RSNO: Always enable SNonce cookie and RSN Override elements validation
Always set SNonce cookie and enable RSN Override elements validation irrespective of the RSN Selection element usage in (Re)Association Request frame when RSN overriding supported. Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
This commit is contained in:
parent
bbb55af8c3
commit
df8c5e22d7
5 changed files with 24 additions and 4 deletions
|
@ -1023,7 +1023,7 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
|
||||||
"WPA: Failed to get random data for SNonce");
|
"WPA: Failed to get random data for SNonce");
|
||||||
goto failed;
|
goto failed;
|
||||||
}
|
}
|
||||||
if (sm->rsn_override != RSN_OVERRIDE_NOT_USED)
|
if (wpa_sm_rsn_overriding_supported(sm))
|
||||||
rsn_set_snonce_cookie(sm->snonce);
|
rsn_set_snonce_cookie(sm->snonce);
|
||||||
sm->renew_snonce = 0;
|
sm->renew_snonce = 0;
|
||||||
wpa_hexdump(MSG_DEBUG, "WPA: Renewed SNonce",
|
wpa_hexdump(MSG_DEBUG, "WPA: Renewed SNonce",
|
||||||
|
@ -2228,8 +2228,7 @@ static int wpa_supplicant_validate_ie(struct wpa_sm *sm,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sm->proto == WPA_PROTO_RSN &&
|
if (sm->proto == WPA_PROTO_RSN && wpa_sm_rsn_overriding_supported(sm)) {
|
||||||
sm->rsn_override != RSN_OVERRIDE_NOT_USED) {
|
|
||||||
if ((sm->ap_rsne_override && !ie->rsne_override) ||
|
if ((sm->ap_rsne_override && !ie->rsne_override) ||
|
||||||
(!sm->ap_rsne_override && ie->rsne_override) ||
|
(!sm->ap_rsne_override && ie->rsne_override) ||
|
||||||
(sm->ap_rsne_override && ie->rsne_override &&
|
(sm->ap_rsne_override && ie->rsne_override &&
|
||||||
|
@ -2532,7 +2531,7 @@ static int wpa_supplicant_validate_link_kde(struct wpa_sm *sm, u8 link_id,
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sm->rsn_override == RSN_OVERRIDE_NOT_USED)
|
if (!wpa_sm_rsn_overriding_supported(sm))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (rsn_override_link_kde) {
|
if (rsn_override_link_kde) {
|
||||||
|
@ -4991,6 +4990,9 @@ int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param,
|
||||||
case WPA_PARAM_RSN_OVERRIDE:
|
case WPA_PARAM_RSN_OVERRIDE:
|
||||||
sm->rsn_override = value;
|
sm->rsn_override = value;
|
||||||
break;
|
break;
|
||||||
|
case WPA_PARAM_RSN_OVERRIDE_SUPPORT:
|
||||||
|
sm->rsn_override_support = value;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -5099,6 +5101,17 @@ int wpa_sm_pmf_enabled(struct wpa_sm *sm)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
bool wpa_sm_rsn_overriding_supported(struct wpa_sm *sm)
|
||||||
|
{
|
||||||
|
const u8 *rsne;
|
||||||
|
size_t rsne_len;
|
||||||
|
|
||||||
|
rsne = wpa_sm_get_ap_rsne(sm, &rsne_len);
|
||||||
|
|
||||||
|
return sm->rsn_override_support && rsne;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
int wpa_sm_ext_key_id(struct wpa_sm *sm)
|
int wpa_sm_ext_key_id(struct wpa_sm *sm)
|
||||||
{
|
{
|
||||||
return sm ? sm->ext_key_id : 0;
|
return sm ? sm->ext_key_id : 0;
|
||||||
|
|
|
@ -138,6 +138,7 @@ enum wpa_sm_conf_params {
|
||||||
WPA_PARAM_FT_PREPEND_PMKID,
|
WPA_PARAM_FT_PREPEND_PMKID,
|
||||||
WPA_PARAM_SSID_PROTECTION,
|
WPA_PARAM_SSID_PROTECTION,
|
||||||
WPA_PARAM_RSN_OVERRIDE,
|
WPA_PARAM_RSN_OVERRIDE,
|
||||||
|
WPA_PARAM_RSN_OVERRIDE_SUPPORT,
|
||||||
};
|
};
|
||||||
|
|
||||||
enum wpa_rsn_override {
|
enum wpa_rsn_override {
|
||||||
|
|
|
@ -233,6 +233,7 @@ struct wpa_sm {
|
||||||
bool driver_bss_selection;
|
bool driver_bss_selection;
|
||||||
bool ft_prepend_pmkid;
|
bool ft_prepend_pmkid;
|
||||||
|
|
||||||
|
bool rsn_override_support;
|
||||||
enum wpa_rsn_override rsn_override;
|
enum wpa_rsn_override rsn_override;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -547,5 +548,6 @@ int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
|
||||||
|
|
||||||
void wpa_tdls_assoc(struct wpa_sm *sm);
|
void wpa_tdls_assoc(struct wpa_sm *sm);
|
||||||
void wpa_tdls_disassoc(struct wpa_sm *sm);
|
void wpa_tdls_disassoc(struct wpa_sm *sm);
|
||||||
|
bool wpa_sm_rsn_overriding_supported(struct wpa_sm *sm);
|
||||||
|
|
||||||
#endif /* WPA_I_H */
|
#endif /* WPA_I_H */
|
||||||
|
|
|
@ -2467,6 +2467,8 @@ mscs_fail:
|
||||||
wpa_s->sme.assoc_req_ie_len += multi_ap_ie_len;
|
wpa_s->sme.assoc_req_ie_len += multi_ap_ie_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE_SUPPORT,
|
||||||
|
wpas_rsn_overriding(wpa_s));
|
||||||
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
|
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
|
||||||
RSN_OVERRIDE_NOT_USED);
|
RSN_OVERRIDE_NOT_USED);
|
||||||
if (wpas_rsn_overriding(wpa_s) &&
|
if (wpas_rsn_overriding(wpa_s) &&
|
||||||
|
|
|
@ -3965,6 +3965,8 @@ mscs_end:
|
||||||
wpa_ie_len += multi_ap_ie_len;
|
wpa_ie_len += multi_ap_ie_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE_SUPPORT,
|
||||||
|
wpas_rsn_overriding(wpa_s));
|
||||||
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
|
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
|
||||||
RSN_OVERRIDE_NOT_USED);
|
RSN_OVERRIDE_NOT_USED);
|
||||||
if (wpas_rsn_overriding(wpa_s) &&
|
if (wpas_rsn_overriding(wpa_s) &&
|
||||||
|
|
Loading…
Reference in a new issue