diff --git a/hostapd/Android.mk b/hostapd/Android.mk index 9824a529d..3b675890d 100644 --- a/hostapd/Android.mk +++ b/hostapd/Android.mk @@ -216,7 +216,6 @@ CONFIG_L2_PACKET=y endif ifdef CONFIG_HS20 -NEED_AES_OMAC1=y CONFIG_PROXYARP=y endif @@ -226,8 +225,6 @@ endif ifdef CONFIG_SUITEB L_CFLAGS += -DCONFIG_SUITEB -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_SUITEB192 @@ -238,24 +235,14 @@ endif ifdef CONFIG_OCV L_CFLAGS += -DCONFIG_OCV OBJS += src/common/ocv.c -CONFIG_IEEE80211W=y -endif - -ifdef CONFIG_IEEE80211W -L_CFLAGS += -DCONFIG_IEEE80211W -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_IEEE80211R L_CFLAGS += -DCONFIG_IEEE80211R -DCONFIG_IEEE80211R_AP OBJS += src/ap/wpa_auth_ft.c -NEED_SHA256=y -NEED_AES_OMAC1=y NEED_AES_UNWRAP=y NEED_AES_SIV=y NEED_ETH_P_OUI=y -NEED_SHA256=y NEED_HMAC_SHA256_KDF=y endif @@ -278,7 +265,6 @@ NEED_ECC=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y endif @@ -413,7 +399,6 @@ ifdef CONFIG_EAP_AKA L_CFLAGS += -DEAP_SERVER_AKA OBJS += src/eap_server/eap_server_aka.c CONFIG_EAP_SIM_COMMON=y -NEED_SHA256=y NEED_AES_CBC=y endif @@ -438,7 +423,6 @@ endif ifdef CONFIG_EAP_PSK L_CFLAGS += -DEAP_SERVER_PSK OBJS += src/eap_server/eap_server_psk.c src/eap_common/eap_psk_common.c -NEED_AES_OMAC1=y NEED_AES_ENCBLOCK=y NEED_AES_EAX=y endif @@ -454,14 +438,11 @@ OBJS += src/eap_server/eap_server_gpsk.c src/eap_common/eap_gpsk_common.c ifdef CONFIG_EAP_GPSK_SHA256 L_CFLAGS += -DEAP_GPSK_SHA256 endif -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_EAP_PWD L_CFLAGS += -DEAP_SERVER_PWD OBJS += src/eap_server/eap_server_pwd.c src/eap_common/eap_pwd_common.c -NEED_SHA256=y NEED_ECC=y NEED_DRAGONFLY=y endif @@ -513,7 +494,6 @@ OBJS += src/wps/wps_dev_attr.c OBJS += src/wps/wps_enrollee.c OBJS += src/wps/wps_registrar.c NEED_DH_GROUPS=y -NEED_SHA256=y NEED_BASE64=y NEED_AES_CBC=y NEED_MODEXP=y @@ -562,7 +542,6 @@ NEED_AES_SIV=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y NEED_JSON=y @@ -641,7 +620,6 @@ endif ifdef CONFIG_TLSV12 L_CFLAGS += -DCONFIG_TLSV12 -NEED_SHA256=y endif ifeq ($(CONFIG_TLS), openssl) @@ -655,7 +633,6 @@ HOBJS += src/crypto/crypto_openssl.c ifdef NEED_FIPS186_2_PRF OBJS += src/crypto/fips_prf_openssl.c endif -NEED_SHA256=y NEED_TLS_PRF_SHA256=y LIBS += -lcrypto LIBS_h += -lcrypto @@ -713,7 +690,6 @@ OBJS += src/tls/x509v3.c OBJS += src/tls/pkcs1.c OBJS += src/tls/pkcs5.c OBJS += src/tls/pkcs8.c -NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y ifdef CONFIG_TLSV12 @@ -808,12 +784,10 @@ endif ifdef NEED_AES_EAX AESOBJS += src/crypto/aes-eax.c NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_SIV AESOBJS += src/crypto/aes-siv.c NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_CTR AESOBJS += src/crypto/aes-ctr.c @@ -821,9 +795,7 @@ endif ifdef NEED_AES_ENCBLOCK AESOBJS += src/crypto/aes-encblock.c endif -ifdef NEED_AES_OMAC1 AESOBJS += src/crypto/aes-omac1.c -endif ifdef NEED_AES_UNWRAP ifneq ($(CONFIG_TLS), openssl) NEED_AES_DEC=y @@ -911,7 +883,6 @@ endif endif endif -ifdef NEED_SHA256 L_CFLAGS += -DCONFIG_SHA256 ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), gnutls) @@ -937,7 +908,6 @@ endif ifdef NEED_HMAC_SHA512_KDF OBJS += src/crypto/sha512-kdf.c endif -endif ifdef NEED_SHA384 L_CFLAGS += -DCONFIG_SHA384 ifneq ($(CONFIG_TLS), openssl) diff --git a/hostapd/Makefile b/hostapd/Makefile index 2cbd6d9e6..0d7e48524 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -259,7 +259,6 @@ CONFIG_L2_PACKET=y endif ifdef CONFIG_HS20 -NEED_AES_OMAC1=y CONFIG_PROXYARP=y endif @@ -269,8 +268,6 @@ endif ifdef CONFIG_SUITEB CFLAGS += -DCONFIG_SUITEB -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_SUITEB192 @@ -281,24 +278,14 @@ endif ifdef CONFIG_OCV CFLAGS += -DCONFIG_OCV OBJS += ../src/common/ocv.o -CONFIG_IEEE80211W=y -endif - -ifdef CONFIG_IEEE80211W -CFLAGS += -DCONFIG_IEEE80211W -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R -DCONFIG_IEEE80211R_AP OBJS += ../src/ap/wpa_auth_ft.o -NEED_SHA256=y -NEED_AES_OMAC1=y NEED_AES_UNWRAP=y NEED_AES_SIV=y NEED_ETH_P_OUI=y -NEED_SHA256=y NEED_HMAC_SHA256_KDF=y endif @@ -322,7 +309,6 @@ NEED_ECC=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y endif @@ -391,7 +377,6 @@ endif ifdef CONFIG_ERP CFLAGS += -DCONFIG_ERP -NEED_SHA256=y NEED_HMAC_SHA256_KDF=y endif @@ -452,7 +437,6 @@ ifdef CONFIG_EAP_AKA CFLAGS += -DEAP_SERVER_AKA OBJS += ../src/eap_server/eap_server_aka.o CONFIG_EAP_SIM_COMMON=y -NEED_SHA256=y NEED_AES_CBC=y endif @@ -477,7 +461,6 @@ endif ifdef CONFIG_EAP_PSK CFLAGS += -DEAP_SERVER_PSK OBJS += ../src/eap_server/eap_server_psk.o ../src/eap_common/eap_psk_common.o -NEED_AES_OMAC1=y NEED_AES_ENCBLOCK=y NEED_AES_EAX=y endif @@ -493,14 +476,11 @@ OBJS += ../src/eap_server/eap_server_gpsk.o ../src/eap_common/eap_gpsk_common.o ifdef CONFIG_EAP_GPSK_SHA256 CFLAGS += -DEAP_GPSK_SHA256 endif -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_EAP_PWD CFLAGS += -DEAP_SERVER_PWD OBJS += ../src/eap_server/eap_server_pwd.o ../src/eap_common/eap_pwd_common.o -NEED_SHA256=y NEED_ECC=y NEED_DRAGONFLY=y endif @@ -552,7 +532,6 @@ OBJS += ../src/wps/wps_dev_attr.o OBJS += ../src/wps/wps_enrollee.o OBJS += ../src/wps/wps_registrar.o NEED_DH_GROUPS=y -NEED_SHA256=y NEED_BASE64=y NEED_AES_CBC=y NEED_MODEXP=y @@ -601,7 +580,6 @@ NEED_AES_SIV=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y NEED_JSON=y @@ -689,7 +667,6 @@ endif ifdef CONFIG_TLSV12 CFLAGS += -DCONFIG_TLSV12 -NEED_SHA256=y endif ifeq ($(CONFIG_TLS), wolfssl) @@ -703,7 +680,6 @@ HOBJS += ../src/crypto/crypto_wolfssl.o ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_wolfssl.o endif -NEED_SHA256=y NEED_TLS_PRF_SHA256=y LIBS += -lwolfssl -lm LIBS_h += -lwolfssl -lm @@ -725,7 +701,6 @@ HOBJS += ../src/crypto/crypto_openssl.o ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_openssl.o endif -NEED_SHA256=y NEED_TLS_PRF_SHA256=y LIBS += -lcrypto LIBS_h += -lcrypto @@ -789,7 +764,6 @@ OBJS += ../src/tls/x509v3.o OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs8.o -NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y ifdef CONFIG_TLSV12 @@ -866,7 +840,6 @@ OBJS += ../src/tls/x509v3.o OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs8.o -NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y ifdef CONFIG_TLSV12 @@ -927,12 +900,10 @@ endif ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_SIV AESOBJS += ../src/crypto/aes-siv.o NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_CTR AESOBJS += ../src/crypto/aes-ctr.o @@ -940,13 +911,11 @@ endif ifdef NEED_AES_ENCBLOCK AESOBJS += ../src/crypto/aes-encblock.o endif -ifdef NEED_AES_OMAC1 ifneq ($(CONFIG_TLS), linux) ifneq ($(CONFIG_TLS), wolfssl) AESOBJS += ../src/crypto/aes-omac1.o endif endif -endif ifdef NEED_AES_UNWRAP ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) @@ -1052,7 +1021,6 @@ endif endif endif -ifdef NEED_SHA256 CFLAGS += -DCONFIG_SHA256 ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) @@ -1082,7 +1050,6 @@ endif ifdef NEED_HMAC_SHA512_KDF OBJS += ../src/crypto/sha512-kdf.o endif -endif ifdef NEED_SHA384 CFLAGS += -DCONFIG_SHA384 ifneq ($(CONFIG_TLS), openssl) diff --git a/hostapd/android.config b/hostapd/android.config index e14423f26..efe252332 100644 --- a/hostapd/android.config +++ b/hostapd/android.config @@ -44,12 +44,6 @@ CONFIG_DRIVER_NL80211_QCA=y # WPA2/IEEE 802.11i RSN pre-authentication #CONFIG_RSN_PREAUTH=y -# IEEE 802.11w (management frame protection) -# This version is an experimental implementation based on IEEE 802.11w/D1.0 -# draft and is subject to change since the standard has not yet been finalized. -# Driver support is also needed for IEEE 802.11w. -CONFIG_IEEE80211W=y - # Support Operating Channel Validation #CONFIG_OCV=y diff --git a/hostapd/config_file.c b/hostapd/config_file.c index 3ffd1ac2d..680f17ee0 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -711,12 +711,10 @@ static int hostapd_config_parse_key_mgmt(int line, const char *value) val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384; #endif /* CONFIG_SHA384 */ #endif /* CONFIG_IEEE80211R_AP */ -#ifdef CONFIG_IEEE80211W else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) val |= WPA_KEY_MGMT_PSK_SHA256; else if (os_strcmp(start, "WPA-EAP-SHA256") == 0) val |= WPA_KEY_MGMT_IEEE8021X_SHA256; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE else if (os_strcmp(start, "SAE") == 0) val |= WPA_KEY_MGMT_SAE; @@ -3380,7 +3378,6 @@ static int hostapd_config_fill(struct hostapd_config *conf, } } else if (os_strcmp(buf, "use_driver_iface_addr") == 0) { conf->use_driver_iface_addr = atoi(pos); -#ifdef CONFIG_IEEE80211W } else if (os_strcmp(buf, "ieee80211w") == 0) { bss->ieee80211w = atoi(pos); } else if (os_strcmp(buf, "group_mgmt_cipher") == 0) { @@ -3411,7 +3408,6 @@ static int hostapd_config_fill(struct hostapd_config *conf, line); return 1; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV } else if (os_strcmp(buf, "ocv") == 0) { bss->ocv = atoi(pos); diff --git a/hostapd/ctrl_iface.c b/hostapd/ctrl_iface.c index 0f6dfa13d..8d9d1a3be 100644 --- a/hostapd/ctrl_iface.c +++ b/hostapd/ctrl_iface.c @@ -130,7 +130,6 @@ static int hostapd_ctrl_iface_new_sta(struct hostapd_data *hapd, } -#ifdef CONFIG_IEEE80211W #ifdef NEED_AP_MLME static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd, const char *txtaddr) @@ -149,7 +148,6 @@ static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd, return 0; } #endif /* NEED_AP_MLME */ -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS @@ -1098,7 +1096,6 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, } #endif /* CONFIG_FILS */ #endif /* CONFIG_IEEE80211R_AP */ -#ifdef CONFIG_IEEE80211W if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) { ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 "); if (os_snprintf_error(end - pos, ret)) @@ -1111,7 +1108,6 @@ static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, return pos - buf; pos += ret; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) { ret = os_snprintf(pos, end - pos, "SAE "); @@ -2109,7 +2105,6 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) if (hwaddr_aton(cmd, addr)) return -1; -#ifdef CONFIG_IEEE80211W if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) { if (hapd->last_igtk_alg == WPA_ALG_NONE) return -1; @@ -2133,7 +2128,6 @@ static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd) hapd->last_igtk, hapd->last_igtk_len); } -#endif /* CONFIG_IEEE80211W */ if (is_broadcast_ether_addr(addr)) { if (hapd->last_gtk_alg == WPA_ALG_NONE) @@ -3032,13 +3026,11 @@ static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, } else if (os_strcmp(buf, "STOP_AP") == 0) { if (hostapd_ctrl_iface_stop_ap(hapd)) reply_len = -1; -#ifdef CONFIG_IEEE80211W #ifdef NEED_AP_MLME } else if (os_strncmp(buf, "SA_QUERY ", 9) == 0) { if (hostapd_ctrl_iface_sa_query(hapd, buf + 9)) reply_len = -1; #endif /* NEED_AP_MLME */ -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) { if (hostapd_ctrl_iface_wps_pin(hapd, buf + 8)) diff --git a/hostapd/defconfig b/hostapd/defconfig index 01871c951..b1fb56c3b 100644 --- a/hostapd/defconfig +++ b/hostapd/defconfig @@ -50,9 +50,6 @@ CONFIG_IAPP=y # WPA2/IEEE 802.11i RSN pre-authentication CONFIG_RSN_PREAUTH=y -# IEEE 802.11w (management frame protection) -CONFIG_IEEE80211W=y - # Support Operating Channel Validation #CONFIG_OCV=y diff --git a/hostapd/hostapd_cli.c b/hostapd/hostapd_cli.c index 046024390..42edb7b25 100644 --- a/hostapd/hostapd_cli.c +++ b/hostapd/hostapd_cli.c @@ -401,7 +401,6 @@ static int hostapd_cli_cmd_signature(struct wpa_ctrl *ctrl, int argc, #endif /* CONFIG_TAXONOMY */ -#ifdef CONFIG_IEEE80211W static int hostapd_cli_cmd_sa_query(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -414,7 +413,6 @@ static int hostapd_cli_cmd_sa_query(struct wpa_ctrl *ctrl, int argc, snprintf(buf, sizeof(buf), "SA_QUERY %s", argv[0]); return wpa_ctrl_command(ctrl, buf); } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS @@ -1542,10 +1540,8 @@ static const struct hostapd_cli_cmd hostapd_cli_commands[] = { { "signature", hostapd_cli_cmd_signature, hostapd_complete_stations, " = get taxonomy signature for a station" }, #endif /* CONFIG_TAXONOMY */ -#ifdef CONFIG_IEEE80211W { "sa_query", hostapd_cli_cmd_sa_query, hostapd_complete_stations, " = send SA Query to a station" }, -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS { "wps_pin", hostapd_cli_cmd_wps_pin, NULL, " [timeout] [addr] = add WPS Enrollee PIN" }, diff --git a/src/ap/Makefile b/src/ap/Makefile index 48f8f238d..bd3f33b77 100644 --- a/src/ap/Makefile +++ b/src/ap/Makefile @@ -15,7 +15,6 @@ CFLAGS += -DCONFIG_HS20 CFLAGS += -DCONFIG_INTERWORKING CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R_AP -CFLAGS += -DCONFIG_IEEE80211W CFLAGS += -DCONFIG_WPS CFLAGS += -DCONFIG_PROXYARP CFLAGS += -DCONFIG_IPV6 diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c index 80a73d6d1..a1aa45090 100644 --- a/src/ap/ap_config.c +++ b/src/ap/ap_config.c @@ -86,11 +86,9 @@ void hostapd_config_defaults_bss(struct hostapd_bss_config *bss) bss->pwd_group = 19; /* ECC: GF(p=256) */ -#ifdef CONFIG_IEEE80211W bss->assoc_sa_query_max_timeout = 1000; bss->assoc_sa_query_retry_timeout = 201; bss->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC; -#endif /* CONFIG_IEEE80211W */ #ifdef EAP_SERVER_FAST /* both anonymous and authenticated provisioning */ bss->eap_fast_prov = 3; diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h index c49b48fca..e219160b0 100644 --- a/src/ap/ap_config.h +++ b/src/ap/ap_config.h @@ -347,14 +347,12 @@ struct hostapd_bss_config { int wpa; /* bitfield of WPA_PROTO_WPA, WPA_PROTO_RSN */ int wpa_key_mgmt; -#ifdef CONFIG_IEEE80211W enum mfp_options ieee80211w; int group_mgmt_cipher; /* dot11AssociationSAQueryMaximumTimeout (in TUs) */ unsigned int assoc_sa_query_max_timeout; /* dot11AssociationSAQueryRetryTimeout (in TUs) */ int assoc_sa_query_retry_timeout; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV int ocv; /* Operating Channel Validation */ #endif /* CONFIG_OCV */ diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index c0ededabe..095810ff7 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -305,9 +305,7 @@ int hostapd_set_drv_ieee8021x(struct hostapd_data *hapd, const char *ifname, params.wpa_pairwise = hapd->conf->wpa_pairwise; params.wpa_key_mgmt = hapd->conf->wpa_key_mgmt; params.rsn_preauth = hapd->conf->rsn_preauth; -#ifdef CONFIG_IEEE80211W params.ieee80211w = hapd->conf->ieee80211w; -#endif /* CONFIG_IEEE80211W */ } return hostapd_set_ieee8021x(hapd, ¶ms); } diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c index 31587685f..c855cd92f 100644 --- a/src/ap/drv_callbacks.c +++ b/src/ap/drv_callbacks.c @@ -111,10 +111,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, struct ieee802_11_elems elems; const u8 *ie; size_t ielen; -#if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) || defined(CONFIG_OWE) u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; u8 *p = buf; -#endif /* CONFIG_IEEE80211R_AP || CONFIG_IEEE80211W || CONFIG_FILS || CONFIG_OWE */ u16 reason = WLAN_REASON_UNSPECIFIED; u16 status = WLAN_STATUS_SUCCESS; const u8 *p2p_dev_addr = NULL; @@ -324,23 +322,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, } else if (res == WPA_INVALID_AKMP) { reason = WLAN_REASON_AKMP_NOT_VALID; status = WLAN_STATUS_AKMP_NOT_VALID; - } -#ifdef CONFIG_IEEE80211W - else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) { + } else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) { reason = WLAN_REASON_INVALID_IE; status = WLAN_STATUS_INVALID_IE; } else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) { reason = WLAN_REASON_CIPHER_SUITE_REJECTED; status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; - } -#endif /* CONFIG_IEEE80211W */ - else { + } else { reason = WLAN_REASON_INVALID_IE; status = WLAN_STATUS_INVALID_IE; } goto fail; } -#ifdef CONFIG_IEEE80211W + if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == (WLAN_STA_ASSOC | WLAN_STA_MFP) && !sta->sa_query_timed_out && @@ -373,7 +367,6 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, sta->flags |= WLAN_STA_MFP; else sta->flags &= ~WLAN_STA_MFP; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R_AP if (sta->auth_alg == WLAN_AUTH_FT) { @@ -1164,12 +1157,10 @@ static void hostapd_action_rx(struct hostapd_data *hapd, return; } #endif /* CONFIG_IEEE80211R_AP */ -#ifdef CONFIG_IEEE80211W if (mgmt->u.action.category == WLAN_ACTION_SA_QUERY) { ieee802_11_sa_query_action(hapd, mgmt, drv_mgmt->frame_len); return; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WNM_AP if (mgmt->u.action.category == WLAN_ACTION_WNM) { ieee802_11_rx_wnm_action_ap(hapd, mgmt, drv_mgmt->frame_len); diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index bf1975fbd..ef988b634 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -299,7 +299,6 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, ifname, i); } } -#ifdef CONFIG_IEEE80211W if (hapd->conf->ieee80211w) { for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) { if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, @@ -311,7 +310,6 @@ static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, } } } -#endif /* CONFIG_IEEE80211W */ } diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 5ae36e1f1..5b859b8a9 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -338,12 +338,10 @@ struct hostapd_data { u8 last_gtk[WPA_GTK_MAX_LEN]; size_t last_gtk_len; -#ifdef CONFIG_IEEE80211W enum wpa_alg last_igtk_alg; int last_igtk_key_idx; u8 last_igtk[WPA_IGTK_MAX_LEN]; size_t last_igtk_len; -#endif /* CONFIG_IEEE80211W */ #endif /* CONFIG_TESTING_OPTIONS */ #ifdef CONFIG_MBO diff --git a/src/ap/hs20.c b/src/ap/hs20.c index 532580e7c..543fa335f 100644 --- a/src/ap/hs20.c +++ b/src/ap/hs20.c @@ -80,13 +80,11 @@ u8 * hostapd_eid_osen(struct hostapd_data *hapd, u8 *eid) /* 4 PTKSA replay counters when using WMM */ capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); } -#ifdef CONFIG_IEEE80211W if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { capab |= WPA_CAPABILITY_MFPC; if (hapd->conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) capab |= WPA_CAPABILITY_MFPR; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV if (hapd->conf->ocv) capab |= WPA_CAPABILITY_OCVC; diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c index dc3c61ff7..fed371db3 100644 --- a/src/ap/ieee802_11.c +++ b/src/ap/ieee802_11.c @@ -1406,12 +1406,10 @@ static u16 wpa_res_to_status_code(int res) return WLAN_STATUS_AKMP_NOT_VALID; if (res == WPA_ALLOC_FAIL) return WLAN_STATUS_UNSPECIFIED_FAILURE; -#ifdef CONFIG_IEEE80211W if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) return WLAN_STATUS_ROBUST_MGMT_FRAME_POLICY_VIOLATION; if (res == WPA_INVALID_MGMT_GROUP_CIPHER) return WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; -#endif /* CONFIG_IEEE80211W */ if (res == WPA_INVALID_MDIE) return WLAN_STATUS_INVALID_MDIE; if (res == WPA_INVALID_PMKID) @@ -3078,7 +3076,6 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, resp = wpa_res_to_status_code(res); if (resp != WLAN_STATUS_SUCCESS) return resp; -#ifdef CONFIG_IEEE80211W if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) == (WLAN_STA_ASSOC | WLAN_STA_MFP) && !sta->sa_query_timed_out && @@ -3105,7 +3102,6 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta, sta->flags |= WLAN_STA_MFP; else sta->flags &= ~WLAN_STA_MFP; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R_AP if (sta->auth_alg == WLAN_AUTH_FT) { @@ -3550,10 +3546,8 @@ static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta, ies, ies_len); #endif /* CONFIG_OWE */ -#ifdef CONFIG_IEEE80211W if (sta && status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY) p = hostapd_eid_assoc_comeback_time(hapd, sta, p); -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211N p = hostapd_eid_ht_capabilities(hapd, p); @@ -4151,7 +4145,6 @@ static void handle_assoc(struct hostapd_data *hapd, */ sta->flags |= WLAN_STA_ASSOC_REQ_OK; -#ifdef CONFIG_IEEE80211W if ((sta->flags & WLAN_STA_MFP) && sta->sa_query_timed_out) { wpa_printf(MSG_DEBUG, "Allowing %sassociation after timed out " "SA Query procedure", reassoc ? "re" : ""); @@ -4162,7 +4155,6 @@ static void handle_assoc(struct hostapd_data *hapd, * trying to associate. */ } -#endif /* CONFIG_IEEE80211W */ /* Make sure that the previously registered inactivity timer will not * remove the STA immediately. */ @@ -4387,13 +4379,11 @@ static void handle_beacon(struct hostapd_data *hapd, } -#ifdef CONFIG_IEEE80211W static int robust_action_frame(u8 category) { return category != WLAN_ACTION_PUBLIC && category != WLAN_ACTION_HT; } -#endif /* CONFIG_IEEE80211W */ static int handle_action(struct hostapd_data *hapd, @@ -4427,7 +4417,6 @@ static int handle_action(struct hostapd_data *hapd, return 0; } -#ifdef CONFIG_IEEE80211W if (sta && (sta->flags & WLAN_STA_MFP) && !(mgmt->frame_control & host_to_le16(WLAN_FC_ISWEP)) && robust_action_frame(mgmt->u.action.category)) { @@ -4437,7 +4426,6 @@ static int handle_action(struct hostapd_data *hapd, "an MFP STA"); return 0; } -#endif /* CONFIG_IEEE80211W */ if (sta) { u16 fc = le_to_host16(mgmt->frame_control); @@ -4471,11 +4459,9 @@ static int handle_action(struct hostapd_data *hapd, case WLAN_ACTION_WMM: hostapd_wmm_action(hapd, mgmt, len); return 1; -#ifdef CONFIG_IEEE80211W case WLAN_ACTION_SA_QUERY: ieee802_11_sa_query_action(hapd, mgmt, len); return 1; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WNM_AP case WLAN_ACTION_WNM: ieee802_11_rx_wnm_action_ap(hapd, mgmt, len); @@ -4857,9 +4843,7 @@ static void handle_assoc_cb(struct hostapd_data *hapd, else mlme_associate_indication(hapd, sta); -#ifdef CONFIG_IEEE80211W sta->sa_query_timed_out = 0; -#endif /* CONFIG_IEEE80211W */ if (sta->eapol_sm == NULL) { /* diff --git a/src/ap/ieee802_11_shared.c b/src/ap/ieee802_11_shared.c index 707381ffe..5007088b5 100644 --- a/src/ap/ieee802_11_shared.c +++ b/src/ap/ieee802_11_shared.c @@ -19,8 +19,6 @@ #include "ieee802_11.h" -#ifdef CONFIG_IEEE80211W - u8 * hostapd_eid_assoc_comeback_time(struct hostapd_data *hapd, struct sta_info *sta, u8 *eid) { @@ -304,8 +302,6 @@ void ieee802_11_sa_query_action(struct hostapd_data *hapd, ap_sta_stop_sa_query(hapd, sta); } -#endif /* CONFIG_IEEE80211W */ - static void hostapd_ext_capab_byte(struct hostapd_data *hapd, u8 *pos, int idx) { diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c index 35fa40015..d0810310c 100644 --- a/src/ap/ieee802_1x.c +++ b/src/ap/ieee802_1x.c @@ -408,7 +408,6 @@ static int add_common_radius_sta_attr_rsn(struct hostapd_data *hapd, return -1; } -#ifdef CONFIG_IEEE80211W if (hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { suite = wpa_cipher_to_suite(WPA_PROTO_RSN, hapd->conf->group_mgmt_cipher); @@ -421,7 +420,6 @@ static int add_common_radius_sta_attr_rsn(struct hostapd_data *hapd, return -1; } } -#endif /* CONFIG_IEEE80211W */ return 0; } diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index 51d788436..d7734ee64 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -46,9 +46,7 @@ static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx); static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); -#ifdef CONFIG_IEEE80211W static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); -#endif /* CONFIG_IEEE80211W */ static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx); @@ -301,10 +299,8 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) os_free(sta->challenge); -#ifdef CONFIG_IEEE80211W os_free(sta->sa_query_trans_id); eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_P2P p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); @@ -1095,8 +1091,6 @@ done: } -#ifdef CONFIG_IEEE80211W - int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) { u32 tu; @@ -1186,8 +1180,6 @@ void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) sta->sa_query_count = 0; } -#endif /* CONFIG_IEEE80211W */ - const char * ap_sta_wpa_get_keyid(struct hostapd_data *hapd, struct sta_info *sta) diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h index 5456a63a7..de806b48f 100644 --- a/src/ap/sta_info.h +++ b/src/ap/sta_info.h @@ -171,7 +171,6 @@ struct sta_info { struct ieee80211_he_capabilities *he_capab; size_t he_capab_len; -#ifdef CONFIG_IEEE80211W int sa_query_count; /* number of pending SA Query requests; * 0 = no SA Query in progress */ int sa_query_timed_out; @@ -179,7 +178,6 @@ struct sta_info { * sa_query_count octets of pending SA Query * transaction identifiers */ struct os_reltime sa_query_start; -#endif /* CONFIG_IEEE80211W */ #if defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP) #define GAS_DIALOG_MAX 8 /* Max concurrent dialog number */ diff --git a/src/ap/wnm_ap.c b/src/ap/wnm_ap.c index 27c69d34a..e4dcfe9e0 100644 --- a/src/ap/wnm_ap.c +++ b/src/ap/wnm_ap.c @@ -150,7 +150,6 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd, pos += gtk_elem_len; wpa_printf(MSG_DEBUG, "Pass 4, gtk_len = %d", (int) gtk_elem_len); -#ifdef CONFIG_IEEE80211W res = wpa_wnmsleep_igtk_subelem(sta->wpa_sm, pos); if (res < 0) goto fail; @@ -158,7 +157,6 @@ static int ieee802_11_send_wnmsleep_resp(struct hostapd_data *hapd, pos += igtk_elem_len; wpa_printf(MSG_DEBUG, "Pass 4 igtk_len = %d", (int) igtk_elem_len); -#endif /* CONFIG_IEEE80211W */ WPA_PUT_LE16((u8 *) &mgmt->u.action.u.wnm_sleep_resp.keydata_len, diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c index c56077001..03c4ce8e7 100644 --- a/src/ap/wpa_auth.c +++ b/src/ap/wpa_auth.c @@ -1818,10 +1818,8 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event) sm->ft_completed = 0; #endif /* CONFIG_IEEE80211R_AP */ -#ifdef CONFIG_IEEE80211W if (sm->mgmt_frame_prot && event == WPA_AUTH) remove_ptk = 0; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_FILS if (wpa_key_mgmt_fils(sm->wpa_key_mgmt) && (event == WPA_AUTH || event == WPA_ASSOC)) @@ -3045,8 +3043,6 @@ SM_STATE(WPA_PTK, PTKCALCNEGOTIATING2) } -#ifdef CONFIG_IEEE80211W - static int ieee80211w_kde_len(struct wpa_state_machine *sm) { if (sm->mgmt_frame_prot) { @@ -3093,21 +3089,6 @@ static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) return pos; } -#else /* CONFIG_IEEE80211W */ - -static int ieee80211w_kde_len(struct wpa_state_machine *sm) -{ - return 0; -} - - -static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos) -{ - return pos; -} - -#endif /* CONFIG_IEEE80211W */ - static int ocv_oci_len(struct wpa_state_machine *sm) { @@ -3746,7 +3727,6 @@ static int wpa_gtk_update(struct wpa_authenticator *wpa_auth, wpa_hexdump_key(MSG_DEBUG, "GTK", group->GTK[group->GN - 1], group->GTK_len); -#ifdef CONFIG_IEEE80211W if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) { size_t len; len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher); @@ -3759,7 +3739,6 @@ static int wpa_gtk_update(struct wpa_authenticator *wpa_auth, wpa_hexdump_key(MSG_DEBUG, "IGTK", group->IGTK[group->GN_igtk - 4], len); } -#endif /* CONFIG_IEEE80211W */ return ret; } @@ -3777,10 +3756,8 @@ static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth, os_memset(group->GTK, 0, sizeof(group->GTK)); group->GN = 1; group->GM = 2; -#ifdef CONFIG_IEEE80211W group->GN_igtk = 4; group->GM_igtk = 5; -#endif /* CONFIG_IEEE80211W */ /* GTK[GN] = CalcGTK() */ wpa_gtk_update(wpa_auth, group); } @@ -3869,7 +3846,6 @@ int wpa_wnmsleep_gtk_subelem(struct wpa_state_machine *sm, u8 *pos) } -#ifdef CONFIG_IEEE80211W int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos) { struct wpa_group *gsm = sm->group; @@ -3898,7 +3874,7 @@ int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos) return pos - start; } -#endif /* CONFIG_IEEE80211W */ + #endif /* CONFIG_WNM_AP */ @@ -3915,11 +3891,9 @@ static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth, tmp = group->GM; group->GM = group->GN; group->GN = tmp; -#ifdef CONFIG_IEEE80211W tmp = group->GM_igtk; group->GM_igtk = group->GN_igtk; group->GN_igtk = tmp; -#endif /* CONFIG_IEEE80211W */ /* "GKeyDoneStations = GNoStations" is done in more robust way by * counting the STAs that are marked with GUpdateStationKeys instead of * including all STAs that could be in not-yet-completed state. */ @@ -3948,7 +3922,6 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, group->GTK[group->GN - 1], group->GTK_len) < 0) ret = -1; -#ifdef CONFIG_IEEE80211W if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) { enum wpa_alg alg; size_t len; @@ -3962,7 +3935,6 @@ static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, group->IGTK[group->GN_igtk - 4], len) < 0) ret = -1; } -#endif /* CONFIG_IEEE80211W */ return ret; } @@ -4100,11 +4072,9 @@ void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth) tmp = group->GM; group->GM = group->GN; group->GN = tmp; -#ifdef CONFIG_IEEE80211W tmp = group->GM_igtk; group->GM_igtk = group->GN_igtk; group->GN_igtk = tmp; -#endif /* CONFIG_IEEE80211W */ wpa_gtk_update(wpa_auth, group); wpa_group_config_group_keys(wpa_auth, group); } @@ -4979,9 +4949,7 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm, void *ctx1, void *ctx2) { u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde, *pos; -#ifdef CONFIG_IEEE80211W u8 *opos; -#endif /* CONFIG_IEEE80211W */ size_t gtk_len, kde_len; struct wpa_group *gsm = sm->group; u8 *wpa_ie; @@ -5078,7 +5046,6 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm, pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, gtk, gtk_len); } -#ifdef CONFIG_IEEE80211W opos = pos; pos = ieee80211w_kde_add(sm, pos); if (pos - opos >= 2 + RSN_SELECTOR_LEN + WPA_IGTK_KDE_PREFIX_LEN) { @@ -5086,7 +5053,6 @@ int wpa_auth_resend_m3(struct wpa_state_machine *sm, opos += 2 + RSN_SELECTOR_LEN + 2; os_memset(opos, 0, 6); /* clear PN */ } -#endif /* CONFIG_IEEE80211W */ if (ocv_oci_add(sm, &pos) < 0) { os_free(kde); return -1; @@ -5157,9 +5123,7 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, struct wpa_group *gsm = sm->group; const u8 *kde; u8 *kde_buf = NULL, *pos, hdr[2]; -#ifdef CONFIG_IEEE80211W u8 *opos; -#endif /* CONFIG_IEEE80211W */ size_t kde_len; u8 *gtk; @@ -5182,7 +5146,6 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, hdr[1] = 0; pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2, gtk, gsm->GTK_len); -#ifdef CONFIG_IEEE80211W opos = pos; pos = ieee80211w_kde_add(sm, pos); if (pos - opos >= @@ -5191,7 +5154,6 @@ int wpa_auth_resend_group_m1(struct wpa_state_machine *sm, opos += 2 + RSN_SELECTOR_LEN + 2; os_memset(opos, 0, 6); /* clear PN */ } -#endif /* CONFIG_IEEE80211W */ if (ocv_oci_add(sm, &pos) < 0) { os_free(kde_buf); return -1; diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h index a348bc25a..2f1b1de6b 100644 --- a/src/ap/wpa_auth.h +++ b/src/ap/wpa_auth.h @@ -187,11 +187,9 @@ struct wpa_auth_config { int disable_pmksa_caching; int okc; int tx_status; -#ifdef CONFIG_IEEE80211W enum mfp_options ieee80211w; int group_mgmt_cipher; int sae_require_mfp; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV int ocv; /* Operating Channel Validation */ #endif /* CONFIG_OCV */ diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c index 696f8d5fa..771f6dd12 100644 --- a/src/ap/wpa_auth_ft.c +++ b/src/ap/wpa_auth_ft.c @@ -2232,7 +2232,6 @@ static u8 * wpa_ft_gtk_subelem(struct wpa_state_machine *sm, size_t *len) } -#ifdef CONFIG_IEEE80211W static u8 * wpa_ft_igtk_subelem(struct wpa_state_machine *sm, size_t *len) { u8 *subelem, *pos; @@ -2279,7 +2278,6 @@ static u8 * wpa_ft_igtk_subelem(struct wpa_state_machine *sm, size_t *len) *len = subelem_len; return subelem; } -#endif /* CONFIG_IEEE80211W */ static u8 * wpa_ft_process_rdie(struct wpa_state_machine *sm, @@ -2487,7 +2485,6 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, r0kh_id_len = sm->r0kh_id_len; anonce = sm->ANonce; snonce = sm->SNonce; -#ifdef CONFIG_IEEE80211W if (sm->mgmt_frame_prot) { u8 *igtk; size_t igtk_len; @@ -2510,7 +2507,6 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, subelem_len += igtk_len; os_free(igtk); } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV if (wpa_auth_uses_ocv(sm)) { struct wpa_channel_info ci; diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c index 0800a8748..c0786cee5 100644 --- a/src/ap/wpa_auth_glue.c +++ b/src/ap/wpa_auth_glue.c @@ -64,11 +64,9 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, wconf->ocv = conf->ocv; #endif /* CONFIG_OCV */ wconf->okc = conf->okc; -#ifdef CONFIG_IEEE80211W wconf->ieee80211w = conf->ieee80211w; wconf->group_mgmt_cipher = conf->group_mgmt_cipher; wconf->sae_require_mfp = conf->sae_require_mfp; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R_AP wconf->ssid_len = conf->ssid.ssid_len; if (wconf->ssid_len > SSID_MAX_LEN) @@ -107,9 +105,7 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, wconf->rsn_pairwise = WPA_CIPHER_CCMP; wconf->rsn_preauth = 0; wconf->disable_pmksa_caching = 1; -#ifdef CONFIG_IEEE80211W wconf->ieee80211w = 1; -#endif /* CONFIG_IEEE80211W */ } #endif /* CONFIG_HS20 */ #ifdef CONFIG_TESTING_OPTIONS @@ -380,7 +376,6 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, os_memcpy(sta->last_tk, key, key_len); sta->last_tk_len = key_len; } -#ifdef CONFIG_IEEE80211W } else if (alg == WPA_ALG_IGTK || alg == WPA_ALG_BIP_GMAC_128 || alg == WPA_ALG_BIP_GMAC_256 || @@ -390,7 +385,6 @@ static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, if (key) os_memcpy(hapd->last_igtk, key, key_len); hapd->last_igtk_len = key_len; -#endif /* CONFIG_IEEE80211W */ } else { hapd->last_gtk_alg = alg; hapd->last_gtk_key_idx = idx; diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h index 4babd0cbb..0d3ab27a2 100644 --- a/src/ap/wpa_auth_i.h +++ b/src/ap/wpa_auth_i.h @@ -190,10 +190,8 @@ struct wpa_group { Boolean changed; Boolean first_sta_seen; Boolean reject_4way_hs_for_entropy; -#ifdef CONFIG_IEEE80211W u8 IGTK[2][WPA_IGTK_MAX_LEN]; int GN_igtk, GM_igtk; -#endif /* CONFIG_IEEE80211W */ /* Number of references except those in struct wpa_group->next */ unsigned int references; unsigned int num_setup_iface; diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c index 2e5c9160d..a285e2594 100644 --- a/src/ap/wpa_auth_ie.c +++ b/src/ap/wpa_auth_ie.c @@ -183,7 +183,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, num_suites++; } #endif /* CONFIG_IEEE80211R_AP */ -#ifdef CONFIG_IEEE80211W if (conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256); pos += RSN_SELECTOR_LEN; @@ -194,7 +193,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, pos += RSN_SELECTOR_LEN; num_suites++; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE if (conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE); @@ -286,13 +284,11 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, /* 4 PTKSA replay counters when using WMM */ capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); } -#ifdef CONFIG_IEEE80211W if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { capab |= WPA_CAPABILITY_MFPC; if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) capab |= WPA_CAPABILITY_MFPR; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV if (conf->ocv) capab |= WPA_CAPABILITY_OCVC; @@ -314,7 +310,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, pos += PMKID_LEN; } -#ifdef CONFIG_IEEE80211W if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION && conf->group_mgmt_cipher != WPA_CIPHER_AES_128_CMAC) { if (2 + 4 > buf + len - pos) @@ -347,7 +342,6 @@ int wpa_write_rsn_ie(struct wpa_auth_config *conf, u8 *buf, size_t len, } pos += RSN_SELECTOR_LEN; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_RSN_TESTING if (rsn_testing) { @@ -411,13 +405,11 @@ static u8 * wpa_write_osen(struct wpa_auth_config *conf, u8 *eid) /* 4 PTKSA replay counters when using WMM */ capab |= (RSN_NUM_REPLAY_COUNTERS_16 << 2); } -#ifdef CONFIG_IEEE80211W if (conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { capab |= WPA_CAPABILITY_MFPC; if (conf->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) capab |= WPA_CAPABILITY_MFPR; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV if (conf->ocv) capab |= WPA_CAPABILITY_OCVC; @@ -607,12 +599,10 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, else if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK) selector = RSN_AUTH_KEY_MGMT_FT_PSK; #endif /* CONFIG_IEEE80211R_AP */ -#ifdef CONFIG_IEEE80211W else if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) selector = RSN_AUTH_KEY_MGMT_802_1X_SHA256; else if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256) selector = RSN_AUTH_KEY_MGMT_PSK_SHA256; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE else if (data.key_mgmt & WPA_KEY_MGMT_SAE) selector = RSN_AUTH_KEY_MGMT_SAE; @@ -717,12 +707,10 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, else if (key_mgmt & WPA_KEY_MGMT_FT_PSK) sm->wpa_key_mgmt = WPA_KEY_MGMT_FT_PSK; #endif /* CONFIG_IEEE80211R_AP */ -#ifdef CONFIG_IEEE80211W else if (key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) sm->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; else if (key_mgmt & WPA_KEY_MGMT_PSK_SHA256) sm->wpa_key_mgmt = WPA_KEY_MGMT_PSK_SHA256; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE else if (key_mgmt & WPA_KEY_MGMT_SAE) sm->wpa_key_mgmt = WPA_KEY_MGMT_SAE; @@ -758,7 +746,6 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, return WPA_INVALID_PAIRWISE; } -#ifdef CONFIG_IEEE80211W if (wpa_auth->conf.ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) { if (!