aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2005-06-26 02:58:29 (GMT)
committerJouni Malinen <j@w1.fi>2005-06-26 02:58:29 (GMT)
commit7b579f429aa2bb66cc47092049bff0fc3873b9ef (patch)
tree289fea600a01add701c89fc8d96cb4303e035ac2
parentbcdc77278e62f826df5668b1925868507f9ef140 (diff)
downloadhostap-history-7b579f429aa2bb66cc47092049bff0fc3873b9ef.zip
hostap-history-7b579f429aa2bb66cc47092049bff0fc3873b9ef.tar.gz
hostap-history-7b579f429aa2bb66cc47092049bff0fc3873b9ef.tar.bz2
Moved ap_{wpa,rsn}_ie from struct wpa_supplicant into struct wpa_sm and
the related processing from wpa_supplicant.c and events.c to wpa.c.
-rw-r--r--wpa_supplicant/events.c34
-rw-r--r--wpa_supplicant/wpa.c115
-rw-r--r--wpa_supplicant/wpa.h2
-rw-r--r--wpa_supplicant/wpa_i.h2
-rw-r--r--wpa_supplicant/wpa_supplicant.c75
-rw-r--r--wpa_supplicant/wpa_supplicant_i.h2
6 files changed, 121 insertions, 109 deletions
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 26065d7..bca58b4 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -385,7 +385,7 @@ static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s)
static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
union wpa_event_data *data)
{
- int l, len, found = 0;
+ int l, len, found = 0, wpa_found, rsn_found;
u8 *p;
wpa_printf(MSG_DEBUG, "Association info event");
@@ -421,18 +421,12 @@ static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
/* WPA/RSN IE from Beacon/ProbeResp */
- free(wpa_s->ap_wpa_ie);
- wpa_s->ap_wpa_ie = NULL;
- wpa_s->ap_wpa_ie_len = 0;
- free(wpa_s->ap_rsn_ie);
- wpa_s->ap_rsn_ie = NULL;
- wpa_s->ap_rsn_ie_len = 0;
-
p = data->assoc_info.beacon_ies;
l = data->assoc_info.beacon_ies_len;
/* Go through the IEs and make a copy of the WPA/RSN IEs, if present.
*/
+ wpa_found = rsn_found = 0;
while (l >= 2) {
len = p[1] + 2;
if (len > l) {
@@ -440,29 +434,27 @@ static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
p, l);
break;
}
- if (wpa_s->ap_wpa_ie == NULL &&
+ if (!wpa_found &&
p[0] == GENERIC_INFO_ELEM && p[1] >= 6 &&
memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) {
- wpa_s->ap_wpa_ie = malloc(len);
- if (wpa_s->ap_wpa_ie) {
- memcpy(wpa_s->ap_wpa_ie, p, len);
- wpa_s->ap_wpa_ie_len = len;
- }
+ wpa_found = 1;
+ wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len);
}
- if (wpa_s->ap_rsn_ie == NULL &&
+ if (!rsn_found &&
p[0] == RSN_INFO_ELEM && p[1] >= 2) {
- wpa_s->ap_rsn_ie = malloc(len);
- if (wpa_s->ap_rsn_ie) {
- memcpy(wpa_s->ap_rsn_ie, p, len);
- wpa_s->ap_rsn_ie_len = len;
- }
-
+ rsn_found = 1;
+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len);
}
l -= len;
p += len;
}
+
+ if (!wpa_found && data->assoc_info.beacon_ies)
+ wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
+ if (!rsn_found && data->assoc_info.beacon_ies)
+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
}
diff --git a/wpa_supplicant/wpa.c b/wpa_supplicant/wpa.c
index a7c175b..1bf663f 100644
--- a/wpa_supplicant/wpa.c
+++ b/wpa_supplicant/wpa.c
@@ -1361,20 +1361,20 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
}
-static void wpa_report_ie_mismatch(struct wpa_supplicant *wpa_s,
+static void wpa_report_ie_mismatch(struct wpa_sm *sm,
const char *reason, const u8 *src_addr,
const u8 *wpa_ie, size_t wpa_ie_len,
const u8 *rsn_ie, size_t rsn_ie_len)
{
- wpa_msg(wpa_s, MSG_WARNING, "WPA: %s (src=" MACSTR ")",
+ wpa_msg(sm->ctx, MSG_WARNING, "WPA: %s (src=" MACSTR ")",
reason, MAC2STR(src_addr));
- if (wpa_s->ap_wpa_ie) {
+ if (sm->ap_wpa_ie) {
wpa_hexdump(MSG_INFO, "WPA: WPA IE in Beacon/ProbeResp",
- wpa_s->ap_wpa_ie, wpa_s->ap_wpa_ie_len);
+ sm->ap_wpa_ie, sm->ap_wpa_ie_len);
}
if (wpa_ie) {
- if (!wpa_s->ap_wpa_ie) {
+ if (!sm->ap_wpa_ie) {
wpa_printf(MSG_INFO, "WPA: No WPA IE in "
"Beacon/ProbeResp");
}
@@ -1382,12 +1382,12 @@ static void wpa_report_ie_mismatch(struct wpa_supplicant *wpa_s,
wpa_ie, wpa_ie_len);
}
- if (wpa_s->ap_rsn_ie) {
+ if (sm->ap_rsn_ie) {
wpa_hexdump(MSG_INFO, "WPA: RSN IE in Beacon/ProbeResp",
- wpa_s->ap_rsn_ie, wpa_s->ap_rsn_ie_len);
+ sm->ap_rsn_ie, sm->ap_rsn_ie_len);
}
if (rsn_ie) {
- if (!wpa_s->ap_rsn_ie) {
+ if (!sm->ap_rsn_ie) {
wpa_printf(MSG_INFO, "WPA: No RSN IE in "
"Beacon/ProbeResp");
}
@@ -1395,8 +1395,8 @@ static void wpa_report_ie_mismatch(struct wpa_supplicant *wpa_s,
rsn_ie, rsn_ie_len);
}
- wpa_supplicant_disassociate(wpa_s, REASON_IE_IN_4WAY_DIFFERS);
- wpa_supplicant_req_scan(wpa_s, 0, 0);
+ wpa_supplicant_disassociate(sm->ctx, REASON_IE_IN_4WAY_DIFFERS);
+ wpa_supplicant_req_scan(sm->ctx, 0, 0);
}
@@ -1404,13 +1404,12 @@ static int wpa_supplicant_validate_ie(struct wpa_sm *sm,
const unsigned char *src_addr,
struct wpa_eapol_ie_parse *ie)
{
- struct wpa_supplicant *wpa_s = sm->ctx;
struct wpa_ssid *ssid = sm->cur_ssid;
- if (wpa_s->ap_wpa_ie == NULL && wpa_s->ap_rsn_ie == NULL) {
+ if (sm->ap_wpa_ie == NULL && sm->ap_rsn_ie == NULL) {
wpa_printf(MSG_DEBUG, "WPA: No WPA/RSN IE for this AP known. "
"Trying to get from scan results");
- if (wpa_supplicant_get_beacon_ie(wpa_s) < 0) {
+ if (wpa_supplicant_get_beacon_ie(sm->ctx) < 0) {
wpa_printf(MSG_WARNING, "WPA: Could not find AP from "
"the scan results");
} else {
@@ -1419,13 +1418,13 @@ static int wpa_supplicant_validate_ie(struct wpa_sm *sm,
}
}
- if ((ie->wpa_ie && wpa_s->ap_wpa_ie &&
- (ie->wpa_ie_len != wpa_s->ap_wpa_ie_len ||
- memcmp(ie->wpa_ie, wpa_s->ap_wpa_ie, ie->wpa_ie_len) != 0)) ||
- (ie->rsn_ie && wpa_s->ap_rsn_ie &&
- (ie->rsn_ie_len != wpa_s->ap_rsn_ie_len ||
- memcmp(ie->rsn_ie, wpa_s->ap_rsn_ie, ie->rsn_ie_len) != 0))) {
- wpa_report_ie_mismatch(wpa_s, "IE in 3/4 msg does not match "
+ if ((ie->wpa_ie && sm->ap_wpa_ie &&
+ (ie->wpa_ie_len != sm->ap_wpa_ie_len ||
+ memcmp(ie->wpa_ie, sm->ap_wpa_ie, ie->wpa_ie_len) != 0)) ||
+ (ie->rsn_ie && sm->ap_rsn_ie &&
+ (ie->rsn_ie_len != sm->ap_rsn_ie_len ||
+ memcmp(ie->rsn_ie, sm->ap_rsn_ie, ie->rsn_ie_len) != 0))) {
+ wpa_report_ie_mismatch(sm, "IE in 3/4 msg does not match "
"with IE in Beacon/ProbeResp",
src_addr, ie->wpa_ie, ie->wpa_ie_len,
ie->rsn_ie, ie->rsn_ie_len);
@@ -1433,9 +1432,9 @@ static int wpa_supplicant_validate_ie(struct wpa_sm *sm,
}
if (sm->proto == WPA_PROTO_WPA &&
- ie->rsn_ie && wpa_s->ap_rsn_ie == NULL &&
+ ie->rsn_ie && sm->ap_rsn_ie == NULL &&
ssid && (ssid->proto & WPA_PROTO_RSN)) {
- wpa_report_ie_mismatch(wpa_s, "Possible downgrade attack "
+ wpa_report_ie_mismatch(sm, "Possible downgrade attack "
"detected - RSN was enabled and RSN IE "
"was in msg 3/4, but not in "
"Beacon/ProbeResp",
@@ -2191,6 +2190,8 @@ void wpa_sm_deinit(struct wpa_sm *sm)
{
eloop_cancel_timeout(wpa_sm_start_preauth, sm, 0);
free(sm->assoc_wpa_ie);
+ free(sm->ap_wpa_ie);
+ free(sm->ap_rsn_ie);
free(sm);
}
@@ -2523,7 +2524,7 @@ int wpa_sm_set_assoc_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
return -1;
free(sm->assoc_wpa_ie);
- if (ie == NULL) {
+ if (ie == NULL || len == 0) {
wpa_printf(MSG_DEBUG, "WPA: clearing own WPA/RSN IE");
sm->assoc_wpa_ie = NULL;
sm->assoc_wpa_ie_len = 0;
@@ -2542,6 +2543,74 @@ int wpa_sm_set_assoc_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
/**
+ * wpa_sm_set_ap_wpa_ie - Set AP WPA IE from Beacon/ProbeResp
+ * @sm: Pointer to WPA state machine data from wpa_sm_init()
+ * @ie: Pointer to IE data (starting from id)
+ * @len: IE length
+ * Returns: 0 on success, -1 on failure
+ *
+ * Inform WPA state machine about the WPA IE used in Beacon / Probe Response
+ * frame.
+ */
+int wpa_sm_set_ap_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
+{
+ if (sm == NULL)
+ return -1;
+
+ free(sm->ap_wpa_ie);
+ if (ie == NULL || len == 0) {
+ wpa_printf(MSG_DEBUG, "WPA: clearing AP WPA IE");
+ sm->ap_wpa_ie = NULL;
+ sm->ap_wpa_ie_len = 0;
+ } else {
+ wpa_hexdump(MSG_DEBUG, "WPA: set AP WPA IE", ie, len);
+ sm->ap_wpa_ie = malloc(len);
+ if (sm->ap_wpa_ie == NULL)
+ return -1;
+
+ memcpy(sm->ap_wpa_ie, ie, len);
+ sm->ap_wpa_ie_len = len;
+ }
+
+ return 0;
+}
+
+
+/**
+ * wpa_sm_set_ap_rsn_ie - Set AP RSN IE from Beacon/ProbeResp
+ * @sm: Pointer to WPA state machine data from wpa_sm_init()
+ * @ie: Pointer to IE data (starting from id)
+ * @len: IE length
+ * Returns: 0 on success, -1 on failure
+ *
+ * Inform WPA state machine about the RSN IE used in Beacon / Probe Response
+ * frame.
+ */
+int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len)
+{
+ if (sm == NULL)
+ return -1;
+
+ free(sm->ap_rsn_ie);
+ if (ie == NULL || len == 0) {
+ wpa_printf(MSG_DEBUG, "WPA: clearing AP RSN IE");
+ sm->ap_rsn_ie = NULL;
+ sm->ap_rsn_ie_len = 0;
+ } else {
+ wpa_hexdump(MSG_DEBUG, "WPA: set AP RSN IE", ie, len);
+ sm->ap_rsn_ie = malloc(len);
+ if (sm->ap_rsn_ie == NULL)
+ return -1;
+
+ memcpy(sm->ap_rsn_ie, ie, len);
+ sm->ap_rsn_ie_len = len;
+ }
+
+ return 0;
+}
+
+
+/**
* wpa_sm_parse_own_wpa_ie - Parse own WPA/RSN IE
* @sm: Pointer to WPA state machine data from wpa_sm_init()
* @data: Pointer to data area for parsing results
diff --git a/wpa_supplicant/wpa.h b/wpa_supplicant/wpa.h
index 70f45c1..666b528 100644
--- a/wpa_supplicant/wpa.h
+++ b/wpa_supplicant/wpa.h
@@ -147,6 +147,8 @@ void wpa_sm_set_eapol(struct wpa_sm *sm, struct eapol_sm *eapol);
int wpa_sm_set_assoc_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len);
int wpa_sm_set_assoc_wpa_ie_default(struct wpa_sm *sm, u8 *wpa_ie,
size_t *wpa_ie_len);
+int wpa_sm_set_ap_wpa_ie(struct wpa_sm *sm, const u8 *ie, size_t len);
+int wpa_sm_set_ap_rsn_ie(struct wpa_sm *sm, const u8 *ie, size_t len);
int wpa_sm_get_mib(struct wpa_sm *sm, char *buf, size_t buflen);
enum wpa_sm_conf_params {
diff --git a/wpa_supplicant/wpa_i.h b/wpa_supplicant/wpa_i.h
index cf208f1..3a4581a 100644
--- a/wpa_supplicant/wpa_i.h
+++ b/wpa_supplicant/wpa_i.h
@@ -98,6 +98,8 @@ struct wpa_sm {
u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */
size_t assoc_wpa_ie_len;
+ u8 *ap_wpa_ie, *ap_rsn_ie;
+ size_t ap_wpa_ie_len, ap_rsn_ie_len;
};
#endif /* WPA_I_H */
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 325f698..c8486c3 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -540,12 +540,8 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
else
wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
- free(wpa_s->ap_wpa_ie);
- wpa_s->ap_wpa_ie = NULL;
- wpa_s->ap_wpa_ie_len = 0;
- free(wpa_s->ap_rsn_ie);
- wpa_s->ap_rsn_ie = NULL;
- wpa_s->ap_rsn_ie_len = 0;
+ wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
wpa_s->group_cipher = WPA_CIPHER_NONE;
@@ -586,11 +582,6 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
wpa_s->conf = NULL;
}
- free(wpa_s->ap_wpa_ie);
- wpa_s->ap_wpa_ie = NULL;
- free(wpa_s->ap_rsn_ie);
- wpa_s->ap_rsn_ie = NULL;
-
free(wpa_s->confname);
wpa_s->confname = NULL;
@@ -961,31 +952,11 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
- free(wpa_s->ap_wpa_ie);
- wpa_s->ap_wpa_ie = NULL;
- wpa_s->ap_wpa_ie_len = 0;
- if (bss && bss->wpa_ie_len) {
- wpa_s->ap_wpa_ie = malloc(bss->wpa_ie_len);
- if (wpa_s->ap_wpa_ie == NULL) {
- wpa_printf(MSG_INFO, "WPA: malloc failed");
- return -1;
- }
- memcpy(wpa_s->ap_wpa_ie, bss->wpa_ie, bss->wpa_ie_len);
- wpa_s->ap_wpa_ie_len = bss->wpa_ie_len;
- }
-
- free(wpa_s->ap_rsn_ie);
- wpa_s->ap_rsn_ie = NULL;
- wpa_s->ap_rsn_ie_len = 0;
- if (bss && bss->rsn_ie_len) {
- wpa_s->ap_rsn_ie = malloc(bss->rsn_ie_len);
- if (wpa_s->ap_rsn_ie == NULL) {
- wpa_printf(MSG_INFO, "WPA: malloc failed");
- return -1;
- }
- memcpy(wpa_s->ap_rsn_ie, bss->rsn_ie, bss->rsn_ie_len);
- wpa_s->ap_rsn_ie_len = bss->rsn_ie_len;
- }
+ if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss ? bss->wpa_ie : NULL,
+ bss->wpa_ie_len) ||
+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss ? bss->rsn_ie : NULL,
+ bss->rsn_ie_len))
+ return -1;
sel = ie.group_cipher & ssid->group_cipher;
if (sel & WPA_CIPHER_CCMP) {
@@ -1332,33 +1303,11 @@ static int wpa_get_beacon_ie(struct wpa_supplicant *wpa_s)
}
if (curr) {
- free(wpa_s->ap_wpa_ie);
- wpa_s->ap_wpa_ie_len = curr->wpa_ie_len;
- if (curr->wpa_ie_len) {
- wpa_s->ap_wpa_ie = malloc(wpa_s->ap_wpa_ie_len);
- if (wpa_s->ap_wpa_ie) {
- memcpy(wpa_s->ap_wpa_ie, curr->wpa_ie,
- curr->wpa_ie_len);
- } else {
- ret = -1;
- }
- } else {
- wpa_s->ap_wpa_ie = NULL;
- }
-
- free(wpa_s->ap_rsn_ie);
- wpa_s->ap_rsn_ie_len = curr->rsn_ie_len;
- if (curr->rsn_ie_len) {
- wpa_s->ap_rsn_ie = malloc(wpa_s->ap_rsn_ie_len);
- if (wpa_s->ap_rsn_ie) {
- memcpy(wpa_s->ap_rsn_ie, curr->rsn_ie,
- curr->rsn_ie_len);
- } else {
- ret = -1;
- }
- } else {
- wpa_s->ap_rsn_ie = NULL;
- }
+ if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, curr->wpa_ie,
+ curr->wpa_ie_len) ||
+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, curr->rsn_ie,
+ curr->rsn_ie_len))
+ ret = -1;
} else {
ret = -1;
}
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index 9490781..a89d100 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -58,8 +58,6 @@ struct wpa_supplicant {
int disconnected; /* all connections disabled; i.e., do no reassociate
* before this has been cleared */
struct wpa_ssid *current_ssid;
- u8 *ap_wpa_ie, *ap_rsn_ie;
- size_t ap_wpa_ie_len, ap_rsn_ie_len;
/* Selected configuration (based on Beacon/ProbeResp WPA IE) */
int pairwise_cipher;