mesh: Support simple SAE group negotiation case

This allows the simplest case of SAE group negotiation to occur by
selecting the next available group if the peer STA indicates the
previous one was not supported. This is not yet sufficient to cover all
cases, e.g., when both STAs need to change their groups, but at least
some cases are no covered.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2016-05-30 21:14:08 +03:00 committed by Jouni Malinen
parent 582841689f
commit dad0129227

View file

@ -518,6 +518,9 @@ static void auth_sae_retransmit_timer(void *eloop_ctx, void *eloop_data)
if (sae_check_big_sync(sta)) if (sae_check_big_sync(sta))
return; return;
sta->sae->sync++; sta->sae->sync++;
wpa_printf(MSG_DEBUG, "SAE: Auth SAE retransmit timer for " MACSTR
" (sync=%d state=%d)",
MAC2STR(sta->addr), sta->sae->sync, sta->sae->state);
switch (sta->sae->state) { switch (sta->sae->state) {
case SAE_COMMITTED: case SAE_COMMITTED:
@ -724,6 +727,44 @@ static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta,
} }
static void sae_pick_next_group(struct hostapd_data *hapd, struct sta_info *sta)
{
struct sae_data *sae = sta->sae;
int i, *groups = hapd->conf->sae_groups;
if (sae->state != SAE_COMMITTED)
return;
wpa_printf(MSG_DEBUG, "SAE: Previously selected group: %d", sae->group);
for (i = 0; groups && groups[i] > 0; i++) {
if (sae->group == groups[i])
break;
}
if (!groups || groups[i] <= 0) {
wpa_printf(MSG_DEBUG,
"SAE: Previously selected group not found from the current configuration");
return;
}
for (;;) {
i++;
if (groups[i] <= 0) {
wpa_printf(MSG_DEBUG,
"SAE: No alternative group enabled");
return;
}
if (sae_set_group(sae, groups[i]) < 0)
continue;
break;
}
wpa_printf(MSG_DEBUG, "SAE: Selected new group: %d", groups[i]);
}
static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta, static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
const struct ieee80211_mgmt *mgmt, size_t len, const struct ieee80211_mgmt *mgmt, size_t len,
u16 auth_transaction, u16 status_code) u16 auth_transaction, u16 status_code)
@ -811,6 +852,16 @@ static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
return; return;
} }
if ((hapd->conf->mesh & MESH_ENABLED) &&
status_code ==
WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED &&
sta->sae->tmp) {
wpa_printf(MSG_DEBUG,
"SAE: Peer did not accept our SAE group");
sae_pick_next_group(hapd, sta);
goto remove_sta;
}
if (status_code != WLAN_STATUS_SUCCESS) if (status_code != WLAN_STATUS_SUCCESS)
goto remove_sta; goto remove_sta;