From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.01.org
Subject: [PATCH 2/8] ft: expose ft_build_authenticate_ies
Date: Thu, 15 Apr 2021 15:45:02 -0700 [thread overview]
Message-ID: <20210415224508.1823614-2-prestwoj@gmail.com> (raw)
In-Reply-To: <20210415224508.1823614-1-prestwoj@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 3808 bytes --]
The building of the (FT)Authenticate frame will need
to be shared between ft and netdev once FT-over-Air
is refactored.
The building was refactored to work off the callers
buffer rather than internal stack buffers. An argument
'new_snonce' was included as FT-over-DS will generate
a new snonce for the initial action frame, hence the
handshakes snonce cannot be used.
---
src/ft.c | 62 +++++++++++++++++++++++++++++++-------------------------
src/ft.h | 4 ++++
2 files changed, 38 insertions(+), 28 deletions(-)
diff --git a/src/ft.c b/src/ft.c
index 2c58787d..08e6cdeb 100644
--- a/src/ft.c
+++ b/src/ft.c
@@ -679,19 +679,16 @@ static void ft_sm_free(struct auth_proto *ap)
l_free(ft);
}
-static bool ft_start(struct auth_proto *ap)
+bool ft_build_authenticate_ies(struct handshake_state *hs,
+ const uint8_t *new_snonce, uint8_t *buf,
+ size_t *len)
{
- struct ft_sm *ft = l_container_of(ap, struct ft_sm, ap);
- struct handshake_state *hs = ft->hs;
uint32_t kck_len = handshake_state_get_kck_len(hs);
bool is_rsn = hs->supplicant_ie != NULL;
- uint8_t mde[5];
- struct iovec iov[3];
- size_t iov_elems = 0;
+ uint8_t *ptr = buf;
if (is_rsn) {
struct ie_rsn_info rsn_info;
- uint8_t *rsne;
/*
* Rebuild the RSNE to include the PMKR0Name and append
@@ -712,26 +709,18 @@ static bool ft_start(struct auth_proto *ap)
rsn_info.num_pmkids = 1;
rsn_info.pmkids = hs->pmk_r0_name;
- rsne = alloca(256);
- ie_build_rsne(&rsn_info, rsne);
-
- iov[iov_elems].iov_base = rsne;
- iov[iov_elems].iov_len = rsne[1] + 2;
- iov_elems += 1;
+ ie_build_rsne(&rsn_info, ptr);
+ ptr += ptr[1] + 2;
}
/* The MDE advertised by the BSS must be passed verbatim */
- mde[0] = IE_TYPE_MOBILITY_DOMAIN;
- mde[1] = 3;
- memcpy(mde + 2, hs->mde + 2, 3);
-
- iov[iov_elems].iov_base = mde;
- iov[iov_elems].iov_len = 5;
- iov_elems += 1;
+ ptr[0] = IE_TYPE_MOBILITY_DOMAIN;
+ ptr[1] = 3;
+ memcpy(ptr + 2, hs->mde + 2, 3);
+ ptr += 5;
if (is_rsn) {
struct ie_ft_info ft_info;
- uint8_t *fte;
/*
* 12.8.2: "If present, the FTE shall be set as follows:
@@ -748,17 +737,34 @@ static bool ft_start(struct auth_proto *ap)
memcpy(ft_info.r0khid, hs->r0khid, hs->r0khid_len);
ft_info.r0khid_len = hs->r0khid_len;
- memcpy(ft_info.snonce, hs->snonce, 32);
+ memcpy(ft_info.snonce, new_snonce, 32);
- fte = alloca(256);
- ie_build_fast_bss_transition(&ft_info, kck_len, fte);
+ ie_build_fast_bss_transition(&ft_info, kck_len, ptr);
- iov[iov_elems].iov_base = fte;
- iov[iov_elems].iov_len = fte[1] + 2;
- iov_elems += 1;
+ ptr += ptr[1] + 2;
}
- ft->tx_auth(iov, iov_elems, ft->user_data);
+ if (len)
+ *len = ptr - buf;
+
+ return true;
+}
+
+static bool ft_start(struct auth_proto *ap)
+{
+ struct ft_sm *ft = l_container_of(ap, struct ft_sm, ap);
+ struct handshake_state *hs = ft->hs;
+ struct iovec iov;
+ uint8_t buf[512];
+ size_t len;
+
+ if (!ft_build_authenticate_ies(hs, hs->snonce, buf, &len))
+ return false;
+
+ iov.iov_base = buf;
+ iov.iov_len = len;
+
+ ft->tx_auth(&iov, 1, ft->user_data);
return true;
}
diff --git a/src/ft.h b/src/ft.h
index 6f6a7fd5..f24b3b5e 100644
--- a/src/ft.h
+++ b/src/ft.h
@@ -25,6 +25,10 @@ typedef void (*ft_tx_authenticate_func_t)(struct iovec *iov, size_t iov_len,
typedef void (*ft_tx_associate_func_t)(struct iovec *ie_iov, size_t iov_len,
void *user_data);
+bool ft_build_authenticate_ies(struct handshake_state *hs,
+ const uint8_t *new_snonce, uint8_t *buf,
+ size_t *len);
+
struct auth_proto *ft_over_air_sm_new(struct handshake_state *hs,
ft_tx_authenticate_func_t tx_auth,
ft_tx_associate_func_t tx_assoc,
--
2.26.2
next prev parent reply other threads:[~2021-04-15 22:45 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-15 22:45 [PATCH 1/8] ft: separate ft_sm from ft_process_ies James Prestwood
2021-04-15 22:45 ` James Prestwood [this message]
2021-04-16 16:32 ` [PATCH 2/8] ft: expose ft_build_authenticate_ies Denis Kenzior
2021-04-15 22:45 ` [PATCH 3/8] ft: add ft_over_ds_handshake_new James Prestwood
2021-04-15 22:45 ` [PATCH 4/8] ft: add ft_parse_action_response James Prestwood
2021-04-15 22:45 ` [PATCH 5/8] netdev: factor out FT handshake preparation James Prestwood
2021-04-16 16:33 ` Denis Kenzior
2021-04-15 22:45 ` [PATCH 6/8] ft: netdev: refactor FT-over-DS to properly handle Auth failures James Prestwood
2021-04-16 17:37 ` Denis Kenzior
2021-04-15 22:45 ` [PATCH 7/8] station: specially handle FT-over-DS failure James Prestwood
2021-04-15 22:45 ` [PATCH 8/8] ft: netdev: add return value to tx_associate James Prestwood
2021-04-16 16:31 ` [PATCH 1/8] ft: separate ft_sm from ft_process_ies Denis Kenzior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210415224508.1823614-2-prestwoj@gmail.com \
--to=prestwoj@gmail.com \
--cc=iwd@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox