Use wpa_key_mgmt_*() helpers

This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 6708244551dcbf6ee47b4ea7e1c7d886e1a62d9c..107d37ab8cdae7fb84559547a43fb2eb13b8802d 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1075,8 +1075,7 @@ static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
        }
 
 #ifdef CONFIG_IEEE80211R
-       if ((bss->wpa_key_mgmt &
-            (WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X)) &&
+       if (wpa_key_mgmt_ft(bss->wpa_key_mgmt) &&
            (bss->nas_identifier == NULL ||
             os_strlen(bss->nas_identifier) < 1 ||
             os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index a8a9bd4ed012a9ade95ee0058892a6643f13ff87..35a47f1681b7f6ba22189795f6bf9e6a304180fb 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -347,9 +347,7 @@ static void handle_auth(struct hostapd_data *hapd,
        if (!(((hapd->conf->auth_algs & WPA_AUTH_ALG_OPEN) &&
               auth_alg == WLAN_AUTH_OPEN) ||
 #ifdef CONFIG_IEEE80211R
-             (hapd->conf->wpa &&
-              (hapd->conf->wpa_key_mgmt &
-               (WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK)) &&
+             (hapd->conf->wpa && wpa_key_mgmt_ft(hapd->conf->wpa_key_mgmt) &&
               auth_alg == WLAN_AUTH_FT) ||
 #endif /* CONFIG_IEEE80211R */
              ((hapd->conf->auth_algs & WPA_AUTH_ALG_SHARED) &&

diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
index 5e8d1349b1dec102d119a9c863ddb2b1c7134ded..4db04bbe4a2f64209b2ed86825a72da00919b054 100644 (file)
--- a/src/ap/wpa_auth_ie.c
+++ b/src/ap/wpa_auth_ie.c
@@ -341,8 +341,7 @@ int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth)
                pos += res;
        }
 #ifdef CONFIG_IEEE80211R
-       if (wpa_auth->conf.wpa_key_mgmt &
-           (WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK)) {
+       if (wpa_key_mgmt_ft(wpa_auth->conf.wpa_key_mgmt)) {
                res = wpa_write_mdie(&wpa_auth->conf, pos,
                                     buf + sizeof(buf) - pos);
                if (res < 0)

diff --git a/src/common/defs.h b/src/common/defs.h
index f00cf3aedf40a9d80dccfd174f60bc87adcbc419..60820536f31ed9eeb549836d0eb8060e529097fc 100644 (file)
--- a/src/common/defs.h
+++ b/src/common/defs.h
@@ -76,6 +76,11 @@ static inline int wpa_key_mgmt_wpa(int akm)
                wpa_key_mgmt_wpa_psk(akm);
 }
 
+static inline int wpa_key_mgmt_wpa_any(int akm)
+{
+       return wpa_key_mgmt_wpa(akm) || (akm & WPA_KEY_MGMT_WPA_NONE);
+}
+
 
 #define WPA_PROTO_WPA BIT(0)
 #define WPA_PROTO_RSN BIT(1)

diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index 33d0d4ddf78505ad3104dee78e9effb7e741ad25..8ea03abe3d244ebfd30f37254c57cf050947f3aa 100644 (file)
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -104,9 +104,7 @@ static int wpa_config_validate_network(struct wpa_ssid *ssid, int line)
                wpa_config_update_psk(ssid);
        }
 
-       if ((ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK |
-                              WPA_KEY_MGMT_PSK_SHA256)) &&
-           !ssid->psk_set) {
+       if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set) {
                wpa_printf(MSG_ERROR, "Line %d: WPA-PSK accepted for key "
                           "management, but no PSK configured.", line);
                errors++;

diff --git a/wpa_supplicant/config_winreg.c b/wpa_supplicant/config_winreg.c
index ea3a2acd60baec01f4f2c2d5ae14fbe1d1678670..5fb25808ca57acaef87320e6217365c67456f988 100644 (file)
--- a/wpa_supplicant/config_winreg.c
+++ b/wpa_supplicant/config_winreg.c
@@ -350,9 +350,7 @@ static struct wpa_ssid * wpa_config_read_network(HKEY hk, const TCHAR *netw,
                wpa_config_update_psk(ssid);
        }
 
-       if ((ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK |
-                              WPA_KEY_MGMT_PSK_SHA256)) &&
-           !ssid->psk_set) {
+       if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set) {
                wpa_printf(MSG_ERROR, "WPA-PSK accepted for key management, "
                           "but no PSK configured for network '" TSTR "'.",
                           netw);

diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index 70106003e54165a8b96ccb25ff200cff92358d8b..c9e53caf3c544ea8d7e4ef4a809fca37807216ef 100644 (file)
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -70,11 +70,7 @@ static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s)
 
        wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the "
                "current AP");
-       if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
-                             WPA_KEY_MGMT_WPA_NONE |
-                             WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X |
-                             WPA_KEY_MGMT_PSK_SHA256 |
-                             WPA_KEY_MGMT_IEEE8021X_SHA256)) {
+       if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
                u8 wpa_ie[80];
                size_t wpa_ie_len = sizeof(wpa_ie);
                wpa_supplicant_set_suites(wpa_s, NULL, ssid,

diff --git a/wpa_supplicant/sme.c b/wpa_supplicant/sme.c
index 3416d6805e991dffe062328072c82ca79ab6c73f..b63f4bbbaf43c2bd558b883e99fb410b8bb3b5cd 100644 (file)
--- a/wpa_supplicant/sme.c
+++ b/wpa_supplicant/sme.c
@@ -115,11 +115,7 @@ void sme_authenticate(struct wpa_supplicant *wpa_s,
 
        if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
             wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
-           (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
-                              WPA_KEY_MGMT_FT_IEEE8021X |
-                              WPA_KEY_MGMT_FT_PSK |
-                              WPA_KEY_MGMT_IEEE8021X_SHA256 |
-                              WPA_KEY_MGMT_PSK_SHA256))) {
+           wpa_key_mgmt_wpa(ssid->key_mgmt)) {
                int try_opportunistic;
                try_opportunistic = ssid->proactive_key_caching &&
                        (ssid->proto & WPA_PROTO_RSN);
@@ -135,11 +131,7 @@ void sme_authenticate(struct wpa_supplicant *wpa_s,
                                "key management and encryption suites");
                        return;
                }
-       } else if (ssid->key_mgmt &
-                  (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
-                   WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
-                   WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
-                   WPA_KEY_MGMT_IEEE8021X_SHA256)) {
+       } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
                wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
                if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
                                              wpa_s->sme.assoc_req_ie,
@@ -178,8 +170,7 @@ void sme_authenticate(struct wpa_supplicant *wpa_s,
                wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
        }
 
-       if (md && ssid->key_mgmt & (WPA_KEY_MGMT_FT_PSK |
-                                   WPA_KEY_MGMT_FT_IEEE8021X)) {
+       if (md && wpa_key_mgmt_ft(ssid->key_mgmt)) {
                if (wpa_s->sme.assoc_req_ie_len + 5 <
                    sizeof(wpa_s->sme.assoc_req_ie)) {
                        struct rsn_mdie *mdie;

diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index 2b3140e4ff282ce57b96643caf2456f293f3f82a..7f944b22c20da160797562b154e7dda25cfc0391 100644 (file)
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1080,9 +1080,7 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
                return -1;
        }
 
-       if (ssid->key_mgmt &
-           (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
-       {
+       if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
                wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
 #ifndef CONFIG_NO_PBKDF2
                if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
@@ -1224,11 +1222,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
 
        if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
                    wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
-           (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
-                              WPA_KEY_MGMT_FT_IEEE8021X |
-                              WPA_KEY_MGMT_FT_PSK |
-                              WPA_KEY_MGMT_IEEE8021X_SHA256 |
-                              WPA_KEY_MGMT_PSK_SHA256))) {
+           wpa_key_mgmt_wpa(ssid->key_mgmt)) {
                int try_opportunistic;
                try_opportunistic = ssid->proactive_key_caching &&
                        (ssid->proto & WPA_PROTO_RSN);
@@ -1243,11 +1237,7 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
                                "key management and encryption suites");
                        return;
                }
-       } else if (ssid->key_mgmt &
-                  (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
-                   WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
-                   WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
-                   WPA_KEY_MGMT_IEEE8021X_SHA256)) {
+       } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
                wpa_ie_len = sizeof(wpa_ie);
                if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
                                              wpa_ie, &wpa_ie_len)) {