u8 status;
u8 own_addr[ETH_ALEN];
- u8 bssid[ETH_ALEN];
+ u8 peer_addr[ETH_ALEN];
size_t pmk_len;
u8 pmk[PMK_LEN_MAX];
bool using_pmksa;
void wpa_pasn_reset(struct pasn_data *pasn);
int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
- const u8 *bssid, int akmp, int cipher, u16 group,
+ const u8 *peer_addr, int akmp, int cipher, u16 group,
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
const struct wpabuf *comeback);
int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
- const u8 *bssid, int akmp, int cipher, u16 group,
+ const u8 *peer_addr, int akmp, int cipher, u16 group,
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
const struct wpabuf *comeback);
}
ret = sae_prepare_commit_pt(&pasn->sae, pasn->pt,
- pasn->own_addr, pasn->bssid,
+ pasn->own_addr, pasn->peer_addr,
NULL, NULL);
if (ret) {
wpa_printf(MSG_DEBUG, "PASN: Failed to prepare SAE commit");
pasn->pmksa_entry = pmksa_cache_add(pasn->pmksa, pasn->pmk,
pasn->pmk_len, pasn->fils.erp_pmkid,
- NULL, 0, pasn->bssid,
+ NULL, 0, pasn->peer_addr,
pasn->own_addr, NULL,
pasn->akmp, 0);
wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
- wpa_pasn_build_auth_header(buf, pasn->bssid,
- pasn->own_addr, pasn->bssid,
+ wpa_pasn_build_auth_header(buf, pasn->peer_addr,
+ pasn->own_addr, pasn->peer_addr,
pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
pmkid = NULL;
} else if (wrapped_data != WPA_PASN_WRAPPED_DATA_NO) {
struct rsn_pmksa_cache_entry *pmksa;
- pmksa = pmksa_cache_get(pasn->pmksa, pasn->bssid,
+ pmksa = pmksa_cache_get(pasn->pmksa, pasn->peer_addr,
NULL, NULL, pasn->akmp);
if (pmksa && pasn->custom_pmkid_valid)
pmkid = pasn->custom_pmkid;
wrapped_data = wpas_pasn_get_wrapped_data_format(pasn);
- wpa_pasn_build_auth_header(buf, pasn->bssid,
- pasn->own_addr, pasn->bssid,
+ wpa_pasn_build_auth_header(buf, pasn->peer_addr,
+ pasn->own_addr, pasn->peer_addr,
pasn->trans_seq + 1, WLAN_STATUS_SUCCESS);
wrapped_data_buf = wpas_pasn_get_wrapped_data(pasn);
data_len = wpabuf_len(buf) - IEEE80211_HDRLEN;
ret = pasn_mic(pasn->ptk.kck, pasn->akmp, pasn->cipher,
- pasn->own_addr, pasn->bssid,
+ pasn->own_addr, pasn->peer_addr,
pasn->hash, mic_len * 2, data, data_len, mic);
if (ret) {
wpa_printf(MSG_DEBUG, "PASN: frame 3: Failed MIC calculation");
if (pasn->custom_pmkid_valid) {
ret = pasn->validate_custom_pmkid(pasn->cb_ctx,
- pasn->bssid,
+ pasn->peer_addr,
rsn_data->pmkid);
if (ret) {
wpa_printf(MSG_DEBUG,
pmkid = rsn_data->pmkid;
}
- pmksa = pmksa_cache_get(pasn->pmksa, pasn->bssid,
+ pmksa = pmksa_cache_get(pasn->pmksa, pasn->peer_addr,
pmkid, NULL, pasn->akmp);
if (pmksa) {
wpa_printf(MSG_DEBUG, "PASN: Using PMKSA");
pasn->pmksa_entry = pmksa_cache_add(pasn->pmksa, pasn->pmk,
pasn->pmk_len,
pasn->sae.pmkid,
- NULL, 0, pasn->bssid,
+ NULL, 0, pasn->peer_addr,
pasn->own_addr, NULL,
pasn->akmp, 0);
return 0;
static int wpas_pasn_send_auth_1(struct pasn_data *pasn, const u8 *own_addr,
- const u8 *bssid, int akmp, int cipher,
+ const u8 *peer_addr, int akmp, int cipher,
u16 group, int freq,
const u8 *beacon_rsne, u8 beacon_rsne_len,
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
pasn->freq = freq;
os_memcpy(pasn->own_addr, own_addr, ETH_ALEN);
- os_memcpy(pasn->bssid, bssid, ETH_ALEN);
+ os_memcpy(pasn->peer_addr, peer_addr, ETH_ALEN);
wpa_printf(MSG_DEBUG,
"PASN: Init%s: " MACSTR " akmp=0x%x, cipher=0x%x, group=%u",
verify ? " (verify)" : "",
- MAC2STR(pasn->bssid), pasn->akmp, pasn->cipher, pasn->group);
+ MAC2STR(pasn->peer_addr), pasn->akmp, pasn->cipher,
+ pasn->group);
frame = wpas_pasn_build_auth_1(pasn, comeback, verify);
if (!frame) {
int wpas_pasn_start(struct pasn_data *pasn, const u8 *own_addr,
- const u8 *bssid, int akmp, int cipher, u16 group,
+ const u8 *peer_addr, int akmp, int cipher, u16 group,
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
const struct wpabuf *comeback)
return -1;
}
- return wpas_pasn_send_auth_1(pasn, own_addr, bssid, akmp, cipher, group,
+ return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher,
+ group,
freq, beacon_rsne, beacon_rsne_len,
beacon_rsnxe, beacon_rsnxe_len, comeback,
false);
* verification.
*/
int wpa_pasn_verify(struct pasn_data *pasn, const u8 *own_addr,
- const u8 *bssid, int akmp, int cipher, u16 group,
+ const u8 *peer_addr, int akmp, int cipher, u16 group,
int freq, const u8 *beacon_rsne, u8 beacon_rsne_len,
const u8 *beacon_rsnxe, u8 beacon_rsnxe_len,
const struct wpabuf *comeback)
{
- return wpas_pasn_send_auth_1(pasn, own_addr, bssid, akmp, cipher, group,
- freq, beacon_rsne, beacon_rsne_len,
+ return wpas_pasn_send_auth_1(pasn, own_addr, peer_addr, akmp, cipher,
+ group, freq, beacon_rsne, beacon_rsne_len,
beacon_rsnxe, beacon_rsnxe_len, comeback,
true);
}
/* Not our frame; do nothing */
if (os_memcmp(mgmt->da, pasn->own_addr, ETH_ALEN) != 0 ||
- os_memcmp(mgmt->sa, pasn->bssid, ETH_ALEN) != 0 ||
- os_memcmp(mgmt->bssid, pasn->bssid, ETH_ALEN) != 0)
+ os_memcmp(mgmt->sa, pasn->peer_addr, ETH_ALEN) != 0 ||
+ os_memcmp(mgmt->bssid, pasn->peer_addr, ETH_ALEN) != 0)
return false;
/* Not PASN; do nothing */
}
ret = pasn_pmk_to_ptk(pasn->pmk, pasn->pmk_len,
- pasn->own_addr, pasn->bssid,
+ pasn->own_addr, pasn->peer_addr,
wpabuf_head(secret), wpabuf_len(secret),
&pasn->ptk, pasn->akmp, pasn->cipher,
pasn->kdk_len);
if (pasn->beacon_rsne_rsnxe) {
/* Verify the MIC */
ret = pasn_mic(pasn->ptk.kck, pasn->akmp, pasn->cipher,
- pasn->bssid, pasn->own_addr,
+ pasn->peer_addr, pasn->own_addr,
wpabuf_head(pasn->beacon_rsne_rsnxe),
wpabuf_len(pasn->beacon_rsne_rsnxe),
copy, copy_len, out_mic);
/* Verify the MIC */
ret = pasn_mic(pasn->ptk.kck, pasn->akmp, pasn->cipher,
- pasn->bssid, pasn->own_addr,
+ pasn->peer_addr, pasn->own_addr,
rsne_rsnxe,
rsne_rsnxe_len,
copy, copy_len, out_mic);
*/
if (pasn->trans_seq == 3) {
wpa_printf(MSG_DEBUG, "PASN: auth complete with: " MACSTR,
- MAC2STR(pasn->bssid));
+ MAC2STR(pasn->peer_addr));
/*
* Either frame was not ACKed or it was ACKed but the trans_seq
* != 1, i.e., not expecting an RX frame, so we are done.
