FT: Add driver op for marking a STA authenticated

This can be used with FT-over-DS where FT Action frame exchange
triggers transition to State 2 (authenticated) without Authentication
frame exchange.

diff --git a/src/drivers/driver.h b/src/drivers/driver.h
index df35e5f8fa85dd9de6c11476575c463c5ede1cd7..00ca97f722f7beb77cf21416876031d4b7dfd1ca 100644 (file)
--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -278,6 +278,7 @@ struct wpa_driver_auth_params {
        const u8 *wep_key[4];
        size_t wep_key_len[4];
        int wep_tx_keyidx;
+       int local_state_change;
 };
 
 /**

diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h
index 4dddee056938ec9a108bd597fee510930003157a..727e591ccaac473c1e1bd024bbeaa744c85838b2 100644 (file)
--- a/src/rsn_supp/wpa.h
+++ b/src/rsn_supp/wpa.h
@@ -54,6 +54,7 @@ struct wpa_sm_ctx {
                             size_t ies_len);
        int (*send_ft_action)(void *ctx, u8 action, const u8 *target_ap,
                              const u8 *ies, size_t ies_len);
+       int (*mark_authenticated)(void *ctx, const u8 *target_ap);
 };
 
 

diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
index 556838b349ed3ffe9bee5c3e1636765c1e8becbc..2840d7a6945f83352e2826fff36e6b5cd02e7319 100644 (file)
--- a/src/rsn_supp/wpa_ft.c
+++ b/src/rsn_supp/wpa_ft.c
@@ -628,6 +628,7 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len,
                os_free(ft_ies);
        }
 
+       wpa_sm_mark_authenticated(sm, bssid);
        ret = wpa_ft_install_ptk(sm, bssid);
        if (ret) {
                /*

diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
index bb774f97d7451d9324a14bed3898ffaa7861191c..fb80afd2d9cc8948f4b33f9c3b9b8b7d1ec1aac6 100644 (file)
--- a/src/rsn_supp/wpa_i.h
+++ b/src/rsn_supp/wpa_i.h
@@ -225,6 +225,14 @@ static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action,
        return -1;
 }
 
+static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm,
+                                           const u8 *target_ap)
+{
+       if (sm->ctx->mark_authenticated)
+               return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap);
+       return -1;
+}
+
 
 void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck,
                        int ver, const u8 *dest, u16 proto,

diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c
index 3fa85a11b7a75d1a39e8aa5a178a39b2ea463f4e..a3622b327d2aaa4f2e9c1eee4adb6e708ee136aa 100644 (file)
--- a/wpa_supplicant/wpas_glue.c
+++ b/wpa_supplicant/wpas_glue.c
@@ -489,6 +489,30 @@ static int wpa_supplicant_send_ft_action(void *ctx, u8 action,
                                                    ies, ies_len);
        return wpa_drv_send_ft_action(wpa_s, action, target_ap, ies, ies_len);
 }
+
+
+static int wpa_supplicant_mark_authenticated(void *ctx, const u8 *target_ap)
+{
+       struct wpa_supplicant *wpa_s = ctx;
+       struct wpa_driver_auth_params params;
+       struct wpa_bss *bss;
+
+       if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
+               return -1;
+
+       bss = wpa_bss_get_bssid(wpa_s, target_ap);
+       if (bss == NULL)
+               return -1;
+
+       os_memset(&params, 0, sizeof(params));
+       params.bssid = target_ap;
+       params.freq = bss->freq;
+       params.ssid = bss->ssid;
+       params.ssid_len = bss->ssid_len;
+       params.auth_alg = WPA_AUTH_ALG_FT;
+       params.local_state_change = 1;
+       return wpa_drv_authenticate(wpa_s, &params);
+}
 #endif /* CONFIG_IEEE80211R */
 
 #endif /* CONFIG_NO_WPA */
@@ -617,6 +641,7 @@ int wpa_supplicant_init_wpa(struct wpa_supplicant *wpa_s)
 #ifdef CONFIG_IEEE80211R
        ctx->update_ft_ies = wpa_supplicant_update_ft_ies;
        ctx->send_ft_action = wpa_supplicant_send_ft_action;
+       ctx->mark_authenticated = wpa_supplicant_mark_authenticated;
 #endif /* CONFIG_IEEE80211R */
 
        wpa_s->wpa = wpa_sm_init(ctx);