aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/ieee802_11.c
diff options
context:
space:
mode:
authorMasashi Honma <masashi.honma@gmail.com>2014-11-25 02:04:41 (GMT)
committerJouni Malinen <j@w1.fi>2014-11-25 14:08:53 (GMT)
commita959a3b69dd2b341736e736cf4ff76e8d4a69cc2 (patch)
tree1d8f0874a3158017773d9d32fa84a5ec6ea9f5e8 /src/ap/ieee802_11.c
parent872b754512411333387cc5d1d413b098f4aecb02 (diff)
downloadhostap-a959a3b69dd2b341736e736cf4ff76e8d4a69cc2.zip
hostap-a959a3b69dd2b341736e736cf4ff76e8d4a69cc2.tar.gz
hostap-a959a3b69dd2b341736e736cf4ff76e8d4a69cc2.tar.bz2
SAE: Fix Anti-Clogging Token request frame format
This commit inserts Finite Cyclic Group to Anti-Clogging Token request frame because IEEE Std 802.11-2012, Table 8-29 says "Finite Cyclic Group is present if Status is zero or 76". Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Diffstat (limited to 'src/ap/ieee802_11.c')
-rw-r--r--src/ap/ieee802_11.c33
1 files changed, 26 insertions, 7 deletions
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 1d0fa51..1dbd996 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -449,7 +449,7 @@ static int check_sae_token(struct hostapd_data *hapd, const u8 *addr,
static struct wpabuf * auth_build_token_req(struct hostapd_data *hapd,
- const u8 *addr)
+ int group, const u8 *addr)
{
struct wpabuf *buf;
u8 *token;
@@ -466,10 +466,12 @@ static struct wpabuf * auth_build_token_req(struct hostapd_data *hapd,
hapd->last_sae_token_key_update = now;
}
- buf = wpabuf_alloc(SHA256_MAC_LEN);
+ buf = wpabuf_alloc(sizeof(le16) + SHA256_MAC_LEN);
if (buf == NULL)
return NULL;
+ wpabuf_put_le16(buf, group); /* Finite Cyclic Group */
+
token = wpabuf_put(buf, SHA256_MAC_LEN);
hmac_sha256(hapd->sae_token_key, sizeof(hapd->sae_token_key),
addr, ETH_ALEN, token);
@@ -630,7 +632,7 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
}
if (auth_transaction == 1) {
- const u8 *token = NULL;
+ const u8 *token = NULL, *pos, *end;
size_t token_len = 0;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG,
@@ -639,11 +641,27 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
if ((hapd->conf->mesh & MESH_ENABLED) &&
mgmt->u.auth.status_code ==
WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ && sta->sae->tmp) {
+ pos = mgmt->u.auth.variable;
+ end = ((const u8 *) mgmt) + len;
+ if (pos + sizeof(le16) > end) {
+ wpa_printf(MSG_ERROR,
+ "SAE: Too short anti-clogging token request");
+ resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
+ goto reply;
+ }
+ resp = sae_group_allowed(sta->sae,
+ hapd->conf->sae_groups,
+ WPA_GET_LE16(pos));
+ if (resp != WLAN_STATUS_SUCCESS) {
+ wpa_printf(MSG_ERROR,
+ "SAE: Invalid group in anti-clogging token request");
+ goto reply;
+ }
+ pos += sizeof(le16);
+
wpabuf_free(sta->sae->tmp->anti_clogging_token);
sta->sae->tmp->anti_clogging_token =
- wpabuf_alloc_copy(mgmt->u.auth.variable,
- ((const u8 *) mgmt) + len -
- mgmt->u.auth.variable);
+ wpabuf_alloc_copy(pos, end - pos);
if (sta->sae->tmp->anti_clogging_token == NULL) {
wpa_printf(MSG_ERROR,
"SAE: Failed to alloc for anti-clogging token");
@@ -685,7 +703,8 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
wpa_printf(MSG_DEBUG,
"SAE: Request anti-clogging token from "
MACSTR, MAC2STR(sta->addr));
- data = auth_build_token_req(hapd, sta->addr);
+ data = auth_build_token_req(hapd, sta->sae->group,
+ sta->addr);
resp = WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ;
if (hapd->conf->mesh & MESH_ENABLED)
sta->sae->state = SAE_NOTHING;