Share the same enum for MFP configuration
The three existing enums were already depending on using the same values in couple of places and it is just simpler to standardize on one of these to avoid need for mapping between different enums for the exact same thing.
This commit is contained in:
parent
e049867788
commit
70f8cc8ec8
8 changed files with 23 additions and 48 deletions
|
@ -1926,7 +1926,7 @@ static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
|
||||||
group->GTK[group->GN - 1], group->GTK_len);
|
group->GTK[group->GN - 1], group->GTK_len);
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
if (wpa_auth->conf.ieee80211w != WPA_NO_IEEE80211W) {
|
if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) {
|
||||||
if (os_get_random(group->IGTK[group->GN_igtk - 4],
|
if (os_get_random(group->IGTK[group->GN_igtk - 4],
|
||||||
WPA_IGTK_LEN) < 0) {
|
WPA_IGTK_LEN) < 0) {
|
||||||
wpa_printf(MSG_INFO, "RSN: Failed to get new random "
|
wpa_printf(MSG_INFO, "RSN: Failed to get new random "
|
||||||
|
@ -2029,7 +2029,7 @@ static void wpa_group_setkeysdone(struct wpa_authenticator *wpa_auth,
|
||||||
group->GTK_len);
|
group->GTK_len);
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
if (wpa_auth->conf.ieee80211w != WPA_NO_IEEE80211W) {
|
if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) {
|
||||||
wpa_auth_set_key(wpa_auth, group->vlan_id, WPA_ALG_IGTK,
|
wpa_auth_set_key(wpa_auth, group->vlan_id, WPA_ALG_IGTK,
|
||||||
NULL, group->GN_igtk,
|
NULL, group->GN_igtk,
|
||||||
group->IGTK[group->GN_igtk - 4],
|
group->IGTK[group->GN_igtk - 4],
|
||||||
|
|
|
@ -141,11 +141,7 @@ struct wpa_auth_config {
|
||||||
int wmm_enabled;
|
int wmm_enabled;
|
||||||
int okc;
|
int okc;
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
enum {
|
enum mfp_options ieee80211w;
|
||||||
WPA_NO_IEEE80211W = 0,
|
|
||||||
WPA_IEEE80211W_OPTIONAL = 1,
|
|
||||||
WPA_IEEE80211W_REQUIRED = 2
|
|
||||||
} ieee80211w;
|
|
||||||
#endif /* CONFIG_IEEE80211W */
|
#endif /* CONFIG_IEEE80211W */
|
||||||
#ifdef CONFIG_IEEE80211R
|
#ifdef CONFIG_IEEE80211R
|
||||||
#define SSID_LEN 32
|
#define SSID_LEN 32
|
||||||
|
|
|
@ -221,9 +221,9 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
|
||||||
capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
|
capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2);
|
||||||
}
|
}
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
if (conf->ieee80211w != WPA_NO_IEEE80211W) {
|
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
|
||||||
capab |= WPA_CAPABILITY_MFPC;
|
capab |= WPA_CAPABILITY_MFPC;
|
||||||
if (conf->ieee80211w == IEEE80211W_REQUIRED)
|
if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED)
|
||||||
capab |= WPA_CAPABILITY_MFPR;
|
capab |= WPA_CAPABILITY_MFPR;
|
||||||
}
|
}
|
||||||
#endif /* CONFIG_IEEE80211W */
|
#endif /* CONFIG_IEEE80211W */
|
||||||
|
@ -241,7 +241,7 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len,
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
if (conf->ieee80211w != WPA_NO_IEEE80211W) {
|
if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
|
||||||
if (pos + 2 + 4 > buf + len)
|
if (pos + 2 + 4 > buf + len)
|
||||||
return -1;
|
return -1;
|
||||||
if (pmkid == NULL) {
|
if (pmkid == NULL) {
|
||||||
|
@ -613,7 +613,7 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
if (wpa_auth->conf.ieee80211w == WPA_IEEE80211W_REQUIRED) {
|
if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
|
||||||
if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
|
if (!(data.capabilities & WPA_CAPABILITY_MFPC)) {
|
||||||
wpa_printf(MSG_DEBUG, "Management frame protection "
|
wpa_printf(MSG_DEBUG, "Management frame protection "
|
||||||
"required, but client did not enable it");
|
"required, but client did not enable it");
|
||||||
|
@ -633,7 +633,7 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (wpa_auth->conf.ieee80211w == WPA_NO_IEEE80211W ||
|
if (wpa_auth->conf.ieee80211w == NO_MGMT_FRAME_PROTECTION ||
|
||||||
!(data.capabilities & WPA_CAPABILITY_MFPC))
|
!(data.capabilities & WPA_CAPABILITY_MFPC))
|
||||||
sm->mgmt_frame_prot = 0;
|
sm->mgmt_frame_prot = 0;
|
||||||
else
|
else
|
||||||
|
|
|
@ -232,10 +232,13 @@ enum wpa_states {
|
||||||
#define MLME_SETPROTECTION_KEY_TYPE_PAIRWISE 1
|
#define MLME_SETPROTECTION_KEY_TYPE_PAIRWISE 1
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* enum mfp_options - Management frame protection (IEEE 802.11w) options
|
||||||
|
*/
|
||||||
enum mfp_options {
|
enum mfp_options {
|
||||||
NO_IEEE80211W = 0,
|
NO_MGMT_FRAME_PROTECTION = 0,
|
||||||
IEEE80211W_OPTIONAL = 1,
|
MGMT_FRAME_PROTECTION_OPTIONAL = 1,
|
||||||
IEEE80211W_REQUIRED = 2
|
MGMT_FRAME_PROTECTION_REQUIRED = 2
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -356,11 +356,7 @@ struct wpa_driver_associate_params {
