Cumulative patch from commit 12c1fdf19a721aaf29e1c77d63445c7f5b8c61c0
12c1fdf P2P: Update peer listen channel from Probe Request frames
a805731 P2P: Abort ongoing scan when p2p_find is stopped
7441698 nl80211: Abort an ongoing scan upon scan timeout indication
1446afc wpa_supplicant: Handle EVENT_SCAN_RESULTS when an interface is disabled
d14e63a WNM: Do not scan based on malformed BSS Transition Management Request
f420577 WNM: Fix candidates count in BSS Transition Management Request
3c58df7 wpa_cli: Support running action script on global control interface
b8f02d8 EAP-PWD peer: Fix possible memory leak on error path
8f38eed Android: Remove superfluous OpenSSL include paths
cbf8d18 HS 2.0R2: Clear fetch_anqp_in_progress if fopen fails
4a6e9e5 Fix CONFIG_WPA_TRACE=y compilation without CONFIG_WPA_TRACE_BFD=y
2bf9a53 Add EAP-AKA' and EAP-pwd to wpa_supplicant README
4196c08 Update notes about OpenSSL versions
5d7b1a3 Fix some typos in wpa_supplicant README files
4194fee README-P2P: Fix a typo
c58eed6 P2P: Add Dev Info attribute to Probe Request frames in 60 GHz
2b6e9f9 wpa_supplicant: Expose wpas_get_bands() and related API
94ad3c3 P2P: Change order of P2P IE and frequencies set up
61697c7 Android: Allow wpa_supplicant to write files to osu-info dir
0147afa FST: Enlarge State Transition Timeout (STT)
e1d00d4 Add error handling for offloaded ACS with vendor command failures
bef5e9a Fix scan rescheduling from wpas_stop_pno to check postponed case
b9ca12a nl80211: Add more address fields into RX frame debug message
debde14 RADIUS: Add Acct-Delay-Time into accounting messages
669b532 RADIUS: Update full message for interim accounting updates
251953b Document nas_identifier requirements for RADIUS accounting
902c07a Replace hostapd_mac_comp_empty() with is_zero_ether_addr()
5aef495 VLAN: Avoid use of libnl cache
732b1d2 nl80211: Clean up ifidx properly if interface in a bridge is removed
170c545 FT: Check destination MAC address on RRB receive
57b2c91 RADIUS: Allow RADIUS server to provide PSK instead of passphrase
d8912fd Cache hashed passphrase in RADIUS-based PSK delivery
f8e09bc Defer passphrase-to-PSK hashing out of 802.11 authentication ACL check
cc9c805 VLAN: Use stack instead of heap allocation for new interface name
d48d1b8 FT: Use BSSID as r1_key_holder if no value is configured
71456db FT: Check hapd->wpa_auth before RRB internal delivery
0270bde FT: Fix R0KH-R1KH protocol data length values
96a26ab P2P: Support dedicated P2P_DEVICE without separate group interface
ba307f8 P2P: Add a separate pointer to the P2P Device instance
e040197 GAS client: Make PMF check on RX more consistent
0645492 WNM: Optimize a single BSS transition management candidate scan
eb20cea nl80211: Add an option to specify the BSSID to scan for
adf0478 AP: Store STA supported operating classes information
Change-Id: If0ce28aae5591be783c38e5b60f7f9ff0fb9f8f2
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/src/ap/accounting.c b/src/ap/accounting.c
index 9357a46..854174e 100644
--- a/src/ap/accounting.c
+++ b/src/ap/accounting.c
@@ -152,6 +152,15 @@
goto fail;
}
+ /*
+ * Add Acct-Delay-Time with zero value for the first transmission. This
+ * will be updated within radius_client.c when retransmitting the frame.
+ */
+ if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_DELAY_TIME, 0)) {
+ wpa_printf(MSG_INFO, "Could not add Acct-Delay-Time");
+ goto fail;
+ }
+
return msg;
fail:
@@ -450,6 +459,63 @@
}
+static void accounting_interim_error_cb(const u8 *addr, void *ctx)
+{
+ struct hostapd_data *hapd = ctx;
+ struct sta_info *sta;
+ unsigned int i, wait_time;
+ int res;
+
+ sta = ap_get_sta(hapd, addr);
+ if (!sta)
+ return;
+ sta->acct_interim_errors++;
+ if (sta->acct_interim_errors > 10 /* RADIUS_CLIENT_MAX_RETRIES */) {
+ wpa_printf(MSG_DEBUG,
+ "Interim RADIUS accounting update failed for " MACSTR
+ " - too many errors, abandon this interim accounting update",
+ MAC2STR(addr));
+ sta->acct_interim_errors = 0;
+ /* Next update will be tried after normal update interval */
+ return;
+ }
+
+ /*
+ * Use a shorter update interval as an improved retransmission mechanism
+ * for failed interim accounting updates. This allows the statistics to
+ * be updated for each retransmission.
+ *
+ * RADIUS client code has already waited RADIUS_CLIENT_FIRST_WAIT.
+ * Schedule the first retry attempt immediately and every following one
+ * with exponential backoff.
+ */
+ if (sta->acct_interim_errors == 1) {
+ wait_time = 0;
+ } else {
+ wait_time = 3; /* RADIUS_CLIENT_FIRST_WAIT */
+ for (i = 1; i < sta->acct_interim_errors; i++)
+ wait_time *= 2;
+ }
+ res = eloop_deplete_timeout(wait_time, 0, accounting_interim_update,
+ hapd, sta);
+ if (res == 1)
+ wpa_printf(MSG_DEBUG,
+ "Interim RADIUS accounting update failed for " MACSTR
+ " (error count: %u) - schedule next update in %u seconds",
+ MAC2STR(addr), sta->acct_interim_errors, wait_time);
+ else if (res == 0)
+ wpa_printf(MSG_DEBUG,
+ "Interim RADIUS accounting update failed for " MACSTR
+ " (error count: %u)", MAC2STR(addr),
+ sta->acct_interim_errors);
+ else
+ wpa_printf(MSG_DEBUG,
+ "Interim RADIUS accounting update failed for " MACSTR
+ " (error count: %u) - no timer found", MAC2STR(addr),
+ sta->acct_interim_errors);
+}
+
+
/**
* accounting_init: Initialize accounting
* @hapd: hostapd BSS data
@@ -464,6 +530,8 @@
if (radius_client_register(hapd->radius, RADIUS_ACCT,
accounting_receive, hapd))
return -1;
+ radius_client_set_interim_error_cb(hapd->radius,
+ accounting_interim_error_cb, hapd);
accounting_report_state(hapd, 1);
diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
index 477ea5b..66b843c 100644
--- a/src/ap/ap_config.c
+++ b/src/ap/ap_config.c
@@ -202,13 +202,6 @@
}
-int hostapd_mac_comp_empty(const void *a)
-{
- macaddr empty = { 0 };
- return os_memcmp(a, empty, sizeof(macaddr));
-}
-
-
static int hostapd_config_read_wpa_psk(const char *fname,
struct hostapd_ssid *ssid)
{
@@ -790,7 +783,7 @@
return -1;
}
- if (full_config && hostapd_mac_comp_empty(bss->bssid) != 0) {
+ if (full_config && !is_zero_ether_addr(bss->bssid)) {
size_t i;
for (i = 0; i < conf->num_bss; i++) {
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 9afca48..f19cac6 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -128,9 +128,14 @@
};
#define PMK_LEN 32
+#define MIN_PASSPHRASE_LEN 8
