aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2016-06-18 11:05:47 (GMT)
committerJouni Malinen <j@w1.fi>2016-06-18 12:52:54 (GMT)
commit18aca1a07dfae1ea5c7661166dfba6e6dd0111aa (patch)
tree30d449482a21c2b84808a8cc061828423a5070fd /wpa_supplicant
parentb8b499e4a47ef16c0e6e97e2994b0ef4ed931daa (diff)
downloadhostap-18aca1a07dfae1ea5c7661166dfba6e6dd0111aa.zip
hostap-18aca1a07dfae1ea5c7661166dfba6e6dd0111aa.tar.gz
hostap-18aca1a07dfae1ea5c7661166dfba6e6dd0111aa.tar.bz2
mesh: Use ieee80211w profile parameter
This is initial step in fixing issues in how PMF configuration for RSN mesh was handled. PMF is an optional capability for mesh and it needs to be configured consistently in both hostapd structures (to get proper RSNE) and key configuration (not included in this commit). Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant')
-rw-r--r--wpa_supplicant/mesh.c12
-rw-r--r--wpa_supplicant/mesh_rsn.c11
2 files changed, 19 insertions, 4 deletions
diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c
index e9b6450..aed55da 100644
--- a/wpa_supplicant/mesh.c
+++ b/wpa_supplicant/mesh.c
@@ -66,7 +66,8 @@ void wpa_supplicant_mesh_iface_deinit(struct wpa_supplicant *wpa_s,
}
-static struct mesh_conf * mesh_config_create(struct wpa_ssid *ssid)
+static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
+ struct wpa_ssid *ssid)
{
struct mesh_conf *conf;
@@ -82,6 +83,13 @@ static struct mesh_conf * mesh_config_create(struct wpa_ssid *ssid)
MESH_CONF_SEC_AMPE;
else
conf->security |= MESH_CONF_SEC_NONE;
+ conf->ieee80211w = ssid->ieee80211w;
+ if (conf->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
+ if (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)
+ conf->ieee80211w = wpa_s->conf->pmf;
+ else
+ conf->ieee80211w = NO_MGMT_FRAME_PROTECTION;
+ }
/* defaults */
conf->mesh_pp_id = MESH_PATH_PROTOCOL_HWMP;
@@ -175,7 +183,7 @@ static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s,
wpa_s->conf->dot11RSNASAERetransPeriod;
os_strlcpy(bss->conf->iface, wpa_s->ifname, sizeof(bss->conf->iface));
- mconf = mesh_config_create(ssid);
+ mconf = mesh_config_create(wpa_s, ssid);
if (!mconf)
goto out_free;
ifmsh->mconf = mconf;
diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c
index 5754f35..4dadc40 100644
--- a/wpa_supplicant/mesh_rsn.c
+++ b/wpa_supplicant/mesh_rsn.c
@@ -136,7 +136,8 @@ static int auth_start_ampe(void *ctx, const u8 *addr)
}
-static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr)
+static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
+ enum mfp_options ieee80211w)
{
struct wpa_auth_config conf;
struct wpa_auth_callbacks cb;
@@ -152,6 +153,11 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr)
conf.wpa_group = WPA_CIPHER_CCMP;
conf.eapol_version = 0;
conf.wpa_group_rekey = -1;
+#ifdef CONFIG_IEEE80211W
+ conf.ieee80211w = ieee80211w;
+ if (ieee80211w != NO_MGMT_FRAME_PROTECTION)
+ conf.group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC;
+#endif /* CONFIG_IEEE80211W */
os_memset(&cb, 0, sizeof(cb));
cb.ctx = rsn;
@@ -203,7 +209,8 @@ struct mesh_rsn *mesh_rsn_auth_init(struct wpa_supplicant *wpa_s,
return NULL;
mesh_rsn->wpa_s = wpa_s;
- if (__mesh_rsn_auth_init(mesh_rsn, wpa_s->own_addr) < 0) {
+ if (__mesh_rsn_auth_init(mesh_rsn, wpa_s->own_addr,
+ conf->ieee80211w) < 0) {
mesh_rsn_deinit(mesh_rsn);
os_free(mesh_rsn);
return NULL;