From: Jouni Malinen <j@w1.fi>
Date: Sat, 20 Dec 2014 15:35:03 +0000 (+0200)
Subject: nl80211: Fix no-encrypt for IEEE 802.1X WEP EAPOL
X-Git-Tag: hostap_2_4~730
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=533fe09b78b8c63b1b339ea5b0a2f8186c2b8d02;p=thirdparty%2Fhostap.git

nl80211: Fix no-encrypt for IEEE 802.1X WEP EAPOL

Commit 9f12614b8cad55e5ec0a50e04d9d3e090df666fd ('nl80211: Do not
encrypt IEEE 802.1X WEP EAPOL') tried to use
NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT to disable encryption of EAPOL
frames for WEP IEEE 802.1X. However, it used incorrect key management
suite (IEEE 802.1X with WPA/WPA2 while the non-WPA version is needed
here). Consequently, the no-encrypt flag was never set to the driver
(WPA/WPA2 cases do not meet the WEP as pairwise criteria).

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 089484960..033723949 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -3246,7 +3246,7 @@ static int wpa_driver_nl80211_set_ap(void *priv,
 		    suites))
 		goto fail;
 
-	if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X &&
+	if (params->key_mgmt_suites & WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
 	    params->pairwise_ciphers & (WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40) &&
 	    nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT))
 		goto fail;