Proximity Ranging parameters present in PASN request frame need to be
validated. This validation is done be comparing the capabilities
present in PASN frames with the capabilities advertised in USD, if the
proposed role is not feasible then the PASN is deemed to be failure.
Signed-off-by: Peddolla Harshavardhan Reddy <peddolla@xxxxxxxxxxxxxxxx>
---
src/common/proximity_ranging.c | 92 ++++++++++++++++++++++++++++++++++
1 file changed, 92 insertions(+)
diff --git a/src/common/proximity_ranging.c b/src/common/proximity_ranging.c
index f2e7dbf60..3d2c90222 100644
--- a/src/common/proximity_ranging.c
+++ b/src/common/proximity_ranging.c
@@ -1299,6 +1299,92 @@ static int pr_pasn_initialize(struct pr_data *pr, struct pr_device *dev,
}
+static int pr_validate_pasn_request(struct pr_data *pr, struct pr_device *dev,
+ u8 auth_mode, u8 ranging_role,
+ u8 ranging_type)
+{
+ if (!ranging_role || !ranging_type)
+ return -1;
+
+ if (auth_mode == PR_PASN_AUTH_MODE_PASN) {
+ if (!(pr->cfg->pasn_type & 0x5) ||
+ !(dev->pr_caps.pasn_type & 0x5)) {
+ wpa_printf(MSG_DEBUG, "Dev/Peer doesn't support PASN-UNAUTH");
+ return -1;
+ }
+ } else if (auth_mode == PR_PASN_AUTH_MODE_PMK ||
+ auth_mode == PR_PASN_AUTH_MODE_SAE) {
+ if (!(pr->cfg->pasn_type & 0xa) ||
+ !(dev->pr_caps.pasn_type & 0xa)) {
+ wpa_printf(MSG_DEBUG, "Dev/Peer doesn't support PASN-SAE/PMK");
+ return -1;
+ }
+ }
+
+ if (ranging_type == PR_NTB_SECURE_LTF_BASED_RANGING ||
+ ranging_type == PR_NTB_OPEN_BASED_RANGING) {
+ if (ranging_type == PR_NTB_SECURE_LTF_BASED_RANGING &&
+ (!pr->cfg->secure_he_ltf || !dev->ntb_caps.secure_he_ltf)) {
+ wpa_printf(MSG_DEBUG, "Dev/Peer doesn't support HE-LTF");
+ return -1;
+ }
+
+ if (ranging_role == PR_ISTA_SUPPORT &&
+ !pr->cfg->ntb_ista_support) {
+ wpa_printf(MSG_DEBUG, "Device doesn't support NTB ISTA role");
+ return -1;
+ } else if (ranging_role == PR_RSTA_SUPPORT &&
+ !pr->cfg->ntb_rsta_support) {
+ wpa_printf(MSG_DEBUG, "Device doesn't support NTB RSTA role");
+ return -1;
+ }
+
+ if (ranging_role == PR_ISTA_SUPPORT &&
+ !dev->ntb_caps.rsta_support &&
+ !pr->cfg->ntb_rsta_support) {
+ wpa_printf(MSG_DEBUG, "Device and Peer doesn't support NTB RSTA role,"
+ " No possiblity for Negotiation update");
+ return -1;
+ }
+
+ if (ranging_role == PR_RSTA_SUPPORT &&
+ !dev->ntb_caps.ista_support &&
+ !pr->cfg->ntb_ista_support) {
+ wpa_printf(MSG_DEBUG, "Device and Peer doesn't support NTB ISTA role,"
+ " No possiblity for Negotiation update");
+ return -1;
+ }
+ } else if (ranging_type == PR_EDCA_BASED_RANGING) {
+ if (ranging_role == PR_ISTA_SUPPORT &&
+ !pr->cfg->edca_ista_support) {
+ wpa_printf(MSG_DEBUG, "Device doesn't support EDCA ISTA role");
+ return -1;
+ } else if (ranging_role == PR_RSTA_SUPPORT &&
+ !pr->cfg->edca_rsta_support) {
+ wpa_printf(MSG_DEBUG, "Device doesn't support EDCA RSTA role");
+ return -1;
+ }
+
+ if (ranging_role == PR_ISTA_SUPPORT &&
+ !dev->edca_caps.rsta_support &&
+ !pr->cfg->edca_rsta_support) {
+ wpa_printf(MSG_DEBUG, "Device and Peer doesn't support EDCA RSTA role,"
+ " No possiblity for Negotiation update");
+ return -1;
+ }
+
+ if (ranging_role == PR_RSTA_SUPPORT &&
+ !dev->edca_caps.ista_support &&
+ !pr->cfg->edca_ista_support) {
+ wpa_printf(MSG_DEBUG, "Device and Peer doesn't support EDCA ISTA role,"
+ " No possiblity for Negotiation update");
+ return -1;
+ }
+ }
+ return 0;
+}
+
+
int pr_initiate_pasn_auth(struct pr_data *pr, const u8 *addr, int freq,
u8 auth_mode, u8 ranging_role, u8 ranging_type,
int forced_pr_freq)
@@ -1320,6 +1406,12 @@ int pr_initiate_pasn_auth(struct pr_data *pr, const u8 *addr, int freq,
return -1;
}
+ if (pr_validate_pasn_request(pr, dev, auth_mode, ranging_role,
+ ranging_type) < 0) {
+ wpa_printf(MSG_ERROR, "PR PASN: Invalid params to initiate Authentication");
+ return -1;
+ }
+
if (freq == 0)
freq = dev->listen_freq;
--
2.34.1
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
