aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/wpa_auth_glue.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2017-10-14 10:41:08 (GMT)
committerJouni Malinen <j@w1.fi>2017-10-16 14:43:10 (GMT)
commit16579769ff7bb255e101c6b77fb2c47d3735a883 (patch)
tree53d796d142b46a66182f10e9120a14c798d54600 /src/ap/wpa_auth_glue.c
parentb74f82a4f88107756f2320e9435a61cb165a569a (diff)
downloadhostap-16579769ff7bb255e101c6b77fb2c47d3735a883.zip
hostap-16579769ff7bb255e101c6b77fb2c47d3735a883.tar.gz
hostap-16579769ff7bb255e101c6b77fb2c47d3735a883.tar.bz2
Add testing functionality for resetting PN/IPN for configured keys
This can be used to test replay protection. The "RESET_PN" command in wpa_supplicant and "RESET_PN <addr>" command in hostapd resets the local counters to zero for the last configured key. For hostapd, the address parameter specifies which STA this operation is for or selects GTK ("ff:ff:ff:ff:ff:ff") or IGTK ("ff:ff:ff:ff:ff:ff IGTK"). This functionality is for testing purposes and included only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/ap/wpa_auth_glue.c')
-rw-r--r--src/ap/wpa_auth_glue.c31
1 files changed, 31 insertions, 0 deletions
diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c
index 10394c9..d9f917e 100644
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -349,6 +349,37 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg,
return -1;
}
+#ifdef CONFIG_TESTING_OPTIONS
+ if (addr && !is_broadcast_ether_addr(addr)) {
+ struct sta_info *sta;
+
+ sta = ap_get_sta(hapd, addr);
+ if (sta) {
+ sta->last_tk_alg = alg;
+ sta->last_tk_key_idx = idx;
+ if (key)
+ os_memcpy(sta->last_tk, key, key_len);
+ sta->last_tk_len = key_len;
+ }
+#ifdef CONFIG_IEEE80211W
+ } else if (alg == WPA_CIPHER_AES_128_CMAC ||
+ alg == WPA_CIPHER_BIP_GMAC_128 ||
+ alg == WPA_CIPHER_BIP_GMAC_256 ||
+ alg == WPA_CIPHER_BIP_CMAC_256) {
+ hapd->last_igtk_alg = alg;
+ hapd->last_igtk_key_idx = idx;
+ if (key)
+ os_memcpy(hapd->last_igtk, key, key_len);
+ hapd->last_igtk_len = key_len;
+#endif /* CONFIG_IEEE80211W */
+ } else {
+ hapd->last_gtk_alg = alg;
+ hapd->last_gtk_key_idx = idx;
+ if (key)
+ os_memcpy(hapd->last_gtk, key, key_len);
+ hapd->last_gtk_len = key_len;
+ }
+#endif /* CONFIG_TESTING_OPTIONS */
return hostapd_drv_set_key(ifname, hapd, alg, addr, idx, 1, NULL, 0,
key, key_len);
}