]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/mesh_mpm.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
mesh: Avoid use of hardcoded cipher
[thirdparty/hostap.git] / wpa_supplicant / mesh_mpm.c
CommitLineData
5f92659d
BC		 1/*
2 * WPA Supplicant - Basic mesh peer management
3 * Copyright (c) 2013-2014, cozybit, Inc. All rights reserved.
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9#include "utils/includes.h"
10
11#include "utils/common.h"
12#include "utils/eloop.h"
13#include "common/ieee802_11_defs.h"
14#include "ap/hostapd.h"
15#include "ap/sta_info.h"
16#include "ap/ieee802_11.h"
9f2cf23e 17#include "ap/wpa_auth.h"
5f92659d
BC		 18#include "wpa_supplicant_i.h"
19#include "driver_i.h"
20#include "mesh_mpm.h"
0f950df0 21#include "mesh_rsn.h"
5f92659d 22
5f92659d 23struct mesh_peer_mgmt_ie {
c2ed7797
JM		 24 const u8 *proto_id; /* Mesh Peering Protocol Identifier (2 octets) */
25 const u8 *llid; /* Local Link ID (2 octets) */
26 const u8 *plid; /* Peer Link ID (conditional, 2 octets) */
27 const u8 *reason; /* Reason Code (conditional, 2 octets) */
28 const u8 *chosen_pmk; /* Chosen PMK (optional, 16 octets) */
5f92659d
BC		 29};
30
31static void plink_timer(void *eloop_ctx, void *user_data);
32
33
34enum plink_event {
35 PLINK_UNDEFINED,
36 OPN_ACPT,
37 OPN_RJCT,
38 OPN_IGNR,
39 CNF_ACPT,
40 CNF_RJCT,
41 CNF_IGNR,
42 CLS_ACPT,
43 CLS_IGNR
44};
45
46static const char * const mplstate[] = {
b5f5c324 47 [0] = "UNINITIALIZED",
5f92659d
BC		 48 [PLINK_LISTEN] = "LISTEN",
49 [PLINK_OPEN_SENT] = "OPEN_SENT",
50 [PLINK_OPEN_RCVD] = "OPEN_RCVD",
51 [PLINK_CNF_RCVD] = "CNF_RCVD",
52 [PLINK_ESTAB] = "ESTAB",
53 [PLINK_HOLDING] = "HOLDING",
54 [PLINK_BLOCKED] = "BLOCKED"
55};
56
57static const char * const mplevent[] = {
58 [PLINK_UNDEFINED] = "UNDEFINED",
59 [OPN_ACPT] = "OPN_ACPT",
60 [OPN_RJCT] = "OPN_RJCT",
61 [OPN_IGNR] = "OPN_IGNR",
62 [CNF_ACPT] = "CNF_ACPT",
63 [CNF_RJCT] = "CNF_RJCT",
64 [CNF_IGNR] = "CNF_IGNR",
65 [CLS_ACPT] = "CLS_ACPT",
66 [CLS_IGNR] = "CLS_IGNR"
67};
68
69
70static int mesh_mpm_parse_peer_mgmt(struct wpa_supplicant *wpa_s,
71 u8 action_field,
72 const u8 *ie, size_t len,
73 struct mesh_peer_mgmt_ie *mpm_ie)
74{
75 os_memset(mpm_ie, 0, sizeof(*mpm_ie));
76
c2ed7797
JM		 77 /* Remove optional Chosen PMK field at end */
78 if (len >= SAE_PMKID_LEN) {
79 mpm_ie->chosen_pmk = ie + len - SAE_PMKID_LEN;
80 len -= SAE_PMKID_LEN;
5f92659d
BC		 81 }
82
83 if ((action_field == PLINK_OPEN && len != 4) ||
84 (action_field == PLINK_CONFIRM && len != 6) ||
85 (action_field == PLINK_CLOSE && len != 6 && len != 8)) {
86 wpa_msg(wpa_s, MSG_DEBUG, "MPM: Invalid peer mgmt ie");
87 return -1;
88 }
89
90 /* required fields */
91 if (len < 4)
92 return -1;
93 mpm_ie->proto_id = ie;
94 mpm_ie->llid = ie + 2;
95 ie += 4;
96 len -= 4;
97
98 /* close reason is always present at end for close */
99 if (action_field == PLINK_CLOSE) {
100 if (len < 2)
101 return -1;
102 mpm_ie->reason = ie + len - 2;
103 len -= 2;
104 }
105
c2ed7797
JM		 106 /* Peer Link ID, present for confirm, and possibly close */
107 if (len >= 2)
5f92659d
BC		 108 mpm_ie->plid = ie;
109
110 return 0;
111}
112
113
114static int plink_free_count(struct hostapd_data *hapd)
115{
116 if (hapd->max_plinks > hapd->num_plinks)
117 return hapd->max_plinks - hapd->num_plinks;
118 return 0;
119}
120
121
122static u16 copy_supp_rates(struct wpa_supplicant *wpa_s,
123 struct sta_info *sta,
124 struct ieee802_11_elems *elems)
125{
126 if (!elems->supp_rates) {
127 wpa_msg(wpa_s, MSG_ERROR, "no supported rates from " MACSTR,
128 MAC2STR(sta->addr));
129 return WLAN_STATUS_UNSPECIFIED_FAILURE;
130 }
131
132 if (elems->supp_rates_len + elems->ext_supp_rates_len >
133 sizeof(sta->supported_rates)) {
134 wpa_msg(wpa_s, MSG_ERROR,
135 "Invalid supported rates element length " MACSTR
136 " %d+%d", MAC2STR(sta->addr), elems->supp_rates_len,
137 elems->ext_supp_rates_len);
138 return WLAN_STATUS_UNSPECIFIED_FAILURE;
139 }
140
141 sta->supported_rates_len = merge_byte_arrays(
142 sta->supported_rates, sizeof(sta->supported_rates),
143 elems->supp_rates, elems->supp_rates_len,
144 elems->ext_supp_rates, elems->ext_supp_rates_len);
145
146 return WLAN_STATUS_SUCCESS;
147}
148
149
150/* return true if elems from a neighbor match this MBSS */
151static Boolean matches_local(struct wpa_supplicant *wpa_s,
152 struct ieee802_11_elems *elems)
153{
154 struct mesh_conf *mconf = wpa_s->ifmsh->mconf;
155
156 if (elems->mesh_config_len < 5)
157 return FALSE;
158
159 return (mconf->meshid_len == elems->mesh_id_len &&
160 os_memcmp(mconf->meshid, elems->mesh_id,
161 elems->mesh_id_len) == 0 &&
162 mconf->mesh_pp_id == elems->mesh_config[0] &&
163 mconf->mesh_pm_id == elems->mesh_config[1] &&
164 mconf->mesh_cc_id == elems->mesh_config[2] &&
165 mconf->mesh_sp_id == elems->mesh_config[3] &&
166 mconf->mesh_auth_id == elems->mesh_config[4]);
167}
168
169
170/* check if local link id is already used with another peer */
171static Boolean llid_in_use(struct wpa_supplicant *wpa_s, u16 llid)
172{
173 struct sta_info *sta;
174 struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
175
176 for (sta = hapd->sta_list; sta; sta = sta->next) {
177 if (sta->my_lid == llid)
178 return TRUE;
179 }
180
181 return FALSE;
182}
183
184
185/* generate an llid for a link and set to initial state */
186static void mesh_mpm_init_link(struct wpa_supplicant *wpa_s,
187 struct sta_info *sta)
188{
189 u16 llid;
190
191 do {
192 if (os_get_random((u8 *) &llid, sizeof(llid)) < 0)
193 continue;
194 } while (!llid || llid_in_use(wpa_s, llid));
195
196 sta->my_lid = llid;
197 sta->peer_lid = 0;
871ff0b7
MH		 198
199 /*
200 * We do not use wpa_mesh_set_plink_state() here because there is no
201 * entry in kernel yet.
202 */
5f92659d
BC		 203 sta->plink_state = PLINK_LISTEN;
204}
205
206
207static void mesh_mpm_send_plink_action(struct wpa_supplicant *wpa_s,
208 struct sta_info *sta,
209 enum plink_action_field type,
210 u16 close_reason)
211{
212 struct wpabuf *buf;
213 struct hostapd_iface *ifmsh = wpa_s->ifmsh;
214 struct hostapd_data *bss = ifmsh->bss[0];
215 struct mesh_conf *conf = ifmsh->mconf;
216 u8 supp_rates[2 + 2 + 32];
0f950df0 217 u8 *pos, *cat;
5f92659d
BC		 218 u8 ie_len, add_plid = 0;
219 int ret;
220 int ampe = conf->security & MESH_CONF_SEC_AMPE;
798b3182 221 size_t buf_len;
5f92659d
BC		 222
223 if (!sta)
224 return;
225
798b3182
MH		 226 buf_len = 2 + /* capability info */
227 2 + /* AID */
228 2 + 8 + /* supported rates */
229 2 + (32 - 8) +
230 2 + 32 + /* mesh ID */
231 2 + 7 + /* mesh config */
232 2 + 23 + /* peering management */
233 2 + 96 + /* AMPE */
234 2 + 16; /* MIC */
235#ifdef CONFIG_IEEE80211N
6334330e 236 if (type != PLINK_CLOSE && wpa_s->mesh_ht_enabled) {
798b3182
MH		 237 buf_len += 2 + 26 + /* HT capabilities */
238 2 + 22; /* HT operation */
239 }
240#endif /* CONFIG_IEEE80211N */
a65efbfb
PO		 241#ifdef CONFIG_IEEE80211AC
242 if (type != PLINK_CLOSE && wpa_s->mesh_vht_enabled) {
243 buf_len += 2 + 12 + /* VHT Capabilities */
244 2 + 5; /* VHT Operation */
245 }
246#endif /* CONFIG_IEEE80211AC */
f029c44c
MH		 247 if (type != PLINK_CLOSE)
248 buf_len += conf->rsn_ie_len; /* RSN IE */
249
798b3182 250 buf = wpabuf_alloc(buf_len);
5f92659d
BC		 251 if (!buf)
252 return;
253
0f950df0 254 cat = wpabuf_mhead_u8(buf);
5f92659d
BC		 255 wpabuf_put_u8(buf, WLAN_ACTION_SELF_PROTECTED);
256 wpabuf_put_u8(buf, type);
257
258 if (type != PLINK_CLOSE) {
d5b95325
MH		 259 u8 info;
260
5f92659d
BC		 261 /* capability info */
262 wpabuf_put_le16(buf, ampe ? IEEE80211_CAP_PRIVACY : 0);
263
5cfb672d 264 /* aid */
5f92659d 265 if (type == PLINK_CONFIRM)
681753f2 266 wpabuf_put_le16(buf, sta->aid);
5f92659d
BC		 267
268 /* IE: supp + ext. supp rates */
269 pos = hostapd_eid_supp_rates(bss, supp_rates);
270 pos = hostapd_eid_ext_supp_rates(bss, pos);
271 wpabuf_put_data(buf, supp_rates, pos - supp_rates);
272
f029c44c
MH		 273 /* IE: RSN IE */
274 wpabuf_put_data(buf, conf->rsn_ie, conf->rsn_ie_len);
275
5f92659d
BC		 276 /* IE: Mesh ID */
277 wpabuf_put_u8(buf, WLAN_EID_MESH_ID);
278 wpabuf_put_u8(buf, conf->meshid_len);
279 wpabuf_put_data(buf, conf->meshid, conf->meshid_len);
280
281 /* IE: mesh conf */
282 wpabuf_put_u8(buf, WLAN_EID_MESH_CONFIG);
283 wpabuf_put_u8(buf, 7);
284 wpabuf_put_u8(buf, conf->mesh_pp_id);
285 wpabuf_put_u8(buf, conf->mesh_pm_id);
286 wpabuf_put_u8(buf, conf->mesh_cc_id);
287 wpabuf_put_u8(buf, conf->mesh_sp_id);
288 wpabuf_put_u8(buf, conf->mesh_auth_id);
d5b95325
MH		 289 info = (bss->num_plinks > 63 ? 63 : bss->num_plinks) << 1;
290 /* TODO: Add Connected to Mesh Gate/AS subfields */
291 wpabuf_put_u8(buf, info);
5f92659d
BC		 292 /* always forwarding & accepting plinks for now */
293 wpabuf_put_u8(buf, 0x1 | 0x8);
294 } else { /* Peer closing frame */
295 /* IE: Mesh ID */
296 wpabuf_put_u8(buf, WLAN_EID_MESH_ID);
297 wpabuf_put_u8(buf, conf->meshid_len);
298 wpabuf_put_data(buf, conf->meshid, conf->meshid_len);
299 }
300
301 /* IE: Mesh Peering Management element */
302 ie_len = 4;
303 if (ampe)
304 ie_len += PMKID_LEN;
305 switch (type) {
306 case PLINK_OPEN:
307 break;
308 case PLINK_CONFIRM:
309 ie_len += 2;
310 add_plid = 1;
311 break;
312 case PLINK_CLOSE:
313 ie_len += 2;
314 add_plid = 1;
315 ie_len += 2; /* reason code */
316 break;
317 }
318
319 wpabuf_put_u8(buf, WLAN_EID_PEER_MGMT);
320 wpabuf_put_u8(buf, ie_len);
321 /* peering protocol */
322 if (ampe)
323 wpabuf_put_le16(buf, 1);
324 else
325 wpabuf_put_le16(buf, 0);
326 wpabuf_put_le16(buf, sta->my_lid);
327 if (add_plid)
328 wpabuf_put_le16(buf, sta->peer_lid);
329 if (type == PLINK_CLOSE)
330 wpabuf_put_le16(buf, close_reason);
608b0ff5
JM		 331 if (ampe) {
332 if (sta->sae == NULL) {
333 wpa_msg(wpa_s, MSG_INFO, "Mesh MPM: no SAE session");
334 goto fail;
335 }
0f950df0
TP		 336 mesh_rsn_get_pmkid(wpa_s->mesh_rsn, sta,
337 wpabuf_put(buf, PMKID_LEN));
608b0ff5 338 }
5f92659d 339
5cfb672d 340#ifdef CONFIG_IEEE80211N
6334330e 341 if (type != PLINK_CLOSE && wpa_s->mesh_ht_enabled) {
a65efbfb
PO		 342 u8 ht_capa_oper[2 + 26 + 2 + 22];
343
5cfb672d
JM		 344 pos = hostapd_eid_ht_capabilities(bss, ht_capa_oper);
345 pos = hostapd_eid_ht_operation(bss, pos);
346 wpabuf_put_data(buf, ht_capa_oper, pos - ht_capa_oper);
347 }
348#endif /* CONFIG_IEEE80211N */
a65efbfb
PO		 349#ifdef CONFIG_IEEE80211AC
350 if (type != PLINK_CLOSE && wpa_s->mesh_vht_enabled) {
351 u8 vht_capa_oper[2 + 12 + 2 + 5];
352
353 pos = hostapd_eid_vht_capabilities(bss, vht_capa_oper);
354 pos = hostapd_eid_vht_operation(bss, pos);
355 wpabuf_put_data(buf, vht_capa_oper, pos - vht_capa_oper);
356 }
357#endif /* CONFIG_IEEE80211AC */
5f92659d 358
0f950df0
TP		 359 if (ampe && mesh_rsn_protect_frame(wpa_s->mesh_rsn, sta, cat, buf)) {
360 wpa_msg(wpa_s, MSG_INFO,
361 "Mesh MPM: failed to add AMPE and MIC IE");
362 goto fail;
363 }
364
b5f5c324
JM		 365 wpa_msg(wpa_s, MSG_DEBUG, "Mesh MPM: Sending peering frame type %d to "
366 MACSTR " (my_lid=0x%x peer_lid=0x%x)",
367 type, MAC2STR(sta->addr), sta->my_lid, sta->peer_lid);
5f92659d
BC		 368 ret = wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0,
369 sta->addr, wpa_s->own_addr, wpa_s->own_addr,
370 wpabuf_head(buf), wpabuf_len(buf), 0);
371 if (ret < 0)
372 wpa_msg(wpa_s, MSG_INFO,
373 "Mesh MPM: failed to send peering frame");
374
0f950df0 375fail:
5f92659d
BC		 376 wpabuf_free(buf);
377}
378
379
380/* configure peering state in ours and driver's station entry */
871ff0b7
MH		 381void wpa_mesh_set_plink_state(struct wpa_supplicant *wpa_s,
382 struct sta_info *sta,
383 enum mesh_plink_state state)
5f92659d
BC		 384{
385 struct hostapd_sta_add_params params;
386 int ret;
387
b5f5c324
JM		 388 wpa_msg(wpa_s, MSG_DEBUG, "MPM set " MACSTR " from %s into %s",
389 MAC2STR(sta->addr), mplstate[sta->plink_state],
390 mplstate[state]);
5f92659d
BC		 391 sta->plink_state = state;
392
393 os_memset(&params, 0, sizeof(params));
394 params.addr = sta->addr;
395 params.plink_state = state;
396 params.set = 1;
397
5f92659d
BC		 398 ret = wpa_drv_sta_add(wpa_s, &params);
399 if (ret) {
400 wpa_msg(wpa_s, MSG_ERROR, "Driver failed to set " MACSTR
401 ": %d", MAC2STR(sta->addr), ret);
402 }
403}
404
405
406static void mesh_mpm_fsm_restart(struct wpa_supplicant *wpa_s,
407 struct sta_info *sta)
408{
409 struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
410
411 eloop_cancel_timeout(plink_timer, wpa_s, sta);
412
41bff862 413 ap_free_sta(hapd, sta);
5f92659d
BC		 414}
415
416
417static void plink_timer(void *eloop_ctx, void *user_data)
418{
419 struct wpa_supplicant *wpa_s = eloop_ctx;
420 struct sta_info *sta = user_data;
421 u16 reason = 0;
e6096799 422 struct mesh_conf *conf = wpa_s->ifmsh->mconf;
9f2cf23e 423 struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
5f92659d
BC		 424
425 switch (sta->plink_state) {
426 case PLINK_OPEN_RCVD:
427 case PLINK_OPEN_SENT:
428 /* retry timer */
e6096799
MH		 429 if (sta->mpm_retries < conf->dot11MeshMaxRetries) {
430 eloop_register_timeout(
431 conf->dot11MeshRetryTimeout / 1000,
432 (conf->dot11MeshRetryTimeout % 1000) * 1000,
433 plink_timer, wpa_s, sta);
5f92659d
BC		 434 mesh_mpm_send_plink_action(wpa_s, sta, PLINK_OPEN, 0);
435 sta->mpm_retries++;
436 break;
437 }
438 reason = WLAN_REASON_MESH_MAX_RETRIES;
439 /* fall through on else */
440
441 case PLINK_CNF_RCVD:
442 /* confirm timer */
443 if (!reason)
444 reason = WLAN_REASON_MESH_CONFIRM_TIMEOUT;
871ff0b7 445 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING);
e6096799
MH		 446 eloop_register_timeout(conf->dot11MeshHoldingTimeout / 1000,
447 (conf->dot11MeshHoldingTimeout % 1000) * 1000,
448 plink_timer, wpa_s, sta);
5f92659d
BC		 449 mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CLOSE, reason);
450 break;
451 case PLINK_HOLDING:
452 /* holding timer */
9f2cf23e
MH		 453
454 if (sta->mesh_sae_pmksa_caching) {
455 wpa_printf(MSG_DEBUG, "MPM: Peer " MACSTR
456 " looks like it does not support mesh SAE PMKSA caching, so remove the cached entry for it",
457 MAC2STR(sta->addr));
458 wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr);
459 }
5f92659d
BC		 460 mesh_mpm_fsm_restart(wpa_s, sta);
461 break;
462 default:
463 break;
464 }
465}
466
467
468/* initiate peering with station */
469static void
470mesh_mpm_plink_open(struct wpa_supplicant *wpa_s, struct sta_info *sta,
471 enum mesh_plink_state next_state)
472{
e6096799
MH		 473 struct mesh_conf *conf = wpa_s->ifmsh->mconf;
474
5f92659d 475 eloop_cancel_timeout(plink_timer, wpa_s, sta);
e6096799
MH		 476 eloop_register_timeout(conf->dot11MeshRetryTimeout / 1000,
477 (conf->dot11MeshRetryTimeout % 1000) * 1000,
478 plink_timer, wpa_s, sta);
5f92659d
BC		 479 mesh_mpm_send_plink_action(wpa_s, sta, PLINK_OPEN, 0);
480 wpa_mesh_set_plink_state(wpa_s, sta, next_state);
481}
482
483
e174ef34
MH		 484static int mesh_mpm_plink_close(struct hostapd_data *hapd, struct sta_info *sta,
