mesh: Set correct address for mesh default broadcast/multicast keys
wpa_drv_set_key() was called with a NULL address for IGTK and MGTK before this patch. The nl80211 driver will then not add the NL80211_KEY_DEFAULT_TYPE_MULTICAST flag for the key, which wrongly marks this key also as a default unicast key in the Linux kernel. With SAE this is no real problem in practice, as a pairwise key will be negotiated in mesh mode, before the first data frame gets send. When using IEEE 802.1X in a mesh network in the future, this gets a problem, as Linux now will encrypt EAPOL frames with the default key, which is also marked for unicast usage without this patch. Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
This commit is contained in:
Markus Theil
Jouni Malinen
parent
48aebcc31b
commit
566ea1b7ce
1 changed files with 4 additions and 2 deletions
|
|
@ -195,7 +195,8 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
|
|||
wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX IGTK",
|
||||
rsn->igtk, rsn->igtk_len);
|
||||
wpa_drv_set_key(rsn->wpa_s,
|
||||
wpa_cipher_to_alg(rsn->mgmt_group_cipher), NULL,
|
||||
wpa_cipher_to_alg(rsn->mgmt_group_cipher),
|
||||
broadcast_ether_addr,
|
||||
rsn->igtk_key_id, 1,
|
||||
seq, sizeof(seq), rsn->igtk, rsn->igtk_len,
|
||||
KEY_FLAG_GROUP_TX_DEFAULT);
|
||||
|
|
@ -204,7 +205,8 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr,
|
|||
/* group privacy / data frames */
|
||||
wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK",
|
||||
rsn->mgtk, rsn->mgtk_len);
|
||||
wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher), NULL,
|
||||
wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher),
|
||||
broadcast_ether_addr,
|
||||
rsn->mgtk_key_id, 1, seq, sizeof(seq),
|
||||
rsn->mgtk, rsn->mgtk_len, KEY_FLAG_GROUP_TX_DEFAULT);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue