aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/wnm_sta.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2012-12-22 10:02:15 (GMT)
committerJouni Malinen <j@w1.fi>2012-12-22 10:02:15 (GMT)
commit27c77751f76348141b3b1ba1ce4771076df44437 (patch)
treea0545aa2390eb99523baebc829926842c159b22b /wpa_supplicant/wnm_sta.c
parenta38fdf1c696ff9e68b1151ba36c8e35eae277f5f (diff)
downloadhostap-27c77751f76348141b3b1ba1ce4771076df44437.zip
hostap-27c77751f76348141b3b1ba1ce4771076df44437.tar.gz
hostap-27c77751f76348141b3b1ba1ce4771076df44437.tar.bz2
WNM: Fix BSS Transition Management Request processing
The WNM-Sleep Mode handler took over WNM Action frame processing without addressing the previously implemented WNM handler. Fix this by moving the BSs Transition Management processing into wnm_sta.c to share a single handler function for WNM Action frames. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/wnm_sta.c')
-rw-r--r--wpa_supplicant/wnm_sta.c40
1 files changed, 37 insertions, 3 deletions
diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
index 315722b..45c0aa8 100644
--- a/wpa_supplicant/wnm_sta.c
+++ b/wpa_supplicant/wnm_sta.c
@@ -296,11 +296,45 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
void ieee802_11_rx_wnm_action(struct wpa_supplicant *wpa_s,
struct rx_action *action)
{
- u8 *pos = (u8 *) action->data; /* point to action field */
- u8 act = *pos++;
- /* u8 dialog_token = *pos++; */
+ const u8 *pos, *end;
+ u8 act, mode;
+
+ if (action->data == NULL || action->len == 0)
+ return;
+
+ pos = action->data;
+ end = pos + action->len;
+ act = *pos++;
+
+ wpa_printf(MSG_DEBUG, "WNM: RX action %u from " MACSTR,
+ act, MAC2STR(action->sa));
switch (act) {
+ case WNM_BSS_TRANS_MGMT_REQ:
+ if (pos + 5 > end)
+ break;
+ wpa_printf(MSG_DEBUG, "WNM: BSS Transition Management "
+ "Request: dialog_token=%u request_mode=0x%x "
+ "disassoc_timer=%u validity_interval=%u",
+ pos[0], pos[1], WPA_GET_LE16(pos + 2), pos[4]);
+ mode = pos[1];
+ pos += 5;
+ if (mode & 0x08)
+ pos += 12; /* BSS Termination Duration */
+ if (mode & 0x10) {
+ char url[256];
+ if (pos + 1 > end || pos + 1 + pos[0] > end) {
+ wpa_printf(MSG_DEBUG, "WNM: Invalid BSS "
+ "Transition Management Request "
+ "(URL)");
+ break;
+ }
+ os_memcpy(url, pos + 1, pos[0]);
+ url[pos[0]] = '\0';
+ wpa_msg(wpa_s, MSG_INFO, "WNM: ESS Disassociation "
+ "Imminent - session_info_url=%s", url);
+ }
+ break;
case WNM_SLEEP_MODE_RESP:
ieee802_11_rx_wnmsleep_resp(wpa_s, action->data, action->len);
break;