Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-10-10 11:17:22 +02:00
Code Releases Activity

station: netdev: allow FILS-FT AKMs

Browse Source 
This adds some checks for the FT_OVER_FILS AKMs in station and netdev
allowing the FILS-FT AKMs to be selected during a connection.

Inside netdev_connect_event we actually have to skip parsing the IEs
because FILS itself takes care of this (needs to handle them specially)
This commit is contained in:
James Prestwood 2019-05-22 15:24:04 -07:00 committed by Denis Kenzior
parent e583b1d243
commit 628c079e55
2 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/netdev.c
View File

@ -1632,7 +1632,10 @@ static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev)
} }
} }
if (resp_ies) { /* FILS handles its own FT key derivation */
if (resp_ies && !(netdev->handshake->akm_suite &
(IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384))) {
const uint8_t *fte = NULL; const uint8_t *fte = NULL;
struct ie_ft_info ft_info; struct ie_ft_info ft_info;
@ -2369,6 +2372,8 @@ int netdev_connect(struct netdev *netdev, struct scan_bss *bss,
break; break;
case IE_RSN_AKM_SUITE_FILS_SHA256: case IE_RSN_AKM_SUITE_FILS_SHA256:
case IE_RSN_AKM_SUITE_FILS_SHA384: case IE_RSN_AKM_SUITE_FILS_SHA384:
case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256:
case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384:
netdev->ap = fils_sm_new(hs, netdev_fils_tx_authenticate, netdev->ap = fils_sm_new(hs, netdev_fils_tx_authenticate,
netdev_fils_tx_associate, netdev_fils_tx_associate,
netdev); netdev);

10
src/station.c
View File

@ -633,7 +633,9 @@ static int station_build_handshake_rsn(struct handshake_state *hs,
if (info.akm_suites & (IE_RSN_AKM_SUITE_FT_OVER_8021X | if (info.akm_suites & (IE_RSN_AKM_SUITE_FT_OVER_8021X |
IE_RSN_AKM_SUITE_FT_USING_PSK | IE_RSN_AKM_SUITE_FT_USING_PSK |
IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256)) IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256 |
IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384))
add_mde = true; add_mde = true;
open_network: open_network:
@ -704,8 +706,10 @@ static struct handshake_state *station_handshake_setup(struct station *station,
* wait to get it until here because at this point so there are no * wait to get it until here because at this point so there are no
* failure paths before fils_sm_new * failure paths before fils_sm_new
*/ */
if (hs->akm_suite == IE_RSN_AKM_SUITE_FILS_SHA256 || if (hs->akm_suite & (IE_RSN_AKM_SUITE_FILS_SHA256 |
hs->akm_suite == IE_RSN_AKM_SUITE_FILS_SHA384) IE_RSN_AKM_SUITE_FILS_SHA384 |
IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384))
hs->erp_cache = erp_cache_get(network_get_ssid(network)); hs->erp_cache = erp_cache_get(network_get_ssid(network));
return hs; return hs;