jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

HS 2.0: Allow OSEN connection to be used in an RSN BSS

Browse source 
This allows a single BSS/SSID to be used for both data connection and
OSU. In wpa_supplicant configuration, the current proto=OSEN
key_mgmt=OSEN combination is now allowing both the old separate OSEN
BSS/IE and the new RSN-OSEN to be used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2018-05-29 20:09:53 +03:00 committed by Jouni Malinen
parent 8d660a4bac
commit f5a602168f
3 changed files with 21 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/rsn_supp/wpa_ie.c
View file

@ -200,6 +200,10 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len,
} else if (key_mgmt & WPA_KEY_MGMT_DPP) { } else if (key_mgmt & WPA_KEY_MGMT_DPP) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_DPP); RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_DPP);
#endif /* CONFIG_DPP */ #endif /* CONFIG_DPP */
#ifdef CONFIG_HS20
} else if (key_mgmt & WPA_KEY_MGMT_OSEN) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_OSEN);
#endif /* CONFIG_HS20 */
} else { } else {
wpa_printf(MSG_WARNING, "Invalid key management type (%d).", wpa_printf(MSG_WARNING, "Invalid key management type (%d).",
key_mgmt); key_mgmt);

14
wpa_supplicant/events.c
View file

@ -536,7 +536,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)); (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA));
rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { while ((ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)) && rsn_ie) {
proto_match++; proto_match++;
if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) {
@ -555,7 +555,8 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
return 1; return 1;
} }
if (!(ie.proto & ssid->proto)) { if (!(ie.proto & ssid->proto) &&
!(ssid->proto & WPA_PROTO_OSEN)) {
if (debug_print) if (debug_print)
wpa_dbg(wpa_s, MSG_DEBUG, wpa_dbg(wpa_s, MSG_DEBUG,
" skip RSN IE - proto mismatch"); " skip RSN IE - proto mismatch");
@ -985,18 +986,22 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
struct wpa_blacklist *e; struct wpa_blacklist *e;
const u8 *ie; const u8 *ie;
struct wpa_ssid *ssid; struct wpa_ssid *ssid;
int osen; int osen, rsn_osen = 0;
#ifdef CONFIG_MBO #ifdef CONFIG_MBO
const u8 *assoc_disallow; const u8 *assoc_disallow;
#endif /* CONFIG_MBO */ #endif /* CONFIG_MBO */
const u8 *match_ssid; const u8 *match_ssid;
size_t match_ssid_len; size_t match_ssid_len;
struct wpa_ie_data data;
ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
wpa_ie_len = ie ? ie[1] : 0; wpa_ie_len = ie ? ie[1] : 0;
ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
rsn_ie_len = ie ? ie[1] : 0; rsn_ie_len = ie ? ie[1] : 0;
if (ie && wpa_parse_wpa_ie_rsn(ie, 2 + ie[1], &data) == 0 &&
(data.key_mgmt & WPA_KEY_MGMT_OSEN))
rsn_osen = 1;
ie = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE); ie = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
osen = ie != NULL; osen = ie != NULL;
@ -1170,7 +1175,8 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
continue; continue;
} }
if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen) { if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen &&
!rsn_osen) {
if (debug_print) if (debug_print)
wpa_dbg(wpa_s, MSG_DEBUG, wpa_dbg(wpa_s, MSG_DEBUG,
" skip - non-OSEN network not allowed"); " skip - non-OSEN network not allowed");

7
wpa_supplicant/wpa_supplicant.c
View file

@ -1217,6 +1217,13 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
ie.pairwise_cipher = WPA_CIPHER_CCMP; ie.pairwise_cipher = WPA_CIPHER_CCMP;
ie.key_mgmt = WPA_KEY_MGMT_OSEN; ie.key_mgmt = WPA_KEY_MGMT_OSEN;
proto = WPA_PROTO_OSEN; proto = WPA_PROTO_OSEN;
} else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
(ie.group_cipher & ssid->group_cipher) &&
(ie.pairwise_cipher & ssid->pairwise_cipher) &&
(ie.key_mgmt & ssid->key_mgmt)) {
wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
proto = WPA_PROTO_RSN;
#endif /* CONFIG_HS20 */ #endif /* CONFIG_HS20 */
} else if (bss) { } else if (bss) {
wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");