HS 2.0: Generate AssocReq OSEN IE based on AP advertisement

author Jouni Malinen <jouni@codeaurora.org>

Fri, 9 Nov 2018 16:07:16 +0000 (18:07 +0200)

committer Jouni Malinen <jouni@codeaurora.org>

Fri, 9 Nov 2018 16:07:16 +0000 (18:07 +0200)
author Jouni Malinen <jouni@codeaurora.org>
Fri, 9 Nov 2018 16:07:16 +0000 (18:07 +0200)
committer Jouni Malinen <jouni@codeaurora.org>
Fri, 9 Nov 2018 16:07:16 +0000 (18:07 +0200)
diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c

index 14c5769b08170cefe9ec5570482bbacdf81920c7..2d989048ac94326ec98e35ff3dbc557111e78da3 100644 (file)
--- a/src/common/wpa_common.c
+++ b/src/common/wpa_common.c
@@ -1202,6 +1202,8 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len,
                 pos = rsn_ie + 6;
                 left = rsn_ie_len - 6;
  
+               data->group_cipher = WPA_CIPHER_GTK_NOT_USED;
+               data->key_mgmt = WPA_KEY_MGMT_OSEN;
                 data->proto = WPA_PROTO_OSEN;
         } else {
                 const struct rsn_ie_hdr *hdr;
diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c

index d23dc06346c6294399b311948e556b29b805e37a..d569acad8ba4cb66cad255edec0b17a70e9eb0b5 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -354,6 +354,20 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
                         wpas_connect_work_done(wpa_s);
                         return;
                 }
+#ifdef CONFIG_HS20
+       } else if (wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
+                  (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
+               /* No PMKSA caching, but otherwise similar to RSN/WPA */
+               wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
+               if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
+                                             wpa_s->sme.assoc_req_ie,
+                                             &wpa_s->sme.assoc_req_ie_len)) {
+                       wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
+                               "key management and encryption suites");
+                       wpas_connect_work_done(wpa_s);
+                       return;
+               }
+#endif /* CONFIG_HS20 */
         } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
                    wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
                 /*
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c

index 6090e06620c973c09a434e1725f40992f6a878ba..0fe2adb6bc65fdc3b4d6a9df7948932367d05298 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1216,13 +1216,12 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
                 proto = WPA_PROTO_WPA;
  #ifdef CONFIG_HS20
-       } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
+       } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
+                  wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
+                  (ie.group_cipher & ssid->group_cipher) &&
+                  (ie.pairwise_cipher & ssid->pairwise_cipher) &&
+                  (ie.key_mgmt & ssid->key_mgmt)) {
                 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
-               /* TODO: parse OSEN element */
-               os_memset(&ie, 0, sizeof(ie));
-               ie.group_cipher = WPA_CIPHER_CCMP;
-               ie.pairwise_cipher = WPA_CIPHER_CCMP;
-               ie.key_mgmt = WPA_KEY_MGMT_OSEN;
                 proto = WPA_PROTO_OSEN;
         } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
             wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
@@ -2498,6 +2497,19 @@ static u8 * wpas_populate_assoc_ies(
                         os_free(wpa_ie);
                         return NULL;
                 }
+#ifdef CONFIG_HS20
+       } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
+                  (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
+               /* No PMKSA caching, but otherwise similar to RSN/WPA */
+               wpa_ie_len = max_wpa_ie_len;
+               if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
+                                             wpa_ie, &wpa_ie_len)) {
+                       wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
+                               "key management and encryption suites");
+                       os_free(wpa_ie);
+                       return NULL;
+               }
+#endif /* CONFIG_HS20 */
         } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
                    wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
                 /*
author	Jouni Malinen <jouni@codeaurora.org>
	Fri, 9 Nov 2018 16:07:16 +0000 (18:07 +0200)
committer	Jouni Malinen <jouni@codeaurora.org>
	Fri, 9 Nov 2018 16:07:16 +0000 (18:07 +0200)
src/common/wpa_common.c		patch \| blob \| blame \| history
wpa_supplicant/sme.c		patch \| blob \| blame \| history
wpa_supplicant/wpa_supplicant.c		patch \| blob \| blame \| history