From: Jouni Malinen Date: Fri, 20 Mar 2020 22:23:01 +0000 (+0200) Subject: Allow RSNXE to be removed from Beacon frames for testing purposes X-Git-Tag: hostap_2_10~1603 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a55ecfeabeb89d16dd05e2d74764df1274d45622;p=thirdparty%2Fhostap.git Allow RSNXE to be removed from Beacon frames for testing purposes The new hostapd configuration parameter no_beacon_rsnxe=1 can be used to remove RSNXE from Beacon frames. This can be used to test protection mechanisms for downgrade attacks. Signed-off-by: Jouni Malinen --- diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 1a5b742b2..3c7bb395f 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4194,6 +4194,8 @@ static int hostapd_config_fill(struct hostapd_config *conf, } else if (os_strcmp(buf, "igtk_rsc_override") == 0) { wpabuf_free(bss->igtk_rsc_override); bss->igtk_rsc_override = wpabuf_parse_bin(pos); + } else if (os_strcmp(buf, "no_beacon_rsnxe") == 0) { + bss->no_beacon_rsnxe = atoi(pos); #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_SAE } else if (os_strcmp(buf, "sae_password") == 0) { diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index 0cb10c118..80be7ed39 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -683,6 +683,7 @@ struct hostapd_bss_config { struct wpabuf *rsnxe_override_ft; struct wpabuf *gtk_rsc_override; struct wpabuf *igtk_rsc_override; + int no_beacon_rsnxe; #endif /* CONFIG_TESTING_OPTIONS */ #define MESH_ENABLED BIT(0) diff --git a/src/ap/beacon.c b/src/ap/beacon.c index 53e35492d..ff760a0d1 100644 --- a/src/ap/beacon.c +++ b/src/ap/beacon.c @@ -323,6 +323,12 @@ static u8 * hostapd_get_rsnxe(struct hostapd_data *hapd, u8 *pos, size_t len) { const u8 *ie; +#ifdef CONFIG_TESTING_OPTIONS + if (hapd->conf->no_beacon_rsnxe) { + wpa_printf(MSG_INFO, "TESTING: Do not add RSNXE into Beacon"); + return pos; + } +#endif /* CONFIG_TESTING_OPTIONS */ ie = hostapd_wpa_ie(hapd, WLAN_EID_RSNX); if (!ie || 2U + ie[1] > len) return pos;