Make WEP functionality an optional build parameter
WEP should not be used for anything anymore. As a step towards removing it completely, move all WEP related functionality to be within CONFIG_WEP blocks. This will be included in builds only if CONFIG_WEP=y is explicitly set in build configuration. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
bca44f4e4e
commit
200c7693c9
48 changed files with 386 additions and 71 deletions
|
@ -309,6 +309,10 @@ OBJS += src/fst/fst_ctrl_iface.c
|
|||
endif
|
||||
endif
|
||||
|
||||
ifdef CONFIG_WEP
|
||||
L_CFLAGS += -DCONFIG_WEP
|
||||
endif
|
||||
|
||||
|
||||
include $(LOCAL_PATH)/src/drivers/drivers.mk
|
||||
|
||||
|
|
|
@ -1238,6 +1238,10 @@ OBJS += ../src/fst/fst_ctrl_iface.o
|
|||
endif
|
||||
endif
|
||||
|
||||
ifdef CONFIG_WEP
|
||||
CFLAGS += -DCONFIG_WEP
|
||||
endif
|
||||
|
||||
ALL=hostapd hostapd_cli
|
||||
|
||||
all: verify_config $(ALL)
|
||||
|
|
|
@ -201,3 +201,11 @@ CONFIG_WPA_CLI_EDIT=y
|
|||
# /dev/urandom earlier in boot' seeds /dev/urandom with that entropy before
|
||||
# either wpa_supplicant or hostapd are run.
|
||||
CONFIG_NO_RANDOM_POOL=y
|
||||
|
||||
# Wired equivalent privacy (WEP)
|
||||
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
|
||||
# considered secure. It should not be used for anything anymore. The
|
||||
# functionality needed to use WEP is available in the current hostapd
|
||||
# release under this optional build parameter. This functionality is subject to
|
||||
# be completely removed in a future release.
|
||||
CONFIG_WEP=y
|
||||
|
|
|
@ -793,6 +793,7 @@ static int hostapd_config_parse_cipher(int line, const char *value)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
|
||||
char *val)
|
||||
{
|
||||
|
@ -843,6 +844,7 @@ static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
|
|||
|
||||
return 0;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static int hostapd_parse_chanlist(struct hostapd_config *conf, char *val)
|
||||
|
@ -2664,6 +2666,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
|
|||
} else if (os_strcmp(buf, "erp_domain") == 0) {
|
||||
os_free(bss->erp_domain);
|
||||
bss->erp_domain = os_strdup(pos);
|
||||
#ifdef CONFIG_WEP
|
||||
} else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) {
|
||||
int val = atoi(pos);
|
||||
|
||||
|
@ -2691,6 +2694,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
|
|||
line, bss->wep_rekeying_period);
|
||||
return 1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
} else if (os_strcmp(buf, "eap_reauth_period") == 0) {
|
||||
bss->eap_reauth_period = atoi(pos);
|
||||
if (bss->eap_reauth_period < 0) {
|
||||
|
@ -3311,6 +3315,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
|
|||
bss->ignore_broadcast_ssid = atoi(pos);
|
||||
} else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) {
|
||||
bss->no_probe_resp_if_max_sta = atoi(pos);
|
||||
#ifdef CONFIG_WEP
|
||||
} else if (os_strcmp(buf, "wep_default_key") == 0) {
|
||||
bss->ssid.wep.idx = atoi(pos);
|
||||
if (bss->ssid.wep.idx > 3) {
|
||||
|
@ -3329,6 +3334,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
|
|||
line, buf);
|
||||
return 1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
#ifndef CONFIG_NO_VLAN
|
||||
} else if (os_strcmp(buf, "dynamic_vlan") == 0) {
|
||||
bss->ssid.dynamic_vlan = atoi(pos);
|
||||
|
|
|
@ -380,3 +380,11 @@ CONFIG_IPV6=y
|
|||
# Override default value for the wpa_disable_eapol_key_retries configuration
|
||||
# parameter. See that parameter in hostapd.conf for more details.
|
||||
#CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1
|
||||
|
||||
# Wired equivalent privacy (WEP)
|
||||
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
|
||||
# considered secure. It should not be used for anything anymore. The
|
||||
# functionality needed to use WEP is available in the current hostapd
|
||||
# release under this optional build parameter. This functionality is subject to
|
||||
# be completely removed in a future release.
|
||||
#CONFIG_WEP=y
|
||||
|
|
|
@ -54,12 +54,16 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
|
|||
bss->logger_syslog = (unsigned int) -1;
|
||||
bss->logger_stdout = (unsigned int) -1;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
bss->auth_algs = WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED;
|
||||
|
||||
bss->wep_rekeying_period = 300;
|
||||
/* use key0 in individual key and key1 in broadcast key */
|
||||
bss->broadcast_key_idx_min = 1;
|
||||
bss->broadcast_key_idx_max = 2;
|
||||
#else /* CONFIG_WEP */
|
||||
bss->auth_algs = WPA_AUTH_ALG_OPEN;
|
||||
#endif /* CONFIG_WEP */
|
||||
bss->eap_reauth_period = 3600;
|
||||
|
||||
bss->wpa_group_rekey = 600;
|
||||
|
@ -636,6 +640,7 @@ void hostapd_config_free_eap_users(struct hostapd_eap_user *user)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
|
||||
{
|
||||
int i;
|
||||
|
@ -644,6 +649,7 @@ static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
|
|||
keys->key[i] = NULL;
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
void hostapd_config_clear_wpa_psk(struct hostapd_wpa_psk **l)
|
||||
|
@ -732,7 +738,9 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf)
|
|||
|
||||
str_clear_free(conf->ssid.wpa_passphrase);
|
||||
os_free(conf->ssid.wpa_psk_file);
|
||||
#ifdef CONFIG_WEP
|
||||
hostapd_config_free_wep(&conf->ssid.wep);
|
||||
#endif /* CONFIG_WEP */
|
||||
#ifdef CONFIG_FULL_DYNAMIC_VLAN
|
||||
os_free(conf->ssid.vlan_tagged_interface);
|
||||
#endif /* CONFIG_FULL_DYNAMIC_VLAN */
|
||||
|
@ -1106,6 +1114,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
|||
return -1;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (bss->wpa) {
|
||||
int wep, i;
|
||||
|
||||
|
@ -1123,6 +1132,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
|||
return -1;
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (full_config && bss->wpa &&
|
||||
bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
|
||||
|
@ -1177,12 +1187,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
|||
"allowed, disabling HT capabilities");
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (full_config && conf->ieee80211n &&
|
||||
bss->ssid.security_policy == SECURITY_STATIC_WEP) {
|
||||
bss->disable_11n = 1;
|
||||
wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
|
||||
"allowed, disabling HT capabilities");
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (full_config && conf->ieee80211n && bss->wpa &&
|
||||
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
|
||||
|
@ -1196,12 +1208,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
|||
}
|
||||
|
||||
#ifdef CONFIG_IEEE80211AC
|
||||
#ifdef CONFIG_WEP
|
||||
if (full_config && conf->ieee80211ac &&
|
||||
bss->ssid.security_policy == SECURITY_STATIC_WEP) {
|
||||
bss->disable_11ac = 1;
|
||||
wpa_printf(MSG_ERROR,
|
||||
"VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities");
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (full_config && conf->ieee80211ac && bss->wpa &&
|
||||
!(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
|
||||
|
@ -1221,12 +1235,14 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
|||
bss->wps_state = 0;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (full_config && bss->wps_state &&
|
||||
bss->ssid.wep.keys_set && bss->wpa == 0) {
|
||||
wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
|
||||
"disabled");
|
||||
bss->wps_state = 0;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (full_config && bss->wps_state && bss->wpa &&
|
||||
(!(bss->wpa & 2) ||
|
||||
|
@ -1350,11 +1366,13 @@ int hostapd_config_check(struct hostapd_config *conf, int full_config)
|
|||
void hostapd_set_security_params(struct hostapd_bss_config *bss,
|
||||
int full_config)
|
||||
{
|
||||
#ifdef CONFIG_WEP
|
||||
if (bss->individual_wep_key_len == 0) {
|
||||
/* individual keys are not use; can use key idx0 for
|
||||
* broadcast keys */
|
||||
bss->broadcast_key_idx_min = 0;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
|
||||
bss->rsn_pairwise = bss->wpa_pairwise;
|
||||
|
@ -1380,6 +1398,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
|
|||
} else if (bss->ieee802_1x) {
|
||||
int cipher = WPA_CIPHER_NONE;
|
||||
bss->ssid.security_policy = SECURITY_IEEE_802_1X;
|
||||
#ifdef CONFIG_WEP
|
||||
bss->ssid.wep.default_len = bss->default_wep_key_len;
|
||||
if (full_config && bss->default_wep_key_len) {
|
||||
cipher = bss->default_wep_key_len >= 13 ?
|
||||
|
@ -1390,11 +1409,13 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
|
|||
else
|
||||
cipher = WPA_CIPHER_WEP40;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
bss->wpa_group = cipher;
|
||||
bss->wpa_pairwise = cipher;
|
||||
bss->rsn_pairwise = cipher;
|
||||
if (full_config)
|
||||
bss->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
|
||||
#ifdef CONFIG_WEP
|
||||
} else if (bss->ssid.wep.keys_set) {
|
||||
int cipher = WPA_CIPHER_WEP40;
|
||||
if (bss->ssid.wep.len[0] >= 13)
|
||||
|
@ -1405,6 +1426,7 @@ void hostapd_set_security_params(struct hostapd_bss_config *bss,
|
|||
bss->rsn_pairwise = cipher;
|
||||
if (full_config)
|
||||
bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
|
||||
#endif /* CONFIG_WEP */
|
||||
} else if (bss->osen) {
|
||||
bss->ssid.security_policy = SECURITY_OSEN;
|
||||
bss->wpa_group = WPA_CIPHER_CCMP;
|
||||
|
|
|
@ -67,6 +67,7 @@ struct hostapd_radius_servers;
|
|||
struct ft_remote_r0kh;
|
||||
struct ft_remote_r1kh;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
#define NUM_WEP_KEYS 4
|
||||
struct hostapd_wep_keys {
|
||||
u8 idx;
|
||||
|
@ -75,10 +76,13 @@ struct hostapd_wep_keys {
|
|||
int keys_set;
|
||||
size_t default_len; /* key length used for dynamic key generation */
|
||||
};
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
typedef enum hostap_security_policy {
|
||||
SECURITY_PLAINTEXT = 0,
|
||||
#ifdef CONFIG_WEP
|
||||
SECURITY_STATIC_WEP = 1,
|
||||
#endif /* CONFIG_WEP */
|
||||
SECURITY_IEEE_802_1X = 2,
|
||||
SECURITY_WPA_PSK = 3,
|
||||
SECURITY_WPA = 4,
|
||||
|
@ -102,7 +106,9 @@ struct hostapd_ssid {
|
|||
char *wpa_psk_file;
|
||||
struct sae_pt *pt;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
struct hostapd_wep_keys wep;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
#define DYNAMIC_VLAN_DISABLED 0
|
||||
#define DYNAMIC_VLAN_OPTIONAL 1
|
||||
|
@ -321,10 +327,12 @@ struct hostapd_bss_config {
|
|||
size_t eap_req_id_text_len;
|
||||
int eapol_key_index_workaround;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
size_t default_wep_key_len;
|
||||
int individual_wep_key_len;
|
||||
int wep_rekeying_period;
|
||||
int broadcast_key_idx_min, broadcast_key_idx_max;
|
||||
#endif /* CONFIG_WEP */
|
||||
int eap_reauth_period;
|
||||
int erp_send_reauth_start;
|
||||
char *erp_domain;
|
||||
|
|
|
@ -1360,10 +1360,13 @@ int ieee802_11_build_ap_params(struct hostapd_data *hapd,
|
|||
params->key_mgmt_suites = hapd->conf->wpa_key_mgmt;
|
||||
params->auth_algs = hapd->conf->auth_algs;
|
||||
params->wpa_version = hapd->conf->wpa;
|
||||
params->privacy = hapd->conf->ssid.wep.keys_set || hapd->conf->wpa ||
|
||||
params->privacy = hapd->conf->wpa;
|
||||
#ifdef CONFIG_WEP
|
||||
params->privacy |= hapd->conf->ssid.wep.keys_set ||
|
||||
(hapd->conf->ieee802_1x &&
|
||||
(hapd->conf->default_wep_key_len ||
|
||||
hapd->conf->individual_wep_key_len));
|
||||
#endif /* CONFIG_WEP */
|
||||
switch (hapd->conf->ignore_broadcast_ssid) {
|
||||
case 0:
|
||||
params->hide_ssid = NO_SSID_HIDING;
|
||||
|
|
|
@ -58,8 +58,10 @@
|
|||
|
||||
|
||||
static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason);
|
||||
#ifdef CONFIG_WEP
|
||||
static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd);
|
||||
static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd);
|
||||
#endif /* CONFIG_WEP */
|
||||
static int setup_interface2(struct hostapd_iface *iface);
|
||||
static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx);
|
||||
static void hostapd_interface_setup_failure_handler(void *eloop_ctx,
|
||||
|
@ -89,7 +91,9 @@ void hostapd_reconfig_encryption(struct hostapd_data *hapd)
|
|||
return;
|
||||
|
||||
hostapd_set_privacy(hapd, 0);
|
||||
#ifdef CONFIG_WEP
|
||||
hostapd_setup_encryption(hapd->conf->iface, hapd);
|
||||
#endif /* CONFIG_WEP */
|
||||
}
|
||||
|
||||
|
||||
|
@ -142,7 +146,9 @@ static void hostapd_reload_bss(struct hostapd_data *hapd)
|
|||
wpa_deinit(hapd->wpa_auth);
|
||||
hapd->wpa_auth = NULL;
|
||||
hostapd_set_privacy(hapd, 0);
|
||||
#ifdef CONFIG_WEP
|
||||
hostapd_setup_encryption(hapd->conf->iface, hapd);
|
||||
#endif /* CONFIG_WEP */
|
||||
hostapd_set_generic_elem(hapd, (u8 *) "", 0);
|
||||
}
|
||||
|
||||
|
@ -170,7 +176,9 @@ static void hostapd_clear_old(struct hostapd_iface *iface)
|
|||
for (j = 0; j < iface->num_bss; j++) {
|
||||
hostapd_flush_old_stations(iface->bss[j],
|
||||
WLAN_REASON_PREV_AUTH_NOT_VALID);
|
||||
#ifdef CONFIG_WEP
|
||||
hostapd_broadcast_wep_clear(iface->bss[j]);
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
#ifndef CONFIG_NO_RADIUS
|
||||
/* TODO: update dynamic data based on changed configuration
|
||||
|
@ -284,6 +292,8 @@ int hostapd_reload_config(struct hostapd_iface *iface)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
|
||||
static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
|
||||
const char *ifname)
|
||||
{
|
||||
|
@ -339,6 +349,8 @@ static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
|
|||
return errors;
|
||||
}
|
||||
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static void hostapd_free_hapd_data(struct hostapd_data *hapd)
|
||||
{
|
||||
|
@ -524,6 +536,8 @@ static void hostapd_cleanup_iface(struct hostapd_iface *iface)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
|
||||
static void hostapd_clear_wep(struct hostapd_data *hapd)
|
||||
{
|
||||
if (hapd->drv_priv && !hapd->iface->driver_ap_teardown && hapd->conf) {
|
||||
|
@ -571,6 +585,8 @@ static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd)
|
|||
return 0;
|
||||
}
|
||||
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason)
|
||||
{
|
||||
|
@ -606,7 +622,9 @@ static void hostapd_bss_deinit_no_free(struct hostapd_data *hapd)
|
|||
{
|
||||
hostapd_free_stas(hapd);
|
||||
hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING);
|
||||
#ifdef CONFIG_WEP
|
||||
hostapd_clear_wep(hapd);
|
||||
#endif /* CONFIG_WEP */
|
||||
}
|
||||
|
||||
|
||||
|
@ -1161,9 +1179,11 @@ static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
|
|||
WLAN_REASON_PREV_AUTH_NOT_VALID);
|
||||
hostapd_set_privacy(hapd, 0);
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
hostapd_broadcast_wep_clear(hapd);
|
||||
if (hostapd_setup_encryption(conf->iface, hapd))
|
||||
return -1;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
/*
|
||||
* Fetch the SSID from the system and use it or,
|
||||
|
|
|
@ -223,7 +223,7 @@ u8 * hostapd_eid_rm_enabled_capab(struct hostapd_data *hapd, u8 *eid,
|
|||
u16 hostapd_own_capab_info(struct hostapd_data *hapd)
|
||||
{
|
||||
int capab = WLAN_CAPABILITY_ESS;
|
||||
int privacy;
|
||||
int privacy = 0;
|
||||
int dfs;
|
||||
int i;
|
||||
|
||||
|
@ -239,12 +239,14 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
|
|||
hapd->iconf->preamble == SHORT_PREAMBLE)
|
||||
capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
privacy = hapd->conf->ssid.wep.keys_set;
|
||||
|
||||
if (hapd->conf->ieee802_1x &&
|
||||
(hapd->conf->default_wep_key_len ||
|
||||
hapd->conf->individual_wep_key_len))
|
||||
privacy = 1;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (hapd->conf->wpa)
|
||||
privacy = 1;
|
||||
|
@ -284,6 +286,7 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
#ifndef CONFIG_NO_RC4
|
||||
static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
|
||||
u16 auth_transaction, const u8 *challenge,
|
||||
|
@ -340,6 +343,7 @@ static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
|
|||
return 0;
|
||||
}
|
||||
#endif /* CONFIG_NO_RC4 */
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static int send_auth_reply(struct hostapd_data *hapd, struct sta_info *sta,
|
||||
|
@ -2543,6 +2547,7 @@ static void handle_auth(struct hostapd_data *hapd,
|
|||
sta->auth_alg = WLAN_AUTH_OPEN;
|
||||
mlme_authenticate_indication(hapd, sta);
|
||||
break;
|
||||
#ifdef CONFIG_WEP
|
||||
#ifndef CONFIG_NO_RC4
|
||||
case WLAN_AUTH_SHARED_KEY:
|
||||
resp = auth_shared_key(hapd, sta, auth_transaction, challenge,
|
||||
|
@ -2561,6 +2566,7 @@ static void handle_auth(struct hostapd_data *hapd,
|
|||
}
|
||||
break;
|
||||
#endif /* CONFIG_NO_RC4 */
|
||||
#endif /* CONFIG_WEP */
|
||||
#ifdef CONFIG_IEEE80211R_AP
|
||||
case WLAN_AUTH_FT:
|
||||
sta->auth_alg = WLAN_AUTH_FT;
|
||||
|
@ -4946,6 +4952,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd,
|
|||
struct sta_info *sta,
|
||||
char *ifname_wds)
|
||||
{
|
||||
#ifdef CONFIG_WEP
|
||||
int i;
|
||||
struct hostapd_ssid *ssid = &hapd->conf->ssid;
|
||||
|
||||
|
@ -4966,6 +4973,7 @@ static void hostapd_set_wds_encryption(struct hostapd_data *hapd,
|
|||
break;
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -137,6 +137,7 @@ void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd,
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
#ifndef CONFIG_FIPS
|
||||
#ifndef CONFIG_NO_RC4
|
||||
|
||||
|
@ -297,6 +298,7 @@ static void ieee802_1x_tx_key(struct hostapd_data *hapd, struct sta_info *sta)
|
|||
|
||||
#endif /* CONFIG_NO_RC4 */
|
||||
#endif /* CONFIG_FIPS */
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
const char *radius_mode_txt(struct hostapd_data *hapd)
|
||||
|
@ -2114,6 +2116,8 @@ void ieee802_1x_abort_auth(struct hostapd_data *hapd, struct sta_info *sta)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
|
||||
static int ieee802_1x_rekey_broadcast(struct hostapd_data *hapd)
|
||||
{
|
||||
struct eapol_authenticator *eapol = hapd->eapol_auth;
|
||||
|
@ -2198,6 +2202,8 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx)
|
|||
}
|
||||
}
|
||||
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static void ieee802_1x_eapol_send(void *ctx, void *sta_ctx, u8 type,
|
||||
const u8 *data, size_t datalen)
|
||||
|
@ -2361,6 +2367,7 @@ static void _ieee802_1x_abort_auth(void *ctx, void *sta_ctx)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
static void _ieee802_1x_tx_key(void *ctx, void *sta_ctx)
|
||||
{
|
||||
#ifndef CONFIG_FIPS
|
||||
|
@ -2372,6 +2379,7 @@ static void _ieee802_1x_tx_key(void *ctx, void *sta_ctx)
|
|||
#endif /* CONFIG_NO_RC4 */
|
||||
#endif /* CONFIG_FIPS */
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static void ieee802_1x_eapol_event(void *ctx, void *sta_ctx,
|
||||
|
@ -2422,7 +2430,6 @@ static int ieee802_1x_erp_add_key(void *ctx, struct eap_server_erp_key *erp)
|
|||
|
||||
int ieee802_1x_init(struct hostapd_data *hapd)
|
||||
{
|
||||
int i;
|
||||
struct eapol_auth_config conf;
|
||||
struct eapol_auth_cb cb;
|
||||
|
||||
|
@ -2433,7 +2440,9 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
|||
conf.ctx = hapd;
|
||||
conf.eap_reauth_period = hapd->conf->eap_reauth_period;
|
||||
conf.wpa = hapd->conf->wpa;
|
||||
#ifdef CONFIG_WEP
|
||||
conf.individual_wep_key_len = hapd->conf->individual_wep_key_len;
|
||||
#endif /* CONFIG_WEP */
|
||||
conf.eap_req_id_text = hapd->conf->eap_req_id_text;
|
||||
conf.eap_req_id_text_len = hapd->conf->eap_req_id_text_len;
|
||||
conf.erp_send_reauth_start = hapd->conf->erp_send_reauth_start;
|
||||
|
@ -2448,7 +2457,9 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
|||
cb.logger = ieee802_1x_logger;
|
||||
cb.set_port_authorized = ieee802_1x_set_port_authorized;
|
||||
cb.abort_auth = _ieee802_1x_abort_auth;
|
||||
#ifdef CONFIG_WEP
|
||||
cb.tx_key = _ieee802_1x_tx_key;
|
||||
#endif /* CONFIG_WEP */
|
||||
cb.eapol_event = ieee802_1x_eapol_event;
|
||||
#ifdef CONFIG_ERP
|
||||
cb.erp_get_key = ieee802_1x_erp_get_key;
|
||||
|
@ -2469,7 +2480,10 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
|||
return -1;
|
||||
#endif /* CONFIG_NO_RADIUS */
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (hapd->conf->default_wep_key_len) {
|
||||
int i;
|
||||
|
||||
for (i = 0; i < 4; i++)
|
||||
hostapd_drv_set_key(hapd->conf->iface, hapd,
|
||||
WPA_ALG_NONE, NULL, i, 0, 0, NULL,
|
||||
|
@ -2480,6 +2494,7 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
|||
if (!hapd->eapol_auth->default_wep_key)
|
||||
return -1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -2499,7 +2514,9 @@ void ieee802_1x_erp_flush(struct hostapd_data *hapd)
|
|||
|
||||
void ieee802_1x_deinit(struct hostapd_data *hapd)
|
||||
{
|
||||
#ifdef CONFIG_WEP
|
||||
eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL);
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (hapd->driver && hapd->drv_priv &&
|
||||
(hapd->conf->ieee802_1x || hapd->conf->wpa))
|
||||
|
|
|
@ -22,7 +22,9 @@
|
|||
static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
|
||||
int existsok)
|
||||
{
|
||||
int ret, i;
|
||||
int ret;
|
||||
#ifdef CONFIG_WEP
|
||||
int i;
|
||||
|
||||
for (i = 0; i < NUM_WEP_KEYS; i++) {
|
||||
if (!hapd->conf->ssid.wep.key[i])
|
||||
|
@ -32,6 +34,7 @@ static int vlan_if_add(struct hostapd_data *hapd, struct hostapd_vlan *vlan,
|
|||
vlan->ifname);
|
||||
return -1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (!iface_exists(vlan->ifname))
|
||||
ret = hostapd_vlan_if_add(hapd, vlan->ifname);
|
||||
|
|
|
@ -651,8 +651,10 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx)
|
|||
(str_starts(buf, "ssid=") ||
|
||||
str_starts(buf, "ssid2=") ||
|
||||
str_starts(buf, "auth_algs=") ||
|
||||
#ifdef CONFIG_WEP
|
||||
str_starts(buf, "wep_default_key=") ||
|
||||
str_starts(buf, "wep_key") ||
|
||||
#endif /* CONFIG_WEP */
|
||||
str_starts(buf, "wps_state=") ||
|
||||
(pmf_changed && str_starts(buf, "ieee80211w=")) ||
|
||||
str_starts(buf, "wpa=") ||
|
||||
|
@ -1196,6 +1198,7 @@ int hostapd_init_wps(struct hostapd_data *hapd,
|
|||
wpa_snprintf_hex((char *) wps->network_key, 2 * PMK_LEN + 1,
|
||||
conf->ssid.wpa_psk->psk, PMK_LEN);
|
||||
wps->network_key_len = 2 * PMK_LEN;
|
||||
#ifdef CONFIG_WEP
|
||||
} else if (conf->ssid.wep.keys_set && conf->ssid.wep.key[0]) {
|
||||
wps->network_key = os_malloc(conf->ssid.wep.len[0]);
|
||||
if (wps->network_key == NULL)
|
||||
|
@ -1203,6 +1206,7 @@ int hostapd_init_wps(struct hostapd_data *hapd,
|
|||
os_memcpy(wps->network_key, conf->ssid.wep.key[0],
|
||||
conf->ssid.wep.len[0]);
|
||||
wps->network_key_len = conf->ssid.wep.len[0];
|
||||
#endif /* CONFIG_WEP */
|
||||
}
|
||||
|
||||
if (conf->ssid.wpa_psk) {
|
||||
|
|
|
@ -1965,10 +1965,12 @@ const char * wpa_cipher_txt(int cipher)
|
|||
switch (cipher) {
|
||||
case WPA_CIPHER_NONE:
|
||||
return "NONE";
|
||||
#ifdef CONFIG_WEP
|
||||
case WPA_CIPHER_WEP40:
|
||||
return "WEP-40";
|
||||
case WPA_CIPHER_WEP104:
|
||||
return "WEP-104";
|
||||
#endif /* CONFIG_WEP */
|
||||
case WPA_CIPHER_TKIP:
|
||||
return "TKIP";
|
||||
case WPA_CIPHER_CCMP:
|
||||
|
@ -2467,10 +2469,12 @@ int wpa_parse_cipher(const char *value)
|
|||
val |= WPA_CIPHER_GCMP;
|
||||
else if (os_strcmp(start, "TKIP") == 0)
|
||||
val |= WPA_CIPHER_TKIP;
|
||||
#ifdef CONFIG_WEP
|
||||
else if (os_strcmp(start, "WEP104") == 0)
|
||||
val |= WPA_CIPHER_WEP104;
|
||||
else if (os_strcmp(start, "WEP40") == 0)
|
||||
val |= WPA_CIPHER_WEP40;
|
||||
#endif /* CONFIG_WEP */
|
||||
else if (os_strcmp(start, "NONE") == 0)
|
||||
val |= WPA_CIPHER_NONE;
|
||||
else if (os_strcmp(start, "GTK_NOT_USED") == 0)
|
||||
|
|
|
@ -648,6 +648,8 @@ SM_STEP(REAUTH_TIMER)
|
|||
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
|
||||
/* Authenticator Key Transmit state machine */
|
||||
|
||||
SM_STATE(AUTH_KEY_TX, NO_KEY_TRANSMIT)
|
||||
|
@ -726,6 +728,8 @@ SM_STEP(KEY_RX)
|
|||
}
|
||||
}
|
||||
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
|
||||
/* Controlled Directions state machine */
|
||||
|
@ -813,10 +817,12 @@ eapol_auth_alloc(struct eapol_authenticator *eapol, const u8 *addr,
|
|||
|
||||
sm->portControl = Auto;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (!eapol->conf.wpa &&
|
||||
(eapol->default_wep_key || eapol->conf.individual_wep_key_len > 0))
|
||||
sm->keyTxEnabled = TRUE;
|
||||
else
|
||||
#endif /* CONFIG_WEP */
|
||||
sm->keyTxEnabled = FALSE;
|
||||
if (eapol->conf.wpa)
|
||||
sm->portValid = FALSE;
|
||||
|
@ -910,10 +916,12 @@ restart:
|
|||
SM_STEP_RUN(BE_AUTH);
|
||||
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
|
||||
SM_STEP_RUN(REAUTH_TIMER);
|
||||
#ifdef CONFIG_WEP
|
||||
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
|
||||
SM_STEP_RUN(AUTH_KEY_TX);
|
||||
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
|
||||
SM_STEP_RUN(KEY_RX);
|
||||
#endif /* CONFIG_WEP */
|
||||
if (sm->initializing || eapol_sm_sta_entry_alive(eapol, addr))
|
||||
SM_STEP_RUN(CTRL_DIR);
|
||||
|
||||
|
@ -1167,7 +1175,9 @@ static int eapol_auth_conf_clone(struct eapol_auth_config *dst,
|
|||
dst->ctx = src->ctx;
|
||||
dst->eap_reauth_period = src->eap_reauth_period;
|
||||
dst->wpa = src->wpa;
|
||||
#ifdef CONFIG_WEP
|
||||
dst->individual_wep_key_len = src->individual_wep_key_len;
|
||||
#endif /* CONFIG_WEP */
|
||||
os_free(dst->eap_req_id_text);
|
||||
if (src->eap_req_id_text) {
|
||||
dst->eap_req_id_text = os_memdup(src->eap_req_id_text,
|
||||
|
@ -1221,10 +1231,12 @@ struct eapol_authenticator * eapol_auth_init(struct eapol_auth_config *conf,
|
|||
return NULL;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (conf->individual_wep_key_len > 0) {
|
||||
/* use key0 in individual key and key1 in broadcast key */
|
||||
eapol->default_wep_key_idx = 1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
eapol->cb.eapol_send = cb->eapol_send;
|
||||
eapol->cb.aaa_send = cb->aaa_send;
|
||||
|
@ -1249,6 +1261,8 @@ void eapol_auth_deinit(struct eapol_authenticator *eapol)
|
|||
return;
|
||||
|
||||
eapol_auth_conf_free(&eapol->conf);
|
||||
#ifdef CONFIG_WEP
|
||||
os_free(eapol->default_wep_key);
|
||||
#endif /* CONFIG_WEP */
|
||||
os_free(eapol);
|
||||
}
|
||||
|
|
|
@ -692,6 +692,7 @@ struct eap_key_data {
|
|||
|
||||
static void eapol_sm_processKey(struct eapol_sm *sm)
|
||||
{
|
||||
#ifdef CONFIG_WEP
|
||||
#ifndef CONFIG_FIPS
|
||||
struct ieee802_1x_hdr *hdr;
|
||||
struct ieee802_1x_eapol_key *key;
|
||||
|
@ -866,6 +867,7 @@ static void eapol_sm_processKey(struct eapol_sm *sm)
|
|||
}
|
||||
}
|
||||
#endif /* CONFIG_FIPS */
|
||||
#endif /* CONFIG_WEP */
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -110,3 +110,4 @@ CONFIG_FILS_SK_PFS=y
|
|||
CONFIG_OWE=y
|
||||
CONFIG_DPP=y
|
||||
CONFIG_DPP2=y
|
||||
CONFIG_WEP=y
|
||||
|
|
|
@ -153,3 +153,4 @@ CONFIG_PMKSA_CACHE_EXTERNAL=y
|
|||
CONFIG_OWE=y
|
||||
CONFIG_DPP=y
|
||||
CONFIG_DPP2=y
|
||||
CONFIG_WEP=y
|
||||
|
|
|
@ -429,8 +429,6 @@ def test_ap_config_set_oom(dev, apdev):
|
|||
|
||||
tests = [(1, "hostapd_parse_das_client",
|
||||
"SET radius_das_client 192.168.1.123 pw"),
|
||||
(1, "hostapd_config_read_wep", "SET wep_key0 \"hello\""),
|
||||
(1, "hostapd_config_read_wep", "SET wep_key0 0102030405"),
|
||||
(1, "hostapd_parse_chanlist", "SET chanlist 1 6 11-13"),
|
||||
(1, "hostapd_config_bss", "SET bss foo"),
|
||||
(2, "hostapd_config_bss", "SET bss foo"),
|
||||
|
@ -486,6 +484,9 @@ def test_ap_config_set_oom(dev, apdev):
|
|||
(1, "hostapd_parse_intlist", "SET sae_groups 19 25"),
|
||||
(1, "hostapd_parse_intlist", "SET basic_rates 10 20 55 110"),
|
||||
(1, "hostapd_parse_intlist", "SET supported_rates 10 20 55 110")]
|
||||
if "WEP40" in dev[0].get_capability("group"):
|
||||
tests += [(1, "hostapd_config_read_wep", "SET wep_key0 \"hello\""),
|
||||
(1, "hostapd_config_read_wep", "SET wep_key0 0102030405")]
|
||||
for count, func, cmd in tests:
|
||||
with alloc_fail(hapd, count, func):
|
||||
if "FAIL" not in hapd.request(cmd):
|
||||
|
@ -533,6 +534,7 @@ def test_ap_config_set_oom(dev, apdev):
|
|||
def test_ap_config_set_errors(dev, apdev):
|
||||
"""hostapd configuration parsing errors"""
|
||||
hapd = hostapd.add_ap(apdev[0], {"ssid": "foobar"})
|
||||
if "WEP40" in dev[0].get_capability("group"):
|
||||
hapd.set("wep_key0", '"hello"')
|
||||
hapd.set("wep_key1", '"hello"')
|
||||
hapd.set("wep_key0", '')
|
||||
|
|
|
@ -2662,6 +2662,7 @@ def test_ap_hs20_osen(dev, apdev):
|
|||
|
||||
dev[1].connect("osen", key_mgmt="NONE", scan_freq="2412",
|
||||
wait_connect=False)
|
||||
if "WEP40" in dev[2].get_capability("group"):
|
||||
dev[2].connect("osen", key_mgmt="NONE", wep_key0='"hello"',
|
||||
scan_freq="2412", wait_connect=False)
|
||||
dev[0].flush_scan_cache()
|
||||
|
|
|
@ -16,6 +16,7 @@ import hwsim_utils
|
|||
import hostapd
|
||||
from tshark import run_tshark
|
||||
from utils import alloc_fail, HwsimSkip, parse_ie
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
@remote_compatible
|
||||
def test_ap_fragmentation_rts_set_high(dev, apdev):
|
||||
|
@ -334,6 +335,7 @@ def test_ap_wds_sta_open(dev, apdev):
|
|||
|
||||
def test_ap_wds_sta_wep(dev, apdev):
|
||||
"""WEP AP with STA using 4addr mode"""
|
||||
check_wep_capa(dev[0])
|
||||
ssid = "test-wds-wep"
|
||||
params = {}
|
||||
params['ssid'] = ssid
|
||||
|
@ -658,6 +660,7 @@ def test_ap_beacon_rate_vht(dev, apdev):
|
|||
|
||||
def test_ap_wep_to_wpa(dev, apdev):
|
||||
"""WEP to WPA2-PSK configuration change in hostapd"""
|
||||
check_wep_capa(dev[0])
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-to-wpa",
|
||||
"wep_key0": '"hello"'})
|
||||
|
|
|
@ -17,6 +17,7 @@ import hostapd
|
|||
from utils import HwsimSkip, skip_with_fips
|
||||
from wlantest import Wlantest
|
||||
from test_ap_vht import vht_supported
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def start_ap_wpa2_psk(ap):
|
||||
params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678")
|
||||
|
@ -313,6 +314,8 @@ def test_ap_wpa_mixed_tdls(dev, apdev):
|
|||
|
||||
def test_ap_wep_tdls(dev, apdev):
|
||||
"""WEP AP and two stations using TDLS"""
|
||||
check_wep_capa(dev[0])
|
||||
check_wep_capa(dev[1])
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "test-wep", "wep_key0": '"hello"'})
|
||||
wlantest_setup(hapd)
|
||||
|
|
|
@ -45,6 +45,7 @@ from utils import HwsimSkip, alloc_fail, fail_test, skip_with_fips
|
|||
from utils import wait_fail_trigger, clear_regdom
|
||||
from test_ap_eap import int_eap_server_params
|
||||
from test_sae import check_sae_capab
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def wps_start_ap(apdev, ssid="test-wps-conf"):
|
||||
params = {"ssid": ssid, "eap_server": "1", "wps_state": "2",
|
||||
|
@ -10036,6 +10037,7 @@ def test_ap_wps_ignore_broadcast_ssid(dev, apdev):
|
|||
|
||||
def test_ap_wps_wep(dev, apdev):
|
||||
"""WPS AP trying to enable WEP"""
|
||||
check_wep_capa(dev[0])
|
||||
ssid = "test-wps"
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": ssid, "eap_server": "1", "wps_state": "1",
|
||||
|
|
|
@ -16,6 +16,7 @@ import hwsim_utils
|
|||
from tshark import run_tshark
|
||||
from nl80211 import *
|
||||
from wpasupplicant import WpaSupplicant
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def nl80211_command(dev, cmd, attr):
|
||||
res = dev.request("VENDOR ffffffff {} {}".format(nl80211_cmd[cmd],
|
||||
|
@ -101,6 +102,7 @@ def test_cfg80211_tx_frame(dev, apdev, params):
|
|||
@remote_compatible
|
||||
def test_cfg80211_wep_key_idx_change(dev, apdev):
|
||||
"""WEP Shared Key authentication and key index change without deauth"""
|
||||
check_wep_capa(dev[0])
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-shared-key",
|
||||
"wep_key0": '"hello12345678"',
|
||||
|
|
|
@ -12,6 +12,7 @@ import hwsim_utils
|
|||
import hostapd
|
||||
from wpasupplicant import WpaSupplicant
|
||||
from p2p_utils import *
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def test_connect_cmd_open(dev, apdev):
|
||||
"""Open connection using cfg80211 connect command"""
|
||||
|
@ -31,11 +32,13 @@ def test_connect_cmd_open(dev, apdev):
|
|||
|
||||
def test_connect_cmd_wep(dev, apdev):
|
||||
"""WEP Open System using cfg80211 connect command"""
|
||||
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
|
||||
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
|
||||
check_wep_capa(wpas)
|
||||
|
||||
params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"'}
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
|
||||
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
|
||||
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
|
||||
wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412",
|
||||
wep_key0='"hello"')
|
||||
wpas.dump_monitor()
|
||||
|
@ -46,12 +49,14 @@ def test_connect_cmd_wep(dev, apdev):
|
|||
|
||||
def test_connect_cmd_wep_shared(dev, apdev):
|
||||
"""WEP Shared key using cfg80211 connect command"""
|
||||
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
|
||||
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
|
||||
check_wep_capa(wpas)
|
||||
|
||||
params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"',
|
||||
"auth_algs": "2"}
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
|
||||
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
|
||||
wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
|
||||
id = wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412",
|
||||
auth_alg="SHARED", wep_key0='"hello"')
|
||||
wpas.dump_monitor()
|
||||
|
|
|
@ -13,6 +13,7 @@ import subprocess
|
|||
|
||||
import hwsim_utils
|
||||
from utils import alloc_fail, wait_fail_trigger
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def connect_ibss_cmd(dev, id, freq=2412):
|
||||
dev.dump_monitor()
|
||||
|
@ -395,6 +396,9 @@ def test_ibss_rsn_tkip(dev):
|
|||
|
||||
def test_ibss_wep(dev):
|
||||
"""IBSS with WEP"""
|
||||
check_wep_capa(dev[0])
|
||||
check_wep_capa(dev[1])
|
||||
|
||||
ssid = "ibss-wep"
|
||||
|
||||
id = add_ibss(dev[0], ssid, key_mgmt="NONE", wep_key0='"hello"')
|
||||
|
|
|
@ -15,11 +15,13 @@ import hostapd
|
|||
import hwsim_utils
|
||||
from utils import skip_with_fips
|
||||
from tshark import run_tshark
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
logger = logging.getLogger()
|
||||
|
||||
def test_ieee8021x_wep104(dev, apdev):
|
||||
"""IEEE 802.1X connection using dynamic WEP104"""
|
||||
check_wep_capa(dev[0])
|
||||
skip_with_fips(dev[0])
|
||||
params = hostapd.radius_params()
|
||||
params["ssid"] = "ieee8021x-wep"
|
||||
|
@ -36,6 +38,7 @@ def test_ieee8021x_wep104(dev, apdev):
|
|||
|
||||
def test_ieee8021x_wep40(dev, apdev):
|
||||
"""IEEE 802.1X connection using dynamic WEP40"""
|
||||
check_wep_capa(dev[0])
|
||||
skip_with_fips(dev[0])
|
||||
params = hostapd.radius_params()
|
||||
params["ssid"] = "ieee8021x-wep"
|
||||
|
@ -52,6 +55,7 @@ def test_ieee8021x_wep40(dev, apdev):
|
|||
|
||||
def test_ieee8021x_wep_index_workaround(dev, apdev):
|
||||
"""IEEE 802.1X and EAPOL-Key index workaround"""
|
||||
check_wep_capa(dev[0])
|
||||
skip_with_fips(dev[0])
|
||||
params = hostapd.radius_params()
|
||||
params["ssid"] = "ieee8021x-wep"
|
||||
|
@ -100,6 +104,7 @@ def test_ieee8021x_static_wep104(dev, apdev):
|
|||
run_static_wep(dev, apdev, '"hello-there-/"')
|
||||
|
||||
def run_static_wep(dev, apdev, key):
|
||||
check_wep_capa(dev[0])
|
||||
params = hostapd.radius_params()
|
||||
params["ssid"] = "ieee8021x-wep"
|
||||
params["ieee8021x"] = "1"
|
||||
|
@ -252,6 +257,7 @@ def send_eapol_key(dev, bssid, signkey, frame_start, frame_end):
|
|||
|
||||
def test_ieee8021x_eapol_key(dev, apdev):
|
||||
"""IEEE 802.1X connection and EAPOL-Key protocol tests"""
|
||||
check_wep_capa(dev[0])
|
||||
skip_with_fips(dev[0])
|
||||
params = hostapd.radius_params()
|
||||
params["ssid"] = "ieee8021x-wep"
|
||||
|
@ -317,6 +323,7 @@ def test_ieee8021x_reauth(dev, apdev):
|
|||
|
||||
def test_ieee8021x_reauth_wep(dev, apdev, params):
|
||||
"""IEEE 802.1X and EAPOL_REAUTH request with WEP"""
|
||||
check_wep_capa(dev[0])
|
||||
logdir = params['logdir']
|
||||
|
||||
params = hostapd.radius_params()
|
||||
|
@ -492,6 +499,7 @@ def test_ieee8021x_open_leap(dev, apdev):
|
|||
|
||||
def test_ieee8021x_and_wpa_enabled(dev, apdev):
|
||||
"""IEEE 802.1X connection using dynamic WEP104 when WPA enabled"""
|
||||
check_wep_capa(dev[0])
|
||||
skip_with_fips(dev[0])
|
||||
params = hostapd.radius_params()
|
||||
params["ssid"] = "ieee8021x-wep"
|
||||
|
|
|
@ -21,6 +21,7 @@ import hostapd
|
|||
from utils import HwsimSkip, require_under_vm, skip_with_fips, alloc_fail, fail_test, wait_fail_trigger
|
||||
from test_ap_hs20 import build_dhcp_ack
|
||||
from test_ap_ft import ft_params1
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def connect(dev, ssid, wait_connect=True):
|
||||
dev.connect(ssid, key_mgmt="WPA-EAP", scan_freq="2412",
|
||||
|
@ -442,6 +443,7 @@ def test_radius_acct_ft_psk(dev, apdev):
|
|||
|
||||
def test_radius_acct_ieee8021x(dev, apdev):
|
||||
"""RADIUS Accounting - IEEE 802.1X"""
|
||||
check_wep_capa(dev[0])
|
||||
skip_with_fips(dev[0])
|
||||
as_hapd = hostapd.Hostapd("as")
|
||||
params = hostapd.radius_params()
|
||||
|
|
|
@ -19,6 +19,7 @@ from utils import HwsimSkip, fail_test, alloc_fail, wait_fail_trigger, parse_ie
|
|||
from utils import clear_regdom_dev
|
||||
from tshark import run_tshark
|
||||
from test_ap_csa import switch_channel, wait_channel_switch, csa_supported
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def check_scan(dev, params, other_started=False, test_busy=False):
|
||||
if not other_started:
|
||||
|
@ -434,6 +435,7 @@ def test_scan_for_auth_fail(dev, apdev):
|
|||
@remote_compatible
|
||||
def test_scan_for_auth_wep(dev, apdev):
|
||||
"""cfg80211 scan-for-auth workaround with WEP keys"""
|
||||
check_wep_capa(dev[0])
|
||||
dev[0].flush_scan_cache()
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep", "wep_key0": '"abcde"',
|
||||
|
|
|
@ -11,11 +11,16 @@ import subprocess
|
|||
from remotehost import remote_compatible
|
||||
import hostapd
|
||||
import hwsim_utils
|
||||
from utils import clear_regdom
|
||||
from utils import clear_regdom, HwsimSkip
|
||||
|
||||
def check_wep_capa(dev):
|
||||
if "WEP40" not in dev.get_capability("group"):
|
||||
raise HwsimSkip("WEP not supported")
|
||||
|
||||
@remote_compatible
|
||||
def test_wep_open_auth(dev, apdev):
|
||||
"""WEP Open System authentication"""
|
||||
check_wep_capa(dev[0])
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-open",
|
||||
"wep_key0": '"hello"'})
|
||||
|
@ -35,6 +40,8 @@ def test_wep_open_auth(dev, apdev):
|
|||
@remote_compatible
|
||||
def test_wep_shared_key_auth(dev, apdev):
|
||||
"""WEP Shared Key authentication"""
|
||||
check_wep_capa(dev[0])
|
||||
check_wep_capa(dev[1])
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-shared-key",
|
||||
"wep_key0": '"hello12345678"',
|
||||
|
@ -50,6 +57,7 @@ def test_wep_shared_key_auth(dev, apdev):
|
|||
@remote_compatible
|
||||
def test_wep_shared_key_auth_not_allowed(dev, apdev):
|
||||
"""WEP Shared Key authentication not allowed"""
|
||||
check_wep_capa(dev[0])
|
||||
hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-shared-key",
|
||||
"wep_key0": '"hello12345678"',
|
||||
|
@ -63,6 +71,9 @@ def test_wep_shared_key_auth_not_allowed(dev, apdev):
|
|||
|
||||
def test_wep_shared_key_auth_multi_key(dev, apdev):
|
||||
"""WEP Shared Key authentication with multiple keys"""
|
||||
check_wep_capa(dev[0])
|
||||
check_wep_capa(dev[1])
|
||||
check_wep_capa(dev[2])
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-shared-key",
|
||||
"wep_key0": '"hello12345678"',
|
||||
|
@ -92,6 +103,7 @@ def test_wep_shared_key_auth_multi_key(dev, apdev):
|
|||
|
||||
def test_wep_ht_vht(dev, apdev):
|
||||
"""WEP and HT/VHT"""
|
||||
check_wep_capa(dev[0])
|
||||
dev[0].flush_scan_cache()
|
||||
try:
|
||||
hapd = None
|
||||
|
@ -124,6 +136,7 @@ def test_wep_ht_vht(dev, apdev):
|
|||
|
||||
def test_wep_ifdown(dev, apdev):
|
||||
"""AP with WEP and external ifconfig down"""
|
||||
check_wep_capa(dev[0])
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-open",
|
||||
"wep_key0": '"hello"'})
|
||||
|
|
|
@ -13,6 +13,7 @@ import hwsim_utils
|
|||
from wpasupplicant import WpaSupplicant
|
||||
from utils import HwsimSkip, skip_with_fips
|
||||
from test_rfkill import get_rfkill
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def get_wext_interface():
|
||||
if not os.path.exists("/proc/net/wireless"):
|
||||
|
@ -149,6 +150,7 @@ def test_wext_pmksa_cache(dev, apdev):
|
|||
def test_wext_wep_open_auth(dev, apdev):
|
||||
"""WEP Open System authentication"""
|
||||
wpas = get_wext_interface()
|
||||
check_wep_capa(wpas)
|
||||
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-open",
|
||||
|
@ -162,6 +164,7 @@ def test_wext_wep_open_auth(dev, apdev):
|
|||
def test_wext_wep_shared_key_auth(dev, apdev):
|
||||
"""WEP Shared Key authentication"""
|
||||
wpas = get_wext_interface()
|
||||
check_wep_capa(wpas)
|
||||
|
||||
hapd = hostapd.add_ap(apdev[0],
|
||||
{"ssid": "wep-shared-key",
|
||||
|
|
|
@ -13,6 +13,7 @@ import hwsim_utils
|
|||
from utils import HwsimSkip, alloc_fail, clear_regdom_dev
|
||||
from wpasupplicant import WpaSupplicant
|
||||
from test_p2p_channel import set_country
|
||||
from test_wep import check_wep_capa
|
||||
|
||||
def wait_ap_ready(dev):
|
||||
ev = dev.wait_event(["CTRL-EVENT-CONNECTED"])
|
||||
|
@ -103,6 +104,7 @@ def test_wpas_ap_open_isolate(dev):
|
|||
@remote_compatible
|
||||
def test_wpas_ap_wep(dev):
|
||||
"""wpa_supplicant AP mode - WEP"""
|
||||
check_wep_capa(dev[0])
|
||||
id = dev[0].add_network()
|
||||
dev[0].set_network(id, "mode", "2")
|
||||
dev[0].set_network_quoted(id, "ssid", "wpas-ap-wep")
|
||||
|
@ -540,6 +542,7 @@ def test_wpas_ap_oom(dev):
|
|||
dev[0].wait_disconnected()
|
||||
dev[0].request("REMOVE_NETWORK all")
|
||||
|
||||
if "WEP40" in dev[0].get_capability("group"):
|
||||
id = dev[0].add_network()
|
||||
dev[0].set_network(id, "mode", "2")
|
||||
dev[0].set_network_quoted(id, "ssid", "wpas-ap")
|
||||
|
|
|
@ -145,6 +145,7 @@ def test_wpas_ctrl_network(dev):
|
|||
if "FAIL" not in dev[0].request("SET_NETWORK " + str(id) + ' identity 12x3'):
|
||||
raise Exception("Unexpected success for invalid identity string")
|
||||
|
||||
if "WEP40" in dev[0].get_capability("group"):
|
||||
for i in range(0, 4):
|
||||
if "FAIL" in dev[0].request("SET_NETWORK " + str(id) + ' wep_key' + str(i) + ' aabbccddee'):
|
||||
raise Exception("Unexpected wep_key set failure")
|
||||
|
@ -205,6 +206,7 @@ def test_wpas_ctrl_network(dev):
|
|||
raise Exception("Invalid WEP key accepted")
|
||||
if "FAIL" not in dev[0].request('SET_NETWORK ' + str(id) + ' wep_key0 "12345678901234567"'):
|
||||
raise Exception("Too long WEP key accepted")
|
||||
if "WEP40" in dev[0].get_capability("group"):
|
||||
# too short WEP key is ignored
|
||||
dev[0].set_network_quoted(id, "wep_key0", "1234")
|
||||
dev[0].set_network_quoted(id, "wep_key1", "12345")
|
||||
|
|
|
@ -378,6 +378,10 @@ OBJS += src/fst/fst_ctrl_iface.c
|
|||
endif
|
||||
endif
|
||||
|
||||
ifdef CONFIG_WEP
|
||||
L_CFLAGS += -DCONFIG_WEP
|
||||
endif
|
||||
|
||||
|
||||
include $(LOCAL_PATH)/src/drivers/drivers.mk
|
||||
|
||||
|
|
|
@ -1843,6 +1843,10 @@ OBJS_t2 += $(FST_OBJS)
|
|||
OBJS_nfc += $(FST_OBJS)
|
||||
endif
|
||||
|
||||
ifdef CONFIG_WEP
|
||||
CFLAGS += -DCONFIG_WEP
|
||||
endif
|
||||
|
||||
ifndef LDO
|
||||
LDO=$(CC)
|
||||
endif
|
||||
|
|
|
@ -534,4 +534,12 @@ CONFIG_WIFI_DISPLAY=y
|
|||
# Experimental implementation of draft-harkins-owe-07.txt
|
||||
#CONFIG_OWE=y
|
||||
|
||||
# Wired equivalent privacy (WEP)
|
||||
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
|
||||
# considered secure. It should not be used for anything anymore. The
|
||||
# functionality needed to use WEP is available in the current wpa_supplicant
|
||||
# release under this optional build parameter. This functionality is subject to
|
||||
# be completely removed in a future release.
|
||||
CONFIG_WEP=y
|
||||
|
||||
include $(wildcard $(LOCAL_PATH)/android_config_*.inc)
|
||||
|
|
|
@ -390,6 +390,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||
bss->ssid.wpa_psk_set = 1;
|
||||
} else if (ssid->passphrase) {
|
||||
bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
|
||||
#ifdef CONFIG_WEP
|
||||
} else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
|
||||
ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
|
||||
struct hostapd_wep_keys *wep = &bss->ssid.wep;
|
||||
|
@ -405,6 +406,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||
}
|
||||
wep->idx = ssid->wep_tx_keyidx;
|
||||
wep->keys_set = 1;
|
||||
#endif /* CONFIG_WEP */
|
||||
}
|
||||
#ifdef CONFIG_SAE
|
||||
if (ssid->sae_password) {
|
||||
|
@ -486,11 +488,12 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
|
||||
bss->rsn_pairwise);
|
||||
|
||||
if (bss->wpa && bss->ieee802_1x)
|
||||
if (bss->wpa && bss->ieee802_1x) {
|
||||
bss->ssid.security_policy = SECURITY_WPA;
|
||||
else if (bss->wpa)
|
||||
} else if (bss->wpa) {
|
||||
bss->ssid.security_policy = SECURITY_WPA_PSK;
|
||||
else if (bss->ieee802_1x) {
|
||||
#ifdef CONFIG_WEP
|
||||
} else if (bss->ieee802_1x) {
|
||||
int cipher = WPA_CIPHER_NONE;
|
||||
bss->ssid.security_policy = SECURITY_IEEE_802_1X;
|
||||
bss->ssid.wep.default_len = bss->default_wep_key_len;
|
||||
|
@ -508,6 +511,7 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
|
|||
bss->wpa_group = cipher;
|
||||
bss->wpa_pairwise = cipher;
|
||||
bss->rsn_pairwise = cipher;
|
||||
#endif /* CONFIG_WEP */
|
||||
} else {
|
||||
bss->ssid.security_policy = SECURITY_PLAINTEXT;
|
||||
bss->wpa_group = WPA_CIPHER_NONE;
|
||||
|
|
|
@ -1856,6 +1856,8 @@ static char * wpa_config_write_machine_password(const struct parse_data *data,
|
|||
#endif /* IEEE8021X_EAPOL */
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
|
||||
static int wpa_config_parse_wep_key(u8 *key, size_t *len, int line,
|
||||
const char *value, int idx)
|
||||
{
|
||||
|
@ -1966,6 +1968,8 @@ static char * wpa_config_write_wep_key3(const struct parse_data *data,
|
|||
}
|
||||
#endif /* NO_CONFIG_WRITE */
|
||||
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
#ifdef CONFIG_P2P
|
||||
|
||||
|
@ -2451,11 +2455,13 @@ static const struct parse_data ssid_fields[] = {
|
|||
{ STRe(openssl_ciphers, openssl_ciphers) },
|
||||
{ INTe(erp, erp) },
|
||||
#endif /* IEEE8021X_EAPOL */
|
||||
#ifdef CONFIG_WEP
|
||||
{ FUNC_KEY(wep_key0) },
|
||||
{ FUNC_KEY(wep_key1) },
|
||||
{ FUNC_KEY(wep_key2) },
|
||||
{ FUNC_KEY(wep_key3) },
|
||||
{ INT(wep_tx_keyidx) },
|
||||
#endif /* CONFIG_WEP */
|
||||
{ INT(priority) },
|
||||
#ifdef IEEE8021X_EAPOL
|
||||
{ INT(eap_workaround) },
|
||||
|
|
|
@ -213,9 +213,23 @@ static struct wpa_ssid * wpa_config_read_network(FILE *f, int *line, int id)
|
|||
}
|
||||
}
|
||||
|
||||
if (wpa_config_set(ssid, pos, pos2, *line) < 0)
|
||||
if (wpa_config_set(ssid, pos, pos2, *line) < 0) {
|
||||
#ifndef CONFIG_WEP
|
||||
if (os_strcmp(pos, "wep_key0") == 0 ||
|
||||
os_strcmp(pos, "wep_key1") == 0 ||
|
||||
os_strcmp(pos, "wep_key2") == 0 ||
|
||||
os_strcmp(pos, "wep_key3") == 0 ||
|
||||
os_strcmp(pos, "wep_tx_keyidx") == 0) {
|
||||
wpa_printf(MSG_ERROR,
|
||||
"Line %d: unsupported WEP parameter",
|
||||
*line);
|
||||
ssid->disabled = 1;
|
||||
continue;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
errors++;
|
||||
}
|
||||
}
|
||||
|
||||
if (!end) {
|
||||
wpa_printf(MSG_ERROR, "Line %d: network block was not "
|
||||
|
@ -653,6 +667,7 @@ static void write_eap(FILE *f, struct wpa_ssid *ssid)
|
|||
#endif /* IEEE8021X_EAPOL */
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
static void write_wep_key(FILE *f, int idx, struct wpa_ssid *ssid)
|
||||
{
|
||||
char field[20], *value;
|
||||
|
@ -667,6 +682,7 @@ static void write_wep_key(FILE *f, int idx, struct wpa_ssid *ssid)
|
|||
os_free(value);
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
#ifdef CONFIG_P2P
|
||||
|
@ -741,8 +757,6 @@ static void write_mka_ckn(FILE *f, struct wpa_ssid *ssid)
|
|||
|
||||
static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
|
||||
{
|
||||
int i;
|
||||
|
||||
#define STR(t) write_str(f, #t, ssid)
|
||||
#define INT(t) write_int(f, #t, ssid->t, 0)
|
||||
#define INTe(t, m) write_int(f, #t, ssid->eap.m, 0)
|
||||
|
@ -831,9 +845,15 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid)
|
|||
STR(openssl_ciphers);
|
||||
INTe(erp, erp);
|
||||
#endif /* IEEE8021X_EAPOL */
|
||||
#ifdef CONFIG_WEP
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < 4; i++)
|
||||
write_wep_key(f, i, ssid);
|
||||
INT(wep_tx_keyidx);
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
INT(priority);
|
||||
#ifdef IEEE8021X_EAPOL
|
||||
INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND);
|
||||
|
|
|
@ -300,6 +300,7 @@ struct wpa_ssid {
|
|||
struct eap_peer_config eap;
|
||||
#endif /* IEEE8021X_EAPOL */
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
#define NUM_WEP_KEYS 4
|
||||
#define MAX_WEP_KEY_LEN 16
|
||||
/**
|
||||
|
@ -316,6 +317,7 @@ struct wpa_ssid {
|
|||
* wep_tx_keyidx - Default key index for TX frames using WEP
|
||||
*/
|
||||
int wep_tx_keyidx;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
/**
|
||||
* proactive_key_caching - Enable proactive key caching
|
||||
|
|
|
@ -823,6 +823,7 @@ static void write_eap(HKEY hk, struct wpa_ssid *ssid)
|
|||
#endif /* IEEE8021X_EAPOL */
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid)
|
||||
{
|
||||
char field[20], *value;
|
||||
|
@ -834,11 +835,12 @@ static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid)
|
|||
os_free(value);
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
|
||||
{
|
||||
int i, errors = 0;
|
||||
int errors = 0;
|
||||
HKEY nhk, netw;
|
||||
LONG ret;
|
||||
TCHAR name[5];
|
||||
|
@ -924,9 +926,15 @@ static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
|
|||
INTe(engine2, phase2_cert.engine);
|
||||
INT_DEF(eapol_flags, DEFAULT_EAPOL_FLAGS);
|
||||
#endif /* IEEE8021X_EAPOL */
|
||||
#ifdef CONFIG_WEP
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < 4; i++)
|
||||
write_wep_key(netw, i, ssid);
|
||||
INT(wep_tx_keyidx);
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
INT(priority);
|
||||
#ifdef IEEE8021X_EAPOL
|
||||
INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND);
|
||||
|
|
|
@ -3949,8 +3949,10 @@ static const struct cipher_info ciphers[] = {
|
|||
{ WPA_DRIVER_CAPA_ENC_GCMP, "GCMP", 0 },
|
||||
{ WPA_DRIVER_CAPA_ENC_TKIP, "TKIP", 0 },
|
||||
{ WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE, "NONE", 0 },
|
||||
#ifdef CONFIG_WEP
|
||||
{ WPA_DRIVER_CAPA_ENC_WEP104, "WEP104", 1 },
|
||||
{ WPA_DRIVER_CAPA_ENC_WEP40, "WEP40", 1 }
|
||||
#endif /* CONFIG_WEP */
|
||||
};
|
||||
|
||||
static const struct cipher_info ciphers_group_mgmt[] = {
|
||||
|
@ -4012,7 +4014,11 @@ static int ctrl_iface_get_capability_group(int res, char *strict,
|
|||
if (res < 0) {
|
||||
if (strict)
|
||||
return 0;
|
||||
#ifdef CONFIG_WEP
|
||||
len = os_strlcpy(buf, "CCMP TKIP WEP104 WEP40", buflen);
|
||||
#else /* CONFIG_WEP */
|
||||
len = os_strlcpy(buf, "CCMP TKIP", buflen);
|
||||
#endif /* CONFIG_WEP */
|
||||
if (len >= buflen)
|
||||
return -1;
|
||||
return len;
|
||||
|
|
|
@ -2664,7 +2664,10 @@ dbus_bool_t wpas_dbus_getter_capabilities(
|
|||
/***** group cipher */
|
||||
if (res < 0) {
|
||||
const char *args[] = {
|
||||
"ccmp", "tkip", "wep104", "wep40"
|
||||
"ccmp", "tkip",
|
||||
#ifdef CONFIG_WEP
|
||||
"wep104", "wep40"
|
||||
#endif /* CONFIG_WEP */
|
||||
};
|
||||
|
||||
if (!wpa_dbus_dict_append_string_array(
|
||||
|
@ -2691,12 +2694,14 @@ dbus_bool_t wpas_dbus_getter_capabilities(
|
|||
((capa.enc & WPA_DRIVER_CAPA_ENC_TKIP) &&
|
||||
!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "tkip")) ||
|
||||
#ifdef CONFIG_WEP
|
||||
((capa.enc & WPA_DRIVER_CAPA_ENC_WEP104) &&
|
||||
!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "wep104")) ||
|
||||
((capa.enc & WPA_DRIVER_CAPA_ENC_WEP40) &&
|
||||
!wpa_dbus_dict_string_array_add_element(
|
||||
&iter_array, "wep40")) ||
|
||||
#endif /* CONFIG_WEP */
|
||||
!wpa_dbus_dict_end_string_array(&iter_dict,
|
||||
&iter_dict_entry,
|
||||
&iter_dict_val,
|
||||
|
@ -4733,9 +4738,14 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
|
|||
|
||||
/* Group */
|
||||
switch (ie_data->group_cipher) {
|
||||
#ifdef CONFIG_WEP
|
||||
case WPA_CIPHER_WEP40:
|
||||
group = "wep40";
|
||||
break;
|
||||
case WPA_CIPHER_WEP104:
|
||||
group = "wep104";
|
||||
break;
|
||||
#endif /* CONFIG_WEP */
|
||||
case WPA_CIPHER_TKIP:
|
||||
group = "tkip";
|
||||
break;
|
||||
|
@ -4745,9 +4755,6 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop(
|
|||
case WPA_CIPHER_GCMP:
|
||||
group = "gcmp";
|
||||
break;
|
||||
case WPA_CIPHER_WEP104:
|
||||
group = "wep104";
|
||||
break;
|
||||
case WPA_CIPHER_CCMP_256:
|
||||
group = "ccmp-256";
|
||||
break;
