WEXT: IEEE 802.11w/MFP configuration

Added configuration of MFP related parameters with WEXT. The changes to
linux/wireless.h have not yet been applied to the Linux kernel tree, so the
code using them is still open to changes and is ifdef'ed out if
CONFIG_IEEE80211W is not set.
This commit is contained in:
Jouni Malinen 2008-06-18 11:13:33 +03:00
parent 84737a46a4
commit f0732adfe0
2 changed files with 28 additions and 0 deletions

View file

@ -568,6 +568,8 @@ typedef __uint8_t __u8;
#define IW_AUTH_RX_UNENCRYPTED_EAPOL 8 #define IW_AUTH_RX_UNENCRYPTED_EAPOL 8
#define IW_AUTH_ROAMING_CONTROL 9 #define IW_AUTH_ROAMING_CONTROL 9
#define IW_AUTH_PRIVACY_INVOKED 10 #define IW_AUTH_PRIVACY_INVOKED 10
#define IW_AUTH_CIPHER_GROUP_MGMT 11
#define IW_AUTH_MFP 12
/* IW_AUTH_WPA_VERSION values (bit field) */ /* IW_AUTH_WPA_VERSION values (bit field) */
#define IW_AUTH_WPA_VERSION_DISABLED 0x00000001 #define IW_AUTH_WPA_VERSION_DISABLED 0x00000001
@ -595,6 +597,11 @@ typedef __uint8_t __u8;
#define IW_AUTH_ROAMING_DISABLE 1 /* user space program used for roaming #define IW_AUTH_ROAMING_DISABLE 1 /* user space program used for roaming
* control */ * control */
/* IW_AUTH_MFP (management frame protection) values */
#define IW_AUTH_MFP_DISABLED 0 /* MFP disabled */
#define IW_AUTH_MFP_OPTIONAL 1 /* MFP optional */
#define IW_AUTH_MFP_REQUIRED 2 /* MFP required */
/* SIOCSIWENCODEEXT definitions */ /* SIOCSIWENCODEEXT definitions */
#define IW_ENCODE_SEQ_MAX_SIZE 8 #define IW_ENCODE_SEQ_MAX_SIZE 8
/* struct iw_encode_ext ->alg */ /* struct iw_encode_ext ->alg */
@ -603,6 +610,7 @@ typedef __uint8_t __u8;
#define IW_ENCODE_ALG_TKIP 2 #define IW_ENCODE_ALG_TKIP 2
#define IW_ENCODE_ALG_CCMP 3 #define IW_ENCODE_ALG_CCMP 3
#define IW_ENCODE_ALG_PMK 4 #define IW_ENCODE_ALG_PMK 4
#define IW_ENCODE_ALG_AES_CMAC 5
/* struct iw_encode_ext ->ext_flags */ /* struct iw_encode_ext ->ext_flags */
#define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001 #define IW_ENCODE_EXT_TX_SEQ_VALID 0x00000001
#define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002 #define IW_ENCODE_EXT_RX_SEQ_VALID 0x00000002

View file

@ -1800,6 +1800,11 @@ static int wpa_driver_wext_set_key_ext(void *priv, wpa_alg alg,
case WPA_ALG_PMK: case WPA_ALG_PMK:
ext->alg = IW_ENCODE_ALG_PMK; ext->alg = IW_ENCODE_ALG_PMK;
break; break;
#ifdef CONFIG_IEEE80211W
case WPA_ALG_IGTK:
ext->alg = IW_ENCODE_ALG_AES_CMAC;
break;
#endif /* CONFIG_IEEE80211W */
default: default:
wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d", wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d",
__FUNCTION__, alg); __FUNCTION__, alg);
@ -2153,6 +2158,21 @@ int wpa_driver_wext_associate(void *priv,
IW_AUTH_RX_UNENCRYPTED_EAPOL, IW_AUTH_RX_UNENCRYPTED_EAPOL,
allow_unencrypted_eapol) < 0) allow_unencrypted_eapol) < 0)
ret = -1; ret = -1;
#ifdef CONFIG_IEEE80211W
switch (params->mgmt_frame_protection) {
case NO_MGMT_FRAME_PROTECTION:
value = IW_AUTH_MFP_DISABLED;
break;
case MGMT_FRAME_PROTECTION_OPTIONAL:
value = IW_AUTH_MFP_OPTIONAL;
break;
case MGMT_FRAME_PROTECTION_REQUIRED:
value = IW_AUTH_MFP_REQUIRED;
break;
};
if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
ret = -1;
#endif /* CONFIG_IEEE80211W */
if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0) if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
ret = -1; ret = -1;
if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0) if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)