Make this more readable by replacing magic numbers with enum values.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
struct hostapd_ssid *ssid = &conf->ssid;
struct sae_password_entry *pw;
- if ((conf->sae_pwe == 0 && !hostapd_sae_pw_id_in_use(conf) &&
+ if ((conf->sae_pwe == SAE_PWE_HUNT_AND_PECK &&
+ !hostapd_sae_pw_id_in_use(conf) &&
!wpa_key_mgmt_sae_ext_key(conf->wpa_key_mgmt) &&
!hostapd_sae_pk_in_use(conf)) ||
- conf->sae_pwe == 3 ||
+ conf->sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK ||
!wpa_key_mgmt_sae(conf->wpa_key_mgmt))
return 0; /* PT not needed */
}
#ifdef CONFIG_SAE
- if (wpa_key_mgmt_sae(bss->wpa_key_mgmt) && !bss->sae_pwe) {
+ if (wpa_key_mgmt_sae(bss->wpa_key_mgmt) &&
+ bss->sae_pwe == SAE_PWE_HUNT_AND_PECK) {
wpa_printf(MSG_INFO, "SAE: Enabling SAE H2E on 6 GHz");
- bss->sae_pwe = 2;
+ bss->sae_pwe = SAE_PWE_BOTH;
}
#endif /* CONFIG_SAE */
unsigned int sae_sync;
int sae_require_mfp;
int sae_confirm_immediate;
- int sae_pwe;
+ enum sae_pwe sae_pwe;
int *sae_groups;
struct sae_password_entry *sae_passwords;
}
#endif /* CONFIG_IEEE80211R_AP */
#ifdef CONFIG_SAE
- if (hapd->conf->sae_pwe == 2 &&
+ if (hapd->conf->sae_pwe == SAE_PWE_BOTH &&
sta->auth_alg == WLAN_AUTH_SAE &&
sta->sae && !sta->sae->h2e &&
ieee802_11_rsnx_capab_len(elems.rsnxe, elems.rsnxe_len,
num++;
if (hapd->iconf->ieee80211ac && hapd->iconf->require_vht)
num++;
- h2e_required = (hapd->conf->sae_pwe == 1 ||
+ h2e_required = (hapd->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
hostapd_sae_pw_id_in_use(hapd->conf) == 2) &&
- hapd->conf->sae_pwe != 3 &&
+ hapd->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK &&
wpa_key_mgmt_sae(hapd->conf->wpa_key_mgmt);
if (h2e_required)
num++;
num++;
if (hapd->iconf->ieee80211ac && hapd->iconf->require_vht)
num++;
- h2e_required = (hapd->conf->sae_pwe == 1 ||
+ h2e_required = (hapd->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
hostapd_sae_pw_id_in_use(hapd->conf) == 2) &&
- hapd->conf->sae_pwe != 3 &&
+ hapd->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK &&
wpa_key_mgmt_sae(hapd->conf->wpa_key_mgmt);
if (h2e_required)
num++;
#endif /* CONFIG_SAE_PK */
}
- if (rx_id && hapd->conf->sae_pwe != 3)
+ if (rx_id && hapd->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
use_pt = 1;
else if (status_code == WLAN_STATUS_SUCCESS)
use_pt = 0;
static int sae_status_success(struct hostapd_data *hapd, u16 status_code)
{
- int sae_pwe = hapd->conf->sae_pwe;
+ enum sae_pwe sae_pwe = hapd->conf->sae_pwe;
int id_in_use;
bool sae_pk = false;
id_in_use = hostapd_sae_pw_id_in_use(hapd->conf);
- if (id_in_use == 2 && sae_pwe != 3)
- sae_pwe = 1;
- else if (id_in_use == 1 && sae_pwe == 0)
- sae_pwe = 2;
+ if (id_in_use == 2 && sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
+ sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
+ else if (id_in_use == 1 && sae_pwe == SAE_PWE_HUNT_AND_PECK)
+ sae_pwe = SAE_PWE_BOTH;
#ifdef CONFIG_SAE_PK
sae_pk = hostapd_sae_pk_in_use(hapd->conf);
- if (sae_pwe == 0 && sae_pk)
- sae_pwe = 2;
+ if (sae_pwe == SAE_PWE_HUNT_AND_PECK && sae_pk)
+ sae_pwe = SAE_PWE_BOTH;
#endif /* CONFIG_SAE_PK */
- if (sae_pwe == 0 &&
+ if (sae_pwe == SAE_PWE_HUNT_AND_PECK &&
(hapd->conf->wpa_key_mgmt &
(WPA_KEY_MGMT_SAE_EXT_KEY | WPA_KEY_MGMT_FT_SAE_EXT_KEY)))
- sae_pwe = 2;
