From patchwork Fri Oct 22 09:26:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stanislaw Gruszka X-Patchwork-Id: 1544868 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=j24ej76p; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=wp.pl header.i=@wp.pl header.a=rsa-sha256 header.s=1024a header.b=QgF19f8c; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HbKTm28mgz9s1l for ; Fri, 22 Oct 2021 20:55:24 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To :From:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=AeSBGso+a0AphpIgFsIvxNlKBs8isegV08iKCxOI8K8=; b=j24ej76pZsHh59 opE9r4nsNOI5sGR+g/27Q1+3UfIFGBAYmmC0n9q3J23/Tx57pVaOEzfmjhg0VcHz5CNqkvjkcs+uU LcdBXMcZiispntb5thaYx9urcH8zcfGE1FsKHuMVbO50dNKZbgVJqP2U/nfOn4FfPKjqKx82LN9I3 4TkN4mBcUlVcJR6GZV13CZHw/JhMlMMhf5QroGf5uI4KEIxnmXyL37PGnlV6dlnlux02GwJDo/Xq3 zwIfN6zEjHQAGmoOxL2SDxB84JAZneA6Y15svHE/dXONeLA/OBgwxGb3Jh+Zdx+sdq4ktxO7GwUEg JiU42HnFD75cQU5tvxHA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mdrFU-00ASYc-Lc; Fri, 22 Oct 2021 09:54:04 +0000 Received: from mx3.wp.pl ([212.77.101.9]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mdqpG-00AMms-Di for hostap@lists.infradead.org; Fri, 22 Oct 2021 09:27:01 +0000 Received: (wp-smtpd smtp.wp.pl 29878 invoked from network); 22 Oct 2021 11:26:47 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wp.pl; s=1024a; t=1634894807; bh=iqYz0clAGLYV3stcVPQkN5hblgVnHviJyrj70rrz0uw=; h=From:To:Subject; b=QgF19f8cOuQ/JqSQVV8YBnPc/2vD8vk74yrrFbF2thPizEo/UcdcDEeIxRhRu7+U9 o13anTZnaMOP6n2238cUzbPc2hcxqvfbxJmk6lUxFU1PbQJf8CnzvQGyVpRgMKV69O yKjJnDcRdMYm32jPoyCjn8DDsHu+lJpXjbR49CA8= Received: from ip4-46-39-164-204.cust.nbox.cz (HELO localhost) (stf_xl@wp.pl@[46.39.164.204]) (envelope-sender ) by smtp.wp.pl (WP-SMTPD) with ECDHE-RSA-AES256-GCM-SHA384 encrypted SMTP for ; 22 Oct 2021 11:26:47 +0200 From: Stanislaw Gruszka To: hostap@lists.infradead.org Subject: [PATCH 1/2] Basic support for Multi-AP Profile 2 - WPS changes Date: Fri, 22 Oct 2021 11:26:45 +0200 Message-Id: <20211022092646.10016-1-stf_xl@wp.pl> X-Mailer: git-send-email 2.25.4 MIME-Version: 1.0 X-WP-MailID: c83b8b50d192650c5b39304b241b34c9 X-WP-AV: skaner antywirusowy Poczty Wirtualnej Polski X-WP-SPAM: NO 0000001 [UTLy] X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20211022_022659_007954_BCB2DA02 X-CRM114-Status: GOOD ( 20.67 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Patch adds hostapd config option to allow to configure Multi-AP profile and primary vlan_id. It then use those values to send Multi-AP Profile and Multi-AP Default 802.1Q subelements via WPS WFA Vendor Extensions. This is can be used Multi-AP onbaording with Traffic Separation feature. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [212.77.101.9 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [212.77.101.9 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [stf_xl[at]wp.pl] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Mailman-Approved-At: Fri, 22 Oct 2021 02:54:03 -0700 X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Patch adds hostapd config option to allow to configure Multi-AP profile and primary vlan_id. It then use those values to send Multi-AP Profile and Multi-AP Default 802.1Q subelements via WPS WFA Vendor Extensions. This is can be used Multi-AP onbaording with Traffic Separation feature. Some important parts are missed i.e. passing values from supplicant and needs to be added. We infernally use ubus event when get WPS credentials and pass vlan_id value there. It's needed further to allow authentication be done via vlan when Traffic Separation feature is enababled. Signed-off-by: Stanislaw Gruszka --- hostapd/config_file.c | 20 ++++++++++++++ src/ap/ap_config.h | 2 ++ src/ap/wps_hostapd.c | 8 +++++- src/wps/wps.h | 16 ++++++++++- src/wps/wps_attr_build.c | 57 ++++++++++++++++++++++++++++++++++++++++ src/wps/wps_attr_parse.c | 22 ++++++++++++++++ src/wps/wps_attr_parse.h | 3 +++ src/wps/wps_defs.h | 4 ++- src/wps/wps_enrollee.c | 4 ++- src/wps/wps_i.h | 2 ++ src/wps/wps_registrar.c | 36 +++++++++++++++++++++++-- 11 files changed, 168 insertions(+), 6 deletions(-) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 7b03edf36..0554115d1 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -4551,6 +4551,26 @@ static int hostapd_config_fill(struct hostapd_config *conf, } bss->multi_ap = val; + } else if (os_strcmp(buf, "multi_ap_profile") == 0) { + int val = atoi(pos); + + if (val < 1 || val > 2) { + wpa_printf(MSG_ERROR, "Line %d: Invalid multi_ap_profile '%s'", + line, buf); + return -1; + } + + bss->multi_ap_profile = val; + } else if (os_strcmp(buf, "multi_ap_primary_vlan_id") == 0) { + int val = atoi(pos); + + if (val < 0 || val > MAX_VLAN_ID) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid multi_ap_primary_vlan_id %d (expected 0..%d)", + line, val, MAX_VLAN_ID); + return 1; + } + bss->multi_ap_primary_vlan_id = val; } else if (os_strcmp(buf, "rssi_reject_assoc_rssi") == 0) { conf->rssi_reject_assoc_rssi = atoi(pos); } else if (os_strcmp(buf, "rssi_reject_assoc_timeout") == 0) { diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index 3ba368987..ed800a9e3 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -774,6 +774,8 @@ struct hostapd_bss_config { #define BACKHAUL_BSS 1 #define FRONTHAUL_BSS 2 int multi_ap; /* bitmap of BACKHAUL_BSS, FRONTHAUL_BSS */ + int multi_ap_profile; + int multi_ap_primary_vlan_id; #ifdef CONFIG_AIRTIME_POLICY unsigned int airtime_weight; diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c index 9f22e39a2..7a634352a 100644 --- a/src/ap/wps_hostapd.c +++ b/src/ap/wps_hostapd.c @@ -1290,6 +1290,10 @@ int hostapd_init_wps(struct hostapd_data *hapd, cfg.multi_ap_backhaul_network_key_len = 2 * PMK_LEN; } } + if (conf->multi_ap) { + cfg.multi_ap_profile = conf->multi_ap_profile; + cfg.multi_ap_primary_vlan_id = conf->multi_ap_primary_vlan_id; + } wps->ap_settings = conf->ap_settings; wps->ap_settings_len = conf->ap_settings_len; @@ -1418,7 +1422,9 @@ static int hostapd_wps_update_multi_ap(struct hostapd_data *hapd, reg, conf->multi_ap_backhaul_ssid.ssid, conf->multi_ap_backhaul_ssid.ssid_len, multi_ap_backhaul_network_key, - multi_ap_backhaul_network_key_len); + multi_ap_backhaul_network_key_len, + conf->multi_ap_profile, + conf->multi_ap_primary_vlan_id); os_free(multi_ap_backhaul_network_key); return ret; diff --git a/src/wps/wps.h b/src/wps/wps.h index fed3e2848..5a99d3abd 100644 --- a/src/wps/wps.h +++ b/src/wps/wps.h @@ -437,6 +437,18 @@ struct wps_registrar_config { * multi_ap_backhaul_network_key in octets */ size_t multi_ap_backhaul_network_key_len; + + /** + * multi_ap_prorifle - This is parameter for + * Multi-AP Profile subelement + */ + int multi_ap_profile; + + /** + * multi_ap_primary_vlan_id - This is parameter for + * Default 8021Q Settings Subelement + */ + int multi_ap_primary_vlan_id; }; @@ -881,7 +893,9 @@ int wps_registrar_update_multi_ap(struct wps_registrar *reg, const u8 *multi_ap_backhaul_ssid, size_t multi_ap_backhaul_ssid_len, const u8 *multi_ap_backhaul_network_key, - size_t multi_ap_backhaul_network_key_len); + size_t multi_ap_backhaul_network_key_len, + u8 multi_ap_profile, + u16 multi_ap_primary_vlan_id); int wps_build_credential_wrap(struct wpabuf *msg, const struct wps_credential *cred); diff --git a/src/wps/wps_attr_build.c b/src/wps/wps_attr_build.c index f37225676..e231cb88e 100644 --- a/src/wps/wps_attr_build.c +++ b/src/wps/wps_attr_build.c @@ -248,6 +248,48 @@ int wps_build_wfa_ext(struct wpabuf *msg, int req_to_enroll, MAC2STR(&auth_macs[i * ETH_ALEN])); } + WPA_PUT_BE16(len, (u8 *) wpabuf_put(msg, 0) - len - 2); + +#ifdef CONFIG_WPS_TESTING + if (WPS_VERSION > 0x20) { + if (wpabuf_tailroom(msg) < 5) + return -1; + wpa_printf(MSG_DEBUG, "WPS: * Extensibility Testing - extra " + "attribute"); + wpabuf_put_be16(msg, ATTR_EXTENSIBILITY_TEST); + wpabuf_put_be16(msg, 1); + wpabuf_put_u8(msg, 42); + } +#endif /* CONFIG_WPS_TESTING */ + return 0; +} + + +int wps_build_wfa_ext_multi_ap(struct wpabuf *msg, u8 multi_ap_subelem, + u8 profile, u16 vlan_id) +{ + u8 *len; + +#ifdef CONFIG_WPS_TESTING + if (WPS_VERSION == 0x10) + return 0; +#endif /* CONFIG_WPS_TESTING */ + + if (wpabuf_tailroom(msg) < + 7 + 3 + + (multi_ap_subelem ? 3 : 0) + + (profile ? 7 : 0)) + return -1; + + wpabuf_put_be16(msg, ATTR_VENDOR_EXT); + len = wpabuf_put(msg, 2); /* to be filled */ + wpabuf_put_be24(msg, WPS_VENDOR_ID_WFA); + + wpa_printf(MSG_INFO, "WPS: * Version2 (0x%x)", WPS_VERSION); + wpabuf_put_u8(msg, WFA_ELEM_VERSION2); + wpabuf_put_u8(msg, 1); + wpabuf_put_u8(msg, WPS_VERSION); + if (multi_ap_subelem) { wpa_printf(MSG_DEBUG, "WPS: * Multi-AP (0x%x)", multi_ap_subelem); @@ -256,6 +298,21 @@ int wps_build_wfa_ext(struct wpabuf *msg, int req_to_enroll, wpabuf_put_u8(msg, multi_ap_subelem); } + if (profile) { + wpa_printf(MSG_DEBUG, "WPS: * Multi-AP profile (%d)", profile); + wpabuf_put_u8(msg, WFA_ELEM_MULTI_AP_PROFILE); + wpabuf_put_u8(msg, 1); /* length */ + wpabuf_put_u8(msg, profile); + + if (vlan_id) { + wpa_printf(MSG_DEBUG, "WPS: * Multi-AP vlan_id (%d)", + vlan_id); + wpabuf_put_u8(msg, WFA_ELEM_MULTI_AP_8021Q); + wpabuf_put_u8(msg, 2); /* length */ + wpabuf_put_le16(msg, vlan_id); + } + } + WPA_PUT_BE16(len, (u8 *) wpabuf_put(msg, 0) - len - 2); #ifdef CONFIG_WPS_TESTING diff --git a/src/wps/wps_attr_parse.c b/src/wps/wps_attr_parse.c index fd5163515..0cc41f026 100644 --- a/src/wps/wps_attr_parse.c +++ b/src/wps/wps_attr_parse.c @@ -78,6 +78,28 @@ static int wps_set_vendor_ext_wfa_subelem(struct wps_parse_attr *attr, wpa_printf(MSG_DEBUG, "WPS: Multi-AP Extension 0x%02x", attr->multi_ap_ext); break; + case WFA_ELEM_MULTI_AP_PROFILE: + if (len != 1) { + wpa_printf(MSG_DEBUG, + "WPS: Invalid Multi-AP Profile length %u", + len); + return -1; + } + attr->multi_ap_profile = *pos; + wpa_printf(MSG_DEBUG, "WPS: Multi-AP Profile %u", + attr->multi_ap_profile); + break; + case WFA_ELEM_MULTI_AP_8021Q: + if (len != 2) { + wpa_printf(MSG_DEBUG, + "WPS: Invalid Multi-AP Default 8021Q Settings length %u", + len); + return -1; + } + attr->multi_ap_primary_vlan_id = WPA_GET_LE16(pos); + wpa_printf(MSG_DEBUG, "WPS: Multi-AP vlan_id %u", + attr->multi_ap_primary_vlan_id); + break; default: wpa_printf(MSG_MSGDUMP, "WPS: Skipped unknown WFA Vendor " "Extension subelement %u", id); diff --git a/src/wps/wps_attr_parse.h b/src/wps/wps_attr_parse.h index 4de27b26d..4fc91aa59 100644 --- a/src/wps/wps_attr_parse.h +++ b/src/wps/wps_attr_parse.h @@ -97,7 +97,10 @@ struct wps_parse_attr { const u8 *cred[MAX_CRED_COUNT]; const u8 *req_dev_type[MAX_REQ_DEV_TYPE_COUNT]; const u8 *vendor_ext[MAX_WPS_PARSE_VENDOR_EXT]; + u8 multi_ap_ext; + u8 multi_ap_profile; + u16 multi_ap_primary_vlan_id; }; int wps_parse_msg(const struct wpabuf *msg, struct wps_parse_attr *attr); diff --git a/src/wps/wps_defs.h b/src/wps/wps_defs.h index ddaeda56d..d19f66e23 100644 --- a/src/wps/wps_defs.h +++ b/src/wps/wps_defs.h @@ -153,7 +153,9 @@ enum { WFA_ELEM_REQUEST_TO_ENROLL = 0x03, WFA_ELEM_SETTINGS_DELAY_TIME = 0x04, WFA_ELEM_REGISTRAR_CONFIGURATION_METHODS = 0x05, - WFA_ELEM_MULTI_AP = 0x06 + WFA_ELEM_MULTI_AP = 0x06, + WFA_ELEM_MULTI_AP_PROFILE = 0x07, + WFA_ELEM_MULTI_AP_8021Q = 0x08 }; /* Device Password ID */ diff --git a/src/wps/wps_enrollee.c b/src/wps/wps_enrollee.c index 819cd43f6..d0106e6d9 100644 --- a/src/wps/wps_enrollee.c +++ b/src/wps/wps_enrollee.c @@ -156,7 +156,9 @@ static struct wpabuf * wps_build_m1(struct wps_data *wps) wps_build_dev_password_id(msg, wps->dev_pw_id) || wps_build_config_error(msg, WPS_CFG_NO_ERROR) || wps_build_os_version(&wps->wps->dev, msg) || - wps_build_wfa_ext(msg, 0, NULL, 0, multi_ap_backhaul_sta) || + (multi_ap_backhaul_sta ? + wps_build_wfa_ext_multi_ap(msg, multi_ap_backhaul_sta, 0, 0) : + wps_build_wfa_ext(msg, 0, NULL, 0, 0)) || wps_build_vendor_ext_m1(&wps->wps->dev, msg)) { wpabuf_free(msg); return NULL; diff --git a/src/wps/wps_i.h b/src/wps/wps_i.h index 2cf22d4b7..527cfe06a 100644 --- a/src/wps/wps_i.h +++ b/src/wps/wps_i.h @@ -167,6 +167,8 @@ int wps_build_version(struct wpabuf *msg); int wps_build_wfa_ext(struct wpabuf *msg, int req_to_enroll, const u8 *auth_macs, size_t auth_macs_count, u8 multi_ap_subelem); +int wps_build_wfa_ext_multi_ap(struct wpabuf *msg, u8 multi_ap_subelem, + u8 profile, u16 vlan_id); int wps_build_msg_type(struct wpabuf *msg, enum wps_msg_type msg_type); int wps_build_enrollee_nonce(struct wps_data *wps, struct wpabuf *msg); int wps_build_registrar_nonce(struct wps_data *wps, struct wpabuf *msg); diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c index 9587293d0..43285cba0 100644 --- a/src/wps/wps_registrar.c +++ b/src/wps/wps_registrar.c @@ -220,6 +220,18 @@ struct wps_registrar { * multi_ap_backhaul_network_key in octets */ size_t multi_ap_backhaul_network_key_len; + + /** + * multi_ap_primary - This is parameter for + * Multi-AP Profile subelement + */ + int multi_ap_profile; + + /** + * multi_ap_primary_vlan_id - This is parameter for + * Default 8021Q Settings Subelement + */ + int multi_ap_primary_vlan_id; }; @@ -714,6 +726,8 @@ wps_registrar_init(struct wps_context *wps, reg->multi_ap_backhaul_network_key_len = cfg->multi_ap_backhaul_network_key_len; } + reg->multi_ap_profile = cfg->multi_ap_profile; + reg->multi_ap_primary_vlan_id = cfg->multi_ap_primary_vlan_id; if (wps_set_ie(reg)) { wps_registrar_deinit(reg); @@ -2064,7 +2078,11 @@ static struct wpabuf * wps_build_m6(struct wps_data *wps) static struct wpabuf * wps_build_m8(struct wps_data *wps) { + struct wps_registrar *reg = wps->wps->registrar; struct wpabuf *msg, *plain; + u8 multi_ap_ext = 0; + u8 profile = 0; + u16 vlan_id = 0; wpa_printf(MSG_DEBUG, "WPS: Building Message M8"); @@ -2078,6 +2096,14 @@ static struct wpabuf * wps_build_m8(struct wps_data *wps) return NULL; } + + if (wps->peer_dev.multi_ap_ext == MULTI_AP_BACKHAUL_STA) { + multi_ap_ext = MULTI_AP_BACKHAUL_BSS | + MULTI_AP_FRONTHAUL_BSS; + profile = reg->multi_ap_profile; + vlan_id = reg->multi_ap_primary_vlan_id; + } + if (wps_build_version(msg) || wps_build_msg_type(msg, WPS_M8) || wps_build_enrollee_nonce(wps, msg) || @@ -2085,7 +2111,9 @@ static struct wpabuf * wps_build_m8(struct wps_data *wps) (!wps->wps->ap && !wps->er && wps_build_ap_settings(wps, plain)) || wps_build_key_wrap_auth(wps, plain) || wps_build_encr_settings(wps, msg, plain) || - wps_build_wfa_ext(msg, 0, NULL, 0, 0) || + (multi_ap_ext ? + wps_build_wfa_ext_multi_ap(msg, multi_ap_ext, profile, vlan_id) : + wps_build_wfa_ext(msg, 0, NULL, 0, 0)) || wps_build_authenticator(wps, msg)) { wpabuf_clear_free(plain); wpabuf_clear_free(msg); @@ -3663,7 +3691,9 @@ int wps_registrar_update_multi_ap(struct wps_registrar *reg, const u8 *multi_ap_backhaul_ssid, size_t multi_ap_backhaul_ssid_len, const u8 *multi_ap_backhaul_network_key, - size_t multi_ap_backhaul_network_key_len) + size_t multi_ap_backhaul_network_key_len, + u8 multi_ap_profile, + u16 multi_ap_primary_vlan_id) { if (multi_ap_backhaul_ssid) { os_memcpy(reg->multi_ap_backhaul_ssid, @@ -3683,6 +3713,8 @@ int wps_registrar_update_multi_ap(struct wps_registrar *reg, reg->multi_ap_backhaul_network_key_len = multi_ap_backhaul_network_key_len; } + reg->multi_ap_profile = multi_ap_profile; + reg->multi_ap_primary_vlan_id = multi_ap_primary_vlan_id; return 0; } From patchwork Fri Oct 22 09:26:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stanislaw Gruszka X-Patchwork-Id: 1544867 