Use more consistent Action frame RX handling in both AP mode paths

Both handle_action() and hostapd_action_rx() are used for processing
received Action frames depending on what type of driver architecture is
used (MLME in hostapd vs. driver) and which build options were used to
build hostapd. These functions had a bit different sequence for checking
the frame and printing debug prints. Make those more consistent by
checking that the frame includes the category-specific action field and
some payload. Add a debug print for both functions to make it easier to
see which path various Action frames use.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c
index 1135aea33ac6e74bc6d57f32674a679701fe96ae..a726a6ff87e0134bd42c7642504fa9c81a6df955 100644 (file)
--- a/src/ap/drv_callbacks.c
+++ b/src/ap/drv_callbacks.c
@@ -1072,19 +1072,23 @@ static void hostapd_action_rx(struct hostapd_data *hapd,
        struct sta_info *sta;
        size_t plen __maybe_unused;
        u16 fc;
+       u8 *action __maybe_unused;
 
-       if (drv_mgmt->frame_len < 24 + 1)
+       if (drv_mgmt->frame_len < IEEE80211_HDRLEN + 2 + 1)
                return;
 
-       plen = drv_mgmt->frame_len - 24 - 1;
+       plen = drv_mgmt->frame_len - IEEE80211_HDRLEN - 1;
 
        mgmt = (struct ieee80211_mgmt *) drv_mgmt->frame;
        fc = le_to_host16(mgmt->frame_control);
        if (WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION)
                return; /* handled by the driver */
 
-       wpa_printf(MSG_DEBUG, "RX_ACTION cat %d action plen %d",
-                  mgmt->u.action.category, (int) plen);
+       action = (u8 *) &mgmt->u.action.u;
+       wpa_printf(MSG_DEBUG, "RX_ACTION category %u action %u sa " MACSTR
+                  " da " MACSTR " plen %d",
+                  mgmt->u.action.category, *action,
+                  MAC2STR(mgmt->sa), MAC2STR(mgmt->da), (int) plen);
 
        sta = ap_get_sta(hapd, mgmt->sa);
        if (sta == NULL) {

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index d2d6b1767993e23fc1c1db4962903a8b21816aaf..98c36fec7861f3e7df01334fb88d2062c0290ca1 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -3752,9 +3752,9 @@ static int handle_action(struct hostapd_data *hapd,
                         unsigned int freq)
 {
        struct sta_info *sta;
-       sta = ap_get_sta(hapd, mgmt->sa);
+       u8 *action __maybe_unused;
 
-       if (len < IEEE80211_HDRLEN + 1) {
+       if (len < IEEE80211_HDRLEN + 2 + 1) {
                hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
                               HOSTAPD_LEVEL_DEBUG,
                               "handle_action - too short payload (len=%lu)",
@@ -3762,6 +3762,14 @@ static int handle_action(struct hostapd_data *hapd,
                return 0;
        }
 
+       action = (u8 *) &mgmt->u.action.u;
+       wpa_printf(MSG_DEBUG, "RX_ACTION category %u action %u sa " MACSTR
+                  " da " MACSTR " len %d freq %u",
+                  mgmt->u.action.category, *action,
+                  MAC2STR(mgmt->sa), MAC2STR(mgmt->da), (int) len, freq);
+
+       sta = ap_get_sta(hapd, mgmt->sa);
+
        if (mgmt->u.action.category != WLAN_ACTION_PUBLIC &&
            (sta == NULL || !(sta->flags & WLAN_STA_ASSOC))) {
                wpa_printf(MSG_DEBUG, "IEEE 802.11: Ignored Action "