* @proto: Ethertype in host byte order
* @buf: Frame payload starting from IEEE 802.1X header
* @len: Frame payload length
+ * @no_encrypt: Do not encrypt frame
*
* Returns 0 on success, else an error
*
* API users will fall back to sending the frame via a normal socket.
*/
int (*tx_control_port)(void *priv, const u8 *dest,
- u16 proto, const u8 *buf, size_t len);
+ u16 proto, const u8 *buf, size_t len,
+ int no_encrypt);
/**
* hapd_send_eapol - Send an EAPOL packet (AP only)
static int nl80211_tx_control_port(void *priv, const u8 *dest,
- u16 proto, const u8 *buf, size_t len)
+ u16 proto, const u8 *buf, size_t len,
+ int no_encrypt)
{
struct i802_bss *bss = priv;
struct nl_msg *msg;
wpa_printf(MSG_DEBUG,
"nl80211: Send over control port dest=" MACSTR
- " proto=0x%04x len=%u",
- MAC2STR(dest), proto, (unsigned int) len);
+ " proto=0x%04x len=%u no_encrypt=%d",
+ MAC2STR(dest), proto, (unsigned int) len, no_encrypt);
msg = nl80211_bss_msg(bss, 0, NL80211_CMD_CONTROL_PORT_FRAME);
if (!msg ||
nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, proto) ||
nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dest) ||
- nla_put(msg, NL80211_ATTR_FRAME, len, buf)) {
+ nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
+ (no_encrypt &&
+ nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))) {
nlmsg_free(msg);
return -ENOBUFS;
}
}
+int wpa_sm_has_ptk_installed(struct wpa_sm *sm)
+{
+ if (!sm)
+ return 0;
+ return sm->ptk.installed;
+}
+
+
void wpa_sm_update_replay_ctr(struct wpa_sm *sm, const u8 *replay_ctr)
{
os_memcpy(sm->rx_replay_counter, replay_ctr, WPA_REPLAY_COUNTER_LEN);
const void *network_ctx);
void wpa_sm_drop_sa(struct wpa_sm *sm);
int wpa_sm_has_ptk(struct wpa_sm *sm);
+int wpa_sm_has_ptk_installed(struct wpa_sm *sm);
void wpa_sm_update_replay_ctr(struct wpa_sm *sm, const u8 *replay_ctr);
static inline int wpa_drv_tx_control_port(struct wpa_supplicant *wpa_s,
const u8 *dest, u16 proto,
- const u8 *buf, size_t len)
+ const u8 *buf, size_t len,
+ int no_encrypt)
{
if (!wpa_s->driver->tx_control_port)
return -1;
return wpa_s->driver->tx_control_port(wpa_s->drv_priv, dest, proto,
- buf, len);
+ buf, len, no_encrypt);
}
static inline int wpa_drv_hapd_send_eapol(struct wpa_supplicant *wpa_s,
{
struct ibss_rsn_peer *peer = ctx;
struct wpa_supplicant *wpa_s = peer->ibss_rsn->wpa_s;
+ int encrypt = peer->authentication_status & IBSS_RSN_REPORTED_PTK;
- wpa_printf(MSG_DEBUG, "SUPP: %s(dest=" MACSTR " proto=0x%04x "
- "len=%lu)",
- __func__, MAC2STR(dest), proto, (unsigned long) len);
+ wpa_printf(MSG_DEBUG, "SUPP: %s(dest=" MACSTR
+ " proto=0x%04x len=%lu no_encrypt=%d)",
+ __func__, MAC2STR(dest), proto, (unsigned long) len,
+ !encrypt);
if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT)
- return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len);
+ return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len,
+ !encrypt);
if (wpa_s->l2)
return l2_packet_send(wpa_s->l2, dest, proto, buf, len);
}
#endif /* CONFIG_TESTING_OPTIONS */
- if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT)
- return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len);
+ if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) {
+ int encrypt = wpa_s->wpa &&
+ wpa_sm_has_ptk_installed(wpa_s->wpa);
+
+ return wpa_drv_tx_control_port(wpa_s, dest, proto, buf, len,
+ !encrypt);
+ }
if (wpa_s->l2) {
return l2_packet_send(wpa_s->l2, dest, proto, buf, len);
projects / thirdparty / hostap.git / commitdiff
