Convert STA session_timeout to os_reltime

This is needed to allow the remaining session time to be computed for FT
(when sending PMK-R1 to another AP).

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index b5e2b7594bd176a09ae745c2eada3470a80f86d9..bf94571cb72ea9a3ac823c96b690c5abb58612c1 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1472,15 +1472,24 @@ prepare_auth_resp_fils(struct hostapd_data *hapd,
                if (sta->fils_erp_pmkid_set) {
                        /* TODO: get PMKLifetime from WPA parameters */
                        unsigned int dot11RSNAConfigPMKLifetime = 43200;
+                       int session_timeout;
+
+                       session_timeout = dot11RSNAConfigPMKLifetime;
+                       if (sta->session_timeout_set) {
+                               struct os_reltime now, diff;
+
+                               os_get_reltime(&now);
+                               os_reltime_sub(&sta->session_timeout, &now,
+                                              &diff);
+                               session_timeout = diff.sec;
+                       }
 
                        sta->fils_erp_pmkid_set = 0;
                        if (wpa_auth_pmksa_add2(
                                    hapd->wpa_auth, sta->addr,
                                    pmk, pmk_len,
                                    sta->fils_erp_pmkid,
-                                   sta->session_timeout_set ?
-                                   sta->session_timeout :
-                                   dot11RSNAConfigPMKLifetime,
+                                   session_timeout,
                                    wpa_auth_sta_key_mgmt(sta->wpa_sm)) < 0) {
                                wpa_printf(MSG_ERROR,
                                           "FILS: Failed to add PMKSA cache entry based on ERP");
@@ -1658,10 +1667,15 @@ ieee802_11_set_radius_info(struct hostapd_data *hapd, struct sta_info *sta,
 
        if (hapd->conf->acct_interim_interval == 0 && acct_interim_interval)
                sta->acct_interim_interval = acct_interim_interval;
-       if (res == HOSTAPD_ACL_ACCEPT_TIMEOUT)
+       if (res == HOSTAPD_ACL_ACCEPT_TIMEOUT) {
+               sta->session_timeout_set = 1;
+               os_get_reltime(&sta->session_timeout);
+               sta->session_timeout.sec += session_timeout;
                ap_sta_session_timeout(hapd, sta, session_timeout);
-       else
+       } else {
+               sta->session_timeout_set = 0;
                ap_sta_no_session_timeout(hapd, sta);
+       }
 
        return 0;
 }

diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index d57ca4604e7c42f2e9beb48388f09ba7dc28dc4b..98dc2bc5b6f9c23bf0a2a704be6249eee55df435 100644 (file)
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -1817,14 +1817,17 @@ ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req,
                        break;
 
                sta->session_timeout_set = !!session_timeout_set;
-               sta->session_timeout = session_timeout;
+               os_get_reltime(&sta->session_timeout);
+               sta->session_timeout.sec += session_timeout;
 
                /* RFC 3580, Ch. 3.17 */
                if (session_timeout_set && termination_action ==
-                   RADIUS_TERMINATION_ACTION_RADIUS_REQUEST) {
+                   RADIUS_TERMINATION_ACTION_RADIUS_REQUEST)
                        sm->reAuthPeriod = session_timeout;
-               } else if (session_timeout_set)
+               else if (session_timeout_set)
                        ap_sta_session_timeout(hapd, sta, session_timeout);
+               else
+                       ap_sta_no_session_timeout(hapd, sta);
 
                sm->eap_if->aaaSuccess = TRUE;
                override_eapReq = 1;
@@ -2714,6 +2717,7 @@ static void ieee802_1x_finished(struct hostapd_data *hapd,
        /* TODO: get PMKLifetime from WPA parameters */
        static const int dot11RSNAConfigPMKLifetime = 43200;
        unsigned int session_timeout;
+       struct os_reltime now, remaining;
 
 #ifdef CONFIG_HS20
        if (remediation && !sta->remediation) {
@@ -2734,10 +2738,13 @@ static void ieee802_1x_finished(struct hostapd_data *hapd,
 #endif /* CONFIG_HS20 */
 
        key = ieee802_1x_get_key(sta->eapol_sm, &len);
-       if (sta->session_timeout_set)
-               session_timeout = sta->session_timeout;
-       else
+       if (sta->session_timeout_set) {
+               os_get_reltime(&now);
+               os_reltime_sub(&sta->session_timeout, &now, &remaining);
+               session_timeout = (remaining.sec > 0) ? remaining.sec : 1;
+       } else {
                session_timeout = dot11RSNAConfigPMKLifetime;
+       }
        if (success && key && len >= PMK_LEN && !sta->remediation &&
            !sta->hs20_deauth_requested &&
            wpa_auth_pmksa_add(sta->wpa_sm, key, len, session_timeout,

diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index 255ac1fee7b021a02006e585d3f72ff756a04be9..fc7777bf9a6da310ff9efc168b246e2211e37a7e 100644 (file)
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -198,7 +198,8 @@ struct sta_info {
        unsigned int mesh_sae_pmksa_caching:1;
 #endif /* CONFIG_SAE */
 
-       u32 session_timeout; /* valid only if session_timeout_set == 1 */
+       /* valid only if session_timeout_set == 1 */
+       struct os_reltime session_timeout;
 
        /* Last Authentication/(Re)Association Request/Action frame sequence
         * control */