| wpa.c (209158) | wpa.c (214734) |
|---|---|
| 1/* 2 * WPA Supplicant - WPA state machine and EAPOL-Key processing | 1/* 2 * WPA Supplicant - WPA state machine and EAPOL-Key processing |
| 3 * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> | 3 * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi> |
| 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15#include "includes.h" 16 17#include "common.h" | 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15#include "includes.h" 16 17#include "common.h" |
| 18#include "rc4.h" 19#include "aes_wrap.h" | 18#include "crypto/aes_wrap.h" 19#include "crypto/crypto.h" 20#include "common/ieee802_11_defs.h" 21#include "eapol_supp/eapol_supp_sm.h" |
| 20#include "wpa.h" 21#include "eloop.h" | 22#include "wpa.h" 23#include "eloop.h" |
| 22#include "eapol_supp/eapol_supp_sm.h" | |
| 23#include "preauth.h" 24#include "pmksa_cache.h" 25#include "wpa_i.h" 26#include "wpa_ie.h" 27#include "peerkey.h" | 24#include "preauth.h" 25#include "pmksa_cache.h" 26#include "wpa_i.h" 27#include "wpa_ie.h" 28#include "peerkey.h" |
| 28#include "ieee802_11_defs.h" | |
| 29 30 31/** | 29 30 31/** |
| 32 * wpa_cipher_txt - Convert cipher suite to a text string 33 * @cipher: Cipher suite (WPA_CIPHER_* enum) 34 * Returns: Pointer to a text string of the cipher suite name 35 */ 36static const char * wpa_cipher_txt(int cipher) 37{ 38 switch (cipher) { 39 case WPA_CIPHER_NONE: 40 return "NONE"; 41 case WPA_CIPHER_WEP40: 42 return "WEP-40"; 43 case WPA_CIPHER_WEP104: 44 return "WEP-104"; 45 case WPA_CIPHER_TKIP: 46 return "TKIP"; 47 case WPA_CIPHER_CCMP: 48 return "CCMP"; 49 default: 50 return "UNKNOWN"; 51 } 52} 53 54 55/** 56 * wpa_key_mgmt_txt - Convert key management suite to a text string 57 * @key_mgmt: Key management suite (WPA_KEY_MGMT_* enum) 58 * @proto: WPA/WPA2 version (WPA_PROTO_*) 59 * Returns: Pointer to a text string of the key management suite name 60 */ 61static const char * wpa_key_mgmt_txt(int key_mgmt, int proto) 62{ 63 switch (key_mgmt) { 64 case WPA_KEY_MGMT_IEEE8021X: 65 return proto == WPA_PROTO_RSN ? 66 "WPA2/IEEE 802.1X/EAP" : "WPA/IEEE 802.1X/EAP"; 67 case WPA_KEY_MGMT_PSK: 68 return proto == WPA_PROTO_RSN ? 69 "WPA2-PSK" : "WPA-PSK"; 70 case WPA_KEY_MGMT_NONE: 71 return "NONE"; 72 case WPA_KEY_MGMT_IEEE8021X_NO_WPA: 73 return "IEEE 802.1X (no WPA)"; 74#ifdef CONFIG_IEEE80211R 75 case WPA_KEY_MGMT_FT_IEEE8021X: 76 return "FT-EAP"; 77 case WPA_KEY_MGMT_FT_PSK: 78 return "FT-PSK"; 79#endif /* CONFIG_IEEE80211R */ 80#ifdef CONFIG_IEEE80211W 81 case WPA_KEY_MGMT_IEEE8021X_SHA256: 82 return "WPA2-EAP-SHA256"; 83 case WPA_KEY_MGMT_PSK_SHA256: 84 return "WPA2-PSK-SHA256"; 85#endif /* CONFIG_IEEE80211W */ 86 default: 87 return "UNKNOWN"; 88 } 89} 90 91 92/** | |
| 93 * wpa_eapol_key_send - Send WPA/RSN EAPOL-Key message 94 * @sm: Pointer to WPA state machine data from wpa_sm_init() 95 * @kck: Key Confirmation Key (KCK, part of PTK) 96 * @ver: Version field from Key Info 97 * @dest: Destination address for the frame 98 * @proto: Ethertype (usually ETH_P_EAPOL) 99 * @msg: EAPOL-Key message 100 * @msg_len: Length of message --- 13 unchanged lines hidden (view full) --- 114 "EAPOL-Key destination address"); 115 } else { 116 dest = sm->bssid; 117 wpa_printf(MSG_DEBUG, "WPA: Use BSSID (" MACSTR 118 ") as the destination for EAPOL-Key", 119 MAC2STR(dest)); 120 } 121 } | 32 * wpa_eapol_key_send - Send WPA/RSN EAPOL-Key message 33 * @sm: Pointer to WPA state machine data from wpa_sm_init() 34 * @kck: Key Confirmation Key (KCK, part of PTK) 35 * @ver: Version field from Key Info 36 * @dest: Destination address for the frame 37 * @proto: Ethertype (usually ETH_P_EAPOL) 38 * @msg: EAPOL-Key message 39 * @msg_len: Length of message --- 13 unchanged lines hidden (view full) --- 53 "EAPOL-Key destination address"); 54 } else { 55 dest = sm->bssid; 56 wpa_printf(MSG_DEBUG, "WPA: Use BSSID (" MACSTR 57 ") as the destination for EAPOL-Key", 58 MAC2STR(dest)); 59 } 60 } |
| 122 if (key_mic) 123 wpa_eapol_key_mic(kck, ver, msg, msg_len, key_mic); | 61 if (key_mic && 62 wpa_eapol_key_mic(kck, ver, msg, msg_len, key_mic)) { 63 wpa_printf(MSG_ERROR, "WPA: Failed to generate EAPOL-Key " 64 "version %d MIC", ver); 65 goto out; 66 } |
| 124 wpa_hexdump(MSG_MSGDUMP, "WPA: TX EAPOL-Key", msg, msg_len); 125 wpa_sm_ether_send(sm, dest, proto, msg, msg_len); 126 eapol_sm_notify_tx_eapol_key(sm->eapol); | 67 wpa_hexdump(MSG_MSGDUMP, "WPA: TX EAPOL-Key", msg, msg_len); 68 wpa_sm_ether_send(sm, dest, proto, msg, msg_len); 69 eapol_sm_notify_tx_eapol_key(sm->eapol); |
| 70out: |
|
