jeltz
/
hostap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Make WEP functionality an optional build parameter

Browse Source 
WEP should not be used for anything anymore. As a step towards removing
it completely, move all WEP related functionality to be within
CONFIG_WEP blocks. This will be included in builds only if CONFIG_WEP=y
is explicitly set in build configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
master
Jouni Malinen 4 years ago
parent bca44f4e4e
commit 200c7693c9
48 changed files with 386 additions and 71 deletions
Show Stats Download Patch File Download Diff File

4
hostapd/Android.mk
Unescape Escape View File

@ -309,6 +309,10 @@ OBJS += src/fst/fst_ctrl_iface.c
endif
endif
ifdef CONFIG_WEP
L_CFLAGS += -DCONFIG_WEP
endif
include $(LOCAL_PATH)/src/drivers/drivers.mk

4
hostapd/Makefile
Unescape Escape View File

@ -1238,6 +1238,10 @@ OBJS += ../src/fst/fst_ctrl_iface.o
endif
endif
ifdef CONFIG_WEP
CFLAGS += -DCONFIG_WEP
endif
ALL=hostapd hostapd_cli
all: verify_config $(ALL)

8
hostapd/android.config
Unescape Escape View File

@ -201,3 +201,11 @@ CONFIG_WPA_CLI_EDIT=y
# /dev/urandom earlier in boot' seeds /dev/urandom with that entropy before
# either wpa_supplicant or hostapd are run.
CONFIG_NO_RANDOM_POOL=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current hostapd
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
CONFIG_WEP=y

6
hostapd/config_file.c
Unescape Escape View File

@ -793,6 +793,7 @@ static int hostapd_config_parse_cipher(int line, const char *value)
}
#ifdef CONFIG_WEP
static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
char *val)
{
@ -843,6 +844,7 @@ static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
return 0;
}
#endif /* CONFIG_WEP */
static int hostapd_parse_chanlist(struct hostapd_config *conf, char *val)
@ -2664,6 +2666,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
} else if (os_strcmp(buf, "erp_domain") == 0) {
os_free(bss->erp_domain);
bss->erp_domain = os_strdup(pos);
#ifdef CONFIG_WEP
} else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) {
int val = atoi(pos);
@ -2691,6 +2694,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
line, bss->wep_rekeying_period);
return 1;
}
#endif /* CONFIG_WEP */
} else if (os_strcmp(buf, "eap_reauth_period") == 0) {
bss->eap_reauth_period = atoi(pos);
if (bss->eap_reauth_period < 0) {
@ -3311,6 +3315,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
bss->ignore_broadcast_ssid = atoi(pos);
} else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) {
bss->no_probe_resp_if_max_sta = atoi(pos);
#ifdef CONFIG_WEP
} else if (os_strcmp(buf, "wep_default_key") == 0) {
bss->ssid.wep.idx = atoi(pos);
if (bss->ssid.wep.idx > 3) {
@ -3329,6 +3334,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
line, buf);
return 1;
}
#endif /* CONFIG_WEP */
#ifndef CONFIG_NO_VLAN
} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
bss->ssid.dynamic_vlan = atoi(pos);

8
hostapd/defconfig
Unescape Escape View File

@ -380,3 +380,11 @@ CONFIG_IPV6=y
# Override default value for the wpa_disable_eapol_key_retries configuration
# parameter. See that parameter in hostapd.conf for more details.
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current hostapd
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
#CONFIG_WEP=y

22
src/ap/ap_config.c
Unescape Escape View File

@ -54,12 +54,16 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
bss->logger_syslog = (unsigned int) -1;
bss->logger_stdout = (unsigned int) -1;
#ifdef CONFIG_WEP
bss->auth_algs = WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED;
bss->wep_rekeying_period = 300;
/* use key0 in individual key and key1 in broadcast key */
bss->broadcast_key_idx_min = 1;
bss->broadcast_key_idx_max = 2;
#else /* CONFIG_WEP */
bss->auth_algs = WPA_AUTH_ALG_OPEN;
#endif /* CONFIG_WEP */
bss->eap_reauth_period = 3600;
bss->wpa_group_rekey = 600;
@ -636,6 +640,7 @@ void hostapd_config_free_eap_users(struct hostapd_eap_user *user)
}
#ifdef CONFIG_WEP
static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
{
int i;
@ -644,6 +649,7 @@ static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
keys->key[i] = NULL;
}
}
#endif /* CONFIG_WEP */
void hostapd_config_clear_wpa_psk(struct hostapd_wpa_psk **l)
@ -732,7 +738,9 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf)
str_clear_free(conf->ssid.wpa_passphrase);
os_free(conf->ssid.wpa_psk_file);
#ifdef CONFIG_WEP
hostapd_config_free_wep(&conf->ssid.wep);
#endif /* CONFIG_WEP */
#ifdef CONFIG_FULL_DYNAMIC_VLAN
os_free(conf->ssid.vlan_tagged_interface);
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
@ -1106,6 +1114,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
return -1;
}
#ifdef CONFIG_WEP
if (bss->wpa) {
int wep, i;
@ -1123,6 +1132,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
return -1;
}
}
#endif /* CONFIG_WEP */
if (full_config && bss->wpa &&
bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
@ -1177,12 +1187,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
"allowed, disabling HT capabilities");
}
#ifdef CONFIG_WEP
if (full_config && conf->ieee80211n &&
bss->ssid.security_policy == SECURITY_STATIC_WEP) {
bss->disable_11n = 1;
wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
"allowed, disabling HT capabilities");
}
#endif /* CONFIG_WEP */
if (full_config && conf->ieee80211n && bss->wpa &&
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
@ -1196,12 +1208,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
}
#ifdef CONFIG_IEEE80211AC
#ifdef CONFIG_WEP
if (full_config && conf->ieee80211ac &&
bss->ssid.security_policy == SECURITY_STATIC_WEP) {
bss->disable_11ac = 1;
wpa_printf(MSG_ERROR,
"VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities");
}
#endif /* CONFIG_WEP */
if (full_config && conf->ieee80211ac && bss->wpa &&
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
@ -1221,12 +1235,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
bss->wps_state = 0;
}
#ifdef CONFIG_WEP
if (full_config && bss->wps_state &&
bss->ssid.wep.keys_set && bss->wpa == 0) {
wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
"disabled");
bss->wps_state = 0;
}
#endif /* CONFIG_WEP */
if (full_config && bss->wps_state && bss->wpa &&
(!(bss->wpa & 2) ||
@ -1350,11 +1366,13 @@ int hostapd_config_check(struct hostapd_config *conf, int full_config)
void hostapd_set_security_params(struct hostapd_bss_config *bss,
int full_config)
{
#ifdef CONFIG_WEP
if (bss->individual_wep_key_len == 0) {
/* individual keys are not use; can use key idx0 for
* broadcast keys */
bss->broadcast_key_idx_min = 0;
}
#endif /* CONFIG_WEP */
if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
bss->rsn_pairwise = bss->wpa_pairwise;
@ -1380,6 +1398,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
} else if (bss->ieee802_1x) {
int cipher = WPA_CIPHER_NONE;
bss->ssid.security_policy = SECURITY_IEEE_802_1X;
#ifdef CONFIG_WEP
bss->ssid.wep.default_len = bss->default_wep_key_len;
if (full_config && bss->default_wep_key_len) {
cipher = bss->default_wep_key_len >= 13 ?
@ -1390,11 +1409,13 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
else
cipher = WPA_CIPHER_WEP40;
}
#endif /* CONFIG_WEP */
bss->wpa_group = cipher;
bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher;
if (full_config)
bss->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
#ifdef CONFIG_WEP
} else if (bss->ssid.wep.keys_set) {
int cipher = WPA_CIPHER_WEP40;
if (bss->ssid.wep.len[0] >= 13)
@ -1405,6 +1426,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
bss->rsn_pairwise = cipher;
if (full_config)
bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
#endif /* CONFIG_WEP */
} else if (bss->osen) {
bss->ssid.security_policy = SECURITY_OSEN;
bss->wpa_group = WPA_CIPHER_CCMP;

