mesh: Start mesh peering after successful authentication

[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 8ced9afbf8e8a218a14eed03e354cc9e1a6a0f49..4e389d07b8e7826b5606327ef8e011f60e04338f 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -802,10 +802,20 @@ static void handle_auth(struct hostapd_data *hapd,
                return;
        }
 
-       sta = ap_sta_add(hapd, mgmt->sa);
-       if (!sta) {
-               resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA;
-               goto fail;
+#ifdef CONFIG_MESH
+       if (hapd->conf->mesh & MESH_ENABLED) {
+               /* if the mesh peer is not available, we don't do auth. */
+               sta = ap_get_sta(hapd, mgmt->sa);
+               if (!sta)
+                       return;
+       } else
+#endif /* CONFIG_MESH */
+       {
+               sta = ap_sta_add(hapd, mgmt->sa);
+               if (!sta) {
+                       resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA;
+                       goto fail;
+               }
        }
 
        if (vlan_id > 0) {
@@ -890,6 +900,20 @@ static void handle_auth(struct hostapd_data *hapd,
 #endif /* CONFIG_IEEE80211R */
 #ifdef CONFIG_SAE
        case WLAN_AUTH_SAE:
+#ifdef CONFIG_MESH
+               if (hapd->conf->mesh & MESH_ENABLED) {
+                       if (sta->wpa_sm == NULL)
+                               sta->wpa_sm =
+                                       wpa_auth_sta_init(hapd->wpa_auth,
+                                                         sta->addr, NULL);
+                       if (sta->wpa_sm == NULL) {
+                               wpa_printf(MSG_DEBUG,
+                                          "SAE: Failed to initialize WPA state machine");
+                               resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
+                               goto fail;
+                       }
+               }
+#endif /* CONFIG_MESH */
                handle_auth_sae(hapd, sta, mgmt, len, auth_transaction);
                return;
 #endif /* CONFIG_SAE */

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 0d2a311c5e3a4fe2a2c061954f3aec8a665b134e..6d3c52bcf0e3bac643c4b420314a35f4b44078ea 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -136,6 +136,17 @@ wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr,
 }
 
 
+#ifdef CONFIG_MESH
+static inline int wpa_auth_start_ampe(struct wpa_authenticator *wpa_auth,
+                                     const u8 *addr)
+{
+       if (wpa_auth->cb.start_ampe == NULL)
+               return -1;
+       return wpa_auth->cb.start_ampe(wpa_auth->cb.ctx, addr);
+}
+#endif /* CONFIG_MESH */
+
+
 int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
                          int (*cb)(struct wpa_state_machine *sm, void *ctx),
                          void *cb_ctx)
@@ -1534,6 +1545,14 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event)
 
        switch (event) {
        case WPA_AUTH:
+#ifdef CONFIG_MESH
+               /* PTKs are derived through AMPE */
+               if (wpa_auth_start_ampe(sm->wpa_auth, sm->addr)) {
+                       /* not mesh */
+                       break;
+               }
+               return 0;
+#endif /* CONFIG_MESH */
        case WPA_ASSOC:
                break;
        case WPA_DEAUTH: