[PATCH v3 1/3] netdev: factor out scan_bss from CMD_CONNECT builder

[PATCH v3 1/3] netdev: factor out scan_bss from CMD_CONNECT builder

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 3767 bytes --]

In order to support OWE in the CMD_CONNECT path the scan_bss parameter
needs to be removed since this is lost after netdev_connect returns.
Nearly everything needed is also stored in the handshake except the
privacy capability which is now being mirrored in the netdev object
itself.
---
 src/netdev.c | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/src/netdev.c b/src/netdev.c
index a5d1b8ed..8592685c 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -181,6 +181,7 @@ struct netdev {
 	bool events_ready : 1;
 	bool retry_auth : 1;
 	bool in_reassoc : 1;
+	bool privacy : 1;
 };
 
 struct netdev_preauth_state {
@@ -788,6 +789,7 @@ static void netdev_connect_free(struct netdev *netdev)
 	netdev->ignore_connect_event = false;
 	netdev->expect_connect_failure = false;
 	netdev->cur_rssi_low = false;
+	netdev->privacy = false;
 
 	if (netdev->connect_cmd) {
 		l_genl_msg_unref(netdev->connect_cmd);
@@ -2901,7 +2903,6 @@ static void netdev_fils_tx_associate(struct iovec *fils_iov, size_t n_fils_iov,
 }
 
 static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev,
-						struct scan_bss *bss,
 						struct handshake_state *hs,
 						const uint8_t *prev_bssid,
 						const struct iovec *vendor_ies,
@@ -2924,10 +2925,9 @@ static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev,
 	msg = l_genl_msg_new_sized(NL80211_CMD_CONNECT, 512);
 	l_genl_msg_append_attr(msg, NL80211_ATTR_IFINDEX, 4, &netdev->index);
 	l_genl_msg_append_attr(msg, NL80211_ATTR_WIPHY_FREQ,
-						4, &bss->frequency);
-	l_genl_msg_append_attr(msg, NL80211_ATTR_MAC, ETH_ALEN, bss->addr);
-	l_genl_msg_append_attr(msg, NL80211_ATTR_SSID,
-						bss->ssid_len, bss->ssid);
+							4, &netdev->frequency);
+	l_genl_msg_append_attr(msg, NL80211_ATTR_MAC, ETH_ALEN, hs->aa);
+	l_genl_msg_append_attr(msg, NL80211_ATTR_SSID, hs->ssid_len, hs->ssid);
 	l_genl_msg_append_attr(msg, NL80211_ATTR_AUTH_TYPE, 4, &auth_type);
 
 	switch (nhs->type) {
@@ -2950,7 +2950,7 @@ static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev,
 		l_genl_msg_append_attr(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
 						prev_bssid);
 
-	if (bss->capability & IE_BSS_CAP_PRIVACY)
+	if (netdev->privacy)
 		l_genl_msg_append_attr(msg, NL80211_ATTR_PRIVACY, 0, NULL);
 
 	l_genl_msg_append_attr(msg, NL80211_ATTR_SOCKET_OWNER, 0, NULL);
@@ -3476,6 +3476,10 @@ static void netdev_connect_common(struct netdev *netdev,
 	bool is_rsn = hs->supplicant_ie != NULL;
 	const uint8_t *prev_bssid = prev_bss ? prev_bss->addr : NULL;
 
+	netdev->frequency = bss->frequency;
+	netdev->privacy = bss->capability & IE_BSS_CAP_PRIVACY;
+	handshake_state_set_authenticator_address(hs, bss->addr);
+
 	if (!is_rsn)
 		goto build_cmd_connect;
 
@@ -3519,8 +3523,8 @@ static void netdev_connect_common(struct netdev *netdev,
 		break;
 	default:
 build_cmd_connect:
-		cmd_connect = netdev_build_cmd_connect(netdev, bss, hs,
-					prev_bssid, vendor_ies, num_vendor_ies);
+		cmd_connect = netdev_build_cmd_connect(netdev, hs, prev_bssid,
+						vendor_ies, num_vendor_ies);
 
 		if (!is_offload(hs) && (is_rsn || hs->settings_8021x)) {
 			sm = eapol_sm_new(hs);
@@ -3536,13 +3540,10 @@ build_cmd_connect:
 	netdev->user_data = user_data;
 	netdev->handshake = hs;
 	netdev->sm = sm;
-	netdev->frequency = bss->frequency;
 	netdev->cur_rssi = bss->signal_strength / 100;
 	netdev_rssi_level_init(netdev);
 	netdev_cqm_rssi_update(netdev);
 
-	handshake_state_set_authenticator_address(hs, bss->addr);
-
 	if (!wiphy_has_ext_feature(netdev->wiphy,
 					NL80211_EXT_FEATURE_CAN_REPLACE_PTK0))
 		handshake_state_set_no_rekey(hs, true);
-- 
2.31.1

[PATCH v3 2/3] wsc: set ssid in handshake

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 694 bytes --]

netdev now assumes the SSID was set in the handshake (normally via
network_handshake_setup) but WSC calls netdev_connect directly so
it also should set the SSID.
---
 src/wsc.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/wsc.c b/src/wsc.c
index 4ab497d4..2618497a 100644
--- a/src/wsc.c
+++ b/src/wsc.c
@@ -356,6 +356,7 @@ static int wsc_enrollee_connect(struct wsc_enrollee *wsce, struct scan_bss *bss,
 
 	handshake_state_set_event_func(hs, wsc_enrollee_handshake_event, wsce);
 	handshake_state_set_8021x_config(hs, settings);
+	handshake_state_set_ssid(hs, bss->ssid, bss->ssid_len);
 	wsce->eap_settings = settings;
 
 	request.version2 = true;
-- 
2.31.1

[PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[James Prestwood]

[-- Attachment #1: Type: text/plain, Size: 26525 bytes --]

---
 src/netdev.c | 545 +++++++++++++++++++++++++++------------------------
 src/owe.c    | 148 ++------------
 src/owe.h    |  12 +-
 3 files changed, 312 insertions(+), 393 deletions(-)

v3:
 * Deauth if OWE AKM is not in associate response RSN IE
 * Remove owe_sm forward declaration from netdev.h

diff --git a/src/netdev.c b/src/netdev.c
index 8592685c..db304c0d 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -119,6 +119,7 @@ struct netdev {
 	void *user_data;
 	struct eapol_sm *sm;
 	struct auth_proto *ap;
+	struct owe_sm *owe_sm;
 	struct handshake_state *handshake;
 	uint32_t connect_cmd_id;
 	uint32_t disconnect_cmd_id;
@@ -752,6 +753,11 @@ static void netdev_connect_free(struct netdev *netdev)
 		netdev->ap = NULL;
 	}
 
+	if (netdev->owe_sm) {
+		owe_sm_free(netdev->owe_sm);
+		netdev->owe_sm = NULL;
+	}
+
 	eapol_preauth_cancel(netdev->index);
 
 	if (netdev->handshake) {
@@ -2094,6 +2100,228 @@ static void netdev_driver_connected(struct netdev *netdev)
 		eapol_register(netdev->sm);
 }
 
+static unsigned int ie_rsn_akm_suite_to_nl80211(enum ie_rsn_akm_suite akm)
+{
+	switch (akm) {
+	case IE_RSN_AKM_SUITE_8021X:
+		return CRYPTO_AKM_8021X;
+	case IE_RSN_AKM_SUITE_PSK:
+		return CRYPTO_AKM_PSK;
+	case IE_RSN_AKM_SUITE_FT_OVER_8021X:
+		return CRYPTO_AKM_FT_OVER_8021X;
+	case IE_RSN_AKM_SUITE_FT_USING_PSK:
+		return CRYPTO_AKM_FT_USING_PSK;
+	case IE_RSN_AKM_SUITE_8021X_SHA256:
+		return CRYPTO_AKM_8021X_SHA256;
+	case IE_RSN_AKM_SUITE_PSK_SHA256:
+		return CRYPTO_AKM_PSK_SHA256;
+	case IE_RSN_AKM_SUITE_TDLS:
+		return CRYPTO_AKM_TDLS;
+	case IE_RSN_AKM_SUITE_SAE_SHA256:
+		return CRYPTO_AKM_SAE_SHA256;
+	case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256:
+		return CRYPTO_AKM_FT_OVER_SAE_SHA256;
+	case IE_RSN_AKM_SUITE_AP_PEER_KEY_SHA256:
+		return CRYPTO_AKM_AP_PEER_KEY_SHA256;
+	case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA256:
+		return CRYPTO_AKM_8021X_SUITE_B_SHA256;
+	case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA384:
+		return CRYPTO_AKM_8021X_SUITE_B_SHA384;
+	case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
+		return CRYPTO_AKM_FT_OVER_8021X_SHA384;
+	case IE_RSN_AKM_SUITE_FILS_SHA256:
+		return CRYPTO_AKM_FILS_SHA256;
+	case IE_RSN_AKM_SUITE_FILS_SHA384:
+		return CRYPTO_AKM_FILS_SHA384;
+	case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256:
+		return CRYPTO_AKM_FT_OVER_FILS_SHA256;
+	case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384:
+		return CRYPTO_AKM_FT_OVER_FILS_SHA384;
+	case IE_RSN_AKM_SUITE_OWE:
+		return CRYPTO_AKM_OWE;
+	case IE_RSN_AKM_SUITE_OSEN:
+		return CRYPTO_AKM_OSEN;
+	}
+
+	return 0;
+}
+
+static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev,
+						struct handshake_state *hs,
+						const uint8_t *prev_bssid,
+						const struct iovec *vendor_ies,
+						size_t num_vendor_ies)
+{
+	struct netdev_handshake_state *nhs =
+		l_container_of(hs, struct netdev_handshake_state, super);
+	uint32_t auth_type = IE_AKM_IS_SAE(hs->akm_suite) ?
+					NL80211_AUTHTYPE_SAE :
+					NL80211_AUTHTYPE_OPEN_SYSTEM;
+	enum mpdu_management_subtype subtype = prev_bssid ?
+				MPDU_MANAGEMENT_SUBTYPE_REASSOCIATION_REQUEST :
+				MPDU_MANAGEMENT_SUBTYPE_ASSOCIATION_REQUEST;
+	struct l_genl_msg *msg;
+	struct iovec iov[64];
+	unsigned int n_iov = L_ARRAY_SIZE(iov);
+	unsigned int c_iov = 0;
+	bool is_rsn = hs->supplicant_ie != NULL;
+	uint8_t owe_dh_ie[5 + L_ECC_SCALAR_MAX_BYTES];
+	size_t dh_ie_len;
+
+	msg = l_genl_msg_new_sized(NL80211_CMD_CONNECT, 512);
+	l_genl_msg_append_attr(msg, NL80211_ATTR_IFINDEX, 4, &netdev->index);
+	l_genl_msg_append_attr(msg, NL80211_ATTR_WIPHY_FREQ,
+							4, &netdev->frequency);
+	l_genl_msg_append_attr(msg, NL80211_ATTR_MAC, ETH_ALEN, hs->aa);
+	l_genl_msg_append_attr(msg, NL80211_ATTR_SSID, hs->ssid_len, hs->ssid);
+	l_genl_msg_append_attr(msg, NL80211_ATTR_AUTH_TYPE, 4, &auth_type);
+
+	switch (nhs->type) {
+	case CONNECTION_TYPE_SOFTMAC:
+	case CONNECTION_TYPE_FULLMAC:
+		break;
+	case CONNECTION_TYPE_SAE_OFFLOAD:
+		l_genl_msg_append_attr(msg, NL80211_ATTR_SAE_PASSWORD,
+					strlen(hs->passphrase), hs->passphrase);
+		break;
+	case CONNECTION_TYPE_PSK_OFFLOAD:
+		l_genl_msg_append_attr(msg, NL80211_ATTR_PMK, 32, hs->pmk);
+		break;
+	case CONNECTION_TYPE_8021X_OFFLOAD:
+		l_genl_msg_append_attr(msg, NL80211_ATTR_WANT_1X_4WAY_HS,
+					0, NULL);
+	}
+
+	if (prev_bssid)
+		l_genl_msg_append_attr(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
+						prev_bssid);
+
+	if (netdev->privacy)
+		l_genl_msg_append_attr(msg, NL80211_ATTR_PRIVACY, 0, NULL);
+
+	l_genl_msg_append_attr(msg, NL80211_ATTR_SOCKET_OWNER, 0, NULL);
+
+	if (is_rsn) {
+		uint32_t nl_cipher;
+		uint32_t nl_akm;
+		uint32_t wpa_version;
+
+		if (hs->pairwise_cipher == IE_RSN_CIPHER_SUITE_CCMP)
+			nl_cipher = CRYPTO_CIPHER_CCMP;
+		else
+			nl_cipher = CRYPTO_CIPHER_TKIP;
+
+		l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
+					4, &nl_cipher);
+
+		if (hs->group_cipher == IE_RSN_CIPHER_SUITE_CCMP)
+			nl_cipher = CRYPTO_CIPHER_CCMP;
+		else
+			nl_cipher = CRYPTO_CIPHER_TKIP;
+
+		l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
+					4, &nl_cipher);
+
+		if (hs->mfp) {
+			uint32_t use_mfp = NL80211_MFP_REQUIRED;
+			l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP,
+								4, &use_mfp);
+		}
+
+		nl_akm = ie_rsn_akm_suite_to_nl80211(hs->akm_suite);
+		if (nl_akm)
+			l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES,
+							4, &nl_akm);
+
+		if (IE_AKM_IS_SAE(hs->akm_suite))
+			wpa_version = NL80211_WPA_VERSION_3;
+		else if (hs->wpa_ie)
+			wpa_version = NL80211_WPA_VERSION_1;
+		else
+			wpa_version = NL80211_WPA_VERSION_2;
+
+		l_genl_msg_append_attr(msg, NL80211_ATTR_WPA_VERSIONS,
+						4, &wpa_version);
+
+		l_genl_msg_append_attr(msg, NL80211_ATTR_CONTROL_PORT, 0, NULL);
+		c_iov = iov_ie_append(iov, n_iov, c_iov, hs->supplicant_ie);
+	}
+
+	if (netdev->owe_sm) {
+		owe_build_dh_ie(netdev->owe_sm, owe_dh_ie, &dh_ie_len);
+		c_iov = iov_ie_append(iov, n_iov, c_iov, owe_dh_ie);
+	}
+
+	if (netdev->pae_over_nl80211)
+		l_genl_msg_append_attr(msg,
+				NL80211_ATTR_CONTROL_PORT_OVER_NL80211,
+				0, NULL);
+
+	c_iov = iov_ie_append(iov, n_iov, c_iov, hs->mde);
+	c_iov = netdev_populate_common_ies(netdev, hs, msg, iov, n_iov, c_iov);
+
+	mpdu_sort_ies(subtype, iov, c_iov);
+
+	if (vendor_ies && !L_WARN_ON(n_iov - c_iov < num_vendor_ies)) {
+		memcpy(iov + c_iov, vendor_ies,
+					sizeof(*vendor_ies) * num_vendor_ies);
+		c_iov += num_vendor_ies;
+	}
+
+	if (c_iov)
+		l_genl_msg_append_attrv(msg, NL80211_ATTR_IE, iov, c_iov);
+
+	return msg;
+}
+
+static void netdev_cmd_connect_cb(struct l_genl_msg *msg, void *user_data)
+{
+	struct netdev *netdev = user_data;
+
+	netdev->connect_cmd_id = 0;
+
+	if (l_genl_msg_get_error(msg) >= 0) {
+		/*
+		 * connected should be false if the connect event hasn't come
+		 * in yet.  i.e. the CMD_CONNECT ack arrived first (typical).
+		 * Mark the connection as 'connected'
+		 */
+		if (!netdev->connected)
+			netdev_driver_connected(netdev);
+
+		return;
+	}
+
+	netdev_connect_failed(netdev, NETDEV_RESULT_ASSOCIATION_FAILED,
+				MMPDU_STATUS_CODE_UNSPECIFIED);
+}
+
+static bool netdev_retry_owe(struct netdev *netdev)
+{
+	struct iovec iov;
+
+	if (!owe_next_group(netdev->owe_sm))
+		return false;
+
+	iov.iov_base = netdev->handshake->vendor_ies;
+	iov.iov_len = netdev->handshake->vendor_ies_len;
+
+	netdev->connect_cmd = netdev_build_cmd_connect(netdev,
+					netdev->handshake, NULL, &iov, 1);
+
+	netdev->connect_cmd_id = l_genl_family_send(nl80211,
+						netdev->connect_cmd,
+						netdev_cmd_connect_cb, netdev,
+						NULL);
+
+	if (!netdev->connect_cmd_id)
+		return false;
+
+	netdev->connect_cmd = NULL;
+
+	return true;
+}
+
 static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev)
 {
 	struct l_genl_attr attr;
@@ -2162,6 +2390,14 @@ static void netdev_connect_event(struct l_genl_msg *msg, struct netdev *netdev)
 			goto error;
 	}
 
+	if (netdev->owe_sm && status_code && *status_code ==
+				MMPDU_STATUS_CODE_UNSUPP_FINITE_CYCLIC_GROUP) {
+		if (!netdev_retry_owe(netdev))
+			goto error;
+
+		return;
+	}
+
 	/* AP Rejected the authenticate / associate */
 	if (!status_code || *status_code != 0)
 		goto error;
@@ -2175,8 +2411,12 @@ process_resp_ies:
 	if (resp_ies) {
 		const uint8_t *fte = NULL;
 		const uint8_t *qos_set = NULL;
+		const uint8_t *owe_dh = NULL;
+		size_t owe_dh_len = 0;
 		size_t qos_len = 0;
 		struct ie_ft_info ft_info;
+		struct ie_rsn_info info;
+		bool owe_akm_found = false;
 
 		ie_tlv_iter_init(&iter, resp_ies, resp_ies_len);
 
@@ -2203,7 +2443,53 @@ process_resp_ies:
 					data - 3,
 					ie_tlv_iter_get_length(&iter) + 3);
 				break;
+			case IE_TYPE_OWE_DH_PARAM:
+				if (!netdev->owe_sm)
+					continue;
+
+				owe_dh = data;
+				owe_dh_len = len;
+
+				break;
+
+			case IE_TYPE_RSN:
+				if (!netdev->owe_sm)
+					continue;
+
+				if (ie_parse_rsne(&iter, &info) < 0) {
+					l_error("could not parse RSN IE");
+					goto error;
+				}
+
+				/*
+				 * RFC 8110 Section 4.2
+				 * An AP agreeing to do OWE MUST include the OWE AKM in
+				 * the RSN element portion of the 802.11 association
+				 * response.
+				 */
+				if (info.akm_suites != IE_RSN_AKM_SUITE_OWE) {
+					l_error("OWE AKM not included");
+					goto deauth;
+				}
+
+				owe_akm_found = true;
+
+				break;
+			}
+		}
+
+		if (netdev->owe_sm) {
+			if (!owe_dh || !owe_akm_found) {
+				l_error("OWE DH element/RSN not found");
+				goto error;
 			}
+
+			if (owe_process_dh_ie(netdev->owe_sm, owe_dh,
+						owe_dh_len) != 0)
+				goto error;
+
+			owe_sm_free(netdev->owe_sm);
+			netdev->owe_sm = NULL;
 		}
 
 		/* FILS handles its own FT key derivation */
@@ -2271,52 +2557,6 @@ deauth:
 							netdev, NULL);
 }
 
-static unsigned int ie_rsn_akm_suite_to_nl80211(enum ie_rsn_akm_suite akm)
-{
-	switch (akm) {
-	case IE_RSN_AKM_SUITE_8021X:
-		return CRYPTO_AKM_8021X;
-	case IE_RSN_AKM_SUITE_PSK:
-		return CRYPTO_AKM_PSK;
-	case IE_RSN_AKM_SUITE_FT_OVER_8021X:
-		return CRYPTO_AKM_FT_OVER_8021X;
-	case IE_RSN_AKM_SUITE_FT_USING_PSK:
-		return CRYPTO_AKM_FT_USING_PSK;
-	case IE_RSN_AKM_SUITE_8021X_SHA256:
-		return CRYPTO_AKM_8021X_SHA256;
-	case IE_RSN_AKM_SUITE_PSK_SHA256:
-		return CRYPTO_AKM_PSK_SHA256;
-	case IE_RSN_AKM_SUITE_TDLS:
-		return CRYPTO_AKM_TDLS;
-	case IE_RSN_AKM_SUITE_SAE_SHA256:
-		return CRYPTO_AKM_SAE_SHA256;
-	case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256:
-		return CRYPTO_AKM_FT_OVER_SAE_SHA256;
-	case IE_RSN_AKM_SUITE_AP_PEER_KEY_SHA256:
-		return CRYPTO_AKM_AP_PEER_KEY_SHA256;
-	case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA256:
-		return CRYPTO_AKM_8021X_SUITE_B_SHA256;
-	case IE_RSN_AKM_SUITE_8021X_SUITE_B_SHA384:
-		return CRYPTO_AKM_8021X_SUITE_B_SHA384;
-	case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
-		return CRYPTO_AKM_FT_OVER_8021X_SHA384;
-	case IE_RSN_AKM_SUITE_FILS_SHA256:
-		return CRYPTO_AKM_FILS_SHA256;
-	case IE_RSN_AKM_SUITE_FILS_SHA384:
-		return CRYPTO_AKM_FILS_SHA384;
-	case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256:
-		return CRYPTO_AKM_FT_OVER_FILS_SHA256;
-	case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384:
-		return CRYPTO_AKM_FT_OVER_FILS_SHA384;
-	case IE_RSN_AKM_SUITE_OWE:
-		return CRYPTO_AKM_OWE;
-	case IE_RSN_AKM_SUITE_OSEN:
-		return CRYPTO_AKM_OSEN;
-	}
-
-	return 0;
-}
-
 static struct l_genl_msg *netdev_build_cmd_associate_common(
 							struct netdev *netdev)
 {
@@ -2602,28 +2842,6 @@ assoc_failed:
 	netdev->expect_connect_failure = true;
 }
 
-static void netdev_cmd_connect_cb(struct l_genl_msg *msg, void *user_data)
-{
-	struct netdev *netdev = user_data;
-
-	netdev->connect_cmd_id = 0;
-
-	if (l_genl_msg_get_error(msg) >= 0) {
-		/*
-		 * connected should be false if the connect event hasn't come
-		 * in yet.  i.e. the CMD_CONNECT ack arrived first (typical).
-		 * Mark the connection as 'connected'
-		 */
-		if (!netdev->connected)
-			netdev_driver_connected(netdev);
-
-		return;
-	}
-
-	netdev_connect_failed(netdev, NETDEV_RESULT_ASSOCIATION_FAILED,
-				MMPDU_STATUS_CODE_UNSPECIFIED);
-}
-
 static struct l_genl_msg *netdev_build_cmd_authenticate(struct netdev *netdev,
 							uint32_t auth_type)
 {
@@ -2777,64 +2995,6 @@ static void netdev_sae_tx_associate(void *user_data)
 	}
 }
 
-static void netdev_owe_tx_authenticate(void *user_data)
-{
-	struct netdev *netdev = user_data;
-	struct l_genl_msg *msg;
-
-	msg = netdev_build_cmd_authenticate(netdev,
-						NL80211_AUTHTYPE_OPEN_SYSTEM);
-
-	if (!l_genl_family_send(nl80211, msg, netdev_auth_cb,
-							netdev, NULL)) {
-		l_genl_msg_unref(msg);
-		netdev_connect_failed(netdev,
-					NETDEV_RESULT_AUTHENTICATION_FAILED,
-					MMPDU_STATUS_CODE_UNSPECIFIED);
-		return;
-	}
-
-	netdev->auth_cmd = l_genl_msg_ref(msg);
-}
-
-static void netdev_owe_tx_associate(struct iovec *owe_iov, size_t n_owe_iov,
-					void *user_data)
-{
-	struct netdev *netdev = user_data;
-	struct handshake_state *hs = netdev->handshake;
-	struct l_genl_msg *msg;
-	struct iovec iov[64];
-	unsigned int n_iov = L_ARRAY_SIZE(iov);
-	unsigned int c_iov = 0;
-	enum mpdu_management_subtype subtype =
-				MPDU_MANAGEMENT_SUBTYPE_ASSOCIATION_REQUEST;
-
-	msg = netdev_build_cmd_associate_common(netdev);
-
-	c_iov = netdev_populate_common_ies(netdev, hs, msg, iov, n_iov, c_iov);
-
-	if (!L_WARN_ON(n_iov - c_iov < n_owe_iov)) {
-		memcpy(iov + c_iov, owe_iov, sizeof(*owe_iov) * n_owe_iov);
-		c_iov += n_owe_iov;
-	}
-
-	mpdu_sort_ies(subtype, iov, c_iov);
-
-	l_genl_msg_append_attrv(msg, NL80211_ATTR_IE, iov, c_iov);
-
-	/* If doing a non-FT Reassociation */
-	if (netdev->in_reassoc)
-		l_genl_msg_append_attr(msg, NL80211_ATTR_PREV_BSSID, 6,
-					netdev->ap->prev_bssid);
-
-	if (!l_genl_family_send(nl80211, msg, netdev_assoc_cb,
-							netdev, NULL)) {
-		l_genl_msg_unref(msg);
-		netdev_connect_failed(netdev, NETDEV_RESULT_ASSOCIATION_FAILED,
-					MMPDU_STATUS_CODE_UNSPECIFIED);
-	}
-}
-
 static void netdev_fils_tx_authenticate(const uint8_t *body,
 					size_t body_len,
 					void *user_data)
@@ -2902,127 +3062,6 @@ static void netdev_fils_tx_associate(struct iovec *fils_iov, size_t n_fils_iov,
 	}
 }
 
-static struct l_genl_msg *netdev_build_cmd_connect(struct netdev *netdev,
-						struct handshake_state *hs,
-						const uint8_t *prev_bssid,
-						const struct iovec *vendor_ies,
-						size_t num_vendor_ies)
-{
-	struct netdev_handshake_state *nhs =
-		l_container_of(hs, struct netdev_handshake_state, super);
-	uint32_t auth_type = IE_AKM_IS_SAE(hs->akm_suite) ?
-					NL80211_AUTHTYPE_SAE :
-					NL80211_AUTHTYPE_OPEN_SYSTEM;
-	enum mpdu_management_subtype subtype = prev_bssid ?
-				MPDU_MANAGEMENT_SUBTYPE_REASSOCIATION_REQUEST :
-				MPDU_MANAGEMENT_SUBTYPE_ASSOCIATION_REQUEST;
-	struct l_genl_msg *msg;
-	struct iovec iov[64];
-	unsigned int n_iov = L_ARRAY_SIZE(iov);
-	unsigned int c_iov = 0;
-	bool is_rsn = hs->supplicant_ie != NULL;
-
-	msg = l_genl_msg_new_sized(NL80211_CMD_CONNECT, 512);
-	l_genl_msg_append_attr(msg, NL80211_ATTR_IFINDEX, 4, &netdev->index);
-	l_genl_msg_append_attr(msg, NL80211_ATTR_WIPHY_FREQ,
-							4, &netdev->frequency);
-	l_genl_msg_append_attr(msg, NL80211_ATTR_MAC, ETH_ALEN, hs->aa);
-	l_genl_msg_append_attr(msg, NL80211_ATTR_SSID, hs->ssid_len, hs->ssid);
-	l_genl_msg_append_attr(msg, NL80211_ATTR_AUTH_TYPE, 4, &auth_type);
-
-	switch (nhs->type) {
-	case CONNECTION_TYPE_SOFTMAC:
-	case CONNECTION_TYPE_FULLMAC:
-		break;
-	case CONNECTION_TYPE_SAE_OFFLOAD:
-		l_genl_msg_append_attr(msg, NL80211_ATTR_SAE_PASSWORD,
-					strlen(hs->passphrase), hs->passphrase);
-		break;
-	case CONNECTION_TYPE_PSK_OFFLOAD:
-		l_genl_msg_append_attr(msg, NL80211_ATTR_PMK, 32, hs->pmk);
-		break;
-	case CONNECTION_TYPE_8021X_OFFLOAD:
-		l_genl_msg_append_attr(msg, NL80211_ATTR_WANT_1X_4WAY_HS,
-					0, NULL);
-	}
-
-	if (prev_bssid)
-		l_genl_msg_append_attr(msg, NL80211_ATTR_PREV_BSSID, ETH_ALEN,
-						prev_bssid);
-
-	if (netdev->privacy)
-		l_genl_msg_append_attr(msg, NL80211_ATTR_PRIVACY, 0, NULL);
-
-	l_genl_msg_append_attr(msg, NL80211_ATTR_SOCKET_OWNER, 0, NULL);
-
-	if (is_rsn) {
-		uint32_t nl_cipher;
-		uint32_t nl_akm;
-		uint32_t wpa_version;
-
-		if (hs->pairwise_cipher == IE_RSN_CIPHER_SUITE_CCMP)
-			nl_cipher = CRYPTO_CIPHER_CCMP;
-		else
-			nl_cipher = CRYPTO_CIPHER_TKIP;
-
-		l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITES_PAIRWISE,
-					4, &nl_cipher);
-
-		if (hs->group_cipher == IE_RSN_CIPHER_SUITE_CCMP)
-			nl_cipher = CRYPTO_CIPHER_CCMP;
-		else
-			nl_cipher = CRYPTO_CIPHER_TKIP;
-
-		l_genl_msg_append_attr(msg, NL80211_ATTR_CIPHER_SUITE_GROUP,
-					4, &nl_cipher);
-
-		if (hs->mfp) {
-			uint32_t use_mfp = NL80211_MFP_REQUIRED;
-			l_genl_msg_append_attr(msg, NL80211_ATTR_USE_MFP,
-								4, &use_mfp);
-		}
-
-		nl_akm = ie_rsn_akm_suite_to_nl80211(hs->akm_suite);
-		if (nl_akm)
-			l_genl_msg_append_attr(msg, NL80211_ATTR_AKM_SUITES,
-							4, &nl_akm);
-
-		if (IE_AKM_IS_SAE(hs->akm_suite))
-			wpa_version = NL80211_WPA_VERSION_3;
-		else if (hs->wpa_ie)
-			wpa_version = NL80211_WPA_VERSION_1;
-		else
-			wpa_version = NL80211_WPA_VERSION_2;
-
-		l_genl_msg_append_attr(msg, NL80211_ATTR_WPA_VERSIONS,
-						4, &wpa_version);
-
-		l_genl_msg_append_attr(msg, NL80211_ATTR_CONTROL_PORT, 0, NULL);
-		c_iov = iov_ie_append(iov, n_iov, c_iov, hs->supplicant_ie);
-	}
-
-	if (netdev->pae_over_nl80211)
-		l_genl_msg_append_attr(msg,
-				NL80211_ATTR_CONTROL_PORT_OVER_NL80211,
-				0, NULL);
-
-	c_iov = iov_ie_append(iov, n_iov, c_iov, hs->mde);
-	c_iov = netdev_populate_common_ies(netdev, hs, msg, iov, n_iov, c_iov);
-
-	mpdu_sort_ies(subtype, iov, c_iov);
-
-	if (vendor_ies && !L_WARN_ON(n_iov - c_iov < num_vendor_ies)) {
-		memcpy(iov + c_iov, vendor_ies,
-					sizeof(*vendor_ies) * num_vendor_ies);
-		c_iov += num_vendor_ies;
-	}
-
-	if (c_iov)
-		l_genl_msg_append_attrv(msg, NL80211_ATTR_IE, iov, c_iov);
-
-	return msg;
-}
-
 struct rtnl_data {
 	struct netdev *netdev;
 	uint8_t addr[ETH_ALEN];
@@ -3397,6 +3436,8 @@ static int netdev_handshake_state_setup_connection_type(
 				NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK))
 			goto psk_offload;
 
+	/* fall through */
+	case IE_RSN_AKM_SUITE_OWE:
 		if (softmac)
 			goto softmac;
 
@@ -3425,12 +3466,11 @@ static int netdev_handshake_state_setup_connection_type(
 			goto softmac;
 
 		return -EINVAL;
-	case IE_RSN_AKM_SUITE_OWE:
 	case IE_RSN_AKM_SUITE_FILS_SHA256:
 	case IE_RSN_AKM_SUITE_FILS_SHA384:
 	case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256:
 	case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384:
-		/* FILS and OWE have no offload in any upstream driver */
+		/* FILS has no offload in any upstream driver */
 		if (softmac)
 			goto softmac;
 
@@ -3509,10 +3549,9 @@ static void netdev_connect_common(struct netdev *netdev,
 
 		break;
 	case IE_RSN_AKM_SUITE_OWE:
-		netdev->ap = owe_sm_new(hs, netdev_owe_tx_authenticate,
-						netdev_owe_tx_associate,
-						netdev);
-		break;
+		netdev->owe_sm = owe_sm_new(hs);
+
+		goto build_cmd_connect;
 	case IE_RSN_AKM_SUITE_FILS_SHA256:
 	case IE_RSN_AKM_SUITE_FILS_SHA384:
 	case IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256:
diff --git a/src/owe.c b/src/owe.c
index b1eea025..eed3e266 100644
--- a/src/owe.c
+++ b/src/owe.c
@@ -34,7 +34,6 @@
 #include "src/auth-proto.h"
 
 struct owe_sm {
-	struct auth_proto ap;
 	struct handshake_state *hs;
 	const struct l_ecc_curve *curve;
 	struct l_ecc_scalar *private;
@@ -42,10 +41,6 @@ struct owe_sm {
 	uint8_t retry;
 	uint16_t group;
 	const unsigned int *ecc_groups;
-
-	owe_tx_authenticate_func_t auth_tx;
-	owe_tx_associate_func_t assoc_tx;
-	void *user_data;
 };
 
 static bool owe_reset(struct owe_sm *owe)
@@ -72,62 +67,28 @@ static bool owe_reset(struct owe_sm *owe)
 	return true;
 }
 
-static void owe_free(struct auth_proto *ap)
+void owe_sm_free(struct owe_sm *owe)
 {
-	struct owe_sm *owe = l_container_of(ap, struct owe_sm, ap);
-
 	l_ecc_scalar_free(owe->private);
 	l_ecc_point_free(owe->public_key);
 
 	l_free(owe);
 }
 
-static bool owe_start(struct auth_proto *ap)
+void owe_build_dh_ie(struct owe_sm *owe, uint8_t *buf, size_t *len_out)
 {
-	struct owe_sm *owe = l_container_of(ap, struct owe_sm, ap);
-
-	owe->auth_tx(owe->user_data);
-
-	return true;
-}
-
-static int owe_rx_authenticate(struct auth_proto *ap, const uint8_t *frame,
-				size_t frame_len)
-{
-	struct owe_sm *owe = l_container_of(ap, struct owe_sm, ap);
-
-	uint8_t buf[5 + L_ECC_SCALAR_MAX_BYTES];
-	struct iovec iov[3];
-	int iov_elems = 0;
-	size_t len;
-
-	/*
-	 * RFC 8110 Section 4.3
-	 * A client wishing to do OWE MUST indicate the OWE AKM in the RSN
-	 * element portion of the 802.11 association request ...
-	 */
-	iov[iov_elems].iov_base = owe->hs->supplicant_ie;
-	iov[iov_elems].iov_len = owe->hs->supplicant_ie[1] + 2;
-	iov_elems++;
-
 	/*
-	 * ... and MUST include a Diffie-Hellman Parameter element to its
-	 * 802.11 association request.
+	 * A client wishing to do OWE ... MUST include a Diffie-Hellman
+	 * Parameter element to its 802.11 association request.
 	 */
 	buf[0] = IE_TYPE_EXTENSION;
 	buf[2] = IE_TYPE_OWE_DH_PARAM - 256;
 	l_put_le16(owe->group, buf + 3); /* group */
-	len = l_ecc_point_get_x(owe->public_key, buf + 5,
+	*len_out = l_ecc_point_get_x(owe->public_key, buf + 5,
 					L_ECC_SCALAR_MAX_BYTES);
-	buf[1] = 3 + len; /* length */
-
-	iov[iov_elems].iov_base = (void *) buf;
-	iov[iov_elems].iov_len = buf[1] + 2;
-	iov_elems++;
+	buf[1] = 3 + *len_out; /* length */
 
-	owe->assoc_tx(iov, iov_elems, owe->user_data);
-
-	return 0;
+	*len_out += 5;
 }
 
 /*
@@ -220,7 +181,7 @@ failed:
 	return false;
 }
 
-static bool owe_retry(struct owe_sm *owe)
+bool owe_next_group(struct owe_sm *owe)
 {
 	/* retry with another group, if possible */
 	owe->retry++;
@@ -228,88 +189,23 @@ static bool owe_retry(struct owe_sm *owe)
 	if (!owe_reset(owe))
 		return false;
 
-	l_debug("OWE retrying with group %u", owe->group);
-
-	owe_rx_authenticate(&owe->ap, NULL, 0);
-
 	return true;
 }
 
-static int owe_rx_associate(struct auth_proto *ap, const uint8_t *frame,
-				size_t len)
+int owe_process_dh_ie(struct owe_sm *owe, const uint8_t *dh, size_t len)
 {
-	struct owe_sm *owe = l_container_of(ap, struct owe_sm, ap);
-
-	const struct mmpdu_header *mpdu = (const struct mmpdu_header *) frame;
-	const struct mmpdu_association_response *body = mmpdu_body(mpdu);
-	struct ie_tlv_iter iter;
-	size_t owe_dh_len = 0;
-	const uint8_t *owe_dh = NULL;
-	struct ie_rsn_info info;
-	bool akm_found = false;
-	const void *data;
-
-	if (L_LE16_TO_CPU(body->status_code) ==
-				MMPDU_STATUS_CODE_UNSUPP_FINITE_CYCLIC_GROUP) {
-		if (!owe_retry(owe))
-			goto owe_bad_status;
-
-		return -EAGAIN;
-	} else if (body->status_code)
-		goto owe_bad_status;
-
-	ie_tlv_iter_init(&iter, body->ies, (const uint8_t *) mpdu + len -
-				body->ies);
-
-	while (ie_tlv_iter_next(&iter)) {
-		uint16_t tag = ie_tlv_iter_get_tag(&iter);
-
-		data = ie_tlv_iter_get_data(&iter);
-		len = ie_tlv_iter_get_length(&iter);
-
-		switch (tag) {
-		case IE_TYPE_OWE_DH_PARAM:
-			owe_dh = data;
-			owe_dh_len = len;
-
-			break;
-		case IE_TYPE_RSN:
-			if (ie_parse_rsne(&iter, &info) < 0) {
-				l_error("could not parse RSN IE");
-				goto invalid_ies;
-			}
-
-			/*
-			 * RFC 8110 Section 4.2
-			 * An AP agreeing to do OWE MUST include the OWE AKM in
-			 * the RSN element portion of the 802.11 association
-			 * response.
-			 */
-			if (info.akm_suites != IE_RSN_AKM_SUITE_OWE) {
-				l_error("OWE AKM not included");
-				goto invalid_ies;
-			}
-
-			akm_found = true;
-
-			break;
-		default:
-			continue;
-		}
-	}
-
-	if (!owe_dh || owe_dh_len < 34 || !akm_found) {
+	if (!dh || len < 34) {
 		l_error("associate response did not include proper OWE IE's");
 		goto invalid_ies;
 	}
 
-	if (l_get_le16(owe_dh) != owe->group) {
+	if (l_get_le16(dh) != owe->group) {
 		l_error("associate response contained unsupported group %u",
-				l_get_le16(owe_dh));
+				l_get_le16(dh));
 		return -EBADMSG;
 	}
 
-	if (!owe_compute_keys(owe, owe_dh + 2, owe_dh_len - 2)) {
+	if (!owe_compute_keys(owe, dh + 2, len - 2)) {
 		l_error("could not compute OWE keys");
 		return -EBADMSG;
 	}
@@ -318,33 +214,19 @@ static int owe_rx_associate(struct auth_proto *ap, const uint8_t *frame,
 
 invalid_ies:
 	return MMPDU_STATUS_CODE_INVALID_ELEMENT;
-
-owe_bad_status:
-	return L_LE16_TO_CPU(body->status_code);
 }
 
-struct auth_proto *owe_sm_new(struct handshake_state *hs,
-				owe_tx_authenticate_func_t auth,
-				owe_tx_associate_func_t assoc,
-				void *user_data)
+struct owe_sm *owe_sm_new(struct handshake_state *hs)
 {
 	struct owe_sm *owe = l_new(struct owe_sm, 1);
 
 	owe->hs = hs;
-	owe->auth_tx = auth;
-	owe->assoc_tx = assoc;
-	owe->user_data = user_data;
 	owe->ecc_groups = l_ecc_supported_ike_groups();
 
-	owe->ap.start = owe_start;
-	owe->ap.free = owe_free;
-	owe->ap.rx_authenticate = owe_rx_authenticate;
-	owe->ap.rx_associate = owe_rx_associate;
-
 	if (!owe_reset(owe)) {
 		l_free(owe);
 		return NULL;
 	}
 
-	return &owe->ap;
+	return owe;
 }
diff --git a/src/owe.h b/src/owe.h
index 9a21505f..8a734a00 100644
--- a/src/owe.h
+++ b/src/owe.h
@@ -23,11 +23,9 @@
 struct owe_sm;
 struct handshake_state;
 
-typedef void (*owe_tx_authenticate_func_t)(void *user_data);
-typedef void (*owe_tx_associate_func_t)(struct iovec *ie_iov, size_t iov_len,
-					void *user_data);
+struct owe_sm *owe_sm_new(struct handshake_state *hs);
+void owe_sm_free(struct owe_sm *sm);
 
-struct auth_proto *owe_sm_new(struct handshake_state *hs,
-				owe_tx_authenticate_func_t auth,
-				owe_tx_associate_func_t assoc,
-				void *user_data);
+void owe_build_dh_ie(struct owe_sm *sm, uint8_t *buf, size_t *len_out);
+int owe_process_dh_ie(struct owe_sm *sm, const uint8_t *dh, size_t len);
+bool owe_next_group(struct owe_sm *sm);
-- 
2.31.1

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[Denis Kenzior]

[-- Attachment #1: Type: text/plain, Size: 496 bytes --]

Hi James,

On 9/3/21 2:35 PM, James Prestwood wrote:
> ---
>   src/netdev.c | 545 +++++++++++++++++++++++++++------------------------
>   src/owe.c    | 148 ++------------
>   src/owe.h    |  12 +-
>   3 files changed, 312 insertions(+), 393 deletions(-)
> 
> v3:
>   * Deauth if OWE AKM is not in associate response RSN IE
>   * Remove owe_sm forward declaration from netdev.h

All applied.  I did amend some more 'goto error -> goto deauth' where appropriate.

Regards,
-Denis

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[Wen Gong]

On 9/4/2021 3:35 AM, James Prestwood wrote:
> ---
...
> +
> +			case IE_TYPE_RSN:
> +				if (!netdev->owe_sm)
> +					continue;
> +
> +				if (ie_parse_rsne(&iter, &info) < 0) {
> +					l_error("could not parse RSN IE");
> +					goto error;
> +				}
> +
> +				/*
> +				 * RFC 8110 Section 4.2
> +				 * An AP agreeing to do OWE MUST include the OWE AKM in
> +				 * the RSN element portion of the 802.11 association
> +				 * response.
> +				 */
Now it is happen connect to OWE AP fail with some APs, because the assoc 
resp do not inclued RSNE.
> +				if (info.akm_suites != IE_RSN_AKM_SUITE_OWE) {
> +					l_error("OWE AKM not included");
> +					goto deauth;
> +				}
> +
> +				owe_akm_found = true;
> +
> +				break;
> +			}
> +		}
> +
> +		if (netdev->owe_sm) {
> +			if (!owe_dh || !owe_akm_found) {
> +				l_error("OWE DH element/RSN not found");

It failed here.

So is the check for owe_akm_found MUST added here if owe_dh is existed 
in assoc resp?

> +				goto error;
>   			}
...

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[James Prestwood]

Hi Wen,

On 7/12/23 4:17 AM, Wen Gong wrote:
> On 9/4/2021 3:35 AM, James Prestwood wrote:
>> ---
> ...
>> +
>> +            case IE_TYPE_RSN:
>> +                if (!netdev->owe_sm)
>> +                    continue;
>> +
>> +                if (ie_parse_rsne(&iter, &info) < 0) {
>> +                    l_error("could not parse RSN IE");
>> +                    goto error;
>> +                }
>> +
>> +                /*
>> +                 * RFC 8110 Section 4.2
>> +                 * An AP agreeing to do OWE MUST include the OWE AKM in
>> +                 * the RSN element portion of the 802.11 association
>> +                 * response.
>> +                 */
> Now it is happen connect to OWE AP fail with some APs, because the assoc 
> resp do not inclued RSNE.
>> +                if (info.akm_suites != IE_RSN_AKM_SUITE_OWE) {
>> +                    l_error("OWE AKM not included");
>> +                    goto deauth;
>> +                }
>> +
>> +                owe_akm_found = true;
>> +
>> +                break;
>> +            }
>> +        }
>> +
>> +        if (netdev->owe_sm) {
>> +            if (!owe_dh || !owe_akm_found) {
>> +                l_error("OWE DH element/RSN not found");
> 
> It failed here.
> 
> So is the check for owe_akm_found MUST added here if owe_dh is existed 
> in assoc resp?

As the comment states, the OWE RFC says that the RSN element must be 
included in the associate response if we are to stay compliant with the 
spec.

But as you may have noticed we don't actually do anything with this 
element besides parse it. I don't see that wpa_supplicant enforces this 
either, so it may be fine to relax this check.

I would prefer to see iwmon logs when you connect to this AP, just to 
confirm that the AP isn't including the IE and not something else. Would 
you be able to get those?

https://iwd.wiki.kernel.org/debugging

Thanks,
James

> 
>> +                goto error;
>>               }
> ...

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[James Prestwood]

Hi Wen,

On 7/12/23 7:23 PM, Wen Gong wrote:
> On 7/12/2023 10:52 PM, James Prestwood wrote:
>> Hi Wen,
>>
>> On 7/12/23 4:17 AM, Wen Gong wrote:
>>> On 9/4/2021 3:35 AM, James Prestwood wrote:
>>>> ---
>>> ...
>>>> +
>>>> +            case IE_TYPE_RSN:
>>>> +                if (!netdev->owe_sm)
>>>> +                    continue;
>>>> +
>>>> +                if (ie_parse_rsne(&iter, &info) < 0) {
>>>> +                    l_error("could not parse RSN IE");
>>>> +                    goto error;
>>>> +                }
>>>> +
>>>> +                /*
>>>> +                 * RFC 8110 Section 4.2
>>>> +                 * An AP agreeing to do OWE MUST include the OWE 
>>>> AKM in
>>>> +                 * the RSN element portion of the 802.11 association
>>>> +                 * response.
>>>> +                 */
>>> Now it is happen connect to OWE AP fail with some APs, because the 
>>> assoc resp do not inclued RSNE.
>>>> +                if (info.akm_suites != IE_RSN_AKM_SUITE_OWE) {
>>>> +                    l_error("OWE AKM not included");
>>>> +                    goto deauth;
>>>> +                }
>>>> +
>>>> +                owe_akm_found = true;
>>>> +
>>>> +                break;
>>>> +            }
>>>> +        }
>>>> +
>>>> +        if (netdev->owe_sm) {
>>>> +            if (!owe_dh || !owe_akm_found) {
>>>> +                l_error("OWE DH element/RSN not found");
>>>
>>> It failed here.
>>>
>>> So is the check for owe_akm_found MUST added here if owe_dh is 
>>> existed in assoc resp?
>>
>> As the comment states, the OWE RFC says that the RSN element must be 
>> included in the associate response if we are to stay compliant with 
>> the spec.
>>
>> But as you may have noticed we don't actually do anything with this 
>> element besides parse it. I don't see that wpa_supplicant enforces 
>> this either, so it may be fine to relax this check.
> Thanks for you to relax the check.
>>
>> I would prefer to see iwmon logs when you connect to this AP, just to 
>> confirm that the AP isn't including the IE and not something else. 
>> Would you be able to get those?
>>
> I have collected iwd log with hexdump, it does not include RSNIE in 
> assoc resp ies:

Sorry, I should have been more specific. Using IWD_GENL_DEBUG does 
contain the information, but its not really a readable format. We have a 
tool called iwmon which you run in parallel to IWD. This parses the raw 
data and displays a human readable output:

$ sudo iwmon --nortnl --nowiphy --noscan

Denis,

Is relaxing the RSNE check in the associate response (for OWE only) 
something you'd be ok with? Obviously with an L_WARN_ON/l_warn message.

Thanks,
James

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[Wen Gong]

On 7/13/2023 10:33 AM, James Prestwood wrote:
> Hi Wen,
>
> On 7/12/23 7:23 PM, Wen Gong wrote:
>> On 7/12/2023 10:52 PM, James Prestwood wrote:
>>> Hi Wen,
>>>
>>> On 7/12/23 4:17 AM, Wen Gong wrote:
>>>> On 9/4/2021 3:35 AM, James Prestwood wrote:
>>>>> ---
>>>> ...
>>>>> +
>>>>> +            case IE_TYPE_RSN:
>>>>> +                if (!netdev->owe_sm)
>>>>> +                    continue;
>>>>> +
>>>>> +                if (ie_parse_rsne(&iter, &info) < 0) {
>>>>> +                    l_error("could not parse RSN IE");
>>>>> +                    goto error;
>>>>> +                }
>>>>> +
>>>>> +                /*
>>>>> +                 * RFC 8110 Section 4.2
>>>>> +                 * An AP agreeing to do OWE MUST include the OWE 
>>>>> AKM in
>>>>> +                 * the RSN element portion of the 802.11 association
>>>>> +                 * response.
>>>>> +                 */
>>>> Now it is happen connect to OWE AP fail with some APs, because the 
>>>> assoc resp do not inclued RSNE.
>>>>> +                if (info.akm_suites != IE_RSN_AKM_SUITE_OWE) {
>>>>> +                    l_error("OWE AKM not included");
>>>>> +                    goto deauth;
>>>>> +                }
>>>>> +
>>>>> +                owe_akm_found = true;
>>>>> +
>>>>> +                break;
>>>>> +            }
>>>>> +        }
>>>>> +
>>>>> +        if (netdev->owe_sm) {
>>>>> +            if (!owe_dh || !owe_akm_found) {
>>>>> +                l_error("OWE DH element/RSN not found");
>>>>
>>>> It failed here.
>>>>
>>>> So is the check for owe_akm_found MUST added here if owe_dh is 
>>>> existed in assoc resp?
>>>
>>> As the comment states, the OWE RFC says that the RSN element must be 
>>> included in the associate response if we are to stay compliant with 
>>> the spec.
>>>
>>> But as you may have noticed we don't actually do anything with this 
>>> element besides parse it. I don't see that wpa_supplicant enforces 
>>> this either, so it may be fine to relax this check.
>> Thanks for you to relax the check.
>>>
>>> I would prefer to see iwmon logs when you connect to this AP, just 
>>> to confirm that the AP isn't including the IE and not something 
>>> else. Would you be able to get those?
>>>
>> I have collected iwd log with hexdump, it does not include RSNIE in 
>> assoc resp ies:
>
> Sorry, I should have been more specific. Using IWD_GENL_DEBUG does 
> contain the information, but its not really a readable format. We have 
> a tool called iwmon which you run in parallel to IWD. This parses the 
> raw data and displays a human readable output:

Hi James,

I added the hexdump here:

Jul 11 03:06:23.493780 iwd[992]: src/netdev.c:netdev_mlme_notify() MLME 
notification Associate(38)
Jul 11 03:06:23.493780 iwd[992]: src/netdev.c:netdev_associate_event()
Jul 11 03:06:23.493780 iwd[992]: [GENL] < ac 01 00 00 22 00 00 00 00 00 
00 00 00 00 00 00  ...."...........
Jul 11 03:06:23.493780 iwd[992]: [GENL]   2e 01 00 00 08 00 01 00 00 00 
00 00 08 00 03 00  ................
Jul 11 03:06:23.493780 iwd[992]: [GENL]   04 00 00 00 0a 00 06 00 fc 34 
97 2b 1b 48 00 00  .........4.+.H..
Jul 11 03:06:23.493780 iwd[992]: [GENL]   06 00 48 00 00 00 00 00 ac 00 
4d 00 00 09 41 53  ..H.......M...AS //ac 00 4d 00:assoc req ies 
start//NL80211_ATTR_REQ_IE=0x4d//00 09:SSID IE
Jul 11 03:06:23.493780 iwd[992]: [GENL]   55 53 2d 36 47 41 50 01 08 0c 
12 18 24 30 48 60  US-6GAP.....$0H`
Jul 11 03:06:23.493780 iwd[992]: [GENL]   6c 21 02 00 14 30 14 01 00 00 
0f ac 04 01 00 00  l!...0..........
Jul 11 03:06:23.493780 iwd[992]: [GENL]   0f ac 04 01 00 00 0f ac 12 c0 
00 46 05 70 00 00  ...........F.p..
Jul 11 03:06:23.493780 iwd[992]: [GENL]   00 00 7f 0a 04 00 48 00 01 00 
00 40 00 21 ff 21  ......H....@.!.!
Jul 11 03:06:23.493780 iwd[992]: [GENL]   23 0b 00 10 9a 40 08 0c 33 4c 
89 fd 09 80 c8 0e  #....@..3L......
Jul 11 03:06:23.493780 iwd[992]: [GENL]   0c 00 fa ff fa ff fa ff fa ff 
79 1c c7 71 1c c7  ..........y..q..
Jul 11 03:06:23.493780 iwd[992]: [GENL]   71 ff 03 3b b8 36 ff 33 20 14 
00 37 0b b6 af ec  q..;.6.3 ..7....
Jul 11 03:06:23.493780 iwd[992]: [GENL]   e8 7f 96 b6 1c e4 90 b9 bb 79 
ff 00 65 7c 42 1e  .........y..e|B.
Jul 11 03:06:23.493780 iwd[992]: [GENL]   d5 55 4b 6b b9 94 03 ec 83 3f 
6a 22 60 71 56 83  .UKk.....?j"`qV.
Jul 11 03:06:23.493780 iwd[992]: [GENL]   b5 94 51 ca a7 62 ed b7 77 e5 
09 dd 07 00 50 f2  ..Q..b..w.....P.
Jul 11 03:06:23.495574 iwd[992]: [GENL]   02 00 01 00 c8 00 4e 00 01 08 
8c 12 98 24 b0 48  ......N......$.H //c8 00 4e 00: assoc resp ies 
start//NL80211_ATTR_RESP_IE=0x4e //01 08: Supported Rates ie
Jul 11 03:06:23.495574 iwd[992]: [GENL]   60 6c 46 05 30 00 00 00 00 7f 
0b 04 00 48 80 01  `lF.0........H..
Jul 11 03:06:23.495574 iwd[992]: [GENL]   00 00 c0 01 00 01 ff 27 23 01 
00 08 12 00 10 4c  .......'#......L
Jul 11 03:06:23.495574 iwd[992]: [GENL]   20 02 c0 6d 5b 81 18 00 8c 00 
aa ff aa ff aa ff   ..m[...........
Jul 11 03:06:23.495574 iwd[992]: [GENL]   aa ff 7b 1c c7 71 1c c7 71 1c 
c7 71 1c c7 71 ff  ..{..q..q..q..q.
Jul 11 03:06:23.495574 iwd[992]: [GENL]   0c 24 04 00 03 16 fc ff 45 03 
47 4f 00 ff 0e 26  .$......E.GO...&
Jul 11 03:06:23.495574 iwd[992]: [GENL]   08 00 a4 08 20 a4 08 40 43 08 
60 32 08 ff 03 3b  .... ..@C.`2...;
Jul 11 03:06:23.495574 iwd[992]: [GENL]   7d 06 ff 33 20 14 00 3e 00 1d 
bd 9a b8 80 23 76  }..3 ..>......#v
Jul 11 03:06:23.495574 iwd[992]: [GENL]   f6 22 23 a3 2a e0 77 73 5b 3d 
61 88 b9 34 fe 97  ."#.*.ws[=a..4..
Jul 11 03:06:23.495574 iwd[992]: [GENL]   3e c9 2c 7d b8 9b da 2b ed 82 
5a 11 af e7 6a 27  >.,}...+..Z...j'
Jul 11 03:06:23.495574 iwd[992]: [GENL]   07 bd 1b fc 19 94 13 dd 09 00 
10 18 02 00 00 9c  ................
Jul 11 03:06:23.495574 iwd[992]: [GENL]   00 00 dd 18 00 50 f2 02 01 01 
88 00 03 a4 00 00  .....P..........
Jul 11 03:06:23.495574 iwd[992]: [GENL]   27 a4 00 00 42 43 5e 00 62 32 
2f 00              '...BC^.b2/.  //assoc resp ies end, no RSNIE from 
start to end
Jul 11 03:06:23.495574 iwd[992]: src/netdev.c:netdev_mlme_notify() MLME 
notification Connect(46)
Jul 11 03:06:23.495574 iwd[992]: src/netdev.c:netdev_connect_event()
Jul 11 03:06:23.495574 iwd[992]: OWE DH element/RSN not found

also I collected air sniffer packet here(the assoc req/resp is in the 
same connection,
they are not same connection with above iwd hexdump, but they are 
connect with the same station/AP and same configuration,
so the hex dump between air sniffer and iwd log is similar):

======================Association Request start======================
copied from wireshark:

Frame 2352: 244 bytes on wire (1952 bits), 244 bytes captured (1952 
bits) on interface 0
Radiotap Header v0, Length 48
802.11 radio information
     PHY type: 802.11a (5)
     Turbo type: Non-turbo (0)
     Data rate: 6.0 Mb/s
     Frequency: 6295MHz
     Signal strength (dBm): -38dBm
     Noise level (dBm): 0dBm
     Signal/noise ratio (dB): -38dB
     TSF timestamp: 587853865856
     [Duration: 288µs]
IEEE 802.11 Association Request, Flags: ........
     Type/Subtype: Association Request (0x0000)
     Frame Control Field: 0x0000
     .000 0000 0011 1100 = Duration: 60 microseconds
     Receiver address: fc:34:97:2b:1b:48
     Destination address: fc:34:97:2b:1b:48
     Transmitter address: 64:c4:03:88:ff:26
     Source address: 64:c4:03:88:ff:26
     BSS Id: fc:34:97:2b:1b:48
     .... .... .... 0000 = Fragment number: 0
     0000 0111 0010 .... = Sequence number: 114
IEEE 802.11 wireless LAN
     Fixed parameters (4 bytes)
     Tagged parameters (168 bytes)
         Tag: SSID parameter set: ASUS-6GAP
         Tag: Supported Rates 6, 9, 12, 18, 24, 36, 48, 54, [Mbit/sec]
         Tag: Power Capability Min: 0, Max: 20
         Tag: RSN Information
             Tag Number: RSN Information (48)
             Tag length: 20
             RSN Version: 1
             Group Cipher Suite: 00:0f:ac (Ieee 802.11) AES (CCM)
                 Group Cipher Suite OUI: 00:0f:ac (Ieee 802.11)
                 Group Cipher Suite type: AES (CCM) (4)
             Pairwise Cipher Suite Count: 1
             Pairwise Cipher Suite List 00:0f:ac (Ieee 802.11) AES (CCM)
                 Pairwise Cipher Suite: 00:0f:ac (Ieee 802.11) AES (CCM)
                     Pairwise Cipher Suite OUI: 00:0f:ac (Ieee 802.11)
                     Pairwise Cipher Suite type: AES (CCM) (4)
             Auth Key Management (AKM) Suite Count: 1
             Auth Key Management (AKM) List 00:0f:ac (Ieee 802.11) 
Opportunistic Wireless Encryption
                 Auth Key Management (AKM) Suite: 00:0f:ac (Ieee 802.11) 
Opportunistic Wireless Encryption
                     Auth Key Management (AKM) OUI: 00:0f:ac (Ieee 802.11)
                     Auth Key Management (AKM) type: Opportunistic 
Wireless Encryption (18)
             RSN Capabilities: 0x00c0
                 .... .... .... ...0 = RSN Pre-Auth capabilities: 
Transmitter does not support pre-authentication
                 .... .... .... ..0. = RSN No Pairwise capabilities: 
Transmitter can support WEP default key 0 simultaneously with Pairwise key
                 .... .... .... 00.. = RSN PTKSA Replay Counter 
capabilities: 1 replay counter per PTKSA/GTKSA/STAKeySA (0x0)
                 .... .... ..00 .... = RSN GTKSA Replay Counter 
capabilities: 1 replay counter per PTKSA/GTKSA/STAKeySA (0x0)
                 .... .... .1.. .... = Management Frame Protection 
Required: True
                 .... .... 1... .... = Management Frame Protection 
Capable: True
                 .... ...0 .... .... = Joint Multi-band RSNA: False
                 .... ..0. .... .... = PeerKey Enabled: False
         Tag: RM Enabled Capabilities (5 octets)
         Tag: Extended Capabilities (10 octets)
         Ext Tag: HE Capabilities (IEEE Std 802.11ax/D3.0)
         Ext Tag: HE 6GHz Band Capabilities
         Ext Tag: OWE Diffie-Hellman Parameter
             Tag Number: Element ID Extension (255)
             Ext Tag length: 51
             Ext Tag Number: OWE Diffie-Hellman Parameter (32)
             Group: 384-bit random ECP group (20)
             Public Key: 011630d7fd22d7abc64ce11278bd9f3a4a262222bc0d4d1d…
         Tag: Vendor Specific: Microsoft Corp.: WMM/WME: Information Element

hex byte copied from air sniffer wireshark
IEEE 802.11 Association Request, Flags: ........
0000   00 00 3c 00 fc 34 97 2b 1b 48 64 c4 03 88 ff 26 ..<..4.+.Hd....&
0010   fc 34 97 2b 1b 48 20 07                           .4.+.H .

IEEE 802.11 wireless LAN
0000   11 10 05 00 00 09 41 53 55 53 2d 36 47 41 50 01 ......ASUS-6GAP.
0010   08 0c 12 18 24 30 48 60 6c 21 02 00 14 30 14 01 ....$0H`l!...0..
0020   00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac ................
0030   12 c0 00 46 05 70 00 00 00 00 7f 0a 04 00 48 00 ...F.p........H.
0040   01 00 00 40 00 21 ff 21 23 0b 00 10 9a 40 08 0c ...@.!.!#....@..
0050   33 4c 89 fd 09 80 c8 0e 0c 00 fa ff fa ff fa ff 3L..............
0060   fa ff 79 1c c7 71 1c c7 71 ff 03 3b b8 36 ff 33 ..y..q..q..;.6.3
0070   20 14 00 01 16 30 d7 fd 22 d7 ab c6 4c e1 12 78 ....0.."...L..x
0080   bd 9f 3a 4a 26 22 22 bc 0d 4d 1d 7f bf e7 73 c9 ..:J&""..M....s.
0090   ba 43 a5 da 3e b2 c9 45 10 ba b8 e7 a4 ea ff ee .C..>..E........
00a0   09 8e 1c dd 07 00 50 f2 02 00 01 00 ......P.....
======================Association Request end======================

======================Association Response start======================

copied from wireshark:

Frame 2354: 274 bytes on wire (2192 bits), 274 bytes captured (2192 
bits) on interface 0
Radiotap Header v0, Length 48
802.11 radio information
     PHY type: 802.11a (5)
     Turbo type: Non-turbo (0)
     Data rate: 6.0 Mb/s
     Frequency: 6295MHz
     Signal strength (dBm): -45dBm
     Noise level (dBm): 0dBm
     Signal/noise ratio (dB): -45dB
     TSF timestamp: 587853891749
     [Duration: 328µs]
IEEE 802.11 Association Response, Flags: ........
     Type/Subtype: Association Response (0x0001)
     Frame Control Field: 0x1000
     .000 0000 0011 1100 = Duration: 60 microseconds
     Receiver address: 64:c4:03:88:ff:26
     Destination address: 64:c4:03:88:ff:26
     Transmitter address: fc:34:97:2b:1b:48
     Source address: fc:34:97:2b:1b:48
     BSS Id: fc:34:97:2b:1b:48
     .... .... .... 0000 = Fragment number: 0
     0001 1100 1000 .... = Sequence number: 456
IEEE 802.11 wireless LAN
     Fixed parameters (6 bytes)
     Tagged parameters (196 bytes)
         Tag: Supported Rates 6(B), 9, 12(B), 18, 24(B), 36, 48, 54, 
[Mbit/sec]
         Tag: RM Enabled Capabilities (5 octets)
         Tag: Extended Capabilities (11 octets)
         Ext Tag: HE Capabilities (IEEE Std 802.11ax/D3.0)
         Ext Tag: HE Operation (IEEE Std 802.11ax/D3.0)
         Ext Tag: MU EDCA Parameter Set
         Ext Tag: HE 6GHz Band Capabilities
         Ext Tag: OWE Diffie-Hellman Parameter
             Tag Number: Element ID Extension (255)
             Ext Tag length: 51
             Ext Tag Number: OWE Diffie-Hellman Parameter (32)
             Group: 384-bit random ECP group (20)
             Public Key: 14ba9d8abeb2ecd5d95e6c12491b16489d1bcc303e7a7fbd…
         Tag: Vendor Specific: Broadcom
         Tag: Vendor Specific: Microsoft Corp.: WMM/WME: Parameter Element

hex byte copied from air sniffer wireshark

IEEE 802.11 Association Response, Flags: ........
0000   10 00 3c 00 64 c4 03 88 ff 26 fc 34 97 2b 1b 48 ..<.d....&.4.+.H
0010   fc 34 97 2b 1b 48 80 1c                           .4.+.H..

IEEE 802.11 wireless LAN
0000   11 10 00 00 0b c0 01 08 8c 12 98 24 b0 48 60 6c ...........$.H`l
0010   46 05 30 00 00 00 00 7f 0b 04 00 48 80 01 00 00 F.0........H....
0020   c0 01 00 01 ff 27 23 01 00 08 12 00 10 4c 20 02 .....'#......L .
0030   c0 6d 5b 81 18 00 8c 00 aa ff aa ff aa ff aa ff .m[.............
0040   7b 1c c7 71 1c c7 71 1c c7 71 1c c7 71 ff 0c 24 {..q..q..q..q..$
0050   04 00 03 16 fc ff 45 03 47 4f 00 ff 0e 26 08 00 ......E.GO...&..
0060   a4 08 20 a4 08 40 43 08 60 32 08 ff 03 3b 7d 06   .. ..@C.`2...;}.
0070   ff 33 20 14 00 14 ba 9d 8a be b2 ec d5 d9 5e 6c   .3 ...........^l
0080   12 49 1b 16 48 9d 1b cc 30 3e 7a 7f bd 13 28 7b .I..H...0>z...({
0090   0c 84 e5 05 64 48 c1 ac 1e 78 38 db 33 7a 1e 5f ....dH...x8.3z._
00a0   71 9f 6f 11 b8 dd 09 00 10 18 02 00 00 9c 00 00 q.o.............
00b0   dd 18 00 50 f2 02 01 01 88 00 03 a4 00 00 27 a4 ...P..........'.
00c0   00 00 42 43 5e 00 62 32 2f 00 ..BC^.b2/.
======================Association Response end======================

>
> $ sudo iwmon --nortnl --nowiphy --noscan
>
I think above hexdump is readable/enough, if it is not, I will use iwmon 
to collect again.
> Denis,
>
> Is relaxing the RSNE check in the associate response (for OWE only) 
> something you'd be ok with? Obviously with an L_WARN_ON/l_warn message.
>
> Thanks,
> James

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[James Prestwood]

Hi Wen,

> 
> ======================Association Response start======================
> 
> copied from wireshark:
> 
> Frame 2354: 274 bytes on wire (2192 bits), 274 bytes captured (2192 
> bits) on interface 0
> Radiotap Header v0, Length 48
> 802.11 radio information
>      PHY type: 802.11a (5)
>      Turbo type: Non-turbo (0)
>      Data rate: 6.0 Mb/s
>      Frequency: 6295MHz
>      Signal strength (dBm): -45dBm
>      Noise level (dBm): 0dBm
>      Signal/noise ratio (dB): -45dB
>      TSF timestamp: 587853891749
>      [Duration: 328µs]
> IEEE 802.11 Association Response, Flags: ........
>      Type/Subtype: Association Response (0x0001)
>      Frame Control Field: 0x1000
>      .000 0000 0011 1100 = Duration: 60 microseconds
>      Receiver address: 64:c4:03:88:ff:26
>      Destination address: 64:c4:03:88:ff:26
>      Transmitter address: fc:34:97:2b:1b:48
>      Source address: fc:34:97:2b:1b:48
>      BSS Id: fc:34:97:2b:1b:48
>      .... .... .... 0000 = Fragment number: 0
>      0001 1100 1000 .... = Sequence number: 456
> IEEE 802.11 wireless LAN
>      Fixed parameters (6 bytes)
>      Tagged parameters (196 bytes)
>          Tag: Supported Rates 6(B), 9, 12(B), 18, 24(B), 36, 48, 54, 
> [Mbit/sec]
>          Tag: RM Enabled Capabilities (5 octets)
>          Tag: Extended Capabilities (11 octets)
>          Ext Tag: HE Capabilities (IEEE Std 802.11ax/D3.0)
>          Ext Tag: HE Operation (IEEE Std 802.11ax/D3.0)
>          Ext Tag: MU EDCA Parameter Set
>          Ext Tag: HE 6GHz Band Capabilities
>          Ext Tag: OWE Diffie-Hellman Parameter
>              Tag Number: Element ID Extension (255)
>              Ext Tag length: 51
>              Ext Tag Number: OWE Diffie-Hellman Parameter (32)
>              Group: 384-bit random ECP group (20)
>              Public Key: 14ba9d8abeb2ecd5d95e6c12491b16489d1bcc303e7a7fbd…
>          Tag: Vendor Specific: Broadcom
>          Tag: Vendor Specific: Microsoft Corp.: WMM/WME: Parameter Element

Indeed, it doesn't include the RSNE as it should. Out of curiosity do 
you know what AP model/manufacturer this is? Its nice to document this 
for others and to reference in the future.

Thanks for digging into this. If Denis is fine with relaxing the check 
I'll send a patch and take care of that.

Thanks,
James

> 
> hex byte copied from air sniffer wireshark
> 
> IEEE 802.11 Association Response, Flags: ........
> 0000   10 00 3c 00 64 c4 03 88 ff 26 fc 34 97 2b 1b 48 ..<.d....&.4.+.H
> 0010   fc 34 97 2b 1b 48 80 1c                           .4.+.H..
> 
> IEEE 802.11 wireless LAN
> 0000   11 10 00 00 0b c0 01 08 8c 12 98 24 b0 48 60 6c ...........$.H`l
> 0010   46 05 30 00 00 00 00 7f 0b 04 00 48 80 01 00 00 F.0........H....
> 0020   c0 01 00 01 ff 27 23 01 00 08 12 00 10 4c 20 02 .....'#......L .
> 0030   c0 6d 5b 81 18 00 8c 00 aa ff aa ff aa ff aa ff .m[.............
> 0040   7b 1c c7 71 1c c7 71 1c c7 71 1c c7 71 ff 0c 24 {..q..q..q..q..$
> 0050   04 00 03 16 fc ff 45 03 47 4f 00 ff 0e 26 08 00 ......E.GO...&..
> 0060   a4 08 20 a4 08 40 43 08 60 32 08 ff 03 3b 7d 06   .. ..@C.`2...;}.
> 0070   ff 33 20 14 00 14 ba 9d 8a be b2 ec d5 d9 5e 6c   .3 ...........^l
> 0080   12 49 1b 16 48 9d 1b cc 30 3e 7a 7f bd 13 28 7b .I..H...0>z...({
> 0090   0c 84 e5 05 64 48 c1 ac 1e 78 38 db 33 7a 1e 5f ....dH...x8.3z._
> 00a0   71 9f 6f 11 b8 dd 09 00 10 18 02 00 00 9c 00 00 q.o.............
> 00b0   dd 18 00 50 f2 02 01 01 88 00 03 a4 00 00 27 a4 ...P..........'.
> 00c0   00 00 42 43 5e 00 62 32 2f 00 ..BC^.b2/.
> ======================Association Response end======================
> 
>>
>> $ sudo iwmon --nortnl --nowiphy --noscan
>>
> I think above hexdump is readable/enough, if it is not, I will use iwmon 
> to collect again.
>> Denis,
>>
>> Is relaxing the RSNE check in the associate response (for OWE only) 
>> something you'd be ok with? Obviously with an L_WARN_ON/l_warn message.
>>
>> Thanks,
>> James

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[Wen Gong]

On 7/13/2023 11:04 AM, James Prestwood wrote:
> Hi Wen,
>
>>
>> ======================Association Response start======================
>>
...
> Indeed, it doesn't include the RSNE as it should. Out of curiosity do 
> you know what AP model/manufacturer this is? Its nice to document this 
> for others and to reference in the future.
>
Hi James,

you can see the assoc request, it is ASUS 6 GHz AP.

Tag: SSID parameter set: ASUS-6GAP
     Tag Number: SSID parameter set (0)
     Tag length: 9
     SSID: ASUS-6GAP

> Thanks for digging into this. If Denis is fine with relaxing the check 
> I'll send a patch and take care of that.
>
> Thanks,
> James
>
>>
>>
...

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[Wen Gong]

On 7/13/2023 11:04 AM, James Prestwood wrote:
...
> Indeed, it doesn't include the RSNE as it should. Out of curiosity do 
> you know what AP model/manufacturer this is? Its nice to document this 
> for others and to reference in the future.
>
> Thanks for digging into this. If Denis is fine with relaxing the check 
> I'll send a patch and take care of that.

let us wait Denis :).

It has more than one manufacturer AP happened the OWE fail.

>
> Thanks,
> James
>
>>
...
>> I think above hexdump is readable/enough, if it is not, I will use 
>> iwmon to collect again.
>>> Denis,
>>>
>>> Is relaxing the RSNE check in the associate response (for OWE only) 
>>> something you'd be ok with? Obviously with an L_WARN_ON/l_warn message.
>>>
>>> Thanks,
>>> James

Re: [PATCH v3 3/3] owe: netdev: refactor to remove OWE as an auth-proto

[Denis Kenzior]

Hi James,

> 
> Is relaxing the RSNE check in the associate response (for OWE only) something 
> you'd be ok with? Obviously with an L_WARN_ON/l_warn message.
> 

Yes, definitely.  This is our standard operating procedure, stick to the spec 
unless we see an interoperability issue.

Regards,
-Denis