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=DS2ToOQp; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=wp.pl header.i=@wp.pl header.a=rsa-sha256 header.s=1024a header.b=lVXhmn3M; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HbKTn0SNBz9sRN for ; Fri, 22 Oct 2021 20:55:25 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=A5jXQIGRDvf20Cg1dHHbrVAj2m63eNUVR9OSy5qTWHE=; b=DS2ToOQp8VrHUO vLP11Qxpnk/3o+Ov+m4vQJXHLG5bfzpl0iWhcqgxZUXc41fngo1Kc4vHTsDzvosTPx80pikfvYR5R IXXAIMuvverERPzaVXHFhtCilfpCT7DMdS1aysXTF1Qxz3z4hLHDro1HCAKE8XvIfBPvqEdhc3mqo ZS4ohPr+4xwvtz3+DER/YJ0i7q4jV51fSHWOqiNAY8e/FVcdv4n+HJypiBZE2sFC7uhFa5BV5h82+ raeRtYBAub58tA3a5Gm1EoS/WLV6ZnOEk2WfNJ+vKFfHlSBu1wUWWXeHls3w519MRGdMwgZcehe8o Lb3HC+75S3QpfIUpWxXQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mdrFj-00ASeD-IL; Fri, 22 Oct 2021 09:54:19 +0000 Received: from mx4.wp.pl ([212.77.101.12]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mdqpG-00AMmx-M9 for hostap@lists.infradead.org; Fri, 22 Oct 2021 09:27:00 +0000 Received: (wp-smtpd smtp.wp.pl 4743 invoked from network); 22 Oct 2021 11:26:49 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wp.pl; s=1024a; t=1634894809; bh=PgGgW/qsgxcHaVuSKDn2FaTm29ic2W5QEBaXB8Je/AM=; h=From:To:Subject; b=lVXhmn3MtZOFo66TVpHKGQY4IccsP2CUi2tpTxoQV1WUEbWJ7Z8YYKHbJokaag6hQ 04vD/ALbCsQhQt9zTKAbxi5FYPJWQsfRwC+r2rWx9jLg5MmkdUJVF8PEf192EL6Bor cHN7J+JB9wPv3NEj0owRlXNWOF9JBl30PsRA6qdY= Received: from ip4-46-39-164-204.cust.nbox.cz (HELO localhost) (stf_xl@wp.pl@[46.39.164.204]) (envelope-sender ) by smtp.wp.pl (WP-SMTPD) with ECDHE-RSA-AES256-GCM-SHA384 encrypted SMTP for ; 22 Oct 2021 11:26:49 +0200 From: Stanislaw Gruszka To: hostap@lists.infradead.org Subject: [PATCH 2/2] Basic support for Multi-AP Profile 2 - Assoc changes Date: Fri, 22 Oct 2021 11:26:46 +0200 Message-Id: <20211022092646.10016-2-stf_xl@wp.pl> X-Mailer: git-send-email 2.25.4 In-Reply-To: <20211022092646.10016-1-stf_xl@wp.pl> References: <20211022092646.10016-1-stf_xl@wp.pl> MIME-Version: 1.0 X-WP-MailID: a43c1df3cda4146cad81b3c7ba94aa17 X-WP-AV: skaner antywirusowy Poczty Wirtualnej Polski X-WP-SPAM: NO 0000001 [0ZLB] X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20211022_022659_004554_BAD1A01B X-CRM114-Status: GOOD ( 16.04 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Patch adds basic support for additional Multi-AP Profile 2 subelements in (Re)Assoc Request/Response frames. TODO: passing values via wla_cli and handle 'Profile-1/2 Backhaul STA association disallowed' bits. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [212.77.101.12 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [212.77.101.12 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [stf_xl[at]wp.pl] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Mailman-Approved-At: Fri, 22 Oct 2021 02:54:17 -0700 X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Patch adds basic support for additional Multi-AP Profile 2 subelements in (Re)Assoc Request/Response frames. TODO: passing values via wla_cli and handle 'Profile-1/2 Backhaul STA association disallowed' bits. Signed-off-by: Stanislaw Gruszka --- src/ap/ieee802_11.c | 8 +++++++- src/common/ieee802_11_common.c | 27 ++++++++++++++++++++++++--- src/common/ieee802_11_common.h | 2 +- src/common/ieee802_11_defs.h | 6 ++++++ wpa_supplicant/events.c | 14 +++++++++++++- wpa_supplicant/sme.c | 15 +++++++++------ wpa_supplicant/wpa_supplicant.c | 4 +++- wpa_supplicant/wpa_supplicant_i.h | 2 ++ 8 files changed, 65 insertions(+), 13 deletions(-) diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index 71fbefc8e..aeadf38b6 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -91,6 +91,8 @@ static void handle_auth(struct hostapd_data *hapd, u8 * hostapd_eid_multi_ap(struct hostapd_data *hapd, u8 *eid) { u8 multi_ap_val = 0; + u16 vlan_id = 0; + u8 profile = 1; if (!hapd->conf->multi_ap) return eid; @@ -98,8 +100,12 @@ u8 * hostapd_eid_multi_ap(struct hostapd_data *hapd, u8 *eid) multi_ap_val |= MULTI_AP_BACKHAUL_BSS; if (hapd->conf->multi_ap & FRONTHAUL_BSS) multi_ap_val |= MULTI_AP_FRONTHAUL_BSS; + if (hapd->conf->multi_ap_profile > 1) { + profile = hapd->conf->multi_ap_profile; + vlan_id = hapd->conf->multi_ap_primary_vlan_id; + } - return eid + add_multi_ap_ie(eid, 9, multi_ap_val); + return eid + add_multi_ap_ie(eid, 16, multi_ap_val, profile, vlan_id); } diff --git a/src/common/ieee802_11_common.c b/src/common/ieee802_11_common.c index 5b74ddcdf..87daacc47 100644 --- a/src/common/ieee802_11_common.c +++ b/src/common/ieee802_11_common.c @@ -2053,22 +2053,43 @@ size_t mbo_add_ie(u8 *buf, size_t len, const u8 *attr, size_t attr_len) } -size_t add_multi_ap_ie(u8 *buf, size_t len, u8 value) +size_t add_multi_ap_ie(u8 *buf, size_t len, u8 value, u8 profile, u16 vlan_id) { + int ie_len = 9; u8 *pos = buf; - if (len < 9) + if (profile > 1) { + ie_len += 3; + if (vlan_id) + ie_len += 4; + } + + if (len < ie_len) return 0; *pos++ = WLAN_EID_VENDOR_SPECIFIC; - *pos++ = 7; /* len */ + *pos++ = ie_len - 2; /* len */ WPA_PUT_BE24(pos, OUI_WFA); pos += 3; *pos++ = MULTI_AP_OUI_TYPE; + *pos++ = MULTI_AP_SUB_ELEM_TYPE; *pos++ = 1; /* len */ *pos++ = value; + if (profile > 1) { + *pos++ = MULTI_AP_SUB_ELEM_PROFILE; + *pos++ = 1; /* len */ + *pos++ = profile; + + if (vlan_id) { + *pos++ = MULTI_AP_SUB_ELEM_8021Q; + *pos++ = 2; /* len */ + WPA_PUT_LE16(pos, vlan_id); + pos += 2; + } + } + return pos - buf; } diff --git a/src/common/ieee802_11_common.h b/src/common/ieee802_11_common.h index e4e4c613e..c2c16903a 100644 --- a/src/common/ieee802_11_common.h +++ b/src/common/ieee802_11_common.h @@ -250,7 +250,7 @@ const u8 * get_vendor_ie(const u8 *ies, size_t len, u32 vendor_type); size_t mbo_add_ie(u8 *buf, size_t len, const u8 *attr, size_t attr_len); -size_t add_multi_ap_ie(u8 *buf, size_t len, u8 value); +size_t add_multi_ap_ie(u8 *buf, size_t len, u8 value, u8 profile, u16 vlan_id); struct country_op_class { u8 country_op_class; diff --git a/src/common/ieee802_11_defs.h b/src/common/ieee802_11_defs.h index 24dbfa8bd..2e59ba729 100644 --- a/src/common/ieee802_11_defs.h +++ b/src/common/ieee802_11_defs.h @@ -1372,6 +1372,12 @@ struct ieee80211_ampe_ie { #define MULTI_AP_BACKHAUL_BSS BIT(6) #define