PASN: Use separate variables for BSSID and peer address
Using separate variables for BSSID and peer address is needed to support Wi-Fi Aware (NAN) use cases where the group address is used as the BSSID and that could be different from any other peer address. The infrastructure BSS cases will continue to use the AP's BSSID as both the peer address and BSSID for the PASN exchanges. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
42f0c44d84
commit
309765eb66
5 changed files with 26 additions and 19 deletions
|
@ -2520,6 +2520,7 @@ static void hapd_initialize_pasn(struct hostapd_data *hapd,
|
||||||
pasn->comeback_idx = hapd->comeback_idx;
|
pasn->comeback_idx = hapd->comeback_idx;
|
||||||
pasn->comeback_key = hapd->comeback_key;
|
pasn->comeback_key = hapd->comeback_key;
|
||||||
pasn->comeback_pending_idx = hapd->comeback_pending_idx;
|
pasn->comeback_pending_idx = hapd->comeback_pending_idx;
|
||||||
|
os_memcpy(pasn->bssid, hapd->own_addr, ETH_ALEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -47,6 +47,7 @@ struct pasn_data {
|
||||||
|
|
||||||
u8 own_addr[ETH_ALEN];
|
u8 own_addr[ETH_ALEN];
|
||||||
u8 peer_addr[ETH_ALEN];
|
u8 peer_addr[ETH_ALEN];
|
||||||
|
u8 bssid[ETH_ALEN];
|
||||||
size_t pmk_len;
|
size_t pmk_len;
|
||||||
u8 pmk[PMK_LEN_MAX];
|
u8 pmk[PMK_LEN_MAX];
|
||||||
bool using_pmksa;
|
bool using_pmksa;
|
||||||
|
@ -148,12 +149,14 @@ struct pasn_data {
|
||||||
|
|
||||||
void wpa_pasn_reset(struct pasn_data *pasn);
|
void wpa_pasn_reset(struct pasn_data *pasn);
|
||||||
int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
|
int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
const u8 *peer_addr, int akmp, int cipher, u16 group,
|
const u8 *peer_addr, const u8 *bssid,
|
||||||
|
int akmp, int cipher, u16 group,
|
||||||
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
||||||
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
||||||
const struct wpabuf *comeback);
|
const struct wpabuf *comeback);
|
||||||
int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
|
int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
const u8 *peer_addr, int akmp, int cipher, u16 group,
|
const u8 *peer_addr, const u8 *bssid,
|
||||||
|
int akmp, int cipher, u16 group,
|
||||||
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
||||||
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
||||||
const struct wpabuf *comeback);
|
const struct wpabuf *comeback);
|
||||||
|
|
|
@ -538,7 +538,7 @@ static struct wpabuf * wpas_pasn_build_auth_1(struct pasn_data *pasn,
|
||||||
|
|
||||||
wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
|
wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
|
||||||
|
|
||||||
wpa_pasn_build_auth_header(buf, pasn->peer_addr,
|
wpa_pasn_build_auth_header(buf, pasn->bssid,
|
||||||
pasn->own_addr, pasn->peer_addr,
|
pasn->own_addr, pasn->peer_addr,
|
||||||
pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
|
pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
|
||||||
|
|
||||||
|
@ -629,7 +629,7 @@ static struct wpabuf * wpas_pasn_build_auth_3(struct pasn_data *pasn)
|
||||||
|
|
||||||
wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
|
wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
|
||||||
|
|
||||||
wpa_pasn_build_auth_header(buf, pasn->peer_addr,
|
wpa_pasn_build_auth_header(buf, pasn->bssid,
|
||||||
pasn->own_addr, pasn->peer_addr,
|
pasn->own_addr, pasn->peer_addr,
|
||||||
pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
|
pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
|
||||||
|
|
||||||
|
@ -858,8 +858,8 @@ static int wpas_pasn_set_pmk(struct pasn_data *pasn,
|
||||||
|
|
||||||
|
|
||||||
static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr,
|
static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
const u8 *peer_addr, int akmp, int cipher,
|
const u8 *peer_addr, const u8 *bssid, int akmp,
|
||||||
u16 group, int freq,
|
int cipher, u16 group, int freq,
|
||||||
const u8 *beacon_rsne, u8 beacon_rsne_len,
|
const u8 *beacon_rsne, u8 beacon_rsne_len,
|
||||||
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
||||||
const struct wpabuf *comeback, bool verify)
|
const struct wpabuf *comeback, bool verify)
|
||||||
|
@ -896,6 +896,7 @@ static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
|
|
||||||
os_memcpy(pasn->own_addr, own_addr, ETH_ALEN);
|
os_memcpy(pasn->own_addr, own_addr, ETH_ALEN);
|
||||||
os_memcpy(pasn->peer_addr, peer_addr, ETH_ALEN);
|
os_memcpy(pasn->peer_addr, peer_addr, ETH_ALEN);
|
||||||
|
os_memcpy(pasn->bssid, bssid, ETH_ALEN);
|
||||||
|
|
||||||
wpa_printf(MSG_DEBUG,
|
wpa_printf(MSG_DEBUG,
|
||||||
"PASN: Init%s: " MACSTR " akmp=0x%x, cipher=0x%x, group=%u",
|
"PASN: Init%s: " MACSTR " akmp=0x%x, cipher=0x%x, group=%u",
|
||||||
|
@ -927,7 +928,8 @@ fail:
|
||||||
|
|
||||||
|
|
||||||
int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
|
int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
const u8 *peer_addr, int akmp, int cipher, u16 group,
|
const u8 *peer_addr, const u8 *bssid,
|
||||||
|
int akmp, int cipher, u16 group,
|
||||||
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
||||||
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
||||||
const struct wpabuf *comeback)
|
const struct wpabuf *comeback)
|
||||||
|
@ -973,8 +975,8 @@ int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher,
|
return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, bssid, akmp,
|
||||||
group,
|
cipher, group,
|
||||||
freq, beacon_rsne, beacon_rsne_len,
|
freq, beacon_rsne, beacon_rsne_len,
|
||||||
beacon_rsnxe, beacon_rsnxe_len, comeback,
|
beacon_rsnxe, beacon_rsnxe_len, comeback,
|
||||||
false);
|
false);
|
||||||
|
@ -992,15 +994,16 @@ int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
* verification.
|
* verification.
|
||||||
*/
|
*/
|
||||||
int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
|
int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
const u8 *peer_addr, int akmp, int cipher, u16 group,
|
const u8 *peer_addr, const u8 *bssid,
|
||||||
|
int akmp, int cipher, u16 group,
|
||||||
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
|
||||||
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
|
||||||
const struct wpabuf *comeback)
|
const struct wpabuf *comeback)
|
||||||
{
|
{
|
||||||
return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher,
|
return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, bssid, akmp,
|
||||||
group, freq, beacon_rsne, beacon_rsne_len,
|
cipher, group, freq, beacon_rsne,
|
||||||
beacon_rsnxe, beacon_rsnxe_len, comeback,
|
beacon_rsne_len, beacon_rsnxe,
|
||||||
true);
|
beacon_rsnxe_len, comeback, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -1022,7 +1025,7 @@ static bool is_pasn_auth_frame(struct pasn_data *pasn,
|
||||||
/* Not our frame; do nothing */
|
/* Not our frame; do nothing */
|
||||||
if (os_memcmp(mgmt->da, pasn->own_addr, ETH_ALEN) != 0 ||
|
if (os_memcmp(mgmt->da, pasn->own_addr, ETH_ALEN) != 0 ||
|
||||||
os_memcmp(mgmt->sa, pasn->peer_addr, ETH_ALEN) != 0 ||
|
os_memcmp(mgmt->sa, pasn->peer_addr, ETH_ALEN) != 0 ||
|
||||||
os_memcmp(mgmt->bssid, pasn->peer_addr, ETH_ALEN) != 0)
|
os_memcmp(mgmt->bssid, pasn->bssid, ETH_ALEN) != 0)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/* Not PASN; do nothing */
|
/* Not PASN; do nothing */
|
||||||
|
|
|
@ -374,7 +374,7 @@ static void handle_auth_pasn_comeback(struct pasn_data *pasn,
|
||||||
if (!buf)
|
if (!buf)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
wpa_pasn_build_auth_header(buf, own_addr, own_addr, peer_addr, 2,
|
wpa_pasn_build_auth_header(buf, pasn->bssid, own_addr, peer_addr, 2,
|
||||||
WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY);
|
WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -432,7 +432,7 @@ int handle_auth_pasn_resp(struct pasn_data *pasn, const u8 *own_addr,
|
||||||
if (!buf)
|
if (!buf)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
wpa_pasn_build_auth_header(buf, own_addr, own_addr, peer_addr, 2,
|
wpa_pasn_build_auth_header(buf, pasn->bssid, own_addr, peer_addr, 2,
|
||||||
status);
|
status);
|
||||||
|
|
||||||
if (status != WLAN_STATUS_SUCCESS)
|
if (status != WLAN_STATUS_SUCCESS)
|
||||||
|
|
|
@ -647,8 +647,8 @@ static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit)
|
||||||
|
|
||||||
|
|
||||||
ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr,
|
ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr,
|
||||||
awork->akmp, awork->cipher, awork->group,
|
awork->peer_addr, awork->akmp, awork->cipher,
|
||||||
bss->freq, rsne, *(rsne + 1) + 2,
|
awork->group, bss->freq, rsne, *(rsne + 1) + 2,
|
||||||
rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0,
|
rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0,
|
||||||
awork->comeback);
|
awork->comeback);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
|
|
Loading…
Reference in a new issue