diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 813fc42cc..41c5534e8 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -113,6 +113,11 @@ void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) { int bssid_changed; +#ifdef CONFIG_IBSS_RSN + ibss_rsn_deinit(wpa_s->ibss_rsn); + wpa_s->ibss_rsn = NULL; +#endif /* CONFIG_IBSS_RSN */ + if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) return; @@ -1344,8 +1349,18 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, if (wpa_s->current_ssid && wpa_s->current_ssid->mode == WPAS_MODE_IBSS && wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && - wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) - ibss_rsn_connected(wpa_s->ibss_rsn); + wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE && + wpa_s->ibss_rsn == NULL) { + wpa_s->ibss_rsn = ibss_rsn_init(wpa_s); + if (!wpa_s->ibss_rsn) { + wpa_msg(wpa_s, MSG_INFO, "Failed to init IBSS RSN"); + wpa_supplicant_deauthenticate( + wpa_s, WLAN_REASON_DEAUTH_LEAVING); + return; + } + + ibss_rsn_set_psk(wpa_s->ibss_rsn, wpa_s->current_ssid->psk); + } #endif /* CONFIG_IBSS_RSN */ } @@ -1554,7 +1569,8 @@ wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, l2_packet_deinit(wpa_s->l2); wpa_s->l2 = NULL; #ifdef CONFIG_IBSS_RSN - ibss_rsn_stop(wpa_s->ibss_rsn, NULL); + ibss_rsn_deinit(wpa_s->ibss_rsn); + wpa_s->ibss_rsn = NULL; #endif /* CONFIG_IBSS_RSN */ #ifdef CONFIG_TERMINATE_ONLASTIF /* check if last interface */ diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index 55ea790a7..9789d32a0 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -285,15 +285,6 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } } - if (ibss_rsn->init_in_progress && key_len <= - sizeof(ibss_rsn->init_gtk)) { - wpa_printf(MSG_DEBUG, "AUTH: Delay setting of initial TX GTK " - "until RSN IBSS is connected"); - ibss_rsn->init_gtk_idx = idx; - os_memcpy(ibss_rsn->init_gtk, key, key_len); - return 0; - } - return wpa_drv_set_key(ibss_rsn->wpa_s, alg, addr, idx, 1, seq, 6, key, key_len); } @@ -342,9 +333,7 @@ static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn, cb.set_key = auth_set_key; cb.for_each_sta = auth_for_each_sta; - ibss_rsn->init_in_progress = 1; ibss_rsn->auth_group = wpa_init(own_addr, &conf, &cb); - ibss_rsn->init_in_progress = 0; if (ibss_rsn->auth_group == NULL) { wpa_printf(MSG_DEBUG, "AUTH: wpa_init() failed"); return -1; @@ -389,6 +378,9 @@ int ibss_rsn_start(struct ibss_rsn *ibss_rsn, const u8 *addr) { struct ibss_rsn_peer *peer; + if (ibss_rsn == NULL) + return -1; + for (peer = ibss_rsn->peers; peer; peer = peer->next) { if (os_memcmp(addr, peer->addr, ETH_ALEN) == 0) { wpa_printf(MSG_DEBUG, "RSN: IBSS Authenticator and " @@ -580,6 +572,9 @@ int ibss_rsn_rx_eapol(struct ibss_rsn *ibss_rsn, const u8 *src_addr, { struct ibss_rsn_peer *peer; + if (ibss_rsn == NULL) + return -1; + for (peer = ibss_rsn->peers; peer; peer = peer->next) { if (os_memcmp(src_addr, peer->addr, ETH_ALEN) == 0) return ibss_rsn_process_rx_eapol(ibss_rsn, peer, @@ -603,24 +598,7 @@ int ibss_rsn_rx_eapol(struct ibss_rsn *ibss_rsn, const u8 *src_addr, void ibss_rsn_set_psk(struct ibss_rsn *ibss_rsn, const u8 *psk) { + if (ibss_rsn == NULL) + return; os_memcpy(ibss_rsn->psk, psk, PMK_LEN); } - - -void ibss_rsn_connected(struct ibss_rsn *ibss_rsn) -{ - u8 seq[6]; - wpa_printf(MSG_DEBUG, "RSN: IBSS connected notification"); - if (ibss_rsn->init_gtk_idx) { - wpa_printf(MSG_DEBUG, "RSN: Set initial IBSS TX GTK"); - os_memset(seq, 0, sizeof(seq)); - if (wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_CCMP, - broadcast_ether_addr, - ibss_rsn->init_gtk_idx, - 1, seq, sizeof(seq), ibss_rsn->init_gtk, - 16) < 0) - wpa_printf(MSG_INFO, "RSN: Failed to set IBSS TX GTK"); - ibss_rsn->init_gtk_idx = 0; - os_memset(ibss_rsn->init_gtk, 0, sizeof(ibss_rsn->init_gtk)); - } -} diff --git a/wpa_supplicant/ibss_rsn.h b/wpa_supplicant/ibss_rsn.h index 2582073a4..dbc889f86 100644 --- a/wpa_supplicant/ibss_rsn.h +++ b/wpa_supplicant/ibss_rsn.h @@ -36,10 +36,6 @@ struct ibss_rsn { struct wpa_authenticator *auth_group; struct ibss_rsn_peer *peers; u8 psk[PMK_LEN]; - - int init_in_progress; - int init_gtk_idx; - u8 init_gtk[16]; }; @@ -50,6 +46,5 @@ void ibss_rsn_stop(struct ibss_rsn *ibss_rsn, const u8 *peermac); int ibss_rsn_rx_eapol(struct ibss_rsn *ibss_rsn, const u8 *src_addr, const u8 *buf, size_t len); void ibss_rsn_set_psk(struct ibss_rsn *ibss_rsn, const u8 *psk); -void ibss_rsn_connected(struct ibss_rsn *ibss_rsn); #endif /* IBSS_RSN_H */ diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 28b3f0b70..83550ef59 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -1077,6 +1077,11 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, int assoc_failed = 0; struct wpa_ssid *old_ssid; +#ifdef CONFIG_IBSS_RSN + ibss_rsn_deinit(wpa_s->ibss_rsn); + wpa_s->ibss_rsn = NULL; +#endif /* CONFIG_IBSS_RSN */ + if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { #ifdef CONFIG_AP @@ -1387,7 +1392,6 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, } else if (ssid->mode == WPAS_MODE_IBSS && wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { - ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk); /* * RSN IBSS authentication is per-STA and we can disable the * per-BSSID authentication. @@ -2272,14 +2276,6 @@ next_driver: return -1; } -#ifdef CONFIG_IBSS_RSN - wpa_s->ibss_rsn = ibss_rsn_init(wpa_s); - if (!wpa_s->ibss_rsn) { - wpa_dbg(wpa_s, MSG_DEBUG, "Failed to init IBSS RSN"); - return -1; - } -#endif /* CONFIG_IBSS_RSN */ - #ifdef CONFIG_P2P if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) { wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");