mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
wpa_supplicant: Add BTM security checks
This commit is contained in:
parent
bac4173161
commit
f6da49c3c9
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* SPDX-FileCopyrightText: 2020-2021 Espressif Systems (Shanghai) CO LTD
|
* SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
|
||||||
*
|
*
|
||||||
* SPDX-License-Identifier: Apache-2.0
|
* SPDX-License-Identifier: Apache-2.0
|
||||||
*/
|
*/
|
||||||
@ -23,7 +23,7 @@
|
|||||||
|
|
||||||
struct wpa_supplicant g_wpa_supp;
|
struct wpa_supplicant g_wpa_supp;
|
||||||
|
|
||||||
static void *s_supplicant_task_hdl = NULL;
|
static TaskHandle_t s_supplicant_task_hdl = NULL;
|
||||||
static void *s_supplicant_evt_queue = NULL;
|
static void *s_supplicant_evt_queue = NULL;
|
||||||
static void *s_supplicant_api_lock = NULL;
|
static void *s_supplicant_api_lock = NULL;
|
||||||
|
|
||||||
@ -218,6 +218,7 @@ static void supplicant_sta_disconn_handler(void* arg, esp_event_base_t event_bas
|
|||||||
if (wpa_s->current_bss) {
|
if (wpa_s->current_bss) {
|
||||||
wpa_s->current_bss = NULL;
|
wpa_s->current_bss = NULL;
|
||||||
}
|
}
|
||||||
|
clear_bssid_flag(wpa_s);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ieee80211_handle_rx_frm(u8 type, u8 *frame, size_t len, u8 *sender,
|
static int ieee80211_handle_rx_frm(u8 type, u8 *frame, size_t len, u8 *sender,
|
||||||
@ -262,18 +263,25 @@ int esp_supplicant_common_init(struct wpa_funcs *wpa_cb)
|
|||||||
struct wpa_supplicant *wpa_s = &g_wpa_supp;
|
struct wpa_supplicant *wpa_s = &g_wpa_supp;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
s_supplicant_evt_queue = xQueueCreate(3, sizeof(supplicant_event_t));
|
|
||||||
ret = xTaskCreate(btm_rrm_task, "btm_rrm_t", SUPPLICANT_TASK_STACK_SIZE, NULL, 2, s_supplicant_task_hdl);
|
|
||||||
if (ret != pdPASS) {
|
|
||||||
wpa_printf(MSG_ERROR, "btm: failed to create task");
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
s_supplicant_api_lock = xSemaphoreCreateRecursiveMutex();
|
s_supplicant_api_lock = xSemaphoreCreateRecursiveMutex();
|
||||||
if (!s_supplicant_api_lock) {
|
if (!s_supplicant_api_lock) {
|
||||||
esp_supplicant_common_deinit();
|
|
||||||
wpa_printf(MSG_ERROR, "%s: failed to create Supplicant API lock", __func__);
|
wpa_printf(MSG_ERROR, "%s: failed to create Supplicant API lock", __func__);
|
||||||
return ret;
|
ret = -1;
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
s_supplicant_evt_queue = xQueueCreate(3, sizeof(supplicant_event_t));
|
||||||
|
|
||||||
|
if (!s_supplicant_evt_queue) {
|
||||||
|
wpa_printf(MSG_ERROR, "%s: failed to create Supplicant event queue", __func__);
|
||||||
|
ret = -1;
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
ret = xTaskCreate(btm_rrm_task, "btm_rrm_t", SUPPLICANT_TASK_STACK_SIZE, NULL, 2, &s_supplicant_task_hdl);
|
||||||
|
if (ret != pdPASS) {
|
||||||
|
wpa_printf(MSG_ERROR, "btm: failed to create task");
|
||||||
|
ret = -1;
|
||||||
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
esp_scan_init(wpa_s);
|
esp_scan_init(wpa_s);
|
||||||
@ -298,6 +306,9 @@ int esp_supplicant_common_init(struct wpa_funcs *wpa_cb)
|
|||||||
wpa_cb->wpa_sta_profile_match = NULL;
|
wpa_cb->wpa_sta_profile_match = NULL;
|
||||||
#endif
|
#endif
|
||||||
return 0;
|
return 0;
|
||||||
|
err:
|
||||||
|
esp_supplicant_common_deinit();
|
||||||
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
void esp_supplicant_common_deinit(void)
|
void esp_supplicant_common_deinit(void)
|
||||||
@ -311,10 +322,19 @@ void esp_supplicant_common_deinit(void)
|
|||||||
&supplicant_sta_conn_handler);
|
&supplicant_sta_conn_handler);
|
||||||
esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_STA_DISCONNECTED,
|
esp_event_handler_unregister(WIFI_EVENT, WIFI_EVENT_STA_DISCONNECTED,
|
||||||
&supplicant_sta_disconn_handler);
|
&supplicant_sta_disconn_handler);
|
||||||
wpa_s->type = 0;
|
if (wpa_s->type) {
|
||||||
wpa_s->subtype = 0;
|
wpa_s->type = 0;
|
||||||
esp_wifi_register_mgmt_frame_internal(wpa_s->type, wpa_s->subtype);
|
esp_wifi_register_mgmt_frame_internal(wpa_s->type, wpa_s->subtype);
|
||||||
if (esp_supplicant_post_evt(SIG_SUPPLICANT_DEL_TASK, 0) != 0) {
|
}
|
||||||
|
if (!s_supplicant_task_hdl && esp_supplicant_post_evt(SIG_SUPPLICANT_DEL_TASK, 0) != 0) {
|
||||||
|
if (s_supplicant_evt_queue) {
|
||||||
|
vQueueDelete(s_supplicant_evt_queue);
|
||||||
|
s_supplicant_evt_queue = NULL;
|
||||||
|
}
|
||||||
|
if (s_supplicant_api_lock) {
|
||||||
|
vSemaphoreDelete(s_supplicant_api_lock);
|
||||||
|
s_supplicant_api_lock = NULL;
|
||||||
|
}
|
||||||
wpa_printf(MSG_ERROR, "failed to send task delete event");
|
wpa_printf(MSG_ERROR, "failed to send task delete event");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -594,6 +614,7 @@ int esp_supplicant_post_evt(uint32_t evt_id, uint32_t data)
|
|||||||
if (s_supplicant_api_lock) {
|
if (s_supplicant_api_lock) {
|
||||||
SUPPLICANT_API_LOCK();
|
SUPPLICANT_API_LOCK();
|
||||||
} else {
|
} else {
|
||||||
|
os_free(evt);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (xQueueSend(s_supplicant_evt_queue, &evt, 10 / portTICK_PERIOD_MS ) != pdPASS) {
|
if (xQueueSend(s_supplicant_evt_queue, &evt, 10 / portTICK_PERIOD_MS ) != pdPASS) {
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
#include "common/ieee802_11_defs.h"
|
#include "common/ieee802_11_defs.h"
|
||||||
|
|
||||||
#ifdef CONFIG_DPP
|
#ifdef CONFIG_DPP
|
||||||
static void *s_dpp_task_hdl = NULL;
|
static TaskHandle_t s_dpp_task_hdl = NULL;
|
||||||
static void *s_dpp_evt_queue = NULL;
|
static void *s_dpp_evt_queue = NULL;
|
||||||
static void *s_dpp_api_lock = NULL;
|
static void *s_dpp_api_lock = NULL;
|
||||||
|
|
||||||
@ -631,7 +631,7 @@ esp_err_t esp_supp_dpp_init(esp_supp_dpp_event_cb_t cb)
|
|||||||
|
|
||||||
s_dpp_stop_listening = false;
|
s_dpp_stop_listening = false;
|
||||||
s_dpp_evt_queue = xQueueCreate(3, sizeof(dpp_event_t));
|
s_dpp_evt_queue = xQueueCreate(3, sizeof(dpp_event_t));
|
||||||
