aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2013-05-05 13:29:21 (GMT)
committerJouni Malinen <j@w1.fi>2013-05-05 13:29:21 (GMT)
commit55a2df4389cf5b712ac4c96ee0fb0a153b97da7f (patch)
tree56b737123573f5ee314809646854095fb046655c /wpa_supplicant
parentad0685e901e0a4610128ce173fe737c4390af15c (diff)
downloadhostap-55a2df4389cf5b712ac4c96ee0fb0a153b97da7f.zip
hostap-55a2df4389cf5b712ac4c96ee0fb0a153b97da7f.tar.gz
hostap-55a2df4389cf5b712ac4c96ee0fb0a153b97da7f.tar.bz2
HS 2.0: Include HS 2.0 Indication element only for HS 2.0 association
The Hotspot 2.0 specification seems to mandate this element to be included in all (Re)Association Request frames if the station is Hotspot 2.0 capable. However, that results in conflicts with other requirements like no TKIP use when this element is present. The design is really supposed to include the indication element only for Hotspot 2.0 associations regardless of what the current specification implies. Remove the HS 2.0 Indication element from (Re)Association Request frame whenever the connection is not for Hotspot 2.0 purposes. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant')
-rw-r--r--wpa_supplicant/hs20_supplicant.c29
-rw-r--r--wpa_supplicant/hs20_supplicant.h2
-rw-r--r--wpa_supplicant/sme.c2
-rw-r--r--wpa_supplicant/wpa_supplicant.c2
4 files changed, 33 insertions, 2 deletions
diff --git a/wpa_supplicant/hs20_supplicant.c b/wpa_supplicant/hs20_supplicant.c
index 1404241..4048cf7 100644
--- a/wpa_supplicant/hs20_supplicant.c
+++ b/wpa_supplicant/hs20_supplicant.c
@@ -33,6 +33,35 @@ void wpas_hs20_add_indication(struct wpabuf *buf)
}
+int is_hs20_network(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
+ struct wpa_bss *bss)
+{
+ if (!wpa_s->conf->hs20 || !ssid)
+ return 0;
+
+ if (ssid->parent_cred)
+ return 1;
+
+ if (bss && !wpa_bss_get_vendor_ie(bss, HS20_IE_VENDOR_TYPE))
+ return 0;
+
+ /*
+ * This may catch some non-Hotspot 2.0 cases, but it is safer to do that
+ * than cause Hotspot 2.0 connections without indication element getting
+ * added. Non-Hotspot 2.0 APs should ignore the unknown vendor element.
+ */
+
+ if (!(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X))
+ return 0;
+ if (!(ssid->pairwise_cipher & WPA_CIPHER_CCMP))
+ return 0;
+ if (ssid->proto != WPA_PROTO_RSN)
+ return 0;
+
+ return 1;
+}
+
+
struct wpabuf * hs20_build_anqp_req(u32 stypes, const u8 *payload,
size_t payload_len)
{
diff --git a/wpa_supplicant/hs20_supplicant.h b/wpa_supplicant/hs20_supplicant.h
index 6eb3926..1c8481b 100644
--- a/wpa_supplicant/hs20_supplicant.h
+++ b/wpa_supplicant/hs20_supplicant.h
@@ -16,5 +16,7 @@ struct wpabuf * hs20_build_anqp_req(u32 stypes, const u8 *payload,
size_t payload_len);
void hs20_parse_rx_hs20_anqp_resp(struct wpa_supplicant *wpa_s,
const u8 *sa, const u8 *data, size_t slen);
+int is_hs20_network(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
+ struct wpa_bss *bss);
#endif /* HS20_SUPPLICANT_H */
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 982e124..0371628 100644
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -353,7 +353,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
#endif /* CONFIG_P2P */
#ifdef CONFIG_HS20
- if (wpa_s->conf->hs20) {
+ if (is_hs20_network(wpa_s, ssid, bss)) {
struct wpabuf *hs20;
hs20 = wpabuf_alloc(20);
if (hs20) {
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 869fe3f..5d50515 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1466,7 +1466,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
#endif /* CONFIG_P2P */
#ifdef CONFIG_HS20
- if (wpa_s->conf->hs20) {
+ if (is_hs20_network(wpa_s, ssid, bss)) {
struct wpabuf *hs20;
hs20 = wpabuf_alloc(20);
if (hs20) {