wpa_supplicant: Update to 07-Jul-2012 TOT

[android-x86/external-wpa_supplicant_8.git] / src / p2p / p2p.c

diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
index aeeaccb..58ada3b 100644 (file)
--- a/src/p2p/p2p.c
+++ b/src/p2p/p2p.c
@@ -119,7 +119,7 @@ static void p2p_expire_peers(struct p2p_data *p2p)
                        continue;
 #endif
 
-               wpa_msg(p2p->cfg->msg_ctx, MSG_ERROR, "P2P: Expiring old peer "
+               wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Expiring old peer "
                        "entry " MACSTR, MAC2STR(dev->info.p2p_device_addr));
 #ifdef ANDROID_P2P
                /* SD_FAIR_POLICY: Update the current sd_dev_list pointer to next device */
@@ -193,14 +193,14 @@ u16 p2p_get_provisioning_info(struct p2p_data *p2p, const u8 *addr)
 }
 
 
-void p2p_clear_provisioning_info(struct p2p_data *p2p, const u8 *iface_addr)
+void p2p_clear_provisioning_info(struct p2p_data *p2p, const u8 *addr)
 {
        struct p2p_device *dev = NULL;
 
-       if (!iface_addr || !p2p)
+       if (!addr || !p2p)
                return;
 
-       dev = p2p_get_device_interface(p2p, iface_addr);
+       dev = p2p_get_device(p2p, addr);
        if (dev)
                dev->wps_prov_info = 0;
 }
@@ -315,7 +315,7 @@ int p2p_listen(struct p2p_data *p2p, unsigned int timeout)
        p2p->pending_listen_usec = (timeout % 1000) * 1000;
 
        if (p2p->p2p_scan_running) {
-               if (p2p->start_after_scan == P2P_AFTER_SCAN_NOTHING) {
+               if (p2p->start_after_scan == P2P_AFTER_SCAN_CONNECT) {
                        wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
                                "P2P: p2p_scan running - connect is already "
                                "pending - skip listen");
@@ -484,13 +484,25 @@ static int p2p_add_group_clients(struct p2p_data *p2p, const u8 *go_dev_addr,
                        continue; /* ignore our own entry */
                dev = p2p_get_device(p2p, cli->p2p_device_addr);
                if (dev) {
-                       /*
-                        * Update information only if we have not received this
-                        * directly from the client.
-                        */
                        if (dev->flags & (P2P_DEV_GROUP_CLIENT_ONLY |
-                                         P2P_DEV_PROBE_REQ_ONLY))
+                                         P2P_DEV_PROBE_REQ_ONLY)) {
+                               /*
+                                * Update information since we have not
+                                * received this directly from the client.
+                                */
                                p2p_copy_client_info(dev, cli);
+                       } else {
+                               /*
+                                * Need to update P2P Client Discoverability
+                                * flag since it is valid only in P2P Group
+                                * Info attribute.
+                                */
+                               dev->info.dev_capab &=
+                                       ~P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
+                               dev->info.dev_capab |=
+                                       cli->dev_capab &
+                                       P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
+                       }
                        if (dev->flags & P2P_DEV_PROBE_REQ_ONLY) {
                                dev->flags &= ~P2P_DEV_PROBE_REQ_ONLY;
                        }
@@ -573,7 +585,13 @@ static void p2p_copy_wps_info(struct p2p_device *dev, int probe_req,
        }
 
        if (msg->capability) {
-               dev->info.dev_capab = msg->capability[0];
+               /*
+                * P2P Client Discoverability bit is reserved in all frames
+                * that use this function, so do not change its value here.
+                */
+               dev->info.dev_capab &= P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
+               dev->info.dev_capab |= msg->capability[0] &
+                       ~P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
                dev->info.group_capab = msg->capability[1];
        }
 
