aboutsummaryrefslogtreecommitdiffstats
path: root/src/ap/ieee802_11.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2015-08-01 20:37:07 (GMT)
committerJouni Malinen <j@w1.fi>2015-08-02 13:52:56 (GMT)
commit7cb53ded11a8e8f8436ceeb312a9ec643e3e3916 (patch)
treef42be500a97d7fcd772fb55ff8ecf2cd80931546 /src/ap/ieee802_11.c
parenta1eabc74b8b799a80b615cfcc068862d94b827da (diff)
downloadhostap-7cb53ded11a8e8f8436ceeb312a9ec643e3e3916.zip
hostap-7cb53ded11a8e8f8436ceeb312a9ec643e3e3916.tar.gz
hostap-7cb53ded11a8e8f8436ceeb312a9ec643e3e3916.tar.bz2
Add build option to remove all internal RC4 uses
The new CONFIG_NO_RC4=y build option can be used to remove all internal hostapd and wpa_supplicant uses of RC4. It should be noted that external uses (e.g., within a TLS library) do not get disabled when doing this. This removes capability of supporting WPA/TKIP, dynamic WEP keys with IEEE 802.1X, WEP shared key authentication, and MSCHAPv2 password changes. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/ap/ieee802_11.c')
-rw-r--r--src/ap/ieee802_11.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index e224d1b..1ca31c0 100644
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -192,6 +192,7 @@ u16 hostapd_own_capab_info(struct hostapd_data *hapd)
}
+#ifndef CONFIG_NO_RC4
static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
u16 auth_transaction, const u8 *challenge,
int iswep)
@@ -245,6 +246,7 @@ static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
return 0;
}
+#endif /* CONFIG_NO_RC4 */
static void send_auth_reply(struct hostapd_data *hapd,
@@ -926,6 +928,16 @@ static void handle_auth(struct hostapd_data *hapd,
challenge ? " challenge" : "",
seq_ctrl, (fc & WLAN_FC_RETRY) ? " retry" : "");
+#ifdef CONFIG_NO_RC4
+ if (auth_alg == WLAN_AUTH_SHARED_KEY) {
+ wpa_printf(MSG_INFO,
+ "Unsupported authentication algorithm (%d)",
+ auth_alg);
+ resp = WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG;
+ goto fail;
+ }
+#endif /* CONFIG_NO_RC4 */
+
if (hapd->tkip_countermeasures) {
resp = WLAN_REASON_MICHAEL_MIC_FAILURE;
goto fail;
@@ -1073,6 +1085,7 @@ static void handle_auth(struct hostapd_data *hapd,
sta->auth_alg = WLAN_AUTH_OPEN;
mlme_authenticate_indication(hapd, sta);
break;
+#ifndef CONFIG_NO_RC4
case WLAN_AUTH_SHARED_KEY:
resp = auth_shared_key(hapd, sta, auth_transaction, challenge,
fc & WLAN_FC_ISWEP);
@@ -1086,6 +1099,7 @@ static void handle_auth(struct hostapd_data *hapd,
resp_ies_len = 2 + WLAN_AUTH_CHALLENGE_LEN;
}
break;
+#endif /* CONFIG_NO_RC4 */
#ifdef CONFIG_IEEE80211R
case WLAN_AUTH_FT:
sta->auth_alg = WLAN_AUTH_FT;