(data.capabilities & WPA_CAPABILITY_MFPC)) { wpa_printf(MSG_DEBUG, "Management frame protection " @@ -807,7 +794,6 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth, "Management frame protection cannot use TKIP"); return WPA_MGMT_FRAME_PROTECTION_VIOLATION; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R_AP if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) { @@ -1024,14 +1010,12 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end, return 0; } -#ifdef CONFIG_IEEE80211W if (pos[1] > RSN_SELECTOR_LEN + 2 && RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) { ie->igtk = pos + 2 + RSN_SELECTOR_LEN; ie->igtk_len = pos[1] - RSN_SELECTOR_LEN; return 0; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_P2P if (pos[1] >= RSN_SELECTOR_LEN + 1 && diff --git a/src/ap/wpa_auth_ie.h b/src/ap/wpa_auth_ie.h index a38b206fd..ad9409e94 100644 --- a/src/ap/wpa_auth_ie.h +++ b/src/ap/wpa_auth_ie.h @@ -19,10 +19,8 @@ struct wpa_eapol_ie_parse { size_t gtk_len; const u8 *mac_addr; size_t mac_addr_len; -#ifdef CONFIG_IEEE80211W const u8 *igtk; size_t igtk_len; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R_AP const u8 *mdie; size_t mdie_len; diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c index 6161cdbdb..33caeaf3a 100644 --- a/src/ap/wps_hostapd.c +++ b/src/ap/wps_hostapd.c @@ -358,12 +358,10 @@ static int hapd_wps_reconfig_in_memory(struct hostapd_data *hapd, (cred->auth_type & WPS_AUTH_WPA2PSK) && cred->key_len != 2 * PMK_LEN) { bss->wpa_key_mgmt |= WPA_KEY_MGMT_SAE; -#ifdef CONFIG_IEEE80211W if (bss->ieee80211w == NO_MGMT_FRAME_PROTECTION) bss->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL; bss->sae_require_mfp = 1; -#endif /* CONFIG_IEEE80211W */ } if (cred->key_len >= 8 && cred->key_len < 64) { @@ -533,9 +531,7 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx) if (wpa) { char *prefix; -#ifdef CONFIG_IEEE80211W int sae = 0; -#endif /* CONFIG_IEEE80211W */ fprintf(nconf, "wpa=%d\n", wpa); @@ -553,13 +549,10 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx) (cred->auth_type & WPS_AUTH_WPA2PSK) && cred->key_len != 2 * PMK_LEN) { fprintf(nconf, "%sSAE", prefix); -#ifdef CONFIG_IEEE80211W sae = 1; -#endif /* CONFIG_IEEE80211W */ } fprintf(nconf, "\n"); -#ifdef CONFIG_IEEE80211W if (sae && hapd->conf->ieee80211w == NO_MGMT_FRAME_PROTECTION) { fprintf(nconf, "ieee80211w=%d\n", MGMT_FRAME_PROTECTION_OPTIONAL); @@ -567,7 +560,6 @@ static int hapd_wps_cred_cb(struct hostapd_data *hapd, void *ctx) } if (sae) fprintf(nconf, "sae_require_mfp=1\n"); -#endif /* CONFIG_IEEE80211W */ fprintf(nconf, "wpa_pairwise="); prefix = ""; diff --git a/src/common/Makefile b/src/common/Makefile index e70363083..ccb280e90 100644 --- a/src/common/Makefile +++ b/src/common/Makefile @@ -9,7 +9,6 @@ install: include ../lib.rules CFLAGS += -DCONFIG_IEEE80211R -CFLAGS += -DCONFIG_IEEE80211W CFLAGS += -DCONFIG_HS20 CFLAGS += -DCONFIG_SAE CFLAGS += -DCONFIG_SUITE diff --git a/src/common/wpa_common.c b/src/common/wpa_common.c index de1e2cf76..142dace4a 100644 --- a/src/common/wpa_common.c +++ b/src/common/wpa_common.c @@ -212,11 +212,9 @@ int wpa_eapol_key_mic(const u8 *key, size_t key_len, int akmp, int ver, return -1; os_memcpy(mic, hash, MD5_MAC_LEN); break; -#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) case WPA_KEY_INFO_TYPE_AES_128_CMAC: wpa_printf(MSG_DEBUG, "WPA: EAPOL-Key MIC using AES-CMAC"); return omac1_aes_128(key, buf, len, mic); -#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */ case WPA_KEY_INFO_TYPE_AKM_DEFINED: switch (akmp) { #ifdef CONFIG_SAE @@ -410,14 +408,10 @@ int wpa_pmk_to_ptk(const u8 *pmk, size_t pmk_len, const char *label, return -1; #endif /* CONFIG_SUITEB192 || CONFIG_FILS */ } else if (wpa_key_mgmt_sha256(akmp) || akmp == WPA_KEY_MGMT_OWE) { -#if defined(CONFIG_IEEE80211W) || defined(CONFIG_SAE) || defined(CONFIG_FILS) wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)"); if (sha256_prf(pmk, pmk_len, label, data, data_len, tmp, ptk_len) < 0) return -1; -#else /* CONFIG_IEEE80211W or CONFIG_SAE or CONFIG_FILS */ - return -1; -#endif /* CONFIG_IEEE80211W or CONFIG_SAE or CONFIG_FILS */ #ifdef CONFIG_DPP } else if (akmp == WPA_KEY_MGMT_DPP && pmk_len == 32) { wpa_printf(MSG_DEBUG, "WPA: PTK derivation using PRF(SHA256)"); @@ -892,12 +886,10 @@ static int wpa_ft_parse_ftie(const u8 *ie, size_t ie_len, parse->r0kh_id = pos; parse->r0kh_id_len = len; break; -#ifdef CONFIG_IEEE80211W case FTIE_SUBELEM_IGTK: parse->igtk = pos; parse->igtk_len = len; break; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV case FTIE_SUBELEM_OCI: parse->oci = pos; @@ -1092,10 +1084,8 @@ static int rsn_selector_to_bitfield(const u8 *s) return WPA_CIPHER_TKIP; if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP) return WPA_CIPHER_CCMP; -#ifdef CONFIG_IEEE80211W if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_AES_128_CMAC) return WPA_CIPHER_AES_128_CMAC; -#endif /* CONFIG_IEEE80211W */ if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_GCMP) return WPA_CIPHER_GCMP; if (RSN_SELECTOR_GET(s) == RSN_CIPHER_SUITE_CCMP_256) @@ -1130,12 +1120,10 @@ static int rsn_key_mgmt_to_bitfield(const u8 *s) return WPA_KEY_MGMT_FT_IEEE8021X_SHA384; #endif /* CONFIG_SHA384 */ #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_802_1X_SHA256) return WPA_KEY_MGMT_IEEE8021X_SHA256; if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_PSK_SHA256) return WPA_KEY_MGMT_PSK_SHA256; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE if (RSN_SELECTOR_GET(s) == RSN_AUTH_KEY_MGMT_SAE) return WPA_KEY_MGMT_SAE; @@ -1175,7 +1163,6 @@ int wpa_cipher_valid_group(int cipher) } -#ifdef CONFIG_IEEE80211W int wpa_cipher_valid_mgmt_group(int cipher) { return cipher == WPA_CIPHER_AES_128_CMAC || @@ -1183,7 +1170,6 @@ int wpa_cipher_valid_mgmt_group(int cipher) cipher == WPA_CIPHER_BIP_GMAC_256 || cipher == WPA_CIPHER_BIP_CMAC_256; } -#endif /* CONFIG_IEEE80211W */ /** @@ -1208,11 +1194,7 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len, data->capabilities = 0; data->pmkid = NULL; data->num_pmkid = 0; -#ifdef CONFIG_IEEE80211W data->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; -#else /* CONFIG_IEEE80211W */ - data->mgmt_group_cipher = 0; -#endif /* CONFIG_IEEE80211W */ if (rsn_ie_len == 0) { /* No RSN IE - fail silently */ @@ -1287,13 +1269,11 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len, pos += RSN_SELECTOR_LEN; left -= RSN_SELECTOR_LEN; } -#ifdef CONFIG_IEEE80211W if (data->pairwise_cipher & WPA_CIPHER_AES_128_CMAC) { wpa_printf(MSG_DEBUG, "%s: AES-128-CMAC used as " "pairwise cipher", __func__); return -1; } -#endif /* CONFIG_IEEE80211W */ } else if (left == 1) { wpa_printf(MSG_DEBUG, "%s: ie too short (for key mgmt)", __func__); @@ -1345,7 +1325,6 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len, } } -#ifdef CONFIG_IEEE80211W if (left >= 4) { data->mgmt_group_cipher = rsn_selector_to_bitfield(pos); if (!wpa_cipher_valid_mgmt_group(data->mgmt_group_cipher)) { @@ -1358,7 +1337,6 @@ int wpa_parse_wpa_ie_rsn(const u8 *rsn_ie, size_t rsn_ie_len, pos += RSN_SELECTOR_LEN; left -= RSN_SELECTOR_LEN; } -#endif /* CONFIG_IEEE80211W */ if (left > 0) { wpa_hexdump(MSG_DEBUG, @@ -1857,11 +1835,9 @@ void rsn_pmkid(const u8 *pmk, size_t pmk_len, const u8 *aa, const u8 *spa, wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-384"); hmac_sha384_vector(pmk, pmk_len, 3, addr, len, hash); #endif /* CONFIG_FILS || CONFIG_SHA384 */ -#if defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) } else if (wpa_key_mgmt_sha256(akmp)) { wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-256"); hmac_sha256_vector(pmk, pmk_len, 3, addr, len, hash); -#endif /* CONFIG_IEEE80211W || CONFIG_FILS */ } else { wpa_printf(MSG_DEBUG, "RSN: Derive PMKID using HMAC-SHA-1"); hmac_sha1_vector(pmk, pmk_len, 3, addr, len, hash); @@ -2012,12 +1988,10 @@ const char * wpa_key_mgmt_txt(int key_mgmt, int proto) case WPA_KEY_MGMT_FT_PSK: return "FT-PSK"; #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W case WPA_KEY_MGMT_IEEE8021X_SHA256: return "WPA2-EAP-SHA256"; case WPA_KEY_MGMT_PSK_SHA256: return "WPA2-PSK-SHA256"; -#endif /* CONFIG_IEEE80211W */ case WPA_KEY_MGMT_WPS: return "WPS"; case WPA_KEY_MGMT_SAE: diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h index 717026784..35bec0415 100644 --- a/src/common/wpa_common.h +++ b/src/common/wpa_common.h @@ -104,9 +104,7 @@ WPA_CIPHER_BIP_CMAC_256) #endif #define RSN_KEY_DATA_MAC_ADDR RSN_SELECTOR(0x00, 0x0f, 0xac, 3) #define RSN_KEY_DATA_PMKID RSN_SELECTOR(0x00, 0x0f, 0xac, 4) -#ifdef CONFIG_IEEE80211W #define RSN_KEY_DATA_IGTK RSN_SELECTOR(0x00, 0x0f, 0xac, 9) -#endif /* CONFIG_IEEE80211W */ #define RSN_KEY_DATA_KEYID RSN_SELECTOR(0x00, 0x0f, 0xac, 10) #define RSN_KEY_DATA_MULTIBAND_GTK RSN_SELECTOR(0x00, 0x0f, 0xac, 11) #define RSN_KEY_DATA_MULTIBAND_KEYID RSN_SELECTOR(0x00, 0x0f, 0xac, 12) @@ -130,10 +128,8 @@ WPA_CIPHER_BIP_CMAC_256) #pragma pack(push, 1) #endif /* _MSC_VER */ -#ifdef CONFIG_IEEE80211W #define WPA_IGTK_LEN 16 #define WPA_IGTK_MAX_LEN 32 -#endif /* CONFIG_IEEE80211W */ /* IEEE 802.11, 7.3.2.25.3 RSN Capabilities */ @@ -226,12 +222,10 @@ struct wpa_gtk { size_t gtk_len; }; -#ifdef CONFIG_IEEE80211W struct wpa_igtk { u8 igtk[WPA_IGTK_MAX_LEN]; size_t igtk_len; }; -#endif /* CONFIG_IEEE80211W */ /* WPA IE version 1 * 00-50-f2:1 (OUI:OUI type) @@ -291,14 +285,12 @@ struct rsn_error_kde { be16 error_type; } STRUCT_PACKED; -#ifdef CONFIG_IEEE80211W #define WPA_IGTK_KDE_PREFIX_LEN (2 + 6) struct wpa_igtk_kde { u8 keyid[2]; u8 pn[6]; u8 igtk[WPA_IGTK_MAX_LEN]; } STRUCT_PACKED; -#endif /* CONFIG_IEEE80211W */ struct rsn_mdie { u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; diff --git a/src/drivers/driver_atheros.c b/src/drivers/driver_atheros.c index 840d4ff40..eac3ae8af 100644 --- a/src/drivers/driver_atheros.c +++ b/src/drivers/driver_atheros.c @@ -59,10 +59,6 @@ #include "netlink.h" #include "linux_ioctl.h" -#if defined(CONFIG_IEEE80211W) || defined(CONFIG_IEEE80211R) || defined(CONFIG_HS20) || defined(CONFIG_WNM) || defined(CONFIG_WPS) || defined(CONFIG_FILS) -#define ATHEROS_USE_RAW_RECEIVE -#endif - struct atheros_driver_data { struct hostapd_data *hapd; /* back pointer */ @@ -366,13 +362,11 @@ atheros_configure_wpa(struct atheros_driver_data *drv, v = 0; if (params->rsn_preauth) v |= BIT(0); -#ifdef CONFIG_IEEE80211W if (params->ieee80211w != NO_MGMT_FRAME_PROTECTION) { v |= BIT(7); if (params->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) v |= BIT(6); } -#endif /* CONFIG_IEEE80211W */ wpa_printf(MSG_DEBUG, "%s: rsn capabilities=0x%x", __func__, v); if (set80211param(drv, IEEE80211_PARAM_RSNCAPS, v)) { @@ -534,7 +528,6 @@ atheros_set_key(const char *ifname, void *priv, enum wpa_alg alg, cipher = IEEE80211_CIPHER_AES_GCM_256; break; #endif /* ATH_GCM_SUPPORT */ -#ifdef CONFIG_IEEE80211W case WPA_ALG_IGTK: cipher = IEEE80211_CIPHER_AES_CMAC; break; @@ -549,7 +542,6 @@ atheros_set_key(const char *ifname, void *priv, enum wpa_alg alg, cipher = IEEE80211_CIPHER_AES_GMAC_256; break; #endif /* ATH_GCM_SUPPORT */ -#endif /* CONFIG_IEEE80211W */ default: wpa_printf(MSG_INFO, "%s: unknown/unsupported algorithm %d", __func__, alg); @@ -856,7 +848,7 @@ static int atheros_set_qos_map(void *ctx, const u8 *qos_map_set, return 0; } -#ifdef ATHEROS_USE_RAW_RECEIVE + static void atheros_raw_receive(void *ctx, const u8 *src_addr, const u8 *buf, size_t len) { @@ -953,7 +945,7 @@ static void atheros_raw_receive(void *ctx, const u8 *src_addr, const u8 *buf, break; } } -#endif /* ATHEROS_USE_RAW_RECEIVE */ + static int atheros_receive_pkt(struct atheros_driver_data *drv) { @@ -965,11 +957,9 @@ static int atheros_receive_pkt(struct atheros_driver_data *drv) #ifdef CONFIG_WPS filt.app_filterype |= IEEE80211_FILTER_TYPE_PROBE_REQ; #endif /* CONFIG_WPS */ -#if defined(CONFIG_IEEE80211W) || defined(CONFIG_IEEE80211R) || defined(CONFIG_FILS) filt.app_filterype |= (IEEE80211_FILTER_TYPE_ASSOC_REQ | IEEE80211_FILTER_TYPE_AUTH | IEEE80211_FILTER_TYPE_ACTION); -#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */ #ifdef CONFIG_WNM filt.app_filterype |= IEEE80211_FILTER_TYPE_ACTION; #endif /* CONFIG_WNM */ @@ -1069,7 +1059,6 @@ atheros_set_ap_wps_ie(void *priv, const struct wpabuf *beacon, #define atheros_set_ap_wps_ie NULL #endif /* CONFIG_WPS */ -#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) static int atheros_sta_auth(void *priv, struct wpa_driver_sta_auth_params *params) { @@ -1169,7 +1158,7 @@ atheros_sta_assoc(void *priv, const u8 *own_addr, const u8 *addr, } return ret; } -#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */ + static void atheros_new_sta(struct atheros_driver_data *drv, u8 addr[IEEE80211_ADDR_LEN]) @@ -1315,7 +1304,6 @@ atheros_wireless_event_wireless_custom(struct atheros_driver_data *drv, atheros_raw_receive(drv, NULL, (u8 *) custom + MGMT_FRAM_TAG_SIZE, len); #endif /* CONFIG_WPS */ -#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) } else if (os_strncmp(custom, "Manage.assoc_req ", 