From patchwork Wed Dec 5 10:23:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnout Vandecappelle X-Patchwork-Id: 1008152 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=mind.be Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="C9luHn4U"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=mind-be.20150623.gappssmtp.com header.i=@mind-be.20150623.gappssmtp.com header.b="EGggMlAS"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 438w0l0LCgz9s8J for ; Wed, 5 Dec 2018 21:27:51 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=pk8AdJU70v38wQYeHXwKdlpIgWaSdtXzbUWObqajEIY=; b=C9luHn4U97pHI9 zBr7xQZigtURcYJTOOyN9ZgHfNp9yWgeJDZnfTQBwsje0oyJx2LA8np2/GTQ59IznGPFrXaHKkqjO vMP/MBE2wfrY1NjEQEQ2kJGxk+u6feqvy9O6BHqaFzto/K/C+vlV0s+j8IX2lTFg2gN4C/27hmF+g SXcaKBb0Y6Q1Ax6sSs+6Bu+wW/N7Wbsv8A45Q9n+UncchMOeydRhgjOBJrZXmWo4JvUGeZLUoDZXe fHuTaF/WExjPLtRT52QobwqGtMQhiCiDynmt30OYLRpuVsdwmEvBp+18oSO/EyunizI6E2JZTcigb HjHLdTKi7UIe9USuN30Q==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.90_1 #2 (Red Hat Linux)) id 1gUUP6-0006xp-JU; Wed, 05 Dec 2018 10:27:40 +0000 Received: from mail-ed1-x543.google.com ([2a00:1450:4864:20::543]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1gUUOL-0006DT-O9 for hostap@lists.infradead.org; Wed, 05 Dec 2018 10:27:06 +0000 Received: by mail-ed1-x543.google.com with SMTP id y56so16513714edd.11 for ; Wed, 05 Dec 2018 02:26:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mind-be.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=dqfbHdrL5vul+/V2M6t0yxqYHvf4O1Io08ts1CWcI1I=; b=EGggMlASrMiQb1c8sBYqZNzzDHLq1GeMvmNU7/3o7EIrpEPqYuwzaXqevOK9FTML0w Ggcf68QV7V3mWycP70zZ7YxVqDCep/cJyyb7xrZPFhktiC/adb7L30m66wCpojK3fob/ lqPbuRR0uqXq5Su5Zug+nFdqDFtIU4X96OnrujFvkU9oZ753VIzr4IvV/FUDnb1cFAJt +PlHlpns1rpjyrb3IVqQzADmgMKLLvQ4UgIeM7jV0JtA6W9EN14UqQr97q6Zle0ySVZw vvGXAPjeI/JDyEypozuOEiHQntiL4SmQKpmT1zb9675hd6SP9XqGJehWhZGeAM7BSrl5 wMFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=dqfbHdrL5vul+/V2M6t0yxqYHvf4O1Io08ts1CWcI1I=; b=rQ6qV4zJ/kipAOY8da1UDWF0PV2fDi8KYDXCGuOqUcZlnCCtOlgsCatMToxIdt1PMm 0iuYlNJWMOzh2yJ5F9daoffE88VpE1aEOht79zGXxqgPB+4lvuqIv1X2LR5KAqxozWzH JpewPcxEwcKSkk5ZN/MxM4l6CU+dQhQH4bT3X2LzW12zxjp8YZF9FqQGhCjbraxfoQI3 TxrZmp++QA1ac94DzVVR8V+kfjS7KRt2/IuDGKzYi9TtSO86Tz6voeyl90KBsY8QfVT9 TQMNBb1HVS3g0/xqk0kfygVg6n9Q8Gi5tLQD0g9Wjhv19xna4vLlcCfcK9i61sWnAFy1 y/ug== X-Gm-Message-State: AA+aEWbRPMRLeshN7NWkSKITkD3MqDn16ly5CFlSUyJJTlE6dwboBGQq WXjrVp1EuD++XsiTX3Wbohd4qlpaIUA= X-Google-Smtp-Source: AFSGD/UGY21Np1rJA7sxaQK4XsKQSXEfRtxU1SUjynEko/XnCWyO8dJn+U6ydHZPhmXMECVhNfsTtQ== X-Received: by 2002:aa7:d602:: with SMTP id c2mr20816578edr.203.1544005611879; Wed, 05 Dec 2018 02:26:51 -0800 (PST) Received: from localhost.localdomain (ip-188-118-3-185.reverse.destiny.be. [188.118.3.185]) by smtp.gmail.com with ESMTPSA id z2sm5438020edd.4.2018.12.05.02.26.51 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 05 Dec 2018 02:26:51 -0800 (PST) From: "Arnout Vandecappelle (Essensium/Mind)" To: hostap@lists.infradead.org Subject: [PATCH v3 08/12] hostapd: fully validate multi-AP IE Date: Wed, 5 Dec 2018 11:23:58 +0100 Message-Id: <20181205102401.17810-9-arnout@mind.be> X-Mailer: git-send-email 2.19.2 In-Reply-To: <20181205102401.17810-1-arnout@mind.be> References: <20181205102401.17810-1-arnout@mind.be> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20181205_022654_037526_575BEB27 X-CRM114-Status: GOOD ( 18.20 ) X-Spam-Score: 1.0 (+) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (1.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:543 listed in] [list.dnswl.org] 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 DKIMWL_WL_MED DKIMwl.org - Whitelisted Medium sender X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Venkateswara Naralasetty , "Arnout Vandecappelle \(Essensium/Mind\)" Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org The validation of the multi-AP IE in hostapd is not very complete. * When the IE is incorrectly constructed, return WLAN_STATUS_INVALID_IE. This might not be entirely the right thing to do, since that status is in principle reserved for IEs specified in IEEE 802.11-2016, but it makes sense to use that for incorrect subelements as well, and it's done in other places. * When the AP is configured as fronthaul-only, association requests for backhaul STA are rejected. * When the AP is configured as backhaul-only, association requests without backhaul STA are rejected. * A multi-AP IE with a value different than MULTI_AP_BACKHAUL_STA is ignored (i.e. treated the same as if it was missing). * Rejections use reason WLAN_STATUS_ASSOC_DENIED_UNSPEC instead of WLAN_STATUS_UNSPECIFIED_FAILURE - that seems a better match with the IEEE 802.11-2016 specification. * Set the WLAN_STA_MULTI_AP based on the IE, independent of whether it is a backhaul or fronthaul AP. This makes sure that the Association Response contains the IE even if it is a rejection. None of the above is explicitly specified in the Multi-AP Specification. However, it is pretty clear that we only want backhaul stations on a backhaul-only AP and only fronthaul stations on a fronhaul-only AP, otherwise the distinction is pointless. Finally, rename hostapd_validate_multi_ap_ie() to check_multi_ap() and directly give it the multi_ap_ie as argument rather than the ieee802_11_elems, since that is how most other functions in that file work. Signed-off-by: Arnout Vandecappelle (Essensium/Mind) Cc: Venkateswara Naralasetty --- src/ap/ieee802_11.c | 58 +++++++++++++++++++++++++++++++-------------- 1 file changed, 40 insertions(+), 18 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index fec5882e0..63ab27cb3 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -2224,31 +2224,53 @@ static u16 check_wmm(struct hostapd_data *hapd, struct sta_info *sta, return WLAN_STATUS_SUCCESS; } -static u16 hostapd_validate_multi_ap_ie(struct hostapd_data *hapd, - struct sta_info *sta, - struct ieee802_11_elems *elems) +static u16 check_multi_ap(struct hostapd_data *hapd, struct sta_info *sta, + const u8 *multi_ap_ie, size_t multi_ap_len) { - const u8 *pos, *map_sub_elem; - size_t len; + u8 multi_ap_value = 0; - if (!hapd->conf->multi_ap || !elems->multi_ap) + sta->flags &= ~WLAN_STA_MULTI_AP; + + if (!hapd->conf->multi_ap) return WLAN_STATUS_SUCCESS; - pos = elems->multi_ap + 4;/* OUI[3] and OUT_TYPE 1 */ - len = elems->multi_ap_len - 4; + if (multi_ap_ie) { + const u8 *multi_ap_subelem = get_ie(multi_ap_ie + 4, + multi_ap_len - 4, + MULTI_AP_SUB_ELEM_TYPE); + if (multi_ap_subelem && + multi_ap_subelem[1] == 1) + multi_ap_value = multi_ap_subelem[2]; + else { + hostapd_logger(hapd, sta->addr, + HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Multi-AP IE has missing or invalid Multi-AP subelement"); + return WLAN_STATUS_INVALID_IE; + } + } - sta->flags &= ~WLAN_STA_MULTI_AP; + if (multi_ap_value == MULTI_AP_BACKHAUL_STA) + sta->flags |= WLAN_STA_MULTI_AP; - map_sub_elem = get_ie(pos, len, MULTI_AP_SUB_ELEM_TYPE); + if (hapd->conf->multi_ap & BACKHAUL_BSS && + multi_ap_value == MULTI_AP_BACKHAUL_STA) + return WLAN_STATUS_SUCCESS; - if (map_sub_elem) { - if (map_sub_elem[1] < 1) - return WLAN_STATUS_UNSPECIFIED_FAILURE; - if (map_sub_elem[2] & MULTI_AP_BACKHAUL_STA) - sta->flags |= WLAN_STA_MULTI_AP; + if (hapd->conf->multi_ap & FRONTHAUL_BSS) { + if (multi_ap_value == MULTI_AP_BACKHAUL_STA) { + hostapd_logger(hapd, sta->addr, + HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Backhaul STA tries to associate with fronthaul-only BSS"); + return WLAN_STATUS_ASSOC_DENIED_UNSPEC; + } + return WLAN_STATUS_SUCCESS; } - - return WLAN_STATUS_SUCCESS; + hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, + HOSTAPD_LEVEL_INFO, + "Non-Multi-AP STA tries to associate with backhaul-only BSS"); + return WLAN_STATUS_ASSOC_DENIED_UNSPEC; } static u16 copy_supp_rates(struct hostapd_data *hapd, struct sta_info *sta, @@ -2507,7 +2529,7 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, if (resp != WLAN_STATUS_SUCCESS) return resp; - resp = hostapd_validate_multi_ap_ie(hapd, sta, &elems); + resp = check_multi_ap(hapd, sta, elems.multi_ap, elems.multi_ap_len); if (resp != WLAN_STATUS_SUCCESS) return resp;