From 697cd03fc28bdcd24434347930854f2f3d5789b4 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Thu, 15 Sep 2011 15:02:59 +0300 Subject: [PATCH] AP: Set pairwise/group cipher for non-WPA modes This is needed to avoid confusing configuration in some nl80211 drivers that the new AP mode configuration alternatives for setting security policy. --- hostapd/config_file.c | 21 +++++++++++++++++++-- wpa_supplicant/ap.c | 21 +++++++++++++++++++-- 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/hostapd/config_file.c b/hostapd/config_file.c index bfd480983..6ffa98137 100644 --- a/hostapd/config_file.c +++ b/hostapd/config_file.c @@ -2099,12 +2099,29 @@ struct hostapd_config * hostapd_config_read(const char *fname) } else if (bss->wpa) { bss->ssid.security_policy = SECURITY_WPA_PSK; } else if (bss->ieee802_1x) { + int cipher = WPA_CIPHER_NONE; bss->ssid.security_policy = SECURITY_IEEE_802_1X; bss->ssid.wep.default_len = bss->default_wep_key_len; - } else if (bss->ssid.wep.keys_set) + if (bss->default_wep_key_len) + cipher = bss->default_wep_key_len >= 13 ? + WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; + bss->wpa_group = cipher; + bss->wpa_pairwise = cipher; + bss->rsn_pairwise = cipher; + } else if (bss->ssid.wep.keys_set) { + int cipher = WPA_CIPHER_WEP40; + if (bss->ssid.wep.len[0] >= 13) + cipher = WPA_CIPHER_WEP104; bss->ssid.security_policy = SECURITY_STATIC_WEP; - else + bss->wpa_group = cipher; + bss->wpa_pairwise = cipher; + bss->rsn_pairwise = cipher; + } else { bss->ssid.security_policy = SECURITY_PLAINTEXT; + bss->wpa_group = WPA_CIPHER_NONE; + bss->wpa_pairwise = WPA_CIPHER_NONE; + bss->rsn_pairwise = WPA_CIPHER_NONE; + } } if (hostapd_config_check(conf)) diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c index b5ae6ddfd..dd44523f2 100644 --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c @@ -181,12 +181,29 @@ static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, else if (bss->wpa) bss->ssid.security_policy = SECURITY_WPA_PSK; else if (bss->ieee802_1x) { + int cipher = WPA_CIPHER_NONE; bss->ssid.security_policy = SECURITY_IEEE_802_1X; bss->ssid.wep.default_len = bss->default_wep_key_len; - } else if (bss->ssid.wep.keys_set) + if (bss->default_wep_key_len) + cipher = bss->default_wep_key_len >= 13 ? + WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; + bss->wpa_group = cipher; + bss->wpa_pairwise = cipher; + bss->rsn_pairwise = cipher; + } else if (bss->ssid.wep.keys_set) { + int cipher = WPA_CIPHER_WEP40; + if (bss->ssid.wep.len[0] >= 13) + cipher = WPA_CIPHER_WEP104; bss->ssid.security_policy = SECURITY_STATIC_WEP; - else + bss->wpa_group = cipher; + bss->wpa_pairwise = cipher; + bss->rsn_pairwise = cipher; + } else { bss->ssid.security_policy = SECURITY_PLAINTEXT; + bss->wpa_group = WPA_CIPHER_NONE; + bss->wpa_pairwise = WPA_CIPHER_NONE; + bss->rsn_pairwise = WPA_CIPHER_NONE; + } #ifdef CONFIG_WPS /*