aboutsummaryrefslogtreecommitdiffstats
path: root/src/eapol_supp
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2015-08-01 20:37:07 (GMT)
committerJouni Malinen <j@w1.fi>2015-08-02 13:52:56 (GMT)
commit7cb53ded11a8e8f8436ceeb312a9ec643e3e3916 (patch)
treef42be500a97d7fcd772fb55ff8ecf2cd80931546 /src/eapol_supp
parenta1eabc74b8b799a80b615cfcc068862d94b827da (diff)
downloadhostap-7cb53ded11a8e8f8436ceeb312a9ec643e3e3916.zip
hostap-7cb53ded11a8e8f8436ceeb312a9ec643e3e3916.tar.gz
hostap-7cb53ded11a8e8f8436ceeb312a9ec643e3e3916.tar.bz2
Add build option to remove all internal RC4 uses
The new CONFIG_NO_RC4=y build option can be used to remove all internal hostapd and wpa_supplicant uses of RC4. It should be noted that external uses (e.g., within a TLS library) do not get disabled when doing this. This removes capability of supporting WPA/TKIP, dynamic WEP keys with IEEE 802.1X, WEP shared key authentication, and MSCHAPv2 password changes. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eapol_supp')
-rw-r--r--src/eapol_supp/eapol_supp_sm.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/eapol_supp/eapol_supp_sm.c b/src/eapol_supp/eapol_supp_sm.c
index 39b4319..09cf4f6 100644
--- a/src/eapol_supp/eapol_supp_sm.c
+++ b/src/eapol_supp/eapol_supp_sm.c
@@ -654,7 +654,9 @@ static void eapol_sm_processKey(struct eapol_sm *sm)
struct ieee802_1x_eapol_key *key;
struct eap_key_data keydata;
u8 orig_key_sign[IEEE8021X_KEY_SIGN_LEN], datakey[32];
+#ifndef CONFIG_NO_RC4
u8 ekey[IEEE8021X_KEY_IV_LEN + IEEE8021X_ENCR_KEY_LEN];
+#endif /* CONFIG_NO_RC4 */
int key_len, res, sign_key_len, encr_key_len;
u16 rx_key_length;
size_t plen;
@@ -748,6 +750,13 @@ static void eapol_sm_processKey(struct eapol_sm *sm)
return;
}
if (key_len == rx_key_length) {
+#ifdef CONFIG_NO_RC4
+ if (encr_key_len) {
+ /* otherwise unused */
+ }
+ wpa_printf(MSG_ERROR, "EAPOL: RC4 not supported in the build");
+ return;
+#else /* CONFIG_NO_RC4 */
os_memcpy(ekey, key->key_iv, IEEE8021X_KEY_IV_LEN);
os_memcpy(ekey + IEEE8021X_KEY_IV_LEN, keydata.encr_key,
encr_key_len);
@@ -756,6 +765,7 @@ static void eapol_sm_processKey(struct eapol_sm *sm)
datakey, key_len);
wpa_hexdump_key(MSG_DEBUG, "EAPOL: Decrypted(RC4) key",
datakey, key_len);
+#endif /* CONFIG_NO_RC4 */
} else if (key_len == 0) {
/*
* IEEE 802.1X-2004 specifies that least significant Key Length