+#define MAX_PASSPHRASE_LEN 63
struct hostapd_sta_wpa_psk_short {
struct hostapd_sta_wpa_psk_short *next;
+ unsigned int is_passphrase:1;
u8 psk[PMK_LEN];
+ char passphrase[MAX_PASSPHRASE_LEN + 1];
+ int ref; /* (number of references held) - 1 */
};
struct hostapd_wpa_psk {
@@ -689,7 +694,6 @@
int hostapd_mac_comp(const void *a, const void *b);
-int hostapd_mac_comp_empty(const void *a);
struct hostapd_config * hostapd_config_defaults(void);
void hostapd_config_defaults_bss(struct hostapd_bss_config *bss);
void hostapd_config_free_eap_user(struct hostapd_eap_user *user);
diff --git a/src/ap/ctrl_iface_ap.c b/src/ap/ctrl_iface_ap.c
index a95230e..9f249d7 100644
--- a/src/ap/ctrl_iface_ap.c
+++ b/src/ap/ctrl_iface_ap.c
@@ -166,6 +166,15 @@
if (res >= 0)
len += res;
+ if (sta->supp_op_classes &&
+ buflen - len > (unsigned) (17 + 2 * sta->supp_op_classes[0])) {
+ len += os_snprintf(buf + len, buflen - len, "supp_op_classes=");
+ len += wpa_snprintf_hex(buf + len, buflen - len,
+ sta->supp_op_classes + 1,
+ sta->supp_op_classes[0]);
+ len += os_snprintf(buf + len, buflen - len, "\n");
+ }
+
return len;
}
diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index 702ee64..f54d1ad 100644
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -176,6 +176,9 @@
mbo_ap_check_sta_assoc(hapd, sta, &elems);
+ ap_copy_sta_supp_op_classes(sta, elems.supp_op_classes,
+ elems.supp_op_classes_len);
+
if (hapd->conf->wpa) {
if (ie == NULL || ielen == 0) {
#ifdef CONFIG_WPS
@@ -567,6 +570,7 @@
struct acs_selected_channels *acs_res)
{
int ret, i;
+ int err = 0;
if (hapd->iconf->channel) {
wpa_printf(MSG_INFO, "ACS: Channel was already set to %d",
@@ -588,7 +592,8 @@
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_WARNING,
"driver selected to bad hw_mode");
- return;
+ err = 1;
+ goto out;
}
}
@@ -598,7 +603,8 @@
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_WARNING,
"driver switched to bad channel");
- return;
+ err = 1;
+ goto out;
}
hapd->iconf->channel = acs_res->pri_channel;
@@ -612,7 +618,8 @@
hapd->iconf->secondary_channel = 1;
else {
wpa_printf(MSG_ERROR, "Invalid secondary channel!");
- return;
+ err = 1;
+ goto out;
}
if (hapd->iface->conf->ieee80211ac) {
@@ -641,7 +648,8 @@
}
}
- ret = hostapd_acs_completed(hapd->iface, 0);
+out:
+ ret = hostapd_acs_completed(hapd->iface, err);
if (ret) {
wpa_printf(MSG_ERROR,
"ACS: Possibly channel configuration is invalid");
diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c
index dd2dc17..303786b 100644
--- a/src/ap/hostapd.c
+++ b/src/ap/hostapd.c
@@ -521,7 +521,7 @@
/* Determine the bits necessary to any configured BSSIDs,
if they are higher than the number of BSSIDs. */
for (j = 0; j < iface->conf->num_bss; j++) {
- if (hostapd_mac_comp_empty(iface->conf->bss[j]->bssid) == 0) {
+ if (is_zero_ether_addr(iface->conf->bss[j]->bssid)) {
if (j)
auto_addr++;
continue;
@@ -905,7 +905,7 @@
hapd->started = 1;
if (!first || first == -1) {
- if (hostapd_mac_comp_empty(conf->bssid) == 0) {
+ if (is_zero_ether_addr(conf->bssid)) {
/* Allocate the next available BSSID. */
do {
inc_byte_array(hapd->own_addr, ETH_ALEN);
