To make AP related code/config more clear and clean, use
CONFIG_WIFI_NM_WPA_SUPPLICANT_AP for supplicant based AP case,
and use CONFIG_WIFI_NM_HOSTAPD_AP for hostapd based AP case.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Add EAP-TLS, EAP-PEAP-MSCHAPv2, EAP-PEAP-GTC, EAP-TTLS-MSCHAPv2,
EAP-PEAP-TLS, EAP-TLS-SHA256 enterprise wpa2 and wpa3 suiteb
support for sap.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
Add an option for platforms or forks to provide their own hostap
compatible crypto implementation. This may include proprietary or
platform specific stuff that may or may not be upstreamed to Zephyr.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
The format specifier for size_t is zu.
Using d only works when int and size_t are the same
underlying type which is not the case for 64bit systems,
which leads to a build warning in this case.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
The aes_unwrap() and aes_decrypt() functions were missing
if CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE is enabled.
Add missing C files to fix this.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
Added new ops and events in glue layer to support roaming.
Added new flag WIFI_NM_WPA_SUPPLICANT_ROAMING to control roaming
feature.
Signed-off-by: Hui Bai <hui.bai@nxp.com>
WPA control interface timeout is hardcoded to 10s, add a configuration
option to remove the hardcode, this is needed sometimes as a workaround
e.g., crypto taking too long to complete the request.
Work around for #79834, increase the default from 10 to 15s, in positive
case this will have no impact.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Even if the enum contains the same values, the values might
change if the wpa_supplicant sources change or Zephyr values
change. In order to avoid weird errors later and prevent the
following warning, add a conversion functions for the enums.
modules/hostap/src/supp_api.c:1172:23: warning: implicit conversion
from enumeration type 'enum mfp_options' to different enumeration
type 'enum wifi_mfp_options' [-Wenum-conversion]
status->mfp = ssid->ieee80211w; /* Same mapping */
modules/hostap/src/supp_api.c:1190:30: warning: implicit conversion
from enumeration type 'enum wpas_mode' to different enumeration
type 'enum wifi_iface_mode' [-Wenum-conversion]
status->iface_mode = ssid->mode;
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The "enum wpa_msg_type" was not found by default so add needed
include files to get the definitions.
modules/hostap/src/supp_main.h:61:57: warning: ‘enum wpa_msg_type’
declared inside parameter list will not be visible outside of
this definition or declaration
61 | void wpa_supplicant_msg_send(void *ctx, int level,
enum wpa_msg_type type,
const char *txt,
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Both the supplicant_set_btwt() and supplicant_ap_bandwidth() are
not found in Zephyr sources so remove them.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
If CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE is enabled, there
are lot of missing functions reported during linking.
Add missing C files to the compilation to fix this.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Without this there is an error
modules/lib/hostap/src/crypto/fips_prf_internal.c:47: \
undefined reference to `SHA1Transform'
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The P2P support needs EAPOL support in order to avoid a compilation
error about missing eap field in wpa_ssid struct.
modules/lib/hostap/wpa_supplicant/wpa_supplicant.c:5102:65:
error: ‘struct wpa_ssid’ has no member named ‘eap’
5102 | eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
The functions in ip-addr.c are needed in more places than just
for hostapd so add it unconditionally to the build.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
In "connect" all networks are removed and new network is always added,
but in disconnect the network isn't deleted, so, the memory is
unnecessarily held till next connect. This is not exactly a leak, but if
someone profiles using "kernel heap" then this can be construed as a
leak.
Fix this by removing network during the disconnection (for now "all") so
that the memory can be used by someone else.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Add EAP-TLS, EAP-PEAP-MSCHAPv2, EAP-PEAP-GTC, EAP-TTLS-MSCHAPv2,
EAP-PEAP-TLS, EAP-TLS-SHA256 enterprise wpa2 and wpa3 suiteb
support for station.
Signed-off-by: Rex Chen <rex.chen_1@nxp.com>
Fix DPP build error when HOSTAPD enabled and DPP disabled.
Guard hapd_dpp_dispatch in both CONFIG_WIFI_NM_WPA_SUPPLICANT_DPP
and CONFIG_WIFI_NM_HOSTAPD_AP.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
When try to start SAP on channel 12 with region code US, the channel
check will fail and calls supplicant_send_wifi_mgmt_ap_status() with
iface->owner is NULL, which causes DUT hang. Set iface->owner when
enable the SAP can fix this issue.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Enterprise security doesn't have either SAE or PSK, so, using a blanker
else throws a false warning. Fix the checks to proper handler enterprise
mode.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
EAP-FAST has extra requirements (TLS 1.3, session tickets etc) and is
seldom used, so, remove it from Enterprise list and add a separate
Kconfig option.
This solves the build error when Enterprise mode is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Enabling all EAP types for enterprise mode increases
memory usage in both ROM and RAM. Provide config options for each
type to let solutions choose the methods based on their
requirements.
Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
The format of wpa_passphrase and sae_password is wrong when start the
SAP, which leads the invaild MIC check error when other STA try to
connect in security mode. Change the wrong format can fix this issue.
Signed-off-by: Maochen Wang <maochen.wang@nxp.com>
Now that hostap is used k_heap, it needs to reserve the kernel heap not
libc heap.
Fixes#79477.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
This was we can modify it in a single place that works both for native
and OS specific code.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Add crypto module test kconfig option
CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_TEST,
which is default n and hidden.
It is only available by developer for crypto module test.
Signed-off-by: Fengming Ye <frank.ye@nxp.com>
The previous NET_EVENT_SUPPLICANT_CMD_INT_EVENT is from
"enum net_event_supplicant_cmd" but the supplicant_send_wifi_mgmt_event()
has the event parameter as an "enum net_event_wifi_cmd" and those event
number spaces are different.
This meant that the wrong event value NET_EVENT_SUPPLICANT_CMD_INT_EVENT
maps to NET_EVENT_WIFI_CMD_TWT (from "enum net_event_wifi_cmd") which
fortunately did not cause issue in this case because the
supplicant_send_wifi_mgmt_event() has no handling for this TWT event value.
It is important we fix this as this can cause great confusion in the
future.
Signed-off-by: Jukka Rissanen <jukka.rissanen@nordicsemi.no>
Using a separate workqueue causes issues without any special locking to
synchronize with networking threads e.g., interface being removed while
the workqueue is trying to synchronize with WPA supplicant.
It's easier to use the net_mgmt thread which is in better sync with
networking.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
In case of error conditions post successfully sending the message, the
event is already freed but we attempt to free it again.
Rejig the labels to easily reflect thier purpose.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
When an event is sent the receiver gets is asynchronously and hence is
responsible for free the event, the sender should only free in case of
error conditions i.e., unable to send.
Else, this causes a tough to debug double-free.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
In case WPA supplicant disabled DPP, we need to compile out the
corresponding DPP code in Wi-Fi shell too.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