8
src/ap/ap_config.h
Unescape Escape View File

@ -67,6 +67,7 @@ struct hostapd_radius_servers;
struct ft_remote_r0kh;
struct ft_remote_r1kh;
#ifdef CONFIG_WEP
#define NUM_WEP_KEYS 4
struct hostapd_wep_keys {
u8 idx;
@ -75,10 +76,13 @@ struct hostapd_wep_keys {
int keys_set;
size_t default_len; /* key length used for dynamic key generation */
};
#endif /* CONFIG_WEP */
typedef enum hostap_security_policy {
SECURITY_PLAINTEXT = 0,
#ifdef CONFIG_WEP
SECURITY_STATIC_WEP = 1,
#endif /* CONFIG_WEP */
SECURITY_IEEE_802_1X = 2,
SECURITY_WPA_PSK = 3,
SECURITY_WPA = 4,
@ -102,7 +106,9 @@ struct hostapd_ssid {
char *wpa_psk_file;
struct sae_pt *pt;
#ifdef CONFIG_WEP
struct hostapd_wep_keys wep;
#endif /* CONFIG_WEP */
#define DYNAMIC_VLAN_DISABLED 0
#define DYNAMIC_VLAN_OPTIONAL 1
@ -321,10 +327,12 @@ struct hostapd_bss_config {
size_t eap_req_id_text_len;
int eapol_key_index_workaround;
#ifdef CONFIG_WEP
size_t default_wep_key_len;
int individual_wep_key_len;
int wep_rekeying_period;
int broadcast_key_idx_min, broadcast_key_idx_max;
#endif /* CONFIG_WEP */
int eap_reauth_period;
int erp_send_reauth_start;
char *erp_domain;

5
src/ap/beacon.c
Unescape Escape View File

@ -1360,10 +1360,13 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd,
params->key_mgmt_suites = hapd->conf->wpa_key_mgmt;
params->auth_algs = hapd->conf->auth_algs;
params->wpa_version = hapd->conf->wpa;
params->privacy = hapd->conf->ssid.wep.keys_set || hapd->conf->wpa ||
params->privacy = hapd->conf->wpa;
#ifdef CONFIG_WEP
params->privacy |= hapd->conf->ssid.wep.keys_set ||
(hapd->conf->ieee802_1x &&
(hapd->conf->default_wep_key_len ||
hapd->conf->individual_wep_key_len));
#endif /* CONFIG_WEP */
switch (hapd->conf->ignore_broadcast_ssid) {
case 0:
params->hide_ssid = NO_SSID_HIDING;

20
src/ap/hostapd.c
Unescape Escape View File

@ -58,8 +58,10 @@
static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason);
#ifdef CONFIG_WEP
static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd);
static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd);
#endif /* CONFIG_WEP */
static int setup_interface2(struct hostapd_iface *iface);
static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx);
static void hostapd_interface_setup_failure_handler(void *eloop_ctx,
@ -89,7 +91,9 @@ void hostapd_reconfig_encryption(struct hostapd_data *hapd)
return;
hostapd_set_privacy(hapd, 0);
#ifdef CONFIG_WEP
hostapd_setup_encryption(hapd->conf->iface, hapd);
#endif /* CONFIG_WEP */
}
@ -142,7 +146,9 @@ static void hostapd_reload_bss(struct hostapd_data *hapd)
wpa_deinit(hapd->wpa_auth);
hapd->wpa_auth = NULL;
hostapd_set_privacy(hapd, 0);
#ifdef CONFIG_WEP
hostapd_setup_encryption(hapd->conf->iface, hapd);
#endif /* CONFIG_WEP */
hostapd_set_generic_elem(hapd, (u8 *) "", 0);
}
@ -170,7 +176,9 @@ static void hostapd_clear_old(struct hostapd_iface *iface)
for (j = 0; j < iface->num_bss; j++) {
hostapd_flush_old_stations(iface->bss[j],
WLAN_REASON_PREV_AUTH_NOT_VALID);
#ifdef CONFIG_WEP
hostapd_broadcast_wep_clear(iface->bss[j]);
#endif /* CONFIG_WEP */
#ifndef CONFIG_NO_RADIUS
/* TODO: update dynamic data based on changed configuration
@ -284,6 +292,8 @@ int hostapd_reload_config(struct hostapd_iface *iface)
}
#ifdef CONFIG_WEP
static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
const char *ifname)
{
@ -339,6 +349,8 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
return errors;
}
#endif /* CONFIG_WEP */
static void hostapd_free_hapd_data(struct hostapd_data *hapd)
{
@ -524,6 +536,8 @@ static void hostapd_cleanup_iface(struct hostapd_iface *iface)
}
#ifdef CONFIG_WEP
static void hostapd_clear_wep(struct hostapd_data *hapd)
{
if (hapd->drv_priv && !hapd->iface->driver_ap_teardown && hapd->conf) {
@ -571,6 +585,8 @@ static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd)
return 0;
}
#endif /* CONFIG_WEP */
static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason)
{
@ -606,7 +622,9 @@ static void hostapd_bss_deinit_no_free(struct hostapd_data *hapd)
{
hostapd_free_stas(hapd);
hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING);
#ifdef CONFIG_WEP
hostapd_clear_wep(hapd);
#endif /* CONFIG_WEP */
}
@ -1161,9 +1179,11 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
WLAN_REASON_PREV_AUTH_NOT_VALID);
hostapd_set_privacy(hapd, 0);
#ifdef CONFIG_WEP
hostapd_broadcast_wep_clear(hapd);
if (hostapd_setup_encryption(conf->iface, hapd))
return -1;
#endif /* CONFIG_WEP */
/*
* Fetch the SSID from the system and use it or,

10
src/ap/ieee802_11.c
Unescape Escape View File

@ -223,7 +223,7 @@ u8 * hostapd_eid_rm_enabled_capab(struct hostapd_data *hapd, u8 *eid,
u16 hostapd_own_capab_info(struct hostapd_data *hapd)
{
int capab = WLAN_CAPABILITY_ESS;
int privacy;
int privacy = 0;
int dfs;
int i;
@ -239,12 +239,14 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
hapd->iconf->preamble == SHORT_PREAMBLE)
capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
#ifdef CONFIG_WEP
privacy = hapd->conf->ssid.wep.keys_set;
if (hapd->conf->ieee802_1x &&
(hapd->conf->default_wep_key_len ||
hapd->conf->individual_wep_key_len))
privacy = 1;
#endif /* CONFIG_WEP */
if (hapd->conf->wpa)
privacy = 1;
@ -284,6 +286,7 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
}
#ifdef CONFIG_WEP
#ifndef CONFIG_NO_RC4
static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
u16 auth_transaction, const u8 *challenge,
@ -340,6 +343,7 @@ static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
return 0;
}
#endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_WEP */
static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta,
@ -2543,6 +2547,7 @@ static void handle_auth(struct hostapd_data *hapd,
sta->auth_alg = WLAN_AUTH_OPEN;
mlme_authenticate_indication(hapd, sta);
break;
#ifdef CONFIG_WEP
#ifndef CONFIG_NO_RC4
case WLAN_AUTH_SHARED_KEY:
resp = auth_shared_key(hapd, sta, auth_transaction, challenge,
@ -2561,6 +2566,7 @@ static void handle_auth(struct hostapd_data *hapd,
}
break;
#endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_WEP */
#ifdef CONFIG_IEEE80211R_AP
case WLAN_AUTH_FT:
sta->auth_alg = WLAN_AUTH_FT;
@ -4946,6 +4952,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd,
struct sta_info *sta,
char *ifname_wds)
{
#ifdef CONFIG_WEP
int i;
struct hostapd_ssid *ssid = &hapd->conf->ssid;
@ -4966,6 +4973,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd,
break;
}
}
#endif /* CONFIG_WEP */
}