| 127 os_free(msg); 128} 129 130 131/** 132 * wpa_sm_key_request - Send EAPOL-Key Request 133 * @sm: Pointer to WPA state machine data from wpa_sm_init() 134 * @error: Indicate whether this is an Michael MIC error report --- 106 unchanged lines hidden (view full) --- 241 os_memset(buf, 0, sizeof(buf)); 242 } 243#endif /* CONFIG_IEEE80211R */ 244 } 245 if (res == 0) { 246 wpa_hexdump_key(MSG_DEBUG, "WPA: PMK from EAPOL state " 247 "machines", sm->pmk, pmk_len); 248 sm->pmk_len = pmk_len; | 71 os_free(msg); 72} 73 74 75/** 76 * wpa_sm_key_request - Send EAPOL-Key Request 77 * @sm: Pointer to WPA state machine data from wpa_sm_init() 78 * @error: Indicate whether this is an Michael MIC error report --- 106 unchanged lines hidden (view full) --- 185 os_memset(buf, 0, sizeof(buf)); 186 } 187#endif /* CONFIG_IEEE80211R */ 188 } 189 if (res == 0) { 190 wpa_hexdump_key(MSG_DEBUG, "WPA: PMK from EAPOL state " 191 "machines", sm->pmk, pmk_len); 192 sm->pmk_len = pmk_len; |
| 249 pmksa_cache_add(sm->pmksa, sm->pmk, pmk_len, src_addr, 250 sm->own_addr, sm->network_ctx, 251 sm->key_mgmt); | 193 if (sm->proto == WPA_PROTO_RSN) { 194 pmksa_cache_add(sm->pmksa, sm->pmk, pmk_len, 195 src_addr, sm->own_addr, 196 sm->network_ctx, sm->key_mgmt); 197 } |
| 252 if (!sm->cur_pmksa && pmkid && 253 pmksa_cache_get(sm->pmksa, src_addr, pmkid)) { 254 wpa_printf(MSG_DEBUG, "RSN: the new PMK " 255 "matches with the PMKID"); 256 abort_cached = 0; 257 } 258 } else { | 198 if (!sm->cur_pmksa && pmkid && 199 pmksa_cache_get(sm->pmksa, src_addr, pmkid)) { 200 wpa_printf(MSG_DEBUG, "RSN: the new PMK " 201 "matches with the PMKID"); 202 abort_cached = 0; 203 } 204 } else { |
| 259 wpa_msg(sm->ctx->ctx, MSG_WARNING, | 205 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, |
| 260 "WPA: Failed to get master session key from " 261 "EAPOL state machines"); | 206 "WPA: Failed to get master session key from " 207 "EAPOL state machines"); |
| 262 wpa_msg(sm->ctx->ctx, MSG_WARNING, | 208 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, |
| 263 "WPA: Key handshake aborted"); 264 if (sm->cur_pmksa) { 265 wpa_printf(MSG_DEBUG, "RSN: Cancelled PMKSA " 266 "caching attempt"); 267 sm->cur_pmksa = NULL; 268 abort_cached = 1; 269 } else if (!abort_cached) { 270 return -1; --- 9 unchanged lines hidden (view full) --- 280 wpa_printf(MSG_DEBUG, "RSN: no PMKSA entry found - trigger " 281 "full EAP authentication"); 282 buf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_START, 283 NULL, 0, &buflen, NULL); 284 if (buf) { 285 wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, 286 buf, buflen); 287 os_free(buf); | 209 "WPA: Key handshake aborted"); 210 if (sm->cur_pmksa) { 211 wpa_printf(MSG_DEBUG, "RSN: Cancelled PMKSA " 212 "caching attempt"); 213 sm->cur_pmksa = NULL; 214 abort_cached = 1; 215 } else if (!abort_cached) { 216 return -1; --- 9 unchanged lines hidden (view full) --- 226 wpa_printf(MSG_DEBUG, "RSN: no PMKSA entry found - trigger " 227 "full EAP authentication"); 228 buf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_START, 229 NULL, 0, &buflen, NULL); 230 if (buf) { 231 wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL, 232 buf, buflen); 233 os_free(buf); |
| 234 return -2; |
|
| 288 } 289 290 return -1; 291 } 292 293 return 0; 294} 295 --- 14 unchanged lines hidden (view full) --- 310 const struct wpa_eapol_key *key, 311 int ver, const u8 *nonce, 312 const u8 *wpa_ie, size_t wpa_ie_len, 313 struct wpa_ptk *ptk) 314{ 315 size_t rlen; 316 struct wpa_eapol_key *reply; 317 u8 *rbuf; | 235 } 236 237 return -1; 238 } 239 240 return 0; 241} 242 --- 14 unchanged lines hidden (view full) --- 257 const struct wpa_eapol_key *key, 258 int ver, const u8 *nonce, 259 const u8 *wpa_ie, size_t wpa_ie_len, 260 struct wpa_ptk *ptk) 261{ 262 size_t rlen; 263 struct wpa_eapol_key *reply; 264 u8 *rbuf; |
| 265 u8 *rsn_ie_buf = NULL; |
|
| 318 319 if (wpa_ie == NULL) { 320 wpa_printf(MSG_WARNING, "WPA: No wpa_ie set - cannot " 321 "generate msg 2/4"); 322 return -1; 323 } 324 | 266 267 if (wpa_ie == NULL) { 268 wpa_printf(MSG_WARNING, "WPA: No wpa_ie set - cannot " 269 "generate msg 2/4"); 270 return -1; 271 } 272 |
| 273#ifdef CONFIG_IEEE80211R 274 if (wpa_key_mgmt_ft(sm->key_mgmt)) { 275 int res; 276 277 /* 278 * Add PMKR1Name into RSN IE (PMKID-List) and add MDIE and 279 * FTIE from (Re)Association Response. 280 */ 281 rsn_ie_buf = os_malloc(wpa_ie_len + 2 + 2 + PMKID_LEN + 282 sm->assoc_resp_ies_len); 283 if (rsn_ie_buf == NULL) 284 return -1; 285 os_memcpy(rsn_ie_buf, wpa_ie, wpa_ie_len); 286 res = wpa_insert_pmkid(rsn_ie_buf, wpa_ie_len, 287 sm->pmk_r1_name); 288 if (res < 0) { 289 os_free(rsn_ie_buf); 290 return -1; 291 } 292 wpa_ie_len += res; 293 294 if (sm->assoc_resp_ies) { 295 os_memcpy(rsn_ie_buf + wpa_ie_len, sm->assoc_resp_ies, 296 sm->assoc_resp_ies_len); 297 wpa_ie_len += sm->assoc_resp_ies_len; 298 } 299 300 wpa_ie = rsn_ie_buf; 301 } 302#endif /* CONFIG_IEEE80211R */ 303 |
|
| 325 wpa_hexdump(MSG_DEBUG, "WPA: WPA IE for msg 2/4", wpa_ie, wpa_ie_len); 326 327 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, 328 NULL, sizeof(*reply) + wpa_ie_len, 329 &rlen, (void *) &reply); | 304 wpa_hexdump(MSG_DEBUG, "WPA: WPA IE for msg 2/4", wpa_ie, wpa_ie_len); 305 306 rbuf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_KEY, 307 NULL, sizeof(*reply) + wpa_ie_len, 308 &rlen, (void *) &reply); |
| 330 if (rbuf == NULL) | 309 if (rbuf == NULL) { 310 os_free(rsn_ie_buf); |
| 331 return -1; | 311 return -1; |
| 312 } |
|
| 332 333 reply->type = sm->proto == WPA_PROTO_RSN ? 334 EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; 335 WPA_PUT_BE16(reply->key_info, 336 ver | WPA_KEY_INFO_KEY_TYPE | WPA_KEY_INFO_MIC); 337 if (sm->proto == WPA_PROTO_RSN) 338 WPA_PUT_BE16(reply->key_length, 0); 339 else 340 os_memcpy(reply->key_length, key->key_length, 2); 341 os_memcpy(reply->replay_counter, key->replay_counter, 342 WPA_REPLAY_COUNTER_LEN); 343 344 WPA_PUT_BE16(reply->key_data_length, wpa_ie_len); 345 os_memcpy(reply + 1, wpa_ie, wpa_ie_len); | 313 314 reply->type = sm->proto == WPA_PROTO_RSN ? 315 EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA; 316 WPA_PUT_BE16(reply->key_info, 317 ver | WPA_KEY_INFO_KEY_TYPE | WPA_KEY_INFO_MIC); 318 if (sm->proto == WPA_PROTO_RSN) 319 WPA_PUT_BE16(reply->key_length, 0); 320 else 321 os_memcpy(reply->key_length, key->key_length, 2); 322 os_memcpy(reply->replay_counter, key->replay_counter, 323 WPA_REPLAY_COUNTER_LEN); 324 325 WPA_PUT_BE16(reply->key_data_length, wpa_ie_len); 326 os_memcpy(reply + 1, wpa_ie, wpa_ie_len); |
| 327 os_free(rsn_ie_buf); |
|
| 346 347 os_memcpy(reply->key_nonce, nonce, WPA_NONCE_LEN); 348 349 wpa_printf(MSG_DEBUG, "WPA: Sending EAPOL-Key 2/4"); 350 wpa_eapol_key_send(sm, ptk->kck, ver, dst, ETH_P_EAPOL, 351 rbuf, rlen, reply->key_mic); 352 353 return 0; --- 21 unchanged lines hidden (view full) --- 375static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, 376 const unsigned char *src_addr, 377 const struct wpa_eapol_key *key, 378 u16 ver) 379{ 380 struct wpa_eapol_ie_parse ie; 381 struct wpa_ptk *ptk; 382 u8 buf[8]; | 328 329 os_memcpy(reply->key_nonce, nonce, WPA_NONCE_LEN); 330 331 wpa_printf(MSG_DEBUG, "WPA: Sending EAPOL-Key 2/4"); 332 wpa_eapol_key_send(sm, ptk->kck, ver, dst, ETH_P_EAPOL, 333 rbuf, rlen, reply->key_mic); 334 335 return 0; --- 21 unchanged lines hidden (view full) --- 357static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm, 358 const unsigned char *src_addr, 359 const struct wpa_eapol_key *key, 360 u16 ver) 361{ 362 struct wpa_eapol_ie_parse ie; 363 struct wpa_ptk *ptk; 364 u8 buf[8]; |
| 365 int res; |
|
| 383 384 if (wpa_sm_get_network_ctx(sm) == NULL) { 385 wpa_printf(MSG_WARNING, "WPA: No SSID info found (msg 1 of " 386 "4)."); 387 return; 388 } 389 390 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); --- 11 unchanged lines hidden (view full) --- 402 wpa_supplicant_parse_ies(_buf, len, &ie); 403 if (ie.pmkid) { 404 wpa_hexdump(MSG_DEBUG, "RSN: PMKID from " 405 "Authenticator", ie.pmkid, PMKID_LEN); 406 } 407 } 408#endif /* CONFIG_NO_WPA2 */ 409 | 366 367 if (wpa_sm_get_network_ctx(sm) == NULL) { 368 wpa_printf(MSG_WARNING, "WPA: No SSID info found (msg 1 of " 369 "4)."); 370 return; 371 } 372 373 wpa_sm_set_state(sm, WPA_4WAY_HANDSHAKE); --- 11 unchanged lines hidden (view full) --- 385 wpa_supplicant_parse_ies(_buf, len, &ie); 386 if (ie.pmkid) { 387 wpa_hexdump(MSG_DEBUG, "RSN: PMKID from " 388 "Authenticator", ie.pmkid, PMKID_LEN); 389 } 390 } 391#endif /* CONFIG_NO_WPA2 */ 392 |
| 410 if (wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid)) | 393 res = wpa_supplicant_get_pmk(sm, src_addr, ie.pmkid); 394 if (res == -2) { 395 wpa_printf(MSG_DEBUG, "RSN: Do not reply to msg 1/4 - " 396 "requesting full EAP authentication"); 397 return; 398 } 399 if (res) |
| 411 goto failed; 412 413 if (sm->renew_snonce) { 414 if (os_get_random(sm->snonce, WPA_NONCE_LEN)) { | 400 goto failed; 401 402 if (sm->renew_snonce) { 403 if (os_get_random(sm->snonce, WPA_NONCE_LEN)) { |
| 415 wpa_msg(sm->ctx->ctx, MSG_WARNING, | 404 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, |
| 416 "WPA: Failed to get random data for SNonce"); 417 goto failed; 418 } 419 sm->renew_snonce = 0; 420 wpa_hexdump(MSG_DEBUG, "WPA: Renewed SNonce", 421 sm->snonce, WPA_NONCE_LEN); 422 } 423 --- 25 unchanged lines hidden (view full) --- 449 struct wpa_sm *sm = eloop_ctx; 450 rsn_preauth_candidate_process(sm); 451} 452 453 454static void wpa_supplicant_key_neg_complete(struct wpa_sm *sm, 455 const u8 *addr, int secure) 456{ | 405 "WPA: Failed to get random data for SNonce"); 406 goto failed; 407 } 408 sm->renew_snonce = 0; 409 wpa_hexdump(MSG_DEBUG, "WPA: Renewed SNonce", 410 sm->snonce, WPA_NONCE_LEN); 411 } 412 --- 25 unchanged lines hidden (view full) --- 438 struct wpa_sm *sm = eloop_ctx; 439 rsn_preauth_candidate_process(sm); 440} 441 442 443static void wpa_supplicant_key_neg_complete(struct wpa_sm *sm, 444 const u8 *addr, int secure) 445{ |
