Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

mesh: Start mesh peering after successful authentication

[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Bob Copeland 10 years ago
parent
e96da42b0e
commit
c50d94f1f8
2 changed files with 47 additions and 4 deletions
Split View Show Diff Stats
  1. 28 4
      src/ap/ieee802_11.c
  2. 19 0
      src/ap/wpa_auth.c

+ 28 - 4
src/ap/ieee802_11.c
View File 

@@ -802,10 +802,20 @@ static void handle_auth(struct hostapd_data *hapd,
 
 		return;
 
 	}
 
 
-	sta = ap_sta_add(hapd, mgmt->sa);
 
-	if (!sta) {
 
-		resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA;
 
-		goto fail;
 
+#ifdef CONFIG_MESH
 
+	if (hapd->conf->mesh & MESH_ENABLED) {
 
+		/* if the mesh peer is not available, we don't do auth. */
 
+		sta = ap_get_sta(hapd, mgmt->sa);
 
+		if (!sta)
 
+			return;
 
+	} else
 
+#endif /* CONFIG_MESH */
 
+	{
 
+		sta = ap_sta_add(hapd, mgmt->sa);
 
+		if (!sta) {
 
+			resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA;
 
+			goto fail;
 
+		}
 
 	}
 
 
 	if (vlan_id > 0) {
 
@@ -890,6 +900,20 @@ static void handle_auth(struct hostapd_data *hapd,
 
 #endif /* CONFIG_IEEE80211R */
 
 #ifdef CONFIG_SAE
 
 	case WLAN_AUTH_SAE:
 
+#ifdef CONFIG_MESH
 
+		if (hapd->conf->mesh & MESH_ENABLED) {
 
+			if (sta->wpa_sm == NULL)
 
+				sta->wpa_sm =
 
+					wpa_auth_sta_init(hapd->wpa_auth,
 
+							  sta->addr, NULL);
 
+			if (sta->wpa_sm == NULL) {
 
+				wpa_printf(MSG_DEBUG,
 
+					   "SAE: Failed to initialize WPA state machine");
 
+				resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
 
+				goto fail;
 
+			}
 
+		}
 
+#endif /* CONFIG_MESH */
 
 		handle_auth_sae(hapd, sta, mgmt, len, auth_transaction);
 
 		return;
 
 #endif /* CONFIG_SAE */

+ 19 - 0
src/ap/wpa_auth.c
View File 

@@ -136,6 +136,17 @@ wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr,
 
 }
 
 
 
+#ifdef CONFIG_MESH
 
+static inline int wpa_auth_start_ampe(struct wpa_authenticator *wpa_auth,
 
+				      const u8 *addr)
 
+{
 
+	if (wpa_auth->cb.start_ampe == NULL)
 
+		return -1;
 
+	return wpa_auth->cb.start_ampe(wpa_auth->cb.ctx, addr);
 
+}
 
+#endif /* CONFIG_MESH */
 
+
 
+
 
 int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
 
 			  int (*cb)(struct wpa_state_machine *sm, void *ctx),
 
 			  void *cb_ctx)
 
@@ -1534,6 +1545,14 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event)
 
 
 	switch (event) {
 
 	case WPA_AUTH:
 
+#ifdef CONFIG_MESH
 
+		/* PTKs are derived through AMPE */
 
+		if (wpa_auth_start_ampe(sm->wpa_auth, sm->addr)) {
 
+			/* not mesh */
 
+			break;
 
+		}
 
+		return 0;
 
+#endif /* CONFIG_MESH */
 
 	case WPA_ASSOC:
 
 		break;
 
 	case WPA_DEAUTH: