From 5cee22ca472f1be010f6df5a5acbb27a3d9aead4 Mon Sep 17 00:00:00 2001 From: Jeffin Mammen Date: Fri, 21 Apr 2017 18:42:00 +0300 Subject: [PATCH] FILS: Make handle_auth_fils() re-usable for driver-based AP SME Allow this function to be called from outside ieee802_11.c and with the final steps replaced through a callback function. Signed-off-by: Jouni Malinen --- src/ap/ieee802_11.c | 63 +++++++++++++++++++++++++++++---------------- src/ap/ieee802_11.h | 6 +++++ src/ap/sta_info.h | 5 ++-- 3 files changed, 50 insertions(+), 24 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 931abe735..fe8ae903f 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -1019,13 +1019,14 @@ static u16 wpa_res_to_status_code(int res) static void handle_auth_fils_finish(struct hostapd_data *hapd, struct sta_info *sta, u16 resp, - struct rsn_pmksa_cache_entry *pmksa, - struct wpabuf *erp_resp, - const u8 *msk, size_t msk_len); + struct wpabuf *data, int pub); -static void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta, - const u8 *pos, size_t len, u16 auth_alg, - u16 auth_transaction, u16 status_code) +void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *pos, size_t len, u16 auth_alg, + u16 auth_transaction, u16 status_code, + void (*cb)(struct hostapd_data *hapd, + struct sta_info *sta, u16 resp, + struct wpabuf *data, int pub)) { u16 resp = WLAN_STATUS_SUCCESS; const u8 *end; @@ -1217,6 +1218,7 @@ static void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta, ieee802_1x_encapsulate_radius( hapd, sta, elems.fils_wrapped_data, elems.fils_wrapped_data_len); + sta->fils_pending_cb = cb; wpa_printf(MSG_DEBUG, "FILS: Will send Authentication frame once the response from authentication server is available"); sta->flags |= WLAN_STA_PENDING_FILS_ERP; @@ -1229,7 +1231,20 @@ static void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta, } fail: - handle_auth_fils_finish(hapd, sta, resp, pmksa, NULL, NULL, 0); + if (cb) { + struct wpabuf *data; + int pub = 0; + + data = prepare_auth_resp_fils(hapd, sta, &resp, pmksa, NULL, + NULL, 0, &pub); + if (!data) { + wpa_printf(MSG_DEBUG, + "%s: prepare_auth_resp_fils() returned failure", + __func__); + } + + cb(hapd, sta, resp, data, pub); + } } @@ -1404,19 +1419,9 @@ fail: static void handle_auth_fils_finish(struct hostapd_data *hapd, struct sta_info *sta, u16 resp, - struct rsn_pmksa_cache_entry *pmksa, - struct wpabuf *erp_resp, - const u8 *msk, size_t msk_len) + struct wpabuf *data, int pub) { - struct wpabuf *data; u16 auth_alg; - int pub = 0; - - data = prepare_auth_resp_fils(hapd, sta, &resp, pmksa, erp_resp, - msk, msk_len, &pub); - if (!data) - wpa_printf(MSG_DEBUG, "%s: prepare_auth_resp returned failure", - __func__); auth_alg = (pub || resp == WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) ? @@ -1443,10 +1448,23 @@ void ieee802_11_finish_fils_auth(struct hostapd_data *hapd, struct wpabuf *erp_resp, const u8 *msk, size_t msk_len) { + struct wpabuf *data; + int pub = 0; + u16 resp; + sta->flags &= ~WLAN_STA_PENDING_FILS_ERP; - handle_auth_fils_finish(hapd, sta, success ? WLAN_STATUS_SUCCESS : - WLAN_STATUS_UNSPECIFIED_FAILURE, NULL, - erp_resp, msk, msk_len); + + if (!sta->fils_pending_cb) + return; + resp = success ? WLAN_STATUS_SUCCESS : WLAN_STATUS_UNSPECIFIED_FAILURE; + data = prepare_auth_resp_fils(hapd, sta, &resp, NULL, erp_resp, + msk, msk_len, &pub); + if (!data) { + wpa_printf(MSG_DEBUG, + "%s: prepare_auth_resp_fils() returned failure", + __func__); + } + sta->fils_pending_cb(hapd, sta, resp, data, pub); } #endif /* CONFIG_FILS */ @@ -1889,7 +1907,8 @@ static void handle_auth(struct hostapd_data *hapd, case WLAN_AUTH_FILS_SK_PFS: handle_auth_fils(hapd, sta, mgmt->u.auth.variable, len - IEEE80211_HDRLEN - sizeof(mgmt->u.auth), - auth_alg, auth_transaction, status_code); + auth_alg, auth_transaction, status_code, + handle_auth_fils_finish); return; #endif /* CONFIG_FILS */ } diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h index ce3abcbb0..0653fb267 100644 --- a/src/ap/ieee802_11.h +++ b/src/ap/ieee802_11.h @@ -144,5 +144,11 @@ void ieee802_11_finish_fils_auth(struct hostapd_data *hapd, const u8 *msk, size_t msk_len); void fils_hlp_timeout(void *eloop_ctx, void *eloop_data); void fils_hlp_finish_assoc(struct hostapd_data *hapd, struct sta_info *sta); +void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *pos, size_t len, u16 auth_alg, + u16 auth_transaction, u16 status_code, + void (*cb)(struct hostapd_data *hapd, + struct sta_info *sta, + u16 resp, struct wpabuf *data, int pub)); #endif /* IEEE802_11_H */ diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h index 029579841..150e6b57e 100644 --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h @@ -48,6 +48,7 @@ * Supported Rates IEs). */ #define WLAN_SUPP_RATES_MAX 32 +struct hostapd_data; struct mbo_non_pref_chan_info { struct mbo_non_pref_chan_info *next; @@ -231,6 +232,8 @@ struct sta_info { unsigned int fils_dhcp_rapid_commit_proxy:1; struct wpabuf *fils_hlp_resp; struct wpabuf *hlp_dhcp_discover; + void (*fils_pending_cb)(struct hostapd_data *hapd, struct sta_info *sta, + u16 resp, struct wpabuf *data, int pub); #ifdef CONFIG_FILS_SK_PFS struct crypto_ecdh *fils_ecdh; #endif /* CONFIG_FILS_SK_PFS */ @@ -260,8 +263,6 @@ struct sta_info { #define AP_MAX_INACTIVITY_AFTER_DEAUTH (1 * 5) -struct hostapd_data; - int ap_for_each_sta(struct hostapd_data *hapd, int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, void *ctx),