diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index c168786f9..e771b069d 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -2520,6 +2520,7 @@ static void hapd_initialize_pasn(struct hostapd_data *hapd, pasn->comeback_idx = hapd->comeback_idx; pasn->comeback_key = hapd->comeback_key; pasn->comeback_pending_idx = hapd->comeback_pending_idx; + os_memcpy(pasn->bssid, hapd->own_addr, ETH_ALEN); } diff --git a/src/pasn/pasn_common.h b/src/pasn/pasn_common.h index f65031c79..9c2f397e7 100644 --- a/src/pasn/pasn_common.h +++ b/src/pasn/pasn_common.h @@ -47,6 +47,7 @@ struct pasn_data { u8 own_addr[ETH_ALEN]; u8 peer_addr[ETH_ALEN]; + u8 bssid[ETH_ALEN]; size_t pmk_len; u8 pmk[PMK_LEN_MAX]; bool using_pmksa; @@ -148,12 +149,14 @@ struct pasn_data { void wpa_pasn_reset(struct pasn_data *pasn); int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr, - const u8 *peer_addr, int akmp, int cipher, u16 group, + const u8 *peer_addr, const u8 *bssid, + int akmp, int cipher, u16 group, int freq, const u8 *beacon_rsne, u8 beacon_rsne_len, const u8 *beacon_rsnxe, u8 beacon_rsnxe_len, const struct wpabuf *comeback); int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr, - const u8 *peer_addr, int akmp, int cipher, u16 group, + const u8 *peer_addr, const u8 *bssid, + int akmp, int cipher, u16 group, int freq, const u8 *beacon_rsne, u8 beacon_rsne_len, const u8 *beacon_rsnxe, u8 beacon_rsnxe_len, const struct wpabuf *comeback); diff --git a/src/pasn/pasn_initiator.c b/src/pasn/pasn_initiator.c index d0cf2aa4a..280575405 100644 --- a/src/pasn/pasn_initiator.c +++ b/src/pasn/pasn_initiator.c @@ -538,7 +538,7 @@ static struct wpabuf * wpas_pasn_build_auth_1(struct pasn_data *pasn, wrapped_data = wpas_pasn_get_wrapped_data_format(pasn); - wpa_pasn_build_auth_header(buf, pasn->peer_addr, + wpa_pasn_build_auth_header(buf, pasn->bssid, pasn->own_addr, pasn->peer_addr, pasn->trans_seq + 1, WLAN_STATUS_SUCCESS); @@ -629,7 +629,7 @@ static struct wpabuf * wpas_pasn_build_auth_3(struct pasn_data *pasn) wrapped_data = wpas_pasn_get_wrapped_data_format(pasn); - wpa_pasn_build_auth_header(buf, pasn->peer_addr, + wpa_pasn_build_auth_header(buf, pasn->bssid, pasn->own_addr, pasn->peer_addr, pasn->trans_seq + 1, WLAN_STATUS_SUCCESS); @@ -858,8 +858,8 @@ static int wpas_pasn_set_pmk(struct pasn_data *pasn, static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr, - const u8 *peer_addr, int akmp, int cipher, - u16 group, int freq, + const u8 *peer_addr, const u8 *bssid, int akmp, + int cipher, u16 group, int freq, const u8 *beacon_rsne, u8 beacon_rsne_len, const u8 *beacon_rsnxe, u8 beacon_rsnxe_len, const struct wpabuf *comeback, bool verify) @@ -896,6 +896,7 @@ static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr, os_memcpy(pasn->own_addr, own_addr, ETH_ALEN); os_memcpy(pasn->peer_addr, peer_addr, ETH_ALEN); + os_memcpy(pasn->bssid, bssid, ETH_ALEN); wpa_printf(MSG_DEBUG, "PASN: Init%s: " MACSTR " akmp=0x%x, cipher=0x%x, group=%u", @@ -927,7 +928,8 @@ fail: int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr, - const u8 *peer_addr, int akmp, int cipher, u16 group, + const u8 *peer_addr, const u8 *bssid, + int akmp, int cipher, u16 group, int freq, const u8 *beacon_rsne, u8 beacon_rsne_len, const u8 *beacon_rsnxe, u8 beacon_rsnxe_len, const struct wpabuf *comeback) @@ -973,8 +975,8 @@ int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr, return -1; } - return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher, - group, + return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, bssid, akmp, + cipher, group, freq, beacon_rsne, beacon_rsne_len, beacon_rsnxe, beacon_rsnxe_len, comeback, false); @@ -992,15 +994,16 @@ int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr, * verification. */ int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr, - const u8 *peer_addr, int akmp, int cipher, u16 group, + const u8 *peer_addr, const u8 *bssid, + int akmp, int cipher, u16 group, int freq, const u8 *beacon_rsne, u8 beacon_rsne_len, const u8 *beacon_rsnxe, u8 beacon_rsnxe_len, const struct wpabuf *comeback) { - return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher, - group, freq, beacon_rsne, beacon_rsne_len, - beacon_rsnxe, beacon_rsnxe_len, comeback, - true); + return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, bssid, akmp, + cipher, group, freq, beacon_rsne, + beacon_rsne_len, beacon_rsnxe, + beacon_rsnxe_len, comeback, true); } @@ -1022,7 +1025,7 @@ static bool is_pasn_auth_frame(struct pasn_data *pasn, /* Not our frame; do nothing */ if (os_memcmp(mgmt->da, pasn->own_addr, ETH_ALEN) != 0 || os_memcmp(mgmt->sa, pasn->peer_addr, ETH_ALEN) != 0 || - os_memcmp(mgmt->bssid, pasn->peer_addr, ETH_ALEN) != 0) + os_memcmp(mgmt->bssid, pasn->bssid, ETH_ALEN) != 0) return false; /* Not PASN; do nothing */ diff --git a/src/pasn/pasn_responder.c b/src/pasn/pasn_responder.c index 35a88f327..ea2737c0f 100644 --- a/src/pasn/pasn_responder.c +++ b/src/pasn/pasn_responder.c @@ -374,7 +374,7 @@ static void handle_auth_pasn_comeback(struct pasn_data *pasn, if (!buf) return; - wpa_pasn_build_auth_header(buf, own_addr, own_addr, peer_addr, 2, + wpa_pasn_build_auth_header(buf, pasn->bssid, own_addr, peer_addr, 2, WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY); /* @@ -432,7 +432,7 @@ int handle_auth_pasn_resp(struct pasn_data *pasn, const u8 *own_addr, if (!buf) goto fail; - wpa_pasn_build_auth_header(buf, own_addr, own_addr, peer_addr, 2, + wpa_pasn_build_auth_header(buf, pasn->bssid, own_addr, peer_addr, 2, status); if (status != WLAN_STATUS_SUCCESS) diff --git a/wpa_supplicant/pasn_supplicant.c b/wpa_supplicant/pasn_supplicant.c index 526b45c33..a8d4e919b 100644 --- a/wpa_supplicant/pasn_supplicant.c +++ b/wpa_supplicant/pasn_supplicant.c @@ -647,8 +647,8 @@ static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit) ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr, - awork->akmp, awork->cipher, awork->group, - bss->freq, rsne, *(rsne + 1) + 2, + awork->peer_addr, awork->akmp, awork->cipher, + awork->group, bss->freq, rsne, *(rsne + 1) + 2, rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0, awork->comeback); if (ret) {