On Wed, 2008-12-17 at 14:05 +0200, Jouni Malinen wrote:
> On Wed, Dec 17, 2008 at 12:30:11PM +0100, Johannes Berg wrote:
> > On Wed, 2008-12-17 at 13:32 +0200, Jouni Malinen wrote:
> > > + if (vif->type != NL80211_IFTYPE_AP) {
> > > + /* Only keyidx 0 should be used with unicast key, but
> > > + * allow this for client mode for now. */
> > > + idx = key->keyidx;
> >
> > Hey, good point, should we make the check in mac80211 stricter as well?
> > I know we accept non-zero pairwise key idx for some broken pairwise WEP
> > implementations, but that's only relevant for STA as you note.
>
> Doing that in non-Managed modes in mac80211 sounds reasonable. I don't
> see any point in making it easier for people to make APs that do such a
> silly thing with WEP ;-). I did not look at more details here from the
> mac80211 view point, I just knew it would break the key cache changes I
> was working on for ath9k.
Right. This is what I had in mind:
--- a/net/mac80211/wext.c
+++ b/net/mac80211/wext.c
@@ -76,9 +76,12 @@ static int ieee80211_set_encryption(struct ieee80211_sub_if_data *sdata, u8 *sta
* According to the standard, the key index of a
* pairwise key must be zero. However, some AP are
* broken when it comes to WEP key indices, so we
- * work around this.
+ * work around this by allowing to set such keys
+ * on STA mode interfaces.
*/
- if (idx != 0 && alg != ALG_WEP) {
+ if (idx != 0 &&
+ (sdata->vif.type != NL80211_IF_TYPE_STATION ||
+ alg != ALG_WEP))) {
ieee80211_key_free(key);
err = -EINVAL;
goto out_unlock;
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
