mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-12-01 11:48:23 -05:00
P2P: Make peer's P2P Device Address available to authenticator
This can be used to implement per-device PSK selection based on the peer's P2P Device Address instead of P2P Interface Address. Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
52177fbb70
commit
94ddef3e72
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* hostapd / Callback functions for driver wrappers
|
* hostapd / Callback functions for driver wrappers
|
||||||
* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This software may be distributed under the terms of the BSD license.
|
* This software may be distributed under the terms of the BSD license.
|
||||||
* See README for more details.
|
* See README for more details.
|
||||||
@ -45,6 +45,7 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
|
|||||||
#endif /* CONFIG_IEEE80211R */
|
#endif /* CONFIG_IEEE80211R */
|
||||||
u16 reason = WLAN_REASON_UNSPECIFIED;
|
u16 reason = WLAN_REASON_UNSPECIFIED;
|
||||||
u16 status = WLAN_STATUS_SUCCESS;
|
u16 status = WLAN_STATUS_SUCCESS;
|
||||||
|
const u8 *p2p_dev_addr = NULL;
|
||||||
|
|
||||||
if (addr == NULL) {
|
if (addr == NULL) {
|
||||||
/*
|
/*
|
||||||
@ -108,6 +109,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
|
|||||||
wpabuf_free(sta->p2p_ie);
|
wpabuf_free(sta->p2p_ie);
|
||||||
sta->p2p_ie = ieee802_11_vendor_ie_concat(req_ies, req_ies_len,
|
sta->p2p_ie = ieee802_11_vendor_ie_concat(req_ies, req_ies_len,
|
||||||
P2P_IE_VENDOR_TYPE);
|
P2P_IE_VENDOR_TYPE);
|
||||||
|
if (sta->p2p_ie)
|
||||||
|
p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie);
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_P2P */
|
#endif /* CONFIG_P2P */
|
||||||
|
|
||||||
@ -156,7 +159,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
|
|||||||
|
|
||||||
if (sta->wpa_sm == NULL)
|
if (sta->wpa_sm == NULL)
|
||||||
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
||||||
sta->addr);
|
sta->addr,
|
||||||
|
p2p_dev_addr);
|
||||||
if (sta->wpa_sm == NULL) {
|
if (sta->wpa_sm == NULL) {
|
||||||
wpa_printf(MSG_ERROR, "Failed to initialize WPA state "
|
wpa_printf(MSG_ERROR, "Failed to initialize WPA state "
|
||||||
"machine");
|
"machine");
|
||||||
@ -481,7 +485,7 @@ static void hostapd_notif_auth(struct hostapd_data *hapd,
|
|||||||
sta->auth_alg = WLAN_AUTH_FT;
|
sta->auth_alg = WLAN_AUTH_FT;
|
||||||
if (sta->wpa_sm == NULL)
|
if (sta->wpa_sm == NULL)
|
||||||
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
||||||
sta->addr);
|
sta->addr, NULL);
|
||||||
if (sta->wpa_sm == NULL) {
|
if (sta->wpa_sm == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "FT: Failed to initialize WPA "
|
wpa_printf(MSG_DEBUG, "FT: Failed to initialize WPA "
|
||||||
"state machine");
|
"state machine");
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* hostapd / IEEE 802.11 Management
|
* hostapd / IEEE 802.11 Management
|
||||||
* Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This software may be distributed under the terms of the BSD license.
|
* This software may be distributed under the terms of the BSD license.
|
||||||
* See README for more details.
|
* See README for more details.
