Skip to content

Commit

Permalink
Merge branch 'bugfix/supplicant_disconnect_process_v5.0' into 'releas…
Browse files Browse the repository at this point in the history 
…e/v5.0'

esp_wifi: Fix bug in esp_wifi_deauthenticate_internal() & wpa_supplicant: Add parameter to configure reason code of deauth frame (Backport v5.0)

See merge request espressif/esp-idf!29624
  • Loading branch information
@jack0c
jack0c committed May 21, 2024
2 parents b0173a1 + 9efdcd5 commit eaef526
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 12 deletions.
2 changes: 1 addition & 1 deletion components/esp_wifi/lib
Submodule lib updated 38 files
+ esp32/libcoexist.a
+ esp32/libcore.a
+ esp32/libespnow.a
+ esp32/libmesh.a
+ esp32/libnet80211.a
+ esp32/libpp.a
+ esp32/libsmartconfig.a
+ esp32/libwapi.a
+ esp32c2/libcoexist.a
+ esp32c2/libcore.a
+ esp32c2/libespnow.a
+ esp32c2/libnet80211.a
+ esp32c2/libpp.a
+ esp32c2/libsmartconfig.a
+ esp32c3/libcoexist.a
+ esp32c3/libcore.a
+ esp32c3/libespnow.a
+ esp32c3/libmesh.a
+ esp32c3/libnet80211.a
+ esp32c3/libpp.a
+ esp32c3/libsmartconfig.a
+ esp32c3/libwapi.a
+ esp32s2/libcoexist.a
+ esp32s2/libcore.a
+ esp32s2/libespnow.a
+ esp32s2/libmesh.a
+ esp32s2/libnet80211.a
+ esp32s2/libpp.a
+ esp32s2/libsmartconfig.a
+ esp32s2/libwapi.a
+ esp32s3/libcoexist.a
+ esp32s3/libcore.a
+ esp32s3/libespnow.a
+ esp32s3/libmesh.a
+ esp32s3/libnet80211.a
+ esp32s3/libpp.a
+ esp32s3/libsmartconfig.a
+ esp32s3/libwapi.a
38 changes: 27 additions & 11 deletions components/wpa_supplicant/src/ap/wpa_auth.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,10 +197,10 @@ int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
}

static void wpa_sta_disconnect(struct wpa_authenticator *wpa_auth,
const u8 *addr)
const u8 *addr, u16 reason)
{
wpa_printf(MSG_DEBUG, "wpa_sta_disconnect STA " MACSTR, MAC2STR(addr));
esp_wifi_ap_deauth_internal((uint8_t*)addr, WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT);
esp_wifi_ap_deauth_internal((uint8_t*)addr, reason);
return;
}

Expand Down Expand Up @@ -736,7 +736,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *s
"collect more entropy for random number "
"generation");
random_mark_pool_ready();
wpa_sta_disconnect(wpa_auth, sm->addr);
wpa_sta_disconnect(wpa_auth, sm->addr,
WLAN_REASON_PREV_AUTH_NOT_VALID);
return;
}
if (wpa_parse_kde_ies((u8 *) (key + 1), key_data_length,
Expand All @@ -763,12 +764,14 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *s
wpa_hexdump(MSG_DEBUG, "WPA IE in msg 2/4",
eapol_key_ie, eapol_key_ie_len);
/* MLME-DEAUTHENTICATE.request */
wpa_sta_disconnect(wpa_auth, sm->addr);
wpa_sta_disconnect(wpa_auth, sm->addr,
WLAN_REASON_PREV_AUTH_NOT_VALID);
return;
}
#ifdef CONFIG_IEEE80211R_AP
if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) {
wpa_sta_disconnect(wpa_auth, sm->addr);
wpa_sta_disconnect(wpa_auth, sm->addr,
WLAN_REASON_PREV_AUTH_NOT_VALID);
return;
}
#endif /* CONFIG_IEEE80211R_AP */
Expand Down Expand Up @@ -802,6 +805,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *s
if (sm->PTK_valid && !sm->update_snonce) {
if (wpa_verify_key_mic(sm->wpa_key_mgmt, &sm->PTK, data,
data_len)) {
wpa_printf(MSG_INFO,
"received EAPOL-Key with invalid MIC");
return;
}
sm->MICVerified = TRUE;
Expand All @@ -815,6 +820,8 @@ void wpa_receive(struct wpa_authenticator *wpa_auth, struct wpa_state_machine *s
memcpy(sm->req_replay_counter, key->replay_counter,
WPA_REPLAY_COUNTER_LEN);
} else {
wpa_printf(MSG_INFO,
"received EAPOL-Key request with invalid MIC");
return;
}

Expand Down Expand Up @@ -1273,9 +1280,14 @@ SM_STATE(WPA_PTK, INITIALIZE)

SM_STATE(WPA_PTK, DISCONNECT)
{
u16 reason = sm->disconnect_reason;

SM_ENTRY_MA(WPA_PTK, DISCONNECT, wpa_ptk);
sm->Disconnect = FALSE;
wpa_sta_disconnect(sm->wpa_auth, sm->addr);
sm->disconnect_reason = 0;
if (!reason)
reason = WLAN_REASON_PREV_AUTH_NOT_VALID;
wpa_sta_disconnect(sm->wpa_auth, sm->addr, reason);
}


Expand Down Expand Up @@ -1345,7 +1357,7 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
if (os_get_random(sm->ANonce, WPA_NONCE_LEN)) {
wpa_printf( MSG_ERROR, "WPA: Failed to get random data for "
"ANonce.");
wpa_sta_disconnect(sm->wpa_auth, sm->addr);
sm->Disconnect = true;
return;
}
wpa_hexdump(MSG_DEBUG, "WPA: Assign ANonce", sm->ANonce,
Expand Down Expand Up @@ -1518,11 +1530,8 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
if (wpa_verify_key_mic(sm->wpa_key_mgmt, &PTK,
sm->last_rx_eapol_key,
sm->last_rx_eapol_key_len) == 0) {
wpa_printf( MSG_DEBUG, "mic verify ok, pmk=%p\n", pmk);
ok = 1;
break;
} else {
wpa_printf( MSG_DEBUG, "mic verify fail, pmk=%p\n", pmk);
}

if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)){
Expand All @@ -1532,6 +1541,7 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
}

if (!ok) {
wpa_printf(MSG_INFO, "invalid MIC in msg 2/4 of 4-Way Handshake");
return;
}

Expand Down Expand Up @@ -1792,7 +1802,8 @@ SM_STATE(WPA_PTK, PTKINITDONE)
int klen = wpa_cipher_key_len(sm->pairwise);
if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
sm->PTK.tk, klen)) {
wpa_sta_disconnect(sm->wpa_auth, sm->addr);
wpa_sta_disconnect(sm->wpa_auth, sm->addr,
WLAN_REASON_PREV_AUTH_NOT_VALID);
return;
}
/* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
Expand Down Expand Up @@ -1900,6 +1911,8 @@ SM_STEP(WPA_PTK)
SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING);
else if (sm->TimeoutCtr >
(int) dot11RSNAConfigPairwiseUpdateCount) {
sm->disconnect_reason =
WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT;
SM_ENTER(WPA_PTK, DISCONNECT);
} else if (sm->TimeoutEvt)
SM_ENTER(WPA_PTK, PTKSTART);
Expand All @@ -1924,6 +1937,8 @@ SM_STEP(WPA_PTK)
SM_ENTER(WPA_PTK, PTKINITDONE);
else if (sm->TimeoutCtr >
(int) dot11RSNAConfigPairwiseUpdateCount) {
sm->disconnect_reason =
WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT;
SM_ENTER(WPA_PTK, DISCONNECT);
} else if (sm->TimeoutEvt)
SM_ENTER(WPA_PTK, PTKINITNEGOTIATING);
Expand Down Expand Up @@ -2029,6 +2044,7 @@ SM_STATE(WPA_PTK_GROUP, KEYERROR)
sm->group->GKeyDoneStations--;
sm->GUpdateStationKeys = FALSE;
sm->Disconnect = TRUE;
sm->disconnect_reason = WLAN_REASON_GROUP_KEY_UPDATE_TIMEOUT;
}


Expand Down
1 change: 1 addition & 0 deletions components/wpa_supplicant/src/ap/wpa_auth_i.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ struct wpa_state_machine {
Boolean AuthenticationRequest;
Boolean ReAuthenticationRequest;
Boolean Disconnect;
u16 disconnect_reason; /* specific reason code to use with Disconnect */
int TimeoutCtr;
int GTimeoutCtr;
Boolean TimeoutEvt;
Expand Down

0 comments on commit eaef526

Please sign in to comment.