PASN: Use separate variables for BSSID and peer address

Using separate variables for BSSID and peer address is needed to support
Wi-Fi Aware (NAN) use cases where the group address is used as the BSSID
and that could be different from any other peer address. The
infrastructure BSS cases will continue to use the AP's BSSID as both the
peer address and BSSID for the PASN exchanges.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index c168786f9a70e9072c6ee3059ef351d0396674e9..e771b069d0cc500de0413e260e832d233846817a 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -2520,6 +2520,7 @@ static void hapd_initialize_pasn(struct hostapd_data *hapd,
        pasn->comeback_idx = hapd->comeback_idx;
        pasn->comeback_key =  hapd->comeback_key;
        pasn->comeback_pending_idx = hapd->comeback_pending_idx;
+       os_memcpy(pasn->bssid, hapd->own_addr, ETH_ALEN);
 }
 
 

diff --git a/src/pasn/pasn_common.h b/src/pasn/pasn_common.h
index f65031c79ccd743fed65e755e8f690a538ee1033..9c2f397e72306e889c42ad395fdb58325147353e 100644 (file)
--- a/src/pasn/pasn_common.h
+++ b/src/pasn/pasn_common.h
@@ -47,6 +47,7 @@ struct pasn_data {
 
        u8 own_addr[ETH_ALEN];
        u8 peer_addr[ETH_ALEN];
+       u8 bssid[ETH_ALEN];
        size_t pmk_len;
        u8 pmk[PMK_LEN_MAX];
        bool using_pmksa;
@@ -148,12 +149,14 @@ struct pasn_data {
 
 void wpa_pasn_reset(struct pasn_data *pasn);
 int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
-                   const u8 *peer_addr, int akmp, int cipher, u16 group,
+                   const u8 *peer_addr, const u8 *bssid,
+                   int akmp, int cipher, u16 group,
                    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
                    const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
                    const struct wpabuf *comeback);
 int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
-                   const u8 *peer_addr, int akmp, int cipher, u16 group,
+                   const u8 *peer_addr, const u8 *bssid,
+                   int akmp, int cipher, u16 group,
                    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
                    const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
                    const struct wpabuf *comeback);

diff --git a/src/pasn/pasn_initiator.c b/src/pasn/pasn_initiator.c
index d0cf2aa4a72823a2f4bff139a4f7733b1f726317..280575405dd2393c0623ab0dc5f7fef4f836c7d4 100644 (file)
--- a/src/pasn/pasn_initiator.c
+++ b/src/pasn/pasn_initiator.c
@@ -538,7 +538,7 @@ static struct wpabuf * wpas_pasn_build_auth_1(struct pasn_data *pasn,
 
        wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
 
-       wpa_pasn_build_auth_header(buf, pasn->peer_addr,
+       wpa_pasn_build_auth_header(buf, pasn->bssid,
                                   pasn->own_addr, pasn->peer_addr,
                                   pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
 
@@ -629,7 +629,7 @@ static struct wpabuf * wpas_pasn_build_auth_3(struct pasn_data *pasn)
 
        wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
 
-       wpa_pasn_build_auth_header(buf, pasn->peer_addr,
+       wpa_pasn_build_auth_header(buf, pasn->bssid,
                                   pasn->own_addr, pasn->peer_addr,
                                   pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
 
@@ -858,8 +858,8 @@ static int wpas_pasn_set_pmk(struct pasn_data *pasn,
 
 
 static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr,
-                                const u8 *peer_addr, int akmp, int cipher,
-                                u16 group, int freq,
+                                const u8 *peer_addr, const u8 *bssid, int akmp,
+                                int cipher, u16 group, int freq,
                                 const u8 *beacon_rsne, u8 beacon_rsne_len,
                                 const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
                                 const struct wpabuf *comeback, bool verify)
@@ -896,6 +896,7 @@ static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr,
 
        os_memcpy(pasn->own_addr, own_addr, ETH_ALEN);
        os_memcpy(pasn->peer_addr, peer_addr, ETH_ALEN);
+       os_memcpy(pasn->bssid, bssid, ETH_ALEN);
 
        wpa_printf(MSG_DEBUG,
                   "PASN: Init%s: " MACSTR " akmp=0x%x, cipher=0x%x, group=%u",
@@ -927,7 +928,8 @@ fail:
 
 
 int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
-                   const u8 *peer_addr, int akmp, int cipher, u16 group,
+                   const u8 *peer_addr, const u8 *bssid,
+                   int akmp, int cipher, u16 group,
                    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
                    const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
                    const struct wpabuf *comeback)
@@ -973,8 +975,8 @@ int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
                return -1;
        }
 
