[PATCH] MFP: Clear IGTK
Kel Modderman
kel
Mon Feb 15 02:26:18 PST 2010
On Thursday 08 October 2009 14:14:16 Masashi Honma wrote:
> Hello.
>
> The fourth and fifth keys are used as IGTK for management frame
> protection. This patch clears theses keys.
>
>
> diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
> index 37a1927..896f989 100644
> --- a/wpa_supplicant/wpa_supplicant.c
> +++ b/wpa_supplicant/wpa_supplicant.c
> @@ -457,6 +457,10 @@ void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
> wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
> wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
> wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
> +#ifdef CONFIG_IEEE80211W
> + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
> + wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
> +#endif /* CONFIG_IEEE80211W */
> if (addr) {
> wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
> 0);
>
>
> I have tested with linux kernel 2.6.31.2.
Some people are encountering this (ipw2200, Linux 2.6.33-rc7 in my case):
---
wpa_driver_wext_set_wpa
wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
wpa_driver_wext_set_key: alg=0 key_idx=4 set_tx=0 seq_len=0 key_len=0
ioctl[SIOCSIWENCODEEXT]: Invalid argument
Driver did not support SIOCSIWENCODEEXT
wpa_driver_wext_set_key: alg=0 key_idx=5 set_tx=0 seq_len=0 key_len=0
ioctl[SIOCSIWENCODEEXT]: Invalid argument
Driver did not support SIOCSIWENCODEEXT
---
This has caused a small amount of concern and questions about why these
new messages appear in wpa_supplicant 0.6.10 and not in 0.6.9. Is this
something not all drivers support?
Thanks, Kel.
More information about the Hostap
mailing list