aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/mesh_rsn.c
diff options
context:
space:
mode:
authorMasashi Honma <masashi.honma@gmail.com>2017-01-02 10:32:07 (GMT)
committerJouni Malinen <j@w1.fi>2017-01-14 16:07:46 (GMT)
commit4d77d80edd357cf0dcc932e2c81641c2ed6e9129 (patch)
tree807568497ffc10ff899d98c1206dcd508a5bf334 /wpa_supplicant/mesh_rsn.c
parent117875db331f3c858fbfe23e0db415dd9fcb2a6d (diff)
downloadhostap-4d77d80edd357cf0dcc932e2c81641c2ed6e9129.zip
hostap-4d77d80edd357cf0dcc932e2c81641c2ed6e9129.tar.gz
hostap-4d77d80edd357cf0dcc932e2c81641c2ed6e9129.tar.bz2
mesh: Add MESH_PMKSA_GET/ADD commands
These commnds are mesh version of PMKSA_GET/ADD commands. So the usage and security risk is similar to them. Refer to commit 3459381dd260e15e7bf768a75cb0b799cc1db33a ('External persistent storage for PMKSA cache entries') also. The MESH_PMKSA_GET command requires peer MAC address or "any" as an argument and outputs appropriate stored PMKSA cache. And the MESH_PMKSA_ADD command receives an output of MESH_PMKSA_GET and re-store the PMKSA cache into wpa_supplicant. By using re-stored PMKSA cache, wpa_supplicant can skip commit message creation which can use significant CPU resources. The output of the MESH_PMKSA_GET command uses the following format: <BSSID> <PMKID> <PMK> <expiration in seconds> The example of MESH_PMKSA_ADD command is this. MESH_PMKSA_ADD 02:00:00:00:03:00 231dc1c9fa2eed0354ea49e8ff2cc2dc cb0f6c9cab358a8146488566ca155421ab4f3ea4a6de2120050c149b797018fe 42930 MESH_PMKSA_ADD 02:00:00:00:04:00 d7e595916611640d3e4e8eac02909c3c eb414a33c74831275f25c2357b3c12e3d8bd2f2aab6cf781d6ade706be71321a 43180 This functionality is disabled by default and can be enabled with CONFIG_PMKSA_CACHE_EXTERNAL=y build configuration option. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Diffstat (limited to 'wpa_supplicant/mesh_rsn.c')
-rw-r--r--wpa_supplicant/mesh_rsn.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c
index b1cf138..065fa08 100644
--- a/wpa_supplicant/mesh_rsn.c
+++ b/wpa_supplicant/mesh_rsn.c
@@ -224,6 +224,9 @@ struct mesh_rsn *mesh_rsn_auth_init(struct wpa_supplicant *wpa_s,
struct hostapd_data *bss = wpa_s->ifmsh->bss[0];
const u8 *ie;
size_t ie_len;
+#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
+ struct external_pmksa_cache *entry;
+#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
mesh_rsn = os_zalloc(sizeof(*mesh_rsn));
if (mesh_rsn == NULL)
@@ -242,6 +245,22 @@ struct mesh_rsn *mesh_rsn_auth_init(struct wpa_supplicant *wpa_s,
bss->wpa_auth = mesh_rsn->auth;
+#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
+ while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
+ struct external_pmksa_cache,
+ list)) != NULL) {
+ int ret;
+
+ ret = wpa_auth_pmksa_add_entry(bss->wpa_auth,
+ entry->pmksa_cache);
+ dl_list_del(&entry->list);
+ os_free(entry);
+
+ if (ret < 0)
+ return NULL;
+ }
+#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
+
ie = wpa_auth_get_wpa_ie(mesh_rsn->auth, &ie_len);
conf->rsn_ie = (u8 *) ie;
conf->rsn_ie_len = ie_len;