diff options
| author | Jouni Malinen <jouni@qca.qualcomm.com> | 2011-09-21 11:11:33 -0400 |
|---|---|---|
| committer | John W. Linville <linville@tuxdriver.com> | 2011-09-27 14:29:54 -0400 |
| commit | 6d30240e3d68f1da7303801f840132d0821f1767 (patch) | |
| tree | 56bb2d85ccda77d9d12187cc699e9820d3161de7 /net | |
| parent | 37a41b4affa33bb237d3692bf51f1b5ebcaf29d8 (diff) | |
cfg80211: Remove strict validation of AKM suites
NL80211_ATTR_AKM_SUITES can be used to configure new AKMs, like FT or
the SHA-256 -based AKMs or FT from 802.11r/802.11w. In addition, vendor
specific AKMs could be used. The current validation code for the connect
command prevents cfg80211-based drivers from using these mechanisms even
if the driver would not actually use this AKM value (i.e., it uses
WPA/RSN IE from user space). mac80211-based drivers allow any AKM to be
used since this value is not used there.
Remove the unnecessary validation step in cfg80211 to allow drivers to
decide what AKMs are supported. In theory, we could handle this by
advertising supported AKMs, but that would not be very effective unless
we enforce all drivers (including mac80211) to advertise the set of
supported AKMs. This would require additional changes in many places
whenever a new AKM is introduced even though no actually functionality
changes may be required in most drivers.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net')
| -rw-r--r-- | net/wireless/nl80211.c | 12 |
1 files changed, 1 insertions, 11 deletions
diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 3c6427abdf34..1722998f4984 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c | |||
| @@ -4126,12 +4126,6 @@ static bool nl80211_valid_wpa_versions(u32 wpa_versions) | |||
| 4126 | NL80211_WPA_VERSION_2)); | 4126 | NL80211_WPA_VERSION_2)); |
| 4127 | } | 4127 | } |
| 4128 | 4128 | ||
| 4129 | static bool nl80211_valid_akm_suite(u32 akm) | ||
| 4130 | { | ||
| 4131 | return akm == WLAN_AKM_SUITE_8021X || | ||
| 4132 | akm == WLAN_AKM_SUITE_PSK; | ||
| 4133 | } | ||
| 4134 | |||
| 4135 | static bool nl80211_valid_cipher_suite(u32 cipher) | 4129 | static bool nl80211_valid_cipher_suite(u32 cipher) |
| 4136 | { | 4130 | { |
| 4137 | return cipher == WLAN_CIPHER_SUITE_WEP40 || | 4131 | return cipher == WLAN_CIPHER_SUITE_WEP40 || |
| @@ -4295,7 +4289,7 @@ static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, | |||
| 4295 | 4289 | ||
| 4296 | if (info->attrs[NL80211_ATTR_AKM_SUITES]) { | 4290 | if (info->attrs[NL80211_ATTR_AKM_SUITES]) { |
| 4297 | void *data; | 4291 | void *data; |
| 4298 | int len, i; | 4292 | int len; |
| 4299 | 4293 | ||
| 4300 | data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); | 4294 | data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); |
| 4301 | len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); | 4295 | len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); |
| @@ -4305,10 +4299,6 @@ static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, | |||
| 4305 | return -EINVAL; | 4299 | return -EINVAL; |
| 4306 | 4300 | ||
| 4307 | memcpy(settings->akm_suites, data, len); | 4301 | memcpy(settings->akm_suites, data, len); |
| 4308 | |||
| 4309 | for (i = 0; i < settings->n_ciphers_pairwise; i++) | ||
| 4310 | if (!nl80211_valid_akm_suite(settings->akm_suites[i])) | ||
| 4311 | return -EINVAL; | ||
| 4312 | } | 4302 | } |
| 4313 | 4303 | ||
| 4314 | return 0; | 4304 | return 0; |