@@ -940,6 +940,11 @@
if (conf->wmm_enabled < 0)
conf->wmm_enabled = hapd->iconf->ieee80211n;
+#ifdef CONFIG_IEEE80211R
+ if (is_zero_ether_addr(conf->r1_key_holder))
+ os_memcpy(conf->r1_key_holder, hapd->own_addr, ETH_ALEN);
+#endif /* CONFIG_IEEE80211R */
+
#ifdef CONFIG_MESH
if (hapd->iface->mconf == NULL)
flush_old_stations = 0;
@@ -1626,7 +1631,7 @@
} while (j-- > 0);
goto fail;
}
- if (hostapd_mac_comp_empty(hapd->conf->bssid) == 0)
+ if (is_zero_ether_addr(hapd->conf->bssid))
prev_addr = hapd->own_addr;
}
hapd = iface->bss[0];
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 84e6e15..b36e68d 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1726,6 +1726,9 @@
}
#endif /* CONFIG_MBO */
+ ap_copy_sta_supp_op_classes(sta, elems.supp_op_classes,
+ elems.supp_op_classes_len);
+
return WLAN_STATUS_SUCCESS;
}
diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h
index 78db204..1a96b33 100644
--- a/src/ap/ieee802_11.h
+++ b/src/ap/ieee802_11.h
@@ -130,4 +130,8 @@
#endif /* CONFIG_MBO */
+void ap_copy_sta_supp_op_classes(struct sta_info *sta,
+ const u8 *supp_op_classes,
+ size_t supp_op_classes_len);
+
#endif /* IEEE802_11_H */
diff --git a/src/ap/ieee802_11_auth.c b/src/ap/ieee802_11_auth.c
index f280709..9609152 100644
--- a/src/ap/ieee802_11_auth.c
+++ b/src/ap/ieee802_11_auth.c
@@ -15,7 +15,6 @@
#include "utils/common.h"
#include "utils/eloop.h"
-#include "crypto/sha1.h"
#include "radius/radius.h"
#include "radius/radius_client.h"
#include "hostapd.h"
@@ -77,23 +76,13 @@
static void copy_psk_list(struct hostapd_sta_wpa_psk_short **psk,
struct hostapd_sta_wpa_psk_short *src)
{
- struct hostapd_sta_wpa_psk_short **copy_to;
- struct hostapd_sta_wpa_psk_short *copy_from;
+ if (!psk)
+ return;
- /* Copy PSK linked list */
- copy_to = psk;
- copy_from = src;
- while (copy_from && copy_to) {
- *copy_to = os_zalloc(sizeof(struct hostapd_sta_wpa_psk_short));
- if (*copy_to == NULL)
- break;
- os_memcpy(*copy_to, copy_from,
- sizeof(struct hostapd_sta_wpa_psk_short));
- copy_from = copy_from->next;
- copy_to = &((*copy_to)->next);
- }
- if (copy_to)
- *copy_to = NULL;
+ if (src)
+ src->ref++;
+
+ *psk = src;
}
@@ -443,7 +432,7 @@
struct hostapd_cached_radius_acl *cache)
{
int passphraselen;
- char *passphrase, *strpassphrase;
+ char *passphrase;
size_t i;
struct hostapd_sta_wpa_psk_short *psk;
@@ -460,23 +449,40 @@
*/
if (passphrase == NULL)
break;
+
+ /*
+ * Passphase should be 8..63 chars (to be hashed with SSID)
+ * or 64 chars hex string (no separate hashing with SSID).
+ */
+
+ if (passphraselen < MIN_PASSPHRASE_LEN ||
+ passphraselen > MAX_PASSPHRASE_LEN + 1)
+ continue;
+
/*
* passphrase does not contain the NULL termination.
* Add it here as pbkdf2_sha1() requires it.
*/
- strpassphrase = os_zalloc(passphraselen + 1);
psk = os_zalloc(sizeof(struct hostapd_sta_wpa_psk_short));
- if (strpassphrase && psk) {
- os_memcpy(strpassphrase, passphrase, passphraselen);
- pbkdf2_sha1(strpassphrase,
- hapd->conf->ssid.ssid,
- hapd->conf->ssid.ssid_len, 4096,
- psk->psk, PMK_LEN);
+ if (psk) {
