From patchwork Tue Jan 17 14:03:02 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Antonio Quartulli <ordex@autistici.org>
X-Patchwork-Id: 136478
Return-Path: <hostap-bounces@lists.shmoo.com>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from maxx.maxx.shmoo.com (maxx.shmoo.com [205.134.188.171])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "maxx.shmoo.com",
	Issuer "CA Cert Signing Authority" (not verified))
	by ozlabs.org (Postfix) with ESMTPS id A9CB0B6EEC
	for <patchwork-incoming@ozlabs.org>;
	Wed, 18 Jan 2012 01:04:04 +1100 (EST)
Received: from localhost (localhost [127.0.0.1])
	by maxx.maxx.shmoo.com (Postfix) with ESMTP id 2A7EB9CDCC;
	Tue, 17 Jan 2012 09:04:02 -0500 (EST)
X-Virus-Scanned: amavisd-new at maxx.shmoo.com
Received: from maxx.maxx.shmoo.com ([127.0.0.1])
	by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Nvi7JWpdZpph; Tue, 17 Jan 2012 09:04:01 -0500 (EST)
Received: from maxx.shmoo.com (localhost [127.0.0.1])
	by maxx.maxx.shmoo.com (Postfix) with ESMTP id F2EE99D089;
	Tue, 17 Jan 2012 09:03:57 -0500 (EST)
X-Original-To: mailman-post+hostap@maxx.shmoo.com
Delivered-To: mailman-post+hostap@maxx.shmoo.com
Received: from localhost (localhost [127.0.0.1])
	by maxx.maxx.shmoo.com (Postfix) with ESMTP id C0B9F9D089
	for <mailman-post+hostap@maxx.shmoo.com>;
	Tue, 17 Jan 2012 09:03:56 -0500 (EST)
X-Virus-Scanned: amavisd-new at maxx.shmoo.com
Received: from maxx.maxx.shmoo.com ([127.0.0.1])
	by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id lzUMCXgZFgxq for <mailman-post+hostap@maxx.shmoo.com>;
	Tue, 17 Jan 2012 09:03:51 -0500 (EST)
Received: from confino.investici.org (investici.nine.ch [217.150.252.179])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "smtp.autistici.org",
	Issuer "Autistici/Inventati Certification Authority" (not verified))
	by maxx.maxx.shmoo.com (Postfix) with ESMTPS id 0E9BC9CDCC
	for <hostap@lists.shmoo.com>; Tue, 17 Jan 2012 09:03:50 -0500 (EST)
Received: from [217.150.252.179] (confino [217.150.252.179]) (Authenticated
	sender: ordex@autistici.org) by localhost (Postfix) with
	ESMTPSA id D8776C8663; Tue, 17 Jan 2012 14:03:47 +0000 (UTC)
X-DKIM: Sendmail DKIM Filter v2.8.2 confino.investici.org D8776C8663
From: Antonio Quartulli <ordex@autistici.org>
To: hostap <hostap@lists.shmoo.com>
Subject: [PATCH] wpa_supplicant: support IBSS RSN STA authorization
Date: Tue, 17 Jan 2012 15:03:02 +0100
Message-Id: <1326808982-11510-1-git-send-email-ordex@autistici.org>
X-Mailer: git-send-email 1.7.3.4
X-BeenThere: hostap@lists.shmoo.com
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HostAP Project <hostap.lists.shmoo.com>
List-Unsubscribe: <http://lists.shmoo.com/mailman/listinfo/hostap>,
	<mailto:hostap-request@lists.shmoo.com?subject=unsubscribe>
List-Archive: <http://lists.shmoo.com/pipermail/hostap>
List-Post: <mailto:hostap@lists.shmoo.com>
List-Help: <mailto:hostap-request@lists.shmoo.com?subject=help>
List-Subscribe: <http://lists.shmoo.com/mailman/listinfo/hostap>,
	<mailto:hostap-request@lists.shmoo.com?subject=subscribe>
MIME-Version: 1.0
Sender: hostap-bounces@lists.shmoo.com
Errors-To: hostap-bounces@lists.shmoo.com

In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new stations.
This patch makes wpa_supplicant notify the driver when a station can be
considered authorised.

Signed-hostap: Antonio Quartulli <ordex@autistici.org>
---

This patch depends on the not yet committed one:
"cfg80211/mac80211: userspace peer authorization in IBSS"
which is pending on the linux-wireless mailing-list



 src/drivers/driver_nl80211.c |    3 +++
 wpa_supplicant/ibss_rsn.c    |   18 +++++++++++++++++-
 2 files changed, 20 insertions(+), 1 deletions(-)

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 6af8cc9..791f15a 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -6397,6 +6397,9 @@ retry:
 	if (ret)
 		goto nla_put_failure;
 
+	if (params->key_mgmt_suite == KEY_MGMT_802_1X)
+		NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT);
+
 	if (params->wpa_ie) {
 		wpa_hexdump(MSG_DEBUG,
 			    "  * Extra IEs for Beacon/Probe Response frames",
diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c
index d4fa39d..40fc7e0 100644
--- a/wpa_supplicant/ibss_rsn.c
+++ b/wpa_supplicant/ibss_rsn.c
@@ -19,6 +19,7 @@
 #include "rsn_supp/wpa.h"
 #include "rsn_supp/wpa_ie.h"
 #include "ap/wpa_auth.h"
+#include "ap/wpa_auth_i.h"
 #include "wpa_supplicant_i.h"
 #include "driver_i.h"
 #include "ibss_rsn.h"
@@ -545,7 +546,7 @@ static int ibss_rsn_process_rx_eapol(struct ibss_rsn *ibss_rsn,
 				     struct ibss_rsn_peer *peer,
 				     const u8 *buf, size_t len)
 {
-	int supp;
+	int supp, res;
 	u8 *tmp;
 
 	supp = ibss_rsn_eapol_dst_supp(buf, len);
@@ -562,6 +563,21 @@ static int ibss_rsn_process_rx_eapol(struct ibss_rsn *ibss_rsn,
 	} else {
 		wpa_printf(MSG_DEBUG, "RSN: IBSS RX EAPOL for Authenticator");
 		wpa_receive(ibss_rsn->auth_group, peer->auth, tmp, len);
+		/* check if the peer has been authorized */
+		if (peer->auth->wpa_ptk_state == WPA_PTK_PTKINITDONE) {
+			res = wpa_drv_sta_set_flags(ibss_rsn->wpa_s, peer->addr,
+						    WPA_STA_AUTHORIZED,
+						    WPA_STA_AUTHORIZED,
+						    0xFFFFFFFF);
+			if (res < 0)
+				wpa_printf(MSG_DEBUG, "RSN: Error while "
+					   "authorising STA " MACSTR,
+					   MAC2STR(peer->addr));
+			else
+				wpa_printf(MSG_DEBUG, "RSN: STA " MACSTR
+					   " authorised.\n",
+					   MAC2STR(peer->addr));
+		}
 	}
 	os_free(tmp);