netdev: Fix handshake failures on FT-PSK + FullMac

The latest refactoring ended up assuming that FT related elements would be handled in netdev_associate_event. However, FullMac cards (that do not generate netdev_associate_event) could still connect using FT AKMs and perform the Initial mobility association. In such cases the FTE element was required but ended up not being set into the handshake. This caused the handshake to fail during PTK 1_of_4 processing. Fix this by making sure that FTE + related info is set into the handshake, albeit with a lower sanity checking level since the elements have been processed by the firmware already. Note that it is currently impossible for actual FTs to be performed on FullMac cards, so the extra logic and sanity checking to handle these can be skipped.
2024-11-22 14:49:24 +01:00 · 2019-04-15 15:32:28 -05:00 · 2019-04-15 15:32:28 -05:00 · edade7f19c
commit edade7f19c
parent c44da22470
1 changed files with 44 additions and 0 deletions
--- a/src/netdev.c
+++ b/src/netdev.c
@ -1753,6 +1753,8 @@ static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev)
 	const uint8_t *ies = NULL;
 	size_t ies_len = 0;
 	struct ie_tlv_iter iter;
+	const uint8_t *resp_ies = NULL;
+	size_t resp_ies_len;

 	l_debug("");

@ -1786,6 +1788,10 @@ static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev)
 			ies = data;
 			ies_len = len;
 			break;
+		case NL80211_ATTR_RESP_IE:
+			resp_ies = data;
+			resp_ies_len = len;
+			break;
 		}
 	}

@ -1834,6 +1840,44 @@ static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev)
 		}
 	}

+	if (resp_ies) {
+		const uint8_t *fte = NULL;
+		struct ie_ft_info ft_info;
+
+		ie_tlv_iter_init(&iter, resp_ies, resp_ies_len);
+
+		while (ie_tlv_iter_next(&iter)) {
+			data = ie_tlv_iter_get_data(&iter);
+
+			switch (ie_tlv_iter_get_tag(&iter)) {
+			case IE_TYPE_FAST_BSS_TRANSITION:
+				fte = data - 2;
+				break;
+			}
+		}
+
+		if (fte) {
+			/*
+			 * If we are here, then most likely we have a FullMac
+			 * hw performing initial mobility association.  We need
+			 * to set the FTE element or the handshake will fail
+			 * The firmware accepted the FTE element, so do not
+			 * sanitize the contents and just assume they're okay.
+			 */
+			if (ie_parse_fast_bss_transition_from_data(fte,
+						fte[1] + 2, &ft_info) >= 0) {
+				handshake_state_set_fte(netdev->handshake, fte);
+				handshake_state_set_kh_ids(netdev->handshake,
+							ft_info.r0khid,
+							ft_info.r0khid_len,
+							ft_info.r1khid);
+			} else {
+				l_info("CMD_CONNECT Succeeded, but parsing FTE"
+					" failed.  Expect handshake failure");
+			}
+		}
+	}
+
 	if (netdev->sm) {
 		/*
 		 * Start processing EAPoL frames now that the state machine