Don't use default RSNE/RSNXE when the driver indicates cross SSID roaming

During cross SSID roaming wpa_supplicant ended up using the default
RSNE/RSNXE in EAPOL-Key msg 2/4 though the driver indicated
(Re)Association Request frame elements without RSNE/RSNXE. This causes
RSNE/RSNXE mismatch between (Re)Association Request frame and EAPOL-Key
msg 2/4.

To avoid this skip copying the default RSNE/RSNXE if the driver
indicates the actually used (Re)Association Request frame elements in
the association event.

Signed-off-by: Utkarsh Soni <quic_usoni@quicinc.com>
This commit is contained in:
Utkarsh Soni 2022-10-20 14:45:18 +05:30 committed by Jouni Malinen
parent d7febe33f6
commit b92f61885c
4 changed files with 39 additions and 20 deletions

View file

@ -182,7 +182,8 @@ static void wpa_supplicant_update_link_bss(struct wpa_supplicant *wpa_s,
} }
static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s) static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s,
union wpa_event_data *data)
{ {
struct wpa_ssid *ssid, *old_ssid; struct wpa_ssid *ssid, *old_ssid;
u8 drv_ssid[SSID_MAX_LEN]; u8 drv_ssid[SSID_MAX_LEN];
@ -255,8 +256,15 @@ static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s)
if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
u8 wpa_ie[80]; u8 wpa_ie[80];
size_t wpa_ie_len = sizeof(wpa_ie); size_t wpa_ie_len = sizeof(wpa_ie);
bool skip_default_rsne;
/* Do not override RSNE/RSNXE with the default values if the
* driver indicated the actual values used in the
* (Re)Association Request frame. */
skip_default_rsne = data && data->assoc_info.req_ies;
if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
wpa_ie, &wpa_ie_len) < 0) wpa_ie, &wpa_ie_len,
skip_default_rsne) < 0)
wpa_dbg(wpa_s, MSG_DEBUG, "Could not set WPA suites"); wpa_dbg(wpa_s, MSG_DEBUG, "Could not set WPA suites");
} else { } else {
wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
@ -3557,7 +3565,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) { if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) {
wpa_clear_keys(wpa_s, bssid); wpa_clear_keys(wpa_s, bssid);
} }
if (wpa_supplicant_select_config(wpa_s) < 0) { if (wpa_supplicant_select_config(wpa_s, data) < 0) {
wpa_supplicant_deauthenticate( wpa_supplicant_deauthenticate(
wpa_s, WLAN_REASON_DEAUTH_LEAVING); wpa_s, WLAN_REASON_DEAUTH_LEAVING);
return; return;

View file

@ -501,7 +501,8 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
if (wpa_supplicant_set_suites(wpa_s, bss, ssid, if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
wpa_s->sme.assoc_req_ie, wpa_s->sme.assoc_req_ie,
&wpa_s->sme.assoc_req_ie_len)) { &wpa_s->sme.assoc_req_ie_len,
false)) {
wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA " wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
"key management and encryption suites"); "key management and encryption suites");
wpas_connect_work_done(wpa_s); wpas_connect_work_done(wpa_s);
@ -514,7 +515,8 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
if (wpa_supplicant_set_suites(wpa_s, bss, ssid, if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
wpa_s->sme.assoc_req_ie, wpa_s->sme.assoc_req_ie,
&wpa_s->sme.assoc_req_ie_len)) { &wpa_s->sme.assoc_req_ie_len,
false)) {
wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA " wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
"key management and encryption suites"); "key management and encryption suites");
wpas_connect_work_done(wpa_s); wpas_connect_work_done(wpa_s);
@ -534,7 +536,8 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
wpa_s->sme.assoc_req_ie, wpa_s->sme.assoc_req_ie,
&wpa_s->sme.assoc_req_ie_len)) { &wpa_s->sme.assoc_req_ie_len,
false)) {
wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA " wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
"key management and encryption suites (no " "key management and encryption suites (no "
"scan results)"); "scan results)");

View file

@ -1565,6 +1565,7 @@ static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s,
* @wpa_ie: Buffer for the WPA/RSN IE * @wpa_ie: Buffer for the WPA/RSN IE
* @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
* used buffer length in case the functions returns success. * used buffer length in case the functions returns success.
* @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE
* Returns: 0 on success or -1 on failure * Returns: 0 on success or -1 on failure
* *
* This function is used to configure authentication and encryption parameters * This function is used to configure authentication and encryption parameters
@ -1573,7 +1574,8 @@ static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s,
*/ */
int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
struct wpa_bss *bss, struct wpa_ssid *ssid, struct wpa_bss *bss, struct wpa_ssid *ssid,
u8 *wpa_ie, size_t *wpa_ie_len) u8 *wpa_ie, size_t *wpa_ie_len,
bool skip_default_rsne)
{ {
struct wpa_ie_data ie; struct wpa_ie_data ie;
int sel, proto, sae_pwe; int sel, proto, sae_pwe;
@ -1961,17 +1963,22 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
} }
if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { if (!skip_default_rsne) {
wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie,
wpa_ie_len)) {
wpa_msg(wpa_s, MSG_WARNING,
"RSN: Failed to generate RSNE/WPA IE");
return -1; return -1;
} }
wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe); wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe, if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
&wpa_s->rsnxe_len)) { &wpa_s->rsnxe_len)) {
wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE"); wpa_msg(wpa_s, MSG_WARNING,
"RSN: Failed to generate RSNXE");
return -1; return -1;
} }
}
if (0) { if (0) {
#ifdef CONFIG_DPP #ifdef CONFIG_DPP
@ -3129,7 +3136,7 @@ static u8 * wpas_populate_assoc_ies(
} }
wpa_ie_len = max_wpa_ie_len; wpa_ie_len = max_wpa_ie_len;
if (wpa_supplicant_set_suites(wpa_s, bss, ssid, if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
wpa_ie, &wpa_ie_len)) { wpa_ie, &wpa_ie_len, false)) {
wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
"key management and encryption suites"); "key management and encryption suites");
os_free(wpa_ie); os_free(wpa_ie);
@ -3141,7 +3148,7 @@ static u8 * wpas_populate_assoc_ies(
/* No PMKSA caching, but otherwise similar to RSN/WPA */ /* No PMKSA caching, but otherwise similar to RSN/WPA */
wpa_ie_len = max_wpa_ie_len; wpa_ie_len = max_wpa_ie_len;
if (wpa_supplicant_set_suites(wpa_s, bss, ssid, if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
wpa_ie, &wpa_ie_len)) { wpa_ie, &wpa_ie_len, false)) {
wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
"key management and encryption suites"); "key management and encryption suites");
os_free(wpa_ie); os_free(wpa_ie);
@ -3161,7 +3168,7 @@ static u8 * wpas_populate_assoc_ies(
} else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
wpa_ie_len = max_wpa_ie_len; wpa_ie_len = max_wpa_ie_len;
if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
wpa_ie, &wpa_ie_len)) { wpa_ie, &wpa_ie_len, false)) {
wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
"key management and encryption suites (no " "key management and encryption suites (no "
"scan results)"); "scan results)");

View file

@ -1550,7 +1550,8 @@ void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid, struct wpa_ie_data *ie); struct wpa_ssid *ssid, struct wpa_ie_data *ie);
int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
struct wpa_bss *bss, struct wpa_ssid *ssid, struct wpa_bss *bss, struct wpa_ssid *ssid,
u8 *wpa_ie, size_t *wpa_ie_len); u8 *wpa_ie, size_t *wpa_ie_len,
bool skip_default_rsne);
int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s); int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s);
void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
struct wpa_bss *bss, struct wpa_bss *bss,