17) == 0) { /* Format: "Manage.assoc_req " | zero padding | * frame */ @@ -1339,8 +1327,6 @@ atheros_wireless_event_wireless_custom(struct atheros_driver_data *drv, } atheros_raw_receive(drv, NULL, (u8 *) custom + MGMT_FRAM_TAG_SIZE, len); -#endif /* CONFIG_IEEE80211W || CONFIG_IEEE80211R || CONFIG_FILS */ -#ifdef ATHEROS_USE_RAW_RECEIVE } else if (os_strncmp(custom, "Manage.action ", 14) == 0) { /* Format: "Manage.assoc_req " | zero padding | frame */ @@ -1353,7 +1339,6 @@ atheros_wireless_event_wireless_custom(struct atheros_driver_data *drv, } atheros_raw_receive(drv, NULL, (u8 *) custom + MGMT_FRAM_TAG_SIZE, len); -#endif /* ATHEROS_USE_RAW_RECEIVE */ } } @@ -1973,8 +1958,6 @@ static int atheros_set_ap(void *priv, struct wpa_driver_ap_params *params) } -#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) - static int atheros_send_mgmt(void *priv, const u8 *frm, size_t data_len, int noack, unsigned int freq, const u16 *csa_offs, size_t csa_offs_len) @@ -1999,7 +1982,6 @@ static int atheros_send_mgmt(void *priv, const u8 *frm, size_t data_len, return set80211priv(drv, IEEE80211_IOCTL_SEND_MGMT, mgmt_frm, sizeof(struct ieee80211req_mgmtbuf) + data_len); } -#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */ #ifdef CONFIG_IEEE80211R @@ -2283,11 +2265,9 @@ const struct wpa_driver_ops wpa_driver_atheros_ops = { .set_ap_wps_ie = atheros_set_ap_wps_ie, .set_authmode = atheros_set_authmode, .set_ap = atheros_set_ap, -#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) || defined(CONFIG_FILS) .sta_assoc = atheros_sta_assoc, .sta_auth = atheros_sta_auth, .send_mlme = atheros_send_mgmt, -#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W || CONFIG_FILS */ #ifdef CONFIG_IEEE80211R .add_tspec = atheros_add_tspec, .add_sta_node = atheros_add_sta_node, diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 7b31b52c7..4133aa6af 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -2240,7 +2240,6 @@ static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss) 6) < 0) ret = -1; #endif /* CONFIG_DPP */ -#ifdef CONFIG_IEEE80211W #ifdef CONFIG_OCV /* SA Query Request */ if (nl80211_register_action_frame(bss, (u8 *) "\x08\x00", 2) < 0) @@ -2249,7 +2248,6 @@ static int nl80211_mgmt_subscribe_non_ap(struct i802_bss *bss) /* SA Query Response */ if (nl80211_register_action_frame(bss, (u8 *) "\x08\x01", 2) < 0) ret = -1; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_TDLS if ((drv->capa.flags & WPA_DRIVER_FLAGS_TDLS_SUPPORT)) { /* TDLS Discovery Response */ @@ -2385,11 +2383,9 @@ static int nl80211_action_subscribe_ap(struct i802_bss *bss) /* FT Action frames */ if (nl80211_register_action_frame(bss, (u8 *) "\x06", 1) < 0) ret = -1; -#ifdef CONFIG_IEEE80211W /* SA Query */ if (nl80211_register_action_frame(bss, (u8 *) "\x08", 1) < 0) ret = -1; -#endif /* CONFIG_IEEE80211W */ /* Protected Dual of Public Action */ if (nl80211_register_action_frame(bss, (u8 *) "\x09", 1) < 0) ret = -1; diff --git a/src/drivers/driver_wext.c b/src/drivers/driver_wext.c index 4d4a05d0c..32c297138 100644 --- a/src/drivers/driver_wext.c +++ b/src/drivers/driver_wext.c @@ -1767,11 +1767,9 @@ static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg, case WPA_ALG_PMK: ext->alg = IW_ENCODE_ALG_PMK; break; -#ifdef CONFIG_IEEE80211W case WPA_ALG_IGTK: ext->alg = IW_ENCODE_ALG_AES_CMAC; break; -#endif /* CONFIG_IEEE80211W */ default: wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d", __FUNCTION__, alg); @@ -2201,7 +2199,6 @@ int wpa_driver_wext_associate(void *priv, IW_AUTH_RX_UNENCRYPTED_EAPOL, allow_unencrypted_eapol) < 0) ret = -1; -#ifdef CONFIG_IEEE80211W switch (params->mgmt_frame_protection) { case NO_MGMT_FRAME_PROTECTION: value = IW_AUTH_MFP_DISABLED; @@ -2215,7 +2212,6 @@ int wpa_driver_wext_associate(void *priv, }; if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0) ret = -1; -#endif /* CONFIG_IEEE80211W */ if (params->freq.freq && wpa_driver_wext_set_freq(drv, params->freq.freq) < 0) ret = -1; diff --git a/src/rsn_supp/Makefile b/src/rsn_supp/Makefile index c2d81f279..eea0efba9 100644 --- a/src/rsn_supp/Makefile +++ b/src/rsn_supp/Makefile @@ -8,7 +8,6 @@ install: include ../lib.rules -CFLAGS += -DCONFIG_IEEE80211W CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_TDLS CFLAGS += -DCONFIG_WNM diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index c929e8194..637263489 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1051,7 +1051,6 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm, } -#ifdef CONFIG_IEEE80211W static int wpa_supplicant_install_igtk(struct wpa_sm *sm, const struct wpa_igtk_kde *igtk, int wnm_sleep) @@ -1118,13 +1117,11 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, return 0; } -#endif /* CONFIG_IEEE80211W */ static int ieee80211w_set_keys(struct wpa_sm *sm, struct wpa_eapol_ie_parse *ie) { -#ifdef CONFIG_IEEE80211W if (!wpa_cipher_valid_mgmt_group(sm->mgmt_group_cipher)) return 0; @@ -1142,9 +1139,6 @@ static int ieee80211w_set_keys(struct wpa_sm *sm, } return 0; -#else /* CONFIG_IEEE80211W */ - return 0; -#endif /* CONFIG_IEEE80211W */ } @@ -1455,7 +1449,6 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, "WPA: GTK IE in unencrypted key data"); goto failed; } -#ifdef CONFIG_IEEE80211W if (ie.igtk && !(key_info & WPA_KEY_INFO_ENCR_KEY_DATA)) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: IGTK KDE in unencrypted key data"); @@ -1471,7 +1464,6 @@ static void wpa_supplicant_process_3_of_4(struct wpa_sm *sm, (unsigned long) ie.igtk_len); goto failed; } -#endif /* CONFIG_IEEE80211W */ if (wpa_supplicant_validate_ie(sm, sm->bssid, &ie) < 0) goto failed; @@ -2294,9 +2286,7 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, key_info = WPA_GET_BE16(key->key_info); ver = key_info & WPA_KEY_INFO_TYPE_MASK; if (ver != WPA_KEY_INFO_TYPE_HMAC_MD5_RC4 && -#if defined(CONFIG_IEEE80211R) || defined(CONFIG_IEEE80211W) ver != WPA_KEY_INFO_TYPE_AES_128_CMAC && -#endif /* CONFIG_IEEE80211R || CONFIG_IEEE80211W */ ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES && !wpa_use_akm_defined(sm->key_mgmt)) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, @@ -2324,7 +2314,6 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, } } else #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W if (wpa_key_mgmt_sha256(sm->key_mgmt)) { if (ver != WPA_KEY_INFO_TYPE_AES_128_CMAC && !wpa_use_akm_defined(sm->key_mgmt)) { @@ -2333,11 +2322,9 @@ int wpa_sm_rx_eapol(struct wpa_sm *sm, const u8 *src_addr, "negotiated AES-128-CMAC"); goto out; } - } else -#endif /* CONFIG_IEEE80211W */ - if (sm->pairwise_cipher == WPA_CIPHER_CCMP && - !wpa_use_akm_defined(sm->key_mgmt) && - ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { + } else if (sm->pairwise_cipher == WPA_CIPHER_CCMP && + !wpa_use_akm_defined(sm->key_mgmt) && + ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) { wpa_msg(sm->ctx->msg_ctx, MSG_INFO, "WPA: CCMP is used, but EAPOL-Key " "descriptor version (%d) is not 2", ver); @@ -2480,12 +2467,10 @@ static u32 wpa_key_mgmt_suite(struct wpa_sm *sm) case WPA_KEY_MGMT_FT_PSK: return RSN_AUTH_KEY_MGMT_FT_PSK; #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W case WPA_KEY_MGMT_IEEE8021X_SHA256: return RSN_AUTH_KEY_MGMT_802_1X_SHA256; case WPA_KEY_MGMT_PSK_SHA256: return RSN_AUTH_KEY_MGMT_PSK_SHA256; -#endif /* CONFIG_IEEE80211W */ case WPA_KEY_MGMT_CCKM: return (sm->proto == WPA_PROTO_RSN ? RSN_AUTH_KEY_MGMT_CCKM: @@ -2768,10 +2753,8 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid) os_memset(&sm->tptk, 0, sizeof(sm->tptk)); os_memset(&sm->gtk, 0, sizeof(sm->gtk)); os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); -#ifdef CONFIG_IEEE80211W os_memset(&sm->igtk, 0, sizeof(sm->igtk)); os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); -#endif /* CONFIG_IEEE80211W */ } #ifdef CONFIG_TDLS @@ -3043,11 +3026,9 @@ int wpa_sm_set_param(struct wpa_sm *sm, enum wpa_sm_conf_params param, case WPA_PARAM_KEY_MGMT: sm->key_mgmt = value; break; -#ifdef CONFIG_IEEE80211W case WPA_PARAM_MGMT_GROUP: sm->mgmt_group_cipher = value; break; -#endif /* CONFIG_IEEE80211W */ case WPA_PARAM_RSN_ENABLED: sm->rsn_enabled = value; break; @@ -3375,10 +3356,8 @@ void wpa_sm_drop_sa(struct wpa_sm *sm) os_memset(&sm->tptk, 0, sizeof(sm->tptk)); os_memset(&sm->gtk, 0, sizeof(sm->gtk)); os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep)); -#ifdef CONFIG_IEEE80211W os_memset(&sm->igtk, 0, sizeof(sm->igtk)); os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep)); -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_IEEE80211R os_memset(sm->xxkey, 0, sizeof(sm->xxkey)); sm->xxkey_len = 0; @@ -3452,14 +3431,12 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf) return -1; } forced_memzero(&gd, sizeof(gd)); -#ifdef CONFIG_IEEE80211W } else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) { const struct wpa_igtk_kde *igtk; igtk = (const struct wpa_igtk_kde *) (buf + 2); if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0) return -1; -#endif /* CONFIG_IEEE80211W */ } else { wpa_printf(MSG_DEBUG, "Unknown element id"); return -1; @@ -4019,10 +3996,8 @@ static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf) /* RSN Capabilities */ capab = 0; -#ifdef CONFIG_IEEE80211W if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) capab |= WPA_CAPABILITY_MFPC; -#endif /* CONFIG_IEEE80211W */ if (sm->ocv) capab |= WPA_CAPABILITY_OCVC; wpabuf_put_le16(buf, capab); @@ -4062,13 +4037,11 @@ static int fils_ft_build_assoc_req_rsne(struct wpa_sm *sm, struct wpabuf *buf) WPA_PMK_NAME_LEN); os_memcpy(pos, sm->pmk_r1_name, WPA_PMK_NAME_LEN); -#ifdef CONFIG_IEEE80211W if (sm->mgmt_group_cipher == WPA_CIPHER_AES_128_CMAC) { /* Management Group Cipher Suite */ pos = wpabuf_put(buf, RSN_SELECTOR_LEN); RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_AES_128_CMAC); } -#endif /* CONFIG_IEEE80211W */ rsnie->len = ((u8 *) wpabuf_put(buf, 0) - (u8 *) rsnie) - 2; return 0; diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index f698ff4eb..a6da3471a 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -246,12 +246,10 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, /* RSN Capabilities */ capab = 0; -#ifdef CONFIG_IEEE80211W if (sm->mfp) capab |= WPA_CAPABILITY_MFPC; if (sm->mfp == 2) capab |= WPA_CAPABILITY_MFPR; -#endif /* CONFIG_IEEE80211W */ if (sm->ocv) capab |= WPA_CAPABILITY_OCVC; WPA_PUT_LE16(pos, capab); @@ -265,7 +263,6 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, os_memcpy(pos, pmk_name, WPA_PMK_NAME_LEN); pos += WPA_PMK_NAME_LEN; -#ifdef CONFIG_IEEE80211W /* Management Group Cipher Suite */ switch (sm->mgmt_group_cipher) { case WPA_CIPHER_AES_128_CMAC: @@ -285,7 +282,6 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len, pos += RSN_SELECTOR_LEN; break; } -#endif /* CONFIG_IEEE80211W */ rsnie->len = (pos - (u8 *) rsnie) - 2; @@ -597,13 +593,11 @@ int wpa_ft_process_response(struct wpa_sm *sm, const u8 *ies, size_t ies_len, return -1; } -#ifdef CONFIG_IEEE80211W if (sm->mfp == 2 && !