+ sae_pwe = SAE_PWE_BOTH;
- return ((sae_pwe == 0 || sae_pwe == 3) &&
+ return ((sae_pwe == SAE_PWE_HUNT_AND_PECK ||
+ sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) &&
status_code == WLAN_STATUS_SUCCESS) ||
- (sae_pwe == 1 &&
+ (sae_pwe == SAE_PWE_HASH_TO_ELEMENT &&
(status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
(sae_pk && status_code == WLAN_STATUS_SAE_PK))) ||
- (sae_pwe == 2 &&
+ (sae_pwe == SAE_PWE_BOTH &&
(status_code == WLAN_STATUS_SUCCESS ||
status_code == WLAN_STATUS_SAE_HASH_TO_ELEMENT ||
(sae_pk && status_code == WLAN_STATUS_SAE_PK)));
return WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG;
}
- if (hapd->conf->sae_pwe == 2 &&
+ if (hapd->conf->sae_pwe == SAE_PWE_BOTH &&
sta->auth_alg == WLAN_AUTH_SAE &&
sta->sae && !sta->sae->h2e &&
ieee802_11_rsnx_capab_len(elems.rsnxe, elems.rsnxe_len,
#endif /* CONFIG_SAE_PK */
if (wpa_key_mgmt_sae(hapd->conf->wpa_key_mgmt) &&
- (hapd->conf->sae_pwe == 1 || hapd->conf->sae_pwe == 2 ||
+ (hapd->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ hapd->conf->sae_pwe == SAE_PWE_BOTH ||
hostapd_sae_pw_id_in_use(hapd->conf) || sae_pk ||
wpa_key_mgmt_sae_ext_key(hapd->conf->wpa_key_mgmt)) &&
- hapd->conf->sae_pwe != 3) {
+ hapd->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) {
capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
#ifdef CONFIG_SAE_PK
if (sae_pk)
unsigned int fils_cache_id_set:1;
u8 fils_cache_id[FILS_CACHE_ID_LEN];
#endif /* CONFIG_FILS */
- int sae_pwe;
+ enum sae_pwe sae_pwe;
bool sae_pk;
unsigned int secure_ltf:1;
snonce = NULL;
}
rsnxe_used = (auth_alg == WLAN_AUTH_FT) &&
- (conf->sae_pwe == 1 || conf->sae_pwe == 2);
+ (conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ conf->sae_pwe == SAE_PWE_BOTH);
#ifdef CONFIG_TESTING_OPTIONS
if (sm->wpa_auth->conf.ft_rsnxe_used) {
rsnxe_used = sm->wpa_auth->conf.ft_rsnxe_used == 1;
}
if (parse.fte_rsnxe_used &&
- (conf->sae_pwe == 1 || conf->sae_pwe == 2) &&
+ (conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ conf->sae_pwe == SAE_PWE_BOTH) &&
!parse.rsnxe) {
wpa_printf(MSG_INFO,
"FT: FTE indicated that STA uses RSNXE, but RSNXE was not included");
#endif /* CONFIG_FILS */
wconf->sae_pwe = conf->sae_pwe;
sae_pw_id = hostapd_sae_pw_id_in_use(conf);
- if (sae_pw_id == 2 && wconf->sae_pwe != 3)
- wconf->sae_pwe = 1;
- else if (sae_pw_id == 1 && wconf->sae_pwe == 0)
- wconf->sae_pwe = 2;
+ if (sae_pw_id == 2 && wconf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
+ wconf->sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
+ else if (sae_pw_id == 1 && wconf->sae_pwe == SAE_PWE_HUNT_AND_PECK)
+ wconf->sae_pwe = SAE_PWE_BOTH;
#ifdef CONFIG_SAE_PK
wconf->sae_pk = hostapd_sae_pk_in_use(conf);
#endif /* CONFIG_SAE_PK */
size_t flen;
if (wpa_key_mgmt_sae(conf->wpa_key_mgmt) &&
- (conf->sae_pwe == 1 || conf->sae_pwe == 2 || conf->sae_pk ||
+ (conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ conf->sae_pwe == SAE_PWE_BOTH || conf->sae_pk ||
wpa_key_mgmt_sae_ext_key(conf->wpa_key_mgmt))) {
capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
#ifdef CONFIG_SAE_PK
#define MAX_NUM_MLD_LINKS 15
+enum sae_pwe {
+ SAE_PWE_HUNT_AND_PECK = 0,
+ SAE_PWE_HASH_TO_ELEMENT = 1,
+ SAE_PWE_BOTH = 2,
+ SAE_PWE_FORCE_HUNT_AND_PECK = 3,
+ SAE_PWE_NOT_SET = 4,
+};
+
#endif /* DEFS_H */
* 1 = hash-to-element only
* 2 = both hunting-and-pecking loop and hash-to-element enabled
*/
- int sae_pwe;
+ enum sae_pwe sae_pwe;
/**
* disable_eht - Disable EHT for this connection
* 1 = hash-to-element only
* 2 = both hunting-and-pecking loop and hash-to-element enabled
*/
- int sae_pwe;
+ enum sae_pwe sae_pwe;
/**
* FILS Discovery frame minimum interval in TUs
#ifdef CONFIG_SAE
-static int nl80211_put_sae_pwe(struct nl_msg *msg, int pwe)
+static int nl80211_put_sae_pwe(struct nl_msg *msg, enum sae_pwe pwe)
{
u8 sae_pwe;
wpa_printf(MSG_DEBUG, "nl802111: sae_pwe=%d", pwe);
- if (pwe == 0)
+ if (pwe == SAE_PWE_HUNT_AND_PECK)
sae_pwe = NL80211_SAE_PWE_HUNT_AND_PECK;
- else if (pwe == 1)
+ else if (pwe == SAE_PWE_HASH_TO_ELEMENT)
sae_pwe = NL80211_SAE_PWE_HASH_TO_ELEMENT;
- else if (pwe == 2)
+ else if (pwe == SAE_PWE_BOTH)
sae_pwe = NL80211_SAE_PWE_BOTH;
- else if (pwe == 3)
+ else if (pwe == SAE_PWE_FORCE_HUNT_AND_PECK)
return 0; /* special test mode */
else
return -1;
*pos++ = WLAN_EID_FAST_BSS_TRANSITION;
ftie_len = pos++;
rsnxe_used = wpa_key_mgmt_sae(sm->key_mgmt) && anonce &&
- (sm->sae_pwe == 1 || sm->sae_pwe == 2);
+ (sm->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ sm->sae_pwe == SAE_PWE_BOTH);
#ifdef CONFIG_TESTING_OPTIONS
if (anonce && sm->ft_rsnxe_used) {
rsnxe_used = sm->ft_rsnxe_used == 1;
}
own_rsnxe_used = wpa_key_mgmt_sae(sm->key_mgmt) &&
- (sm->sae_pwe == 1 || sm->sae_pwe == 2);
+ (sm->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ sm->sae_pwe == SAE_PWE_BOTH);
if ((sm->ap_rsnxe && !parse.rsnxe && own_rsnxe_used) ||
(!sm->ap_rsnxe && parse.rsnxe) ||
(sm->ap_rsnxe && parse.rsnxe &&
int rsn_enabled; /* Whether RSN is enabled in configuration */
int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */
int ocv; /* Operating Channel Validation */
- int sae_pwe; /* SAE PWE generation options */
+ enum sae_pwe sae_pwe; /* SAE PWE generation options */
unsigned int sae_pk:1; /* whether SAE-PK is used */
unsigned int secure_ltf:1;
size_t flen;
if (wpa_key_mgmt_sae(sm->key_mgmt) &&
- (sm->sae_pwe == 1 || sm->sae_pwe == 2 || sm->sae_pk)) {
+ (sm->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ sm->sae_pwe == SAE_PWE_BOTH || sm->sae_pk)) {
capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
#ifdef CONFIG_SAE_PK
if (sm->sae_pk)
* 1 = hash-to-element only
* 2 = both hunting-and-pecking loop and hash-to-element enabled
*/
- int sae_pwe;
+ enum sae_pwe sae_pwe;
/**
* sae_pmkid_in_assoc - Whether to include PMKID in SAE Assoc Req
#define DEFAULT_MAX_OPER_CHWIDTH -1
/* Consider global sae_pwe for SAE mechanism for PWE derivation */
-#define DEFAULT_SAE_PWE 4
+#define DEFAULT_SAE_PWE SAE_PWE_NOT_SET
struct psk_list_entry {
struct dl_list list;
* 1 = hash-to-element only
* 2 = both hunting-and-pecking loop and hash-to-element enabled
*/
- int sae_pwe;
+ enum sae_pwe sae_pwe;
/**
* disable_eht - Disable EHT (IEEE 802.11be) for this network
#ifdef CONFIG_SAE
if (flagged && ((rate_ie[j] & 0x7f) ==
BSS_MEMBERSHIP_SELECTOR_SAE_H2E_ONLY)) {
- if (wpa_s->conf->sae_pwe == 0 &&
+ if (wpa_s->conf->sae_pwe ==
+ SAE_PWE_HUNT_AND_PECK &&
!ssid->sae_password_id &&
wpa_key_mgmt_sae(ssid->key_mgmt)) {
if (debug_print)
#ifdef CONFIG_SAE
/* When using SAE Password Identifier and when operationg on the 6 GHz
* band, only H2E is allowed. */
- if ((wpa_s->conf->sae_pwe == 1 || is_6ghz_freq(bss->freq) ||
- ssid->sae_password_id) &&
- wpa_s->conf->sae_pwe != 3 && wpa_key_mgmt_sae(ssid->key_mgmt) &&
+ if ((wpa_s->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ is_6ghz_freq(bss->freq) || ssid->sae_password_id) &&
+ wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK &&
+ wpa_key_mgmt_sae(ssid->key_mgmt) &&
!(rsnxe_capa & BIT(WLAN_RSNX_CAPAB_SAE_H2E))) {
if (debug_print)
wpa_dbg(wpa_s, MSG_DEBUG,
ssid->auth_alg |= WPA_AUTH_ALG_SAE;
ssid->key_mgmt = WPA_KEY_MGMT_SAE;
ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
- ssid->sae_pwe = 1;
+ ssid->sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Use SAE auth_alg and key_mgmt");
} else {
p2p_set_6ghz_dev_capab(wpa_s->global->p2p, false);
rsnxe_capa = rsnxe[2];
}
- if (ssid->sae_password_id && wpa_s->conf->sae_pwe != 3)
+ if (ssid->sae_password_id &&
+ wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
use_pt = 1;
if (wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt) &&
- wpa_s->conf->sae_pwe != 3)
+ wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
use_pt = 1;
#ifdef CONFIG_SAE_PK
if ((rsnxe_capa & BIT(WLAN_RSNX_CAPAB_SAE_PK)) &&
}
#endif /* CONFIG_SAE_PK */
- if (use_pt || wpa_s->conf->sae_pwe == 1 || wpa_s->conf->sae_pwe == 2) {
+ if (use_pt || wpa_s->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ wpa_s->conf->sae_pwe == SAE_PWE_BOTH) {
use_pt = !!(rsnxe_capa & BIT(WLAN_RSNX_CAPAB_SAE_H2E));
- if ((wpa_s->conf->sae_pwe == 1 || ssid->sae_password_id ||
+ if ((wpa_s->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT ||
+ ssid->sae_password_id ||
wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) &&
- wpa_s->conf->sae_pwe != 3 &&
+ wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK &&
!use_pt) {
wpa_printf(MSG_DEBUG,
"SAE: Cannot use H2E with the selected AP");
return;
}
- if (wpa_s->conf->sae_pwe)
+ if (wpa_s->conf->sae_pwe != SAE_PWE_HUNT_AND_PECK &&
+ wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
#ifdef CONFIG_SAE_PK
if (ssid->sae_pk)
bool skip_default_rsne)
{
struct wpa_ie_data ie;
- int sel, proto, sae_pwe;
+ int sel, proto;
+ enum sae_pwe sae_pwe;
const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
if (bss) {
sae_pwe = wpa_s->conf->sae_pwe;
if ((ssid->sae_password_id ||
wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) &&
- sae_pwe != 3)
- sae_pwe = 1;
- if (bss && is_6ghz_freq(bss->freq) && sae_pwe == 0) {
+ sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
+ sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
+ if (bss && is_6ghz_freq(bss->freq) &&
+ sae_pwe == SAE_PWE_HUNT_AND_PECK) {
wpa_dbg(wpa_s, MSG_DEBUG,
"RSN: Enable SAE hash-to-element mode for 6 GHz BSS");
- sae_pwe = 2;
+ sae_pwe = SAE_PWE_BOTH;
}
wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
#ifdef CONFIG_SAE_PK
password = ssid->passphrase;
if (!password ||
- (conf->sae_pwe == 0 && !ssid->sae_password_id &&
+ (conf->sae_pwe == SAE_PWE_HUNT_AND_PECK && !ssid->sae_password_id &&
!wpa_key_mgmt_sae_ext_key(ssid->key_mgmt) &&
!sae_pk_valid_password(password)) ||
- conf->sae_pwe == 3) {
+ conf->sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) {
/* PT derivation not needed */
sae_deinit_pt(ssid->pt);
ssid->pt = NULL;
projects / thirdparty / hostap.git / commitdiff
