Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Deprecate set_drop_unencrypted(), set_auth_alg(), and set_mode()

All these driver handlers can be implemented in associate() handler
which gets all the needed information in the parameters structure. The
old functions that provided only a single parameter will be removed
eventually to clean up the driver_ops structure, so driver wrappers
should start using the newer mechanism.
Jouni Malinen 16 years ago
parent
143980694f
commit
36b15723ca
3 changed files with 59 additions and 49 deletions
Split View Show Diff Stats
  1. 22 3
      src/drivers/driver.h
  2. 35 46
      src/drivers/driver_nl80211.c
  3. 2 0
      wpa_supplicant/wpa_supplicant.c

+ 22 - 3
src/drivers/driver.h
View File 

@@ -350,6 +350,15 @@ struct wpa_driver_associate_params {
 
 	 * be prepared to handle %NULL value as an error.
 
 	 */
 
 	const u8 *psk;
 
+
 
+	/**
 
+	 * drop_unencrypted - Enable/disable unencrypted frame filtering
 
+	 *
 
+	 * Configure the driver to drop all non-EAPOL frames (both receive and
 
+	 * transmit paths). Unencrypted EAPOL frames (ethertype 0x888e) must
 
+	 * still be allowed for key negotiation.
 
+	 */
 
+	int drop_unencrypted;
 
 };
 
 
 /**
 
@@ -620,6 +629,9 @@ struct wpa_driver_ops {
 
 	 * Configure the driver to drop all non-EAPOL frames (both receive and
 
 	 * transmit paths). Unencrypted EAPOL frames (ethertype 0x888e) must
 
 	 * still be allowed for key negotiation.
 
+	 *
 
+	 * This function is deprecated. New driver wrapper implementations
 
+	 * should use associate() parameter drop_unencrypted instead.
 
 	 */
 
 	int (*set_drop_unencrypted)(void *priv, int enabled);
 
 
@@ -637,7 +649,7 @@ struct wpa_driver_ops {
 
 	 * results event for wpa_supplicant which will eventually request the
 
 	 * results with wpa_driver_get_scan_results().
 
 	 *
 
-	 * This function is depracated. New driver wrapper implementations
 
+	 * This function is deprecated. New driver wrapper implementations
 
 	 * should implement support for scan2().
 
 	 */
 
 	int (*scan)(void *priv, const u8 *ssid, size_t ssid_len);
 
@@ -655,7 +667,7 @@ struct wpa_driver_ops {
 
 	 * returned and the remaining entries will not be included in the
 
 	 * buffer.
 
 	 *
 
-	 * This function is depracated. New driver wrapper implementations
 
+	 * This function is deprecated. New driver wrapper implementations
 
 	 * should implement support for get_scan_results2().
 
 	 */
 
 	int (*get_scan_results)(void *priv,
 
@@ -711,6 +723,9 @@ struct wpa_driver_ops {
 
 	 * associate() params, so set_auth_alg may not be needed in case of
 
 	 * most drivers.
 
 	 *
 
+	 * This function is deprecated. New driver wrapper implementations
 
+	 * should use associate() parameter auth_alg instead.
 
+	 *
 
 	 * Returns: 0 on success, -1 on failure
 
 	 */
 
 	int (*set_auth_alg)(void *priv, int auth_alg);
 
@@ -1028,8 +1043,12 @@ struct wpa_driver_ops {
 
 	 * This handler will be called before any key configuration and call to
 
 	 * associate() handler in order to allow the operation mode to be
 
 	 * configured as early as possible. This information is also available
 
-	 * in associate() params and as such, some driver wrappers may not need
 
+	 * in associate() params and as such, driver wrappers may not need
 
 	 * to implement set_mode() handler.
 
+	 *
 
+	 * This function is deprecated. New driver wrapper implementations
 
+	 * should use associate() parameter mode instead.
 
+	 *
 
 	 * Returns: 0 on success, -1 on failure
 
 	 */
 
 	int (*set_mode)(void *priv, int mode);

+ 35 - 46
src/drivers/driver_nl80211.c
View File 

@@ -93,7 +93,8 @@ struct wpa_driver_nl80211_data {
 
 
 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
 
 					    void *timeout_ctx);
 
-static int wpa_driver_nl80211_set_mode(void *priv, int mode);
 
+static int wpa_driver_nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
 
+				       int mode);
 
 #ifdef WEXT_COMPAT
 
 static int wpa_driver_nl80211_flush_pmkid(void *priv);
 
 #endif /* WEXT_COMPAT */
 
@@ -1527,6 +1528,7 @@ static void wpa_driver_nl80211_deinit(void *priv)
 
 	(void) wpa_driver_nl80211_set_bssid(drv,
 
 					 (u8 *) "\x00\x00\x00\x00\x00\x00");
 
 #endif /* WEXT_COMPAT */
 
+	wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED, 0);
 
 
 	wpa_driver_nl80211_send_oper_ifla(priv, 0, IF_OPER_UP);
 
 
@@ -1935,19 +1937,6 @@ static int wpa_driver_nl80211_set_countermeasures(void *priv,
 
 #endif /* WEXT_COMPAT */
 
 
 
-static int wpa_driver_nl80211_set_drop_unencrypted(void *priv,
 
-						int enabled)
 
-{
 
-	struct wpa_driver_nl80211_data *drv = priv;
 
-	wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
 
-#ifdef WEXT_COMPAT
 
-	drv->use_crypt = enabled;
 
-#endif /* WEXT_COMPAT */
 
-	return wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
 
-					      enabled);
 
-}
 
-
 
-
 
 #ifdef WEXT_COMPAT
 
 static int wpa_driver_nl80211_mlme_wext(struct wpa_driver_nl80211_data *drv,
 
 					const u8 *addr, int cmd,
 
@@ -2141,6 +2130,29 @@ wpa_driver_nl80211_auth_alg_fallback(struct wpa_driver_nl80211_data *drv,
 
 }
 
 
 
+static int wpa_driver_nl80211_set_auth_alg(struct wpa_driver_nl80211_data *drv,
 
+					   int auth_alg)
 
+{
 
+	int algs = 0, res;
 
+
 
+	if (auth_alg & AUTH_ALG_OPEN_SYSTEM)
 
+		algs |= IW_AUTH_ALG_OPEN_SYSTEM;
 
+	if (auth_alg & AUTH_ALG_SHARED_KEY)
 
+		algs |= IW_AUTH_ALG_SHARED_KEY;
 
+	if (auth_alg & AUTH_ALG_LEAP)
 
+		algs |= IW_AUTH_ALG_LEAP;
 
+	if (algs == 0) {
 
+		/* at least one algorithm should be set */
 
+		algs = IW_AUTH_ALG_OPEN_SYSTEM;
 
+	}
 
+
 
+	res = wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
 
+					     algs);
 
+	drv->auth_alg_fallback = res == -2;
 
+	return res;
 
+}
 
+
 
+
 
 static int wpa_driver_nl80211_associate_wext(
 
 	void *priv, struct wpa_driver_associate_params *params)
 
 {
 
@@ -2151,6 +2163,9 @@ static int wpa_driver_nl80211_associate_wext(
 
 
 	wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
 
 
+	wpa_driver_nl80211_set_mode(drv, params->mode);
 
+	wpa_driver_nl80211_set_auth_alg(drv, params->auth_alg);
 
+
 
 	/*
 
 	 * If the driver did not support SIOCSIWAUTH, fallback to
 
 	 * SIOCSIWENCODE here.
 
