OWE: Use PMKSA caching if available with driver AP MLME

If a matching PMKSA cache entry is present for an OWE client, use it and
do not go through DH while processing Association Rquest frame.
Association Response frame will identify the PMKID in such a case and DH
parameters won't be present.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>

diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index 3cac8f6090a5359be4bd0fdd73097dda1da8198e..cb96171549630adec1561e6e3d8f5ab6ad203de5 100644 (file)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -530,7 +530,8 @@ skip_wpa_check:
 
                npos = owe_auth_req_process(hapd, sta,
                                            elems.owe_dh, elems.owe_dh_len,
-                                           p, &reason);
+                                           p, sizeof(buf) - (p - buf),
+                                           &reason);
                if (npos)
                        p = npos;
                if (!npos &&

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 89fe2796234680858c8c8be3ab9f037ec451869a..a473d21104202fcd31d33c90657bfcc53db103c6 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2990,10 +2990,18 @@ done:
 #ifdef CONFIG_OWE
 u8 * owe_auth_req_process(struct hostapd_data *hapd, struct sta_info *sta,
                          const u8 *owe_dh, u8 owe_dh_len,
-                         u8 *owe_buf, u16 *reason)
+                         u8 *owe_buf, size_t owe_buf_len, u16 *reason)
 {
        struct wpabuf *pub;
 
+       if (wpa_auth_sta_get_pmksa(sta->wpa_sm)) {
+               wpa_printf(MSG_DEBUG, "OWE: Using PMKSA caching");
+               owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, owe_buf,
+                                                       owe_buf_len, NULL, 0);
+               *reason = WLAN_STATUS_SUCCESS;
+               return owe_buf;
+       }
+
        *reason = owe_process_assoc_req(hapd, sta, owe_dh, owe_dh_len);
        if (*reason != WLAN_STATUS_SUCCESS)
                return NULL;

diff --git a/src/ap/ieee802_11.h b/src/ap/ieee802_11.h
index 1624dc5afe698c59db856be30422315d1d8d8491..a263efedaadd4b5be750b596ac823b611ae035d4 100644 (file)
--- a/src/ap/ieee802_11.h
+++ b/src/ap/ieee802_11.h
@@ -144,7 +144,7 @@ void ieee802_11_finish_fils_auth(struct hostapd_data *hapd,
                                 const u8 *msk, size_t msk_len);
 u8 * owe_auth_req_process(struct hostapd_data *hapd, struct sta_info *sta,
                          const u8 *owe_dh, u8 owe_dh_len,
-                         u8 *owe_buf, u16 *reason);
+                         u8 *owe_buf, size_t owe_buf_len, u16 *reason);
 void fils_hlp_timeout(void *eloop_ctx, void *eloop_data);
 void fils_hlp_finish_assoc(struct hostapd_data *hapd, struct sta_info *sta);
 void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta,