mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
Update WPA/RSN IE properly for driver based BSS selection
This patch fixes an issue with roaming for drivers that set WPA_DRIVER_FLAGS_BSS_SELECTION (currently ath6kl). On moving to an AP with a different BSSID, an EVENT_ASSOC is received and the subsequent 4-way handshake may fail because of a mismatch between the RSN IE in message 3/4 and in Beacon/Probe Response. This happens only when the APs use different RSN IE contents and ap_scan is set to 1, since wpa_supplicant fails to update its cached IEs. Initial association may fail, too, in case of multiple APs with the same SSID, since BSSID selection is done by the driver and again a mismatch could be seen. Fix these two issues by clearing and updating the cached IEs on receiving an Association event from the driver. Also, retrieve the scan results when the new BSS information is not present locally. Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
This commit is contained in:
parent
e6c6274947
commit
cd2f4ddfb9
@ -990,6 +990,31 @@ static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s,
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
static int wpa_supplicant_assoc_update_ie(struct wpa_supplicant *wpa_s)
|
||||
{
|
||||
const u8 *bss_wpa = NULL, *bss_rsn = NULL;
|
||||
|
||||
if (!wpa_s->current_bss || !wpa_s->current_ssid)
|
||||
return -1;
|
||||
|
||||
if (!wpa_key_mgmt_wpa_any(wpa_s->current_ssid->key_mgmt))
|
||||
return 0;
|
||||
|
||||
bss_wpa = wpa_bss_get_vendor_ie(wpa_s->current_bss,
|
||||
WPA_IE_VENDOR_TYPE);
|
||||
bss_rsn = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_RSN);
|
||||
|
||||
if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
|
||||
bss_wpa ? 2 + bss_wpa[1] : 0) ||
|
||||
wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
|
||||
bss_rsn ? 2 + bss_rsn[1] : 0))
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Return < 0 if no scan results could be fetched. */
|
||||
static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
|
||||
union wpa_event_data *data)
|
||||
@ -1356,6 +1381,21 @@ static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
|
||||
}
|
||||
|
||||
|
||||
static struct wpa_bss * wpa_supplicant_get_new_bss(
|
||||
struct wpa_supplicant *wpa_s, const u8 *bssid)
|
||||
{
|
||||
struct wpa_bss *bss = NULL;
|
||||
struct wpa_ssid *ssid = wpa_s->current_ssid;
|
||||
|
||||
if (ssid->ssid_len > 0)
|
||||
bss = wpa_bss_get(wpa_s, bssid, ssid->ssid, ssid->ssid_len);
|
||||
if (!bss)
|
||||
bss = wpa_bss_get_bssid(wpa_s, bssid);
|
||||
|
||||
return bss;
|
||||
}
|
||||
|
||||
|
||||
static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
|
||||
union wpa_event_data *data)
|
||||
{
|
||||
@ -1401,15 +1441,25 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
|
||||
}
|
||||
if (wpa_s->current_ssid) {
|
||||
struct wpa_bss *bss = NULL;
|
||||
struct wpa_ssid *ssid = wpa_s->current_ssid;
|
||||
if (ssid->ssid_len > 0)
|
||||
bss = wpa_bss_get(wpa_s, bssid,
|
||||
ssid->ssid, ssid->ssid_len);
|
||||
if (!bss)
|
||||
bss = wpa_bss_get_bssid(wpa_s, bssid);
|
||||
|
||||
bss = wpa_supplicant_get_new_bss(wpa_s, bssid);
|
||||
if (!bss) {
|
||||
wpa_supplicant_update_scan_results(wpa_s);
|
||||
|
||||
/* Get the BSS from the new scan results */
|
||||
bss = wpa_supplicant_get_new_bss(wpa_s, bssid);
|
||||
}
|
||||
|
||||
if (bss)
|
||||
wpa_s->current_bss = bss;
|
||||
}
|
||||
|
||||
if (wpa_s->conf->ap_scan == 1 &&
|
||||
wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) {
|
||||
if (wpa_supplicant_assoc_update_ie(wpa_s) < 0)
|
||||
wpa_msg(wpa_s, MSG_WARNING,
|
||||
"WPA/RSN IEs not updated");
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef CONFIG_SME
|
||||
|
Loading…
Reference in New Issue
Block a user