FILS: Add support for Cache Identifier in add/remove PMKSA
Add support for setting and deleting PMKSA cache entries based on FILS Cache Identifer. Also additionally add support for sending PMK as part of SET_PMKSA to enable driver to derive keys in case of FILS shared key offload using PMKSA caching. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
061a3d3d53
commit
42e69bda2a
6 changed files with 47 additions and 16 deletions
|
@ -44,7 +44,9 @@ static void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa,
|
||||||
enum pmksa_free_reason reason)
|
enum pmksa_free_reason reason)
|
||||||
{
|
{
|
||||||
wpa_sm_remove_pmkid(pmksa->sm, entry->network_ctx, entry->aa,
|
wpa_sm_remove_pmkid(pmksa->sm, entry->network_ctx, entry->aa,
|
||||||
entry->pmkid);
|
entry->pmkid,
|
||||||
|
entry->fils_cache_id_set ? entry->fils_cache_id :
|
||||||
|
NULL);
|
||||||
pmksa->pmksa_count--;
|
pmksa->pmksa_count--;
|
||||||
pmksa->free_cb(entry, pmksa->ctx, reason);
|
pmksa->free_cb(entry, pmksa->ctx, reason);
|
||||||
_pmksa_cache_free_entry(entry);
|
_pmksa_cache_free_entry(entry);
|
||||||
|
@ -263,8 +265,9 @@ pmksa_cache_add_entry(struct rsn_pmksa_cache *pmksa,
|
||||||
pmksa->pmksa_count++;
|
pmksa->pmksa_count++;
|
||||||
wpa_printf(MSG_DEBUG, "RSN: Added PMKSA cache entry for " MACSTR
|
wpa_printf(MSG_DEBUG, "RSN: Added PMKSA cache entry for " MACSTR
|
||||||
" network_ctx=%p", MAC2STR(entry->aa), entry->network_ctx);
|
" network_ctx=%p", MAC2STR(entry->aa), entry->network_ctx);
|
||||||
wpa_sm_add_pmkid(pmksa->sm, entry->network_ctx, entry->aa,
|
wpa_sm_add_pmkid(pmksa->sm, entry->network_ctx, entry->aa, entry->pmkid,
|
||||||
entry->pmkid);
|
entry->fils_cache_id_set ? entry->fils_cache_id : NULL,
|
||||||
|
entry->pmk, entry->pmk_len);
|
||||||
|
|
||||||
return entry;
|
return entry;
|
||||||
}
|
}
|
||||||
|
|
|
@ -342,7 +342,8 @@ void rsn_preauth_candidate_process(struct wpa_sm *sm)
|
||||||
/* Some drivers (e.g., NDIS) expect to get notified about the
|
/* Some drivers (e.g., NDIS) expect to get notified about the
|
||||||
* PMKIDs again, so report the existing data now. */
|
* PMKIDs again, so report the existing data now. */
|
||||||
if (p) {
|
if (p) {
|
||||||
wpa_sm_add_pmkid(sm, NULL, candidate->bssid, p->pmkid);
|
wpa_sm_add_pmkid(sm, NULL, candidate->bssid, p->pmkid,
|
||||||
|
NULL, p->pmk, p->pmk_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
dl_list_del(&candidate->list);
|
dl_list_del(&candidate->list);
|
||||||
|
|
|
@ -39,9 +39,10 @@ struct wpa_sm_ctx {
|
||||||
u8 * (*alloc_eapol)(void *ctx, u8 type, const void *data, u16 data_len,
|
u8 * (*alloc_eapol)(void *ctx, u8 type, const void *data, u16 data_len,
|
||||||
size_t *msg_len, void **data_pos);
|
size_t *msg_len, void **data_pos);
|
||||||
int (*add_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
|
int (*add_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
|
||||||
const u8 *pmkid);
|
const u8 *pmkid, const u8 *fils_cache_id,
|
||||||
|
const u8 *pmk, size_t pmk_len);
|
||||||
int (*remove_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
|
int (*remove_pmkid)(void *ctx, void *network_ctx, const u8 *bssid,
|
||||||
const u8 *pmkid);
|
const u8 *pmkid, const u8 *fils_cache_id);
|
||||||
void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob);
|
void (*set_config_blob)(void *ctx, struct wpa_config_blob *blob);
|
||||||
const struct wpa_config_blob * (*get_config_blob)(void *ctx,
|
const struct wpa_config_blob * (*get_config_blob)(void *ctx,
|
||||||
const char *name);
|
const char *name);
|
||||||
|
|
|
@ -231,17 +231,22 @@ static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, void *network_ctx,
|
static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, void *network_ctx,
|
||||||
const u8 *bssid, const u8 *pmkid)
|
const u8 *bssid, const u8 *pmkid,
|
||||||
|
const u8 *cache_id, const u8 *pmk,
|
||||||
|
size_t pmk_len)
|
||||||
{
|
{
|
||||||
WPA_ASSERT(sm->ctx->add_pmkid);
|
WPA_ASSERT(sm->ctx->add_pmkid);
|
||||||
return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid);
|
return sm->ctx->add_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid,
|
||||||
|
cache_id, pmk, pmk_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, void *network_ctx,
|
static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, void *network_ctx,
|
||||||
const u8 *bssid, const u8 *pmkid)
|
const u8 *bssid, const u8 *pmkid,
|
||||||
|
const u8 *cache_id)
|
||||||
{
|
{
|
||||||
WPA_ASSERT(sm->ctx->remove_pmkid);
|
WPA_ASSERT(sm->ctx->remove_pmkid);
|
||||||
return sm->ctx->remove_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid);
|
return sm->ctx->remove_pmkid(sm->ctx->ctx, network_ctx, bssid, pmkid,
|
||||||
|
cache_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
|
static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
|
||||||
|
|
|
@ -144,7 +144,9 @@ static int wpa_supplicant_mlme_setprotection(void *wpa_s, const u8 *addr,
|
||||||
|
|
||||||
|
|
||||||
static int wpa_supplicant_add_pmkid(void *wpa_s, void *network_ctx,
|
static int wpa_supplicant_add_pmkid(void *wpa_s, void *network_ctx,
|
||||||
const u8 *bssid, const u8 *pmkid)
|
const u8 *bssid, const u8 *pmkid,
|
||||||
|
const u8 *fils_cache_id,
|
||||||
|
const u8 *pmk, size_t pmk_len)
|
||||||
{
|
{
|
||||||
printf("%s - not implemented\n", __func__);
|
printf("%s - not implemented\n", __func__);
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -152,7 +154,8 @@ static int wpa_supplicant_add_pmkid(void *wpa_s, void *network_ctx,
|
||||||
|
|
||||||
|
|
||||||
static int wpa_supplicant_remove_pmkid(void *wpa_s, void *network_ctx,
|
static int wpa_supplicant_remove_pmkid(void *wpa_s, void *network_ctx,
|
||||||
const u8 *bssid, const u8 *pmkid)
|
const u8 *bssid, const u8 *pmkid,
|
||||||
|
const u8 *fils_cache_id)
|
||||||
{
|
{
|
||||||
printf("%s - not implemented\n", __func__);
|
printf("%s - not implemented\n", __func__);
|
||||||
return -1;
|
return -1;
|
||||||
|
|
|
@ -530,7 +530,9 @@ static struct wpa_ssid * wpas_get_network_ctx(struct wpa_supplicant *wpa_s,
|
||||||
|
|
||||||
|
|
||||||
static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx,
|
static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx,
|
||||||
const u8 *bssid, const u8 *pmkid)
|
const u8 *bssid, const u8 *pmkid,
|
||||||
|
const u8 *fils_cache_id,
|
||||||
|
const u8 *pmk, size_t pmk_len)
|
||||||
{
|
{
|
||||||
struct wpa_supplicant *wpa_s = _wpa_s;
|
struct wpa_supplicant *wpa_s = _wpa_s;
|
||||||
struct wpa_ssid *ssid;
|
struct wpa_ssid *ssid;
|
||||||
|
@ -541,15 +543,25 @@ static int wpa_supplicant_add_pmkid(void *_wpa_s, void *network_ctx,
|
||||||
if (ssid)
|
if (ssid)
|
||||||
wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_ADDED MACSTR " %d",
|
wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_ADDED MACSTR " %d",
|
||||||
MAC2STR(bssid), ssid->id);
|
MAC2STR(bssid), ssid->id);
|
||||||
|
if (ssid && fils_cache_id) {
|
||||||
|
params.ssid = ssid->ssid;
|
||||||
|
params.ssid_len = ssid->ssid_len;
|
||||||
|
params.fils_cache_id = fils_cache_id;
|
||||||
|
} else {
|
||||||
params.bssid = bssid;
|
params.bssid = bssid;
|
||||||
|
}
|
||||||
|
|
||||||
params.pmkid = pmkid;
|
params.pmkid = pmkid;
|
||||||
|
params.pmk = pmk;
|
||||||
|
params.pmk_len = pmk_len;
|
||||||
|
|
||||||
return wpa_drv_add_pmkid(wpa_s, ¶ms);
|
return wpa_drv_add_pmkid(wpa_s, ¶ms);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int wpa_supplicant_remove_pmkid(void *_wpa_s, void *network_ctx,
|
static int wpa_supplicant_remove_pmkid(void *_wpa_s, void *network_ctx,
|
||||||
const u8 *bssid, const u8 *pmkid)
|
const u8 *bssid, const u8 *pmkid,
|
||||||
|
const u8 *fils_cache_id)
|
||||||
{
|
{
|
||||||
struct wpa_supplicant *wpa_s = _wpa_s;
|
struct wpa_supplicant *wpa_s = _wpa_s;
|
||||||
struct wpa_ssid *ssid;
|
struct wpa_ssid *ssid;
|
||||||
|
@ -560,8 +572,14 @@ static int wpa_supplicant_remove_pmkid(void *_wpa_s, void *network_ctx,
|
||||||
if (ssid)
|
if (ssid)
|
||||||
wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_REMOVED MACSTR " %d",
|
wpa_msg(wpa_s, MSG_INFO, PMKSA_CACHE_REMOVED MACSTR " %d",
|
||||||
MAC2STR(bssid), ssid->id);
|
MAC2STR(bssid), ssid->id);
|
||||||
|
if (ssid && fils_cache_id) {
|
||||||
|
params.ssid = ssid->ssid;
|
||||||
|
params.ssid_len = ssid->ssid_len;
|
||||||
|
params.fils_cache_id = fils_cache_id;
|
||||||
|
} else {
|
||||||
params.bssid = bssid;
|
params.bssid = bssid;
|
||||||
|
}
|
||||||
|
|
||||||
params.pmkid = pmkid;
|
params.pmkid = pmkid;
|
||||||
|
|
||||||
return wpa_drv_remove_pmkid(wpa_s, ¶ms);
|
return wpa_drv_remove_pmkid(wpa_s, ¶ms);
|
||||||
|
|
Loading…
Reference in a new issue