From patchwork Sun Aug 25 16:35:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Wetzel X-Patchwork-Id: 1152819 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=wetzel-home.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="iv/V2vFz"; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=wetzel-home.de header.i=@wetzel-home.de header.b="qbb6NCZy"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46GglW5q9Pz9sBp for ; Mon, 26 Aug 2019 02:37:11 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=p/GtpnjYJ8S3WkewLrSN1E+DRZWrHaNJEWIq6qnHerw=; b=iv/V2vFzSotdMu bq/bAH/b64rd9jS07zwXFxFnkB818DLOb1piUTDJkJ+dpWTG0XKKQJxX+3vlWv3IvQjBveHzJk0r0 KbAhjpEnwn7eEmS/jOtHE7L0XS4SCPQq9oD44mVgLNZatJ2kthHjIMNI9oEY7ozdSdbFa6DL61ICs y/k2IK+XC2NaBEuCiTFiiOmiHdcjA5JLaDPijQWiNC8QrYA7dHGrqrgbqd8VuPh1L29q01XPtaKHe Rz+qc3H7abbntIWbZJWmaxPrFER7g79GigwIb02rdWplfsNR27lgZpOh3aZvsMkXHDQicwhLw4LVH S/uXBOlFfzzEGvWYNdXA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1i1vVt-0004aE-0C; Sun, 25 Aug 2019 16:37:09 +0000 Received: from 2.mo177.mail-out.ovh.net ([178.33.109.80]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1i1vUj-0003fm-T5 for hostap@lists.infradead.org; Sun, 25 Aug 2019 16:36:02 +0000 Received: from player168.ha.ovh.net (unknown [10.108.54.217]) by mo177.mail-out.ovh.net (Postfix) with ESMTP id 7C9B31083BE for ; Sun, 25 Aug 2019 18:35:48 +0200 (CEST) Received: from awhome.eu (p57B7E04C.dip0.t-ipconnect.de [87.183.224.76]) (Authenticated sender: postmaster@awhome.eu) by player168.ha.ovh.net (Postfix) with ESMTPSA id 2D6158FF33D7; Sun, 25 Aug 2019 16:35:45 +0000 (UTC) From: Alexander Wetzel DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wetzel-home.de; s=wetzel-home; t=1566750940; bh=0Kvt/GE5/b3S8fPudZ5kMnBLV++Bl2uf7sSstiuYT1U=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=qbb6NCZy6USxb2u+pA+Dibt6lS0ka3Q/mwkbk09t3Ao5OQlG6Ga6GwyD3Zash0+BQ 0Eg+jbE4vTCQ66mCY/s8KOrZXVV8vf4KhLGzTNNunAMdGthLiQQNY2ayIFvOGX66WY WXRyk3lKQVk15xjRNKxOmNwYpXwnk+eGQjAGTRuw= To: j@w1.fi Subject: [PATCH v5 05/16] wpa_supplicant: Set the correct key_type for key installs Date: Sun, 25 Aug 2019 18:35:10 +0200 Message-Id: <20190825163521.22625-6-alexander@wetzel-home.de> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20190825163521.22625-1-alexander@wetzel-home.de> References: <20190825163521.22625-1-alexander@wetzel-home.de> MIME-Version: 1.0 X-Ovh-Tracer-Id: 13322773601828478204 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduvddrudehvddguddthecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecu X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190825_093558_283361_E867D944 X-CRM114-Status: GOOD ( 15.57 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.33.109.80 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Wetzel , hostap@lists.infradead.org, luca@coelho.fi, johannes@sipsolutions.net Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org In addition to the set_key "boolean" this also sets the corresponding new key_type for all key installs. Till all drivers are migrated to the new key_type both variables will provide the information required to them. Signed-off-by: Alexander Wetzel --- src/rsn_supp/tdls.c | 7 ++++--- src/rsn_supp/wpa.c | 12 +++++++----- src/rsn_supp/wpa_ft.c | 11 ++++++----- wpa_supplicant/ctrl_iface.c | 25 ++++++++++++++++--------- wpa_supplicant/ibss_rsn.c | 2 +- wpa_supplicant/mesh_mpm.c | 6 +++--- wpa_supplicant/mesh_rsn.c | 5 +++-- wpa_supplicant/wpa_supplicant.c | 11 +++++++---- wpa_supplicant/wpas_glue.c | 5 +++-- 9 files changed, 50 insertions(+), 34 deletions(-) diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index 28048d9fc..348c491be 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -178,7 +178,7 @@ static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len) static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) { if (wpa_sm_set_key(sm, WPA_ALG_NONE, peer->addr, - 0, 0, NULL, 0, NULL, 0, 0) < 0) { + 0, 0, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from " "the driver"); return -1; @@ -228,7 +228,7 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, MAC2STR(peer->addr)); if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, rsc, sizeof(rsc), - peer->tpk.tk, key_len, 0) < 0) { + peer->tpk.tk, key_len, KEY_TYPE_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " "driver"); return -1; @@ -2167,7 +2167,8 @@ static int wpa_tdls_enable_link(struct wpa_sm *sm, struct wpa_tdls_peer *peer) #endif /* CONFIG_TDLS_TESTING */ } - if (peer->reconfig_key && wpa_tdls_set_key(sm, peer) < 0) { + if (peer->reconfig_key && + wpa_tdls_set_key(sm, peer) < 0) { wpa_printf(MSG_INFO, "TDLS: Could not configure key to the " "driver"); return -1; diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index d28843d9f..830c74c8f 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -920,7 +920,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, if (sm->pairwise_cipher == WPA_CIPHER_NONE) { if (wpa_sm_set_key(sm, gd->alg, NULL, gd->keyidx, 1, key_rsc, gd->key_rsc_len, - _gtk, gd->gtk_len, 0) < 0) { + _gtk, gd->gtk_len, KEY_TYPE_BROADCAST) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set GTK to the driver " "(Group only)"); @@ -929,7 +929,9 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, } } else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr, gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, - _gtk, gd->gtk_len, 0) < 0) { + _gtk, gd->gtk_len, + gd->tx ? KEY_TYPE_DEFAULT : + KEY_TYPE_BROADCAST) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set GTK to " "the driver (alg=%d keylen=%d keyidx=%d)", @@ -1084,7 +1086,7 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, igtk->pn, sizeof(igtk->pn), - igtk->igtk, len, 0) < 0) { + igtk->igtk, len, KEY_TYPE_BROADCAST) < 0) { if (keyidx == 0x0400 || keyidx == 0x0500) { /* Assume the AP has broken PMF implementation since it * seems to have swapped the KeyID bytes. The AP cannot @@ -1533,7 +1535,7 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, sm->renew_snonce = 1; if (key_info & WPA_KEY_INFO_INSTALL) { - if (wpa_supplicant_install_ptk(sm, key, 0)) + if (wpa_supplicant_install_ptk(sm, key, KEY_TYPE_PAIRWISE)) goto failed; } @@ -4459,7 +4461,7 @@ int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver", sm->ptk.tk, keylen); if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, null_rsc, rsclen, - sm->ptk.tk, keylen, 0) < 0) { + sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "FILS: Failed to set PTK to the driver (alg=%d keylen=%d bssid=" MACSTR ")", diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index b67874bab..3b45f669b 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -411,9 +411,8 @@ static int wpa_ft_install_ptk(struct wpa_sm *sm, const u8 *bssid) alg = wpa_cipher_to_alg(sm->pairwise_cipher); keylen = wpa_cipher_key_len(sm->pairwise_cipher); - if (wpa_sm_set_key(sm, alg, bssid, 0, 1, null_rsc, - sizeof(null_rsc), (u8 *) sm->ptk.tk, keylen, - 0) < 0) { + if (wpa_sm_set_key(sm, alg, bssid, 0, 1, null_rsc, sizeof(null_rsc), + (u8 *) sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "FT: Failed to set PTK to the driver"); return -1; } @@ -765,7 +764,8 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, os_memcpy(gtk + 24, tmp, 8); } if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0, - gtk_elem + 3, rsc_len, gtk, keylen, 0) < 0) { + gtk_elem + 3, rsc_len, gtk, keylen, + KEY_TYPE_BROADCAST) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the " "driver."); return -1; @@ -833,7 +833,8 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, igtk_len); if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, - igtk_elem + 2, 6, igtk, igtk_len, 0) < 0) { + igtk_elem + 2, 6, igtk, igtk_len, + KEY_TYPE_BROADCAST) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set IGTK to the " "driver."); forced_memzero(igtk, sizeof(igtk)); diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 5c7fd87c5..862f72734 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -5237,17 +5237,23 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) { wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication"); /* MLME-DELETEKEYS.request */ - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, + 0, KEY_TYPE_BROADCAST); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, + 0, KEY_TYPE_BROADCAST); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, + 0, KEY_TYPE_BROADCAST); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, + 0, KEY_TYPE_BROADCAST); #ifdef CONFIG_IEEE80211W - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, + 0, KEY_TYPE_BROADCAST); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, + 0, KEY_TYPE_BROADCAST); #endif /* CONFIG_IEEE80211W */ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL, - 0, 0); + 0, KEY_TYPE_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid, MLME_SETPROTECTION_PROTECT_TYPE_NONE, @@ -9227,13 +9233,14 @@ static int wpas_ctrl_reset_pn(struct wpa_supplicant *wpa_s) * in the driver. */ if (wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, - zero, wpa_s->last_tk_len, 0) < 0) + zero, wpa_s->last_tk_len, KEY_TYPE_PAIRWISE) < 0) return -1; /* Set the previously configured key to reset its TSC/RSC */ return wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, - wpa_s->last_tk, wpa_s->last_tk_len, 0); + wpa_s->last_tk, wpa_s->last_tk_len, + KEY_TYPE_PAIRWISE); } diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index c1d40a9d3..0625ddeb4 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -852,7 +852,7 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer " MACSTR, MAC2STR(addr)); wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0, - NULL, 0, NULL, 0, 0); + NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); } if (peer && diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index 041c158e4..8664147ac 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -876,7 +876,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len); wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher), sta->addr, 0, 0, seq, sizeof(seq), - sta->mtk, sta->mtk_len, 0); + sta->mtk, sta->mtk_len, KEY_TYPE_PAIRWISE); wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK Key RSC", sta->mgtk_rsc, sizeof(sta->mgtk_rsc)); @@ -885,7 +885,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher), sta->addr, sta->mgtk_key_id, 0, sta->mgtk_rsc, sizeof(sta->mgtk_rsc), - sta->mgtk, sta->mgtk_len, 0); + sta->mgtk, sta->mgtk_len, KEY_TYPE_BROADCAST); if (sta->igtk_len) { wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK Key RSC", @@ -897,7 +897,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_cipher_to_alg(conf->mgmt_group_cipher), sta->addr, sta->igtk_key_id, 0, sta->igtk_rsc, sizeof(sta->igtk_rsc), - sta->igtk, sta->igtk_len, 0); + sta->igtk, sta->igtk_len, KEY_TYPE_BROADCAST); } } diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index 67090fe56..e670e259b 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -200,7 +200,8 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->mgmt_group_cipher), NULL, rsn->igtk_key_id, 1, - seq, sizeof(seq), rsn->igtk, rsn->igtk_len, 0); + seq, sizeof(seq), rsn->igtk, rsn->igtk_len, + KEY_TYPE_BROADCAST); } #endif /* CONFIG_IEEE80211W */ @@ -209,7 +210,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, rsn->mgtk, rsn->mgtk_len); wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher), NULL, rsn->mgtk_key_id, 1, seq, sizeof(seq), - rsn->mgtk, rsn->mgtk_len, 0); + rsn->mgtk, rsn->mgtk_len, KEY_TYPE_BROADCAST); return 0; } diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index d9d08c1e4..56bba65e8 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -142,7 +142,9 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) set = 1; wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, i, i == ssid->wep_tx_keyidx, NULL, 0, - ssid->wep_key[i], ssid->wep_key_len[i], 0); + ssid->wep_key[i], ssid->wep_key_len[i], + i == ssid->wep_tx_keyidx ? KEY_TYPE_DEFAULT : + KEY_TYPE_BROADCAST); } return set; @@ -200,7 +202,8 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, /* TODO: should actually remember the previously used seq#, both for TX * and RX from each STA.. */ - ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, 0); + ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, + KEY_TYPE_BROADCAST); os_memset(key, 0, sizeof(key)); return ret; } @@ -706,12 +709,12 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) if (wpa_s->keys_cleared & BIT(i)) continue; wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, - NULL, 0, 0); + NULL, 0, KEY_TYPE_BROADCAST); } if (!(wpa_s->keys_cleared & BIT(0)) && addr && !is_zero_ether_addr(addr)) { wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, - 0, 0); + 0, KEY_TYPE_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection( wpa_s, addr, diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index 4d461e645..f96608d72 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -242,7 +242,8 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx, } return wpa_drv_set_key(wpa_s, WPA_ALG_WEP, unicast ? wpa_s->bssid : NULL, - keyidx, unicast, NULL, 0, key, keylen, 0); + keyidx, unicast, NULL, 0, key, keylen, + unicast ? KEY_TYPE_DEFAULT : KEY_TYPE_BROADCAST); } @@ -341,7 +342,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, "handshake", pmk, pmk_len); if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, NULL, 0, pmk, - pmk_len, 0)) { + pmk_len, KEY_TYPE_BROADCAST)) { wpa_printf(MSG_DEBUG, "Failed to set PMK to the driver"); }