jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

WNM: Fix BSS Transition Management Request processing

Browse source 
The WNM-Sleep Mode handler took over WNM Action frame processing without
addressing the previously implemented WNM handler. Fix this by moving
the BSs Transition Management processing into wnm_sta.c to share a
single handler function for WNM Action frames.

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2012-12-22 12:02:15 +02:00
parent a38fdf1c69
commit 27c77751f7
2 changed files with 37 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
wpa_supplicant/events.c
View file

@ -2283,50 +2283,6 @@ static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s,
} }
static void wnm_action_rx(struct wpa_supplicant *wpa_s, struct rx_action *rx)
{
u8 action, mode;
const u8 *pos, *end;
if (rx->data == NULL || rx->len == 0)
return;
pos = rx->data;
end = pos + rx->len;
action = *pos++;
wpa_printf(MSG_DEBUG, "WNM: RX action %u from " MACSTR,
action, MAC2STR(rx->sa));
switch (action) {
case WNM_BSS_TRANS_MGMT_REQ:
if (pos + 5 > end)
break;
wpa_printf(MSG_DEBUG, "WNM: BSS Transition Management "
"Request: dialog_token=%u request_mode=0x%x "
"disassoc_timer=%u validity_interval=%u",
pos[0], pos[1], WPA_GET_LE16(pos + 2), pos[4]);
mode = pos[1];
pos += 5;
if (mode & 0x08)
pos += 12; /* BSS Termination Duration */
if (mode & 0x10) {
char url[256];
if (pos + 1 > end || pos + 1 + pos[0] > end) {
wpa_printf(MSG_DEBUG, "WNM: Invalid BSS "
"Transition Management Request "
"(URL)");
break;
}
os_memcpy(url, pos + 1, pos[0]);
url[pos[0]] = '\0';
wpa_msg(wpa_s, MSG_INFO, "WNM: ESS Disassociation "
"Imminent - session_info_url=%s", url);
}
break;
}
}
void wpa_supplicant_event(void *ctx, enum wpa_event_type event, void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
union wpa_event_data *data) union wpa_event_data *data)
{ {
@ -2729,10 +2685,6 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
data->rx_action.freq) == 0) data->rx_action.freq) == 0)
break; break;
#endif /* CONFIG_GAS */ #endif /* CONFIG_GAS */
if (data->rx_action.category == WLAN_ACTION_WNM) {
wnm_action_rx(wpa_s, &data->rx_action);
break;
}
#ifdef CONFIG_TDLS #ifdef CONFIG_TDLS
if (data->rx_action.category == WLAN_ACTION_PUBLIC && if (data->rx_action.category == WLAN_ACTION_PUBLIC &&
data->rx_action.len >= 4 && data->rx_action.len >= 4 &&

40
wpa_supplicant/wnm_sta.c
View file

@ -296,11 +296,45 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
void ieee802_11_rx_wnm_action(struct wpa_supplicant *wpa_s, void ieee802_11_rx_wnm_action(struct wpa_supplicant *wpa_s,
struct rx_action *action) struct rx_action *action)
{ {
u8 *pos = (u8 *) action->data; /* point to action field */ const u8 *pos, *end;
u8 act = *pos++; u8 act, mode;
/* u8 dialog_token = *pos++; */
if (action->data == NULL || action->len == 0)
return;
pos = action->data;
end = pos + action->len;
act = *pos++;
wpa_printf(MSG_DEBUG, "WNM: RX action %u from " MACSTR,
act, MAC2STR(action->sa));
switch (act) { switch (act) {
case WNM_BSS_TRANS_MGMT_REQ:
if (pos + 5 > end)
break;
wpa_printf(MSG_DEBUG, "WNM: BSS Transition Management "
"Request: dialog_token=%u request_mode=0x%x "
"disassoc_timer=%u validity_interval=%u",
pos[0], pos[1], WPA_GET_LE16(pos + 2), pos[4]);
mode = pos[1];
pos += 5;
if (mode & 0x08)
pos += 12; /* BSS Termination Duration */
if (mode & 0x10) {
char url[256];
if (pos + 1 > end || pos + 1 + pos[0] > end) {
wpa_printf(MSG_DEBUG, "WNM: Invalid BSS "
"Transition Management Request "
"(URL)");
break;
}
os_memcpy(url, pos + 1, pos[0]);
url[pos[0]] = '\0';
wpa_msg(wpa_s, MSG_INFO, "WNM: ESS Disassociation "
"Imminent - session_info_url=%s", url);
}
break;
case WNM_SLEEP_MODE_RESP: case WNM_SLEEP_MODE_RESP:
ieee802_11_rx_wnmsleep_resp(wpa_s, action->data, action->len); ieee802_11_rx_wnmsleep_resp(wpa_s, action->data, action->len);
break; break;