Use wpa_key_mgmt_*() helpers
This cleans up the source code and makes it less likely that new AKM addition misses some needed changes in the future. Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
8e8280bd5e
commit
0bf927a03e
9 changed files with 17 additions and 43 deletions
|
|
@ -1075,8 +1075,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef CONFIG_IEEE80211R
|
#ifdef CONFIG_IEEE80211R
|
||||||
if ((bss->wpa_key_mgmt &
|
if (wpa_key_mgmt_ft(bss->wpa_key_mgmt) &&
|
||||||
(WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X)) &&
|
|
||||||
(bss->nas_identifier == NULL ||
|
(bss->nas_identifier == NULL ||
|
||||||
os_strlen(bss->nas_identifier) < 1 ||
|
os_strlen(bss->nas_identifier) < 1 ||
|
||||||
os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {
|
os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {
|
||||||
|
|
|
||||||
|
|
@ -347,9 +347,7 @@ static void handle_auth(struct hostapd_data *hapd,
|
||||||
if (!(((hapd->conf->auth_algs & WPA_AUTH_ALG_OPEN) &&
|
if (!(((hapd->conf->auth_algs & WPA_AUTH_ALG_OPEN) &&
|
||||||
auth_alg == WLAN_AUTH_OPEN) ||
|
auth_alg == WLAN_AUTH_OPEN) ||
|
||||||
#ifdef CONFIG_IEEE80211R
|
#ifdef CONFIG_IEEE80211R
|
||||||
(hapd->conf->wpa &&
|
(hapd->conf->wpa && wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt) &&
|
||||||
(hapd->conf->wpa_key_mgmt &
|
|
||||||
(WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK)) &&
|
|
||||||
auth_alg == WLAN_AUTH_FT) ||
|
auth_alg == WLAN_AUTH_FT) ||
|
||||||
#endif /* CONFIG_IEEE80211R */
|
#endif /* CONFIG_IEEE80211R */
|
||||||
((hapd->conf->auth_algs & WPA_AUTH_ALG_SHARED) &&
|
((hapd->conf->auth_algs & WPA_AUTH_ALG_SHARED) &&
|
||||||
|
|
|
||||||
|
|
@ -341,8 +341,7 @@ int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
|
||||||
pos += res;
|
pos += res;
|
||||||
}
|
}
|
||||||
#ifdef CONFIG_IEEE80211R
|
#ifdef CONFIG_IEEE80211R
|
||||||
if (wpa_auth->conf.wpa_key_mgmt &
|
if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
|
||||||
(WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK)) {
|
|
||||||
res = wpa_write_mdie(&wpa_auth->conf, pos,
|
res = wpa_write_mdie(&wpa_auth->conf, pos,
|
||||||
buf + sizeof(buf) - pos);
|
buf + sizeof(buf) - pos);
|
||||||
if (res < 0)
|
if (res < 0)
|
||||||
|
|
|
||||||
|
|
@ -76,6 +76,11 @@ static inline int wpa_key_mgmt_wpa(int akm)
|
||||||
wpa_key_mgmt_wpa_psk(akm);
|
wpa_key_mgmt_wpa_psk(akm);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static inline int wpa_key_mgmt_wpa_any(int akm)
|
||||||
|
{
|
||||||
|
return wpa_key_mgmt_wpa(akm) || (akm & WPA_KEY_MGMT_WPA_NONE);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#define WPA_PROTO_WPA BIT(0)
|
#define WPA_PROTO_WPA BIT(0)
|
||||||
#define WPA_PROTO_RSN BIT(1)
|
#define WPA_PROTO_RSN BIT(1)
|
||||||
|
|
|
||||||
|
|
@ -104,9 +104,7 @@ static int wpa_config_validate_network(struct wpa_ssid *ssid, int line)
|
||||||
wpa_config_update_psk(ssid);
|
wpa_config_update_psk(ssid);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK |
|
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set) {
|
||||||
WPA_KEY_MGMT_PSK_SHA256)) &&
|
|
||||||
!ssid->psk_set) {
|
|
||||||
wpa_printf(MSG_ERROR, "Line %d: WPA-PSK accepted for key "
|
wpa_printf(MSG_ERROR, "Line %d: WPA-PSK accepted for key "
|
||||||
"management, but no PSK configured.", line);
|
"management, but no PSK configured.", line);
|
||||||
errors++;
|
errors++;
|
||||||
|
|
|
||||||
|
|
@ -350,9 +350,7 @@ static struct wpa_ssid * wpa_config_read_network(HKEY hk, const TCHAR *netw,
|
||||||
wpa_config_update_psk(ssid);
|
wpa_config_update_psk(ssid);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK |
|
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set) {
|
||||||
WPA_KEY_MGMT_PSK_SHA256)) &&
|
|
||||||
!ssid->psk_set) {
|
|
||||||
wpa_printf(MSG_ERROR, "WPA-PSK accepted for key management, "
|
wpa_printf(MSG_ERROR, "WPA-PSK accepted for key management, "
|
||||||
"but no PSK configured for network '" TSTR "'.",
|
"but no PSK configured for network '" TSTR "'.",
|
||||||
netw);
|
netw);
|
||||||
|
|
|
||||||
|
|
@ -70,11 +70,7 @@ static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s)
|
||||||
|
|
||||||
wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the "
|
wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the "
|
||||||
"current AP");
|
"current AP");
|
||||||
if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
|
if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
|
||||||
WPA_KEY_MGMT_WPA_NONE |
|
|
||||||
WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X |
|
|
||||||
WPA_KEY_MGMT_PSK_SHA256 |
|
|
||||||
WPA_KEY_MGMT_IEEE8021X_SHA256)) {
|
|
||||||
u8 wpa_ie[80];
|
u8 wpa_ie[80];
|
||||||
size_t wpa_ie_len = sizeof(wpa_ie);
|
size_t wpa_ie_len = sizeof(wpa_ie);
|
||||||
wpa_supplicant_set_suites(wpa_s, NULL, ssid,
|
wpa_supplicant_set_suites(wpa_s, NULL, ssid,
|
||||||
|
|
|
||||||
|
|
@ -115,11 +115,7 @@ void sme_authenticate(struct wpa_supplicant *wpa_s,
|
||||||
|
|
||||||
if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
|
if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
|
||||||
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
||||||
(ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
|
wpa_key_mgmt_wpa(ssid->key_mgmt)) {
|
||||||
WPA_KEY_MGMT_FT_IEEE8021X |
|
|
||||||
WPA_KEY_MGMT_FT_PSK |
|
|
||||||
WPA_KEY_MGMT_IEEE8021X_SHA256 |
|
|
||||||
WPA_KEY_MGMT_PSK_SHA256))) {
|
|
||||||
int try_opportunistic;
|
int try_opportunistic;
|
||||||
try_opportunistic = ssid->proactive_key_caching &&
|
try_opportunistic = ssid->proactive_key_caching &&
|
||||||
(ssid->proto & WPA_PROTO_RSN);
|
(ssid->proto & WPA_PROTO_RSN);
|
||||||
|
|
@ -135,11 +131,7 @@ void sme_authenticate(struct wpa_supplicant *wpa_s,
|
||||||
"key management and encryption suites");
|
"key management and encryption suites");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
} else if (ssid->key_mgmt &
|
} else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
|
||||||
(WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
|
|
||||||
WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
|
|
||||||
WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
|
|
||||||
WPA_KEY_MGMT_IEEE8021X_SHA256)) {
|
|
||||||
wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
|
wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
|
||||||
if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
|
if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
|
||||||
wpa_s->sme.assoc_req_ie,
|
wpa_s->sme.assoc_req_ie,
|
||||||
|
|
@ -178,8 +170,7 @@ void sme_authenticate(struct wpa_supplicant *wpa_s,
|
||||||
wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
|
wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (md && ssid->key_mgmt & (WPA_KEY_MGMT_FT_PSK |
|
if (md && wpa_key_mgmt_ft(ssid->key_mgmt)) {
|
||||||
WPA_KEY_MGMT_FT_IEEE8021X)) {
|
|
||||||
if (wpa_s->sme.assoc_req_ie_len + 5 <
|
if (wpa_s->sme.assoc_req_ie_len + 5 <
|
||||||
sizeof(wpa_s->sme.assoc_req_ie)) {
|
sizeof(wpa_s->sme.assoc_req_ie)) {
|
||||||
struct rsn_mdie *mdie;
|
struct rsn_mdie *mdie;
|
||||||
|
|
|
||||||
|
|
@ -1080,9 +1080,7 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ssid->key_mgmt &
|
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
|
||||||
(WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
|
|
||||||
{
|
|
||||||
wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
|
wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
|
||||||
#ifndef CONFIG_NO_PBKDF2
|
#ifndef CONFIG_NO_PBKDF2
|
||||||
if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
|
if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
|
||||||
|
|
@ -1224,11 +1222,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
|
||||||
|
|
||||||
if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
|
if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
|
||||||
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
|
||||||
(ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
|
wpa_key_mgmt_wpa(ssid->key_mgmt)) {
|
||||||
WPA_KEY_MGMT_FT_IEEE8021X |
|
|
||||||
WPA_KEY_MGMT_FT_PSK |
|
|
||||||
WPA_KEY_MGMT_IEEE8021X_SHA256 |
|
|
||||||
WPA_KEY_MGMT_PSK_SHA256))) {
|
|
||||||
int try_opportunistic;
|
int try_opportunistic;
|
||||||
try_opportunistic = ssid->proactive_key_caching &&
|
try_opportunistic = ssid->proactive_key_caching &&
|
||||||
(ssid->proto & WPA_PROTO_RSN);
|
(ssid->proto & WPA_PROTO_RSN);
|
||||||
|
|
@ -1243,11 +1237,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
|
||||||
"key management and encryption suites");
|
"key management and encryption suites");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
} else if (ssid->key_mgmt &
|
} else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
|
||||||
(WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
|
|
||||||
WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
|
|
||||||
WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
|
|
||||||
WPA_KEY_MGMT_IEEE8021X_SHA256)) {
|
|
||||||
wpa_ie_len = sizeof(wpa_ie);
|
wpa_ie_len = sizeof(wpa_ie);
|
||||||
if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
|
if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
|
||||||
wpa_ie, &wpa_ie_len)) {
|
wpa_ie, &wpa_ie_len)) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue