From 016525501082f54df2f812582de1a9375ca1ad16 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Thu, 14 May 2009 21:54:47 +0300 Subject: [PATCH] nl80211: Add support for IEEE 802.1X port control in station mode This adds a cleaner mechanism for protecting against unauthorized data frames than the previously used drop_unencrypted mechanism (which is not even available with nl80211 and had to use a WEXT ioctl. The old drop_unencrypted code is left in for now as the final surviving WEXT use in driver_nl80211.c. However, it can be removed from the build by defining NO_WEXT. It may also be removed eventually when most users are expected to be using recent enough kernel version. --- src/drivers/driver_nl80211.c | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 62cf3f6e9..79c7889d1 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3142,6 +3142,8 @@ static int wpa_driver_nl80211_associate( NLA_PUT_U32(msg, NL80211_ATTR_USE_MFP, NL80211_MFP_REQUIRED); #endif /* CONFIG_IEEE80211W */ + NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT); + ret = send_and_recv_msgs(drv, msg, NULL, NULL); msg = NULL; if (ret) { @@ -3271,6 +3273,35 @@ static int wpa_driver_nl80211_set_operstate(void *priv, int state) drv, -1, state ? IF_OPER_UP : IF_OPER_DORMANT); } + +static int wpa_driver_nl80211_set_supp_port(void *priv, int authorized) +{ + struct wpa_driver_nl80211_data *drv = priv; + struct nl_msg *msg; + struct nl80211_sta_flag_update upd; + + msg = nlmsg_alloc(); + if (!msg) + return -ENOMEM; + + genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, + 0, NL80211_CMD_SET_STATION, 0); + + NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, + if_nametoindex(drv->ifname)); + NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, drv->bssid); + + os_memset(&upd, 0, sizeof(upd)); + upd.mask = BIT(NL80211_STA_FLAG_AUTHORIZED); + if (authorized) + upd.set = BIT(NL80211_STA_FLAG_AUTHORIZED); + NLA_PUT(msg, NL80211_ATTR_STA_FLAGS2, sizeof(upd), &upd); + + return send_and_recv_msgs(drv, msg, NULL, NULL); + nla_put_failure: + return -ENOBUFS; +} + #endif /* HOSTAPD */ @@ -4008,6 +4039,7 @@ const struct wpa_driver_ops wpa_driver_nl80211_ops = { .deinit = wpa_driver_nl80211_deinit, .get_capa = wpa_driver_nl80211_get_capa, .set_operstate = wpa_driver_nl80211_set_operstate, + .set_supp_port = wpa_driver_nl80211_set_supp_port, #endif /* HOSTAPD */ .set_country = wpa_driver_nl80211_set_country, .set_mode = wpa_driver_nl80211_set_mode,