From 01ceb88c77f2b6f25ac22b426eadecfed432d2bd Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@codeaurora.org>
Date: Mon, 25 May 2020 20:46:32 +0300
Subject: [PATCH] OCV: Report validation errors for (Re)Association Request
 frames

Add the OCV-FAILURE control interface event to notify upper layers of
OCV validation issues in FT and FILS (Re)Association Request frames.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 src/ap/ieee802_11.c  | 4 ++++
 src/ap/wpa_auth_ft.c | 6 ++++++
 2 files changed, 10 insertions(+)

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index b54580efe..c4bf434f2 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -24,6 +24,7 @@
 #include "common/dpp.h"
 #include "common/ocv.h"
 #include "common/wpa_common.h"
+#include "common/wpa_ctrl.h"
 #include "radius/radius.h"
 #include "radius/radius_client.h"
 #include "p2p/p2p.h"
@@ -3511,6 +3512,9 @@ static int check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
 					 tx_chanwidth, tx_seg1_idx) != 0) {
 			wpa_printf(MSG_WARNING, "FILS: OCV failed: %s",
 				   ocv_errorstr);
+			wpa_msg(hapd->msg_ctx, MSG_INFO, OCV_FAILURE "addr="
+				MACSTR " frame=fils-reassoc-req error=%s",
+				MAC2STR(sta->addr), ocv_errorstr);
 			return WLAN_STATUS_UNSPECIFIED_FAILURE;
 		}
 	}
diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index f52a872c3..1a1fa2420 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -14,6 +14,7 @@
 #include "common/ieee802_11_defs.h"
 #include "common/ieee802_11_common.h"
 #include "common/ocv.h"
+#include "common/wpa_ctrl.h"
 #include "drivers/driver.h"
 #include "crypto/aes.h"
 #include "crypto/aes_siv.h"
@@ -3467,6 +3468,11 @@ int wpa_ft_validate_reassoc(struct wpa_state_machine *sm, const u8 *ies,
 		if (ocv_verify_tx_params(parse.oci, parse.oci_len, &ci,
 					 tx_chanwidth, tx_seg1_idx) != 0) {
 			wpa_printf(MSG_WARNING, "OCV failed: %s", ocv_errorstr);
+			if (sm->wpa_auth->conf.msg_ctx)
+				wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO,
+					OCV_FAILURE "addr=" MACSTR
+					" frame=ft-reassoc-req error=%s",
+					MAC2STR(sm->addr), ocv_errorstr);
 			return WLAN_STATUS_UNSPECIFIED_FAILURE;
 		}
 	}
-- 
2.47.2