X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=wpa_supplicant%2Fmesh_mpm.c;h=8f327d875ff28522c4b91197389cb3f0f04dcee9;hb=9c21b2bf45e35ba169d9123941c46cf3b2896d9c;hp=aa28324ddd741b15707c656dd75c3b22873d135c;hpb=5f92659d88f17ba8cd11210a70e17ba664a62d53;p=mech_eap.git diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index aa28324..8f327d8 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -14,22 +14,18 @@ #include "ap/hostapd.h" #include "ap/sta_info.h" #include "ap/ieee802_11.h" +#include "ap/wpa_auth.h" #include "wpa_supplicant_i.h" #include "driver_i.h" #include "mesh_mpm.h" - -/* TODO make configurable */ -#define dot11MeshMaxRetries 10 -#define dot11MeshRetryTimeout 1 -#define dot11MeshConfirmTimeout 1 -#define dot11MeshHoldingTimeout 1 +#include "mesh_rsn.h" struct mesh_peer_mgmt_ie { - const u8 *proto_id; - const u8 *llid; - const u8 *plid; - const u8 *reason; - const u8 *pmk; + const u8 *proto_id; /* Mesh Peering Protocol Identifier (2 octets) */ + const u8 *llid; /* Local Link ID (2 octets) */ + const u8 *plid; /* Peer Link ID (conditional, 2 octets) */ + const u8 *reason; /* Reason Code (conditional, 2 octets) */ + const u8 *chosen_pmk; /* Chosen PMK (optional, 16 octets) */ }; static void plink_timer(void *eloop_ctx, void *user_data); @@ -48,6 +44,7 @@ enum plink_event { }; static const char * const mplstate[] = { + [0] = "UNINITIALIZED", [PLINK_LISTEN] = "LISTEN", [PLINK_OPEN_SENT] = "OPEN_SENT", [PLINK_OPEN_RCVD] = "OPEN_RCVD", @@ -77,10 +74,10 @@ static int mesh_mpm_parse_peer_mgmt(struct wpa_supplicant *wpa_s, { os_memset(mpm_ie, 0, sizeof(*mpm_ie)); - /* remove optional PMK at end */ - if (len >= 16) { - len -= 16; - mpm_ie->pmk = ie + len - 16; + /* Remove optional Chosen PMK field at end */ + if (len >= SAE_PMKID_LEN) { + mpm_ie->chosen_pmk = ie + len - SAE_PMKID_LEN; + len -= SAE_PMKID_LEN; } if ((action_field == PLINK_OPEN && len != 4) || @@ -106,8 +103,8 @@ static int mesh_mpm_parse_peer_mgmt(struct wpa_supplicant *wpa_s, len -= 2; } - /* plid, present for confirm, and possibly close */ - if (len) + /* Peer Link ID, present for confirm, and possibly close */ + if (len >= 2) mpm_ie->plid = ie; return 0; @@ -198,6 +195,11 @@ static void mesh_mpm_init_link(struct wpa_supplicant *wpa_s, sta->my_lid = llid; sta->peer_lid = 0; + + /* + * We do not use wpa_mesh_set_plink_state() here because there is no + * entry in kernel yet. + */ sta->plink_state = PLINK_LISTEN; } @@ -212,43 +214,65 @@ static void mesh_mpm_send_plink_action(struct wpa_supplicant *wpa_s, struct hostapd_data *bss = ifmsh->bss[0]; struct mesh_conf *conf = ifmsh->mconf; u8 supp_rates[2 + 2 + 32]; - u8 *pos; + u8 *pos, *cat; u8 ie_len, add_plid = 0; int ret; int ampe = conf->security & MESH_CONF_SEC_AMPE; + size_t buf_len; if (!sta) return; - buf = wpabuf_alloc(2 + /* capability info */ - 2 + /* AID */ - 2 + 8 + /* supported rates */ - 2 + (32 - 8) + - 2 + 32 + /* mesh ID */ - 2 + 7 + /* mesh config */ - 2 + 26 + /* HT capabilities */ - 2 + 22 + /* HT operation */ - 2 + 23 + /* peering management */ - 2 + 96 + /* AMPE */ - 2 + 16); /* MIC */ + buf_len = 2 + /* capability info */ + 2 + /* AID */ + 2 + 8 + /* supported rates */ + 2 + (32 - 8) + + 2 + 32 + /* mesh ID */ + 2 + 7 + /* mesh config */ + 2 + 23 + /* peering management */ + 2 + 96 + /* AMPE */ + 2 + 16; /* MIC */ +#ifdef CONFIG_IEEE80211N + if (type != PLINK_CLOSE && wpa_s->mesh_ht_enabled) { + buf_len += 2 + 26 + /* HT capabilities */ + 2 + 22; /* HT operation */ + } +#endif /* CONFIG_IEEE80211N */ +#ifdef CONFIG_IEEE80211AC + if (type != PLINK_CLOSE && wpa_s->mesh_vht_enabled) { + buf_len += 2 + 12 + /* VHT Capabilities */ + 2 + 5; /* VHT Operation */ + } +#endif /* CONFIG_IEEE80211AC */ + if (type != PLINK_CLOSE) + buf_len += conf->rsn_ie_len; /* RSN IE */ + + buf = wpabuf_alloc(buf_len); if (!buf) return; + cat = wpabuf_mhead_u8(buf); wpabuf_put_u8(buf, WLAN_ACTION_SELF_PROTECTED); wpabuf_put_u8(buf, type); if (type != PLINK_CLOSE) { + u8 info; + /* capability info */ wpabuf_put_le16(buf, ampe ? IEEE80211_CAP_PRIVACY : 0); + /* aid */ if (type == PLINK_CONFIRM) - wpabuf_put_le16(buf, sta->peer_lid); + wpabuf_put_le16(buf, sta->aid); /* IE: supp + ext. supp rates */ pos = hostapd_eid_supp_rates(bss, supp_rates); pos = hostapd_eid_ext_supp_rates(bss, pos); wpabuf_put_data(buf, supp_rates, pos - supp_rates); + /* IE: RSN IE */ + wpabuf_put_data(buf, conf->rsn_ie, conf->rsn_ie_len); + /* IE: Mesh ID */ wpabuf_put_u8(buf, WLAN_EID_MESH_ID); wpabuf_put_u8(buf, conf->meshid_len); @@ -262,10 +286,12 @@ static void mesh_mpm_send_plink_action(struct wpa_supplicant *wpa_s, wpabuf_put_u8(buf, conf->mesh_cc_id); wpabuf_put_u8(buf, conf->mesh_sp_id); wpabuf_put_u8(buf, conf->mesh_auth_id); - /* TODO: formation info */ - wpabuf_put_u8(buf, 0); + info = (bss->num_plinks > 63 ? 63 : bss->num_plinks) << 1; + /* TODO: Add Connected to Mesh Gate/AS subfields */ + wpabuf_put_u8(buf, info); /* always forwarding & accepting plinks for now */ - wpabuf_put_u8(buf, 0x1 | 0x8); + wpabuf_put_u8(buf, MESH_CAP_ACCEPT_ADDITIONAL_PEER | + MESH_CAP_FORWARDING); } else { /* Peer closing frame */ /* IE: Mesh ID */ wpabuf_put_u8(buf, WLAN_EID_MESH_ID); @@ -303,9 +329,43 @@ static void mesh_mpm_send_plink_action(struct wpa_supplicant *wpa_s, wpabuf_put_le16(buf, sta->peer_lid); if (type == PLINK_CLOSE) wpabuf_put_le16(buf, close_reason); + if (ampe) { + if (sta->sae == NULL) { + wpa_msg(wpa_s, MSG_INFO, "Mesh MPM: no SAE session"); + goto fail; + } + mesh_rsn_get_pmkid(wpa_s->mesh_rsn, sta, + wpabuf_put(buf, PMKID_LEN)); + } + +#ifdef CONFIG_IEEE80211N + if (type != PLINK_CLOSE && wpa_s->mesh_ht_enabled) { + u8 ht_capa_oper[2 + 26 + 2 + 22]; - /* TODO HT IEs */ + pos = hostapd_eid_ht_capabilities(bss, ht_capa_oper); + pos = hostapd_eid_ht_operation(bss, pos); + wpabuf_put_data(buf, ht_capa_oper, pos - ht_capa_oper); + } +#endif /* CONFIG_IEEE80211N */ +#ifdef CONFIG_IEEE80211AC + if (type != PLINK_CLOSE && wpa_s->mesh_vht_enabled) { + u8 vht_capa_oper[2 + 12 + 2 + 5]; + + pos = hostapd_eid_vht_capabilities(bss, vht_capa_oper); + pos = hostapd_eid_vht_operation(bss, pos); + wpabuf_put_data(buf, vht_capa_oper, pos - vht_capa_oper); + } +#endif /* CONFIG_IEEE80211AC */ + + if (ampe && mesh_rsn_protect_frame(wpa_s->mesh_rsn, sta, cat, buf)) { + wpa_msg(wpa_s, MSG_INFO, + "Mesh MPM: failed to add AMPE and MIC IE"); + goto fail; + } + wpa_msg(wpa_s, MSG_DEBUG, "Mesh MPM: Sending peering frame type %d to " + MACSTR " (my_lid=0x%x peer_lid=0x%x)", + type, MAC2STR(sta->addr), sta->my_lid, sta->peer_lid); ret = wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, sta->addr, wpa_s->own_addr, wpa_s->own_addr, wpabuf_head(buf), wpabuf_len(buf), 0); @@ -313,18 +373,22 @@ static void mesh_mpm_send_plink_action(struct wpa_supplicant *wpa_s, wpa_msg(wpa_s, MSG_INFO, "Mesh MPM: failed to send peering frame"); +fail: wpabuf_free(buf); } /* configure peering state in ours and driver's station entry */ -static void -wpa_mesh_set_plink_state(struct wpa_supplicant *wpa_s, struct sta_info *sta, - enum mesh_plink_state state) +void wpa_mesh_set_plink_state(struct wpa_supplicant *wpa_s, + struct sta_info *sta, + enum mesh_plink_state state) { struct hostapd_sta_add_params params; int ret; + wpa_msg(wpa_s, MSG_DEBUG, "MPM set " MACSTR " from %s into %s", + MAC2STR(sta->addr), mplstate[sta->plink_state], + mplstate[state]); sta->plink_state = state; os_memset(¶ms, 0, sizeof(params)); @@ -332,8 +396,6 @@ wpa_mesh_set_plink_state(struct wpa_supplicant *wpa_s, struct sta_info *sta, params.plink_state = state; params.set = 1; - wpa_msg(wpa_s, MSG_DEBUG, "MPM set " MACSTR " into %s", - MAC2STR(sta->addr), mplstate[state]); ret = wpa_drv_sta_add(wpa_s, ¶ms); if (ret) { wpa_msg(wpa_s, MSG_ERROR, "Driver failed to set " MACSTR @@ -349,14 +411,7 @@ static void mesh_mpm_fsm_restart(struct wpa_supplicant *wpa_s, eloop_cancel_timeout(plink_timer, wpa_s, sta); - if (sta->mpm_close_reason == WLAN_REASON_MESH_CLOSE_RCVD) { - ap_free_sta(hapd, sta); - return; - } - - wpa_mesh_set_plink_state(wpa_s, sta, PLINK_LISTEN); - sta->my_lid = sta->peer_lid = sta->mpm_close_reason = 0; - sta->mpm_retries = 0; + ap_free_sta(hapd, sta); } @@ -365,14 +420,18 @@ static void plink_timer(void *eloop_ctx, void *user_data) struct wpa_supplicant *wpa_s = eloop_ctx; struct sta_info *sta = user_data; u16 reason = 0; + struct mesh_conf *conf = wpa_s->ifmsh->mconf; + struct hostapd_data *hapd = wpa_s->ifmsh->bss[0]; switch (sta->plink_state) { case PLINK_OPEN_RCVD: case PLINK_OPEN_SENT: /* retry timer */ - if (sta->mpm_retries < dot11MeshMaxRetries) { - eloop_register_timeout(dot11MeshRetryTimeout, 0, - plink_timer, wpa_s, sta); + if (sta->mpm_retries < conf->dot11MeshMaxRetries) { + eloop_register_timeout( + conf->dot11MeshRetryTimeout / 1000, + (conf->dot11MeshRetryTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); mesh_mpm_send_plink_action(wpa_s, sta, PLINK_OPEN, 0); sta->mpm_retries++; break; @@ -384,13 +443,21 @@ static void plink_timer(void *eloop_ctx, void *user_data) /* confirm timer */ if (!reason) reason = WLAN_REASON_MESH_CONFIRM_TIMEOUT; - sta->plink_state = PLINK_HOLDING; - eloop_register_timeout(dot11MeshHoldingTimeout, 0, - plink_timer, wpa_s, sta); + wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING); + eloop_register_timeout(conf->dot11MeshHoldingTimeout / 1000, + (conf->dot11MeshHoldingTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CLOSE, reason); break; case PLINK_HOLDING: /* holding timer */ + + if (sta->mesh_sae_pmksa_caching) { + wpa_printf(MSG_DEBUG, "MPM: Peer " MACSTR + " looks like it does not support mesh SAE PMKSA caching, so remove the cached entry for it", + MAC2STR(sta->addr)); + wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr); + } mesh_mpm_fsm_restart(wpa_s, sta); break; default: @@ -404,16 +471,19 @@ static void mesh_mpm_plink_open(struct wpa_supplicant *wpa_s, struct sta_info *sta, enum mesh_plink_state next_state) { + struct mesh_conf *conf = wpa_s->ifmsh->mconf; + eloop_cancel_timeout(plink_timer, wpa_s, sta); - eloop_register_timeout(dot11MeshRetryTimeout, 0, plink_timer, - wpa_s, sta); + eloop_register_timeout(conf->dot11MeshRetryTimeout / 1000, + (conf->dot11MeshRetryTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); mesh_mpm_send_plink_action(wpa_s, sta, PLINK_OPEN, 0); wpa_mesh_set_plink_state(wpa_s, sta, next_state); } -int mesh_mpm_plink_close(struct hostapd_data *hapd, - struct sta_info *sta, void *ctx) +static int mesh_mpm_plink_close(struct hostapd_data *hapd, struct sta_info *sta, + void *ctx) { struct wpa_supplicant *wpa_s = ctx; int reason = WLAN_REASON_MESH_PEERING_CANCELLED; @@ -431,6 +501,85 @@ int mesh_mpm_plink_close(struct hostapd_data *hapd, } +int mesh_mpm_close_peer(struct wpa_supplicant *wpa_s, const u8 *addr) +{ + struct hostapd_data *hapd; + struct sta_info *sta; + + if (!wpa_s->ifmsh) { + wpa_msg(wpa_s, MSG_INFO, "Mesh is not prepared yet"); + return -1; + } + + hapd = wpa_s->ifmsh->bss[0]; + sta = ap_get_sta(hapd, addr); + if (!sta) { + wpa_msg(wpa_s, MSG_INFO, "No such mesh peer"); + return -1; + } + + return mesh_mpm_plink_close(hapd, sta, wpa_s) == 0 ? 0 : -1; +} + + +static void peer_add_timer(void *eloop_ctx, void *user_data) +{ + struct wpa_supplicant *wpa_s = eloop_ctx; + struct hostapd_data *hapd = wpa_s->ifmsh->bss[0]; + + os_memset(hapd->mesh_required_peer, 0, ETH_ALEN); +} + + +int mesh_mpm_connect_peer(struct wpa_supplicant *wpa_s, const u8 *addr, + int duration) +{ + struct wpa_ssid *ssid = wpa_s->current_ssid; + struct hostapd_data *hapd; + struct sta_info *sta; + struct mesh_conf *conf; + + if (!wpa_s->ifmsh) { + wpa_msg(wpa_s, MSG_INFO, "Mesh is not prepared yet"); + return -1; + } + + if (!ssid || !ssid->no_auto_peer) { + wpa_msg(wpa_s, MSG_INFO, + "This command is available only with no_auto_peer mesh network"); + return -1; + } + + hapd = wpa_s->ifmsh->bss[0]; + conf = wpa_s->ifmsh->mconf; + + sta = ap_get_sta(hapd, addr); + if (!sta) { + wpa_msg(wpa_s, MSG_INFO, "No such mesh peer"); + return -1; + } + + if ((PLINK_OPEN_SENT <= sta->plink_state && + sta->plink_state <= PLINK_ESTAB) || + (sta->sae && sta->sae->state > SAE_NOTHING)) { + wpa_msg(wpa_s, MSG_INFO, + "Specified peer is connecting/connected"); + return -1; + } + + if (conf->security == MESH_CONF_SEC_NONE) { + mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_SENT); + } else { + mesh_rsn_auth_sae_sta(wpa_s, sta); + os_memcpy(hapd->mesh_required_peer, addr, ETH_ALEN); + eloop_register_timeout(duration == -1 ? 10 : duration, 0, + peer_add_timer, wpa_s, NULL); + } + + return 0; +} + + void mesh_mpm_deinit(struct wpa_supplicant *wpa_s, struct hostapd_iface *ifmsh) { struct hostapd_data *hapd = ifmsh->bss[0]; @@ -440,6 +589,7 @@ void mesh_mpm_deinit(struct wpa_supplicant *wpa_s, struct hostapd_iface *ifmsh) hapd->num_plinks = 0; hostapd_free_stas(hapd); + eloop_cancel_timeout(peer_add_timer, wpa_s, NULL); } @@ -462,6 +612,8 @@ void mesh_mpm_auth_peer(struct wpa_supplicant *wpa_s, const u8 *addr) * the AP code already sets this flag. */ sta->flags |= WLAN_STA_AUTH; + mesh_rsn_init_ampe_sta(wpa_s, sta); + os_memset(¶ms, 0, sizeof(params)); params.addr = sta->addr; params.flags = WPA_STA_AUTHENTICATED | WPA_STA_AUTHORIZED; @@ -482,28 +634,64 @@ void mesh_mpm_auth_peer(struct wpa_supplicant *wpa_s, const u8 *addr) mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_SENT); } - -void wpa_mesh_new_mesh_peer(struct wpa_supplicant *wpa_s, const u8 *addr, - struct ieee802_11_elems *elems) +/* + * Initialize a sta_info structure for a peer and upload it into the driver + * in preparation for beginning authentication or peering. This is done when a + * Beacon (secure or open mesh) or a peering open frame (for open mesh) is + * received from the peer for the first time. + */ +static struct sta_info * mesh_mpm_add_peer(struct wpa_supplicant *wpa_s, + const u8 *addr, + struct ieee802_11_elems *elems) { struct hostapd_sta_add_params params; struct mesh_conf *conf = wpa_s->ifmsh->mconf; struct hostapd_data *data = wpa_s->ifmsh->bss[0]; struct sta_info *sta; - int ret = 0; + int ret; + + if (elems->mesh_config_len >= 7 && + !(elems->mesh_config[6] & MESH_CAP_ACCEPT_ADDITIONAL_PEER)) { + wpa_msg(wpa_s, MSG_DEBUG, + "mesh: Ignore a crowded peer " MACSTR, + MAC2STR(addr)); + return NULL; + } sta = ap_get_sta(data, addr); if (!sta) { sta = ap_sta_add(data, addr); if (!sta) - return; + return NULL; } + /* Set WMM by default since Mesh STAs are QoS STAs */ + sta->flags |= WLAN_STA_WMM; + /* initialize sta */ - if (copy_supp_rates(wpa_s, sta, elems)) - return; + if (copy_supp_rates(wpa_s, sta, elems)) { + ap_free_sta(data, sta); + return NULL; + } + + if (!sta->my_lid) + mesh_mpm_init_link(wpa_s, sta); + +#ifdef CONFIG_IEEE80211N + copy_sta_ht_capab(data, sta, elems->ht_capabilities); + update_ht_state(data, sta); +#endif /* CONFIG_IEEE80211N */ - mesh_mpm_init_link(wpa_s, sta); +#ifdef CONFIG_IEEE80211AC + copy_sta_vht_capab(data, sta, elems->vht_capabilities); + set_sta_vht_opmode(data, sta, elems->vht_opmode_notif); +#endif /* CONFIG_IEEE80211AC */ + + if (hostapd_get_aid(data, sta) < 0) { + wpa_msg(wpa_s, MSG_ERROR, "No AIDs available"); + ap_free_sta(data, sta); + return NULL; + } /* insert into driver */ os_memset(¶ms, 0, sizeof(params)); @@ -511,9 +699,10 @@ void wpa_mesh_new_mesh_peer(struct wpa_supplicant *wpa_s, const u8 *addr, params.supp_rates_len = sta->supported_rates_len; params.addr = addr; params.plink_state = sta->plink_state; - params.aid = sta->peer_lid; + params.aid = sta->aid; params.listen_interval = 100; - /* TODO: HT capabilities */ + params.ht_capabilities = sta->ht_capabilities; + params.vht_capabilities = sta->vht_capabilities; params.flags |= WPA_STA_WMM; params.flags_mask |= WPA_STA_AUTHENTICATED; if (conf->security == MESH_CONF_SEC_NONE) { @@ -529,10 +718,64 @@ void wpa_mesh_new_mesh_peer(struct wpa_supplicant *wpa_s, const u8 *addr, wpa_msg(wpa_s, MSG_ERROR, "Driver failed to insert " MACSTR ": %d", MAC2STR(addr), ret); + ap_free_sta(data, sta); + return NULL; + } + + return sta; +} + + +void wpa_mesh_new_mesh_peer(struct wpa_supplicant *wpa_s, const u8 *addr, + struct ieee802_11_elems *elems) +{ + struct mesh_conf *conf = wpa_s->ifmsh->mconf; + struct hostapd_data *data = wpa_s->ifmsh->bss[0]; + struct sta_info *sta; + struct wpa_ssid *ssid = wpa_s->current_ssid; + + sta = mesh_mpm_add_peer(wpa_s, addr, elems); + if (!sta) + return; + + if (ssid && ssid->no_auto_peer && + (is_zero_ether_addr(data->mesh_required_peer) || + os_memcmp(data->mesh_required_peer, addr, ETH_ALEN) != 0)) { + wpa_msg(wpa_s, MSG_INFO, "will not initiate new peer link with " + MACSTR " because of no_auto_peer", MAC2STR(addr)); + if (data->mesh_pending_auth) { + struct os_reltime age; + const struct ieee80211_mgmt *mgmt; + struct hostapd_frame_info fi; + + mgmt = wpabuf_head(data->mesh_pending_auth); + os_reltime_age(&data->mesh_pending_auth_time, &age); + if (age.sec < 2 && + os_memcmp(mgmt->sa, addr, ETH_ALEN) == 0) { + wpa_printf(MSG_DEBUG, + "mesh: Process pending Authentication frame from %u.%06u seconds ago", + (unsigned int) age.sec, + (unsigned int) age.usec); + os_memset(&fi, 0, sizeof(fi)); + ieee802_11_mgmt( + data, + wpabuf_head(data->mesh_pending_auth), + wpabuf_len(data->mesh_pending_auth), + &fi); + } + wpabuf_free(data->mesh_pending_auth); + data->mesh_pending_auth = NULL; + } return; } - mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_SENT); + if (conf->security == MESH_CONF_SEC_NONE) { + if (sta->plink_state < PLINK_OPEN_SENT || + sta->plink_state > PLINK_ESTAB) + mesh_mpm_plink_open(wpa_s, sta, PLINK_OPEN_SENT); + } else { + mesh_rsn_auth_sae_sta(wpa_s, sta); + } } @@ -552,20 +795,54 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, struct sta_info *sta) { struct hostapd_data *hapd = wpa_s->ifmsh->bss[0]; + struct mesh_conf *conf = wpa_s->ifmsh->mconf; + u8 seq[6] = {}; wpa_msg(wpa_s, MSG_INFO, "mesh plink with " MACSTR " established", MAC2STR(sta->addr)); + if (conf->security & MESH_CONF_SEC_AMPE) { + wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len); + wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher), + sta->addr, 0, 0, seq, sizeof(seq), + sta->mtk, sta->mtk_len); + + wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK Key RSC", + sta->mgtk_rsc, sizeof(sta->mgtk_rsc)); + wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK", + sta->mgtk, sta->mgtk_len); + wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher), + sta->addr, sta->mgtk_key_id, 0, + sta->mgtk_rsc, sizeof(sta->mgtk_rsc), + sta->mgtk, sta->mgtk_len); + + if (sta->igtk_len) { + wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK Key RSC", + sta->igtk_rsc, sizeof(sta->igtk_rsc)); + wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK", + sta->igtk, sta->igtk_len); + wpa_drv_set_key( + wpa_s, + wpa_cipher_to_alg(conf->mgmt_group_cipher), + sta->addr, sta->igtk_key_id, 0, + sta->igtk_rsc, sizeof(sta->igtk_rsc), + sta->igtk, sta->igtk_len); + } + } + wpa_mesh_set_plink_state(wpa_s, sta, PLINK_ESTAB); hapd->num_plinks++; sta->flags |= WLAN_STA_ASSOC; + sta->mesh_sae_pmksa_caching = 0; + eloop_cancel_timeout(peer_add_timer, wpa_s, NULL); + peer_add_timer(wpa_s, NULL); eloop_cancel_timeout(plink_timer, wpa_s, sta); /* Send ctrl event */ - wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_PEER_CONNECTED MACSTR, - MAC2STR(sta->addr)); + wpa_msg(wpa_s, MSG_INFO, MESH_PEER_CONNECTED MACSTR, + MAC2STR(sta->addr)); } @@ -573,6 +850,7 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, enum plink_event event) { struct hostapd_data *hapd = wpa_s->ifmsh->bss[0]; + struct mesh_conf *conf = wpa_s->ifmsh->mconf; u16 reason = 0; wpa_msg(wpa_s, MSG_DEBUG, "MPM " MACSTR " state %s event %s", @@ -604,8 +882,10 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING); if (!reason) reason = WLAN_REASON_MESH_CLOSE_RCVD; - eloop_register_timeout(dot11MeshHoldingTimeout, 0, - plink_timer, wpa_s, sta); + eloop_register_timeout( + conf->dot11MeshHoldingTimeout / 1000, + (conf->dot11MeshHoldingTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CLOSE, reason); break; @@ -617,8 +897,11 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, break; case CNF_ACPT: wpa_mesh_set_plink_state(wpa_s, sta, PLINK_CNF_RCVD); - eloop_register_timeout(dot11MeshConfirmTimeout, 0, - plink_timer, wpa_s, sta); + eloop_cancel_timeout(plink_timer, wpa_s, sta); + eloop_register_timeout( + conf->dot11MeshConfirmTimeout / 1000, + (conf->dot11MeshConfirmTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); break; default: break; @@ -634,8 +917,10 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING); if (!reason) reason = WLAN_REASON_MESH_CLOSE_RCVD; - eloop_register_timeout(dot11MeshHoldingTimeout, 0, - plink_timer, wpa_s, sta); + eloop_register_timeout( + conf->dot11MeshHoldingTimeout / 1000, + (conf->dot11MeshHoldingTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); sta->mpm_close_reason = reason; mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CLOSE, reason); @@ -645,6 +930,8 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, PLINK_CONFIRM, 0); break; case CNF_ACPT: + if (conf->security & MESH_CONF_SEC_AMPE) + mesh_rsn_derive_mtk(wpa_s, sta); mesh_mpm_plink_estab(wpa_s, sta); break; default: @@ -661,13 +948,17 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING); if (!reason) reason = WLAN_REASON_MESH_CLOSE_RCVD; - eloop_register_timeout(dot11MeshHoldingTimeout, 0, - plink_timer, wpa_s, sta); + eloop_register_timeout( + conf->dot11MeshHoldingTimeout / 1000, + (conf->dot11MeshHoldingTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); sta->mpm_close_reason = reason; mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CLOSE, reason); break; case OPN_ACPT: + if (conf->security & MESH_CONF_SEC_AMPE) + mesh_rsn_derive_mtk(wpa_s, sta); mesh_mpm_plink_estab(wpa_s, sta); mesh_mpm_send_plink_action(wpa_s, sta, PLINK_CONFIRM, 0); @@ -682,17 +973,18 @@ static void mesh_mpm_fsm(struct wpa_supplicant *wpa_s, struct sta_info *sta, wpa_mesh_set_plink_state(wpa_s, sta, PLINK_HOLDING); reason = WLAN_REASON_MESH_CLOSE_RCVD; - eloop_register_timeout(dot11MeshHoldingTimeout, 0, - plink_timer, wpa_s, sta); + eloop_register_timeout( + conf->dot11MeshHoldingTimeout / 1000, + (conf->dot11MeshHoldingTimeout % 1000) * 1000, + plink_timer, wpa_s, sta); sta->mpm_close_reason = reason; wpa_msg(wpa_s, MSG_INFO, "mesh plink with " MACSTR " closed with reason %d", MAC2STR(sta->addr), reason); - wpa_msg_ctrl(wpa_s, MSG_INFO, - MESH_PEER_DISCONNECTED MACSTR, - MAC2STR(sta->addr)); + wpa_msg(wpa_s, MSG_INFO, MESH_PEER_DISCONNECTED MACSTR, + MAC2STR(sta->addr)); hapd->num_plinks--; @@ -738,6 +1030,7 @@ void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s, { u8 action_field; struct hostapd_data *hapd = wpa_s->ifmsh->bss[0]; + struct mesh_conf *mconf = wpa_s->ifmsh->mconf; struct sta_info *sta; u16 plid = 0, llid = 0; enum plink_event event; @@ -751,63 +1044,125 @@ void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s, return; action_field = mgmt->u.action.u.slf_prot_action.action; + if (action_field != PLINK_OPEN && + action_field != PLINK_CONFIRM && + action_field != PLINK_CLOSE) + return; ies = mgmt->u.action.u.slf_prot_action.variable; ie_len = (const u8 *) mgmt + len - mgmt->u.action.u.slf_prot_action.variable; /* at least expect mesh id and peering mgmt */ - if (ie_len < 2 + 2) + if (ie_len < 2 + 2) { + wpa_printf(MSG_DEBUG, + "MPM: Ignore too short action frame %u ie_len %u", + action_field, (unsigned int) ie_len); return; + } + wpa_printf(MSG_DEBUG, "MPM: Received PLINK action %u", action_field); if (action_field == PLINK_OPEN || action_field == PLINK_CONFIRM) { + wpa_printf(MSG_DEBUG, "MPM: Capability 0x%x", + WPA_GET_LE16(ies)); ies += 2; /* capability */ ie_len -= 2; } if (action_field == PLINK_CONFIRM) { + wpa_printf(MSG_DEBUG, "MPM: AID 0x%x", WPA_GET_LE16(ies)); ies += 2; /* aid */ ie_len -= 2; } /* check for mesh peering, mesh id and mesh config IEs */ - if (ieee802_11_parse_elems(ies, ie_len, &elems, 0) == ParseFailed) + if (ieee802_11_parse_elems(ies, ie_len, &elems, 0) == ParseFailed) { + wpa_printf(MSG_DEBUG, "MPM: Failed to parse PLINK IEs"); return; - if (!elems.peer_mgmt) - return; - if ((action_field != PLINK_CLOSE) && - (!elems.mesh_id || !elems.mesh_config)) + } + if (!elems.peer_mgmt) { + wpa_printf(MSG_DEBUG, + "MPM: No Mesh Peering Management element"); return; + } + if (action_field != PLINK_CLOSE) { + if (!elems.mesh_id || !elems.mesh_config) { + wpa_printf(MSG_DEBUG, + "MPM: No Mesh ID or Mesh Configuration element"); + return; + } - if (action_field != PLINK_CLOSE && !matches_local(wpa_s, &elems)) - return; + if (!matches_local(wpa_s, &elems)) { + wpa_printf(MSG_DEBUG, + "MPM: Mesh ID or Mesh Configuration element do not match local MBSS"); + return; + } + } ret = mesh_mpm_parse_peer_mgmt(wpa_s, action_field, elems.peer_mgmt, elems.peer_mgmt_len, &peer_mgmt_ie); - if (ret) + if (ret) { + wpa_printf(MSG_DEBUG, "MPM: Mesh parsing rejected frame"); return; + } /* the sender's llid is our plid and vice-versa */ plid = WPA_GET_LE16(peer_mgmt_ie.llid); if (peer_mgmt_ie.plid) llid = WPA_GET_LE16(peer_mgmt_ie.plid); + wpa_printf(MSG_DEBUG, "MPM: plid=0x%x llid=0x%x", plid, llid); sta = ap_get_sta(hapd, mgmt->sa); - if (!sta) + + /* + * If this is an open frame from an unknown STA, and this is an + * open mesh, then go ahead and add the peer before proceeding. + */ + if (!sta && action_field == PLINK_OPEN && + (!(mconf->security & MESH_CONF_SEC_AMPE) || + wpa_auth_pmksa_get(hapd->wpa_auth, mgmt->sa))) + sta = mesh_mpm_add_peer(wpa_s, mgmt->sa, &elems); + + if (!sta) { + wpa_printf(MSG_DEBUG, "MPM: No STA entry for peer"); + return; + } + +#ifdef CONFIG_SAE + /* peer is in sae_accepted? */ + if (sta->sae && sta->sae->state != SAE_ACCEPTED) { + wpa_printf(MSG_DEBUG, "MPM: SAE not yet accepted for peer"); return; + } +#endif /* CONFIG_SAE */ if (!sta->my_lid) mesh_mpm_init_link(wpa_s, sta); - if (sta->plink_state == PLINK_BLOCKED) + if ((mconf->security & MESH_CONF_SEC_AMPE) && + mesh_rsn_process_ampe(wpa_s, sta, &elems, + &mgmt->u.action.category, + peer_mgmt_ie.chosen_pmk, + ies, ie_len)) { + wpa_printf(MSG_DEBUG, "MPM: RSN process rejected frame"); return; + } + + if (sta->plink_state == PLINK_BLOCKED) { + wpa_printf(MSG_DEBUG, "MPM: PLINK_BLOCKED"); + return; + } /* Now we will figure out the appropriate event... */ switch (action_field) { case PLINK_OPEN: - if (!plink_free_count(hapd) || - (sta->peer_lid && sta->peer_lid != plid)) { + if (plink_free_count(hapd) == 0) { + event = OPN_IGNR; + wpa_printf(MSG_INFO, + "MPM: Peer link num over quota(%d)", + hapd->max_plinks); + } else if (sta->peer_lid && sta->peer_lid != plid) { event = OPN_IGNR; } else { sta->peer_lid = plid; @@ -815,9 +1170,13 @@ void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s, } break; case PLINK_CONFIRM: - if (!plink_free_count(hapd) || - sta->my_lid != llid || - (sta->peer_lid && sta->peer_lid != plid)) { + if (plink_free_count(hapd) == 0) { + event = CNF_IGNR; + wpa_printf(MSG_INFO, + "MPM: Peer link num over quota(%d)", + hapd->max_plinks); + } else if (sta->my_lid != llid || + (sta->peer_lid && sta->peer_lid != plid)) { event = CNF_IGNR; } else { if (!sta->peer_lid) @@ -845,9 +1204,22 @@ void mesh_mpm_action_rx(struct wpa_supplicant *wpa_s, event = CLS_ACPT; break; default: - wpa_msg(wpa_s, MSG_ERROR, - "Mesh plink: unknown frame subtype"); + /* + * This cannot be hit due to the action_field check above, but + * compilers may not be able to figure that out and can warn + * about uninitialized event below. + */ return; } mesh_mpm_fsm(wpa_s, sta, event); } + + +/* called by ap_free_sta */ +void mesh_mpm_free_sta(struct hostapd_data *hapd, struct sta_info *sta) +{ + if (sta->plink_state == PLINK_ESTAB) + hapd->num_plinks--; + eloop_cancel_timeout(plink_timer, ELOOP_ALL_CTX, sta); + eloop_cancel_timeout(mesh_auth_timer, ELOOP_ALL_CTX, sta); +}