(parse.rsn_capab & WPA_CAPABILITY_MFPC)) { wpa_printf(MSG_INFO, "FT: Target AP does not support PMF, but local configuration requires that"); return -1; } -#endif /* CONFIG_IEEE80211W */ os_memcpy(sm->r1kh_id, parse.r1kh_id, FT_R1KH_ID_LEN); wpa_hexdump(MSG_DEBUG, "FT: R1KH-ID", sm->r1kh_id, FT_R1KH_ID_LEN); @@ -774,7 +768,6 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, } -#ifdef CONFIG_IEEE80211W static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, size_t igtk_elem_len) { @@ -842,7 +835,6 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, return 0; } -#endif /* CONFIG_IEEE80211W */ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, @@ -1025,10 +1017,8 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies, if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0) return -1; -#ifdef CONFIG_IEEE80211W if (wpa_ft_process_igtk_subelem(sm, parse.igtk, parse.igtk_len) < 0) return -1; -#endif /* CONFIG_IEEE80211W */ if (sm->set_ptk_after_assoc) { wpa_printf(MSG_DEBUG, "FT: Try to set PTK again now that we " diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index d86734b0d..129dfb14a 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -31,10 +31,8 @@ struct wpa_sm { u8 request_counter[WPA_REPLAY_COUNTER_LEN]; struct wpa_gtk gtk; struct wpa_gtk gtk_wnm_sleep; -#ifdef CONFIG_IEEE80211W struct wpa_igtk igtk; struct wpa_igtk igtk_wnm_sleep; -#endif /* CONFIG_IEEE80211W */ struct eapol_sm *eapol; /* EAPOL state machine from upper level code */ diff --git a/src/rsn_supp/wpa_ie.c b/src/rsn_supp/wpa_ie.c index ae9f4ca24..809f208f0 100644 --- a/src/rsn_supp/wpa_ie.c +++ b/src/rsn_supp/wpa_ie.c @@ -168,12 +168,10 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len, } else if (key_mgmt == WPA_KEY_MGMT_FT_PSK) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_FT_PSK); #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W } else if (key_mgmt == WPA_KEY_MGMT_IEEE8021X_SHA256) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_802_1X_SHA256); } else if (key_mgmt == WPA_KEY_MGMT_PSK_SHA256) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_PSK_SHA256); -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE } else if (key_mgmt == WPA_KEY_MGMT_SAE) { RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_SAE); @@ -217,12 +215,10 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len, /* RSN Capabilities */ capab = 0; -#ifdef CONFIG_IEEE80211W if (sm->mfp) capab |= WPA_CAPABILITY_MFPC; if (sm->mfp == 2) capab |= WPA_CAPABILITY_MFPR; -#endif /* CONFIG_IEEE80211W */ if (sm->ocv) capab |= WPA_CAPABILITY_OCVC; WPA_PUT_LE16(pos, capab); @@ -237,7 +233,6 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len, pos += PMKID_LEN; } -#ifdef CONFIG_IEEE80211W if (wpa_cipher_valid_mgmt_group(mgmt_group_cipher)) { if (!sm->cur_pmksa) { /* PMKID Count */ @@ -250,7 +245,6 @@ static int wpa_gen_wpa_ie_rsn(u8 *rsn_ie, size_t rsn_ie_len, mgmt_group_cipher)); pos += RSN_SELECTOR_LEN; } -#endif /* CONFIG_IEEE80211W */ hdr->len = (pos - rsn_ie) - 2; @@ -435,7 +429,6 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end, return 0; } -#ifdef CONFIG_IEEE80211W if (pos[1] > RSN_SELECTOR_LEN + 2 && RSN_SELECTOR_GET(pos + 2) == RSN_KEY_DATA_IGTK) { ie->igtk = pos + 2 + RSN_SELECTOR_LEN; @@ -444,7 +437,6 @@ static int wpa_parse_generic(const u8 *pos, const u8 *end, pos, pos[1] + 2); return 0; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_P2P if (pos[1] >= RSN_SELECTOR_LEN + 1 && diff --git a/src/rsn_supp/wpa_ie.h b/src/rsn_supp/wpa_ie.h index 9d53973a9..77ebe2172 100644 --- a/src/rsn_supp/wpa_ie.h +++ b/src/rsn_supp/wpa_ie.h @@ -21,10 +21,8 @@ struct wpa_eapol_ie_parse { size_t gtk_len; const u8 *mac_addr; size_t mac_addr_len; -#ifdef CONFIG_IEEE80211W const u8 *igtk; size_t igtk_len; -#endif /* CONFIG_IEEE80211W */ const u8 *mdie; size_t mdie_len; const u8 *ftie; diff --git a/tests/Makefile b/tests/Makefile index 95855aa3b..ee07921a4 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -32,7 +32,6 @@ CFLAGS += -DTEST_FUZZ endif CFLAGS += -DCONFIG_IEEE80211R_AP -CFLAGS += -DCONFIG_IEEE80211W CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_TDLS diff --git a/tests/build/build-hostapd-internal.config b/tests/build/build-hostapd-internal.config index 926b92131..ca0216b77 100644 --- a/tests/build/build-hostapd-internal.config +++ b/tests/build/build-hostapd-internal.config @@ -42,7 +42,6 @@ CONFIG_FULL_DYNAMIC_VLAN=y CONFIG_VLAN_NETLINK=y CONFIG_LIBNL32=y CONFIG_LIBNL3_ROUTE=y -CONFIG_IEEE80211W=y CONFIG_IEEE80211R=y CONFIG_IEEE80211N=y CONFIG_IEEE80211AC=y diff --git a/tests/build/build-wpa_supplicant-gnutls.config b/tests/build/build-wpa_supplicant-gnutls.config index 8aa0611b8..61fcb7a65 100644 --- a/tests/build/build-wpa_supplicant-gnutls.config +++ b/tests/build/build-wpa_supplicant-gnutls.config @@ -13,5 +13,4 @@ CONFIG_EAP_PAX=y CONFIG_EAP_FAST=y CONFIG_EAP_IKEV2=y -CONFIG_IEEE80211W=y CFLAGS += -Werror diff --git a/tests/build/build-wpa_supplicant-internal.config b/tests/build/build-wpa_supplicant-internal.config index 5a92a637a..ba55e8ffe 100644 --- a/tests/build/build-wpa_supplicant-internal.config +++ b/tests/build/build-wpa_supplicant-internal.config @@ -46,7 +46,6 @@ CONFIG_OCSP=y #CONFIG_CTRL_IFACE_DBUS_NEW=y #CONFIG_CTRL_IFACE_DBUS_INTRO=y -CONFIG_IEEE80211W=y CONFIG_IEEE80211R=y CONFIG_IEEE80211N=y CONFIG_IEEE80211AC=y diff --git a/tests/build/build-wpa_supplicant-libressl-2.8.config b/tests/build/build-wpa_supplicant-libressl-2.8.config index 96f9e670b..3572a93ce 100644 --- a/tests/build/build-wpa_supplicant-libressl-2.8.config +++ b/tests/build/build-wpa_supplicant-libressl-2.8.config @@ -24,5 +24,4 @@ CONFIG_FILS_SK_PFS=y CONFIG_OWE=y CONFIG_DPP=y -CONFIG_IEEE80211W=y CFLAGS += -Werror diff --git a/tests/build/build-wpa_supplicant-libressl-2.9.config b/tests/build/build-wpa_supplicant-libressl-2.9.config index 6b0d31bcb..6500ca64d 100644 --- a/tests/build/build-wpa_supplicant-libressl-2.9.config +++ b/tests/build/build-wpa_supplicant-libressl-2.9.config @@ -24,5 +24,4 @@ CONFIG_FILS_SK_PFS=y CONFIG_OWE=y CONFIG_DPP=y -CONFIG_IEEE80211W=y CFLAGS += -Werror diff --git a/tests/build/build-wpa_supplicant-linux.config b/tests/build/build-wpa_supplicant-linux.config index a4cd613b5..6939a60d3 100644 --- a/tests/build/build-wpa_supplicant-linux.config +++ b/tests/build/build-wpa_supplicant-linux.config @@ -13,5 +13,4 @@ CONFIG_EAP_PAX=y CONFIG_EAP_FAST=y CONFIG_EAP_IKEV2=y -CONFIG_IEEE80211W=y CFLAGS += -Werror diff --git a/tests/build/build-wpa_supplicant-openssl-1.0.2.config b/tests/build/build-wpa_supplicant-openssl-1.0.2.config index 10f49fd36..b484341fd 100644 --- a/tests/build/build-wpa_supplicant-openssl-1.0.2.config +++ b/tests/build/build-wpa_supplicant-openssl-1.0.2.config @@ -26,5 +26,4 @@ CONFIG_DPP=y CONFIG_SUITEB=y CONFIG_SUITEB192=y -CONFIG_IEEE80211W=y CFLAGS += -Werror diff --git a/tests/build/build-wpa_supplicant-openssl-1.1.0.config b/tests/build/build-wpa_supplicant-openssl-1.1.0.config index d4befd9b4..e8108210f 100644 --- a/tests/build/build-wpa_supplicant-openssl-1.1.0.config +++ b/tests/build/build-wpa_supplicant-openssl-1.1.0.config @@ -26,5 +26,4 @@ CONFIG_DPP=y CONFIG_SUITEB=y CONFIG_SUITEB192=y -CONFIG_IEEE80211W=y CFLAGS += -Werror diff --git a/tests/build/build-wpa_supplicant-openssl-1.1.1.config b/tests/build/build-wpa_supplicant-openssl-1.1.1.config index 6078d545b..5a4eebb9b 100644 --- a/tests/build/build-wpa_supplicant-openssl-1.1.1.config +++ b/tests/build/build-wpa_supplicant-openssl-1.1.1.config @@ -26,5 +26,4 @@ CONFIG_DPP=y CONFIG_SUITEB=y CONFIG_SUITEB192=y -CONFIG_IEEE80211W=y CFLAGS += -Werror diff --git a/tests/fuzzing/eapol-key-auth/Makefile b/tests/fuzzing/eapol-key-auth/Makefile index 6072461d7..4dca10264 100644 --- a/tests/fuzzing/eapol-key-auth/Makefile +++ b/tests/fuzzing/eapol-key-auth/Makefile @@ -2,7 +2,6 @@ all: eapol-key-auth include ../rules.include CFLAGS += -DCONFIG_IEEE80211R_AP -CFLAGS += -DCONFIG_IEEE80211W CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_TDLS diff --git a/tests/fuzzing/eapol-key-supp/Makefile b/tests/fuzzing/eapol-key-supp/Makefile index 134d3d9a7..afe566584 100644 --- a/tests/fuzzing/eapol-key-supp/Makefile +++ b/tests/fuzzing/eapol-key-supp/Makefile @@ -2,7 +2,6 @@ all: eapol-key-supp include ../rules.include CFLAGS += -DCONFIG_IEEE80211R_AP -CFLAGS += -DCONFIG_IEEE80211W CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_TDLS diff --git a/tests/hwsim/example-hostapd.config b/tests/hwsim/example-hostapd.config index 09d3627dd..709e64957 100644 --- a/tests/hwsim/example-hostapd.config +++ b/tests/hwsim/example-hostapd.config @@ -47,7 +47,6 @@ CONFIG_FULL_DYNAMIC_VLAN=y CONFIG_VLAN_NETLINK=y CONFIG_LIBNL32=y CONFIG_LIBNL3_ROUTE=y -CONFIG_IEEE80211W=y CONFIG_IEEE80211R=y CONFIG_IEEE80211N=y CONFIG_IEEE80211AC=y diff --git a/tests/hwsim/example-wpa_supplicant.config b/tests/hwsim/example-wpa_supplicant.config index 846a02e76..397a6f173 100644 --- a/tests/hwsim/example-wpa_supplicant.config +++ b/tests/hwsim/example-wpa_supplicant.config @@ -57,7 +57,6 @@ CONFIG_OCSP=y CONFIG_CTRL_IFACE_DBUS_NEW=y CONFIG_CTRL_IFACE_DBUS_INTRO=y -CONFIG_IEEE80211W=y CONFIG_IEEE80211R=y CONFIG_IEEE80211N=y CONFIG_IEEE80211AC=y diff --git a/wlantest/Makefile b/wlantest/Makefile index 4195a24dd..bbcee99a4 100644 --- a/wlantest/Makefile +++ b/wlantest/Makefile @@ -45,7 +45,6 @@ endif OBJS_lib += ../src/utils/libutils.a OBJS_lib += ../src/crypto/libcrypto.a -CFLAGS += -DCONFIG_IEEE80211W CFLAGS += -DCONFIG_OCV CFLAGS += -DCONFIG_IEEE80211R CFLAGS += -DCONFIG_HS20 diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk index 093dcea86..b05031cf9 100644 --- a/wpa_supplicant/Android.mk +++ b/wpa_supplicant/Android.mk @@ -198,8 +198,6 @@ endif ifdef CONFIG_SUITEB L_CFLAGS += -DCONFIG_SUITEB -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_SUITEB192 @@ -210,25 +208,15 @@ endif ifdef CONFIG_OCV L_CFLAGS += -DCONFIG_OCV OBJS += src/common/ocv.c -CONFIG_IEEE80211W=y -endif - -ifdef CONFIG_IEEE80211W -L_CFLAGS += -DCONFIG_IEEE80211W -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_IEEE80211R L_CFLAGS += -DCONFIG_IEEE80211R OBJS += src/rsn_supp/wpa_ft.c -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_MESH NEED_80211_COMMON=y -NEED_SHA256=y NEED_AES_SIV=y CONFIG_SAE=y CONFIG_AP=y @@ -254,7 +242,6 @@ NEED_AES_SIV=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y NEED_JSON=y @@ -271,7 +258,6 @@ NEED_ECC=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y endif @@ -298,8 +284,6 @@ endif ifdef CONFIG_TDLS L_CFLAGS += -DCONFIG_TDLS OBJS += src/rsn_supp/tdls.c -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_TDLS_TESTING @@ -364,7 +348,6 @@ ifdef CONFIG_HS20 OBJS += hs20_supplicant.c L_CFLAGS += -DCONFIG_HS20 CONFIG_INTERWORKING=y -NEED_AES_OMAC1=y endif ifdef CONFIG_INTERWORKING @@ -431,7 +414,6 @@ endif ifdef CONFIG_ERP L_CFLAGS += -DCONFIG_ERP -NEED_SHA256=y NEED_HMAC_SHA256_KDF=y endif @@ -586,7 +568,6 @@ OBJS += src/eap_peer/eap_psk.c src/eap_common/eap_psk_common.c endif CONFIG_IEEE8021X_EAPOL=y NEED_AES=y -NEED_AES_OMAC1=y NEED_AES_ENCBLOCK=y NEED_AES_EAX=y endif @@ -619,7 +600,6 @@ L_CFLAGS += -DEAP_AKA_PRIME_DYNAMIC else L_CFLAGS += -DEAP_AKA_PRIME endif -NEED_SHA256=y endif ifdef CONFIG_EAP_SIM_COMMON @@ -700,15 +680,12 @@ CONFIG_IEEE8021X_EAPOL=y ifdef CONFIG_EAP_GPSK_SHA256 L_CFLAGS += -DEAP_GPSK_SHA256 endif -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_EAP_PWD L_CFLAGS += -DEAP_PWD OBJS += src/eap_peer/eap_pwd.c src/eap_common/eap_pwd_common.c CONFIG_IEEE8021X_EAPOL=y -NEED_SHA256=y NEED_ECC=y NEED_DRAGONFLY=y endif @@ -725,7 +702,6 @@ endif CONFIG_IEEE8021X_EAPOL=y NEED_DH_GROUPS=y NEED_DH_GROUPS_ALL=y -NEED_SHA256=y NEED_AES_CBC=y endif @@ -745,7 +721,6 @@ OBJS += src/wps/wps_enrollee.c OBJS += src/wps/wps_registrar.c CONFIG_IEEE8021X_EAPOL=y NEED_DH_GROUPS=y -NEED_SHA256=y NEED_BASE64=y NEED_AES_CBC=y NEED_MODEXP=y @@ -1035,7 +1010,6 @@ endif ifdef CONFIG_TLSV12 L_CFLAGS += -DCONFIG_TLSV12 -NEED_SHA256=y endif ifeq ($(CONFIG_TLS), openssl) @@ -1050,7 +1024,6 @@ OBJS_p += src/crypto/crypto_openssl.c ifdef NEED_FIPS186_2_PRF OBJS += src/crypto/fips_prf_openssl.c endif -NEED_SHA256=y NEED_TLS_PRF_SHA256=y LIBS += -lcrypto LIBS_p += -lcrypto @@ -1113,7 +1086,6 @@ OBJS += src/tls/x509v3.c OBJS += src/tls/pkcs1.c OBJS += src/tls/pkcs5.c OBJS += src/tls/pkcs8.c -NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y ifdef CONFIG_TLSV12 @@ -1233,12 +1205,10 @@ endif ifdef NEED_AES_EAX AESOBJS += src/crypto/aes-eax.c NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_SIV AESOBJS += src/crypto/aes-siv.c NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_CTR AESOBJS += src/crypto/aes-ctr.c @@ -1246,14 +1216,12 @@ endif ifdef NEED_AES_ENCBLOCK AESOBJS += src/crypto/aes-encblock.c endif -ifdef NEED_AES_OMAC1 NEED_AES_ENC=y ifdef CONFIG_OPENSSL_CMAC L_CFLAGS += -DCONFIG_OPENSSL_CMAC else AESOBJS += src/crypto/aes-omac1.c endif -endif ifdef NEED_AES_WRAP NEED_AES_ENC=y ifdef NEED_INTERNAL_AES_WRAP @@ -1346,7 +1314,6 @@ endif endif SHA256OBJS = # none by default -ifdef NEED_SHA256 L_CFLAGS += -DCONFIG_SHA256 ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), gnutls) @@ -1384,7 +1351,6 @@ L_CFLAGS += -DCONFIG_HMAC_SHA512_KDF SHA256OBJS += src/crypto/sha512-kdf.c endif OBJS += $(SHA256OBJS) -endif ifdef NEED_SHA384 L_CFLAGS += -DCONFIG_SHA384 ifneq ($(CONFIG_TLS), openssl) diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile index a0106abed..1406acba2 100644 --- a/wpa_supplicant/Makefile +++ b/wpa_supplicant/Makefile @@ -230,8 +230,6 @@ endif ifdef CONFIG_SUITEB CFLAGS += -DCONFIG_SUITEB -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_SUITEB192 @@ -242,25 +240,15 @@ endif ifdef CONFIG_OCV CFLAGS += -DCONFIG_OCV OBJS += ../src/common/ocv.o -CONFIG_IEEE80211W=y -endif - -ifdef CONFIG_IEEE80211W -CFLAGS += -DCONFIG_IEEE80211W -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_IEEE80211R CFLAGS += -DCONFIG_IEEE80211R OBJS += ../src/rsn_supp/wpa_ft.o -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_MESH NEED_80211_COMMON=y -NEED_SHA256=y NEED_AES_SIV=y CONFIG_SAE=y CONFIG_AP=y @@ -286,7 +274,6 @@ NEED_AES_SIV=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y