mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
TDLS: Use QoS info from WMM IE obtained in TDLS frames
TDLS Setup Request/Response frames from the peers include the WMM IE, hence parse the same and consider the QoS Info from the WMM IE. The qos_info obtained in the WMM IE overwrites the one obtained through WLAN_EID_QOS attribute. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
daa70bdf68
commit
dda8be7114
@ -1466,6 +1466,29 @@ static int copy_peer_ext_capab(const struct wpa_eapol_ie_parse *kde,
|
||||
}
|
||||
|
||||
|
||||
static int copy_peer_wmm_capab(const struct wpa_eapol_ie_parse *kde,
|
||||
struct wpa_tdls_peer *peer)
|
||||
{
|
||||
struct wmm_information_element *wmm;
|
||||
|
||||
if (!kde->wmm) {
|
||||
wpa_printf(MSG_DEBUG, "TDLS: No supported WMM capabilities received");
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (kde->wmm_len < sizeof(struct wmm_information_element)) {
|
||||
wpa_printf(MSG_DEBUG, "TDLS: Invalid supported WMM capabilities received");
|
||||
return -1;
|
||||
}
|
||||
|
||||
wmm = (struct wmm_information_element *) kde->wmm;
|
||||
peer->qos_info = wmm->qos_info;
|
||||
|
||||
wpa_printf(MSG_DEBUG, "TDLS: Peer WMM QOS Info 0x%x", peer->qos_info);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int copy_peer_supp_channels(const struct wpa_eapol_ie_parse *kde,
|
||||
struct wpa_tdls_peer *peer)
|
||||
{
|
||||
@ -1638,6 +1661,10 @@ static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
|
||||
|
||||
peer->qos_info = kde.qosinfo;
|
||||
|
||||
/* Overwrite with the qos_info obtained in WMM IE */
|
||||
if (copy_peer_wmm_capab(&kde, peer) < 0)
|
||||
goto error;
|
||||
|
||||
peer->aid = kde.aid;
|
||||
|
||||
#ifdef CONFIG_TDLS_TESTING
|
||||
@ -2018,6 +2045,10 @@ static int wpa_tdls_process_tpk_m2(struct wpa_sm *sm, const u8 *src_addr,
|
||||
|
||||
peer->qos_info = kde.qosinfo;
|
||||
|
||||
/* Overwrite with the qos_info obtained in WMM IE */
|
||||
if (copy_peer_wmm_capab(&kde, peer) < 0)
|
||||
goto error;
|
||||
|
||||
peer->aid = kde.aid;
|
||||
|
||||
if (!wpa_tdls_get_privacy(sm)) {
|
||||
|
@ -310,6 +310,42 @@ int wpa_gen_wpa_ie(struct wpa_sm *sm, u8 *wpa_ie, size_t wpa_ie_len)
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* wpa_parse_vendor_specific - Parse Vendor Specific IEs
|
||||
* @pos: Pointer to the IE header
|
||||
* @end: Pointer to the end of the Key Data buffer
|
||||
* @ie: Pointer to parsed IE data
|
||||
* Returns: 0 on success, 1 if end mark is found, -1 on failure
|
||||
*/
|
||||
static int wpa_parse_vendor_specific(const u8 *pos, const u8 *end,
|
||||
struct wpa_eapol_ie_parse *ie)
|
||||
{
|
||||
unsigned int oui;
|
||||
|
||||
if (pos[1] < 4) {
|
||||
wpa_printf(MSG_MSGDUMP, "Too short vendor specific IE ignored (len=%u)",
|
||||
pos[1]);
|
||||
return 1;
|
||||
}
|
||||
|
||||
oui = WPA_GET_BE24(&pos[2]);
|
||||
if (oui == OUI_MICROSOFT && pos[5] == WMM_OUI_TYPE && pos[1] > 4) {
|
||||
if (pos[6] == WMM_OUI_SUBTYPE_INFORMATION_ELEMENT) {
|
||||
ie->wmm = &pos[2];
|
||||
ie->wmm_len = pos[1];
|
||||
wpa_hexdump(MSG_DEBUG, "WPA: WMM IE",
|
||||
ie->wmm, ie->wmm_len);
|
||||
} else if (pos[6] == WMM_OUI_SUBTYPE_PARAMETER_ELEMENT) {
|
||||
ie->wmm = &pos[2];
|
||||
ie->wmm_len = pos[1];
|
||||
wpa_hexdump(MSG_DEBUG, "WPA: WMM Parameter Element",
|
||||
ie->wmm, ie->wmm_len);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* wpa_parse_generic - Parse EAPOL-Key Key Data Generic IEs
|
||||
* @pos: Pointer to the IE header
|
||||
@ -540,6 +576,14 @@ int wpa_supplicant_parse_ies(const u8 *buf, size_t len,
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
|
||||
ret = wpa_parse_vendor_specific(pos, end, ie);
|
||||
if (ret < 0)
|
||||
break;
|
||||
if (ret > 0) {
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
wpa_hexdump(MSG_DEBUG, "WPA: Unrecognized EAPOL-Key "
|
||||
"Key Data IE", pos, 2 + pos[1]);
|
||||
|
@ -59,6 +59,8 @@ struct wpa_eapol_ie_parse {
|
||||
size_t supp_oper_classes_len;
|
||||
u8 qosinfo;
|
||||
u16 aid;
|
||||
const u8 *wmm;
|
||||
size_t wmm_len;
|
||||
#ifdef CONFIG_P2P
|
||||
const u8 *ip_addr_req;
|
||||
const u8 *ip_addr_alloc;
|
||||
|
Loading…
Reference in New Issue
Block a user