@@ -582,6 +600,7 @@ static void p2p_copy_wps_info(struct p2p_device *dev, int probe_req,
                dev->ext_listen_interval =
                        WPA_GET_LE16(msg->ext_listen_timing + 2);
        }
+
        if (!probe_req) {
                dev->info.config_methods = msg->config_methods ?
                        msg->config_methods : msg->wps_config_methods;
@@ -590,7 +609,7 @@ static void p2p_copy_wps_info(struct p2p_device *dev, int probe_req,
 
 
 /**
- * p2p_add_device - Add peer entries based on scan results
+ * p2p_add_device - Add peer entries based on scan results or P2P frames
  * @p2p: P2P module context from p2p_init()
  * @addr: Source address of Beacon or Probe Response frame (may be either
  *     P2P Device Address or P2P Interface Address)
@@ -598,6 +617,7 @@ static void p2p_copy_wps_info(struct p2p_device *dev, int probe_req,
  * @freq: Frequency on which the Beacon or Probe Response frame was received
  * @ies: IEs from the Beacon or Probe Response frame
  * @ies_len: Length of ies buffer in octets
+ * @scan_res: Whether this was based on scan results
  * Returns: 0 on success, -1 on failure
  *
  * If the scan result is for a GO, the clients in the group will also be added
@@ -606,7 +626,7 @@ static void p2p_copy_wps_info(struct p2p_device *dev, int probe_req,
  * Info attributes.
  */
 int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, int level,
-                  const u8 *ies, size_t ies_len)
+                  const u8 *ies, size_t ies_len, int scan_res)
 {
        struct p2p_device *dev;
        struct p2p_message msg;
@@ -675,16 +695,18 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, int level,
                }
        }
 
-       if (dev->listen_freq && dev->listen_freq != freq) {
+       if (dev->listen_freq && dev->listen_freq != freq && scan_res) {
                wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
                        "P2P: Update Listen frequency based on scan "
                        "results (" MACSTR " %d -> %d MHz (DS param %d)",
                        MAC2STR(dev->info.p2p_device_addr), dev->listen_freq,
                        freq, msg.ds_params ? *msg.ds_params : -1);
        }
-       dev->listen_freq = freq;
-       if (msg.group_info)
-               dev->oper_freq = freq;
+       if (scan_res) {
+               dev->listen_freq = freq;
+               if (msg.group_info)
+                       dev->oper_freq = freq;
+       }
        dev->info.level = level;
 
        p2p_copy_wps_info(dev, 0, &msg);
@@ -703,8 +725,10 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, int level,
                        break;
        }
 
-       p2p_add_group_clients(p2p, p2p_dev_addr, addr, freq, msg.group_info,
-                             msg.group_info_len);
+       if (scan_res) {
+               p2p_add_group_clients(p2p, p2p_dev_addr, addr, freq,
+                                     msg.group_info, msg.group_info_len);
+       }
 
        p2p_parse_free(&msg);
 
@@ -821,6 +845,7 @@ static void p2p_search(struct p2p_data *p2p)
 {
        int freq = 0;
        enum p2p_scan_type type;
+       u16 pw_id = DEV_PW_DEFAULT;
 
        if (p2p->drv_in_listen) {
                wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Driver is still "
@@ -830,30 +855,8 @@ static void p2p_search(struct p2p_data *p2p)
        }
        p2p->cfg->stop_listen(p2p->cfg->cb_ctx);
 
