Make WEP functionality an optional build parameter

WEP should not be used for anything anymore. As a step towards removing
it completely, move all WEP related functionality to be within
CONFIG_WEP blocks. This will be included in builds only if CONFIG_WEP=y
is explicitly set in build configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2020-02-29 16:52:39 +02:00
parent bca44f4e4e
commit 200c7693c9
48 changed files with 386 additions and 71 deletions

View file

@ -309,6 +309,10 @@ OBJS += src/fst/fst_ctrl_iface.c
endif endif
endif endif
ifdef CONFIG_WEP
L_CFLAGS += -DCONFIG_WEP
endif
include $(LOCAL_PATH)/src/drivers/drivers.mk include $(LOCAL_PATH)/src/drivers/drivers.mk

View file

@ -1238,6 +1238,10 @@ OBJS += ../src/fst/fst_ctrl_iface.o
endif endif
endif endif
ifdef CONFIG_WEP
CFLAGS += -DCONFIG_WEP
endif
ALL=hostapd hostapd_cli ALL=hostapd hostapd_cli
all: verify_config $(ALL) all: verify_config $(ALL)

View file

@ -201,3 +201,11 @@ CONFIG_WPA_CLI_EDIT=y
# /dev/urandom earlier in boot' seeds /dev/urandom with that entropy before # /dev/urandom earlier in boot' seeds /dev/urandom with that entropy before
# either wpa_supplicant or hostapd are run. # either wpa_supplicant or hostapd are run.
CONFIG_NO_RANDOM_POOL=y CONFIG_NO_RANDOM_POOL=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current hostapd
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
CONFIG_WEP=y

View file

@ -793,6 +793,7 @@ static int hostapd_config_parse_cipher(int line, const char *value)
} }
#ifdef CONFIG_WEP
static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx, static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
char *val) char *val)
{ {
@ -843,6 +844,7 @@ static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
return 0; return 0;
} }
#endif /* CONFIG_WEP */
static int hostapd_parse_chanlist(struct hostapd_config *conf, char *val) static int hostapd_parse_chanlist(struct hostapd_config *conf, char *val)
@ -2664,6 +2666,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
} else if (os_strcmp(buf, "erp_domain") == 0) { } else if (os_strcmp(buf, "erp_domain") == 0) {
os_free(bss->erp_domain); os_free(bss->erp_domain);
bss->erp_domain = os_strdup(pos); bss->erp_domain = os_strdup(pos);
#ifdef CONFIG_WEP
} else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) { } else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) {
int val = atoi(pos); int val = atoi(pos);
@ -2691,6 +2694,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
line, bss->wep_rekeying_period); line, bss->wep_rekeying_period);
return 1; return 1;
} }
#endif /* CONFIG_WEP */
} else if (os_strcmp(buf, "eap_reauth_period") == 0) { } else if (os_strcmp(buf, "eap_reauth_period") == 0) {
bss->eap_reauth_period = atoi(pos); bss->eap_reauth_period = atoi(pos);
if (bss->eap_reauth_period < 0) { if (bss->eap_reauth_period < 0) {
@ -3311,6 +3315,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
bss->ignore_broadcast_ssid = atoi(pos); bss->ignore_broadcast_ssid = atoi(pos);
} else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) { } else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) {
bss->no_probe_resp_if_max_sta = atoi(pos); bss->no_probe_resp_if_max_sta = atoi(pos);
#ifdef CONFIG_WEP
} else if (os_strcmp(buf, "wep_default_key") == 0) { } else if (os_strcmp(buf, "wep_default_key") == 0) {
bss->ssid.wep.idx = atoi(pos); bss->ssid.wep.idx = atoi(pos);
if (bss->ssid.wep.idx > 3) { if (bss->ssid.wep.idx > 3) {
@ -3329,6 +3334,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
line, buf); line, buf);
return 1; return 1;
} }
#endif /* CONFIG_WEP */
#ifndef CONFIG_NO_VLAN #ifndef CONFIG_NO_VLAN
} else if (os_strcmp(buf, "dynamic_vlan") == 0) { } else if (os_strcmp(buf, "dynamic_vlan") == 0) {
bss->ssid.dynamic_vlan = atoi(pos); bss->ssid.dynamic_vlan = atoi(pos);

View file

@ -380,3 +380,11 @@ CONFIG_IPV6=y
# Override default value for the wpa_disable_eapol_key_retries configuration # Override default value for the wpa_disable_eapol_key_retries configuration
# parameter. See that parameter in hostapd.conf for more details. # parameter. See that parameter in hostapd.conf for more details.
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1 #CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current hostapd
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
#CONFIG_WEP=y

View file

@ -54,12 +54,16 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
bss->logger_syslog = (unsigned int) -1; bss->logger_syslog = (unsigned int) -1;
bss->logger_stdout = (unsigned int) -1; bss->logger_stdout = (unsigned int) -1;
#ifdef CONFIG_WEP
bss->auth_algs = WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED; bss->auth_algs = WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED;
bss->wep_rekeying_period = 300; bss->wep_rekeying_period = 300;
/* use key0 in individual key and key1 in broadcast key */ /* use key0 in individual key and key1 in broadcast key */
bss->broadcast_key_idx_min = 1; bss->broadcast_key_idx_min = 1;
bss->broadcast_key_idx_max = 2; bss->broadcast_key_idx_max = 2;
#else /* CONFIG_WEP */
bss->auth_algs = WPA_AUTH_ALG_OPEN;
#endif /* CONFIG_WEP */
bss->eap_reauth_period = 3600; bss->eap_reauth_period = 3600;
bss->wpa_group_rekey = 600; bss->wpa_group_rekey = 600;
@ -636,6 +640,7 @@ void hostapd_config_free_eap_users(struct hostapd_eap_user *user)
} }
#ifdef CONFIG_WEP
static void hostapd_config_free_wep(struct hostapd_wep_keys *keys) static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
{ {
int i; int i;
@ -644,6 +649,7 @@ static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
keys->key[i] = NULL; keys->key[i] = NULL;
} }
} }
#endif /* CONFIG_WEP */
void hostapd_config_clear_wpa_psk(struct hostapd_wpa_psk **l) void hostapd_config_clear_wpa_psk(struct hostapd_wpa_psk **l)
@ -732,7 +738,9 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf)
str_clear_free(conf->ssid.wpa_passphrase); str_clear_free(conf->ssid.wpa_passphrase);
os_free(conf->ssid.wpa_psk_file); os_free(conf->ssid.wpa_psk_file);
#ifdef CONFIG_WEP
hostapd_config_free_wep(&conf->ssid.wep); hostapd_config_free_wep(&conf->ssid.wep);
#endif /* CONFIG_WEP */
#ifdef CONFIG_FULL_DYNAMIC_VLAN #ifdef CONFIG_FULL_DYNAMIC_VLAN
os_free(conf->ssid.vlan_tagged_interface); os_free(conf->ssid.vlan_tagged_interface);
#endif /* CONFIG_FULL_DYNAMIC_VLAN */ #endif /* CONFIG_FULL_DYNAMIC_VLAN */
@ -1106,6 +1114,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
return -1; return -1;
} }
#ifdef CONFIG_WEP
if (bss->wpa) { if (bss->wpa) {
int wep, i; int wep, i;
@ -1123,6 +1132,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
return -1; return -1;
} }
} }
#endif /* CONFIG_WEP */
if (full_config && bss->wpa && if (full_config && bss->wpa &&
bss->wpa_psk_radius != PSK_RADIUS_IGNORED && bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
@ -1177,12 +1187,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
"allowed, disabling HT capabilities"); "allowed, disabling HT capabilities");
} }
#ifdef CONFIG_WEP
if (full_config && conf->ieee80211n && if (full_config && conf->ieee80211n &&
bss->ssid.security_policy == SECURITY_STATIC_WEP) { bss->ssid.security_policy == SECURITY_STATIC_WEP) {
bss->disable_11n = 1; bss->disable_11n = 1;
wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not " wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
"allowed, disabling HT capabilities"); "allowed, disabling HT capabilities");
} }
#endif /* CONFIG_WEP */
if (full_config && conf->ieee80211n && bss->wpa && if (full_config && conf->ieee80211n && bss->wpa &&
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) && !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
@ -1196,12 +1208,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
} }
#ifdef CONFIG_IEEE80211AC #ifdef CONFIG_IEEE80211AC
#ifdef CONFIG_WEP
if (full_config && conf->ieee80211ac && if (full_config && conf->ieee80211ac &&
bss->ssid.security_policy == SECURITY_STATIC_WEP) { bss->ssid.security_policy == SECURITY_STATIC_WEP) {
bss->disable_11ac = 1; bss->disable_11ac = 1;
wpa_printf(MSG_ERROR, wpa_printf(MSG_ERROR,
"VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities"); "VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities");
} }
#endif /* CONFIG_WEP */
if (full_config && conf->ieee80211ac && bss->wpa && if (full_config && conf->ieee80211ac && bss->wpa &&
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) && !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
@ -1221,12 +1235,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
bss->wps_state = 0; bss->wps_state = 0;
} }
#ifdef CONFIG_WEP
if (full_config && bss->wps_state && if (full_config && bss->wps_state &&
bss->ssid.wep.keys_set && bss->wpa == 0) { bss->ssid.wep.keys_set && bss->wpa == 0) {
wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be " wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
"disabled"); "disabled");
bss->wps_state = 0; bss->wps_state = 0;
} }
#endif /* CONFIG_WEP */
if (full_config && bss->wps_state && bss->wpa && if (full_config && bss->wps_state && bss->wpa &&
(!(bss->wpa & 2) || (!(bss->wpa & 2) ||
@ -1350,11 +1366,13 @@ int hostapd_config_check(struct hostapd_config *conf, int full_config)
void hostapd_set_security_params(struct hostapd_bss_config *bss, void hostapd_set_security_params(struct hostapd_bss_config *bss,
int full_config) int full_config)
{ {
#ifdef CONFIG_WEP
if (bss->individual_wep_key_len == 0) { if (bss->individual_wep_key_len == 0) {
/* individual keys are not use; can use key idx0 for /* individual keys are not use; can use key idx0 for
* broadcast keys */ * broadcast keys */
bss->broadcast_key_idx_min = 0; bss->broadcast_key_idx_min = 0;
} }
#endif /* CONFIG_WEP */
if ((bss->wpa & 2) && bss->rsn_pairwise == 0) if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
bss->rsn_pairwise = bss->wpa_pairwise; bss->rsn_pairwise = bss->wpa_pairwise;
@ -1380,6 +1398,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
} else if (bss->ieee802_1x) { } else if (bss->ieee802_1x) {
int cipher = WPA_CIPHER_NONE; int cipher = WPA_CIPHER_NONE;
bss->ssid.security_policy = SECURITY_IEEE_802_1X; bss->ssid.security_policy = SECURITY_IEEE_802_1X;
#ifdef CONFIG_WEP
bss->ssid.wep.default_len = bss->default_wep_key_len; bss->ssid.wep.default_len = bss->default_wep_key_len;
if (full_config && bss->default_wep_key_len) { if (full_config && bss->default_wep_key_len) {
cipher = bss->default_wep_key_len >= 13 ? cipher = bss->default_wep_key_len >= 13 ?
@ -1390,11 +1409,13 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
else else
cipher = WPA_CIPHER_WEP40; cipher = WPA_CIPHER_WEP40;
} }
#endif /* CONFIG_WEP */
bss->wpa_group = cipher; bss->wpa_group = cipher;
bss->wpa_pairwise = cipher; bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher; bss->rsn_pairwise = cipher;
if (full_config) if (full_config)
bss->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; bss->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
#ifdef CONFIG_WEP
} else if (bss->ssid.wep.keys_set) { } else if (bss->ssid.wep.keys_set) {
int cipher = WPA_CIPHER_WEP40; int cipher = WPA_CIPHER_WEP40;
if (bss->ssid.wep.len[0] >= 13) if (bss->ssid.wep.len[0] >= 13)
@ -1405,6 +1426,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
bss->rsn_pairwise = cipher; bss->rsn_pairwise = cipher;
if (full_config) if (full_config)
bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE; bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
#endif /* CONFIG_WEP */
} else if (bss->osen) { } else if (bss->osen) {
bss->ssid.security_policy = SECURITY_OSEN; bss->ssid.security_policy = SECURITY_OSEN;
bss->wpa_group = WPA_CIPHER_CCMP; bss->wpa_group = WPA_CIPHER_CCMP;

