WNM: Fix BSS Transition Management Request processing

The WNM-Sleep Mode handler took over WNM Action frame processing without
addressing the previously implemented WNM handler. Fix this by moving
the BSs Transition Management processing into wnm_sta.c to share a
single handler function for WNM Action frames.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 441718d7f10b0675e2b5700e9ab579354d769819..baca363f574f9c85b7b8efa3c17a333159e10c11 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -2283,50 +2283,6 @@ static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s,
 }
 
 
-static void wnm_action_rx(struct wpa_supplicant *wpa_s, struct rx_action *rx)
-{
-       u8 action, mode;
-       const u8 *pos, *end;
-
-       if (rx->data == NULL || rx->len == 0)
-               return;
-
-       pos = rx->data;
-       end = pos + rx->len;
-       action = *pos++;
-
-       wpa_printf(MSG_DEBUG, "WNM: RX action %u from " MACSTR,
-                  action, MAC2STR(rx->sa));
-       switch (action) {
-       case WNM_BSS_TRANS_MGMT_REQ:
-               if (pos + 5 > end)
-                       break;
-               wpa_printf(MSG_DEBUG, "WNM: BSS Transition Management "
-                          "Request: dialog_token=%u request_mode=0x%x "
-                          "disassoc_timer=%u validity_interval=%u",
-                          pos[0], pos[1], WPA_GET_LE16(pos + 2), pos[4]);
-               mode = pos[1];
-               pos += 5;
-               if (mode & 0x08)
-                       pos += 12; /* BSS Termination Duration */
-               if (mode & 0x10) {
-                       char url[256];
-                       if (pos + 1 > end || pos + 1 + pos[0] > end) {
-                               wpa_printf(MSG_DEBUG, "WNM: Invalid BSS "
-                                          "Transition Management Request "
-                                          "(URL)");
-                               break;
-                       }
-                       os_memcpy(url, pos + 1, pos[0]);
-                       url[pos[0]] = '\0';
-                       wpa_msg(wpa_s, MSG_INFO, "WNM: ESS Disassociation "
-                               "Imminent - session_info_url=%s", url);
-               }
-               break;
-       }
-}
-
-
 void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
                          union wpa_event_data *data)
 {
@@ -2729,10 +2685,6 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
                                 data->rx_action.freq) == 0)
                        break;
 #endif /* CONFIG_GAS */
-               if (data->rx_action.category == WLAN_ACTION_WNM) {
-                       wnm_action_rx(wpa_s, &data->rx_action);
-                       break;
-               }
 #ifdef CONFIG_TDLS
                if (data->rx_action.category == WLAN_ACTION_PUBLIC &&
                    data->rx_action.len >= 4 &&

diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
index 315722b8c82584c98c3ce48e8dfc8f0568d68e76..45c0aa84e3b94502df37afc1855a578562af1b75 100644 (file)
--- a/wpa_supplicant/wnm_sta.c
+++ b/wpa_supplicant/wnm_sta.c
@@ -296,11 +296,45 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
 void ieee802_11_rx_wnm_action(struct wpa_supplicant *wpa_s,
                              struct rx_action *action)
 {
-       u8 *pos = (u8 *) action->data; /* point to action field */
-       u8 act = *pos++;
-       /* u8 dialog_token = *pos++; */
+       const u8 *pos, *end;
+       u8 act, mode;
+
+       if (action->data == NULL || action->len == 0)
+               return;
+
+       pos = action->data;
+       end = pos + action->len;
+       act = *pos++;
+
+       wpa_printf(MSG_DEBUG, "WNM: RX action %u from " MACSTR,
+                  act, MAC2STR(action->sa));
 
        switch (act) {
+       case WNM_BSS_TRANS_MGMT_REQ:
+               if (pos + 5 > end)
+                       break;
+               wpa_printf(MSG_DEBUG, "WNM: BSS Transition Management "
+                          "Request: dialog_token=%u request_mode=0x%x "
+                          "disassoc_timer=%u validity_interval=%u",
+                          pos[0], pos[1], WPA_GET_LE16(pos + 2), pos[4]);
+               mode = pos[1];
+               pos += 5;
+               if (mode & 0x08)
+                       pos += 12; /* BSS Termination Duration */
+               if (mode & 0x10) {
+                       char url[256];
+                       if (pos + 1 > end || pos + 1 + pos[0] > end) {
+                               wpa_printf(MSG_DEBUG, "WNM: Invalid BSS "
+                                          "Transition Management Request "
+                                          "(URL)");
+                               break;
+                       }
+                       os_memcpy(url, pos + 1, pos[0]);
+                       url[pos[0]] = '\0';
+                       wpa_msg(wpa_s, MSG_INFO, "WNM: ESS Disassociation "
+                               "Imminent - session_info_url=%s", url);
+               }
+               break;
        case WNM_SLEEP_MODE_RESP:
                ieee802_11_rx_wnmsleep_resp(wpa_s, action->data, action->len);
                break;