#ifdef CONFIG_IEEE80211R_AP
p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, buf, sizeof(buf),
sta->auth_alg, req_ies, req_ies_len,
- !elems.rsnxe);
+ !elems.rsnxe, reassoc, sta->vlan_id);
if (!p) {
wpa_printf(MSG_DEBUG, "FT: Failed to write AssocResp IEs");
return WLAN_STATUS_UNSPECIFIED_FAILURE;
p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, p,
buf + buflen - p,
sta->auth_alg, ies, ies_len,
- omit_rsnxe);
+ omit_rsnxe, reassoc,
+ sta->vlan_id);
if (!p) {
wpa_printf(MSG_DEBUG,
"FT: Failed to write AssocResp IEs");
void wpa_auth_ml_get_key_info(struct wpa_authenticator *a,
struct wpa_auth_ml_link_key_info *info,
bool mgmt_frame_prot, bool beacon_prot,
- bool rekey)
+ bool rekey, int vlan_id)
{
struct wpa_group *gsm = a->group;
u8 rsc[WPA_KEY_RSC_LEN];
"MLD: Get group key info: link_id=%u, IGTK=%u, BIGTK=%u",
info->link_id, mgmt_frame_prot, beacon_prot);
+ if (vlan_id)
+ gsm = wpa_select_vlan_wpa_group(gsm, vlan_id);
+
info->gtkidx = gsm->GN & 0x03;
info->gtk = gsm->GTK[gsm->GN - 1];
info->gtk_len = gsm->GTK_len;
static void wpa_auth_get_ml_key_info(struct wpa_authenticator *wpa_auth,
struct wpa_auth_ml_key_info *info,
- bool rekey)
+ bool rekey, int vlan_id)
{
if (!wpa_auth->cb->get_ml_key_info)
return;
- wpa_auth->cb->get_ml_key_info(wpa_auth->cb_ctx, info, rekey);
+ wpa_auth->cb->get_ml_key_info(wpa_auth->cb_ctx, info, rekey, vlan_id);
}
}
ml_key_info.n_mld_links = i;
- wpa_auth_get_ml_key_info(sm->wpa_auth, &ml_key_info, rekey);
+ wpa_auth_get_ml_key_info(sm->wpa_auth, &ml_key_info, rekey,
+ sm->group->vlan_id);
/* Add MLO GTK KDEs */
for (i = 0; i < ml_key_info.n_mld_links; i++) {
assoc_sm->mld_assoc_link_id = mld_assoc_link_id;
#endif /* CONFIG_IEEE80211BE */
}
+
+
+#ifdef CONFIG_IEEE80211BE
+/* wpa_select_vlan_wpa_group - Traverse through the wpa_group list and select
+ * the one that matches the vlan_id.
+ *
+ * @gsm: Head of wpa_group list
+ * @vlan_id: vlan_id used to search the group key state machine data that
+ * corresponds to the specified VLAN group
+ * Returns: Pointer to wpa_group that corresponds to the VLAN group on success,
+ * or pointer to the head of wpa_group list that was passed in.
+ */
+struct wpa_group * wpa_select_vlan_wpa_group(struct wpa_group *gsm, int vlan_id)
+{
+ struct wpa_group *vlan_gsm = gsm;
+
+ while (vlan_gsm) {
+ if (vlan_gsm->vlan_id == vlan_id)
+ break;
+
+ vlan_gsm = vlan_gsm->next;
+ }
+
+ if (!vlan_gsm) {
+ wpa_printf(MSG_DEBUG, "%s: VLAN group not found", __func__);
+ vlan_gsm = gsm;
+ }
+
+ return vlan_gsm;
+}
+#endif /* CONFIG_IEEE80211BE */
#endif /* CONFIG_PASN */
#ifdef CONFIG_IEEE80211BE
int (*get_ml_key_info)(void *ctx, struct wpa_auth_ml_key_info *info,
- bool rekey);
+ bool rekey, int vlan_id);
struct wpa_authenticator * (*next_primary_auth)(void *ctx);
#endif /* CONFIG_IEEE80211BE */
int (*get_drv_flags)(void *ctx, u64 *drv_flags, u64 *drv_flags2);
u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
size_t max_len, int auth_alg,
const u8 *req_ies, size_t req_ies_len,
- int omit_rsnxe);
+ int omit_rsnxe, bool reassoc, int vlan_id);
void wpa_ft_process_auth(struct wpa_state_machine *sm,
u16 auth_transaction, const u8 *ies, size_t ies_len,
void (*cb)(void *ctx, const u8 *dst,
void wpa_auth_ml_get_key_info(struct wpa_authenticator *a,
struct wpa_auth_ml_link_key_info *info,
bool mgmt_frame_prot, bool beacon_prot,
- bool rekey);
+ bool rekey, int vlan_id);
void wpa_release_link_auth_ref(struct wpa_state_machine *sm, u8 link_id,
bool rejected);
bool wpa_auth_sm_known_sta_identification(struct wpa_state_machine *sm,
const u8 *timestamp,
const u8 *mic, size_t mic_len);
+struct wpa_group * wpa_select_vlan_wpa_group(struct wpa_group *gsm,
+ int vlan_id);
#endif /* WPA_AUTH_H */
}
-static u8 * wpa_ft_gtk_subelem(struct wpa_state_machine *sm, size_t *len)
+static u8 * wpa_ft_gtk_subelem(struct wpa_state_machine *sm, size_t *len,
+ bool reassoc, int vlan_id)
{
u8 *subelem;
struct wpa_auth_config *conf = &sm->wpa_auth->conf;
const u8 *kek;
size_t kek_len;
+#ifdef CONFIG_IEEE80211BE
+ if (reassoc && vlan_id)
+ gsm = wpa_select_vlan_wpa_group(gsm, vlan_id);
+#endif /* CONFIG_IEEE80211BE */
+
if (wpa_key_mgmt_fils(sm->wpa_key_mgmt)) {
kek = sm->PTK.kek2;
kek_len = sm->PTK.kek2_len;
u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
size_t max_len, int auth_alg,
const u8 *req_ies, size_t req_ies_len,
- int omit_rsnxe)
+ int omit_rsnxe, bool reassoc, int vlan_id)
{
u8 *end, *mdie, *ftie, *rsnie = NULL, *r0kh_id, *subelem = NULL;
u8 *fte_mic, *elem_count;
/* Fast BSS Transition Information */
if (auth_alg == WLAN_AUTH_FT) {
- subelem = wpa_ft_gtk_subelem(sm, &subelem_len);
+ subelem = wpa_ft_gtk_subelem(sm, &subelem_len, reassoc,
+ vlan_id);
if (!subelem) {
wpa_printf(MSG_DEBUG,
"FT: Failed to add GTK subelement");
static int hostapd_wpa_auth_get_ml_key_info(void *ctx,
struct wpa_auth_ml_key_info *info,
- bool rekey)
+ bool rekey, int vlan_id)
{
struct hostapd_data *hapd = ctx;
unsigned int i;
&info->links[i],
info->mgmt_frame_prot,
info->beacon_prot,
- rekey);
+ rekey, vlan_id);
continue;
}
&info->links[i],
info->mgmt_frame_prot,
info->beacon_prot,
- rekey);
+ rekey, vlan_id);
link_bss_found = true;
break;
}
projects / thirdparty / hostap.git / commitdiff
