Revert "Cumulative patch from commit 4ec1fd8e42bad9390f14a58225b6e5f6fb691950"
This reverts commit 78a5dac804c22aa6e4ec8226a864d3b0d6ccddbb.
Test: None
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 0b3d2f2..f1c396b 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -303,7 +303,7 @@
}
-#ifdef CONFIG_IEEE80211R_AP
+#ifdef CONFIG_IEEE80211R
static void handle_auth_ft_finish(void *ctx, const u8 *dst, const u8 *bssid,
u16 auth_transaction, u16 status,
const u8 *ies, size_t ies_len)
@@ -334,7 +334,7 @@
sta->flags |= WLAN_STA_AUTH;
mlme_authenticate_indication(hapd, sta);
}
-#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_SAE
@@ -619,7 +619,7 @@
* message now to get alternating sequence of
* Authentication frames between the AP and STA.
* Confirm will be sent in
- * Committed -> Confirmed/Accepted transition
+ * Commited -> Confirmed/Accepted transition
* when receiving Confirm from STA.
*/
}
@@ -980,318 +980,6 @@
#endif /* CONFIG_SAE */
-static u16 wpa_res_to_status_code(int res)
-{
- if (res == WPA_INVALID_GROUP)
- return WLAN_STATUS_GROUP_CIPHER_NOT_VALID;
- if (res == WPA_INVALID_PAIRWISE)
- return WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID;
- if (res == WPA_INVALID_AKMP)
- return WLAN_STATUS_AKMP_NOT_VALID;
- if (res == WPA_ALLOC_FAIL)
- return WLAN_STATUS_UNSPECIFIED_FAILURE;
-#ifdef CONFIG_IEEE80211W
- if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
- return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
- if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
- return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
-#endif /* CONFIG_IEEE80211W */
- if (res == WPA_INVALID_MDIE)
- return WLAN_STATUS_INVALID_MDIE;
- if (res != WPA_IE_OK)
- return WLAN_STATUS_INVALID_IE;
- return WLAN_STATUS_SUCCESS;
-}
-
-
-#ifdef CONFIG_FILS
-
-static void handle_auth_fils_finish(struct hostapd_data *hapd,
- struct sta_info *sta, u16 resp,
- struct rsn_pmksa_cache_entry *pmksa,
- struct wpabuf *erp_resp,
- const u8 *msk, size_t msk_len);
-
-static void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta,
- const struct ieee80211_mgmt *mgmt, size_t len,
- u16 auth_transaction, u16 status_code)
-{
- u16 resp = WLAN_STATUS_SUCCESS;
- const u8 *pos, *end;
- struct ieee802_11_elems elems;
- int res;
- struct wpa_ie_data rsn;
- struct rsn_pmksa_cache_entry *pmksa = NULL;
-
- if (auth_transaction != 1 || status_code != WLAN_STATUS_SUCCESS)
- return;
-
- pos = mgmt->u.auth.variable;
- end = ((const u8 *) mgmt) + len;
-
- wpa_hexdump(MSG_DEBUG, "FILS: Authentication frame fields",
- pos, end - pos);
-
- /* TODO: Finite Cyclic Group when using PK or PFS */
- /* TODO: Element when using PK or PFS */
-
- wpa_hexdump(MSG_DEBUG, "FILS: Remaining IEs", pos, end - pos);
- if (ieee802_11_parse_elems(pos, end - pos, &elems, 1) == ParseFailed) {
- wpa_printf(MSG_DEBUG, "FILS: Could not parse elements");
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
-
- /* RSNE */
