| tdls.c (302408) | tdls.c (324697) |
|---|---|
| 1/* 2 * wpa_supplicant - TDLS 3 * Copyright (c) 2010-2011, Atheros Communications 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 --- 98 unchanged lines hidden (view full) --- 107 int cipher; /* Selected cipher (WPA_CIPHER_*) */ 108 u8 dtoken; 109 110 struct tpk { 111 u8 kck[16]; /* TPK-KCK */ 112 u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */ 113 } tpk; 114 int tpk_set; | 1/* 2 * wpa_supplicant - TDLS 3 * Copyright (c) 2010-2011, Atheros Communications 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 --- 98 unchanged lines hidden (view full) --- 107 int cipher; /* Selected cipher (WPA_CIPHER_*) */ 108 u8 dtoken; 109 110 struct tpk { 111 u8 kck[16]; /* TPK-KCK */ 112 u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */ 113 } tpk; 114 int tpk_set; |
| 115 int tk_set; /* TPK-TK configured to the driver */ |
|
| 115 int tpk_success; 116 int tpk_in_progress; 117 118 struct tpk_timer { 119 u8 dest[ETH_ALEN]; 120 int count; /* Retry Count */ 121 int timer; /* Timeout in milliseconds */ 122 u8 action_code; /* TDLS frame type */ --- 64 unchanged lines hidden (view full) --- 187 188 189static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) 190{ 191 u8 key_len; 192 u8 rsc[6]; 193 enum wpa_alg alg; 194 | 116 int tpk_success; 117 int tpk_in_progress; 118 119 struct tpk_timer { 120 u8 dest[ETH_ALEN]; 121 int count; /* Retry Count */ 122 int timer; /* Timeout in milliseconds */ 123 u8 action_code; /* TDLS frame type */ --- 64 unchanged lines hidden (view full) --- 188 189 190static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) 191{ 192 u8 key_len; 193 u8 rsc[6]; 194 enum wpa_alg alg; 195 |
| 196 if (peer->tk_set) { 197 /* 198 * This same TPK-TK has already been configured to the driver 199 * and this new configuration attempt (likely due to an 200 * unexpected retransmitted frame) would result in clearing 201 * the TX/RX sequence number which can break security, so must 202 * not allow that to happen. 203 */ 204 wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR 205 " has already been configured to the driver - do not reconfigure", 206 MAC2STR(peer->addr)); 207 return -1; 208 } 209 |
|
| 195 os_memset(rsc, 0, 6); 196 197 switch (peer->cipher) { 198 case WPA_CIPHER_CCMP: 199 alg = WPA_ALG_CCMP; 200 key_len = 16; 201 break; 202 case WPA_CIPHER_NONE: 203 wpa_printf(MSG_DEBUG, "TDLS: Pairwise Cipher Suite: " 204 "NONE - do not use pairwise keys"); 205 return -1; 206 default: 207 wpa_printf(MSG_WARNING, "TDLS: Unsupported pairwise cipher %d", 208 sm->pairwise_cipher); 209 return -1; 210 } 211 | 210 os_memset(rsc, 0, 6); 211 212 switch (peer->cipher) { 213 case WPA_CIPHER_CCMP: 214 alg = WPA_ALG_CCMP; 215 key_len = 16; 216 break; 217 case WPA_CIPHER_NONE: 218 wpa_printf(MSG_DEBUG, "TDLS: Pairwise Cipher Suite: " 219 "NONE - do not use pairwise keys"); 220 return -1; 221 default: 222 wpa_printf(MSG_WARNING, "TDLS: Unsupported pairwise cipher %d", 223 sm->pairwise_cipher); 224 return -1; 225 } 226 |
| 227 wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, 228 MAC2STR(peer->addr)); |
|
| 212 if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, 213 rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) { 214 wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " 215 "driver"); 216 return -1; 217 } | 229 if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, 230 rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) { 231 wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " 232 "driver"); 233 return -1; 234 } |
| 235 peer->tk_set = 1; |
|
