aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni.malinen@atheros.com>2010-03-29 22:42:04 (GMT)
committerJouni Malinen <j@w1.fi>2010-03-29 22:42:04 (GMT)
commit32d5295f9d2571323dcdeefc4ab7c138f0fe6e59 (patch)
treeb7f2c6af95894a3c4bdd9a0556165f4f464b6aee
parent358c3691cf0513a13ee906ea237297e92f915ab9 (diff)
downloadhostap-32d5295f9d2571323dcdeefc4ab7c138f0fe6e59.zip
hostap-32d5295f9d2571323dcdeefc4ab7c138f0fe6e59.tar.gz
hostap-32d5295f9d2571323dcdeefc4ab7c138f0fe6e59.tar.bz2
Add a drop_sa command to allow 802.11w testing
This drops PTK and PMK without notifying the AP.
-rw-r--r--src/rsn_supp/wpa.c11
-rw-r--r--src/rsn_supp/wpa.h5
-rw-r--r--wpa_supplicant/ctrl_iface.c27
-rw-r--r--wpa_supplicant/wpa_cli.c8
4 files changed, 51 insertions, 0 deletions
diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
index 495e54c..a50dfd5 100644
--- a/src/rsn_supp/wpa.c
+++ b/src/rsn_supp/wpa.c
@@ -2379,3 +2379,14 @@ int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len)
return -1;
#endif /* CONFIG_NO_WPA2 */
}
+
+
+void wpa_sm_drop_sa(struct wpa_sm *sm)
+{
+ wpa_printf(MSG_DEBUG, "WPA: Clear old PMK and PTK");
+ sm->ptk_set = 0;
+ sm->tptk_set = 0;
+ os_memset(sm->pmk, 0, sizeof(sm->pmk));
+ os_memset(&sm->ptk, 0, sizeof(sm->ptk));
+ os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+}
diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 8db5fda..5ff6906 100644
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -123,6 +123,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
const u8 *buf, size_t len);
int wpa_sm_parse_own_wpa_ie(struct wpa_sm *sm, struct wpa_ie_data *data);
int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf, size_t len);
+void wpa_sm_drop_sa(struct wpa_sm *sm);
#else /* CONFIG_NO_WPA */
@@ -260,6 +261,10 @@ static inline int wpa_sm_pmksa_cache_list(struct wpa_sm *sm, char *buf,
return -1;
}
+static inline void wpa_sm_drop_sa(struct wpa_sm *sm)
+{
+}
+
#endif /* CONFIG_NO_WPA */
#ifdef CONFIG_PEERKEY
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index 438bc27..c7d3427 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -1615,6 +1615,31 @@ static int wpa_supplicant_ctrl_iface_ap_scan(
}
+static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s)
+{
+ u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
+
+ wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication");
+ /* MLME-DELETEKEYS.request */
+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
+#ifdef CONFIG_IEEE80211W
+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
+#endif /* CONFIG_IEEE80211W */
+
+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL,
+ 0);
+ /* MLME-SETPROTECTION.request(None) */
+ wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid,
+ MLME_SETPROTECTION_PROTECT_TYPE_NONE,
+ MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
+ wpa_sm_drop_sa(wpa_s->wpa);
+}
+
+
char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
char *buf, size_t *resp_len)
{
@@ -1818,6 +1843,8 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
wpas_notify_suspend(wpa_s->global);
} else if (os_strcmp(buf, "RESUME") == 0) {
wpas_notify_resume(wpa_s->global);
+ } else if (os_strcmp(buf, "DROP_SA") == 0) {
+ wpa_supplicant_ctrl_iface_drop_sa(wpa_s);
} else {
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
reply_len = 16;
diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c
index 75582d8..8e17b96 100644
--- a/wpa_supplicant/wpa_cli.c
+++ b/wpa_supplicant/wpa_cli.c
@@ -1434,6 +1434,12 @@ static int wpa_cli_cmd_resume(struct wpa_ctrl *ctrl, int argc, char *argv[])
}
+static int wpa_cli_cmd_drop_sa(struct wpa_ctrl *ctrl, int argc, char *argv[])
+{
+ return wpa_ctrl_command(ctrl, "DROP_SA");
+}
+
+
enum wpa_cli_cmd_flags {
cli_cmd_flag_none = 0x00,
cli_cmd_flag_sensitive = 0x01
@@ -1632,6 +1638,8 @@ static struct wpa_cli_cmd wpa_cli_commands[] = {
"= notification of suspend/hibernate" },
{ "resume", wpa_cli_cmd_resume, cli_cmd_flag_none,
"= notification of resume/thaw" },
+ { "drop_sa", wpa_cli_cmd_drop_sa, cli_cmd_flag_none,
+ "= drop SA without deauth/disassoc (test command)" },
{ NULL, NULL, cli_cmd_flag_none, NULL }
};