|
||||||
@ -719,7 +719,7 @@ static void handle_auth(struct hostapd_data *hapd,
|
|||||||
sta->auth_alg = WLAN_AUTH_FT;
|
sta->auth_alg = WLAN_AUTH_FT;
|
||||||
if (sta->wpa_sm == NULL)
|
if (sta->wpa_sm == NULL)
|
||||||
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
||||||
sta->addr);
|
sta->addr, NULL);
|
||||||
if (sta->wpa_sm == NULL) {
|
if (sta->wpa_sm == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "FT: Failed to initialize WPA "
|
wpa_printf(MSG_DEBUG, "FT: Failed to initialize WPA "
|
||||||
"state machine");
|
"state machine");
|
||||||
@ -866,6 +866,7 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
|
|||||||
u16 resp;
|
u16 resp;
|
||||||
const u8 *wpa_ie;
|
const u8 *wpa_ie;
|
||||||
size_t wpa_ie_len;
|
size_t wpa_ie_len;
|
||||||
|
const u8 *p2p_dev_addr = NULL;
|
||||||
|
|
||||||
if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) {
|
if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) {
|
||||||
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
|
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
|
||||||
@ -911,6 +912,19 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
|
|||||||
}
|
}
|
||||||
#endif /* CONFIG_IEEE80211AC */
|
#endif /* CONFIG_IEEE80211AC */
|
||||||
|
|
||||||
|
#ifdef CONFIG_P2P
|
||||||
|
if (elems.p2p) {
|
||||||
|
wpabuf_free(sta->p2p_ie);
|
||||||
|
sta->p2p_ie = ieee802_11_vendor_ie_concat(ies, ies_len,
|
||||||
|
P2P_IE_VENDOR_TYPE);
|
||||||
|
if (sta->p2p_ie)
|
||||||
|
p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie);
|
||||||
|
} else {
|
||||||
|
wpabuf_free(sta->p2p_ie);
|
||||||
|
sta->p2p_ie = NULL;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_P2P */
|
||||||
|
|
||||||
if ((hapd->conf->wpa & WPA_PROTO_RSN) && elems.rsn_ie) {
|
if ((hapd->conf->wpa & WPA_PROTO_RSN) && elems.rsn_ie) {
|
||||||
wpa_ie = elems.rsn_ie;
|
wpa_ie = elems.rsn_ie;
|
||||||
wpa_ie_len = elems.rsn_ie_len;
|
wpa_ie_len = elems.rsn_ie_len;
|
||||||
@ -962,7 +976,8 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
|
|||||||
wpa_ie_len += 2;
|
wpa_ie_len += 2;
|
||||||
if (sta->wpa_sm == NULL)
|
if (sta->wpa_sm == NULL)
|
||||||
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
|
||||||
sta->addr);
|
sta->addr,
|
||||||
|
p2p_dev_addr);
|
||||||
if (sta->wpa_sm == NULL) {
|
if (sta->wpa_sm == NULL) {
|
||||||
wpa_printf(MSG_WARNING, "Failed to initialize WPA "
|
wpa_printf(MSG_WARNING, "Failed to initialize WPA "
|
||||||
"state machine");
|
"state machine");
|
||||||
@ -1058,16 +1073,6 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
|
|||||||
wpa_auth_sta_no_wpa(sta->wpa_sm);
|
wpa_auth_sta_no_wpa(sta->wpa_sm);
|
||||||
|
|
||||||
#ifdef CONFIG_P2P
|
#ifdef CONFIG_P2P
|
||||||
if (elems.p2p) {
|
|
||||||
wpabuf_free(sta->p2p_ie);
|
|
||||||
sta->p2p_ie = ieee802_11_vendor_ie_concat(ies, ies_len,
|
|
||||||
P2P_IE_VENDOR_TYPE);
|
|
||||||
|
|
||||||
} else {
|
|
||||||
wpabuf_free(sta->p2p_ie);
|
|
||||||
sta->p2p_ie = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
p2p_group_notif_assoc(hapd->p2p_group, sta->addr, ies, ies_len);
|
p2p_group_notif_assoc(hapd->p2p_group, sta->addr, ies, ies_len);
|
||||||
#endif /* CONFIG_P2P */
|
#endif /* CONFIG_P2P */
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* IEEE 802.11 RSN / WPA Authenticator
|
* IEEE 802.11 RSN / WPA Authenticator
|
||||||
* Copyright (c) 2004-2011, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2004-2013, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This software may be distributed under the terms of the BSD license.
|
* This software may be distributed under the terms of the BSD license.
|
||||||
* See README for more details.
|
* See README for more details.
|
||||||
@ -508,7 +508,8 @@ int wpa_reconfig(struct wpa_authenticator *wpa_auth,
|
|||||||
|
|
||||||
|
|
||||||
struct wpa_state_machine *
|
struct wpa_state_machine *
|
||||||
wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr)
|
wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr,
|
||||||
|
const u8 *p2p_dev_addr)
|
||||||
{
|
{
|
||||||
struct wpa_state_machine *sm;
|
struct wpa_state_machine *sm;
|
||||||
|
|
||||||
@ -516,6 +517,8 @@ wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr)
|
|||||||
if (sm == NULL)
|
if (sm == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
os_memcpy(sm->addr, addr, ETH_ALEN);
|
os_memcpy(sm->addr, addr, ETH_ALEN);
|
||||||
|
if (p2p_dev_addr)
|
||||||
|
os_memcpy(sm->p2p_dev_addr, p2p_dev_addr, ETH_ALEN);
|
||||||
|
|
||||||
sm->wpa_auth = wpa_auth;
|
sm->wpa_auth = wpa_auth;
|
||||||
sm->group = wpa_auth->group;
|
sm->group = wpa_auth->group;
|
||||||
|
@ -227,7 +227,8 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
|
|||||||
const u8 *mdie, size_t mdie_len);
|
const u8 *mdie, size_t mdie_len);
|
||||||
int wpa_auth_uses_mfp(struct wpa_state_machine *sm);
|
int wpa_auth_uses_mfp(struct wpa_state_machine *sm);
|
||||||
struct wpa_state_machine *
|
struct wpa_state_machine *
|
||||||
wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr);
|
wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr,
|
||||||
|
const u8 *p2p_dev_addr);
|
||||||
int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
|
int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
|
||||||
struct wpa_state_machine *sm);
|
struct wpa_state_machine *sm);
|
||||||
void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm);
|
void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm);
|
||||||
|
@ -471,7 +471,7 @@ hostapd_wpa_auth_add_sta(void *ctx, const u8 *sta_addr)
|
|||||||
return sta->wpa_sm;
|
return sta->wpa_sm;
|
||||||
}
|
}
|
||||||
|
|
||||||
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr);
|
sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr, NULL);
|
||||||
if (sta->wpa_sm == NULL) {
|
if (sta->wpa_sm == NULL) {
|
||||||
ap_free_sta(hapd, sta);
|
ap_free_sta(hapd, sta);
|
||||||
return NULL;
|
return NULL;
|
||||||
|
@ -26,6 +26,7 @@ struct wpa_state_machine {
|
|||||||
struct wpa_group *group;
|
struct wpa_group *group;
|
||||||
|
|
||||||
u8 addr[ETH_ALEN];
|
u8 addr[ETH_ALEN];
|
||||||
|
u8 p2p_dev_addr[ETH_ALEN];
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
WPA_PTK_INITIALIZE, WPA_PTK_DISCONNECT, WPA_PTK_DISCONNECTED,
|
WPA_PTK_INITIALIZE, WPA_PTK_DISCONNECT, WPA_PTK_DISCONNECTED,
|
||||||
|
@ -444,7 +444,7 @@ static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn,
|
|||||||
static int ibss_rsn_auth_init(struct ibss_rsn *ibss_rsn,
|
static int ibss_rsn_auth_init(struct ibss_rsn *ibss_rsn,
|
||||||
struct ibss_rsn_peer *peer)
|
struct ibss_rsn_peer *peer)
|
||||||
{
|
{
|
||||||
peer->auth = wpa_auth_sta_init(ibss_rsn->auth_group, peer->addr);
|
peer->auth = wpa_auth_sta_init(ibss_rsn->auth_group, peer->addr, NULL);
|
||||||
if (peer->auth == NULL) {
|
if (peer->auth == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "AUTH: wpa_auth_sta_init() failed");
|
wpa_printf(MSG_DEBUG, "AUTH: wpa_auth_sta_init() failed");
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -298,7 +298,7 @@ static int auth_init_group(struct wpa *wpa)
|
|||||||
|
|
||||||
static int auth_init(struct wpa *wpa)
|
static int auth_init(struct wpa *wpa)
|
||||||
{
|
{
|
||||||
wpa->auth = wpa_auth_sta_init(wpa->auth_group, wpa->supp_addr);
|
wpa->auth = wpa_auth_sta_init(wpa->auth_group, wpa->supp_addr, NULL);
|
||||||
if (wpa->auth == NULL) {
|
if (wpa->auth == NULL) {
|
||||||
wpa_printf(MSG_DEBUG, "AUTH: wpa_auth_sta_init() failed");
|
wpa_printf(MSG_DEBUG, "AUTH: wpa_auth_sta_init() failed");
|
||||||
return -1;
|
return -1;
|
||||||
|
Loading…
Reference in New Issue
Block a user