- wpa_hexdump(MSG_DEBUG, "FILS: RSN element",
- elems.rsn_ie, elems.rsn_ie_len);
- if (!elems.rsn_ie ||
- wpa_parse_wpa_ie_rsn(elems.rsn_ie - 2, elems.rsn_ie_len + 2,
- &rsn) < 0) {
- wpa_printf(MSG_DEBUG, "FILS: No valid RSN element");
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
-
- if (!sta->wpa_sm)
- sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr,
- NULL);
- if (!sta->wpa_sm) {
- wpa_printf(MSG_DEBUG,
- "FILS: Failed to initialize RSN state machine");
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
-
- res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
- elems.rsn_ie - 2, elems.rsn_ie_len + 2,
- elems.mdie, elems.mdie_len);
- resp = wpa_res_to_status_code(res);
- if (resp != WLAN_STATUS_SUCCESS)
- goto fail;
-
- /* TODO: MDE when using FILS+FT */
- /* TODO: FTE when using FILS+FT */
-
- if (!elems.fils_nonce) {
- wpa_printf(MSG_DEBUG, "FILS: No FILS Nonce field");
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- wpa_hexdump(MSG_DEBUG, "FILS: SNonce", elems.fils_nonce,
- FILS_NONCE_LEN);
- os_memcpy(sta->fils_snonce, elems.fils_nonce, FILS_NONCE_LEN);
-
- /* PMKID List */
- if (rsn.pmkid && rsn.num_pmkid > 0) {
- u8 num;
- const u8 *pmkid;
-
- wpa_hexdump(MSG_DEBUG, "FILS: PMKID List",
- rsn.pmkid, rsn.num_pmkid * PMKID_LEN);
-
- pmkid = rsn.pmkid;
- num = rsn.num_pmkid;
- while (num) {
- wpa_hexdump(MSG_DEBUG, "FILS: PMKID", pmkid, PMKID_LEN);
- pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr,
- pmkid);
- if (pmksa)
- break;
- pmkid += PMKID_LEN;
- num--;
- }
- }
- if (pmksa && wpa_auth_sta_key_mgmt(sta->wpa_sm) != pmksa->akmp) {
- wpa_printf(MSG_DEBUG,
- "FILS: Matching PMKSA cache entry has different AKMP (0x%x != 0x%x) - ignore",
- wpa_auth_sta_key_mgmt(sta->wpa_sm), pmksa->akmp);
- pmksa = NULL;
- }
- if (pmksa)
- wpa_printf(MSG_DEBUG, "FILS: Found matching PMKSA cache entry");
-
- /* FILS Session */
- if (!elems.fils_session) {
- wpa_printf(MSG_DEBUG, "FILS: No FILS Session element");
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- wpa_hexdump(MSG_DEBUG, "FILS: FILS Session", elems.fils_session,
- FILS_SESSION_LEN);
- os_memcpy(sta->fils_session, elems.fils_session, FILS_SESSION_LEN);
-
- /* FILS Wrapped Data */
- if (elems.fils_wrapped_data) {
- wpa_hexdump(MSG_DEBUG, "FILS: Wrapped Data",
- elems.fils_wrapped_data,
- elems.fils_wrapped_data_len);
- if (!pmksa) {
-#ifndef CONFIG_NO_RADIUS
- if (!sta->eapol_sm) {
- sta->eapol_sm =
- ieee802_1x_alloc_eapol_sm(hapd, sta);
- }
- wpa_printf(MSG_DEBUG,
- "FILS: Forward EAP-Identity/Re-auth Start to authentication server");
- ieee802_1x_encapsulate_radius(
- hapd, sta, elems.fils_wrapped_data,
- elems.fils_wrapped_data_len);
- wpa_printf(MSG_DEBUG,
- "FILS: Will send Authentication frame once the response from authentication server is available");
- sta->flags |= WLAN_STA_PENDING_FILS_ERP;
- return;
-#else /* CONFIG_NO_RADIUS */
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
-#endif /* CONFIG_NO_RADIUS */
- }
- }
-
