diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c index 721be4da1..ebc0dba9a 100644 --- a/src/ap/ap_drv_ops.c +++ b/src/ap/ap_drv_ops.c @@ -724,6 +724,7 @@ int hostapd_drv_set_key(const char *ifname, struct hostapd_data *hapd, params.key_len = key_len; params.vlan_id = vlan_id; params.key_flag = key_flag; + params.link_id = -1; return hapd->driver->set_key(hapd->drv_priv, ¶ms); } diff --git a/src/drivers/driver.h b/src/drivers/driver.h index 82fec2174..9d81eda15 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -1788,6 +1788,12 @@ struct wpa_driver_set_key_params { * %KEY_FLAG_RX_TX * RX/TX key. */ enum key_flag key_flag; + + /** + * link_id - MLO Link ID + * + * Set to a valid Link ID (0-14) when applicable, otherwise -1. */ + int link_id; }; enum wpa_driver_if_type { diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 38e3f825c..399fc2bd0 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -3345,6 +3345,7 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, size_t key_len = params->key_len; int vlan_id = params->vlan_id; enum key_flag key_flag = params->key_flag; + int link_id = params->link_id; /* Ignore for P2P Device */ if (drv->nlmode == NL80211_IFTYPE_P2P_DEVICE) @@ -3352,9 +3353,10 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, ifindex = if_nametoindex(ifname); wpa_printf(MSG_DEBUG, "%s: ifindex=%d (%s) alg=%d addr=%p key_idx=%d " - "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x", + "set_tx=%d seq_len=%lu key_len=%lu key_flag=0x%x link_id=%d", __func__, ifindex, ifname, alg, addr, key_idx, set_tx, - (unsigned long) seq_len, (unsigned long) key_len, key_flag); + (unsigned long) seq_len, (unsigned long) key_len, key_flag, + link_id); if (check_key_flag(key_flag)) { wpa_printf(MSG_DEBUG, "%s: invalid key_flag", __func__); @@ -3481,6 +3483,12 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, goto fail; } + if (link_id != -1) { + wpa_printf(MSG_DEBUG, "nl80211: Link ID %d", link_id); + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) + goto fail; + } + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if ((ret == -ENOENT || ret == -ENOLINK) && alg == WPA_ALG_NONE) ret = 0; @@ -3543,6 +3551,13 @@ static int wpa_driver_nl80211_set_key(struct i802_bss *bss, goto fail; } + if (link_id != -1) { + wpa_printf(MSG_DEBUG, "nl80211: set_key default - Link ID %d", + link_id); + if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) + goto fail; + } + ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if (ret) wpa_printf(MSG_DEBUG, @@ -3870,6 +3885,7 @@ retry: os_memset(&p, 0, sizeof(p)); p.ifname = bss->ifname; p.alg = WPA_ALG_WEP; + p.link_id = -1; for (i = 0; i < 4; i++) { if (!params->wep_key[i]) continue; diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c index c26a63d82..97537ee19 100644 --- a/src/rsn_supp/tdls.c +++ b/src/rsn_supp/tdls.c @@ -180,7 +180,7 @@ static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len) static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) { - if (wpa_sm_set_key(sm, WPA_ALG_NONE, peer->addr, + if (wpa_sm_set_key(sm, -1, WPA_ALG_NONE, peer->addr, 0, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from " "the driver"); @@ -230,7 +230,7 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer) wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR, MAC2STR(peer->addr)); - if (wpa_sm_set_key(sm, alg, peer->addr, 0, 1, rsc, sizeof(rsc), + if (wpa_sm_set_key(sm, -1, alg, peer->addr, 0, 1, rsc, sizeof(rsc), peer->tpk.tk, key_len, KEY_FLAG_PAIRWISE_RX_TX) < 0) { wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the " diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c