hostapd/wpa_supplicant/mesh_rsn.h
Bob Copeland b2817cd5c2 mesh: Check PMKID in AMPE Action frames
From IEEE Std 802.11-2012 13.3.5:

   If the incoming Mesh Peering Management frame is for AMPE and the
   Chosen PMK from the received frame contains a PMKID that does not
   identify a valid mesh PMKSA, the frame shall be silently discarded.

We were not checking the PMKID previously, and we also weren't parsing
it correctly, so fix both.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2015-12-28 17:21:08 +02:00

37 lines
1.2 KiB
C

/*
* WPA Supplicant - Mesh RSN routines
* Copyright (c) 2013-2014, cozybit, Inc. All rights reserved.
*
* This software may be distributed under the terms of the BSD license.
* See README for more details.
*/
#ifndef MESH_RSN_H
#define MESH_RSN_H
struct mesh_rsn {
struct wpa_supplicant *wpa_s;
struct wpa_authenticator *auth;
u8 mgtk[16];
#ifdef CONFIG_SAE
struct wpabuf *sae_token;
int sae_group_index;
#endif /* CONFIG_SAE */
};
struct mesh_rsn * mesh_rsn_auth_init(struct wpa_supplicant *wpa_s,
struct mesh_conf *conf);
int mesh_rsn_auth_sae_sta(struct wpa_supplicant *wpa_s, struct sta_info *sta);
int mesh_rsn_derive_mtk(struct wpa_supplicant *wpa_s, struct sta_info *sta);
void mesh_rsn_get_pmkid(struct mesh_rsn *rsn, struct sta_info *sta, u8 *pmkid);
void mesh_rsn_init_ampe_sta(struct wpa_supplicant *wpa_s,
struct sta_info *sta);
int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta,
const u8 *cat, struct wpabuf *buf);
int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta,
struct ieee802_11_elems *elems, const u8 *cat,
const u8 *chosen_pmk,
const u8 *start, size_t elems_len);
void mesh_auth_timer(void *eloop_ctx, void *user_data);
#endif /* MESH_RSN_H */