-fail:
- handle_auth_fils_finish(hapd, sta, resp, pmksa, NULL, NULL, 0);
-}
-
-
-static void handle_auth_fils_finish(struct hostapd_data *hapd,
- struct sta_info *sta, u16 resp,
- struct rsn_pmksa_cache_entry *pmksa,
- struct wpabuf *erp_resp,
- const u8 *msk, size_t msk_len)
-{
- u8 fils_nonce[FILS_NONCE_LEN];
- size_t ielen;
- struct wpabuf *data = NULL;
- const u8 *ie;
- u8 *ie_buf = NULL;
- const u8 *pmk = NULL;
- size_t pmk_len = 0;
-
- if (resp != WLAN_STATUS_SUCCESS)
- goto fail;
-
- ie = wpa_auth_get_wpa_ie(hapd->wpa_auth, &ielen);
- if (!ie) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- if (pmksa) {
- /* Add PMKID of the selected PMKSA into RSNE */
- ie_buf = os_malloc(ielen + 2 + 2 + PMKID_LEN);
- if (!ie_buf) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- os_memcpy(ie_buf, ie, ielen);
- if (wpa_insert_pmkid(ie_buf, &ielen, pmksa->pmkid) < 0) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- ie = ie_buf;
- }
-
- if (random_get_bytes(fils_nonce, FILS_NONCE_LEN) < 0) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- wpa_hexdump(MSG_DEBUG, "RSN: Generated FILS Nonce",
- fils_nonce, FILS_NONCE_LEN);
-
- data = wpabuf_alloc(1000 + ielen);
- if (!data) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
-
- /* TODO: Finite Cyclic Group when using PK or PFS */
- /* TODO: Element when using PK or PFS */
-
- /* RSNE */
- wpabuf_put_data(data, ie, ielen);
-
- /* TODO: MDE when using FILS+FT */
- /* TODO: FTE when using FILS+FT */
-
- /* FILS Nonce */
- wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */
- wpabuf_put_u8(data, 1 + FILS_NONCE_LEN); /* Length */
- /* Element ID Extension */
- wpabuf_put_u8(data, WLAN_EID_EXT_FILS_NONCE);
- wpabuf_put_data(data, fils_nonce, FILS_NONCE_LEN);
-
- /* FILS Session */
- wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */
- wpabuf_put_u8(data, 1 + FILS_SESSION_LEN); /* Length */
- /* Element ID Extension */
- wpabuf_put_u8(data, WLAN_EID_EXT_FILS_SESSION);
- wpabuf_put_data(data, sta->fils_session, FILS_SESSION_LEN);
-
- /* FILS Wrapped Data */
- if (!pmksa && erp_resp) {
- wpabuf_put_u8(data, WLAN_EID_EXTENSION); /* Element ID */
- wpabuf_put_u8(data, 1 + wpabuf_len(erp_resp)); /* Length */
- /* Element ID Extension */
- wpabuf_put_u8(data, WLAN_EID_EXT_FILS_WRAPPED_DATA);
- wpabuf_put_buf(data, erp_resp);
-
- pmk = msk;
- pmk_len = msk_len > PMK_LEN ? PMK_LEN : msk_len;
- } else if (pmksa) {
- pmk = pmksa->pmk;
- pmk_len = pmksa->pmk_len;
- }
-
- if (!pmk) {
- wpa_printf(MSG_DEBUG, "FILS: No PMK available");
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- wpabuf_free(data);
- data = NULL;
- goto fail;
- }
-
- if (fils_auth_pmk_to_ptk(sta->wpa_sm, pmk, pmk_len,
- sta->fils_snonce, fils_nonce) < 0) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- wpabuf_free(data);
- data = NULL;
- goto fail;
- }
-
-fail:
- send_auth_reply(hapd, sta->addr, hapd->own_addr, WLAN_AUTH_FILS_SK, 2,
- resp,
- data ? wpabuf_head(data) : (u8 *) "",
- data ? wpabuf_len(data) : 0);
- wpabuf_free(data);
-
- if (resp == WLAN_STATUS_SUCCESS) {
- hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
- HOSTAPD_LEVEL_DEBUG,
- "authentication OK (FILS)");
- sta->flags |= WLAN_STA_AUTH;
- wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
- sta->auth_alg = WLAN_AUTH_FILS_SK;
- mlme_authenticate_indication(hapd, sta);
- }
-
- os_free(ie_buf);
-}
-
-
-void ieee802_11_finish_fils_auth(struct hostapd_data *hapd,
- struct sta_info *sta, int success,
- struct wpabuf *erp_resp,
- const u8 *msk, size_t msk_len)
-{
- sta->flags &= ~WLAN_STA_PENDING_FILS_ERP;
- handle_auth_fils_finish(hapd, sta, success ? WLAN_STATUS_SUCCESS :
- WLAN_STATUS_UNSPECIFIED_FAILURE, NULL,
- erp_resp, msk, msk_len);
-}
-
-#endif /* CONFIG_FILS */
-
-
static void handle_auth(struct hostapd_data *hapd,
const struct ieee80211_mgmt *mgmt, size_t len)
{
@@ -1365,18 +1053,14 @@
if (!(((hapd->conf->auth_algs & WPA_AUTH_ALG_OPEN) &&
auth_alg == WLAN_AUTH_OPEN) ||
-#ifdef CONFIG_IEEE80211R_AP
+#ifdef CONFIG_IEEE80211R
(hapd->conf->wpa && wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt) &&
auth_alg == WLAN_AUTH_FT) ||
-#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_SAE
(hapd->conf->wpa && wpa_key_mgmt_sae(hapd->conf->wpa_key_mgmt) &&
auth_alg == WLAN_AUTH_SAE) ||
#endif /* CONFIG_SAE */
-#ifdef CONFIG_FILS
- (hapd->conf->wpa && wpa_key_mgmt_fils(hapd->conf->wpa_key_mgmt) &&
- auth_alg == WLAN_AUTH_FILS_SK) ||
-#endif /* CONFIG_FILS */
((hapd->conf->auth_algs & WPA_AUTH_ALG_SHARED) &&
auth_alg == WLAN_AUTH_SHARED_KEY))) {
wpa_printf(MSG_INFO, "Unsupported authentication algorithm (%d)",
@@ -1478,7 +1162,6 @@
sta = ap_get_sta(hapd, mgmt->sa);
if (sta) {
- sta->flags &= ~WLAN_STA_PENDING_FILS_ERP;
if ((fc & WLAN_FC_RETRY) &&
sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ &&
sta->last_seq_ctrl == seq_ctrl &&
@@ -1633,7 +1316,7 @@
}
break;
#endif /* CONFIG_NO_RC4 */
-#ifdef CONFIG_IEEE80211R_AP
+#ifdef CONFIG_IEEE80211R
case WLAN_AUTH_FT:
sta->auth_alg = WLAN_AUTH_FT;
if (sta->wpa_sm == NULL)
@@ -1652,7 +1335,7 @@
handle_auth_ft_finish, hapd);
/* handle_auth_ft_finish() callback will complete auth. */
return;
-#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_SAE
case WLAN_AUTH_SAE:
#ifdef CONFIG_MESH
@@ -1674,12 +1357,6 @@
status_code);
return;
#endif /* CONFIG_SAE */
-#ifdef CONFIG_FILS
- case WLAN_AUTH_FILS_SK:
- handle_auth_fils(hapd, sta, mgmt, len, auth_transaction,
- status_code);
- return;
-#endif /* CONFIG_FILS */
}
fail:
@@ -1968,7 +1645,24 @@
res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
wpa_ie, wpa_ie_len,
elems.mdie, elems.mdie_len);
- resp = wpa_res_to_status_code(res);
+ if (res == WPA_INVALID_GROUP)
+ resp = WLAN_STATUS_GROUP_CIPHER_NOT_VALID;
+ else if (res == WPA_INVALID_PAIRWISE)
+ resp = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID;
+ else if (res == WPA_INVALID_AKMP)
+ resp = WLAN_STATUS_AKMP_NOT_VALID;
+ else if (res == WPA_ALLOC_FAIL)
+ resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
+#ifdef CONFIG_IEEE80211W
+ else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
+ resp = WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
+ else if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
+ resp = WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
+#endif /* CONFIG_IEEE80211W */
+ else if (res == WPA_INVALID_MDIE)
+ resp = WLAN_STATUS_INVALID_MDIE;
+ else if (res != WPA_IE_OK)
+ resp = WLAN_STATUS_INVALID_IE;
if (resp != WLAN_STATUS_SUCCESS)
return resp;
#ifdef CONFIG_IEEE80211W
@@ -1996,7 +1690,7 @@
sta->flags &= ~WLAN_STA_MFP;
#endif /* CONFIG_IEEE80211W */
-#ifdef CONFIG_IEEE80211R_AP
+#ifdef CONFIG_IEEE80211R
if (sta->auth_alg == WLAN_AUTH_FT) {
if (!reassoc) {
wpa_printf(MSG_DEBUG, "FT: " MACSTR " tried "
@@ -2011,7 +1705,7 @@
if (resp != WLAN_STATUS_SUCCESS)
return resp;
}
-#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_SAE
if (wpa_auth_uses_sae(sta->wpa_sm) &&
@@ -2229,7 +1923,7 @@
/* Extended supported rates */
p = hostapd_eid_ext_supp_rates(hapd, p);
-#ifdef CONFIG_IEEE80211R_AP
+#ifdef CONFIG_IEEE80211R
if (status_code == WLAN_STATUS_SUCCESS) {
/* IEEE 802.11r: Mobility Domain Information, Fast BSS
* Transition Information, RSN, [RIC Response] */
@@ -2237,7 +1931,7 @@
buf + sizeof(buf) - p,
sta->auth_alg, ies, ies_len);
}
-#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY)
@@ -2347,31 +2041,6 @@
send_len += p - reply->u.assoc_resp.variable;
-#ifdef CONFIG_FILS
- if ((sta->auth_alg == WLAN_AUTH_FILS_SK ||
- sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
- sta->auth_alg == WLAN_AUTH_FILS_PK) &&
- status_code == WLAN_STATUS_SUCCESS) {
- struct ieee802_11_elems elems;
-
- if (ieee802_11_parse_elems(ies, ies_len, &elems, 0) ==
- ParseFailed || !elems.fils_session)
- return WLAN_STATUS_UNSPECIFIED_FAILURE;
-
- /* FILS Session */
- *p++ = WLAN_EID_EXTENSION; /* Element ID */
- *p++ = 1 + FILS_SESSION_LEN; /* Length */
- *p++ = WLAN_EID_EXT_FILS_SESSION; /* Element ID Extension */
- os_memcpy(p, elems.fils_session, FILS_SESSION_LEN);
- send_len += 2 + 1 + FILS_SESSION_LEN;
-
- send_len = fils_encrypt_assoc(sta->wpa_sm, buf, send_len,
- sizeof(buf));
- if (send_len < 0)
- return WLAN_STATUS_UNSPECIFIED_FAILURE;
- }
-#endif /* CONFIG_FILS */
-
if (hostapd_drv_send_mlme(hapd, reply, send_len, 0) < 0) {
wpa_printf(MSG_INFO, "Failed to send assoc resp: %s",
strerror(errno));
@@ -2391,7 +2060,6 @@
const u8 *pos;
int left, i;
struct sta_info *sta;
- u8 *tmp = NULL;
if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) :
sizeof(mgmt->u.assoc_req))) {
@@ -2449,7 +2117,7 @@
}
sta = ap_get_sta(hapd, mgmt->sa);
-#ifdef CONFIG_IEEE80211R_AP
+#ifdef CONFIG_IEEE80211R
if (sta && sta->auth_alg == WLAN_AUTH_FT &&
(sta->flags & WLAN_STA_AUTH) == 0) {
wpa_printf(MSG_DEBUG, "FT: Allow STA " MACSTR " to associate "
@@ -2462,7 +2130,7 @@
*/
sta->flags |= WLAN_STA_AUTH;
} else
-#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_IEEE80211R */
