Merge branch 'feature/sae_pk_transition_disable_v5.0' into 'release/v…

…5.0' feat(esp_wifi): Add support for OWE and WPA3 Enterprise transition disable (Backport v5.0) See merge request espressif/esp-idf!31379
espressif · Jul 3, 2024 · a7e404d · a7e404d
2 parents 7d5cbec + b3fb479
commit a7e404d
Show file tree

Hide file tree

Showing 7 changed files with 35 additions and 10 deletions.
diff --git a/components/esp_wifi/lib b/components/esp_wifi/lib
diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h b/components/wpa_supplicant/esp_supplicant/src/esp_wifi_driver.h
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2019-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -139,7 +139,6 @@ struct wpa_funcs {
     void (*wpa_config_done)(void);
     uint8_t *(*owe_build_dhie)(uint16_t group);
     int (*owe_process_assoc_resp)(const u8 *rsn_ie, size_t rsn_len, const uint8_t *dh_ie, size_t dh_len);
-    int (*wpa_sta_set_ap_rsnxe)(const u8 *rsnxe, size_t rsnxe_ie_len);
 };
 
 struct wpa2_funcs {
@@ -284,7 +283,10 @@ bool esp_wifi_is_ft_enabled_internal(uint8_t if_index);
 uint8_t esp_wifi_sta_get_config_sae_pwe_h2e_internal(void);
 uint8_t esp_wifi_sta_get_use_h2e_internal(void);
 void esp_wifi_sta_disable_wpa2_authmode_internal(void);
+void esp_wifi_sta_disable_owe_trans_internal(void);
 uint8_t esp_wifi_ap_get_max_sta_conn(void);
 bool esp_wifi_eb_tx_status_success_internal(void *eb);
+uint8_t* esp_wifi_sta_get_rsnxe(u8 *bssid);
+esp_err_t esp_wifi_sta_connect_internal(const uint8_t *bssid);
 
 #endif /* _ESP_WIFI_DRIVER_H_ */
diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c b/components/wpa_supplicant/esp_supplicant/src/esp_wpa_main.c
@@ -213,7 +213,8 @@ int wpa_sta_connect(uint8_t *bssid)
         esp_set_assoc_ie((uint8_t *)bssid, NULL, 0, false);
     }
 
-    return 0;
+    ret = esp_wifi_sta_connect_internal(bssid);
+    return ret;
 }
 
 void wpa_config_done(void)
@@ -371,7 +372,6 @@ int esp_supplicant_init(void)
     wpa_cb->wpa_config_bss = NULL;//wpa_config_bss;
     wpa_cb->wpa_michael_mic_failure = wpa_michael_mic_failure;
     wpa_cb->wpa_config_done = wpa_config_done;
-    wpa_cb->wpa_sta_set_ap_rsnxe = wpa_sm_set_ap_rsnxe;
 
     esp_wifi_register_wpa3_cb(wpa_cb);
 #ifdef CONFIG_OWE_STA

diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c b/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.c
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2019-2021 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -93,12 +93,28 @@ int hostapd_send_eapol(const u8 *source, const u8 *sta_addr,
 
 }
 
-void wpa_supplicant_transition_disable(void *sm, u8 bitmap)
+static void disable_wpa_wpa2(void)
+{
+    esp_wifi_sta_disable_wpa2_authmode_internal();
+}
+
+void wpa_supplicant_transition_disable(struct wpa_sm *sm, u8 bitmap)
 {
     wpa_printf(MSG_INFO, "TRANSITION_DISABLE %02x", bitmap);
 