19
src/ap/ieee802_1x.c
Unescape Escape View File

@ -137,6 +137,7 @@ void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd,
}
#ifdef CONFIG_WEP
#ifndef CONFIG_FIPS
#ifndef CONFIG_NO_RC4
@ -297,6 +298,7 @@ static void ieee802_1x_tx_key(struct hostapd_data *hapd, struct sta_info *sta)
#endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_FIPS */
#endif /* CONFIG_WEP */
const char *radius_mode_txt(struct hostapd_data *hapd)
@ -2114,6 +2116,8 @@ void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
}
#ifdef CONFIG_WEP
static int ieee802_1x_rekey_broadcast(struct hostapd_data *hapd)
{
struct eapol_authenticator *eapol = hapd->eapol_auth;
@ -2198,6 +2202,8 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx)
}
}
#endif /* CONFIG_WEP */
static void ieee802_1x_eapol_send(void *ctx, void *sta_ctx, u8 type,
const u8 *data, size_t datalen)
@ -2361,6 +2367,7 @@ static void _ieee802_1x_abort_auth(void *ctx, void *sta_ctx)
}
#ifdef CONFIG_WEP
static void _ieee802_1x_tx_key(void *ctx, void *sta_ctx)
{
#ifndef CONFIG_FIPS
@ -2372,6 +2379,7 @@ static void _ieee802_1x_tx_key(void *ctx, void *sta_ctx)
#endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_FIPS */
}
#endif /* CONFIG_WEP */
static void ieee802_1x_eapol_event(void *ctx, void *sta_ctx,
@ -2422,7 +2430,6 @@ static int ieee802_1x_erp_add_key(void *ctx, struct eap_server_erp_key *erp)
int ieee802_1x_init(struct hostapd_data *hapd)
{
int i;
struct eapol_auth_config conf;
struct eapol_auth_cb cb;
@ -2433,7 +2440,9 @@ int ieee802_1x_init(struct hostapd_data *hapd)
conf.ctx = hapd;
conf.eap_reauth_period = hapd->conf->eap_reauth_period;
conf.wpa = hapd->conf->wpa;
#ifdef CONFIG_WEP
conf.individual_wep_key_len = hapd->conf->individual_wep_key_len;
#endif /* CONFIG_WEP */
conf.eap_req_id_text = hapd->conf->eap_req_id_text;
conf.eap_req_id_text_len = hapd->conf->eap_req_id_text_len;
conf.erp_send_reauth_start = hapd->conf->erp_send_reauth_start;
@ -2448,7 +2457,9 @@ int ieee802_1x_init(struct hostapd_data *hapd)
cb.logger = ieee802_1x_logger;
cb.set_port_authorized = ieee802_1x_set_port_authorized;
cb.abort_auth = _ieee802_1x_abort_auth;
#ifdef CONFIG_WEP
cb.tx_key = _ieee802_1x_tx_key;
#endif /* CONFIG_WEP */
cb.eapol_event = ieee802_1x_eapol_event;
#ifdef CONFIG_ERP
cb.erp_get_key = ieee802_1x_erp_get_key;
@ -2469,7 +2480,10 @@ int ieee802_1x_init(struct hostapd_data *hapd)
return -1;
#endif /* CONFIG_NO_RADIUS */
#ifdef CONFIG_WEP
if (hapd->conf->default_wep_key_len) {
int i;
for (i = 0; i < 4; i++)
hostapd_drv_set_key(hapd->conf->iface, hapd,
WPA_ALG_NONE, NULL, i, 0, 0, NULL,
@ -2480,6 +2494,7 @@ int ieee802_1x_init(struct hostapd_data *hapd)
if (!hapd->eapol_auth->default_wep_key)
return -1;
}
#endif /* CONFIG_WEP */
return 0;
}
@ -2499,7 +2514,9 @@ void ieee802_1x_erp_flush(struct hostapd_data *hapd)
void ieee802_1x_deinit(struct hostapd_data *hapd)
{
#ifdef CONFIG_WEP
eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL);
#endif /* CONFIG_WEP */
if (hapd->driver && hapd->drv_priv &&
(hapd->conf->ieee802_1x || hapd->conf->wpa))

5
src/ap/vlan_init.c
Unescape Escape View File

@ -22,7 +22,9 @@
static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
int existsok)
{
int ret, i;
int ret;
#ifdef CONFIG_WEP
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (!hapd->conf->ssid.wep.key[i])
@ -32,6 +34,7 @@ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
vlan->ifname);
return -1;
}
#endif /* CONFIG_WEP */
if (!iface_exists(vlan->ifname))
ret = hostapd_vlan_if_add(hapd, vlan->ifname);

4
src/ap/wps_hostapd.c
Unescape Escape View File

@ -651,8 +651,10 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx)
(str_starts(buf, "ssid=") ||
str_starts(buf, "ssid2=") ||
str_starts(buf, "auth_algs=") ||
#ifdef CONFIG_WEP
str_starts(buf, "wep_default_key=") ||
str_starts(buf, "wep_key") ||
#endif /* CONFIG_WEP */
str_starts(buf, "wps_state=") ||
(pmf_changed && str_starts(buf, "ieee80211w=")) ||
str_starts(buf, "wpa=") ||
@ -1196,6 +1198,7 @@ int hostapd_init_wps(struct hostapd_data *hapd,
wpa_snprintf_hex((char *) wps->network_key, 2 * PMK_LEN + 1,
conf->ssid.wpa_psk->psk, PMK_LEN);
wps->network_key_len = 2 * PMK_LEN;
#ifdef CONFIG_WEP
} else if (conf->ssid.wep.keys_set && conf->ssid.wep.key[0]) {
wps->network_key = os_malloc(conf->ssid.wep.len[0]);
if (wps->network_key == NULL)
@ -1203,6 +1206,7 @@ int hostapd_init_wps(struct hostapd_data *hapd,
os_memcpy(wps->network_key, conf->ssid.wep.key[0],
conf->ssid.wep.len[0]);
wps->network_key_len = conf->ssid.wep.len[0];
#endif /* CONFIG_WEP */
}
if (conf->ssid.wpa_psk) {

4
src/common/wpa_common.c
Unescape Escape View File

@ -1965,10 +1965,12 @@ const char * wpa_cipher_txt(int cipher)
switch (cipher) {
case WPA_CIPHER_NONE:
return "NONE";
#ifdef CONFIG_WEP
case WPA_CIPHER_WEP40:
return "WEP-40";
case WPA_CIPHER_WEP104:
return "WEP-104";
#endif /* CONFIG_WEP */
case WPA_CIPHER_TKIP:
return "TKIP";
case WPA_CIPHER_CCMP:
@ -2467,10 +2469,12 @@ int wpa_parse_cipher(const char *value)
val |= WPA_CIPHER_GCMP;
else if (os_strcmp(start, "TKIP") == 0)
val |= WPA_CIPHER_TKIP;
#ifdef CONFIG_WEP
else if (os_strcmp(start, "WEP104") == 0)
val |= WPA_CIPHER_WEP104;
else if (os_strcmp(start, "WEP40") == 0)
val |= WPA_CIPHER_WEP40;
#endif /* CONFIG_WEP */
else if (os_strcmp(start, "NONE") == 0)
val |= WPA_CIPHER_NONE;
else if (os_strcmp(start, "GTK_NOT_USED") == 0)