if (sta == NULL || (sta->flags & WLAN_STA_AUTH) == 0) {
hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_INFO, "Station tried to "
@@ -2517,30 +2185,6 @@
*/
sta->capability = capab_info;
-#ifdef CONFIG_FILS
- if (sta->auth_alg == WLAN_AUTH_FILS_SK ||
- sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
- sta->auth_alg == WLAN_AUTH_FILS_PK) {
- /* The end of the payload is encrypted. Need to decrypt it
- * before parsing. */
-
- tmp = os_malloc(left);
- if (!tmp) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- os_memcpy(tmp, pos, left);
-
- left = fils_decrypt_assoc(sta->wpa_sm, sta->fils_session, mgmt,
- len, tmp, left);
- if (left < 0) {
- resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
- goto fail;
- }
- pos = tmp;
- }
-#endif /* CONFIG_FILS */
-
/* followed by SSID and Supported rates; and HT capabilities if 802.11n
* is used */
resp = check_assoc_ies(hapd, sta, pos, left, reassoc);
@@ -2650,7 +2294,6 @@
resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA;
reply_res = send_assoc_resp(hapd, sta, resp, reassoc, pos, left);
- os_free(tmp);
/*
* Remove the station in case tranmission of a success response fails
@@ -2863,14 +2506,14 @@
}
switch (mgmt->u.action.category) {
-#ifdef CONFIG_IEEE80211R_AP
+#ifdef CONFIG_IEEE80211R
case WLAN_ACTION_FT:
if (!sta ||
wpa_ft_action_rx(sta->wpa_sm, (u8 *) &mgmt->u.action,
len - IEEE80211_HDRLEN))
break;
return 1;
-#endif /* CONFIG_IEEE80211R_AP */
+#endif /* CONFIG_IEEE80211R */
case WLAN_ACTION_WMM:
hostapd_wmm_action(hapd, mgmt, len);
return 1;
@@ -3029,7 +2672,7 @@
}
if (hapd->iconf->track_sta_max_num)
- sta_track_add(hapd->iface, mgmt->sa, fi->ssi_signal);
+ sta_track_add(hapd->iface, mgmt->sa);
switch (stype) {
case WLAN_FC_STYPE_AUTH:
@@ -3203,15 +2846,11 @@
new_assoc = 0;
sta->flags |= WLAN_STA_ASSOC;
sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE;
- if ((!hapd->conf->ieee802_1x && !hapd->conf->wpa &&
- !hapd->conf->osen) ||
- sta->auth_alg == WLAN_AUTH_FILS_SK ||
- sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
- sta->auth_alg == WLAN_AUTH_FILS_PK ||
+ if ((!hapd->conf->ieee802_1x && !hapd->conf->wpa && !hapd->conf->osen) ||
sta->auth_alg == WLAN_AUTH_FT) {
/*
- * Open, static WEP, FT protocol, or FILS; no separate
- * authorization step.
+ * Open, static WEP, or FT protocol; no separate authorization
+ * step.
*/
ap_sta_set_authorized(hapd, sta, 1);
}
@@ -3258,18 +2897,6 @@
hapd->new_assoc_sta_cb(hapd, sta, !new_assoc);
ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
-#ifdef CONFIG_FILS
- if ((sta->auth_alg == WLAN_AUTH_FILS_SK ||
- sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
- sta->auth_alg == WLAN_AUTH_FILS_PK) &&
- fils_set_tk(sta->wpa_sm) < 0) {
- wpa_printf(MSG_DEBUG, "FILS: TK configuration failed");
- ap_sta_disconnect(hapd, sta, sta->addr,
- WLAN_REASON_UNSPECIFIED);
- return;
- }
-#endif /* CONFIG_FILS */
-
if (sta->pending_eapol_rx) {
struct os_reltime now, age;