From d8c8d85753c76afd01f94b9404f399c92927ee1b Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Sun, 8 Oct 2017 13:49:45 +0300
Subject: [PATCH] OWE: Include RSNE in (Re)Association Response frame

This is not normally done in RSN, but RFC 8110 seems to imply that AP
has to include OWE AKM in the RSNE within these frames. So, add the RSNE
to (Re)Association Response frames when OWE is being negotiated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
---
 src/ap/ieee802_11.c  |  9 ++++++++-
 src/ap/wpa_auth.h    |  3 +++
 src/ap/wpa_auth_ie.c | 15 +++++++++++++++
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 5163139f5..e4daec2e1 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2622,7 +2622,7 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
 #endif /* CONFIG_FILS */
 #ifdef CONFIG_OWE
 	if (sta && (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE))
-		buflen += 50;
+		buflen += 150;
 #endif /* CONFIG_OWE */
 	buf = os_zalloc(buflen);
 	if (!buf) {
@@ -2661,6 +2661,13 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
 	}
 #endif /* CONFIG_IEEE80211R_AP */
 
+#ifdef CONFIG_OWE
+	if (sta && (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE))
+		p = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, p,
+						  buf + buflen - p,
+						  ies, ies_len);
+#endif /* CONFIG_OWE */
+
 #ifdef CONFIG_IEEE80211W
 	if (sta && status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY)
 		p = hostapd_eid_assoc_comeback_time(hapd, sta, p);
diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index 5e8a4cc84..9ef660af1 100644
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -422,5 +422,8 @@ int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, u8 *buf, size_t len);
 void wpa_auth_get_fils_aead_params(struct wpa_state_machine *sm,
 				   u8 *fils_anonce, u8 *fils_snonce,
 				   u8 *fils_kek, size_t *fils_kek_len);
+u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
+				   u8 *pos, size_t max_len,
+				   const u8 *req_ies, size_t req_ies_len);
 
 #endif /* WPA_AUTH_H */
diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
index ff7b97ae1..889afcb77 100644
--- a/src/ap/wpa_auth_ie.c
+++ b/src/ap/wpa_auth_ie.c
@@ -1042,3 +1042,18 @@ int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
 {
 	return sm ? sm->mgmt_frame_prot : 0;
 }
+
+
+#ifdef CONFIG_OWE
+u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
+				   u8 *pos, size_t max_len,
+				   const u8 *req_ies, size_t req_ies_len)
+{
+	int res;
+
+	res = wpa_write_rsn_ie(&sm->wpa_auth->conf, pos, max_len, NULL);
+	if (res < 0)
+		return pos;
+	return pos + res;
+}
+#endif /* CONFIG_OWE */