+ if ((passphraselen == MAX_PASSPHRASE_LEN + 1) &&
+ (hexstr2bin(passphrase, psk->psk, PMK_LEN) < 0)) {
+ hostapd_logger(hapd, cache->addr,
+ HOSTAPD_MODULE_RADIUS,
+ HOSTAPD_LEVEL_WARNING,
+ "invalid hex string (%d chars) in Tunnel-Password",
+ passphraselen);
+ goto skip;
+ } else if (passphraselen <= MAX_PASSPHRASE_LEN) {
+ os_memcpy(psk->passphrase, passphrase,
+ passphraselen);
+ psk->is_passphrase = 1;
+ }
psk->next = cache->psk;
cache->psk = psk;
psk = NULL;
}
- os_free(strpassphrase);
+skip:
os_free(psk);
os_free(passphrase);
}
@@ -671,6 +677,12 @@
void hostapd_free_psk_list(struct hostapd_sta_wpa_psk_short *psk)
{
+ if (psk && psk->ref) {
+ /* This will be freed when the last reference is dropped. */
+ psk->ref--;
+ return;
+ }
+
while (psk) {
struct hostapd_sta_wpa_psk_short *prev = psk;
psk = psk->next;
diff --git a/src/ap/ieee802_11_shared.c b/src/ap/ieee802_11_shared.c
index 1077635..af858f0 100644
--- a/src/ap/ieee802_11_shared.c
+++ b/src/ap/ieee802_11_shared.c
@@ -558,3 +558,20 @@
}
#endif /* CONFIG_MBO */
+
+
+void ap_copy_sta_supp_op_classes(struct sta_info *sta,
+ const u8 *supp_op_classes,
+ size_t supp_op_classes_len)
+{
+ if (!supp_op_classes)
+ return;
+ os_free(sta->supp_op_classes);
+ sta->supp_op_classes = os_malloc(1 + supp_op_classes_len);
+ if (!sta->supp_op_classes)
+ return;
+
+ sta->supp_op_classes[0] = supp_op_classes_len;
+ os_memcpy(sta->supp_op_classes + 1, supp_op_classes,
+ supp_op_classes_len);
+}
diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c
index 60058e4..c36842b 100644
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -328,6 +328,7 @@
#endif /* CONFIG_SAE */
mbo_ap_sta_free(sta);
+ os_free(sta->supp_op_classes);
os_free(sta);
}
diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index 08e795e..cd89e99 100644
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -118,6 +118,7 @@
int acct_session_started;
int acct_terminate_cause; /* Acct-Terminate-Cause */
int acct_interim_interval; /* Acct-Interim-Interval */
+ unsigned int acct_interim_errors;
/* For extending 32-bit driver counters to 64-bit counters */
u32 last_rx_bytes_hi;
@@ -190,6 +191,9 @@
* enum mbo_cellular_capa values */
struct mbo_non_pref_chan_info *non_pref_chan;
#endif /* CONFIG_MBO */
+
+ u8 *supp_op_classes; /* Supported Operating Classes element, if
+ * received, starting from the Length field */
};
diff --git a/src/ap/vlan_init.c b/src/ap/vlan_init.c
index 8eab6cb..45d1a1c 100644
--- a/src/ap/vlan_init.c
+++ b/src/ap/vlan_init.c
@@ -1119,25 +1119,23 @@
int vlan_id,
struct vlan_description *vlan_desc)
{
- struct hostapd_vlan *n = NULL;
- char *ifname, *pos;
+ struct hostapd_vlan *n;
+ char ifname[IFNAMSIZ + 1], *pos;
if (vlan == NULL || vlan->vlan_id != VLAN_ID_WILDCARD)
return NULL;
wpa_printf(MSG_DEBUG, "VLAN: %s(vlan_id=%d ifname=%s)",
__func__, vlan_id, vlan->ifname);
- ifname = os_strdup(vlan->ifname);
- if (ifname == NULL)
- return NULL;
+ os_strlcpy(ifname, vlan->ifname, sizeof(ifname));
pos = os_strchr(ifname, '#');
if (pos == NULL)
- goto free_ifname;
+ return NULL;
*pos++ = '\0';
n = os_zalloc(sizeof(*n));