NEED_JSON=y @@ -303,7 +290,6 @@ NEED_ECC=y NEED_HMAC_SHA256_KDF=y NEED_HMAC_SHA384_KDF=y NEED_HMAC_SHA512_KDF=y -NEED_SHA256=y NEED_SHA384=y NEED_SHA512=y endif @@ -330,8 +316,6 @@ endif ifdef CONFIG_TDLS CFLAGS += -DCONFIG_TDLS OBJS += ../src/rsn_supp/tdls.o -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_TDLS_TESTING @@ -404,7 +388,6 @@ ifdef CONFIG_HS20 OBJS += hs20_supplicant.o CFLAGS += -DCONFIG_HS20 CONFIG_INTERWORKING=y -NEED_AES_OMAC1=y endif ifdef CONFIG_INTERWORKING @@ -458,7 +441,6 @@ endif ifdef CONFIG_ERP CFLAGS += -DCONFIG_ERP -NEED_SHA256=y NEED_HMAC_SHA256_KDF=y endif @@ -613,7 +595,6 @@ OBJS += ../src/eap_peer/eap_psk.o ../src/eap_common/eap_psk_common.o endif CONFIG_IEEE8021X_EAPOL=y NEED_AES=y -NEED_AES_OMAC1=y NEED_AES_ENCBLOCK=y NEED_AES_EAX=y endif @@ -646,7 +627,6 @@ CFLAGS += -DEAP_AKA_PRIME_DYNAMIC else CFLAGS += -DEAP_AKA_PRIME endif -NEED_SHA256=y endif ifdef CONFIG_EAP_SIM_COMMON @@ -727,8 +707,6 @@ CONFIG_IEEE8021X_EAPOL=y ifdef CONFIG_EAP_GPSK_SHA256 CFLAGS += -DEAP_GPSK_SHA256 endif -NEED_SHA256=y -NEED_AES_OMAC1=y endif ifdef CONFIG_EAP_PWD @@ -738,7 +716,6 @@ CFLAGS += -DCONFIG_ECC endif OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o CONFIG_IEEE8021X_EAPOL=y -NEED_SHA256=y NEED_ECC=y NEED_DRAGONFLY=y endif @@ -755,7 +732,6 @@ endif CONFIG_IEEE8021X_EAPOL=y NEED_DH_GROUPS=y NEED_DH_GROUPS_ALL=y -NEED_SHA256=y NEED_AES_CBC=y endif @@ -775,7 +751,6 @@ OBJS += ../src/wps/wps_enrollee.o OBJS += ../src/wps/wps_registrar.o CONFIG_IEEE8021X_EAPOL=y NEED_DH_GROUPS=y -NEED_SHA256=y NEED_BASE64=y NEED_AES_CBC=y NEED_MODEXP=y @@ -873,7 +848,6 @@ CONFIG_IEEE8021X_EAPOL=y NEED_AES_ENCBLOCK=y NEED_AES_UNWRAP=y NEED_AES_WRAP=y -NEED_AES_OMAC1=y OBJS += wpas_kay.o OBJS += ../src/pae/ieee802_1x_cp.o OBJS += ../src/pae/ieee802_1x_kay.o @@ -1083,7 +1057,6 @@ endif ifdef CONFIG_TLSV12 CFLAGS += -DCONFIG_TLSV12 -NEED_SHA256=y endif ifeq ($(CONFIG_TLS), wolfssl) @@ -1114,7 +1087,6 @@ OBJS_priv += ../src/crypto/crypto_openssl.o ifdef NEED_FIPS186_2_PRF OBJS += ../src/crypto/fips_prf_openssl.o endif -NEED_SHA256=y NEED_TLS_PRF_SHA256=y LIBS += -lcrypto LIBS_p += -lcrypto @@ -1178,7 +1150,6 @@ OBJS += ../src/tls/x509v3.o OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs8.o -NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y ifdef CONFIG_TLSV12 @@ -1258,7 +1229,6 @@ OBJS += ../src/tls/x509v3.o OBJS += ../src/tls/pkcs1.o OBJS += ../src/tls/pkcs5.o OBJS += ../src/tls/pkcs8.o -NEED_SHA256=y NEED_BASE64=y NEED_TLS_PRF=y ifdef CONFIG_TLSV12 @@ -1344,12 +1314,10 @@ endif ifdef NEED_AES_EAX AESOBJS += ../src/crypto/aes-eax.o NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_SIV AESOBJS += ../src/crypto/aes-siv.o NEED_AES_CTR=y -NEED_AES_OMAC1=y endif ifdef NEED_AES_CTR AESOBJS += ../src/crypto/aes-ctr.o @@ -1357,7 +1325,6 @@ endif ifdef NEED_AES_ENCBLOCK AESOBJS += ../src/crypto/aes-encblock.o endif -ifdef NEED_AES_OMAC1 NEED_AES_ENC=y ifdef CONFIG_OPENSSL_CMAC CFLAGS += -DCONFIG_OPENSSL_CMAC @@ -1368,7 +1335,6 @@ AESOBJS += ../src/crypto/aes-omac1.o endif endif endif -endif ifdef NEED_AES_WRAP NEED_AES_ENC=y ifdef NEED_INTERNAL_AES_WRAP @@ -1477,7 +1443,6 @@ endif endif SHA256OBJS = # none by default -ifdef NEED_SHA256 CFLAGS += -DCONFIG_SHA256 ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) @@ -1519,7 +1484,6 @@ CFLAGS += -DCONFIG_HMAC_SHA512_KDF OBJS += ../src/crypto/sha512-kdf.o endif OBJS += $(SHA256OBJS) -endif ifdef NEED_SHA384 ifneq ($(CONFIG_TLS), openssl) ifneq ($(CONFIG_TLS), linux) diff --git a/wpa_supplicant/README-DPP b/wpa_supplicant/README-DPP index dcc15f165..96b173537 100644 --- a/wpa_supplicant/README-DPP +++ b/wpa_supplicant/README-DPP @@ -28,7 +28,6 @@ wpa_supplicant build config Enable DPP and protected management frame in wpa_supplicant build config file -CONFIG_IEEE80211W=y CONFIG_DPP=y hostapd build config @@ -36,7 +35,6 @@ hostapd build config Enable DPP and protected management frame in hostapd build config file -CONFIG_IEEE80211W=y CONFIG_DPP=y Configurator build config diff --git a/wpa_supplicant/android.config b/wpa_supplicant/android.config index 6536c110a..f9d3712a8 100644 --- a/wpa_supplicant/android.config +++ b/wpa_supplicant/android.config @@ -273,10 +273,6 @@ CONFIG_L2_PACKET=linux # bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). #CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y -# IEEE 802.11w (management frame protection), also known as PMF -# Driver support is also needed for IEEE 802.11w. -CONFIG_IEEE80211W=y - # Support Operating Channel Validation #CONFIG_OCV=y diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c index 4e3c2814d..dff1cbea3 100644 --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c @@ -500,10 +500,8 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, bss->wpa_group_rekey = 86400; } -#ifdef CONFIG_IEEE80211W if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) bss->ieee80211w = ssid->ieee80211w; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV bss->ocv = ssid->ocv; diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index cc197ae37..d2ac01baa 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -740,12 +740,10 @@ static int wpa_config_parse_key_mgmt(const struct parse_data *data, val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384; #endif /* CONFIG_SHA384 */ #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) val |= WPA_KEY_MGMT_PSK_SHA256; else if (os_strcmp(start, "WPA-EAP-SHA256") == 0) val |= WPA_KEY_MGMT_IEEE8021X_SHA256; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS else if (os_strcmp(start, "WPS") == 0) val |= WPA_KEY_MGMT_WPS; @@ -910,7 +908,6 @@ static char * wpa_config_write_key_mgmt(const struct parse_data *data, #endif /* CONFIG_SHA384 */ #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) { ret = os_snprintf(pos, end - pos, "%sWPA-PSK-SHA256", pos == buf ? "" : " "); @@ -930,7 +927,6 @@ static char * wpa_config_write_key_mgmt(const struct parse_data *data, } pos += ret; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { @@ -2477,9 +2473,7 @@ static const struct parse_data ssid_fields[] = { { INT_RANGE(proactive_key_caching, 0, 1) }, { INT_RANGE(disabled, 0, 2) }, { STR(id_str) }, -#ifdef CONFIG_IEEE80211W { INT_RANGE(ieee80211w, 0, 2) }, -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV { FUNC(ocv) }, #endif /* CONFIG_OCV */ @@ -3061,9 +3055,7 @@ void wpa_config_set_network_defaults(struct wpa_ssid *ssid) ssid->vht_tx_mcs_nss_8 = -1; #endif /* CONFIG_VHT_OVERRIDES */ ssid->proactive_key_caching = -1; -#ifdef CONFIG_IEEE80211W ssid->ieee80211w = MGMT_FRAME_PROTECTION_DEFAULT; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_MACSEC ssid->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER; #endif /* CONFIG_MACSEC */ diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c index a1f8b7f06..5005aa925 100644 --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c @@ -863,10 +863,8 @@ static void wpa_config_write_network(FILE *f, struct wpa_ssid *ssid) INT(pbss); INT(wps_disabled); INT(fils_dh_group); -#ifdef CONFIG_IEEE80211W write_int(f, "ieee80211w", ssid->ieee80211w, MGMT_FRAME_PROTECTION_DEFAULT); -#endif /* CONFIG_IEEE80211W */ STR(id_str); #ifdef CONFIG_P2P write_go_p2p_dev_addr(f, ssid); diff --git a/wpa_supplicant/config_ssid.h b/wpa_supplicant/config_ssid.h index d5c5c00a9..649f8c82c 100644 --- a/wpa_supplicant/config_ssid.h +++ b/wpa_supplicant/config_ssid.h @@ -446,7 +446,6 @@ struct wpa_ssid { */ char *id_str; -#ifdef CONFIG_IEEE80211W /** * ieee80211w - Whether management frame protection is enabled * @@ -460,7 +459,6 @@ struct wpa_ssid { * followed). */ enum mfp_options ieee80211w; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV /** diff --git a/wpa_supplicant/config_winreg.c b/wpa_supplicant/config_winreg.c index 118710872..0f2a30a46 100644 --- a/wpa_supplicant/config_winreg.c +++ b/wpa_supplicant/config_winreg.c @@ -937,10 +937,8 @@ static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id) write_int(netw, "proactive_key_caching", ssid->proactive_key_caching, -1); INT(disabled); -#ifdef CONFIG_IEEE80211W write_int(netw, "ieee80211w", ssid->ieee80211w, MGMT_FRAME_PROTECTION_DEFAULT); -#endif /* CONFIG_IEEE80211W */ STR(id_str); #ifdef CONFIG_HS20 INT(update_identifier); diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index abc5bb634..6ed6837b3 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -2656,7 +2656,6 @@ static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto, pos += ret; } #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) { ret = os_snprintf(pos, end - pos, "%sEAP-SHA256", pos == start ? "" : "+"); @@ -2671,7 +2670,6 @@ static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto, return pos; pos += ret; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SUITEB if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { @@ -5243,10 +5241,8 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0); -#ifdef CONFIG_IEEE80211W wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0); wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0); -#endif /* CONFIG_IEEE80211W */ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL, 0); @@ -10626,12 +10622,10 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, } else if (os_strcmp(buf, "RESEND_ASSOC") == 0) { if (wpas_ctrl_resend_assoc(wpa_s) < 0) reply_len = -1; -#ifdef CONFIG_IEEE80211W } else if (os_strcmp(buf, "UNPROT_DEAUTH") == 0) { sme_event_unprot_disconnect( wpa_s, wpa_s->bssid, NULL, WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA); -#endif /* CONFIG_IEEE80211W */ #endif /* CONFIG_TESTING_OPTIONS */ } else if (os_strncmp(buf, "VENDOR_ELEM_ADD ", 16) == 0) { if (wpas_ctrl_vendor_elem_add(wpa_s, buf + 16) < 0) diff --git a/wpa_supplicant/dbus/dbus_new_handlers.c b/wpa_supplicant/dbus/dbus_new_handlers.c index 6c36d91a0..d2c84e5c5 100644 --- a/wpa_supplicant/dbus/dbus_new_handlers.c +++ b/wpa_supplicant/dbus/dbus_new_handlers.c @@ -1012,9 +1012,7 @@ dbus_bool_t wpas_dbus_getter_global_capabilities( #ifdef CONFIG_INTERWORKING capabilities[num_items++] = "interworking"; #endif /* CONFIG_INTERWORKING */ -#ifdef CONFIG_IEEE80211W capabilities[num_items++] = "pmf"; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_MESH capabilities[num_items++] = "mesh"; #endif /* CONFIG_MESH */ @@ -2753,11 +2751,9 @@ dbus_bool_t wpas_dbus_getter_capabilities( goto nomem; /* TODO: Ensure that driver actually supports sha256 encryption. */ -#ifdef CONFIG_IEEE80211W if (!wpa_dbus_dict_string_array_add_element( &iter_array, "wpa-eap-sha256")) goto nomem; -#endif /* CONFIG_IEEE80211W */ } if (capa.key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK | @@ -2771,11 +2767,9 @@ dbus_bool_t wpas_dbus_getter_capabilities( goto nomem; /* TODO: Ensure that driver actually supports sha256 encryption. */ -#ifdef CONFIG_IEEE80211W if (!wpa_dbus_dict_string_array_add_element( &iter_array, "wpa-psk-sha256")) goto nomem; -#endif /* CONFIG_IEEE80211W */ } if ((capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE) && @@ -4608,11 +4602,9 @@ static dbus_bool_t wpas_dbus_get_bss_security_prop( /* Management group (RSN only) */ if (ie_data->proto == WPA_PROTO_RSN) { switch (ie_data->mgmt_group_cipher) { -#ifdef CONFIG_IEEE80211W case WPA_CIPHER_AES_128_CMAC: group = "aes128cmac"; break; -#endif /* CONFIG_IEEE80211W */ default: group = ""; break; diff --git a/wpa_supplicant/defconfig b/wpa_supplicant/defconfig index cdfb1974d..6ae07a4a7 100644 --- a/wpa_supplicant/defconfig +++ b/wpa_supplicant/defconfig @@ -310,10 +310,6 @@ CONFIG_BACKEND=file # bridge interfaces (commit 'bridge: respect RFC2863 operational state')'). #CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y -# IEEE 802.11w (management frame protection), also known as PMF -# Driver support is also needed for IEEE 802.11w. -CONFIG_IEEE80211W=y - # Support Operating Channel Validation #CONFIG_OCV=y @@ -610,6 +606,4 @@ CONFIG_BGSCAN_SIMPLE=y #CONFIG_OWE=y # Device Provisioning Protocol (DPP) -# This requires CONFIG_IEEE80211W=y to be enabled, too. (see -# wpa_supplicant/README-DPP for details) CONFIG_DPP=y diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 7ba4345b6..f28e4399e 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -615,7 +615,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, break; } -#ifdef CONFIG_IEEE80211W if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { @@ -624,7 +623,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, " skip RSN IE - no mgmt frame protection"); break; } -#endif /* CONFIG_IEEE80211W */ if ((ie.capabilities & WPA_CAPABILITY_MFPR) && wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION) { @@ -655,7 +653,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, return 1; } -#ifdef CONFIG_IEEE80211W if (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED && (!(ssid->key_mgmt & WPA_KEY_MGMT_OWE) || ssid->owe_only)) { if (debug_print) @@ -663,7 +660,6 @@ static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, " skip - MFP Required but network not MFP Capable"); return 0; } -#endif /* CONFIG_IEEE80211W */ wpa_ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { @@ -3518,26 +3514,22 @@ static void ft_rx_action(struct wpa_supplicant *wpa_s, const u8 *data, static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s, struct unprot_deauth *e) { -#ifdef CONFIG_IEEE80211W wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame " "dropped: " MACSTR " -> " MACSTR " (reason code %u)", MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); -#endif /* CONFIG_IEEE80211W */ } static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s, struct unprot_disassoc *e) { -#ifdef CONFIG_IEEE80211W wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame " "dropped: " MACSTR " -> " MACSTR " (reason code %u)", MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); -#endif /* CONFIG_IEEE80211W */ } @@ -3795,14 +3787,12 @@ static void wpas_event_rx_mgmt_action(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W #ifdef CONFIG_SME if (category == WLAN_ACTION_SA_QUERY) { sme_sa_query_rx(wpa_s, mgmt->sa, payload, plen); return; } #endif /* CONFIG_SME */ -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WNM if (mgmt->u.action.category == WLAN_ACTION_WNM) { @@ -4516,9 +4506,7 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event, } #endif /* CONFIG_AP */ -#ifdef CONFIG_IEEE80211W sme_event_ch_switch(wpa_s); -#endif /* CONFIG_IEEE80211W */ wpas_p2p_update_channel_list(wpa_s, WPAS_P2P_CHANNEL_UPDATE_CS); wnm_clear_coloc_intf_reporting(wpa_s); break; diff --git a/wpa_supplicant/mesh.c b/wpa_supplicant/mesh.c index 7354c1b79..5c1a47d8f 100644 --- a/wpa_supplicant/mesh.c +++ b/wpa_supplicant/mesh.c @@ -86,7 +86,6 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s, MESH_CONF_SEC_AMPE; else conf->security |= MESH_CONF_SEC_NONE; -#ifdef CONFIG_IEEE80211W conf->ieee80211w = ssid->ieee80211w; if (conf->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { if (wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP) @@ -94,7 +93,6 @@ static struct mesh_conf * mesh_config_create(struct wpa_supplicant *wpa_s, else conf->ieee80211w = NO_MGMT_FRAME_PROTECTION; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV conf->ocv = ssid->ocv; #endif /* CONFIG_OCV */ diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index 4b8d6c469..e730b6336 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -165,11 +165,9 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, conf.wpa_group_rekey = -1; conf.wpa_group_update_count = 4; conf.wpa_pairwise_update_count = 4; -#ifdef CONFIG_IEEE80211W conf.ieee80211w = ieee80211w; if (ieee80211w != NO_MGMT_FRAME_PROTECTION) conf.group_mgmt_cipher = rsn->mgmt_group_cipher; -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV conf.ocv = ocv; #endif /* CONFIG_OCV */ @@ -186,7 +184,6 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, return -1; rsn->mgtk_key_id = 1; -#ifdef CONFIG_IEEE80211W if (ieee80211w != NO_MGMT_FRAME_PROTECTION) { rsn->igtk_len = wpa_cipher_key_len(conf.group_mgmt_cipher); if (random_get_bytes(rsn->igtk, rsn->igtk_len) < 0) @@ -201,7 +198,6 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, rsn->igtk_key_id, 1, seq, sizeof(seq), rsn->igtk, rsn->igtk_len); } -#endif /* CONFIG_IEEE80211W */ /* group privacy / data frames */ wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK", @@ -545,10 +541,8 @@ int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta, len = sizeof(*ampe); if (cat[1] == PLINK_OPEN) len += rsn->mgtk_len + WPA_KEY_RSC_LEN + 4; -#ifdef CONFIG_IEEE80211W if (cat[1] == PLINK_OPEN && rsn->igtk_len) len += 2 + 6 + rsn->igtk_len; -#endif /* CONFIG_IEEE80211W */ if (2 + AES_BLOCK_SIZE + 2 + len > wpabuf_tailroom(buf)) { wpa_printf(MSG_ERROR, "protect frame: buffer too small"); @@ -591,7 +585,6 @@ int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta, WPA_PUT_LE32(pos, 0xffffffff); pos += 4; -#ifdef CONFIG_IEEE80211W /* * IGTKdata[variable]: * Key ID[2], IPN[6], IGTK[variable] @@ -603,7 +596,6 @@ int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta, pos += 6; os_memcpy(pos, rsn->igtk, rsn->igtk_len); } -#endif /* CONFIG_IEEE80211W */ skip_keys: wpa_hexdump_key(MSG_DEBUG, "mesh: Plaintext AMPE element", @@ -774,7 +766,6 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta, WPA_GET_LE32(pos)); pos += 4; -#ifdef CONFIG_IEEE80211W /* * IGTKdata[variable]: * Key ID[2], IPN[6], IGTK[variable] @@ -794,7 +785,6 @@ int mesh_rsn_process_ampe(struct wpa_supplicant *wpa_s, struct sta_info *sta, wpa_hexdump_key(MSG_DEBUG, "mesh: IGTKdata - IGTK", sta->igtk, sta->igtk_len); } -#endif /* CONFIG_IEEE80211W */ free: os_free(crypt); diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c index c60ec4711..8003d2c39 100644 --- a/wpa_supplicant/sme.c +++ b/wpa_supplicant/sme.c @@ -37,9 +37,7 @@ static void sme_auth_timer(void *eloop_ctx, void *timeout_ctx); static void sme_assoc_timer(void *eloop_ctx, void *timeout_ctx); static void sme_obss_scan_timeout(void *eloop_ctx, void *timeout_ctx); -#ifdef CONFIG_IEEE80211W static void sme_stop_sa_query(struct wpa_supplicant *wpa_s); -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_SAE @@ -492,7 +490,6 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, } #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W wpa_s->sme.mfp = wpas_get_ssid_pmf(wpa_s, ssid); if (wpa_s->sme.mfp != NO_MGMT_FRAME_PROTECTION) { const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); @@ -505,7 +502,6 @@ static void sme_send_authentication(struct wpa_supplicant *wpa_s, wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED; } } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_P2P if (wpa_s->global->p2p) { @@ -2024,9 +2020,7 @@ void sme_clear_on_disassoc(struct wpa_supplicant *wpa_s) if (wpa_s->sme.ft_ies || wpa_s->sme.ft_used) sme_update_ft_ies(wpa_s, NULL, NULL, 0); #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W sme_stop_sa_query(wpa_s); -#endif /* CONFIG_IEEE80211W */ } @@ -2321,8 +2315,6 @@ void sme_sched_obss_scan(struct wpa_supplicant *wpa_s, int enable) } -#ifdef CONFIG_IEEE80211W - static const unsigned int sa_query_max_timeout = 1000; static const unsigned int sa_query_retry_timeout = 201; static const unsigned int sa_query_ch_switch_max_delay = 5000; /* in usec */ @@ -2611,5 +2603,3 @@ void sme_sa_query_rx(struct wpa_supplicant *wpa_s, const u8 *sa, else if (data[0] == WLAN_SA_QUERY_RESPONSE) sme_process_sa_query_response(wpa_s, sa, data, len); } - -#endif /* CONFIG_IEEE80211W */ diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c index c14764963..92dbdbab5 100644 --- a/wpa_supplicant/wnm_sta.c +++ b/wpa_supplicant/wnm_sta.c @@ -271,7 +271,6 @@ static void wnm_sleep_mode_exit_success(struct wpa_supplicant *wpa_s, WNM_SLEEP_SUBELEM_GTK, ptr); ptr += 13 + gtk_len; -#ifdef CONFIG_IEEE80211W } else if (*ptr == WNM_SLEEP_SUBELEM_IGTK) { if (ptr[1] < 2 + 6 + WPA_IGTK_LEN) { wpa_printf(MSG_DEBUG, "WNM: Too short IGTK " @@ -281,7 +280,6 @@ static void wnm_sleep_mode_exit_success(struct wpa_supplicant *wpa_s, wpa_wnmsleep_install_key(wpa_s->wpa, WNM_SLEEP_SUBELEM_IGTK, ptr); ptr += 10 + WPA_IGTK_LEN; -#endif /* CONFIG_IEEE80211W */ } else break; /* skip the loop */ } diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c index 43ac42720..004b84d83 100644 --- a/wpa_supplicant/wpa_cli.c +++ b/wpa_supplicant/wpa_cli.c @@ -1433,9 +1433,7 @@ static const char *network_fields[] = { "mode", #endif /* CONFIG_MESH */ "proactive_key_caching", "disabled", "id_str", -#ifdef CONFIG_IEEE80211W "ieee80211w", -#endif /* CONFIG_IEEE80211W */ "mixed_cell", "frequency", "fixed_freq", #ifdef CONFIG_MESH "mesh_basic_rates", "dot11MeshMaxRetries", diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index 05a5d7f69..b92c61ef0 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -424,10 +424,8 @@ void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, wpa_s->pairwise_cipher); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); -#ifdef CONFIG_IEEE80211W wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, wpa_s->mgmt_group_cipher); -#endif /* CONFIG_IEEE80211W */ pmksa_cache_clear_current(wpa_s->wpa); } @@ -693,13 +691,7 @@ static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) */ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) { - int i, max; - -#ifdef CONFIG_IEEE80211W - max = 6; -#else /* CONFIG_IEEE80211W */ - max = 4; -#endif /* CONFIG_IEEE80211W */ + int i, max = 6; /* MLME-DELETEKEYS.request */ for (i = 0; i < max; i++) { @@ -1186,7 +1178,6 @@ static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, return -1; } -#ifdef CONFIG_IEEE80211W if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " @@ -1194,7 +1185,6 @@ static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, "reject"); return -1; } -#endif /* CONFIG_IEEE80211W */ return 0; } @@ -1319,7 +1309,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, ie.group_cipher = ssid->group_cipher; ie.pairwise_cipher = ssid->pairwise_cipher; ie.key_mgmt = ssid->key_mgmt; -#ifdef CONFIG_IEEE80211W ie.mgmt_group_cipher = 0; if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { if (ssid->group_mgmt_cipher & @@ -1338,7 +1327,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, ie.mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; } -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OWE if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && !ssid->owe_only && @@ -1358,12 +1346,10 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " "pairwise %d key_mgmt %d proto %d", ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); -#ifdef CONFIG_IEEE80211W if (ssid->ieee80211w) { wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", ie.mgmt_group_cipher); } -#endif /* CONFIG_IEEE80211W */ wpa_s->wpa_proto = proto; wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); @@ -1495,7 +1481,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); #endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; wpa_dbg(wpa_s, MSG_DEBUG, @@ -1504,7 +1489,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT PSK with SHA256"); -#endif /* CONFIG_IEEE80211W */ } else if (sel & WPA_KEY_MGMT_IEEE8021X) { wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); @@ -1535,7 +1519,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_s->pairwise_cipher); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); -#ifdef CONFIG_IEEE80211W if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { wpa_msg(wpa_s, MSG_INFO, @@ -1576,7 +1559,6 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, wpa_s->mgmt_group_cipher); wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, wpas_get_ssid_pmf(wpa_s, ssid)); -#endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_OCV wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv); #endif /* CONFIG_OCV */ @@ -3293,7 +3275,6 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) params.drop_unencrypted = use_crypt; -#ifdef CONFIG_IEEE80211W params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid); if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); @@ -3312,7 +3293,6 @@ static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) #endif /* CONFIG_OWE */ } } -#endif /* CONFIG_IEEE80211W */ params.p2p = ssid->p2p_group; @@ -7021,7 +7001,6 @@ int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) { -#ifdef CONFIG_IEEE80211W if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL && !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) { @@ -7050,9 +7029,6 @@ int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) } return ssid->ieee80211w; -#else /* CONFIG_IEEE80211W */ - return NO_MGMT_FRAME_PROTECTION; -#endif /* CONFIG_IEEE80211W */ } diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c index 057927410..737c4e0e3 100644 --- a/wpa_supplicant/wps_supplicant.c +++ b/wpa_supplicant/wps_supplicant.c @@ -533,9 +533,7 @@ static int wpa_supplicant_wps_cred(void *ctx, if (wpa_s->conf->wps_cred_add_sae && cred->key_len != 2 * PMK_LEN) { ssid->key_mgmt |= WPA_KEY_MGMT_SAE; -#ifdef CONFIG_IEEE80211W ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL; -#endif /* CONFIG_IEEE80211W */ } ssid->proto = WPA_PROTO_RSN; break;