| 457 wpa_msg(sm->ctx->ctx, MSG_INFO, "WPA: Key negotiation completed with " | 446 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, 447 "WPA: Key negotiation completed with " |
| 458 MACSTR " [PTK=%s GTK=%s]", MAC2STR(addr), 459 wpa_cipher_txt(sm->pairwise_cipher), 460 wpa_cipher_txt(sm->group_cipher)); 461 wpa_sm_cancel_auth_timeout(sm); 462 wpa_sm_set_state(sm, WPA_COMPLETED); 463 464 if (secure) { 465 wpa_sm_mlme_setprotection( --- 16 unchanged lines hidden (view full) --- 482 wpa_printf(MSG_DEBUG, "RSN: Authenticator accepted " 483 "opportunistic PMKSA entry - marking it valid"); 484 sm->cur_pmksa->opportunistic = 0; 485 } 486 487#ifdef CONFIG_IEEE80211R 488 if (wpa_key_mgmt_ft(sm->key_mgmt)) { 489 /* Prepare for the next transition */ | 448 MACSTR " [PTK=%s GTK=%s]", MAC2STR(addr), 449 wpa_cipher_txt(sm->pairwise_cipher), 450 wpa_cipher_txt(sm->group_cipher)); 451 wpa_sm_cancel_auth_timeout(sm); 452 wpa_sm_set_state(sm, WPA_COMPLETED); 453 454 if (secure) { 455 wpa_sm_mlme_setprotection( --- 16 unchanged lines hidden (view full) --- 472 wpa_printf(MSG_DEBUG, "RSN: Authenticator accepted " 473 "opportunistic PMKSA entry - marking it valid"); 474 sm->cur_pmksa->opportunistic = 0; 475 } 476 477#ifdef CONFIG_IEEE80211R 478 if (wpa_key_mgmt_ft(sm->key_mgmt)) { 479 /* Prepare for the next transition */ |
| 490 wpa_ft_prepare_auth_request(sm); | 480 wpa_ft_prepare_auth_request(sm, NULL); |
| 491 } 492#endif /* CONFIG_IEEE80211R */ 493} 494 495 496static void wpa_sm_rekey_ptk(void *eloop_ctx, void *timeout_ctx) 497{ 498 struct wpa_sm *sm = eloop_ctx; 499 wpa_printf(MSG_DEBUG, "WPA: Request PTK rekeying"); 500 wpa_sm_key_request(sm, 0, 1); 501} 502 503 504static int wpa_supplicant_install_ptk(struct wpa_sm *sm, 505 const struct wpa_eapol_key *key) 506{ 507 int keylen, rsclen; | 481 } 482#endif /* CONFIG_IEEE80211R */ 483} 484 485 486static void wpa_sm_rekey_ptk(void *eloop_ctx, void *timeout_ctx) 487{ 488 struct wpa_sm *sm = eloop_ctx; 489 wpa_printf(MSG_DEBUG, "WPA: Request PTK rekeying"); 490 wpa_sm_key_request(sm, 0, 1); 491} 492 493 494static int wpa_supplicant_install_ptk(struct wpa_sm *sm, 495 const struct wpa_eapol_key *key) 496{ 497 int keylen, rsclen; |
| 508 wpa_alg alg; | 498 enum wpa_alg alg; |
| 509 const u8 *key_rsc; 510 u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 511 512 wpa_printf(MSG_DEBUG, "WPA: Installing PTK to the driver."); 513 514 switch (sm->pairwise_cipher) { 515 case WPA_CIPHER_CCMP: 516 alg = WPA_ALG_CCMP; --- 37 unchanged lines hidden (view full) --- 554 } 555 556 return 0; 557} 558 559 560static int wpa_supplicant_check_group_cipher(int group_cipher, 561 int keylen, int maxkeylen, | 499 const u8 *key_rsc; 500 u8 null_rsc[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; 501 502 wpa_printf(MSG_DEBUG, "WPA: Installing PTK to the driver."); 503 504 switch (sm->pairwise_cipher) { 505 case WPA_CIPHER_CCMP: 506 alg = WPA_ALG_CCMP; --- 37 unchanged lines hidden (view full) --- 544 } 545 546 return 0; 547} 548 549 550static int wpa_supplicant_check_group_cipher(int group_cipher, 551 int keylen, int maxkeylen, |
| 562 int *key_rsc_len, wpa_alg *alg) | 552 int *key_rsc_len, 553 enum wpa_alg *alg) |
| 563{ 564 int ret = 0; 565 566 switch (group_cipher) { 567 case WPA_CIPHER_CCMP: 568 if (keylen != 16 || maxkeylen < 16) { 569 ret = -1; 570 break; --- 37 unchanged lines hidden (view full) --- 608 wpa_cipher_txt(group_cipher), keylen, maxkeylen); 609 } 610 611 return ret; 612} 613 614 615struct wpa_gtk_data { | 554{ 555 int ret = 0; 556 557 switch (group_cipher) { 558 case WPA_CIPHER_CCMP: 559 if (keylen != 16 || maxkeylen < 16) { 560 ret = -1; 561 break; --- 37 unchanged lines hidden (view full) --- 599 wpa_cipher_txt(group_cipher), keylen, maxkeylen); 600 } 601 602 return ret; 603} 604 605 606struct wpa_gtk_data { |
| 616 wpa_alg alg; | 607 enum wpa_alg alg; |
| 617 int tx, key_rsc_len, keyidx; 618 u8 gtk[32]; 619 int gtk_len; 620}; 621 622 623static int wpa_supplicant_install_gtk(struct wpa_sm *sm, 624 const struct wpa_gtk_data *gd, --- 144 unchanged lines hidden (view full) --- 769} 770 771 772static void wpa_report_ie_mismatch(struct wpa_sm *sm, 773 const char *reason, const u8 *src_addr, 774 const u8 *wpa_ie, size_t wpa_ie_len, 775 const u8 *rsn_ie, size_t rsn_ie_len) 776{ | 608 int tx, key_rsc_len, keyidx; 609 u8 gtk[32]; 610 int gtk_len; 611}; 612 613 614static int wpa_supplicant_install_gtk(struct wpa_sm *sm, 615 const struct wpa_gtk_data *gd, --- 144 unchanged lines hidden (view full) --- 760} 761 762 763static void wpa_report_ie_mismatch(struct wpa_sm *sm, 764 const char *reason, const u8 *src_addr, 765 const u8 *wpa_ie, size_t wpa_ie_len, 766 const u8 *rsn_ie, size_t rsn_ie_len) 767{ |
| 777 wpa_msg(sm->ctx->ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")", | 768 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")", |
| 778 reason, MAC2STR(src_addr)); 779 780 if (sm->ap_wpa_ie) { 781 wpa_hexdump(MSG_INFO, "WPA: WPA IE in Beacon/ProbeResp", 782 sm->ap_wpa_ie, sm->ap_wpa_ie_len); 783 } 784 if (wpa_ie) { 785 if (!sm->ap_wpa_ie) { --- 16 unchanged lines hidden (view full) --- 802 wpa_hexdump(MSG_INFO, "WPA: RSN IE in 3/4 msg", 803 rsn_ie, rsn_ie_len); 804 } 805 806 wpa_sm_disassociate(sm, WLAN_REASON_IE_IN_4WAY_DIFFERS); 807} 808 809 | 769 reason, MAC2STR(src_addr)); 770 771 if (sm->ap_wpa_ie) { 772 wpa_hexdump(MSG_INFO, "WPA: WPA IE in Beacon/ProbeResp", 773 sm->ap_wpa_ie, sm->ap_wpa_ie_len); 774 } 775 if (wpa_ie) { 776 if (!sm->ap_wpa_ie) { --- 16 unchanged lines hidden (view full) --- 793 wpa_hexdump(MSG_INFO, "WPA: RSN IE in 3/4 msg", 794 rsn_ie, rsn_ie_len); 795 } 796 797 wpa_sm_disassociate(sm, WLAN_REASON_IE_IN_4WAY_DIFFERS); 798} 799 800 |
| 801#ifdef CONFIG_IEEE80211R 802 803static int ft_validate_mdie(struct wpa_sm *sm, 804 const unsigned char *src_addr, 805 struct wpa_eapol_ie_parse *ie, 806 const u8 *assoc_resp_mdie) 807{ 808 struct rsn_mdie *mdie; 809 810 mdie = (struct rsn_mdie *) (ie->mdie + 2); 811 if (ie->mdie == NULL || ie->mdie_len < 2 + sizeof(*mdie) || 812 os_memcmp(mdie->mobility_domain, sm->mobility_domain, 813 MOBILITY_DOMAIN_ID_LEN) != 0) { 814 wpa_printf(MSG_DEBUG, "FT: MDIE in msg 3/4 did not " 815 "match with the current mobility domain"); 816 return -1; 817 } 818 819 if (assoc_resp_mdie && 820 (assoc_resp_mdie[1] != ie->mdie[1] || 821 os_memcmp(assoc_resp_mdie, ie->mdie, 2 + ie->mdie[1]) != 0)) { 822 wpa_printf(MSG_DEBUG, "FT: MDIE mismatch"); 823 wpa_hexdump(MSG_DEBUG, "FT: MDIE in EAPOL-Key msg 3/4", 824 ie->mdie, 2 + ie->mdie[1]); 825 wpa_hexdump(MSG_DEBUG, "FT: MDIE in (Re)Association Response", 826 assoc_resp_mdie, 2 + assoc_resp_mdie[1]); 827 return -1; 828 } 829 830 return 0; 831} 832 833 834static int ft_validate_ftie(struct wpa_sm *sm, 835 const unsigned char *src_addr, 836 struct wpa_eapol_ie_parse *ie, 837 const u8 *assoc_resp_ftie) 838{ 839 if (ie->ftie == NULL) { 840 wpa_printf(MSG_DEBUG, "FT: No FTIE in EAPOL-Key msg 3/4"); 841 return -1; 842 } 843 844 if (assoc_resp_ftie == NULL) 845 return 0; 846 847 if (assoc_resp_ftie[1] != ie->ftie[1] || 848 os_memcmp(assoc_resp_ftie, ie->ftie, 2 + ie->ftie[1]) != 0) { 849 wpa_printf(MSG_DEBUG, "FT: FTIE mismatch"); 850 wpa_hexdump(MSG_DEBUG, "FT: FTIE in EAPOL-Key msg 3/4", 851 ie->ftie, 2 + ie->ftie[1]); 852 wpa_hexdump(MSG_DEBUG, "FT: FTIE in (Re)Association Response", 853 assoc_resp_ftie, 2 + assoc_resp_ftie[1]); 854 return -1; 855 } 856 857 return 0; 858} 859 860 861static int ft_validate_rsnie(struct wpa_sm *sm, 862 const unsigned char *src_addr, 863 struct wpa_eapol_ie_parse *ie) 864{ 865 struct wpa_ie_data rsn; 866 867 if (!ie->rsn_ie) 868 return 0; 869 870 /* 871 * Verify that PMKR1Name from EAPOL-Key message 3/4 872 * matches with the value we derived. 873 */ 874 if (wpa_parse_wpa_ie_rsn(ie->rsn_ie, ie->rsn_ie_len, &rsn) < 0 || 875 rsn.num_pmkid != 1 || rsn.pmkid == NULL) { 876 wpa_printf(MSG_DEBUG, "FT: No PMKR1Name in " 877 "FT 4-way handshake message 3/4"); 878 return -1; 879 } 880 881 if (os_memcmp(rsn.pmkid, sm->pmk_r1_name, WPA_PMK_NAME_LEN) != 0) { 882 wpa_printf(MSG_DEBUG, "FT: PMKR1Name mismatch in " 883 "FT 4-way handshake message 3/4"); 884 wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name from Authenticator", 885 rsn.pmkid, WPA_PMK_NAME_LEN); 886 wpa_hexdump(MSG_DEBUG, "FT: Derived PMKR1Name", 887 sm->pmk_r1_name, WPA_PMK_NAME_LEN); 888 return -1; 889 } 890 891 return 0; 892} 893 894 895static int wpa_supplicant_validate_ie_ft(struct wpa_sm *sm, 896 const unsigned char *src_addr, 897 struct wpa_eapol_ie_parse *ie) 898{ 899 const u8 *pos, *end, *mdie = NULL, *ftie = NULL; 900 901 if (sm->assoc_resp_ies) { 902 pos = sm->assoc_resp_ies; 903 end = pos + sm->assoc_resp_ies_len; 904 while (pos + 2 < end) { 905 if (pos + 2 + pos[1] > end) 906 break; 907 switch (*pos) { 908 case WLAN_EID_MOBILITY_DOMAIN: 909 mdie = pos; 910 break; 911 case WLAN_EID_FAST_BSS_TRANSITION: 912 ftie = pos; 913 break; 914 } 915 pos += 2 + pos[1]; 916 } 917 } 918 919 if (ft_validate_mdie(sm, src_addr, ie, mdie) < 0 || 920 ft_validate_ftie(sm, src_addr, ie, ftie) < 0 || 921 ft_validate_rsnie(sm, src_addr, ie) < 0) 922 return -1; 923 924 return 0; 925} 926 927#endif /* CONFIG_IEEE80211R */ 928 929 |
|