-    if (bitmap & TRANSITION_DISABLE_WPA3_PERSONAL) {
-        esp_wifi_sta_disable_wpa2_authmode_internal();
+    if  ((bitmap & TRANSITION_DISABLE_WPA3_PERSONAL) &&
+          wpa_key_mgmt_sae(sm->key_mgmt)) {
+        disable_wpa_wpa2();
+    }
+
+    if ((bitmap & TRANSITION_DISABLE_WPA3_ENTERPRISE) &&
+        wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) {
+        disable_wpa_wpa2();
+    }
+
+    if ((bitmap & TRANSITION_DISABLE_ENHANCED_OPEN) &&
+        wpa_key_mgmt_owe(sm->key_mgmt)) {
+        esp_wifi_sta_disable_owe_trans_internal();
     }
 }
 

diff --git a/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.h b/components/wpa_supplicant/esp_supplicant/src/esp_wpas_glue.h
@@ -31,7 +31,7 @@ void wpa_free_eapol(u8 *buffer);
 int wpa_ether_send(void *ctx, const u8 *dest, u16 proto,
                    const u8 *data, size_t data_len);
 
-void wpa_supplicant_transition_disable(void *sm, u8 bitmap);
+void wpa_supplicant_transition_disable(struct wpa_sm *sm, u8 bitmap);
 
 int hostapd_send_eapol(const u8 *source, const u8 *sta_addr,
 		       const u8 *data, size_t data_len);

diff --git a/components/wpa_supplicant/src/common/wpa_common.h b/components/wpa_supplicant/src/common/wpa_common.h
@@ -323,6 +323,8 @@ struct rsn_rdie {
 /* WFA Transition Disable KDE (using OUI_WFA) */
 /* Transition Disable Bitmap bits */
 #define TRANSITION_DISABLE_WPA3_PERSONAL BIT(0)
+#define TRANSITION_DISABLE_WPA3_ENTERPRISE BIT(2)
+#define TRANSITION_DISABLE_ENHANCED_OPEN BIT(3)
 
 #ifdef CONFIG_IEEE80211R
 int wpa_ft_mic(const u8 *kck, size_t kck_len, const u8 *sta_addr,

diff --git a/components/wpa_supplicant/src/rsn_supp/wpa.c b/components/wpa_supplicant/src/rsn_supp/wpa.c
@@ -2567,6 +2567,11 @@ int wpa_set_bss(char *macddr, char * bssid, u8 pairwise_cipher, u8 group_cipher,
     if (res < 0)
         return -1;
     sm->assoc_wpa_ie_len = res;
+
+    const u8 *rsnxe;
+    rsnxe = esp_wifi_sta_get_rsnxe((u8*)bssid);
+    wpa_sm_set_ap_rsnxe(rsnxe, rsnxe ? (rsnxe[1] + 2) : 0);
+
     res = wpa_gen_rsnxe(sm, assoc_rsnxe, assoc_rsnxe_len);
     if (res < 0)
         return -1;
+ −		esp32/libcoexist.a
+ −		esp32/libcore.a
+ −		esp32/libespnow.a
+ −		esp32/libmesh.a
+ −		esp32/libnet80211.a
+ −		esp32/libpp.a
+ −		esp32/libsmartconfig.a
+ −		esp32/libwapi.a
+ −		esp32c2/libcoexist.a
+ −		esp32c2/libcore.a
+ −		esp32c2/libespnow.a
+ −		esp32c2/libnet80211.a
+ −		esp32c2/libpp.a
+ −		esp32c2/libsmartconfig.a
+ −		esp32c3/libcoexist.a
+ −		esp32c3/libcore.a
+ −		esp32c3/libespnow.a
+ −		esp32c3/libmesh.a
+ −		esp32c3/libnet80211.a
+ −		esp32c3/libpp.a
+ −		esp32c3/libsmartconfig.a
+ −		esp32c3/libwapi.a
+ −		esp32s2/libcoexist.a
+ −		esp32s2/libcore.a
+ −		esp32s2/libespnow.a
+ −		esp32s2/libmesh.a
+ −		esp32s2/libnet80211.a
+ −		esp32s2/libpp.a
+ −		esp32s2/libsmartconfig.a
+ −		esp32s2/libwapi.a
+ −		esp32s3/libcoexist.a
+ −		esp32s3/libcore.a
+ −		esp32s3/libespnow.a
+ −		esp32s3/libmesh.a
+ −		esp32s3/libnet80211.a
+ −		esp32s3/libpp.a
+ −		esp32s3/libsmartconfig.a
+ −		esp32s3/libwapi.a