Remove CONFIG_IEEE80211W build parameter

Hardcode this to be defined and remove the separate build options for
PMF since this functionality is needed with large number of newer
protocol extensions and is also something that should be enabled in all
WPA2/WPA3 networks.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-09-08 17:17:31 +03:00
parent 0229261874
commit 7d2ed8bae8
76 changed files with 11 additions and 537 deletions

View File

@ -216,7 +216,6 @@ CONFIG_L2_PACKET=y
endif endif
ifdef CONFIG_HS20 ifdef CONFIG_HS20
NEED_AES_OMAC1=y
CONFIG_PROXYARP=y CONFIG_PROXYARP=y
endif endif
@ -226,8 +225,6 @@ endif
ifdef CONFIG_SUITEB ifdef CONFIG_SUITEB
L_CFLAGS += -DCONFIG_SUITEB L_CFLAGS += -DCONFIG_SUITEB
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_SUITEB192 ifdef CONFIG_SUITEB192
@ -238,24 +235,14 @@ endif
ifdef CONFIG_OCV ifdef CONFIG_OCV
L_CFLAGS += -DCONFIG_OCV L_CFLAGS += -DCONFIG_OCV
OBJS += src/common/ocv.c OBJS += src/common/ocv.c
CONFIG_IEEE80211W=y
endif
ifdef CONFIG_IEEE80211W
L_CFLAGS += -DCONFIG_IEEE80211W
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_IEEE80211R ifdef CONFIG_IEEE80211R
L_CFLAGS += -DCONFIG_IEEE80211R -DCONFIG_IEEE80211R_AP L_CFLAGS += -DCONFIG_IEEE80211R -DCONFIG_IEEE80211R_AP
OBJS += src/ap/wpa_auth_ft.c OBJS += src/ap/wpa_auth_ft.c
NEED_SHA256=y
NEED_AES_OMAC1=y
NEED_AES_UNWRAP=y NEED_AES_UNWRAP=y
NEED_AES_SIV=y NEED_AES_SIV=y
NEED_ETH_P_OUI=y NEED_ETH_P_OUI=y
NEED_SHA256=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
endif endif
@ -278,7 +265,6 @@ NEED_ECC=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
endif endif
@ -413,7 +399,6 @@ ifdef CONFIG_EAP_AKA
L_CFLAGS += -DEAP_SERVER_AKA L_CFLAGS += -DEAP_SERVER_AKA
OBJS += src/eap_server/eap_server_aka.c OBJS += src/eap_server/eap_server_aka.c
CONFIG_EAP_SIM_COMMON=y CONFIG_EAP_SIM_COMMON=y
NEED_SHA256=y
NEED_AES_CBC=y NEED_AES_CBC=y
endif endif
@ -438,7 +423,6 @@ endif
ifdef CONFIG_EAP_PSK ifdef CONFIG_EAP_PSK
L_CFLAGS += -DEAP_SERVER_PSK L_CFLAGS += -DEAP_SERVER_PSK
OBJS += src/eap_server/eap_server_psk.c src/eap_common/eap_psk_common.c OBJS += src/eap_server/eap_server_psk.c src/eap_common/eap_psk_common.c
NEED_AES_OMAC1=y
NEED_AES_ENCBLOCK=y NEED_AES_ENCBLOCK=y
NEED_AES_EAX=y NEED_AES_EAX=y
endif endif
@ -454,14 +438,11 @@ OBJS += src/eap_server/eap_server_gpsk.c src/eap_common/eap_gpsk_common.c
ifdef CONFIG_EAP_GPSK_SHA256 ifdef CONFIG_EAP_GPSK_SHA256
L_CFLAGS += -DEAP_GPSK_SHA256 L_CFLAGS += -DEAP_GPSK_SHA256
endif endif
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_EAP_PWD ifdef CONFIG_EAP_PWD
L_CFLAGS += -DEAP_SERVER_PWD L_CFLAGS += -DEAP_SERVER_PWD
OBJS += src/eap_server/eap_server_pwd.c src/eap_common/eap_pwd_common.c OBJS += src/eap_server/eap_server_pwd.c src/eap_common/eap_pwd_common.c
NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y NEED_DRAGONFLY=y
endif endif
@ -513,7 +494,6 @@ OBJS += src/wps/wps_dev_attr.c
OBJS += src/wps/wps_enrollee.c OBJS += src/wps/wps_enrollee.c
OBJS += src/wps/wps_registrar.c OBJS += src/wps/wps_registrar.c
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_AES_CBC=y NEED_AES_CBC=y
NEED_MODEXP=y NEED_MODEXP=y
@ -562,7 +542,6 @@ NEED_AES_SIV=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
NEED_JSON=y NEED_JSON=y
@ -641,7 +620,6 @@ endif
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
L_CFLAGS += -DCONFIG_TLSV12 L_CFLAGS += -DCONFIG_TLSV12
NEED_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), openssl) ifeq ($(CONFIG_TLS), openssl)
@ -655,7 +633,6 @@ HOBJS += src/crypto/crypto_openssl.c
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += src/crypto/fips_prf_openssl.c OBJS += src/crypto/fips_prf_openssl.c
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_h += -lcrypto LIBS_h += -lcrypto
@ -713,7 +690,6 @@ OBJS += src/tls/x509v3.c
OBJS += src/tls/pkcs1.c OBJS += src/tls/pkcs1.c
OBJS += src/tls/pkcs5.c OBJS += src/tls/pkcs5.c
OBJS += src/tls/pkcs8.c OBJS += src/tls/pkcs8.c
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_TLS_PRF=y NEED_TLS_PRF=y
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
@ -808,12 +784,10 @@ endif
ifdef NEED_AES_EAX ifdef NEED_AES_EAX
AESOBJS += src/crypto/aes-eax.c AESOBJS += src/crypto/aes-eax.c
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_SIV ifdef NEED_AES_SIV
AESOBJS += src/crypto/aes-siv.c AESOBJS += src/crypto/aes-siv.c
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_CTR ifdef NEED_AES_CTR
AESOBJS += src/crypto/aes-ctr.c AESOBJS += src/crypto/aes-ctr.c
@ -821,9 +795,7 @@ endif
ifdef NEED_AES_ENCBLOCK ifdef NEED_AES_ENCBLOCK
AESOBJS += src/crypto/aes-encblock.c AESOBJS += src/crypto/aes-encblock.c
endif endif
ifdef NEED_AES_OMAC1
AESOBJS += src/crypto/aes-omac1.c AESOBJS += src/crypto/aes-omac1.c
endif
ifdef NEED_AES_UNWRAP ifdef NEED_AES_UNWRAP
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)
NEED_AES_DEC=y NEED_AES_DEC=y
@ -911,7 +883,6 @@ endif
endif endif
endif endif
ifdef NEED_SHA256
L_CFLAGS += -DCONFIG_SHA256 L_CFLAGS += -DCONFIG_SHA256
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), gnutls)
@ -937,7 +908,6 @@ endif
ifdef NEED_HMAC_SHA512_KDF ifdef NEED_HMAC_SHA512_KDF
OBJS += src/crypto/sha512-kdf.c OBJS += src/crypto/sha512-kdf.c
endif endif
endif
ifdef NEED_SHA384 ifdef NEED_SHA384
L_CFLAGS += -DCONFIG_SHA384 L_CFLAGS += -DCONFIG_SHA384
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)

View File

@ -259,7 +259,6 @@ CONFIG_L2_PACKET=y
endif endif
ifdef CONFIG_HS20 ifdef CONFIG_HS20
NEED_AES_OMAC1=y
CONFIG_PROXYARP=y CONFIG_PROXYARP=y
endif endif
@ -269,8 +268,6 @@ endif
ifdef CONFIG_SUITEB ifdef CONFIG_SUITEB
CFLAGS += -DCONFIG_SUITEB CFLAGS += -DCONFIG_SUITEB
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_SUITEB192 ifdef CONFIG_SUITEB192
@ -281,24 +278,14 @@ endif
ifdef CONFIG_OCV ifdef CONFIG_OCV
CFLAGS += -DCONFIG_OCV CFLAGS += -DCONFIG_OCV
OBJS += ../src/common/ocv.o OBJS += ../src/common/ocv.o
CONFIG_IEEE80211W=y
endif
ifdef CONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211W
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_IEEE80211R ifdef CONFIG_IEEE80211R
CFLAGS += -DCONFIG_IEEE80211R -DCONFIG_IEEE80211R_AP CFLAGS += -DCONFIG_IEEE80211R -DCONFIG_IEEE80211R_AP
OBJS += ../src/ap/wpa_auth_ft.o OBJS += ../src/ap/wpa_auth_ft.o
NEED_SHA256=y
NEED_AES_OMAC1=y
NEED_AES_UNWRAP=y NEED_AES_UNWRAP=y
NEED_AES_SIV=y NEED_AES_SIV=y
NEED_ETH_P_OUI=y NEED_ETH_P_OUI=y
NEED_SHA256=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
endif endif
@ -322,7 +309,6 @@ NEED_ECC=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
endif endif
@ -391,7 +377,6 @@ endif
ifdef CONFIG_ERP ifdef CONFIG_ERP
CFLAGS += -DCONFIG_ERP CFLAGS += -DCONFIG_ERP
NEED_SHA256=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
endif endif
@ -452,7 +437,6 @@ ifdef CONFIG_EAP_AKA
CFLAGS += -DEAP_SERVER_AKA CFLAGS += -DEAP_SERVER_AKA
OBJS += ../src/eap_server/eap_server_aka.o OBJS += ../src/eap_server/eap_server_aka.o
CONFIG_EAP_SIM_COMMON=y CONFIG_EAP_SIM_COMMON=y
NEED_SHA256=y
NEED_AES_CBC=y NEED_AES_CBC=y
endif endif
@ -477,7 +461,6 @@ endif
ifdef CONFIG_EAP_PSK ifdef CONFIG_EAP_PSK
CFLAGS += -DEAP_SERVER_PSK CFLAGS += -DEAP_SERVER_PSK
OBJS += ../src/eap_server/eap_server_psk.o ../src/eap_common/eap_psk_common.o OBJS += ../src/eap_server/eap_server_psk.o ../src/eap_common/eap_psk_common.o
NEED_AES_OMAC1=y
NEED_AES_ENCBLOCK=y NEED_AES_ENCBLOCK=y
NEED_AES_EAX=y NEED_AES_EAX=y
endif endif
@ -493,14 +476,11 @@ OBJS += ../src/eap_server/eap_server_gpsk.o ../src/eap_common/eap_gpsk_common.o
ifdef CONFIG_EAP_GPSK_SHA256 ifdef CONFIG_EAP_GPSK_SHA256
CFLAGS += -DEAP_GPSK_SHA256 CFLAGS += -DEAP_GPSK_SHA256
endif endif
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_EAP_PWD ifdef CONFIG_EAP_PWD
CFLAGS += -DEAP_SERVER_PWD CFLAGS += -DEAP_SERVER_PWD
OBJS += ../src/eap_server/eap_server_pwd.o ../src/eap_common/eap_pwd_common.o OBJS += ../src/eap_server/eap_server_pwd.o ../src/eap_common/eap_pwd_common.o
NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y NEED_DRAGONFLY=y
endif endif
@ -552,7 +532,6 @@ OBJS += ../src/wps/wps_dev_attr.o
OBJS += ../src/wps/wps_enrollee.o OBJS += ../src/wps/wps_enrollee.o
OBJS += ../src/wps/wps_registrar.o OBJS += ../src/wps/wps_registrar.o
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_AES_CBC=y NEED_AES_CBC=y
NEED_MODEXP=y NEED_MODEXP=y
@ -601,7 +580,6 @@ NEED_AES_SIV=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
NEED_JSON=y NEED_JSON=y
@ -689,7 +667,6 @@ endif
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
CFLAGS += -DCONFIG_TLSV12 CFLAGS += -DCONFIG_TLSV12
NEED_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), wolfssl) ifeq ($(CONFIG_TLS), wolfssl)
@ -703,7 +680,6 @@ HOBJS += ../src/crypto/crypto_wolfssl.o
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_wolfssl.o OBJS += ../src/crypto/fips_prf_wolfssl.o
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y NEED_TLS_PRF_SHA256=y
LIBS += -lwolfssl -lm LIBS += -lwolfssl -lm
LIBS_h += -lwolfssl -lm LIBS_h += -lwolfssl -lm
@ -725,7 +701,6 @@ HOBJS += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o OBJS += ../src/crypto/fips_prf_openssl.o
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_h += -lcrypto LIBS_h += -lcrypto
@ -789,7 +764,6 @@ OBJS += ../src/tls/x509v3.o
OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs1.o
OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs5.o
OBJS += ../src/tls/pkcs8.o OBJS += ../src/tls/pkcs8.o
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_TLS_PRF=y NEED_TLS_PRF=y
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
@ -866,7 +840,6 @@ OBJS += ../src/tls/x509v3.o
OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs1.o
OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs5.o
OBJS += ../src/tls/pkcs8.o OBJS += ../src/tls/pkcs8.o
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_TLS_PRF=y NEED_TLS_PRF=y
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
@ -927,12 +900,10 @@ endif
ifdef NEED_AES_EAX ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_SIV ifdef NEED_AES_SIV
AESOBJS += ../src/crypto/aes-siv.o AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_CTR ifdef NEED_AES_CTR
AESOBJS += ../src/crypto/aes-ctr.o AESOBJS += ../src/crypto/aes-ctr.o
@ -940,13 +911,11 @@ endif
ifdef NEED_AES_ENCBLOCK ifdef NEED_AES_ENCBLOCK
AESOBJS += ../src/crypto/aes-encblock.o AESOBJS += ../src/crypto/aes-encblock.o
endif endif
ifdef NEED_AES_OMAC1
ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), wolfssl) ifneq ($(CONFIG_TLS), wolfssl)
AESOBJS += ../src/crypto/aes-omac1.o AESOBJS += ../src/crypto/aes-omac1.o
endif endif
endif endif
endif
ifdef NEED_AES_UNWRAP ifdef NEED_AES_UNWRAP
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), linux)
@ -1052,7 +1021,6 @@ endif
endif endif
endif endif
ifdef NEED_SHA256
CFLAGS += -DCONFIG_SHA256 CFLAGS += -DCONFIG_SHA256
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), linux)
@ -1082,7 +1050,6 @@ endif
ifdef NEED_HMAC_SHA512_KDF ifdef NEED_HMAC_SHA512_KDF
OBJS += ../src/crypto/sha512-kdf.o OBJS += ../src/crypto/sha512-kdf.o
endif endif
endif
ifdef NEED_SHA384 ifdef NEED_SHA384
CFLAGS += -DCONFIG_SHA384 CFLAGS += -DCONFIG_SHA384
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)

View File

@ -44,12 +44,6 @@ CONFIG_DRIVER_NL80211_QCA=y
# WPA2/IEEE 802.11i RSN pre-authentication # WPA2/IEEE 802.11i RSN pre-authentication
#CONFIG_RSN_PREAUTH=y #CONFIG_RSN_PREAUTH=y
# IEEE 802.11w (management frame protection)
# This version is an experimental implementation based on IEEE 802.11w/D1.0
# draft and is subject to change since the standard has not yet been finalized.
# Driver support is also needed for IEEE 802.11w.
CONFIG_IEEE80211W=y
# Support Operating Channel Validation # Support Operating Channel Validation
#CONFIG_OCV=y #CONFIG_OCV=y

View File

@ -711,12 +711,10 @@ static int hostapd_config_parse_key_mgmt(int line, const char *value)
val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384; val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
#endif /* CONFIG_SHA384 */ #endif /* CONFIG_SHA384 */
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_IEEE80211W
else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
val |= WPA_KEY_MGMT_PSK_SHA256; val |= WPA_KEY_MGMT_PSK_SHA256;
else if (os_strcmp(start, "WPA-EAP-SHA256") == 0) else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
val |= WPA_KEY_MGMT_IEEE8021X_SHA256; val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
else if (os_strcmp(start, "SAE") == 0) else if (os_strcmp(start, "SAE") == 0)
val |= WPA_KEY_MGMT_SAE; val |= WPA_KEY_MGMT_SAE;
@ -3380,7 +3378,6 @@ static int hostapd_config_fill(struct hostapd_config *conf,
} }
} else if (os_strcmp(buf, "use_driver_iface_addr") == 0) { } else if (os_strcmp(buf, "use_driver_iface_addr") == 0) {
conf->use_driver_iface_addr = atoi(pos); conf->use_driver_iface_addr = atoi(pos);
#ifdef CONFIG_IEEE80211W
} else if (os_strcmp(buf, "ieee80211w") == 0) { } else if (os_strcmp(buf, "ieee80211w") == 0) {
bss->ieee80211w = atoi(pos); bss->ieee80211w = atoi(pos);
} else if (os_strcmp(buf, "group_mgmt_cipher") == 0) { } else if (os_strcmp(buf, "group_mgmt_cipher") == 0) {
@ -3411,7 +3408,6 @@ static int hostapd_config_fill(struct hostapd_config *conf,
line); line);
return 1; return 1;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
} else if (os_strcmp(buf, "ocv") == 0) { } else if (os_strcmp(buf, "ocv") == 0) {
bss->ocv = atoi(pos); bss->ocv = atoi(pos);

View File

@ -130,7 +130,6 @@ static int hostapd_ctrl_iface_new_sta(struct hostapd_data *hapd,
} }
#ifdef CONFIG_IEEE80211W
#ifdef NEED_AP_MLME #ifdef NEED_AP_MLME
static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd, static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd,
const char *txtaddr) const char *txtaddr)
@ -149,7 +148,6 @@ static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd,
return 0; return 0;
} }
#endif /* NEED_AP_MLME */ #endif /* NEED_AP_MLME */
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
@ -1098,7 +1096,6 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd,
} }
#endif /* CONFIG_FILS */ #endif /* CONFIG_FILS */
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_IEEE80211W
if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) { if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 "); ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 ");
if (os_snprintf_error(end - pos, ret)) if (os_snprintf_error(end - pos, ret))
@ -1111,7 +1108,6 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd,
return pos - buf; return pos - buf;
pos += ret; pos += ret;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) { if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
ret = os_snprintf(pos, end - pos, "SAE "); ret = os_snprintf(pos, end - pos, "SAE ");
@ -2109,7 +2105,6 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd)
if (hwaddr_aton(cmd, addr)) if (hwaddr_aton(cmd, addr))
return -1; return -1;
#ifdef CONFIG_IEEE80211W
if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) { if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) {
if (hapd->last_igtk_alg == WPA_ALG_NONE) if (hapd->last_igtk_alg == WPA_ALG_NONE)
return -1; return -1;
@ -2133,7 +2128,6 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd)
hapd->last_igtk, hapd->last_igtk,
hapd->last_igtk_len); hapd->last_igtk_len);
} }
#endif /* CONFIG_IEEE80211W */
if (is_broadcast_ether_addr(addr)) { if (is_broadcast_ether_addr(addr)) {
if (hapd->last_gtk_alg == WPA_ALG_NONE) if (hapd->last_gtk_alg == WPA_ALG_NONE)
@ -3032,13 +3026,11 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd,
} else if (os_strcmp(buf, "STOP_AP") == 0) { } else if (os_strcmp(buf, "STOP_AP") == 0) {
if (hostapd_ctrl_iface_stop_ap(hapd)) if (hostapd_ctrl_iface_stop_ap(hapd))
reply_len = -1; reply_len = -1;
#ifdef CONFIG_IEEE80211W
#ifdef NEED_AP_MLME #ifdef NEED_AP_MLME
} else if (os_strncmp(buf, "SA_QUERY ", 9) == 0) { } else if (os_strncmp(buf, "SA_QUERY ", 9) == 0) {
if (hostapd_ctrl_iface_sa_query(hapd, buf + 9)) if (hostapd_ctrl_iface_sa_query(hapd, buf + 9))
reply_len = -1; reply_len = -1;
#endif /* NEED_AP_MLME */ #endif /* NEED_AP_MLME */
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
} else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) { } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) {
if (hostapd_ctrl_iface_wps_pin(hapd, buf + 8)) if (hostapd_ctrl_iface_wps_pin(hapd, buf + 8))

