ctrl_iface: Add support for PASN authentication
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This commit is contained in:
Ilan Peer
Jouni Malinen
parent
363768c8ac
commit
ad338cfe58
2 changed files with 117 additions and 0 deletions
|
|
@ -4499,6 +4499,15 @@ static int ctrl_iface_get_capability_auth_alg(struct wpa_supplicant *wpa_s,
|
|||
#endif /* CONFIG_FILS_SK_PFS */
|
||||
#endif /* CONFIG_FILS */
|
||||
|
||||
#ifdef CONFIG_PASN
|
||||
ret = os_snprintf(pos, end - pos, "%sPASN",
|
||||
pos == buf ? "" : " ");
|
||||
if (os_snprintf_error(end - pos, ret))
|
||||
return pos - buf;
|
||||
pos += ret;
|
||||
|
||||
#endif /* CONFIG_PASN */
|
||||
|
||||
return pos - buf;
|
||||
}
|
||||
|
||||
|
|
@ -10448,6 +10457,70 @@ static int wpas_ctrl_iface_configure_mscs(struct wpa_supplicant *wpa_s,
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_PASN
|
||||
static int wpas_ctrl_iface_pasn_start(struct wpa_supplicant *wpa_s, char *cmd)
|
||||
{
|
||||
char *token, *context = NULL;
|
||||
u8 bssid[ETH_ALEN];
|
||||
int akmp = -1, cipher = -1, got_bssid = 0;
|
||||
u16 group = 0xFFFF;
|
||||
|
||||
/*
|
||||
* Entry format: bssid=<BSSID> akmp=<AKMP> cipher=<CIPHER> group=<group>
|
||||
*/
|
||||
while ((token = str_token(cmd, " ", &context))) {
|
||||
if (os_strncmp(token, "bssid=", 6) == 0) {
|
||||
if (hwaddr_aton(token + 6, bssid))
|
||||
return -1;
|
||||
got_bssid = 1;
|
||||
} else if (os_strcmp(token, "akmp=PASN") == 0) {
|
||||
akmp = WPA_KEY_MGMT_PASN;
|
||||
#ifdef CONFIG_IEEE80211R
|
||||
} else if (os_strcmp(token, "akmp=FT-PSK") == 0) {
|
||||
akmp = WPA_KEY_MGMT_FT_PSK;
|
||||
} else if (os_strcmp(token, "akmp=FT-EAP-SHA384") == 0) {
|
||||
akmp = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
|
||||
} else if (os_strcmp(token, "akmp=FT-EAP") == 0) {
|
||||
akmp = WPA_KEY_MGMT_FT_IEEE8021X;
|
||||
#endif /* CONFIG_IEEE80211R */
|
||||
#ifdef CONFIG_SAE
|
||||
} else if (os_strcmp(token, "akmp=SAE") == 0) {
|
||||
akmp = WPA_KEY_MGMT_SAE;
|
||||
#endif /* CONFIG_SAE */
|
||||
#ifdef CONFIG_FILS
|
||||
} else if (os_strcmp(token, "akmp=FILS-SHA256") == 0) {
|
||||
akmp = WPA_KEY_MGMT_FILS_SHA256;
|
||||
} else if (os_strcmp(token, "akmp=FILS-SHA384") == 0) {
|
||||
akmp = WPA_KEY_MGMT_FILS_SHA384;
|
||||
#endif /* CONFIG_FILS */
|
||||
} else if (os_strcmp(token, "cipher=CCMP-256") == 0) {
|
||||
cipher = WPA_CIPHER_CCMP_256;
|
||||
} else if (os_strcmp(token, "cipher=GCMP-256") == 0) {
|
||||
cipher = WPA_CIPHER_GCMP_256;
|
||||
} else if (os_strcmp(token, "cipher=CCMP") == 0) {
|
||||
cipher = WPA_CIPHER_CCMP;
|
||||
} else if (os_strcmp(token, "cipher=GCMP") == 0) {
|
||||
cipher = WPA_CIPHER_GCMP;
|
||||
} else if (os_strncmp(token, "group=", 6) == 0) {
|
||||
group = atoi(token + 6);
|
||||
} else {
|
||||
wpa_printf(MSG_DEBUG,
|
||||
"CTRL: PASN Invalid parameter: '%s'",
|
||||
token);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
