Fixed MFP Association Comeback mechanism to use Timeout Interval IE

The separate Association Comeback Time IE was removed from IEEE 802.11w
and the Timeout Interval IE (from IEEE 802.11r) is used instead. The
editing on this is still somewhat incomplete in IEEE 802.11w/D7.0, but
still, the use of Timeout Interval IE is the expected mechanism.

diff --git a/hostapd/ieee802_11.c b/hostapd/ieee802_11.c
index 0faf6e1..7968850 100644 (file)
--- a/hostapd/ieee802_11.c
+++ b/hostapd/ieee802_11.c
@@ -301,8 +301,9 @@ static u8 * hostapd_eid_assoc_comeback_time(struct hostapd_data *hapd,
        u32 timeout, tu;
        struct os_time now, passed;
 
-       *pos++ = WLAN_EID_ASSOC_COMEBACK_TIME;
-       *pos++ = 4;
+       *pos++ = WLAN_EID_TIMEOUT_INTERVAL;
+       *pos++ = 5;
+       *pos++ = WLAN_TIMEOUT_ASSOC_COMEBACK;
        os_get_time(&now);
        os_time_sub(&now, &sta->sa_query_start, &passed);
        tu = (passed.sec * 1000000 + passed.usec) / 1024;

diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c
index 682d61b..991c989 100644 (file)
--- a/src/common/ieee802_11_common.c
+++ b/src/common/ieee802_11_common.c
@@ -219,6 +219,10 @@ ParseRes ieee802_11_parse_elems(u8 *start, size_t len,
                        elems->ftie = pos;
                        elems->ftie_len = elen;
                        break;
+               case WLAN_EID_TIMEOUT_INTERVAL:
+                       elems->timeout_int = pos;
+                       elems->timeout_int_len = elen;
+                       break;
                case WLAN_EID_HT_CAP:
                        elems->ht_capabilities = pos;
                        elems->ht_capabilities_len = elen;
@@ -227,10 +231,6 @@ ParseRes ieee802_11_parse_elems(u8 *start, size_t len,
                        elems->ht_operation = pos;
                        elems->ht_operation_len = elen;
                        break;
-               case WLAN_EID_ASSOC_COMEBACK_TIME:
-                       elems->assoc_comeback = pos;
-                       elems->assoc_comeback_len = elen;
-                       break;
                default:
                        unknown++;
                        if (!show_errors)

diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h
index 566da96..2aff993 100644 (file)
--- a/src/common/ieee802_11_common.h
+++ b/src/common/ieee802_11_common.h
@@ -55,12 +55,12 @@ struct ieee802_11_elems {
        u8 mdie_len;
        u8 *ftie;
        u8 ftie_len;
+       u8 *timeout_int;
+       u8 timeout_int_len;
        u8 *ht_capabilities;
        u8 ht_capabilities_len;
        u8 *ht_operation;
        u8 ht_operation_len;
-       u8 *assoc_comeback;
-       u8 assoc_comeback_len;
        u8 *vendor_ht_cap;
        u8 vendor_ht_cap_len;
 };

diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h
index 88e6ce6..18220b0 100644 (file)
--- a/src/common/ieee802_11_defs.h
+++ b/src/common/ieee802_11_defs.h
@@ -203,7 +203,6 @@
 #define WLAN_EID_20_40_BSS_INTOLERANT 73
 #define WLAN_EID_OVERLAPPING_BSS_SCAN_PARAMS 74
 #define WLAN_EID_MMIE 76
-#define WLAN_EID_ASSOC_COMEBACK_TIME 77
 #define WLAN_EID_VENDOR_SPECIFIC 221
 
 
@@ -223,6 +222,11 @@
 
 #define WLAN_SA_QUERY_TR_ID_LEN 16
 
+/* Timeout Interval Type */
+#define WLAN_TIMEOUT_REASSOC_DEADLINE 1
+#define WLAN_TIMEOUT_KEY_LIFETIME 2
+#define WLAN_TIMEOUT_ASSOC_COMEBACK 3
+
 
 #ifdef _MSC_VER
 #pragma pack(push, 1)

diff --git a/wpa_supplicant/mlme.c b/wpa_supplicant/mlme.c
index 964b8c0..0c63067 100644 (file)
--- a/wpa_supplicant/mlme.c
+++ b/wpa_supplicant/mlme.c
@@ -1087,9 +1087,10 @@ static void ieee80211_rx_mgmt_assoc_resp(struct wpa_supplicant *wpa_s,
                           status_code);
 #ifdef CONFIG_IEEE80211W
                if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY &&
-                   elems.assoc_comeback && elems.assoc_comeback_len == 4) {
+                   elems.timeout_int && elems.timeout_int_len == 5 &&
+                   elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) {
                        u32 tu, ms;
-                       tu = WPA_GET_LE32(elems.assoc_comeback);
+                       tu = WPA_GET_LE32(elems.timeout_int + 1);
                        ms = tu * 1024 / 1000;
                        wpa_printf(MSG_DEBUG, "MLME: AP rejected association "
                                   "temporarily; comeback duration %u TU "