485 void *ctx)
5f92659d
BC		 486{
487 struct wpa_supplicant *wpa_s = ctx;
488 int reason = WLAN_REASON_MESH_PEERING_CANCELLED;
489
490 if (sta) {
491 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING);
492 mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CLOSE, reason);
493 wpa_printf(MSG_DEBUG, "MPM closing plink sta=" MACSTR,
494 MAC2STR(sta->addr));
495 eloop_cancel_timeout(plink_timer, wpa_s, sta);
496 return 0;
497 }
498
499 return 1;
500}
501
502
e174ef34
MH		 503int mesh_mpm_close_peer(struct wpa_supplicant *wpa_s, const u8 *addr)
504{
505 struct hostapd_data *hapd;
506 struct sta_info *sta;
507
508 if (!wpa_s->ifmsh) {
509 wpa_msg(wpa_s, MSG_INFO, "Mesh is not prepared yet");
510 return -1;
511 }
512
513 hapd = wpa_s->ifmsh->bss[0];
514 sta = ap_get_sta(hapd, addr);
515 if (!sta) {
516 wpa_msg(wpa_s, MSG_INFO, "No such mesh peer");
517 return -1;
518 }
519
520 return mesh_mpm_plink_close(hapd, sta, wpa_s) == 0 ? 0 : -1;
521}
522
523
9f2cf23e
MH		 524static void peer_add_timer(void *eloop_ctx, void *user_data)
525{
526 struct wpa_supplicant *wpa_s = eloop_ctx;
527 struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
528
529 os_memset(hapd->mesh_required_peer, 0, ETH_ALEN);
530}
531
532
533int mesh_mpm_connect_peer(struct wpa_supplicant *wpa_s, const u8 *addr,
534 int duration)
2604edbf
MH		 535{
536 struct wpa_ssid *ssid = wpa_s->current_ssid;
537 struct hostapd_data *hapd;
538 struct sta_info *sta;
539 struct mesh_conf *conf;
540
541 if (!wpa_s->ifmsh) {
542 wpa_msg(wpa_s, MSG_INFO, "Mesh is not prepared yet");
543 return -1;
544 }
545
546 if (!ssid || !ssid->no_auto_peer) {
547 wpa_msg(wpa_s, MSG_INFO,
548 "This command is available only with no_auto_peer mesh network");
549 return -1;
550 }
551
552 hapd = wpa_s->ifmsh->bss[0];
553 conf = wpa_s->ifmsh->mconf;
554
555 sta = ap_get_sta(hapd, addr);
556 if (!sta) {
557 wpa_msg(wpa_s, MSG_INFO, "No such mesh peer");
558 return -1;
559 }
560
561 if ((PLINK_OPEN_SENT <= sta->plink_state &&
562 sta->plink_state <= PLINK_ESTAB) ||
563 (sta->sae && sta->sae->state > SAE_NOTHING)) {
564 wpa_msg(wpa_s, MSG_INFO,
565 "Specified peer is connecting/connected");
566 return -1;
567 }
568
9f2cf23e 569 if (conf->security == MESH_CONF_SEC_NONE) {
2604edbf 570 mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_SENT);
9f2cf23e 571 } else {
2604edbf 572 mesh_rsn_auth_sae_sta(wpa_s, sta);
9f2cf23e
MH		 573 os_memcpy(hapd->mesh_required_peer, addr, ETH_ALEN);
574 eloop_register_timeout(duration == -1 ? 10 : duration, 0,
575 peer_add_timer, wpa_s, NULL);
576 }
2604edbf
MH		 577
578 return 0;
579}
580
581
5f92659d
BC		 582void mesh_mpm_deinit(struct wpa_supplicant *wpa_s, struct hostapd_iface *ifmsh)
583{
584 struct hostapd_data *hapd = ifmsh->bss[0];
585
586 /* notify peers we're leaving */
587 ap_for_each_sta(hapd, mesh_mpm_plink_close, wpa_s);
588
589 hapd->num_plinks = 0;
590 hostapd_free_stas(hapd);
9f2cf23e 591 eloop_cancel_timeout(peer_add_timer, wpa_s, NULL);
5f92659d
BC		 592}
593
594
595/* for mesh_rsn to indicate this peer has completed authentication, and we're
596 * ready to start AMPE */
597void mesh_mpm_auth_peer(struct wpa_supplicant *wpa_s, const u8 *addr)
598{
599 struct hostapd_data *data = wpa_s->ifmsh->bss[0];
600 struct hostapd_sta_add_params params;
601 struct sta_info *sta;
602 int ret;
603
604 sta = ap_get_sta(data, addr);
605 if (!sta) {
606 wpa_msg(wpa_s, MSG_DEBUG, "no such mesh peer");
607 return;
608 }
609
610 /* TODO: Should do nothing if this STA is already authenticated, but
611 * the AP code already sets this flag. */
612 sta->flags |= WLAN_STA_AUTH;
613
0f950df0
TP		 614 mesh_rsn_init_ampe_sta(wpa_s, sta);
615
5f92659d
BC		 616 os_memset(&params, 0, sizeof(params));
617 params.addr = sta->addr;
618 params.flags = WPA_STA_AUTHENTICATED | WPA_STA_AUTHORIZED;
619 params.set = 1;
620
621 wpa_msg(wpa_s, MSG_DEBUG, "MPM authenticating " MACSTR,
622 MAC2STR(sta->addr));
623 ret = wpa_drv_sta_add(wpa_s, &params);
624 if (ret) {
625 wpa_msg(wpa_s, MSG_ERROR,
626 "Driver failed to set " MACSTR ": %d",
627 MAC2STR(sta->addr), ret);
628 }
629
630 if (!sta->my_lid)
631 mesh_mpm_init_link(wpa_s, sta);
632
633 mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_SENT);
634}
635
745d9369
BC		 636/*
637 * Initialize a sta_info structure for a peer and upload it into the driver
638 * in preparation for beginning authentication or peering. This is done when a
639 * Beacon (secure or open mesh) or a peering open frame (for open mesh) is
640 * received from the peer for the first time.
