FILS: Add FTE into FILS Authentication frame from AP when using FILS+FT
MDE was already added with RSNE, but FTE needed to be added to the FILS Authentication frame for the FT initial mobility domain association using FILS authentication case. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
af3e362fa7
commit
5db997e343
3 changed files with 30 additions and 5 deletions
|
@ -1140,9 +1140,6 @@ static void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta,
|
||||||
if (resp != WLAN_STATUS_SUCCESS)
|
if (resp != WLAN_STATUS_SUCCESS)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
/* TODO: MDE when using FILS+FT */
|
|
||||||
/* TODO: FTE when using FILS+FT */
|
|
||||||
|
|
||||||
if (!elems.fils_nonce) {
|
if (!elems.fils_nonce) {
|
||||||
wpa_printf(MSG_DEBUG, "FILS: No FILS Nonce field");
|
wpa_printf(MSG_DEBUG, "FILS: No FILS Nonce field");
|
||||||
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
|
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
|
||||||
|
@ -1305,8 +1302,22 @@ static void handle_auth_fils_finish(struct hostapd_data *hapd,
|
||||||
/* RSNE */
|
/* RSNE */
|
||||||
wpabuf_put_data(data, ie, ielen);
|
wpabuf_put_data(data, ie, ielen);
|
||||||
|
|
||||||
/* TODO: MDE when using FILS+FT */
|
/* MDE when using FILS+FT (already included in ie,ielen with RSNE) */
|
||||||
/* TODO: FTE when using FILS+FT */
|
|
||||||
|
#ifdef CONFIG_IEEE80211R_AP
|
||||||
|
if (wpa_key_mgmt_ft(wpa_auth_sta_key_mgmt(sta->wpa_sm))) {
|
||||||
|
/* FTE[R1KH-ID,R0KH-ID] when using FILS+FT */
|
||||||
|
int res;
|
||||||
|
|
||||||
|
res = wpa_auth_write_fte(hapd->wpa_auth, wpabuf_put(data, 0),
|
||||||
|
wpabuf_tailroom(data));
|
||||||
|
if (res < 0) {
|
||||||
|
resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
|
wpabuf_put(data, res);
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_IEEE80211R_AP */
|
||||||
|
|
||||||
/* FILS Nonce */
|
/* FILS Nonce */
|
||||||
wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */
|
wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */
|
||||||
|
|
|
@ -4272,4 +4272,16 @@ wpa_auth_pmksa_get_fils_cache_id(struct wpa_authenticator *wpa_auth,
|
||||||
return idata.pmksa;
|
return idata.pmksa;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef CONFIG_IEEE80211R_AP
|
||||||
|
int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len)
|
||||||
|
{
|
||||||
|
struct wpa_auth_config *conf = &wpa_auth->conf;
|
||||||
|
|
||||||
|
return wpa_write_ftie(conf, conf->r0_key_holder,
|
||||||
|
conf->r0_key_holder_len,
|
||||||
|
NULL, NULL, buf, len, NULL, 0);
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_IEEE80211R_AP */
|
||||||
|
|
||||||
#endif /* CONFIG_FILS */
|
#endif /* CONFIG_FILS */
|
||||||
|
|
|
@ -375,4 +375,6 @@ int fils_encrypt_assoc(struct wpa_state_machine *sm, u8 *buf,
|
||||||
const struct wpabuf *hlp);
|
const struct wpabuf *hlp);
|
||||||
int fils_set_tk(struct wpa_state_machine *sm);
|
int fils_set_tk(struct wpa_state_machine *sm);
|
||||||
|
|
||||||
|
int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len);
|
||||||
|
|
||||||
#endif /* WPA_AUTH_H */
|
#endif /* WPA_AUTH_H */
|
||||||
|
|
Loading…
Reference in a new issue