|
||||
|
|
|
@ -603,3 +603,11 @@ CONFIG_BGSCAN_SIMPLE=y
|
|||
|
||||
# Device Provisioning Protocol (DPP)
|
||||
CONFIG_DPP=y
|
||||
|
||||
# Wired equivalent privacy (WEP)
|
||||
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
|
||||
# considered secure. It should not be used for anything anymore. The
|
||||
# functionality needed to use WEP is available in the current wpa_supplicant
|
||||
# release under this optional build parameter. This functionality is subject to
|
||||
# be completely removed in a future release.
|
||||
#CONFIG_WEP=y
|
||||
|
|
|
@ -479,6 +479,7 @@ int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s,
|
|||
|
||||
#ifndef CONFIG_NO_SCAN_PROCESSING
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
static int has_wep_key(struct wpa_ssid *ssid)
|
||||
{
|
||||
int i;
|
||||
|
@ -490,6 +491,7 @@ static int has_wep_key(struct wpa_ssid *ssid)
|
|||
|
||||
return 0;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static int wpa_supplicant_match_privacy(struct wpa_bss *bss,
|
||||
|
@ -510,8 +512,10 @@ static int wpa_supplicant_match_privacy(struct wpa_bss *bss,
|
|||
return 1;
|
||||
#endif /* CONFIG_OWE */
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (has_wep_key(ssid))
|
||||
privacy = 1;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
#ifdef IEEE8021X_EAPOL
|
||||
if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
|
||||
|
@ -540,17 +544,21 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
|||
int proto_match = 0;
|
||||
const u8 *rsn_ie, *wpa_ie;
|
||||
int ret;
|
||||
#ifdef CONFIG_WEP
|
||||
int wep_ok;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss);
|
||||
if (ret >= 0)
|
||||
return ret;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
/* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */
|
||||
wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
|
||||
(((ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
|
||||
ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) ||
|
||||
(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA));
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
|
||||
while ((ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)) && rsn_ie) {
|
||||
|
@ -567,6 +575,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
|||
if (!ie.has_group)
|
||||
ie.group_cipher = wpa_default_rsn_cipher(bss->freq);
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (wep_ok &&
|
||||
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
|
||||
{
|
||||
|
@ -575,6 +584,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
|||
" selected based on TSN in RSN IE");
|
||||
return 1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (!(ie.proto & ssid->proto) &&
|
||||
!(ssid->proto & WPA_PROTO_OSEN)) {
|
||||
|
@ -655,6 +665,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
|||
break;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (wep_ok &&
|
||||
(ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
|
||||
{
|
||||
|
@ -663,6 +674,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
|||
" selected based on TSN in WPA IE");
|
||||
return 1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (!(ie.proto & ssid->proto)) {
|
||||
if (debug_print)
|
||||
|
@ -1236,6 +1248,7 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
|
|||
continue;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (wpa && !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
|
||||
has_wep_key(ssid)) {
|
||||
if (debug_print)
|
||||
|
@ -1243,6 +1256,7 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
|
|||
" skip - ignore WPA/WPA2 AP for WEP network block");
|
||||
continue;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if ((ssid->key_mgmt & WPA_KEY_MGMT_OSEN) && !osen &&
|
||||
!rsn_osen) {
|
||||
|
@ -3077,6 +3091,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
|
|||
wpa_s->pending_eapol_rx = NULL;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
|
||||
wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
|
||||
wpa_s->current_ssid &&
|
||||
|
@ -3084,6 +3099,7 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
|
|||
/* Set static WEP keys again */
|
||||
wpa_set_wep_keys(wpa_s, wpa_s->current_ssid);
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
#ifdef CONFIG_IBSS_RSN
|
||||
if (wpa_s->current_ssid &&
|
||||
|
|
|
@ -286,7 +286,7 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
|||
#if defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS)
|
||||
const u8 *md = NULL;
|
||||
#endif /* CONFIG_IEEE80211R || CONFIG_FILS */
|
||||
int i, bssid_changed;
|
||||
int bssid_changed;
|
||||
struct wpabuf *resp = NULL;
|
||||
u8 ext_capab[18];
|
||||
int ext_capab_len;
|
||||
|
@ -370,12 +370,18 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s,
|
|||
}
|
||||
#endif /* CONFIG_SAE */
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < NUM_WEP_KEYS; i++) {
|
||||
if (ssid->wep_key_len[i])
|
||||
params.wep_key[i] = ssid->wep_key[i];
|
||||
params.wep_key_len[i] = ssid->wep_key_len[i];
|
||||
}
|
||||
params.wep_tx_keyidx = ssid->wep_tx_keyidx;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
|
||||
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
||||
|
|
|
@ -130,6 +130,7 @@ static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
|
|||
#endif /* CONFIG_OWE */
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
/* Configure default/group WEP keys for static WEP */
|
||||
int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
|
||||
{
|
||||
|
@ -150,6 +151,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
|
|||
|
||||
return set;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
|
||||
|
@ -396,7 +398,9 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
|
|||
void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
|
||||
struct wpa_ssid *ssid)
|
||||
{
|
||||
#ifdef CONFIG_WEP
|
||||
int i;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
|
||||
wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
|
||||
|
@ -414,6 +418,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
|
|||
wpa_s->group_cipher = WPA_CIPHER_NONE;
|
||||
wpa_s->mgmt_group_cipher = 0;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
for (i = 0; i < NUM_WEP_KEYS; i++) {
|
||||
if (ssid->wep_key_len[i] > 5) {
|
||||
wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
|
||||
|
@ -425,6 +430,7 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
|
|||
break;
|
||||
}
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
|
||||
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
|
||||
|
@ -3319,7 +3325,7 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
|
|||
struct wpa_supplicant *wpa_s = work->wpa_s;
|
||||
u8 *wpa_ie;
|
||||
const u8 *edmg_ie_oper;
|
||||
int use_crypt, ret, i, bssid_changed;
|
||||
int use_crypt, ret, bssid_changed;
|
||||
unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
|
||||
struct wpa_driver_associate_params params;
|
||||
int wep_keys_set = 0;
|
||||
|
@ -3429,10 +3435,12 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
|
|||
wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
|
||||
if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
|
||||
use_crypt = 0;
|
||||
#ifdef CONFIG_WEP
|
||||
if (wpa_set_wep_keys(wpa_s, ssid)) {
|
||||
use_crypt = 1;
|
||||
wep_keys_set = 1;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
}
|
||||
if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
|
||||
use_crypt = 0;
|
||||
|
@ -3577,12 +3585,18 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
|
|||
wpa_s->auth_alg = params.auth_alg;
|
||||
params.mode = ssid->mode;
|
||||
params.bg_scan_period = ssid->bg_scan_period;
|
||||
#ifdef CONFIG_WEP
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < NUM_WEP_KEYS; i++) {
|
||||
if (ssid->wep_key_len[i])
|
||||
params.wep_key[i] = ssid->wep_key[i];
|
||||
params.wep_key_len[i] = ssid->wep_key_len[i];
|
||||
}
|
||||
params.wep_tx_keyidx = ssid->wep_tx_keyidx;
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
|
||||
(params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
|
||||
|
@ -3740,11 +3754,13 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
|
|||
wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (wep_keys_set &&
|
||||
(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
|
||||
/* Set static WEP keys again */
|
||||
wpa_set_wep_keys(wpa_s, ssid);
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
|
||||
/*
|
||||
|
@ -7330,8 +7346,10 @@ int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
|
|||
|
||||
int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
|
||||
{
|
||||
#ifdef CONFIG_WEP
|
||||
int i;
|
||||
unsigned int drv_enc;
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (wpa_s->p2p_mgmt)
|
||||
return 1; /* no normal network profiles on p2p_mgmt interface */
|
||||
|
@ -7342,6 +7360,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
|
|||
if (ssid->disabled)
|
||||
return 1;
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
if (wpa_s->drv_capa_known)
|
||||
drv_enc = wpa_s->drv_enc;
|
||||
else
|
||||
|
@ -7359,6 +7378,7 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
|
|||
continue;
|
||||
return 1; /* invalid WEP key */
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
|
||||
(!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
|
||||
|
|
|
@ -227,6 +227,7 @@ static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf,
|
|||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_WEP
|
||||
/**
|
||||
* wpa_eapol_set_wep_key - set WEP key for the driver
|
||||
* @ctx: Pointer to wpa_supplicant data (wpa_s)
|
||||
|
@ -254,6 +255,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
|
|||
unicast ? KEY_FLAG_PAIRWISE_RX_TX :
|
||||
KEY_FLAG_GROUP_RX_TX_DEFAULT);
|
||||
}
|
||||
#endif /* CONFIG_WEP */
|
||||
|
||||
|
||||
static void wpa_supplicant_aborted_cached(void *ctx)
|
||||
|
@ -1133,7 +1135,9 @@ int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
|
|||
ctx->preauth = 0;
|
||||
ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done;
|
||||
ctx->eapol_send = wpa_supplicant_eapol_send;
|
||||
#ifdef CONFIG_WEP
|
||||
ctx->set_wep_key = wpa_eapol_set_wep_key;
|
||||
#endif /* CONFIG_WEP */
|
||||
#ifndef CONFIG_NO_CONFIG_BLOBS
|
||||
ctx->set_config_blob = wpa_supplicant_set_config_blob;
|
||||
ctx->get_config_blob = wpa_supplicant_get_config_blob;
|
||||
|
|
Loading…
Reference in a new issue