View File

@ -50,9 +50,6 @@ CONFIG_IAPP=y
# WPA2/IEEE 802.11i RSN pre-authentication # WPA2/IEEE 802.11i RSN pre-authentication
CONFIG_RSN_PREAUTH=y CONFIG_RSN_PREAUTH=y
# IEEE 802.11w (management frame protection)
CONFIG_IEEE80211W=y
# Support Operating Channel Validation # Support Operating Channel Validation
#CONFIG_OCV=y #CONFIG_OCV=y

View File

@ -401,7 +401,6 @@ static int hostapd_cli_cmd_signature(struct wpa_ctrl *ctrl, int argc,
#endif /* CONFIG_TAXONOMY */ #endif /* CONFIG_TAXONOMY */
#ifdef CONFIG_IEEE80211W
static int hostapd_cli_cmd_sa_query(struct wpa_ctrl *ctrl, int argc, static int hostapd_cli_cmd_sa_query(struct wpa_ctrl *ctrl, int argc,
char *argv[]) char *argv[])
{ {
@ -414,7 +413,6 @@ static int hostapd_cli_cmd_sa_query(struct wpa_ctrl *ctrl, int argc,
snprintf(buf, sizeof(buf), "SA_QUERY %s", argv[0]); snprintf(buf, sizeof(buf), "SA_QUERY %s", argv[0]);
return wpa_ctrl_command(ctrl, buf); return wpa_ctrl_command(ctrl, buf);
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
@ -1542,10 +1540,8 @@ static const struct hostapd_cli_cmd hostapd_cli_commands[] = {
{ "signature", hostapd_cli_cmd_signature, hostapd_complete_stations, { "signature", hostapd_cli_cmd_signature, hostapd_complete_stations,
"<addr> = get taxonomy signature for a station" }, "<addr> = get taxonomy signature for a station" },
#endif /* CONFIG_TAXONOMY */ #endif /* CONFIG_TAXONOMY */
#ifdef CONFIG_IEEE80211W
{ "sa_query", hostapd_cli_cmd_sa_query, hostapd_complete_stations, { "sa_query", hostapd_cli_cmd_sa_query, hostapd_complete_stations,
"<addr> = send SA Query to a station" }, "<addr> = send SA Query to a station" },
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
{ "wps_pin", hostapd_cli_cmd_wps_pin, NULL, { "wps_pin", hostapd_cli_cmd_wps_pin, NULL,
"<uuid> <pin> [timeout] [addr] = add WPS Enrollee PIN" }, "<uuid> <pin> [timeout] [addr] = add WPS Enrollee PIN" },

View File

@ -15,7 +15,6 @@ CFLAGS += -DCONFIG_HS20
CFLAGS += -DCONFIG_INTERWORKING CFLAGS += -DCONFIG_INTERWORKING
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
CFLAGS += -DCONFIG_IEEE80211R_AP CFLAGS += -DCONFIG_IEEE80211R_AP
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_WPS CFLAGS += -DCONFIG_WPS
CFLAGS += -DCONFIG_PROXYARP CFLAGS += -DCONFIG_PROXYARP
CFLAGS += -DCONFIG_IPV6 CFLAGS += -DCONFIG_IPV6

View File

@ -86,11 +86,9 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
bss->pwd_group = 19; /* ECC: GF(p=256) */ bss->pwd_group = 19; /* ECC: GF(p=256) */
#ifdef CONFIG_IEEE80211W
bss->assoc_sa_query_max_timeout = 1000; bss->assoc_sa_query_max_timeout = 1000;
bss->assoc_sa_query_retry_timeout = 201; bss->assoc_sa_query_retry_timeout = 201;
bss->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC; bss->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC;
#endif /* CONFIG_IEEE80211W */
#ifdef EAP_SERVER_FAST #ifdef EAP_SERVER_FAST
/* both anonymous and authenticated provisioning */ /* both anonymous and authenticated provisioning */
bss->eap_fast_prov = 3; bss->eap_fast_prov = 3;

View File

@ -347,14 +347,12 @@ struct hostapd_bss_config {
int wpa; /* bitfield of WPA_PROTO_WPA, WPA_PROTO_RSN */ int wpa; /* bitfield of WPA_PROTO_WPA, WPA_PROTO_RSN */
int wpa_key_mgmt; int wpa_key_mgmt;
#ifdef CONFIG_IEEE80211W
enum mfp_options ieee80211w; enum mfp_options ieee80211w;
int group_mgmt_cipher; int group_mgmt_cipher;
/* dot11AssociationSAQueryMaximumTimeout (in TUs) */ /* dot11AssociationSAQueryMaximumTimeout (in TUs) */
unsigned int assoc_sa_query_max_timeout; unsigned int assoc_sa_query_max_timeout;
/* dot11AssociationSAQueryRetryTimeout (in TUs) */ /* dot11AssociationSAQueryRetryTimeout (in TUs) */
int assoc_sa_query_retry_timeout; int assoc_sa_query_retry_timeout;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
int ocv; /* Operating Channel Validation */ int ocv; /* Operating Channel Validation */
#endif /* CONFIG_OCV */ #endif /* CONFIG_OCV */

View File

@ -305,9 +305,7 @@ int hostapd_set_drv_ieee8021x(struct hostapd_data *hapd, const char *ifname,
params.wpa_pairwise = hapd->conf->wpa_pairwise; params.wpa_pairwise = hapd->conf->wpa_pairwise;
params.wpa_key_mgmt = hapd->conf->wpa_key_mgmt; params.wpa_key_mgmt = hapd->conf->wpa_key_mgmt;
params.rsn_preauth = hapd->conf->rsn_preauth; params.rsn_preauth = hapd->conf->rsn_preauth;
#ifdef CONFIG_IEEE80211W
params.ieee80211w = hapd->conf->ieee80211w; params.ieee80211w = hapd->conf->ieee80211w;
#endif /* CONFIG_IEEE80211W */
} }
return hostapd_set_ieee8021x(hapd, &params); return hostapd_set_ieee8021x(hapd, &params);
} }

View File

@ -111,10 +111,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
struct ieee802_11_elems elems; struct ieee802_11_elems elems;
const u8 *ie; const u8 *ie;
size_t ielen; size_t ielen;
#if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) || defined(CONFIG_OWE)
u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; u8 buf[sizeof(struct ieee80211_mgmt) + 1024];
u8 *p = buf; u8 *p = buf;
#endif /* CONFIG_IEEE80211R_AP || CONFIG_IEEE80211W || CONFIG_FILS || CONFIG_OWE */
u16 reason = WLAN_REASON_UNSPECIFIED; u16 reason = WLAN_REASON_UNSPECIFIED;
u16 status = WLAN_STATUS_SUCCESS; u16 status = WLAN_STATUS_SUCCESS;
const u8 *p2p_dev_addr = NULL; const u8 *p2p_dev_addr = NULL;
@ -324,23 +322,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
} else if (res == WPA_INVALID_AKMP) { } else if (res == WPA_INVALID_AKMP) {
reason = WLAN_REASON_AKMP_NOT_VALID; reason = WLAN_REASON_AKMP_NOT_VALID;
status = WLAN_STATUS_AKMP_NOT_VALID; status = WLAN_STATUS_AKMP_NOT_VALID;
} } else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) {
#ifdef CONFIG_IEEE80211W
else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) {
reason = WLAN_REASON_INVALID_IE; reason = WLAN_REASON_INVALID_IE;
status = WLAN_STATUS_INVALID_IE; status = WLAN_STATUS_INVALID_IE;
} else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) { } else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) {
reason = WLAN_REASON_CIPHER_SUITE_REJECTED; reason = WLAN_REASON_CIPHER_SUITE_REJECTED;
status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY;
} } else {
#endif /* CONFIG_IEEE80211W */
else {
reason = WLAN_REASON_INVALID_IE; reason = WLAN_REASON_INVALID_IE;
status = WLAN_STATUS_INVALID_IE; status = WLAN_STATUS_INVALID_IE;
} }
goto fail; goto fail;
} }
#ifdef CONFIG_IEEE80211W
if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) ==
(WLAN_STA_ASSOC | WLAN_STA_MFP) && (WLAN_STA_ASSOC | WLAN_STA_MFP) &&
!sta->sa_query_timed_out && !sta->sa_query_timed_out &&
@ -373,7 +367,6 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
sta->flags |= WLAN_STA_MFP; sta->flags |= WLAN_STA_MFP;
else else
sta->flags &= ~WLAN_STA_MFP; sta->flags &= ~WLAN_STA_MFP;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP
if (sta->auth_alg == WLAN_AUTH_FT) { if (sta->auth_alg == WLAN_AUTH_FT) {
@ -1164,12 +1157,10 @@ static void hostapd_action_rx(struct hostapd_data *hapd,
return; return;
} }
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_IEEE80211W
if (mgmt->u.action.category == WLAN_ACTION_SA_QUERY) { if (mgmt->u.action.category == WLAN_ACTION_SA_QUERY) {
ieee802_11_sa_query_action(hapd, mgmt, drv_mgmt->frame_len); ieee802_11_sa_query_action(hapd, mgmt, drv_mgmt->frame_len);
return; return;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WNM_AP #ifdef CONFIG_WNM_AP
if (mgmt->u.action.category == WLAN_ACTION_WNM) { if (mgmt->u.action.category == WLAN_ACTION_WNM) {
ieee802_11_rx_wnm_action_ap(hapd, mgmt, drv_mgmt->frame_len); ieee802_11_rx_wnm_action_ap(hapd, mgmt, drv_mgmt->frame_len);

View File

@ -299,7 +299,6 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
ifname, i); ifname, i);
} }
} }
#ifdef CONFIG_IEEE80211W
if (hapd->conf->ieee80211w) { if (hapd->conf->ieee80211w) {
for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) { for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) {
if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE,
@ -311,7 +310,6 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
} }
} }
} }
#endif /* CONFIG_IEEE80211W */
} }

View File

@ -338,12 +338,10 @@ struct hostapd_data {
u8 last_gtk[WPA_GTK_MAX_LEN]; u8 last_gtk[WPA_GTK_MAX_LEN];
size_t last_gtk_len; size_t last_gtk_len;
#ifdef CONFIG_IEEE80211W
enum wpa_alg last_igtk_alg; enum wpa_alg last_igtk_alg;
int last_igtk_key_idx; int last_igtk_key_idx;
u8 last_igtk[WPA_IGTK_MAX_LEN]; u8 last_igtk[WPA_IGTK_MAX_LEN];
size_t last_igtk_len; size_t last_igtk_len;
#endif /* CONFIG_IEEE80211W */
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
#ifdef CONFIG_MBO #ifdef CONFIG_MBO

View File

@ -80,13 +80,11 @@ u8 * hostapd_eid_osen(struct hostapd_data *hapd, u8 *eid)
/* 4 PTKSA replay counters when using WMM */ /* 4 PTKSA replay counters when using WMM */
capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
} }
#ifdef CONFIG_IEEE80211W
if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
capab |= WPA_CAPABILITY_MFPC; capab |= WPA_CAPABILITY_MFPC;
if (hapd->conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) if (hapd->conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
capab |= WPA_CAPABILITY_MFPR; capab |= WPA_CAPABILITY_MFPR;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
if (hapd->conf->ocv) if (hapd->conf->ocv)
capab |= WPA_CAPABILITY_OCVC; capab |= WPA_CAPABILITY_OCVC;

View File

@ -1406,12 +1406,10 @@ static u16 wpa_res_to_status_code(int res)
return WLAN_STATUS_AKMP_NOT_VALID; return WLAN_STATUS_AKMP_NOT_VALID;
if (res == WPA_ALLOC_FAIL) if (res == WPA_ALLOC_FAIL)
return WLAN_STATUS_UNSPECIFIED_FAILURE; return WLAN_STATUS_UNSPECIFIED_FAILURE;
#ifdef CONFIG_IEEE80211W
if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION; return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION;
if (res == WPA_INVALID_MGMT_GROUP_CIPHER) if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
return WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; return WLAN_STATUS_CIPHER_REJECTED_PER_POLICY;
#endif /* CONFIG_IEEE80211W */
if (res == WPA_INVALID_MDIE) if (res == WPA_INVALID_MDIE)
return WLAN_STATUS_INVALID_MDIE; return WLAN_STATUS_INVALID_MDIE;
if (res == WPA_INVALID_PMKID) if (res == WPA_INVALID_PMKID)
@ -3078,7 +3076,6 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
resp = wpa_res_to_status_code(res); resp = wpa_res_to_status_code(res);
if (resp != WLAN_STATUS_SUCCESS) if (resp != WLAN_STATUS_SUCCESS)
return resp; return resp;
#ifdef CONFIG_IEEE80211W
if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) ==
(WLAN_STA_ASSOC | WLAN_STA_MFP) && (WLAN_STA_ASSOC | WLAN_STA_MFP) &&
!sta->sa_query_timed_out && !sta->sa_query_timed_out &&
@ -3105,7 +3102,6 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
sta->flags |= WLAN_STA_MFP; sta->flags |= WLAN_STA_MFP;
else else
sta->flags &= ~WLAN_STA_MFP; sta->flags &= ~WLAN_STA_MFP;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP
if (sta->auth_alg == WLAN_AUTH_FT) { if (sta->auth_alg == WLAN_AUTH_FT) {
@ -3550,10 +3546,8 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
ies, ies_len); ies, ies_len);
#endif /* CONFIG_OWE */ #endif /* CONFIG_OWE */
#ifdef CONFIG_IEEE80211W
if (sta && status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY) if (sta && status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY)
p = hostapd_eid_assoc_comeback_time(hapd, sta, p); p = hostapd_eid_assoc_comeback_time(hapd, sta, p);
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211N #ifdef CONFIG_IEEE80211N
p = hostapd_eid_ht_capabilities(hapd, p); p = hostapd_eid_ht_capabilities(hapd, p);
@ -4151,7 +4145,6 @@ static void handle_assoc(struct hostapd_data *hapd,
*/ */
sta->flags |= WLAN_STA_ASSOC_REQ_OK; sta->flags |= WLAN_STA_ASSOC_REQ_OK;
#ifdef CONFIG_IEEE80211W
if ((sta->flags & WLAN_STA_MFP) && sta->sa_query_timed_out) { if ((sta->flags & WLAN_STA_MFP) && sta->sa_query_timed_out) {
wpa_printf(MSG_DEBUG, "Allowing %sassociation after timed out " wpa_printf(MSG_DEBUG, "Allowing %sassociation after timed out "
"SA Query procedure", reassoc ? "re" : ""); "SA Query procedure", reassoc ? "re" : "");
@ -4162,7 +4155,6 @@ static void handle_assoc(struct hostapd_data *hapd,
* trying to associate. * trying to associate.
*/ */
} }
#endif /* CONFIG_IEEE80211W */
/* Make sure that the previously registered inactivity timer will not /* Make sure that the previously registered inactivity timer will not
* remove the STA immediately. */ * remove the STA immediately. */
@ -4387,13 +4379,11 @@ static void handle_beacon(struct hostapd_data *hapd,
} }
#ifdef CONFIG_IEEE80211W
static int robust_action_frame(u8 category) static int robust_action_frame(u8 category)
{ {
return category != WLAN_ACTION_PUBLIC && return category != WLAN_ACTION_PUBLIC &&
category != WLAN_ACTION_HT; category != WLAN_ACTION_HT;
} }
#endif /* CONFIG_IEEE80211W */
static int handle_action(struct hostapd_data *hapd, static int handle_action(struct hostapd_data *hapd,
@ -4427,7 +4417,6 @@ static int handle_action(struct hostapd_data *hapd,
return 0; return 0;
} }
#ifdef CONFIG_IEEE80211W
if (sta && (sta->flags & WLAN_STA_MFP) && if (sta && (sta->flags & WLAN_STA_MFP) &&
!(mgmt->frame_control & host_to_le16(WLAN_FC_ISWEP)) && !(mgmt->frame_control & host_to_le16(WLAN_FC_ISWEP)) &&
robust_action_frame(mgmt->u.action.category)) { robust_action_frame(mgmt->u.action.category)) {
@ -4437,7 +4426,6 @@ static int handle_action(struct hostapd_data *hapd,
"an MFP STA"); "an MFP STA");
return 0; return 0;
} }
#endif /* CONFIG_IEEE80211W */
if (sta) { if (sta) {
u16 fc = le_to_host16(mgmt->frame_control); u16 fc = le_to_host16(mgmt->frame_control);
@ -4471,11 +4459,9 @@ static int handle_action(struct hostapd_data *hapd,
case WLAN_ACTION_WMM: case WLAN_ACTION_WMM:
hostapd_wmm_action(hapd, mgmt, len); hostapd_wmm_action(hapd, mgmt, len);
return 1; return 1;
#ifdef CONFIG_IEEE80211W
case WLAN_ACTION_SA_QUERY: case WLAN_ACTION_SA_QUERY:
ieee802_11_sa_query_action(hapd, mgmt, len); ieee802_11_sa_query_action(hapd, mgmt, len);
return 1; return 1;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WNM_AP #ifdef CONFIG_WNM_AP
case WLAN_ACTION_WNM: case WLAN_ACTION_WNM:
ieee802_11_rx_wnm_action_ap(hapd, mgmt, len); ieee802_11_rx_wnm_action_ap(hapd, mgmt, len);
@ -4857,9 +4843,7 @@ static void handle_assoc_cb(struct hostapd_data *hapd,
else else
mlme_associate_indication(hapd, sta); mlme_associate_indication(hapd, sta);
#ifdef CONFIG_IEEE80211W
sta->sa_query_timed_out = 0; sta->sa_query_timed_out = 0;
#endif /* CONFIG_IEEE80211W */
if (sta->eapol_sm == NULL) { if (sta->eapol_sm == NULL) {
/* /*

View File

@ -19,8 +19,6 @@
#include "ieee802_11.h" #include "ieee802_11.h"
#ifdef CONFIG_IEEE80211W
u8 * hostapd_eid_assoc_comeback_time(struct hostapd_data *hapd, u8 * hostapd_eid_assoc_comeback_time(struct hostapd_data *hapd,
struct sta_info *sta, u8 *eid) struct sta_info *sta, u8 *eid)
{ {
@ -304,8 +302,6 @@ void ieee802_11_sa_query_action(struct hostapd_data *hapd,
ap_sta_stop_sa_query(hapd, sta); ap_sta_stop_sa_query(hapd, sta);
} }
#endif /* CONFIG_IEEE80211W */
static void hostapd_ext_capab_byte(struct hostapd_data *hapd, u8 *pos, int idx) static void hostapd_ext_capab_byte(struct hostapd_data *hapd, u8 *pos, int idx)
{ {

View File

@ -408,7 +408,6 @@ static int add_common_radius_sta_attr_rsn(struct hostapd_data *hapd,
return -1; return -1;
} }
#ifdef CONFIG_IEEE80211W
if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
suite = wpa_cipher_to_suite(WPA_PROTO_RSN, suite = wpa_cipher_to_suite(WPA_PROTO_RSN,
hapd->conf->group_mgmt_cipher); hapd->conf->group_mgmt_cipher);
@ -421,7 +420,6 @@ static int add_common_radius_sta_attr_rsn(struct hostapd_data *hapd,
return -1; return -1;
} }
} }
#endif /* CONFIG_IEEE80211W */
return 0; return 0;
} }

View File

@ -46,9 +46,7 @@ static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx);
static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx); static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx);
static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx);
static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx);
#ifdef CONFIG_IEEE80211W
static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx);
#endif /* CONFIG_IEEE80211W */
static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta);
static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx); static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx);
@ -301,10 +299,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
os_free(sta->challenge); os_free(sta->challenge);
#ifdef CONFIG_IEEE80211W
os_free(sta->sa_query_trans_id); os_free(sta->sa_query_trans_id);
eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_P2P #ifdef CONFIG_P2P
p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); p2p_group_notif_disassoc(hapd->p2p_group, sta->addr);
@ -1095,8 +1091,6 @@ done:
} }
#ifdef CONFIG_IEEE80211W
int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta)
{ {
u32 tu; u32 tu;
@ -1186,8 +1180,6 @@ void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
sta->sa_query_count = 0; sta->sa_query_count = 0;
} }
#endif /* CONFIG_IEEE80211W */
const char * ap_sta_wpa_get_keyid(struct hostapd_data *hapd, const char * ap_sta_wpa_get_keyid(struct hostapd_data *hapd,
struct sta_info *sta) struct sta_info *sta)

View File

@ -171,7 +171,6 @@ struct sta_info {
struct ieee80211_he_capabilities *he_capab; struct ieee80211_he_capabilities *he_capab;
size_t he_capab_len; size_t he_capab_len;
#ifdef CONFIG_IEEE80211W
int sa_query_count; /* number of pending SA Query requests; int sa_query_count; /* number of pending SA Query requests;
* 0 = no SA Query in progress */ * 0 = no SA Query in progress */
int sa_query_timed_out; int sa_query_timed_out;
@ -179,7 +178,6 @@ struct sta_info {
* sa_query_count octets of pending SA Query * sa_query_count octets of pending SA Query
* transaction identifiers */ * transaction identifiers */
struct os_reltime sa_query_start; struct os_reltime sa_query_start;
#endif /* CONFIG_IEEE80211W */
#if defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP) #if defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP)
#define GAS_DIALOG_MAX 8 /* Max concurrent dialog number */ #define GAS_DIALOG_MAX 8 /* Max concurrent dialog number */

View File

@ -150,7 +150,6 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd,
pos += gtk_elem_len; pos += gtk_elem_len;
wpa_printf(MSG_DEBUG, "Pass 4, gtk_len = %d", wpa_printf(MSG_DEBUG, "Pass 4, gtk_len = %d",
(int) gtk_elem_len); (int) gtk_elem_len);
#ifdef CONFIG_IEEE80211W
res = wpa_wnmsleep_igtk_subelem(sta->wpa_sm, pos); res = wpa_wnmsleep_igtk_subelem(sta->wpa_sm, pos);
if (res < 0) if (res < 0)
goto fail; goto fail;
@ -158,7 +157,6 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd,
pos += igtk_elem_len; pos += igtk_elem_len;
wpa_printf(MSG_DEBUG, "Pass 4 igtk_len = %d", wpa_printf(MSG_DEBUG, "Pass 4 igtk_len = %d",
(int) igtk_elem_len); (int) igtk_elem_len);
#endif /* CONFIG_IEEE80211W */
WPA_PUT_LE16((u8 *) WPA_PUT_LE16((u8 *)
&mgmt->u.action.u.wnm_sleep_resp.keydata_len, &mgmt->u.action.u.wnm_sleep_resp.keydata_len,

View File

@ -1818,10 +1818,8 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
sm->ft_completed = 0; sm->ft_completed = 0;
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_IEEE80211W
if (sm->mgmt_frame_prot && event == WPA_AUTH) if (sm->mgmt_frame_prot && event == WPA_AUTH)
remove_ptk = 0; remove_ptk = 0;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_FILS #ifdef CONFIG_FILS
if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) &&
(event == WPA_AUTH || event == WPA_ASSOC)) (event == WPA_AUTH || event == WPA_ASSOC))
@ -3045,8 +3043,6 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING2)
} }
#ifdef CONFIG_IEEE80211W
static int ieee80211w_kde_len(struct wpa_state_machine *sm) static int ieee80211w_kde_len(struct wpa_state_machine *sm)
{ {
if (sm->mgmt_frame_prot) { if (sm->mgmt_frame_prot) {
@ -3093,21 +3089,6 @@ static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
return pos; return pos;
} }
#else /* CONFIG_IEEE80211W */
static int ieee80211w_kde_len(struct wpa_state_machine *sm)
{
return 0;
}
static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
{
return pos;
}
#endif /* CONFIG_IEEE80211W */
static int ocv_oci_len(struct wpa_state_machine *sm) static int ocv_oci_len(struct wpa_state_machine *sm)
{ {
@ -3746,7 +3727,6 @@ static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
wpa_hexdump_key(MSG_DEBUG, "GTK", wpa_hexdump_key(MSG_DEBUG, "GTK",
group->GTK[group->GN - 1], group->GTK_len); group->GTK[group->GN - 1], group->GTK_len);
#ifdef CONFIG_IEEE80211W
if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) {
size_t len; size_t len;
len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher); len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
@ -3759,7 +3739,6 @@ static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
wpa_hexdump_key(MSG_DEBUG, "IGTK", wpa_hexdump_key(MSG_DEBUG, "IGTK",
group->IGTK[group->GN_igtk - 4], len); group->IGTK[group->GN_igtk - 4], len);
} }
#endif /* CONFIG_IEEE80211W */
return ret; return ret;
} }
@ -3777,10 +3756,8 @@ static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth,
os_memset(group->GTK, 0, sizeof(group->GTK)); os_memset(group->GTK, 0, sizeof(group->GTK));
group->GN = 1; group->GN = 1;
group->GM = 2; group->GM = 2;
#ifdef CONFIG_IEEE80211W
group->GN_igtk = 4; group->GN_igtk = 4;
group->GM_igtk = 5; group->GM_igtk = 5;
#endif /* CONFIG_IEEE80211W */
/* GTK[GN] = CalcGTK() */ /* GTK[GN] = CalcGTK() */
wpa_gtk_update(wpa_auth, group); wpa_gtk_update(wpa_auth, group);
} }
@ -3869,7 +3846,6 @@ int wpa_wnmsleep_gtk_subelem(struct wpa_state_machine *sm, u8 *pos)
} }
#ifdef CONFIG_IEEE80211W
int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos) int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos)
{ {
struct wpa_group *gsm = sm->group; struct wpa_group *gsm = sm->group;
@ -3898,7 +3874,7 @@ int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos)
return pos - start; return pos - start;
} }
#endif /* CONFIG_IEEE80211W */
#endif /* CONFIG_WNM_AP */ #endif /* CONFIG_WNM_AP */
@ -3915,11 +3891,9 @@ static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth,
tmp = group->GM; tmp = group->GM;
group->GM = group->GN; group->GM = group->GN;
group->GN = tmp; group->GN = tmp;
#ifdef CONFIG_IEEE80211W
tmp = group->GM_igtk; tmp = group->GM_igtk;
group->GM_igtk = group->GN_igtk; group->GM_igtk = group->GN_igtk;
group->GN_igtk = tmp; group->GN_igtk = tmp;
#endif /* CONFIG_IEEE80211W */
/* "GKeyDoneStations = GNoStations" is done in more robust way by /* "GKeyDoneStations = GNoStations" is done in more robust way by
* counting the STAs that are marked with GUpdateStationKeys instead of * counting the STAs that are marked with GUpdateStationKeys instead of
* including all STAs that could be in not-yet-completed state. */ * including all STAs that could be in not-yet-completed state. */
@ -3948,7 +3922,6 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth,
group->GTK[group->GN - 1], group->GTK_len) < 0) group->GTK[group->GN - 1], group->GTK_len) < 0)
ret = -1; ret = -1;
#ifdef CONFIG_IEEE80211W
if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) {
enum wpa_alg alg; enum wpa_alg alg;
size_t len; size_t len;
@ -3962,7 +3935,6 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth,
group->IGTK[group->GN_igtk - 4], len) < 0) group->IGTK[group->GN_igtk - 4], len) < 0)
ret = -1; ret = -1;
} }
#endif /* CONFIG_IEEE80211W */
return ret; return ret;
} }
@ -4100,11 +4072,9 @@ void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth)
tmp = group->GM; tmp = group->GM;
group->GM = group->GN; group->GM = group->GN;
group->GN = tmp; group->GN = tmp;
#ifdef CONFIG_IEEE80211W
tmp = group->GM_igtk; tmp = group->GM_igtk;
group->GM_igtk = group->GN_igtk; group->GM_igtk = group->GN_igtk;
group->GN_igtk = tmp; group->GN_igtk = tmp;
#endif /* CONFIG_IEEE80211W */
wpa_gtk_update(wpa_auth, group); wpa_gtk_update(wpa_auth, group);
wpa_group_config_group_keys(wpa_auth, group); wpa_group_config_group_keys(wpa_auth, group);
} }
@ -4979,9 +4949,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
void *ctx1, void *ctx2) void *ctx1, void *ctx2)
{ {
u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde, *pos; u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde, *pos;
#ifdef CONFIG_IEEE80211W
u8 *opos; u8 *opos;
#endif /* CONFIG_IEEE80211W */
size_t gtk_len, kde_len; size_t gtk_len, kde_len;
struct wpa_group *gsm = sm->group; struct wpa_group *gsm = sm->group;
u8 *wpa_ie; u8 *wpa_ie;
@ -5078,7 +5046,6 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
gtk, gtk_len); gtk, gtk_len);
} }
#ifdef CONFIG_IEEE80211W
opos = pos; opos = pos;
pos = ieee80211w_kde_add(sm, pos); pos = ieee80211w_kde_add(sm, pos);
if (pos - opos >= 2 + RSN_SELECTOR_LEN + WPA_IGTK_KDE_PREFIX_LEN) { if (pos - opos >= 2 + RSN_SELECTOR_LEN + WPA_IGTK_KDE_PREFIX_LEN) {
@ -5086,7 +5053,6 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm,
opos += 2 + RSN_SELECTOR_LEN + 2; opos += 2 + RSN_SELECTOR_LEN + 2;
os_memset(opos, 0, 6); /* clear PN */ os_memset(opos, 0, 6); /* clear PN */
} }
#endif /* CONFIG_IEEE80211W */
if (ocv_oci_add(sm, &pos) < 0) { if (ocv_oci_add(sm, &pos) < 0) {
os_free(kde); os_free(kde);
return -1; return -1;
@ -5157,9 +5123,7 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm,
struct wpa_group *gsm = sm->group; struct wpa_group *gsm = sm->group;
const u8 *kde; const u8 *kde;
u8 *kde_buf = NULL, *pos, hdr[2]; u8 *kde_buf = NULL, *pos, hdr[2];
#ifdef CONFIG_IEEE80211W
u8 *opos; u8 *opos;
#endif /* CONFIG_IEEE80211W */
size_t kde_len; size_t kde_len;
u8 *gtk; u8 *gtk;
@ -5182,7 +5146,6 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm,
hdr[1] = 0; hdr[1] = 0;
pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
gtk, gsm->GTK_len); gtk, gsm->GTK_len);
#ifdef CONFIG_IEEE80211W
opos = pos; opos = pos;
pos = ieee80211w_kde_add(sm, pos); pos = ieee80211w_kde_add(sm, pos);
if (pos - opos >= if (pos - opos >=
@ -5191,7 +5154,6 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm,
opos += 2 + RSN_SELECTOR_LEN + 2; opos += 2 + RSN_SELECTOR_LEN + 2;
os_memset(opos, 0, 6); /* clear PN */ os_memset(opos, 0, 6); /* clear PN */
} }
#endif /* CONFIG_IEEE80211W */
if (ocv_oci_add(sm, &pos) < 0) { if (ocv_oci_add(sm, &pos) < 0) {
os_free(kde_buf); os_free(kde_buf);
return -1; return -1;

View File

@ -187,11 +187,9 @@ struct wpa_auth_config {
int disable_pmksa_caching; int disable_pmksa_caching;
int okc; int okc;
int tx_status; int tx_status;
#ifdef CONFIG_IEEE80211W
enum mfp_options ieee80211w; enum mfp_options ieee80211w;
int group_mgmt_cipher; int group_mgmt_cipher;
int sae_require_mfp; int sae_require_mfp;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
int ocv; /* Operating Channel Validation */ int ocv; /* Operating Channel Validation */
#endif /* CONFIG_OCV */ #endif /* CONFIG_OCV */

View File

@ -2232,7 +2232,6 @@ static u8 * wpa_ft_gtk_subelem(struct wpa_state_machine *sm, size_t *len)
} }
#ifdef CONFIG_IEEE80211W
static u8 * wpa_ft_igtk_subelem(struct wpa_state_machine *sm, size_t *len) static u8 * wpa_ft_igtk_subelem(struct wpa_state_machine *sm, size_t *len)
{ {
u8 *subelem, *pos; u8 *subelem, *pos;
@ -2279,7 +2278,6 @@ static u8 * wpa_ft_igtk_subelem(struct wpa_state_machine *sm, size_t *len)
*len = subelem_len; *len = subelem_len;
return subelem; return subelem;
} }
#endif /* CONFIG_IEEE80211W */
static u8 * wpa_ft_process_rdie(struct wpa_state_machine *sm, static u8 * wpa_ft_process_rdie(struct wpa_state_machine *sm,
@ -2487,7 +2485,6 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
r0kh_id_len = sm->r0kh_id_len; r0kh_id_len = sm->r0kh_id_len;
anonce = sm->ANonce; anonce = sm->ANonce;
snonce = sm->SNonce; snonce = sm->SNonce;
#ifdef CONFIG_IEEE80211W
if (sm->mgmt_frame_prot) { if (sm->mgmt_frame_prot) {
u8 *igtk; u8 *igtk;
size_t igtk_len; size_t igtk_len;
@ -2510,7 +2507,6 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
subelem_len += igtk_len; subelem_len += igtk_len;
os_free(igtk); os_free(igtk);
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
if (wpa_auth_uses_ocv(sm)) { if (wpa_auth_uses_ocv(sm)) {
struct wpa_channel_info ci; struct wpa_channel_info ci;

View File

@ -64,11 +64,9 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
wconf->ocv = conf->ocv; wconf->ocv = conf->ocv;
#endif /* CONFIG_OCV */ #endif /* CONFIG_OCV */
wconf->okc = conf->okc; wconf->okc = conf->okc;
#ifdef CONFIG_IEEE80211W
wconf->ieee80211w = conf->ieee80211w; wconf->ieee80211w = conf->ieee80211w;
wconf->group_mgmt_cipher = conf->group_mgmt_cipher; wconf->group_mgmt_cipher = conf->group_mgmt_cipher;
wconf->sae_require_mfp = conf->sae_require_mfp; wconf->sae_require_mfp = conf->sae_require_mfp;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP
wconf->ssid_len = conf->ssid.ssid_len; wconf->ssid_len = conf->ssid.ssid_len;
if (wconf->ssid_len > SSID_MAX_LEN) if (wconf->ssid_len > SSID_MAX_LEN)
@ -107,9 +105,7 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
wconf->rsn_pairwise = WPA_CIPHER_CCMP; wconf->rsn_pairwise = WPA_CIPHER_CCMP;
wconf->rsn_preauth = 0; wconf->rsn_preauth = 0;
wconf->disable_pmksa_caching = 1; wconf->disable_pmksa_caching = 1;
#ifdef CONFIG_IEEE80211W
wconf->ieee80211w = 1; wconf->ieee80211w = 1;
#endif /* CONFIG_IEEE80211W */
} }
#endif /* CONFIG_HS20 */ #endif /* CONFIG_HS20 */
#ifdef CONFIG_TESTING_OPTIONS #ifdef CONFIG_TESTING_OPTIONS
@ -380,7 +376,6 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg,
os_memcpy(sta->last_tk, key, key_len); os_memcpy(sta->last_tk, key, key_len);
sta->last_tk_len = key_len; sta->last_tk_len = key_len;
} }
#ifdef CONFIG_IEEE80211W
} else if (alg == WPA_ALG_IGTK || } else if (alg == WPA_ALG_IGTK ||
alg == WPA_ALG_BIP_GMAC_128 || alg == WPA_ALG_BIP_GMAC_128 ||
alg == WPA_ALG_BIP_GMAC_256 || alg == WPA_ALG_BIP_GMAC_256 ||
@ -390,7 +385,6 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg,
if (key) if (key)
os_memcpy(hapd->last_igtk, key, key_len); os_memcpy(hapd->last_igtk, key, key_len);
hapd->last_igtk_len = key_len; hapd->last_igtk_len = key_len;
#endif /* CONFIG_IEEE80211W */
} else { } else {
hapd->last_gtk_alg = alg; hapd->last_gtk_alg = alg;
hapd->last_gtk_key_idx = idx; hapd->last_gtk_key_idx = idx;

View File

@ -190,10 +190,8 @@ struct wpa_group {
Boolean changed; Boolean changed;
Boolean first_sta_seen; Boolean first_sta_seen;
Boolean reject_4way_hs_for_entropy; Boolean reject_4way_hs_for_entropy;
#ifdef CONFIG_IEEE80211W
u8 IGTK[2][WPA_IGTK_MAX_LEN]; u8 IGTK[2][WPA_IGTK_MAX_LEN];
int GN_igtk, GM_igtk; int GN_igtk, GM_igtk;
#endif /* CONFIG_IEEE80211W */
/* Number of references except those in struct wpa_group->next */ /* Number of references except those in struct wpa_group->next */
unsigned int references; unsigned int references;
unsigned int num_setup_iface; unsigned int num_setup_iface;

View File

@ -183,7 +183,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
num_suites++; num_suites++;
} }
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_IEEE80211W
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) { if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256); RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
pos += RSN_SELECTOR_LEN; pos += RSN_SELECTOR_LEN;
@ -194,7 +193,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
pos += RSN_SELECTOR_LEN; pos += RSN_SELECTOR_LEN;
num_suites++; num_suites++;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) { if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE); RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
@ -286,13 +284,11 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
/* 4 PTKSA replay counters when using WMM */ /* 4 PTKSA replay counters when using WMM */
capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
} }
#ifdef CONFIG_IEEE80211W
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
capab |= WPA_CAPABILITY_MFPC; capab |= WPA_CAPABILITY_MFPC;
if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
capab |= WPA_CAPABILITY_MFPR; capab |= WPA_CAPABILITY_MFPR;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
if (conf->ocv) if (conf->ocv)
capab |= WPA_CAPABILITY_OCVC; capab |= WPA_CAPABILITY_OCVC;
@ -314,7 +310,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
pos += PMKID_LEN; pos += PMKID_LEN;
} }
#ifdef CONFIG_IEEE80211W
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION && if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION &&
conf->group_mgmt_cipher != WPA_CIPHER_AES_128_CMAC) { conf->group_mgmt_cipher != WPA_CIPHER_AES_128_CMAC) {
if (2 + 4 > buf + len - pos) if (2 + 4 > buf + len - pos)
@ -347,7 +342,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
} }
pos += RSN_SELECTOR_LEN; pos += RSN_SELECTOR_LEN;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_RSN_TESTING #ifdef CONFIG_RSN_TESTING
if (rsn_testing) { if (rsn_testing) {
@ -411,13 +405,11 @@ static u8 * wpa_write_osen(struct wpa_auth_config *conf, u8 *eid)
/* 4 PTKSA replay counters when using WMM */ /* 4 PTKSA replay counters when using WMM */
capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
} }
#ifdef CONFIG_IEEE80211W
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
capab |= WPA_CAPABILITY_MFPC; capab |= WPA_CAPABILITY_MFPC;
if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
capab |= WPA_CAPABILITY_MFPR; capab |= WPA_CAPABILITY_MFPR;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
if (conf->ocv) if (conf->ocv)
capab |= WPA_CAPABILITY_OCVC; capab |= WPA_CAPABILITY_OCVC;
@ -607,12 +599,10 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK) else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK)
selector = RSN_AUTH_KEY_MGMT_FT_PSK; selector = RSN_AUTH_KEY_MGMT_FT_PSK;
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_IEEE80211W
else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256; selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256;
else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256) else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
selector = RSN_AUTH_KEY_MGMT_PSK_SHA256; selector = RSN_AUTH_KEY_MGMT_PSK_SHA256;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
else if (data.key_mgmt & WPA_KEY_MGMT_SAE) else if (data.key_mgmt & WPA_KEY_MGMT_SAE)
selector = RSN_AUTH_KEY_MGMT_SAE; selector = RSN_AUTH_KEY_MGMT_SAE;
@ -717,12 +707,10 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
else if (key_mgmt & WPA_KEY_MGMT_FT_PSK) else if (key_mgmt & WPA_KEY_MGMT_FT_PSK)
sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK; sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK;
#endif /* CONFIG_IEEE80211R_AP */ #endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_IEEE80211W
else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256) else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256; sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
else if (key_mgmt & WPA_KEY_MGMT_SAE) else if (key_mgmt & WPA_KEY_MGMT_SAE)
sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE; sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE;
@ -758,7 +746,6 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
return WPA_INVALID_PAIRWISE; return WPA_INVALID_PAIRWISE;
} }
#ifdef CONFIG_IEEE80211W
if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) { if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
if (!(data.capabilities & WPA_CAPABILITY_MFPC)) { if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
wpa_printf(MSG_DEBUG, "Management frame protection " wpa_printf(MSG_DEBUG, "Management frame protection "
@ -807,7 +794,6 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
"Management frame protection cannot use TKIP"); "Management frame protection cannot use TKIP");
return WPA_MGMT_FRAME_PROTECTION_VIOLATION; return WPA_MGMT_FRAME_PROTECTION_VIOLATION;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP
if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
@ -1024,14 +1010,12 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end,
return 0; return 0;
} }
#ifdef CONFIG_IEEE80211W
if (pos[1] > RSN_SELECTOR_LEN + 2 && if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) { RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
ie->igtk = pos + 2 + RSN_SELECTOR_LEN; ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
ie->igtk_len = pos[1] - RSN_SELECTOR_LEN; ie->igtk_len = pos[1] - RSN_SELECTOR_LEN;
return 0; return 0;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_P2P #ifdef CONFIG_P2P
if (pos[1] >= RSN_SELECTOR_LEN + 1 && if (pos[1] >= RSN_SELECTOR_LEN + 1 &&

View File

@ -19,10 +19,8 @@ struct wpa_eapol_ie_parse {
size_t gtk_len; size_t gtk_len;
const u8 *mac_addr; const u8 *mac_addr;
size_t mac_addr_len; size_t mac_addr_len;
#ifdef CONFIG_IEEE80211W
const u8 *igtk; const u8 *igtk;
size_t igtk_len; size_t igtk_len;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP
const u8 *mdie; const u8 *mdie;
size_t mdie_len; size_t mdie_len;

View File

@ -358,12 +358,10 @@ static int hapd_wps_reconfig_in_memory(struct hostapd_data *hapd,
(cred->auth_type & WPS_AUTH_WPA2PSK) && (cred->auth_type & WPS_AUTH_WPA2PSK) &&
cred->key_len != 2 * PMK_LEN) { cred->key_len != 2 * PMK_LEN) {
bss->wpa_key_mgmt |= WPA_KEY_MGMT_SAE; bss->wpa_key_mgmt |= WPA_KEY_MGMT_SAE;
#ifdef CONFIG_IEEE80211W
if (bss->ieee80211w == NO_MGMT_FRAME_PROTECTION) if (bss->ieee80211w == NO_MGMT_FRAME_PROTECTION)
bss->ieee80211w = bss->ieee80211w =
MGMT_FRAME_PROTECTION_OPTIONAL; MGMT_FRAME_PROTECTION_OPTIONAL;
bss->sae_require_mfp = 1; bss->sae_require_mfp = 1;
#endif /* CONFIG_IEEE80211W */
} }
if (cred->key_len >= 8 && cred->key_len < 64) { if (cred->key_len >= 8 && cred->key_len < 64) {
@ -533,9 +531,7 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx)
if (wpa) { if (wpa) {
char *prefix; char *prefix;
#ifdef CONFIG_IEEE80211W
int sae = 0; int sae = 0;
#endif /* CONFIG_IEEE80211W */
fprintf(nconf, "wpa=%d\n", wpa); fprintf(nconf, "wpa=%d\n", wpa);
@ -553,13 +549,10 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx)
(cred->auth_type & WPS_AUTH_WPA2PSK) && (cred->auth_type & WPS_AUTH_WPA2PSK) &&
cred->key_len != 2 * PMK_LEN) { cred->key_len != 2 * PMK_LEN) {
fprintf(nconf, "%sSAE", prefix); fprintf(nconf, "%sSAE", prefix);
#ifdef CONFIG_IEEE80211W
sae = 1; sae = 1;
#endif /* CONFIG_IEEE80211W */
} }
fprintf(nconf, "\n"); fprintf(nconf, "\n");
#ifdef CONFIG_IEEE80211W
if (sae && hapd->conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) { if (sae && hapd->conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
fprintf(nconf, "ieee80211w=%d\n", fprintf(nconf, "ieee80211w=%d\n",
MGMT_FRAME_PROTECTION_OPTIONAL); MGMT_FRAME_PROTECTION_OPTIONAL);
@ -567,7 +560,6 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx)
} }
if (sae) if (sae)
fprintf(nconf, "sae_require_mfp=1\n"); fprintf(nconf, "sae_require_mfp=1\n");
#endif /* CONFIG_IEEE80211W */
fprintf(nconf, "wpa_pairwise="); fprintf(nconf, "wpa_pairwise=");
prefix = ""; prefix = "";

View File

@ -9,7 +9,6 @@ install:
include ../lib.rules include ../lib.rules
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_HS20 CFLAGS += -DCONFIG_HS20
CFLAGS += -DCONFIG_SAE CFLAGS += -DCONFIG_SAE
CFLAGS += -DCONFIG_SUITE CFLAGS += -DCONFIG_SUITE

View File

@ -212,11 +212,9 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver,
return -1; return -1;
os_memcpy(mic, hash, MD5_MAC_LEN); os_memcpy(mic, hash, MD5_MAC_LEN);
break; break;
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W)
case WPA_KEY_INFO_TYPE_AES_128_CMAC: case WPA_KEY_INFO_TYPE_AES_128_CMAC:
wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using AES-CMAC"); wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using AES-CMAC");
return omac1_aes_128(key, buf, len, mic); return omac1_aes_128(key, buf, len, mic);
#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */
case WPA_KEY_INFO_TYPE_AKM_DEFINED: case WPA_KEY_INFO_TYPE_AKM_DEFINED:
switch (akmp) { switch (akmp) {
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
@ -410,14 +408,10 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label,
return -1; return -1;
#endif /* CONFIG_SUITEB192 || CONFIG_FILS */ #endif /* CONFIG_SUITEB192 || CONFIG_FILS */
} else if (wpa_key_mgmt_sha256(akmp) || akmp == WPA_KEY_MGMT_OWE) { } else if (wpa_key_mgmt_sha256(akmp) || akmp == WPA_KEY_MGMT_OWE) {
#if defined(CONFIG_IEEE80211W) || defined(CONFIG_SAE) || defined(CONFIG_FILS)
wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)"); wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)");
if (sha256_prf(pmk, pmk_len, label, data, data_len, if (sha256_prf(pmk, pmk_len, label, data, data_len,
tmp, ptk_len) < 0) tmp, ptk_len) < 0)
return -1; return -1;
#else /* CONFIG_IEEE80211W or CONFIG_SAE or CONFIG_FILS */
return -1;
#endif /* CONFIG_IEEE80211W or CONFIG_SAE or CONFIG_FILS */
#ifdef CONFIG_DPP #ifdef CONFIG_DPP
} else if (akmp == WPA_KEY_MGMT_DPP && pmk_len == 32) { } else if (akmp == WPA_KEY_MGMT_DPP && pmk_len == 32) {
wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)"); wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)");
@ -892,12 +886,10 @@ static int wpa_ft_parse_ftie(const u8 *ie, size_t ie_len,
parse->r0kh_id = pos; parse->r0kh_id = pos;
parse->r0kh_id_len = len; parse->r0kh_id_len = len;
break; break;
#ifdef CONFIG_IEEE80211W
case FTIE_SUBELEM_IGTK: case FTIE_SUBELEM_IGTK:
parse->igtk = pos; parse->igtk = pos;
parse->igtk_len = len; parse->igtk_len = len;
break; break;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
case FTIE_SUBELEM_OCI: case FTIE_SUBELEM_OCI:
parse->oci = pos; parse->oci = pos;
@ -1092,10 +1084,8 @@ static int rsn_selector_to_bitfield(const u8 *s)
return WPA_CIPHER_TKIP; return WPA_CIPHER_TKIP;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP) if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP)
return WPA_CIPHER_CCMP; return WPA_CIPHER_CCMP;
#ifdef CONFIG_IEEE80211W
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_AES_128_CMAC) if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_AES_128_CMAC)
return WPA_CIPHER_AES_128_CMAC; return WPA_CIPHER_AES_128_CMAC;
#endif /* CONFIG_IEEE80211W */
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_GCMP) if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_GCMP)
return WPA_CIPHER_GCMP; return WPA_CIPHER_GCMP;
if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP_256) if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP_256)
@ -1130,12 +1120,10 @@ static int rsn_key_mgmt_to_bitfield(const u8 *s)
return WPA_KEY_MGMT_FT_IEEE8021X_SHA384; return WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
#endif /* CONFIG_SHA384 */ #endif /* CONFIG_SHA384 */
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_802_1X_SHA256) if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_802_1X_SHA256)
return WPA_KEY_MGMT_IEEE8021X_SHA256; return WPA_KEY_MGMT_IEEE8021X_SHA256;
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_PSK_SHA256) if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_PSK_SHA256)
return WPA_KEY_MGMT_PSK_SHA256; return WPA_KEY_MGMT_PSK_SHA256;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_SAE) if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_SAE)
return WPA_KEY_MGMT_SAE; return WPA_KEY_MGMT_SAE;
@ -1175,7 +1163,6 @@ int wpa_cipher_valid_group(int cipher)
} }
#ifdef CONFIG_IEEE80211W
int wpa_cipher_valid_mgmt_group(int cipher) int wpa_cipher_valid_mgmt_group(int cipher)
{ {
return cipher == WPA_CIPHER_AES_128_CMAC || return cipher == WPA_CIPHER_AES_128_CMAC ||
@ -1183,7 +1170,6 @@ int wpa_cipher_valid_mgmt_group(int cipher)
cipher == WPA_CIPHER_BIP_GMAC_256 || cipher == WPA_CIPHER_BIP_GMAC_256 ||
cipher == WPA_CIPHER_BIP_CMAC_256; cipher == WPA_CIPHER_BIP_CMAC_256;
} }
#endif /* CONFIG_IEEE80211W */
/** /**
@ -1208,11 +1194,7 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len,
data->capabilities = 0; data->capabilities = 0;
data->pmkid = NULL; data->pmkid = NULL;
data->num_pmkid = 0; data->num_pmkid = 0;
#ifdef CONFIG_IEEE80211W
data->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; data->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
#else /* CONFIG_IEEE80211W */
data->mgmt_group_cipher = 0;
#endif /* CONFIG_IEEE80211W */
if (rsn_ie_len == 0) { if (rsn_ie_len == 0) {
/* No RSN IE - fail silently */ /* No RSN IE - fail silently */
@ -1287,13 +1269,11 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len,
pos += RSN_SELECTOR_LEN; pos += RSN_SELECTOR_LEN;
left -= RSN_SELECTOR_LEN; left -= RSN_SELECTOR_LEN;
} }
#ifdef CONFIG_IEEE80211W
if (data->pairwise_cipher & WPA_CIPHER_AES_128_CMAC) { if (data->pairwise_cipher & WPA_CIPHER_AES_128_CMAC) {
wpa_printf(MSG_DEBUG, "%s: AES-128-CMAC used as " wpa_printf(MSG_DEBUG, "%s: AES-128-CMAC used as "
"pairwise cipher", __func__); "pairwise cipher", __func__);
return -1; return -1;
} }
#endif /* CONFIG_IEEE80211W */
} else if (left == 1) { } else if (left == 1) {
wpa_printf(MSG_DEBUG, "%s: ie too short (for key mgmt)", wpa_printf(MSG_DEBUG, "%s: ie too short (for key mgmt)",
__func__); __func__);
@ -1345,7 +1325,6 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len,
} }
} }
#ifdef CONFIG_IEEE80211W
if (left >= 4) { if (left >= 4) {
data->mgmt_group_cipher = rsn_selector_to_bitfield(pos); data->mgmt_group_cipher = rsn_selector_to_bitfield(pos);
if (!wpa_cipher_valid_mgmt_group(data->mgmt_group_cipher)) { if (!wpa_cipher_valid_mgmt_group(data->mgmt_group_cipher)) {
@ -1358,7 +1337,6 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len,
pos += RSN_SELECTOR_LEN; pos += RSN_SELECTOR_LEN;
left -= RSN_SELECTOR_LEN; left -= RSN_SELECTOR_LEN;
} }
#endif /* CONFIG_IEEE80211W */
if (left > 0) { if (left > 0) {
wpa_hexdump(MSG_DEBUG, wpa_hexdump(MSG_DEBUG,
@ -1857,11 +1835,9 @@ void rsn_pmkid(const u8 *pmk, size_t pmk_len, const u8 *aa, const u8 *spa,
wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-384"); wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-384");
hmac_sha384_vector(pmk, pmk_len, 3, addr, len, hash); hmac_sha384_vector(pmk, pmk_len, 3, addr, len, hash);
#endif /* CONFIG_FILS || CONFIG_SHA384 */ #endif /* CONFIG_FILS || CONFIG_SHA384 */
#if defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS)
} else if (wpa_key_mgmt_sha256(akmp)) { } else if (wpa_key_mgmt_sha256(akmp)) {
wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-256"); wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-256");
hmac_sha256_vector(pmk, pmk_len, 3, addr, len, hash); hmac_sha256_vector(pmk, pmk_len, 3, addr, len, hash);
#endif /* CONFIG_IEEE80211W || CONFIG_FILS */
} else { } else {
wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-1"); wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-1");
hmac_sha1_vector(pmk, pmk_len, 3, addr, len, hash); hmac_sha1_vector(pmk, pmk_len, 3, addr, len, hash);
@ -2012,12 +1988,10 @@ const char * wpa_key_mgmt_txt(int key_mgmt, int proto)
case WPA_KEY_MGMT_FT_PSK: case WPA_KEY_MGMT_FT_PSK:
return "FT-PSK"; return "FT-PSK";
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
case WPA_KEY_MGMT_IEEE8021X_SHA256: case WPA_KEY_MGMT_IEEE8021X_SHA256:
return "WPA2-EAP-SHA256"; return "WPA2-EAP-SHA256";
case WPA_KEY_MGMT_PSK_SHA256: case WPA_KEY_MGMT_PSK_SHA256:
return "WPA2-PSK-SHA256"; return "WPA2-PSK-SHA256";
#endif /* CONFIG_IEEE80211W */
case WPA_KEY_MGMT_WPS: case WPA_KEY_MGMT_WPS:
return "WPS"; return "WPS";
case WPA_KEY_MGMT_SAE: case WPA_KEY_MGMT_SAE:

View File

@ -104,9 +104,7 @@ WPA_CIPHER_BIP_CMAC_256)
#endif #endif
#define RSN_KEY_DATA_MAC_ADDR RSN_SELECTOR(0x00, 0x0f, 0xac, 3) #define RSN_KEY_DATA_MAC_ADDR RSN_SELECTOR(0x00, 0x0f, 0xac, 3)
#define RSN_KEY_DATA_PMKID RSN_SELECTOR(0x00, 0x0f, 0xac, 4) #define RSN_KEY_DATA_PMKID RSN_SELECTOR(0x00, 0x0f, 0xac, 4)
#ifdef CONFIG_IEEE80211W
#define RSN_KEY_DATA_IGTK RSN_SELECTOR(0x00, 0x0f, 0xac, 9) #define RSN_KEY_DATA_IGTK RSN_SELECTOR(0x00, 0x0f, 0xac, 9)
#endif /* CONFIG_IEEE80211W */
#define RSN_KEY_DATA_KEYID RSN_SELECTOR(0x00, 0x0f, 0xac, 10) #define RSN_KEY_DATA_KEYID RSN_SELECTOR(0x00, 0x0f, 0xac, 10)
#define RSN_KEY_DATA_MULTIBAND_GTK RSN_SELECTOR(0x00, 0x0f, 0xac, 11) #define RSN_KEY_DATA_MULTIBAND_GTK RSN_SELECTOR(0x00, 0x0f, 0xac, 11)
#define RSN_KEY_DATA_MULTIBAND_KEYID RSN_SELECTOR(0x00, 0x0f, 0xac, 12) #define RSN_KEY_DATA_MULTIBAND_KEYID RSN_SELECTOR(0x00, 0x0f, 0xac, 12)
@ -130,10 +128,8 @@ WPA_CIPHER_BIP_CMAC_256)
#pragma pack(push, 1) #pragma pack(push, 1)
#endif /* _MSC_VER */ #endif /* _MSC_VER */
#ifdef CONFIG_IEEE80211W
#define WPA_IGTK_LEN 16 #define WPA_IGTK_LEN 16
#define WPA_IGTK_MAX_LEN 32 #define WPA_IGTK_MAX_LEN 32
#endif /* CONFIG_IEEE80211W */
/* IEEE 802.11, 7.3.2.25.3 RSN Capabilities */ /* IEEE 802.11, 7.3.2.25.3 RSN Capabilities */
@ -226,12 +222,10 @@ struct wpa_gtk {
size_t gtk_len; size_t gtk_len;
}; };
#ifdef CONFIG_IEEE80211W
struct wpa_igtk { struct wpa_igtk {
u8 igtk[WPA_IGTK_MAX_LEN]; u8 igtk[WPA_IGTK_MAX_LEN];
size_t igtk_len; size_t igtk_len;
}; };
#endif /* CONFIG_IEEE80211W */
/* WPA IE version 1 /* WPA IE version 1
* 00-50-f2:1 (OUI:OUI type) * 00-50-f2:1 (OUI:OUI type)
@ -291,14 +285,12 @@ struct rsn_error_kde {
be16 error_type; be16 error_type;
} STRUCT_PACKED; } STRUCT_PACKED;
#ifdef CONFIG_IEEE80211W
#define WPA_IGTK_KDE_PREFIX_LEN (2 + 6) #define WPA_IGTK_KDE_PREFIX_LEN (2 + 6)
struct wpa_igtk_kde { struct wpa_igtk_kde {
u8 keyid[2]; u8 keyid[2];
u8 pn[6]; u8 pn[6];
u8 igtk[WPA_IGTK_MAX_LEN]; u8 igtk[WPA_IGTK_MAX_LEN];
} STRUCT_PACKED; } STRUCT_PACKED;
#endif /* CONFIG_IEEE80211W */
struct rsn_mdie { struct rsn_mdie {
u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];

View File

@ -59,10 +59,6 @@
#include "netlink.h" #include "netlink.h"
#include "linux_ioctl.h" #include "linux_ioctl.h"
#if defined(CONFIG_IEEE80211W) || defined(CONFIG_IEEE80211R) || defined(CONFIG_HS20) || defined(CONFIG_WNM) || defined(CONFIG_WPS) || defined(CONFIG_FILS)
#define ATHEROS_USE_RAW_RECEIVE
#endif
struct atheros_driver_data { struct atheros_driver_data {
struct hostapd_data *hapd; /* back pointer */ struct hostapd_data *hapd; /* back pointer */
@ -366,13 +362,11 @@ atheros_configure_wpa(struct atheros_driver_data *drv,
v = 0; v = 0;
if (params->rsn_preauth) if (params->rsn_preauth)
v |= BIT(0); v |= BIT(0);
#ifdef CONFIG_IEEE80211W
if (params->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (params->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
v |= BIT(7); v |= BIT(7);
if (params->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) if (params->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
v |= BIT(6); v |= BIT(6);
} }
#endif /* CONFIG_IEEE80211W */
wpa_printf(MSG_DEBUG, "%s: rsn capabilities=0x%x", __func__, v); wpa_printf(MSG_DEBUG, "%s: rsn capabilities=0x%x", __func__, v);
if (set80211param(drv, IEEE80211_PARAM_RSNCAPS, v)) { if (set80211param(drv, IEEE80211_PARAM_RSNCAPS, v)) {
@ -534,7 +528,6 @@ atheros_set_key(const char *ifname, void *priv, enum wpa_alg alg,
cipher = IEEE80211_CIPHER_AES_GCM_256; cipher = IEEE80211_CIPHER_AES_GCM_256;
break; break;
#endif /* ATH_GCM_SUPPORT */ #endif /* ATH_GCM_SUPPORT */
#ifdef CONFIG_IEEE80211W
case WPA_ALG_IGTK: case WPA_ALG_IGTK:
cipher = IEEE80211_CIPHER_AES_CMAC; cipher = IEEE80211_CIPHER_AES_CMAC;
break; break;
@ -549,7 +542,6 @@ atheros_set_key(const char *ifname, void *priv, enum wpa_alg alg,
cipher = IEEE80211_CIPHER_AES_GMAC_256; cipher = IEEE80211_CIPHER_AES_GMAC_256;
break; break;
#endif /* ATH_GCM_SUPPORT */ #endif /* ATH_GCM_SUPPORT */
#endif /* CONFIG_IEEE80211W */
default: default:
wpa_printf(MSG_INFO, "%s: unknown/unsupported algorithm %d", wpa_printf(MSG_INFO, "%s: unknown/unsupported algorithm %d",
__func__, alg); __func__, alg);
@ -856,7 +848,7 @@ static int atheros_set_qos_map(void *ctx, const u8 *qos_map_set,
return 0; return 0;
} }
#ifdef ATHEROS_USE_RAW_RECEIVE
static void atheros_raw_receive(void *ctx, const u8 *src_addr, const u8 *buf, static void atheros_raw_receive(void *ctx, const u8 *src_addr, const u8 *buf,
size_t len) size_t len)
{ {
@ -953,7 +945,7 @@ static void atheros_raw_receive(void *ctx, const u8 *src_addr, const u8 *buf,
break; break;
} }
} }
#endif /* ATHEROS_USE_RAW_RECEIVE */
static int atheros_receive_pkt(struct atheros_driver_data *drv) static int atheros_receive_pkt(struct atheros_driver_data *drv)
{ {
@ -965,11 +957,9 @@ static int atheros_receive_pkt(struct atheros_driver_data *drv)
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
filt.app_filterype |= IEEE80211_FILTER_TYPE_PROBE_REQ; filt.app_filterype |= IEEE80211_FILTER_TYPE_PROBE_REQ;
#endif /* CONFIG_WPS */ #endif /* CONFIG_WPS */
#if defined(CONFIG_IEEE80211W) || defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS)
filt.app_filterype |= (IEEE80211_FILTER_TYPE_ASSOC_REQ | filt.app_filterype |= (IEEE80211_FILTER_TYPE_ASSOC_REQ |
IEEE80211_FILTER_TYPE_AUTH | IEEE80211_FILTER_TYPE_AUTH |
IEEE80211_FILTER_TYPE_ACTION); IEEE80211_FILTER_TYPE_ACTION);
#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */
#ifdef CONFIG_WNM #ifdef CONFIG_WNM
filt.app_filterype |= IEEE80211_FILTER_TYPE_ACTION; filt.app_filterype |= IEEE80211_FILTER_TYPE_ACTION;
#endif /* CONFIG_WNM */ #endif /* CONFIG_WNM */
@ -1069,7 +1059,6 @@ atheros_set_ap_wps_ie(void *priv, const struct wpabuf *beacon,
#define atheros_set_ap_wps_ie NULL #define atheros_set_ap_wps_ie NULL
#endif /* CONFIG_WPS */ #endif /* CONFIG_WPS */
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS)
static int static int
atheros_sta_auth(void *priv, struct wpa_driver_sta_auth_params *params) atheros_sta_auth(void *priv, struct wpa_driver_sta_auth_params *params)
{ {
@ -1169,7 +1158,7 @@ atheros_sta_assoc(void *priv, const u8 *own_addr, const u8 *addr,
} }
return ret; return ret;
} }
#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */
static void static void
atheros_new_sta(struct atheros_driver_data *drv, u8 addr[IEEE80211_ADDR_LEN]) atheros_new_sta(struct atheros_driver_data *drv, u8 addr[IEEE80211_ADDR_LEN])
@ -1315,7 +1304,6 @@ atheros_wireless_event_wireless_custom(struct atheros_driver_data *drv,
atheros_raw_receive(drv, NULL, atheros_raw_receive(drv, NULL,
(u8 *) custom + MGMT_FRAM_TAG_SIZE, len); (u8 *) custom + MGMT_FRAM_TAG_SIZE, len);
#endif /* CONFIG_WPS */ #endif /* CONFIG_WPS */
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS)
} else if (os_strncmp(custom, "Manage.assoc_req ", 17) == 0) { } else if (os_strncmp(custom, "Manage.assoc_req ", 17) == 0) {
/* Format: "Manage.assoc_req <frame len>" | zero padding | /* Format: "Manage.assoc_req <frame len>" | zero padding |
* frame */ * frame */
@ -1339,8 +1327,6 @@ atheros_wireless_event_wireless_custom(struct atheros_driver_data *drv,
} }
atheros_raw_receive(drv, NULL, atheros_raw_receive(drv, NULL,
(u8 *) custom + MGMT_FRAM_TAG_SIZE, len); (u8 *) custom + MGMT_FRAM_TAG_SIZE, len);
#endif /* CONFIG_IEEE80211W || CONFIG_IEEE80211R || CONFIG_FILS */
#ifdef ATHEROS_USE_RAW_RECEIVE
} else if (os_strncmp(custom, "Manage.action ", 14) == 0) { } else if (os_strncmp(custom, "Manage.action ", 14) == 0) {
/* Format: "Manage.assoc_req <frame len>" | zero padding | frame /* Format: "Manage.assoc_req <frame len>" | zero padding | frame
*/ */
@ -1353,7 +1339,6 @@ atheros_wireless_event_wireless_custom(struct atheros_driver_data *drv,
} }
atheros_raw_receive(drv, NULL, atheros_raw_receive(drv, NULL,
(u8 *) custom + MGMT_FRAM_TAG_SIZE, len); (u8 *) custom + MGMT_FRAM_TAG_SIZE, len);
#endif /* ATHEROS_USE_RAW_RECEIVE */
} }
} }
@ -1973,8 +1958,6 @@ static int atheros_set_ap(void *priv, struct wpa_driver_ap_params *params)
} }
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS)
static int atheros_send_mgmt(void *priv, const u8 *frm, size_t data_len, static int atheros_send_mgmt(void *priv, const u8 *frm, size_t data_len,
int noack, unsigned int freq, int noack, unsigned int freq,
const u16 *csa_offs, size_t csa_offs_len) const u16 *csa_offs, size_t csa_offs_len)
@ -1999,7 +1982,6 @@ static int atheros_send_mgmt(void *priv, const u8 *frm, size_t data_len,
return set80211priv(drv, IEEE80211_IOCTL_SEND_MGMT, mgmt_frm, return set80211priv(drv, IEEE80211_IOCTL_SEND_MGMT, mgmt_frm,
sizeof(struct ieee80211req_mgmtbuf) + data_len); sizeof(struct ieee80211req_mgmtbuf) + data_len);
} }
#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */
#ifdef CONFIG_IEEE80211R #ifdef CONFIG_IEEE80211R
@ -2283,11 +2265,9 @@ const struct wpa_driver_ops wpa_driver_atheros_ops = {
.set_ap_wps_ie = atheros_set_ap_wps_ie, .set_ap_wps_ie = atheros_set_ap_wps_ie,
.set_authmode = atheros_set_authmode, .set_authmode = atheros_set_authmode,
.set_ap = atheros_set_ap, .set_ap = atheros_set_ap,
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS)
.sta_assoc = atheros_sta_assoc, .sta_assoc = atheros_sta_assoc,
.sta_auth = atheros_sta_auth, .sta_auth = atheros_sta_auth,
.send_mlme = atheros_send_mgmt, .send_mlme = atheros_send_mgmt,
#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */
#ifdef CONFIG_IEEE80211R #ifdef CONFIG_IEEE80211R
.add_tspec = atheros_add_tspec, .add_tspec = atheros_add_tspec,
.add_sta_node = atheros_add_sta_node, .add_sta_node = atheros_add_sta_node,

View File

@ -2240,7 +2240,6 @@ static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
6) < 0) 6) < 0)
ret = -1; ret = -1;
#endif /* CONFIG_DPP */ #endif /* CONFIG_DPP */
#ifdef CONFIG_IEEE80211W
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
/* SA Query Request */ /* SA Query Request */
if (nl80211_register_action_frame(bss, (u8 *) "\x08\x00", 2) < 0) if (nl80211_register_action_frame(bss, (u8 *) "\x08\x00", 2) < 0)
@ -2249,7 +2248,6 @@ static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss)
/* SA Query Response */ /* SA Query Response */
if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0) if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0)
ret = -1; ret = -1;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_TDLS #ifdef CONFIG_TDLS
if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) { if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) {
/* TDLS Discovery Response */ /* TDLS Discovery Response */
@ -2385,11 +2383,9 @@ static int nl80211_action_subscribe_ap(struct i802_bss *bss)
/* FT Action frames */ /* FT Action frames */
if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0)
ret = -1; ret = -1;
#ifdef CONFIG_IEEE80211W
/* SA Query */ /* SA Query */
if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0) if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0)
ret = -1; ret = -1;
#endif /* CONFIG_IEEE80211W */
/* Protected Dual of Public Action */ /* Protected Dual of Public Action */
if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0) if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0)
ret = -1; ret = -1;

View File

@ -1767,11 +1767,9 @@ static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg,
case WPA_ALG_PMK: case WPA_ALG_PMK:
ext->alg = IW_ENCODE_ALG_PMK; ext->alg = IW_ENCODE_ALG_PMK;
break; break;
#ifdef CONFIG_IEEE80211W
case WPA_ALG_IGTK: case WPA_ALG_IGTK:
ext->alg = IW_ENCODE_ALG_AES_CMAC; ext->alg = IW_ENCODE_ALG_AES_CMAC;
break; break;
#endif /* CONFIG_IEEE80211W */
default: default:
wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d", wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d",
__FUNCTION__, alg); __FUNCTION__, alg);
@ -2201,7 +2199,6 @@ int wpa_driver_wext_associate(void *priv,
IW_AUTH_RX_UNENCRYPTED_EAPOL, IW_AUTH_RX_UNENCRYPTED_EAPOL,
allow_unencrypted_eapol) < 0) allow_unencrypted_eapol) < 0)
ret = -1; ret = -1;
#ifdef CONFIG_IEEE80211W
switch (params->mgmt_frame_protection) { switch (params->mgmt_frame_protection) {
case NO_MGMT_FRAME_PROTECTION: case NO_MGMT_FRAME_PROTECTION:
value = IW_AUTH_MFP_DISABLED; value = IW_AUTH_MFP_DISABLED;
@ -2215,7 +2212,6 @@ int wpa_driver_wext_associate(void *priv,
}; };
if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
ret = -1; ret = -1;
#endif /* CONFIG_IEEE80211W */
if (params->freq.freq && if (params->freq.freq &&
wpa_driver_wext_set_freq(drv, params->freq.freq) < 0) wpa_driver_wext_set_freq(drv, params->freq.freq) < 0)
ret = -1; ret = -1;

View File

@ -8,7 +8,6 @@ install:
include ../lib.rules include ../lib.rules
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
CFLAGS += -DCONFIG_TDLS CFLAGS += -DCONFIG_TDLS
CFLAGS += -DCONFIG_WNM CFLAGS += -DCONFIG_WNM

View File

@ -1051,7 +1051,6 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
} }
#ifdef CONFIG_IEEE80211W
static int wpa_supplicant_install_igtk(struct wpa_sm *sm, static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
const struct wpa_igtk_kde *igtk, const struct wpa_igtk_kde *igtk,
int wnm_sleep) int wnm_sleep)
@ -1118,13 +1117,11 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
return 0; return 0;
} }
#endif /* CONFIG_IEEE80211W */
static int ieee80211w_set_keys(struct wpa_sm *sm, static int ieee80211w_set_keys(struct wpa_sm *sm,
struct wpa_eapol_ie_parse *ie) struct wpa_eapol_ie_parse *ie)
{ {
#ifdef CONFIG_IEEE80211W
if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher)) if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher))
return 0; return 0;
@ -1142,9 +1139,6 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
} }
return 0; return 0;
#else /* CONFIG_IEEE80211W */
return 0;
#endif /* CONFIG_IEEE80211W */
} }
@ -1455,7 +1449,6 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm,
"WPA: GTK IE in unencrypted key data"); "WPA: GTK IE in unencrypted key data");
goto failed; goto failed;
} }
#ifdef CONFIG_IEEE80211W
if (ie.igtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { if (ie.igtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) {
wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"WPA: IGTK KDE in unencrypted key data"); "WPA: IGTK KDE in unencrypted key data");
@ -1471,7 +1464,6 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm,
(unsigned long) ie.igtk_len); (unsigned long) ie.igtk_len);
goto failed; goto failed;
} }
#endif /* CONFIG_IEEE80211W */
if (wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0) if (wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0)
goto failed; goto failed;
@ -2294,9 +2286,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
key_info = WPA_GET_BE16(key->key_info); key_info = WPA_GET_BE16(key->key_info);
ver = key_info & WPA_KEY_INFO_TYPE_MASK; ver = key_info & WPA_KEY_INFO_TYPE_MASK;
if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 && if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 &&
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W)
ver != WPA_KEY_INFO_TYPE_AES_128_CMAC && ver != WPA_KEY_INFO_TYPE_AES_128_CMAC &&
#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES && ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES &&
!wpa_use_akm_defined(sm->key_mgmt)) { !wpa_use_akm_defined(sm->key_mgmt)) {
wpa_msg(sm->ctx->msg_ctx, MSG_INFO, wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
@ -2324,7 +2314,6 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
} }
} else } else
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
if (wpa_key_mgmt_sha256(sm->key_mgmt)) { if (wpa_key_mgmt_sha256(sm->key_mgmt)) {
if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC && if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC &&
!wpa_use_akm_defined(sm->key_mgmt)) { !wpa_use_akm_defined(sm->key_mgmt)) {
@ -2333,11 +2322,9 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr,
"negotiated AES-128-CMAC"); "negotiated AES-128-CMAC");
goto out; goto out;
} }
} else } else if (sm->pairwise_cipher == WPA_CIPHER_CCMP &&
#endif /* CONFIG_IEEE80211W */ !wpa_use_akm_defined(sm->key_mgmt) &&
if (sm->pairwise_cipher == WPA_CIPHER_CCMP && ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
!wpa_use_akm_defined(sm->key_mgmt) &&
ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
wpa_msg(sm->ctx->msg_ctx, MSG_INFO, wpa_msg(sm->ctx->msg_ctx, MSG_INFO,
"WPA: CCMP is used, but EAPOL-Key " "WPA: CCMP is used, but EAPOL-Key "
"descriptor version (%d) is not 2", ver); "descriptor version (%d) is not 2", ver);
@ -2480,12 +2467,10 @@ static u32 wpa_key_mgmt_suite(struct wpa_sm *sm)
case WPA_KEY_MGMT_FT_PSK: case WPA_KEY_MGMT_FT_PSK:
return RSN_AUTH_KEY_MGMT_FT_PSK; return RSN_AUTH_KEY_MGMT_FT_PSK;
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
case WPA_KEY_MGMT_IEEE8021X_SHA256: case WPA_KEY_MGMT_IEEE8021X_SHA256:
return RSN_AUTH_KEY_MGMT_802_1X_SHA256; return RSN_AUTH_KEY_MGMT_802_1X_SHA256;
case WPA_KEY_MGMT_PSK_SHA256: case WPA_KEY_MGMT_PSK_SHA256:
return RSN_AUTH_KEY_MGMT_PSK_SHA256; return RSN_AUTH_KEY_MGMT_PSK_SHA256;
#endif /* CONFIG_IEEE80211W */
case WPA_KEY_MGMT_CCKM: case WPA_KEY_MGMT_CCKM:
return (sm->proto == WPA_PROTO_RSN ? return (sm->proto == WPA_PROTO_RSN ?
RSN_AUTH_KEY_MGMT_CCKM: RSN_AUTH_KEY_MGMT_CCKM:
@ -2768,10 +2753,8 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
os_memset(&sm->tptk, 0, sizeof(sm->tptk)); os_memset(&sm->tptk, 0, sizeof(sm->tptk));
os_memset(&sm->gtk, 0, sizeof(sm->gtk)); os_memset(&sm->gtk, 0, sizeof(sm->gtk));
os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
#ifdef CONFIG_IEEE80211W
os_memset(&sm->igtk, 0, sizeof(sm->igtk)); os_memset(&sm->igtk, 0, sizeof(sm->igtk));
os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
#endif /* CONFIG_IEEE80211W */
} }
#ifdef CONFIG_TDLS #ifdef CONFIG_TDLS
@ -3043,11 +3026,9 @@ int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param,
case WPA_PARAM_KEY_MGMT: case WPA_PARAM_KEY_MGMT:
sm->key_mgmt = value; sm->key_mgmt = value;
break; break;
#ifdef CONFIG_IEEE80211W
case WPA_PARAM_MGMT_GROUP: case WPA_PARAM_MGMT_GROUP:
sm->mgmt_group_cipher = value; sm->mgmt_group_cipher = value;
break; break;
#endif /* CONFIG_IEEE80211W */
case WPA_PARAM_RSN_ENABLED: case WPA_PARAM_RSN_ENABLED:
sm->rsn_enabled = value; sm->rsn_enabled = value;
break; break;
@ -3375,10 +3356,8 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
os_memset(&sm->tptk, 0, sizeof(sm->tptk)); os_memset(&sm->tptk, 0, sizeof(sm->tptk));
os_memset(&sm->gtk, 0, sizeof(sm->gtk)); os_memset(&sm->gtk, 0, sizeof(sm->gtk));
os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
#ifdef CONFIG_IEEE80211W
os_memset(&sm->igtk, 0, sizeof(sm->igtk)); os_memset(&sm->igtk, 0, sizeof(sm->igtk));
os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_IEEE80211R #ifdef CONFIG_IEEE80211R
os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
sm->xxkey_len = 0; sm->xxkey_len = 0;
@ -3452,14 +3431,12 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
return -1; return -1;
} }
forced_memzero(&gd, sizeof(gd)); forced_memzero(&gd, sizeof(gd));
#ifdef CONFIG_IEEE80211W
} else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) { } else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) {
const struct wpa_igtk_kde *igtk; const struct wpa_igtk_kde *igtk;
igtk = (const struct wpa_igtk_kde *) (buf + 2); igtk = (const struct wpa_igtk_kde *) (buf + 2);
if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0) if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0)
return -1; return -1;
#endif /* CONFIG_IEEE80211W */
} else { } else {
wpa_printf(MSG_DEBUG, "Unknown element id"); wpa_printf(MSG_DEBUG, "Unknown element id");
return -1; return -1;
@ -4019,10 +3996,8 @@ static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf)
/* RSN Capabilities */ /* RSN Capabilities */
capab = 0; capab = 0;
#ifdef CONFIG_IEEE80211W
if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC)
capab |= WPA_CAPABILITY_MFPC; capab |= WPA_CAPABILITY_MFPC;
#endif /* CONFIG_IEEE80211W */
if (sm->ocv) if (sm->ocv)
capab |= WPA_CAPABILITY_OCVC; capab |= WPA_CAPABILITY_OCVC;
wpabuf_put_le16(buf, capab); wpabuf_put_le16(buf, capab);
@ -4062,13 +4037,11 @@ static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf)
WPA_PMK_NAME_LEN); WPA_PMK_NAME_LEN);
os_memcpy(pos, sm->pmk_r1_name, WPA_PMK_NAME_LEN); os_memcpy(pos, sm->pmk_r1_name, WPA_PMK_NAME_LEN);
#ifdef CONFIG_IEEE80211W
if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) { if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) {
/* Management Group Cipher Suite */ /* Management Group Cipher Suite */
pos = wpabuf_put(buf, RSN_SELECTOR_LEN); pos = wpabuf_put(buf, RSN_SELECTOR_LEN);
RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC); RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC);
} }
#endif /* CONFIG_IEEE80211W */
rsnie->len = ((u8 *) wpabuf_put(buf, 0) - (u8 *) rsnie) - 2; rsnie->len = ((u8 *) wpabuf_put(buf, 0) - (u8 *) rsnie) - 2;
return 0; return 0;

View File

@ -246,12 +246,10 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
/* RSN Capabilities */ /* RSN Capabilities */
capab = 0; capab = 0;
#ifdef CONFIG_IEEE80211W
if (sm->mfp) if (sm->mfp)
capab |= WPA_CAPABILITY_MFPC; capab |= WPA_CAPABILITY_MFPC;
if (sm->mfp == 2) if (sm->mfp == 2)
capab |= WPA_CAPABILITY_MFPR; capab |= WPA_CAPABILITY_MFPR;
#endif /* CONFIG_IEEE80211W */
if (sm->ocv) if (sm->ocv)
capab |= WPA_CAPABILITY_OCVC; capab |= WPA_CAPABILITY_OCVC;
WPA_PUT_LE16(pos, capab); WPA_PUT_LE16(pos, capab);
@ -265,7 +263,6 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
os_memcpy(pos, pmk_name, WPA_PMK_NAME_LEN); os_memcpy(pos, pmk_name, WPA_PMK_NAME_LEN);
pos += WPA_PMK_NAME_LEN; pos += WPA_PMK_NAME_LEN;
#ifdef CONFIG_IEEE80211W
/* Management Group Cipher Suite */ /* Management Group Cipher Suite */
switch (sm->mgmt_group_cipher) { switch (sm->mgmt_group_cipher) {
case WPA_CIPHER_AES_128_CMAC: case WPA_CIPHER_AES_128_CMAC:
@ -285,7 +282,6 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
pos += RSN_SELECTOR_LEN; pos += RSN_SELECTOR_LEN;
break; break;
} }
#endif /* CONFIG_IEEE80211W */
rsnie->len = (pos - (u8 *) rsnie) - 2; rsnie->len = (pos - (u8 *) rsnie) - 2;
@ -597,13 +593,11 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len,
return -1; return -1;
} }
#ifdef CONFIG_IEEE80211W
if (sm->mfp == 2 && !(parse.rsn_capab & WPA_CAPABILITY_MFPC)) { if (sm->mfp == 2 && !(parse.rsn_capab & WPA_CAPABILITY_MFPC)) {
wpa_printf(MSG_INFO, wpa_printf(MSG_INFO,
"FT: Target AP does not support PMF, but local configuration requires that"); "FT: Target AP does not support PMF, but local configuration requires that");
return -1; return -1;
} }
#endif /* CONFIG_IEEE80211W */
os_memcpy(sm->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN); os_memcpy(sm->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN);
wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID", sm->r1kh_id, FT_R1KH_ID_LEN); wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID", sm->r1kh_id, FT_R1KH_ID_LEN);
@ -774,7 +768,6 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem,
} }
#ifdef CONFIG_IEEE80211W
static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem,
size_t igtk_elem_len) size_t igtk_elem_len)
{ {
@ -842,7 +835,6 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem,
return 0; return 0;
} }
#endif /* CONFIG_IEEE80211W */
int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
@ -1025,10 +1017,8 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0) if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)
return -1; return -1;
#ifdef CONFIG_IEEE80211W
if (wpa_ft_process_igtk_subelem(sm, parse.igtk, parse.igtk_len) < 0) if (wpa_ft_process_igtk_subelem(sm, parse.igtk, parse.igtk_len) < 0)
return -1; return -1;
#endif /* CONFIG_IEEE80211W */
if (sm->set_ptk_after_assoc) { if (sm->set_ptk_after_assoc) {
wpa_printf(MSG_DEBUG, "FT: Try to set PTK again now that we " wpa_printf(MSG_DEBUG, "FT: Try to set PTK again now that we "

View File

@ -31,10 +31,8 @@ struct wpa_sm {
u8 request_counter[WPA_REPLAY_COUNTER_LEN]; u8 request_counter[WPA_REPLAY_COUNTER_LEN];
struct wpa_gtk gtk; struct wpa_gtk gtk;
struct wpa_gtk gtk_wnm_sleep; struct wpa_gtk gtk_wnm_sleep;
#ifdef CONFIG_IEEE80211W
struct wpa_igtk igtk; struct wpa_igtk igtk;
struct wpa_igtk igtk_wnm_sleep; struct wpa_igtk igtk_wnm_sleep;
#endif /* CONFIG_IEEE80211W */
struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ struct eapol_sm *eapol; /* EAPOL state machine from upper level code */

View File

@ -168,12 +168,10 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len,
} else if (key_mgmt == WPA_KEY_MGMT_FT_PSK) { } else if (key_mgmt == WPA_KEY_MGMT_FT_PSK) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK); RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK);
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
} else if (key_mgmt == WPA_KEY_MGMT_IEEE8021X_SHA256) { } else if (key_mgmt == WPA_KEY_MGMT_IEEE8021X_SHA256) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256); RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256);
} else if (key_mgmt == WPA_KEY_MGMT_PSK_SHA256) { } else if (key_mgmt == WPA_KEY_MGMT_PSK_SHA256) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256); RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256);
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
} else if (key_mgmt == WPA_KEY_MGMT_SAE) { } else if (key_mgmt == WPA_KEY_MGMT_SAE) {
RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE); RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE);
@ -217,12 +215,10 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len,
/* RSN Capabilities */ /* RSN Capabilities */
capab = 0; capab = 0;
#ifdef CONFIG_IEEE80211W
if (sm->mfp) if (sm->mfp)
capab |= WPA_CAPABILITY_MFPC; capab |= WPA_CAPABILITY_MFPC;
if (sm->mfp == 2) if (sm->mfp == 2)
capab |= WPA_CAPABILITY_MFPR; capab |= WPA_CAPABILITY_MFPR;
#endif /* CONFIG_IEEE80211W */
if (sm->ocv) if (sm->ocv)
capab |= WPA_CAPABILITY_OCVC; capab |= WPA_CAPABILITY_OCVC;
WPA_PUT_LE16(pos, capab); WPA_PUT_LE16(pos, capab);
@ -237,7 +233,6 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len,
pos += PMKID_LEN; pos += PMKID_LEN;
} }
#ifdef CONFIG_IEEE80211W
if (wpa_cipher_valid_mgmt_group(mgmt_group_cipher)) { if (wpa_cipher_valid_mgmt_group(mgmt_group_cipher)) {
if (!sm->cur_pmksa) { if (!sm->cur_pmksa) {
/* PMKID Count */ /* PMKID Count */
@ -250,7 +245,6 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len,
mgmt_group_cipher)); mgmt_group_cipher));
pos += RSN_SELECTOR_LEN; pos += RSN_SELECTOR_LEN;
} }
#endif /* CONFIG_IEEE80211W */
hdr->len = (pos - rsn_ie) - 2; hdr->len = (pos - rsn_ie) - 2;
@ -435,7 +429,6 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end,
return 0; return 0;
} }
#ifdef CONFIG_IEEE80211W
if (pos[1] > RSN_SELECTOR_LEN + 2 && if (pos[1] > RSN_SELECTOR_LEN + 2 &&
RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) { RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) {
ie->igtk = pos + 2 + RSN_SELECTOR_LEN; ie->igtk = pos + 2 + RSN_SELECTOR_LEN;
@ -444,7 +437,6 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end,
pos, pos[1] + 2); pos, pos[1] + 2);
return 0; return 0;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_P2P #ifdef CONFIG_P2P
if (pos[1] >= RSN_SELECTOR_LEN + 1 && if (pos[1] >= RSN_SELECTOR_LEN + 1 &&

View File

@ -21,10 +21,8 @@ struct wpa_eapol_ie_parse {
size_t gtk_len; size_t gtk_len;
const u8 *mac_addr; const u8 *mac_addr;
size_t mac_addr_len; size_t mac_addr_len;
#ifdef CONFIG_IEEE80211W
const u8 *igtk; const u8 *igtk;
size_t igtk_len; size_t igtk_len;
#endif /* CONFIG_IEEE80211W */
const u8 *mdie; const u8 *mdie;
size_t mdie_len; size_t mdie_len;
const u8 *ftie; const u8 *ftie;

View File

@ -32,7 +32,6 @@ CFLAGS += -DTEST_FUZZ
endif endif
CFLAGS += -DCONFIG_IEEE80211R_AP CFLAGS += -DCONFIG_IEEE80211R_AP
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
CFLAGS += -DCONFIG_TDLS CFLAGS += -DCONFIG_TDLS

View File

@ -42,7 +42,6 @@ CONFIG_FULL_DYNAMIC_VLAN=y
CONFIG_VLAN_NETLINK=y CONFIG_VLAN_NETLINK=y
CONFIG_LIBNL32=y CONFIG_LIBNL32=y
CONFIG_LIBNL3_ROUTE=y CONFIG_LIBNL3_ROUTE=y
CONFIG_IEEE80211W=y
CONFIG_IEEE80211R=y CONFIG_IEEE80211R=y
CONFIG_IEEE80211N=y CONFIG_IEEE80211N=y
CONFIG_IEEE80211AC=y CONFIG_IEEE80211AC=y

View File

@ -13,5 +13,4 @@ CONFIG_EAP_PAX=y
CONFIG_EAP_FAST=y CONFIG_EAP_FAST=y
CONFIG_EAP_IKEV2=y CONFIG_EAP_IKEV2=y
CONFIG_IEEE80211W=y
CFLAGS += -Werror CFLAGS += -Werror

View File

@ -46,7 +46,6 @@ CONFIG_OCSP=y
#CONFIG_CTRL_IFACE_DBUS_NEW=y #CONFIG_CTRL_IFACE_DBUS_NEW=y
#CONFIG_CTRL_IFACE_DBUS_INTRO=y #CONFIG_CTRL_IFACE_DBUS_INTRO=y
CONFIG_IEEE80211W=y
CONFIG_IEEE80211R=y CONFIG_IEEE80211R=y
CONFIG_IEEE80211N=y CONFIG_IEEE80211N=y
CONFIG_IEEE80211AC=y CONFIG_IEEE80211AC=y

View File

@ -24,5 +24,4 @@ CONFIG_FILS_SK_PFS=y
CONFIG_OWE=y CONFIG_OWE=y
CONFIG_DPP=y CONFIG_DPP=y
CONFIG_IEEE80211W=y
CFLAGS += -Werror CFLAGS += -Werror

View File

@ -24,5 +24,4 @@ CONFIG_FILS_SK_PFS=y
CONFIG_OWE=y CONFIG_OWE=y
CONFIG_DPP=y CONFIG_DPP=y
CONFIG_IEEE80211W=y
CFLAGS += -Werror CFLAGS += -Werror

View File

@ -13,5 +13,4 @@ CONFIG_EAP_PAX=y
CONFIG_EAP_FAST=y CONFIG_EAP_FAST=y
CONFIG_EAP_IKEV2=y CONFIG_EAP_IKEV2=y
CONFIG_IEEE80211W=y
CFLAGS += -Werror CFLAGS += -Werror

View File

@ -26,5 +26,4 @@ CONFIG_DPP=y
CONFIG_SUITEB=y CONFIG_SUITEB=y
CONFIG_SUITEB192=y CONFIG_SUITEB192=y
CONFIG_IEEE80211W=y
CFLAGS += -Werror CFLAGS += -Werror

View File

@ -26,5 +26,4 @@ CONFIG_DPP=y
CONFIG_SUITEB=y CONFIG_SUITEB=y
CONFIG_SUITEB192=y CONFIG_SUITEB192=y
CONFIG_IEEE80211W=y
CFLAGS += -Werror CFLAGS += -Werror

View File

@ -26,5 +26,4 @@ CONFIG_DPP=y
CONFIG_SUITEB=y CONFIG_SUITEB=y
CONFIG_SUITEB192=y CONFIG_SUITEB192=y
CONFIG_IEEE80211W=y
CFLAGS += -Werror CFLAGS += -Werror

View File

@ -2,7 +2,6 @@ all: eapol-key-auth
include ../rules.include include ../rules.include
CFLAGS += -DCONFIG_IEEE80211R_AP CFLAGS += -DCONFIG_IEEE80211R_AP
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
CFLAGS += -DCONFIG_TDLS CFLAGS += -DCONFIG_TDLS

View File

@ -2,7 +2,6 @@ all: eapol-key-supp
include ../rules.include include ../rules.include
CFLAGS += -DCONFIG_IEEE80211R_AP CFLAGS += -DCONFIG_IEEE80211R_AP
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
CFLAGS += -DCONFIG_TDLS CFLAGS += -DCONFIG_TDLS

View File

@ -47,7 +47,6 @@ CONFIG_FULL_DYNAMIC_VLAN=y
CONFIG_VLAN_NETLINK=y CONFIG_VLAN_NETLINK=y
CONFIG_LIBNL32=y CONFIG_LIBNL32=y
CONFIG_LIBNL3_ROUTE=y CONFIG_LIBNL3_ROUTE=y
CONFIG_IEEE80211W=y
CONFIG_IEEE80211R=y CONFIG_IEEE80211R=y
CONFIG_IEEE80211N=y CONFIG_IEEE80211N=y
CONFIG_IEEE80211AC=y CONFIG_IEEE80211AC=y

View File

@ -57,7 +57,6 @@ CONFIG_OCSP=y
CONFIG_CTRL_IFACE_DBUS_NEW=y CONFIG_CTRL_IFACE_DBUS_NEW=y
CONFIG_CTRL_IFACE_DBUS_INTRO=y CONFIG_CTRL_IFACE_DBUS_INTRO=y
CONFIG_IEEE80211W=y
CONFIG_IEEE80211R=y CONFIG_IEEE80211R=y
CONFIG_IEEE80211N=y CONFIG_IEEE80211N=y
CONFIG_IEEE80211AC=y CONFIG_IEEE80211AC=y

View File

@ -45,7 +45,6 @@ endif
OBJS_lib += ../src/utils/libutils.a OBJS_lib += ../src/utils/libutils.a
OBJS_lib += ../src/crypto/libcrypto.a OBJS_lib += ../src/crypto/libcrypto.a
CFLAGS += -DCONFIG_IEEE80211W
CFLAGS += -DCONFIG_OCV CFLAGS += -DCONFIG_OCV
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
CFLAGS += -DCONFIG_HS20 CFLAGS += -DCONFIG_HS20

View File

@ -198,8 +198,6 @@ endif
ifdef CONFIG_SUITEB ifdef CONFIG_SUITEB
L_CFLAGS += -DCONFIG_SUITEB L_CFLAGS += -DCONFIG_SUITEB
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_SUITEB192 ifdef CONFIG_SUITEB192
@ -210,25 +208,15 @@ endif
ifdef CONFIG_OCV ifdef CONFIG_OCV
L_CFLAGS += -DCONFIG_OCV L_CFLAGS += -DCONFIG_OCV
OBJS += src/common/ocv.c OBJS += src/common/ocv.c
CONFIG_IEEE80211W=y
endif
ifdef CONFIG_IEEE80211W
L_CFLAGS += -DCONFIG_IEEE80211W
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_IEEE80211R ifdef CONFIG_IEEE80211R
L_CFLAGS += -DCONFIG_IEEE80211R L_CFLAGS += -DCONFIG_IEEE80211R
OBJS += src/rsn_supp/wpa_ft.c OBJS += src/rsn_supp/wpa_ft.c
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_MESH ifdef CONFIG_MESH
NEED_80211_COMMON=y NEED_80211_COMMON=y
NEED_SHA256=y
NEED_AES_SIV=y NEED_AES_SIV=y
CONFIG_SAE=y CONFIG_SAE=y
CONFIG_AP=y CONFIG_AP=y
@ -254,7 +242,6 @@ NEED_AES_SIV=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
NEED_JSON=y NEED_JSON=y
@ -271,7 +258,6 @@ NEED_ECC=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
endif endif
@ -298,8 +284,6 @@ endif
ifdef CONFIG_TDLS ifdef CONFIG_TDLS
L_CFLAGS += -DCONFIG_TDLS L_CFLAGS += -DCONFIG_TDLS
OBJS += src/rsn_supp/tdls.c OBJS += src/rsn_supp/tdls.c
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_TDLS_TESTING ifdef CONFIG_TDLS_TESTING
@ -364,7 +348,6 @@ ifdef CONFIG_HS20
OBJS += hs20_supplicant.c OBJS += hs20_supplicant.c
L_CFLAGS += -DCONFIG_HS20 L_CFLAGS += -DCONFIG_HS20
CONFIG_INTERWORKING=y CONFIG_INTERWORKING=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_INTERWORKING ifdef CONFIG_INTERWORKING
@ -431,7 +414,6 @@ endif
ifdef CONFIG_ERP ifdef CONFIG_ERP
L_CFLAGS += -DCONFIG_ERP L_CFLAGS += -DCONFIG_ERP
NEED_SHA256=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
endif endif
@ -586,7 +568,6 @@ OBJS += src/eap_peer/eap_psk.c src/eap_common/eap_psk_common.c
endif endif
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_AES=y NEED_AES=y
NEED_AES_OMAC1=y
NEED_AES_ENCBLOCK=y NEED_AES_ENCBLOCK=y
NEED_AES_EAX=y NEED_AES_EAX=y
endif endif
@ -619,7 +600,6 @@ L_CFLAGS += -DEAP_AKA_PRIME_DYNAMIC
else else
L_CFLAGS += -DEAP_AKA_PRIME L_CFLAGS += -DEAP_AKA_PRIME
endif endif
NEED_SHA256=y
endif endif
ifdef CONFIG_EAP_SIM_COMMON ifdef CONFIG_EAP_SIM_COMMON
@ -700,15 +680,12 @@ CONFIG_IEEE8021X_EAPOL=y
ifdef CONFIG_EAP_GPSK_SHA256 ifdef CONFIG_EAP_GPSK_SHA256
L_CFLAGS += -DEAP_GPSK_SHA256 L_CFLAGS += -DEAP_GPSK_SHA256
endif endif
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_EAP_PWD ifdef CONFIG_EAP_PWD
L_CFLAGS += -DEAP_PWD L_CFLAGS += -DEAP_PWD
OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y NEED_DRAGONFLY=y
endif endif
@ -725,7 +702,6 @@ endif
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_DH_GROUPS_ALL=y NEED_DH_GROUPS_ALL=y
NEED_SHA256=y
NEED_AES_CBC=y NEED_AES_CBC=y
endif endif
@ -745,7 +721,6 @@ OBJS += src/wps/wps_enrollee.c
OBJS += src/wps/wps_registrar.c OBJS += src/wps/wps_registrar.c
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_AES_CBC=y NEED_AES_CBC=y
NEED_MODEXP=y NEED_MODEXP=y
@ -1035,7 +1010,6 @@ endif
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
L_CFLAGS += -DCONFIG_TLSV12 L_CFLAGS += -DCONFIG_TLSV12
NEED_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), openssl) ifeq ($(CONFIG_TLS), openssl)
@ -1050,7 +1024,6 @@ OBJS_p += src/crypto/crypto_openssl.c
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += src/crypto/fips_prf_openssl.c OBJS += src/crypto/fips_prf_openssl.c
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_p += -lcrypto LIBS_p += -lcrypto
@ -1113,7 +1086,6 @@ OBJS += src/tls/x509v3.c
OBJS += src/tls/pkcs1.c OBJS += src/tls/pkcs1.c
OBJS += src/tls/pkcs5.c OBJS += src/tls/pkcs5.c
OBJS += src/tls/pkcs8.c OBJS += src/tls/pkcs8.c
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_TLS_PRF=y NEED_TLS_PRF=y
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
@ -1233,12 +1205,10 @@ endif
ifdef NEED_AES_EAX ifdef NEED_AES_EAX
AESOBJS += src/crypto/aes-eax.c AESOBJS += src/crypto/aes-eax.c
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_SIV ifdef NEED_AES_SIV
AESOBJS += src/crypto/aes-siv.c AESOBJS += src/crypto/aes-siv.c
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_CTR ifdef NEED_AES_CTR
AESOBJS += src/crypto/aes-ctr.c AESOBJS += src/crypto/aes-ctr.c
@ -1246,14 +1216,12 @@ endif
ifdef NEED_AES_ENCBLOCK ifdef NEED_AES_ENCBLOCK
AESOBJS += src/crypto/aes-encblock.c AESOBJS += src/crypto/aes-encblock.c
endif endif
ifdef NEED_AES_OMAC1
NEED_AES_ENC=y NEED_AES_ENC=y
ifdef CONFIG_OPENSSL_CMAC ifdef CONFIG_OPENSSL_CMAC
L_CFLAGS += -DCONFIG_OPENSSL_CMAC L_CFLAGS += -DCONFIG_OPENSSL_CMAC
else else
AESOBJS += src/crypto/aes-omac1.c AESOBJS += src/crypto/aes-omac1.c
endif endif
endif
ifdef NEED_AES_WRAP ifdef NEED_AES_WRAP
NEED_AES_ENC=y NEED_AES_ENC=y
ifdef NEED_INTERNAL_AES_WRAP ifdef NEED_INTERNAL_AES_WRAP
@ -1346,7 +1314,6 @@ endif
endif endif
SHA256OBJS = # none by default SHA256OBJS = # none by default
ifdef NEED_SHA256
L_CFLAGS += -DCONFIG_SHA256 L_CFLAGS += -DCONFIG_SHA256
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), gnutls) ifneq ($(CONFIG_TLS), gnutls)
@ -1384,7 +1351,6 @@ L_CFLAGS += -DCONFIG_HMAC_SHA512_KDF
SHA256OBJS += src/crypto/sha512-kdf.c SHA256OBJS += src/crypto/sha512-kdf.c
endif endif
OBJS += $(SHA256OBJS) OBJS += $(SHA256OBJS)
endif
ifdef NEED_SHA384 ifdef NEED_SHA384
L_CFLAGS += -DCONFIG_SHA384 L_CFLAGS += -DCONFIG_SHA384
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)

View File

@ -230,8 +230,6 @@ endif
ifdef CONFIG_SUITEB ifdef CONFIG_SUITEB
CFLAGS += -DCONFIG_SUITEB CFLAGS += -DCONFIG_SUITEB
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_SUITEB192 ifdef CONFIG_SUITEB192
@ -242,25 +240,15 @@ endif
ifdef CONFIG_OCV ifdef CONFIG_OCV
CFLAGS += -DCONFIG_OCV CFLAGS += -DCONFIG_OCV
OBJS += ../src/common/ocv.o OBJS += ../src/common/ocv.o
CONFIG_IEEE80211W=y
endif
ifdef CONFIG_IEEE80211W
CFLAGS += -DCONFIG_IEEE80211W
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_IEEE80211R ifdef CONFIG_IEEE80211R
CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R
OBJS += ../src/rsn_supp/wpa_ft.o OBJS += ../src/rsn_supp/wpa_ft.o
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_MESH ifdef CONFIG_MESH
NEED_80211_COMMON=y NEED_80211_COMMON=y
NEED_SHA256=y
NEED_AES_SIV=y NEED_AES_SIV=y
CONFIG_SAE=y CONFIG_SAE=y
CONFIG_AP=y CONFIG_AP=y
@ -286,7 +274,6 @@ NEED_AES_SIV=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
NEED_JSON=y NEED_JSON=y
@ -303,7 +290,6 @@ NEED_ECC=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y NEED_HMAC_SHA512_KDF=y
NEED_SHA256=y
NEED_SHA384=y NEED_SHA384=y
NEED_SHA512=y NEED_SHA512=y
endif endif
@ -330,8 +316,6 @@ endif
ifdef CONFIG_TDLS ifdef CONFIG_TDLS
CFLAGS += -DCONFIG_TDLS CFLAGS += -DCONFIG_TDLS
OBJS += ../src/rsn_supp/tdls.o OBJS += ../src/rsn_supp/tdls.o
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_TDLS_TESTING ifdef CONFIG_TDLS_TESTING
@ -404,7 +388,6 @@ ifdef CONFIG_HS20
OBJS += hs20_supplicant.o OBJS += hs20_supplicant.o
CFLAGS += -DCONFIG_HS20 CFLAGS += -DCONFIG_HS20
CONFIG_INTERWORKING=y CONFIG_INTERWORKING=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_INTERWORKING ifdef CONFIG_INTERWORKING
@ -458,7 +441,6 @@ endif
ifdef CONFIG_ERP ifdef CONFIG_ERP
CFLAGS += -DCONFIG_ERP CFLAGS += -DCONFIG_ERP
NEED_SHA256=y
NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA256_KDF=y
endif endif
@ -613,7 +595,6 @@ OBJS += ../src/eap_peer/eap_psk.o ../src/eap_common/eap_psk_common.o
endif endif
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_AES=y NEED_AES=y
NEED_AES_OMAC1=y
NEED_AES_ENCBLOCK=y NEED_AES_ENCBLOCK=y
NEED_AES_EAX=y NEED_AES_EAX=y
endif endif
@ -646,7 +627,6 @@ CFLAGS += -DEAP_AKA_PRIME_DYNAMIC
else else
CFLAGS += -DEAP_AKA_PRIME CFLAGS += -DEAP_AKA_PRIME
endif endif
NEED_SHA256=y
endif endif
ifdef CONFIG_EAP_SIM_COMMON ifdef CONFIG_EAP_SIM_COMMON
@ -727,8 +707,6 @@ CONFIG_IEEE8021X_EAPOL=y
ifdef CONFIG_EAP_GPSK_SHA256 ifdef CONFIG_EAP_GPSK_SHA256
CFLAGS += -DEAP_GPSK_SHA256 CFLAGS += -DEAP_GPSK_SHA256
endif endif
NEED_SHA256=y
NEED_AES_OMAC1=y
endif endif
ifdef CONFIG_EAP_PWD ifdef CONFIG_EAP_PWD
@ -738,7 +716,6 @@ CFLAGS += -DCONFIG_ECC
endif endif
OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_SHA256=y
NEED_ECC=y NEED_ECC=y
NEED_DRAGONFLY=y NEED_DRAGONFLY=y
endif endif
@ -755,7 +732,6 @@ endif
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_DH_GROUPS_ALL=y NEED_DH_GROUPS_ALL=y
NEED_SHA256=y
NEED_AES_CBC=y NEED_AES_CBC=y
endif endif
@ -775,7 +751,6 @@ OBJS += ../src/wps/wps_enrollee.o
OBJS += ../src/wps/wps_registrar.o OBJS += ../src/wps/wps_registrar.o
CONFIG_IEEE8021X_EAPOL=y CONFIG_IEEE8021X_EAPOL=y
NEED_DH_GROUPS=y NEED_DH_GROUPS=y
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_AES_CBC=y NEED_AES_CBC=y
NEED_MODEXP=y NEED_MODEXP=y
@ -873,7 +848,6 @@ CONFIG_IEEE8021X_EAPOL=y
NEED_AES_ENCBLOCK=y NEED_AES_ENCBLOCK=y
NEED_AES_UNWRAP=y NEED_AES_UNWRAP=y
NEED_AES_WRAP=y NEED_AES_WRAP=y
NEED_AES_OMAC1=y
OBJS += wpas_kay.o OBJS += wpas_kay.o
OBJS += ../src/pae/ieee802_1x_cp.o OBJS += ../src/pae/ieee802_1x_cp.o
OBJS += ../src/pae/ieee802_1x_kay.o OBJS += ../src/pae/ieee802_1x_kay.o
@ -1083,7 +1057,6 @@ endif
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
CFLAGS += -DCONFIG_TLSV12 CFLAGS += -DCONFIG_TLSV12
NEED_SHA256=y
endif endif
ifeq ($(CONFIG_TLS), wolfssl) ifeq ($(CONFIG_TLS), wolfssl)
@ -1114,7 +1087,6 @@ OBJS_priv += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o OBJS += ../src/crypto/fips_prf_openssl.o
endif endif
NEED_SHA256=y
NEED_TLS_PRF_SHA256=y NEED_TLS_PRF_SHA256=y
LIBS += -lcrypto LIBS += -lcrypto
LIBS_p += -lcrypto LIBS_p += -lcrypto
@ -1178,7 +1150,6 @@ OBJS += ../src/tls/x509v3.o
OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs1.o
OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs5.o
OBJS += ../src/tls/pkcs8.o OBJS += ../src/tls/pkcs8.o
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_TLS_PRF=y NEED_TLS_PRF=y
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
@ -1258,7 +1229,6 @@ OBJS += ../src/tls/x509v3.o
OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs1.o
OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs5.o
OBJS += ../src/tls/pkcs8.o OBJS += ../src/tls/pkcs8.o
NEED_SHA256=y
NEED_BASE64=y NEED_BASE64=y
NEED_TLS_PRF=y NEED_TLS_PRF=y
ifdef CONFIG_TLSV12 ifdef CONFIG_TLSV12
@ -1344,12 +1314,10 @@ endif
ifdef NEED_AES_EAX ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_SIV ifdef NEED_AES_SIV
AESOBJS += ../src/crypto/aes-siv.o AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y NEED_AES_CTR=y
NEED_AES_OMAC1=y
endif endif
ifdef NEED_AES_CTR ifdef NEED_AES_CTR
AESOBJS += ../src/crypto/aes-ctr.o AESOBJS += ../src/crypto/aes-ctr.o
@ -1357,7 +1325,6 @@ endif
ifdef NEED_AES_ENCBLOCK ifdef NEED_AES_ENCBLOCK
AESOBJS += ../src/crypto/aes-encblock.o AESOBJS += ../src/crypto/aes-encblock.o
endif endif
ifdef NEED_AES_OMAC1
NEED_AES_ENC=y NEED_AES_ENC=y
ifdef CONFIG_OPENSSL_CMAC ifdef CONFIG_OPENSSL_CMAC
CFLAGS += -DCONFIG_OPENSSL_CMAC CFLAGS += -DCONFIG_OPENSSL_CMAC
@ -1368,7 +1335,6 @@ AESOBJS += ../src/crypto/aes-omac1.o
endif endif
endif endif
endif endif
endif
ifdef NEED_AES_WRAP ifdef NEED_AES_WRAP
NEED_AES_ENC=y NEED_AES_ENC=y
ifdef NEED_INTERNAL_AES_WRAP ifdef NEED_INTERNAL_AES_WRAP
@ -1477,7 +1443,6 @@ endif
endif endif
SHA256OBJS = # none by default SHA256OBJS = # none by default
ifdef NEED_SHA256
CFLAGS += -DCONFIG_SHA256 CFLAGS += -DCONFIG_SHA256
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), linux)
@ -1519,7 +1484,6 @@ CFLAGS += -DCONFIG_HMAC_SHA512_KDF
OBJS += ../src/crypto/sha512-kdf.o OBJS += ../src/crypto/sha512-kdf.o
endif endif
OBJS += $(SHA256OBJS) OBJS += $(SHA256OBJS)
endif
ifdef NEED_SHA384 ifdef NEED_SHA384
ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), linux)

View File

@ -28,7 +28,6 @@ wpa_supplicant build config
Enable DPP and protected management frame in wpa_supplicant build config Enable DPP and protected management frame in wpa_supplicant build config
file file
CONFIG_IEEE80211W=y
CONFIG_DPP=y CONFIG_DPP=y
hostapd build config hostapd build config
@ -36,7 +35,6 @@ hostapd build config
Enable DPP and protected management frame in hostapd build config file Enable DPP and protected management frame in hostapd build config file
CONFIG_IEEE80211W=y
CONFIG_DPP=y CONFIG_DPP=y
Configurator build config Configurator build config

View File

@ -273,10 +273,6 @@ CONFIG_L2_PACKET=linux
# bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). # bridge interfaces (commit 'bridge: respect RFC2863 operational state')').
#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y #CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
# IEEE 802.11w (management frame protection), also known as PMF
# Driver support is also needed for IEEE 802.11w.
CONFIG_IEEE80211W=y
# Support Operating Channel Validation # Support Operating Channel Validation
#CONFIG_OCV=y #CONFIG_OCV=y

View File

@ -500,10 +500,8 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->wpa_group_rekey = 86400; bss->wpa_group_rekey = 86400;
} }
#ifdef CONFIG_IEEE80211W
if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
bss->ieee80211w = ssid->ieee80211w; bss->ieee80211w = ssid->ieee80211w;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
bss->ocv = ssid->ocv; bss->ocv = ssid->ocv;

View File

@ -740,12 +740,10 @@ static int wpa_config_parse_key_mgmt(const struct parse_data *data,
val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384; val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
#endif /* CONFIG_SHA384 */ #endif /* CONFIG_SHA384 */
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
val |= WPA_KEY_MGMT_PSK_SHA256; val |= WPA_KEY_MGMT_PSK_SHA256;
else if (os_strcmp(start, "WPA-EAP-SHA256") == 0) else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
val |= WPA_KEY_MGMT_IEEE8021X_SHA256; val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
else if (os_strcmp(start, "WPS") == 0) else if (os_strcmp(start, "WPS") == 0)
val |= WPA_KEY_MGMT_WPS; val |= WPA_KEY_MGMT_WPS;
@ -910,7 +908,6 @@ static char * wpa_config_write_key_mgmt(const struct parse_data *data,
#endif /* CONFIG_SHA384 */ #endif /* CONFIG_SHA384 */
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) { if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
ret = os_snprintf(pos, end - pos, "%sWPA-PSK-SHA256", ret = os_snprintf(pos, end - pos, "%sWPA-PSK-SHA256",
pos == buf ? "" : " "); pos == buf ? "" : " ");
@ -930,7 +927,6 @@ static char * wpa_config_write_key_mgmt(const struct parse_data *data,
} }
pos += ret; pos += ret;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
@ -2477,9 +2473,7 @@ static const struct parse_data ssid_fields[] = {
{ INT_RANGE(proactive_key_caching, 0, 1) }, { INT_RANGE(proactive_key_caching, 0, 1) },
{ INT_RANGE(disabled, 0, 2) }, { INT_RANGE(disabled, 0, 2) },
{ STR(id_str) }, { STR(id_str) },
#ifdef CONFIG_IEEE80211W
{ INT_RANGE(ieee80211w, 0, 2) }, { INT_RANGE(ieee80211w, 0, 2) },
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
{ FUNC(ocv) }, { FUNC(ocv) },
#endif /* CONFIG_OCV */ #endif /* CONFIG_OCV */
@ -3061,9 +3055,7 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid)
ssid->vht_tx_mcs_nss_8 = -1; ssid->vht_tx_mcs_nss_8 = -1;
#endif /* CONFIG_VHT_OVERRIDES */ #endif /* CONFIG_VHT_OVERRIDES */
ssid->proactive_key_caching = -1; ssid->proactive_key_caching = -1;
#ifdef CONFIG_IEEE80211W
ssid->ieee80211w = MGMT_FRAME_PROTECTION_DEFAULT; ssid->ieee80211w = MGMT_FRAME_PROTECTION_DEFAULT;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_MACSEC #ifdef CONFIG_MACSEC
ssid->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER; ssid->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER;
#endif /* CONFIG_MACSEC */ #endif /* CONFIG_MACSEC */

View File

@ -863,10 +863,8 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
INT(pbss); INT(pbss);
INT(wps_disabled); INT(wps_disabled);
INT(fils_dh_group); INT(fils_dh_group);
#ifdef CONFIG_IEEE80211W
write_int(f, "ieee80211w", ssid->ieee80211w, write_int(f, "ieee80211w", ssid->ieee80211w,
MGMT_FRAME_PROTECTION_DEFAULT); MGMT_FRAME_PROTECTION_DEFAULT);
#endif /* CONFIG_IEEE80211W */
STR(id_str); STR(id_str);
#ifdef CONFIG_P2P #ifdef CONFIG_P2P
write_go_p2p_dev_addr(f, ssid); write_go_p2p_dev_addr(f, ssid);

View File

@ -446,7 +446,6 @@ struct wpa_ssid {
*/ */
char *id_str; char *id_str;
#ifdef CONFIG_IEEE80211W
/** /**
* ieee80211w - Whether management frame protection is enabled * ieee80211w - Whether management frame protection is enabled
* *
@ -460,7 +459,6 @@ struct wpa_ssid {
* followed). * followed).
*/ */
enum mfp_options ieee80211w; enum mfp_options ieee80211w;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
/** /**

View File

@ -937,10 +937,8 @@ static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
write_int(netw, "proactive_key_caching", ssid->proactive_key_caching, write_int(netw, "proactive_key_caching", ssid->proactive_key_caching,
-1); -1);
INT(disabled); INT(disabled);
#ifdef CONFIG_IEEE80211W
write_int(netw, "ieee80211w", ssid->ieee80211w, write_int(netw, "ieee80211w", ssid->ieee80211w,
MGMT_FRAME_PROTECTION_DEFAULT); MGMT_FRAME_PROTECTION_DEFAULT);
#endif /* CONFIG_IEEE80211W */
STR(id_str); STR(id_str);
#ifdef CONFIG_HS20 #ifdef CONFIG_HS20
INT(update_identifier); INT(update_identifier);

View File

@ -2656,7 +2656,6 @@ static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto,
pos += ret; pos += ret;
} }
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) { if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
ret = os_snprintf(pos, end - pos, "%sEAP-SHA256", ret = os_snprintf(pos, end - pos, "%sEAP-SHA256",
pos == start ? "" : "+"); pos == start ? "" : "+");
@ -2671,7 +2670,6 @@ static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto,
return pos; return pos;
pos += ret; pos += ret;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SUITEB #ifdef CONFIG_SUITEB
if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
@ -5243,10 +5241,8 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s)
wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
#ifdef CONFIG_IEEE80211W
wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
#endif /* CONFIG_IEEE80211W */
wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL, wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL,
0); 0);
@ -10626,12 +10622,10 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
} else if (os_strcmp(buf, "RESEND_ASSOC") == 0) { } else if (os_strcmp(buf, "RESEND_ASSOC") == 0) {
if (wpas_ctrl_resend_assoc(wpa_s) < 0) if (wpas_ctrl_resend_assoc(wpa_s) < 0)
reply_len = -1; reply_len = -1;
#ifdef CONFIG_IEEE80211W
} else if (os_strcmp(buf, "UNPROT_DEAUTH") == 0) { } else if (os_strcmp(buf, "UNPROT_DEAUTH") == 0) {
sme_event_unprot_disconnect( sme_event_unprot_disconnect(
wpa_s, wpa_s->bssid, NULL, wpa_s, wpa_s->bssid, NULL,
WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA); WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA);
#endif /* CONFIG_IEEE80211W */
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strncmp(buf, "VENDOR_ELEM_ADD ", 16) == 0) { } else if (os_strncmp(buf, "VENDOR_ELEM_ADD ", 16) == 0) {
if (wpas_ctrl_vendor_elem_add(wpa_s, buf + 16) < 0) if (wpas_ctrl_vendor_elem_add(wpa_s, buf + 16) < 0)

View File

@ -1012,9 +1012,7 @@ dbus_bool_t wpas_dbus_getter_global_capabilities(
#ifdef CONFIG_INTERWORKING #ifdef CONFIG_INTERWORKING
capabilities[num_items++] = "interworking"; capabilities[num_items++] = "interworking";
#endif /* CONFIG_INTERWORKING */ #endif /* CONFIG_INTERWORKING */
#ifdef CONFIG_IEEE80211W
capabilities[num_items++] = "pmf"; capabilities[num_items++] = "pmf";
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_MESH #ifdef CONFIG_MESH
capabilities[num_items++] = "mesh"; capabilities[num_items++] = "mesh";
#endif /* CONFIG_MESH */ #endif /* CONFIG_MESH */
@ -2753,11 +2751,9 @@ dbus_bool_t wpas_dbus_getter_capabilities(
goto nomem; goto nomem;
/* TODO: Ensure that driver actually supports sha256 encryption. */ /* TODO: Ensure that driver actually supports sha256 encryption. */
#ifdef CONFIG_IEEE80211W
if (!wpa_dbus_dict_string_array_add_element( if (!wpa_dbus_dict_string_array_add_element(
&iter_array, "wpa-eap-sha256")) &iter_array, "wpa-eap-sha256"))
goto nomem; goto nomem;
#endif /* CONFIG_IEEE80211W */
} }
if (capa.key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK | if (capa.key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
@ -2771,11 +2767,9 @@ dbus_bool_t wpas_dbus_getter_capabilities(
goto nomem; goto nomem;
/* TODO: Ensure that driver actually supports sha256 encryption. */ /* TODO: Ensure that driver actually supports sha256 encryption. */
#ifdef CONFIG_IEEE80211W
if (!wpa_dbus_dict_string_array_add_element( if (!wpa_dbus_dict_string_array_add_element(
&iter_array, "wpa-psk-sha256")) &iter_array, "wpa-psk-sha256"))
goto nomem; goto nomem;
#endif /* CONFIG_IEEE80211W */
} }
if ((capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE) && if ((capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE) &&
@ -4608,11 +4602,9 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
/* Management group (RSN only) */ /* Management group (RSN only) */
if (ie_data->proto == WPA_PROTO_RSN) { if (ie_data->proto == WPA_PROTO_RSN) {
switch (ie_data->mgmt_group_cipher) { switch (ie_data->mgmt_group_cipher) {
#ifdef CONFIG_IEEE80211W
case WPA_CIPHER_AES_128_CMAC: case WPA_CIPHER_AES_128_CMAC:
group = "aes128cmac"; group = "aes128cmac";
break; break;
#endif /* CONFIG_IEEE80211W */
default: default:
group = ""; group = "";
break; break;

View File

@ -310,10 +310,6 @@ CONFIG_BACKEND=file
# bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). # bridge interfaces (commit 'bridge: respect RFC2863 operational state')').
#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y #CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
# IEEE 802.11w (management frame protection), also known as PMF
# Driver support is also needed for IEEE 802.11w.
CONFIG_IEEE80211W=y
# Support Operating Channel Validation # Support Operating Channel Validation
#CONFIG_OCV=y #CONFIG_OCV=y
@ -610,6 +606,4 @@ CONFIG_BGSCAN_SIMPLE=y
#CONFIG_OWE=y #CONFIG_OWE=y
# Device Provisioning Protocol (DPP) # Device Provisioning Protocol (DPP)
# This requires CONFIG_IEEE80211W=y to be enabled, too. (see
# wpa_supplicant/README-DPP for details)
CONFIG_DPP=y CONFIG_DPP=y

View File

@ -615,7 +615,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
break; break;
} }
#ifdef CONFIG_IEEE80211W
if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
wpas_get_ssid_pmf(wpa_s, ssid) == wpas_get_ssid_pmf(wpa_s, ssid) ==
MGMT_FRAME_PROTECTION_REQUIRED) { MGMT_FRAME_PROTECTION_REQUIRED) {
@ -624,7 +623,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
" skip RSN IE - no mgmt frame protection"); " skip RSN IE - no mgmt frame protection");
break; break;
} }
#endif /* CONFIG_IEEE80211W */
if ((ie.capabilities & WPA_CAPABILITY_MFPR) && if ((ie.capabilities & WPA_CAPABILITY_MFPR) &&
wpas_get_ssid_pmf(wpa_s, ssid) == wpas_get_ssid_pmf(wpa_s, ssid) ==
NO_MGMT_FRAME_PROTECTION) { NO_MGMT_FRAME_PROTECTION) {
@ -655,7 +653,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
return 1; return 1;
} }
#ifdef CONFIG_IEEE80211W
if (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED && if (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED &&
(!(ssid->key_mgmt & WPA_KEY_MGMT_OWE) || ssid->owe_only)) { (!(ssid->key_mgmt & WPA_KEY_MGMT_OWE) || ssid->owe_only)) {
if (debug_print) if (debug_print)
@ -663,7 +660,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
" skip - MFP Required but network not MFP Capable"); " skip - MFP Required but network not MFP Capable");
return 0; return 0;
} }
#endif /* CONFIG_IEEE80211W */
wpa_ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); wpa_ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) {
@ -3518,26 +3514,22 @@ static void ft_rx_action(struct wpa_supplicant *wpa_s, const u8 *data,
static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s, static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s,
struct unprot_deauth *e) struct unprot_deauth *e)
{ {
#ifdef CONFIG_IEEE80211W
wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame " wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame "
"dropped: " MACSTR " -> " MACSTR "dropped: " MACSTR " -> " MACSTR
" (reason code %u)", " (reason code %u)",
MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); MAC2STR(e->sa), MAC2STR(e->da), e->reason_code);
sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code);
#endif /* CONFIG_IEEE80211W */
} }
static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s, static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s,
struct unprot_disassoc *e) struct unprot_disassoc *e)
{ {
#ifdef CONFIG_IEEE80211W
wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame " wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame "
"dropped: " MACSTR " -> " MACSTR "dropped: " MACSTR " -> " MACSTR
" (reason code %u)", " (reason code %u)",
MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); MAC2STR(e->sa), MAC2STR(e->da), e->reason_code);
sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code);
#endif /* CONFIG_IEEE80211W */
} }
@ -3795,14 +3787,12 @@ static void wpas_event_rx_mgmt_action(struct wpa_supplicant *wpa_s,
} }
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
#ifdef CONFIG_SME #ifdef CONFIG_SME
if (category == WLAN_ACTION_SA_QUERY) { if (category == WLAN_ACTION_SA_QUERY) {
sme_sa_query_rx(wpa_s, mgmt->sa, payload, plen); sme_sa_query_rx(wpa_s, mgmt->sa, payload, plen);
return; return;
} }
#endif /* CONFIG_SME */ #endif /* CONFIG_SME */
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WNM #ifdef CONFIG_WNM
if (mgmt->u.action.category == WLAN_ACTION_WNM) { if (mgmt->u.action.category == WLAN_ACTION_WNM) {
@ -4516,9 +4506,7 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
} }
#endif /* CONFIG_AP */ #endif /* CONFIG_AP */
#ifdef CONFIG_IEEE80211W
sme_event_ch_switch(wpa_s); sme_event_ch_switch(wpa_s);
#endif /* CONFIG_IEEE80211W */
wpas_p2p_update_channel_list(wpa_s, WPAS_P2P_CHANNEL_UPDATE_CS); wpas_p2p_update_channel_list(wpa_s, WPAS_P2P_CHANNEL_UPDATE_CS);
wnm_clear_coloc_intf_reporting(wpa_s); wnm_clear_coloc_intf_reporting(wpa_s);
break; break;

View File

@ -86,7 +86,6 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
MESH_CONF_SEC_AMPE; MESH_CONF_SEC_AMPE;
else else
conf->security |= MESH_CONF_SEC_NONE; conf->security |= MESH_CONF_SEC_NONE;
#ifdef CONFIG_IEEE80211W
conf->ieee80211w = ssid->ieee80211w; conf->ieee80211w = ssid->ieee80211w;
if (conf->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { if (conf->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
if (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP) if (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)
@ -94,7 +93,6 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s,
else else
conf->ieee80211w = NO_MGMT_FRAME_PROTECTION; conf->ieee80211w = NO_MGMT_FRAME_PROTECTION;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
conf->ocv = ssid->ocv; conf->ocv = ssid->ocv;
#endif /* CONFIG_OCV */ #endif /* CONFIG_OCV */

View File

@ -165,11 +165,9 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
conf.wpa_group_rekey = -1; conf.wpa_group_rekey = -1;
conf.wpa_group_update_count = 4; conf.wpa_group_update_count = 4;
conf.wpa_pairwise_update_count = 4; conf.wpa_pairwise_update_count = 4;
#ifdef CONFIG_IEEE80211W
conf.ieee80211w = ieee80211w; conf.ieee80211w = ieee80211w;
if (ieee80211w != NO_MGMT_FRAME_PROTECTION) if (ieee80211w != NO_MGMT_FRAME_PROTECTION)
conf.group_mgmt_cipher = rsn->mgmt_group_cipher; conf.group_mgmt_cipher = rsn->mgmt_group_cipher;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
conf.ocv = ocv; conf.ocv = ocv;
#endif /* CONFIG_OCV */ #endif /* CONFIG_OCV */
@ -186,7 +184,6 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
return -1; return -1;
rsn->mgtk_key_id = 1; rsn->mgtk_key_id = 1;
#ifdef CONFIG_IEEE80211W
if (ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (ieee80211w != NO_MGMT_FRAME_PROTECTION) {
rsn->igtk_len = wpa_cipher_key_len(conf.group_mgmt_cipher); rsn->igtk_len = wpa_cipher_key_len(conf.group_mgmt_cipher);
if (random_get_bytes(rsn->igtk, rsn->igtk_len) < 0) if (random_get_bytes(rsn->igtk, rsn->igtk_len) < 0)
@ -201,7 +198,6 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
rsn->igtk_key_id, 1, rsn->igtk_key_id, 1,
seq, sizeof(seq), rsn->igtk, rsn->igtk_len); seq, sizeof(seq), rsn->igtk, rsn->igtk_len);
} }
#endif /* CONFIG_IEEE80211W */
/* group privacy / data frames */ /* group privacy / data frames */
wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK", wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK",
@ -545,10 +541,8 @@ int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta,
len = sizeof(*ampe); len = sizeof(*ampe);
if (cat[1] == PLINK_OPEN) if (cat[1] == PLINK_OPEN)
len += rsn->mgtk_len + WPA_KEY_RSC_LEN + 4; len += rsn->mgtk_len + WPA_KEY_RSC_LEN + 4;
#ifdef CONFIG_IEEE80211W
if (cat[1] == PLINK_OPEN && rsn->igtk_len) if (cat[1] == PLINK_OPEN && rsn->igtk_len)
len += 2 + 6 + rsn->igtk_len; len += 2 + 6 + rsn->igtk_len;
#endif /* CONFIG_IEEE80211W */
if (2 + AES_BLOCK_SIZE + 2 + len > wpabuf_tailroom(buf)) { if (2 + AES_BLOCK_SIZE + 2 + len > wpabuf_tailroom(buf)) {
wpa_printf(MSG_ERROR, "protect frame: buffer too small"); wpa_printf(MSG_ERROR, "protect frame: buffer too small");
@ -591,7 +585,6 @@ int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta,
WPA_PUT_LE32(pos, 0xffffffff); WPA_PUT_LE32(pos, 0xffffffff);
pos += 4; pos += 4;
#ifdef CONFIG_IEEE80211W
/* /*
* IGTKdata[variable]: * IGTKdata[variable]:
* Key ID[2], IPN[6], IGTK[variable] * Key ID[2], IPN[6], IGTK[variable]
@ -603,7 +596,6 @@ int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta,
pos += 6; pos += 6;
os_memcpy(pos, rsn->igtk, rsn->igtk_len); os_memcpy(pos, rsn->igtk, rsn->igtk_len);
} }
#endif /* CONFIG_IEEE80211W */
skip_keys: skip_keys:
wpa_hexdump_key(MSG_DEBUG, "mesh: Plaintext AMPE element", wpa_hexdump_key(MSG_DEBUG, "mesh: Plaintext AMPE element",
@ -774,7 +766,6 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta,
WPA_GET_LE32(pos)); WPA_GET_LE32(pos));
pos += 4; pos += 4;
#ifdef CONFIG_IEEE80211W
/* /*
* IGTKdata[variable]: * IGTKdata[variable]:
* Key ID[2], IPN[6], IGTK[variable] * Key ID[2], IPN[6], IGTK[variable]
@ -794,7 +785,6 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta,
wpa_hexdump_key(MSG_DEBUG, "mesh: IGTKdata - IGTK", wpa_hexdump_key(MSG_DEBUG, "mesh: IGTKdata - IGTK",
sta->igtk, sta->igtk_len); sta->igtk, sta->igtk_len);
} }
#endif /* CONFIG_IEEE80211W */
free: free:
os_free(crypt); os_free(crypt);

View File

@ -37,9 +37,7 @@
static void sme_auth_timer(void *eloop_ctx, void *timeout_ctx); static void sme_auth_timer(void *eloop_ctx, void *timeout_ctx);
static void sme_assoc_timer(void *eloop_ctx, void *timeout_ctx); static void sme_assoc_timer(void *eloop_ctx, void *timeout_ctx);
static void sme_obss_scan_timeout(void *eloop_ctx, void *timeout_ctx); static void sme_obss_scan_timeout(void *eloop_ctx, void *timeout_ctx);
#ifdef CONFIG_IEEE80211W
static void sme_stop_sa_query(struct wpa_supplicant *wpa_s); static void sme_stop_sa_query(struct wpa_supplicant *wpa_s);
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
@ -492,7 +490,6 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
} }
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
wpa_s->sme.mfp = wpas_get_ssid_pmf(wpa_s, ssid); wpa_s->sme.mfp = wpas_get_ssid_pmf(wpa_s, ssid);
if (wpa_s->sme.mfp != NO_MGMT_FRAME_PROTECTION) { if (wpa_s->sme.mfp != NO_MGMT_FRAME_PROTECTION) {
const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
@ -505,7 +502,6 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED; wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED;
} }
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_P2P #ifdef CONFIG_P2P
if (wpa_s->global->p2p) { if (wpa_s->global->p2p) {
@ -2024,9 +2020,7 @@ void sme_clear_on_disassoc(struct wpa_supplicant *wpa_s)
if (wpa_s->sme.ft_ies || wpa_s->sme.ft_used) if (wpa_s->sme.ft_ies || wpa_s->sme.ft_used)
sme_update_ft_ies(wpa_s, NULL, NULL, 0); sme_update_ft_ies(wpa_s, NULL, NULL, 0);
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
sme_stop_sa_query(wpa_s); sme_stop_sa_query(wpa_s);
#endif /* CONFIG_IEEE80211W */
} }
@ -2321,8 +2315,6 @@ void sme_sched_obss_scan(struct wpa_supplicant *wpa_s, int enable)
} }
#ifdef CONFIG_IEEE80211W
static const unsigned int sa_query_max_timeout = 1000; static const unsigned int sa_query_max_timeout = 1000;
static const unsigned int sa_query_retry_timeout = 201; static const unsigned int sa_query_retry_timeout = 201;
static const unsigned int sa_query_ch_switch_max_delay = 5000; /* in usec */ static const unsigned int sa_query_ch_switch_max_delay = 5000; /* in usec */
@ -2611,5 +2603,3 @@ void sme_sa_query_rx(struct wpa_supplicant *wpa_s, const u8 *sa,
else if (data[0] == WLAN_SA_QUERY_RESPONSE) else if (data[0] == WLAN_SA_QUERY_RESPONSE)
sme_process_sa_query_response(wpa_s, sa, data, len); sme_process_sa_query_response(wpa_s, sa, data, len);
} }
#endif /* CONFIG_IEEE80211W */

View File

@ -271,7 +271,6 @@ static void wnm_sleep_mode_exit_success(struct wpa_supplicant *wpa_s,
WNM_SLEEP_SUBELEM_GTK, WNM_SLEEP_SUBELEM_GTK,
ptr); ptr);
ptr += 13 + gtk_len; ptr += 13 + gtk_len;
#ifdef CONFIG_IEEE80211W
} else if (*ptr == WNM_SLEEP_SUBELEM_IGTK) { } else if (*ptr == WNM_SLEEP_SUBELEM_IGTK) {
if (ptr[1] < 2 + 6 + WPA_IGTK_LEN) { if (ptr[1] < 2 + 6 + WPA_IGTK_LEN) {
wpa_printf(MSG_DEBUG, "WNM: Too short IGTK " wpa_printf(MSG_DEBUG, "WNM: Too short IGTK "
@ -281,7 +280,6 @@ static void wnm_sleep_mode_exit_success(struct wpa_supplicant *wpa_s,
wpa_wnmsleep_install_key(wpa_s->wpa, wpa_wnmsleep_install_key(wpa_s->wpa,
WNM_SLEEP_SUBELEM_IGTK, ptr); WNM_SLEEP_SUBELEM_IGTK, ptr);
ptr += 10 + WPA_IGTK_LEN; ptr += 10 + WPA_IGTK_LEN;
#endif /* CONFIG_IEEE80211W */
} else } else
break; /* skip the loop */ break; /* skip the loop */
} }

View File

@ -1433,9 +1433,7 @@ static const char *network_fields[] = {
"mode", "mode",
#endif /* CONFIG_MESH */ #endif /* CONFIG_MESH */
"proactive_key_caching", "disabled", "id_str", "proactive_key_caching", "disabled", "id_str",
#ifdef CONFIG_IEEE80211W
"ieee80211w", "ieee80211w",
#endif /* CONFIG_IEEE80211W */
"mixed_cell", "frequency", "fixed_freq", "mixed_cell", "frequency", "fixed_freq",
#ifdef CONFIG_MESH #ifdef CONFIG_MESH
"mesh_basic_rates", "dot11MeshMaxRetries", "mesh_basic_rates", "dot11MeshMaxRetries",

View File

@ -424,10 +424,8 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
wpa_s->pairwise_cipher); wpa_s->pairwise_cipher);
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
#ifdef CONFIG_IEEE80211W
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
wpa_s->mgmt_group_cipher); wpa_s->mgmt_group_cipher);
#endif /* CONFIG_IEEE80211W */
pmksa_cache_clear_current(wpa_s->wpa); pmksa_cache_clear_current(wpa_s->wpa);
} }
@ -693,13 +691,7 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
*/ */
void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
{ {
int i, max; int i, max = 6;
#ifdef CONFIG_IEEE80211W
max = 6;
#else /* CONFIG_IEEE80211W */
max = 4;
#endif /* CONFIG_IEEE80211W */
/* MLME-DELETEKEYS.request */ /* MLME-DELETEKEYS.request */
for (i = 0; i < max; i++) { for (i = 0; i < max; i++) {
@ -1186,7 +1178,6 @@ static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
return -1; return -1;
} }
#ifdef CONFIG_IEEE80211W
if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
@ -1194,7 +1185,6 @@ static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
"reject"); "reject");
return -1; return -1;
} }
#endif /* CONFIG_IEEE80211W */
return 0; return 0;
} }
@ -1319,7 +1309,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
ie.group_cipher = ssid->group_cipher; ie.group_cipher = ssid->group_cipher;
ie.pairwise_cipher = ssid->pairwise_cipher; ie.pairwise_cipher = ssid->pairwise_cipher;
ie.key_mgmt = ssid->key_mgmt; ie.key_mgmt = ssid->key_mgmt;
#ifdef CONFIG_IEEE80211W
ie.mgmt_group_cipher = 0; ie.mgmt_group_cipher = 0;
if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
if (ssid->group_mgmt_cipher & if (ssid->group_mgmt_cipher &
@ -1338,7 +1327,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
ie.mgmt_group_cipher = ie.mgmt_group_cipher =
WPA_CIPHER_AES_128_CMAC; WPA_CIPHER_AES_128_CMAC;
} }
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OWE #ifdef CONFIG_OWE
if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
!ssid->owe_only && !ssid->owe_only &&
@ -1358,12 +1346,10 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
"pairwise %d key_mgmt %d proto %d", "pairwise %d key_mgmt %d proto %d",
ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
#ifdef CONFIG_IEEE80211W
if (ssid->ieee80211w) { if (ssid->ieee80211w) {
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
ie.mgmt_group_cipher); ie.mgmt_group_cipher);
} }
#endif /* CONFIG_IEEE80211W */
wpa_s->wpa_proto = proto; wpa_s->wpa_proto = proto;
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
@ -1495,7 +1481,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
} else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
wpa_dbg(wpa_s, MSG_DEBUG, wpa_dbg(wpa_s, MSG_DEBUG,
@ -1504,7 +1489,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
wpa_dbg(wpa_s, MSG_DEBUG, wpa_dbg(wpa_s, MSG_DEBUG,
"WPA: using KEY_MGMT PSK with SHA256"); "WPA: using KEY_MGMT PSK with SHA256");
#endif /* CONFIG_IEEE80211W */
} else if (sel & WPA_KEY_MGMT_IEEE8021X) { } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
@ -1535,7 +1519,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
wpa_s->pairwise_cipher); wpa_s->pairwise_cipher);
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
#ifdef CONFIG_IEEE80211W
if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
wpa_msg(wpa_s, MSG_INFO, wpa_msg(wpa_s, MSG_INFO,
@ -1576,7 +1559,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
wpa_s->mgmt_group_cipher); wpa_s->mgmt_group_cipher);
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
wpas_get_ssid_pmf(wpa_s, ssid)); wpas_get_ssid_pmf(wpa_s, ssid));
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_OCV #ifdef CONFIG_OCV
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
#endif /* CONFIG_OCV */ #endif /* CONFIG_OCV */
@ -3293,7 +3275,6 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
params.drop_unencrypted = use_crypt; params.drop_unencrypted = use_crypt;
#ifdef CONFIG_IEEE80211W
params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid); params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
@ -3312,7 +3293,6 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
#endif /* CONFIG_OWE */ #endif /* CONFIG_OWE */
} }
} }
#endif /* CONFIG_IEEE80211W */
params.p2p = ssid->p2p_group; params.p2p = ssid->p2p_group;
@ -7021,7 +7001,6 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
{ {
#ifdef CONFIG_IEEE80211W
if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL && if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
!(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) { !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
@ -7050,9 +7029,6 @@ int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
} }
return ssid->ieee80211w; return ssid->ieee80211w;
#else /* CONFIG_IEEE80211W */
return NO_MGMT_FRAME_PROTECTION;
#endif /* CONFIG_IEEE80211W */
} }

View File

@ -533,9 +533,7 @@ static int wpa_supplicant_wps_cred(void *ctx,
if (wpa_s->conf->wps_cred_add_sae && if (wpa_s->conf->wps_cred_add_sae &&
cred->key_len != 2 * PMK_LEN) { cred->key_len != 2 * PMK_LEN) {
ssid->key_mgmt |= WPA_KEY_MGMT_SAE; ssid->key_mgmt |= WPA_KEY_MGMT_SAE;
#ifdef CONFIG_IEEE80211W
ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL; ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
#endif /* CONFIG_IEEE80211W */
} }
ssid->proto = WPA_PROTO_RSN; ssid->proto = WPA_PROTO_RSN;
break; break;