14
src/eapol_auth/eapol_auth_sm.c
Unescape Escape View File

@ -648,6 +648,8 @@ SM_STEP(REAUTH_TIMER)
#ifdef CONFIG_WEP
/* Authenticator Key Transmit state machine */
SM_STATE(AUTH_KEY_TX, NO_KEY_TRANSMIT)
@ -726,6 +728,8 @@ SM_STEP(KEY_RX)
}
}
#endif /* CONFIG_WEP */
/* Controlled Directions state machine */
@ -813,10 +817,12 @@ eapol_auth_alloc(struct eapol_authenticator *eapol, const u8 *addr,
sm->portControl = Auto;
#ifdef CONFIG_WEP
if (!eapol->conf.wpa &&
(eapol->default_wep_key || eapol->conf.individual_wep_key_len > 0))
sm->keyTxEnabled = TRUE;
else
#endif /* CONFIG_WEP */
sm->keyTxEnabled = FALSE;
if (eapol->conf.wpa)
sm->portValid = FALSE;
@ -910,10 +916,12 @@ restart:
SM_STEP_RUN(BE_AUTH);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(REAUTH_TIMER);
#ifdef CONFIG_WEP
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(AUTH_KEY_TX);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(KEY_RX);
#endif /* CONFIG_WEP */
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(CTRL_DIR);
@ -1167,7 +1175,9 @@ static int eapol_auth_conf_clone(struct eapol_auth_config *dst,
dst->ctx = src->ctx;
dst->eap_reauth_period = src->eap_reauth_period;
dst->wpa = src->wpa;
#ifdef CONFIG_WEP
dst->individual_wep_key_len = src->individual_wep_key_len;
#endif /* CONFIG_WEP */
os_free(dst->eap_req_id_text);
if (src->eap_req_id_text) {
dst->eap_req_id_text = os_memdup(src->eap_req_id_text,
@ -1221,10 +1231,12 @@ struct eapol_authenticator * eapol_auth_init(struct eapol_auth_config *conf,
return NULL;
}
#ifdef CONFIG_WEP
if (conf->individual_wep_key_len > 0) {
/* use key0 in individual key and key1 in broadcast key */
eapol->default_wep_key_idx = 1;
}
#endif /* CONFIG_WEP */
eapol->cb.eapol_send = cb->eapol_send;
eapol->cb.aaa_send = cb->aaa_send;
@ -1249,6 +1261,8 @@ void eapol_auth_deinit(struct eapol_authenticator *eapol)
return;
eapol_auth_conf_free(&eapol->conf);
#ifdef CONFIG_WEP
os_free(eapol->default_wep_key);
#endif /* CONFIG_WEP */
os_free(eapol);
}

2
src/eapol_supp/eapol_supp_sm.c
Unescape Escape View File

@ -692,6 +692,7 @@ struct eap_key_data {
static void eapol_sm_processKey(struct eapol_sm *sm)
{
#ifdef CONFIG_WEP
#ifndef CONFIG_FIPS
struct ieee802_1x_hdr *hdr;
struct ieee802_1x_eapol_key *key;
@ -866,6 +867,7 @@ static void eapol_sm_processKey(struct eapol_sm *sm)
}
}
#endif /* CONFIG_FIPS */
#endif /* CONFIG_WEP */
}

1
tests/hwsim/example-hostapd.config
Unescape Escape View File

@ -110,3 +110,4 @@ CONFIG_FILS_SK_PFS=y
CONFIG_OWE=y
CONFIG_DPP=y
CONFIG_DPP2=y
CONFIG_WEP=y

1
tests/hwsim/example-wpa_supplicant.config
Unescape Escape View File

@ -153,3 +153,4 @@ CONFIG_PMKSA_CACHE_EXTERNAL=y
CONFIG_OWE=y
CONFIG_DPP=y
CONFIG_DPP2=y
CONFIG_WEP=y

22
tests/hwsim/test_ap_config.py
Unescape Escape View File

@ -429,8 +429,6 @@ def test_ap_config_set_oom(dev, apdev):
tests = [(1, "hostapd_parse_das_client",
"SET radius_das_client 192.168.1.123 pw"),
(1, "hostapd_config_read_wep", "SET wep_key0 \"hello\""),
(1, "hostapd_config_read_wep", "SET wep_key0 0102030405"),
(1, "hostapd_parse_chanlist", "SET chanlist 1 6 11-13"),
(1, "hostapd_config_bss", "SET bss foo"),
(2, "hostapd_config_bss", "SET bss foo"),
@ -486,6 +484,9 @@ def test_ap_config_set_oom(dev, apdev):
(1, "hostapd_parse_intlist", "SET sae_groups 19 25"),
(1, "hostapd_parse_intlist", "SET basic_rates 10 20 55 110"),
(1, "hostapd_parse_intlist", "SET supported_rates 10 20 55 110")]
if "WEP40" in dev[0].get_capability("group"):
tests += [(1, "hostapd_config_read_wep", "SET wep_key0 \"hello\""),
(1, "hostapd_config_read_wep", "SET wep_key0 0102030405")]
for count, func, cmd in tests:
with alloc_fail(hapd, count, func):
if "FAIL" not in hapd.request(cmd):
@ -533,14 +534,15 @@ def test_ap_config_set_oom(dev, apdev):
def test_ap_config_set_errors(dev, apdev):
"""hostapd configuration parsing errors"""
hapd = hostapd.add_ap(apdev[0], {"ssid": "foobar"})
hapd.set("wep_key0", '"hello"')
hapd.set("wep_key1", '"hello"')
hapd.set("wep_key0", '')
hapd.set("wep_key0", '"hello"')
if "FAIL" not in hapd.request("SET wep_key1 \"hello\""):
raise Exception("SET wep_key1 allowed to override existing key")
hapd.set("wep_key1", '')
hapd.set("wep_key1", '"hello"')
if "WEP40" in dev[0].get_capability("group"):
hapd.set("wep_key0", '"hello"')
hapd.set("wep_key1", '"hello"')
hapd.set("wep_key0", '')
hapd.set("wep_key0", '"hello"')
if "FAIL" not in hapd.request("SET wep_key1 \"hello\""):
raise Exception("SET wep_key1 allowed to override existing key")
hapd.set("wep_key1", '')
hapd.set("wep_key1", '"hello"')
hapd.set("auth_server_addr", "127.0.0.1")
hapd.set("acct_server_addr", "127.0.0.1")

5
tests/hwsim/test_ap_hs20.py
Unescape Escape View File

@ -2662,8 +2662,9 @@ def test_ap_hs20_osen(dev, apdev):
dev[1].connect("osen", key_mgmt="NONE", scan_freq="2412",
wait_connect=False)
dev[2].connect("osen", key_mgmt="NONE", wep_key0='"hello"',
scan_freq="2412", wait_connect=False)
if "WEP40" in dev[2].get_capability("group"):
dev[2].connect("osen", key_mgmt="NONE", wep_key0='"hello"',
scan_freq="2412", wait_connect=False)
dev[0].flush_scan_cache()
dev[0].connect("osen", proto="OSEN", key_mgmt="OSEN", pairwise="CCMP",
group="GTK_NOT_USED CCMP",

3
tests/hwsim/test_ap_params.py
Unescape Escape View File

@ -16,6 +16,7 @@ import hwsim_utils
import hostapd
from tshark import run_tshark
from utils import alloc_fail, HwsimSkip, parse_ie
from test_wep import check_wep_capa
@remote_compatible
def test_ap_fragmentation_rts_set_high(dev, apdev):
@ -334,6 +335,7 @@ def test_ap_wds_sta_open(dev, apdev):
def test_ap_wds_sta_wep(dev, apdev):
"""WEP AP with STA using 4addr mode"""
check_wep_capa(dev[0])
ssid = "test-wds-wep"
params = {}
params['ssid'] = ssid
@ -658,6 +660,7 @@ def test_ap_beacon_rate_vht(dev, apdev):
def test_ap_wep_to_wpa(dev, apdev):
"""WEP to WPA2-PSK configuration change in hostapd"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-to-wpa",
"wep_key0": '"hello"'})

3
tests/hwsim/test_ap_tdls.py
Unescape Escape View File

@ -17,6 +17,7 @@ import hostapd
from utils import HwsimSkip, skip_with_fips
from wlantest import Wlantest
from test_ap_vht import vht_supported
from test_wep import check_wep_capa
def start_ap_wpa2_psk(ap):
params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678")
@ -313,6 +314,8 @@ def test_ap_wpa_mixed_tdls(dev, apdev):
def test_ap_wep_tdls(dev, apdev):
"""WEP AP and two stations using TDLS"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
hapd = hostapd.add_ap(apdev[0],
{"ssid": "test-wep", "wep_key0": '"hello"'})
wlantest_setup(hapd)

2
tests/hwsim/test_ap_wps.py
Unescape Escape View File

@ -45,6 +45,7 @@ from utils import HwsimSkip, alloc_fail, fail_test, skip_with_fips
from utils import wait_fail_trigger, clear_regdom
from test_ap_eap import int_eap_server_params
from test_sae import check_sae_capab
from test_wep import check_wep_capa
def wps_start_ap(apdev, ssid="test-wps-conf"):
params = {"ssid": ssid, "eap_server": "1", "wps_state": "2",
@ -10036,6 +10037,7 @@ def test_ap_wps_ignore_broadcast_ssid(dev, apdev):
def test_ap_wps_wep(dev, apdev):
"""WPS AP trying to enable WEP"""
check_wep_capa(dev[0])
ssid = "test-wps"
hapd = hostapd.add_ap(apdev[0],
{"ssid": ssid, "eap_server": "1", "wps_state": "1",

