diff mbox series

[V2,3/8] key_flag API tuning and fixes

Message ID 20200304171656.107779-4-alexander@wetzel-home.de
State Accepted
Headers show
Series Migrate from set_tx to key_flag API | expand

Commit Message

Alexander Wetzel March 4, 2020, 5:16 p.m. UTC 
- fix a wrong key_flag when deleting WEP keys
- remove the not yet needed KEY_FLAG_MODIFY
- add masks for each key type to define which flags can be combined
- add a helper function to validate key_flag values
- add a missing key_flag in nl80211 for WEP authentication

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
---

Now this has multiple critical fixes for key_flag. Since all are related
to the key_flag API and each chunk is self-explaining I did not split
those further.

I decided to drop KEY_FLAG_MODIFY instead allowing flag combinations not
yet used in the code and will simply recreate it whit the Extended Key
ID patches once we get there. (For that reason I also did not renumber
the flags)

We also could move check_key_flag() directly into nl80211 but I assume
this is something other will need sooner or later, too.


 src/ap/ieee802_1x.c          |  2 +-
 src/common/defs.h            | 18 +++++++++++++++---
 src/drivers/driver_nl80211.c |  3 +++
 3 files changed, 19 insertions(+), 4 deletions(-)
diff mbox series

Patch

diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index c8e5fb395..6d4d43554 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -2487,7 +2487,7 @@  int ieee802_1x_init(struct hostapd_data *hapd)
 		for (i = 0; i < 4; i++)
 			hostapd_drv_set_key(hapd->conf->iface, hapd,
 					    WPA_ALG_NONE, NULL, i, 0, 0, NULL,
-					    0, NULL, 0, KEY_FLAG_GROUP_RX_TX);
+					    0, NULL, 0, KEY_FLAG_GROUP);
 
 		ieee802_1x_rekey(hapd, NULL);
 
diff --git a/src/common/defs.h b/src/common/defs.h
index 6358c3158..2941771b3 100644
--- a/src/common/defs.h
+++ b/src/common/defs.h
@@ -431,7 +431,6 @@  enum chan_width {
 };
 
 enum key_flag {
-	KEY_FLAG_MODIFY			= BIT(0),
 	KEY_FLAG_DEFAULT		= BIT(1),
 	KEY_FLAG_RX			= BIT(2),
 	KEY_FLAG_TX			= BIT(3),
@@ -448,10 +447,23 @@  enum key_flag {
 					  KEY_FLAG_DEFAULT,
 	KEY_FLAG_PAIRWISE_RX_TX		= KEY_FLAG_PAIRWISE | KEY_FLAG_RX_TX,
 	KEY_FLAG_PAIRWISE_RX		= KEY_FLAG_PAIRWISE | KEY_FLAG_RX,
-	KEY_FLAG_PAIRWISE_RX_TX_MODIFY	= KEY_FLAG_PAIRWISE_RX_TX |
-					  KEY_FLAG_MODIFY,
+	/* Max allowed flags for each key type */
+	KEY_FLAG_PAIRWISE_MASK		= KEY_FLAG_PAIRWISE_RX_TX,
+	KEY_FLAG_GROUP_MASK		= KEY_FLAG_GROUP_RX_TX_DEFAULT,
+	KEY_FLAG_PMK_MASK		= KEY_FLAG_PMK,
 };
 
+static inline int check_key_flag(enum key_flag key_flag)
+{
+	return !!(!key_flag ||
+		  (key_flag & KEY_FLAG_PAIRWISE &&
+		   key_flag & ~KEY_FLAG_PAIRWISE_MASK) ||
+		  (key_flag & KEY_FLAG_GROUP &&
+		   key_flag & ~KEY_FLAG_GROUP_MASK) ||
+		  (key_flag & KEY_FLAG_PMK &&
+		   key_flag & ~KEY_FLAG_PMK_MASK));
+}
+
 enum ptk0_rekey_handling {
 	PTK0_REKEY_ALLOW_ALWAYS,
 	PTK0_REKEY_ALLOW_LOCAL_OK,
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index ecedc40f5..2582f4983 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3556,6 +3556,9 @@  retry:
 		p.set_tx = i == params->wep_tx_keyidx;
 		p.key = params->wep_key[i];
 		p.key_len = params->wep_key_len[i];
+		p.key_flag = i == params->wep_tx_keyidx ?
+					KEY_FLAG_GROUP_RX_TX_DEFAULT :
+					KEY_FLAG_GROUP_RX_TX;
 		wpa_driver_nl80211_set_key(bss, &p);
 		if (params->wep_tx_keyidx != i)
 			continue;