resolve merge conflicts
MFC after: 3 weeks
This commit is contained in:
parent
9c6231a737
commit
8e449bffe3
@ -1,129 +0,0 @@
|
||||
? eapol_version.patch
|
||||
Index: config.c
|
||||
===================================================================
|
||||
RCS file: /home/ncvs/src/contrib/hostapd/config.c,v
|
||||
retrieving revision 1.1.1.3
|
||||
diff -u -r1.1.1.3 config.c
|
||||
--- config.c 7 Mar 2006 05:46:42 -0000 1.1.1.3
|
||||
+++ config.c 27 Mar 2006 05:28:09 -0000
|
||||
@@ -29,6 +29,7 @@
|
||||
#include "sha1.h"
|
||||
#include "eap.h"
|
||||
#include "radius_client.h"
|
||||
+#include "ieee802_1x.h" /* XXX for EAPOL_VERSION */
|
||||
|
||||
|
||||
static struct hostapd_config *hostapd_config_defaults(void)
|
||||
@@ -60,6 +61,7 @@
|
||||
conf->logger_stdout = (unsigned int) -1;
|
||||
|
||||
conf->auth_algs = HOSTAPD_AUTH_OPEN | HOSTAPD_AUTH_SHARED_KEY;
|
||||
+ conf->eapol_version = EAPOL_VERSION; /* NB: default version */
|
||||
|
||||
conf->wpa_group_rekey = 600;
|
||||
conf->wpa_gmk_rekey = 86400;
|
||||
@@ -855,6 +857,17 @@
|
||||
}
|
||||
} else if (strcmp(buf, "eapol_key_index_workaround") == 0) {
|
||||
conf->eapol_key_index_workaround = atoi(pos);
|
||||
+ } else if (strcmp(buf, "eapol_version") == 0) {
|
||||
+ conf->eapol_version = atoi(pos);
|
||||
+ if (conf->eapol_version < 1 ||
|
||||
+ conf->eapol_version > 2) {
|
||||
+ printf("Line %d: invalid EAPOL "
|
||||
+ "version (%d): '%s'.\n",
|
||||
+ line, conf->eapol_version, pos);
|
||||
+ errors++;
|
||||
+ } else
|
||||
+ wpa_printf(MSG_DEBUG, "eapol_version=%d",
|
||||
+ conf->eapol_version);
|
||||
#ifdef CONFIG_IAPP
|
||||
} else if (strcmp(buf, "iapp_interface") == 0) {
|
||||
conf->ieee802_11f = 1;
|
||||
Index: config.h
|
||||
===================================================================
|
||||
RCS file: /home/ncvs/src/contrib/hostapd/config.h,v
|
||||
retrieving revision 1.1.1.2
|
||||
diff -u -r1.1.1.2 config.h
|
||||
--- config.h 7 Mar 2006 05:46:42 -0000 1.1.1.2
|
||||
+++ config.h 27 Mar 2006 05:28:09 -0000
|
||||
@@ -73,6 +73,7 @@
|
||||
* EAP Request-Identity */
|
||||
size_t eap_req_id_text_len;
|
||||
int eapol_key_index_workaround;
|
||||
+ int eapol_version;
|
||||
|
||||
size_t default_wep_key_len;
|
||||
int individual_wep_key_len;
|
||||
Index: hostapd.conf
|
||||
===================================================================
|
||||
RCS file: /home/ncvs/src/contrib/hostapd/hostapd.conf,v
|
||||
retrieving revision 1.1.1.2
|
||||
diff -u -r1.1.1.2 hostapd.conf
|
||||
--- hostapd.conf 7 Mar 2006 05:46:50 -0000 1.1.1.2
|
||||
+++ hostapd.conf 27 Mar 2006 05:28:09 -0000
|
||||
@@ -106,6 +106,14 @@
|
||||
# Require IEEE 802.1X authorization
|
||||
#ieee8021x=1
|
||||
|
||||
+# IEEE 802.1X/EAPOL version
|
||||
+# hostapd is implemented based on IEEE Std 802.1X-2004 which defines EAPOL
|
||||
+# version 2. However, there are some clients that do not handle
|
||||
+# the new version number correctly (they seem to drop the frames completely).
|
||||
+# In order to make hostapd interoperate with these clients, the version number
|
||||
+# can be set to the older version (1) with this configuration value.
|
||||
+#eapol_version=2
|
||||
+
|
||||
# Optional displayable message sent with EAP Request-Identity. The first \0
|
||||
# in this string will be converted to ASCII-0 (nul). This can be used to
|
||||
# separate network info (comma separated list of attribute=value pairs); see,
|
||||
Index: ieee802_1x.c
|
||||
===================================================================
|
||||
RCS file: /home/ncvs/src/contrib/hostapd/ieee802_1x.c,v
|
||||
retrieving revision 1.4
|
||||
diff -u -r1.4 ieee802_1x.c
|
||||
--- ieee802_1x.c 7 Mar 2006 05:51:52 -0000 1.4
|
||||
+++ ieee802_1x.c 27 Mar 2006 05:28:10 -0000
|
||||
@@ -76,7 +76,7 @@
|
||||
#endif
|
||||
|
||||
xhdr = (struct ieee802_1x_hdr *) buf;
|
||||
- xhdr->version = EAPOL_VERSION;
|
||||
+ xhdr->version = hapd->conf->eapol_version;
|
||||
xhdr->type = type;
|
||||
xhdr->length = htons(datalen);
|
||||
|
||||
@@ -324,7 +324,7 @@
|
||||
|
||||
/* This header is needed here for HMAC-MD5, but it will be regenerated
|
||||
* in ieee802_1x_send() */
|
||||
- hdr->version = EAPOL_VERSION;
|
||||
+ hdr->version = hapd->conf->eapol_version;
|
||||
hdr->type = IEEE802_1X_TYPE_EAPOL_KEY;
|
||||
hdr->length = htons(len);
|
||||
hmac_md5(sm->eapol_key_sign, sm->eapol_key_sign_len,
|
||||
@@ -1665,7 +1665,7 @@
|
||||
"dot1xPaePortInitialize=%d\n"
|
||||
"dot1xPaePortReauthenticate=FALSE\n",
|
||||
sta->aid,
|
||||
- EAPOL_VERSION,
|
||||
+ hapd->conf->eapol_version,
|
||||
sm->initialize);
|
||||
|
||||
/* dot1xAuthConfigTable */
|
||||
Index: wpa.c
|
||||
===================================================================
|
||||
RCS file: /home/ncvs/src/contrib/hostapd/wpa.c,v
|
||||
retrieving revision 1.4
|
||||
diff -u -r1.4 wpa.c
|
||||
--- wpa.c 7 Mar 2006 05:51:52 -0000 1.4
|
||||
+++ wpa.c 27 Mar 2006 05:28:12 -0000
|
||||
@@ -1855,7 +1855,7 @@
|
||||
if (hdr == NULL)
|
||||
return;
|
||||
memset(hdr, 0, len);
|
||||
- hdr->version = EAPOL_VERSION;
|
||||
+ hdr->version = hapd->conf->eapol_version;
|
||||
hdr->type = IEEE802_1X_TYPE_EAPOL_KEY;
|
||||
hdr->length = htons(len - sizeof(*hdr));
|
||||
key = (struct wpa_eapol_key *) (hdr + 1);
|
@ -1678,6 +1678,8 @@ int ieee802_1x_init(struct hostapd_data *hapd)
|
||||
|
||||
void ieee802_1x_deinit(struct hostapd_data *hapd)
|
||||
{
|
||||
eloop_cancel_timeout(ieee802_1x_rekey, hapd, NULL);
|
||||
|
||||
if (hapd->driver != NULL &&
|
||||
(hapd->conf->ieee802_1x || hapd->conf->wpa))
|
||||
hostapd_set_ieee8021x(hapd->conf->iface, hapd, 0);
|
||||
|
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* hostapd - IEEE 802.11i-2004 / WPA Authenticator
|
||||
* Copyright (c) 2004-2007, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2004-2008, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License version 2 as
|
||||
@ -107,7 +107,6 @@ struct wpa_state_machine {
|
||||
unsigned int in_step_loop:1;
|
||||
unsigned int pending_deinit:1;
|
||||
unsigned int started:1;
|
||||
unsigned int sta_counted:1;
|
||||
unsigned int mgmt_frame_prot:1;
|
||||
|
||||
u8 req_replay_counter[WPA_REPLAY_COUNTER_LEN];
|
||||
@ -136,7 +135,6 @@ struct wpa_group {
|
||||
int vlan_id;
|
||||
|
||||
Boolean GInit;
|
||||
int GNoStations;
|
||||
int GKeyDoneStations;
|
||||
Boolean GTKReKey;
|
||||
int GTK_len;
|
||||
@ -2687,14 +2685,6 @@ SM_STATE(WPA_PTK, DISCONNECT)
|
||||
SM_STATE(WPA_PTK, DISCONNECTED)
|
||||
{
|
||||
SM_ENTRY_MA(WPA_PTK, DISCONNECTED, wpa_ptk);
|
||||
if (sm->sta_counted) {
|
||||
sm->group->GNoStations--;
|
||||
sm->sta_counted = 0;
|
||||
} else {
|
||||
wpa_printf(MSG_DEBUG, "WPA: WPA_PTK::DISCONNECTED - did not "
|
||||
"decrease GNoStations (STA " MACSTR ")",
|
||||
MAC2STR(sm->addr));
|
||||
}
|
||||
sm->DeauthenticationRequest = FALSE;
|
||||
}
|
||||
|
||||
@ -2702,14 +2692,6 @@ SM_STATE(WPA_PTK, DISCONNECTED)
|
||||
SM_STATE(WPA_PTK, AUTHENTICATION)
|
||||
{
|
||||
SM_ENTRY_MA(WPA_PTK, AUTHENTICATION, wpa_ptk);
|
||||
if (!sm->sta_counted) {
|
||||
sm->group->GNoStations++;
|
||||
sm->sta_counted = 1;
|
||||
} else {
|
||||
wpa_printf(MSG_DEBUG, "WPA: WPA_PTK::DISCONNECTED - did not "
|
||||
"increase GNoStations (STA " MACSTR ")",
|
||||
MAC2STR(sm->addr));
|
||||
}
|
||||
memset(&sm->PTK, 0, sizeof(sm->PTK));
|
||||
sm->PTK_valid = FALSE;
|
||||
wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
|
||||
@ -3221,8 +3203,9 @@ SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED)
|
||||
{
|
||||
SM_ENTRY_MA(WPA_PTK_GROUP, REKEYESTABLISHED, wpa_ptk_group);
|
||||
sm->EAPOLKeyReceived = FALSE;
|
||||
if (sm->GUpdateStationKeys)
|
||||
sm->group->GKeyDoneStations--;
|
||||
sm->GUpdateStationKeys = FALSE;
|
||||
sm->group->GKeyDoneStations--;
|
||||
sm->GTimeoutCtr = 0;
|
||||
/* FIX: MLME.SetProtection.Request(TA, Tx_Rx) */
|
||||
wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
|
||||
@ -3235,7 +3218,8 @@ SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED)
|
||||
SM_STATE(WPA_PTK_GROUP, KEYERROR)
|
||||
{
|
||||
SM_ENTRY_MA(WPA_PTK_GROUP, KEYERROR, wpa_ptk_group);
|
||||
sm->group->GKeyDoneStations--;
|
||||
if (sm->GUpdateStationKeys)
|
||||
sm->group->GKeyDoneStations--;
|
||||
sm->GUpdateStationKeys = FALSE;
|
||||
sm->Disconnect = TRUE;
|
||||
}
|
||||
@ -3311,6 +3295,12 @@ static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth,
|
||||
|
||||
static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
|
||||
{
|
||||
if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
|
||||
wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
|
||||
"Not in PTKINITDONE; skip Group Key update");
|
||||
return 0;
|
||||
}
|
||||
sm->group->GKeyDoneStations++;
|
||||
sm->GUpdateStationKeys = TRUE;
|
||||
wpa_sm_step(sm);
|
||||
return 0;
|
||||
@ -3330,10 +3320,14 @@ static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth,
|
||||
tmp = group->GM;
|
||||
group->GM = group->GN;
|
||||
group->GN = tmp;
|
||||
group->GKeyDoneStations = group->GNoStations;
|
||||
/* "GKeyDoneStations = GNoStations" is done in more robust way by
|
||||
* counting the STAs that are marked with GUpdateStationKeys instead of
|
||||
* including all STAs that could be in not-yet-completed state. */
|
||||
wpa_gtk_update(wpa_auth, group);
|
||||
|
||||
wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, NULL);
|
||||
wpa_printf(MSG_DEBUG, "wpa_group_setkeys: GKeyDoneStations=%d",
|
||||
group->GKeyDoneStations);
|
||||
}
|
||||
|
||||
|
||||
@ -3782,13 +3776,6 @@ int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id)
|
||||
wpa_printf(MSG_DEBUG, "WPA: Moving STA " MACSTR " to use group state "
|
||||
"machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id);
|
||||
|
||||
if (sm->group && sm->group != group && sm->sta_counted) {
|
||||
sm->group->GNoStations--;
|
||||
sm->sta_counted = 0;
|
||||
wpa_printf(MSG_DEBUG, "WLA: Decreased GNoStations for the "
|
||||
"previously used group state machine");
|
||||
}
|
||||
|
||||
sm->group = group;
|
||||
return 0;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user