From patchwork Sun Aug 25 16:35:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Wetzel X-Patchwork-Id: 1153172 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=wetzel-home.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="ABT2oRj8"; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=wetzel-home.de header.i=@wetzel-home.de header.b="JbT/rR2P"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46HCFv6BHKz9s7T for ; Mon, 26 Aug 2019 23:16:51 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=b/tk8rHGiMVaUvKwyctN2Mcazmu9p9E+nSqdssKy2fA=; b=ABT2oRj83FxdQZ IIRBaiVaQYi5S8qBqUfbivlvvUMP0LHwHGKqOGoHMqS1MFJuBDAke3GGyq1aMs4b2pqS2Q3q9+4s7 OpySg/CFiKjQg3zfpSxii2xHaKDMm4FFyF8yP00kV7AgH7I+DNv1CD5XRrKmiAr/wp4l6P1RwJXj3 Yt4pJKy+dffsuSd5p0aTy8FXN9B4EnFeX0WZz4fqvXzr3q3Bn7WyHpGiggHL6/kCTLMxeUChl35WZ lG6jT7FH9UmoVlSLFET1J3Z3kwIk2XfP6ZxRRYbHIrV559SNVo9B/qN4Q3FiU058bOE5HStzvORcX SHfKcCzvloeVKL0oBqcA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1i2ErV-00049R-6L; Mon, 26 Aug 2019 13:16:45 +0000 Received: from 1.mo177.mail-out.ovh.net ([178.33.107.143]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1i1vUj-0003fU-Su for hostap@lists.infradead.org; Sun, 25 Aug 2019 16:36:05 +0000 Received: from player795.ha.ovh.net (unknown [10.109.146.19]) by mo177.mail-out.ovh.net (Postfix) with ESMTP id EB64E1081F8 for ; Sun, 25 Aug 2019 18:35:45 +0200 (CEST) Received: from awhome.eu (p57B7E04C.dip0.t-ipconnect.de [87.183.224.76]) (Authenticated sender: postmaster@awhome.eu) by player795.ha.ovh.net (Postfix) with ESMTPSA id 417D7906D440; Sun, 25 Aug 2019 16:35:41 +0000 (UTC) From: Alexander Wetzel DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wetzel-home.de; s=wetzel-home; t=1566750940; bh=l5nEfPowImoBZdzq9CWYFboLpa2ACpW4f6IafRpN7kA=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=JbT/rR2PsWyFPsE7qdOBu+x6N1AmT70lAC+3a+3+ReEpD6g/XO+tYQmqWWvpuuW7v 2Hi1GrVELL0clM9UXcnOw9XCRhUDtY0rNDHFLjYVjwR6qbxB+Tei9s6/O1bEXgCthW EY0EwE6Lzzln3q/0UgpYpXQKMUQIBf+8HOCBZflA= To: j@w1.fi Subject: [PATCH v5 03/16] Add new argument key_type to all set_key() functions Date: Sun, 25 Aug 2019 18:35:08 +0200 Message-Id: <20190825163521.22625-4-alexander@wetzel-home.de> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20190825163521.22625-1-alexander@wetzel-home.de> References: <20190825163521.22625-1-alexander@wetzel-home.de> MIME-Version: 1.0 X-Ovh-Tracer-Id: 13321647697835597052 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduvddrudehvddguddthecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecu X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190825_093558_417105_F61079C1 X-CRM114-Status: GOOD ( 21.22 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Mailman-Approved-At: Mon, 26 Aug 2019 06:16:42 -0700 X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Wetzel , hostap@lists.infradead.org, luca@coelho.fi, johannes@sipsolutions.net Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This patch is not changing any functionality and just updates the internal hostapd/wpa_supplicant set_key() functions. It's adding an additional argument which will be used later to hand over the key_type information. This is designated to replace the functionality of set_tx and also be able to handle Extended Key ID. The new key_type is always set to zero within this patch and only hostapd_ctrl_set_key() has some additional lines to read and store the new argument in the correct - still unused - variable. Signed-off-by: Alexander Wetzel --- Since set_key() functions are central I see no way how to split it further. I made it as boring as possible and from a review point it should be next to irrelevant: The other patches are touching the interesting parts all again while the rest is simply passing trough the key_type variable. hostapd/ctrl_iface.c | 37 +++++++++++++++++++++------------ src/ap/ap_drv_ops.c | 4 ++-- src/ap/ap_drv_ops.h | 2 +- src/ap/hostapd.c | 8 +++---- src/ap/ieee802_11.c | 3 ++- src/ap/ieee802_1x.c | 7 ++++--- src/ap/wpa_auth.c | 16 +++++++------- src/ap/wpa_auth.h | 3 ++- src/ap/wpa_auth_ft.c | 7 ++++--- src/ap/wpa_auth_glue.c | 4 ++-- src/drivers/driver.h | 2 +- src/drivers/driver_atheros.c | 3 ++- src/drivers/driver_bsd.c | 3 ++- src/drivers/driver_hostap.c | 3 ++- src/drivers/driver_ndis.c | 12 ++++++----- src/drivers/driver_nl80211.c | 11 ++++++---- src/drivers/driver_openbsd.c | 3 ++- src/drivers/driver_privsep.c | 3 ++- src/drivers/driver_wext.c | 8 ++++--- src/drivers/driver_wext.h | 3 ++- src/rsn_supp/tdls.c | 6 +++--- src/rsn_supp/wpa.c | 15 ++++++------- src/rsn_supp/wpa.h | 2 +- src/rsn_supp/wpa_ft.c | 7 ++++--- src/rsn_supp/wpa_i.h | 5 +++-- tests/hwsim/test_ap_ciphers.py | 2 +- wpa_supplicant/ctrl_iface.c | 18 ++++++++-------- wpa_supplicant/driver_i.h | 6 ++++-- wpa_supplicant/ibss_rsn.c | 11 +++++----- wpa_supplicant/mesh_mpm.c | 6 +++--- wpa_supplicant/mesh_rsn.c | 9 ++++---- wpa_supplicant/wpa_supplicant.c | 8 +++---- wpa_supplicant/wpas_glue.c | 11 +++++----- 33 files changed, 143 insertions(+), 105 deletions(-) diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index 0f6dfa13d..ea1e8771d 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -2122,7 +2122,7 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) hapd->last_igtk_alg, broadcast_ether_addr, hapd->last_igtk_key_idx, 1, NULL, 0, - zero, hapd->last_igtk_len) < 0) + zero, hapd->last_igtk_len, 0) < 0) return -1; /* Set the previously configured key to reset its TSC */ @@ -2131,7 +2131,7 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) broadcast_ether_addr, hapd->last_igtk_key_idx, 1, NULL, 0, hapd->last_igtk, - hapd->last_igtk_len); + hapd->last_igtk_len, 0); } #endif /* CONFIG_IEEE80211W */ @@ -2147,7 +2147,7 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) hapd->last_gtk_alg, broadcast_ether_addr, hapd->last_gtk_key_idx, 1, NULL, 0, - zero, hapd->last_gtk_len) < 0) + zero, hapd->last_gtk_len, 0) < 0) return -1; /* Set the previously configured key to reset its TSC */ @@ -2155,7 +2155,8 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) hapd->last_gtk_alg, broadcast_ether_addr, hapd->last_gtk_key_idx, 1, NULL, 0, - hapd->last_gtk, hapd->last_gtk_len); + hapd->last_gtk, hapd->last_gtk_len, + 0); } sta = ap_get_sta(hapd, addr); @@ -2172,13 +2173,13 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) * in the driver. */ if (hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, sta->addr, sta->last_tk_key_idx, 1, NULL, 0, - zero, sta->last_tk_len) < 0) + zero, sta->last_tk_len, 0) < 0) return -1; /* Set the previously configured key to reset its TSC/RSC */ return hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, sta->addr, sta->last_tk_key_idx, 1, NULL, 0, - sta->last_tk, sta->last_tk_len); + sta->last_tk, sta->last_tk_len, 0); } @@ -2187,11 +2188,12 @@ static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd) u8 addr[ETH_ALEN]; const char *pos = cmd; enum wpa_alg alg; + enum key_type key_type; int idx, set_tx; u8 seq[6], key[WPA_TK_MAX_LEN]; size_t key_len; - /* parameters: alg addr idx set_tx seq key */ + /* parameters: alg addr idx set_tx seq key key_type*/ alg = atoi(pos); pos = os_strchr(pos, ' '); @@ -2220,13 +2222,22 @@ static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd) if (*pos != ' ') return -1; pos++; - key_len = os_strlen(pos) / 2; + key_len = (os_strchr(pos, ' ') - pos) / 2; if (hexstr2bin(pos, key, key_len) < 0) return -1; + pos += 2 * key_len; + if (*pos != ' ') + return -1; + + pos++; + key_type = atoi(pos); + pos = os_strchr(pos, ' '); + if (pos) + return -1; wpa_printf(MSG_INFO, "TESTING: Set key"); return hostapd_drv_set_key(hapd->conf->iface, hapd, alg, addr, idx, - set_tx, seq, 6, key, key_len); + set_tx, seq, 6, key, key_len, key_type); } @@ -2242,7 +2253,7 @@ static void restore_tk(void *ctx1, void *ctx2) * preventing encryption of a single EAPOL frame. */ hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, sta->addr, sta->last_tk_key_idx, 1, NULL, 0, - sta->last_tk, sta->last_tk_len); + sta->last_tk, sta->last_tk_len, 0); } @@ -2266,7 +2277,7 @@ static int hostapd_ctrl_resend_m1(struct hostapd_data *hapd, const char *cmd) MAC2STR(sta->addr)); hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, sta->addr, sta->last_tk_key_idx, 0, NULL, 0, - NULL, 0); + NULL, 0, 0); } wpa_printf(MSG_INFO, "TESTING: Send M1 to " MACSTR, MAC2STR(sta->addr)); @@ -2296,7 +2307,7 @@ static int hostapd_ctrl_resend_m3(struct hostapd_data *hapd, const char *cmd) MAC2STR(sta->addr)); hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, sta->addr, sta->last_tk_key_idx, 0, NULL, 0, - NULL, 0); + NULL, 0, 0); } wpa_printf(MSG_INFO, "TESTING: Send M3 to " MACSTR, MAC2STR(sta->addr)); @@ -2326,7 +2337,7 @@ static int hostapd_ctrl_resend_group_m1(struct hostapd_data *hapd, MAC2STR(sta->addr)); hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, sta->addr, sta->last_tk_key_idx, 0, NULL, 0, - NULL, 0); + NULL, 0, 0); } wpa_printf(MSG_INFO, diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index c0ededabe..77c457bc2 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -677,13 +677,13 @@ int hostapd_drv_set_key(const char *ifname, struct hostapd_data *hapd, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, enum key_type key_type) { if (hapd->driver == NULL || hapd->driver->set_key == NULL) return 0; return hapd->driver->set_key(ifname, hapd->drv_priv, alg, addr, key_idx, set_tx, seq, seq_len, key, - key_len); + key_len, key_type); } diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index ca7f7abe0..2c3e8e0f0 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -90,7 +90,7 @@ int hostapd_drv_set_key(const char *ifname, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len); + const u8 *key, size_t key_len, enum key_type key_type); int hostapd_drv_send_mlme(struct hostapd_data *hapd, const void *msg, size_t len, int noack); int hostapd_drv_send_mlme_csa(struct hostapd_data *hapd, diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index bf1975fbd..c0cf9a973 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -293,7 +293,7 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, return; for (i = 0; i < NUM_WEP_KEYS; i++) { if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i, - 0, NULL, 0, NULL, 0)) { + 0, NULL, 0, NULL, 0, 0)) { wpa_printf(MSG_DEBUG, "Failed to clear default " "encryption keys (ifname=%s keyidx=%d)", ifname, i); @@ -304,7 +304,7 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) { if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i, 0, NULL, - 0, NULL, 0)) { + 0, NULL, 0, 0)) { wpa_printf(MSG_DEBUG, "Failed to clear " "default mgmt encryption keys " "(ifname=%s keyidx=%d)", ifname, i); @@ -332,7 +332,7 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd) hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP, broadcast_ether_addr, idx, 1, NULL, 0, ssid->wep.key[idx], - ssid->wep.len[idx])) { + ssid->wep.len[idx], 0)) { wpa_printf(MSG_WARNING, "Could not set WEP encryption."); errors++; } @@ -560,7 +560,7 @@ static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd) hostapd_drv_set_key(iface, hapd, WPA_ALG_WEP, NULL, i, i == hapd->conf->ssid.wep.idx, NULL, 0, hapd->conf->ssid.wep.key[i], - hapd->conf->ssid.wep.len[i])) { + hapd->conf->ssid.wep.len[i], 0)) { wpa_printf(MSG_WARNING, "Could not set WEP " "encryption."); return -1; diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index c85a28db4..dfe977b75 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4771,7 +4771,8 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd, if (ssid->wep.key[i] && hostapd_drv_set_key(ifname_wds, hapd, WPA_ALG_WEP, NULL, i, i == ssid->wep.idx, NULL, 0, - ssid->wep.key[i], ssid->wep.len[i])) { + ssid->wep.key[i], ssid->wep.len[i], + 0)) { wpa_printf(MSG_WARNING, "Could not set WEP keys for WDS interface; %s", ifname_wds); diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index a7a090190..657fe94a9 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -285,7 +285,8 @@ static void ieee802_1x_tx_key(struct hostapd_data *hapd, struct sta_info *sta) * has ACKed EAPOL-Key frame */ if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP, sta->addr, 0, 1, NULL, 0, ikey, - hapd->conf->individual_wep_key_len)) { + hapd->conf->individual_wep_key_len, + 0)) { wpa_printf(MSG_ERROR, "Could not set individual WEP " "encryption."); } @@ -2170,7 +2171,7 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx) broadcast_ether_addr, eapol->default_wep_key_idx, 1, NULL, 0, eapol->default_wep_key, - hapd->conf->default_wep_key_len)) { + hapd->conf->default_wep_key_len, 0)) { hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X, HOSTAPD_LEVEL_WARNING, "failed to configure a " "new broadcast key"); @@ -2485,7 +2486,7 @@ int ieee802_1x_init(struct hostapd_data *hapd) for (i = 0; i < 4; i++) hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, NULL, i, 0, NULL, 0, - NULL, 0); + NULL, 0, 0); ieee802_1x_rekey(hapd, NULL); diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index 02937d2ee..919ba1f42 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -136,12 +136,13 @@ static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth, static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, int vlan_id, enum wpa_alg alg, const u8 *addr, int idx, - u8 *key, size_t key_len) + u8 *key, size_t key_len, + enum key_type key_type) { if (wpa_auth->cb->set_key == NULL) return -1; return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx, - key, key_len); + key, key_len, key_type); } @@ -1713,7 +1714,7 @@ void wpa_remove_ptk(struct wpa_state_machine *sm) sm->PTK_valid = FALSE; os_memset(&sm->PTK, 0, sizeof(sm->PTK)); if (wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, - 0)) + 0, 0)) wpa_printf(MSG_DEBUG, "RSN: PTK removal from the driver failed"); sm->pairwise_set = FALSE; @@ -2747,7 +2748,7 @@ int fils_set_tk(struct wpa_state_machine *sm) wpa_printf(MSG_DEBUG, "FILS: Configure TK to the driver"); if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, - sm->PTK.tk, klen)) { + sm->PTK.tk, klen, 0)) { wpa_printf(MSG_DEBUG, "FILS: Failed to set TK to the driver"); return -1; } @@ -3345,7 +3346,7 @@ SM_STATE(WPA_PTK, PTKINITDONE) enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise); int klen = wpa_cipher_key_len(sm->pairwise); if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, - sm->PTK.tk, klen)) { + sm->PTK.tk, klen, 0)) { wpa_sta_disconnect(sm->wpa_auth, sm->addr, WLAN_REASON_PREV_AUTH_NOT_VALID); return; @@ -3944,7 +3945,7 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, if (wpa_auth_set_key(wpa_auth, group->vlan_id, wpa_cipher_to_alg(wpa_auth->conf.wpa_group), broadcast_ether_addr, group->GN, - group->GTK[group->GN - 1], group->GTK_len) < 0) + group->GTK[group->GN - 1], group->GTK_len, 0) < 0) ret = -1; #ifdef CONFIG_IEEE80211W @@ -3958,7 +3959,8 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, if (ret == 0 && wpa_auth_set_key(wpa_auth, group->vlan_id, alg, broadcast_ether_addr, group->GN_igtk, - group->IGTK[group->GN_igtk - 4], len) < 0) + group->IGTK[group->GN_igtk - 4], + len, 0) < 0) ret = -1; } #endif /* CONFIG_IEEE80211W */ diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index a348bc25a..cc8ea5aa7 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -258,7 +258,8 @@ struct wpa_auth_callbacks { int *vlan_id); int (*get_msk)(void *ctx, const u8 *addr, u8 *msk, size_t *len); int (*set_key)(void *ctx, int vlan_id, enum wpa_alg alg, - const u8 *addr, int idx, u8 *key, size_t key_len); + const u8 *addr, int idx, u8 *key, size_t key_len, + enum key_type key_type); int (*get_seqnum)(void *ctx, const u8 *addr, int idx, u8 *seq); int (*send_eapol)(void *ctx, const u8 *addr, const u8 *data, size_t data_len, int encrypt); diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c index 696f8d5fa..69ed68244 100644 --- a/src/ap/wpa_auth_ft.c +++ b/src/ap/wpa_auth_ft.c @@ -2614,12 +2614,13 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, int vlan_id, enum wpa_alg alg, const u8 *addr, int idx, - u8 *key, size_t key_len) + u8 *key, size_t key_len, + enum key_type key_type) { if (wpa_auth->cb->set_key == NULL) return -1; return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx, - key, key_len); + key, key_len, key_type); } @@ -2652,7 +2653,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm) * optimized by adding the STA entry earlier. */ if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0, - sm->PTK.tk, klen)) + sm->PTK.tk, klen, 0)) return; /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */ diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 0800a8748..df900dba7 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -357,7 +357,7 @@ static int hostapd_wpa_auth_get_msk(void *ctx, const u8 *addr, u8 *msk, static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, const u8 *addr, int idx, u8 *key, - size_t key_len) + size_t key_len, enum key_type key_type) { struct hostapd_data *hapd = ctx; const char *ifname = hapd->conf->iface; @@ -400,7 +400,7 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } #endif /* CONFIG_TESTING_OPTIONS */ return hostapd_drv_set_key(ifname, hapd, alg, addr, idx, 1, NULL, 0, - key, key_len); + key, key_len, key_type); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index b74c37f2c..20cd8d26b 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -2333,7 +2333,7 @@ struct wpa_driver_ops { int (*set_key)(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len); + const u8 *key, size_t key_len, enum key_type key_type); /** * init - Initialize driver interface diff --git a/src/drivers/driver_atheros.c b/src/drivers/driver_atheros.c index 840d4ff40..08095865a 100644 --- a/src/drivers/driver_atheros.c +++ b/src/drivers/driver_atheros.c @@ -500,7 +500,8 @@ atheros_del_key(void *priv, const u8 *addr, int key_idx) static int atheros_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, - size_t seq_len, const u8 *key, size_t key_len) + size_t seq_len, const u8 *key, size_t key_len, + enum key_type key_type) { struct atheros_driver_data *drv = priv; struct ieee80211req_key wk; diff --git a/src/drivers/driver_bsd.c b/src/drivers/driver_bsd.c index 82ca0612e..c53155be0 100644 --- a/src/drivers/driver_bsd.c +++ b/src/drivers/driver_bsd.c @@ -333,7 +333,8 @@ bsd_ctrl_iface(void *priv, int enable) static int bsd_set_key(const char *ifname, void *priv, enum wpa_alg alg, const unsigned char *addr, int key_idx, int set_tx, const u8 *seq, - size_t seq_len, const u8 *key, size_t key_len) + size_t seq_len, const u8 *key, size_t key_len, + enum key_type key_type) { struct ieee80211req_key wk; #ifdef IEEE80211_KEY_NOREPLAY diff --git a/src/drivers/driver_hostap.c b/src/drivers/driver_hostap.c index 186eccbf2..bf22858fb 100644 --- a/src/drivers/driver_hostap.c +++ b/src/drivers/driver_hostap.c @@ -399,7 +399,8 @@ static int wpa_driver_hostap_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct hostap_driver_data *drv = priv; struct prism2_hostapd_param *param; diff --git a/src/drivers/driver_ndis.c b/src/drivers/driver_ndis.c index 5b4b9247e..649bc01ea 100644 --- a/src/drivers/driver_ndis.c +++ b/src/drivers/driver_ndis.c @@ -932,7 +932,8 @@ static int wpa_driver_ndis_remove_key(struct wpa_driver_ndis_data *drv, static int wpa_driver_ndis_add_wep(struct wpa_driver_ndis_data *drv, int pairwise, int key_idx, int set_tx, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { NDIS_802_11_WEP *wep; size_t len; @@ -967,7 +968,8 @@ static int wpa_driver_ndis_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct wpa_driver_ndis_data *drv = priv; size_t len, i; @@ -993,7 +995,7 @@ static int wpa_driver_ndis_set_key(const char *ifname, void *priv, if (alg == WPA_ALG_WEP) { return wpa_driver_ndis_add_wep(drv, pairwise, key_idx, set_tx, - key, key_len); + key, key_len, key_type); } len = 12 + 6 + 6 + 8 + key_len; @@ -1075,7 +1077,7 @@ wpa_driver_ndis_associate(void *priv, bcast, i, i == params->wep_tx_keyidx, NULL, 0, params->wep_key[i], - params->wep_key_len[i]); + params->wep_key_len[i], 0); } } @@ -1112,7 +1114,7 @@ wpa_driver_ndis_associate(void *priv, wpa_driver_ndis_set_key(drv->ifname, drv, WPA_ALG_WEP, bcast, 0, 1, NULL, 0, dummy_key, - sizeof(dummy_key)); + sizeof(dummy_key), 0); } #endif /* CONFIG_WPS */ } else { diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 2e3c9115c..97c655521 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3011,7 +3011,8 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct wpa_driver_nl80211_data *drv = bss->drv; int ifindex; @@ -3483,7 +3484,7 @@ retry: NULL, i, i == params->wep_tx_keyidx, NULL, 0, params->wep_key[i], - params->wep_key_len[i]); + params->wep_key_len[i], 0); if (params->wep_tx_keyidx != i) continue; if (nl_add_key(msg, WPA_ALG_WEP, i, 1, NULL, 0, @@ -8633,11 +8634,13 @@ static int driver_nl80211_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct i802_bss *bss = priv; return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx, - set_tx, seq, seq_len, key, key_len); + set_tx, seq, seq_len, key, key_len, + key_type); } diff --git a/src/drivers/driver_openbsd.c b/src/drivers/driver_openbsd.c index c06e75c0f..0d975c4c5 100644 --- a/src/drivers/driver_openbsd.c +++ b/src/drivers/driver_openbsd.c @@ -71,7 +71,8 @@ wpa_driver_openbsd_get_capa(void *priv, struct wpa_driver_capa *capa) static int wpa_driver_openbsd_set_key(const char *ifname, void *priv, enum wpa_alg alg, const unsigned char *addr, int key_idx, int set_tx, const u8 *seq, - size_t seq_len, const u8 *key, size_t key_len) + size_t seq_len, const u8 *key, size_t key_len, + enum key_type key_type) { struct openbsd_driver_data *drv = priv; struct ieee80211_keyavail keyavail; diff --git a/src/drivers/driver_privsep.c b/src/drivers/driver_privsep.c index 55cf61885..e3375cd90 100644 --- a/src/drivers/driver_privsep.c +++ b/src/drivers/driver_privsep.c @@ -209,7 +209,8 @@ static int wpa_driver_privsep_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct wpa_driver_privsep_data *drv = priv; struct privsep_cmd_set_key cmd; diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c index 4d4a05d0c..ea5d667ed 100644 --- a/src/drivers/driver_wext.c +++ b/src/drivers/driver_wext.c @@ -1712,7 +1712,8 @@ static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct wpa_driver_wext_data *drv = priv; struct iwreq iwr; @@ -1831,7 +1832,8 @@ static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg, int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct wpa_driver_wext_data *drv = priv; struct iwreq iwr; @@ -1843,7 +1845,7 @@ int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg, (unsigned long) seq_len, (unsigned long) key_len); ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, set_tx, - seq, seq_len, key, key_len); + seq, seq_len, key, key_len, key_type); if (ret == 0) return 0; diff --git a/src/drivers/driver_wext.h b/src/drivers/driver_wext.h index b4b5960a7..7e2009079 100644 --- a/src/drivers/driver_wext.h +++ b/src/drivers/driver_wext.h @@ -55,7 +55,8 @@ int wpa_driver_wext_set_mode(void *priv, int mode); int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len); + const u8 *key, size_t key_len, + enum key_type key_type); int wpa_driver_wext_scan(void *priv, struct wpa_driver_scan_params *params); struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv); diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index 704c95e68..28048d9fc 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -178,7 +178,7 @@ static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len) static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) { if (wpa_sm_set_key(sm, WPA_ALG_NONE, peer->addr, - 0, 0, NULL, 0, NULL, 0) < 0) { + 0, 0, NULL, 0, NULL, 0, 0) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from " "the driver"); return -1; @@ -227,8 +227,8 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, MAC2STR(peer->addr)); - if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, - rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) { + if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, rsc, sizeof(rsc), + peer->tpk.tk, key_len, 0) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " "driver"); return -1; diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index c929e8194..d28843d9f 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -781,7 +781,8 @@ static void wpa_sm_rekey_ptk(void *eloop_ctx, void *timeout_ctx) static int wpa_supplicant_install_ptk(struct wpa_sm *sm, - const struct wpa_eapol_key *key) + const struct wpa_eapol_key *key, + enum key_type key_type) { int keylen, rsclen; enum wpa_alg alg; @@ -826,7 +827,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, } if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, key_rsc, rsclen, - sm->ptk.tk, keylen) < 0) { + sm->ptk.tk, keylen, key_type) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set PTK to the " "driver (alg=%d keylen=%d bssid=" MACSTR ")", @@ -919,7 +920,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, if (sm->pairwise_cipher == WPA_CIPHER_NONE) { if (wpa_sm_set_key(sm, gd->alg, NULL, gd->keyidx, 1, key_rsc, gd->key_rsc_len, - _gtk, gd->gtk_len) < 0) { + _gtk, gd->gtk_len, 0) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set GTK to the driver " "(Group only)"); @@ -928,7 +929,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, } } else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr, gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, - _gtk, gd->gtk_len) < 0) { + _gtk, gd->gtk_len, 0) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set GTK to " "the driver (alg=%d keylen=%d keyidx=%d)", @@ -1083,7 +1084,7 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, igtk->pn, sizeof(igtk->pn), - igtk->igtk, len) < 0) { + igtk->igtk, len, 0) < 0) { if (keyidx == 0x0400 || keyidx == 0x0500) { /* Assume the AP has broken PMF implementation since it * seems to have swapped the KeyID bytes. The AP cannot @@ -1532,7 +1533,7 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, sm->renew_snonce = 1; if (key_info & WPA_KEY_INFO_INSTALL) { - if (wpa_supplicant_install_ptk(sm, key)) + if (wpa_supplicant_install_ptk(sm, key, 0)) goto failed; } @@ -4458,7 +4459,7 @@ int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver", sm->ptk.tk, keylen); if (wpa_sm_set_key(sm, alg, sm->bssid, 0, 1, null_rsc, rsclen, - sm->ptk.tk, keylen) < 0) { + sm->ptk.tk, keylen, 0) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "FILS: Failed to set PTK to the driver (alg=%d keylen=%d bssid=" MACSTR ")", diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index ae9cd6484..698154b94 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -30,7 +30,7 @@ struct wpa_sm_ctx { int (*set_key)(void *ctx, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len); + const u8 *key, size_t key_len, enum key_type key_type); void * (*get_network_ctx)(void *ctx); int (*get_bssid)(void *ctx, u8 *bssid); int (*ether_send)(void *ctx, const u8 *dest, u16 proto, const u8 *buf, diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index f698ff4eb..b67874bab 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -412,7 +412,8 @@ static int wpa_ft_install_ptk(struct wpa_sm *sm, const u8 *bssid) keylen = wpa_cipher_key_len(sm->pairwise_cipher); if (wpa_sm_set_key(sm, alg, bssid, 0, 1, null_rsc, - sizeof(null_rsc), (u8 *) sm->ptk.tk, keylen) < 0) { + sizeof(null_rsc), (u8 *) sm->ptk.tk, keylen, + 0) < 0) { wpa_printf(MSG_WARNING, "FT: Failed to set PTK to the driver"); return -1; } @@ -764,7 +765,7 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, os_memcpy(gtk + 24, tmp, 8); } if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0, - gtk_elem + 3, rsc_len, gtk, keylen) < 0) { + gtk_elem + 3, rsc_len, gtk, keylen, 0) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the " "driver."); return -1; @@ -832,7 +833,7 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, igtk_len); if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, - igtk_elem + 2, 6, igtk, igtk_len) < 0) { + igtk_elem + 2, 6, igtk, igtk_len, 0) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set IGTK to the " "driver."); forced_memzero(igtk, sizeof(igtk)); diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index d86734b0d..7423e8aee 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -197,11 +197,12 @@ static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, u16 reason_code) static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { WPA_ASSERT(sm->ctx->set_key); return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx, - seq, seq_len, key, key_len); + seq, seq_len, key, key_len, key_type); } static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm) diff --git a/tests/hwsim/test_ap_ciphers.py b/tests/hwsim/test_ap_ciphers.py index e10927a9c..cd45c6fd9 100644 --- a/tests/hwsim/test_ap_ciphers.py +++ b/tests/hwsim/test_ap_ciphers.py @@ -862,7 +862,7 @@ def test_ap_wpa2_delayed_m1_m3_zero_tk(dev, apdev): if "OK" not in hapd.request("RESEND_M3 " + addr): raise Exception("RESEND_M3 failed") - if "OK" not in hapd.request("SET_KEY 3 %s %d %d %s %s" % (addr, 0, 1, 6*"00", 16*"00")): + if "OK" not in hapd.request("SET_KEY 3 %s %d %d %s %s 0" % (addr, 0, 1, 6*"00", 16*"00")): raise Exception("SET_KEY failed") time.sleep(0.1) hwsim_utils.test_connectivity(dev[0], hapd, timeout=1, broadcast=False, diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 8efc08d4d..5c7fd87c5 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -5237,17 +5237,17 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) { wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication"); /* MLME-DELETEKEYS.request */ - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0, 0); #ifdef CONFIG_IEEE80211W - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0, 0); + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0, 0); #endif /* CONFIG_IEEE80211W */ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL, - 0); + 0, 0); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid, MLME_SETPROTECTION_PROTECT_TYPE_NONE, @@ -9227,13 +9227,13 @@ static int wpas_ctrl_reset_pn(struct wpa_supplicant *wpa_s) * in the driver. */ if (wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, - zero, wpa_s->last_tk_len) < 0) + zero, wpa_s->last_tk_len, 0) < 0) return -1; /* Set the previously configured key to reset its TSC/RSC */ return wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, - wpa_s->last_tk, wpa_s->last_tk_len); + wpa_s->last_tk, wpa_s->last_tk_len, 0); } diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index cf9972a6b..efb17c471 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -152,7 +152,8 @@ static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { if (alg != WPA_ALG_NONE) { if (key_idx >= 0 && key_idx <= 6) @@ -163,7 +164,8 @@ static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, if (wpa_s->driver->set_key) { return wpa_s->driver->set_key(wpa_s->ifname, wpa_s->drv_priv, alg, addr, key_idx, set_tx, - seq, seq_len, key, key_len); + seq, seq_len, key, key_len, + key_type); } return -1; } diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index 6934c4725..c1d40a9d3 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -139,7 +139,7 @@ static void ibss_check_rsn_completed(struct ibss_rsn_peer *peer) static int supp_set_key(void *ctx, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, enum key_type key_type) { struct ibss_rsn_peer *peer = ctx; @@ -166,7 +166,7 @@ static int supp_set_key(void *ctx, enum wpa_alg alg, if (is_broadcast_ether_addr(addr)) addr = peer->addr; return wpa_drv_set_key(peer->ibss_rsn->wpa_s, alg, addr, key_idx, - set_tx, seq, seq_len, key, key_len); + set_tx, seq, seq_len, key, key_len, key_type); } @@ -295,7 +295,8 @@ static int auth_send_eapol(void *ctx, const u8 *addr, const u8 *data, static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, - const u8 *addr, int idx, u8 *key, size_t key_len) + const u8 *addr, int idx, u8 *key, size_t key_len, + enum key_type key_type) { struct ibss_rsn *ibss_rsn = ctx; u8 seq[6]; @@ -334,7 +335,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } return wpa_drv_set_key(ibss_rsn->wpa_s, alg, addr, idx, - 1, seq, 6, key, key_len); + 1, seq, 6, key, key_len, key_type); } @@ -851,7 +852,7 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer " MACSTR, MAC2STR(addr)); wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0, - NULL, 0, NULL, 0); + NULL, 0, NULL, 0, 0); } if (peer && diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index 4a163b6eb..041c158e4 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -876,7 +876,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len); wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher), sta->addr, 0, 0, seq, sizeof(seq), - sta->mtk, sta->mtk_len); + sta->mtk, sta->mtk_len, 0); wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK Key RSC", sta->mgtk_rsc, sizeof(sta->mgtk_rsc)); @@ -885,7 +885,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher), sta->addr, sta->mgtk_key_id, 0, sta->mgtk_rsc, sizeof(sta->mgtk_rsc), - sta->mgtk, sta->mgtk_len); + sta->mgtk, sta->mgtk_len, 0); if (sta->igtk_len) { wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK Key RSC", @@ -897,7 +897,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_cipher_to_alg(conf->mgmt_group_cipher), sta->addr, sta->igtk_key_id, 0, sta->igtk_rsc, sizeof(sta->igtk_rsc), - sta->igtk, sta->igtk_len); + sta->igtk, sta->igtk_len, 0); } } diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index 4b8d6c469..67090fe56 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -100,7 +100,8 @@ static const u8 *auth_get_psk(void *ctx, const u8 *addr, static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, - const u8 *addr, int idx, u8 *key, size_t key_len) + const u8 *addr, int idx, u8 *key, size_t key_len, + enum key_type key_type) { struct mesh_rsn *mesh_rsn = ctx; u8 seq[6]; @@ -118,7 +119,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, wpa_hexdump_key(MSG_DEBUG, "AUTH: set_key - key", key, key_len); return wpa_drv_set_key(mesh_rsn->wpa_s, alg, addr, idx, - 1, seq, 6, key, key_len); + 1, seq, 6, key, key_len, key_type); } @@ -199,7 +200,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->mgmt_group_cipher), NULL, rsn->igtk_key_id, 1, - seq, sizeof(seq), rsn->igtk, rsn->igtk_len); + seq, sizeof(seq), rsn->igtk, rsn->igtk_len, 0); } #endif /* CONFIG_IEEE80211W */ @@ -208,7 +209,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, rsn->mgtk, rsn->mgtk_len); wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher), NULL, rsn->mgtk_key_id, 1, seq, sizeof(seq), - rsn->mgtk, rsn->mgtk_len); + rsn->mgtk, rsn->mgtk_len, 0); return 0; } diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index e7a24fc9c..d9d08c1e4 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -142,7 +142,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) set = 1; wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, i, i == ssid->wep_tx_keyidx, NULL, 0, - ssid->wep_key[i], ssid->wep_key_len[i]); + ssid->wep_key[i], ssid->wep_key_len[i], 0); } return set; @@ -200,7 +200,7 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, /* TODO: should actually remember the previously used seq#, both for TX * and RX from each STA.. */ - ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); + ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, 0); os_memset(key, 0, sizeof(key)); return ret; } @@ -706,12 +706,12 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) if (wpa_s->keys_cleared & BIT(i)) continue; wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, - NULL, 0); + NULL, 0, 0); } if (!(wpa_s->keys_cleared & BIT(0)) && addr && !is_zero_ether_addr(addr)) { wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, - 0); + 0, 0); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection( wpa_s, addr, diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index 62af7f6b1..4d461e645 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -242,7 +242,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx, } return wpa_drv_set_key(wpa_s, WPA_ALG_WEP, unicast ? wpa_s->bssid : NULL, - keyidx, unicast, NULL, 0, key, keylen); + keyidx, unicast, NULL, 0, key, keylen, 0); } @@ -341,7 +341,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, "handshake", pmk, pmk_len); if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, NULL, 0, pmk, - pmk_len)) { + pmk_len, 0)) { wpa_printf(MSG_DEBUG, "Failed to set PMK to the driver"); } @@ -488,7 +488,8 @@ static int wpa_supplicant_get_bssid(void *ctx, u8 *bssid) static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len) + const u8 *key, size_t key_len, + enum key_type key_type) { struct wpa_supplicant *wpa_s = _wpa_s; if (alg == WPA_ALG_TKIP && key_idx == 0 && key_len == 32) { @@ -513,7 +514,7 @@ static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, } #endif /* CONFIG_TESTING_OPTIONS */ return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len, - key, key_len); + key, key_len, key_type); } @@ -1157,7 +1158,7 @@ static int wpa_supplicant_key_mgmt_set_pmk(void *ctx, const u8 *pmk, if (wpa_s->conf->key_mgmt_offload && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) return wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, - NULL, 0, pmk, pmk_len); + NULL, 0, pmk, pmk_len, 0); else return 0; }