Revert "Revert "[wpa_supplicant] cumilative patch from commit 4b..."
Revert submission 28102966-revert-26533062-Supplicant_merge_June24-CUATTSRBBR
Fixed the regression issue (ag/28389573)
Bug: 329004037
Reverted changes: /q/submissionid:28102966-revert-26533062-Supplicant_merge_June24-CUATTSRBBR
Test: Turn ON/OFF SoftAp
Change-Id: Ie7ea1ee7f8b1311fce280907d37a2e321542f547
diff --git a/src/pasn/pasn_common.c b/src/pasn/pasn_common.c
new file mode 100644
index 0000000..e2c6681
--- /dev/null
+++ b/src/pasn/pasn_common.c
@@ -0,0 +1,232 @@
+/*
+ * PASN common processing
+ *
+ * Copyright (C) 2024, Qualcomm Innovation Center, Inc.
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "utils/includes.h"
+
+#include "utils/common.h"
+#include "common/wpa_common.h"
+#include "common/sae.h"
+#include "crypto/sha384.h"
+#include "crypto/crypto.h"
+#include "common/ieee802_11_defs.h"
+#include "pasn_common.h"
+
+
+struct pasn_data * pasn_data_init(void)
+{
+ struct pasn_data *pasn = os_zalloc(sizeof(struct pasn_data));
+
+ return pasn;
+}
+
+
+void pasn_data_deinit(struct pasn_data *pasn)
+{
+ bin_clear_free(pasn, sizeof(struct pasn_data));
+}
+
+
+void pasn_register_callbacks(struct pasn_data *pasn, void *cb_ctx,
+ int (*send_mgmt)(void *ctx, const u8 *data,
+ size_t data_len, int noack,
+ unsigned int freq,
+ unsigned int wait),
+ int (*validate_custom_pmkid)(void *ctx,
+ const u8 *addr,
+ const u8 *pmkid))
+{
+ if (!pasn)
+ return;
+
+ pasn->cb_ctx = cb_ctx;
+ pasn->send_mgmt = send_mgmt;
+ pasn->validate_custom_pmkid = validate_custom_pmkid;
+}
+
+
+void pasn_enable_kdk_derivation(struct pasn_data *pasn)
+{
+ if (!pasn)
+ return;
+ pasn->derive_kdk = true;
+ pasn->kdk_len = WPA_KDK_MAX_LEN;
+}
+
+
+void pasn_disable_kdk_derivation(struct pasn_data *pasn)
+{
+ if (!pasn)
+ return;
+ pasn->derive_kdk = false;
+ pasn->kdk_len = 0;
+}
+
+
+void pasn_set_akmp(struct pasn_data *pasn, int akmp)
+{
+ if (!pasn)
+ return;
+ pasn->akmp = akmp;
+}
+
+
+void pasn_set_cipher(struct pasn_data *pasn, int cipher)
+{
+ if (!pasn)
+ return;
+ pasn->cipher = cipher;
+}
+
+
+void pasn_set_own_addr(struct pasn_data *pasn, const u8 *addr)
+{
+ if (!pasn || !addr)
+ return;
+ os_memcpy(pasn->own_addr, addr, ETH_ALEN);
+}
+
+
+void pasn_set_peer_addr(struct pasn_data *pasn, const u8 *addr)
+{
+ if (!pasn || !addr)
+ return;
+ os_memcpy(pasn->peer_addr, addr, ETH_ALEN);
+}
+
+
+void pasn_set_bssid(struct pasn_data *pasn, const u8 *addr)
+{
+ if (!pasn || !addr)
+ return;
+ os_memcpy(pasn->bssid, addr, ETH_ALEN);
+}
+
+
+int pasn_set_pt(struct pasn_data *pasn, struct sae_pt *pt)
+{
+ if (!pasn)
+ return -1;
+#ifdef CONFIG_SAE
+ pasn->pt = pt;
+ return 0;
+#else /* CONFIG_SAE */
+ return -1;
+#endif /* CONFIG_SAE */
+}
+
+
+void pasn_set_password(struct pasn_data *pasn, const char *password)
+{
+ if (!pasn)
+ return;
+ pasn->password = password;
+}
+
+
+void pasn_set_wpa_key_mgmt(struct pasn_data *pasn, int key_mgmt)
+{
+ if (!pasn)
+ return;
+ pasn->wpa_key_mgmt = key_mgmt;
+}
+
+
+void pasn_set_rsn_pairwise(struct pasn_data *pasn, int rsn_pairwise)
+{
+ if (!pasn)
+ return;
+ pasn->rsn_pairwise = rsn_pairwise;
+}
+
+
+void pasn_set_rsnxe_caps(struct pasn_data *pasn, u16 rsnxe_capab)
+{
+ if (!pasn)
+ return;
+ pasn->rsnxe_capab = rsnxe_capab;
+}
+
+
+void pasn_set_rsnxe_ie(struct pasn_data *pasn, const u8 *rsnxe_ie)
+{
+ if (!pasn || !rsnxe_ie)
+ return;
+ pasn->rsnxe_ie = rsnxe_ie;
+}
+
+
+void pasn_set_custom_pmkid(struct pasn_data *pasn, const u8 *pmkid)
+{
+ if (!pasn || !pmkid)
+ return;
+ os_memcpy(pasn->custom_pmkid, pmkid, PMKID_LEN);
+ pasn->custom_pmkid_valid = true;
+}
+
+
+int pasn_set_extra_ies(struct pasn_data *pasn, const u8 *extra_ies,
+ size_t extra_ies_len)
+{
+ if (!pasn || !extra_ies_len || !extra_ies)
+ return -1;
+
+ if (pasn->extra_ies) {
+ os_free((u8 *) pasn->extra_ies);
+ pasn->extra_ies_len = extra_ies_len;
+ }
+
+ pasn->extra_ies = os_memdup(extra_ies, extra_ies_len);
+ if (!pasn->extra_ies) {
+ wpa_printf(MSG_ERROR,
+ "PASN: Extra IEs memory allocation failed");
+ return -1;
+ }
+ pasn->extra_ies_len = extra_ies_len;
+ return 0;
+}
+
+
+int pasn_get_akmp(struct pasn_data *pasn)
+{
+ if (!pasn)
+ return 0;
+ return pasn->akmp;
+}
+
+
+int pasn_get_cipher(struct pasn_data *pasn)
+{
+ if (!pasn)
+ return 0;
+ return pasn->cipher;
+}
+
+
+size_t pasn_get_pmk_len(struct pasn_data *pasn)
+{
+ if (!pasn)
+ return 0;
+ return pasn->pmk_len;
+}
+
+
+u8 * pasn_get_pmk(struct pasn_data *pasn)
+{
+ if (!pasn)
+ return NULL;
+ return pasn->pmk;
+}
+
+
+struct wpa_ptk * pasn_get_ptk(struct pasn_data *pasn)
+{
+ if (!pasn)
+ return NULL;
+ return &pasn->ptk;
+}
diff --git a/src/pasn/pasn_common.h b/src/pasn/pasn_common.h
index a4850a2..36710c2 100644
--- a/src/pasn/pasn_common.h
+++ b/src/pasn/pasn_common.h
@@ -16,8 +16,6 @@
extern "C" {
#endif
-#ifdef CONFIG_PASN
-
enum pasn_fils_state {
PASN_FILS_STATE_NONE = 0,
PASN_FILS_STATE_PENDING_AS,
@@ -35,19 +33,46 @@
};
struct pasn_data {
+ /* External modules access below variables using setter and getter
+ * functions */
int akmp;
int cipher;
+ u8 own_addr[ETH_ALEN];
+ u8 peer_addr[ETH_ALEN];
+ u8 bssid[ETH_ALEN];
+ struct rsn_pmksa_cache *pmksa;
+ bool derive_kdk;
+ size_t kdk_len;
+ void *cb_ctx;
+
+#ifdef CONFIG_SAE
+ struct sae_pt *pt;
+#endif /* CONFIG_SAE */
+
+ /* Responder */
+ const char *password;
+ int wpa_key_mgmt;
+ int rsn_pairwise;
+ u16 rsnxe_capab;
+ const u8 *rsnxe_ie;
+ bool custom_pmkid_valid;
+ u8 custom_pmkid[PMKID_LEN];
+
+ /*
+ * Extra elements to add into Authentication frames. These can be used,
+ * e.g., for Wi-Fi Aware use cases.
+ */
+ const u8 *extra_ies;
+ size_t extra_ies_len;
+
+ /* External modules do not access below variables */
u16 group;
bool secure_ltf;
int freq;
- size_t kdk_len;
u8 trans_seq;
u8 status;
- u8 own_addr[ETH_ALEN];
- u8 peer_addr[ETH_ALEN];
- u8 bssid[ETH_ALEN];
size_t pmk_len;
u8 pmk[PMK_LEN_MAX];
bool using_pmksa;
@@ -63,7 +88,6 @@
#ifdef CONFIG_SAE
struct sae_data sae;
- struct sae_pt *pt;
#endif /* CONFIG_SAE */
#ifdef CONFIG_FILS
@@ -81,15 +105,12 @@
* differently for the PASN initiator (using RSN Supplicant
* implementation) and PASN responser (using RSN Authenticator
* implementation). Functions cannot be mixed between those cases. */
- struct rsn_pmksa_cache *pmksa;
struct rsn_pmksa_cache_entry *pmksa_entry;
struct eapol_sm *eapol;
int fast_reauth;
#ifdef CONFIG_TESTING_OPTIONS
int corrupt_mic;
#endif /* CONFIG_TESTING_OPTIONS */
- void *cb_ctx;
- u16 rsnxe_capab;
int network_id;
u8 wrapped_data_format;
@@ -97,16 +118,11 @@
/* Responder */
bool noauth; /* Whether PASN without mutual authentication is enabled */
- int wpa_key_mgmt;
- int rsn_pairwise;
- bool derive_kdk;
- const char *password;
int disable_pmksa_caching;
int *pasn_groups;
struct wpabuf *wrapped_data;
int use_anti_clogging;
const u8 *rsn_ie;
- const u8 *rsnxe_ie;
size_t rsn_ie_len;
u8 *comeback_key;
@@ -114,16 +130,6 @@
u16 comeback_idx;
u16 *comeback_pending_idx;
- bool custom_pmkid_valid;
- u8 custom_pmkid[PMKID_LEN];
-
- /**
- * Extra elements to add into Authentication frames. These can be used,
- * e.g., for Wi-Fi Aware use cases.
