mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-12-01 03:38:21 -05:00
SAE-PK: Advertise RSNXE capability bit in STA mode
Set the SAE-PK capability bit in RSNXE when sending out (Re)Association Request frame for a network profile that allows use of SAE-PK. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
de36f6b7b3
commit
518be614f1
@ -3289,6 +3289,9 @@ int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param,
|
||||
case WPA_PARAM_SAE_PWE:
|
||||
sm->sae_pwe = value;
|
||||
break;
|
||||
case WPA_PARAM_SAE_PK:
|
||||
sm->sae_pk = value;
|
||||
break;
|
||||
case WPA_PARAM_DENY_PTK0_REKEY:
|
||||
sm->wpa_deny_ptk0_rekey = value;
|
||||
break;
|
||||
|
@ -103,6 +103,7 @@ enum wpa_sm_conf_params {
|
||||
WPA_PARAM_MFP,
|
||||
WPA_PARAM_OCV,
|
||||
WPA_PARAM_SAE_PWE,
|
||||
WPA_PARAM_SAE_PK,
|
||||
WPA_PARAM_DENY_PTK0_REKEY,
|
||||
WPA_PARAM_EXT_KEY_ID,
|
||||
WPA_PARAM_USE_EXT_KEY_ID,
|
||||
|
@ -95,6 +95,7 @@ struct wpa_sm {
|
||||
int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */
|
||||
int ocv; /* Operating Channel Validation */
|
||||
int sae_pwe; /* SAE PWE generation options */
|
||||
int sae_pk; /* whether SAE-PK is used */
|
||||
|
||||
u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */
|
||||
size_t assoc_wpa_ie_len;
|
||||
|
@ -357,7 +357,7 @@ int wpa_gen_rsnxe(struct wpa_sm *sm, u8 *rsnxe, size_t rsnxe_len)
|
||||
|
||||
if (!wpa_key_mgmt_sae(sm->key_mgmt))
|
||||
return 0; /* SAE not in use */
|
||||
if (sm->sae_pwe != 1 && sm->sae_pwe != 2)
|
||||
if (sm->sae_pwe != 1 && sm->sae_pwe != 2 && !sm->sae_pk)
|
||||
return 0; /* no supported extended RSN capabilities */
|
||||
|
||||
if (rsnxe_len < 3)
|
||||
@ -367,7 +367,12 @@ int wpa_gen_rsnxe(struct wpa_sm *sm, u8 *rsnxe, size_t rsnxe_len)
|
||||
*pos++ = 1;
|
||||
/* bits 0-3 = 0 since only one octet of Extended RSN Capabilities is
|
||||
* used for now */
|
||||
*pos++ = BIT(WLAN_RSNX_CAPAB_SAE_H2E);
|
||||
*pos = BIT(WLAN_RSNX_CAPAB_SAE_H2E);
|
||||
#ifdef CONFIG_SAE_PK
|
||||
if (sm->sae_pk)
|
||||
*pos |= BIT(WLAN_RSNX_CAPAB_SAE_PK);
|
||||
#endif /* CONFIG_SAE_PK */
|
||||
pos++;
|
||||
|
||||
return pos - rsnxe;
|
||||
}
|
||||
|
@ -1639,6 +1639,13 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||
if (ssid->sae_password_id && sae_pwe != 3)
|
||||
sae_pwe = 1;
|
||||
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
|
||||
#ifdef CONFIG_SAE_PK
|
||||
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
|
||||
wpa_key_mgmt_sae(ssid->key_mgmt) &&
|
||||
ssid->sae_pk != SAE_PK_MODE_DISABLED &&
|
||||
ssid->sae_password &&
|
||||
sae_pk_valid_password(ssid->sae_password));
|
||||
#endif /* CONFIG_SAE_PK */
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
|
||||
wpa_s->ft_rsnxe_used);
|
||||
|
Loading…
Reference in New Issue
Block a user