
59b416c Add optional reassoc-to-same-BSS optimization
c4da67d Fix passive_scan config parameter writing
715d5c4 hs20-osu-client: Ensure NULL checks are done before dereferencing
58d405f Fix OCSP debug messages
710dfb4 OpenSSL: Fix OCSP error path
bd7bb43 HTTP: Fix OCSP error path
946572c Android: Remove commented out non-Android build parameters
15ada7f Android: Remove libxml2 config defines
ebe8d3f Android: Silence unused function parameter warnings
dbd10da Android: Fix hs20-osu-client build on Android 5.0
a926295 HS 2.0R2: Fix permissions for SP/<fqdn> directory on Android
480994d nl80211: Allocate QCA vendor subcmds for DFS radar detected and CAC events
c165cb4 Drop all hostapd STA entries on interface disabled event
106fa1e nl80211: Indicate interface-down event only for the main netdev
eeb1cb2 VLAN: Clean up RTM_NEW/DELLINK processing
47e5fbd hostapd: Avoid sending client probe on removed client
3478273 Re-configure WPA2 group keys on hostapd interface re-enable
f33c860 Re-enable beaconing on interface disable+enable
fc99fab nl80211: Print a debug log entry on NL80211_CMD_PROBE_CLIENT failures
0d2f324 P2P: Fix send_action_in_progress clearing in corner cases
9ff8dda Add hostapd UPDATE_BEACON ctrl_iface command
e0761c5 nl80211: Allocate QCA vendor subcmd for DFS CAC Start event
1db718b nl80211: Test vendor command and event
10263dc Add control interface commands for fetching wpa_config values
f91a512 Add INTERWORKING_ADD_NETWORK command
c612ae9 AP: Do not reply to Probe Request frames with DS Params mismatch
5b74e08 P2P: Document P2P_CONNECT-auto
99650ca Add STOP_AP control interface command
6b00512 P2P: Add event messages for P2P_CONNECT-fallback-to-GO-Neg
b0e669b P2P: Fix P2P_CONNECT-auto fallback to GO Neg with group interface
bf51f4f mesh: Fix remaining BLOCKED state after SAE auth failure
79ddb20 mesh: Add a monitor event on SAE authentication getting blocked
dd2cbaf mesh: Add a monitor event for SAE authentication failure
0cb5f8d mesh: Fix inactivity timer for 32 bit system
11e2ddb mesh: Remove duplicated no_auto_peer update
1e52983 D-Bus: Fix network block type change
4fada12 Fix HT40 co-ex scanning issue on hostapd error path
23ed011 Fix Linux packat socket regression work around
663ae2f Don't write to wpa_supplicant.conf directly
d9a9bc0 IBSS: Do not enable HT with WEP or TKIP
0d7eb43 ACS: Accept channel if any (rather than all) survey results are valid
68fa00c ACS: Allow specific channels to be preferred
6f41a25 ACS: Use weighted average for 2.4 GHz adjacent channel interference
Change-Id: Ie1cabd28dcfdefafa02e81477e34badae6f7e629
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 216983bceec7c450951e2fbcd076b5c75d432e57 |
|
06-Feb-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 2c0efd9e49b15da163cee659409eee85390620c3
2c0efd9 P2P: Fix stopping on search after SD callback
db3168d OpenSSL: Use SSL_cache_hit() when available
68ae477 OpenSSL: Use library wrapper functions to access cert store
abe96d0 P2P: Clean up Listen channel optimization debug prints
d2ca6ba Fix hostapd obss_interval documentation
d027c7b Fix 20/40 MHz co-ex report processing with obss_interval=0
93eca61 P2PS: Do not remove pending interface on p2p_stop_find
ae2dd83 P2PS: Allow PD retry in SEARCH and LISTEN_ONLY also
87d5ef5 P2PS: Add commands to control interface redir list
0cf12b3 P2PS: Send P2P_FIND_STOPPED event during P2P SD also
306aaf4 P2PS: Start WPS registrar upon GO formation
9e96e46 P2PS: PD Response processing
ab8ee77 P2PS: Provision Discovery fail event
1300cc8 P2PS: PD Request processing and PD Response building
5fefce2 P2PS: Callback to send P2PS provisioning events
9a58e52 P2PS: Callback to create pending group after sending PD Response
895d94d P2PS: Callback to remove stale persistent groups
f309c18 P2PS: ASP provisioning commands to control interface
6d90851 P2PS: Process P2PS provisioning commands
369678a P2PS: Add P2PS attributes into PD Request if requested
59fec34 P2PS: Allow p2p_build_ssid() to use pre-set SSID
d4b43b5 P2PS: Add support to send ASP-RESP events
6df08d0 P2PS: Logic to parse GAS requests for ASP services
5a4102c P2PS: Add support to send ASP service requests
095b3c4 P2PS: Add Application Service Info to device found events
4660e73 P2PS: Add Advertised Service Info into Probe Response frames
9e7321e P2PS: Parse Probe Request frames for matching ASP hashes
ae9d45f P2PS: Extend add/del services logic to support ASP
ea8e033 P2P: Allow p2p_get_group_num_members() to be called with NULL
4f88fc0 P2PS: WPS changes needed for P2PS default PIN
1a94b0a P2PS: Add service hash to Probe Request frames
5177509 P2PS: Add option to specify seek strings into P2P_FIND
5f18501 P2PS: Helper functions to build new P2P attributes
60d1148 P2PS: Add parsing of new P2P attributes
b9348be P2PS: Add new P2P identifier assignments from P2P spec v1.5
c3d6c71 Add helper functions for escaping and unescaping UTF-8
66eaf8a Fix driver-offloaded offchannel TX done processing
c5e154c P2P: Add P2P state into p2p_send_action_cb() debug entry
f2dc06e P2P: Ignore remain-on-channel callback event if not waiting for one
6a6569b HS 2.0R2: Add password to DB in case of machine managed subscription
f0d0a5d Improve BSS selection with default noise floor values
7f7bfba Add an option allow canned EAP-Success for wired IEEE 802.1X
49fcc32 EAP-MSCHAPv2 peer: Add option to disable password retry query
66bc683 hostapd: Simplify vlan_add_dynamic error paths
99805a0 Interworking: Convert wpa_printf() to wpa_msg()
b42f539 Add a variable to handle extra CFLAGS values
e6dd819 Work around Linux packet socket regression
7650f9e Fix resource leaks on rsn_preauth_init() error paths
a565e03 dhcp_snoop: Make IPv4 addresses human readable in debug log
2dd4f3a Fix STA re-bind to another VLAN on reauthentication
4437f8f Free old eap_user_file data on configuration change
1180dd6 WPA auth: Disconnect STA if MSK cannot be fetched
40aaa64 WPA auth: Clear temporary MSK storage from stack explicitly
01b481a Convert couple of remaining printf to wpa_printf in ap_list
bfaefd5 EAP-PEAP server: Fix Phase 2 TLV length in error case
745d936 mesh: Create new station entry on popen frames
41bff86 mesh: Always free the station if peering failed
871ff0b mesh: Sync plink state with kernel
ba42261 Simplify eapol_sm_notify_pmkid_attempt()
993a865 Add eap_session_id to wpa_supplicant STATUS output
f19c907 OpenSSL: Implement aes_wrap() and aes_unwrap()
fee31f7 OpenSSL: Remove support for versions older than 0.9.8
8bf3030 OpenSSL: Use a common helper function for HMAC
983c6a6 OpenSSL: Replace internal HMAC-MD5 implementation
Change-Id: I5743003f14efae324537f7dc2c5e6ada892a33a7
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 2f74e36e84064ffa32f82f3decf36b653c7e4fad |
|
21-Jan-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit fb09ed338919db09f3990196171fa73b37e7a17f (DO NOT MERGE)
fb09ed3 Interworking: Notify the ANQP parsing status
d10b01d HS20: Provide appropriate permission to the OSU related files
73f1ee0 HS20: Fix TrustRoot path for PolicyUpdate node in PPS MO
54a0ac0 HS20: Return result of cmd_sub_rem in hs20-osu-client
b62b0cb WNM: Fix possible memory leak by free buf
9bd0273 EAP: Fix possible memory leak in eap_ttls_process_decrypted()
b760e64 eap_server: Avoid NULL pointer dereference in eap_fast_encrypt_phase2()
948d3a8 hostapd: Remove unused variable from hostapd_get_hw_features
dd09e42 Fix memory leak in wpa_supplicant global bgscan configuration
30f459c wpa_cli: Fix NULL dereference on printf string argument
414f23d Avoid NULL string in printf on EAP method names in authenticator
b72b2ad P2P: Stop p2p_listen/find on wpas_p2p_invite
7b7b444 nl80211: Fix reading of the extended capabilities mask
7e608d1 P2P: Use the correct wpa_s interface to handle P2P state flush
fd83335 AP: Enable HT Tx STBC for AP/GO if supported by driver
d90bfa9 Move external_scan_running to wpa_radio
0c5f01f Clear reattach flag in fast associate flow
8ad8bc5 NFC: Redirect NFC commands on global control interface
57ae1f5 P2P: Fix P2P invitation with NFC
07565ab WNM: Fix the length of WNM_BSS_QUERY control interface command
2d9c99e Retry scan-for-connect if driver trigger fails
911942e Add a test framework for various wpa_supplicant failure cases
