FT: Testing override for RSNXE Used subfield in FTE (AP)

Allow hostapd to be requested to override the RSNXE Used subfield in FT
reassociation case for testing purposes with "ft_rsnxe_used=<0/1/2>"
where 0 = no override, 1 = override to 1, and 2 = override to 0.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 1d8c0397356f935443db84aa649276b2a0551358..cc1855dcd6ef31428d48db85e80fc42d7c2c1f48 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -4215,6 +4215,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
                bss->no_beacon_rsnxe = atoi(pos);
        } else if (os_strcmp(buf, "skip_prune_assoc") == 0) {
                bss->skip_prune_assoc = atoi(pos);
+       } else if (os_strcmp(buf, "ft_rsnxe_used") == 0) {
+               bss->ft_rsnxe_used = atoi(pos);
 #endif /* CONFIG_TESTING_OPTIONS */
 #ifdef CONFIG_SAE
        } else if (os_strcmp(buf, "sae_password") == 0) {

diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c
index d90b5dc8fba26c02710d3cf38bd8792f6cd37af9..c5b258bf16d33a0643977f150c09b52dfb71816c 100644 (file)
--- a/hostapd/ctrl_iface.c
+++ b/hostapd/ctrl_iface.c
@@ -1477,6 +1477,12 @@ static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd)
                        if (hapd->started)
                                hostapd_setup_sae_pt(hapd->conf);
                }
+
+#ifdef CONFIG_TESTING_OPTIONS
+               if (os_strcmp(cmd, "ft_rsnxe_used") == 0)
+                       wpa_auth_set_ft_rsnxe_used(hapd->wpa_auth,
+                                                  hapd->conf->ft_rsnxe_used);
+#endif /* CONFIG_TESTING_OPTIONS */
        }
 
        return ret;

diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 2a0bf07631bb568c3467f0289d450cf4c080904b..0503400b5379fbcbc9c34824bfad6a1da93cffe1 100644 (file)
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -686,6 +686,7 @@ struct hostapd_bss_config {
        struct wpabuf *igtk_rsc_override;
        int no_beacon_rsnxe;
        int skip_prune_assoc;
+       int ft_rsnxe_used;
 #endif /* CONFIG_TESTING_OPTIONS */
 
 #define MESH_ENABLED BIT(0)

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 070236a89c898d9c0640a3b0899521d6d6136f26..8ecb17318c8dfc6c7662f931b78a6e37fba72c5f 100644 (file)
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -5459,4 +5459,11 @@ int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth)
        return eloop_register_timeout(0, 0, wpa_rekey_gtk, wpa_auth, NULL);
 }
 
+
+void wpa_auth_set_ft_rsnxe_used(struct wpa_authenticator *wpa_auth, int val)
+{
+       if (wpa_auth)
+               wpa_auth->conf.ft_rsnxe_used = val;
+}
+
 #endif /* CONFIG_TESTING_OPTIONS */

diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index c122211947c2b4ba933c96caa09c3d95b2400b1b..1ea067bcf85e4fb287e3dd3466237d2b5d116ce6 100644 (file)
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -238,6 +238,7 @@ struct wpa_auth_config {
        unsigned int rsnxe_override_ft_set:1;
        unsigned int gtk_rsc_override_set:1;
        unsigned int igtk_rsc_override_set:1;
+       int ft_rsnxe_used;
 #endif /* CONFIG_TESTING_OPTIONS */
 #ifdef CONFIG_P2P
        u8 ip_addr_go[4];
@@ -522,5 +523,6 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm,
                             void *ctx1, void *ctx2);
 int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth);
 void wpa_auth_set_ptk_rekey_timer(struct wpa_state_machine *sm);
+void wpa_auth_set_ft_rsnxe_used(struct wpa_authenticator *wpa_auth, int val);
 
 #endif /* WPA_AUTH_H */

diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 30e801a3ac763b2d954eb3a1c1428ad3c82d7da8..4b17da7a480db53322699fde20a5103442029941 100644 (file)
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -2647,6 +2647,13 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
        }
        rsnxe_used = (auth_alg == WLAN_AUTH_FT) &&
                (conf->sae_pwe == 1 || conf->sae_pwe == 2);
+#ifdef CONFIG_TESTING_OPTIONS
+       if (sm->wpa_auth->conf.ft_rsnxe_used) {
+               rsnxe_used = sm->wpa_auth->conf.ft_rsnxe_used == 1;
+               wpa_printf(MSG_DEBUG, "TESTING: FT: Force RSNXE Used %d",
+                          rsnxe_used);
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
        res = wpa_write_ftie(conf, use_sha384, r0kh_id, r0kh_id_len,
                             anonce, snonce, pos, end - pos,
                             subelem, subelem_len, rsnxe_used);

diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c
index 79880e4784dcf394821097c23ee6de64067fd0d7..058b34ca30bbdcc27c63b6f4c27ff734a74ecd06 100644 (file)
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -174,6 +174,7 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
                          wpabuf_len(conf->igtk_rsc_override));
                wconf->igtk_rsc_override_set = 1;
        }
+       wconf->ft_rsnxe_used = conf->ft_rsnxe_used;
 #endif /* CONFIG_TESTING_OPTIONS */
 #ifdef CONFIG_P2P
        os_memcpy(wconf->ip_addr_go, conf->ip_addr_go, 4);