|
||||||
/**
|
/**
|
||||||
* mgmt_frame_protection - IEEE 802.11w management frame protection
|
* mgmt_frame_protection - IEEE 802.11w management frame protection
|
||||||
*/
|
*/
|
||||||
enum {
|
enum mfp_options mgmt_frame_protection;
|
||||||
NO_MGMT_FRAME_PROTECTION,
|
|
||||||
MGMT_FRAME_PROTECTION_OPTIONAL,
|
|
||||||
MGMT_FRAME_PROTECTION_REQUIRED
|
|
||||||
} mgmt_frame_protection;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ft_ies - IEEE 802.11r / FT information elements
|
* ft_ies - IEEE 802.11r / FT information elements
|
||||||
|
|
|
@ -339,7 +339,7 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
|
if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
|
||||||
ssid->ieee80211w == IEEE80211W_REQUIRED) {
|
ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
|
||||||
wpa_printf(MSG_DEBUG, " skip RSN IE - no mgmt frame "
|
wpa_printf(MSG_DEBUG, " skip RSN IE - no mgmt frame "
|
||||||
"protection");
|
"protection");
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -199,18 +199,8 @@ void sme_authenticate(struct wpa_supplicant *wpa_s,
|
||||||
#endif /* CONFIG_IEEE80211R */
|
#endif /* CONFIG_IEEE80211R */
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
switch (ssid->ieee80211w) {
|
wpa_s->sme.mfp = ssid->ieee80211w;
|
||||||
case NO_IEEE80211W:
|
if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
|
||||||
wpa_s->sme.mfp = NO_MGMT_FRAME_PROTECTION;
|
|
||||||
break;
|
|
||||||
case IEEE80211W_OPTIONAL:
|
|
||||||
wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_OPTIONAL;
|
|
||||||
break;
|
|
||||||
case IEEE80211W_REQUIRED:
|
|
||||||
wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if (ssid->ieee80211w != NO_IEEE80211W && bss) {
|
|
||||||
const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
|
const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
|
||||||
struct wpa_ie_data _ie;
|
struct wpa_ie_data _ie;
|
||||||
if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &_ie) == 0 &&
|
if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &_ie) == 0 &&
|
||||||
|
|
|
@ -763,7 +763,7 @@ static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
|
if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
|
||||||
ssid->ieee80211w == IEEE80211W_REQUIRED) {
|
ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
|
||||||
wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
|
wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
|
||||||
"that does not support management frame protection - "
|
"that does not support management frame protection - "
|
||||||
"reject");
|
"reject");
|
||||||
|
@ -832,7 +832,7 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||||
ie.key_mgmt = ssid->key_mgmt;
|
ie.key_mgmt = ssid->key_mgmt;
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
ie.mgmt_group_cipher =
|
ie.mgmt_group_cipher =
|
||||||
ssid->ieee80211w != NO_IEEE80211W ?
|
ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
|
||||||
WPA_CIPHER_AES_128_CMAC : 0;
|
WPA_CIPHER_AES_128_CMAC : 0;
|
||||||
#endif /* CONFIG_IEEE80211W */
|
#endif /* CONFIG_IEEE80211W */
|
||||||
wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
|
wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
|
||||||
|
@ -939,7 +939,7 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
sel = ie.mgmt_group_cipher;
|
sel = ie.mgmt_group_cipher;
|
||||||
if (ssid->ieee80211w == NO_IEEE80211W ||
|
if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
|
||||||
!(ie.capabilities & WPA_CAPABILITY_MFPC))
|
!(ie.capabilities & WPA_CAPABILITY_MFPC))
|
||||||
sel = 0;
|
sel = 0;
|
||||||
if (sel & WPA_CIPHER_AES_128_CMAC) {
|
if (sel & WPA_CIPHER_AES_128_CMAC) {
|
||||||
|
@ -1208,18 +1208,8 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
|
||||||
params.drop_unencrypted = use_crypt;
|
params.drop_unencrypted = use_crypt;
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211W
|
#ifdef CONFIG_IEEE80211W
|
||||||
switch (ssid->ieee80211w) {
|
params.mgmt_frame_protection = ssid->ieee80211w;
|
||||||
case NO_IEEE80211W:
|
if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
|
||||||
params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
|
|
||||||
break;
|
|
||||||
case IEEE80211W_OPTIONAL:
|
|
||||||
params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL;
|
|
||||||
break;
|
|
||||||
case IEEE80211W_REQUIRED:
|
|
||||||
params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if (ssid->ieee80211w != NO_IEEE80211W && bss) {
|
|
||||||
const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
|
const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
|
||||||
struct wpa_ie_data ie;
|
struct wpa_ie_data ie;
|
||||||
if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
|
if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
|
||||||
|
|
Loading…
Reference in a new issue