6b46bfa WPS: Re-fix an interoperability issue with mixed mode and AP Settings
1648cc6 ACS: Allow subset of channels to be configured
95ff306 nl80211: Allow HT/VHT to be disabled for IBSS
7451a21 mesh: Return negative value on join failed
5a2a6de mesh: Make inactivity timer configurable
b9749ba AP: Expire STA without entry in kernel
a114c72 AP: Remove redundant condition for STA expiration
0d787f0 Fix RADIUS client with out-of-memory and missing shared secret
0efcad2 Print in debug log whether attached monitor is for global interface
8266e6c HS 2.0: Try to use same BSS entry for storing GAS results
6c69991 Make wpa_supplicant FLUSH command more likely to clear all BSS entries
2dbe63a Write reason for scan only_new_results into debug log
242b83a eapol_test: Fix cert_cb() function arguments
a8826b1 Interworking: Avoid busy loop in scan result mismatch corner cases
edd5939 Interworking: Start ANQP fetch from eloop callback
cbc210d RADIUS DAS: Allow PMKSA cache entry to be removed without association
4e871ed RADIUS DAS: Support Acct-Multi-Session-Id as a session identifier
b52c0d4 Add authMultiSessionId into hostapd STA info
861beb7 RADIUS DAS: Check for single session match for Disconnect-Request
783b2a9 Interworking: Fix INTERWORKING_CONNECT with zero-length SSID BSS entry
1fef85c nl80211: Fix AP-scan-in-STA-mode error path behavior
cebee30 Add domain_match network profile parameter
d07d3fb Add peer certificate alt subject name information to EAP events
98a4cd4 D-Bus: Clear cached EAP data on network profile changes
483dd6a Include peer certificate always in EAP events
dd5f902 Get rid of a compiler warning
d29fa3a Extend VENDOR_ELEM parameters to cover non-P2P Association Request
e7d0e97 hostapd: Add vendor specific VHT extension for the 2.4 GHz band
Change-Id: I45436c49986cd6bddbd869db3f474871a29ce1dc
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| ff787d557db719adea0fdf2679667500c65cf74d |
|
12-Jan-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 3e7f1c7980c6e9fc7173f78aa72b2761fcd8924d (DO NOT MERGE)
3e7f1c7 GnuTLS: Add TLS event callbacks for chain success/failure and peer cert
0eb2ed0 GnuTLS: Add support for OCSP stapling as a client
cf08e9b Add MESH to modes capabilities
db5adfe Add SAE to auth_alg capabilities
0e1bb94 GnuTLS: Verify that server certificate EKU is valid for a server
d4d1f5c GnuTLS: Fix tls_disable_time_checks=1 processing
594d1fc GnuTLS: Add support for private_key and client_cert as blobs
79b1dd9 GnuTLS: Fix DER encoding certificate parsing
a165145 Add "GET tls_library" to provide information on TLS library and version
c3bb84b GnuTLS: Add event callbacks
8ddcd6b GnuTLS: Add support for domain_suffix_match
4bc13bf GnuTLS: Check for any unknown verification failure
e0d431a GnuTLS: Add more debug prints for version and session status
65ec7f4 GnuTLS: Move peer certificate validation into callback function
7c82457 GnuTLS: Remove support for versions older than 2.12.x
e1d63f6 GnuTLS: Remove old version number checks for 1.3.2
ae0a23a GnuTLS: Remove GNUTLS_INTERNAL_STRUCTURE_HACK
db4cf40 GnuTLS: Add support for ca_cert as a blob
224104d TLS: Reject openssl_ciphers parameter in non-OpenSSL cases
b09baf3 Work around Windows build issues
6dbbef9 Define host_to_le32() for Windows builds
7d28e46 Fix os_win32 build
0b40247 Remove Network Security Service (NSS) support
d166947 schannel: Reject subject_match, altsubject_match, suffix_match
59051f8 TLS: Reject subject_match, altsubject_match, suffix_match
f8717ac GnuTLS: Reject subject_match, altsubject_match, suffix_match
e24aef1 Fix a typo in domain_suffix_match documentation
394b547 Improve subject_match and domain_suffix_match documentation
8a42a07 trace: Fix out-of-memory testing logic
79cd993 Add address masks to BSSID lists
b83e455 Add network specific BSSID black and white lists
b3d6a0a Add generic parser for MAC address lists
21c74e8 nl80211: Use a helper function to put mesh_id
85e1fad nl80211: Use a helper function for putting beacon interval
6dfc557 Remove mesh_ht_mode network block parameter
54fe48b mesh: Use the shared function with IBSS to determine channel parameters
f7e889f mesh: Convert channel configuration to use common routines
6334330 mesh: Use a separate variable to track whether HT is enabled
1fc4ab2 nl80211: Move debug prints into nl80211_put_freq_params()
cae87ab nl80211: Add a helper function for putting basic rates
6b8b077 ibss/mesh: Enable HT40 if supported
a828f62 Make check_40mhz_2g4 common
fdd989d Make check_20mhz_bss common
0e550fe Make check_40mhz_5g common
6d5d098 Make get_pri_sec_chan() common
5144274 Introduce common allowed_ht40_channel_pair()
5f10b7f Use common hw_get_freq/hw_get_chan helpers in hostapd
269dfe2 Introduce common hw features
1830817 IBSS: Add WPA_DRIVER_FLAGS_HT_IBSS
f3b8ad4 SAE: Implement retransmission timer
a206e2a SAE: Centralize function for sending initial COMMIT
28c91ee bsd: Fix parsing of ieee80211req_scan_result on FreeBSD and DragonFly
96d1d97 Android: Remove hardcoded ICU include paths from hs20-osu-client
a354bcc D-Bus: Use NoMemory error message from CreateInterface
635874b Handle interface disabled/enabled more consistently
8f2cf37 P2P: Indicate reason=UNAVAILABLE for group netdev going down
86a7fbb Verify that eloop_register_read_sock() succeeds for ctrl_iface setup
27d9701 Fix a memory leak on WPA authenticator error path
c1c07dc Fix hostapd interface addition error path
a156ffd Add support for testing memory allocation failures
52b3943 D-Bus: Fix interface unregistration on error path
96dc9a6 D-Bus (old): Fix interface unregistration on error path
ef03557 Fix memory leak on wpa_supplicant_init_wpa() error path
52a8058 TDLS: Fix an interface addition error path
f2d5728 D-Bus: Fix string array dict entry parser in out-of-memory case
c61bc23 D-Bus: Fix byte array dict entry parser in out-of-memory case
dacf605 D-Bus: Fix Introspect() in case of os_strdup() failure
68a8669 D-Bus (old): Fix wpsReg error message
f0614bc D-Bus (old): Fix message handler error paths
a2af1c7 D-Bus (old): Fix memory leak on error path
3d2e2d5 trace: Fix compiler warning on 32-bit builds with bfd support
b9f6560 eloop: Fix WPA_TRACE tracking in case of realloc failure
e10422c Fix memory leak on hostapd BSS addition error path
2801659 Fix hostapd initialization error path on allocation failure
d58ade2 nl80211: Fix compilation with libnl 1.1 and 2.0
51f3427 crypto: Clear temporary stack buffers after use
77a2c39 crypto: Clear temporary heap allocations before freeing
a15a7fc DH: Clear memory explicitly on private key deinit
77c45e2 Add wpabuf_clear_free() to allow clearing of freed memory
a90c7d9 OpenSSL: Fix pbkdf2_sha1() wrapper
f6ebbcf AES-SIV: Make aes_s2v() static
dcf8fbc nl80211: Simplify event processing error paths
38751d8 nl80211: Remove cfg80211 state mismatch workaround for authentication
64ae244 nl80211: Check support for rekey offload on first use
Change-Id: Ice94c3cf8e39a6d2cac993aacd0f6d45b31c7c15
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 6c0da2bb83f6915d8260912362692d1a742e057b |
|
05-Jan-2015 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 8b48e3200680f71ae083b84793e6bdc2099416d2 [DO NOT MERGE]
8b48e32 wpa_cli: Add MAC address randomization in scan
fb37588 ctrl_iface: Add MAC address randomization in scan processing
56c76fa scan: Add MAC address randomization in scan handling
86056fe nl80211: Handle MAC address randomization in scan/sched_scan
ff23ed2 driver: Add definitions for MAC address randomization in scan
7db53bb wpa_cli: Implement TDLS start/cancel channel switching commands
72b2605 nl80211: Pass TDLS channel-switch start/stop params to kernel
6b90dea TDLS: Propagate enable/disable channel-switch commands to driver
d9d3b78 TDLS: Track TDLS channel switch prohibition in BSS
4daa572 TDLS: Add channel-switch capability flag
ca16586 Sync with wireless-testing.git include/uapi/linux/nl80211.h
8c42b36 WMM AC: Reconfigure tspecs on reassociation to the same BSS
677e7a9 WMM AC: Do not fail on unknown IEs in Association Response
fecc2bb WMM AC: Delete tspecs on roaming
20fe745 WMM AC: Print user-priority in wmm_ac_status
730a0d1 nl80211: Always register management frames handler
...
209702d Add possibility to set the setband parameter
ee82e33 Do not trigger the scan during initialization on Android platforms
e69ae5f Reject new SCAN commands if there is a pending request
...
59d7148 nl80211: Provide subtype and reason code for AP SME drivers
9d4ff04 Add external EAPOL transmission option for testing purposes
61fc904 P2P: Handle improper WPS termination on GO during group formation
58b40fd P2P: Clear p2p_go_group_formation_completed on GO start
c155305 Complete sme-connect radio work when clearing connection state
debb2da P2P: Report group removal reason PSK_FAILURE in timeout case
51465a0 The master branch is now used for v2.4 development
Change-Id: I9b9cfa5c5cd4d26b2f3f5595f7c226ac60de6258
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 9ead16e203b81d44a2d84eadc2901ceeb7daf805 |
|
07-Oct-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit d5fe4e6c18d94465e8fb4527d51df6e8539c4d6a
d5fe4e6 Reserve QCA vendor specific nl80211 commands 34..49
a256506 AES: Extend key wrap implementation to support longer data
eefec1e AES: Extend key wrap design to support longer AES keys
98a1571 OpenSSL: Clean up one part from the BoringSSL patch
a857296 Support building with BoringSSL
1236eda Android: Remove ctrl_interface=wlan0 from config template
9ffd512 Android: Set pmf=1 to default template
45d8501 Fix out of bounds memory access when removing vendor elements
a61fcc1 Clean up authenticator PMKSA cache implementation
cb129db Clear PMKSA cache entry data when freeing them
8c8d26a Remove unnecessary PMKSA cache freeing step
9c82990 Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
47ea24c Fix PMKSA cache timeout from Session-Timeout in WPA/WPA2 cases
dc152f3 wpa_supplicant: Enable HT for IBSS
4ec6837 wpa_supplicant: Use hostapd_freq_params in assoc_params
43f02e6 wpa_ctrl: Update wpa_ctrl_recv() documentation for non-block behavior
1274ec2 dbus: Add an interface configuration entry to set the WPS methods
3e0272c nl80211: Re-read MAC address on RTM_NEWLINK
5dfbd72 nl80211: Add get_bss_ifindex() helper
f1a6131 P2P: Use only the -m config for P2P management device
08d7665 TDLS: Use WMM IE for propagating peer WMM capability
17729b0 TDLS: Fix concurrent setup test for mac80211 drivers
984dadc TDLS: Set the initiator during tdls_mgmt operations
01cb5df Sync with wireless-testing.git include/uapi/linux/nl80211.h
ca3c6b4 nl80211: Fix compatibility with older version of libnl
d76426c TDLS: Filter AID value properly for VHT peers
Change-Id: Ia2156628a590c502d9111de2727da642ff435d9a
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 717574375e969e8272c6d1a26137286eac158abb |
|
02-Jun-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 801e117376e13d5b3c50f1627b93a949529fdf99
801e117 Fix validation of RSN EAPOL-Key version for GCMP with PMF
3d4d234 FT: Fix GTK rekeying after FT protocol
d3d0483 nl80211: Work around error case prints for nl_recvmsgs on Android
8a387a2 P2P NFC: Fix use of freed memory
df48efc Fix external radio work stopping to not read freed memory
13c3303 SAE: Fix memory leak in random number generation
d92bdf9 hostapd: Make sure hapd->drv_priv gets cleared on driver deinit
438e133 hostapd: Use helper function to avoid duplicate deinit calls
ac1a224 hostapd: Clean up if interface setup fails
81c4fca hostapd: Reset hapd->interface_add properly
3fbd036 hostapd: Prevent double interface disabling from segfaulting
ea39367 nl80211: Fix wpa_driver_nl80211_if_add() failure paths
b77aeae Interworking: Re-trigger scan if no connect attempt is done
b523973 RADIUS client: Trigger failover more quickly if socket is not valid
09844c0 RADIUS client: Do not flush pending messages if server did not change
5d67bf1 hostapd: Fix configuration of multiple RADIUS servers with SET
70d4084 RADIUS client: Fix socket close/re-open on server change
d045cc8 RADIUS client: Fix crash issue in radius_client_timer()
c1fb75a RADIUS client: Handle ENETUNREACH similarly to other failure cases
9ed4076 RADIUS client: Do not try to send message without socket
cc0b7cb hostapd_cli: Fix segmentation fault with interface command
114153b P2P: Debug print channel lists for invitation processing
4eb3b76 OpenSSL: Fix OCSP certificate debug print to use wpa_printf
f6fb192 HS 2.0R2: Fix subscr_remediation_method for RADIUS server
74879f3 Remove extra newline from a debug print
Change-Id: I82d4f00501fabb8b325e4461178b45e7b2c0178e
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 26af48b2fcdee1b88e4092a9078cb7c9bf79da6e |
|
09-Apr-2014 |
Jouni Malinen <jouni@qca.qualcomm.com> |
OpenSSL: Detect and prevent TLS heartbeat attack
Some OpenSSL versions have vulnerability in TLS heartbeat request
processing. Check the processed message to determine if the attack has
been used and if so, do not send the response to the peer. This does not
prevent the buffer read overflow within OpenSSL, but this prevents the
attacker from receiving the information.