View file

@ -67,6 +67,7 @@ struct hostapd_radius_servers;
struct ft_remote_r0kh; struct ft_remote_r0kh;
struct ft_remote_r1kh; struct ft_remote_r1kh;
#ifdef CONFIG_WEP
#define NUM_WEP_KEYS 4 #define NUM_WEP_KEYS 4
struct hostapd_wep_keys { struct hostapd_wep_keys {
u8 idx; u8 idx;
@ -75,10 +76,13 @@ struct hostapd_wep_keys {
int keys_set; int keys_set;
size_t default_len; /* key length used for dynamic key generation */ size_t default_len; /* key length used for dynamic key generation */
}; };
#endif /* CONFIG_WEP */
typedef enum hostap_security_policy { typedef enum hostap_security_policy {
SECURITY_PLAINTEXT = 0, SECURITY_PLAINTEXT = 0,
#ifdef CONFIG_WEP
SECURITY_STATIC_WEP = 1, SECURITY_STATIC_WEP = 1,
#endif /* CONFIG_WEP */
SECURITY_IEEE_802_1X = 2, SECURITY_IEEE_802_1X = 2,
SECURITY_WPA_PSK = 3, SECURITY_WPA_PSK = 3,
SECURITY_WPA = 4, SECURITY_WPA = 4,
@ -102,7 +106,9 @@ struct hostapd_ssid {
char *wpa_psk_file; char *wpa_psk_file;
struct sae_pt *pt; struct sae_pt *pt;
#ifdef CONFIG_WEP
struct hostapd_wep_keys wep; struct hostapd_wep_keys wep;
#endif /* CONFIG_WEP */
#define DYNAMIC_VLAN_DISABLED 0 #define DYNAMIC_VLAN_DISABLED 0
#define DYNAMIC_VLAN_OPTIONAL 1 #define DYNAMIC_VLAN_OPTIONAL 1
@ -321,10 +327,12 @@ struct hostapd_bss_config {
size_t eap_req_id_text_len; size_t eap_req_id_text_len;
int eapol_key_index_workaround; int eapol_key_index_workaround;
#ifdef CONFIG_WEP
size_t default_wep_key_len; size_t default_wep_key_len;
int individual_wep_key_len; int individual_wep_key_len;
int wep_rekeying_period; int wep_rekeying_period;
int broadcast_key_idx_min, broadcast_key_idx_max; int broadcast_key_idx_min, broadcast_key_idx_max;
#endif /* CONFIG_WEP */
int eap_reauth_period; int eap_reauth_period;
int erp_send_reauth_start; int erp_send_reauth_start;
char *erp_domain; char *erp_domain;

View file

@ -1360,10 +1360,13 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd,
params->key_mgmt_suites = hapd->conf->wpa_key_mgmt; params->key_mgmt_suites = hapd->conf->wpa_key_mgmt;
params->auth_algs = hapd->conf->auth_algs; params->auth_algs = hapd->conf->auth_algs;
params->wpa_version = hapd->conf->wpa; params->wpa_version = hapd->conf->wpa;
params->privacy = hapd->conf->ssid.wep.keys_set || hapd->conf->wpa || params->privacy = hapd->conf->wpa;
#ifdef CONFIG_WEP
params->privacy |= hapd->conf->ssid.wep.keys_set ||
(hapd->conf->ieee802_1x && (hapd->conf->ieee802_1x &&
(hapd->conf->default_wep_key_len || (hapd->conf->default_wep_key_len ||
hapd->conf->individual_wep_key_len)); hapd->conf->individual_wep_key_len));
#endif /* CONFIG_WEP */
switch (hapd->conf->ignore_broadcast_ssid) { switch (hapd->conf->ignore_broadcast_ssid) {
case 0: case 0:
params->hide_ssid = NO_SSID_HIDING; params->hide_ssid = NO_SSID_HIDING;

View file

@ -58,8 +58,10 @@
static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason); static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason);
#ifdef CONFIG_WEP
static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd); static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd);
static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd); static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd);
#endif /* CONFIG_WEP */
static int setup_interface2(struct hostapd_iface *iface); static int setup_interface2(struct hostapd_iface *iface);
static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx); static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx);
static void hostapd_interface_setup_failure_handler(void *eloop_ctx, static void hostapd_interface_setup_failure_handler(void *eloop_ctx,
@ -89,7 +91,9 @@ void hostapd_reconfig_encryption(struct hostapd_data *hapd)
return; return;
hostapd_set_privacy(hapd, 0); hostapd_set_privacy(hapd, 0);
#ifdef CONFIG_WEP
hostapd_setup_encryption(hapd->conf->iface, hapd); hostapd_setup_encryption(hapd->conf->iface, hapd);
#endif /* CONFIG_WEP */
} }
@ -142,7 +146,9 @@ static void hostapd_reload_bss(struct hostapd_data *hapd)
wpa_deinit(hapd->wpa_auth); wpa_deinit(hapd->wpa_auth);
hapd->wpa_auth = NULL; hapd->wpa_auth = NULL;
hostapd_set_privacy(hapd, 0); hostapd_set_privacy(hapd, 0);
#ifdef CONFIG_WEP
hostapd_setup_encryption(hapd->conf->iface, hapd); hostapd_setup_encryption(hapd->conf->iface, hapd);
#endif /* CONFIG_WEP */
hostapd_set_generic_elem(hapd, (u8 *) "", 0); hostapd_set_generic_elem(hapd, (u8 *) "", 0);
} }
@ -170,7 +176,9 @@ static void hostapd_clear_old(struct hostapd_iface *iface)
for (j = 0; j < iface->num_bss; j++) { for (j = 0; j < iface->num_bss; j++) {
hostapd_flush_old_stations(iface->bss[j], hostapd_flush_old_stations(iface->bss[j],
WLAN_REASON_PREV_AUTH_NOT_VALID); WLAN_REASON_PREV_AUTH_NOT_VALID);
#ifdef CONFIG_WEP
hostapd_broadcast_wep_clear(iface->bss[j]); hostapd_broadcast_wep_clear(iface->bss[j]);
#endif /* CONFIG_WEP */
#ifndef CONFIG_NO_RADIUS #ifndef CONFIG_NO_RADIUS
/* TODO: update dynamic data based on changed configuration /* TODO: update dynamic data based on changed configuration
@ -284,6 +292,8 @@ int hostapd_reload_config(struct hostapd_iface *iface)
} }
#ifdef CONFIG_WEP
static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
const char *ifname) const char *ifname)
{ {
@ -339,6 +349,8 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
return errors; return errors;
} }
#endif /* CONFIG_WEP */
static void hostapd_free_hapd_data(struct hostapd_data *hapd) static void hostapd_free_hapd_data(struct hostapd_data *hapd)
{ {
@ -524,6 +536,8 @@ static void hostapd_cleanup_iface(struct hostapd_iface *iface)
} }
#ifdef CONFIG_WEP
static void hostapd_clear_wep(struct hostapd_data *hapd) static void hostapd_clear_wep(struct hostapd_data *hapd)
{ {
if (hapd->drv_priv && !hapd->iface->driver_ap_teardown && hapd->conf) { if (hapd->drv_priv && !hapd->iface->driver_ap_teardown && hapd->conf) {
@ -571,6 +585,8 @@ static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd)
return 0; return 0;
} }
#endif /* CONFIG_WEP */
static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason) static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason)
{ {
@ -606,7 +622,9 @@ static void hostapd_bss_deinit_no_free(struct hostapd_data *hapd)
{ {
hostapd_free_stas(hapd); hostapd_free_stas(hapd);
hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING); hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING);
#ifdef CONFIG_WEP
hostapd_clear_wep(hapd); hostapd_clear_wep(hapd);
#endif /* CONFIG_WEP */
} }
@ -1161,9 +1179,11 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
WLAN_REASON_PREV_AUTH_NOT_VALID); WLAN_REASON_PREV_AUTH_NOT_VALID);
hostapd_set_privacy(hapd, 0); hostapd_set_privacy(hapd, 0);
#ifdef CONFIG_WEP
hostapd_broadcast_wep_clear(hapd); hostapd_broadcast_wep_clear(hapd);
if (hostapd_setup_encryption(conf->iface, hapd)) if (hostapd_setup_encryption(conf->iface, hapd))
return -1; return -1;
#endif /* CONFIG_WEP */
/* /*
* Fetch the SSID from the system and use it or, * Fetch the SSID from the system and use it or,

View file

@ -223,7 +223,7 @@ u8 * hostapd_eid_rm_enabled_capab(struct hostapd_data *hapd, u8 *eid,
u16 hostapd_own_capab_info(struct hostapd_data *hapd) u16 hostapd_own_capab_info(struct hostapd_data *hapd)
{ {
int capab = WLAN_CAPABILITY_ESS; int capab = WLAN_CAPABILITY_ESS;
int privacy; int privacy = 0;
int dfs; int dfs;
int i; int i;
@ -239,12 +239,14 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
hapd->iconf->preamble == SHORT_PREAMBLE) hapd->iconf->preamble == SHORT_PREAMBLE)
capab |= WLAN_CAPABILITY_SHORT_PREAMBLE; capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
#ifdef CONFIG_WEP
privacy = hapd->conf->ssid.wep.keys_set; privacy = hapd->conf->ssid.wep.keys_set;
if (hapd->conf->ieee802_1x && if (hapd->conf->ieee802_1x &&
(hapd->conf->default_wep_key_len || (hapd->conf->default_wep_key_len ||
hapd->conf->individual_wep_key_len)) hapd->conf->individual_wep_key_len))
privacy = 1; privacy = 1;
#endif /* CONFIG_WEP */
if (hapd->conf->wpa) if (hapd->conf->wpa)
privacy = 1; privacy = 1;
@ -284,6 +286,7 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
} }
#ifdef CONFIG_WEP
#ifndef CONFIG_NO_RC4 #ifndef CONFIG_NO_RC4
static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta, static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
u16 auth_transaction, const u8 *challenge, u16 auth_transaction, const u8 *challenge,
@ -340,6 +343,7 @@ static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
return 0; return 0;
} }
#endif /* CONFIG_NO_RC4 */ #endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_WEP */
static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta, static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta,
@ -2543,6 +2547,7 @@ static void handle_auth(struct hostapd_data *hapd,
sta->auth_alg = WLAN_AUTH_OPEN; sta->auth_alg = WLAN_AUTH_OPEN;
mlme_authenticate_indication(hapd, sta); mlme_authenticate_indication(hapd, sta);
break; break;
#ifdef CONFIG_WEP
#ifndef CONFIG_NO_RC4 #ifndef CONFIG_NO_RC4
case WLAN_AUTH_SHARED_KEY: case WLAN_AUTH_SHARED_KEY:
resp = auth_shared_key(hapd, sta, auth_transaction, challenge, resp = auth_shared_key(hapd, sta, auth_transaction, challenge,
@ -2561,6 +2566,7 @@ static void handle_auth(struct hostapd_data *hapd,
} }
break; break;
#endif /* CONFIG_NO_RC4 */ #endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_WEP */
#ifdef CONFIG_IEEE80211R_AP #ifdef CONFIG_IEEE80211R_AP
case WLAN_AUTH_FT: case WLAN_AUTH_FT:
sta->auth_alg = WLAN_AUTH_FT; sta->auth_alg = WLAN_AUTH_FT;
@ -4946,6 +4952,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd,
struct sta_info *sta, struct sta_info *sta,
char *ifname_wds) char *ifname_wds)
{ {
#ifdef CONFIG_WEP
int i; int i;
struct hostapd_ssid *ssid = &hapd->conf->ssid; struct hostapd_ssid *ssid = &hapd->conf->ssid;
@ -4966,6 +4973,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd,
break; break;
} }
} }
#endif /* CONFIG_WEP */
} }