2
tests/hwsim/test_cfg80211.py
Unescape Escape View File

@ -16,6 +16,7 @@ import hwsim_utils
from tshark import run_tshark
from nl80211 import *
from wpasupplicant import WpaSupplicant
from test_wep import check_wep_capa
def nl80211_command(dev, cmd, attr):
res = dev.request("VENDOR ffffffff {} {}".format(nl80211_cmd[cmd],
@ -101,6 +102,7 @@ def test_cfg80211_tx_frame(dev, apdev, params):
@remote_compatible
def test_cfg80211_wep_key_idx_change(dev, apdev):
"""WEP Shared Key authentication and key index change without deauth"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"',

13
tests/hwsim/test_connect_cmd.py
Unescape Escape View File

@ -12,6 +12,7 @@ import hwsim_utils
import hostapd
from wpasupplicant import WpaSupplicant
from p2p_utils import *
from test_wep import check_wep_capa
def test_connect_cmd_open(dev, apdev):
"""Open connection using cfg80211 connect command"""
@ -31,11 +32,13 @@ def test_connect_cmd_open(dev, apdev):
def test_connect_cmd_wep(dev, apdev):
"""WEP Open System using cfg80211 connect command"""
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
check_wep_capa(wpas)
params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"'}
hapd = hostapd.add_ap(apdev[0], params)
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412",
wep_key0='"hello"')
wpas.dump_monitor()
@ -46,12 +49,14 @@ def test_connect_cmd_wep(dev, apdev):
def test_connect_cmd_wep_shared(dev, apdev):
"""WEP Shared key using cfg80211 connect command"""
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
check_wep_capa(wpas)
params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"',
"auth_algs": "2"}
hapd = hostapd.add_ap(apdev[0], params)
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
id = wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412",
auth_alg="SHARED", wep_key0='"hello"')
wpas.dump_monitor()

4
tests/hwsim/test_ibss.py
Unescape Escape View File

@ -13,6 +13,7 @@ import subprocess
import hwsim_utils
from utils import alloc_fail, wait_fail_trigger
from test_wep import check_wep_capa
def connect_ibss_cmd(dev, id, freq=2412):
dev.dump_monitor()
@ -395,6 +396,9 @@ def test_ibss_rsn_tkip(dev):
def test_ibss_wep(dev):
"""IBSS with WEP"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
ssid = "ibss-wep"
id = add_ibss(dev[0], ssid, key_mgmt="NONE", wep_key0='"hello"')

8
tests/hwsim/test_ieee8021x.py
Unescape Escape View File

@ -15,11 +15,13 @@ import hostapd
import hwsim_utils
from utils import skip_with_fips
from tshark import run_tshark
from test_wep import check_wep_capa
logger = logging.getLogger()
def test_ieee8021x_wep104(dev, apdev):
"""IEEE 802.1X connection using dynamic WEP104"""
check_wep_capa(dev[0])
skip_with_fips(dev[0])
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep"
@ -36,6 +38,7 @@ def test_ieee8021x_wep104(dev, apdev):
def test_ieee8021x_wep40(dev, apdev):
"""IEEE 802.1X connection using dynamic WEP40"""
check_wep_capa(dev[0])
skip_with_fips(dev[0])
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep"
@ -52,6 +55,7 @@ def test_ieee8021x_wep40(dev, apdev):
def test_ieee8021x_wep_index_workaround(dev, apdev):
"""IEEE 802.1X and EAPOL-Key index workaround"""
check_wep_capa(dev[0])
skip_with_fips(dev[0])
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep"
@ -100,6 +104,7 @@ def test_ieee8021x_static_wep104(dev, apdev):
run_static_wep(dev, apdev, '"hello-there-/"')
def run_static_wep(dev, apdev, key):
check_wep_capa(dev[0])
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep"
params["ieee8021x"] = "1"
@ -252,6 +257,7 @@ def send_eapol_key(dev, bssid, signkey, frame_start, frame_end):
def test_ieee8021x_eapol_key(dev, apdev):
"""IEEE 802.1X connection and EAPOL-Key protocol tests"""
check_wep_capa(dev[0])
skip_with_fips(dev[0])
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep"
@ -317,6 +323,7 @@ def test_ieee8021x_reauth(dev, apdev):
def test_ieee8021x_reauth_wep(dev, apdev, params):
"""IEEE 802.1X and EAPOL_REAUTH request with WEP"""
check_wep_capa(dev[0])
logdir = params['logdir']
params = hostapd.radius_params()
@ -492,6 +499,7 @@ def test_ieee8021x_open_leap(dev, apdev):
def test_ieee8021x_and_wpa_enabled(dev, apdev):
"""IEEE 802.1X connection using dynamic WEP104 when WPA enabled"""
check_wep_capa(dev[0])
skip_with_fips(dev[0])
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep"

2
tests/hwsim/test_radius.py
Unescape Escape View File

@ -21,6 +21,7 @@ import hostapd
from utils import HwsimSkip, require_under_vm, skip_with_fips, alloc_fail, fail_test, wait_fail_trigger
from test_ap_hs20 import build_dhcp_ack
from test_ap_ft import ft_params1
from test_wep import check_wep_capa
def connect(dev, ssid, wait_connect=True):
dev.connect(ssid, key_mgmt="WPA-EAP", scan_freq="2412",
@ -442,6 +443,7 @@ def test_radius_acct_ft_psk(dev, apdev):
def test_radius_acct_ieee8021x(dev, apdev):
"""RADIUS Accounting - IEEE 802.1X"""
check_wep_capa(dev[0])
skip_with_fips(dev[0])
as_hapd = hostapd.Hostapd("as")
params = hostapd.radius_params()

2
tests/hwsim/test_scan.py
Unescape Escape View File

@ -19,6 +19,7 @@ from utils import HwsimSkip, fail_test, alloc_fail, wait_fail_trigger, parse_ie
from utils import clear_regdom_dev
from tshark import run_tshark
from test_ap_csa import switch_channel, wait_channel_switch, csa_supported
from test_wep import check_wep_capa
def check_scan(dev, params, other_started=False, test_busy=False):
if not other_started:
@ -434,6 +435,7 @@ def test_scan_for_auth_fail(dev, apdev):
@remote_compatible
def test_scan_for_auth_wep(dev, apdev):
"""cfg80211 scan-for-auth workaround with WEP keys"""
check_wep_capa(dev[0])
dev[0].flush_scan_cache()
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep", "wep_key0": '"abcde"',

15
tests/hwsim/test_wep.py
Unescape Escape View File

@ -11,11 +11,16 @@ import subprocess
from remotehost import remote_compatible
import hostapd
import hwsim_utils
from utils import clear_regdom
from utils import clear_regdom, HwsimSkip
def check_wep_capa(dev):
if "WEP40" not in dev.get_capability("group"):
raise HwsimSkip("WEP not supported")
@remote_compatible
def test_wep_open_auth(dev, apdev):
"""WEP Open System authentication"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-open",
"wep_key0": '"hello"'})
@ -35,6 +40,8 @@ def test_wep_open_auth(dev, apdev):
@remote_compatible
def test_wep_shared_key_auth(dev, apdev):
"""WEP Shared Key authentication"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"',
@ -50,6 +57,7 @@ def test_wep_shared_key_auth(dev, apdev):
@remote_compatible
def test_wep_shared_key_auth_not_allowed(dev, apdev):
"""WEP Shared Key authentication not allowed"""
check_wep_capa(dev[0])
hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"',
@ -63,6 +71,9 @@ def test_wep_shared_key_auth_not_allowed(dev, apdev):
def test_wep_shared_key_auth_multi_key(dev, apdev):
"""WEP Shared Key authentication with multiple keys"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
check_wep_capa(dev[2])
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"',
@ -92,6 +103,7 @@ def test_wep_shared_key_auth_multi_key(dev, apdev):
def test_wep_ht_vht(dev, apdev):
"""WEP and HT/VHT"""
check_wep_capa(dev[0])
dev[0].flush_scan_cache()
try:
hapd = None
@ -124,6 +136,7 @@ def test_wep_ht_vht(dev, apdev):
def test_wep_ifdown(dev, apdev):
"""AP with WEP and external ifconfig down"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-open",
"wep_key0": '"hello"'})

3
tests/hwsim/test_wext.py
Unescape Escape View File

@ -13,6 +13,7 @@ import hwsim_utils
from wpasupplicant import WpaSupplicant
from utils import HwsimSkip, skip_with_fips
from test_rfkill import get_rfkill
from test_wep import check_wep_capa
def get_wext_interface():
if not os.path.exists("/proc/net/wireless"):
@ -149,6 +150,7 @@ def test_wext_pmksa_cache(dev, apdev):
def test_wext_wep_open_auth(dev, apdev):
"""WEP Open System authentication"""
wpas = get_wext_interface()
check_wep_capa(wpas)
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-open",
@ -162,6 +164,7 @@ def test_wext_wep_open_auth(dev, apdev):
def test_wext_wep_shared_key_auth(dev, apdev):
"""WEP Shared Key authentication"""
wpas = get_wext_interface()
check_wep_capa(wpas)
hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key",

25
tests/hwsim/test_wpas_ap.py
Unescape Escape View File

@ -13,6 +13,7 @@ import hwsim_utils
from utils import HwsimSkip, alloc_fail, clear_regdom_dev
from wpasupplicant import WpaSupplicant
from test_p2p_channel import set_country
from test_wep import check_wep_capa
def wait_ap_ready(dev):
ev = dev.wait_event(["CTRL-EVENT-CONNECTED"])
@ -103,6 +104,7 @@ def test_wpas_ap_open_isolate(dev):
@remote_compatible
def test_wpas_ap_wep(dev):
"""wpa_supplicant AP mode - WEP"""
check_wep_capa(dev[0])
id = dev[0].add_network()
dev[0].set_network(id, "mode", "2")
dev[0].set_network_quoted(id, "ssid", "wpas-ap-wep")
@ -540,17 +542,18 @@ def test_wpas_ap_oom(dev):
dev[0].wait_disconnected()
dev[0].request("REMOVE_NETWORK all")
id = dev[0].add_network()
dev[0].set_network(id, "mode", "2")
dev[0].set_network_quoted(id, "ssid", "wpas-ap")
dev[0].set_network(id, "key_mgmt", "NONE")
dev[0].set_network_quoted(id, "wep_key0", "hello")
dev[0].set_network(id, "frequency", "2412")
dev[0].set_network(id, "scan_freq", "2412")
with alloc_fail(dev[0], 1, "=wpa_supplicant_conf_ap"):
dev[0].select_network(id)
dev[0].wait_disconnected()
dev[0].request("REMOVE_NETWORK all")
if "WEP40" in dev[0].get_capability("group"):
id = dev[0].add_network()
dev[0].set_network(id, "mode", "2")
dev[0].set_network_quoted(id, "ssid", "wpas-ap")
dev[0].set_network(id, "key_mgmt", "NONE")
dev[0].set_network_quoted(id, "wep_key0", "hello")
dev[0].set_network(id, "frequency", "2412")
dev[0].set_network(id, "scan_freq", "2412")
with alloc_fail(dev[0], 1, "=wpa_supplicant_conf_ap"):
dev[0].select_network(id)
dev[0].wait_disconnected()
dev[0].request("REMOVE_NETWORK all")
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5")

22
tests/hwsim/test_wpas_ctrl.py
Unescape Escape View File

@ -145,11 +145,12 @@ def test_wpas_ctrl_network(dev):
if "FAIL" not in dev[0].request("SET_NETWORK " + str(id) + ' identity 12x3'):
raise Exception("Unexpected success for invalid identity string")
for i in range(0, 4):
if "FAIL" in dev[0].request("SET_NETWORK " + str(id) + ' wep_key' + str(i) + ' aabbccddee'):
raise Exception("Unexpected wep_key set failure")
if dev[0].get_network(id, "wep_key" + str(i)) != '*':
raise Exception("Unexpected wep_key get failure")
if "WEP40" in dev[0].get_capability("group"):
for i in range(0, 4):
if "FAIL" in dev[0].request("SET_NETWORK " + str(id) + ' wep_key' + str(i) + ' aabbccddee'):
raise Exception("Unexpected wep_key set failure")
if dev[0].get_network(id, "wep_key" + str(i)) != '*':
raise Exception("Unexpected wep_key get failure")
if "FAIL" in dev[0].request("SET_NETWORK " + str(id) + ' psk_list P2P-00:11:22:33:44:55-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'):
raise Exception("Unexpected failure for psk_list string")
@ -205,11 +206,12 @@ def test_wpas_ctrl_network(dev):
raise Exception("Invalid WEP key accepted")
if "FAIL" not in dev[0].request('SET_NETWORK ' + str(id) + ' wep_key0 "12345678901234567"'):
raise Exception("Too long WEP key accepted")
# too short WEP key is ignored
dev[0].set_network_quoted(id, "wep_key0", "1234")
dev[0].set_network_quoted(id, "wep_key1", "12345")
dev[0].set_network_quoted(id, "wep_key2", "1234567890123")
dev[0].set_network_quoted(id, "wep_key3", "1234567890123456")
if "WEP40" in dev[0].get_capability("group"):
# too short WEP key is ignored
dev[0].set_network_quoted(id, "wep_key0", "1234")
dev[0].set_network_quoted(id, "wep_key1", "12345")
dev[0].set_network_quoted(id, "wep_key2", "1234567890123")
dev[0].set_network_quoted(id, "wep_key3", "1234567890123456")
dev[0].set_network(id, "go_p2p_dev_addr", "any")
if dev[0].get_network(id, "go_p2p_dev_addr") is not None:

4
wpa_supplicant/Android.mk
Unescape Escape View File

@ -378,6 +378,10 @@ OBJS += src/fst/fst_ctrl_iface.c
endif
endif
ifdef CONFIG_WEP
L_CFLAGS += -DCONFIG_WEP
endif
include $(LOCAL_PATH)/src/drivers/drivers.mk

4
wpa_supplicant/Makefile
Unescape Escape View File

@ -1843,6 +1843,10 @@ OBJS_t2 += $(FST_OBJS)
OBJS_nfc += $(FST_OBJS)
endif
ifdef CONFIG_WEP
CFLAGS += -DCONFIG_WEP
endif
ifndef LDO
LDO=$(CC)
endif

8
wpa_supplicant/android.config
Unescape Escape View File

@ -534,4 +534,12 @@ CONFIG_WIFI_DISPLAY=y
# Experimental implementation of draft-harkins-owe-07.txt
#CONFIG_OWE=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current wpa_supplicant
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
CONFIG_WEP=y
include $(wildcard $(LOCAL_PATH)/android_config_*.inc)

10
wpa_supplicant/ap.c
Unescape Escape View File

@ -390,6 +390,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->ssid.wpa_psk_set = 1;
} else if (ssid->passphrase) {
bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
#ifdef CONFIG_WEP
} else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
struct hostapd_wep_keys *wep = &bss->ssid.wep;
@ -405,6 +406,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
}
wep->idx = ssid->wep_tx_keyidx;
wep->keys_set = 1;
#endif /* CONFIG_WEP */
}
#ifdef CONFIG_SAE
if (ssid->sae_password) {
@ -486,11 +488,12 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
bss->rsn_pairwise);
if (bss->wpa && bss->ieee802_1x)
if (bss->wpa && bss->ieee802_1x) {
bss->ssid.security_policy = SECURITY_WPA;
else if (bss->wpa)
} else if (bss->wpa) {
bss->ssid.security_policy = SECURITY_WPA_PSK;
else if (bss->ieee802_1x) {
#ifdef CONFIG_WEP
} else if (bss->ieee802_1x) {
int cipher = WPA_CIPHER_NONE;
bss->ssid.security_policy = SECURITY_IEEE_802_1X;
bss->ssid.wep.default_len = bss->default_wep_key_len;
@ -508,6 +511,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->wpa_group = cipher;
bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher;
#endif /* CONFIG_WEP */
} else {
bss->ssid.security_policy = SECURITY_PLAINTEXT;
bss->wpa_group = WPA_CIPHER_NONE;

6
wpa_supplicant/config.c
Unescape Escape View File

@ -1856,6 +1856,8 @@ static char * wpa_config_write_machine_password(const struct parse_data *data,
#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
static int wpa_config_parse_wep_key(u8 *key, size_t *len, int line,
const char *value, int idx)
{
@ -1966,6 +1968,8 @@ static char * wpa_config_write_wep_key3(const struct parse_data *data,
}
#endif /* NO_CONFIG_WRITE */
#endif /* CONFIG_WEP */
#ifdef CONFIG_P2P
@ -2451,11 +2455,13 @@ static const struct parse_data ssid_fields[] = {
{ STRe(openssl_ciphers, openssl_ciphers) },
{ INTe(erp, erp) },
#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
{ FUNC_KEY(wep_key0) },
{ FUNC_KEY(wep_key1) },
{ FUNC_KEY(wep_key2) },
{ FUNC_KEY(wep_key3) },
{ INT(wep_tx_keyidx) },
#endif /* CONFIG_WEP */
{ INT(priority) },
#ifdef IEEE8021X_EAPOL
{ INT(eap_workaround) },

32
wpa_supplicant/config_file.c
Unescape Escape View File

@ -213,8 +213,22 @@ static struct wpa_ssid * wpa_config_read_network(FILE *f, int *line, int id)
}
}
if (wpa_config_set(ssid, pos, pos2, *line) < 0)
if (wpa_config_set(ssid, pos, pos2, *line) < 0) {
#ifndef CONFIG_WEP
if (os_strcmp(pos, "wep_key0") == 0 ||
os_strcmp(pos, "wep_key1") == 0 ||
os_strcmp(pos, "wep_key2") == 0 ||
os_strcmp(pos, "wep_key3") == 0 ||
os_strcmp(pos, "wep_tx_keyidx") == 0) {
wpa_printf(MSG_ERROR,
"Line %d: unsupported WEP parameter",
*line);
ssid->disabled = 1;
continue;
}
#endif /* CONFIG_WEP */
errors++;
}
}
if (!end) {
@ -653,6 +667,7 @@ static void write_eap(FILE *f, struct wpa_ssid *ssid)
#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
static void write_wep_key(FILE *f, int idx, struct wpa_ssid *ssid)
{
char field[20], *value;
@ -667,6 +682,7 @@ static void write_wep_key(FILE *f, int idx, struct wpa_ssid *ssid)
os_free(value);
}
}
#endif /* CONFIG_WEP */
#ifdef CONFIG_P2P
@ -741,8 +757,6 @@ static void write_mka_ckn(FILE *f, struct wpa_ssid *ssid)
static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
{
int i;
#define STR(t) write_str(f, #t, ssid)
#define INT(t) write_int(f, #t, ssid->t, 0)
#define INTe(t, m) write_int(f, #t, ssid->eap.m, 0)
@ -831,9 +845,15 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
STR(openssl_ciphers);
INTe(erp, erp);
#endif /* IEEE8021X_EAPOL */
for (i = 0; i < 4; i++)
write_wep_key(f, i, ssid);
INT(wep_tx_keyidx);
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < 4; i++)
write_wep_key(f, i, ssid);
INT(wep_tx_keyidx);
}
#endif /* CONFIG_WEP */
INT(priority);
#ifdef IEEE8021X_EAPOL
INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND);

2
wpa_supplicant/config_ssid.h
Unescape Escape View File

@ -300,6 +300,7 @@ struct wpa_ssid {
struct eap_peer_config eap;
#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
#define NUM_WEP_KEYS 4
#define MAX_WEP_KEY_LEN 16
/**
@ -316,6 +317,7 @@ struct wpa_ssid {
* wep_tx_keyidx - Default key index for TX frames using WEP
*/
int wep_tx_keyidx;
#endif /* CONFIG_WEP */
/**
* proactive_key_caching - Enable proactive key caching

16
wpa_supplicant/config_winreg.c
Unescape Escape View File

@ -823,6 +823,7 @@ static void write_eap(HKEY hk, struct wpa_ssid *ssid)
#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid)
{
char field[20], *value;
@ -834,11 +835,12 @@ static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid)
os_free(value);
}
}
#endif /* CONFIG_WEP */
static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
{
int i, errors = 0;
int errors = 0;
HKEY nhk, netw;
LONG ret;
TCHAR name[5];
@ -924,9 +926,15 @@ static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
INTe(engine2, phase2_cert.engine);
INT_DEF(eapol_flags, DEFAULT_EAPOL_FLAGS);
#endif /* IEEE8021X_EAPOL */
for (i = 0; i < 4; i++)
write_wep_key(netw, i, ssid);
INT(wep_tx_keyidx);
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < 4; i++)
write_wep_key(netw, i, ssid);
INT(wep_tx_keyidx);
}
#endif /* CONFIG_WEP */
INT(priority);
#ifdef IEEE8021X_EAPOL
INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND);

6
wpa_supplicant/ctrl_iface.c
Unescape Escape View File

@ -3949,8 +3949,10 @@ static const struct cipher_info ciphers[] = {
{ WPA_DRIVER_CAPA_ENC_GCMP, "GCMP", 0 },
{ WPA_DRIVER_CAPA_ENC_TKIP, "TKIP", 0 },
{ WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE, "NONE", 0 },
#ifdef CONFIG_WEP
{ WPA_DRIVER_CAPA_ENC_WEP104, "WEP104", 1 },
{ WPA_DRIVER_CAPA_ENC_WEP40, "WEP40", 1 }
#endif /* CONFIG_WEP */
};
static const struct cipher_info ciphers_group_mgmt[] = {
@ -4012,7 +4014,11 @@ static int ctrl_iface_get_capability_group(int res, char *strict,
if (res < 0) {
if (strict)
return 0;
#ifdef CONFIG_WEP
len = os_strlcpy(buf, "CCMP TKIP WEP104 WEP40", buflen);
#else /* CONFIG_WEP */
len = os_strlcpy(buf, "CCMP TKIP", buflen);
#endif /* CONFIG_WEP */
if (len >= buflen)
return -1;
return len;

15
wpa_supplicant/dbus/dbus_new_handlers.c
Unescape Escape View File

@ -2664,7 +2664,10 @@ dbus_bool_t wpas_dbus_getter_capabilities(
/***** group cipher */
if (res < 0) {
const char *args[] = {
"ccmp", "tkip", "wep104", "wep40"
"ccmp", "tkip",
#ifdef CONFIG_WEP
"wep104", "wep40"
#endif /* CONFIG_WEP */
};
if (!wpa_dbus_dict_append_string_array(
@ -2691,12 +2694,14 @@ dbus_bool_t wpas_dbus_getter_capabilities(
((capa.enc & WPA_DRIVER_CAPA_ENC_TKIP) &&
!wpa_dbus_dict_string_array_add_element(
&iter_array, "tkip")) ||
#ifdef CONFIG_WEP
((capa.enc & WPA_DRIVER_CAPA_ENC_WEP104) &&
!wpa_dbus_dict_string_array_add_element(
&iter_array, "wep104")) ||
((capa.enc & WPA_DRIVER_CAPA_ENC_WEP40) &&
!wpa_dbus_dict_string_array_add_element(
&iter_array, "wep40")) ||
#endif /* CONFIG_WEP */
!wpa_dbus_dict_end_string_array(&iter_dict,
&iter_dict_entry,
&iter_dict_val,
@ -4733,9 +4738,14 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
/* Group */
switch (ie_data->group_cipher) {
#ifdef CONFIG_WEP
case WPA_CIPHER_WEP40:
group = "wep40";
break;
case WPA_CIPHER_WEP104:
group = "wep104";
break;
#endif /* CONFIG_WEP */
case WPA_CIPHER_TKIP:
group = "tkip";
break;
@ -4745,9 +4755,6 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
case WPA_CIPHER_GCMP:
group = "gcmp";
break;
case WPA_CIPHER_WEP104:
group = "wep104";
break;
case WPA_CIPHER_CCMP_256:
group = "ccmp-256";
break;

