diff options
author | Antonio Quartulli <ordex@autistici.org> | 2012-02-12 18:08:34 +0200 |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2012-02-12 21:12:22 +0200 |
commit | e640888c5e6a9931c6785648714da4dffe48ab52 (patch) | |
tree | 7bf88c3c184566710d1f9308c2109609df34bbf1 | |
parent | 2df4c4ef2f7330caddd874e930aa7826e1e2be62 (diff) | |
download | external_wpa_supplicant_8_ti-e640888c5e6a9931c6785648714da4dffe48ab52.zip external_wpa_supplicant_8_ti-e640888c5e6a9931c6785648714da4dffe48ab52.tar.gz external_wpa_supplicant_8_ti-e640888c5e6a9931c6785648714da4dffe48ab52.tar.bz2 |
IBSS RSN: Support authorization
In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new
stations. This patch makes wpa_supplicant notify the driver when a
station can be considered authorized.
Signed-hostap: Antonio Quartulli <ordex@autistici.org>
-rw-r--r-- | src/drivers/driver_nl80211.c | 8 | ||||
-rw-r--r-- | wpa_supplicant/ibss_rsn.c | 48 |
2 files changed, 56 insertions, 0 deletions
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 07f92b8..4425a03 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -6421,6 +6421,14 @@ retry: NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid); } + if (params->key_mgmt_suite == KEY_MGMT_802_1X || + params->key_mgmt_suite == KEY_MGMT_PSK || + params->key_mgmt_suite == KEY_MGMT_802_1X_SHA256 || + params->key_mgmt_suite == KEY_MGMT_PSK_SHA256) { + wpa_printf(MSG_DEBUG, " * control port"); + NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT); + } + if (params->wpa_ie) { wpa_hexdump(MSG_DEBUG, " * Extra IEs for Beacon/Probe Response frames", diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c index cd702c1..046f181 100644 --- a/wpa_supplicant/ibss_rsn.c +++ b/wpa_supplicant/ibss_rsn.c @@ -314,6 +314,53 @@ static int auth_for_each_sta(void *ctx, int (*cb)(struct wpa_state_machine *sm, } +static void ibss_set_sta_authorized(struct ibss_rsn *ibss_rsn, + struct ibss_rsn_peer *peer, int authorized) +{ + int res; + + if (authorized) { + res = wpa_drv_sta_set_flags(ibss_rsn->wpa_s, peer->addr, + WPA_STA_AUTHORIZED, + WPA_STA_AUTHORIZED, ~0); + wpa_printf(MSG_DEBUG, "AUTH: " MACSTR " authorizing port", + MAC2STR(peer->addr)); + } else { + res = wpa_drv_sta_set_flags(ibss_rsn->wpa_s, peer->addr, + 0, 0, ~WPA_STA_AUTHORIZED); + wpa_printf(MSG_DEBUG, "AUTH: " MACSTR " unauthorizing port", + MAC2STR(peer->addr)); + } + + if (res && errno != ENOENT) { + wpa_printf(MSG_DEBUG, "Could not set station " MACSTR " flags " + "for kernel driver (errno=%d)", + MAC2STR(peer->addr), errno); + } +} + + +static void auth_set_eapol(void *ctx, const u8 *addr, + wpa_eapol_variable var, int value) +{ + struct ibss_rsn *ibss_rsn = ctx; + struct ibss_rsn_peer *peer = ibss_rsn_get_peer(ibss_rsn, addr); + + if (peer == NULL) + return; + + switch (var) { + case WPA_EAPOL_authorized: + ibss_set_sta_authorized(ibss_rsn, peer, value); + break; + default: + /* do not handle any other event */ + wpa_printf(MSG_DEBUG, "AUTH: eapol event not handled %d", var); + break; + } +} + + static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn, const u8 *own_addr) { @@ -334,6 +381,7 @@ static int ibss_rsn_auth_init_group(struct ibss_rsn *ibss_rsn, os_memset(&cb, 0, sizeof(cb)); cb.ctx = ibss_rsn; cb.logger = auth_logger; + cb.set_eapol = auth_set_eapol; cb.send_eapol = auth_send_eapol; cb.get_psk = auth_get_psk; cb.set_key = auth_set_key; |