@@ -2221,32 +2236,6 @@ static int wpa_driver_nl80211_associate_wext(
 
 
 	return ret;
 
 }
 
-
 
-
 
-static int wpa_driver_nl80211_set_auth_alg(void *priv, int auth_alg)
 
-{
 
-	struct wpa_driver_nl80211_data *drv = priv;
 
-	int algs = 0, res;
 
-
 
-	if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
 
-		return 0;
 
-
 
-	if (auth_alg & AUTH_ALG_OPEN_SYSTEM)
 
-		algs |= IW_AUTH_ALG_OPEN_SYSTEM;
 
-	if (auth_alg & AUTH_ALG_SHARED_KEY)
 
-		algs |= IW_AUTH_ALG_SHARED_KEY;
 
-	if (auth_alg & AUTH_ALG_LEAP)
 
-		algs |= IW_AUTH_ALG_LEAP;
 
-	if (algs == 0) {
 
-		/* at least one algorithm should be set */
 
-		algs = IW_AUTH_ALG_OPEN_SYSTEM;
 
-	}
 
-
 
-	res = wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
 
-					     algs);
 
-	drv->auth_alg_fallback = res == -2;
 
-	return res;
 
-}
 
 #endif /* WEXT_COMPAT */
 
 
 
@@ -2329,6 +2318,9 @@ static int wpa_driver_nl80211_associate(
 
 	int ret = -1;
 
 	struct nl_msg *msg;
 
 
+	wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
 
+					  params->drop_unencrypted);
 
+
 
 #ifdef WEXT_COMPAT
 
 	if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
 
 		return wpa_driver_nl80211_associate_wext(drv, params);
 
@@ -2389,13 +2381,13 @@ nla_put_failure:
 
 
 /**
 
  * wpa_driver_nl80211_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
 
- * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
 
+ * @drv: Pointer to private driver data from wpa_driver_nl80211_init()
 
  * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
 
  * Returns: 0 on success, -1 on failure
 
  */
 
-static int wpa_driver_nl80211_set_mode(void *priv, int mode)
 
+static int wpa_driver_nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
 
+				       int mode)
 
 {
 
-	struct wpa_driver_nl80211_data *drv = priv;
 
 	int ret = -1, flags;
 
 	struct nl_msg *msg;
 
 
@@ -2540,12 +2532,10 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
 
 	.get_bssid = wpa_driver_nl80211_get_bssid,
 
 	.get_ssid = wpa_driver_nl80211_get_ssid,
 
 	.set_key = wpa_driver_nl80211_set_key,
 
-	.set_drop_unencrypted = wpa_driver_nl80211_set_drop_unencrypted,
 
 	.scan2 = wpa_driver_nl80211_scan,
 
 	.get_scan_results2 = wpa_driver_nl80211_get_scan_results,
 
 	.deauthenticate = wpa_driver_nl80211_deauthenticate,
 
 	.disassociate = wpa_driver_nl80211_disassociate,
 
-	.set_mode = wpa_driver_nl80211_set_mode,
 
 	.authenticate = wpa_driver_nl80211_authenticate,
 
 	.associate = wpa_driver_nl80211_associate,
 
 	.init = wpa_driver_nl80211_init,
 
@@ -2556,7 +2546,6 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = {
 
 #ifdef WEXT_COMPAT
 
 	.set_wpa = wpa_driver_nl80211_set_wpa,
 
 	.set_countermeasures = wpa_driver_nl80211_set_countermeasures,
 
-	.set_auth_alg = wpa_driver_nl80211_set_auth_alg,
 
 	.add_pmkid = wpa_driver_nl80211_add_pmkid,
 
 	.remove_pmkid = wpa_driver_nl80211_remove_pmkid,
 
 	.flush_pmkid = wpa_driver_nl80211_flush_pmkid,

+ 2 - 0
wpa_supplicant/wpa_supplicant.c
View File 

@@ -1142,6 +1142,8 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
 
 			params.psk = ssid->psk;
 
 	}
 
 
+	params.drop_unencrypted = use_crypt;
 
+
 
 #ifdef CONFIG_IEEE80211W
 
 	switch (ssid->ieee80211w) {
 
 	case NO_IEEE80211W: