CFT: wpa_supplicant key handling fix
Sam Leffler
sam at errno.com
Fri Feb 17 11:49:36 PST 2006
Attached are two changes; one for wpa_supplicant/driver_freebsd.c that
corrects how what it passes into the kernel when requesting a key with a
fixed key index. The other is a fix to
src/sys/net80211/ieee80211_ioctl.c so that setting a key in slots 0-3
[1-4] forces them to be set there (previously the driver was permitted
to assign a different hardware key index). I believe these two changes
together fix problems people have reported with ap's that want stations
to plumb keys at key indices > 0. This should also fix similar issues
with setup of shared key wep at non-zero indices.
Please test and report any issues directly to me. I've tested wpa-psk
and the code's been otherwise reviewed so should be safe to use.
Sam
-------------- next part --------------
? wpa_supplicant.patch
Index: driver_freebsd.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/wpa/wpa_supplicant/driver_freebsd.c,v
retrieving revision 1.8
diff -u -r1.8 driver_freebsd.c
--- driver_freebsd.c 30 Aug 2005 15:59:49 -0000 1.8
+++ driver_freebsd.c 8 Feb 2006 17:55:03 -0000
@@ -311,10 +311,11 @@
if (bcmp(addr, "\xff\xff\xff\xff\xff\xff", IEEE80211_ADDR_LEN) == 0) {
wk.ik_flags |= IEEE80211_KEY_GROUP;
wk.ik_keyix = key_idx;
- if (set_tx)
- wk.ik_flags |= IEEE80211_KEY_DEFAULT;
- } else
- wk.ik_keyix = IEEE80211_KEYIX_NONE;
+ } else {
+ wk.ik_keyix = (key_idx == 0 ? IEEE80211_KEYIX_NONE : key_idx);
+ }
+ if (wk.ik_keyix != IEEE80211_KEYIX_NONE && set_tx)
+ wk.ik_flags |= IEEE80211_KEY_DEFAULT;
wk.ik_keylen = key_len;
memcpy(&wk.ik_keyrsc, seq, seq_len);
memcpy(wk.ik_keydata, key, key_len);
-------------- next part --------------
Index: ieee80211_ioctl.c
===================================================================
RCS file: /usr/ncvs/src/sys/net80211/ieee80211_ioctl.c,v
retrieving revision 1.43
diff -u -r1.43 ieee80211_ioctl.c
--- ieee80211_ioctl.c 18 Jan 2006 22:17:50 -0000 1.43
+++ ieee80211_ioctl.c 7 Feb 2006 16:58:15 -0000
@@ -1718,6 +1718,12 @@
if (kid >= IEEE80211_WEP_NKID)
return EINVAL;
wk = &ic->ic_nw_keys[kid];
+ /*
+ * Global slots start off w/o any assigned key index.
+ * Force one here for consistency with IEEE80211_IOC_WEPKEY.
+ */
+ if (wk->wk_keyix == IEEE80211_KEYIX_NONE)
+ wk->wk_keyix = kid;
ni = NULL;
}
error = 0;
More information about the freebsd-current
mailing list