This change is an additional layer of protection if some yet to be
identified paths were to expose this OpenSSL vulnerability. However, the
way OpenSSL is used for EAP-TLS/TTLS/PEAP/FAST in hostapd/wpa_supplicant
was already rejecting the messages before the response goes out and as
such, this additional change is unlikely to be needed to avoid the
issue.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 7d5c8f257a74ac0d12828962a492e8b84ef83923 |
|
03-Mar-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 5f7e1c06cd428888a2ed4fa763c5da37a873e422
5f7e1c0 Redirect more frames with ext_mgmt_frame_handling=1
7738163 RADIUS server: Copy IPv4 address only when IPv6 is not used
508e24c dbus: Clean up error reporting for TDLS peer address parsing
3b6170b WPS: Remove duplicate variable setting
78789d9 Remove unnecessary variable initialization
a7c37d9 dbus: Remove duplicated variable assignment
e997bc7 Remove a static analyzer warning about unused variable write
ea3b8c1 Do not use a separate variable for tracking first entry in a list
8a4ce28 WPA: Clean up cipher suite counting in write routines
6ed626d Remove unused gid_str pointer update
749fa14 Debug print trailing WPA/RSN IE bytes, if any
a5802c0 OpenSSL: Avoid never-used analyzer warning
7b6e815 Clean up hostapd add_iface error path operations
67adcd2 WNM: Check wpa_s->current_bss more consistently
3ff8073 EAP-FAST: Use clear eap_get_config() result validation
a8716d1 roboswitch: Verify that register read succeeds before comparing res
3d91a04 DFS: Make sure center frequency is always initialized for VHT
fa0a9f5 trace: Fix memory use on no-function name path
bd27b13 Make code path easier for static analyzers
64abb72 nl80211: Allow old r-o-c offchannel TX to be tested
fa72a88 P2P: Fix validation on Invitation Request error path
ca412c7 Remove unreachable return statement
2af4d87 GAS: Fix additional comeback delay with status code 95
07d462c Interworking: Remove unused password setting for SIM credential
3141b82 Add OSEN to proto config field writer
b908c50 Clear hostapd bss entry to NULL on add-interface-failure
0052ce4 atheros: Add support for OSEN
Change-Id: Ifd78a8f8259e5b0f654d3dbadd24c9ab029d3afb
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 745be3f298f4a0899238a99d96b7ed804edd3329 |
|
20-Feb-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Android: Remove explicit SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
Now wpa_supplicant allows to set these options dynamically per network
by adding to 'phase1' "tls_disable_tlsv1_1=1" or "tls_disable_tlsv1_2=1"
Change-Id: I954af5356833bed5b78c4ebf4a50c788ba984114
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 13ca8d8ea51a1aa5e24c6c956473a11b0c7daed4 |
|
20-Feb-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 848905b12abf2df650c43cb821d36a13246baacb
848905b Avoid undefined references with CONFIG_WPA_TRACE_BFD=y
9e38836 wpa_debug: Remove 2048 byte message length limit
f667e03 P2P: Address few issues seen with P2P SD
e9a6f18 TLS: Add tls_disable_tlsv1_1 and tls_disable_tlsv1_2 phase1 params
cb10c7d RADIUS DAS: Add support for NAS identification attributes
0d7c5e1 RADIUS DAS: Remove PMKSA entry on Disconnect-Request
d87a6ac WPS: Fix STA state validation when processing PutWLANResponse
Change-Id: I4799cad2fe661db567eb3a92af2b3eefb7c96dab
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| ec58b164a608cbc1d99e71bb3d86ef4b263377dc |
|
19-Feb-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit ac494fcce4270dbd076ab1d167dbffd6e0f7060b
ac494fc Android: Use external libnl 2.0 dynamic library
b7cac41 Fix hostapd and wpa_supplicant build with binutils >= 2.24.x
b62d5b5 Revert "OpenSSL: Do not accept SSL Client certificate for server"
94a3df5 P2P: Enable U-APSD support on GO automatically
a5527a4 P2P: Add more debug prints for Probe Request processing
Change-Id: Ic3354f72b7399b8de86c74018de7a8c1275d893a
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 96be6222df414a7dde5c5b1b72df22e67b1a77fc |
|
13-Feb-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 7ae7a84eefd43ed9385e2f8f520a918468f87178
7ae7a84 NFC: Workaround nfcpy message debug exception
6ceb95c Avoid NULL dereference in ieee802_1x_get_mib_sta() printf
97efe70 wpa_supplicant: Fix NULL dereference in tls_verify_cb()
c0c11af wpa_supplicant: Fix NULL dereference in eap_fast_parse_end()
93a1cae Remove unnecessary NULL check
1e2ffc6 Fix theoretical NULL dereference in debug printf
cbf21c7 P2P: Avoid compiler warning in p2p_supplicant.c
5479ff9 DFS: Avoid compiler warnings in src/ap/dfs.c
5e6aa04 wpa_supplicant: Fix memory leak in wfd_subelems error path
88853ae Fix CONFIG_WPS_NFC=y build without CONFIG_P2P=y
7ac7fd4 Add bssid/freq hint for driver-based BSS selection
92484e2 Start using unodified Developer Certificate of Origin v1.1
56ec49c Sync with wireless-testing.git include/uapi/linux/nl80211.h
b64afe2 Fix SAE state validation on AP
d6bfaaa NFC: Add summary and success file options for nfcpy scripts
25cfc6f P2P NFC: Add p2p-nfc.py --handover-only option
7bea076 P2P NFC: Clean up p2p-nfc.py error handling
b0d18bc WPS: Make UUID-from-MAC Address easily available
825fb6b P2P: Do not indicate P2P_FIND failure if p2p_scan is in progress
8c18fcc WPS: Add more debug information to M7 AP Settings
d7a15d5 WPS: Indicate current AP settings in M7 in unconfigurated state
d55fc03 P2P: Handle unexpected GO Neg Req reject message more cleanly
062a7c0 Fix persistent P2P connection failure in case channel list changes
Change-Id: I5c400a6503f9f00d259ff225999593958322a1ba
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| fb79edc9df1f20461e90e478363d207348213d35 |
|
10-Jan-2014 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 95fb2db2420d8fa291fd6423cc6dbcd042f4eb46
95fb2db P2P: Reject group formation on WPS provisioning failure
6fc61e1 Fix TX status processing during AP mode shutdown in wpa_supplicant
90a545c nl80211: Clean up netlink parsing and debug prints
b6a9590 Interworking: Keep up to two pending GAS_REQUEST responses
090b8e3 Update copyright notices for the new year 2014
991aa9c nl80211: Move CS supported flag to wpa_driver_capa
f0cbb98 Add DRIVER-STATUS command for hostapd
188ebcd EAP-IKEv2 peer: Fix a memory leak in notify round
a190189 Remove PEAPv2 support
16a19dd EAP-pwd peer: Allow fragmentation limit to be configured
60bf585 EAP-IKEv2 peer: Allow fragmentation limit to be configured
ea6fc58 WPS: Convert printf() debug print to use wpa_printf()
c4b8c71 EAP-GPSK: Report CSuite negotiation failure properly
5a0f596 EAP-GPSK: Allow forced algorithm selection to be configured
5f01c3c EAP peer: Improve failure reporting from METHOD with no eapRespData
7271ee8 Fix EAP-GPSK server compilation for SHA256 cipher suite
356d148 Interworking: Add optional freq argument to INTERWORKING_SELECT
a09ffd5 Fix req_scan-deplete-timeout and update eloop API for this
083916c P2P: Clear p2p_disabled and p2p_per_sta_psk on FLUSH command
3f45fc4 P2P: Clear services on FLUSH command
1f965e6 Allow external programs to request wpa_radio work items
6428d0a Do not start wpa_radio work during externally triggered scan
6470f47 Remove unneeded scan delay on connection-in-progress
4bb2321 Remove unneeded GAS query delay on connection-in-progress
6ac4b15 Use wpa_radio work for connection
b9e6d70 Use radio work for GAS requests
e05e130 P2P: Use radio work to protect offchannel Action frame exchanges
e1d1c8e Use radio work for P2P Listen requests
1b5d471 Use radio work for P2P scan requests
d12a51b Use radio work for scan requests
b1ae396 Add framework for exclusive radio operations
dd43aaa Add helper functions for cloning and freeing scan parameters