641 */
642static struct sta_info * mesh_mpm_add_peer(struct wpa_supplicant *wpa_s,
643 const u8 *addr,
644 struct ieee802_11_elems *elems)
5f92659d
BC		 645{
646 struct hostapd_sta_add_params params;
647 struct mesh_conf *conf = wpa_s->ifmsh->mconf;
648 struct hostapd_data *data = wpa_s->ifmsh->bss[0];
649 struct sta_info *sta;
745d9369 650 int ret;
5f92659d
BC		 651
652 sta = ap_get_sta(data, addr);
653 if (!sta) {
654 sta = ap_sta_add(data, addr);
655 if (!sta)
745d9369 656 return NULL;
5f92659d
BC		 657 }
658
a73c9842
PO		 659 /* Set WMM by default since Mesh STAs are QoS STAs */
660 sta->flags |= WLAN_STA_WMM;
661
5f92659d 662 /* initialize sta */
745d9369
BC		 663 if (copy_supp_rates(wpa_s, sta, elems)) {
664 ap_free_sta(data, sta);
665 return NULL;
666 }
5f92659d 667
cc64fe7b
JM		 668 if (!sta->my_lid)
669 mesh_mpm_init_link(wpa_s, sta);
5f92659d 670
5cfb672d 671#ifdef CONFIG_IEEE80211N
baae4cb9 672 copy_sta_ht_capab(data, sta, elems->ht_capabilities);
5cfb672d
JM		 673 update_ht_state(data, sta);
674#endif /* CONFIG_IEEE80211N */
675
a65efbfb
PO		 676#ifdef CONFIG_IEEE80211AC
677 copy_sta_vht_capab(data, sta, elems->vht_capabilities);
678 set_sta_vht_opmode(data, sta, elems->vht_opmode_notif);
679#endif /* CONFIG_IEEE80211AC */
680
681753f2
BC		 681 if (hostapd_get_aid(data, sta) < 0) {
682 wpa_msg(wpa_s, MSG_ERROR, "No AIDs available");
683 ap_free_sta(data, sta);
684 return NULL;
685 }
686
5f92659d
BC		 687 /* insert into driver */
688 os_memset(&params, 0, sizeof(params));
689 params.supp_rates = sta->supported_rates;
690 params.supp_rates_len = sta->supported_rates_len;
691 params.addr = addr;
692 params.plink_state = sta->plink_state;
681753f2 693 params.aid = sta->aid;
5f92659d 694 params.listen_interval = 100;
5cfb672d 695 params.ht_capabilities = sta->ht_capabilities;
a65efbfb 696 params.vht_capabilities = sta->vht_capabilities;
5f92659d
BC		 697 params.flags |= WPA_STA_WMM;
698 params.flags_mask |= WPA_STA_AUTHENTICATED;
699 if (conf->security == MESH_CONF_SEC_NONE) {
700 params.flags |= WPA_STA_AUTHORIZED;
701 params.flags |= WPA_STA_AUTHENTICATED;
702 } else {
703 sta->flags |= WLAN_STA_MFP;
704 params.flags |= WPA_STA_MFP;
705 }
706
707 ret = wpa_drv_sta_add(wpa_s, &params);
708 if (ret) {
709 wpa_msg(wpa_s, MSG_ERROR,
710 "Driver failed to insert " MACSTR ": %d",
711 MAC2STR(addr), ret);
745d9369
BC		 712 ap_free_sta(data, sta);
713 return NULL;
5f92659d
BC		 714 }
715
745d9369
BC		 716 return sta;
717}
718
719
720void wpa_mesh_new_mesh_peer(struct wpa_supplicant *wpa_s, const u8 *addr,
721 struct ieee802_11_elems *elems)
722{
723 struct mesh_conf *conf = wpa_s->ifmsh->mconf;
724 struct hostapd_data *data = wpa_s->ifmsh->bss[0];
725 struct sta_info *sta;
726 struct wpa_ssid *ssid = wpa_s->current_ssid;
727
728 sta = mesh_mpm_add_peer(wpa_s, addr, elems);
729 if (!sta)
730 return;
731
9f2cf23e
MH		 732 if (ssid && ssid->no_auto_peer &&
733 (is_zero_ether_addr(data->mesh_required_peer) ||
734 os_memcmp(data->mesh_required_peer, addr, ETH_ALEN) != 0)) {
07cb45cc
TP		 735 wpa_msg(wpa_s, MSG_INFO, "will not initiate new peer link with "
736 MACSTR " because of no_auto_peer", MAC2STR(addr));
3a322496
JM		 737 if (data->mesh_pending_auth) {
738 struct os_reltime age;
739 const struct ieee80211_mgmt *mgmt;
740 struct hostapd_frame_info fi;
741
742 mgmt = wpabuf_head(data->mesh_pending_auth);
743 os_reltime_age(&data->mesh_pending_auth_time, &age);
744 if (age.sec < 2 &&
745 os_memcmp(mgmt->sa, addr, ETH_ALEN) == 0) {
746 wpa_printf(MSG_DEBUG,
747 "mesh: Process pending Authentication frame from %u.%06u seconds ago",
748 (unsigned int) age.sec,
749 (unsigned int) age.usec);
750 os_memset(&fi, 0, sizeof(fi));
751 ieee802_11_mgmt(
752 data,
753 wpabuf_head(data->mesh_pending_auth),
754 wpabuf_len(data->mesh_pending_auth),
755 &fi);
756 }
757 wpabuf_free(data->mesh_pending_auth);
758 data->mesh_pending_auth = NULL;
759 }
07cb45cc
TP		 760 return;
761 }
762
27446e47
JM		 763 if (conf->security == MESH_CONF_SEC_NONE) {
764 if (sta->plink_state < PLINK_OPEN_SENT ||
765 sta->plink_state > PLINK_ESTAB)
766 mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_SENT);
767 } else {
0f950df0 768 mesh_rsn_auth_sae_sta(wpa_s, sta);
27446e47 769 }
5f92659d
BC		 770}
771
772
773void mesh_mpm_mgmt_rx(struct wpa_supplicant *wpa_s, struct rx_mgmt *rx_mgmt)
774{
775 struct hostapd_frame_info fi;
776
777 os_memset(&fi, 0, sizeof(fi));
778 fi.datarate = rx_mgmt->datarate;
779 fi.ssi_signal = rx_mgmt->ssi_signal;
780 ieee802_11_mgmt(wpa_s->ifmsh->bss[0], rx_mgmt->frame,
781 rx_mgmt->frame_len, &fi);
782}
783
784
785static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s,
786 struct sta_info *sta)
787{
788 struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
0f950df0
TP		 789 struct mesh_conf *conf = wpa_s->ifmsh->mconf;
790 u8 seq[6] = {};
5f92659d
BC		 791
792 wpa_msg(wpa_s, MSG_INFO, "mesh plink with " MACSTR " established",
793 MAC2STR(sta->addr));
794
0f950df0 795 if (conf->security & MESH_CONF_SEC_AMPE) {
b02f4d05 796 wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len);
3b6deac0
JM		 797 wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher),
798 sta->addr, 0, 0, seq, sizeof(seq),
799 sta->mtk, sta->mtk_len);
a4eec3c2 800
f868d560
JM		 801 wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK Key RSC",
802 sta->mgtk_rsc, sizeof(sta->mgtk_rsc));
a4eec3c2
JM		 803 wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK",
804 sta->mgtk, sta->mgtk_len);
3b6deac0
JM		 805 wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher),
806 sta->addr, sta->mgtk_key_id, 0,
f868d560 807 sta->mgtk_rsc, sizeof(sta->mgtk_rsc),
a4eec3c2 808 sta->mgtk, sta->mgtk_len);
4367eec4
JM		 809
810 if (sta->igtk_len) {
f868d560
JM		 811 wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK Key RSC",
812 sta->igtk_rsc, sizeof(sta->igtk_rsc));
3b6deac0 813 wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK",
4367eec4 814 sta->igtk, sta->igtk_len);
3b6deac0
JM		 815 wpa_drv_set_key(
816 wpa_s,
817 wpa_cipher_to_alg(conf->mgmt_group_cipher),
818 sta->addr, sta->igtk_key_id, 0,
819 sta->igtk_rsc, sizeof(sta->igtk_rsc),
820 sta->igtk, sta->igtk_len);
4367eec4 821 }
0f950df0
TP		 822 }
823
5f92659d
BC		 824 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_ESTAB);
825 hapd->num_plinks++;
826
827 sta->flags |= WLAN_STA_ASSOC;
9f2cf23e 828 sta->mesh_sae_pmksa_caching = 0;
5f92659d 829
9f2cf23e
MH		 830 eloop_cancel_timeout(peer_add_timer, wpa_s, NULL);
831 peer_add_timer(wpa_s, NULL);
5f92659d
BC		 832 eloop_cancel_timeout(plink_timer, wpa_s, sta);
833
834 /* Send ctrl event */
6174de66
JM		 835 wpa_msg(wpa_s, MSG_INFO, MESH_PEER_CONNECTED MACSTR,
836 MAC2STR(sta->addr));
5f92659d
BC		 837}
838
839
840static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta,
841 enum plink_event event)
842{
843 struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
0f950df0 844 struct mesh_conf *conf = wpa_s->ifmsh->mconf;
5f92659d
BC		 845 u16 reason = 0;
846
847 wpa_msg(wpa_s, MSG_DEBUG, "MPM " MACSTR " state %s event %s",
848 MAC2STR(sta->addr), mplstate[sta->plink_state],
849 mplevent[event]);
850
851 switch (sta->plink_state) {
852 case PLINK_LISTEN:
853 switch (event) {
854 case CLS_ACPT:
855 mesh_mpm_fsm_restart(wpa_s, sta);
856 break;
857 case OPN_ACPT:
858 mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_RCVD);
859 mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CONFIRM,
860 0);
861 break;
862 default:
863 break;
864 }
865 break;
866 case PLINK_OPEN_SENT:
867 switch (event) {
868 case OPN_RJCT:
869 case CNF_RJCT:
870 reason = WLAN_REASON_MESH_CONFIG_POLICY_VIOLATION;
871 /* fall-through */
872 case CLS_ACPT:
873 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING);
874 if (!reason)
875 reason = WLAN_REASON_MESH_CLOSE_RCVD;
e6096799
MH		 876 eloop_register_timeout(
877 conf->dot11MeshHoldingTimeout / 1000,
878 (conf->dot11MeshHoldingTimeout % 1000) * 1000,
879 plink_timer, wpa_s, sta);
5f92659d
BC		 880 mesh_mpm_send_plink_action(wpa_s, sta,
881 PLINK_CLOSE, reason);
882 break;
883 case OPN_ACPT:
884 /* retry timer is left untouched */
885 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_OPEN_RCVD);
886 mesh_mpm_send_plink_action(wpa_s, sta,
887 PLINK_CONFIRM, 0);
888 break;
889 case CNF_ACPT:
890 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_CNF_RCVD);
baa12136 891 eloop_cancel_timeout(plink_timer, wpa_s, sta);
e6096799
MH		 892 eloop_register_timeout(
893 conf->dot11MeshConfirmTimeout / 1000,
894 (conf->dot11MeshConfirmTimeout % 1000) * 1000,
895 plink_timer, wpa_s, sta);
5f92659d
BC		 896 break;
897 default:
898 break;
899 }
900 break;
901 case PLINK_OPEN_RCVD:
902 switch (event) {
903 case OPN_RJCT:
904 case CNF_RJCT:
905 reason = WLAN_REASON_MESH_CONFIG_POLICY_VIOLATION;
906 /* fall-through */
907 case CLS_ACPT:
908 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING);
909 if (!reason)
910 reason = WLAN_REASON_MESH_CLOSE_RCVD;
e6096799
MH		 911 eloop_register_timeout(
912 conf->dot11MeshHoldingTimeout / 1000,
913 (conf->dot11MeshHoldingTimeout % 1000) * 1000,
914 plink_timer, wpa_s, sta);
5f92659d
BC		 915 sta->mpm_close_reason = reason;
916 mesh_mpm_send_plink_action(wpa_s, sta,
917 PLINK_CLOSE, reason);
918 break;
919 case OPN_ACPT:
920 mesh_mpm_send_plink_action(wpa_s, sta,
921 PLINK_CONFIRM, 0);
922 break;
923 case CNF_ACPT:
0f950df0
TP		 924 if (conf->security & MESH_CONF_SEC_AMPE)
925 mesh_rsn_derive_mtk(wpa_s, sta);
5f92659d
BC		 926 mesh_mpm_plink_estab(wpa_s, sta);
927 break;
928 default:
929 break;
930 }
931 break;
932 case PLINK_CNF_RCVD:
933 switch (event) {
934 case OPN_RJCT:
935 case CNF_RJCT:
936 reason = WLAN_REASON_MESH_CONFIG_POLICY_VIOLATION;
937 /* fall-through */
938 case CLS_ACPT:
939 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING);
940 if (!reason)
941 reason = WLAN_REASON_MESH_CLOSE_RCVD;
e6096799
MH		 942 eloop_register_timeout(
943 conf->dot11MeshHoldingTimeout / 1000,
944 (conf->dot11MeshHoldingTimeout % 1000) * 1000,
945 plink_timer, wpa_s, sta);
5f92659d
BC		 946 sta->mpm_close_reason = reason;
947 mesh_mpm_send_plink_action(wpa_s, sta,
948 PLINK_CLOSE, reason);
949 break;
950 case OPN_ACPT:
f42c3ceb
PO		 951 if (conf->security & MESH_CONF_SEC_AMPE)
952 mesh_rsn_derive_mtk(wpa_s, sta);
5f92659d
BC		 953 mesh_mpm_plink_estab(wpa_s, sta);
954 mesh_mpm_send_plink_action(wpa_s, sta,
955 PLINK_CONFIRM, 0);
956 break;
957 default:
958 break;
959 }
960 break;
961 case PLINK_ESTAB:
962 switch (event) {
963 case CLS_ACPT:
964 wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING);
965 reason = WLAN_REASON_MESH_CLOSE_RCVD;
966
e6096799
MH		 967 eloop_register_timeout(
968 conf->dot11MeshHoldingTimeout / 1000,
969 (conf->dot11MeshHoldingTimeout % 1000) * 1000,
970 plink_timer, wpa_s, sta);
5f92659d
BC		 971 sta->mpm_close_reason = reason;
972
973 wpa_msg(wpa_s, MSG_INFO, "mesh plink with " MACSTR
974 " closed with reason %d",
975 MAC2STR(sta->addr), reason);
976
6174de66
JM		 977 wpa_msg(wpa_s, MSG_INFO, MESH_PEER_DISCONNECTED MACSTR,
978 MAC2STR(sta->addr));
5f92659d
BC		 979
980 hapd->num_plinks--;
981
982 mesh_mpm_send_plink_action(wpa_s, sta,
983 PLINK_CLOSE, reason);
984 break;
985 case OPN_ACPT:
986 mesh_mpm_send_plink_action(wpa_s, sta,
987 PLINK_CONFIRM, 0);
988 break;
989 default:
990 break;
991 }
992 break;
993 case PLINK_HOLDING:
994 switch (event) {
995 case CLS_ACPT:
996 mesh_mpm_fsm_restart(wpa_s, sta);
997 break;
998 case OPN_ACPT:
999 case CNF_ACPT:
1000 case OPN_RJCT:
1001 case CNF_RJCT:
1002 reason = sta->mpm_close_reason;
1003 mesh_mpm_send_plink_action(wpa_s, sta,
1004 PLINK_CLOSE, reason);
1005 break;
1006 default:
1007 break;
1008 }
1009 break;
1010 default:
1011 wpa_msg(wpa_s, MSG_DEBUG,
1012 "Unsupported MPM event %s for state %s",
1013 mplevent[event], mplstate[sta->plink_state]);
1014 break;
1015 }
1016}
1017
1018
1019void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s,
1020 const struct ieee80211_mgmt *mgmt, size_t len)
1021{
1022 u8 action_field;
1023 struct hostapd_data *hapd = wpa_s->ifmsh->bss[0];
0f950df0 1024 struct mesh_conf *mconf = wpa_s->ifmsh->mconf;
5f92659d
BC		 1025 struct sta_info *sta;
1026 u16 plid = 0, llid = 0;
1027 enum plink_event event;
1028 struct ieee802_11_elems elems;
1029 struct mesh_peer_mgmt_ie peer_mgmt_ie;
1030 const u8 *ies;
1031 size_t ie_len;
1032 int ret;
1033
1034 if (mgmt->u.action.category != WLAN_ACTION_SELF_PROTECTED)
1035 return;
1036
1037 action_field = mgmt->u.action.u.slf_prot_action.action;
c932b43e
JM		 1038 if (action_field != PLINK_OPEN &&
1039 action_field != PLINK_CONFIRM &&
1040 action_field != PLINK_CLOSE)
1041 return;
5f92659d
BC		 1042
1043 ies = mgmt->u.action.u.slf_prot_action.variable;
1044 ie_len = (const u8 *) mgmt + len -
1045 mgmt->u.action.u.slf_prot_action.variable;
1046
1047 /* at least expect mesh id and peering mgmt */
c932b43e
JM		 1048 if (ie_len < 2 + 2) {
1049 wpa_printf(MSG_DEBUG,
1050 "MPM: Ignore too short action frame %u ie_len %u",
1051 action_field, (unsigned int) ie_len);
5f92659d 1052 return;
c932b43e
JM		 1053 }
1054 wpa_printf(MSG_DEBUG, "MPM: Received PLINK action %u", action_field);
5f92659d
BC		 1055
1056 if (action_field == PLINK_OPEN || action_field == PLINK_CONFIRM) {
c932b43e
JM		 1057 wpa_printf(MSG_DEBUG, "MPM: Capability 0x%x",
1058 WPA_GET_LE16(ies));
5f92659d
BC		 1059 ies += 2; /* capability */
1060 ie_len -= 2;
1061 }
1062 if (action_field == PLINK_CONFIRM) {
c932b43e 1063 wpa_printf(MSG_DEBUG, "MPM: AID 0x%x", WPA_GET_LE16(ies));
5f92659d
BC		 1064 ies += 2; /* aid */
1065 ie_len -= 2;
1066 }
1067
1068 /* check for mesh peering, mesh id and mesh config IEs */
c932b43e
JM		 1069 if (ieee802_11_parse_elems(ies, ie_len, &elems, 0) == ParseFailed) {
1070 wpa_printf(MSG_DEBUG, "MPM: Failed to parse PLINK IEs");
5f92659d 1071 return;
c932b43e
JM		 1072 }
1073 if (!elems.peer_mgmt) {
1074 wpa_printf(MSG_DEBUG,
1075 "MPM: No Mesh Peering Management element");
5f92659d 1076 return;
c932b43e
JM		 1077 }
1078 if (action_field != PLINK_CLOSE) {
1079 if (!elems.mesh_id || !elems.mesh_config) {
1080 wpa_printf(MSG_DEBUG,
1081 "MPM: No Mesh ID or Mesh Configuration element");
1082 return;
1083 }
5f92659d 1084
c932b43e
JM		 1085 if (!matches_local(wpa_s, &elems)) {
1086 wpa_printf(MSG_DEBUG,
1087 "MPM: Mesh ID or Mesh Configuration element do not match local MBSS");
1088 return;
1089 }
1090 }
5f92659d
BC		 1091
1092 ret = mesh_mpm_parse_peer_mgmt(wpa_s, action_field,
1093 elems.peer_mgmt,
1094 elems.peer_mgmt_len,
1095 &peer_mgmt_ie);
c932b43e
JM		 1096 if (ret) {
1097 wpa_printf(MSG_DEBUG, "MPM: Mesh parsing rejected frame");
5f92659d 1098 return;
c932b43e 1099 }
5f92659d
BC		 1100
1101 /* the sender's llid is our plid and vice-versa */
1102 plid = WPA_GET_LE16(peer_mgmt_ie.llid);
1103 if (peer_mgmt_ie.plid)
1104 llid = WPA_GET_LE16(peer_mgmt_ie.plid);
c932b43e 1105 wpa_printf(MSG_DEBUG, "MPM: plid=0x%x llid=0x%x", plid, llid);
5f92659d
BC		 1106
1107 sta = ap_get_sta(hapd, mgmt->sa);
745d9369
BC		 1108
1109 /*
1110 * If this is an open frame from an unknown STA, and this is an
1111 * open mesh, then go ahead and add the peer before proceeding.
1112 */
1113 if (!sta && action_field == PLINK_OPEN &&
9f2cf23e
MH		 1114 (!(mconf->security & MESH_CONF_SEC_AMPE) ||
1115 wpa_auth_pmksa_get(hapd->wpa_auth, mgmt->sa)))
745d9369
BC		 1116 sta = mesh_mpm_add_peer(wpa_s, mgmt->sa, &elems);
1117
c932b43e
JM		 1118 if (!sta) {
1119 wpa_printf(MSG_DEBUG, "MPM: No STA entry for peer");
5f92659d 1120 return;
c932b43e 1121 }
5f92659d 1122
0f950df0
TP		 1123#ifdef CONFIG_SAE
1124 /* peer is in sae_accepted? */
c932b43e
JM		 1125 if (sta->sae && sta->sae->state != SAE_ACCEPTED) {
1126 wpa_printf(MSG_DEBUG, "MPM: SAE not yet accepted for peer");
0f950df0 1127 return;
c932b43e 1128 }
0f950df0
TP		 1129#endif /* CONFIG_SAE */
1130
5f92659d
BC		 1131 if (!sta->my_lid)
1132 mesh_mpm_init_link(wpa_s, sta);
1133
c932b43e
JM		 1134 if ((mconf->security & MESH_CONF_SEC_AMPE) &&
1135 mesh_rsn_process_ampe(wpa_s, sta, &elems,
1136 &mgmt->u.action.category,
c2ed7797 1137 peer_mgmt_ie.chosen_pmk,
c932b43e
JM		 1138 ies, ie_len)) {
1139 wpa_printf(MSG_DEBUG, "MPM: RSN process rejected frame");
1140 return;
1141 }
0f950df0 1142
c932b43e
JM		 1143 if (sta->plink_state == PLINK_BLOCKED) {
1144 wpa_printf(MSG_DEBUG, "MPM: PLINK_BLOCKED");
5f92659d 1145 return;
c932b43e 1146 }
5f92659d
BC		 1147
1148 /* Now we will figure out the appropriate event... */
1149 switch (action_field) {
1150 case PLINK_OPEN:
46e8d90f
MH		 1151 if (plink_free_count(hapd) == 0) {
1152 event = OPN_IGNR;
1153 wpa_printf(MSG_INFO,
1154 "MPM: Peer link num over quota(%d)",
1155 hapd->max_plinks);
1156 } else if (sta->peer_lid && sta->peer_lid != plid) {
5f92659d
BC		 1157 event = OPN_IGNR;
1158 } else {
1159 sta->peer_lid = plid;
1160 event = OPN_ACPT;
1161 }
1162 break;
1163 case PLINK_CONFIRM:
46e8d90f
MH		 1164 if (plink_free_count(hapd) == 0) {
1165 event = CNF_IGNR;
1166 wpa_printf(MSG_INFO,
1167 "MPM: Peer link num over quota(%d)",
1168 hapd->max_plinks);
1169 } else if (sta->my_lid != llid ||
1170 (sta->peer_lid && sta->peer_lid != plid)) {
5f92659d
BC		 1171 event = CNF_IGNR;
1172 } else {
1173 if (!sta->peer_lid)
1174 sta->peer_lid = plid;
1175 event = CNF_ACPT;
1176 }
1177 break;
1178 case PLINK_CLOSE:
1179 if (sta->plink_state == PLINK_ESTAB)
1180 /* Do not check for llid or plid. This does not
1181 * follow the standard but since multiple plinks
1182 * per cand are not supported, it is necessary in
1183 * order to avoid a livelock when MP A sees an
1184 * establish peer link to MP B but MP B does not
1185 * see it. This can be caused by a timeout in
1186 * B's peer link establishment or B being
1187 * restarted.
1188 */
1189 event = CLS_ACPT;
1190 else if (sta->peer_lid != plid)
1191 event = CLS_IGNR;
1192 else if (peer_mgmt_ie.plid && sta->my_lid != llid)
1193 event = CLS_IGNR;
1194 else
1195 event = CLS_ACPT;
1196 break;
763041b2
JM		 1197 default:
1198 /*
1199 * This cannot be hit due to the action_field check above, but
1200 * compilers may not be able to figure that out and can warn
1201 * about uninitialized event below.
1202 */
1203 return;
5f92659d
BC		 1204 }
1205 mesh_mpm_fsm(wpa_s, sta, event);
1206}
c596f3f0
CYY		 1207
1208
1209/* called by ap_free_sta */
9684c756 1210void mesh_mpm_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
c596f3f0 1211{
9684c756
SD		 1212 if (sta->plink_state == PLINK_ESTAB)
1213 hapd->num_plinks--;
c596f3f0
CYY		 1214 eloop_cancel_timeout(plink_timer, ELOOP_ALL_CTX, sta);
1215 eloop_cancel_timeout(mesh_auth_timer, ELOOP_ALL_CTX, sta);
1216}
Unnamed repository; edit this file 'description' to name the repository.