From nobody Wed Jul 06 00:32:05 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0364A1D0AF03; Wed, 6 Jul 2022 00:32:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ld0q96GsXz4nyH; Wed, 6 Jul 2022 00:32:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1657067525; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4Mg0CAEG05mCiUHIkgxcLA6MOQNSKJhwU86AXPMP2dc=; b=TLRJfhNlEWvpd9/GhLZhh232n6PTMOqUeqn7jZbfaYdQuPWz94WV4x1MAP8ptTYB6Wmhv9 wnTwSzbEzTeJuiFrSWerbpf5Fz9mcsPQ5ss16tjkxwFZgppy2w5Ll/NT2KNspvmv3qKlbo UawudrTgrCDInqHY/8KGrMqq2t/HEHGA9Ixe8KUZd2RFnKv8VXfvqFxcf8nRSQbBwAqSwQ 5rm6k/0gQuHLGgnM4N/KsIHQzFH7IXj7HhbyGPd4QYWKN02V4arDvTkUGSGFw1LKbWY3e6 15hTc7GIq5k8pe4NfF86ljFWk4SCsF1gaORwmh7PaOaY+KcyLzJ9FllMa2DpXQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B89AA7E46; Wed, 6 Jul 2022 00:32:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2660W5vL042339; Wed, 6 Jul 2022 00:32:05 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2660W5s5042338; Wed, 6 Jul 2022 00:32:05 GMT (envelope-from git) Date: Wed, 6 Jul 2022 00:32:05 GMT Message-Id: <202207060032.2660W5s5042338@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Cy Schubert Subject: git: 30d9a7b643df - stable/13 - wpa_supplicant: Resolve secondary VAP association issue List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 30d9a7b643dfa244319945b9f44c9d4f595b48ac Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1657067525; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4Mg0CAEG05mCiUHIkgxcLA6MOQNSKJhwU86AXPMP2dc=; b=EjpgoR1XmBVvOC1OM9XHHMpwGXd5W7Kz/OkFwHi0rPxmw4o/lYyVO+qKKXR+cAwkRYk6uq NKHsfg5GkmERMoiVPXWeDnGRD0qIPtoqcEGX29XGycJichN1mSt5ciQt3tYbNdF3f0Db0+ B3swOk0yb2iCBjLPB/PT0+fhZl3JKJH9b0ClUCB5jBFXQyPZW1W/w+2Q6kPxJVYWorK88W 3+PWCrdnFEL21kqkDjyLeTRra5oBm7k5PPvBD5Sv9raDyMQivhQY8nuVIXscf+7fDDW2GB WigylAvo3QlL8lazm0EzJ2QUuEINv8I8INjGiC1CEpncv/mVgCwWXeJywYs97g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1657067525; a=rsa-sha256; cv=none; b=smMK6f3YD/PwqeOz3a2lhuKMJAu6vwzDum8ClW3DSmlKX9yOkmshujAPJvt90NyJnx/6Ar NIG7fjHR51MZ4Iz9EoRuKtTjf26PloSnmDcyFrver+V7fFdQTuooxIZUaXPFrCUW1pNuUG x4IXmARcPh5vYNLfJv92NhjODos6x4jeYmVvSqtCX6nllg9hSXxFqH7vXknEsF7HNVtMPy vAkK/mQgmOGvwbS9SdhYqLIwAyLSDnXM8RAbcVTijN5ioTTeM4eTRUaOdeoIfBvMsHL2Vk fqx8V81djnsxO9QlO6nk7Lr7fBTpBZYqxLSCf8LEEPDbFlvYAHt/yPpn4nfI/A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=30d9a7b643dfa244319945b9f44c9d4f595b48ac commit 30d9a7b643dfa244319945b9f44c9d4f595b48ac Author: J.R. Oldroyd AuthorDate: 2022-07-02 18:15:31 +0000 Commit: Cy Schubert CommitDate: 2022-07-06 00:31:32 +0000 wpa_supplicant: Resolve secondary VAP association issue Association will fail on a secondary open unprotected VAP when the primary VAP is configured for WPA. Examples of secondary VAPs are, hotels, universities, and commodity routers' guest networks. A broadly similar bug was discussed on Red Hat's bugzilla affecting association to a D-Link DIR-842. This suggests that as IEs were added to the 802.11 protocol the old code was increasingly inadaquate to handle the additional IEs, not only a secondary VAP. PR: 264238 Reported by: Jaskie "J.R. Oldroyd" Submitted by: "J.R. Oldroyd" (cherry picked from commit 775611ea11db0973fd8b7aef0f5eb527308efd05) --- contrib/wpa/src/drivers/driver_bsd.c | 65 ++++++++++++++++++++++++++---------- 1 file changed, 48 insertions(+), 17 deletions(-) diff --git a/contrib/wpa/src/drivers/driver_bsd.c b/contrib/wpa/src/drivers/driver_bsd.c index c455bc931036..345bbb892ecf 100644 --- a/contrib/wpa/src/drivers/driver_bsd.c +++ b/contrib/wpa/src/drivers/driver_bsd.c @@ -14,6 +14,7 @@ #include "driver.h" #include "eloop.h" #include "common/ieee802_11_defs.h" +#include "common/ieee802_11_common.h" #include "common/wpa_common.h" #include @@ -1200,14 +1201,42 @@ handle_read(void *ctx, const u8 *src_addr, const u8 *buf, size_t len) drv_event_eapol_rx(drv->ctx, src_addr, buf, len); } +static int +wpa_driver_bsd_set_rsn_wpa_ie(struct bsd_driver_data * drv, + struct wpa_driver_associate_params *params, const u8 *ie) +{ + int privacy; + size_t ie_len = ie[1] ? ie[1] + 2 : 0; + + /* XXX error handling is wrong but unclear what to do... */ + if (wpa_driver_bsd_set_wpa_ie(drv, ie, ie_len) < 0) + return -1; + + privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && + params->group_suite == WPA_CIPHER_NONE && + params->key_mgmt_suite == WPA_KEY_MGMT_NONE); + wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, + privacy); + + if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) + return -1; + + if (ie_len && + set80211param(drv, IEEE80211_IOC_WPA, + ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) + return -1; + + return 0; +} + static int wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) { struct bsd_driver_data *drv = priv; struct ieee80211req_mlme mlme; u32 mode; - int privacy; int ret = 0; + const u8 *wpa_ie, *rsn_ie; wpa_printf(MSG_DEBUG, "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u" @@ -1256,23 +1285,25 @@ wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) ret = -1; if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0) ret = -1; - /* XXX error handling is wrong but unclear what to do... */ - if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) - return -1; - privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && - params->group_suite == WPA_CIPHER_NONE && - params->key_mgmt_suite == WPA_KEY_MGMT_NONE && - params->wpa_ie_len == 0); - wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, privacy); - - if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) - return -1; - - if (params->wpa_ie_len && - set80211param(drv, IEEE80211_IOC_WPA, - params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) - return -1; + if (params->wpa_ie_len) { + rsn_ie = get_ie(params->wpa_ie, params->wpa_ie_len, + WLAN_EID_RSN); + if (rsn_ie) { + if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, + rsn_ie) < 0) + return -1; + } + else { + wpa_ie = get_vendor_ie(params->wpa_ie, + params->wpa_ie_len, WPA_IE_VENDOR_TYPE); + if (wpa_ie) { + if (wpa_driver_bsd_set_rsn_wpa_ie(drv, params, + wpa_ie) < 0) + return -1; + } + } + } /* * NB: interface must be marked UP for association