if (!got_bssid || akmp == -1 || cipher == -1 || group == 0xFFFF) {
|
||||
wpa_printf(MSG_DEBUG,"CTRL: PASN missing parameter");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return wpas_pasn_auth_start(wpa_s, bssid, akmp, cipher, group);
|
||||
}
|
||||
#endif /* CONFIG_PASN */
|
||||
|
||||
|
||||
char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
|
||||
char *buf, size_t *resp_len)
|
||||
{
|
||||
|
|
@ -11342,6 +11415,15 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
|
|||
} else if (os_strncmp(buf, "MSCS ", 5) == 0) {
|
||||
if (wpas_ctrl_iface_configure_mscs(wpa_s, buf + 5))
|
||||
reply_len = -1;
|
||||
#ifdef CONFIG_PASN
|
||||
} else if (os_strncmp(buf, "PASN_START ", 11) == 0) {
|
||||
if (wpas_ctrl_iface_pasn_start(wpa_s, buf + 11) < 0)
|
||||
reply_len = -1;
|
||||
} else if (os_strcmp(buf, "PASN_STOP") == 0) {
|
||||
wpas_pasn_auth_stop(wpa_s);
|
||||
} else if (os_strcmp(buf, "PTKSA_CACHE_LIST") == 0) {
|
||||
reply_len = ptksa_cache_list(wpa_s->ptksa, reply, reply_size);
|
||||
#endif /* CONFIG_PASN */
|
||||
} else {
|
||||
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
|
||||
reply_len = 16;
|
||||
|
|
|
|||
|
|
@ -3172,6 +3172,30 @@ static int wpa_cli_cmd_all_bss(struct wpa_ctrl *ctrl, int argc, char *argv[])
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_PASN
|
||||
|
||||
static int wpa_cli_cmd_pasn_auth_start(struct wpa_ctrl *ctrl, int argc,
|
||||
char *argv[])
|
||||
{
|
||||
return wpa_cli_cmd(ctrl, "PASN_AUTH_START", 4, argc, argv);
|
||||
}
|
||||
|
||||
|
||||
static int wpa_cli_cmd_pasn_auth_stop(struct wpa_ctrl *ctrl, int argc,
|
||||
char *argv[])
|
||||
{
|
||||
return wpa_cli_cmd(ctrl, "PASN_AUTH_STOP", 0, argc, argv);
|
||||
}
|
||||
|
||||
static int wpa_cli_cmd_ptksa_cache_list(struct wpa_ctrl *ctrl, int argc,
|
||||
char *argv[])
|
||||
{
|
||||
return wpa_cli_cmd(ctrl, "PTKSA_CACHE_LIST", 0, argc, argv);
|
||||
}
|
||||
|
||||
#endif /* CONFIG_PASN */
|
||||
|
||||
|
||||
enum wpa_cli_cmd_flags {
|
||||
cli_cmd_flag_none = 0x00,
|
||||
cli_cmd_flag_sensitive = 0x01
|
||||
|
|
@ -3850,6 +3874,17 @@ static const struct wpa_cli_cmd wpa_cli_commands[] = {
|
|||
#endif /* CONFIG_DPP */
|
||||
{ "all_bss", wpa_cli_cmd_all_bss, NULL, cli_cmd_flag_none,
|
||||
"= list all BSS entries (scan results)" },
|
||||
#ifdef CONFIG_PASN
|
||||
{ "pasn_auth_start", wpa_cli_cmd_pasn_auth_start, NULL,
|
||||
cli_cmd_flag_none,
|
||||
"bssid=<BSSID> akmp=<WPA key mgmt> cipher=<WPA cipher> group=<group> = Start PASN authentication" },
|
||||
{ "pasn_auth_stop", wpa_cli_cmd_pasn_auth_stop, NULL,
|
||||
cli_cmd_flag_none,
|
||||
"= Stop PASN authentication" },
|
||||
{ "ptksa_cache_list", wpa_cli_cmd_ptksa_cache_list, NULL,
|
||||
cli_cmd_flag_none,
|
||||
"= Get the PTKSA Cache" },
|
||||
#endif /* CONFIG_PASN */
|
||||
{ NULL, NULL, NULL, cli_cmd_flag_none, NULL }
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue