diff --git a/src/adhoc.c b/src/adhoc.c index dd27e825..d88f53f5 100644 --- a/src/adhoc.c +++ b/src/adhoc.c @@ -203,8 +203,8 @@ static struct eapol_sm *adhoc_new_sm(struct sta_state *sta, bool authenticator) handshake_state_set_event_func(hs, adhoc_handshake_event, sta); handshake_state_set_ssid(hs, (void *)adhoc->ssid, strlen(adhoc->ssid)); /* we dont have the connecting peer rsn info, so just set ap == own */ - handshake_state_set_ap_rsn(hs, bss_rsne); - handshake_state_set_own_rsn(hs, bss_rsne); + handshake_state_set_authenticator_rsn(hs, bss_rsne); + handshake_state_set_supplicant_rsn(hs, bss_rsne); handshake_state_set_pmk(hs, adhoc->pmk, 32); if (authenticator) { diff --git a/src/ap.c b/src/ap.c index 78e25114..db6c0572 100644 --- a/src/ap.c +++ b/src/ap.c @@ -420,12 +420,12 @@ static void ap_associate_sta_cb(struct l_genl_msg *msg, void *user_data) handshake_state_set_event_func(sta->hs, ap_handshake_event, sta); handshake_state_set_ssid(sta->hs, (void *)ap->ssid, strlen(ap->ssid)); - handshake_state_set_ap_rsn(sta->hs, bss_rsne); - handshake_state_set_own_rsn(sta->hs, sta->assoc_rsne); + handshake_state_set_authenticator(sta->hs, true); + handshake_state_set_authenticator_rsn(sta->hs, bss_rsne); + handshake_state_set_supplicant_rsn(sta->hs, sta->assoc_rsne); handshake_state_set_pmk(sta->hs, ap->pmk, 32); handshake_state_set_authenticator_address(sta->hs, own_addr); handshake_state_set_supplicant_address(sta->hs, sta->addr); - handshake_state_set_authenticator(sta->hs, true); sta->sm = eapol_sm_new(sta->hs); if (!sta->sm) { diff --git a/src/device.c b/src/device.c index 856a298c..6fb295f8 100644 --- a/src/device.c +++ b/src/device.c @@ -728,12 +728,12 @@ static struct handshake_state *device_handshake_setup(struct device *device, /* RSN takes priority */ if (bss->rsne) { ie_build_rsne(&info, rsne_buf); - handshake_state_set_ap_rsn(hs, bss->rsne); - handshake_state_set_own_rsn(hs, rsne_buf); + handshake_state_set_authenticator_rsn(hs, bss->rsne); + handshake_state_set_supplicant_rsn(hs, rsne_buf); } else { ie_build_wpa(&info, rsne_buf); - handshake_state_set_ap_wpa(hs, bss->wpa); - handshake_state_set_own_wpa(hs, rsne_buf); + handshake_state_set_authenticator_wpa(hs, bss->wpa); + handshake_state_set_supplicant_wpa(hs, rsne_buf); } if (security == SECURITY_PSK) { @@ -918,12 +918,13 @@ static void device_preauthenticate_cb(struct netdev *netdev, /* * Rebuild the RSNE to include the negotiated PMKID. Note - * own_ie can't be a WPA IE here, including because the - * WPA IE doesn't have a capabilities field and + * supplicant_ie can't be a WPA IE here, including because + * the WPA IE doesn't have a capabilities field and * target_rsne->preauthentication would have been false in * device_transition_start. */ - ie_parse_rsne_from_data(new_hs->own_ie, new_hs->own_ie[1] + 2, + ie_parse_rsne_from_data(new_hs->supplicant_ie, + new_hs->supplicant_ie[1] + 2, &rsn_info); handshake_state_get_pmkid(new_hs, pmkid); @@ -932,7 +933,7 @@ static void device_preauthenticate_cb(struct netdev *netdev, rsn_info.pmkids = pmkid; ie_build_rsne(&rsn_info, rsne_buf); - handshake_state_set_own_rsn(new_hs, rsne_buf); + handshake_state_set_supplicant_rsn(new_hs, rsne_buf); } device_transition_reassociate(device, bss, new_hs); diff --git a/src/eapol.c b/src/eapol.c index b76515f4..9a3d43f7 100644 --- a/src/eapol.c +++ b/src/eapol.c @@ -941,7 +941,7 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm, uint8_t mic[16]; uint8_t *ies; size_t ies_len; - const uint8_t *own_ie = sm->handshake->own_ie; + const uint8_t *own_ie = sm->handshake->supplicant_ie; const uint8_t *pmkid; struct ie_rsn_info rsn_info; @@ -1210,8 +1210,9 @@ static void eapol_handle_ptk_2_of_4(struct eapol_sm *sm, */ rsne = eapol_find_rsne(ek->key_data, L_BE16_TO_CPU(ek->key_data_len), NULL); - if (!rsne || rsne[1] != sm->handshake->own_ie[1] || - memcmp(rsne + 2, sm->handshake->own_ie + 2, rsne[1])) { + if (!rsne || rsne[1] != sm->handshake->supplicant_ie[1] || + memcmp(rsne + 2, sm->handshake->supplicant_ie + 2, + rsne[1])) { handshake_failed(sm, MMPDU_REASON_CODE_IE_DIFFERENT); return; @@ -1323,7 +1324,7 @@ static void eapol_handle_ptk_3_of_4(struct eapol_sm *sm, if (!rsne) goto error_ie_different; - if (!handshake_util_ap_ie_matches(rsne, sm->handshake->ap_ie, + if (!handshake_util_ap_ie_matches(rsne, sm->handshake->authenticator_ie, sm->handshake->wpa_ie)) goto error_ie_different; diff --git a/src/handshake.c b/src/handshake.c index 0a124dd5..85968ade 100644 --- a/src/handshake.c +++ b/src/handshake.c @@ -74,8 +74,8 @@ void handshake_state_free(struct handshake_state *s) { typeof(s->free) destroy = s->free; - l_free(s->ap_ie); - l_free(s->own_ie); + l_free(s->authenticator_ie); + l_free(s->supplicant_ie); l_free(s->mde); l_free(s->fte); l_free(s->passphrase); @@ -121,28 +121,6 @@ struct l_settings *handshake_state_get_8021x_config(struct handshake_state *s) return s->settings_8021x; } -static void handshake_state_set_ap_ie(struct handshake_state *s, - const uint8_t *ie, bool is_wpa) -{ - l_free(s->ap_ie); - s->ap_ie = l_memdup(ie, ie[1] + 2u); - s->wpa_ie = is_wpa; -} - -static void handshake_state_set_own_ie(struct handshake_state *s, - const uint8_t *ie, bool is_wpa) -{ - l_free(s->own_ie); - s->own_ie = l_memdup(ie, ie[1] + 2u); - s->wpa_ie = is_wpa; -} - -void handshake_state_set_ap_rsn(struct handshake_state *s, - const uint8_t *rsn_ie) -{ - handshake_state_set_ap_ie(s, rsn_ie, false); -} - static bool handshake_state_setup_own_ciphers(struct handshake_state *s, const struct ie_rsn_info *info) { @@ -161,36 +139,74 @@ static bool handshake_state_setup_own_ciphers(struct handshake_state *s, return true; } -bool handshake_state_set_own_rsn(struct handshake_state *s, +static bool handshake_state_set_authenticator_ie(struct handshake_state *s, + const uint8_t *ie, bool is_wpa) +{ + struct ie_rsn_info info; + + l_free(s->authenticator_ie); + s->authenticator_ie = l_memdup(ie, ie[1] + 2u); + s->wpa_ie = is_wpa; + + if (!s->authenticator) + return true; + + if (is_wpa) { + if (ie_parse_wpa_from_data(ie, ie[1] + 2, &info) < 0) + return false; + } else { + if (ie_parse_rsne_from_data(ie, ie[1] + 2, &info) < 0) + return false; + } + + return handshake_state_setup_own_ciphers(s, &info); +} + +static bool handshake_state_set_supplicant_ie(struct handshake_state *s, + const uint8_t *ie, bool is_wpa) +{ + struct ie_rsn_info info; + + l_free(s->supplicant_ie); + s->supplicant_ie = l_memdup(ie, ie[1] + 2u); + s->wpa_ie = is_wpa; + + if (s->authenticator) + return true; + + if (is_wpa) { + if (ie_parse_wpa_from_data(ie, ie[1] + 2, &info) < 0) + return false; + } else { + if (ie_parse_rsne_from_data(ie, ie[1] + 2, &info) < 0) + return false; + } + + return handshake_state_setup_own_ciphers(s, &info); +} + +bool handshake_state_set_authenticator_rsn(struct handshake_state *s, + const uint8_t *rsn_ie) +{ + return handshake_state_set_authenticator_ie(s, rsn_ie, false); +} + +bool handshake_state_set_supplicant_rsn(struct handshake_state *s, const uint8_t *rsn_ie) { - struct ie_rsn_info info; - - handshake_state_set_own_ie(s, rsn_ie, false); - - if (ie_parse_rsne_from_data(rsn_ie, rsn_ie[1] + 2, &info) < 0) - return false; - - return handshake_state_setup_own_ciphers(s, &info); + return handshake_state_set_supplicant_ie(s, rsn_ie, false); } -void handshake_state_set_ap_wpa(struct handshake_state *s, +bool handshake_state_set_authenticator_wpa(struct handshake_state *s, const uint8_t *wpa_ie) { - handshake_state_set_ap_ie(s, wpa_ie, true); + return handshake_state_set_authenticator_ie(s, wpa_ie, true); } -bool handshake_state_set_own_wpa(struct handshake_state *s, +bool handshake_state_set_supplicant_wpa(struct handshake_state *s, const uint8_t *wpa_ie) { - struct ie_rsn_info info; - - handshake_state_set_own_ie(s, wpa_ie, true); - - if (ie_parse_wpa_from_data(wpa_ie, wpa_ie[1] + 2, &info) < 0) - return false; - - return handshake_state_setup_own_ciphers(s, &info); + return handshake_state_set_supplicant_ie(s, wpa_ie, true); } void handshake_state_set_ssid(struct handshake_state *s, const uint8_t *ssid, diff --git a/src/handshake.h b/src/handshake.h index a93c8497..e7d4b213 100644 --- a/src/handshake.h +++ b/src/handshake.h @@ -77,8 +77,8 @@ struct handshake_state { uint32_t ifindex; uint8_t spa[6]; uint8_t aa[6]; - uint8_t *ap_ie; - uint8_t *own_ie; + uint8_t *authenticator_ie; + uint8_t *supplicant_ie; uint8_t *mde; uint8_t *fte; enum ie_rsn_cipher_suite pairwise_cipher; @@ -128,13 +128,13 @@ void handshake_state_set_pmk(struct handshake_state *s, const uint8_t *pmk, void handshake_state_set_8021x_config(struct handshake_state *s, struct l_settings *settings); struct l_settings *handshake_state_get_8021x_config(struct handshake_state *s); -void handshake_state_set_ap_rsn(struct handshake_state *s, +bool handshake_state_set_supplicant_rsn(struct handshake_state *s, const uint8_t *rsn_ie); -bool handshake_state_set_own_rsn(struct handshake_state *s, +bool handshake_state_set_authenticator_rsn(struct handshake_state *s, const uint8_t *rsn_ie); -void handshake_state_set_ap_wpa(struct handshake_state *s, +bool handshake_state_set_supplicant_wpa(struct handshake_state *s, const uint8_t *wpa_ie); -bool handshake_state_set_own_wpa(struct handshake_state *s, +bool handshake_state_set_authenticator_wpa(struct handshake_state *s, const uint8_t *wpa_ie); void handshake_state_set_ssid(struct handshake_state *s, const uint8_t *ssid, size_t ssid_len); diff --git a/src/netdev.c b/src/netdev.c index 554ed286..1f6023f0 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -1492,7 +1492,7 @@ static bool netdev_handle_associate_resp_ies(struct handshake_state *hs, const uint8_t *fte, bool transition) { const uint8_t *sent_mde = hs->mde; - bool is_rsn = hs->own_ie != NULL; + bool is_rsn = hs->supplicant_ie != NULL; /* * During a transition in an RSN, check for an RSNE containing the @@ -1521,7 +1521,8 @@ static bool netdev_handle_associate_resp_ies(struct handshake_state *hs, memcmp(msg4_rsne.pmkids, hs->pmk_r1_name, 16)) return false; - if (!handshake_util_ap_ie_matches(rsne, hs->ap_ie, false)) + if (!handshake_util_ap_ie_matches(rsne, hs->authenticator_ie, + false)) return false; } else { if (rsne) @@ -1732,7 +1733,7 @@ static void netdev_connect_event(struct l_genl_msg *msg, } if (netdev->in_ft) { - bool is_rsn = netdev->handshake->own_ie != NULL; + bool is_rsn = netdev->handshake->supplicant_ie != NULL; netdev->in_ft = false; @@ -1789,7 +1790,7 @@ static struct l_genl_msg *netdev_build_cmd_associate_common( struct netdev *netdev) { struct handshake_state *hs = netdev->handshake; - bool is_rsn = hs->own_ie != NULL; + bool is_rsn = hs->supplicant_ie != NULL; struct l_genl_msg *msg; msg = l_genl_msg_new_sized(NL80211_CMD_ASSOCIATE, 600); @@ -1863,7 +1864,7 @@ static struct l_genl_msg *netdev_build_cmd_ft_reassociate( struct iovec iov[3]; int iov_elems = 0; struct handshake_state *hs = netdev_get_handshake(netdev); - bool is_rsn = hs->own_ie != NULL; + bool is_rsn = hs->supplicant_ie != NULL; uint8_t *rsne = NULL; msg = netdev_build_cmd_associate_common(netdev); @@ -1885,7 +1886,8 @@ static struct l_genl_msg *netdev_build_cmd_ft_reassociate( * — All other fields shall be as specified in 8.4.2.27 * and 11.5.3." */ - if (ie_parse_rsne_from_data(hs->own_ie, hs->own_ie[1] + 2, + if (ie_parse_rsne_from_data(hs->supplicant_ie, + hs->supplicant_ie[1] + 2, &rsn_info) < 0) goto error; @@ -2033,7 +2035,7 @@ static void netdev_ft_process(struct netdev *netdev, const uint8_t *frame, } } - is_rsn = hs->own_ie != NULL; + is_rsn = hs->supplicant_ie != NULL; /* * In an RSN, check for an RSNE containing the PMK-R0-Name and @@ -2062,7 +2064,8 @@ static void netdev_ft_process(struct netdev *netdev, const uint8_t *frame, memcmp(msg2_rsne.pmkids, hs->pmk_r0_name, 16)) goto ft_error; - if (!handshake_util_ap_ie_matches(rsne, hs->ap_ie, false)) + if (!handshake_util_ap_ie_matches(rsne, hs->authenticator_ie, + false)) goto ft_error; } else if (rsne) goto ft_error; @@ -2300,8 +2303,8 @@ static void netdev_sae_complete(uint16_t status, void *user_data) msg = netdev_build_cmd_associate_common(netdev); l_genl_msg_append_attr(msg, NL80211_ATTR_IE, - netdev->handshake->own_ie[1] + 2, - netdev->handshake->own_ie); + netdev->handshake->supplicant_ie[1] + 2, + netdev->handshake->supplicant_ie); /* netdev_cmd_connect_cb can be reused */ netdev->connect_cmd_id = l_genl_family_send(nl80211, msg, @@ -2369,7 +2372,7 @@ static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev, struct l_genl_msg *msg; struct iovec iov[2]; int iov_elems = 0; - bool is_rsn = hs->own_ie != NULL; + bool is_rsn = hs->supplicant_ie != NULL; msg = l_genl_msg_new_sized(NL80211_CMD_CONNECT, 512); l_genl_msg_append_attr(msg, NL80211_ATTR_IFINDEX, 4, &netdev->index); @@ -2436,8 +2439,8 @@ static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev, NL80211_ATTR_CONTROL_PORT_OVER_NL80211, 0, NULL); - iov[iov_elems].iov_base = (void *) hs->own_ie; - iov[iov_elems].iov_len = hs->own_ie[1] + 2; + iov[iov_elems].iov_base = (void *) hs->supplicant_ie; + iov[iov_elems].iov_len = hs->supplicant_ie[1] + 2; iov_elems += 1; } @@ -2499,7 +2502,7 @@ int netdev_connect(struct netdev *netdev, struct scan_bss *bss, { struct l_genl_msg *cmd_connect = NULL; struct eapol_sm *sm = NULL; - bool is_rsn = hs->own_ie != NULL; + bool is_rsn = hs->supplicant_ie != NULL; if (netdev->type != NL80211_IFTYPE_STATION) return -ENOTSUP; @@ -2624,7 +2627,7 @@ int netdev_reassociate(struct netdev *netdev, struct scan_bss *target_bss, struct netdev_handshake_state; struct handshake_state *old_hs; struct eapol_sm *sm = NULL, *old_sm; - bool is_rsn = hs->own_ie != NULL; + bool is_rsn = hs->supplicant_ie != NULL; int err; cmd_connect = netdev_build_cmd_connect(netdev, target_bss, hs, @@ -2780,7 +2783,7 @@ static struct l_genl_msg *netdev_build_cmd_ft_authenticate( struct l_genl_msg *msg; struct iovec iov[3]; int iov_elems = 0; - bool is_rsn = hs->own_ie != NULL; + bool is_rsn = hs->supplicant_ie != NULL; uint8_t mde[5]; msg = l_genl_msg_new_sized(NL80211_CMD_AUTHENTICATE, 512); @@ -2807,7 +2810,8 @@ static struct l_genl_msg *netdev_build_cmd_ft_authenticate( * — All other fields shall be as specified in 8.4.2.27 * and 11.5.3." */ - if (ie_parse_rsne_from_data(hs->own_ie, hs->own_ie[1] + 2, + if (ie_parse_rsne_from_data(hs->supplicant_ie, + hs->supplicant_ie[1] + 2, &rsn_info) < 0) goto error; @@ -2928,7 +2932,8 @@ int netdev_fast_transition(struct netdev *netdev, struct scan_bss *target_bss, memcpy(netdev->prev_bssid, netdev->handshake->aa, ETH_ALEN); handshake_state_set_authenticator_address(netdev->handshake, target_bss->addr); - handshake_state_set_ap_rsn(netdev->handshake, target_bss->rsne); + handshake_state_set_authenticator_rsn(netdev->handshake, + target_bss->rsne); memcpy(netdev->handshake->mde + 2, target_bss->mde, 3); if (netdev->sm) {