-       if (p2p->go_neg_peer) {
-               /*
-                * Only scan the known listen frequency of the peer
-                * during GO Negotiation start.
-                */
-               freq = p2p->go_neg_peer->listen_freq;
-               if (freq <= 0)
-                       freq = p2p->go_neg_peer->oper_freq;
-               type = P2P_SCAN_SPECIFIC;
-               wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Starting search "
-                       "for freq %u (GO Neg)", freq);
-       } else if (p2p->invite_peer) {
-               /*
-                * Only scan the known listen frequency of the peer
-                * during Invite start.
-                */
-               freq = p2p->invite_peer->listen_freq;
-               if (freq <= 0)
-                       freq = p2p->invite_peer->oper_freq;
-               type = P2P_SCAN_SPECIFIC;
-               wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Starting search "
-                       "for freq %u (Invite)", freq);
-       } else if (p2p->find_type == P2P_FIND_PROGRESSIVE &&
-                  (freq = p2p_get_next_prog_freq(p2p)) > 0) {
+       if (p2p->find_type == P2P_FIND_PROGRESSIVE &&
+           (freq = p2p_get_next_prog_freq(p2p)) > 0) {
                type = P2P_SCAN_SOCIAL_PLUS_ONE;
                wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Starting search "
                        "(+ freq %u)", freq);
@@ -864,7 +867,7 @@ static void p2p_search(struct p2p_data *p2p)
 
        if (p2p->cfg->p2p_scan(p2p->cfg->cb_ctx, type, freq,
                               p2p->num_req_dev_types, p2p->req_dev_types,
-                              p2p->find_dev_id)) {
+                              p2p->find_dev_id, pw_id)) {
                wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
                        "P2P: Scan request failed");
                p2p_continue_find(p2p);
@@ -1016,12 +1019,14 @@ int p2p_find(struct p2p_data *p2p, unsigned int timeout,
        case P2P_FIND_PROGRESSIVE:
                res = p2p->cfg->p2p_scan(p2p->cfg->cb_ctx, P2P_SCAN_FULL, 0,
                                         p2p->num_req_dev_types,
-                                        p2p->req_dev_types, dev_id);
+                                        p2p->req_dev_types, dev_id,
+                                        DEV_PW_DEFAULT);
                break;
        case P2P_FIND_ONLY_SOCIAL:
                res = p2p->cfg->p2p_scan(p2p->cfg->cb_ctx, P2P_SCAN_SOCIAL, 0,
                                         p2p->num_req_dev_types,
-                                        p2p->req_dev_types, dev_id);
+                                        p2p->req_dev_types, dev_id,
+                                        DEV_PW_DEFAULT);
                break;
        default:
                return -1;
@@ -1090,11 +1095,21 @@ void p2p_stop_find_for_freq(struct p2p_data *p2p, int freq)
        p2p->go_neg_peer = NULL;
        p2p->sd_peer = NULL;
        p2p->invite_peer = NULL;
+       p2p_stop_listen_for_freq(p2p, freq);
+}
+
+
+void p2p_stop_listen_for_freq(struct p2p_data *p2p, int freq)
+{
        if (freq > 0 && p2p->drv_in_listen == freq && p2p->in_listen) {
                wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Skip stop_listen "
                        "since we are on correct channel for response");
                return;
        }
+       if (p2p->in_listen) {
+               p2p->in_listen = 0;
+               p2p_clear_timeout(p2p);
+       }
        if (p2p->drv_in_listen) {
                /*
                 * The driver may not deliver callback to p2p_listen_end()
@@ -1217,21 +1232,22 @@ static void p2p_set_dev_persistent(struct p2p_device *dev,
 int p2p_connect(struct p2p_data *p2p, const u8 *peer_addr,
                enum p2p_wps_method wps_method,
                int go_intent, const u8 *own_interface_addr,
-               unsigned int force_freq, int persistent_group)
+               unsigned int force_freq, int persistent_group,
+               const u8 *force_ssid, size_t force_ssid_len,
+               int pd_before_go_neg)
 {
        struct p2p_device *dev;
 
        wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
                "P2P: Request to start group negotiation - peer=" MACSTR
                "  GO Intent=%d  Intended Interface Address=" MACSTR
-               " wps_method=%d persistent_group=%d",
+               " wps_method=%d persistent_group=%d pd_before_go_neg=%d",
                MAC2STR(peer_addr), go_intent, MAC2STR(own_interface_addr),
-               wps_method, persistent_group);
+               wps_method, persistent_group, pd_before_go_neg);
 
        if (p2p_prepare_channel(p2p, force_freq) < 0)
                return -1;
 
-       p2p->ssid_set = 0;
        dev = p2p_get_device(p2p, peer_addr);
        if (dev == NULL || (dev->flags & P2P_DEV_PROBE_REQ_ONLY)) {
                wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
@@ -1264,10 +1280,23 @@ int p2p_connect(struct p2p_data *p2p, const u8 *peer_addr,
                 */
        }
 
+       p2p->ssid_set = 0;
+       if (force_ssid) {
+               wpa_hexdump_ascii(MSG_DEBUG, "P2P: Forced SSID",
+                                 force_ssid, force_ssid_len);
+               os_memcpy(p2p->ssid, force_ssid, force_ssid_len);
+               p2p->ssid_len = force_ssid_len;
+               p2p->ssid_set = 1;
+       }
+
        dev->flags &= ~P2P_DEV_NOT_YET_READY;
        dev->flags &= ~P2P_DEV_USER_REJECTED;
        dev->flags &= ~P2P_DEV_WAIT_GO_NEG_RESPONSE;
        dev->flags &= ~P2P_DEV_WAIT_GO_NEG_CONFIRM;
+       if (pd_before_go_neg)
+               dev->flags |= P2P_DEV_PD_BEFORE_GO_NEG;
+       else
+               dev->flags &= ~P2P_DEV_PD_BEFORE_GO_NEG;
        dev->connect_reqs = 0;
        dev->go_neg_req_sent = 0;
        dev->go_state = UNKNOWN_GO;
@@ -1315,7 +1344,8 @@ int p2p_connect(struct p2p_data *p2p, const u8 *peer_addr,
 int p2p_authorize(struct p2p_data *p2p, const u8 *peer_addr,
                  enum p2p_wps_method wps_method,
                  int go_intent, const u8 *own_interface_addr,
-                 unsigned int force_freq, int persistent_group)
+                 unsigned int force_freq, int persistent_group,
+                 const u8 *force_ssid, size_t force_ssid_len)
 {
        struct p2p_device *dev;
 
@@ -1337,6 +1367,15 @@ int p2p_authorize(struct p2p_data *p2p, const u8 *peer_addr,
                return -1;
        }
 
+       p2p->ssid_set = 0;
+       if (force_ssid) {
+               wpa_hexdump_ascii(MSG_DEBUG, "P2P: Forced SSID",
+                                 force_ssid, force_ssid_len);
+               os_memcpy(p2p->ssid, force_ssid, force_ssid_len);
+               p2p->ssid_len = force_ssid_len;
+               p2p->ssid_set = 1;
+       }
+
        dev->flags &= ~P2P_DEV_NOT_YET_READY;
        dev->flags &= ~P2P_DEV_USER_REJECTED;
        dev->go_neg_req_sent = 0;
@@ -1821,16 +1860,23 @@ struct wpabuf * p2p_build_probe_resp_ies(struct p2p_data *p2p)
 {
        struct wpabuf *buf;
        u8 *len;
+       int pw_id = -1;
 
        buf = wpabuf_alloc(1000);
        if (buf == NULL)
                return NULL;
 
-       p2p_build_wps_ie(p2p, buf, DEV_PW_DEFAULT, 1);
+       if (p2p->go_neg_peer) {
+               /* Advertise immediate availability of WPS credential */
+               pw_id = p2p_wps_method_pw_id(p2p->go_neg_peer->wps_method);
+       }
+
+       p2p_build_wps_ie(p2p, buf, pw_id, 1);
 
        /* P2P IE */
        len = p2p_buf_add_ie_hdr(buf);
-       p2p_buf_add_capability(buf, p2p->dev_capab, 0);
+       p2p_buf_add_capability(buf, p2p->dev_capab &
+                              ~P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY, 0);
        if (p2p->ext_listen_interval)
                p2p_buf_add_ext_listen_timing(buf, p2p->ext_listen_period,
                                              p2p->ext_listen_interval);
@@ -1874,9 +1920,9 @@ static int supp_rates_11b_only(struct ieee802_11_elems *elems)
 }
 
