mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
HS 2.0: As a STA, do not indicate release number greater than the AP
Hotspot 2.0 tech spec mandates mobile device to not indicate a release number that is greater than the release number advertised by the AP. Add this constraint to the HS 2.0 Indication element when adding this into (Re)Association Request frame. The element in the Probe Request frame continues to show the station's latest supported release number. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
6ae04d7b34
commit
ec2cf403b8
@ -104,15 +104,22 @@ void hs20_configure_frame_filters(struct wpa_supplicant *wpa_s)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void wpas_hs20_add_indication(struct wpabuf *buf, int pps_mo_id)
|
void wpas_hs20_add_indication(struct wpabuf *buf, int pps_mo_id, int ap_release)
|
||||||
{
|
{
|
||||||
|
int release;
|
||||||
u8 conf;
|
u8 conf;
|
||||||
|
|
||||||
|
release = (HS20_VERSION >> 4) + 1;
|
||||||
|
if (ap_release > 0 && release > ap_release)
|
||||||
|
release = ap_release;
|
||||||
|
if (release < 2)
|
||||||
|
pps_mo_id = -1;
|
||||||
|
|
||||||
wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
|
wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);
|
||||||
wpabuf_put_u8(buf, pps_mo_id >= 0 ? 7 : 5);
|
wpabuf_put_u8(buf, pps_mo_id >= 0 ? 7 : 5);
|
||||||
wpabuf_put_be24(buf, OUI_WFA);
|
wpabuf_put_be24(buf, OUI_WFA);
|
||||||
wpabuf_put_u8(buf, HS20_INDICATION_OUI_TYPE);
|
wpabuf_put_u8(buf, HS20_INDICATION_OUI_TYPE);
|
||||||
conf = HS20_VERSION;
|
conf = (release - 1) << 4;
|
||||||
if (pps_mo_id >= 0)
|
if (pps_mo_id >= 0)
|
||||||
conf |= HS20_PPS_MO_ID_PRESENT;
|
conf |= HS20_PPS_MO_ID_PRESENT;
|
||||||
wpabuf_put_u8(buf, conf);
|
wpabuf_put_u8(buf, conf);
|
||||||
@ -137,6 +144,21 @@ void wpas_hs20_add_roam_cons_sel(struct wpabuf *buf,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int get_hs20_version(struct wpa_bss *bss)
|
||||||
|
{
|
||||||
|
const u8 *ie;
|
||||||
|
|
||||||
|
if (!bss)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
ie = wpa_bss_get_vendor_ie(bss, HS20_IE_VENDOR_TYPE);
|
||||||
|
if (!ie || ie[1] < 5)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
return ((ie[6] >> 4) & 0x0f) + 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
int is_hs20_network(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
|
int is_hs20_network(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
|
||||||
struct wpa_bss *bss)
|
struct wpa_bss *bss)
|
||||||
{
|
{
|
||||||
|
@ -9,7 +9,8 @@
|
|||||||
#define HS20_SUPPLICANT_H
|
#define HS20_SUPPLICANT_H
|
||||||
|
|
||||||
void hs20_configure_frame_filters(struct wpa_supplicant *wpa_s);
|
void hs20_configure_frame_filters(struct wpa_supplicant *wpa_s);
|
||||||
void wpas_hs20_add_indication(struct wpabuf *buf, int pps_mo_id);
|
void wpas_hs20_add_indication(struct wpabuf *buf, int pps_mo_id,
|
||||||
|
int ap_release);
|
||||||
void wpas_hs20_add_roam_cons_sel(struct wpabuf *buf,
|
void wpas_hs20_add_roam_cons_sel(struct wpabuf *buf,
|
||||||
const struct wpa_ssid *ssid);
|
const struct wpa_ssid *ssid);
|
||||||
|
|
||||||
@ -20,6 +21,7 @@ void hs20_put_anqp_req(u32 stypes, const u8 *payload, size_t payload_len,
|
|||||||
void hs20_parse_rx_hs20_anqp_resp(struct wpa_supplicant *wpa_s,
|
void hs20_parse_rx_hs20_anqp_resp(struct wpa_supplicant *wpa_s,
|
||||||
struct wpa_bss *bss, const u8 *sa,
|
struct wpa_bss *bss, const u8 *sa,
|
||||||
const u8 *data, size_t slen, u8 dialog_token);
|
const u8 *data, size_t slen, u8 dialog_token);
|
||||||
|
int get_hs20_version(struct wpa_bss *bss);
|
||||||
int is_hs20_network(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
|
int is_hs20_network(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
|
||||||
struct wpa_bss *bss);
|
struct wpa_bss *bss);
|
||||||
int hs20_get_pps_mo_id(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid);
|
int hs20_get_pps_mo_id(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid);
|
||||||
|
@ -582,7 +582,7 @@ static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s)
|
|||||||
|
|
||||||
#ifdef CONFIG_HS20
|
#ifdef CONFIG_HS20
|
||||||
if (wpa_s->conf->hs20 && wpabuf_resize(&extra_ie, 7) == 0)
|
if (wpa_s->conf->hs20 && wpabuf_resize(&extra_ie, 7) == 0)
|
||||||
wpas_hs20_add_indication(extra_ie, -1);
|
wpas_hs20_add_indication(extra_ie, -1, 0);
|
||||||
#endif /* CONFIG_HS20 */
|
#endif /* CONFIG_HS20 */
|
||||||
|
|
||||||
#ifdef CONFIG_FST
|
#ifdef CONFIG_FST
|
||||||
|
@ -550,7 +550,8 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
|||||||
int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
|
int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|
||||||
wpas_hs20_add_indication(hs20, pps_mo_id);
|
wpas_hs20_add_indication(hs20, pps_mo_id,
|
||||||
|
get_hs20_version(bss));
|
||||||
wpas_hs20_add_roam_cons_sel(hs20, ssid);
|
wpas_hs20_add_roam_cons_sel(hs20, ssid);
|
||||||
len = sizeof(wpa_s->sme.assoc_req_ie) -
|
len = sizeof(wpa_s->sme.assoc_req_ie) -
|
||||||
wpa_s->sme.assoc_req_ie_len;
|
wpa_s->sme.assoc_req_ie_len;
|
||||||
|
@ -2678,7 +2678,8 @@ static u8 * wpas_populate_assoc_ies(
|
|||||||
int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
|
int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|
||||||
wpas_hs20_add_indication(hs20, pps_mo_id);
|
wpas_hs20_add_indication(hs20, pps_mo_id,
|
||||||
|
get_hs20_version(bss));
|
||||||
wpas_hs20_add_roam_cons_sel(hs20, ssid);
|
wpas_hs20_add_roam_cons_sel(hs20, ssid);
|
||||||
len = max_wpa_ie_len - wpa_ie_len;
|
len = max_wpa_ie_len - wpa_ie_len;
|
||||||
if (wpabuf_len(hs20) <= len) {
|
if (wpabuf_len(hs20) <= len) {
|
||||||
|
Loading…
Reference in New Issue
Block a user