mac80211: Scale down to non-HT association with TKIP/WEP as pairwise cipher

As TKIP is not updated to new security needs which arise when
TKIP is used to encrypt A-MPDU aggregated data frames, IEEE802.11n
does not allow any cipher other than CCMP (Which has new extensions
defined) as pairwise cipher between HT peers.

When such configuration (TKIP/WEP in HT) is forced, we still
associate in non-HT mode (11a/b/g).

Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>

1 files changed, 11 insertions, 1 deletions

diff --git a/net/mac80211/wext.c b/net/mac80211/wext.c
index 7162d5816f39..011592fd4528 100644
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -903,12 +903,22 @@ static int ieee80211_ioctl_siwauth(struct net_device *dev,
 
         switch (data->flags & IW_AUTH_INDEX) {
         case IW_AUTH_WPA_VERSION:
-        case IW_AUTH_CIPHER_PAIRWISE:
         case IW_AUTH_CIPHER_GROUP:
         case IW_AUTH_WPA_ENABLED:
         case IW_AUTH_RX_UNENCRYPTED_EAPOL:
         case IW_AUTH_KEY_MGMT:
                 break;
+        case IW_AUTH_CIPHER_PAIRWISE:
+                if (sdata->vif.type == NL80211_IFTYPE_STATION) {
+                        if (data->value & (IW_AUTH_CIPHER_WEP40 |
+                            IW_AUTH_CIPHER_WEP104 | IW_AUTH_CIPHER_TKIP))
+                                sdata->u.sta.flags |=
+                                        IEEE80211_STA_TKIP_WEP_USED;
+                        else
+                                sdata->u.sta.flags &=
+                                        ~IEEE80211_STA_TKIP_WEP_USED;
+                }
+                break;
         case IW_AUTH_DROP_UNENCRYPTED:
                 sdata->drop_unencrypted = !!data->value;
                 break;