From patchwork Thu Feb 27 21:52:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Wetzel X-Patchwork-Id: 1246126 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=wetzel-home.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=pZjiJDfm; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=wetzel-home.de header.i=@wetzel-home.de header.a=rsa-sha256 header.s=wetzel-home header.b=UCc8qRFf; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48T5z757PCz9sP7 for ; Fri, 28 Feb 2020 08:53:55 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=9JU4U8EaNjTEJzRzc7b4E8iM3jmxjU7/Es3tW+7Td4Q=; b=pZjiJDfmPin/2j 6nEjXWqh12kN1JOr6JZwzTQKv0xxhlCzFSG2QJUdaMYnCx/SOIVHErxjYYq6uxNgcrMG1TimqpNMw uKyF801yMgGs5WmIDb49btKg3NwTwGDqTwyEojbSqGMmwIiTb+GxhCa1F0IW9O1Oy+ro2wzUSfLt1 LXEZn8J9aPhRuO1na57PIhINLYireRl/2EWUEgmLxO01Hanwse/V7LZrxDGW+wO9bHeiHEHarvS99 67EiX7FfSjC5k3lSppq6JR4kO1xymyZoQU7GspzYX3lVF9Pm8m+Y/P6cWpAx/s9LDeVgB9trHFDJ0 oKAHapAqPaVArJgmB7mg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1j7R6I-0005iU-2N; Thu, 27 Feb 2020 21:53:46 +0000 Received: from 8.mo69.mail-out.ovh.net ([46.105.56.233]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1j7R5w-0005N8-Jb for hostap@lists.infradead.org; Thu, 27 Feb 2020 21:53:27 +0000 Received: from player735.ha.ovh.net (unknown [10.110.208.202]) by mo69.mail-out.ovh.net (Postfix) with ESMTP id E89D686B68 for ; Thu, 27 Feb 2020 22:53:09 +0100 (CET) Received: from awhome.eu (p57B7E28D.dip0.t-ipconnect.de [87.183.226.141]) (Authenticated sender: postmaster@awhome.eu) by player735.ha.ovh.net (Postfix) with ESMTPSA id F00B9FA418B2; Thu, 27 Feb 2020 21:53:05 +0000 (UTC) From: Alexander Wetzel DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wetzel-home.de; s=wetzel-home; t=1582840381; bh=M3SQOC59qrErCquvTXv87n1Da1vzMuE7xhHSXJDFvgk=; h=From:To:Cc:Subject:Date; b=UCc8qRFf+KsDX9yB6IqxEPRPfkLp1pHeuhgfiLjI5OEFpJFZc+N1c2i5EywSockaS d3OY2maAdNDW7spdk8/UcbP98ISEd9nlZZKSPIOneBCY2SkIs5Qe1Qb/vxs6MNyEx6 OOV0sIxfM+bIeC79LqerkO7oKIrn0B/Eu5dAtcRU= To: j@w1.fi Subject: [PATCH 1/3] nl80211: Migrate from set_tx to key_flag API Date: Thu, 27 Feb 2020 22:52:46 +0100 Message-Id: <20200227215248.113686-1-alexander@wetzel-home.de> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Ovh-Tracer-Id: 4198199278202395840 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedugedrleeigdduhedvucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucenucfjughrpefhvffufffkofgggfestdekredtredttdenucfhrhhomheptehlvgigrghnuggvrhcuhggvthiivghluceorghlvgigrghnuggvrhesfigvthiivghlqdhhohhmvgdruggvqeenucfkpheptddrtddrtddrtddpkeejrddukeefrddvvdeirddugedunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmohguvgepshhmthhpqdhouhhtpdhhvghlohepphhlrgihvghrjeefhedrhhgrrdhovhhhrdhnvghtpdhinhgvtheptddrtddrtddrtddpmhgrihhlfhhrohhmpegrlhgvgigrnhguvghrseifvghtiigvlhdqhhhomhgvrdguvgdprhgtphhtthhopehhohhsthgrpheslhhishhtshdrihhnfhhrrgguvggrugdrohhrgh X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200227_135324_937131_CD0C7431 X-CRM114-Status: GOOD ( 15.81 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [46.105.56.233 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: hostap@lists.infradead.org, Alexander Wetzel Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Stop using set_tx and cleanup/restructure the key install logic depending on it. The updated logic is also no longer incorrectly installing some pairwise keys as default keys and has additional sanity checks refusing unexpected keys. Signed-off-by: Alexander Wetzel --- src/drivers/driver_nl80211.c | 71 ++++++++++++++++++++---------------- 1 file changed, 39 insertions(+), 32 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 18e4b8eef..964fbd26f 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3053,7 +3053,6 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, struct nl_msg *msg; struct nl_msg *key_msg; int ret; - int tdls = 0; const char *ifname = params->ifname; enum wpa_alg alg = params->alg; const u8 *addr = params->addr; @@ -3064,6 +3063,7 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, const u8 *key = params->key; size_t key_len = params->key_len; int vlan_id = params->vlan_id; + enum key_flag key_flag = params->key_flag; /* Ignore for P2P Device */ if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) @@ -3071,15 +3071,17 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, ifindex = if_nametoindex(ifname); wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " - "set_tx=%d seq_len=%lu key_len=%lu", + "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x", __func__, ifindex, ifname, alg, addr, key_idx, set_tx, - (unsigned long) seq_len, (unsigned long) key_len); + (unsigned long) seq_len, (unsigned long) key_len, key_flag); #ifdef CONFIG_TDLS if (key_idx == -1) { key_idx = 0; - tdls = 1; } #endif /* CONFIG_TDLS */ + if (key_flag & KEY_FLAG_PAIRWISE && + key_flag & (KEY_FLAG_GROUP | KEY_FLAG_DEFAULT)) + return -EINVAL; #ifdef CONFIG_DRIVER_NL80211_QCA if (alg == WPA_ALG_PMK && @@ -3094,10 +3096,13 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, if (alg == WPA_ALG_PMK && (drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X)) return nl80211_set_pmk(drv, key, key_len, addr); + if (key_flag & KEY_FLAG_PMK) + return -EINVAL; + ret = -ENOBUFS; key_msg = nlmsg_alloc(); if (!key_msg) - return -ENOBUFS; + return ret; if (alg == WPA_ALG_NONE) { msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_DEL_KEY); @@ -3107,8 +3112,10 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, u32 suite; suite = wpa_alg_to_cipher_suite(alg, key_len); - if (!suite) + if (!suite) { + ret = -EINVAL; goto fail2; + } msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_NEW_KEY); if (!msg) goto fail2; @@ -3129,22 +3136,24 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) goto fail; - if (alg != WPA_ALG_WEP && key_idx && !set_tx) { + if (key_flag == KEY_FLAG_GROUP_RX) { wpa_printf(MSG_DEBUG, " RSN IBSS RX GTK"); if (nla_put_u32(key_msg, NL80211_KEY_TYPE, NL80211_KEYTYPE_GROUP)) goto fail; + } else if (key_flag & (KEY_FLAG_GROUP | KEY_FLAG_DEFAULT) || + !(key_flag & KEY_FLAG_PAIRWISE)) { + ret = -EINVAL; + goto fail; + } else { + wpa_printf(MSG_DEBUG, " pairwise key"); } - } else if (addr && is_broadcast_ether_addr(addr)) { - struct nlattr *types; - + } else if (key_flag & KEY_FLAG_PAIRWISE || + !(key_flag & KEY_FLAG_GROUP)) { + ret = -EINVAL; + goto fail; + } else { wpa_printf(MSG_DEBUG, " broadcast key"); - - types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); - if (!types || - nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) - goto fail; - nla_nest_end(key_msg, types); } if (nla_put_u8(key_msg, NL80211_KEY_IDX, key_idx) || nla_put_nested(msg, NL80211_ATTR_KEY, key_msg)) @@ -3167,18 +3176,18 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, ret, strerror(-ret)); /* - * If we failed or don't need to set the default TX key (below), + * If we failed or don't need to set the key as default (below), * we're done here. */ - if (ret || !set_tx || alg == WPA_ALG_NONE || tdls) - return ret; - if (is_ap_interface(drv->nlmode) && addr && - !is_broadcast_ether_addr(addr)) + if (ret || !(key_flag & KEY_FLAG_DEFAULT)) return ret; + if (!(key_flag & KEY_FLAG_GROUP)) + return -EINVAL; + ret = -ENOBUFS; key_msg = nlmsg_alloc(); if (!key_msg) - return -ENOBUFS; + return ret; msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY); if (!msg) @@ -3197,19 +3206,19 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, if (addr && is_broadcast_ether_addr(addr)) { struct nlattr *types; + wpa_printf(MSG_DEBUG, " group key"); types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); if (!types || nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST)) goto fail; nla_nest_end(key_msg, types); } else if (addr) { - struct nlattr *types; - - types = nla_nest_start(key_msg, NL80211_KEY_DEFAULT_TYPES); - if (!types || - nla_put_flag(key_msg, NL80211_KEY_DEFAULT_TYPE_UNICAST)) - goto fail; - nla_nest_end(key_msg, types); + wpa_printf(MSG_DEBUG, + "nl80211: Default group key can't use a unicast address"); + ret = -EINVAL; + goto fail; + } else { + wpa_printf(MSG_DEBUG, " WEP/WPA-NONE key"); } if (nla_put_nested(msg, NL80211_ATTR_KEY, key_msg)) @@ -3226,8 +3235,6 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, } ret = send_and_recv_msgs(drv, msg, NULL, NULL); - if (ret == -ENOENT) - ret = 0; if (ret) wpa_printf(MSG_DEBUG, "nl80211: set_key default failed; err=%d %s", @@ -3240,7 +3247,7 @@ fail: fail2: nl80211_nlmsg_clear(key_msg); nlmsg_free(key_msg); - return -ENOBUFS; + return ret; } From patchwork Thu Feb 27 21:52:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Wetzel X-Patchwork-Id: 1246124 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=quarantine dis=none) header.from=wetzel-home.de Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=kId+4f3O; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=wetzel-home.de header.i=@wetzel-home.de header.a=rsa-sha256 header.s=wetzel-home header.b=lrGxffhh; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48T5yr3lwwz9sRQ for ; Fri, 28 Feb 2020 08:53:40 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=XGWaSzBAMvzj+zuK145r+n4QkkdYYxXz5UzNZiqBjYQ=; b=kId+4f3O9cZCSs E9aWIW27NAlYdFc9vGZYZUudfQNaBeMe4eLruMIOdtpAz2J9CXYa2sqlEoTF97XMz0z/g3V79hi1y SX2k6cKgIr6Hz4JmfEqjiGgxohN38eT9aLh39CFjOHg4JttMhwXze0mbCb/BpjNTN/vkIPoKZJzI5 tIedvPXclmql6ipgQhyLGfhJe38DyuMvASrqkbXubUjJc3tkZvf3NXipswwsJ6LUs0/gdlxbWIdkn bK8g/y71O2snBFmSBsOpfW//vEA7C9S67rwOD4K8KIvye8AkWCd57G8XQcyvpKu10lku96JDnD67y 8y2OaW5ApoexhKhddxXw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1j7R61-0005Pc-GS; Thu, 27 Feb 2020 21:53:29 +0000 Received: from 7.mo177.mail-out.ovh.net ([46.105.61.149]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1j7R5w-0005Nf-JT for hostap@lists.infradead.org; Thu, 27 Feb 2020 21:53:26 +0000 Received: from player730.ha.ovh.net (unknown [10.108.42.167]) by mo177.mail-out.ovh.net (Postfix) with ESMTP id 75458121AD6 for ; Thu, 27 Feb 2020 22:53:10 +0100 (CET) Received: from awhome.eu (p57B7E28D.dip0.t-ipconnect.de [87.183.226.141]) (Authenticated sender: postmaster@awhome.eu) by player730.ha.ovh.net (Postfix) with ESMTPSA id 3B7C1FB42146; Thu, 27 Feb 2020 21:53:04 +0000 (UTC) From: Alexander Wetzel DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wetzel-home.de; s=wetzel-home; t=1582840384; bh=1WkoojVl3pQM8x4KGh5Km7QpBoF6KeIHdAa0ojQAGLk=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=lrGxffhhTcwYMr7PkLHPdMtPgLb2KD76c0dWEEnq4LRe+4bBn6k8xoZH21iLiRbTV Pa5PETQDLrTnm3T5RrWA80KATJAxWjnkQAho1w1XFc7VzZIGbbs0RgzTejHKxQOOHF yn/nf6GQ17ZA39DNv72fIfILrERfTAMcpV7Bu6UU= To: j@w1.fi Subject: [PATCH 3/3] nl80211,wpa_supplicant: Drop outdated tdls hack Date: Thu, 27 Feb 2020 22:52:48 +0100 Message-Id: <20200227215248.113686-3-alexander@wetzel-home.de> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200227215248.113686-1-alexander@wetzel-home.de> References: <20200227215248.113686-1-alexander@wetzel-home.de> MIME-Version: 1.0 X-Ovh-Tracer-Id: 4199043703515782336 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: 0 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedugedrleeigdduhedvucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucenucfjughrpefhvffufffkofgjfhgggfestdekredtredttdenucfhrhhomheptehlvgigrghnuggvrhcuhggvthiivghluceorghlvgigrghnuggvrhesfigvthiivghlqdhhohhmvgdruggvqeenucffohhmrghinhepthhpkhdrthhknecukfhppedtrddtrddtrddtpdekjedrudekfedrvddviedrudegudenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhhouggvpehsmhhtphdqohhuthdphhgvlhhopehplhgrhigvrhejfedtrdhhrgdrohhvhhdrnhgvthdpihhnvghtpedtrddtrddtrddtpdhmrghilhhfrhhomheprghlvgigrghnuggvrhesfigvthiivghlqdhhohhmvgdruggvpdhrtghpthhtohephhhoshhtrghpsehlihhsthhsrdhinhhfrhgruggvrggurdhorhhg X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200227_135324_935073_B19A11A2 X-CRM114-Status: GOOD ( 12.14 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [46.105.61.149 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: hostap@lists.infradead.org, Alexander Wetzel Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org wpa_tdls_set_key() did set the key_id to -1 to avoid an useless NL80211_CMD_SET_KEY call the updated nl80211 driver no longer carries out anyhow. Remove the no longer required workaround. Signed-off-by: Alexander Wetzel --- This is also only a optional patch. It was in the now deprecated and broken up v9 Extended Key ID series and since it depends on the nl80211 migration to key_flag tagged on here. src/drivers/driver_nl80211.c | 6 +----- src/rsn_supp/tdls.c | 2 +- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 5611df853..53090aa42 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3073,11 +3073,7 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x", __func__, ifindex, ifname, alg, addr, key_idx, set_tx, (unsigned long) seq_len, (unsigned long) key_len, key_flag); -#ifdef CONFIG_TDLS - if (key_idx == -1) { - key_idx = 0; - } -#endif /* CONFIG_TDLS */ + if (key_flag & KEY_FLAG_PAIRWISE && key_flag & (KEY_FLAG_GROUP | KEY_FLAG_DEFAULT)) return -EINVAL; diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index bb8973942..7b47e3ac5 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -227,7 +227,7 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, MAC2STR(peer->addr)); - if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1, rsc, sizeof(rsc), + if (wpa_sm_set_key(sm, alg, peer->addr, 0, 1, rsc, sizeof(rsc), peer->tpk.tk, key_len, KEY_FLAG_PAIRWISE_RX_TX) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "