mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
Allow TSN AP to be selected when configured for WEP
Commit d8d940b746
introduced a regression
that prevented TSN APs from being used with WEP since the AP was
rejected if it advertised WPA or RSN IE when we were configured to use
WEP. Resolve this by checking whether the AP is advertising a TSN, i.e.,
whether the AP allows WEP to be used as a group cipher. If so, allow
the AP to be selected if we are configured to use static WEP or
IEEE 802.1X (non-WPA).
It should be noted that this is still somewhat more restricted in AP
selection than earlier wpa_supplicant branches (0.7.x or older) that
ignore the WPA/RSN IE completely when configured for non-WPA.
This commit is contained in:
parent
d06df64d14
commit
43882f1efc
@ -70,6 +70,12 @@ static inline int wpa_key_mgmt_sha256(int akm)
|
||||
akm == WPA_KEY_MGMT_IEEE8021X_SHA256;
|
||||
}
|
||||
|
||||
static inline int wpa_key_mgmt_wpa(int akm)
|
||||
{
|
||||
return wpa_key_mgmt_wpa_ieee8021x(akm) ||
|
||||
wpa_key_mgmt_wpa_psk(akm);
|
||||
}
|
||||
|
||||
|
||||
#define WPA_PROTO_WPA BIT(0)
|
||||
#define WPA_PROTO_RSN BIT(1)
|
||||
|
@ -307,11 +307,18 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
||||
int proto_match = 0;
|
||||
const u8 *rsn_ie, *wpa_ie;
|
||||
int ret;
|
||||
int wep_ok;
|
||||
|
||||
ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss);
|
||||
if (ret >= 0)
|
||||
return ret;
|
||||
|
||||
/* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */
|
||||
wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
|
||||
(((ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
|
||||
ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) ||
|
||||
(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA));
|
||||
|
||||
rsn_ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
|
||||
while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) {
|
||||
proto_match++;
|
||||
@ -320,6 +327,15 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
||||
wpa_printf(MSG_DEBUG, " skip RSN IE - parse failed");
|
||||
break;
|
||||
}
|
||||
|
||||
if (wep_ok &&
|
||||
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, " selected based on TSN in "
|
||||
"RSN IE");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!(ie.proto & ssid->proto)) {
|
||||
wpa_printf(MSG_DEBUG, " skip RSN IE - proto "
|
||||
"mismatch");
|
||||
@ -365,6 +381,15 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
||||
wpa_printf(MSG_DEBUG, " skip WPA IE - parse failed");
|
||||
break;
|
||||
}
|
||||
|
||||
if (wep_ok &&
|
||||
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
|
||||
{
|
||||
wpa_printf(MSG_DEBUG, " selected based on TSN in "
|
||||
"WPA IE");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!(ie.proto & ssid->proto)) {
|
||||
wpa_printf(MSG_DEBUG, " skip WPA IE - proto "
|
||||
"mismatch");
|
||||
|
Loading…
Reference in New Issue
Block a user