| 810static int wpa_supplicant_validate_ie(struct wpa_sm *sm, 811 const unsigned char *src_addr, 812 struct wpa_eapol_ie_parse *ie) 813{ 814 if (sm->ap_wpa_ie == NULL && sm->ap_rsn_ie == NULL) { 815 wpa_printf(MSG_DEBUG, "WPA: No WPA/RSN IE for this AP known. " 816 "Trying to get from scan results"); 817 if (wpa_sm_get_beacon_ie(sm) < 0) { --- 13 unchanged lines hidden (view full) --- 831 ie->rsn_ie, ie->rsn_ie_len); 832 return -1; 833 } 834 835 if ((ie->wpa_ie && sm->ap_wpa_ie && 836 (ie->wpa_ie_len != sm->ap_wpa_ie_len || 837 os_memcmp(ie->wpa_ie, sm->ap_wpa_ie, ie->wpa_ie_len) != 0)) || 838 (ie->rsn_ie && sm->ap_rsn_ie && | 930static int wpa_supplicant_validate_ie(struct wpa_sm *sm, 931 const unsigned char *src_addr, 932 struct wpa_eapol_ie_parse *ie) 933{ 934 if (sm->ap_wpa_ie == NULL && sm->ap_rsn_ie == NULL) { 935 wpa_printf(MSG_DEBUG, "WPA: No WPA/RSN IE for this AP known. " 936 "Trying to get from scan results"); 937 if (wpa_sm_get_beacon_ie(sm) < 0) { --- 13 unchanged lines hidden (view full) --- 951 ie->rsn_ie, ie->rsn_ie_len); 952 return -1; 953 } 954 955 if ((ie->wpa_ie && sm->ap_wpa_ie && 956 (ie->wpa_ie_len != sm->ap_wpa_ie_len || 957 os_memcmp(ie->wpa_ie, sm->ap_wpa_ie, ie->wpa_ie_len) != 0)) || 958 (ie->rsn_ie && sm->ap_rsn_ie && |
| 839 (ie->rsn_ie_len != sm->ap_rsn_ie_len || 840 os_memcmp(ie->rsn_ie, sm->ap_rsn_ie, ie->rsn_ie_len) != 0))) { | 959 wpa_compare_rsn_ie(wpa_key_mgmt_ft(sm->key_mgmt), 960 sm->ap_rsn_ie, sm->ap_rsn_ie_len, 961 ie->rsn_ie, ie->rsn_ie_len))) { |
| 841 wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match " 842 "with IE in Beacon/ProbeResp", 843 src_addr, ie->wpa_ie, ie->wpa_ie_len, 844 ie->rsn_ie, ie->rsn_ie_len); 845 return -1; 846 } 847 848 if (sm->proto == WPA_PROTO_WPA && 849 ie->rsn_ie && sm->ap_rsn_ie == NULL && sm->rsn_enabled) { 850 wpa_report_ie_mismatch(sm, "Possible downgrade attack " 851 "detected - RSN was enabled and RSN IE " 852 "was in msg 3/4, but not in " 853 "Beacon/ProbeResp", 854 src_addr, ie->wpa_ie, ie->wpa_ie_len, 855 ie->rsn_ie, ie->rsn_ie_len); 856 return -1; 857 } 858 859#ifdef CONFIG_IEEE80211R | 962 wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match " 963 "with IE in Beacon/ProbeResp", 964 src_addr, ie->wpa_ie, ie->wpa_ie_len, 965 ie->rsn_ie, ie->rsn_ie_len); 966 return -1; 967 } 968 969 if (sm->proto == WPA_PROTO_WPA && 970 ie->rsn_ie && sm->ap_rsn_ie == NULL && sm->rsn_enabled) { 971 wpa_report_ie_mismatch(sm, "Possible downgrade attack " 972 "detected - RSN was enabled and RSN IE " 973 "was in msg 3/4, but not in " 974 "Beacon/ProbeResp", 975 src_addr, ie->wpa_ie, ie->wpa_ie_len, 976 ie->rsn_ie, ie->rsn_ie_len); 977 return -1; 978 } 979 980#ifdef CONFIG_IEEE80211R |
| 860 if (wpa_key_mgmt_ft(sm->key_mgmt)) { 861 struct rsn_mdie *mdie; 862 /* TODO: verify that full MDIE matches with the one from scan 863 * results, not only mobility domain */ 864 mdie = (struct rsn_mdie *) (ie->mdie + 2); 865 if (ie->mdie == NULL || ie->mdie_len < 2 + sizeof(*mdie) || 866 os_memcmp(mdie->mobility_domain, sm->mobility_domain, 867 MOBILITY_DOMAIN_ID_LEN) != 0) { 868 wpa_printf(MSG_DEBUG, "FT: MDIE in msg 3/4 did not " 869 "match with the current mobility domain"); 870 return -1; 871 } 872 } | 981 if (wpa_key_mgmt_ft(sm->key_mgmt) && 982 wpa_supplicant_validate_ie_ft(sm, src_addr, ie) < 0) 983 return -1; |
| 873#endif /* CONFIG_IEEE80211R */ 874 875 return 0; 876} 877 878 879/** 880 * wpa_supplicant_send_4_of_4 - Send message 4 of WPA/RSN 4-Way Handshake --- 242 unchanged lines hidden (view full) --- 1123 os_memcpy(ek + 16, sm->ptk.kek, 16); 1124 if (keydatalen > sizeof(gd->gtk)) { 1125 wpa_printf(MSG_WARNING, "WPA: RC4 key data " 1126 "too long (%lu)", 1127 (unsigned long) keydatalen); 1128 return -1; 1129 } 1130 os_memcpy(gd->gtk, key + 1, keydatalen); | 984#endif /* CONFIG_IEEE80211R */ 985 986 return 0; 987} 988 989 990/** 991 * wpa_supplicant_send_4_of_4 - Send message 4 of WPA/RSN 4-Way Handshake --- 242 unchanged lines hidden (view full) --- 1234 os_memcpy(ek + 16, sm->ptk.kek, 16); 1235 if (keydatalen > sizeof(gd->gtk)) { 1236 wpa_printf(MSG_WARNING, "WPA: RC4 key data " 1237 "too long (%lu)", 1238 (unsigned long) keydatalen); 1239 return -1; 1240 } 1241 os_memcpy(gd->gtk, key + 1, keydatalen); |
| 1131 rc4_skip(ek, 32, 256, gd->gtk, keydatalen); | 1242 if (rc4_skip(ek, 32, 256, gd->gtk, keydatalen)) { 1243 wpa_printf(MSG_ERROR, "WPA: RC4 failed"); 1244 return -1; 1245 } |
| 1132 } else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { 1133 if (keydatalen % 8) { 1134 wpa_printf(MSG_WARNING, "WPA: Unsupported AES-WRAP " 1135 "len %lu", (unsigned long) keydatalen); 1136 return -1; 1137 } 1138 if (maxkeylen > sizeof(gd->gtk)) { 1139 wpa_printf(MSG_WARNING, "WPA: AES-WRAP key data " --- 88 unchanged lines hidden (view full) --- 1228 if (ret) 1229 goto failed; 1230 1231 if (wpa_supplicant_install_gtk(sm, &gd, key->key_rsc) || 1232 wpa_supplicant_send_2_of_2(sm, key, ver, key_info)) 1233 goto failed; 1234 1235 if (rekey) { | 1246 } else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { 1247 if (keydatalen % 8) { 1248 wpa_printf(MSG_WARNING, "WPA: Unsupported AES-WRAP " 1249 "len %lu", (unsigned long) keydatalen); 1250 return -1; 1251 } 1252 if (maxkeylen > sizeof(gd->gtk)) { 1253 wpa_printf(MSG_WARNING, "WPA: AES-WRAP key data " --- 88 unchanged lines hidden (view full) --- 1342 if (ret) 1343 goto failed; 1344 1345 if (wpa_supplicant_install_gtk(sm, &gd, key->key_rsc) || 1346 wpa_supplicant_send_2_of_2(sm, key, ver, key_info)) 1347 goto failed; 1348 1349 if (rekey) { |
| 1236 wpa_msg(sm->ctx->ctx, MSG_INFO, "WPA: Group rekeying " | 1350 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Group rekeying " |
| 1237 "completed with " MACSTR " [GTK=%s]", 1238 MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher)); 1239 wpa_sm_cancel_auth_timeout(sm); 1240 wpa_sm_set_state(sm, WPA_COMPLETED); 1241 } else { 1242 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1243 key_info & 1244 WPA_KEY_INFO_SECURE); --- 69 unchanged lines hidden (view full) --- 1314 } 1315 1316 /* Decrypt key data here so that this operation does not need 1317 * to be implemented separately for each message type. */ 1318 if (ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4) { 1319 u8 ek[32]; 1320 os_memcpy(ek, key->key_iv, 16); 1321 os_memcpy(ek + 16, sm->ptk.kek, 16); | 1351 "completed with " MACSTR " [GTK=%s]", 1352 MAC2STR(sm->bssid), wpa_cipher_txt(sm->group_cipher)); 1353 wpa_sm_cancel_auth_timeout(sm); 1354 wpa_sm_set_state(sm, WPA_COMPLETED); 1355 } else { 1356 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1357 key_info & 1358 WPA_KEY_INFO_SECURE); --- 69 unchanged lines hidden (view full) --- 1428 } 1429 1430 /* Decrypt key data here so that this operation does not need 1431 * to be implemented separately for each message type. */ 1432 if (ver == WPA_KEY_INFO_TYPE_HMAC_MD5_RC4) { 1433 u8 ek[32]; 1434 os_memcpy(ek, key->key_iv, 16); 1435 os_memcpy(ek + 16, sm->ptk.kek, 16); |
| 1322 rc4_skip(ek, 32, 256, (u8 *) (key + 1), keydatalen); | 1436 if (rc4_skip(ek, 32, 256, (u8 *) (key + 1), keydatalen)) { 1437 wpa_printf(MSG_ERROR, "WPA: RC4 failed"); 1438 return -1; 1439 } |
| 1323 } else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES || 1324 ver == WPA_KEY_INFO_TYPE_AES_128_CMAC) { 1325 u8 *buf; 1326 if (keydatalen % 8) { 1327 wpa_printf(MSG_WARNING, "WPA: Unsupported " 1328 "AES-WRAP len %d", keydatalen); 1329 return -1; 1330 } --- 269 unchanged lines hidden (view full) --- 1600 if ((key_info & WPA_KEY_INFO_MIC) && peerkey && 1601 peerkey_verify_eapol_key_mic(sm, peerkey, key, ver, tmp, data_len)) 1602 goto out; 1603#endif /* CONFIG_PEERKEY */ 1604 1605 extra_len = data_len - sizeof(*hdr) - sizeof(*key); 1606 1607 if (WPA_GET_BE16(key->key_data_length) > extra_len) { | 1440 } else if (ver == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES || 1441 ver == WPA_KEY_INFO_TYPE_AES_128_CMAC) { 1442 u8 *buf; 1443 if (keydatalen % 8) { 1444 wpa_printf(MSG_WARNING, "WPA: Unsupported " 1445 "AES-WRAP len %d", keydatalen); 1446 return -1; 1447 } --- 269 unchanged lines hidden (view full) --- 1717 if ((key_info & WPA_KEY_INFO_MIC) && peerkey && 1718 peerkey_verify_eapol_key_mic(sm, peerkey, key, ver, tmp, data_len)) 1719 goto out; 1720#endif /* CONFIG_PEERKEY */ 1721 1722 extra_len = data_len - sizeof(*hdr) - sizeof(*key); 1723 1724 if (WPA_GET_BE16(key->key_data_length) > extra_len) { |
| 1608 wpa_msg(sm->ctx->ctx, MSG_INFO, "WPA: Invalid EAPOL-Key " | 1725 wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: Invalid EAPOL-Key " |
| 1609 "frame - key_data overflow (%d > %lu)", 1610 WPA_GET_BE16(key->key_data_length), 1611 (unsigned long) extra_len); 1612 goto out; 1613 } 1614 extra_len = WPA_GET_BE16(key->key_data_length); 1615 1616 if (sm->proto == WPA_PROTO_RSN && --- 233 unchanged lines hidden (view full) --- 1850 */ 1851struct wpa_sm * wpa_sm_init(struct wpa_sm_ctx *ctx) 1852{ 1853 struct wpa_sm *sm; 1854 1855 sm = os_zalloc(sizeof(*sm)); 1856 if (sm == NULL) 1857 return NULL; | 1726 "frame - key_data overflow (%d > %lu)", 1727 WPA_GET_BE16(key->key_data_length), 1728 (unsigned long) extra_len); 1729 goto out; 1730 } 1731 extra_len = WPA_GET_BE16(key->key_data_length); 1732 1733 if (sm->proto == WPA_PROTO_RSN && --- 233 unchanged lines hidden (view full) --- 1967 */ 1968struct wpa_sm * wpa_sm_init(struct wpa_sm_ctx *ctx) 1969{ 1970 struct wpa_sm *sm; 1971 1972 sm = os_zalloc(sizeof(*sm)); 1973 if (sm == NULL) 1974 return NULL; |
| 1975 dl_list_init(&sm->pmksa_candidates); |
|