if (n == NULL)
- goto free_ifname;
+ return NULL;
n->vlan_id = vlan_id;
if (vlan_desc)
@@ -1155,11 +1153,8 @@
hapd->conf->vlan = n->next;
os_free(n);
n = NULL;
- goto free_ifname;
}
-free_ifname:
- os_free(ifname);
return n;
}
diff --git a/src/ap/vlan_util.c b/src/ap/vlan_util.c
index d4e0efb..313d89f 100644
--- a/src/ap/vlan_util.c
+++ b/src/ap/vlan_util.c
@@ -33,7 +33,6 @@
{
int err, ret = -1;
struct nl_sock *handle = NULL;
- struct nl_cache *cache = NULL;
struct rtnl_link *rlink = NULL;
int if_idx = 0;
@@ -65,22 +64,19 @@
goto vlan_add_error;
}
- err = rtnl_link_alloc_cache(handle, AF_UNSPEC, &cache);
+ err = rtnl_link_get_kernel(handle, 0, if_name, &rlink);
if (err < 0) {
- cache = NULL;
- wpa_printf(MSG_ERROR, "VLAN: failed to alloc cache: %s",
- nl_geterror(err));
- goto vlan_add_error;
- }
-
- if (!(if_idx = rtnl_link_name2i(cache, if_name))) {
/* link does not exist */
wpa_printf(MSG_ERROR, "VLAN: interface %s does not exist",
if_name);
goto vlan_add_error;
}
+ if_idx = rtnl_link_get_ifindex(rlink);
+ rtnl_link_put(rlink);
+ rlink = NULL;
- if ((rlink = rtnl_link_get_by_name(cache, vlan_if_name))) {
+ err = rtnl_link_get_kernel(handle, 0, vlan_if_name, &rlink);
+ if (err >= 0) {
/* link does exist */
rtnl_link_put(rlink);
rlink = NULL;
@@ -127,8 +123,6 @@
vlan_add_error:
if (rlink)
rtnl_link_put(rlink);
- if (cache)
- nl_cache_free(cache);
if (handle)
nl_socket_free(handle);
return ret;
@@ -139,7 +133,6 @@
{
int err, ret = -1;
struct nl_sock *handle = NULL;
- struct nl_cache *cache = NULL;
struct rtnl_link *rlink = NULL;
wpa_printf(MSG_DEBUG, "VLAN: vlan_rem(if_name=%s)", if_name);
@@ -157,15 +150,8 @@
goto vlan_rem_error;
}
- err = rtnl_link_alloc_cache(handle, AF_UNSPEC, &cache);
+ err = rtnl_link_get_kernel(handle, 0, if_name, &rlink);
if (err < 0) {
- cache = NULL;
- wpa_printf(MSG_ERROR, "VLAN: failed to alloc cache: %s",
- nl_geterror(err));
- goto vlan_rem_error;
- }
-
- if (!(rlink = rtnl_link_get_by_name(cache, if_name))) {
/* link does not exist */
wpa_printf(MSG_ERROR, "VLAN: interface %s does not exists",
if_name);
@@ -184,8 +170,6 @@
vlan_rem_error:
if (rlink)
rtnl_link_put(rlink);
- if (cache)
- nl_cache_free(cache);
if (handle)
nl_socket_free(handle);
return ret;
diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index b303324..2b60114 100644
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -42,10 +42,11 @@
#define FT_PACKET_R0KH_R1KH_RESP 201
#define FT_PACKET_R0KH_R1KH_PUSH 202
-#define FT_R0KH_R1KH_PULL_DATA_LEN 44
-#define FT_R0KH_R1KH_RESP_DATA_LEN 76
-#define FT_R0KH_R1KH_PUSH_DATA_LEN 88
#define FT_R0KH_R1KH_PULL_NONCE_LEN 16
+#define FT_R0KH_R1KH_PULL_DATA_LEN (FT_R0KH_R1KH_PULL_NONCE_LEN + \
+ WPA_PMK_NAME_LEN + FT_R1KH_ID_LEN + \
+ ETH_ALEN)
+#define FT_R0KH_R1KH_PULL_PAD_LEN ((8 - FT_R0KH_R1KH_PULL_DATA_LEN % 8) % 8)
struct ft_r0kh_r1kh_pull_frame {
u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
@@ -57,14 +58,18 @@
u8 pmk_r0_name[WPA_PMK_NAME_LEN];
u8 r1kh_id[FT_R1KH_ID_LEN];
u8 s1kh_id[ETH_ALEN];
- u8 pad[4]; /* 8-octet boundary for AES key wrap */
+ u8 pad[FT_R0KH_R1KH_PULL_PAD_LEN]; /* 8-octet boundary for AES block */
u8 key_wrap_extra[8];
} STRUCT_PACKED;
+#define FT_R0KH_R1KH_RESP_DATA_LEN (FT_R0KH_R1KH_PULL_NONCE_LEN + \
+ FT_R1KH_ID_LEN + ETH_ALEN + PMK_LEN + \
+ WPA_PMK_NAME_LEN + 2)
+#define FT_R0KH_R1KH_RESP_PAD_LEN ((8 - FT_R0KH_R1KH_RESP_DATA_LEN % 8) % 8)
struct ft_r0kh_r1kh_resp_frame {
u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
u8 packet_type; /* FT_PACKET_R0KH_R1KH_RESP */
- le16 data_length; /* little endian length of data (76) */
+ le16 data_length; /* little endian length of data (78) */
u8 ap_address[ETH_ALEN];
u8 nonce[FT_R0KH_R1KH_PULL_NONCE_LEN]; /* copied from pull */
@@ -73,14 +78,18 @@
u8 pmk_r1[PMK_LEN];
u8 pmk_r1_name[WPA_PMK_NAME_LEN];
le16 pairwise;
- u8 pad[2]; /* 8-octet boundary for AES key wrap */
+ u8 pad[FT_R0KH_R1KH_RESP_PAD_LEN]; /* 8-octet boundary for AES block */
u8 key_wrap_extra[8];
} STRUCT_PACKED;
+#define FT_R0KH_R1KH_PUSH_DATA_LEN (4 + FT_R1KH_ID_LEN + ETH_ALEN + \
+ WPA_PMK_NAME_LEN + PMK_LEN + \
+ WPA_PMK_NAME_LEN + 2)
+#define FT_R0KH_R1KH_PUSH_PAD_LEN ((8 - FT_R0KH_R1KH_PUSH_DATA_LEN % 8) % 8)
struct ft_r0kh_r1kh_push_frame {
u8 frame_type; /* RSN_REMOTE_FRAME_TYPE_FT_RRB */
u8 packet_type; /* FT_PACKET_R0KH_R1KH_PUSH */
- le16 data_length; /* little endian length of data (88) */
+ le16 data_length; /* little endian length of data (82) */
u8 ap_address[ETH_ALEN];
/* Encrypted with AES key-wrap */
@@ -92,7 +101,7 @@
u8 pmk_r1[PMK_LEN];
u8 pmk_r1_name[WPA_PMK_NAME_LEN];
le16 pairwise;
- u8 pad[6]; /* 8-octet boundary for AES key wrap */
+ u8 pad[FT_R0KH_R1KH_PUSH_PAD_LEN]; /* 8-octet boundary for AES block */
u8 key_wrap_extra[8];
} STRUCT_PACKED;
diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c
index ffd0790..5fe0987 100644
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -12,6 +12,7 @@
#include "common/ieee802_11_defs.h"
#include "common/sae.h"
#include "common/wpa_ctrl.h"
+#include "crypto/sha1.h"
#include "eapol_auth/eapol_auth_sm.h"
#include "eapol_auth/eapol_auth_sm_i.h"
#include "eap_server/eap.h"
@@ -246,6 +247,13 @@
struct hostapd_sta_wpa_psk_short *pos;
psk = sta->psk->psk;
for (pos = sta->psk; pos; pos = pos->next) {
+ if (pos->is_passphrase) {
+ pbkdf2_sha1(pos->passphrase,
+ hapd->conf->ssid.ssid,
+ hapd->conf->ssid.ssid_len, 4096,
+ pos->psk, PMK_LEN);
+ pos->is_passphrase = 0;
+ }
if (pos->psk == prev_psk) {
psk = pos->next ? pos->next->psk : NULL;
break;
@@ -413,6 +421,8 @@
hapd = iface->bss[j];
if (hapd == idata->src_hapd)
continue;
+ if (!hapd->wpa_auth)
+ continue;
if (os_memcmp(hapd->own_addr, idata->dst, ETH_ALEN) == 0) {
wpa_printf(MSG_DEBUG, "FT: Send RRB data directly to "
"locally managed BSS " MACSTR "@%s -> "
@@ -563,6 +573,9 @@
ethhdr = (struct l2_ethhdr *) buf;
wpa_printf(MSG_DEBUG, "FT: RRB received packet " MACSTR " -> "
MACSTR, MAC2STR(ethhdr->h_source), MAC2STR(ethhdr->h_dest));
+ if (!is_multicast_ether_addr(ethhdr->h_dest) &&
+ os_memcmp(hapd->own_addr, ethhdr->h_dest, ETH_ALEN) != 0)
+ return;
wpa_ft_rrb_rx(hapd->wpa_auth, ethhdr->h_source, buf + sizeof(*ethhdr),
len - sizeof(*ethhdr));
}