Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / ce48b4a7040f16e400702cb19324379a0f50a03b^! / . / wpa_supplicant / sme.c
commitce48b4a7040f16e400702cb19324379a0f50a03b[log] [tgz]
authorHai Shalom <haishalom@google.com>Wed Sep 05 11:41:35 2018 -0700
committerHai Shalom <haishalom@google.com>Wed Sep 12 19:17:33 2018 +0000
treecc28072dc4bcfe3b80d502e345802e0bda9b38d6
parente2d2101160479023eb565eee9d126ff4b2b4ebe3 [diff] [blame]
Cumulative patch from commit 077232f603dbbef3ac06b33cc793d346be8c5af8

077232f60 OCE: Add OCE capability attribute only when associating to an OCE AP
2ac433340 OCE: Send scan parameters when OCE_STA functionality is enabled
d6801b054 nl80211: Support OCE features (driver capability and scan params)
938dd97a8 driver: Add OCE scan parameters
830eacf9d Sync with mac80211-next.git include/uapi/linux/nl80211.h
2543b19e4 random: Remove write-only variable random_entropy_file_read
b5ebe5dd5 hostapd: Send an event before throwing a station on re-authentication
57151ae98 atheros: Fix atheros_send_mgmt() dependency on CONFIG_FILS
410e2dd1d OWE: Fix build error in AP code without CONFIG_IEEE80211W=y
560e30bf3 Parse sae_password option when CONFIG_SAE is enabled
b898b6558 nl80211: Do not ignore disconnect event in case of !drv->associated
20f612d99 DPP: Set group id through DPP_AUTH_INIT or dpp_configurator_params
495aebd39 Add new QCA vendor command and attributes to enhance NAN
28c7f77a8 Correct the documentation of NAN vendor command
b3f24b06e mka: Fix confidentiality offset issue in macsec_qca driver interface
bed30e8d3 mka: Fix sci port mask issue in macsec_qca driver interface
1bac151ea Change the ADDBA buffer size attribute type to U16 from U8
d35003e50 Vendor attribute to get max blacklist BSSIDs capability
8bfbb295d nl80211: Fix sending of WDS STA event to the correct BSS context
af835d75b FILS: Fix FILS connect failures after ERP key invalidation
1ff860577 mka: Support GCM-AES-256
47abe29aa hostapd: SET ht_capab support for disabling 40 MHz bandwidth
567df5501 Re-configure WEP keys on hostapd interface re-enable
1e1245bc8 Fix QoS Mapping ext capab bit setting
373c79694 OpenSSL: Fix compile with OpenSSL 1.1.0 and deprecated APIs
c6e1a9a0b Clarify the TODO comment regarding PMKID KDE in EAPOL-Key msg 1/4
3e34cfdff WPA: Ignore unauthenticated encrypted EAPOL-Key data
c06cd3e0a HS 2.0: Fix hs20-osu-client handling of HomeSP/HomeOIList/<X+>/HomeOI
ecec4878b Provide more details of WPA3 modes in wpa_supplicant.conf
e7d73c378 Provide more details of WPA3 modes in hostapd.conf
cbdf5a49c Define test config vendor attribute to override MU EDCA

Bug: 113905758
Test: Device boots up and connects to wifi networks.
Test: Able to turn on/off softap.
Test: Regression test passed (Bug: 114246387)
Change-Id: I81d5922c7af382322cc78a5a2dc51a2aec9ff234

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index d57195f..708a347 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c

@@ -240,6 +240,9 @@
 	u8 ext_capab[18];
 	int ext_capab_len;
 	int skip_auth;
+#ifdef CONFIG_MBO
+	const u8 *mbo_ie;
+#endif /* CONFIG_MBO */
 
 	if (bss == NULL) {
 		wpa_msg(wpa_s, MSG_ERROR, "SME: No scan result available for "
@@ -539,13 +542,16 @@
 	}
 
 #ifdef CONFIG_MBO
-	if (wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
+	mbo_ie = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE);
+	if (mbo_ie) {
 		int len;
 
 		len = wpas_mbo_ie(wpa_s, wpa_s->sme.assoc_req_ie +
 				  wpa_s->sme.assoc_req_ie_len,
 				  sizeof(wpa_s->sme.assoc_req_ie) -
-				  wpa_s->sme.assoc_req_ie_len);
+				  wpa_s->sme.assoc_req_ie_len,
+				  !!mbo_attr_from_mbo_ie(mbo_ie,
+							 OCE_ATTR_ID_CAPA_IND));
 		if (len >= 0)
 			wpa_s->sme.assoc_req_ie_len += len;
 	}
@@ -591,6 +597,9 @@
 	    wpa_key_mgmt_fils(ssid->key_mgmt)) {
 		const u8 *indic;
 		u16 fils_info;
+		const u8 *realm, *username, *rrk;
+		size_t realm_len, username_len, rrk_len;
+		u16 next_seq_num;
 
 		/*
 		 * Check FILS Indication element (FILS Information field) bits
@@ -620,6 +629,19 @@
 			goto no_fils;
 		}
 
+		if (wpa_s->last_con_fail_realm &&
+		    eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
+					  &username, &username_len,
+					  &realm, &realm_len, &next_seq_num,
+					  &rrk, &rrk_len) == 0 &&
+		    realm && realm_len == wpa_s->last_con_fail_realm_len &&
+		    os_memcmp(realm, wpa_s->last_con_fail_realm,
+			      realm_len) == 0) {
+			wpa_printf(MSG_DEBUG,
+				   "SME: FILS authentication for this realm failed last time - try to regenerate ERP key hierarchy");
+			goto no_fils;
+		}
+
 		if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
 					    ssid, 0,
 					    wpa_bss_get_fils_cache_id(bss),
@@ -1195,6 +1217,12 @@
 			ie_txt ? ie_txt : "");
 		os_free(ie_txt);
 
+#ifdef CONFIG_FILS
+		if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS ||
+		    wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS_SK_PFS)
+			fils_connection_failure(wpa_s);
+#endif /* CONFIG_FILS */
+
 		if (data->auth.status_code !=
 		    WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG ||
 		    wpa_s->sme.auth_alg == data->auth.auth_type ||