aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVidyullatha Kanchanapally <vkanchan@qti.qualcomm.com>2017-03-30 13:57:15 (GMT)
committerJouni Malinen <j@w1.fi>2017-04-07 15:46:13 (GMT)
commit42e69bda2aa0752a3a18714728d0d06bb20ad152 (patch)
treee3ceb61a9a1d9f3f5cbe08374153302d755bf16c
parent061a3d3d5300cd7b62a9a0431e3dda9758d5a8bc (diff)
downloadhostap-42e69bda2aa0752a3a18714728d0d06bb20ad152.zip
hostap-42e69bda2aa0752a3a18714728d0d06bb20ad152.tar.gz
hostap-42e69bda2aa0752a3a18714728d0d06bb20ad152.tar.bz2
FILS: Add support for Cache Identifier in add/remove PMKSA
Add support for setting and deleting PMKSA cache entries based on FILS Cache Identifer. Also additionally add support for sending PMK as part of SET_PMKSA to enable driver to derive keys in case of FILS shared key offload using PMKSA caching. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
-rw-r--r--src/rsn_supp/pmksa_cache.c9
-rw-r--r--src/rsn_supp/preauth.c3
-rw-r--r--src/rsn_supp/wpa.h5
-rw-r--r--src/rsn_supp/wpa_i.h13
-rw-r--r--wpa_supplicant/preauth_test.c7
-rw-r--r--wpa_supplicant/wpas_glue.c26
6 files changed, 47 insertions, 16 deletions
diff --git a/src/rsn_supp/pmksa_cache.c b/src/rsn_supp/pmksa_cache.c
index d7d5bf7..e1cfa14 100644
--- a/src/rsn_supp/pmksa_cache.c
+++ b/src/rsn_supp/pmksa_cache.c
@@ -44,7 +44,9 @@ static void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa,
enum pmksa_free_reason reason)
{
wpa_sm_remove_pmkid(pmksa->sm, entry->network_ctx, entry->aa,
- entry->pmkid);
+ entry->pmkid,
+ entry->fils_cache_id_set ? entry->fils_cache_id :
+ NULL);
pmksa->pmksa_count--;
pmksa->free_cb(entry, pmksa->ctx, reason);
_pmksa_cache_free_entry(entry);
@@ -263,8 +265,9 @@ pmksa_cache_add_entry(struct rsn_pmksa_cache *pmksa,
pmksa->pmksa_count++;
wpa_printf(MSG_DEBUG, "RSN: Added PMKSA cache entry for " MACSTR
" network_ctx=%p", MAC2STR(entry->aa), entry->network_ctx);
- wpa_sm_add_pmkid(pmksa->sm, entry->network_ctx, entry->aa,
- entry->pmkid);
+ wpa_sm_add_pmkid(pmksa->sm, entry->network_ctx, entry->aa, entry->pmkid,
+ entry->fils_cache_id_set ? entry->fils_cache_id : NULL,
+ entry->pmk, entry->pmk_len);
return entry;
}
diff --git a/src/rsn_supp/preauth.c b/src/rsn_supp/preauth.c
index 5f11a53..d4276b9 100644
--- a/src/rsn_supp/preauth.c
+++ b/src/rsn_supp/preauth.c
@@ -342,7 +342,8 @@ void rsn_preauth_candidate_process(struct wpa_sm *sm)
/* Some drivers (e.g., NDIS) expect to get notified about the
* PMKIDs again, so report the existing data now. */
if (p) {
- wpa_sm_add_pmkid(sm, NULL, candidate->bssid, p->pmkid);
+ wpa_sm_add_pmkid(sm, NULL, candidate->bssid, p->pmkid,
+ NULL, p->pmk, p->pmk_len);
}
dl_list_del(&candidate->list);
diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 0c9691d..3f99a1b 100644
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -39,9 +39,10 @@ struct wpa_sm_ctx {
u8 * (*alloc_eapol)(void *ctx, u8 type, const void *data, u16 data_len,
size_t *msg_len, void **data_pos);
int (*add_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
- const u8 *pmkid);
+ const u8 *pmkid, const u8 *fils_cache_id,
+ const u8 *pmk, size_t pmk_len);
int (*remove_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
- const u8 *pmkid);
+ const u8 *pmkid, const u8 *fils_cache_id);
void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob);
const struct wpa_config_blob * (*get_config_blob)(void *ctx,
const char *name);
diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index d1dccec..62cd3c1 100644