ret = xTaskCreate(esp_dpp_task, "dppT", DPP_TASK_STACK_SIZE, NULL, 2, s_dpp_task_hdl);
|
ret = xTaskCreate(esp_dpp_task, "dppT", DPP_TASK_STACK_SIZE, NULL, 2, &s_dpp_task_hdl);
|
||||||
if (ret != pdPASS) {
|
if (ret != pdPASS) {
|
||||||
wpa_printf(MSG_ERROR, "DPP: failed to create task");
|
wpa_printf(MSG_ERROR, "DPP: failed to create task");
|
||||||
return ESP_FAIL;
|
return ESP_FAIL;
|
||||||
|
@ -64,7 +64,7 @@ static int wpa2_start_eapol_internal(void);
|
|||||||
int wpa2_post(uint32_t sig, uint32_t par);
|
int wpa2_post(uint32_t sig, uint32_t par);
|
||||||
|
|
||||||
#ifdef USE_WPA2_TASK
|
#ifdef USE_WPA2_TASK
|
||||||
static void *s_wpa2_task_hdl = NULL;
|
static TaskHandle_t s_wpa2_task_hdl = NULL;
|
||||||
static void *s_wpa2_queue = NULL;
|
static void *s_wpa2_queue = NULL;
|
||||||
static wpa2_state_t s_wpa2_state = WPA2_STATE_DISABLED;
|
static wpa2_state_t s_wpa2_state = WPA2_STATE_DISABLED;
|
||||||
static void *s_wpa2_api_lock = NULL;
|
static void *s_wpa2_api_lock = NULL;
|
||||||
@ -784,7 +784,7 @@ static int eap_peer_sm_init(void)
|
|||||||
gEapSm = sm;
|
gEapSm = sm;
|
||||||
#ifdef USE_WPA2_TASK
|
#ifdef USE_WPA2_TASK
|
||||||
s_wpa2_queue = xQueueCreate(SIG_WPA2_MAX, sizeof(s_wpa2_queue));
|
s_wpa2_queue = xQueueCreate(SIG_WPA2_MAX, sizeof(s_wpa2_queue));
|
||||||
ret = xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, 2, s_wpa2_task_hdl);
|
ret = xTaskCreate(wpa2_task, "wpa2T", WPA2_TASK_STACK_SIZE, NULL, 2, &s_wpa2_task_hdl);
|
||||||
if (ret != pdPASS) {
|
if (ret != pdPASS) {
|
||||||
wpa_printf(MSG_ERROR, "wps enable: failed to create task");
|
wpa_printf(MSG_ERROR, "wps enable: failed to create task");
|
||||||
ret = ESP_FAIL;
|
ret = ESP_FAIL;
|
||||||
|
@ -36,6 +36,10 @@ void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
|
|||||||
wpa_dbg(wpa_s, MSG_DEBUG, "Already scanning - Return");
|
wpa_dbg(wpa_s, MSG_DEBUG, "Already scanning - Return");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
if (!wpa_s->current_bss) {
|
||||||
|
wpa_dbg(wpa_s, MSG_INFO, "Current BSS is null - Return");
|
||||||
|
return;
|
||||||
|
}
|
||||||
params = os_zalloc(sizeof(*params));
|
params = os_zalloc(sizeof(*params));
|
||||||
|
|
||||||
if (!params) {
|
if (!params) {
|
||||||
|
@ -308,12 +308,15 @@ bool wpa_scan_res_match(struct wpa_supplicant *wpa_s,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* TODO security Match */
|
/* Just check for Open/secure mode */
|
||||||
|
if ((current_bss->caps & WLAN_CAPABILITY_PRIVACY) != (target_bss->caps & WLAN_CAPABILITY_PRIVACY)) {
|
||||||
|
wpa_printf(MSG_DEBUG, "WNM: Security didn't match");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static struct wpa_bss *
|
static struct wpa_bss *
|
||||||
compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs,
|
compare_scan_neighbor_results(struct wpa_supplicant *wpa_s, os_time_t age_secs,
|
||||||
enum mbo_transition_reject_reason *reason)
|
enum mbo_transition_reject_reason *reason)
|
||||||
|
Loading…
Reference in New Issue
Block a user