From patchwork Sun Aug 25 16:35:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Wetzel X-Patchwork-Id: 1153173 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=wetzel-home.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="W6fG5ntV"; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=wetzel-home.de header.i=@wetzel-home.de header.b="oLGUK7Dh"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46HCG66s2vz9s7T for ; Mon, 26 Aug 2019 23:17:02 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/Z5CX89+emq8F4bCqcrBcY8TQZ/AMBPidqXyfuWWNQU=; b=W6fG5ntVTF/19G Af9RKHfZozOlwuNNvH1zIKwfe6FKFNy0qR4WiaFijJPTNgn+sy78fwAA0SMC+d/ucCU1tffE7SsZ4 QhHNw5jBAaBZRU6ySfN8nJxwTIRwGqcLBBRvuR2fCnS4LBztaWiyfRuDYcN0a2O09a/02Rb+tqRrA Xz82YsqiIWuGYbBhGqoW/kerHOpIidDkoBy/GH28+/z2CXnX/t9epz1lCPynk8LJl5wPLzbWtk9jx ul2QtG0GjuJdLFQ4sxpcWz/vM6fT5VPpQX8vAhVKyHCgi+XyTrS4ID6IZlZsTf/mY0uPPSa4/oJtd GcfORj4tmJdd3kAQHgfQ==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92 #3 (Red Hat Linux)) id 1i2Eri-0004EX-Rv; Mon, 26 Aug 2019 13:16:59 +0000 Received: from 18.mo5.mail-out.ovh.net ([178.33.45.10]) by bombadil.infradead.org with esmtps (Exim 4.92 #3 (Red Hat Linux)) id 1i1vUm-0003g0-QP for hostap@lists.infradead.org; Sun, 25 Aug 2019 16:36:09 +0000 Received: from player728.ha.ovh.net (unknown [10.109.146.173]) by mo5.mail-out.ovh.net (Postfix) with ESMTP id 4AB3E2499C7 for ; Sun, 25 Aug 2019 18:35:52 +0200 (CEST) Received: from awhome.eu (p57B7E04C.dip0.t-ipconnect.de [87.183.224.76]) (Authenticated sender: postmaster@awhome.eu) by player728.ha.ovh.net (Postfix) with ESMTPSA id E7AE6903F85E; Sun, 25 Aug 2019 16:35:48 +0000 (UTC) From: Alexander Wetzel DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wetzel-home.de; s=wetzel-home; t=1566750941; bh=vr4kIKrJYoE5ybPn5x3ubOVnBx1pnEuTrOxQ2a6+1uY=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=oLGUK7Dh4gvGV4YH4fJvy70saWZ0a6L+Tk5Z4/SQ0Ca+TcidVKaNFIbnbSfxhLMuS 7xHmr/dT4LtveTrP7k1z4PPM68+3dBosNqS6xPgtY/Z0MBorVJ8T7RVaSozT8KE09L cSKJiy/dvFKQu6ISFdaOvRwhQaDg/yLUeuCsn2bI= To: j@w1.fi Subject: [PATCH v5 15/16] Drop set_tx from all set_key() functions Date: Sun, 25 Aug 2019 18:35:20 +0200 Message-Id: <20190825163521.22625-16-alexander@wetzel-home.de> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20190825163521.22625-1-alexander@wetzel-home.de> References: <20190825163521.22625-1-alexander@wetzel-home.de> MIME-Version: 1.0 X-Ovh-Tracer-Id: 13323899497893731580 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduvddrudehvddguddthecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecu X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190825_093601_322513_CDC8218D X-CRM114-Status: GOOD ( 19.24 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.33.45.10 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Mailman-Approved-At: Mon, 26 Aug 2019 06:16:57 -0700 X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alexander Wetzel , hostap@lists.infradead.org, luca@coelho.fi, johannes@sipsolutions.net Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Remove the no longer used set_tx argument from all set_key(), finalize the API migration to key_type. Signed-off-by: Alexander Wetzel --- This could be done much sooner in the patch series. I just wanted to keep set_tx around as long as possible to compare key_flag API decisions to what set_tx would have done. (Since patch 7 of the series set_tx is unused.) hostapd/ctrl_iface.c | 31 +++++++++++++------------------ src/ap/ap_drv_ops.c | 5 ++--- src/ap/ap_drv_ops.h | 3 +-- src/ap/hostapd.c | 10 +++++----- src/ap/ieee802_11.c | 2 +- src/ap/ieee802_1x.c | 6 +++--- src/ap/wpa_auth_glue.c | 2 +- src/drivers/driver.h | 12 +++++------- src/drivers/driver_atheros.c | 5 ++--- src/drivers/driver_bsd.c | 2 +- src/drivers/driver_hostap.c | 3 +-- src/drivers/driver_ndis.c | 9 ++++----- src/drivers/driver_nl80211.c | 20 ++++++++------------ src/drivers/driver_openbsd.c | 2 +- src/drivers/driver_privsep.c | 7 +++---- src/drivers/driver_wext.c | 14 +++++--------- src/drivers/driver_wext.h | 5 ++--- src/rsn_supp/tdls.c | 4 ++-- src/rsn_supp/wpa.c | 12 ++++++------ src/rsn_supp/wpa.h | 2 +- src/rsn_supp/wpa_ft.c | 6 +++--- src/rsn_supp/wpa_i.h | 4 ++-- tests/hwsim/test_ap_ciphers.py | 2 +- wpa_supplicant/ctrl_iface.c | 20 ++++++++++---------- wpa_supplicant/driver_i.h | 8 +++----- wpa_supplicant/ibss_rsn.c | 12 ++++++------ wpa_supplicant/mesh_mpm.c | 6 +++--- wpa_supplicant/mesh_rsn.c | 8 ++++---- wpa_supplicant/preauth_test.c | 2 +- wpa_supplicant/wpa_supplicant.c | 10 +++++----- wpa_supplicant/wpas_glue.c | 10 +++++----- 31 files changed, 110 insertions(+), 134 deletions(-) diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index 1d849c1ff..4c1b1ad91 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -2121,7 +2121,7 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) if (hostapd_drv_set_key(hapd->conf->iface, hapd, hapd->last_igtk_alg, broadcast_ether_addr, - hapd->last_igtk_key_idx, 1, NULL, 0, + hapd->last_igtk_key_idx, NULL, 0, zero, hapd->last_igtk_len, KEY_TYPE_BROADCAST) < 0) return -1; @@ -2130,7 +2130,7 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) return hostapd_drv_set_key(hapd->conf->iface, hapd, hapd->last_igtk_alg, broadcast_ether_addr, - hapd->last_igtk_key_idx, 1, NULL, 0, + hapd->last_igtk_key_idx, NULL, 0, hapd->last_igtk, hapd->last_igtk_len, KEY_TYPE_BROADCAST); @@ -2148,7 +2148,7 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) if (hostapd_drv_set_key(hapd->conf->iface, hapd, hapd->last_gtk_alg, broadcast_ether_addr, - hapd->last_gtk_key_idx, 1, NULL, 0, + hapd->last_gtk_key_idx, NULL, 0, zero, hapd->last_gtk_len, KEY_TYPE_BROADCAST) < 0) return -1; @@ -2157,7 +2157,7 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) return hostapd_drv_set_key(hapd->conf->iface, hapd, hapd->last_gtk_alg, broadcast_ether_addr, - hapd->last_gtk_key_idx, 1, NULL, 0, + hapd->last_gtk_key_idx, NULL, 0, hapd->last_gtk, hapd->last_gtk_len, KEY_TYPE_BROADCAST); } @@ -2175,13 +2175,13 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) /* First, use a zero key to avoid any possible duplicate key avoidance * in the driver. */ if (hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, - sta->addr, sta->last_tk_key_idx, 1, NULL, 0, + sta->addr, sta->last_tk_key_idx, NULL, 0, zero, sta->last_tk_len, KEY_TYPE_PAIRWISE) < 0) return -1; /* Set the previously configured key to reset its TSC/RSC */ return hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, - sta->addr, sta->last_tk_key_idx, 1, NULL, 0, + sta->addr, sta->last_tk_key_idx, NULL, 0, sta->last_tk, sta->last_tk_len, KEY_TYPE_PAIRWISE); } @@ -2193,11 +2193,11 @@ static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd) const char *pos = cmd; enum wpa_alg alg; enum key_type key_type; - int idx, set_tx; + int idx; u8 seq[6], key[WPA_TK_MAX_LEN]; size_t key_len; - /* parameters: alg addr idx set_tx seq key key_type*/ + /* parameters: alg addr idx seq key key_type */ alg = atoi(pos); pos = os_strchr(pos, ' '); @@ -2215,11 +2215,6 @@ static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd) if (!pos) return -1; pos++; - set_tx = atoi(pos); - pos = os_strchr(pos, ' '); - if (!pos) - return -1; - pos++; if (hexstr2bin(pos, seq, sizeof(seq)) < 0) return -1; pos += 2 * 6; @@ -2241,7 +2236,7 @@ static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd) wpa_printf(MSG_INFO, "TESTING: Set key"); return hostapd_drv_set_key(hapd->conf->iface, hapd, alg, addr, idx, - set_tx, seq, 6, key, key_len, key_type); + seq, 6, key, key_len, key_type); } @@ -2256,7 +2251,7 @@ static void restore_tk(void *ctx1, void *ctx2) * in replay protection issues for now since there is no clean way of * preventing encryption of a single EAPOL frame. */ hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg, - sta->addr, sta->last_tk_key_idx, 1, NULL, 0, + sta->addr, sta->last_tk_key_idx, NULL, 0, sta->last_tk, sta->last_tk_len, KEY_TYPE_PAIRWISE); } @@ -2280,7 +2275,7 @@ static int hostapd_ctrl_resend_m1(struct hostapd_data *hapd, const char *cmd) wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR, MAC2STR(sta->addr)); hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, - sta->addr, sta->last_tk_key_idx, 0, NULL, 0, + sta->addr, sta->last_tk_key_idx, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); } @@ -2310,7 +2305,7 @@ static int hostapd_ctrl_resend_m3(struct hostapd_data *hapd, const char *cmd) wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR, MAC2STR(sta->addr)); hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, - sta->addr, sta->last_tk_key_idx, 0, NULL, 0, + sta->addr, sta->last_tk_key_idx, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); } @@ -2340,7 +2335,7 @@ static int hostapd_ctrl_resend_group_m1(struct hostapd_data *hapd, wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR, MAC2STR(sta->addr)); hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE, - sta->addr, sta->last_tk_key_idx, 0, NULL, 0, + sta->addr, sta->last_tk_key_idx, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); } diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 77c457bc2..283e4ab24 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -675,14 +675,13 @@ int hostapd_driver_set_noa(struct hostapd_data *hapd, u8 count, int start, int hostapd_drv_set_key(const char *ifname, struct hostapd_data *hapd, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, + int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { if (hapd->driver == NULL || hapd->driver->set_key == NULL) return 0; return hapd->driver->set_key(ifname, hapd->drv_priv, alg, addr, - key_idx, set_tx, seq, seq_len, key, + key_idx, seq, seq_len, key, key_len, key_type); } diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index 2c3e8e0f0..2a5fb39ad 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -88,8 +88,7 @@ int hostapd_driver_set_noa(struct hostapd_data *hapd, u8 count, int start, int hostapd_drv_set_key(const char *ifname, struct hostapd_data *hapd, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, + int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type); int hostapd_drv_send_mlme(struct hostapd_data *hapd, const void *msg, size_t len, int noack); diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index 3ac84cc14..5be410c7e 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -292,7 +292,7 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, if (!ifname || !hapd->drv_priv) return; for (i = 0; i < NUM_WEP_KEYS; i++) { - if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i, 0, + if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST)) { wpa_printf(MSG_DEBUG, "Failed to clear default " "encryption keys (ifname=%s keyidx=%d)", @@ -303,8 +303,8 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, if (hapd->conf->ieee80211w) { for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) { if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, - NULL, i, 0, NULL, 0, - NULL, 0, KEY_TYPE_BROADCAST)) { + NULL, i, NULL, 0, NULL, + 0, KEY_TYPE_BROADCAST)) { wpa_printf(MSG_DEBUG, "Failed to clear " "default mgmt encryption keys " "(ifname=%s keyidx=%d)", ifname, i); @@ -331,7 +331,7 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd) if (ssid->wep.default_len && hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP, broadcast_ether_addr, idx, - 1, NULL, 0, ssid->wep.key[idx], + NULL, 0, ssid->wep.key[idx], ssid->wep.len[idx], KEY_TYPE_DEFAULT)) { wpa_printf(MSG_WARNING, "Could not set WEP encryption."); errors++; @@ -558,7 +558,7 @@ static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd) for (i = 0; i < 4; i++) { if (hapd->conf->ssid.wep.key[i] && hostapd_drv_set_key(iface, hapd, WPA_ALG_WEP, NULL, i, - i == hapd->conf->ssid.wep.idx, NULL, 0, + NULL, 0, hapd->conf->ssid.wep.key[i], hapd->conf->ssid.wep.len[i], i == hapd->conf->ssid.wep.idx ? diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index bc2e50eeb..eeaecee07 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -4770,7 +4770,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd, for (i = 0; i < 4; i++) { if (ssid->wep.key[i] && hostapd_drv_set_key(ifname_wds, hapd, WPA_ALG_WEP, NULL, i, - i == ssid->wep.idx, NULL, 0, + NULL, 0, ssid->wep.key[i], ssid->wep.len[i], i == ssid->wep.idx ? KEY_TYPE_DEFAULT : KEY_TYPE_BROADCAST)) { diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index 29e502e18..ba3ea1f7d 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -284,7 +284,7 @@ static void ieee802_1x_tx_key(struct hostapd_data *hapd, struct sta_info *sta) /* TODO: set encryption in TX callback, i.e., only after STA * has ACKed EAPOL-Key frame */ if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP, - sta->addr, 0, 1, NULL, 0, ikey, + sta->addr, 0, NULL, 0, ikey, hapd->conf->individual_wep_key_len, KEY_TYPE_DEFAULT)) { wpa_printf(MSG_ERROR, "Could not set individual WEP " @@ -2169,7 +2169,7 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx) * after new broadcast key has been sent to all stations. */ if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP, broadcast_ether_addr, - eapol->default_wep_key_idx, 1, NULL, 0, + eapol->default_wep_key_idx, NULL, 0, eapol->default_wep_key, hapd->conf->default_wep_key_len, KEY_TYPE_DEFAULT)) { @@ -2486,7 +2486,7 @@ int ieee802_1x_init(struct hostapd_data *hapd) if (hapd->conf->default_wep_key_len) { for (i = 0; i < 4; i++) hostapd_drv_set_key(hapd->conf->iface, hapd, - WPA_ALG_NONE, NULL, i, 0, NULL, 0, + WPA_ALG_NONE, NULL, i, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); ieee802_1x_rekey(hapd, NULL); diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 0cc824863..dad1a8824 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -405,7 +405,7 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, hapd->last_gtk_len = key_len; } #endif /* CONFIG_TESTING_OPTIONS */ - return hostapd_drv_set_key(ifname, hapd, alg, addr, idx, 1, NULL, 0, + return hostapd_drv_set_key(ifname, hapd, alg, addr, idx, NULL, 0, key, key_len, key_type); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 20cd8d26b..25d607b1c 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -2280,8 +2280,6 @@ struct wpa_driver_ops { * specified key index is to be cleared * @key_idx: key index (0..3), usually 0 for unicast keys; 0..4095 for * IGTK - * @set_tx: configure this key as the default Tx key (only used when - * driver does not support separate unicast/individual key * @seq: sequence number/packet number, seq_len octets, the next * packet number to be used for in replay protection; configured * for Rx keys (in most cases, this is only used with broadcast @@ -2317,10 +2315,10 @@ struct wpa_driver_ops { * addr can be used to determine whether the key is default or * individual. If only 4 keys are supported, the default key with key * index 0 is used as the individual key. STA must be configured to use - * it as the default Tx key (set_tx is set) and accept Rx for all the - * key indexes. In most cases, WPA uses only key indexes 1 and 2 for - * broadcast keys, so key index 0 is available for this kind of - * configuration. + * it as the default Tx key (KEY_TYPE_DEFAULT is set) and accept Rx + * for all the key indexes. In most cases, WPA uses only key indexes 1 + * and 2 for broadcast keys, so key index 0 is available for this kind + * of configuration. * * Please note that TKIP keys include separate TX and RX MIC keys and * some drivers may expect them in different order than wpa_supplicant @@ -2331,7 +2329,7 @@ struct wpa_driver_ops { * example on how this can be done. */ int (*set_key)(const char *ifname, void *priv, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, + const u8 *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type); diff --git a/src/drivers/driver_atheros.c b/src/drivers/driver_atheros.c index 0c87da6d0..02cf2b23b 100644 --- a/src/drivers/driver_atheros.c +++ b/src/drivers/driver_atheros.c @@ -499,9 +499,8 @@ atheros_del_key(void *priv, const u8 *addr, int key_idx) static int atheros_set_key(const char *ifname, void *priv, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, const u8 *seq, - size_t seq_len, const u8 *key, size_t key_len, - enum key_type key_type) + const u8 *addr, int key_idx, const u8 *seq, size_t seq_len, + const u8 *key, size_t key_len, enum key_type key_type) { struct atheros_driver_data *drv = priv; struct ieee80211req_key wk; diff --git a/src/drivers/driver_bsd.c b/src/drivers/driver_bsd.c index 89e4508e7..c3e258cab 100644 --- a/src/drivers/driver_bsd.c +++ b/src/drivers/driver_bsd.c @@ -332,7 +332,7 @@ bsd_ctrl_iface(void *priv, int enable) static int bsd_set_key(const char *ifname, void *priv, enum wpa_alg alg, - const unsigned char *addr, int key_idx, int set_tx, const u8 *seq, + const unsigned char *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { diff --git a/src/drivers/driver_hostap.c b/src/drivers/driver_hostap.c index 454388fe7..627c6a090 100644 --- a/src/drivers/driver_hostap.c +++ b/src/drivers/driver_hostap.c @@ -397,8 +397,7 @@ static int hostapd_ioctl(void *priv, struct prism2_hostapd_param *param, static int wpa_driver_hostap_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, + int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { diff --git a/src/drivers/driver_ndis.c b/src/drivers/driver_ndis.c index 2963e1f51..0e95740c7 100644 --- a/src/drivers/driver_ndis.c +++ b/src/drivers/driver_ndis.c @@ -931,7 +931,7 @@ static int wpa_driver_ndis_remove_key(struct wpa_driver_ndis_data *drv, static int wpa_driver_ndis_add_wep(struct wpa_driver_ndis_data *drv, - int pairwise, int key_idx, int set_tx, + int pairwise, int key_idx, const u8 *key, size_t key_len, enum key_type key_type) { @@ -966,8 +966,7 @@ static int wpa_driver_ndis_add_wep(struct wpa_driver_ndis_data *drv, static int wpa_driver_ndis_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, + int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { @@ -994,8 +993,8 @@ static int wpa_driver_ndis_set_key(const char *ifname, void *priv, } if (alg == WPA_ALG_WEP) { - return wpa_driver_ndis_add_wep(drv, pairwise, key_idx, set_tx, - key, key_len, key_type); + return wpa_driver_ndis_add_wep(drv, pairwise, key_idx, key, + key_len, key_type); } len = 12 + 6 + 6 + 8 + key_len; diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 4c1dd0ec4..94469391c 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3009,10 +3009,9 @@ static int nl80211_set_pmk(struct wpa_driver_nl80211_data *drv, static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len, - enum key_type key_type) + int key_idx, const u8 *seq, + size_t seq_len, const u8 *key, + size_t key_len, enum key_type key_type) { struct wpa_driver_nl80211_data *drv = bss->drv; int ifindex; @@ -3028,8 +3027,8 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, ifindex = if_nametoindex(ifname); wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " - "set_tx=%d seq_len=%lu key_len=%lu key_type=%d", - __func__, ifindex, ifname, alg, addr, key_idx, set_tx, + "seq_len=%lu key_len=%lu key_type=%d", + __func__, ifindex, ifname, alg, addr, key_idx, (unsigned long) seq_len, (unsigned long) key_len, key_type); #ifdef CONFIG_DRIVER_NL80211_QCA if (alg == WPA_ALG_PMK && @@ -3482,8 +3481,7 @@ retry: if (!params->wep_key[i]) continue; wpa_driver_nl80211_set_key(bss->ifname, bss, WPA_ALG_WEP, - NULL, i, - i == params->wep_tx_keyidx, NULL, 0, + NULL, i, NULL, 0, params->wep_key[i], params->wep_key_len[i], i == params->wep_tx_keyidx ? @@ -8636,15 +8634,13 @@ nl80211_tdls_disable_channel_switch(void *priv, const u8 *addr) static int