{"id":2226373,"url":"http://patchwork.ozlabs.org/api/1.2/patches/2226373/?format=json","web_url":"http://patchwork.ozlabs.org/project/hostap/patch/20260422122424.43776-26-andrei.otcheretianski@intel.com/","project":{"id":22,"url":"http://patchwork.ozlabs.org/api/1.2/projects/22/?format=json","name":"HostAP Development","link_name":"hostap","list_id":"hostap.lists.infradead.org","list_email":"hostap@lists.infradead.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260422122424.43776-26-andrei.otcheretianski@intel.com>","list_archive_url":null,"date":"2026-04-22T12:23:16","name":"[25/92] NAN: Add control interface for triggering NAN pairing","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"604a59a2d552f4f6421131c5737c333b852597c6","submitter":{"id":62065,"url":"http://patchwork.ozlabs.org/api/1.2/people/62065/?format=json","name":"Andrei Otcheretianski","email":"andrei.otcheretianski@intel.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/hostap/patch/20260422122424.43776-26-andrei.otcheretianski@intel.com/mbox/","series":[{"id":501001,"url":"http://patchwork.ozlabs.org/api/1.2/series/501001/?format=json","web_url":"http://patchwork.ozlabs.org/project/hostap/list/?series=501001","date":"2026-04-22T12:23:05","name":"Add NAN PASN pairing support","version":1,"mbox":"http://patchwork.ozlabs.org/series/501001/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2226373/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2226373/checks/","tags":{},"related":[],"headers":{"Return-Path":"\n ","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n secure) header.d=lists.infradead.org header.i=@lists.infradead.org\n header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ovGW02+o;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=intel.com header.i=@intel.com header.a=rsa-sha256\n header.s=Intel header.b=daKo5JAg;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=none (no SPF record) smtp.mailfrom=lists.infradead.org\n (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;\n envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from bombadil.infradead.org (bombadil.infradead.org\n [IPv6:2607:7c80:54:3::133])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g0z3l0R6Fz1yCv\n\tfor ; Wed, 22 Apr 2026 22:26:27 +1000 (AEST)","from localhost ([::1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wFWeH-0000000A3oV-1wdR;\n\tWed, 22 Apr 2026 12:25:51 +0000","from mgamail.intel.com ([192.198.163.17])\n\tby bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1wFWdo-0000000A34C-0bCH\n\tfor hostap@lists.infradead.org;\n\tWed, 22 Apr 2026 12:25:18 +0000","from orviesa010.jf.intel.com ([10.64.159.150])\n by fmvoesa111.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 22 Apr 2026 05:25:15 -0700","from iapp347.iil.intel.com (HELO 87c02287900a.iil.intel.com)\n ([10.167.28.6])\n by orviesa010-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 22 Apr 2026 05:25:14 -0700"],"DKIM-Signature":["v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20210309; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:\n\tList-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:\n\tMessage-ID:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:\n\tResent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:\n\tList-Owner; bh=mGlwTIK3jWmvKVazdV/QrSe3hT9ONlm0q1UOD1Tb+no=; b=ovGW02+ouZxaQS\n\t0GQYiTUQt0Y8up26qClISafnjPIv88XXfo7l0JASVjzD2ZcOY7MDcxVf/kC9k1iIFy9U/kj1eoDnD\n\tqoA6uEgrJNO8JvkuQuX488DgS930GPnODZh1CY6k/qhkA0UtcLzpPhhv/taZqEJaCM7VXKM1hafts\n\th9q/jsPv9cvnQ6zwi9eYozYYCSpXdsPUTpV2PfD3HftWQ2uJ1ITIc2MBuabgHCFjkLPT7raeB6MVV\n\t40myAF48tb91zetafhYJoaC1fvKyqT1NFxO+BxQica7TA7IXhNsQByEO8RexXeX9hDnSyhN+ppF2a\n\tH8dPLYurJUHtMVMAwbNw==;","v=1; a=rsa-sha256; c=relaxed/simple;\n d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n t=1776860716; x=1808396716;\n h=from:to:cc:subject:date:message-id:in-reply-to:\n references:mime-version:content-transfer-encoding;\n bh=K3hH3Pxv7/BCc+f9dm2C+zf0WPUxUYQaLxjKK7O1xG0=;\n b=daKo5JAgqhToD3y9D9tl7fG9g57f7q1LU12+ReF3Loe4YigRqgAbTXeH\n 1DuwxthqZvFcgQBmTztkGUY8CB+TiC3ApWr6t7OExQIS+CBEoegN5Hp7F\n r4XNpcdTtlsGEqkhN24PGuZ1woew3SqWp1CG5x8CX7IC3tK79MwXnbvSi\n 9oewzN/8AkfIf1Nd1HFG4lV5MxZP0pwOlVeFJBzcuEeB+d/rWACMt7IW6\n aNQ1uKpU4wZTRIodYtrLKKYlQgmiu7aDtDAOw3jFl50DpUyU8ep5tjuXV\n UjxhbW5+jdQLjc0WlQOm5an5Lznr9WgB6iHi21jdOcoK9/e9Gg4kPMadm\n A==;"],"X-CSE-ConnectionGUID":["AfTtbkyNTxOLpPosJmRMAA==","b0oTP+W7RMOywsfcsSeQWQ=="],"X-CSE-MsgGUID":["HZ5olwjjS62fX1GC+PxLrA==","68OkcNUXSc6xW9LXTe4Uvg=="],"X-IronPort-AV":["E=McAfee;i=\"6800,10657,11764\"; a=\"77687258\"","E=Sophos;i=\"6.23,192,1770624000\";\n d=\"scan'208\";a=\"77687258\"","E=Sophos;i=\"6.23,192,1770624000\";\n d=\"scan'208\";a=\"231444945\""],"X-ExtLoop1":"1","From":"Andrei Otcheretianski ","To":"hostap@lists.infradead.org","Cc":"vamsin@qti.qualcomm.com,\n\tmaheshkkv@google.com,\n\tAvraham Stern ","Subject":"[PATCH 25/92] NAN: Add control interface for triggering NAN pairing","Date":"Wed, 22 Apr 2026 15:23:16 +0300","Message-ID":"<20260422122424.43776-26-andrei.otcheretianski@intel.com>","X-Mailer":"git-send-email 2.53.0","In-Reply-To":"<20260422122424.43776-1-andrei.otcheretianski@intel.com>","References":"<20260422122424.43776-1-andrei.otcheretianski@intel.com>","MIME-Version":"1.0","X-CRM114-Version":"20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ","X-CRM114-CacheID":"sfid-20260422_052516_364777_198E052F ","X-CRM114-Status":"GOOD ( 16.28 )","X-Spam-Score":"-4.4 (----)","X-Spam-Report":"Spam detection software,\n running on the system \"bombadil.infradead.org\",\n has NOT identified this incoming email as spam. The original\n message has been attached to this so you can view it or label\n similar future email. If you have any questions, see\n the administrator of that system for details.\n Content preview: From: Avraham Stern Add control\n interface support for triggering NAN pairing. Supported parameters are the\n authentication mode (SAE, PASN or pairing verification), the cipher to use\n and the publish ID. Add wpa_cli suppor [...]\n Content analysis details: (-4.4 points, 5.0 required)\n pts rule name description\n ---- ----------------------\n --------------------------------------------------\n -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/,\n medium trust\n [192.198.163.17 listed in list.dnswl.org]\n 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record\n -0.0 SPF_PASS SPF: sender matches SPF record\n -0.1 DKIM_VALID Message has at least one valid DKIM or DK\n signature\n -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from\n author's\n domain\n -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from\n envelope-from domain\n 0.1 DKIM_SIGNED Message has a DKIM or DK signature,\n not necessarily valid\n -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%\n [score: 0.0000]\n -0.0 DKIMWL_WL_HIGH DKIMwl.org - High trust sender","X-BeenThere":"hostap@lists.infradead.org","X-Mailman-Version":"2.1.34","Precedence":"list","List-Id":"","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Sender":"\"Hostap\" ","Errors-To":"hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org"},"content":"From: Avraham Stern \n\nAdd control interface support for triggering NAN pairing.\nSupported parameters are the authentication mode (SAE, PASN or\npairing verification), the cipher to use and the publish ID.\nAdd wpa_cli support as well.\n\nSigned-off-by: Avraham Stern \n---\n wpa_supplicant/ctrl_iface.c | 5 ++\n wpa_supplicant/nan_supplicant.c | 90 +++++++++++++++++++++++++++++++++\n wpa_supplicant/nan_supplicant.h | 1 +\n wpa_supplicant/wpa_cli.c | 12 +++++\n 4 files changed, 108 insertions(+)","diff":"diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c\nindex 690241a6f0..013cc98567 100644\n--- a/wpa_supplicant/ctrl_iface.c\n+++ b/wpa_supplicant/ctrl_iface.c\n@@ -14430,6 +14430,11 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,\n \t} else if (os_strncmp(buf, \"NAN_BOOTSTRAP_RESET \", 20) == 0) {\n \t\tif (wpas_nan_bootstrap_reset(wpa_s, buf + 20) < 0)\n \t\t\treply_len = -1;\n+#ifdef CONFIG_PASN\n+\t} else if (os_strncmp(buf, \"NAN_PAIR \", 9) == 0) {\n+\t\tif (wpas_nan_pairing_start(wpa_s, buf + 9) < 0)\n+\t\t\treply_len = -1;\n+#endif /* CONFIG_PASN */\n #endif /* CONFIG_NAN */\n \t} else {\n \t\tos_memcpy(reply, \"UNKNOWN COMMAND\\n\", 16);\ndiff --git a/wpa_supplicant/nan_supplicant.c b/wpa_supplicant/nan_supplicant.c\nindex 0eb134a247..9c4b532303 100644\n--- a/wpa_supplicant/nan_supplicant.c\n+++ b/wpa_supplicant/nan_supplicant.c\n@@ -2575,6 +2575,96 @@ int wpas_nan_pair(struct wpa_supplicant *wpa_s, const u8 *peer_addr,\n \n \treturn ret;\n }\n+\n+\n+/*\n+ * Format: NAN_PAIR >\n+ *\t> > >\n+ *\t[responder] [password=]\n+ */\n+int wpas_nan_pairing_start(struct wpa_supplicant *wpa_s, char *cmd)\n+{\n+\tchar *token, *context = NULL;\n+\tu8 addr[ETH_ALEN];\n+\tu8 auth_mode = 0;\n+\tu8 peer_instance_id = 0;\n+\tint handle = 0;\n+\tint cipher = WPA_CIPHER_NONE;\n+\tchar *password = NULL;\n+\tbool responder = false;\n+\tchar *pos;\n+\n+\t/* Parse peer address first */\n+\tif (hwaddr_aton(cmd, addr) < 0)\n+\t\treturn -1;\n+\n+\t/* Move past the peer_mac address */\n+\tpos = os_strchr(cmd, ' ');\n+\tif (!pos)\n+\t\treturn -1;\n+\tpos++;\n+\n+\twhile ((token = str_token(pos, \" \", &context))) {\n+\t\tif (os_strncmp(token, \"auth=\", 5) == 0) {\n+\t\t\tauth_mode = atoi(token + 5);\n+\t\t\tif (auth_mode > 2) {\n+\t\t\t\twpa_printf(MSG_DEBUG,\n+\t\t\t\t\t \"NAN_PAIR: Invalid auth mode: %u\",\n+\t\t\t\t\t auth_mode);\n+\t\t\t\treturn -1;\n+\t\t\t}\n+\t\t} else if (os_strncmp(token, \"handle=\", 7) == 0) {\n+\t\t\thandle = atoi(token + 7);\n+\t\t} else if (os_strncmp(token, \"peer_instance_id=\", 17) == 0) {\n+\t\t\tpeer_instance_id = atoi(token + 17);\n+\t\t} else if (os_strncmp(token, \"cipher=\", 7) == 0) {\n+\t\t\tif (os_strcmp(token + 7, \"CCMP\") == 0) {\n+\t\t\t\tcipher = WPA_CIPHER_CCMP;\n+\t\t\t} else if (os_strcmp(token + 7, \"GCMP-256\") == 0) {\n+\t\t\t\tcipher = WPA_CIPHER_GCMP_256;\n+\t\t\t} else {\n+\t\t\t\twpa_printf(MSG_DEBUG,\n+\t\t\t\t\t \"NAN_PAIR: Invalid cipher: '%s'\",\n+\t\t\t\t\t token + 7);\n+\t\t\t\treturn -1;\n+\t\t\t}\n+\t\t} else if (os_strncmp(token, \"responder\", 9) == 0) {\n+\t\t\tresponder = true;\n+\t\t} else if (os_strncmp(token, \"password=\", 9) == 0) {\n+\t\t\tpassword = token + 9;\n+\t\t} else {\n+\t\t\twpa_printf(MSG_DEBUG,\n+\t\t\t\t \"NAN_PAIR: Invalid parameter: '%s'\",\n+\t\t\t\t token);\n+\t\t\treturn -1;\n+\t\t}\n+\t}\n+\n+\tif (handle <= 0) {\n+\t\twpa_printf(MSG_DEBUG,\n+\t\t\t \"NAN_PAIR: missing or invalid handle\");\n+\t\treturn -1;\n+\t}\n+\n+\tif (!peer_instance_id) {\n+\t\twpa_printf(MSG_DEBUG,\n+\t\t\t \"NAN_PAIR: missing or invalid peer_instance_id\");\n+\t\treturn -1;\n+\t}\n+\n+\tif (cipher == WPA_CIPHER_NONE) {\n+\t\twpa_printf(MSG_DEBUG, \"NAN_PAIR: missing cipher\");\n+\t\treturn -1;\n+\t}\n+\n+\tif (wpas_nan_pair(wpa_s, addr, auth_mode, cipher, handle,\n+\t\t\t peer_instance_id, responder, password) < 0) {\n+\t\twpa_printf(MSG_DEBUG, \"NAN_PAIR: Pairing initiation failed\");\n+\t\treturn -1;\n+\t}\n+\n+\treturn 0;\n+}\n #endif /* CONFIG_PASN */\n #endif /* CONFIG_NAN */\n \ndiff --git a/wpa_supplicant/nan_supplicant.h b/wpa_supplicant/nan_supplicant.h\nindex 3568366b83..3722b3eab0 100644\n--- a/wpa_supplicant/nan_supplicant.h\n+++ b/wpa_supplicant/nan_supplicant.h\n@@ -39,6 +39,7 @@ int wpas_nan_bootstrap_reset(struct wpa_supplicant *wpa_s, char *cmd);\n int wpas_nan_pair(struct wpa_supplicant *wpa_s, const u8 *peer_addr,\n \t\t u8 auth_mode, int cipher, int handle, u8 peer_instance_id,\n \t\t bool responder, const char *password);\n+int wpas_nan_pairing_start(struct wpa_supplicant *wpa_s, char *cmd);\n #endif /* CONFIG_PASN */\n \n #else /* CONFIG_NAN */\ndiff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c\nindex a4eab29c07..aec6ac2099 100644\n--- a/wpa_supplicant/wpa_cli.c\n+++ b/wpa_supplicant/wpa_cli.c\n@@ -3469,6 +3469,13 @@ static int wpa_cli_cmd_nan_bootstrap_reset(struct wpa_ctrl *ctrl,\n \treturn wpa_cli_cmd(ctrl, \"NAN_BOOTSTRAP_RESET\", 1, argc, argv);\n }\n \n+#ifdef CONFIG_PASN\n+static int wpa_cli_cmd_nan_pair_start(struct wpa_ctrl *ctrl, int argc,\n+\t\t\t\t char *argv[])\n+{\n+\treturn wpa_cli_cmd(ctrl, \"NAN_PAIR\", 5, argc, argv);\n+}\n+#endif /* CONFIG_PASN */\n #endif /* CONFIG_NAN */\n \n \n@@ -4281,6 +4288,11 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = {\n \t{ \"nan_bootstrap_reset\", wpa_cli_cmd_nan_bootstrap_reset, NULL,\n \t cli_cmd_flag_none,\n \t \" = = Reset NAN boostrapping with peer\" },\n+#ifdef CONFIG_PASN\n+\t{ \"nan_pair\", wpa_cli_cmd_nan_pair_start, NULL,\n+\t cli_cmd_flag_none,\n+\t \" = > > > > [password=] [responder] = Request or authorize NAN pairing with peer\" },\n+#endif /* CONFIG_PASN */\n #endif /* CONFIG_NAN */\n \t{ \"new_random_mac_address\", wpa_cli_cmd_generate_new_mac, NULL,\n \t cli_cmd_flag_none, \"= Generate new random MAC address\" },\n","prefixes":["25/92"]}