static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
const struct ieee80211_mgmt *mgmt, size_t len,
- u8 auth_transaction)
+ u16 auth_transaction, u16 status_code)
{
u16 resp = WLAN_STATUS_SUCCESS;
struct wpabuf *data = NULL;
if (!sta->sae) {
- if (auth_transaction != 1)
+ if (auth_transaction != 1 || status_code != WLAN_STATUS_SUCCESS)
return;
sta->sae = os_zalloc(sizeof(*sta->sae));
if (sta->sae == NULL)
size_t token_len = 0;
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG,
- "start SAE authentication (RX commit)");
+ "start SAE authentication (RX commit, status=%u)",
+ status_code);
if ((hapd->conf->mesh & MESH_ENABLED) &&
- mgmt->u.auth.status_code ==
- WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ && sta->sae->tmp) {
+ status_code == WLAN_STATUS_ANTI_CLOGGING_TOKEN_REQ &&
+ sta->sae->tmp) {
pos = mgmt->u.auth.variable;
end = ((const u8 *) mgmt) + len;
if (pos + sizeof(le16) > end) {
return;
}
+ if (status_code != WLAN_STATUS_SUCCESS)
+ return;
+
resp = sae_parse_commit(sta->sae, mgmt->u.auth.variable,
((const u8 *) mgmt) + len -
mgmt->u.auth.variable, &token,
} else if (auth_transaction == 2) {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG,
- "SAE authentication (RX confirm)");
+ "SAE authentication (RX confirm, status=%u)",
+ status_code);
+ if (status_code != WLAN_STATUS_SUCCESS)
+ return;
if (sta->sae->state >= SAE_CONFIRMED ||
!(hapd->conf->mesh & MESH_ENABLED)) {
if (sae_check_confirm(sta->sae, mgmt->u.auth.variable,
}
}
resp = sae_sm_step(hapd, sta, mgmt->bssid, auth_transaction);
-
} else {
hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
HOSTAPD_LEVEL_DEBUG,
- "unexpected SAE authentication transaction %u",
- auth_transaction);
+ "unexpected SAE authentication transaction %u (status=%u)",
+ auth_transaction, status_code);
+ if (status_code != WLAN_STATUS_SUCCESS)
+ return;
resp = WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION;
}
#ifdef CONFIG_SAE
case WLAN_AUTH_SAE:
#ifdef CONFIG_MESH
- if (hapd->conf->mesh & MESH_ENABLED) {
+ if (status_code == WLAN_STATUS_SUCCESS &&
+ hapd->conf->mesh & MESH_ENABLED) {
if (sta->wpa_sm == NULL)
sta->wpa_sm =
wpa_auth_sta_init(hapd->wpa_auth,
}
}
#endif /* CONFIG_MESH */
- handle_auth_sae(hapd, sta, mgmt, len, auth_transaction);
+ handle_auth_sae(hapd, sta, mgmt, len, auth_transaction,
+ status_code);
return;
#endif /* CONFIG_SAE */
}