diff options
author | Vasanthakumar Thiagarajan <vasanth@atheros.com> | 2008-12-23 11:00:50 -0500 |
---|---|---|
committer | John W. Linville <linville@tuxdriver.com> | 2009-01-29 15:58:47 -0500 |
commit | eb46936b9f2b639f4edeeaf9154d49476fc30fe5 (patch) | |
tree | 07c5ba68d5a49c722c019e401d8f8abf53c60e20 | |
parent | 9ee677c2276bfcbcf68042ec2718a504af0c5fd7 (diff) |
mac80211: Scale down to non-HT association with TKIP/WEP as pairwise cipher
As TKIP is not updated to new security needs which arise when
TKIP is used to encrypt A-MPDU aggregated data frames, IEEE802.11n
does not allow any cipher other than CCMP (Which has new extensions
defined) as pairwise cipher between HT peers.
When such configuration (TKIP/WEP in HT) is forced, we still
associate in non-HT mode (11a/b/g).
Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r-- | net/mac80211/ieee80211_i.h | 1 | ||||
-rw-r--r-- | net/mac80211/iface.c | 3 | ||||
-rw-r--r-- | net/mac80211/mlme.c | 9 | ||||
-rw-r--r-- | net/mac80211/wext.c | 12 |
4 files changed, 22 insertions, 3 deletions
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index f3eec989662b..5f8ad885a48a 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h | |||
@@ -258,6 +258,7 @@ struct mesh_preq_queue { | |||
258 | #define IEEE80211_STA_AUTO_BSSID_SEL BIT(11) | 258 | #define IEEE80211_STA_AUTO_BSSID_SEL BIT(11) |
259 | #define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12) | 259 | #define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12) |
260 | #define IEEE80211_STA_PRIVACY_INVOKED BIT(13) | 260 | #define IEEE80211_STA_PRIVACY_INVOKED BIT(13) |
261 | #define IEEE80211_STA_TKIP_WEP_USED BIT(14) | ||
261 | /* flags for MLME request */ | 262 | /* flags for MLME request */ |
262 | #define IEEE80211_STA_REQ_SCAN 0 | 263 | #define IEEE80211_STA_REQ_SCAN 0 |
263 | #define IEEE80211_STA_REQ_DIRECT_PROBE 1 | 264 | #define IEEE80211_STA_REQ_DIRECT_PROBE 1 |
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c index b9074824862a..1eefc5df4954 100644 --- a/net/mac80211/iface.c +++ b/net/mac80211/iface.c | |||
@@ -459,7 +459,8 @@ static int ieee80211_stop(struct net_device *dev) | |||
459 | synchronize_rcu(); | 459 | synchronize_rcu(); |
460 | skb_queue_purge(&sdata->u.sta.skb_queue); | 460 | skb_queue_purge(&sdata->u.sta.skb_queue); |
461 | 461 | ||
462 | sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; | 462 | sdata->u.sta.flags &= ~(IEEE80211_STA_PRIVACY_INVOKED | |
463 | IEEE80211_STA_TKIP_WEP_USED); | ||
463 | kfree(sdata->u.sta.extra_ie); | 464 | kfree(sdata->u.sta.extra_ie); |
464 | sdata->u.sta.extra_ie = NULL; | 465 | sdata->u.sta.extra_ie = NULL; |
465 | sdata->u.sta.extra_ie_len = 0; | 466 | sdata->u.sta.extra_ie_len = 0; |
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index 2b890af01ba4..b688425d7555 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c | |||
@@ -391,10 +391,17 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata, | |||
391 | } | 391 | } |
392 | 392 | ||
393 | /* wmm support is a must to HT */ | 393 | /* wmm support is a must to HT */ |
394 | /* | ||
395 | * IEEE802.11n does not allow TKIP/WEP as pairwise | ||
396 | * ciphers in HT mode. We still associate in non-ht | ||
397 | * mode (11a/b/g) if any one of these ciphers is | ||
398 | * configured as pairwise. | ||
399 | */ | ||
394 | if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) && | 400 | if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) && |
395 | sband->ht_cap.ht_supported && | 401 | sband->ht_cap.ht_supported && |
396 | (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && | 402 | (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && |
397 | ht_ie[1] >= sizeof(struct ieee80211_ht_info)) { | 403 | ht_ie[1] >= sizeof(struct ieee80211_ht_info) && |
404 | (!(ifsta->flags & IEEE80211_STA_TKIP_WEP_USED))) { | ||
398 | struct ieee80211_ht_info *ht_info = | 405 | struct ieee80211_ht_info *ht_info = |
399 | (struct ieee80211_ht_info *)(ht_ie + 2); | 406 | (struct ieee80211_ht_info *)(ht_ie + 2); |
400 | u16 cap = sband->ht_cap.cap; | 407 | u16 cap = sband->ht_cap.cap; |
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c index 7162d5816f39..011592fd4528 100644 --- a/net/mac80211/wext.c +++ b/net/mac80211/wext.c | |||
@@ -903,12 +903,22 @@ static int ieee80211_ioctl_siwauth(struct net_device *dev, | |||
903 | 903 | ||
904 | switch (data->flags & IW_AUTH_INDEX) { | 904 | switch (data->flags & IW_AUTH_INDEX) { |
905 | case IW_AUTH_WPA_VERSION: | 905 | case IW_AUTH_WPA_VERSION: |
906 | case IW_AUTH_CIPHER_PAIRWISE: | ||
907 | case IW_AUTH_CIPHER_GROUP: | 906 | case IW_AUTH_CIPHER_GROUP: |
908 | case IW_AUTH_WPA_ENABLED: | 907 | case IW_AUTH_WPA_ENABLED: |
909 | case IW_AUTH_RX_UNENCRYPTED_EAPOL: | 908 | case IW_AUTH_RX_UNENCRYPTED_EAPOL: |
910 | case IW_AUTH_KEY_MGMT: | 909 | case IW_AUTH_KEY_MGMT: |
911 | break; | 910 | break; |
911 | case IW_AUTH_CIPHER_PAIRWISE: | ||
912 | if (sdata->vif.type == NL80211_IFTYPE_STATION) { | ||
913 | if (data->value & (IW_AUTH_CIPHER_WEP40 | | ||
914 | IW_AUTH_CIPHER_WEP104 | IW_AUTH_CIPHER_TKIP)) | ||
915 | sdata->u.sta.flags |= | ||
916 | IEEE80211_STA_TKIP_WEP_USED; | ||
917 | else | ||
918 | sdata->u.sta.flags &= | ||
919 | ~IEEE80211_STA_TKIP_WEP_USED; | ||
920 | } | ||
921 | break; | ||
912 | case IW_AUTH_DROP_UNENCRYPTED: | 922 | case IW_AUTH_DROP_UNENCRYPTED: |
913 | sdata->drop_unencrypted = !!data->value; | 923 | sdata->drop_unencrypted = !!data->value; |
914 | break; | 924 | break; |