View file

@ -137,6 +137,7 @@ void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd,
} }
#ifdef CONFIG_WEP
#ifndef CONFIG_FIPS #ifndef CONFIG_FIPS
#ifndef CONFIG_NO_RC4 #ifndef CONFIG_NO_RC4
@ -297,6 +298,7 @@ static void ieee802_1x_tx_key(struct hostapd_data *hapd, struct sta_info *sta)
#endif /* CONFIG_NO_RC4 */ #endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_FIPS */ #endif /* CONFIG_FIPS */
#endif /* CONFIG_WEP */
const char *radius_mode_txt(struct hostapd_data *hapd) const char *radius_mode_txt(struct hostapd_data *hapd)
@ -2114,6 +2116,8 @@ void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
} }
#ifdef CONFIG_WEP
static int ieee802_1x_rekey_broadcast(struct hostapd_data *hapd) static int ieee802_1x_rekey_broadcast(struct hostapd_data *hapd)
{ {
struct eapol_authenticator *eapol = hapd->eapol_auth; struct eapol_authenticator *eapol = hapd->eapol_auth;
@ -2198,6 +2202,8 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx)
} }
} }
#endif /* CONFIG_WEP */
static void ieee802_1x_eapol_send(void *ctx, void *sta_ctx, u8 type, static void ieee802_1x_eapol_send(void *ctx, void *sta_ctx, u8 type,
const u8 *data, size_t datalen) const u8 *data, size_t datalen)
@ -2361,6 +2367,7 @@ static void _ieee802_1x_abort_auth(void *ctx, void *sta_ctx)
} }
#ifdef CONFIG_WEP
static void _ieee802_1x_tx_key(void *ctx, void *sta_ctx) static void _ieee802_1x_tx_key(void *ctx, void *sta_ctx)
{ {
#ifndef CONFIG_FIPS #ifndef CONFIG_FIPS
@ -2372,6 +2379,7 @@ static void _ieee802_1x_tx_key(void *ctx, void *sta_ctx)
#endif /* CONFIG_NO_RC4 */ #endif /* CONFIG_NO_RC4 */
#endif /* CONFIG_FIPS */ #endif /* CONFIG_FIPS */
} }
#endif /* CONFIG_WEP */
static void ieee802_1x_eapol_event(void *ctx, void *sta_ctx, static void ieee802_1x_eapol_event(void *ctx, void *sta_ctx,
@ -2422,7 +2430,6 @@ static int ieee802_1x_erp_add_key(void *ctx, struct eap_server_erp_key *erp)
int ieee802_1x_init(struct hostapd_data *hapd) int ieee802_1x_init(struct hostapd_data *hapd)
{ {
int i;
struct eapol_auth_config conf; struct eapol_auth_config conf;
struct eapol_auth_cb cb; struct eapol_auth_cb cb;
@ -2433,7 +2440,9 @@ int ieee802_1x_init(struct hostapd_data *hapd)
conf.ctx = hapd; conf.ctx = hapd;
conf.eap_reauth_period = hapd->conf->eap_reauth_period; conf.eap_reauth_period = hapd->conf->eap_reauth_period;
conf.wpa = hapd->conf->wpa; conf.wpa = hapd->conf->wpa;
#ifdef CONFIG_WEP
conf.individual_wep_key_len = hapd->conf->individual_wep_key_len; conf.individual_wep_key_len = hapd->conf->individual_wep_key_len;
#endif /* CONFIG_WEP */
conf.eap_req_id_text = hapd->conf->eap_req_id_text; conf.eap_req_id_text = hapd->conf->eap_req_id_text;
conf.eap_req_id_text_len = hapd->conf->eap_req_id_text_len; conf.eap_req_id_text_len = hapd->conf->eap_req_id_text_len;
conf.erp_send_reauth_start = hapd->conf->erp_send_reauth_start; conf.erp_send_reauth_start = hapd->conf->erp_send_reauth_start;
@ -2448,7 +2457,9 @@ int ieee802_1x_init(struct hostapd_data *hapd)
cb.logger = ieee802_1x_logger; cb.logger = ieee802_1x_logger;
cb.set_port_authorized = ieee802_1x_set_port_authorized; cb.set_port_authorized = ieee802_1x_set_port_authorized;
cb.abort_auth = _ieee802_1x_abort_auth; cb.abort_auth = _ieee802_1x_abort_auth;
#ifdef CONFIG_WEP
cb.tx_key = _ieee802_1x_tx_key; cb.tx_key = _ieee802_1x_tx_key;
#endif /* CONFIG_WEP */
cb.eapol_event = ieee802_1x_eapol_event; cb.eapol_event = ieee802_1x_eapol_event;
#ifdef CONFIG_ERP #ifdef CONFIG_ERP
cb.erp_get_key = ieee802_1x_erp_get_key; cb.erp_get_key = ieee802_1x_erp_get_key;
@ -2469,7 +2480,10 @@ int ieee802_1x_init(struct hostapd_data *hapd)
return -1; return -1;
#endif /* CONFIG_NO_RADIUS */ #endif /* CONFIG_NO_RADIUS */
#ifdef CONFIG_WEP
if (hapd->conf->default_wep_key_len) { if (hapd->conf->default_wep_key_len) {
int i;
for (i = 0; i < 4; i++) for (i = 0; i < 4; i++)
hostapd_drv_set_key(hapd->conf->iface, hapd, hostapd_drv_set_key(hapd->conf->iface, hapd,
WPA_ALG_NONE, NULL, i, 0, 0, NULL, WPA_ALG_NONE, NULL, i, 0, 0, NULL,
@ -2480,6 +2494,7 @@ int ieee802_1x_init(struct hostapd_data *hapd)
if (!hapd->eapol_auth->default_wep_key) if (!hapd->eapol_auth->default_wep_key)
return -1; return -1;
} }
#endif /* CONFIG_WEP */
return 0; return 0;
} }
@ -2499,7 +2514,9 @@ void ieee802_1x_erp_flush(struct hostapd_data *hapd)
void ieee802_1x_deinit(struct hostapd_data *hapd) void ieee802_1x_deinit(struct hostapd_data *hapd)
{ {
#ifdef CONFIG_WEP
eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL); eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL);
#endif /* CONFIG_WEP */
if (hapd->driver && hapd->drv_priv && if (hapd->driver && hapd->drv_priv &&
(hapd->conf->ieee802_1x || hapd->conf->wpa)) (hapd->conf->ieee802_1x || hapd->conf->wpa))

View file

@ -22,7 +22,9 @@
static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan, static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
int existsok) int existsok)
{ {
int ret, i; int ret;
#ifdef CONFIG_WEP
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) { for (i = 0; i < NUM_WEP_KEYS; i++) {
if (!hapd->conf->ssid.wep.key[i]) if (!hapd->conf->ssid.wep.key[i])
@ -32,6 +34,7 @@ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
vlan->ifname); vlan->ifname);
return -1; return -1;
} }
#endif /* CONFIG_WEP */
if (!iface_exists(vlan->ifname)) if (!iface_exists(vlan->ifname))
ret = hostapd_vlan_if_add(hapd, vlan->ifname); ret = hostapd_vlan_if_add(hapd, vlan->ifname);

View file

@ -651,8 +651,10 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx)
(str_starts(buf, "ssid=") || (str_starts(buf, "ssid=") ||
str_starts(buf, "ssid2=") || str_starts(buf, "ssid2=") ||
str_starts(buf, "auth_algs=") || str_starts(buf, "auth_algs=") ||
#ifdef CONFIG_WEP
str_starts(buf, "wep_default_key=") || str_starts(buf, "wep_default_key=") ||
str_starts(buf, "wep_key") || str_starts(buf, "wep_key") ||
#endif /* CONFIG_WEP */
str_starts(buf, "wps_state=") || str_starts(buf, "wps_state=") ||
(pmf_changed && str_starts(buf, "ieee80211w=")) || (pmf_changed && str_starts(buf, "ieee80211w=")) ||
str_starts(buf, "wpa=") || str_starts(buf, "wpa=") ||
@ -1196,6 +1198,7 @@ int hostapd_init_wps(struct hostapd_data *hapd,
wpa_snprintf_hex((char *) wps->network_key, 2 * PMK_LEN + 1, wpa_snprintf_hex((char *) wps->network_key, 2 * PMK_LEN + 1,
conf->ssid.wpa_psk->psk, PMK_LEN); conf->ssid.wpa_psk->psk, PMK_LEN);
wps->network_key_len = 2 * PMK_LEN; wps->network_key_len = 2 * PMK_LEN;
#ifdef CONFIG_WEP
} else if (conf->ssid.wep.keys_set && conf->ssid.wep.key[0]) { } else if (conf->ssid.wep.keys_set && conf->ssid.wep.key[0]) {
wps->network_key = os_malloc(conf->ssid.wep.len[0]); wps->network_key = os_malloc(conf->ssid.wep.len[0]);
if (wps->network_key == NULL) if (wps->network_key == NULL)
@ -1203,6 +1206,7 @@ int hostapd_init_wps(struct hostapd_data *hapd,
os_memcpy(wps->network_key, conf->ssid.wep.key[0], os_memcpy(wps->network_key, conf->ssid.wep.key[0],
conf->ssid.wep.len[0]); conf->ssid.wep.len[0]);
wps->network_key_len = conf->ssid.wep.len[0]; wps->network_key_len = conf->ssid.wep.len[0];
#endif /* CONFIG_WEP */
} }
if (conf->ssid.wpa_psk) { if (conf->ssid.wpa_psk) {

View file

@ -1965,10 +1965,12 @@ const char * wpa_cipher_txt(int cipher)
switch (cipher) { switch (cipher) {
case WPA_CIPHER_NONE: case WPA_CIPHER_NONE:
return "NONE"; return "NONE";
#ifdef CONFIG_WEP
case WPA_CIPHER_WEP40: case WPA_CIPHER_WEP40:
return "WEP-40"; return "WEP-40";
case WPA_CIPHER_WEP104: case WPA_CIPHER_WEP104:
return "WEP-104"; return "WEP-104";
#endif /* CONFIG_WEP */
case WPA_CIPHER_TKIP: case WPA_CIPHER_TKIP:
return "TKIP"; return "TKIP";
case WPA_CIPHER_CCMP: case WPA_CIPHER_CCMP:
@ -2467,10 +2469,12 @@ int wpa_parse_cipher(const char *value)
val |= WPA_CIPHER_GCMP; val |= WPA_CIPHER_GCMP;
else if (os_strcmp(start, "TKIP") == 0) else if (os_strcmp(start, "TKIP") == 0)
val |= WPA_CIPHER_TKIP; val |= WPA_CIPHER_TKIP;
#ifdef CONFIG_WEP
else if (os_strcmp(start, "WEP104") == 0) else if (os_strcmp(start, "WEP104") == 0)
val |= WPA_CIPHER_WEP104; val |= WPA_CIPHER_WEP104;
else if (os_strcmp(start, "WEP40") == 0) else if (os_strcmp(start, "WEP40") == 0)
val |= WPA_CIPHER_WEP40; val |= WPA_CIPHER_WEP40;
#endif /* CONFIG_WEP */
else if (os_strcmp(start, "NONE") == 0) else if (os_strcmp(start, "NONE") == 0)
val |= WPA_CIPHER_NONE; val |= WPA_CIPHER_NONE;
else if (os_strcmp(start, "GTK_NOT_USED") == 0) else if (os_strcmp(start, "GTK_NOT_USED") == 0)

