jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

wlantest: Track TDLS setup nonces

Browse source 
Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-05-26 21:35:00 +03:00
parent e4d99217f7
commit 4ac800db82
2 changed files with 51 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
wlantest/rx_tdls.c
View file

@ -53,6 +53,12 @@ static struct wlantest_tdls * get_tdls(struct wlantest *wt, const u8 *linkid,
if (!create_new) if (!create_new)
return NULL; return NULL;
add_note(wt, MSG_DEBUG, "Add new TDLS link context: initiator " MACSTR
" responder " MACSTR " BSSID " MACSTR,
MAC2STR(linkid + ETH_ALEN),
MAC2STR(linkid + 2 * ETH_ALEN),
MAC2STR(bssid));
tdls = os_zalloc(sizeof(*tdls)); tdls = os_zalloc(sizeof(*tdls));
if (tdls == NULL) if (tdls == NULL)
return NULL; return NULL;
@ -196,6 +202,7 @@ static void rx_data_tdls_setup_request(struct wlantest *wt, const u8 *bssid,
{ {
struct ieee802_11_elems elems; struct ieee802_11_elems elems;
struct wlantest_tdls *tdls; struct wlantest_tdls *tdls;
u8 linkid[3 * ETH_ALEN];
if (len < 3) { if (len < 3) {
add_note(wt, MSG_INFO, "Too short TDLS Setup Request " MACSTR add_note(wt, MSG_INFO, "Too short TDLS Setup Request " MACSTR
@ -216,7 +223,20 @@ static void rx_data_tdls_setup_request(struct wlantest *wt, const u8 *bssid,
if (tdls) { if (tdls) {
tdls->counters[WLANTEST_TDLS_COUNTER_SETUP_REQ]++; tdls->counters[WLANTEST_TDLS_COUNTER_SETUP_REQ]++;
tdls->dialog_token = data[0]; tdls->dialog_token = data[0];
if (elems.ftie && elems.ftie_len >= sizeof(struct rsn_ftie)) {
const struct rsn_ftie *f;
f = (const struct rsn_ftie *) elems.ftie;
os_memcpy(tdls->inonce, f->snonce, WPA_NONCE_LEN);
}
} }
/* Check whether reverse direction context exists already */
os_memcpy(linkid, bssid, ETH_ALEN);
os_memcpy(linkid + ETH_ALEN, dst, ETH_ALEN);
os_memcpy(linkid + 2 * ETH_ALEN, src, ETH_ALEN);
tdls = get_tdls(wt, linkid, 0, bssid);
if (tdls)
add_note(wt, MSG_INFO, "Reverse direction TDLS context exists");
} }
@ -298,8 +318,10 @@ static void rx_data_tdls_setup_response(struct wlantest *wt, const u8 *bssid,
MAC2STR(elems.link_id + 2 * ETH_ALEN)); MAC2STR(elems.link_id + 2 * ETH_ALEN));
tdls = get_tdls(wt, elems.link_id, 1, bssid); tdls = get_tdls(wt, elems.link_id, 1, bssid);
if (!tdls) if (!tdls) {
add_note(wt, MSG_INFO, "No match TDLS context found");
return; return;
}
if (status) if (status)
tdls->counters[WLANTEST_TDLS_COUNTER_SETUP_RESP_FAIL]++; tdls->counters[WLANTEST_TDLS_COUNTER_SETUP_RESP_FAIL]++;
else else
@ -308,6 +330,16 @@ static void rx_data_tdls_setup_response(struct wlantest *wt, const u8 *bssid,
if (status != WLAN_STATUS_SUCCESS) if (status != WLAN_STATUS_SUCCESS)
return; return;
if (elems.ftie && elems.ftie_len >= sizeof(struct rsn_ftie)) {
const struct rsn_ftie *f;
f = (const struct rsn_ftie *) elems.ftie;
if (os_memcmp(tdls->inonce, f->snonce, WPA_NONCE_LEN) != 0) {
add_note(wt, MSG_INFO, "Mismatch in TDLS initiator "
"nonce");
}
os_memcpy(tdls->rnonce, f->anonce, WPA_NONCE_LEN);
}
if (tdls_derive_tpk(tdls, bssid, elems.ftie, elems.ftie_len) < 1) if (tdls_derive_tpk(tdls, bssid, elems.ftie, elems.ftie_len) < 1)
return; return;
if (tdls_verify_mic(wt, tdls, 2, &elems) == 0) { if (tdls_verify_mic(wt, tdls, 2, &elems) == 0) {
@ -401,6 +433,19 @@ static void rx_data_tdls_setup_confirm(struct wlantest *wt, const u8 *bssid,
if (status != WLAN_STATUS_SUCCESS) if (status != WLAN_STATUS_SUCCESS)
return; return;
if (elems.ftie && elems.ftie_len >= sizeof(struct rsn_ftie)) {
const struct rsn_ftie *f;
f = (const struct rsn_ftie *) elems.ftie;
if (os_memcmp(tdls->inonce, f->snonce, WPA_NONCE_LEN) != 0) {
add_note(wt, MSG_INFO, "Mismatch in TDLS initiator "
"nonce");
}
if (os_memcmp(tdls->rnonce, f->anonce, WPA_NONCE_LEN) != 0) {
add_note(wt, MSG_INFO, "Mismatch in TDLS responder "
"nonce");
}
}
tdls->link_up = 1; tdls->link_up = 1;
if (tdls_derive_tpk(tdls, bssid, elems.ftie, elems.ftie_len) < 1) { if (tdls_derive_tpk(tdls, bssid, elems.ftie, elems.ftie_len) < 1) {
if (elems.ftie == NULL) if (elems.ftie == NULL)
@ -409,7 +454,7 @@ static void rx_data_tdls_setup_confirm(struct wlantest *wt, const u8 *bssid,
} }
if (tdls_verify_mic(wt, tdls, 3, &elems) == 0) { if (tdls_verify_mic(wt, tdls, 3, &elems) == 0) {
tdls->dialog_token = data[2]; tdls->dialog_token = data[2];
add_note(wt, MSG_DEBUG, "TDLS: Dialog Token for the link: %u", add_note(wt, MSG_DEBUG, "TDLS: Link up - Dialog Token: %u",
tdls->dialog_token); tdls->dialog_token);
} }
@ -514,6 +559,8 @@ static void rx_data_tdls_teardown(struct wlantest *wt, const u8 *bssid,
tdls = get_tdls(wt, elems.link_id, 1, bssid); tdls = get_tdls(wt, elems.link_id, 1, bssid);
if (tdls) { if (tdls) {
if (tdls->link_up)
add_note(wt, MSG_DEBUG, "TDLS: Link down");
tdls->link_up = 0; tdls->link_up = 0;
tdls->counters[WLANTEST_TDLS_COUNTER_TEARDOWN]++; tdls->counters[WLANTEST_TDLS_COUNTER_TEARDOWN]++;
tdls_verify_mic_teardown(wt, tdls, 4, data, &elems); tdls_verify_mic_teardown(wt, tdls, 4, data, &elems);

2
wlantest/wlantest.h
View file

@ -106,6 +106,8 @@ struct wlantest_tdls {
u8 rsc_init[16 + 1][6]; u8 rsc_init[16 + 1][6];
u8 rsc_resp[16 + 1][6]; u8 rsc_resp[16 + 1][6];
u32 counters[NUM_WLANTEST_TDLS_COUNTER]; u32 counters[NUM_WLANTEST_TDLS_COUNTER];
u8 inonce[32];
u8 rnonce[32];
}; };
struct wlantest_bss { struct wlantest_bss {