| 218 return 0; 219} 220 221 222static int wpa_tdls_send_tpk_msg(struct wpa_sm *sm, const u8 *dst, 223 u8 action_code, u8 dialog_token, 224 u16 status_code, u32 peer_capab, 225 int initiator, const u8 *buf, size_t len) --- 459 unchanged lines hidden (view full) --- 685 os_free(peer->supp_channels); 686 peer->supp_channels = NULL; 687 os_free(peer->supp_oper_classes); 688 peer->supp_oper_classes = NULL; 689 peer->rsnie_i_len = peer->rsnie_p_len = 0; 690 peer->cipher = 0; 691 peer->qos_info = 0; 692 peer->wmm_capable = 0; | 236 return 0; 237} 238 239 240static int wpa_tdls_send_tpk_msg(struct wpa_sm *sm, const u8 *dst, 241 u8 action_code, u8 dialog_token, 242 u16 status_code, u32 peer_capab, 243 int initiator, const u8 *buf, size_t len) --- 459 unchanged lines hidden (view full) --- 703 os_free(peer->supp_channels); 704 peer->supp_channels = NULL; 705 os_free(peer->supp_oper_classes); 706 peer->supp_oper_classes = NULL; 707 peer->rsnie_i_len = peer->rsnie_p_len = 0; 708 peer->cipher = 0; 709 peer->qos_info = 0; 710 peer->wmm_capable = 0; |
| 693 peer->tpk_set = peer->tpk_success = 0; | 711 peer->tk_set = peer->tpk_set = peer->tpk_success = 0; |
| 694 peer->chan_switch_enabled = 0; 695 os_memset(&peer->tpk, 0, sizeof(peer->tpk)); 696 os_memset(peer->inonce, 0, WPA_NONCE_LEN); 697 os_memset(peer->rnonce, 0, WPA_NONCE_LEN); 698} 699 700 701static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer) --- 446 unchanged lines hidden (view full) --- 1148 1149 if (os_get_random(peer->inonce, WPA_NONCE_LEN)) { 1150 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, 1151 "TDLS: Failed to get random data for initiator Nonce"); 1152 os_free(rbuf); 1153 wpa_tdls_peer_free(sm, peer); 1154 return -1; 1155 } | 712 peer->chan_switch_enabled = 0; 713 os_memset(&peer->tpk, 0, sizeof(peer->tpk)); 714 os_memset(peer->inonce, 0, WPA_NONCE_LEN); 715 os_memset(peer->rnonce, 0, WPA_NONCE_LEN); 716} 717 718 719static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer) --- 446 unchanged lines hidden (view full) --- 1166 1167 if (os_get_random(peer->inonce, WPA_NONCE_LEN)) { 1168 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, 1169 "TDLS: Failed to get random data for initiator Nonce"); 1170 os_free(rbuf); 1171 wpa_tdls_peer_free(sm, peer); 1172 return -1; 1173 } |
| 1174 peer->tk_set = 0; /* A new nonce results in a new TK */ |
|
| 1156 wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake", 1157 peer->inonce, WPA_NONCE_LEN); 1158 os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN); 1159 1160 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE for TPK Handshake M1", 1161 (u8 *) ftie, sizeof(struct wpa_tdls_ftie)); 1162 1163 pos = (u8 *) (ftie + 1); --- 576 unchanged lines hidden (view full) --- 1740 peer->ext_capab, peer->ext_capab_len, 1741 peer->supp_channels, 1742 peer->supp_channels_len, 1743 peer->supp_oper_classes, 1744 peer->supp_oper_classes_len); 1745} 1746 1747 | 1175 wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake", 1176 peer->inonce, WPA_NONCE_LEN); 1177 os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN); 1178 1179 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE for TPK Handshake M1", 1180 (u8 *) ftie, sizeof(struct wpa_tdls_ftie)); 1181 1182 pos = (u8 *) (ftie + 1); --- 576 unchanged lines hidden (view full) --- 1759 peer->ext_capab, peer->ext_capab_len, 1760 peer->supp_channels, 1761 peer->supp_channels_len, 1762 peer->supp_oper_classes, 1763 peer->supp_oper_classes_len); 1764} 1765 1766 |
| 1767static int tdls_nonce_set(const u8 *nonce) 1768{ 1769 int i; 1770 1771 for (i = 0; i < WPA_NONCE_LEN; i++) { 1772 if (nonce[i]) 1773 return 1; 1774 } 1775 1776 return 0; 1777} 1778 1779 |
|
| 1748static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr, 1749 const u8 *buf, size_t len) 1750{ 1751 struct wpa_tdls_peer *peer; 1752 struct wpa_eapol_ie_parse kde; 1753 struct wpa_ie_data ie; 1754 int cipher; 1755 const u8 *cpos; --- 237 unchanged lines hidden (view full) --- 1993 goto skip_rsn_check; 1994 } 1995 1996 ftie = (struct wpa_tdls_ftie *) kde.ftie; 1997 os_memcpy(peer->rsnie_i, kde.rsn_ie, kde.rsn_ie_len); 1998 peer->rsnie_i_len = kde.rsn_ie_len; 1999 peer->cipher = cipher; 2000 | 1780static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr, 1781 const u8 *buf, size_t len) 1782{ 1783 struct wpa_tdls_peer *peer; 1784 struct wpa_eapol_ie_parse kde; 1785 struct wpa_ie_data ie; 1786 int cipher; 1787 const u8 *cpos; --- 237 unchanged lines hidden (view full) --- 2025 goto skip_rsn_check; 2026 } 2027 2028 ftie = (struct wpa_tdls_ftie *) kde.ftie; 2029 os_memcpy(peer->rsnie_i, kde.rsn_ie, kde.rsn_ie_len); 2030 peer->rsnie_i_len = kde.rsn_ie_len; 2031 peer->cipher = cipher; 2032 |
| 2001 if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) { | 2033 if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0 || 2034 !tdls_nonce_set(peer->inonce)) { |
| 2002 /* 2003 * There is no point in updating the RNonce for every obtained 2004 * TPK M1 frame (e.g., retransmission due to timeout) with the 2005 * same INonce (SNonce in FTIE). However, if the TPK M1 is 2006 * retransmitted with a different INonce, update the RNonce 2007 * since this is for a new TDLS session. 2008 */ 2009 wpa_printf(MSG_DEBUG, 2010 "TDLS: New TPK M1 INonce - generate new RNonce"); 2011 os_memcpy(peer->inonce, ftie->Snonce, WPA_NONCE_LEN); 2012 if (os_get_random(peer->rnonce, WPA_NONCE_LEN)) { 2013 wpa_msg(sm->ctx->ctx, MSG_WARNING, 2014 "TDLS: Failed to get random data for responder nonce"); 2015 goto error; 2016 } | 2035 /* 2036 * There is no point in updating the RNonce for every obtained 2037 * TPK M1 frame (e.g., retransmission due to timeout) with the 2038 * same INonce (SNonce in FTIE). However, if the TPK M1 is 2039 * retransmitted with a different INonce, update the RNonce 2040 * since this is for a new TDLS session. 2041 */ 2042 wpa_printf(MSG_DEBUG, 2043 "TDLS: New TPK M1 INonce - generate new RNonce"); 2044 os_memcpy(peer->inonce, ftie->Snonce, WPA_NONCE_LEN); 2045 if (os_get_random(peer->rnonce, WPA_NONCE_LEN)) { 2046 wpa_msg(sm->ctx->ctx, MSG_WARNING, 2047 "TDLS: Failed to get random data for responder nonce"); 2048 goto error; 2049 } |
| 2050 peer->tk_set = 0; /* A new nonce results in a new TK */ |
|
| 2017 } 2018 2019#if 0 2020 /* get version info from RSNIE received from Peer */ 2021 hdr = (struct rsn_ie_hdr *) kde.rsn_ie; 2022 rsn_ver = WPA_GET_LE16(hdr->version); 2023 2024 /* use min(peer's version, out version) */ --- 140 unchanged lines hidden (view full) --- 2165 * This may happen if both devices try to initiate TDLS at the 2166 * same time and we accept the TPK M1 from the peer in 2167 * wpa_tdls_process_tpk_m1() and clear our previous state. 2168 */ 2169 wpa_printf(MSG_INFO, "TDLS: We were not the initiator, so " 2170 "ignore TPK M2 from " MACSTR, MAC2STR(src_addr)); 2171 return -1; 2172 } | 2051 } 2052 2053#if 0 2054 /* get version info from RSNIE received from Peer */ 2055 hdr = (struct rsn_ie_hdr *) kde.rsn_ie; 2056 rsn_ver = WPA_GET_LE16(hdr->version); 2057 2058 /* use min(peer's version, out version) */ --- 140 unchanged lines hidden (view full) --- 2199 * This may happen if both devices try to initiate TDLS at the 2200 * same time and we accept the TPK M1 from the peer in 2201 * wpa_tdls_process_tpk_m1() and clear our previous state. 2202 */ 2203 wpa_printf(MSG_INFO, "TDLS: We were not the initiator, so " 2204 "ignore TPK M2 from " MACSTR, MAC2STR(src_addr)); 2205 return -1; 2206 } |
| 2207 2208 if (peer->tpk_success) { 2209 wpa_printf(MSG_INFO, "TDLS: Ignore incoming TPK M2 retry, from " 2210 MACSTR " as TPK M3 was already sent", 2211 MAC2STR(src_addr)); 2212 return 0; 2213 } 2214 |
|
| 2173 wpa_tdls_tpk_retry_timeout_cancel(sm, peer, WLAN_TDLS_SETUP_REQUEST); 2174 2175 if (len < 3 + 2 + 1) { 2176 wpa_tdls_disable_peer_link(sm, peer); 2177 return -1; 2178 } 2179 2180 pos = buf; --- 828 unchanged lines hidden --- | 2215 wpa_tdls_tpk_retry_timeout_cancel(sm, peer, WLAN_TDLS_SETUP_REQUEST); 2216 2217 if (len < 3 + 2 + 1) { 2218 wpa_tdls_disable_peer_link(sm, peer); 2219 return -1; 2220 } 2221 2222 pos = buf; --- 828 unchanged lines hidden --- |