aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVasanthakumar Thiagarajan <vasanth@atheros.com>2008-12-23 11:00:50 -0500
committerJohn W. Linville <linville@tuxdriver.com>2009-01-29 15:58:47 -0500
commiteb46936b9f2b639f4edeeaf9154d49476fc30fe5 (patch)
tree07c5ba68d5a49c722c019e401d8f8abf53c60e20
parent9ee677c2276bfcbcf68042ec2718a504af0c5fd7 (diff)
mac80211: Scale down to non-HT association with TKIP/WEP as pairwise cipher
As TKIP is not updated to new security needs which arise when TKIP is used to encrypt A-MPDU aggregated data frames, IEEE802.11n does not allow any cipher other than CCMP (Which has new extensions defined) as pairwise cipher between HT peers. When such configuration (TKIP/WEP in HT) is forced, we still associate in non-HT mode (11a/b/g). Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-rw-r--r--net/mac80211/ieee80211_i.h1
-rw-r--r--net/mac80211/iface.c3
-rw-r--r--net/mac80211/mlme.c9
-rw-r--r--net/mac80211/wext.c12
4 files changed, 22 insertions, 3 deletions
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index f3eec989662b..5f8ad885a48a 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -258,6 +258,7 @@ struct mesh_preq_queue {
258#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11) 258#define IEEE80211_STA_AUTO_BSSID_SEL BIT(11)
259#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12) 259#define IEEE80211_STA_AUTO_CHANNEL_SEL BIT(12)
260#define IEEE80211_STA_PRIVACY_INVOKED BIT(13) 260#define IEEE80211_STA_PRIVACY_INVOKED BIT(13)
261#define IEEE80211_STA_TKIP_WEP_USED BIT(14)
261/* flags for MLME request */ 262/* flags for MLME request */
262#define IEEE80211_STA_REQ_SCAN 0 263#define IEEE80211_STA_REQ_SCAN 0
263#define IEEE80211_STA_REQ_DIRECT_PROBE 1 264#define IEEE80211_STA_REQ_DIRECT_PROBE 1
diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c
index b9074824862a..1eefc5df4954 100644
--- a/net/mac80211/iface.c
+++ b/net/mac80211/iface.c
@@ -459,7 +459,8 @@ static int ieee80211_stop(struct net_device *dev)
459 synchronize_rcu(); 459 synchronize_rcu();
460 skb_queue_purge(&sdata->u.sta.skb_queue); 460 skb_queue_purge(&sdata->u.sta.skb_queue);
461 461
462 sdata->u.sta.flags &= ~IEEE80211_STA_PRIVACY_INVOKED; 462 sdata->u.sta.flags &= ~(IEEE80211_STA_PRIVACY_INVOKED |
463 IEEE80211_STA_TKIP_WEP_USED);
463 kfree(sdata->u.sta.extra_ie); 464 kfree(sdata->u.sta.extra_ie);
464 sdata->u.sta.extra_ie = NULL; 465 sdata->u.sta.extra_ie = NULL;
465 sdata->u.sta.extra_ie_len = 0; 466 sdata->u.sta.extra_ie_len = 0;
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 2b890af01ba4..b688425d7555 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -391,10 +391,17 @@ static void ieee80211_send_assoc(struct ieee80211_sub_if_data *sdata,
391 } 391 }
392 392
393 /* wmm support is a must to HT */ 393 /* wmm support is a must to HT */
394 /*
395 * IEEE802.11n does not allow TKIP/WEP as pairwise
396 * ciphers in HT mode. We still associate in non-ht
397 * mode (11a/b/g) if any one of these ciphers is
398 * configured as pairwise.
399 */
394 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) && 400 if (wmm && (ifsta->flags & IEEE80211_STA_WMM_ENABLED) &&
395 sband->ht_cap.ht_supported && 401 sband->ht_cap.ht_supported &&
396 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) && 402 (ht_ie = ieee80211_bss_get_ie(bss, WLAN_EID_HT_INFORMATION)) &&
397 ht_ie[1] >= sizeof(struct ieee80211_ht_info)) { 403 ht_ie[1] >= sizeof(struct ieee80211_ht_info) &&
404 (!(ifsta->flags & IEEE80211_STA_TKIP_WEP_USED))) {
398 struct ieee80211_ht_info *ht_info = 405 struct ieee80211_ht_info *ht_info =
399 (struct ieee80211_ht_info *)(ht_ie + 2); 406 (struct ieee80211_ht_info *)(ht_ie + 2);
400 u16 cap = sband->ht_cap.cap; 407 u16 cap = sband->ht_cap.cap;
diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index 7162d5816f39..011592fd4528 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -903,12 +903,22 @@ static int ieee80211_ioctl_siwauth(struct net_device *dev,
903 903
904 switch (data->flags & IW_AUTH_INDEX) { 904 switch (data->flags & IW_AUTH_INDEX) {
905 case IW_AUTH_WPA_VERSION: 905 case IW_AUTH_WPA_VERSION:
906 case IW_AUTH_CIPHER_PAIRWISE:
907 case IW_AUTH_CIPHER_GROUP: 906 case IW_AUTH_CIPHER_GROUP:
908 case IW_AUTH_WPA_ENABLED: 907 case IW_AUTH_WPA_ENABLED:
909 case IW_AUTH_RX_UNENCRYPTED_EAPOL: 908 case IW_AUTH_RX_UNENCRYPTED_EAPOL:
910 case IW_AUTH_KEY_MGMT: 909 case IW_AUTH_KEY_MGMT:
911 break; 910 break;
911 case IW_AUTH_CIPHER_PAIRWISE:
912 if (sdata->vif.type == NL80211_IFTYPE_STATION) {
913 if (data->value & (IW_AUTH_CIPHER_WEP40 |
914 IW_AUTH_CIPHER_WEP104 | IW_AUTH_CIPHER_TKIP))
915 sdata->u.sta.flags |=
916 IEEE80211_STA_TKIP_WEP_USED;
917 else
918 sdata->u.sta.flags &=
919 ~IEEE80211_STA_TKIP_WEP_USED;
920 }
921 break;
912 case IW_AUTH_DROP_UNENCRYPTED: 922 case IW_AUTH_DROP_UNENCRYPTED:
913 sdata->drop_unencrypted = !!data->value; 923 sdata->drop_unencrypted = !!data->value;
914 break; 924 break;