projects / mech_eap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17f6b90)
wlantest: Allow injection of unprotected frames to unknown BSS
authorJouni Malinen <j@w1.fi>
Sun, 28 Aug 2011 16:19:38 +0000 (19:19 +0300)
committerJouni Malinen <j@w1.fi>
Sun, 28 Aug 2011 16:19:38 +0000 (19:19 +0300)
wlantest/ctrl.c patch | blob | history
wlantest/inject.c patch | blob | history

diff --git a/wlantest/ctrl.c b/wlantest/ctrl.c
index 2e470dd..2132b2b 100644 (file)
--- a/wlantest/ctrl.c
+++ b/wlantest/ctrl.c
@@ -1154,14 +1154,17 @@ static void ctrl_send_(struct wlantest *wt, int sock, u8 *cmd, size_t clen)
        }
 
        bss = bss_find(wt, bssid);
-       if (bss == NULL) {
+       if (bss == NULL && prot != WLANTEST_INJECT_UNPROTECTED) {
                wpa_printf(MSG_INFO, "Unknown BSSID");
                ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
                return;
        }
 
-       sta = sta_find(bss, sta_addr);
-       if (sta == NULL) {
+       if (bss)
+               sta = sta_find(bss, sta_addr);
+       else
+               sta = NULL;
+       if (sta == NULL && prot != WLANTEST_INJECT_UNPROTECTED) {
                wpa_printf(MSG_INFO, "Unknown STA address");
                ctrl_send_simple(wt, sock, WLANTEST_CTRL_FAILURE);
                return;
diff --git a/wlantest/inject.c b/wlantest/inject.c
index 3644edf..e8e7de7 100644 (file)
--- a/wlantest/inject.c
+++ b/wlantest/inject.c
@@ -326,13 +326,20 @@ int wlantest_inject(struct wlantest *wt, struct wlantest_bss *bss,
                return -1;
        }
 
+       if (prot != WLANTEST_INJECT_UNPROTECTED &&
+           (bss == NULL || sta == NULL)) {
+               wpa_printf(MSG_INFO, "No BSS/STA information to inject "
+                          "protected frames");
+               return -1;
+       }
+
        hdr = (struct ieee80211_hdr *) frame;
        fc = le_to_host16(hdr->frame_control);
        protectable = WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_DATA ||
                is_robust_mgmt(frame, len);
 
-       if (prot == WLANTEST_INJECT_PROTECTED ||
-           prot == WLANTEST_INJECT_INCORRECT_KEY) {
+       if ((prot == WLANTEST_INJECT_PROTECTED ||
+            prot == WLANTEST_INJECT_INCORRECT_KEY) && bss) {
                if (!sta &&
                    ((WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
                      !bss->igtk_set[bss->igtk_idx]) ||
@@ -350,7 +357,7 @@ int wlantest_inject(struct wlantest *wt, struct wlantest_bss *bss,
                        return -1;
                }
                protect = 1;
-       } else if (protectable && prot != WLANTEST_INJECT_UNPROTECTED) {
+       } else if (protectable && prot != WLANTEST_INJECT_UNPROTECTED && bss) {
                if (sta && sta->ptk_set)
                        protect = 1;
                else if (!sta) {
@@ -363,7 +370,7 @@ int wlantest_inject(struct wlantest *wt, struct wlantest_bss *bss,
                }
        }
 
-       if (protect)
+       if (protect && bss)
                return wlantest_inject_prot(
                        wt, bss, sta, frame, len,
                        prot == WLANTEST_INJECT_INCORRECT_KEY);
Moonshot GSS-API mechanism