- */
- const u8 *extra_ies;
- size_t extra_ies_len;
-
/**
* send_mgmt - Function handler to transmit a Management frame
* @ctx: Callback context from cb_ctx
@@ -147,7 +153,6 @@
};
/* Initiator */
-
void wpa_pasn_reset(struct pasn_data *pasn);
int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
const u8 *peer_addr, const u8 *bssid,
@@ -177,7 +182,45 @@
const u8 *peer_addr,
struct rsn_pmksa_cache_entry *pmksa, u16 status);
-#endif /* CONFIG_PASN */
+struct pasn_data * pasn_data_init(void);
+void pasn_data_deinit(struct pasn_data *pasn);
+void pasn_register_callbacks(struct pasn_data *pasn, void *cb_ctx,
+ int (*send_mgmt)(void *ctx, const u8 *data,
+ size_t data_len, int noack,
+ unsigned int freq,
+ unsigned int wait),
+ int (*validate_custom_pmkid)(void *ctx,
+ const u8 *addr,
+ const u8 *pmkid));
+void pasn_enable_kdk_derivation(struct pasn_data *pasn);
+void pasn_disable_kdk_derivation(struct pasn_data *pasn);
+
+void pasn_set_akmp(struct pasn_data *pasn, int akmp);
+void pasn_set_cipher(struct pasn_data *pasn, int cipher);
+void pasn_set_own_addr(struct pasn_data *pasn, const u8 *addr);
+void pasn_set_peer_addr(struct pasn_data *pasn, const u8 *addr);
+void pasn_set_bssid(struct pasn_data *pasn, const u8 *addr);
+void pasn_set_initiator_pmksa(struct pasn_data *pasn,
+ struct rsn_pmksa_cache *pmksa);
+void pasn_set_responder_pmksa(struct pasn_data *pasn,
+ struct rsn_pmksa_cache *pmksa);
+int pasn_set_pt(struct pasn_data *pasn, struct sae_pt *pt);
+
+/* Responder */
+void pasn_set_password(struct pasn_data *pasn, const char *password);
+void pasn_set_wpa_key_mgmt(struct pasn_data *pasn, int key_mgmt);
+void pasn_set_rsn_pairwise(struct pasn_data *pasn, int rsn_pairwise);
+void pasn_set_rsnxe_caps(struct pasn_data *pasn, u16 rsnxe_capab);
+void pasn_set_rsnxe_ie(struct pasn_data *pasn, const u8 *rsnxe_ie);
+void pasn_set_custom_pmkid(struct pasn_data *pasn, const u8 *pmkid);
+int pasn_set_extra_ies(struct pasn_data *pasn, const u8 *extra_ies,
+ size_t extra_ies_len);
+
+int pasn_get_akmp(struct pasn_data *pasn);
+int pasn_get_cipher(struct pasn_data *pasn);
+size_t pasn_get_pmk_len(struct pasn_data *pasn);
+u8 * pasn_get_pmk(struct pasn_data *pasn);
+struct wpa_ptk * pasn_get_ptk(struct pasn_data *pasn);
#ifdef __cplusplus
}
diff --git a/src/pasn/pasn_initiator.c b/src/pasn/pasn_initiator.c
index 35c6206..d273067 100644
--- a/src/pasn/pasn_initiator.c
+++ b/src/pasn/pasn_initiator.c
@@ -26,6 +26,14 @@
#include "pasn_common.h"
+void pasn_set_initiator_pmksa(struct pasn_data *pasn,
+ struct rsn_pmksa_cache *pmksa)
+{
+ if (pasn)
+ pasn->pmksa = pmksa;
+}
+
+
#ifdef CONFIG_SAE
static struct wpabuf * wpas_pasn_wd_sae_commit(struct pasn_data *pasn)
@@ -741,6 +749,11 @@
pasn->rsn_ie_len = 0;
pasn->rsnxe_ie = NULL;
pasn->custom_pmkid_valid = false;
+
+ if (pasn->extra_ies) {
+ os_free((u8 *) pasn->extra_ies);
+ pasn->extra_ies = NULL;
+ }
}
diff --git a/src/pasn/pasn_responder.c b/src/pasn/pasn_responder.c
index 7501e7a..b991364 100644
--- a/src/pasn/pasn_responder.c
+++ b/src/pasn/pasn_responder.c
@@ -25,6 +25,15 @@
#include "ap/pmksa_cache_auth.h"
#include "pasn_common.h"
+
+void pasn_set_responder_pmksa(struct pasn_data *pasn,
+ struct rsn_pmksa_cache *pmksa)
+{
+ if (pasn)
+ pasn->pmksa = pmksa;
+}
+
+
#ifdef CONFIG_PASN
#ifdef CONFIG_SAE