 
-static void p2p_reply_probe(struct p2p_data *p2p, const u8 *addr,
-                           const u8 *dst, const u8 *bssid, const u8 *ie,
-                           size_t ie_len)
+static enum p2p_probe_req_status
+p2p_reply_probe(struct p2p_data *p2p, const u8 *addr, const u8 *dst,
+               const u8 *bssid, const u8 *ie, size_t ie_len)
 {
        struct ieee802_11_elems elems;
        struct wpabuf *buf;
@@ -1886,55 +1932,55 @@ static void p2p_reply_probe(struct p2p_data *p2p, const u8 *addr,
 
        if (!p2p->in_listen || !p2p->drv_in_listen) {
                /* not in Listen state - ignore Probe Request */
-               return;
+               return P2P_PREQ_NOT_LISTEN;
        }
 
        if (ieee802_11_parse_elems((u8 *) ie, ie_len, &elems, 0) ==
            ParseFailed) {
                /* Ignore invalid Probe Request frames */
-               return;
+               return P2P_PREQ_MALFORMED;
        }
 
        if (elems.p2p == NULL) {
                /* not a P2P probe - ignore it */
-               return;
+               return P2P_PREQ_NOT_P2P;
        }
 
        if (dst && !is_broadcast_ether_addr(dst) &&
            os_memcmp(dst, p2p->cfg->dev_addr, ETH_ALEN) != 0) {
                /* Not sent to the broadcast address or our P2P Device Address
                 */
-               return;
+               return P2P_PREQ_NOT_PROCESSED;
        }
 
        if (bssid && !is_broadcast_ether_addr(bssid)) {
                /* Not sent to the Wildcard BSSID */
-               return;
+               return P2P_PREQ_NOT_PROCESSED;
        }
 
        if (elems.ssid == NULL || elems.ssid_len != P2P_WILDCARD_SSID_LEN ||
            os_memcmp(elems.ssid, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) !=
            0) {
                /* not using P2P Wildcard SSID - ignore */
-               return;
+               return P2P_PREQ_NOT_PROCESSED;
        }
 
        if (supp_rates_11b_only(&elems)) {
                /* Indicates support for 11b rates only */
-               return;
+               return P2P_PREQ_NOT_P2P;
        }
 
        os_memset(&msg, 0, sizeof(msg));
        if (p2p_parse_ies(ie, ie_len, &msg) < 0) {
                /* Could not parse P2P attributes */
-               return;
+               return P2P_PREQ_NOT_P2P;
        }
 
        if (msg.device_id &&
-           os_memcmp(msg.device_id, p2p->cfg->dev_addr, ETH_ALEN != 0)) {
+           os_memcmp(msg.device_id, p2p->cfg->dev_addr, ETH_ALEN) != 0) {
                /* Device ID did not match */
                p2p_parse_free(&msg);
-               return;
+               return P2P_PREQ_NOT_PROCESSED;
        }
 
        /* Check Requested Device Type match */
@@ -1942,12 +1988,14 @@ static void p2p_reply_probe(struct p2p_data *p2p, const u8 *addr,
            !p2p_match_dev_type(p2p, msg.wps_attributes)) {
                /* No match with Requested Device Type */
                p2p_parse_free(&msg);
-               return;
+               return P2P_PREQ_NOT_PROCESSED;
        }
        p2p_parse_free(&msg);
 
