Message ID | 1327865948-19788-1-git-send-email-ordex@autistici.org |
---|---|
State | Accepted |
Commit | e640888c5e6a9931c6785648714da4dffe48ab52 |
Headers | show |
On Sun, Jan 29, 2012 at 08:39:08PM +0100, Antonio Quartulli wrote: > In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new stations. > This patch makes wpa_supplicant notify the driver when a station can be > considered authorised. > > Signed-hostap: Antonio Quartulli <ordex@autistici.org> > --- > > This patch has to wait for the related > "cfg80211/mac80211: userspace peer authorization in IBSS" kernel patch in order > to be able to work. I hope it can now happily wait for the kernel commit :-) Cheers,
On Sun, Jan 29, 2012 at 08:40:10PM +0100, Antonio Quartulli wrote: > On Sun, Jan 29, 2012 at 08:39:08PM +0100, Antonio Quartulli wrote: > > In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new stations. > > This patch makes wpa_supplicant notify the driver when a station can be > > considered authorised. > > > > Signed-hostap: Antonio Quartulli <ordex@autistici.org> > > --- > > > > This patch has to wait for the related > > "cfg80211/mac80211: userspace peer authorization in IBSS" kernel patch in order > > to be able to work. > > I hope it can now happily wait for the kernel commit :-) Hello, just wanted to ping because the dependency patch has been committed into wireless-testing (commit 267335d63b808dc861f3a4dc81a605489a8a13ac). I've done another test and everything seems to work as expected. Cheers,
On Sun, Jan 29, 2012 at 08:39:08PM +0100, Antonio Quartulli wrote: > In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new stations. > This patch makes wpa_supplicant notify the driver when a station can be > considered authorised. Thanks, applied.
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 0bf1dca..67bd29b 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -6427,6 +6427,12 @@ retry: NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid); } + if (params->key_mgmt_suite == KEY_MGMT_802_1X || + params->key_mgmt_suite == KEY_MGMT_PSK || + params->key_mgmt_suite == KEY_MGMT_802_1X_SHA256 || + params->key_mgmt_suite == KEY_MGMT_PSK_SHA256) + NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT); + if (params->wpa_ie) { wpa_hexdump(MSG_DEBUG, " * Extra IEs for Beacon/Probe Response frames", diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index f9a9090..f1e4e21 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -320,6 +320,55 @@ static int auth_for_each_sta(void *ctx, int (*cb)(struct wpa_state_machine *sm, } +static void ibss_set_sta_authorized(struct ibss_rsn *ibss_rsn, + struct ibss_rsn_peer *peer, int authorized) +{ + int res; + + if (authorized) { + res = wpa_drv_sta_set_flags(ibss_rsn->wpa_s, peer->addr, + WPA_STA_AUTHORIZED, + WPA_STA_AUTHORIZED, ~0); + wpa_printf(MSG_DEBUG, "AUTH: " MACSTR " authorizing port", + MAC2STR(peer->addr)); + } else { + res = wpa_drv_sta_set_flags(ibss_rsn->wpa_s, peer->addr, + 0, 0, ~WPA_STA_AUTHORIZED); + wpa_printf(MSG_DEBUG, "AUTH: " MACSTR " unauthorizing port", + MAC2STR(peer->addr)); + } + + if (res && errno != ENOENT) { + wpa_printf(MSG_DEBUG, "Could not set station " MACSTR " flags " + "for kernel driver (errno=%d)", + MAC2STR(peer->addr), errno); + } +} + + + +static void auth_set_eapol(void *ctx, const u8 *addr, + wpa_eapol_variable var, int value) +{ + struct ibss_rsn *ibss_rsn = ctx; + struct ibss_rsn_peer *peer = ibss_rsn_get_peer(ibss_rsn, addr); + + if (peer == NULL) + return; + + switch (var) { + case WPA_EAPOL_authorized: + ibss_set_sta_authorized(ibss_rsn, peer, value); + break; + default: + /* do not handle any other event */ + wpa_printf(MSG_DEBUG, "AUTH: eapol event not handled %d", var); + break; + } +} + + + static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn, const u8 *own_addr) { @@ -340,6 +389,7 @@ static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn, os_memset(&cb, 0, sizeof(cb)); cb.ctx = ibss_rsn; cb.logger = auth_logger; + cb.set_eapol = auth_set_eapol; cb.send_eapol = auth_send_eapol; cb.get_psk = auth_get_psk; cb.set_key = auth_set_key;