View file

@ -648,6 +648,8 @@ SM_STEP(REAUTH_TIMER)
#ifdef CONFIG_WEP
/* Authenticator Key Transmit state machine */ /* Authenticator Key Transmit state machine */
SM_STATE(AUTH_KEY_TX, NO_KEY_TRANSMIT) SM_STATE(AUTH_KEY_TX, NO_KEY_TRANSMIT)
@ -726,6 +728,8 @@ SM_STEP(KEY_RX)
} }
} }
#endif /* CONFIG_WEP */
/* Controlled Directions state machine */ /* Controlled Directions state machine */
@ -813,10 +817,12 @@ eapol_auth_alloc(struct eapol_authenticator *eapol, const u8 *addr,
sm->portControl = Auto; sm->portControl = Auto;
#ifdef CONFIG_WEP
if (!eapol->conf.wpa && if (!eapol->conf.wpa &&
(eapol->default_wep_key || eapol->conf.individual_wep_key_len > 0)) (eapol->default_wep_key || eapol->conf.individual_wep_key_len > 0))
sm->keyTxEnabled = TRUE; sm->keyTxEnabled = TRUE;
else else
#endif /* CONFIG_WEP */
sm->keyTxEnabled = FALSE; sm->keyTxEnabled = FALSE;
if (eapol->conf.wpa) if (eapol->conf.wpa)
sm->portValid = FALSE; sm->portValid = FALSE;
@ -910,10 +916,12 @@ restart:
SM_STEP_RUN(BE_AUTH); SM_STEP_RUN(BE_AUTH);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr)) if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(REAUTH_TIMER); SM_STEP_RUN(REAUTH_TIMER);
#ifdef CONFIG_WEP
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr)) if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(AUTH_KEY_TX); SM_STEP_RUN(AUTH_KEY_TX);
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr)) if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(KEY_RX); SM_STEP_RUN(KEY_RX);
#endif /* CONFIG_WEP */
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr)) if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
SM_STEP_RUN(CTRL_DIR); SM_STEP_RUN(CTRL_DIR);
@ -1167,7 +1175,9 @@ static int eapol_auth_conf_clone(struct eapol_auth_config *dst,
dst->ctx = src->ctx; dst->ctx = src->ctx;
dst->eap_reauth_period = src->eap_reauth_period; dst->eap_reauth_period = src->eap_reauth_period;
dst->wpa = src->wpa; dst->wpa = src->wpa;
#ifdef CONFIG_WEP
dst->individual_wep_key_len = src->individual_wep_key_len; dst->individual_wep_key_len = src->individual_wep_key_len;
#endif /* CONFIG_WEP */
os_free(dst->eap_req_id_text); os_free(dst->eap_req_id_text);
if (src->eap_req_id_text) { if (src->eap_req_id_text) {
dst->eap_req_id_text = os_memdup(src->eap_req_id_text, dst->eap_req_id_text = os_memdup(src->eap_req_id_text,
@ -1221,10 +1231,12 @@ struct eapol_authenticator * eapol_auth_init(struct eapol_auth_config *conf,
return NULL; return NULL;
} }
#ifdef CONFIG_WEP
if (conf->individual_wep_key_len > 0) { if (conf->individual_wep_key_len > 0) {
/* use key0 in individual key and key1 in broadcast key */ /* use key0 in individual key and key1 in broadcast key */
eapol->default_wep_key_idx = 1; eapol->default_wep_key_idx = 1;
} }
#endif /* CONFIG_WEP */
eapol->cb.eapol_send = cb->eapol_send; eapol->cb.eapol_send = cb->eapol_send;
eapol->cb.aaa_send = cb->aaa_send; eapol->cb.aaa_send = cb->aaa_send;
@ -1249,6 +1261,8 @@ void eapol_auth_deinit(struct eapol_authenticator *eapol)
return; return;
eapol_auth_conf_free(&eapol->conf); eapol_auth_conf_free(&eapol->conf);
#ifdef CONFIG_WEP
os_free(eapol->default_wep_key); os_free(eapol->default_wep_key);
#endif /* CONFIG_WEP */
os_free(eapol); os_free(eapol);
} }

View file

@ -692,6 +692,7 @@ struct eap_key_data {
static void eapol_sm_processKey(struct eapol_sm *sm) static void eapol_sm_processKey(struct eapol_sm *sm)
{ {
#ifdef CONFIG_WEP
#ifndef CONFIG_FIPS #ifndef CONFIG_FIPS
struct ieee802_1x_hdr *hdr; struct ieee802_1x_hdr *hdr;
struct ieee802_1x_eapol_key *key; struct ieee802_1x_eapol_key *key;
@ -866,6 +867,7 @@ static void eapol_sm_processKey(struct eapol_sm *sm)
} }
} }
#endif /* CONFIG_FIPS */ #endif /* CONFIG_FIPS */
#endif /* CONFIG_WEP */
} }

View file

@ -110,3 +110,4 @@ CONFIG_FILS_SK_PFS=y
CONFIG_OWE=y CONFIG_OWE=y
CONFIG_DPP=y CONFIG_DPP=y
CONFIG_DPP2=y CONFIG_DPP2=y
CONFIG_WEP=y

View file

@ -153,3 +153,4 @@ CONFIG_PMKSA_CACHE_EXTERNAL=y
CONFIG_OWE=y CONFIG_OWE=y
CONFIG_DPP=y CONFIG_DPP=y
CONFIG_DPP2=y CONFIG_DPP2=y
CONFIG_WEP=y

View file

@ -429,8 +429,6 @@ def test_ap_config_set_oom(dev, apdev):
tests = [(1, "hostapd_parse_das_client", tests = [(1, "hostapd_parse_das_client",
"SET radius_das_client 192.168.1.123 pw"), "SET radius_das_client 192.168.1.123 pw"),
(1, "hostapd_config_read_wep", "SET wep_key0 \"hello\""),
(1, "hostapd_config_read_wep", "SET wep_key0 0102030405"),
(1, "hostapd_parse_chanlist", "SET chanlist 1 6 11-13"), (1, "hostapd_parse_chanlist", "SET chanlist 1 6 11-13"),
(1, "hostapd_config_bss", "SET bss foo"), (1, "hostapd_config_bss", "SET bss foo"),
(2, "hostapd_config_bss", "SET bss foo"), (2, "hostapd_config_bss", "SET bss foo"),
@ -486,6 +484,9 @@ def test_ap_config_set_oom(dev, apdev):
(1, "hostapd_parse_intlist", "SET sae_groups 19 25"), (1, "hostapd_parse_intlist", "SET sae_groups 19 25"),
(1, "hostapd_parse_intlist", "SET basic_rates 10 20 55 110"), (1, "hostapd_parse_intlist", "SET basic_rates 10 20 55 110"),
(1, "hostapd_parse_intlist", "SET supported_rates 10 20 55 110")] (1, "hostapd_parse_intlist", "SET supported_rates 10 20 55 110")]
if "WEP40" in dev[0].get_capability("group"):
tests += [(1, "hostapd_config_read_wep", "SET wep_key0 \"hello\""),
(1, "hostapd_config_read_wep", "SET wep_key0 0102030405")]
for count, func, cmd in tests: for count, func, cmd in tests:
with alloc_fail(hapd, count, func): with alloc_fail(hapd, count, func):
if "FAIL" not in hapd.request(cmd): if "FAIL" not in hapd.request(cmd):
@ -533,6 +534,7 @@ def test_ap_config_set_oom(dev, apdev):
def test_ap_config_set_errors(dev, apdev): def test_ap_config_set_errors(dev, apdev):
"""hostapd configuration parsing errors""" """hostapd configuration parsing errors"""
hapd = hostapd.add_ap(apdev[0], {"ssid": "foobar"}) hapd = hostapd.add_ap(apdev[0], {"ssid": "foobar"})
if "WEP40" in dev[0].get_capability("group"):
hapd.set("wep_key0", '"hello"') hapd.set("wep_key0", '"hello"')
hapd.set("wep_key1", '"hello"') hapd.set("wep_key1", '"hello"')
hapd.set("wep_key0", '') hapd.set("wep_key0", '')

View file

@ -2662,6 +2662,7 @@ def test_ap_hs20_osen(dev, apdev):
dev[1].connect("osen", key_mgmt="NONE", scan_freq="2412", dev[1].connect("osen", key_mgmt="NONE", scan_freq="2412",
wait_connect=False) wait_connect=False)
if "WEP40" in dev[2].get_capability("group"):
dev[2].connect("osen", key_mgmt="NONE", wep_key0='"hello"', dev[2].connect("osen", key_mgmt="NONE", wep_key0='"hello"',
scan_freq="2412", wait_connect=False) scan_freq="2412", wait_connect=False)
dev[0].flush_scan_cache() dev[0].flush_scan_cache()

View file

@ -16,6 +16,7 @@ import hwsim_utils
import hostapd import hostapd
from tshark import run_tshark from tshark import run_tshark
from utils import alloc_fail, HwsimSkip, parse_ie from utils import alloc_fail, HwsimSkip, parse_ie
from test_wep import check_wep_capa
@remote_compatible @remote_compatible
def test_ap_fragmentation_rts_set_high(dev, apdev): def test_ap_fragmentation_rts_set_high(dev, apdev):
@ -334,6 +335,7 @@ def test_ap_wds_sta_open(dev, apdev):
def test_ap_wds_sta_wep(dev, apdev): def test_ap_wds_sta_wep(dev, apdev):
"""WEP AP with STA using 4addr mode""" """WEP AP with STA using 4addr mode"""
check_wep_capa(dev[0])
ssid = "test-wds-wep" ssid = "test-wds-wep"
params = {} params = {}
params['ssid'] = ssid params['ssid'] = ssid
@ -658,6 +660,7 @@ def test_ap_beacon_rate_vht(dev, apdev):
def test_ap_wep_to_wpa(dev, apdev): def test_ap_wep_to_wpa(dev, apdev):
"""WEP to WPA2-PSK configuration change in hostapd""" """WEP to WPA2-PSK configuration change in hostapd"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-to-wpa", {"ssid": "wep-to-wpa",
"wep_key0": '"hello"'}) "wep_key0": '"hello"'})

View file

@ -17,6 +17,7 @@ import hostapd
from utils import HwsimSkip, skip_with_fips from utils import HwsimSkip, skip_with_fips
from wlantest import Wlantest from wlantest import Wlantest
from test_ap_vht import vht_supported from test_ap_vht import vht_supported
from test_wep import check_wep_capa
def start_ap_wpa2_psk(ap): def start_ap_wpa2_psk(ap):
params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678") params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678")
@ -313,6 +314,8 @@ def test_ap_wpa_mixed_tdls(dev, apdev):
def test_ap_wep_tdls(dev, apdev): def test_ap_wep_tdls(dev, apdev):
"""WEP AP and two stations using TDLS""" """WEP AP and two stations using TDLS"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "test-wep", "wep_key0": '"hello"'}) {"ssid": "test-wep", "wep_key0": '"hello"'})
wlantest_setup(hapd) wlantest_setup(hapd)