struct wpa_pasn_auth_work {
u8 own_addr[ETH_ALEN];
- u8 bssid[ETH_ALEN];
+ u8 peer_addr[ETH_ALEN];
int akmp;
int cipher;
u16 group;
}
-static void wpas_pasn_auth_status(struct wpa_supplicant *wpa_s, const u8 *bssid,
+static void wpas_pasn_auth_status(struct wpa_supplicant *wpa_s,
+ const u8 *peer_addr,
int akmp, int cipher, u8 status,
struct wpabuf *comeback,
u16 comeback_after)
wpa_msg(wpa_s, MSG_INFO, PASN_AUTH_STATUS MACSTR
" akmp=%s, status=%u comeback_after=%u comeback=%s",
- MAC2STR(bssid),
+ MAC2STR(peer_addr),
wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
status, comeback_after, comeback_txt);
wpa_msg(wpa_s, MSG_INFO,
PASN_AUTH_STATUS MACSTR " akmp=%s, status=%u",
- MAC2STR(bssid), wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
+ MAC2STR(peer_addr), wpa_key_mgmt_txt(akmp, WPA_PROTO_RSN),
status);
}
struct wpa_ssid *ssid = NULL;
size_t ssid_str_len = 0;
const u8 *ssid_str = NULL;
- const u8 *bssid = peer->peer_addr;
+ const u8 *peer_addr = peer->peer_addr;
- bss = wpa_bss_get_bssid(wpa_s, bssid);
+ bss = wpa_bss_get_bssid(wpa_s, peer_addr);
if (!bss) {
wpa_supplicant_update_scan_results(wpa_s);
- bss = wpa_bss_get_bssid(wpa_s, bssid);
+ bss = wpa_bss_get_bssid(wpa_s, peer_addr);
if (!bss) {
wpa_printf(MSG_DEBUG, "PASN: BSS not found");
return -1;
static int wpas_pasn_set_keys_from_cache(struct wpa_supplicant *wpa_s,
- const u8 *own_addr, const u8 *bssid,
+ const u8 *own_addr,
+ const u8 *peer_addr,
int cipher, int akmp)
{
struct ptksa_cache_entry *entry;
- entry = ptksa_cache_get(wpa_s->ptksa, bssid, cipher);
+ entry = ptksa_cache_get(wpa_s->ptksa, peer_addr, cipher);
if (!entry) {
wpa_printf(MSG_DEBUG, "PASN: peer " MACSTR
- " not present in PTKSA cache", MAC2STR(bssid));
+ " not present in PTKSA cache", MAC2STR(peer_addr));
return -1;
}
}
wpa_printf(MSG_DEBUG, "PASN: " MACSTR " present in PTKSA cache",
- MAC2STR(bssid));
- wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, bssid, cipher,
+ MAC2STR(peer_addr));
+ wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, cipher,
entry->ptk.tk_len,
entry->ptk.tk,
entry->ptk.ltf_keyseed_len,
static struct wpa_bss * wpas_pasn_allowed(struct wpa_supplicant *wpa_s,
- const u8 *bssid, int akmp, int cipher)
+ const u8 *peer_addr, int akmp,
+ int cipher)
{
struct wpa_bss *bss;
const u8 *rsne;
struct wpa_ie_data rsne_data;
int ret;
- if (os_memcmp(wpa_s->bssid, bssid, ETH_ALEN) == 0) {
+ if (os_memcmp(wpa_s->bssid, peer_addr, ETH_ALEN) == 0) {
wpa_printf(MSG_DEBUG,
"PASN: Not doing authentication with current BSS");
return NULL;
}
- bss = wpa_bss_get_bssid(wpa_s, bssid);
+ bss = wpa_bss_get_bssid(wpa_s, peer_addr);
if (!bss) {
wpa_printf(MSG_DEBUG, "PASN: BSS not found");
return NULL;
* authentication is not allowed, e.g., a connection with the AP was
* established.
*/
- bss = wpas_pasn_allowed(wpa_s, awork->bssid, awork->akmp,
+ bss = wpas_pasn_allowed(wpa_s, awork->peer_addr, awork->akmp,
awork->cipher);
if (!bss) {
wpa_printf(MSG_DEBUG, "PASN: auth_start_cb: Not allowed");
if (wpa_key_mgmt_ft(awork->akmp)) {
#ifdef CONFIG_IEEE80211R
ret = wpa_pasn_ft_derive_pmk_r1(wpa_s->wpa, awork->akmp,
- awork->bssid,
+ awork->peer_addr,
pasn->pmk_r1,
&pasn->pmk_r1_len,
pasn->pmk_r1_name);
}
- ret = wpas_pasn_start(pasn, awork->own_addr, awork->bssid, awork->akmp,
- awork->cipher, awork->group, bss->freq,
- rsne, *(rsne + 1) + 2,
+ ret = wpas_pasn_start(pasn, awork->own_addr, awork->peer_addr,
+ awork->akmp, awork->cipher, awork->group,
+ bss->freq, rsne, *(rsne + 1) + 2,
rsnxe, rsnxe ? *(rsnxe + 1) + 2 : 0,
awork->comeback);
if (ret) {
int wpas_pasn_auth_start(struct wpa_supplicant *wpa_s,
- const u8 *own_addr, const u8 *bssid,
+ const u8 *own_addr, const u8 *peer_addr,
int akmp, int cipher, u16 group, int network_id,
const u8 *comeback, size_t comeback_len)
{
struct wpa_bss *bss;
wpa_printf(MSG_DEBUG, "PASN: Start: " MACSTR " akmp=0x%x, cipher=0x%x",
- MAC2STR(bssid), akmp, cipher);
+ MAC2STR(peer_addr), akmp, cipher);
/*
* TODO: Consider modifying the offchannel logic to handle additional
return -1;
}
- bss = wpas_pasn_allowed(wpa_s, bssid, akmp, cipher);
+ bss = wpas_pasn_allowed(wpa_s, peer_addr, akmp, cipher);
if (!bss)
return -1;
return -1;
os_memcpy(awork->own_addr, own_addr, ETH_ALEN);
- os_memcpy(awork->bssid, bssid, ETH_ALEN);
+ os_memcpy(awork->peer_addr, peer_addr, ETH_ALEN);
awork->akmp = akmp;
awork->cipher = cipher;
awork->group = group;
wpa_printf(MSG_DEBUG, "PASN: Stopping authentication");
- wpas_pasn_auth_status(wpa_s, pasn->bssid, pasn->akmp, pasn->cipher,
+ wpas_pasn_auth_status(wpa_s, pasn->peer_addr, pasn->akmp, pasn->cipher,
pasn->status, pasn->comeback,
pasn->comeback_after);
int cipher = pasn->cipher;
u16 group = pasn->group;
u8 own_addr[ETH_ALEN];
- u8 bssid[ETH_ALEN];
+ u8 peer_addr[ETH_ALEN];
wpa_printf(MSG_DEBUG, "PASN: Immediate retry");
os_memcpy(own_addr, pasn->own_addr, ETH_ALEN);
- os_memcpy(bssid, pasn->bssid, ETH_ALEN);
+ os_memcpy(peer_addr, pasn->peer_addr, ETH_ALEN);
wpas_pasn_reset(wpa_s);
- return wpas_pasn_auth_start(wpa_s, own_addr, bssid, akmp, cipher, group,
- pasn->network_id,
+ return wpas_pasn_auth_start(wpa_s, own_addr, peer_addr, akmp, cipher,
+ group, pasn->network_id,
params->comeback, params->comeback_len);
}
pasn->cb_ctx = wpa_s;
ret = wpa_pasn_auth_rx(pasn, (const u8 *) mgmt, len, &pasn_data);
if (ret == 0) {
- ptksa_cache_add(wpa_s->ptksa, pasn->own_addr, pasn->bssid,
+ ptksa_cache_add(wpa_s->ptksa, pasn->own_addr, pasn->peer_addr,
pasn->cipher, dot11RSNAConfigPMKLifetime,
&pasn->ptk,
wpa_s->pasn_params ? wpas_pasn_deauth_cb : NULL,
return 0;
}
- wpas_pasn_set_keys_from_cache(wpa_s, pasn->own_addr, pasn->bssid,
+ wpas_pasn_set_keys_from_cache(wpa_s, pasn->own_addr, pasn->peer_addr,
pasn->cipher, pasn->akmp);
wpas_pasn_auth_stop(wpa_s);
wpas_pasn_auth_work_done(wpa_s, PASN_STATUS_SUCCESS);
int wpas_pasn_deauthenticate(struct wpa_supplicant *wpa_s, const u8 *own_addr,
- const u8 *bssid)
+ const u8 *peer_addr)
{
struct wpa_bss *bss;
struct wpabuf *buf;
struct ieee80211_mgmt *deauth;
int ret;
- if (os_memcmp(wpa_s->bssid, bssid, ETH_ALEN) == 0) {
+ if (os_memcmp(wpa_s->bssid, peer_addr, ETH_ALEN) == 0) {
wpa_printf(MSG_DEBUG,
"PASN: Cannot deauthenticate from current BSS");
return -1;
}
- wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, bssid, 0, 0, NULL, 0,
- NULL, 1);
+ wpa_drv_set_secure_ranging_ctx(wpa_s, own_addr, peer_addr, 0, 0, NULL,
+ 0, NULL, 1);
wpa_printf(MSG_DEBUG, "PASN: deauth: Flushing all PTKSA entries for "
- MACSTR, MAC2STR(bssid));
- ptksa_cache_flush(wpa_s->ptksa, bssid, WPA_CIPHER_NONE);
+ MACSTR, MAC2STR(peer_addr));
+ ptksa_cache_flush(wpa_s->ptksa, peer_addr, WPA_CIPHER_NONE);
- bss = wpa_bss_get_bssid(wpa_s, bssid);
+ bss = wpa_bss_get_bssid(wpa_s, peer_addr);
if (!bss) {
wpa_printf(MSG_DEBUG, "PASN: deauth: BSS not found");
return -1;
deauth->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) |
(WLAN_FC_STYPE_DEAUTH << 4));
- os_memcpy(deauth->da, bssid, ETH_ALEN);
+ os_memcpy(deauth->da, peer_addr, ETH_ALEN);
os_memcpy(deauth->sa, own_addr, ETH_ALEN);
- os_memcpy(deauth->bssid, bssid, ETH_ALEN);
+ os_memcpy(deauth->bssid, peer_addr, ETH_ALEN);
deauth->u.deauth.reason_code =
host_to_le16(WLAN_REASON_PREV_AUTH_NOT_VALID);
projects / thirdparty / hostap.git / commitdiff
