diff options
| author | yeshwanth sriram guntuka <ysriramg@codeaurora.org> | 2017-09-04 13:25:29 +0530 |
|---|---|---|
| committer | snandini <snandini@codeaurora.org> | 2017-09-07 05:41:39 -0700 |
| commit | 11f3367eccebf57e57174227c04d143d2a61baaf (patch) | |
| tree | 192f18bb16e2d8c8139e1b37801acf6150b79347 | |
| parent | 5cf1d38b59636308f366ac93fdb52f6aa422d8e9 (diff) | |
qcacld-2.0: Set length of challenge text sent by SAP to 128
SIR_MAC_AUTH_CHALLENGE_LENGTH is updated to 253 from
128 as per IEEE spec due to connection fails between
DUT-SAP and old ref-STA. Auth failure occurs as encrypted
data sent by ref-STA is only 128 bytes instead of 253
bytes.
Fix is to set length of challenge text sent by SAP
to 128 bytes.
Change-Id: I81409bb58ad34e469c54e2909f45b8a6826eb06a
CRs-Fixed: 2103899
| -rw-r--r-- | CORE/MAC/inc/sirMacProtDef.h | 1 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limProcessAuthFrame.c | 14 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limSecurityUtils.h | 5 | ||||
| -rw-r--r-- | CORE/MAC/src/pe/lim/limSendManagementFrames.c | 7 |
4 files changed, 17 insertions, 10 deletions
diff --git a/CORE/MAC/inc/sirMacProtDef.h b/CORE/MAC/inc/sirMacProtDef.h index a9b4a84ede87..076d6d2e137d 100644 --- a/CORE/MAC/inc/sirMacProtDef.h +++ b/CORE/MAC/inc/sirMacProtDef.h @@ -595,6 +595,7 @@ #define SIR_MAC_MAX_NUM_OF_DEFAULT_KEYS 4 #define SIR_MAC_KEY_LENGTH 13 // WEP Maximum key length size #define SIR_MAC_AUTH_CHALLENGE_LENGTH 253 +#define SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH 128 #define SIR_MAC_WEP_IV_LENGTH 4 #define SIR_MAC_WEP_ICV_LENGTH 4 #define SIR_MAC_CHALLENGE_ID_LEN 2 diff --git a/CORE/MAC/src/pe/lim/limProcessAuthFrame.c b/CORE/MAC/src/pe/lim/limProcessAuthFrame.c index 5b3b7bd0ee6c..f0e295693688 100644 --- a/CORE/MAC/src/pe/lim/limProcessAuthFrame.c +++ b/CORE/MAC/src/pe/lim/limProcessAuthFrame.c @@ -228,7 +228,7 @@ limProcessAuthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession pse goto free; } - challengeTextArray = vos_mem_malloc(SIR_MAC_AUTH_CHALLENGE_LENGTH); + challengeTextArray = vos_mem_malloc(SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH); if(!challengeTextArray) { limLog(pMac, LOGE, FL("failed to allocate memory")); goto free; @@ -237,7 +237,7 @@ limProcessAuthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession pse vos_mem_set(rxAuthFrame, sizeof(tSirMacAuthFrameBody), 0); vos_mem_set(authFrame, sizeof(tSirMacAuthFrameBody), 0); vos_mem_set(plainBody, LIM_ENCR_AUTH_BODY_LEN, 0); - vos_mem_set(challengeTextArray, SIR_MAC_AUTH_CHALLENGE_LENGTH, 0); + vos_mem_set(challengeTextArray, SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH, 0); /// Determine if WEP bit is set in the FC or received MAC header if (pHdr->fc.wep) @@ -290,7 +290,7 @@ limProcessAuthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession pse goto free; } - if (frameLen < LIM_ENCR_AUTH_BODY_LEN) + if (frameLen < LIM_ENCR_AUTH_BODY_LEN_SAP) { // Log error limLog(pMac, LOGE, @@ -972,7 +972,7 @@ limProcessAuthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession pse /* * get random bytes and use as challenge text */ - if( !VOS_IS_STATUS_SUCCESS( vos_rand_get_bytes( 0, (tANI_U8 *)challengeTextArray, SIR_MAC_AUTH_CHALLENGE_LENGTH ) ) ) + if( !VOS_IS_STATUS_SUCCESS( vos_rand_get_bytes( 0, (tANI_U8 *)challengeTextArray, SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH ) ) ) { limLog(pMac, LOGE,FL("Challenge text preparation failed in limProcessAuthFrame")); goto free; @@ -995,10 +995,10 @@ limProcessAuthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession pse authFrame->authStatusCode = eSIR_MAC_SUCCESS_STATUS; authFrame->type = SIR_MAC_CHALLENGE_TEXT_EID; - authFrame->length = SIR_MAC_AUTH_CHALLENGE_LENGTH; + authFrame->length = SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH; vos_mem_copy(authFrame->challengeText, pAuthNode->challengeText, - SIR_MAC_AUTH_CHALLENGE_LENGTH); + SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH); limSendAuthMgmtFrame( pMac, authFrame, @@ -1572,7 +1572,7 @@ limProcessAuthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession pse if (vos_mem_compare(pRxAuthFrameBody->challengeText, pAuthNode->challengeText, - SIR_MAC_AUTH_CHALLENGE_LENGTH)) + SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH)) { /// Challenge match. STA is autheticated ! diff --git a/CORE/MAC/src/pe/lim/limSecurityUtils.h b/CORE/MAC/src/pe/lim/limSecurityUtils.h index 627f1d1e2eb2..4591343ababf 100644 --- a/CORE/MAC/src/pe/lim/limSecurityUtils.h +++ b/CORE/MAC/src/pe/lim/limSecurityUtils.h @@ -48,6 +48,11 @@ SIR_MAC_WEP_ICV_LENGTH + \ SIR_MAC_CHALLENGE_ID_LEN) +#define LIM_ENCR_AUTH_BODY_LEN_SAP (SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH + \ + SIR_MAC_CHALLENGE_ID_LEN + \ + SIR_MAC_AUTH_FRAME_INFO_LEN + \ + SIR_MAC_WEP_IV_LENGTH + \ + SIR_MAC_WEP_ICV_LENGTH) struct tLimPreAuthNode; tANI_U8 limIsAuthAlgoSupported(tpAniSirGlobal, tAniAuthType, tpPESession); diff --git a/CORE/MAC/src/pe/lim/limSendManagementFrames.c b/CORE/MAC/src/pe/lim/limSendManagementFrames.c index f7355d496b0d..935747d7e846 100644 --- a/CORE/MAC/src/pe/lim/limSendManagementFrames.c +++ b/CORE/MAC/src/pe/lim/limSendManagementFrames.c @@ -3585,10 +3585,11 @@ limSendAuthMgmtFrame(tpAniSirGlobal pMac, * transaction number, status code and 128 bytes * for challenge text. */ - + bodyLen = SIR_MAC_AUTH_FRAME_INFO_LEN + + SIR_MAC_SAP_AUTH_CHALLENGE_LENGTH + + SIR_MAC_CHALLENGE_ID_LEN; frameLen = sizeof(tSirMacMgmtHdr) + - sizeof(tSirMacAuthFrame); - bodyLen = sizeof(tSirMacAuthFrameBody); + bodyLen; } break; |