View file

@ -45,6 +45,7 @@ from utils import HwsimSkip, alloc_fail, fail_test, skip_with_fips
from utils import wait_fail_trigger, clear_regdom from utils import wait_fail_trigger, clear_regdom
from test_ap_eap import int_eap_server_params from test_ap_eap import int_eap_server_params
from test_sae import check_sae_capab from test_sae import check_sae_capab
from test_wep import check_wep_capa
def wps_start_ap(apdev, ssid="test-wps-conf"): def wps_start_ap(apdev, ssid="test-wps-conf"):
params = {"ssid": ssid, "eap_server": "1", "wps_state": "2", params = {"ssid": ssid, "eap_server": "1", "wps_state": "2",
@ -10036,6 +10037,7 @@ def test_ap_wps_ignore_broadcast_ssid(dev, apdev):
def test_ap_wps_wep(dev, apdev): def test_ap_wps_wep(dev, apdev):
"""WPS AP trying to enable WEP""" """WPS AP trying to enable WEP"""
check_wep_capa(dev[0])
ssid = "test-wps" ssid = "test-wps"
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": ssid, "eap_server": "1", "wps_state": "1", {"ssid": ssid, "eap_server": "1", "wps_state": "1",

View file

@ -16,6 +16,7 @@ import hwsim_utils
from tshark import run_tshark from tshark import run_tshark
from nl80211 import * from nl80211 import *
from wpasupplicant import WpaSupplicant from wpasupplicant import WpaSupplicant
from test_wep import check_wep_capa
def nl80211_command(dev, cmd, attr): def nl80211_command(dev, cmd, attr):
res = dev.request("VENDOR ffffffff {} {}".format(nl80211_cmd[cmd], res = dev.request("VENDOR ffffffff {} {}".format(nl80211_cmd[cmd],
@ -101,6 +102,7 @@ def test_cfg80211_tx_frame(dev, apdev, params):
@remote_compatible @remote_compatible
def test_cfg80211_wep_key_idx_change(dev, apdev): def test_cfg80211_wep_key_idx_change(dev, apdev):
"""WEP Shared Key authentication and key index change without deauth""" """WEP Shared Key authentication and key index change without deauth"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key", {"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"', "wep_key0": '"hello12345678"',

View file

@ -12,6 +12,7 @@ import hwsim_utils
import hostapd import hostapd
from wpasupplicant import WpaSupplicant from wpasupplicant import WpaSupplicant
from p2p_utils import * from p2p_utils import *
from test_wep import check_wep_capa
def test_connect_cmd_open(dev, apdev): def test_connect_cmd_open(dev, apdev):
"""Open connection using cfg80211 connect command""" """Open connection using cfg80211 connect command"""
@ -31,11 +32,13 @@ def test_connect_cmd_open(dev, apdev):
def test_connect_cmd_wep(dev, apdev): def test_connect_cmd_wep(dev, apdev):
"""WEP Open System using cfg80211 connect command""" """WEP Open System using cfg80211 connect command"""
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
check_wep_capa(wpas)
params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"'} params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"'}
hapd = hostapd.add_ap(apdev[0], params) hapd = hostapd.add_ap(apdev[0], params)
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412", wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412",
wep_key0='"hello"') wep_key0='"hello"')
wpas.dump_monitor() wpas.dump_monitor()
@ -46,12 +49,14 @@ def test_connect_cmd_wep(dev, apdev):
def test_connect_cmd_wep_shared(dev, apdev): def test_connect_cmd_wep_shared(dev, apdev):
"""WEP Shared key using cfg80211 connect command""" """WEP Shared key using cfg80211 connect command"""
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
check_wep_capa(wpas)
params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"', params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"',
"auth_algs": "2"} "auth_algs": "2"}
hapd = hostapd.add_ap(apdev[0], params) hapd = hostapd.add_ap(apdev[0], params)
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
id = wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412", id = wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412",
auth_alg="SHARED", wep_key0='"hello"') auth_alg="SHARED", wep_key0='"hello"')
wpas.dump_monitor() wpas.dump_monitor()

View file

@ -13,6 +13,7 @@ import subprocess
import hwsim_utils import hwsim_utils
from utils import alloc_fail, wait_fail_trigger from utils import alloc_fail, wait_fail_trigger
from test_wep import check_wep_capa
def connect_ibss_cmd(dev, id, freq=2412): def connect_ibss_cmd(dev, id, freq=2412):
dev.dump_monitor() dev.dump_monitor()
@ -395,6 +396,9 @@ def test_ibss_rsn_tkip(dev):
def test_ibss_wep(dev): def test_ibss_wep(dev):
"""IBSS with WEP""" """IBSS with WEP"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
ssid = "ibss-wep" ssid = "ibss-wep"
id = add_ibss(dev[0], ssid, key_mgmt="NONE", wep_key0='"hello"') id = add_ibss(dev[0], ssid, key_mgmt="NONE", wep_key0='"hello"')

View file

@ -15,11 +15,13 @@ import hostapd
import hwsim_utils import hwsim_utils
from utils import skip_with_fips from utils import skip_with_fips
from tshark import run_tshark from tshark import run_tshark
from test_wep import check_wep_capa
logger = logging.getLogger() logger = logging.getLogger()
def test_ieee8021x_wep104(dev, apdev): def test_ieee8021x_wep104(dev, apdev):
"""IEEE 802.1X connection using dynamic WEP104""" """IEEE 802.1X connection using dynamic WEP104"""
check_wep_capa(dev[0])
skip_with_fips(dev[0]) skip_with_fips(dev[0])
params = hostapd.radius_params() params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep" params["ssid"] = "ieee8021x-wep"
@ -36,6 +38,7 @@ def test_ieee8021x_wep104(dev, apdev):
def test_ieee8021x_wep40(dev, apdev): def test_ieee8021x_wep40(dev, apdev):
"""IEEE 802.1X connection using dynamic WEP40""" """IEEE 802.1X connection using dynamic WEP40"""
check_wep_capa(dev[0])
skip_with_fips(dev[0]) skip_with_fips(dev[0])
params = hostapd.radius_params() params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep" params["ssid"] = "ieee8021x-wep"
@ -52,6 +55,7 @@ def test_ieee8021x_wep40(dev, apdev):
def test_ieee8021x_wep_index_workaround(dev, apdev): def test_ieee8021x_wep_index_workaround(dev, apdev):
"""IEEE 802.1X and EAPOL-Key index workaround""" """IEEE 802.1X and EAPOL-Key index workaround"""
check_wep_capa(dev[0])
skip_with_fips(dev[0]) skip_with_fips(dev[0])
params = hostapd.radius_params() params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep" params["ssid"] = "ieee8021x-wep"
@ -100,6 +104,7 @@ def test_ieee8021x_static_wep104(dev, apdev):
run_static_wep(dev, apdev, '"hello-there-/"') run_static_wep(dev, apdev, '"hello-there-/"')
def run_static_wep(dev, apdev, key): def run_static_wep(dev, apdev, key):
check_wep_capa(dev[0])
params = hostapd.radius_params() params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep" params["ssid"] = "ieee8021x-wep"
params["ieee8021x"] = "1" params["ieee8021x"] = "1"
@ -252,6 +257,7 @@ def send_eapol_key(dev, bssid, signkey, frame_start, frame_end):
def test_ieee8021x_eapol_key(dev, apdev): def test_ieee8021x_eapol_key(dev, apdev):
"""IEEE 802.1X connection and EAPOL-Key protocol tests""" """IEEE 802.1X connection and EAPOL-Key protocol tests"""
check_wep_capa(dev[0])
skip_with_fips(dev[0]) skip_with_fips(dev[0])
params = hostapd.radius_params() params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep" params["ssid"] = "ieee8021x-wep"
@ -317,6 +323,7 @@ def test_ieee8021x_reauth(dev, apdev):
def test_ieee8021x_reauth_wep(dev, apdev, params): def test_ieee8021x_reauth_wep(dev, apdev, params):
"""IEEE 802.1X and EAPOL_REAUTH request with WEP""" """IEEE 802.1X and EAPOL_REAUTH request with WEP"""
check_wep_capa(dev[0])
logdir = params['logdir'] logdir = params['logdir']
params = hostapd.radius_params() params = hostapd.radius_params()
@ -492,6 +499,7 @@ def test_ieee8021x_open_leap(dev, apdev):
def test_ieee8021x_and_wpa_enabled(dev, apdev): def test_ieee8021x_and_wpa_enabled(dev, apdev):
"""IEEE 802.1X connection using dynamic WEP104 when WPA enabled""" """IEEE 802.1X connection using dynamic WEP104 when WPA enabled"""
check_wep_capa(dev[0])
skip_with_fips(dev[0]) skip_with_fips(dev[0])
params = hostapd.radius_params() params = hostapd.radius_params()
params["ssid"] = "ieee8021x-wep" params["ssid"] = "ieee8021x-wep"

View file

@ -21,6 +21,7 @@ import hostapd
from utils import HwsimSkip, require_under_vm, skip_with_fips, alloc_fail, fail_test, wait_fail_trigger from utils import HwsimSkip, require_under_vm, skip_with_fips, alloc_fail, fail_test, wait_fail_trigger
from test_ap_hs20 import build_dhcp_ack from test_ap_hs20 import build_dhcp_ack
from test_ap_ft import ft_params1 from test_ap_ft import ft_params1
from test_wep import check_wep_capa
def connect(dev, ssid, wait_connect=True): def connect(dev, ssid, wait_connect=True):
dev.connect(ssid, key_mgmt="WPA-EAP", scan_freq="2412", dev.connect(ssid, key_mgmt="WPA-EAP", scan_freq="2412",
@ -442,6 +443,7 @@ def test_radius_acct_ft_psk(dev, apdev):
def test_radius_acct_ieee8021x(dev, apdev): def test_radius_acct_ieee8021x(dev, apdev):
"""RADIUS Accounting - IEEE 802.1X""" """RADIUS Accounting - IEEE 802.1X"""
check_wep_capa(dev[0])
skip_with_fips(dev[0]) skip_with_fips(dev[0])
as_hapd = hostapd.Hostapd("as") as_hapd = hostapd.Hostapd("as")
params = hostapd.radius_params() params = hostapd.radius_params()

View file

@ -19,6 +19,7 @@ from utils import HwsimSkip, fail_test, alloc_fail, wait_fail_trigger, parse_ie
from utils import clear_regdom_dev from utils import clear_regdom_dev
from tshark import run_tshark from tshark import run_tshark
from test_ap_csa import switch_channel, wait_channel_switch, csa_supported from test_ap_csa import switch_channel, wait_channel_switch, csa_supported
from test_wep import check_wep_capa
def check_scan(dev, params, other_started=False, test_busy=False): def check_scan(dev, params, other_started=False, test_busy=False):
if not other_started: if not other_started:
@ -434,6 +435,7 @@ def test_scan_for_auth_fail(dev, apdev):
@remote_compatible @remote_compatible
def test_scan_for_auth_wep(dev, apdev): def test_scan_for_auth_wep(dev, apdev):
"""cfg80211 scan-for-auth workaround with WEP keys""" """cfg80211 scan-for-auth workaround with WEP keys"""
check_wep_capa(dev[0])
dev[0].flush_scan_cache() dev[0].flush_scan_cache()
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep", "wep_key0": '"abcde"', {"ssid": "wep", "wep_key0": '"abcde"',

View file

@ -11,11 +11,16 @@ import subprocess
from remotehost import remote_compatible from remotehost import remote_compatible
import hostapd import hostapd
import hwsim_utils import hwsim_utils
from utils import clear_regdom from utils import clear_regdom, HwsimSkip
def check_wep_capa(dev):
if "WEP40" not in dev.get_capability("group"):
raise HwsimSkip("WEP not supported")
@remote_compatible @remote_compatible
def test_wep_open_auth(dev, apdev): def test_wep_open_auth(dev, apdev):
"""WEP Open System authentication""" """WEP Open System authentication"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-open", {"ssid": "wep-open",
"wep_key0": '"hello"'}) "wep_key0": '"hello"'})
@ -35,6 +40,8 @@ def test_wep_open_auth(dev, apdev):
@remote_compatible @remote_compatible
def test_wep_shared_key_auth(dev, apdev): def test_wep_shared_key_auth(dev, apdev):
"""WEP Shared Key authentication""" """WEP Shared Key authentication"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key", {"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"', "wep_key0": '"hello12345678"',
@ -50,6 +57,7 @@ def test_wep_shared_key_auth(dev, apdev):
@remote_compatible @remote_compatible
def test_wep_shared_key_auth_not_allowed(dev, apdev): def test_wep_shared_key_auth_not_allowed(dev, apdev):
"""WEP Shared Key authentication not allowed""" """WEP Shared Key authentication not allowed"""
check_wep_capa(dev[0])
hostapd.add_ap(apdev[0], hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key", {"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"', "wep_key0": '"hello12345678"',
@ -63,6 +71,9 @@ def test_wep_shared_key_auth_not_allowed(dev, apdev):
def test_wep_shared_key_auth_multi_key(dev, apdev): def test_wep_shared_key_auth_multi_key(dev, apdev):
"""WEP Shared Key authentication with multiple keys""" """WEP Shared Key authentication with multiple keys"""
check_wep_capa(dev[0])
check_wep_capa(dev[1])
check_wep_capa(dev[2])
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key", {"ssid": "wep-shared-key",
"wep_key0": '"hello12345678"', "wep_key0": '"hello12345678"',
@ -92,6 +103,7 @@ def test_wep_shared_key_auth_multi_key(dev, apdev):
def test_wep_ht_vht(dev, apdev): def test_wep_ht_vht(dev, apdev):
"""WEP and HT/VHT""" """WEP and HT/VHT"""
check_wep_capa(dev[0])
dev[0].flush_scan_cache() dev[0].flush_scan_cache()
try: try:
hapd = None hapd = None
@ -124,6 +136,7 @@ def test_wep_ht_vht(dev, apdev):
def test_wep_ifdown(dev, apdev): def test_wep_ifdown(dev, apdev):
"""AP with WEP and external ifconfig down""" """AP with WEP and external ifconfig down"""
check_wep_capa(dev[0])
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-open", {"ssid": "wep-open",
"wep_key0": '"hello"'}) "wep_key0": '"hello"'})

View file

@ -13,6 +13,7 @@ import hwsim_utils
from wpasupplicant import WpaSupplicant from wpasupplicant import WpaSupplicant
from utils import HwsimSkip, skip_with_fips from utils import HwsimSkip, skip_with_fips
from test_rfkill import get_rfkill from test_rfkill import get_rfkill
from test_wep import check_wep_capa
def get_wext_interface(): def get_wext_interface():
if not os.path.exists("/proc/net/wireless"): if not os.path.exists("/proc/net/wireless"):
@ -149,6 +150,7 @@ def test_wext_pmksa_cache(dev, apdev):
def test_wext_wep_open_auth(dev, apdev): def test_wext_wep_open_auth(dev, apdev):
"""WEP Open System authentication""" """WEP Open System authentication"""
wpas = get_wext_interface() wpas = get_wext_interface()
check_wep_capa(wpas)
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-open", {"ssid": "wep-open",
@ -162,6 +164,7 @@ def test_wext_wep_open_auth(dev, apdev):
def test_wext_wep_shared_key_auth(dev, apdev): def test_wext_wep_shared_key_auth(dev, apdev):
"""WEP Shared Key authentication""" """WEP Shared Key authentication"""
wpas = get_wext_interface() wpas = get_wext_interface()
check_wep_capa(wpas)
hapd = hostapd.add_ap(apdev[0], hapd = hostapd.add_ap(apdev[0],
{"ssid": "wep-shared-key", {"ssid": "wep-shared-key",

View file

@ -13,6 +13,7 @@ import hwsim_utils
from utils import HwsimSkip, alloc_fail, clear_regdom_dev from utils import HwsimSkip, alloc_fail, clear_regdom_dev
from wpasupplicant import WpaSupplicant from wpasupplicant import WpaSupplicant
from test_p2p_channel import set_country from test_p2p_channel import set_country
from test_wep import check_wep_capa
def wait_ap_ready(dev): def wait_ap_ready(dev):
ev = dev.wait_event(["CTRL-EVENT-CONNECTED"]) ev = dev.wait_event(["CTRL-EVENT-CONNECTED"])
@ -103,6 +104,7 @@ def test_wpas_ap_open_isolate(dev):
@remote_compatible @remote_compatible
def test_wpas_ap_wep(dev): def test_wpas_ap_wep(dev):
"""wpa_supplicant AP mode - WEP""" """wpa_supplicant AP mode - WEP"""
check_wep_capa(dev[0])
id = dev[0].add_network() id = dev[0].add_network()
dev[0].set_network(id, "mode", "2") dev[0].set_network(id, "mode", "2")
dev[0].set_network_quoted(id, "ssid", "wpas-ap-wep") dev[0].set_network_quoted(id, "ssid", "wpas-ap-wep")
@ -540,6 +542,7 @@ def test_wpas_ap_oom(dev):
dev[0].wait_disconnected() dev[0].wait_disconnected()
dev[0].request("REMOVE_NETWORK all") dev[0].request("REMOVE_NETWORK all")
if "WEP40" in dev[0].get_capability("group"):
id = dev[0].add_network() id = dev[0].add_network()
dev[0].set_network(id, "mode", "2") dev[0].set_network(id, "mode", "2")
dev[0].set_network_quoted(id, "ssid", "wpas-ap") dev[0].set_network_quoted(id, "ssid", "wpas-ap")

View file

@ -145,6 +145,7 @@ def test_wpas_ctrl_network(dev):
if "FAIL" not in dev[0].request("SET_NETWORK " + str(id) + ' identity 12x3'): if "FAIL" not in dev[0].request("SET_NETWORK " + str(id) + ' identity 12x3'):
raise Exception("Unexpected success for invalid identity string") raise Exception("Unexpected success for invalid identity string")
if "WEP40" in dev[0].get_capability("group"):
for i in range(0, 4): for i in range(0, 4):
if "FAIL" in dev[0].request("SET_NETWORK " + str(id) + ' wep_key' + str(i) + ' aabbccddee'): if "FAIL" in dev[0].request("SET_NETWORK " + str(id) + ' wep_key' + str(i) + ' aabbccddee'):
raise Exception("Unexpected wep_key set failure") raise Exception("Unexpected wep_key set failure")
@ -205,6 +206,7 @@ def test_wpas_ctrl_network(dev):
raise Exception("Invalid WEP key accepted") raise Exception("Invalid WEP key accepted")
if "FAIL" not in dev[0].request('SET_NETWORK ' + str(id) + ' wep_key0 "12345678901234567"'): if "FAIL" not in dev[0].request('SET_NETWORK ' + str(id) + ' wep_key0 "12345678901234567"'):
raise Exception("Too long WEP key accepted") raise Exception("Too long WEP key accepted")
if "WEP40" in dev[0].get_capability("group"):
# too short WEP key is ignored # too short WEP key is ignored
dev[0].set_network_quoted(id, "wep_key0", "1234") dev[0].set_network_quoted(id, "wep_key0", "1234")
dev[0].set_network_quoted(id, "wep_key1", "12345") dev[0].set_network_quoted(id, "wep_key1", "12345")

View file

@ -378,6 +378,10 @@ OBJS += src/fst/fst_ctrl_iface.c
endif endif
endif endif
ifdef CONFIG_WEP
L_CFLAGS += -DCONFIG_WEP
endif
include $(LOCAL_PATH)/src/drivers/drivers.mk include $(LOCAL_PATH)/src/drivers/drivers.mk

View file

@ -1843,6 +1843,10 @@ OBJS_t2 += $(FST_OBJS)
OBJS_nfc += $(FST_OBJS) OBJS_nfc += $(FST_OBJS)
endif endif
ifdef CONFIG_WEP
CFLAGS += -DCONFIG_WEP
endif
ifndef LDO ifndef LDO
LDO=$(CC) LDO=$(CC)
endif endif

View file

@ -534,4 +534,12 @@ CONFIG_WIFI_DISPLAY=y
# Experimental implementation of draft-harkins-owe-07.txt # Experimental implementation of draft-harkins-owe-07.txt
#CONFIG_OWE=y #CONFIG_OWE=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current wpa_supplicant
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
CONFIG_WEP=y
include $(wildcard $(LOCAL_PATH)/android_config_*.inc) include $(wildcard $(LOCAL_PATH)/android_config_*.inc)

View file

@ -390,6 +390,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->ssid.wpa_psk_set = 1; bss->ssid.wpa_psk_set = 1;
} else if (ssid->passphrase) { } else if (ssid->passphrase) {
bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
#ifdef CONFIG_WEP
} else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
ssid->wep_key_len[2] || ssid->wep_key_len[3]) { ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
struct hostapd_wep_keys *wep = &bss->ssid.wep; struct hostapd_wep_keys *wep = &bss->ssid.wep;
@ -405,6 +406,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
} }
wep->idx = ssid->wep_tx_keyidx; wep->idx = ssid->wep_tx_keyidx;
wep->keys_set = 1; wep->keys_set = 1;
#endif /* CONFIG_WEP */
} }
#ifdef CONFIG_SAE #ifdef CONFIG_SAE
if (ssid->sae_password) { if (ssid->sae_password) {
@ -486,11 +488,12 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
bss->rsn_pairwise); bss->rsn_pairwise);
if (bss->wpa && bss->ieee802_1x) if (bss->wpa && bss->ieee802_1x) {
bss->ssid.security_policy = SECURITY_WPA; bss->ssid.security_policy = SECURITY_WPA;
else if (bss->wpa) } else if (bss->wpa) {
bss->ssid.security_policy = SECURITY_WPA_PSK; bss->ssid.security_policy = SECURITY_WPA_PSK;
else if (bss->ieee802_1x) { #ifdef CONFIG_WEP
} else if (bss->ieee802_1x) {
int cipher = WPA_CIPHER_NONE; int cipher = WPA_CIPHER_NONE;
bss->ssid.security_policy = SECURITY_IEEE_802_1X; bss->ssid.security_policy = SECURITY_IEEE_802_1X;
bss->ssid.wep.default_len = bss->default_wep_key_len; bss->ssid.wep.default_len = bss->default_wep_key_len;
@ -508,6 +511,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
bss->wpa_group = cipher; bss->wpa_group = cipher;
bss->wpa_pairwise = cipher; bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher; bss->rsn_pairwise = cipher;
#endif /* CONFIG_WEP */
} else { } else {
bss->ssid.security_policy = SECURITY_PLAINTEXT; bss->ssid.security_policy = SECURITY_PLAINTEXT;
bss->wpa_group = WPA_CIPHER_NONE; bss->wpa_group = WPA_CIPHER_NONE;