-       return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher,
-                                    group,
+       return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, bssid, akmp,
+                                    cipher, group,
                                     freq, beacon_rsne, beacon_rsne_len,
                                     beacon_rsnxe, beacon_rsnxe_len, comeback,
                                     false);
@@ -992,15 +994,16 @@ int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
  * verification.
  */
 int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
-                   const u8 *peer_addr, int akmp, int cipher, u16 group,
+                   const u8 *peer_addr, const u8 *bssid,
+                   int akmp, int cipher, u16 group,
                    int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
                    const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
                    const struct wpabuf *comeback)
 {
-       return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher,
-                                    group, freq, beacon_rsne, beacon_rsne_len,
-                                    beacon_rsnxe, beacon_rsnxe_len, comeback,
-                                    true);
+       return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, bssid, akmp,
+                                    cipher, group, freq, beacon_rsne,
+                                    beacon_rsne_len, beacon_rsnxe,
+                                    beacon_rsnxe_len, comeback, true);
 }
 
 
@@ -1022,7 +1025,7 @@ static bool is_pasn_auth_frame(struct pasn_data *pasn,
        /* Not our frame; do nothing */
        if (os_memcmp(mgmt->da, pasn->own_addr, ETH_ALEN) != 0 ||
            os_memcmp(mgmt->sa, pasn->peer_addr, ETH_ALEN) != 0 ||
-           os_memcmp(mgmt->bssid, pasn->peer_addr, ETH_ALEN) != 0)
+           os_memcmp(mgmt->bssid, pasn->bssid, ETH_ALEN) != 0)
                return false;
 
        /* Not PASN; do nothing */

diff --git a/src/pasn/pasn_responder.c b/src/pasn/pasn_responder.c
index 35a88f32701c4567e154668d33e8470cfa7e4490..ea2737c0f3afe255c163f59eac19a6e6c52c910b 100644 (file)
--- a/src/pasn/pasn_responder.c
+++ b/src/pasn/pasn_responder.c
@@ -374,7 +374,7 @@ static void handle_auth_pasn_comeback(struct pasn_data *pasn,
        if (!buf)
                return;
 
-       wpa_pasn_build_auth_header(buf, own_addr, own_addr, peer_addr, 2,
+       wpa_pasn_build_auth_header(buf, pasn->bssid, own_addr, peer_addr, 2,
                                   WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY);
 
        /*
@@ -432,7 +432,7 @@ int handle_auth_pasn_resp(struct pasn_data *pasn, const u8 *own_addr,
        if (!buf)
                goto fail;
 
-       wpa_pasn_build_auth_header(buf, own_addr, own_addr, peer_addr, 2,
+       wpa_pasn_build_auth_header(buf, pasn->bssid, own_addr, peer_addr, 2,
                                   status);
 
        if (status != WLAN_STATUS_SUCCESS)

diff --git a/wpa_supplicant/pasn_supplicant.c b/wpa_supplicant/pasn_supplicant.c
index 526b45c337d986a055041aee1a10fc3cb9c91b58..a8d4e919bb529f3f3281d75bdbb510e71fb05483 100644 (file)
--- a/wpa_supplicant/pasn_supplicant.c
+++ b/wpa_supplicant/pasn_supplicant.c
@@ -647,8 +647,8 @@ static void wpas_pasn_auth_start_cb(struct wpa_radio_work *work, int deinit)
 
 
        ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr,
-                             awork->akmp, awork->cipher, awork->group,
-                             bss->freq, rsne, *(rsne + 1) + 2,
+                             awork->peer_addr, awork->akmp, awork->cipher,
+                             awork->group, bss->freq, rsne, *(rsne + 1) + 2,
                              rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0,
                              awork->comeback);
        if (ret) {