Use set_key addr to distinguish default and multicast keys

Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).

src/ap/hostapd.c

@@ -173,9 +173,8 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
 	idx = ssid->wep.idx;
 	if (ssid->wep.default_len &&
 	    hostapd_drv_set_key(hapd->conf->iface,
-				hapd, WPA_ALG_WEP, NULL, idx,
-				idx == ssid->wep.idx,
-				NULL, 0, ssid->wep.key[idx],
+				hapd, WPA_ALG_WEP, broadcast_ether_addr, idx,
+				1, NULL, 0, ssid->wep.key[idx],
 				ssid->wep.len[idx])) {
 		wpa_printf(MSG_WARNING, "Could not set WEP encryption.");
 		errors++;
@@ -195,7 +194,7 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
 
 			idx = key->idx;
 			if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_WEP,
-						NULL, idx, idx == key->idx,
+						broadcast_ether_addr, idx, 1,
 						NULL, 0, key->key[idx],
 						key->len[idx])) {
 				wpa_printf(MSG_WARNING, "Could not set "

src/ap/ieee802_1x.c

@@ -232,7 +232,8 @@ ieee802_1x_group_alloc(struct hostapd_data *hapd, const char *ifname)
 	wpa_hexdump_key(MSG_DEBUG, "Default WEP key (dynamic VLAN)",
 			key->key[key->idx], key->len[key->idx]);
 
-	if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_WEP, NULL, key->idx, 1,
+	if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_WEP,
+				broadcast_ether_addr, key->idx, 1,
 				NULL, 0, key->key[key->idx],
 				key->len[key->idx]))
 		printf("Could not set dynamic VLAN WEP encryption key.\n");
@@ -1441,7 +1442,8 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx)
 
 	/* TODO: Could setup key for RX here, but change default TX keyid only
 	 * after new broadcast key has been sent to all stations. */
-	if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP, NULL,
+	if (hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_WEP,
+				broadcast_ether_addr,
 				eapol->default_wep_key_idx, 1, NULL, 0,
 				eapol->default_wep_key,
 				hapd->conf->default_wep_key_len)) {

src/ap/wpa_auth.c

@@ -2297,14 +2297,14 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth,
 
 	if (wpa_auth_set_key(wpa_auth, group->vlan_id,
 			     wpa_alg_enum(wpa_auth->conf.wpa_group),
-			     NULL, group->GN, group->GTK[group->GN - 1],
-			     group->GTK_len) < 0)
+			     broadcast_ether_addr, group->GN,
+			     group->GTK[group->GN - 1], group->GTK_len) < 0)
 		ret = -1;
 
 #ifdef CONFIG_IEEE80211W
 	if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION &&
 	    wpa_auth_set_key(wpa_auth, group->vlan_id, WPA_ALG_IGTK,
-			     NULL, group->GN_igtk,
+			     broadcast_ether_addr, group->GN_igtk,
 			     group->IGTK[group->GN_igtk - 4],
 			     WPA_IGTK_LEN) < 0)
 		ret = -1;

src/drivers/driver.h

@@ -744,8 +744,12 @@ struct wpa_driver_ops {
 	 * @alg: encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
 	 *	%WPA_ALG_TKIP, %WPA_ALG_CCMP, %WPA_ALG_IGTK, %WPA_ALG_PMK);
 	 *	%WPA_ALG_NONE clears the key.
-	 * @addr: address of the peer STA or ff:ff:ff:ff:ff:ff for
-	 *	broadcast/default keys
+	 * @addr: Address of the peer STA (BSSID of the current AP when setting
+	 *	pairwise key in station mode), ff:ff:ff:ff:ff:ff for
+	 *	broadcast keys, %NULL for default keys that are used both for
+	 *	broadcast and unicast; when clearing keys, %NULL is used to
+	 *	indicate that both the broadcast-only and default key of the
+	 *	specified key index is to be cleared
 	 * @key_idx: key index (0..3), usually 0 for unicast keys; 0..4095 for
 	 *	IGTK
 	 * @set_tx: configure this key as the default Tx key (only used when

src/drivers/driver_atheros.c

@@ -478,7 +478,7 @@ atheros_set_key(const char *ifname, void *priv, enum wpa_alg alg,
 	memset(&wk, 0, sizeof(wk));
 	wk.ik_type = cipher;
 	wk.ik_flags = IEEE80211_KEY_RECV | IEEE80211_KEY_XMIT;
-	if (addr == NULL) {
+	if (addr == NULL || is_broadcast_ether_addr(addr)) {
 		memset(wk.ik_macaddr, 0xff, IEEE80211_ADDR_LEN);
 		wk.ik_keyix = key_idx;
 		wk.ik_flags |= IEEE80211_KEY_DEFAULT;

src/drivers/driver_bsd.c

@@ -296,9 +296,7 @@ bsd_set_key(const char *ifname, void *priv, enum wpa_alg alg,
 
 	if (alg == WPA_ALG_NONE) {
 #ifndef HOSTAPD
-		if (addr == NULL ||
-		    os_memcmp(addr, "\xff\xff\xff\xff\xff\xff",
-			      IEEE80211_ADDR_LEN) == 0)
+		if (addr == NULL || is_broadcast_ether_addr(addr))
 			return bsd_del_key(priv, NULL, key_idx);
 		else
 #endif /* HOSTAPD */
@@ -335,8 +333,7 @@ bsd_set_key(const char *ifname, void *priv, enum wpa_alg alg,
 		 * the address (yech).  Note also that we can only mark global
 		 * keys default; doing this for a unicast key is an error.
 		 */
-		if (os_memcmp(addr, "\xff\xff\xff\xff\xff\xff",
-			      IEEE80211_ADDR_LEN) == 0) {
+		if (is_broadcast_ether_addr(addr)) {
 			wk.ik_flags |= IEEE80211_KEY_GROUP;
 			wk.ik_keyix = key_idx;
 		} else {

src/drivers/driver_madwifi.c

@@ -462,7 +462,7 @@ wpa_driver_madwifi_set_key(const char *ifname, void *priv, enum wpa_alg alg,
 	memset(&wk, 0, sizeof(wk));
 	wk.ik_type = cipher;
 	wk.ik_flags = IEEE80211_KEY_RECV | IEEE80211_KEY_XMIT;
-	if (addr == NULL) {
+	if (addr == NULL || is_broadcast_ether_addr(addr)) {
 		memset(wk.ik_macaddr, 0xff, IEEE80211_ADDR_LEN);
 		wk.ik_keyix = key_idx;
 		wk.ik_flags |= IEEE80211_KEY_DEFAULT;

src/drivers/driver_ndis.c

@@ -1001,8 +1001,7 @@ static int wpa_driver_ndis_set_key(const char *ifname, void *priv,
 	int res, pairwise;
 	u8 bssid[ETH_ALEN];
 
-	if (addr == NULL || os_memcmp(addr, "\xff\xff\xff\xff\xff\xff",
-				      ETH_ALEN) == 0) {
+	if (addr == NULL || is_broadcast_ether_addr(addr)) {
 		/* Group Key */
 		pairwise = 0;
 		if (wpa_driver_ndis_get_bssid(drv, bssid) < 0)

src/drivers/driver_nl80211.c

@@ -2640,8 +2640,7 @@ static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
 	if (seq && seq_len)
 		NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, seq_len, seq);
 
-	if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
-	{
+	if (addr && !is_broadcast_ether_addr(addr)) {
 		wpa_printf(MSG_DEBUG, "   addr=" MACSTR, MAC2STR(addr));
 		NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
 
@@ -2667,13 +2666,9 @@ static int wpa_driver_nl80211_set_key(const char *ifname, void *priv,
 	 */
 	if (ret || !set_tx || alg == WPA_ALG_NONE)
 		return ret;
-#ifdef HOSTAPD
-	if (addr)
+	if (drv->nlmode == NL80211_IFTYPE_AP && addr &&
+	    !is_broadcast_ether_addr(addr))
 		return ret;
-#else /* HOSTAPD */
-	if (drv->nlmode == NL80211_IFTYPE_AP && addr)
-		return ret;
-#endif /* HOSTAPD */
 
 	msg = nlmsg_alloc();
 	if (!msg)
@@ -5517,6 +5512,7 @@ static void *i802_init(struct hostapd_data *hapd,
 		return NULL;
 
 	drv = bss->drv;
+	drv->nlmode = NL80211_IFTYPE_AP;
 	if (linux_br_get(brname, params->ifname) == 0) {
 		wpa_printf(MSG_DEBUG, "nl80211: Interface %s is in bridge %s",
 			   params->ifname, brname);

src/drivers/driver_ralink.c

@@ -1178,8 +1178,7 @@ static int wpa_driver_ralink_set_key(const char *ifname, void *priv,
 
 	drv->bAddWepKey = FALSE;
 
-	if (addr == NULL || os_memcmp(addr, "\xff\xff\xff\xff\xff\xff",
-				      ETH_ALEN) == 0) {
+	if (addr == NULL || is_broadcast_ether_addr(addr)) {
 		/* Group Key */
 		pairwise = 0;
 		wpa_driver_ralink_get_bssid(drv, bssid);

src/drivers/driver_wext.c

@@ -1622,8 +1622,7 @@ static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg,
 	iwr.u.encoding.pointer = (caddr_t) ext;
 	iwr.u.encoding.length = sizeof(*ext) + key_len;
 
-	if (addr == NULL ||
-	    os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) == 0)
+	if (addr == NULL || is_broadcast_ether_addr(addr))
 		ext->ext_flags |= IW_ENCODE_EXT_GROUP_KEY;
 	if (set_tx)
 		ext->ext_flags |= IW_ENCODE_EXT_SET_TX_KEY;

src/rsn_supp/wpa.c

@@ -632,16 +632,14 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
 		_gtk = gtk_buf;
 	}
 	if (sm->pairwise_cipher == WPA_CIPHER_NONE) {
-		if (wpa_sm_set_key(sm, gd->alg,
-				   (u8 *) "\xff\xff\xff\xff\xff\xff",
+		if (wpa_sm_set_key(sm, gd->alg, NULL,
 				   gd->keyidx, 1, key_rsc, gd->key_rsc_len,
 				   _gtk, gd->gtk_len) < 0) {
 			wpa_printf(MSG_WARNING, "WPA: Failed to set "
 				   "GTK to the driver (Group only).");
 			return -1;
 		}
-	} else if (wpa_sm_set_key(sm, gd->alg,
-				  (u8 *) "\xff\xff\xff\xff\xff\xff",
+	} else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr,
 				  gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len,
 				  _gtk, gd->gtk_len) < 0) {
 		wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to "
@@ -744,8 +742,7 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
 				   keyidx);
 			return -1;
 		}
-		if (wpa_sm_set_key(sm, WPA_ALG_IGTK,
-				   (u8 *) "\xff\xff\xff\xff\xff\xff",
+		if (wpa_sm_set_key(sm, WPA_ALG_IGTK, broadcast_ether_addr,
 				   keyidx, 0, igtk->pn, sizeof(igtk->pn),
 				   igtk->igtk, WPA_IGTK_LEN) < 0) {
 			wpa_printf(MSG_WARNING, "WPA: Failed to configure IGTK"

src/rsn_supp/wpa_ft.c

@@ -796,9 +796,8 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem,
 	}
 
 	wpa_hexdump_key(MSG_DEBUG, "FT: GTK from Reassoc Resp", gtk, keylen);
-	if (wpa_sm_set_key(sm, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
-			   keyidx, 0, gtk_elem + 3, rsc_len, gtk, keylen) <
-	    0) {
+	if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0,
+			   gtk_elem + 3, rsc_len, gtk, keylen) < 0) {
 		wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the "
 			   "driver.");
 		return -1;
@@ -849,9 +848,8 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem,
 
 	wpa_hexdump_key(MSG_DEBUG, "FT: IGTK from Reassoc Resp", igtk,
 			WPA_IGTK_LEN);
-	if (wpa_sm_set_key(sm, WPA_ALG_IGTK, (u8 *) "\xff\xff\xff\xff\xff\xff",
-			   keyidx, 0, igtk_elem + 2, 6, igtk, WPA_IGTK_LEN) <
-	    0) {
+	if (wpa_sm_set_key(sm, WPA_ALG_IGTK, broadcast_ether_addr, keyidx, 0,
+			   igtk_elem + 2, 6, igtk, WPA_IGTK_LEN) < 0) {
 		wpa_printf(MSG_WARNING, "WPA: Failed to set IGTK to the "
 			   "driver.");
 		return -1;

src/utils/common.h

@@ -465,6 +465,8 @@ static inline int is_broadcast_ether_addr(const u8 *a)
 	return (a[0] & a[1] & a[2] & a[3] & a[4] & a[5]) == 0xff;
 }
 
+#define broadcast_ether_addr (const u8 *) "\xff\xff\xff\xff\xff\xff"
+
 #include "wpa_debug.h"
 
 

wpa_supplicant/ctrl_iface.c

@@ -1917,17 +1917,15 @@ static int wpa_supplicant_ctrl_iface_ap_scan(
 
 static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s)
 {
-	u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
-
 	wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication");
 	/* MLME-DELETEKEYS.request */
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
 #ifdef CONFIG_IEEE80211W
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
 #endif /* CONFIG_IEEE80211W */
 
 	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL,

wpa_supplicant/wpa_supplicant.c

@@ -132,8 +132,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
 			continue;
 
 		set = 1;
-		wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
-				(u8 *) "\xff\xff\xff\xff\xff\xff",
+		wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
 				i, i == ssid->wep_tx_keyidx, NULL, 0,
 				ssid->wep_key[i], ssid->wep_key_len[i]);
 	}
@@ -186,8 +185,7 @@ static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
 	/* TODO: should actually remember the previously used seq#, both for TX
 	 * and RX from each STA.. */
 
-	return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
-			       0, 1, seq, 6, key, keylen);
+	return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
 }
 
 
@@ -452,8 +450,6 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
  */
 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
 {
-	u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
-
 	if (wpa_s->keys_cleared) {
 		/* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
 		 * timing issues with keys being cleared just before new keys
@@ -468,13 +464,13 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
 	}
 
 	/* MLME-DELETEKEYS.request */
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
 #ifdef CONFIG_IEEE80211W
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
-	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
+	wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
 #endif /* CONFIG_IEEE80211W */
 	if (addr) {
 		wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,

wpa_supplicant/wpas_glue.c

@@ -210,8 +210,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
 			wpa_s->group_cipher = cipher;
 	}
 	return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
-			       unicast ? wpa_s->bssid :
-			       (u8 *) "\xff\xff\xff\xff\xff\xff",
+			       unicast ? wpa_s->bssid : NULL,
 			       keyidx, unicast, NULL, 0, key, keylen);
 }