-       if (!p2p->cfg->send_probe_resp)
-               return; /* Response generated elsewhere */
+       if (!p2p->cfg->send_probe_resp) {
+               /* Response generated elsewhere */
+               return P2P_PREQ_NOT_PROCESSED;
+       }
 
        wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
                "P2P: Reply to P2P Probe Request in Listen state");
@@ -1960,12 +2008,12 @@ static void p2p_reply_probe(struct p2p_data *p2p, const u8 *addr,
         */
        ies = p2p_build_probe_resp_ies(p2p);
        if (ies == NULL)
-               return;
+               return P2P_PREQ_NOT_PROCESSED;
 
        buf = wpabuf_alloc(200 + wpabuf_len(ies));
        if (buf == NULL) {
                wpabuf_free(ies);
-               return;
+               return P2P_PREQ_NOT_PROCESSED;
        }
 
        resp = NULL;
@@ -2008,15 +2056,20 @@ static void p2p_reply_probe(struct p2p_data *p2p, const u8 *addr,
        p2p->cfg->send_probe_resp(p2p->cfg->cb_ctx, buf);
 
        wpabuf_free(buf);
+
+       return P2P_PREQ_NOT_PROCESSED;
 }
 
 
-int p2p_probe_req_rx(struct p2p_data *p2p, const u8 *addr, const u8 *dst,
-                    const u8 *bssid, const u8 *ie, size_t ie_len)
+enum p2p_probe_req_status
+p2p_probe_req_rx(struct p2p_data *p2p, const u8 *addr, const u8 *dst,
+                const u8 *bssid, const u8 *ie, size_t ie_len)
 {
+       enum p2p_probe_req_status res;
+
        p2p_add_dev_from_probe_req(p2p, addr, ie, ie_len);
 
-       p2p_reply_probe(p2p, addr, dst, bssid, ie, ie_len);
+       res = p2p_reply_probe(p2p, addr, dst, bssid, ie, ie_len);
 
        if ((p2p->state == P2P_CONNECT || p2p->state == P2P_CONNECT_LISTEN) &&
            p2p->go_neg_peer &&
@@ -2027,7 +2080,7 @@ int p2p_probe_req_rx(struct p2p_data *p2p, const u8 *addr, const u8 *dst,
                        "P2P: Found GO Negotiation peer - try to start GO "
                        "negotiation from timeout");
                eloop_register_timeout(0, 0, p2p_go_neg_start, p2p, NULL);
-               return 1;
+               return P2P_PREQ_PROCESSED;
        }
 
        if ((p2p->state == P2P_INVITE || p2p->state == P2P_INVITE_LISTEN) &&
@@ -2039,10 +2092,10 @@ int p2p_probe_req_rx(struct p2p_data *p2p, const u8 *addr, const u8 *dst,
                        "P2P: Found Invite peer - try to start Invite from "
                        "timeout");
                eloop_register_timeout(0, 0, p2p_invite_start, p2p, NULL);
-               return 1;
+               return P2P_PREQ_PROCESSED;
        }
 
-       return 0;
+       return res;
 }
 
 
@@ -2156,29 +2209,37 @@ int p2p_scan_result_text(const u8 *ies, size_t ies_len, char *buf, char *end)
 }
 
 
-int p2p_parse_dev_addr(const u8 *ies, size_t ies_len, u8 *dev_addr)
+int p2p_parse_dev_addr_in_p2p_ie(struct wpabuf *p2p_ie, u8 *dev_addr)
 {
-       struct wpabuf *p2p_ie;
        struct p2p_message msg;
 
-       p2p_ie = ieee802_11_vendor_ie_concat(ies, ies_len,
-                                            P2P_IE_VENDOR_TYPE);
-       if (p2p_ie == NULL)
-               return -1;
        os_memset(&msg, 0, sizeof(msg));
-       if (p2p_parse_p2p_ie(p2p_ie, &msg)) {
-               wpabuf_free(p2p_ie);
+       if (p2p_parse_p2p_ie(p2p_ie, &msg))
                return -1;
-       }
 
-       if (msg.p2p_device_addr == NULL) {
-               wpabuf_free(p2p_ie);
-               return -1;
+       if (msg.p2p_device_addr) {
+               os_memcpy(dev_addr, msg.p2p_device_addr, ETH_ALEN);
+               return 0;
+       } else if (msg.device_id) {
+               os_memcpy(dev_addr, msg.device_id, ETH_ALEN);
+               return 0;
        }
+       return -1;
+}
 
-       os_memcpy(dev_addr, msg.p2p_device_addr, ETH_ALEN);
+
+int p2p_parse_dev_addr(const u8 *ies, size_t ies_len, u8 *dev_addr)
+{
+       struct wpabuf *p2p_ie;
+       int ret;
+
+       p2p_ie = ieee802_11_vendor_ie_concat(ies, ies_len,
+                                            P2P_IE_VENDOR_TYPE);
+       if (p2p_ie == NULL)
+               return -1;
+       ret = p2p_parse_dev_addr_in_p2p_ie(p2p_ie, dev_addr);
        wpabuf_free(p2p_ie);
-       return 0;
+       return ret;
 }
 
 
@@ -2256,6 +2317,17 @@ struct p2p_data * p2p_init(const struct p2p_config *cfg)
                p2p->cfg->model_number = os_strdup(cfg->model_number);
        if (cfg->serial_number)
                p2p->cfg->serial_number = os_strdup(cfg->serial_number);
+       if (cfg->pref_chan) {
+               p2p->cfg->pref_chan = os_malloc(cfg->num_pref_chan *
+                                               sizeof(struct p2p_channel));
+               if (p2p->cfg->pref_chan) {
+                       os_memcpy(p2p->cfg->pref_chan, cfg->pref_chan,
+                                 cfg->num_pref_chan *
+                                 sizeof(struct p2p_channel));
+               } else
+                       p2p->cfg->num_pref_chan = 0;
+       }
+
 #ifdef ANDROID_P2P
        /* 100ms listen time is too less to receive the response frames in some scenarios
         * increasing min listen time to 200ms.
@@ -2298,6 +2370,7 @@ void p2p_deinit(struct p2p_data *p2p)
        os_free(p2p->cfg->model_name);
        os_free(p2p->cfg->model_number);
        os_free(p2p->cfg->serial_number);
+       os_free(p2p->cfg->pref_chan);
        os_free(p2p->groups);
        wpabuf_free(p2p->sd_resp);
        os_free(p2p->after_scan_tx);
@@ -2309,16 +2382,7 @@ void p2p_deinit(struct p2p_data *p2p)
 void p2p_flush(struct p2p_data *p2p)
 {
        struct p2p_device *dev, *prev;
-       p2p_clear_timeout(p2p);
-#ifdef ANDROID_P2P
-       if (p2p->state == P2P_SEARCH)
-               wpa_msg(p2p->cfg->msg_ctx, MSG_INFO,
-                                               P2P_EVENT_FIND_STOPPED);
-#endif
-       p2p_set_state(p2p, P2P_IDLE);
-       p2p->start_after_scan = P2P_AFTER_SCAN_NOTHING;
-       p2p->go_neg_peer = NULL;
-       eloop_cancel_timeout(p2p_find_timeout, p2p, NULL);
+       p2p_stop_find(p2p);
        dl_list_for_each_safe(dev, prev, &p2p->devices, struct p2p_device,
                              list) {
                dl_list_del(&dev->list);
@@ -2671,17 +2735,7 @@ static void p2p_prov_disc_cb(struct p2p_data *p2p, int success)
 int p2p_scan_res_handler(struct p2p_data *p2p, const u8 *bssid, int freq,
                         int level, const u8 *ies, size_t ies_len)
 {
-       p2p_add_device(p2p, bssid, freq, level, ies, ies_len);
-
-       if (p2p->go_neg_peer && p2p->state == P2P_SEARCH &&
-           os_memcmp(p2p->go_neg_peer->info.p2p_device_addr, bssid, ETH_ALEN)
-           == 0) {
-               wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
-                       "P2P: Found GO Negotiation peer - try to start GO "
-                       "negotiation");
-               p2p_connect_send(p2p, p2p->go_neg_peer);
-               return 1;
-       }
+       p2p_add_device(p2p, bssid, freq, level, ies, ies_len, 1);
 
        return 0;
 }
@@ -2706,7 +2760,8 @@ void p2p_scan_res_handled(struct p2p_data *p2p)
 void p2p_scan_ie(struct p2p_data *p2p, struct wpabuf *ies, const u8 *dev_id)
 {
        u8 *len = p2p_buf_add_ie_hdr(ies);
-       p2p_buf_add_capability(ies, p2p->dev_capab, 0);
+       p2p_buf_add_capability(ies, p2p->dev_capab &
+                              ~P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY, 0);
        if (dev_id)
                p2p_buf_add_device_id(ies, dev_id);
        if (p2p->cfg->reg_class && p2p->cfg->channel)
@@ -2748,19 +2803,14 @@ static void p2p_go_neg_req_cb(struct p2p_data *p2p, int success)
        }
 
        if (success) {
-#ifndef ANDROID_P2P
-               dev->go_neg_req_sent++;
-#endif
                if (dev->flags & P2P_DEV_USER_REJECTED) {
                        p2p_set_state(p2p, P2P_IDLE);
                        return;
                }
-       }
-#ifdef ANDROID_P2P
-       else {
+       } else if (dev->go_neg_req_sent) {
+               /* Cancel the increment from p2p_connect_send() on failure */
                dev->go_neg_req_sent--;
        }
-#endif
 
        if (!success &&
            (dev->info.dev_capab & P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY) &&
@@ -2978,6 +3028,18 @@ int p2p_listen_end(struct p2p_data *p2p, unsigned int freq)
                                "new one");
                        return 1;
                }
+               if (p2p->pending_listen_freq) {
+                       /*
+                        * Better wait a bit if the driver is unable to start
+                        * offchannel operation for some reason. p2p_search()
+                        * will be started from internal timeout.
+                        */
+                       wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Listen "
+                               "operation did not seem to start - delay "
+                               "search phase to avoid busy loop");
+                       p2p_set_timeout(p2p, 0, 100000);
+                       return 1;
+               }
                p2p_search(p2p);
                return 1;
        }
@@ -2989,6 +3051,14 @@ int p2p_listen_end(struct p2p_data *p2p, unsigned int freq)
 static void p2p_timeout_connect(struct p2p_data *p2p)
 {
        p2p->cfg->send_action_done(p2p->cfg->cb_ctx);
+       if (p2p->go_neg_peer &&
+           (p2p->go_neg_peer->flags & P2P_DEV_WAIT_GO_NEG_CONFIRM)) {
+               wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Wait for GO "
+                       "Negotiation Confirm timed out - assume GO "
+                       "Negotiation failed");
+               p2p_go_neg_failed(p2p, p2p->go_neg_peer, -1);
+               return;
+       }
        p2p_set_state(p2p, P2P_CONNECT_LISTEN);
        p2p_listen_in_find(p2p);
 }
@@ -3802,6 +3872,28 @@ int p2p_set_oper_channel(struct p2p_data *p2p, u8 op_reg_class, u8 op_channel,
 }
 
 
+int p2p_set_pref_chan(struct p2p_data *p2p, unsigned int num_pref_chan,
+                     const struct p2p_channel *pref_chan)
+{
+       struct p2p_channel *n;
+
+       if (pref_chan) {
+               n = os_malloc(num_pref_chan * sizeof(struct p2p_channel));
+               if (n == NULL)
+                       return -1;
+               os_memcpy(n, pref_chan,
+                         num_pref_chan * sizeof(struct p2p_channel));
+       } else
+               n = NULL;
+
+       os_free(p2p->cfg->pref_chan);
+       p2p->cfg->pref_chan = n;
+       p2p->cfg->num_pref_chan = num_pref_chan;
+
+       return 0;
+}
+
+
 int p2p_get_interface_addr(struct p2p_data *p2p, const u8 *dev_addr,
                           u8 *iface_addr)
 {