8
wpa_supplicant/defconfig
Unescape Escape View File

@ -603,3 +603,11 @@ CONFIG_BGSCAN_SIMPLE=y
# Device Provisioning Protocol (DPP)
CONFIG_DPP=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current wpa_supplicant
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
#CONFIG_WEP=y

16
wpa_supplicant/events.c
Unescape Escape View File

@ -479,6 +479,7 @@ int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s,
#ifndef CONFIG_NO_SCAN_PROCESSING
#ifdef CONFIG_WEP
static int has_wep_key(struct wpa_ssid *ssid)
{
int i;
@ -490,6 +491,7 @@ static int has_wep_key(struct wpa_ssid *ssid)
return 0;
}
#endif /* CONFIG_WEP */
static int wpa_supplicant_match_privacy(struct wpa_bss *bss,
@ -510,8 +512,10 @@ static int wpa_supplicant_match_privacy(struct wpa_bss *bss,
return 1;
#endif /* CONFIG_OWE */
#ifdef CONFIG_WEP
if (has_wep_key(ssid))
privacy = 1;
#endif /* CONFIG_WEP */
#ifdef IEEE8021X_EAPOL
if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
@ -540,17 +544,21 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
int proto_match = 0;
const u8 *rsn_ie, *wpa_ie;
int ret;
#ifdef CONFIG_WEP
int wep_ok;
#endif /* CONFIG_WEP */
ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss);
if (ret >= 0)
return ret;
#ifdef CONFIG_WEP
/* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */
wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
(((ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) ||
(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA));
#endif /* CONFIG_WEP */
rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
while ((ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)) && rsn_ie) {
@ -567,6 +575,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
if (!ie.has_group)
ie.group_cipher = wpa_default_rsn_cipher(bss->freq);
#ifdef CONFIG_WEP
if (wep_ok &&
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
{
@ -575,6 +584,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
" selected based on TSN in RSN IE");
return 1;
}
#endif /* CONFIG_WEP */
if (!(ie.proto & ssid->proto) &&
!(ssid->proto & WPA_PROTO_OSEN)) {
@ -655,6 +665,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
break;
}
#ifdef CONFIG_WEP
if (wep_ok &&
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
{
@ -663,6 +674,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
" selected based on TSN in WPA IE");
return 1;
}
#endif /* CONFIG_WEP */
if (!(ie.proto & ssid->proto)) {
if (debug_print)
@ -1236,6 +1248,7 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
continue;
}
#ifdef CONFIG_WEP
if (wpa && !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
has_wep_key(ssid)) {
if (debug_print)
@ -1243,6 +1256,7 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
" skip - ignore WPA/WPA2 AP for WEP network block");
continue;
}
#endif /* CONFIG_WEP */
if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen &&
!rsn_osen) {
@ -3077,6 +3091,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
wpa_s->pending_eapol_rx = NULL;
}
#ifdef CONFIG_WEP
if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
wpa_s->current_ssid &&
@ -3084,6 +3099,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
/* Set static WEP keys again */
wpa_set_wep_keys(wpa_s, wpa_s->current_ssid);
}
#endif /* CONFIG_WEP */
#ifdef CONFIG_IBSS_RSN
if (wpa_s->current_ssid &&

18
wpa_supplicant/sme.c
Unescape Escape View File

@ -286,7 +286,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS)
const u8 *md = NULL;
#endif /* CONFIG_IEEE80211R || CONFIG_FILS */
int i, bssid_changed;
int bssid_changed;
struct wpabuf *resp = NULL;
u8 ext_capab[18];
int ext_capab_len;
@ -370,12 +370,18 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
}
#endif /* CONFIG_SAE */
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i])
params.wep_key[i] = ssid->wep_key[i];
params.wep_key_len[i] = ssid->wep_key_len[i];
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i])
params.wep_key[i] = ssid->wep_key[i];
params.wep_key_len[i] = ssid->wep_key_len[i];
}
params.wep_tx_keyidx = ssid->wep_tx_keyidx;
}
params.wep_tx_keyidx = ssid->wep_tx_keyidx;
#endif /* CONFIG_WEP */
if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&

32
wpa_supplicant/wpa_supplicant.c
Unescape Escape View File

@ -130,6 +130,7 @@ static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
#endif /* CONFIG_OWE */
#ifdef CONFIG_WEP
/* Configure default/group WEP keys for static WEP */
int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
{
@ -150,6 +151,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
return set;
}
#endif /* CONFIG_WEP */
int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
@ -396,7 +398,9 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid)
{
#ifdef CONFIG_WEP
int i;
#endif /* CONFIG_WEP */
if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
@ -414,6 +418,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
wpa_s->group_cipher = WPA_CIPHER_NONE;
wpa_s->mgmt_group_cipher = 0;
#ifdef CONFIG_WEP
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i] > 5) {
wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
@ -425,6 +430,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
break;
}
}
#endif /* CONFIG_WEP */
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
@ -3319,7 +3325,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
struct wpa_supplicant *wpa_s = work->wpa_s;
u8 *wpa_ie;
const u8 *edmg_ie_oper;
int use_crypt, ret, i, bssid_changed;
int use_crypt, ret, bssid_changed;
unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
struct wpa_driver_associate_params params;
int wep_keys_set = 0;
@ -3429,10 +3435,12 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
use_crypt = 0;
#ifdef CONFIG_WEP
if (wpa_set_wep_keys(wpa_s, ssid)) {
use_crypt = 1;
wep_keys_set = 1;
}
#endif /* CONFIG_WEP */
}
if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
use_crypt = 0;
@ -3577,12 +3585,18 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
wpa_s->auth_alg = params.auth_alg;
params.mode = ssid->mode;
params.bg_scan_period = ssid->bg_scan_period;
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i])
params.wep_key[i] = ssid->wep_key[i];
params.wep_key_len[i] = ssid->wep_key_len[i];
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i])
params.wep_key[i] = ssid->wep_key[i];
params.wep_key_len[i] = ssid->wep_key_len[i];
}
params.wep_tx_keyidx = ssid->wep_tx_keyidx;
}
params.wep_tx_keyidx = ssid->wep_tx_keyidx;
#endif /* CONFIG_WEP */
if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
(params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
@ -3740,11 +3754,13 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
}
#ifdef CONFIG_WEP
if (wep_keys_set &&
(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
/* Set static WEP keys again */
wpa_set_wep_keys(wpa_s, ssid);
}
#endif /* CONFIG_WEP */
if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
/*
@ -7330,8 +7346,10 @@ int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
{
#ifdef CONFIG_WEP
int i;
unsigned int drv_enc;
#endif /* CONFIG_WEP */
if (wpa_s->p2p_mgmt)
return 1; /* no normal network profiles on p2p_mgmt interface */
@ -7342,6 +7360,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
if (ssid->disabled)
return 1;
#ifdef CONFIG_WEP
if (wpa_s->drv_capa_known)
drv_enc = wpa_s->drv_enc;
else
@ -7359,6 +7378,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
continue;
return 1; /* invalid WEP key */
}
#endif /* CONFIG_WEP */
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
(!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&

4
wpa_supplicant/wpas_glue.c
Unescape Escape View File

@ -227,6 +227,7 @@ static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf,
}
#ifdef CONFIG_WEP
/**
* wpa_eapol_set_wep_key - set WEP key for the driver
* @ctx: Pointer to wpa_supplicant data (wpa_s)
@ -254,6 +255,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
unicast ? KEY_FLAG_PAIRWISE_RX_TX :
KEY_FLAG_GROUP_RX_TX_DEFAULT);
}
#endif /* CONFIG_WEP */
static void wpa_supplicant_aborted_cached(void *ctx)
@ -1133,7 +1135,9 @@ int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
ctx->preauth = 0;
ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done;
ctx->eapol_send = wpa_supplicant_eapol_send;
#ifdef CONFIG_WEP
ctx->set_wep_key = wpa_eapol_set_wep_key;
#endif /* CONFIG_WEP */
#ifndef CONFIG_NO_CONFIG_BLOBS
ctx->set_config_blob = wpa_supplicant_set_config_blob;
ctx->get_config_blob = wpa_supplicant_get_config_blob;

Write Preview
Loading…
Cancel
Save