SAE-PK: Testing functionality to allow behavior overrides
The new sae_commit_status and sae_pk_omit configuration parameters and an extra key at the end of sae_password pk argument can be used to override SAE-PK behavior for testing purposes. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
3a6e674adf
commit
4ff0df39eb
6 changed files with 76 additions and 3 deletions
|
@ -160,6 +160,10 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
|
|||
|
||||
/* Default to strict CRL checking. */
|
||||
bss->check_crl_strict = 1;
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
bss->sae_commit_status = -1;
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -678,6 +678,8 @@ struct hostapd_bss_config {
|
|||
u8 bss_load_test_set;
|
||||
struct wpabuf *own_ie_override;
|
||||
int sae_reflection_attack;
|
||||
int sae_commit_status;
|
||||
int sae_pk_omit;
|
||||
struct wpabuf *sae_commit_override;
|
||||
struct wpabuf *rsne_override_eapol;
|
||||
struct wpabuf *rsnxe_override_eapol;
|
||||
|
|
|
@ -567,6 +567,13 @@ static struct wpabuf * auth_build_sae_confirm(struct hostapd_data *hapd,
|
|||
if (buf == NULL)
|
||||
return NULL;
|
||||
|
||||
#ifdef CONFIG_SAE_PK
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (sta->sae->tmp)
|
||||
sta->sae->tmp->omit_pk_elem = hapd->conf->sae_pk_omit;
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
#endif /* CONFIG_SAE_PK */
|
||||
|
||||
if (sae_write_confirm(sta->sae, buf) < 0) {
|
||||
wpabuf_free(buf);
|
||||
return NULL;
|
||||
|
@ -600,6 +607,15 @@ static int auth_sae_send_commit(struct hostapd_data *hapd,
|
|||
status = WLAN_STATUS_SAE_HASH_TO_ELEMENT;
|
||||
else
|
||||
status = WLAN_STATUS_SUCCESS;
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (hapd->conf->sae_commit_status >= 0 &&
|
||||
hapd->conf->sae_commit_status != status) {
|
||||
wpa_printf(MSG_INFO,
|
||||
"TESTING: Override SAE commit status code %u --> %d",
|
||||
status, hapd->conf->sae_commit_status);
|
||||
status = hapd->conf->sae_commit_status;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
reply_res = send_auth_reply(hapd, sta, sta->addr, bssid,
|
||||
WLAN_AUTH_SAE, 1,
|
||||
status, wpabuf_head(data),
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue