OCV: Track STA OCV capability in AP mode

Check and store OCV capability indication for each STA.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>

diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index 682fb0f0f28b10cff95a9783e93af1ea624bafec..58a3b1e9a035f7d1a6518350a48e00ab614c729c 100644 (file)
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -321,6 +321,8 @@ int wpa_validate_osen(struct wpa_authenticator *wpa_auth,
                      struct wpa_state_machine *sm,
                      const u8 *osen_ie, size_t osen_ie_len);
 int wpa_auth_uses_mfp(struct wpa_state_machine *sm);
+void wpa_auth_set_ocv(struct wpa_state_machine *sm, int ocv);
+int wpa_auth_uses_ocv(struct wpa_state_machine *sm);
 struct wpa_state_machine *
 wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr,
                  const u8 *p2p_dev_addr);

diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index b1cea1b49b14cbde18b3db804c0de769ece171cd..a349304d5f5d3a97ed1c52cad7a9edcc43bffaab 100644 (file)
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -92,6 +92,9 @@ struct wpa_state_machine {
 #endif /* CONFIG_IEEE80211R_AP */
        unsigned int is_wnmsleep:1;
        unsigned int pmkid_set:1;
+#ifdef CONFIG_OCV
+       unsigned int ocv_enabled:1;
+#endif /* CONFIG_OCV */
 
        u8 req_replay_counter[WPA_REPLAY_COUNTER_LEN];
        int req_replay_counter_used;

diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
index c945d62a45ba93ddc80bbe8da2d47f286ecbcf25..f00aa0b60a23b68bd47efc0d20e6c4da77c0df7d 100644 (file)
--- a/src/ap/wpa_auth_ie.c
+++ b/src/ap/wpa_auth_ie.c
@@ -768,6 +768,17 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
        }
 #endif /* CONFIG_SAE */
 
+#ifdef CONFIG_OCV
+       if ((data.capabilities & WPA_CAPABILITY_OCVC) &&
+           !(data.capabilities & WPA_CAPABILITY_MFPC)) {
+               wpa_printf(MSG_DEBUG,
+                          "Management frame protection required with OCV, but client did not enable it");
+               return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
+       }
+       wpa_auth_set_ocv(sm, wpa_auth->conf.ocv &&
+                        (data.capabilities & WPA_CAPABILITY_OCVC));
+#endif /* CONFIG_OCV */
+
        if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
            !(data.capabilities & WPA_CAPABILITY_MFPC))
                sm->mgmt_frame_prot = 0;
@@ -1070,6 +1081,23 @@ int wpa_auth_uses_mfp(struct wpa_state_machine *sm)
 }
 
 
+#ifdef CONFIG_OCV
+
+void wpa_auth_set_ocv(struct wpa_state_machine *sm, int ocv)
+{
+       if (sm)
+               sm->ocv_enabled = ocv;
+}
+
+
+int wpa_auth_uses_ocv(struct wpa_state_machine *sm)
+{
+       return sm ? sm->ocv_enabled : 0;
+}
+
+#endif /* CONFIG_OCV */
+
+
 #ifdef CONFIG_OWE
 u8 * wpa_auth_write_assoc_resp_owe(struct wpa_state_machine *sm,
                                   u8 *pos, size_t max_len,