| 1858 sm->renew_snonce = 1; 1859 sm->ctx = ctx; 1860 1861 sm->dot11RSNAConfigPMKLifetime = 43200; 1862 sm->dot11RSNAConfigPMKReauthThreshold = 70; 1863 sm->dot11RSNAConfigSATimeout = 60; 1864 1865 sm->pmksa = pmksa_cache_init(wpa_sm_pmksa_free_cb, sm, sm); --- 19 unchanged lines hidden (view full) --- 1885 pmksa_cache_deinit(sm->pmksa); 1886 eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL); 1887 eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); 1888 os_free(sm->assoc_wpa_ie); 1889 os_free(sm->ap_wpa_ie); 1890 os_free(sm->ap_rsn_ie); 1891 os_free(sm->ctx); 1892 peerkey_deinit(sm); | 1976 sm->renew_snonce = 1; 1977 sm->ctx = ctx; 1978 1979 sm->dot11RSNAConfigPMKLifetime = 43200; 1980 sm->dot11RSNAConfigPMKReauthThreshold = 70; 1981 sm->dot11RSNAConfigSATimeout = 60; 1982 1983 sm->pmksa = pmksa_cache_init(wpa_sm_pmksa_free_cb, sm, sm); --- 19 unchanged lines hidden (view full) --- 2003 pmksa_cache_deinit(sm->pmksa); 2004 eloop_cancel_timeout(wpa_sm_start_preauth, sm, NULL); 2005 eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL); 2006 os_free(sm->assoc_wpa_ie); 2007 os_free(sm->ap_wpa_ie); 2008 os_free(sm->ap_rsn_ie); 2009 os_free(sm->ctx); 2010 peerkey_deinit(sm); |
| 2011#ifdef CONFIG_IEEE80211R 2012 os_free(sm->assoc_resp_ies); 2013#endif /* CONFIG_IEEE80211R */ |
|
| 1893 os_free(sm); 1894} 1895 1896 1897/** 1898 * wpa_sm_notify_assoc - Notify WPA state machine about association 1899 * @sm: Pointer to WPA state machine data from wpa_sm_init() 1900 * @bssid: The BSSID of the new association --- 13 unchanged lines hidden (view full) --- 1914 os_memset(sm->rx_replay_counter, 0, WPA_REPLAY_COUNTER_LEN); 1915 sm->rx_replay_counter_set = 0; 1916 sm->renew_snonce = 1; 1917 if (os_memcmp(sm->preauth_bssid, bssid, ETH_ALEN) == 0) 1918 rsn_preauth_deinit(sm); 1919 1920#ifdef CONFIG_IEEE80211R 1921 if (wpa_ft_is_completed(sm)) { | 2014 os_free(sm); 2015} 2016 2017 2018/** 2019 * wpa_sm_notify_assoc - Notify WPA state machine about association 2020 * @sm: Pointer to WPA state machine data from wpa_sm_init() 2021 * @bssid: The BSSID of the new association --- 13 unchanged lines hidden (view full) --- 2035 os_memset(sm->rx_replay_counter, 0, WPA_REPLAY_COUNTER_LEN); 2036 sm->rx_replay_counter_set = 0; 2037 sm->renew_snonce = 1; 2038 if (os_memcmp(sm->preauth_bssid, bssid, ETH_ALEN) == 0) 2039 rsn_preauth_deinit(sm); 2040 2041#ifdef CONFIG_IEEE80211R 2042 if (wpa_ft_is_completed(sm)) { |
| 2043 /* 2044 * Clear portValid to kick EAPOL state machine to re-enter 2045 * AUTHENTICATED state to get the EAPOL port Authorized. 2046 */ 2047 eapol_sm_notify_portValid(sm->eapol, FALSE); |
|
| 1922 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1); 1923 1924 /* Prepare for the next transition */ | 2048 wpa_supplicant_key_neg_complete(sm, sm->bssid, 1); 2049 2050 /* Prepare for the next transition */ |
| 1925 wpa_ft_prepare_auth_request(sm); | 2051 wpa_ft_prepare_auth_request(sm, NULL); |
| 1926 1927 clear_ptk = 0; 1928 } 1929#endif /* CONFIG_IEEE80211R */ 1930 1931 if (clear_ptk) { 1932 /* 1933 * IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if --- 225 unchanged lines hidden (view full) --- 2159#ifdef CONFIG_IEEE80211W 2160 case WPA_PARAM_MGMT_GROUP: 2161 sm->mgmt_group_cipher = value; 2162 break; 2163#endif /* CONFIG_IEEE80211W */ 2164 case WPA_PARAM_RSN_ENABLED: 2165 sm->rsn_enabled = value; 2166 break; | 2052 2053 clear_ptk = 0; 2054 } 2055#endif /* CONFIG_IEEE80211R */ 2056 2057 if (clear_ptk) { 2058 /* 2059 * IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if --- 225 unchanged lines hidden (view full) --- 2285#ifdef CONFIG_IEEE80211W 2286 case WPA_PARAM_MGMT_GROUP: 2287 sm->mgmt_group_cipher = value; 2288 break; 2289#endif /* CONFIG_IEEE80211W */ 2290 case WPA_PARAM_RSN_ENABLED: 2291 sm->rsn_enabled = value; 2292 break; |
| 2293 case WPA_PARAM_MFP: 2294 sm->mfp = value; 2295 break; |
|
| 2167 default: 2168 break; 2169 } 2170 2171 return ret; 2172} 2173 2174 --- 226 unchanged lines hidden (view full) --- 2401 wpa_printf(MSG_DEBUG, "WPA: No WPA/RSN IE available from " 2402 "association info"); 2403 return -1; 2404 } 2405 if (wpa_parse_wpa_ie(sm->assoc_wpa_ie, sm->assoc_wpa_ie_len, data)) 2406 return -2; 2407 return 0; 2408} | 2296 default: 2297 break; 2298 } 2299 2300 return ret; 2301} 2302 2303 --- 226 unchanged lines hidden (view full) --- 2530 wpa_printf(MSG_DEBUG, "WPA: No WPA/RSN IE available from " 2531 "association info"); 2532 return -1; 2533 } 2534 if (wpa_parse_wpa_ie(sm->assoc_wpa_ie, sm->assoc_wpa_ie_len, data)) 2535 return -2; 2536 return 0; 2537} |
| 2538 2539 2540int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len) 2541{ 2542#ifndef CONFIG_NO_WPA2 2543 return pmksa_cache_list(sm->pmksa, buf, len); 2544#else /* CONFIG_NO_WPA2 */ 2545 return -1; 2546#endif /* CONFIG_NO_WPA2 */ 2547} 2548 2549 2550void wpa_sm_drop_sa(struct wpa_sm *sm) 2551{ 2552 wpa_printf(MSG_DEBUG, "WPA: Clear old PMK and PTK"); 2553 sm->ptk_set = 0; 2554 sm->tptk_set = 0; 2555 os_memset(sm->pmk, 0, sizeof(sm->pmk)); 2556 os_memset(&sm->ptk, 0, sizeof(sm->ptk)); 2557 os_memset(&sm->tptk, 0, sizeof(sm->tptk)); 2558} 2559 2560 2561int wpa_sm_has_ptk(struct wpa_sm *sm) 2562{ 2563 if (sm == NULL) 2564 return 0; 2565 return sm->ptk_set; 2566} |
|