[PATCH 3/4] WPA: Support deriving KDK based on capabilities
Peer, Ilan
ilan.peer at intel.com
Wed Jan 27 02:39:18 EST 2021
Hi,
> -----Original Message-----
> From: Jouni Malinen <j at w1.fi>
> Sent: Tuesday, January 26, 2021 23:43
> To: Peer, Ilan <ilan.peer at intel.com>
> Cc: hostap at lists.infradead.org
> Subject: Re: [PATCH 3/4] WPA: Support deriving KDK based on capabilities
>
> On Wed, Dec 16, 2020 at 01:01:39PM +0200, Ilan Peer wrote:
> > diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c @@ -603,11
> > +603,19 @@ static int wpa_derive_ptk(struct wpa_sm *sm, const unsigned
> > char *src_addr,
> > + if (sm->force_kdk_derivation ||
> > + (sm->secure_ltf && sm->ap_rsnxe && sm->ap_rsnxe_len >= 4 &&
> > + sm->ap_rsnxe[3] & WLAN_RSNX_CAPAB_SECURE_LTF))
>
> There were number of issues like this one where
> WLAN_RSNX_CAPAB_SECURE_LTF is assumed to be the specific bit instead
> of bit index.. I fixed these and ended up using full capability offset from the
> beginning rather than start from zero for the second octet to make this look a
> bit more readable. I also changed the RSNXE generation functions to build a
> local u16 capab first to make that easier to read and extend. It would likely
> make sense to add a helper function for checking whether a specific
> extended capability bit is set (similarly to
> ieee802_11_ext_capab()) to clean up these parsing cases a bit more.
>
Sure. I'll add this together with the comeback fixes.
> All four patches applied with some cleanup and fixes.
Thanks,
Ilan.
More information about the Hostap
mailing list