View file

@ -1856,6 +1856,8 @@ static char * wpa_config_write_machine_password(const struct parse_data *data,
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
static int wpa_config_parse_wep_key(u8 *key, size_t *len, int line, static int wpa_config_parse_wep_key(u8 *key, size_t *len, int line,
const char *value, int idx) const char *value, int idx)
{ {
@ -1966,6 +1968,8 @@ static char * wpa_config_write_wep_key3(const struct parse_data *data,
} }
#endif /* NO_CONFIG_WRITE */ #endif /* NO_CONFIG_WRITE */
#endif /* CONFIG_WEP */
#ifdef CONFIG_P2P #ifdef CONFIG_P2P
@ -2451,11 +2455,13 @@ static const struct parse_data ssid_fields[] = {
{ STRe(openssl_ciphers, openssl_ciphers) }, { STRe(openssl_ciphers, openssl_ciphers) },
{ INTe(erp, erp) }, { INTe(erp, erp) },
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
{ FUNC_KEY(wep_key0) }, { FUNC_KEY(wep_key0) },
{ FUNC_KEY(wep_key1) }, { FUNC_KEY(wep_key1) },
{ FUNC_KEY(wep_key2) }, { FUNC_KEY(wep_key2) },
{ FUNC_KEY(wep_key3) }, { FUNC_KEY(wep_key3) },
{ INT(wep_tx_keyidx) }, { INT(wep_tx_keyidx) },
#endif /* CONFIG_WEP */
{ INT(priority) }, { INT(priority) },
#ifdef IEEE8021X_EAPOL #ifdef IEEE8021X_EAPOL
{ INT(eap_workaround) }, { INT(eap_workaround) },

View file

@ -213,9 +213,23 @@ static struct wpa_ssid * wpa_config_read_network(FILE *f, int *line, int id)
} }
} }
if (wpa_config_set(ssid, pos, pos2, *line) < 0) if (wpa_config_set(ssid, pos, pos2, *line) < 0) {
#ifndef CONFIG_WEP
if (os_strcmp(pos, "wep_key0") == 0 ||
os_strcmp(pos, "wep_key1") == 0 ||
os_strcmp(pos, "wep_key2") == 0 ||
os_strcmp(pos, "wep_key3") == 0 ||
os_strcmp(pos, "wep_tx_keyidx") == 0) {
wpa_printf(MSG_ERROR,
"Line %d: unsupported WEP parameter",
*line);
ssid->disabled = 1;
continue;
}
#endif /* CONFIG_WEP */
errors++; errors++;
} }
}
if (!end) { if (!end) {
wpa_printf(MSG_ERROR, "Line %d: network block was not " wpa_printf(MSG_ERROR, "Line %d: network block was not "
@ -653,6 +667,7 @@ static void write_eap(FILE *f, struct wpa_ssid *ssid)
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
static void write_wep_key(FILE *f, int idx, struct wpa_ssid *ssid) static void write_wep_key(FILE *f, int idx, struct wpa_ssid *ssid)
{ {
char field[20], *value; char field[20], *value;
@ -667,6 +682,7 @@ static void write_wep_key(FILE *f, int idx, struct wpa_ssid *ssid)
os_free(value); os_free(value);
} }
} }
#endif /* CONFIG_WEP */
#ifdef CONFIG_P2P #ifdef CONFIG_P2P
@ -741,8 +757,6 @@ static void write_mka_ckn(FILE *f, struct wpa_ssid *ssid)
static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
{ {
int i;
#define STR(t) write_str(f, #t, ssid) #define STR(t) write_str(f, #t, ssid)
#define INT(t) write_int(f, #t, ssid->t, 0) #define INT(t) write_int(f, #t, ssid->t, 0)
#define INTe(t, m) write_int(f, #t, ssid->eap.m, 0) #define INTe(t, m) write_int(f, #t, ssid->eap.m, 0)
@ -831,9 +845,15 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
STR(openssl_ciphers); STR(openssl_ciphers);
INTe(erp, erp); INTe(erp, erp);
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < 4; i++) for (i = 0; i < 4; i++)
write_wep_key(f, i, ssid); write_wep_key(f, i, ssid);
INT(wep_tx_keyidx); INT(wep_tx_keyidx);
}
#endif /* CONFIG_WEP */
INT(priority); INT(priority);
#ifdef IEEE8021X_EAPOL #ifdef IEEE8021X_EAPOL
INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND); INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND);

View file

@ -300,6 +300,7 @@ struct wpa_ssid {
struct eap_peer_config eap; struct eap_peer_config eap;
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
#define NUM_WEP_KEYS 4 #define NUM_WEP_KEYS 4
#define MAX_WEP_KEY_LEN 16 #define MAX_WEP_KEY_LEN 16
/** /**
@ -316,6 +317,7 @@ struct wpa_ssid {
* wep_tx_keyidx - Default key index for TX frames using WEP * wep_tx_keyidx - Default key index for TX frames using WEP
*/ */
int wep_tx_keyidx; int wep_tx_keyidx;
#endif /* CONFIG_WEP */
/** /**
* proactive_key_caching - Enable proactive key caching * proactive_key_caching - Enable proactive key caching

View file

@ -823,6 +823,7 @@ static void write_eap(HKEY hk, struct wpa_ssid *ssid)
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid) static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid)
{ {
char field[20], *value; char field[20], *value;
@ -834,11 +835,12 @@ static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid)
os_free(value); os_free(value);
} }
} }
#endif /* CONFIG_WEP */
static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id) static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
{ {
int i, errors = 0; int errors = 0;
HKEY nhk, netw; HKEY nhk, netw;
LONG ret; LONG ret;
TCHAR name[5]; TCHAR name[5];
@ -924,9 +926,15 @@ static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
INTe(engine2, phase2_cert.engine); INTe(engine2, phase2_cert.engine);
INT_DEF(eapol_flags, DEFAULT_EAPOL_FLAGS); INT_DEF(eapol_flags, DEFAULT_EAPOL_FLAGS);
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < 4; i++) for (i = 0; i < 4; i++)
write_wep_key(netw, i, ssid); write_wep_key(netw, i, ssid);
INT(wep_tx_keyidx); INT(wep_tx_keyidx);
}
#endif /* CONFIG_WEP */
INT(priority); INT(priority);
#ifdef IEEE8021X_EAPOL #ifdef IEEE8021X_EAPOL
INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND); INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND);

View file

@ -3949,8 +3949,10 @@ static const struct cipher_info ciphers[] = {
{ WPA_DRIVER_CAPA_ENC_GCMP, "GCMP", 0 }, { WPA_DRIVER_CAPA_ENC_GCMP, "GCMP", 0 },
{ WPA_DRIVER_CAPA_ENC_TKIP, "TKIP", 0 }, { WPA_DRIVER_CAPA_ENC_TKIP, "TKIP", 0 },
{ WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE, "NONE", 0 }, { WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE, "NONE", 0 },
#ifdef CONFIG_WEP
{ WPA_DRIVER_CAPA_ENC_WEP104, "WEP104", 1 }, { WPA_DRIVER_CAPA_ENC_WEP104, "WEP104", 1 },
{ WPA_DRIVER_CAPA_ENC_WEP40, "WEP40", 1 } { WPA_DRIVER_CAPA_ENC_WEP40, "WEP40", 1 }
#endif /* CONFIG_WEP */
}; };
static const struct cipher_info ciphers_group_mgmt[] = { static const struct cipher_info ciphers_group_mgmt[] = {
@ -4012,7 +4014,11 @@ static int ctrl_iface_get_capability_group(int res, char *strict,
if (res < 0) { if (res < 0) {
if (strict) if (strict)
return 0; return 0;
#ifdef CONFIG_WEP
len = os_strlcpy(buf, "CCMP TKIP WEP104 WEP40", buflen); len = os_strlcpy(buf, "CCMP TKIP WEP104 WEP40", buflen);
#else /* CONFIG_WEP */
len = os_strlcpy(buf, "CCMP TKIP", buflen);
#endif /* CONFIG_WEP */
if (len >= buflen) if (len >= buflen)
return -1; return -1;
return len; return len;

View file

@ -2664,7 +2664,10 @@ dbus_bool_t wpas_dbus_getter_capabilities(
/***** group cipher */ /***** group cipher */
if (res < 0) { if (res < 0) {
const char *args[] = { const char *args[] = {
"ccmp", "tkip", "wep104", "wep40" "ccmp", "tkip",
#ifdef CONFIG_WEP
"wep104", "wep40"
#endif /* CONFIG_WEP */
}; };
if (!wpa_dbus_dict_append_string_array( if (!wpa_dbus_dict_append_string_array(
@ -2691,12 +2694,14 @@ dbus_bool_t wpas_dbus_getter_capabilities(
((capa.enc & WPA_DRIVER_CAPA_ENC_TKIP) && ((capa.enc & WPA_DRIVER_CAPA_ENC_TKIP) &&
!wpa_dbus_dict_string_array_add_element( !wpa_dbus_dict_string_array_add_element(
&iter_array, "tkip")) || &iter_array, "tkip")) ||
#ifdef CONFIG_WEP
((capa.enc & WPA_DRIVER_CAPA_ENC_WEP104) && ((capa.enc & WPA_DRIVER_CAPA_ENC_WEP104) &&
!wpa_dbus_dict_string_array_add_element( !wpa_dbus_dict_string_array_add_element(
&iter_array, "wep104")) || &iter_array, "wep104")) ||
((capa.enc & WPA_DRIVER_CAPA_ENC_WEP40) && ((capa.enc & WPA_DRIVER_CAPA_ENC_WEP40) &&
!wpa_dbus_dict_string_array_add_element( !wpa_dbus_dict_string_array_add_element(
&iter_array, "wep40")) || &iter_array, "wep40")) ||
#endif /* CONFIG_WEP */
!wpa_dbus_dict_end_string_array(&iter_dict, !wpa_dbus_dict_end_string_array(&iter_dict,
&iter_dict_entry, &iter_dict_entry,
&iter_dict_val, &iter_dict_val,
@ -4733,9 +4738,14 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
/* Group */ /* Group */
switch (ie_data->group_cipher) { switch (ie_data->group_cipher) {
#ifdef CONFIG_WEP
case WPA_CIPHER_WEP40: case WPA_CIPHER_WEP40:
group = "wep40"; group = "wep40";
break; break;
case WPA_CIPHER_WEP104:
group = "wep104";
break;
#endif /* CONFIG_WEP */
case WPA_CIPHER_TKIP: case WPA_CIPHER_TKIP:
group = "tkip"; group = "tkip";
break; break;
@ -4745,9 +4755,6 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
case WPA_CIPHER_GCMP: case WPA_CIPHER_GCMP:
group = "gcmp"; group = "gcmp";
break; break;
case WPA_CIPHER_WEP104:
group = "wep104";
break;
case WPA_CIPHER_CCMP_256: case WPA_CIPHER_CCMP_256:
group = "ccmp-256"; group = "ccmp-256";
break; break;

View file

@ -603,3 +603,11 @@ CONFIG_BGSCAN_SIMPLE=y
# Device Provisioning Protocol (DPP) # Device Provisioning Protocol (DPP)
CONFIG_DPP=y CONFIG_DPP=y
# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current wpa_supplicant
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
#CONFIG_WEP=y

View file

@ -479,6 +479,7 @@ int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s,
#ifndef CONFIG_NO_SCAN_PROCESSING #ifndef CONFIG_NO_SCAN_PROCESSING
#ifdef CONFIG_WEP
static int has_wep_key(struct wpa_ssid *ssid) static int has_wep_key(struct wpa_ssid *ssid)
{ {
int i; int i;
@ -490,6 +491,7 @@ static int has_wep_key(struct wpa_ssid *ssid)
return 0; return 0;
} }
#endif /* CONFIG_WEP */
static int wpa_supplicant_match_privacy(struct wpa_bss *bss, static int wpa_supplicant_match_privacy(struct wpa_bss *bss,
@ -510,8 +512,10 @@ static int wpa_supplicant_match_privacy(struct wpa_bss *bss,
return 1; return 1;
#endif /* CONFIG_OWE */ #endif /* CONFIG_OWE */
#ifdef CONFIG_WEP
if (has_wep_key(ssid)) if (has_wep_key(ssid))
privacy = 1; privacy = 1;
#endif /* CONFIG_WEP */
#ifdef IEEE8021X_EAPOL #ifdef IEEE8021X_EAPOL
if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
@ -540,17 +544,21 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
int proto_match = 0; int proto_match = 0;
const u8 *rsn_ie, *wpa_ie; const u8 *rsn_ie, *wpa_ie;
int ret; int ret;
#ifdef CONFIG_WEP
int wep_ok; int wep_ok;
#endif /* CONFIG_WEP */
ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss); ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss);
if (ret >= 0) if (ret >= 0)
return ret; return ret;
#ifdef CONFIG_WEP
/* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */ /* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */
wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) && wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
(((ssid->key_mgmt & WPA_KEY_MGMT_NONE) && (((ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) || ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) ||
(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)); (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA));
#endif /* CONFIG_WEP */
rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
while ((ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)) && rsn_ie) { while ((ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)) && rsn_ie) {
@ -567,6 +575,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
if (!ie.has_group) if (!ie.has_group)
ie.group_cipher = wpa_default_rsn_cipher(bss->freq); ie.group_cipher = wpa_default_rsn_cipher(bss->freq);
#ifdef CONFIG_WEP
if (wep_ok && if (wep_ok &&
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
{ {
@ -575,6 +584,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
" selected based on TSN in RSN IE"); " selected based on TSN in RSN IE");
return 1; return 1;
} }
#endif /* CONFIG_WEP */
if (!(ie.proto & ssid->proto) && if (!(ie.proto & ssid->proto) &&
!(ssid->proto & WPA_PROTO_OSEN)) { !(ssid->proto & WPA_PROTO_OSEN)) {
@ -655,6 +665,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
break; break;
} }
#ifdef CONFIG_WEP
if (wep_ok && if (wep_ok &&
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
{ {
@ -663,6 +674,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
" selected based on TSN in WPA IE"); " selected based on TSN in WPA IE");
return 1; return 1;
} }
#endif /* CONFIG_WEP */
if (!(ie.proto & ssid->proto)) { if (!(ie.proto & ssid->proto)) {
if (debug_print) if (debug_print)
@ -1236,6 +1248,7 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
continue; continue;
} }
#ifdef CONFIG_WEP
if (wpa && !wpa_key_mgmt_wpa(ssid->key_mgmt) && if (wpa && !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
has_wep_key(ssid)) { has_wep_key(ssid)) {
if (debug_print) if (debug_print)
@ -1243,6 +1256,7 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
" skip - ignore WPA/WPA2 AP for WEP network block"); " skip - ignore WPA/WPA2 AP for WEP network block");
continue; continue;
} }
#endif /* CONFIG_WEP */
if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen && if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen &&
!rsn_osen) { !rsn_osen) {
@ -3077,6 +3091,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
wpa_s->pending_eapol_rx = NULL; wpa_s->pending_eapol_rx = NULL;
} }
#ifdef CONFIG_WEP
if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) && wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
wpa_s->current_ssid && wpa_s->current_ssid &&
@ -3084,6 +3099,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
/* Set static WEP keys again */ /* Set static WEP keys again */
wpa_set_wep_keys(wpa_s, wpa_s->current_ssid); wpa_set_wep_keys(wpa_s, wpa_s->current_ssid);
} }
#endif /* CONFIG_WEP */
#ifdef CONFIG_IBSS_RSN #ifdef CONFIG_IBSS_RSN
if (wpa_s->current_ssid && if (wpa_s->current_ssid &&

View file

@ -286,7 +286,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS) #if defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS)
const u8 *md = NULL; const u8 *md = NULL;
#endif /* CONFIG_IEEE80211R || CONFIG_FILS */ #endif /* CONFIG_IEEE80211R || CONFIG_FILS */
int i, bssid_changed; int bssid_changed;
struct wpabuf *resp = NULL; struct wpabuf *resp = NULL;
u8 ext_capab[18]; u8 ext_capab[18];
int ext_capab_len; int ext_capab_len;
@ -370,12 +370,18 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
} }
#endif /* CONFIG_SAE */ #endif /* CONFIG_SAE */
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) { for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i]) if (ssid->wep_key_len[i])
params.wep_key[i] = ssid->wep_key[i]; params.wep_key[i] = ssid->wep_key[i];
params.wep_key_len[i] = ssid->wep_key_len[i]; params.wep_key_len[i] = ssid->wep_key_len[i];
} }
params.wep_tx_keyidx = ssid->wep_tx_keyidx; params.wep_tx_keyidx = ssid->wep_tx_keyidx;
}
#endif /* CONFIG_WEP */
if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
wpa_bss_get_ie(bss, WLAN_EID_RSN)) && wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&

View file

@ -130,6 +130,7 @@ static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
#endif /* CONFIG_OWE */ #endif /* CONFIG_OWE */
#ifdef CONFIG_WEP
/* Configure default/group WEP keys for static WEP */ /* Configure default/group WEP keys for static WEP */
int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
{ {
@ -150,6 +151,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
return set; return set;
} }
#endif /* CONFIG_WEP */
int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
@ -396,7 +398,9 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid) struct wpa_ssid *ssid)
{ {
#ifdef CONFIG_WEP
int i; int i;
#endif /* CONFIG_WEP */
if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
@ -414,6 +418,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
wpa_s->group_cipher = WPA_CIPHER_NONE; wpa_s->group_cipher = WPA_CIPHER_NONE;
wpa_s->mgmt_group_cipher = 0; wpa_s->mgmt_group_cipher = 0;
#ifdef CONFIG_WEP
for (i = 0; i < NUM_WEP_KEYS; i++) { for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i] > 5) { if (ssid->wep_key_len[i] > 5) {
wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
@ -425,6 +430,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
break; break;
} }
} }
#endif /* CONFIG_WEP */
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
@ -3319,7 +3325,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
struct wpa_supplicant *wpa_s = work->wpa_s; struct wpa_supplicant *wpa_s = work->wpa_s;
u8 *wpa_ie; u8 *wpa_ie;
const u8 *edmg_ie_oper; const u8 *edmg_ie_oper;
int use_crypt, ret, i, bssid_changed; int use_crypt, ret, bssid_changed;
unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt; unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
struct wpa_driver_associate_params params; struct wpa_driver_associate_params params;
int wep_keys_set = 0; int wep_keys_set = 0;
@ -3429,10 +3435,12 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
use_crypt = 0; use_crypt = 0;
#ifdef CONFIG_WEP
if (wpa_set_wep_keys(wpa_s, ssid)) { if (wpa_set_wep_keys(wpa_s, ssid)) {
use_crypt = 1; use_crypt = 1;
wep_keys_set = 1; wep_keys_set = 1;
} }
#endif /* CONFIG_WEP */
} }
if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
use_crypt = 0; use_crypt = 0;
@ -3577,12 +3585,18 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
wpa_s->auth_alg = params.auth_alg; wpa_s->auth_alg = params.auth_alg;
params.mode = ssid->mode; params.mode = ssid->mode;
params.bg_scan_period = ssid->bg_scan_period; params.bg_scan_period = ssid->bg_scan_period;
#ifdef CONFIG_WEP
{
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) { for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i]) if (ssid->wep_key_len[i])
params.wep_key[i] = ssid->wep_key[i]; params.wep_key[i] = ssid->wep_key[i];
params.wep_key_len[i] = ssid->wep_key_len[i]; params.wep_key_len[i] = ssid->wep_key_len[i];
} }
params.wep_tx_keyidx = ssid->wep_tx_keyidx; params.wep_tx_keyidx = ssid->wep_tx_keyidx;
}
#endif /* CONFIG_WEP */
if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
(params.key_mgmt_suite == WPA_KEY_MGMT_PSK || (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
@ -3740,11 +3754,13 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
} }
#ifdef CONFIG_WEP
if (wep_keys_set && if (wep_keys_set &&
(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) { (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
/* Set static WEP keys again */ /* Set static WEP keys again */
wpa_set_wep_keys(wpa_s, ssid); wpa_set_wep_keys(wpa_s, ssid);
} }
#endif /* CONFIG_WEP */
if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
/* /*
@ -7330,8 +7346,10 @@ int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
{ {
#ifdef CONFIG_WEP
int i; int i;
unsigned int drv_enc; unsigned int drv_enc;
#endif /* CONFIG_WEP */
if (wpa_s->p2p_mgmt) if (wpa_s->p2p_mgmt)
return 1; /* no normal network profiles on p2p_mgmt interface */ return 1; /* no normal network profiles on p2p_mgmt interface */
@ -7342,6 +7360,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
if (ssid->disabled) if (ssid->disabled)
return 1; return 1;
#ifdef CONFIG_WEP
if (wpa_s->drv_capa_known) if (wpa_s->drv_capa_known)
drv_enc = wpa_s->drv_enc; drv_enc = wpa_s->drv_enc;
else else
@ -7359,6 +7378,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
continue; continue;
return 1; /* invalid WEP key */ return 1; /* invalid WEP key */
} }
#endif /* CONFIG_WEP */
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
(!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk && (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&

View file

@ -227,6 +227,7 @@ static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf,
} }
#ifdef CONFIG_WEP
/** /**
* wpa_eapol_set_wep_key - set WEP key for the driver * wpa_eapol_set_wep_key - set WEP key for the driver
* @ctx: Pointer to wpa_supplicant data (wpa_s) * @ctx: Pointer to wpa_supplicant data (wpa_s)
@ -254,6 +255,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
unicast ? KEY_FLAG_PAIRWISE_RX_TX : unicast ? KEY_FLAG_PAIRWISE_RX_TX :
KEY_FLAG_GROUP_RX_TX_DEFAULT); KEY_FLAG_GROUP_RX_TX_DEFAULT);
} }
#endif /* CONFIG_WEP */
static void wpa_supplicant_aborted_cached(void *ctx) static void wpa_supplicant_aborted_cached(void *ctx)
@ -1133,7 +1135,9 @@ int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
ctx->preauth = 0; ctx->preauth = 0;
ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done; ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done;
ctx->eapol_send = wpa_supplicant_eapol_send; ctx->eapol_send = wpa_supplicant_eapol_send;
#ifdef CONFIG_WEP
ctx->set_wep_key = wpa_eapol_set_wep_key; ctx->set_wep_key = wpa_eapol_set_wep_key;
#endif /* CONFIG_WEP */
#ifndef CONFIG_NO_CONFIG_BLOBS #ifndef CONFIG_NO_CONFIG_BLOBS
ctx->set_config_blob = wpa_supplicant_set_config_blob; ctx->set_config_blob = wpa_supplicant_set_config_blob;
ctx->get_config_blob = wpa_supplicant_get_config_blob; ctx->get_config_blob = wpa_supplicant_get_config_blob;