06f9acc Ignore externally triggered scan results with scan_res_handler
c9b5559 Clean up ctrl_iface debug prints for monitor events
d31b5ac Use cleaner debug print for ctrl_iface commands with private info
9595151 Remove duplicated RX ctrl_iface hexdump
9b85079 Fix scan-cache-clearing operation to avoid unnecessary cases
2f30cac Avoid unnecessary key clearing operations
466bcf9 Remove some unnecessary EAPOL port (un)authorized callbacks
949938a Ask driver to report only new scan results if requested
a1a31b6 Remove hostapd dump_file functionality
ea23df6 Make EAPOL dump data available through ctrl_iface STA command
96ea74b Convert EAPOL authenticator dump into easier to parse format
ca3b71c Remove hostapd dump_file data that is available through ctrl_iface
4c03a2b Make RADIUS server MIB available through control interface
f538be3 Add more STA information into the ctrl_iface STA command
101bdc2 Remove forgotten notes about already removed driver wrappers
7006753 Update EAP-FAST note regarding OpenSSL support
17b79e6 nl80211: Initial support for vendor commands and events
5890fa8 WPS: Fix clear-from-timeout handling to avoid race condition
c64e3a0 P2P: Send received Presence Response information to ctrl_iface monitors
f7fb676 ACS: Mark acs_fail() static
3cf06c9 OpenSSL: Include sha1/sha256 header files to verify declarations
5ace51a WNM: Clean up le16 variable use to avoid sparse warnings
c583868 Mark wpas_wps_er_nfc_handover_sel() static
8cf1e68 Move declaration of hostapd_acs_completed() into correct header file
0187c41 Declare wpa_debug_* variables in src/utils/wpa_debug.h
fcc6123 Declare wpa_drivers in src/drivers/driver.h
0d79b50 Clear EAPOL Logoff state on FLUSH command
327b01d nl80211: Add driver param for forcing monitor and connect APIs
6f06766 nl80211: Fix nl_mgmt handling in partial error case
4ea6a47 nl80211: Prefer newer scan result over older during duplicate removal
2eef517 nl80211: Report set_supp_port failures in debug log
a0bdd19 nl80211: Share a helper function for connect and associate commands
e00d546 Remove unnecessary build #ifdef from definitions
4848a38 Get rid of duplicated cipher suite and AKM definitions
de4ed4a nl80211: Use helper functions for cipher suite mapping
a565084 nl80211: Set control port for NL80211_CMD_COMMAND
ef93abd WPS: Clean up UUID debug print
35f3d3e nl80211: Clean up regulatory rule debug prints
880de88 nl80211: Print frame registration match on same debug line
03ed332 Interworking: Allow cred blocks not to be saved to a file
04f7ecc Reset WPA parameters to default values on FLUSH command
152cff6 P2P: Remove WPA_DRIVER_FLAGS_P2P_MGMT option
538d6f4 WPS: Use shorter scan interval during pre-provisioning search
3187fd9 WPS: Replace wpas_wps_in_progress with identical wpas_wps_searching
4414d9e SAE: Fix ECC element y coordinate validation step
069fb47 EAP-EKE: Allow forced algorithm selection to be configured
3a88914 Remove unused information element parsing data
dbfb8e8 Remove unnecessary EVENT_RX_ACTION
1450e1e Define __maybe_unused
912b34f Do not process Action frames twice in hostapd SME/MLME
006309b Fix whitespace style
6780713 WPS: Remove unused send_wpabuf()
e912986 tests: Verify concurrent WPS protocol run with assigned PIN
8aaafce Make local UUID available through ctrl_iface STATUS command
0e22b8d WPS: Make sure reconfiguration timeout is not left behind on deinit
75d1d0f WPS: Allow testing mode to disable 2.0 functionality
f7e2542 Remove unused wps_device_data_dup()
c89d9db Remove unnecessary extra tracking of eloop registration
c86bf16 Replace unnecessary hex_value() with hex2byte()
7b02375 Clear wps_fragment_size on FLUSH command
aa189ac Enable FT with SAE
2d2ecf5 nl80211: Fix protected Action frame reporting for AP mode
db76aa6 Fix PeerKey 4-way handshake
7732729 Fix PeerKey deinit behavior
8d321a7 WNM: Move disassociation imminent sending to wnm_ap.c
b76f4c2 hostapd: Make STA flags available through ctrl_iface STA command
aa03dbd Remove IEEE80211_REQUIRE_AUTH_ACK
121f2ab Remove unused STA flags
3578e66 WNM: Add STA flag to indicate the current WNM-Sleep-Mode state
4776897 WNM: Fix AP processing without wnm_oper driver callback
2025cad WNM: Move ESS Disassoc Imminent sending to a helper function
28ab64a WNM: Minimal processing of BSS Transition Management Query/Response
2cd0f6a WNM: Add Target BSSID into BSS Transition Management Response
a8a6a35 WNM: Use nonzero dialog token in BSS Transition Management Query
629edfe WNM: Fix Sleep Mode AP processing in open network
3c1060f WNM: Add debug logs to get the RSSI from the scan results
dff1e28 Initial handling of GTK-not-used cipher suite
51e3eaf OpenSSL: Do not accept SSL Client certificate for server
6bf61fb OpenSSL: Use certificates from TLS authentication in OCSP stapling
c962947 WPS ER: Fix deinit timeout handling with delayed/failing unsubscribe
7b75c30 WPS: Reschedule AP configuration reload on EAP completion
c511b32 WPS: Remove old duplicate network even if key is different
9d2cb3e Make CONFIG_TESTING_OPTIONS=y enable all testing options
662b40b WPS: Reduce scan wait time during WPS processing
015af91 Do not use results from externally requested scan for network selection
1cd93ff Reschedule own scan request if an externally started one is in progress
dc3906c Show timing information about scan requests in debug log
d81c73b Optional scan id for ctrl_iface SCAN requests
a5f40ef Track whether scan was started by us or an external program
18ae237 Fix comment format
88c2d48 Allow passive scan to be requested with SCAN passive=1
3ae3ec2 nl80211: Add scanned frequencies/SSIDs into debug log
69278f7 Remove unused last_scan_full
1f5d2dd Interworking: Allow EAP-FAST to be used
6ffa168 Add GAS-QUERY-START and GAS-QUERY-DONE event messages
93827f4 hostapd: Allow external management frame processing or testing
fee5234 Allow channel list to be specified for SCAN command
98eda9c Move int_array helpfer functions to utils/common.c
a4cfb48 Add make lcov-html to generate code coverage report
bee25cc nl80211: Fetch cipher capabilities from the driver
4daa011 Clean up cipher capability prints
35c2006 Convert wpa_hexdump functions to use void pointer instead of u8 *
5f9c134 Remove obsolete license notifications
bd1e328 Android: Remove old WEXT extensions
bad5cdf Verify that beacon setup succeeds before proceeding
7d7f7be Verify group key configuration for WPA group
30675c3 Add definitions for new cipher suites from IEEE Std 802.11ac-2013
13b24a7 VHT: Use status code 104 to indicate VHT required
ab41595 wpa_supplicant: Fix crash when terminating all interfaces
76aab03 Add secondary channel IE for CSA
8f4713c Store entire CS freq_params and not only freq
13daed5 Include driver.h in hostapd.h
a12d345 wpa_supplicant: Use monotonic time for last_scan check
51bffab WPS: Use monotonic time for AP connection attempt
6473e5c wpa_supplicant: Use relative time for TKIP Michael MIC failures
4e1eae1 wpa_supplicant: Use monotonic time for temp-disabled networks
151ab80 P2P: Use monotonic time for GO client waiting
3326f19 IBSS RSN: Use monotonic time for reinit detection
196a217 WPS_UPNP: Use monotonic time for event debouncing
864c9af wps_registrar: Use monotonic time for PBC workaround
61e98e9 wps_registrar: Use monotonic time for PBC session timeout
3647e5a wps_registrar: Use monotonic time for PIN timeout
3618618 rsn_supp: Use monotonic time for PMKSA cache expiry
c2be937 wpa_supplicant: Use monotonic time for EAPOL RX workaround
e72a001 bgscan: Use monotonic time
e05f060 rsn_supp: Do not track expiration time
5870717 RADIUS server: Use monotonic time
4012804 RADIUS client: Use monotonic time
