Add IGTK/MFP configuration (disabled by default)

Added code to use suggested nl80211/cfg80211 API for setting MFP related parameters. This is disabled by default since the API changes has not yet been approved. The new commands can be enabled by defining NL80211_MFP_PENDING (this will be removed once the API changes is approved).
2008-06-18 11:23:59 +03:00 · 2008-06-18 11:23:59 +03:00 · eb0699b6ba
commit eb0699b6ba
parent 089165e6a4
1 changed files with 38 additions and 6 deletions
--- a/hostapd/driver_nl80211.c
+++ b/hostapd/driver_nl80211.c
@ -177,11 +177,10 @@ static int hostapd_set_iface_flags(struct i802_driver_data *drv,
 }


-static int i802_set_encryption(const char *iface, void *priv, const char *alg,
-			       const u8 *addr, int idx, const u8 *key,
-			       size_t key_len, int txkey)
+static int nl_set_encr(int ifindex, struct i802_driver_data *drv,
+		       const char *alg, const u8 *addr, int idx, const u8 *key,
+		       size_t key_len, int txkey)
 {
-	struct i802_driver_data *drv = priv;
 	struct nl_msg *msg;
 	int ret = -1;
 	int err = 0;
@ -220,7 +219,7 @@ static int i802_set_encryption(const char *iface, void *priv, const char *alg,
 	if (addr)
 		NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
 	NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
-	NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
+	NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);

 	if (nl_send_auto_complete(drv->nl_handle, msg) < 0 ||
 	    (err = nl_wait_for_ack(drv->nl_handle)) < 0) {
@ -248,8 +247,15 @@ static int i802_set_encryption(const char *iface, void *priv, const char *alg,
 	genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
 		    0, NL80211_CMD_SET_KEY, 0);
 	NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, idx);
-	NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(iface));
+	NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifindex);
+#ifdef NL80211_MFP_PENDING
+	if (strcmp(alg, "IGTK") == 0)
+		NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT_MGMT);
+	else
+		NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
+#else /* NL80211_MFP_PENDING */
 	NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
+#endif /* NL80211_MFP_PENDING */

 	if (nl_send_auto_complete(drv->nl_handle, msg) < 0 ||
 	    (err = nl_wait_for_ack(drv->nl_handle)) < 0) {
@ -268,6 +274,27 @@ static int i802_set_encryption(const char *iface, void *priv, const char *alg,
 }


+static int i802_set_encryption(const char *iface, void *priv, const char *alg,
+			       const u8 *addr, int idx, const u8 *key,
+			       size_t key_len, int txkey)
+{
+	struct i802_driver_data *drv = priv;
+	int ret;
+
+	ret = nl_set_encr(if_nametoindex(iface), drv, alg, addr, idx, key,
+			  key_len, txkey);
+	if (ret < 0)
+		return ret;
+
+	if (strcmp(alg, "IGTK") == 0) {
+		ret = nl_set_encr(drv->monitor_ifidx, drv, alg, addr, idx, key,
+				  key_len, txkey);
+	}
+
+	return ret;
+}
+
+
 static inline int min_int(int a, int b)
 {
 	if (a < b)
@ -866,6 +893,11 @@ static int i802_sta_set_flags(void *priv, const u8 *addr,
 	if (total_flags & WLAN_STA_SHORT_PREAMBLE)
 		NLA_PUT_FLAG(flags, NL80211_STA_FLAG_SHORT_PREAMBLE);

+#ifdef NL80211_MFP_PENDING
+	if (total_flags & WLAN_STA_MFP)
+		NLA_PUT_FLAG(flags, NL80211_STA_FLAG_MFP);
+#endif /* NL80211_MFP_PENDING */
+
 	if (nla_put_nested(msg, NL80211_ATTR_STA_FLAGS, flags))
 		goto nla_put_failure;