driver_nl80211_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, + int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { struct i802_bss *bss = priv; return wpa_driver_nl80211_set_key(ifname, bss, alg, addr, key_idx, - set_tx, seq, seq_len, key, key_len, - key_type); + seq, seq_len, key, key_len, key_type); } diff --git a/src/drivers/driver_openbsd.c b/src/drivers/driver_openbsd.c index 0d975c4c5..f3c4f3e54 100644 --- a/src/drivers/driver_openbsd.c +++ b/src/drivers/driver_openbsd.c @@ -70,7 +70,7 @@ wpa_driver_openbsd_get_capa(void *priv, struct wpa_driver_capa *capa) static int wpa_driver_openbsd_set_key(const char *ifname, void *priv, enum wpa_alg alg, - const unsigned char *addr, int key_idx, int set_tx, const u8 *seq, + const unsigned char *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { diff --git a/src/drivers/driver_privsep.c b/src/drivers/driver_privsep.c index b3d2ddae0..b832638de 100644 --- a/src/drivers/driver_privsep.c +++ b/src/drivers/driver_privsep.c @@ -207,10 +207,9 @@ wpa_driver_privsep_get_scan_results2(void *priv) static int wpa_driver_privsep_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len, - enum key_type key_type) + int key_idx, const u8 *seq, + size_t seq_len, const u8 *key, + size_t key_len, enum key_type key_type) { struct wpa_driver_privsep_data *drv = priv; struct privsep_cmd_set_key cmd; diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c index 52e8e8d49..6ee9a7016 100644 --- a/src/drivers/driver_wext.c +++ b/src/drivers/driver_wext.c @@ -1710,8 +1710,7 @@ static int wpa_driver_wext_set_psk(struct wpa_driver_wext_data *drv, static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, - int set_tx, const u8 *seq, - size_t seq_len, + const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { @@ -1812,8 +1811,6 @@ static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg, * @addr: Address of the peer STA or ff:ff:ff:ff:ff:ff for * broadcast/default keys * @key_idx: key index (0..3), usually 0 for unicast keys - * @set_tx: Configure this key as the default Tx key (only used when - * driver does not support separate unicast/individual key * @seq: Sequence number/packet number, seq_len octets, the next * packet number to be used for in replay protection; configured * for Rx keys (in most cases, this is only used with broadcast @@ -1834,9 +1831,8 @@ static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg, */ int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, - int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len, - enum key_type key_type) + const u8 *seq, size_t seq_len, const u8 *key, + size_t key_len, enum key_type key_type) { struct wpa_driver_wext_data *drv = priv; struct iwreq iwr; @@ -1847,8 +1843,8 @@ int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg, __FUNCTION__, alg, key_idx, key_type, (unsigned long) seq_len, (unsigned long) key_len); - ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, set_tx, - seq, seq_len, key, key_len, key_type); + ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, seq, + seq_len, key, key_len, key_type); if (ret == 0) return 0; diff --git a/src/drivers/driver_wext.h b/src/drivers/driver_wext.h index 7e2009079..1c65b30cc 100644 --- a/src/drivers/driver_wext.h +++ b/src/drivers/driver_wext.h @@ -54,9 +54,8 @@ int wpa_driver_wext_set_freq(void *priv, int freq); int wpa_driver_wext_set_mode(void *priv, int mode); int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg, const u8 *addr, int key_idx, - int set_tx, const u8 *seq, size_t seq_len, - const u8 *key, size_t key_len, - enum key_type key_type); + const u8 *seq, size_t seq_len, const u8 *key, + size_t key_len, enum key_type key_type); int wpa_driver_wext_scan(void *priv, struct wpa_driver_scan_params *params); struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv); diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index 01d339290..46afcb634 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -178,7 +178,7 @@ static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len) static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) { if (wpa_sm_set_key(sm, WPA_ALG_NONE, peer->addr, - 0, 0, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE) < 0) { + 0, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from " "the driver"); return -1; @@ -227,7 +227,7 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, MAC2STR(peer->addr)); - if (wpa_sm_set_key(sm, alg, peer->addr, 0, 1, rsc, sizeof(rsc), + if (wpa_sm_set_key(sm, alg, peer->addr, 0, rsc, sizeof(rsc), peer->tpk.tk, key_len, KEY_TYPE_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " "driver"); diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 22ed47799..002e3a9e3 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -881,7 +881,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, wpa_hexdump(MSG_DEBUG, "WPA: RSC", key_rsc, rsclen); } - if (wpa_sm_set_key(sm, alg, sm->bssid, sm->keyidx_active, 1, key_rsc, + if (wpa_sm_set_key(sm, alg, sm->bssid, sm->keyidx_active, key_rsc, rsclen, sm->ptk.tk, keylen, key_type) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set PTK to the driver" @@ -910,7 +910,7 @@ static int wpa_supplicant_activate_ptk(struct wpa_sm *sm) sm->keyidx_active, MAC2STR(sm->bssid)); if (wpa_sm_set_key(sm, 0, sm->bssid, sm->keyidx_active, - 0, 0, 0, NULL, 0, KEY_TYPE_SET_TX) < 0) { + 0, 0, NULL, 0, KEY_TYPE_SET_TX) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_ERROR, "WPA: Failed to activate PTK for Tx (idx=%d bssid=" MACSTR ")", sm->keyidx_active, MAC2STR(sm->bssid)); @@ -991,7 +991,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, } if (sm->pairwise_cipher == WPA_CIPHER_NONE) { if (wpa_sm_set_key(sm, gd->alg, NULL, - gd->keyidx, 1, key_rsc, gd->key_rsc_len, + gd->keyidx, key_rsc, gd->key_rsc_len, _gtk, gd->gtk_len, KEY_TYPE_BROADCAST) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set GTK to the driver " @@ -1000,7 +1000,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, return -1; } } else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr, - gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, + gd->keyidx, key_rsc, gd->key_rsc_len, _gtk, gd->gtk_len, gd->tx ? KEY_TYPE_DEFAULT : KEY_TYPE_BROADCAST) < 0) { @@ -1157,7 +1157,7 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, } if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, - keyidx, 0, igtk->pn, sizeof(igtk->pn), + keyidx, igtk->pn, sizeof(igtk->pn), igtk->igtk, len, KEY_TYPE_BROADCAST) < 0) { if (keyidx == 0x0400 || keyidx == 0x0500) { /* Assume the AP has broken PMF implementation since it @@ -4571,7 +4571,7 @@ int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver", sm->ptk.tk, keylen); - if (wpa_sm_set_key(sm, alg, sm->bssid, sm->keyidx_active, 1, null_rsc, + if (wpa_sm_set_key(sm, alg, sm->bssid, sm->keyidx_active, null_rsc, rsclen, sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "FILS: Failed to set PTK to the driver (alg=%d keylen=%d bssid=" diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index 65ca6262e..119993f4b 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -28,7 +28,7 @@ struct wpa_sm_ctx { enum wpa_states (*get_state)(void *ctx); void (*deauthenticate)(void * ctx, u16 reason_code); int (*set_key)(void *ctx, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, + const u8 *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type); void * (*get_network_ctx)(void *ctx); diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index 4aa862748..4611886f8 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -413,7 +413,7 @@ static int wpa_ft_install_ptk(struct wpa_sm *sm, const u8 *bssid) alg = wpa_cipher_to_alg(sm->pairwise_cipher); keylen = wpa_cipher_key_len(sm->pairwise_cipher); - if (wpa_sm_set_key(sm, alg, bssid, sm->keyidx_active, 1, null_rsc, + if (wpa_sm_set_key(sm, alg, bssid, sm->keyidx_active, null_rsc, sizeof(null_rsc), (u8 *) sm->ptk.tk, keylen, KEY_TYPE_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "FT: Failed to set PTK to the driver"); @@ -766,7 +766,7 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, os_memcpy(gtk + 16, gtk + 24, 8); os_memcpy(gtk + 24, tmp, 8); } - if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0, + if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, gtk_elem + 3, rsc_len, gtk, keylen, KEY_TYPE_BROADCAST) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the " @@ -835,7 +835,7 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, wpa_hexdump_key(MSG_DEBUG, "FT: IGTK from Reassoc Resp", igtk, igtk_len); if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), - broadcast_ether_addr, keyidx, 0, + broadcast_ether_addr, keyidx, igtk_elem + 2, 6, igtk, igtk_len, KEY_TYPE_BROADCAST) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set IGTK to the " diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index eee9570ba..c0549af0c 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -198,13 +198,13 @@ static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, u16 reason_code) } static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, + const u8 *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { WPA_ASSERT(sm->ctx->set_key); - return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx, + return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, seq, seq_len, key, key_len, key_type); } diff --git a/tests/hwsim/test_ap_ciphers.py b/tests/hwsim/test_ap_ciphers.py index a6ba27d99..d1c3de46c 100644 --- a/tests/hwsim/test_ap_ciphers.py +++ b/tests/hwsim/test_ap_ciphers.py @@ -862,7 +862,7 @@ def test_ap_wpa2_delayed_m1_m3_zero_tk(dev, apdev): if "OK" not in hapd.request("RESEND_M3 " + addr): raise Exception("RESEND_M3 failed") - if "OK" not in hapd.request("SET_KEY 3 %s %d %d %s %s %d" % (addr, 0, 1, 6*"00", 16*"00", 2)): + if "OK" not in hapd.request("SET_KEY 3 %s %d %s %s %d" % (addr, 0, 6*"00", 16*"00", 2)): raise Exception("SET_KEY failed") time.sleep(0.1) hwsim_utils.test_connectivity(dev[0], hapd, timeout=1, broadcast=False, diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index e5f7246d1..8bf8897c0 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -5237,25 +5237,25 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) { wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication"); /* MLME-DELETEKEYS.request */ - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); #ifdef CONFIG_IEEE80211W - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); #endif /* CONFIG_IEEE80211W */ - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); if (wpa_sm_extended_key_id(wpa_s->wpa)) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 1, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 1, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid, @@ -9235,13 +9235,13 @@ static int wpas_ctrl_reset_pn(struct wpa_supplicant *wpa_s) /* First, use a zero key to avoid any possible duplicate key avoidance * in the driver. */ if (wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, - wpa_s->last_tk_key_idx, 1, zero, 6, + wpa_s->last_tk_key_idx, zero, 6, zero, wpa_s->last_tk_len, KEY_TYPE_PAIRWISE) < 0) return -1; /* Set the previously configured key to reset its TSC/RSC */ return wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, - wpa_s->last_tk_key_idx, 1, zero, 6, + wpa_s->last_tk_key_idx, zero, 6, wpa_s->last_tk, wpa_s->last_tk_len, KEY_TYPE_PAIRWISE); } diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index a63566b7f..24f2ea3e6 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -150,8 +150,7 @@ static inline int wpa_drv_get_ssid(struct wpa_supplicant *wpa_s, u8 *ssid) static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, enum wpa_alg alg, const u8 *addr, - int key_idx, int set_tx, - const u8 *seq, size_t seq_len, + int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { @@ -172,9 +171,8 @@ static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, } if (wpa_s->driver->set_key) { return wpa_s->driver->set_key(wpa_s->ifname, wpa_s->drv_priv, - alg, addr, key_idx, set_tx, - seq, seq_len, key, key_len, - key_type); + alg, addr, key_idx, seq, seq_len, + key, key_len, key_type); } return -1; } diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index 0625ddeb4..2c236851e 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -137,15 +137,15 @@ static void ibss_check_rsn_completed(struct ibss_rsn_peer *peer) static int supp_set_key(void *ctx, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, + const u8 *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) { struct ibss_rsn_peer *peer = ctx; wpa_printf(MSG_DEBUG, "SUPP: %s(alg=%d addr=" MACSTR " key_idx=%d " - "set_tx=%d)", - __func__, alg, MAC2STR(addr), key_idx, set_tx); + "key_type=%d)", + __func__, alg, MAC2STR(addr), key_idx, key_type); wpa_hexdump(MSG_DEBUG, "SUPP: set_key - seq", seq, seq_len); wpa_hexdump_key(MSG_DEBUG, "SUPP: set_key - key", key, key_len); @@ -166,7 +166,7 @@ static int supp_set_key(void *ctx, enum wpa_alg alg, if (is_broadcast_ether_addr(addr)) addr = peer->addr; return wpa_drv_set_key(peer->ibss_rsn->wpa_s, alg, addr, key_idx, - set_tx, seq, seq_len, key, key_len, key_type); + seq, seq_len, key, key_len, key_type); } @@ -335,7 +335,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } return wpa_drv_set_key(ibss_rsn->wpa_s, alg, addr, idx, - 1, seq, 6, key, key_len, key_type); + seq, 6, key, key_len, key_type); } @@ -851,7 +851,7 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, * still have a pairwise key configured. */ wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer " MACSTR, MAC2STR(addr)); - wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0, + wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); } diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index 8664147ac..6efbd34e4 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -875,7 +875,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, if (conf->security & MESH_CONF_SEC_AMPE) { wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len); wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher), - sta->addr, 0, 0, seq, sizeof(seq), + sta->addr, 0, seq, sizeof(seq), sta->mtk, sta->mtk_len, KEY_TYPE_PAIRWISE); wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK Key RSC", @@ -883,7 +883,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK", sta->mgtk, sta->mgtk_len); wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher), - sta->addr, sta->mgtk_key_id, 0, + sta->addr, sta->mgtk_key_id, sta->mgtk_rsc, sizeof(sta->mgtk_rsc), sta->mgtk, sta->mgtk_len, KEY_TYPE_BROADCAST); @@ -895,7 +895,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_drv_set_key( wpa_s, wpa_cipher_to_alg(conf->mgmt_group_cipher), - sta->addr, sta->igtk_key_id, 0, + sta->addr, sta->igtk_key_id, sta->igtk_rsc, sizeof(sta->igtk_rsc), sta->igtk, sta->igtk_len, KEY_TYPE_BROADCAST); } diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index e670e259b..774b7bd6f 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -119,7 +119,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, wpa_hexdump_key(MSG_DEBUG, "AUTH: set_key - key", key, key_len); return wpa_drv_set_key(mesh_rsn->wpa_s, alg, addr, idx, - 1, seq, 6, key, key_len, key_type); + seq, 6, key, key_len, key_type); } @@ -199,8 +199,8 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, rsn->igtk, rsn->igtk_len); wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->mgmt_group_cipher), NULL, - rsn->igtk_key_id, 1, - seq, sizeof(seq), rsn->igtk, rsn->igtk_len, + rsn->igtk_key_id, seq, sizeof(seq), + rsn->igtk, rsn->igtk_len, KEY_TYPE_BROADCAST); } #endif /* CONFIG_IEEE80211W */ @@ -209,7 +209,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK", rsn->mgtk, rsn->mgtk_len); wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher), NULL, - rsn->mgtk_key_id, 1, seq, sizeof(seq), + rsn->mgtk_key_id, seq, sizeof(seq), rsn->mgtk, rsn->mgtk_len, KEY_TYPE_BROADCAST); return 0; diff --git a/wpa_supplicant/preauth_test.c b/wpa_supplicant/preauth_test.c index 3f2da34e5..b0cc977e8 100644 --- a/wpa_supplicant/preauth_test.c +++ b/wpa_supplicant/preauth_test.c @@ -125,7 +125,7 @@ static int wpa_supplicant_get_bssid(void *wpa_s, u8 *bssid) static int wpa_supplicant_set_key(void *wpa_s, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, + const u8 *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len) { diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index d2be5949c..563dc1cd1 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -141,7 +141,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) set = 1; wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, - i, i == ssid->wep_tx_keyidx, NULL, 0, + i, NULL, 0, ssid->wep_key[i], ssid->wep_key_len[i], i == ssid->wep_tx_keyidx ? KEY_TYPE_DEFAULT : KEY_TYPE_BROADCAST); @@ -202,7 +202,7 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, /* TODO: should actually remember the previously used seq#, both for TX * and RX from each STA.. */ - ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, + ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, seq, 6, key, keylen, KEY_TYPE_BROADCAST); os_memset(key, 0, sizeof(key)); return ret; @@ -708,17 +708,17 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) for (i = 0; i < max; i++) { if (wpa_s->keys_cleared & BIT(i)) continue; - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, NULL, 0, NULL, 0, KEY_TYPE_BROADCAST); } /* Pairwise key idx 1 for Extended Key ID is tracked with bit 6 */ if (~wpa_s->keys_cleared & (BIT(0) | BIT(6)) && addr && !is_zero_ether_addr(addr)) { if (!(wpa_s->keys_cleared & (BIT(0)))) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); if (!(wpa_s->keys_cleared & (BIT(6)))) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL, + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, NULL, 0, NULL, 0, KEY_TYPE_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection( diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index 4b0665826..7b8254ff7 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -242,7 +242,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx, } return wpa_drv_set_key(wpa_s, WPA_ALG_WEP, unicast ? wpa_s->bssid : NULL, - keyidx, unicast, NULL, 0, key, keylen, + keyidx, NULL, 0, key, keylen, unicast ? KEY_TYPE_DEFAULT : KEY_TYPE_BROADCAST); } @@ -341,7 +341,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, wpa_hexdump_key(MSG_DEBUG, "RSN: Configure PMK for driver-based 4-way " "handshake", pmk, pmk_len); - if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, NULL, 0, pmk, + if (wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, NULL, 0, pmk, pmk_len, KEY_TYPE_BROADCAST)) { wpa_printf(MSG_DEBUG, "Failed to set PMK to the driver"); } @@ -487,7 +487,7 @@ static int wpa_supplicant_get_bssid(void *ctx, u8 *bssid) static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, + const u8 *addr, int key_idx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_type key_type) @@ -515,7 +515,7 @@ static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, wpa_s->last_tk_len = key_len; } #endif /* CONFIG_TESTING_OPTIONS */ - return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len, + return wpa_drv_set_key(wpa_s, alg, addr, key_idx, seq, seq_len, key, key_len, key_type); } @@ -1159,7 +1159,7 @@ static int wpa_supplicant_key_mgmt_set_pmk(void *ctx, const u8 *pmk, if (wpa_s->conf->key_mgmt_offload && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) - return wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, 0, + return wpa_drv_set_key(wpa_s, WPA_ALG_PMK, NULL, 0, NULL, 0, pmk, pmk_len, 0); else return 0;