acb69ce wpa_supplicant: Use monotonic time for RX/BSS times
46b8d4c wpa_supplicant: Use monotonic time for SA query timeout
f073fde EAP server: Remove SIM-DB pending timestamp
636e19a wpa_ctrl: Use monotonic time for request retry loop
7ffe7d2 AP: Use monotonic time for MMIC failure/TKIP countermeasures
dd4e32b AP: Use monotonic time for PMKSA cache
0fc545a AP: Use monotonic time for STA accounting
3e06180 bgscan_learn: Start scanning from the first freq
f4c73ae bgscan_learn: Fix initial interval
7dab119 bgscan_learn: Avoid redundant frequencies
3727123 bgscan: Stop bgscan only on disassociation
b2838ba Update IBSS documentation to include RSN option
429dd9a Advertise QoS Map support based on driver capability
049105b nl80211: Add support for QoS Map configuration
74ddd64 nl80211: Sync with mac80211-next.git
9fcd300 nl80211: Sync with wireless-testing.git
Change-Id: Iabdd88d9cabd478a41c3cb0a8d061b425cc1beca
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| fa3fc4a1ac08ad14272301c7f6f01b362997c3e4 |
|
21-Nov-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 594516b4c28a94ca686b17f1e463dfd6712b75a7
594516b Use monotonic clock for relative time for eloop if available
461e3eb Fix and work around some MinGW compilation issues
81cbc04 Fix compiler warning for OpenSSL without HAVE_OCSP
68d628a hostapd: Fix interface enabling/disabling and DFS
1cba9be STA: Cancel sched_scan while initiating wps_reassoc
215a02f Add Wi-Fi Direct to the build configuration example
ca9c14f dbus_new: Add documentation for D-Bus TDLS methods
6fc4848 P2P: Short scan wait to speed up the group re-invocation
93a06fe Fix QoS Map Configure frame use
Change-Id: Id76002ca7fa742b6533e7e592ffd3867886dc50e
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| ff07917b8921a2a178ed9188a63b166af144ae53 |
|
08-Nov-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Android: Minor sync with mainstream code
Change-Id: Ia7b165534577394e0117318e6655d14a3a1d9d2d
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 68d0e3ed07847339aedfac8e02f50db68c702e52 |
|
29-Oct-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 32b62704fac6af74f60b2effb173474e11ff089d
32b6270 Android: Fix ARRAY_SIZE() compilation
7617388 Interworking: Report STATUS:sp_type even if domain is not configured
c20bc9d P2P: Remove compiler warning without CONFIG_IEEE80211N
ca9bc5b P2P: Add VHT support
20ea1ca P2P: Add VHT parameter to P2P operations
53cfad4 nl80211: Mark VHT 80 MHz channels
f2112b2 wpa_supplicant: Add CONFIG_IEEE80211AC
6b02335 hostapd: Mask out not-supported VHT capabilities
7f0303d hostapd: Verify VHT 160/80+80 MHz driver support
c781eb8 hostapd: Verify VHT capabilities are supported by driver
b29b012 Fix some VHT Capabilities definitions
7066a8e hostapd: Fix wrong VHT configuration capabilities flags
6651f1f nl80211: Use max tx power from regulatory domain
7ac3616 nl80211: Replace perror() and printf() calls with wpa_printf()
4d9fb08 WPS: Clear known_wps_freq in addition to after_wps
d20c340 Interworking: Clear known_wps_freq for network selection
f3be6ee tests: Allow test case descriptions to be written into database
1bd05d0 Interworking: Force normal scan for network selection
51e9f22 P2P: Add option to allow additional client channels
556b30d P2P: Add option to remove channels from GO use
e7ecab4 Use ARRAY_SIZE() macro
39044a7 Introduce ARRAY_SIZE() macro
2e94624 DFS: Handle radar event when CAC actived correctly
5eaf240 DFS: Fix overlapped() function to check only DFS channels
345276a DFS: Adjust center freq correctly for VHT20/VHT40
1dc17db DFS: Fix available channels list for VHT80
34068ac nl80211: Add debug prints on nl_recvmsgs() failure
10b8592 nl80211: Make eloop sockets non-blocking
5f65e9f nl80211: Abstract handling of sockets on eloop
e8d1168 nl80211: Register for IBSS auth frames before eloop
03610ad Clean up get_seqnum() use for IPN
29179b8 Stop ctrl_iface monitor send loop on reinit failure
a2a535f Remove unnecessary wpa_s->conf checks
3318376 Add explicit buffer length checks for p2p_build_wps_ie()
0f01201 Verify that readlink() did not truncate result
f5eb9da nl80211: Clean up if_add() for hostapd use
a288da6 OpenSSL: Fix memory leak on error path
6cb4f11 nl80211: Fix strerror() value in P2P Dev debug messages
35f8363 DFS: Add forgotten break statement
2f243b8 Remove os_strncpy()
24f051e Replace remainining strncpy() uses with strlcpy()
41c526f P2P: Fix snprintf buffer length for group ifname backup
Change-Id: I2e1506cb9219a5a37efbb2ae0dc180fb081c809f
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 051af73b8f8014eff33330aead0f36944b3403e6 |
|
22-Oct-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 538922a628d4f5403b9a96b171a59235bcb3d921
538922a dbus: Add boolean AllowRoam option to Scan() method options dictionary
c6f5dec Don't start second scan when changing scan interval
cd3b070 nl80211: Fix DFS radar event parsing
2b72df6 nl80211: Free BSS structure even if netdev does not exists
41cc50d nl80211: Update send_action_cookie on AP-offchannel-TX path
313424d GAS: Add support for multiple pending queries for the same destination
cbc5484 GAS: Do not start new scan operation during an ongoing GAS query
c377514 GAS: Delay GAS query Tx while scanning/connecting
24c694b GAS: Delay GAS query Tx while another query is in progress
7255983 WPS: Clear after_wps from number of new locations
73b54d6 P2P: Fix Operating Channel in Invitation Request for operating group
dc46fd6 P2P: Cancel offchannel TX wait on Invitation Response RX
0c92963 D-Bus: Clean up debug print for P2P invitation result
8d82c21 P2P: Fix PD retry channel on join-a-group case
d285888 P2P: Add GO BSS entry details to debug log on join-a-group
512629a P2P: Accept Invitation Response non-success without Channel List
e241b1b eap_proxy: Fix IMSI fetch for home vs. visited network determination
db13605 EAP-AKA/AKA' peer: Allow external USIM processing to be used
569ccf7 EAP-SIM peer: Allow external SIM processing to be used
84dc137 hlr_auc_gw: Add GSM-AUTH-REQ command
a5d44ac EAP peer: Add framework for external SIM/USIM processing
7e8bc7d eapol_test: Initialize BSS lists
bceb843 Send CTRL-RSP command response before processing EAPOL update
b607796 eapol_test: Fix external EAP request mechanism
94de082 eapol_test: Initialize wpa_s->global to fix ctrl_iface
f07bba3 Android: Add dfs.c into build
0cf0af2 WNM: Set Disassoc Imminent flag in ESS Disassoc Imminent frame
f47c145 Interworking: Add required_roaming_consortium parameter for credentials
a83e574 GAS: Update timeout from TX status handler
e88060e HTTP server: Allow TCP socket to be reused
9bc3386 Add test option for specifying hardcoded BSS Load element
9c7e43a Define BSS Load element id
56f5af4 Interworking: Add support for QoS Mapping functionality for the STA
850e1c2 atheros: Add support for QoS Mapping configuration
c551700 Interworking: Add support for QoS Mapping functionality for the AP
ac1bc54 Interworking: Add domain_suffix_match for credentials
463c8ff Interworking: Add support for multiple home FQDNs
01f809c Add AAA server domain name suffix matching constraint
be7963b OpenSSL: Fix code indentation in OCSP processing
899cc14 hostapd: Add support for DFS with 160 MHz channel width
6de0e0c Mark DFS functions static and rename them
58b73e3 hostapd: DFS with 40/80 MHz channel width support
846de15 DFS: Add more parameters to radar events
04e8003 nl80211: Use struct hostapd_freq_params with start_dfs_cac
72c753d hostapd: Split hostapd_set_freq to helper function
e76da50 hostapd: Add AP DFS support
Change-Id: Ie9ed4662ba6d81e6d8b14bccb29ffa192becf0f2
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 5605286c30e1701491bd3af974ae423727750edd |
|
04-Oct-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Cumulative patch from commit 8b3b803ab9fe69650da7e3b2ee9e44f0f054ee0a
8b3b803 Include Extended Capabilities element based on scan results
6903ee6 P2P Extend postponing of concurrent scans for persistent GO
77e3094 hlr_auc_gw: Fix max_chal value validation
3e6547b hlr_auc_gw: Add support for processing command line operations
2b5b875 EAP-AKA server: Fix AUTS processing
9a50ee6 hlr_auc_gw: Update file comments to mention Milenage
5388dc9 Document use of Linux capabilities instead of privileged process
a771c07 Add driver status information to control interface
739faee nl80211: Add some more debug prints for mgmt frame TX
f78f278 nl80211: Fix off-channel Action frame TX from GO with use_monitor
298f518 Get rid of compiler warning in no-CONFIG_CTRL_IFACE builds
ea61aa1 Add no_ctrl_interface config param to clear ctrl_interface
25b65a1 Make sure updated BSS entry does not get added twice to the list
bbc6c72 P2P: Use group formation timeout on persistent group GO
41f8532 P2P: Extend group formation timeout on GO to first data connection
20625e9 P2P: Remove P2P groups on process termination
76fe79e Register wpa_msg callback even if only global ctrl_iface is used
af96448 nl80211: Add more debug prints for send_mlme operations
5d4c78f nl80211: Reset nlmode to station on leaving IBSS
0249c12 Avoid compiler warning with CONFIG_NO_STDOUT_DEBUG=y
ed1bf01 Allow hostapd config file for dynamically added interface
97bacf7 Do not clear hostapd configuration parameters on disable-iface
66f4dd1 hostapd: Fix couple of deinit path cases to clear pointers
f18b781 nl80211: Print more debug info on management frame RX information
89286e9 Re-open ctrl_iface socket on some failure cases as a workaround
3ca96df atheros: Compile fix for driver code not defining IEEE80211_APPIE_FRAME_WNM
762c92a OpenSSL: Split OCSP peer_cert/peer_issuer debug output into parts
f224cf0 HS 2.0: Allow printf format parsing with language:name strings
913c19c Fix wpa_config_parse_string() to null terminate printf decoded values
04e533e Fix language string length validation in parse_lang_string()
742e715 Simplify ctrl_iface sendto() use
6668efd Clear frequency list on empty value
1a9f247 Make scan_freq field to be saved by save_config
aa78cd3 Drop EAP packet with code 10 before EAPOL state machine processing
3cc247a Use configured sched_scan interval for the PNO scan
d047ae6 WPS: Ignore PBC-to-PIN change from M1 to M2 as a workaround
79986bf Print ctrl_iface sendto() failures into debug log
eab2b50 P2P: Cancel group formation timeout on client connection
00eb299 P2P: Fix operation channel configuration update
Change-Id: I9269e23bc8019b951c2a2d3c707562b2e006148b
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 0d16a24facb038db649f4baeb6e6709880adfd98 |
|
12-Jul-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Merge "Accumulative patch from commit 1075b2957169d8f9d6dddd7679339c751dc9515b"
|
| 34af306c42b7ccf956508e7cd23f0ba90606e360 |
|
11-Jul-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Accumulative patch from commit 1075b2957169d8f9d6dddd7679339c751dc9515b
1075b29 P2P: Report group formation failure on error to start GO mode
b62b29e Do not block on ctrl_iface monitor events
eb7ddbf WPS: Stop SSDP service before freeing the pending entries
98cbc0a Remove forgotten Xcode defines
0b9d3b2 Interworking: Relax 3GPP info PLMN matching for MNC
c7a67a7 WPS: Disconnect when removing existing WPS network block
fe65847 EAP-EKE: Add server implementation
7e7610d EAP-EKE: Add peer implementation
489202d EAP-SAKE: Use configured server identity
a607b42 EAP-PSK: Use configured server identity
15b042b EAP-MSCHAPv2: Use configured server identity
162865b EAP-IKEv2 server: Use configured server identity
8f89d82 EAP-GPSK server: Use configured server identity
67fe933 Add server identity configuration for EAP server
06aeff5 dbus: Register the AutoScan method call at the right place
78f79fe P2P: Do not add ctrl interface for P2P_DEVICE (p2p-dev-*)
1c42b42 P2P: Fix TDLS and l2_packet init without P2P Device interface
9e6a321 Fix non-P2P build after the P2P_DEVICE changes
d53d259 Fix build with older OpenSSL versions
54d4ba4 nl80211: Silence a compiler warning with older gcc versions
2e5ba4b P2P: Derive group interface name bit more sensibly
c68f620 P2P: Create P2P Device interface if supported
851b0c5 nl80211: Do not indicate P2P_DEVICE support by default
bb4028f P2P: Ignore p2p_no_group_iface when driver advertizes P2P_DEVICE support
7940c79 nl80211: Use wdev id when cancelling wait for frame using P2P_DEVICE
f608081 nl80211: Verify P2P GO/client address with all interface addresses
5fbcb45 nl80211: Fix determining phy name for P2P Device
27ce1d6 nl80211: Fix nl80211_get_wiphy_index() for P2P Device
080585c Add support for OCSP stapling to validate server certificate
72950ed P2P: Remove a call to wpas_p2p_deinit_global()
ab7a1ad nl80211: Fix P2P group interface creating using P2P Device
fa93de4 nl80211: Use wdev_id in nl80211_create_iface_once()
fdc554b nl80211: Use wdev id to obtain P2P Device scan results
597b94f nl80211: Add .get_mac_addr() callback for P2P Device
8e12685 nl80211: Rework setting interface mode
91724d6 nl80211: Introduce i802_set_iface_flags()
eb4582f nl80211: Remove P2P Device interface upon .deinit()
f632e48 nl80211: Fix P2P Device interface initialization
e472e1b nl80211: Handle creation of P2P Device interface
01517c8 nl80211: Allow Android P2P functionality
6bae92e nl80211: Add support for P2P Device in add interface
d6dcfcd nl80211: Add a handler to create_interface
d3aaef8 nl80211: Hold wdev identification for P2P Device
7aad838 nl80211: Identify if nl80211 is capable of P2P Device abstraction
6a71413 nl80211: Rename is_p2p_interface
8393e1a nl80211: Print interface name on set_key()
80ebfd9 VLAN: Avoid access to non-existing interfaces
4345fe9 bridge: Track inter-BSS usage
459eee9 bridge: Use safe default bridge interface
2aaeedf bridge: Give bridge name in per-bss configuration
8a901d7 D-Bus: Emit signal when a station is authorized or deauthorized
9578329 Add AVG_RSSI report in signal_poll
2cc8d8f Add bandwidth and center freq info to signal_poll
1e0e943 Remove 802.11b rates only in case of P2P group operation
2090a0b nl80211: Add prints for kernel events
8743676 TDLS: Validate ext_supp_rates in copy_supp_rates
85b4eac P2P: Do not reply to 802.11b-only Probe Request frames as GO
ec7b97a Interworking: Add support for using eap_proxy offload
4331263 Fix session timeout after ANQP dummy STA entry with SME-in-driver
56cb4e1 wpadebug: Add option to ignore SSL errors
aa20e1a Remove CONFIG_NO_WPA2 build parameter
5d5c4ee Remove compiler warnings with CONFIG_NO_SCAN_PROCESSING
9aaa695 Remove compiler warnings if TDLS is enabled without WPA2
84ae1d4 Fix WNM build without WPA2
c33d5eb Fix build without WPA2 or EAP
1aef400 IBSS RSN: Implement disconnect() callback using sta_deauth()
Change-Id: I4593be5b1478f6532da917423b1d2afa95fb8020
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| e6cf61356701e87728df492dee978eb08c994ca0 |
|
27-Jun-2013 |
Kenny Root <kroot@google.com> |
am 65699d14: am 499d6840: Merge "Remove obsolete keystore path"
* commit '65699d14fab37ab374ce46c6192d4e9b56ec26c1':
Remove obsolete keystore path
|
| 7f401806ed4775e4230dc3265d2c70b61c7c7e4e |
|
26-Jun-2013 |
Kenny Root <kroot@google.com> |
Remove obsolete keystore path
It's not possible to get a raw private key from keystore anymore, so
this would fail every time anyway. Remove it so it doesn't confuse
anyone that looks at this code.
Change-Id: I021fc1707b16474d8698c85055a6fcc4095cd215
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| ea69e84a6f4455c59348485895d3d5e3af77a65b |
|
13-May-2013 |
Dmitry Shmidt <dimitrysh@google.com> |
Accumulative patch from commit 455299fb40d79bcbeaedcfbc04d00ac8330bbbdd
455299f nl80211: Fix foreign address filtering for MLME frame events
e679f14 Mark interface disconnected on removal request
3636b89 Do not try auto connect mechanism in disconnected state
0cdb93f Do not add BSS to blacklist on local disconnection request
36b9883 Defer scan if connection is in progress on any of the shared interfaces
7c0e1e2 tls_openssl: Store TLS context per-connection
732118e Rename hostapd_parse_rates() to a more generic int list parser
b113a17 DFS: Add ieee80211h hostapd configuration parameter
695c703 nl80211: Add driver_ops for stopping AP beaconing
f90e9c1 nl80211: Add driver_ops for starting radar detection
fc96522 nl80211: Add channel flags for DFS state information
f295d0c nl80211: Add driver capability flag for radar detection
04be54f nl80211: Add driver events for radar detection
a7505b1 eloop: Allow to run event loop multiple times in a row
6124e85 wpa_supplicant: Allow vifs to scan only current channel
893a0a5 systemd: Fix systemd interface alias
Change-Id: I0a39a6868562cd458202285fed8986ac81a0cef2
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 3f3ca3bb849b192d41b99aae775f6fc52f67118d |
|
13-Nov-2012 |
Kenny Root <kroot@google.com> |
Switch keystore to binder
Change-Id: Idfcff5f2799863075160cc6c2565f2fe774c2552
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 61d9df3e62aaa0e87ad05452fcb95142159a17b6 |
|
30-Aug-2012 |
Dmitry Shmidt <dimitrysh@google.com> |
wpa_supplicant: Update to 29-Aug-2012 TOT
commit 6ffdc2f7bd496ace7a46e055f9714e7db4b1f722
Author: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Fri Mar 2 22:31:04 2012 +0200
WFD: Add preliminary WSD request processing and response
This commit does not yet address support for different device roles,
i.e., the same set of subelements are returned regardless of which
role was indicated in the request.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Change-Id: I9d63acce719b982c02e589bb59602382e82988c8
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 21a1e4c6e69742ba96f610b4b0db2e5a2d95528a |
|
27-Jul-2012 |
Brian Carlstrom <bdc@google.com> |
am 27bf1073: Use SSL_OP_NO_TLSv1_1 SSL_OP_NO_TLSv1_2 SSL_OP_NO_TICKET for better wpa_supplicant_8 interoperability
* commit '27bf1073abe534644cc1146397082cc78873f516':
Use SSL_OP_NO_TLSv1_1 SSL_OP_NO_TLSv1_2 SSL_OP_NO_TICKET for better wpa_supplicant_8 interoperability
|
| 27bf1073abe534644cc1146397082cc78873f516 |
|
26-Jul-2012 |
Brian Carlstrom <bdc@google.com> |
Use SSL_OP_NO_TLSv1_1 SSL_OP_NO_TLSv1_2 SSL_OP_NO_TICKET for better wpa_supplicant_8 interoperability
Bug: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/72
Bug: http://w1.fi/bugz/show_bug.cgi?id=447#c7
Bug: http://code.google.com/p/android/issues/detail?id=34212
Bug: 6883259
Change-Id: Ib53326cc8cd40e800454b7b92586c052bc910ba8
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 04949598a23f501be6eec21697465fd46a28840a |
|
19-Jul-2012 |
Dmitry Shmidt <dimitrysh@google.com> |
wpa_supplicant: Update to 07-Jul-2012 TOT
commit a5ed45586c63ffd8f9d2b44e27c251d7bacbeaf4
Author: Jouni Malinen <j@w1.fi>
Date: Sat Jul 7 13:01:45 2012 +0300
WPS SSDP: Fix socket leaks on error paths
Change-Id: I0864aac7fc88fa2a60f5cca7d524b94363410c85
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| db3c5a43353099fd4771f3b7a13efae905878ce9 |
|
21-Mar-2012 |
Kenny Root <kroot@google.com> |
Use keystore ENGINE for private key operations
The new keystore ENGINE is usable to perform private key operations when
we can't get the actual private key data. This is the case when hardware
crypto is enabled: the private key never leaves the hardware.
Subsequently, we need to be able to talk to OpenSSL ENGINEs that aren't
PKCS#11 or OpenSC. This just changes a few #define variables to allow us
to talk to our keystore engine without having one of those enabled and
without using a PIN.
Change-Id: Iabab5077c3d167a1e13bc8ef8745dc59ad4d62f7
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| c5ec7f57ead87efa365800228aa0b09a12d9e6c4 |
|
07-Mar-2012 |
Dmitry Shmidt <dimitrysh@google.com> |
Update to new version 0.8.22 from BRCM
- Based on 0c01d65 : Ignore TX status for Data frames from not associated
STA
Change-Id: I2776ff8e292593f407bf5b9177640c512e06bf0d
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 1f69aa52ea2e0a73ac502565df8c666ee49cab6a |
|
25-Jan-2012 |
Dmitry Shmidt <dimitrysh@google.com> |
Update to new version 0.8.16 from BRCM
Sync with main tree commit b8349523e460493fa0b4de36c689595109e45e91
Author: Neeraj Kumar Garg <neerajkg@broadcom.com>
Date: Tue Dec 27 23:21:45 2011 +0200
P2P: Reject p2p_group_add if forced frequency is not acceptable
Change-Id: Icb4541a371b05c270e80440d7a7fdea7f33ff61e
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| c55524ad84d13014e8019491c2b17e5dcf13545a |
|
07-Jul-2011 |
Dmitry Shmidt <dimitrysh@google.com> |
Accumulative patch from commit 8fd0f0f323a922aa88ec720ee524f7105d3b0f64
Fix D-Bus build without CONFIG_P2P=y
nl80211: Allow AP mode to be started without monitor interface
nl80211: Process association/disassociation events in AP mode
DBus/P2P: Adding decl for PersistentGroupRemoved signal
DBus/P2P: Rectified type of SecondaryDeviceTypes in device property Get
P2P: Only call dev_lost() for devices that have been dev_found()
wpa_cli: Add missing parameter for P2P_GROUP_ADD command
wpa_supplicant: Respect PKG_CONFIG variable if set in the environment
TLS: Add support for tls_disable_time_checks=1 in client mode
hostapd: Clear keys configured when hostapd reloads configuration
Add dbus signal for information about server certification
Move peer certificate wpa_msg() calls to notify.c
wpa_supplicant AP: Disable AP mode on disassoc paths
wpa_s AP mode: Enable HT20 if driver supports it
Allow PMKSA caching to be disabled on Authenticator
FT: Disable PMKSA cache for FT-IEEE8021X
FT: Clear SME ft_used/ft_ies when disconnecting
8fd0f0f323a922aa88ec720ee524f7105d3b0f64
Change-Id: I6ae333196c36ffa7589662d5269fabfc3b994605
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|
| 8d520ff1dc2da35cdca849e982051b86468016d8 |
|
09-May-2011 |
Dmitry Shmidt <dimitrysh@google.com> |
wpa_supplicant: Initial Revision 0.8.X
Based on:
commit 0725cc7b7efc434910e89865c42eda7ce61bbf08
Author: Jouni Malinen <j@w1.fi>
Date: Thu Apr 21 20:41:01 2011 +0300
Enable CONFIG_DRIVER_NL80211=y in the default configuration
nl80211 should be preferred over WEXT with any recent Linux
kernel version.
Change-Id: I26aec5afbbd4f4a1f5fd900912545b6f5050de64
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
/external/wpa_supplicant_8/src/crypto/tls_openssl.c
|