From 2123d613fc53b15bfc5bb84f5e8826ab8ec32efe Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Mon, 8 Oct 2018 13:44:12 -0700 Subject: [PATCH] nl80211: support per-mac GTK on _new_key_group AdHoc will require a per-mac GTK to be set. For this reason nl80211_build_new_key_group has been updated to optionally take a MAC address. --- src/ap.c | 3 ++- src/netdev.c | 6 ++++-- src/nl80211_util.c | 17 +++++++++++++++-- src/nl80211_util.h | 3 ++- 4 files changed, 23 insertions(+), 6 deletions(-) diff --git a/src/ap.c b/src/ap.c index 8a05f19d..01e85fef 100644 --- a/src/ap.c +++ b/src/ap.c @@ -567,7 +567,8 @@ static void ap_associate_sta_cb(struct l_genl_msg *msg, void *user_data) msg = nl80211_build_new_key_group( netdev_get_ifindex(ap->netdev), group_cipher, ap->gtk_index, - ap->gtk, gtk_len, NULL, 0); + ap->gtk, gtk_len, NULL, + 0, NULL); if (!l_genl_family_send(nl80211, msg, ap_gtk_op_cb, NULL, NULL)) { diff --git a/src/netdev.c b/src/netdev.c index 26285bce..3cb8c024 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -1167,6 +1167,8 @@ static void netdev_set_gtk(struct handshake_state *hs, uint8_t key_index, struct netdev *netdev = nhs->netdev; uint8_t gtk_buf[32]; struct l_genl_msg *msg; + const uint8_t *addr = (netdev->type == NL80211_IFTYPE_ADHOC) ? + nhs->super.aa : NULL; l_debug("%d", netdev->index); @@ -1184,7 +1186,7 @@ static void netdev_set_gtk(struct handshake_state *hs, uint8_t key_index, } msg = nl80211_build_new_key_group(netdev->index, cipher, key_index, - gtk_buf, gtk_len, rsc, rsc_len); + gtk_buf, gtk_len, rsc, rsc_len, addr); nhs->group_new_key_cmd_id = l_genl_family_send(nl80211, msg, netdev_new_group_key_cb, @@ -1229,7 +1231,7 @@ static void netdev_set_igtk(struct handshake_state *hs, uint8_t key_index, } msg = nl80211_build_new_key_group(netdev->index, cipher, key_index, - igtk_buf, igtk_len, ipn, ipn_len); + igtk_buf, igtk_len, ipn, ipn_len, NULL); nhs->group_management_new_key_cmd_id = l_genl_family_send(nl80211, msg, diff --git a/src/nl80211_util.c b/src/nl80211_util.c index 534a8cd9..b5053b96 100644 --- a/src/nl80211_util.c +++ b/src/nl80211_util.c @@ -30,15 +30,18 @@ struct l_genl_msg *nl80211_build_new_key_group(uint32_t ifindex, uint32_t cipher, uint8_t key_id, const uint8_t *key, size_t key_len, const uint8_t *ctr, - size_t ctr_len) + size_t ctr_len, const uint8_t *addr) { struct l_genl_msg *msg; msg = l_genl_msg_new_sized(NL80211_CMD_NEW_KEY, 512); l_genl_msg_append_attr(msg, NL80211_ATTR_IFINDEX, 4, &ifindex); - l_genl_msg_enter_nested(msg, NL80211_ATTR_KEY); + if (addr) + l_genl_msg_append_attr(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); + + l_genl_msg_enter_nested(msg, NL80211_ATTR_KEY); l_genl_msg_append_attr(msg, NL80211_KEY_DATA, key_len, key); l_genl_msg_append_attr(msg, NL80211_KEY_CIPHER, 4, &cipher); l_genl_msg_append_attr(msg, NL80211_KEY_IDX, 1, &key_id); @@ -46,6 +49,16 @@ struct l_genl_msg *nl80211_build_new_key_group(uint32_t ifindex, uint32_t cipher if (ctr) l_genl_msg_append_attr(msg, NL80211_KEY_SEQ, ctr_len, ctr); + if (addr) { + uint32_t type = NL80211_KEYTYPE_GROUP; + + l_genl_msg_append_attr(msg, NL80211_KEY_TYPE, 4, &type); + l_genl_msg_enter_nested(msg, NL80211_KEY_DEFAULT_TYPES); + l_genl_msg_append_attr(msg, NL80211_KEY_DEFAULT_TYPE_MULTICAST, + 0, NULL); + l_genl_msg_leave_nested(msg); + } + l_genl_msg_leave_nested(msg); return msg; diff --git a/src/nl80211_util.h b/src/nl80211_util.h index abffc66d..41188c1a 100644 --- a/src/nl80211_util.h +++ b/src/nl80211_util.h @@ -25,7 +25,8 @@ struct l_genl_msg *nl80211_build_new_key_group(uint32_t ifindex, uint32_t cipher, uint8_t key_id, const uint8_t *key, size_t key_len, - const uint8_t *ctr, size_t ctr_len); + const uint8_t *ctr, size_t ctr_len, + const uint8_t *addr); struct l_genl_msg *nl80211_build_set_station_authorized(uint32_t ifindex, const uint8_t *addr);