MULTI_AP_BACKHAUL_STA BIT(7) +#define MULTI_AP_SUB_ELEM_PROFILE 0x07 +#define MULTI_AP_PROFILE_1 0x01 +#define MULTI_AP_PROFILE_2 0x02 + +#define MULTI_AP_SUB_ELEM_8021Q 0x08 + #define WMM_OUI_TYPE 2 #define WMM_OUI_SUBTYPE_INFORMATION_ELEMENT 0 #define WMM_OUI_SUBTYPE_PARAMETER_ELEMENT 1 diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 878d9bc74..bb88144b2 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -2576,10 +2576,12 @@ static void multi_ap_process_assoc_resp(struct wpa_supplicant *wpa_s, const u8 *ies, size_t ies_len) { struct ieee802_11_elems elems; - const u8 *map_sub_elem, *pos; + const u8 *map_sub_elem, *map_profile, *map_8021q, *pos; size_t len; wpa_s->multi_ap_ie = 0; + wpa_s->multi_ap_profile = 0; + wpa_s->multi_ap_primary_vlan_id = 0; if (!ies || ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed || @@ -2597,6 +2599,16 @@ static void multi_ap_process_assoc_resp(struct wpa_supplicant *wpa_s, wpa_s->multi_ap_fronthaul = !!(map_sub_elem[2] & MULTI_AP_FRONTHAUL_BSS); wpa_s->multi_ap_ie = 1; + + map_profile = get_ie(pos, len, MULTI_AP_SUB_ELEM_PROFILE); + if (!map_profile || map_profile[1] < 1) + return; + wpa_s->multi_ap_profile = map_profile[2]; + + map_8021q = get_ie(pos, len, MULTI_AP_SUB_ELEM_8021Q); + if (!map_8021q || map_8021q[1] < 2) + return; + wpa_s->multi_ap_primary_vlan_id = WPA_GET_LE16(map_8021q + 2); } diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index f2c42ff35..786536d4b 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -1929,12 +1929,15 @@ mscs_fail: if (ssid && ssid->multi_ap_backhaul_sta) { size_t multi_ap_ie_len; - - multi_ap_ie_len = add_multi_ap_ie( - wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, - sizeof(wpa_s->sme.assoc_req_ie) - - wpa_s->sme.assoc_req_ie_len, - MULTI_AP_BACKHAUL_STA); + u8 profile = ssid->multi_ap_backhaul_sta; + u8 *buf = wpa_s->sme.assoc_req_ie + + wpa_s->sme.assoc_req_ie_len; + int len = sizeof(wpa_s->sme.assoc_req_ie) - + wpa_s->sme.assoc_req_ie_len; + + multi_ap_ie_len = add_multi_ap_ie(buf, len, + MULTI_AP_BACKHAUL_STA, + profile, 0); if (multi_ap_ie_len == 0) { wpa_printf(MSG_ERROR, "Multi-AP: Failed to build Multi-AP IE"); diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 0f9db267f..42ab212c5 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -3342,10 +3342,12 @@ mscs_end: if (ssid->multi_ap_backhaul_sta) { size_t multi_ap_ie_len; + u8 profile = ssid->multi_ap_backhaul_sta; multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len, max_wpa_ie_len - wpa_ie_len, - MULTI_AP_BACKHAUL_STA); + MULTI_AP_BACKHAUL_STA, + profile, 0); if (multi_ap_ie_len == 0) { wpa_printf(MSG_ERROR, "Multi-AP: Failed to build Multi-AP IE"); diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h index cbc955159..4cbd609c3 100644 --- a/wpa_supplicant/wpa_supplicant_i.h +++ b/wpa_supplicant/wpa_supplicant_i.h @@ -1498,6 +1498,8 @@ struct wpa_supplicant { unsigned int multi_ap_ie:1; unsigned int multi_ap_backhaul:1; unsigned int multi_ap_fronthaul:1; + u8 multi_ap_profile; + u16 multi_ap_primary_vlan_id; struct robust_av_data robust_av; bool mscs_setup_done;