[PATCH] wpa_supplicant: support IBSS RSN STA authorization
Antonio Quartulli
ordex at autistici.org
Sat Jan 28 21:14:47 EST 2012
On Sat, Jan 28, 2012 at 07:01:50 +0100, Antonio Quartulli wrote:
> On Sun, Jan 22, 2012 at 05:30:20PM +0200, Jouni Malinen wrote:
> > On Tue, Jan 17, 2012 at 03:03:02PM +0100, Antonio Quartulli wrote:
> > > In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new stations.
> > > This patch makes wpa_supplicant notify the driver when a station can be
> > > considered authorised.
> >
> > > diff --git a/wpa_supplicant/ibss_rsn.c b/wpa_supplicant/ibss_rsn.c
> > > @@ -19,6 +19,7 @@
> > > #include "ap/wpa_auth.h"
> > > +#include "ap/wpa_auth_i.h"
> >
> > This is not acceptable - the internal header files (*_i.h) are not
> > supposed to be included outside the directory in which they are defined.
> >
> > > @@ -545,7 +546,7 @@ static int ibss_rsn_process_rx_eapol(struct ibss_rsn *ibss_rsn,
> > > + /* check if the peer has been authorized */
> > > + if (peer->auth->wpa_ptk_state == WPA_PTK_PTKINITDONE) {
> >
> > This is looking at an internal state in a way that makes it more
> > difficult to maintain the code in the future. A cleaner design is going
> > to be needed here, e.g., with a callback function. Wouldn't the way used
> > in AP code be suitable for this? See how hostapd_wpa_auth_set_eapol() is
> > used to handle WPA_EAPOL_authorized changes in src/ap/wpa_auth_glue.c
> > for an example. wpa_supplicant/ibss_rsn.c should be able to do the same.
>
I saw the example. Thanks for the hint ;)
But I have a question..is it better to authorize the station when receiving
WPA_EAPOL_authorized or when receiving WPA_EAPOL_keyDone ? Actually I don't
think it makes much difference as they are set one after the other (if I correctly
got src/ap/wpa_auth.c:{2090-2107}).
Thank you!
Cheers,
--
Antonio Quartulli
..each of us alone is worth nothing..
Ernesto "Che" Guevara
More information about the HostAP
mailing list