mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
Use a helper function for selection group cipher for AP mode
Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
0282a8c46a
commit
cf830c1c54
@ -2919,31 +2919,16 @@ static int hostapd_config_fill(struct hostapd_config *conf,
|
|||||||
|
|
||||||
static void hostapd_set_security_params(struct hostapd_bss_config *bss)
|
static void hostapd_set_security_params(struct hostapd_bss_config *bss)
|
||||||
{
|
{
|
||||||
int pairwise;
|
|
||||||
|
|
||||||
if (bss->individual_wep_key_len == 0) {
|
if (bss->individual_wep_key_len == 0) {
|
||||||
/* individual keys are not use; can use key idx0 for
|
/* individual keys are not use; can use key idx0 for
|
||||||
* broadcast keys */
|
* broadcast keys */
|
||||||
bss->broadcast_key_idx_min = 0;
|
bss->broadcast_key_idx_min = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Select group cipher based on the enabled pairwise cipher
|
if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
|
||||||
* suites */
|
bss->rsn_pairwise = bss->wpa_pairwise;
|
||||||
pairwise = 0;
|
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
|
||||||
if (bss->wpa & 1)
|
bss->rsn_pairwise);
|
||||||
pairwise |= bss->wpa_pairwise;
|
|
||||||
if (bss->wpa & 2) {
|
|
||||||
if (bss->rsn_pairwise == 0)
|
|
||||||
bss->rsn_pairwise = bss->wpa_pairwise;
|
|
||||||
pairwise |= bss->rsn_pairwise;
|
|
||||||
}
|
|
||||||
if (pairwise & WPA_CIPHER_TKIP)
|
|
||||||
bss->wpa_group = WPA_CIPHER_TKIP;
|
|
||||||
else if ((pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ==
|
|
||||||
WPA_CIPHER_GCMP)
|
|
||||||
bss->wpa_group = WPA_CIPHER_GCMP;
|
|
||||||
else
|
|
||||||
bss->wpa_group = WPA_CIPHER_CCMP;
|
|
||||||
|
|
||||||
bss->radius->auth_server = bss->radius->auth_servers;
|
bss->radius->auth_server = bss->radius->auth_servers;
|
||||||
bss->radius->acct_server = bss->radius->acct_servers;
|
bss->radius->acct_server = bss->radius->acct_servers;
|
||||||
|
@ -1343,3 +1343,21 @@ int wpa_write_ciphers(char *start, char *end, int ciphers, const char *delim)
|
|||||||
|
|
||||||
return pos - start;
|
return pos - start;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int wpa_select_ap_group_cipher(int wpa, int wpa_pairwise, int rsn_pairwise)
|
||||||
|
{
|
||||||
|
int pairwise = 0;
|
||||||
|
|
||||||
|
/* Select group cipher based on the enabled pairwise cipher suites */
|
||||||
|
if (wpa & 1)
|
||||||
|
pairwise |= wpa_pairwise;
|
||||||
|
if (wpa & 2)
|
||||||
|
pairwise |= rsn_pairwise;
|
||||||
|
|
||||||
|
if (pairwise & WPA_CIPHER_TKIP)
|
||||||
|
return WPA_CIPHER_TKIP;
|
||||||
|
if ((pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) == WPA_CIPHER_GCMP)
|
||||||
|
return WPA_CIPHER_GCMP;
|
||||||
|
return WPA_CIPHER_CCMP;
|
||||||
|
}
|
||||||
|
@ -400,5 +400,6 @@ int wpa_pick_pairwise_cipher(int ciphers, int none_allowed);
|
|||||||
int wpa_pick_group_cipher(int ciphers);
|
int wpa_pick_group_cipher(int ciphers);
|
||||||
int wpa_parse_cipher(const char *value);
|
int wpa_parse_cipher(const char *value);
|
||||||
int wpa_write_ciphers(char *start, char *end, int ciphers, const char *delim);
|
int wpa_write_ciphers(char *start, char *end, int ciphers, const char *delim);
|
||||||
|
int wpa_select_ap_group_cipher(int wpa, int wpa_pairwise, int rsn_pairwise);
|
||||||
|
|
||||||
#endif /* WPA_COMMON_H */
|
#endif /* WPA_COMMON_H */
|
||||||
|
@ -46,7 +46,6 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||||||
struct hostapd_config *conf)
|
struct hostapd_config *conf)
|
||||||
{
|
{
|
||||||
struct hostapd_bss_config *bss = &conf->bss[0];
|
struct hostapd_bss_config *bss = &conf->bss[0];
|
||||||
int pairwise;
|
|
||||||
|
|
||||||
conf->driver = wpa_s->driver;
|
conf->driver = wpa_s->driver;
|
||||||
|
|
||||||
@ -211,22 +210,10 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||||||
if (ssid->dtim_period)
|
if (ssid->dtim_period)
|
||||||
bss->dtim_period = ssid->dtim_period;
|
bss->dtim_period = ssid->dtim_period;
|
||||||
|
|
||||||
/* Select group cipher based on the enabled pairwise cipher suites */
|
if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
|
||||||
pairwise = 0;
|
bss->rsn_pairwise = bss->wpa_pairwise;
|
||||||
if (bss->wpa & 1)
|
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
|
||||||
pairwise |= bss->wpa_pairwise;
|
bss->rsn_pairwise);
|
||||||
if (bss->wpa & 2) {
|
|
||||||
if (bss->rsn_pairwise == 0)
|
|
||||||
bss->rsn_pairwise = bss->wpa_pairwise;
|
|
||||||
pairwise |= bss->rsn_pairwise;
|
|
||||||
}
|
|
||||||
if (pairwise & WPA_CIPHER_TKIP)
|
|
||||||
bss->wpa_group = WPA_CIPHER_TKIP;
|
|
||||||
else if ((pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ==
|
|
||||||
WPA_CIPHER_GCMP)
|
|
||||||
bss->wpa_group = WPA_CIPHER_GCMP;
|
|
||||||
else
|
|
||||||
bss->wpa_group = WPA_CIPHER_CCMP;
|
|
||||||
|
|
||||||
if (bss->wpa && bss->ieee802_1x)
|
if (bss->wpa && bss->ieee802_1x)
|
||||||
bss->ssid.security_policy = SECURITY_WPA;
|
bss->ssid.security_policy = SECURITY_WPA;
|
||||||
@ -268,7 +255,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||||||
goto no_wps;
|
goto no_wps;
|
||||||
#ifdef CONFIG_WPS2
|
#ifdef CONFIG_WPS2
|
||||||
if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
|
if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
|
||||||
(!(pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
|
(!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
|
||||||
goto no_wps; /* WPS2 does not allow WPA/TKIP-only
|
goto no_wps; /* WPS2 does not allow WPA/TKIP-only
|
||||||
* configuration */
|
* configuration */
|
||||||
#endif /* CONFIG_WPS2 */
|
#endif /* CONFIG_WPS2 */
|
||||||
|
Loading…
Reference in New Issue
Block a user