add private_lib for NL80211 driver. Copied from hardware/broadcom/wlan/bcmdhd/wpa_supplicant_8_lib with minor fixes for x86.]]>
P2P: Validate SSID element length before copying it This fixes a possible memcpy overflow for P2P dev->oper_ssid in p2p_add_device(). The length provided by the peer device (0..255 bytes) was used without proper bounds checking and that could have resulted in arbitrary data of up to 223 bytes being written beyond the end of the dev->oper_ssid[] array (of which about 150 bytes would be beyond the heap allocation) when processing a corrupted management frame for P2P peer discovery purposes. This could result in corrupted state in heap, unexpected program behavior due to corrupted P2P peer device information, denial of service due to process crash, exposure of memory contents during GO Negotiation, and potentially arbitrary code execution. Thanks to Google security team for reporting this issue and smart hardware research group of Alibaba security team for discovering it. Change-Id: I9f350f20cdd010f2c096514b245b4a901ad74e46 Signed-off-by: Jouni Malinen]]>
merge in lmp-mr1-release history after reset to lmp-mr1-dev]]>
Don't write to wpa_supplicant.conf directly There is a chance that wpa_supplicant may get killed during the time it is writing config file. If this happens, user information like SSIDs and passwords can be lost forever. This change works around that by writing config to a temporary file and then renaming the file to the correct name. Bug: 19224089 Change-Id: I1709cdd5e5c6dfa3073e42c644fae941b43401cc Signed-off-by: Vinit Deshpande]]>
merge in lmp-mr1-release history after reset to lmp-mr1-dev]]>
Merge "Return only full network line in list_networks" into lmp-mr1-dev]]>
merge in lmp-mr1-release history after reset to lmp-mr1-dev]]>
Merge "List all networks despite message limit of 4096 bytes" into lmp-mr1-dev]]>
nl80211: Ignore Connect failure for the previous association Suppose there are two APs (AP1 & AP2) and user attempted to connect to AP2 before the previous connection with AP1 could succeed. Now, if the connection event comes for the older AP with failed status, we should just ignore it as the wpa_supplicant state has moved to "ASSOCIATING" with the new AP (AP2). This is a similar to the case where a disconnection event is ignored for a case where local disconnect request can cause the extra event to show up during the next association process following that command. Signed-off-by: Jithu Jance]]>Signed-off-by: vandwalle
Return only full network line in list_networks Change-Id: I81a74db1ba1e4e48397ce779687fffda42cbd8ac Signed-off-by: Dmitry Shmidt]]>
List all networks despite message limit of 4096 bytes This change creates 'LIST_NETWORK LAST_ID=x' form to allow retrieval of all networks saved in the system. Without this form, only first few (whatever fills in first 4096 bytes) can be retrieved. Signed-off-by: Vinit Deshpande]]>
merge in lmp-mr1-release history after reset to lmp-mr1-dev]]>
am 658fb4ad: Work around AP misbehavior on EAPOL-Key descriptor version * commit '658fb4adb9458c3055c64a43833f1a9e89b4db74': Work around AP misbehavior on EAPOL-Key descriptor version]]>
Work around AP misbehavior on EAPOL-Key descriptor version It looks like some APs are incorrectly selecting descriptor version 3 (AES-128-CMAC) for EAPOL-Key frames when version 2 (HMAC-SHA1) was expected to be used. This is likely triggered by an attempt to negotiate PMF with SHA1-based AKM. Since AES-128-CMAC is considered stronger than HMAC-SHA1, allow the incorrect, but stronger, option to be used in these cases to avoid interoperability issues with deployed APs. This issue shows up with "WPA: CCMP is used, but EAPOL-Key descriptor version (3) is not 2" in debug log. With the new workaround, this issue is ignored and "WPA: Interoperability workaround: allow incorrect (should have been HMAC-SHA1), but stronger (is AES-128-CMAC), descriptor version to be used" is written to the log. Bug: 18411110 Change-Id: I9ae12e8882adc9e785f6e4cef9f30b89bf72dcd2 Signed-off-by: Jouni Malinen]]>
merge in lmp-mr1-release history after reset to lmp-mr1-dev]]>
Cumulative patch from commits: a7f5271 and 7465640 a7f5271 Update pending connect radio work BSS pointer on scan update 7465640 Invoke connect work done for all the connection failure cases Bug: 18312770 Change-Id: I5e59edaac24c30bbfdab2e38e8ea902300b0308d Signed-off-by: Dmitry Shmidt]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>
merge in lmp-mr1-release history after reset to a7b06faf528d1765cc2712cc9a31ad45d7c3110b]]>