STA shared-key authentication support

Amit Gurdasani gurdasani
Sat Nov 16 22:20:30 PST 2002 

Oops, missed a break; on failure, so the record is set even if invalid input
is provided. This should fix that.

==========================================================================
--- hostap_ioctl.c.1.19	2002-11-16 20:38:01.000000000 -0500
+++ hostap_ioctl.c	2002-11-17 01:15:44.000000000 -0500
@@ -1990,6 +1990,35 @@
 	case PRISM2_PARAM_AP_AUTH_ALGS:
 		if (local->ap != NULL)
 			local->ap->auth_algs = value;
+
+		if (local -> iw_mode != IW_MODE_MASTER) {
+			/*
+			 * hack to enable STA-side shared key auth
+			 *
+			 * See if we've been passed a valid value. The only
+			 * values allowed are 1 (open system) and 2 (shared
+			 * key).
+			 */
+			if (value < 1 || value > 2) {
+				printk (KERN_WARNING "%s: Authentication "
+				        "system %d is unknown. (1 = open, "
+					"2 = shared key)\n",
+					local -> dev -> name, value);
+				ret = -EINVAL;
+				break;
+			}
+			/* set the auth record to requested */
+			if (hostap_set_word (local -> dev,
+			                     HFA384X_RID_CNFAUTHENTICATION,
+			                     value)) {
+				printk (KERN_WARNING "%s: Could not set "
+				        "authentication system to %s.\n",
+					local -> dev -> name,
+					(value ? "open" : "shared key"));
+				ret = -EINVAL;
+				break;
+			}
+		}
 		break;

 	case PRISM2_PARAM_MONITOR_ALLOW_FCSERR:
==========================================================================

On Sat, 16 Nov 2002, Amit Gurdasani wrote:

:Hi, all. I'm new to this list, and I've perused the mailing list archives
:and didn't see this addressed, so please be gentle. :)
:
:I wanted to use shared-key authentication with my (Host)AP, but found that
:hostap_cs currently doesn't support shared-key authentication, so I've
:prepared a hack that adds this functionality (based on what linux-wlan-ng
:does).
:
:This 'overloads' the ap_auth_algs IOCTL parameter, so that in non-Master
:mode, setting the parameter will cause the authentication system record to
:be changed. The effect is that by setting it to 2 using
:
:prism2_param wlan0 ap_auth_algs 2
:
:will enable client-side shared-key authentication.
:
:It seems to work well for me (secondary f/w 1.4.9 with firmware-based WEP
:encryption and decryption enabled). I haven't tested it with any other
:configurations, so YMMV.
:
:Changing it to 1 (open-system auth) and then using iwpriv on AP side to
:kickmac prevented association from occurring (the AP is set to accept
:shared-key auth only), and then changing it to 2, the STA was automatically
:able to associate. Applying the patch AP-side had no effect (and no
:regression).
:
:This patch is against the current CVS HEAD hostap_ioctl.c as obtained from
:CVSWeb, though I tested it with the 2002-10-12 tarball.
:
:Thanks for your excellent work, Jouni and others. (For the record, with
:firmware WEP encryption and decryption enabled, and with a 104-bit key,
:hostap_cs is able to get away with 30-40% of the CPU utilization of
:linux-wlan-ng, which pegs the 400 MHz CPU in this laptop at close to 100%
:while doing large transfers with 128-bit WEP enabled. Using host-based WEP
:encryption and decryption is not very much worse.)
:
<snip>

More information about the Hostap mailing list