DPP3: Use Connector version instead of current version in Peer Discovery
Generate Peer Discovery Request/Response messages using the protected version from the Connector, if present, instead of the currently supported protocol version which might be higher than the one that got included into the signed Connector during provisioning earlier. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
0cfb726895
commit
f26fd5ee6c
4 changed files with 49 additions and 2 deletions
|
@ -1558,10 +1558,23 @@ skip_connector:
|
||||||
|
|
||||||
#ifdef CONFIG_DPP2
|
#ifdef CONFIG_DPP2
|
||||||
if (DPP_VERSION > 1) {
|
if (DPP_VERSION > 1) {
|
||||||
|
u8 ver = DPP_VERSION;
|
||||||
|
#ifdef CONFIG_DPP3
|
||||||
|
int conn_ver;
|
||||||
|
|
||||||
|
conn_ver = dpp_get_connector_version(hapd->conf->dpp_connector);
|
||||||
|
if (conn_ver > 0 && ver != conn_ver) {
|
||||||
|
wpa_printf(MSG_DEBUG,
|
||||||
|
"DPP: Use Connector version %d instead of current protocol version %d",
|
||||||
|
conn_ver, ver);
|
||||||
|
ver = conn_ver;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_DPP3 */
|
||||||
|
|
||||||
/* Protocol Version */
|
/* Protocol Version */
|
||||||
wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
|
wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
|
||||||
wpabuf_put_le16(msg, 1);
|
wpabuf_put_le16(msg, 1);
|
||||||
wpabuf_put_u8(msg, DPP_VERSION);
|
wpabuf_put_u8(msg, ver);
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_DPP2 */
|
#endif /* CONFIG_DPP2 */
|
||||||
|
|
||||||
|
|
|
@ -3760,6 +3760,26 @@ fail:
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifdef CONFIG_DPP3
|
||||||
|
int dpp_get_connector_version(const char *connector)
|
||||||
|
{
|
||||||
|
struct json_token *root, *token;
|
||||||
|
int ver = -1;
|
||||||
|
|
||||||
|
root = dpp_parse_own_connector(connector);
|
||||||
|
if (!root)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
token = json_get_member(root, "version");
|
||||||
|
if (token && token->type == JSON_NUMBER)
|
||||||
|
ver = token->number;
|
||||||
|
|
||||||
|
json_free(root);
|
||||||
|
return ver;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_DPP3 */
|
||||||
|
|
||||||
|
|
||||||
unsigned int dpp_next_id(struct dpp_global *dpp)
|
unsigned int dpp_next_id(struct dpp_global *dpp)
|
||||||
{
|
{
|
||||||
struct dpp_bootstrap_info *bi;
|
struct dpp_bootstrap_info *bi;
|
||||||
|
|
|
@ -595,6 +595,7 @@ dpp_peer_intro(struct dpp_introduction *intro, const char *own_connector,
|
||||||
const u8 *csign_key, size_t csign_key_len,
|
const u8 *csign_key, size_t csign_key_len,
|
||||||
const u8 *peer_connector, size_t peer_connector_len,
|
const u8 *peer_connector, size_t peer_connector_len,
|
||||||
os_time_t *expiry);
|
os_time_t *expiry);
|
||||||
|
int dpp_get_connector_version(const char *connector);
|
||||||
struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi,
|
struct dpp_pkex * dpp_pkex_init(void *msg_ctx, struct dpp_bootstrap_info *bi,
|
||||||
const u8 *own_mac,
|
const u8 *own_mac,
|
||||||
const char *identifier,
|
const char *identifier,
|
||||||
|
|
|
@ -3196,10 +3196,23 @@ skip_connector:
|
||||||
|
|
||||||
#ifdef CONFIG_DPP2
|
#ifdef CONFIG_DPP2
|
||||||
if (DPP_VERSION > 1) {
|
if (DPP_VERSION > 1) {
|
||||||
|
u8 ver = DPP_VERSION;
|
||||||
|
#ifdef CONFIG_DPP3
|
||||||
|
int conn_ver;
|
||||||
|
|
||||||
|
conn_ver = dpp_get_connector_version(ssid->dpp_connector);
|
||||||
|
if (conn_ver > 0 && ver != conn_ver) {
|
||||||
|
wpa_printf(MSG_DEBUG,
|
||||||
|
"DPP: Use Connector version %d instead of current protocol version %d",
|
||||||
|
conn_ver, ver);
|
||||||
|
ver = conn_ver;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_DPP3 */
|
||||||
|
|
||||||
/* Protocol Version */
|
/* Protocol Version */
|
||||||
wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
|
wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
|
||||||
wpabuf_put_le16(msg, 1);
|
wpabuf_put_le16(msg, 1);
|
||||||
wpabuf_put_u8(msg, DPP_VERSION);
|
wpabuf_put_u8(msg, ver);
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_DPP2 */
|
#endif /* CONFIG_DPP2 */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue