WPS: Parse Request Type from WPS IE in (Re)AssocReq and derive mgmt keys

[wpasupplicant] / hostapd / sta_info.c

diff --git a/hostapd/sta_info.c b/hostapd/sta_info.c
index 855c548..6fc1e04 100644 (file)
--- a/hostapd/sta_info.c
+++ b/hostapd/sta_info.c
@@ -156,11 +156,11 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
 
 #ifdef CONFIG_IEEE80211N
        if (sta->flags & WLAN_STA_HT) {
-               if ((sta->ht_capabilities.data.capabilities_info &
-                    HT_CAP_INFO_GREEN_FIELD) == 0)
+               u16 ht_capab = le_to_host16(
+                       sta->ht_capabilities.data.capabilities_info);
+               if ((ht_capab & HT_CAP_INFO_GREEN_FIELD) == 0)
                        hapd->iface->num_sta_ht_no_gf--;
-               if ((sta->ht_capabilities.data.capabilities_info &
-                    HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) == 0)
+               if ((ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) == 0)
                        hapd->iface->num_sta_ht_20mhz--;
        } else
                hapd->iface->num_sta_no_ht--;
@@ -188,6 +188,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
        eloop_cancel_timeout(ap_ping_timer, hapd, sta);
 #endif /* CONFIG_IEEE80211W */
 
+       wpabuf_free(sta->wps_ie);
+
        os_free(sta);
 }
 
@@ -279,7 +281,6 @@ void ap_handle_timer(void *eloop_ctx, void *timeout_ctx)
                os_memset(&hdr, 0, sizeof(hdr));
                hdr.frame_control =
                        IEEE80211_FC(WLAN_FC_TYPE_DATA, WLAN_FC_STYPE_DATA);
-               hdr.frame_control |= host_to_le16(BIT(1));
                hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS);
                os_memcpy(hdr.IEEE80211_DA_FROMDS, sta->addr, ETH_ALEN);
                os_memcpy(hdr.IEEE80211_BSSID_FROMDS, hapd->own_addr,