index 15e44106e..846c8b33c 100644 --- a/src/rsn_supp/wpa.c +++ b/src/rsn_supp/wpa.c @@ -1068,9 +1068,9 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm, wpa_hexdump(MSG_DEBUG, "WPA: RSC", key_rsc, rsclen); } - if (wpa_sm_set_key(sm, alg, wpa_sm_get_auth_addr(sm), sm->keyidx_active, - 1, key_rsc, rsclen, sm->ptk.tk, keylen, - KEY_FLAG_PAIRWISE | key_flag) < 0) { + if (wpa_sm_set_key(sm, -1, alg, wpa_sm_get_auth_addr(sm), + sm->keyidx_active, 1, key_rsc, rsclen, sm->ptk.tk, + keylen, KEY_FLAG_PAIRWISE | key_flag) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to set PTK to the driver (alg=%d keylen=%d auth_addr=" MACSTR " idx=%d key_flag=0x%x)", @@ -1117,8 +1117,8 @@ static int wpa_supplicant_activate_ptk(struct wpa_sm *sm) "WPA: Activate PTK (idx=%d auth_addr=" MACSTR ")", sm->keyidx_active, MAC2STR(wpa_sm_get_auth_addr(sm))); - if (wpa_sm_set_key(sm, 0, wpa_sm_get_auth_addr(sm), sm->keyidx_active, - 0, NULL, 0, NULL, 0, + if (wpa_sm_set_key(sm, -1, 0, wpa_sm_get_auth_addr(sm), + sm->keyidx_active, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE_RX_TX_MODIFY) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, "WPA: Failed to activate PTK for TX (idx=%d auth_addr=" @@ -1198,7 +1198,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, _gtk = gtk_buf; } if (sm->pairwise_cipher == WPA_CIPHER_NONE) { - if (wpa_sm_set_key(sm, gd->alg, NULL, + if (wpa_sm_set_key(sm, -1, gd->alg, NULL, gd->keyidx, 1, key_rsc, gd->key_rsc_len, _gtk, gd->gtk_len, KEY_FLAG_GROUP_RX_TX_DEFAULT) < 0) { @@ -1208,7 +1208,7 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm, forced_memzero(gtk_buf, sizeof(gtk_buf)); return -1; } - } else if (wpa_sm_set_key(sm, gd->alg, broadcast_ether_addr, + } else if (wpa_sm_set_key(sm, -1, gd->alg, broadcast_ether_addr, gd->keyidx, gd->tx, key_rsc, gd->key_rsc_len, _gtk, gd->gtk_len, KEY_FLAG_GROUP_RX) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, @@ -1361,7 +1361,7 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm, "WPA: Invalid IGTK KeyID %d", keyidx); return -1; } - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, igtk->pn, sizeof(igtk->pn), igtk->igtk, len, KEY_FLAG_GROUP_RX) < 0) { @@ -1430,7 +1430,7 @@ static int wpa_supplicant_install_bigtk(struct wpa_sm *sm, "WPA: Invalid BIGTK KeyID %d", keyidx); return -1; } - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, bigtk->pn, sizeof(bigtk->pn), bigtk->bigtk, len, KEY_FLAG_GROUP_RX) < 0) { @@ -5236,7 +5236,7 @@ int fils_process_assoc_resp(struct wpa_sm *sm, const u8 *resp, size_t len) rsclen = wpa_cipher_rsc_len(sm->pairwise_cipher); wpa_hexdump_key(MSG_DEBUG, "FILS: Set TK to driver", sm->ptk.tk, keylen); - if (wpa_sm_set_key(sm, alg, wpa_sm_get_auth_addr(sm), 0, 1, + if (wpa_sm_set_key(sm, -1, alg, wpa_sm_get_auth_addr(sm), 0, 1, null_rsc, rsclen, sm->ptk.tk, keylen, KEY_FLAG_PAIRWISE_RX_TX) < 0) { wpa_msg(sm->ctx->msg_ctx, MSG_WARNING, diff --git a/src/rsn_supp/wpa.h b/src/rsn_supp/wpa.h index 672c5bc5a..4fe3b1309 100644 --- a/src/rsn_supp/wpa.h +++ b/src/rsn_supp/wpa.h @@ -29,7 +29,7 @@ struct wpa_sm_ctx { enum wpa_states (*get_state)(void *ctx); void (*deauthenticate)(void * ctx, u16 reason_code); void (*reconnect)(void *ctx); - int (*set_key)(void *ctx, enum wpa_alg alg, + int (*set_key)(void *ctx, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag); diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c index 3204af754..70fd34868 100644 --- a/src/rsn_supp/wpa_ft.c +++ b/src/rsn_supp/wpa_ft.c @@ -495,7 +495,7 @@ static int wpa_ft_install_ptk(struct wpa_sm *sm, const u8 *bssid) keylen = wpa_cipher_key_len(sm->pairwise_cipher); /* TODO: AP MLD address for MLO */ - if (wpa_sm_set_key(sm, alg, bssid, 0, 1, null_rsc, sizeof(null_rsc), + if (wpa_sm_set_key(sm, -1, alg, bssid, 0, 1, null_rsc, sizeof(null_rsc), (u8 *) sm->ptk.tk, keylen, KEY_FLAG_PAIRWISE_RX_TX) < 0) { wpa_printf(MSG_WARNING, "FT: Failed to set PTK to the driver"); @@ -851,7 +851,7 @@ static int wpa_ft_process_gtk_subelem(struct wpa_sm *sm, const u8 *gtk_elem, os_memcpy(gtk + 16, gtk + 24, 8); os_memcpy(gtk + 24, tmp, 8); } - if (wpa_sm_set_key(sm, alg, broadcast_ether_addr, keyidx, 0, + if (wpa_sm_set_key(sm, -1, alg, broadcast_ether_addr, keyidx, 0, gtk_elem + 3, rsc_len, gtk, keylen, KEY_FLAG_GROUP_RX) < 0) { wpa_printf(MSG_WARNING, "WPA: Failed to set GTK to the " @@ -918,7 +918,7 @@ static int wpa_ft_process_igtk_subelem(struct wpa_sm *sm, const u8 *igtk_elem, wpa_hexdump_key(MSG_DEBUG, "FT: IGTK from Reassoc Resp", igtk, igtk_len); - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, igtk_elem + 2, 6, igtk, igtk_len, KEY_FLAG_GROUP_RX) < 0) { @@ -986,7 +986,7 @@ static int wpa_ft_process_bigtk_subelem(struct wpa_sm *sm, const u8 *bigtk_elem, wpa_hexdump_key(MSG_DEBUG, "FT: BIGTK from Reassoc Resp", bigtk, bigtk_len); - if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher), + if (wpa_sm_set_key(sm, -1, wpa_cipher_to_alg(sm->mgmt_group_cipher), broadcast_ether_addr, keyidx, 0, bigtk_elem + 2, 6, bigtk, bigtk_len, KEY_FLAG_GROUP_RX) < 0) { diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h index f7b056696..5912a3b8f 100644 --- a/src/rsn_supp/wpa_i.h +++ b/src/rsn_supp/wpa_i.h @@ -240,15 +240,15 @@ static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, u16 reason_code) sm->ctx->deauthenticate(sm->ctx->ctx, reason_code); } -static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg, - const u8 *addr, int key_idx, int set_tx, - const u8 *seq, size_t seq_len, +static inline int wpa_sm_set_key(struct wpa_sm *sm, int link_id, + enum wpa_alg alg, const u8 *addr, int key_idx, + int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag) { WPA_ASSERT(sm->ctx->set_key); - return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx, - seq, seq_len, key, key_len, key_flag); + return sm->ctx->set_key(sm->ctx->ctx, link_id, alg, addr, key_idx, + set_tx, seq, seq_len, key, key_len, key_flag); } static inline void wpa_sm_reconnect(struct wpa_sm *sm) diff --git a/tests/fuzzing/eapol-key-supp/eapol-key-supp.c b/tests/fuzzing/eapol-key-supp/eapol-key-supp.c index 0c7189571..5982c240f 100644 --- a/tests/fuzzing/eapol-key-supp/eapol-key-supp.c +++ b/tests/fuzzing/eapol-key-supp/eapol-key-supp.c @@ -172,14 +172,15 @@ static int supp_get_beacon_ie(void *ctx) } -static int supp_set_key(void *ctx, enum wpa_alg alg, +static int supp_set_key(void *ctx, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag) { wpa_printf(MSG_DEBUG, "SUPP: %s(alg=%d addr=" MACSTR " key_idx=%d " - "set_tx=%d key_flag=0x%x)", - __func__, alg, MAC2STR(addr), key_idx, set_tx, key_flag); + "set_tx=%d key_flag=0x%x link_id=%d)", + __func__, alg, MAC2STR(addr), key_idx, set_tx, key_flag, + link_id); wpa_hexdump(MSG_DEBUG, "SUPP: set_key - seq", seq, seq_len); wpa_hexdump(MSG_DEBUG, "SUPP: set_key - key", key, key_len); return 0; diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 90eb67f2c..6dbab7a28 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -5655,23 +5655,23 @@ static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s) { wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication"); /* MLME-DELETEKEYS.request */ - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL, - 0, KEY_FLAG_PAIRWISE); + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, + NULL, 0, KEY_FLAG_PAIRWISE); if (wpa_sm_ext_key_id(wpa_s->wpa)) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 1, 0, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, wpa_s->bssid, 1, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid, @@ -9996,14 +9996,15 @@ static int wpas_ctrl_reset_pn(struct wpa_supplicant *wpa_s) /* First, use a zero key to avoid any possible duplicate key avoidance * in the driver. */ - if (wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, + if (wpa_drv_set_key(wpa_s, -1, wpa_s->last_tk_alg, wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, zero, wpa_s->last_tk_len, KEY_FLAG_PAIRWISE_RX_TX) < 0) return -1; /* Set the previously configured key to reset its TSC/RSC */ - return wpa_drv_set_key(wpa_s, wpa_s->last_tk_alg, wpa_s->last_tk_addr, + return wpa_drv_set_key(wpa_s, -1, wpa_s->last_tk_alg, + wpa_s->last_tk_addr, wpa_s->last_tk_key_idx, 1, zero, 6, wpa_s->last_tk, wpa_s->last_tk_len, KEY_FLAG_PAIRWISE_RX_TX); diff --git a/wpa_supplicant/driver_i.h b/wpa_supplicant/driver_i.h index 32379ae9c..5dd2a514c 100644 --- a/wpa_supplicant/driver_i.h +++ b/wpa_supplicant/driver_i.h @@ -143,7 +143,7 @@ static inline int wpa_drv_get_ssid(struct wpa_supplicant *wpa_s, u8 *ssid) return -1; } -static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, +static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, @@ -163,6 +163,7 @@ static inline int wpa_drv_set_key(struct wpa_supplicant *wpa_s, params.key = key; params.key_len = key_len; params.key_flag = key_flag; + params.link_id = link_id; if (alg != WPA_ALG_NONE) { /* keyidx = 1 can be either a broadcast or--with diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c index 202afa8a5..7ed3576a8 100644 --- a/wpa_supplicant/events.c +++ b/wpa_supplicant/events.c @@ -2843,8 +2843,8 @@ static int wpa_supplicant_use_own_rsne_params(struct wpa_supplicant *wpa_s, wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, NULL); if (wpa_s->conf->key_mgmt_offload && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD) && - wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, NULL, 0, ssid->psk, - PMK_LEN, KEY_FLAG_PMK)) + wpa_drv_set_key(wpa_s, -1, 0, NULL, 0, 0, NULL, 0, + ssid->psk, PMK_LEN, KEY_FLAG_PMK)) wpa_dbg(wpa_s, MSG_ERROR, "WPA: Cannot set PMK for key management offload"); } diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index 874c2bf1d..5b31f7bb0 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -143,7 +143,7 @@ static void ibss_check_rsn_completed(struct ibss_rsn_peer *peer) } -static int supp_set_key(void *ctx, enum wpa_alg alg, +static int supp_set_key(void *ctx, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, enum key_flag key_flag) @@ -172,8 +172,9 @@ static int supp_set_key(void *ctx, enum wpa_alg alg, if (is_broadcast_ether_addr(addr)) addr = peer->addr; - return wpa_drv_set_key(peer->ibss_rsn->wpa_s, alg, addr, key_idx, - set_tx, seq, seq_len, key, key_len, key_flag); + return wpa_drv_set_key(peer->ibss_rsn->wpa_s, link_id, alg, addr, + key_idx, set_tx, seq, seq_len, key, key_len, + key_flag); } @@ -352,7 +353,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } } - return wpa_drv_set_key(ibss_rsn->wpa_s, alg, addr, idx, + return wpa_drv_set_key(ibss_rsn->wpa_s, -1, alg, addr, idx, 1, seq, 6, key, key_len, key_flag); } @@ -868,7 +869,7 @@ static void ibss_rsn_handle_auth_1_of_2(struct ibss_rsn *ibss_rsn, * still have a pairwise key configured. */ wpa_printf(MSG_DEBUG, "RSN: Clear pairwise key for peer " MACSTR, MAC2STR(addr)); - wpa_drv_set_key(ibss_rsn->wpa_s, WPA_ALG_NONE, addr, 0, 0, + wpa_drv_set_key(ibss_rsn->wpa_s, -1, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); } diff --git a/wpa_supplicant/mesh_mpm.c b/wpa_supplicant/mesh_mpm.c index 2eb9a7ef6..c1ed8c4b5 100644 --- a/wpa_supplicant/mesh_mpm.c +++ b/wpa_supplicant/mesh_mpm.c @@ -879,7 +879,8 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, if (conf->security & MESH_CONF_SEC_AMPE) { wpa_hexdump_key(MSG_DEBUG, "mesh: MTK", sta->mtk, sta->mtk_len); - wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->pairwise_cipher), + wpa_drv_set_key(wpa_s, -1, + wpa_cipher_to_alg(conf->pairwise_cipher), sta->addr, 0, 0, seq, sizeof(seq), sta->mtk, sta->mtk_len, KEY_FLAG_PAIRWISE_RX_TX); @@ -888,7 +889,8 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, sta->mgtk_rsc, sizeof(sta->mgtk_rsc)); wpa_hexdump_key(MSG_DEBUG, "mesh: RX MGTK", sta->mgtk, sta->mgtk_len); - wpa_drv_set_key(wpa_s, wpa_cipher_to_alg(conf->group_cipher), + wpa_drv_set_key(wpa_s, -1, + wpa_cipher_to_alg(conf->group_cipher), sta->addr, sta->mgtk_key_id, 0, sta->mgtk_rsc, sizeof(sta->mgtk_rsc), sta->mgtk, sta->mgtk_len, @@ -900,7 +902,7 @@ static void mesh_mpm_plink_estab(struct wpa_supplicant *wpa_s, wpa_hexdump_key(MSG_DEBUG, "mesh: RX IGTK", sta->igtk, sta->igtk_len); wpa_drv_set_key( - wpa_s, + wpa_s, -1, wpa_cipher_to_alg(conf->mgmt_group_cipher), sta->addr, sta->igtk_key_id, 0, sta->igtk_rsc, sizeof(sta->igtk_rsc), diff --git a/wpa_supplicant/mesh_rsn.c b/wpa_supplicant/mesh_rsn.c index 65daa77c2..12dcc302d 100644 --- a/wpa_supplicant/mesh_rsn.c +++ b/wpa_supplicant/mesh_rsn.c @@ -118,7 +118,7 @@ static int auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg, } wpa_hexdump_key(MSG_DEBUG, "AUTH: set_key - key", key, key_len); - return wpa_drv_set_key(mesh_rsn->wpa_s, alg, addr, idx, + return wpa_drv_set_key(mesh_rsn->wpa_s, -1, alg, addr, idx, 1, seq, 6, key, key_len, key_flag); } @@ -194,7 +194,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, /* group mgmt */ wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX IGTK", rsn->igtk, rsn->igtk_len); - wpa_drv_set_key(rsn->wpa_s, + wpa_drv_set_key(rsn->wpa_s, -1, wpa_cipher_to_alg(rsn->mgmt_group_cipher), broadcast_ether_addr, rsn->igtk_key_id, 1, @@ -205,7 +205,7 @@ static int __mesh_rsn_auth_init(struct mesh_rsn *rsn, const u8 *addr, /* group privacy / data frames */ wpa_hexdump_key(MSG_DEBUG, "mesh: Own TX MGTK", rsn->mgtk, rsn->mgtk_len); - wpa_drv_set_key(rsn->wpa_s, wpa_cipher_to_alg(rsn->group_cipher), + wpa_drv_set_key(rsn->wpa_s, -1, wpa_cipher_to_alg(rsn->group_cipher), broadcast_ether_addr, rsn->mgtk_key_id, 1, seq, sizeof(seq), rsn->mgtk, rsn->mgtk_len, KEY_FLAG_GROUP_TX_DEFAULT); diff --git a/wpa_supplicant/preauth_test.c b/wpa_supplicant/preauth_test.c index 3ae99da04..c7b6e2609 100644 --- a/wpa_supplicant/preauth_test.c +++ b/wpa_supplicant/preauth_test.c @@ -131,7 +131,7 @@ static int wpa_supplicant_get_bssid(void *wpa_s, u8 *bssid) } -static int wpa_supplicant_set_key(void *wpa_s, enum wpa_alg alg, +static int wpa_supplicant_set_key(void *wpa_s, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, diff --git a/wpa_supplicant/wpa_priv.c b/wpa_supplicant/wpa_priv.c index ff1fb6702..31a9af650 100644 --- a/wpa_supplicant/wpa_priv.c +++ b/wpa_supplicant/wpa_priv.c @@ -414,6 +414,7 @@ static void wpa_priv_cmd_set_key(struct wpa_priv_interface *iface, p.key = params->key_len ? params->key : NULL; p.key_len = params->key_len; p.key_flag = params->key_flag; + p.link_id = -1; res = iface->driver->set_key(iface->drv_priv, &p); wpa_printf(MSG_DEBUG, "drv->set_key: res=%d", res); diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c index a56510a48..e2e193c19 100644 --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -143,7 +143,7 @@ int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) continue; set = 1; - wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL, i, i == ssid->wep_tx_keyidx, NULL, 0, ssid->wep_key[i], ssid->wep_key_len[i], i == ssid->wep_tx_keyidx ? @@ -207,7 +207,7 @@ int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, /* TODO: should actually remember the previously used seq#, both for TX * and RX from each STA.. */ - ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, + ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen, KEY_FLAG_GROUP_RX_TX_DEFAULT); os_memset(key, 0, sizeof(key)); return ret; @@ -768,18 +768,18 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) for (i = 0; i < max; i++) { if (wpa_s->keys_cleared & BIT(i)) continue; - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP); } /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */ if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr && !is_zero_ether_addr(addr)) { if (!(wpa_s->keys_cleared & BIT(0))) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, - 0, NULL, 0, KEY_FLAG_PAIRWISE); + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0, + NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); if (!(wpa_s->keys_cleared & BIT(15))) - wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL, - 0, NULL, 0, KEY_FLAG_PAIRWISE); + wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0, + NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); /* MLME-SETPROTECTION.request(None) */ wpa_drv_mlme_setprotection( wpa_s, addr, diff --git a/wpa_supplicant/wpas_glue.c b/wpa_supplicant/wpas_glue.c index 685274875..fc5676e09 100644 --- a/wpa_supplicant/wpas_glue.c +++ b/wpa_supplicant/wpas_glue.c @@ -250,7 +250,7 @@ static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx, else wpa_s->group_cipher = cipher; } - return wpa_drv_set_key(wpa_s, WPA_ALG_WEP, + return wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, unicast ? wpa_s->bssid : NULL, keyidx, unicast, NULL, 0, key, keylen, unicast ? KEY_FLAG_PAIRWISE_RX_TX : @@ -365,7 +365,7 @@ static void wpa_supplicant_eapol_cb(struct eapol_sm *eapol, wpa_hexdump_key(MSG_DEBUG, "RSN: Configure PMK for driver-based 4-way " "handshake", pmk, pmk_len); - if (wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, NULL, 0, pmk, + if (wpa_drv_set_key(wpa_s, -1, 0, NULL, 0, 0, NULL, 0, pmk, pmk_len, KEY_FLAG_PMK)) { wpa_printf(MSG_DEBUG, "Failed to set PMK to the driver"); } @@ -527,7 +527,7 @@ static int wpa_supplicant_get_bssid(void *ctx, u8 *bssid) } -static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, +static int wpa_supplicant_set_key(void *_wpa_s, int link_id, enum wpa_alg alg, const u8 *addr, int key_idx, int set_tx, const u8 *seq, size_t seq_len, const u8 *key, size_t key_len, @@ -556,8 +556,8 @@ static int wpa_supplicant_set_key(void *_wpa_s, enum wpa_alg alg, wpa_s->last_tk_len = key_len; } #endif /* CONFIG_TESTING_OPTIONS */ - return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len, - key, key_len, key_flag); + return wpa_drv_set_key(wpa_s, link_id, alg, addr, key_idx, set_tx, seq, + seq_len, key, key_len, key_flag); } @@ -1253,7 +1253,7 @@ static int wpa_supplicant_key_mgmt_set_pmk(void *ctx, const u8 *pmk, if (wpa_s->conf->key_mgmt_offload && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD)) - return wpa_drv_set_key(wpa_s, 0, NULL, 0, 0, + return wpa_drv_set_key(wpa_s, -1, 0, NULL, 0, 0, NULL, 0, pmk, pmk_len, KEY_FLAG_PMK); else return 0;