From a6c689d35482cd15bf14458326903145fa0c4315 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Thu, 16 Apr 2020 23:22:57 +0300 Subject: [PATCH] FT: Testing override for RSNXE Used subfield in FTE (AP) Allow hostapd to be requested to override the RSNXE Used subfield in FT reassociation case for testing purposes with "ft_rsnxe_used=<0/1/2>" where 0 = no override, 1 = override to 1, and 2 = override to 0. Signed-off-by: Jouni Malinen --- hostapd/config_file.c | 2 ++ hostapd/ctrl_iface.c | 6 ++++++ src/ap/ap_config.h | 1 + src/ap/wpa_auth.c | 7 +++++++ src/ap/wpa_auth.h | 2 ++ src/ap/wpa_auth_ft.c | 7 +++++++ src/ap/wpa_auth_glue.c | 1 + 7 files changed, 26 insertions(+) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 1d8c03973..cc1855dcd 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4215,6 +4215,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, bss->no_beacon_rsnxe = atoi(pos); } else if (os_strcmp(buf, "skip_prune_assoc") == 0) { bss->skip_prune_assoc = atoi(pos); + } else if (os_strcmp(buf, "ft_rsnxe_used") == 0) { + bss->ft_rsnxe_used = atoi(pos); #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_SAE } else if (os_strcmp(buf, "sae_password") == 0) { diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index d90b5dc8f..c5b258bf1 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -1477,6 +1477,12 @@ static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd) if (hapd->started) hostapd_setup_sae_pt(hapd->conf); } + +#ifdef CONFIG_TESTING_OPTIONS + if (os_strcmp(cmd, "ft_rsnxe_used") == 0) + wpa_auth_set_ft_rsnxe_used(hapd->wpa_auth, + hapd->conf->ft_rsnxe_used); +#endif /* CONFIG_TESTING_OPTIONS */ } return ret; diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index 2a0bf0763..0503400b5 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -686,6 +686,7 @@ struct hostapd_bss_config { struct wpabuf *igtk_rsc_override; int no_beacon_rsnxe; int skip_prune_assoc; + int ft_rsnxe_used; #endif /* CONFIG_TESTING_OPTIONS */ #define MESH_ENABLED BIT(0) diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 070236a89..8ecb17318 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -5459,4 +5459,11 @@ int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth) return eloop_register_timeout(0, 0, wpa_rekey_gtk, wpa_auth, NULL); } + +void wpa_auth_set_ft_rsnxe_used(struct wpa_authenticator *wpa_auth, int val) +{ + if (wpa_auth) + wpa_auth->conf.ft_rsnxe_used = val; +} + #endif /* CONFIG_TESTING_OPTIONS */ diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index c12221194..1ea067bcf 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -238,6 +238,7 @@ struct wpa_auth_config { unsigned int rsnxe_override_ft_set:1; unsigned int gtk_rsc_override_set:1; unsigned int igtk_rsc_override_set:1; + int ft_rsnxe_used; #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_P2P u8 ip_addr_go[4]; @@ -522,5 +523,6 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, void *ctx1, void *ctx2); int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth); void wpa_auth_set_ptk_rekey_timer(struct wpa_state_machine *sm); +void wpa_auth_set_ft_rsnxe_used(struct wpa_authenticator *wpa_auth, int val); #endif /* WPA_AUTH_H */ diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c index 30e801a3a..4b17da7a4 100644 --- a/src/ap/wpa_auth_ft.c +++ b/src/ap/wpa_auth_ft.c @@ -2647,6 +2647,13 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, } rsnxe_used = (auth_alg == WLAN_AUTH_FT) && (conf->sae_pwe == 1 || conf->sae_pwe == 2); +#ifdef CONFIG_TESTING_OPTIONS + if (sm->wpa_auth->conf.ft_rsnxe_used) { + rsnxe_used = sm->wpa_auth->conf.ft_rsnxe_used == 1; + wpa_printf(MSG_DEBUG, "TESTING: FT: Force RSNXE Used %d", + rsnxe_used); + } +#endif /* CONFIG_TESTING_OPTIONS */ res = wpa_write_ftie(conf, use_sha384, r0kh_id, r0kh_id_len, anonce, snonce, pos, end - pos, subelem, subelem_len, rsnxe_used); diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 79880e478..058b34ca3 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -174,6 +174,7 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, wpabuf_len(conf->igtk_rsc_override)); wconf->igtk_rsc_override_set = 1; } + wconf->ft_rsnxe_used = conf->ft_rsnxe_used; #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_P2P os_memcpy(wconf->ip_addr_go, conf->ip_addr_go, 4);