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -231,17 +231,22 @@ static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
}
static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, void *network_ctx,
- const u8 *bssid, const u8 *pmkid)
+ const u8 *bssid, const u8 *pmkid,
+ const u8 *cache_id, const u8 *pmk,
+ size_t pmk_len)
{
WPA_ASSERT(sm->ctx->add_pmkid);
- return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid);
+ return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid,
+ cache_id, pmk, pmk_len);
}
static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, void *network_ctx,
- const u8 *bssid, const u8 *pmkid)
+ const u8 *bssid, const u8 *pmkid,
+ const u8 *cache_id)
{
WPA_ASSERT(sm->ctx->remove_pmkid);
- return sm->ctx->remove_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid);
+ return sm->ctx->remove_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid,
+ cache_id);
}
static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
diff --git a/wpa_supplicant/preauth_test.c b/wpa_supplicant/preauth_test.c
index 9cb2d92..a213a30 100644
--- a/wpa_supplicant/preauth_test.c
+++ b/wpa_supplicant/preauth_test.c
@@ -144,7 +144,9 @@ static int wpa_supplicant_mlme_setprotection(void *wpa_s, const u8 *addr,
static int wpa_supplicant_add_pmkid(void *wpa_s, void *network_ctx,
- const u8 *bssid, const u8 *pmkid)
+ const u8 *bssid, const u8 *pmkid,
+ const u8 *fils_cache_id,
+ const u8 *pmk, size_t pmk_len)
{
printf("%s - not implemented\n", __func__);
return -1;
@@ -152,7 +154,8 @@ static int wpa_supplicant_add_pmkid(void *wpa_s, void *network_ctx,
static int wpa_supplicant_remove_pmkid(void *wpa_s, void *network_ctx,
- const u8 *bssid, const u8 *pmkid)
+ const u8 *bssid, const u8 *pmkid,
+ const u8 *fils_cache_id)
{
printf("%s - not implemented\n", __func__);
return -1;
diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index 71dfbc3..fb38396 100644
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -530,7 +530,9 @@ static struct wpa_ssid * wpas_get_network_ctx(struct wpa_supplicant *wpa_s,
static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx,
- const u8 *bssid, const u8 *pmkid)
+ const u8 *bssid, const u8 *pmkid,
+ const u8 *fils_cache_id,
+ const u8 *pmk, size_t pmk_len)
{
struct wpa_supplicant *wpa_s = _wpa_s;
struct wpa_ssid *ssid;
@@ -541,15 +543,25 @@ static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx,
if (ssid)
wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_ADDED MACSTR " %d",
MAC2STR(bssid), ssid->id);
- params.bssid = bssid;
+ if (ssid && fils_cache_id) {
+ params.ssid = ssid->ssid;
+ params.ssid_len = ssid->ssid_len;
+ params.fils_cache_id = fils_cache_id;
+ } else {
+ params.bssid = bssid;
+ }
+
params.pmkid = pmkid;
+ params.pmk = pmk;
+ params.pmk_len = pmk_len;
return wpa_drv_add_pmkid(wpa_s, &params);
}
static int wpa_supplicant_remove_pmkid(void *_wpa_s, void *network_ctx,
- const u8 *bssid, const u8 *pmkid)
+ const u8 *bssid, const u8 *pmkid,
+ const u8 *fils_cache_id)
{
struct wpa_supplicant *wpa_s = _wpa_s;
struct wpa_ssid *ssid;
@@ -560,8 +572,14 @@ static int wpa_supplicant_remove_pmkid(void *_wpa_s, void *network_ctx,
if (ssid)
wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_REMOVED MACSTR " %d",
MAC2STR(bssid), ssid->id);
+ if (ssid && fils_cache_id) {
+ params.ssid = ssid->ssid;
+ params.ssid_len = ssid->ssid_len;
+ params.fils_cache_id = fils_cache_id;
+ } else {
+ params.bssid = bssid;
+ }
- params.bssid = bssid;
params.pmkid = pmkid;
return wpa_drv_remove_pmkid(wpa_s, &params);