[PATCH v4 13/25] VLAN: Use new VLAN data type in src_ap_wpa_auth

Michael Braun michael-dev at fami-braun.de
Sat Jul 27 15:55:31 EDT 2013


Signed-hostap: Michael Braun <michael-dev at fami-braun.de>
---
 src/ap/wpa_auth.c      |   34 ++++++++++++++++++----------------
 src/ap/wpa_auth.h      |    5 +++--
 src/ap/wpa_auth_ft.c   |    4 ++--
 src/ap/wpa_auth_glue.c |    4 ++--
 src/ap/wpa_auth_i.h    |    2 +-
 src/ap/wpa_auth_ie.c   |    2 +-
 6 files changed, 27 insertions(+), 24 deletions(-)

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index af7250e..eca8c1e 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -106,7 +106,7 @@ static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth,
 
 
 static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth,
-				   int vlan_id,
+				   vlan_t vlan_id,
 				   enum wpa_alg alg, const u8 *addr, int idx,
 				   u8 *key, size_t key_len)
 {
@@ -318,7 +318,7 @@ static int wpa_group_init_gmk_and_counter(struct wpa_authenticator *wpa_auth,
 
 
 static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth,
-					 int vlan_id, int delay_init)
+					 vlan_t vlan_id, int delay_init)
 {
 	struct wpa_group *group;
 
@@ -327,7 +327,7 @@ static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth,
 		return NULL;
 
 	group->GTKAuthenticator = TRUE;
-	group->vlan_id = vlan_id;
+	vlan_alloc_copy(&group->vlan_id, &vlan_id);
 	group->GTK_len = wpa_cipher_key_len(wpa_auth->conf.wpa_group);
 
 	if (random_pool_ready() != 1) {
@@ -390,7 +390,8 @@ struct wpa_authenticator * wpa_init(const u8 *addr,
 		return NULL;
 	}
 
-	wpa_auth->group = wpa_group_init(wpa_auth, 0, 1);
+	vlan_t vlan_id = VLAN_NULL;
+	wpa_auth->group = wpa_group_init(wpa_auth, vlan_id, 1);
 	if (wpa_auth->group == NULL) {
 		os_free(wpa_auth->wpa_ie);
 		os_free(wpa_auth);
@@ -1436,7 +1437,8 @@ void wpa_remove_ptk(struct wpa_state_machine *sm)
 {
 	sm->PTK_valid = FALSE;
 	os_memset(&sm->PTK, 0, sizeof(sm->PTK));
-	wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, 0);
+	wpa_auth_set_key(sm->wpa_auth, VLAN_NULL, WPA_ALG_NONE, sm->addr, 0,
+	                 NULL, 0);
 	sm->pairwise_set = FALSE;
 	eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
 }
@@ -2067,7 +2069,7 @@ SM_STATE(WPA_PTK, PTKINITDONE)
 	if (sm->Pair) {
 		enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise);
 		int klen = wpa_cipher_key_len(sm->pairwise);
-		if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
+		if (wpa_auth_set_key(sm->wpa_auth, VLAN_NULL, alg, sm->addr, 0,
 				     sm->PTK.tk1, klen)) {
 			wpa_sta_disconnect(sm->wpa_auth, sm->addr);
 			return;
@@ -2395,7 +2397,7 @@ static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth,
 			       struct wpa_group *group)
 {
 	wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
-		   "GTK_INIT (VLAN-ID %d)", group->vlan_id);
+		   "GTK_INIT (VLAN-ID %d)", vlan_untagged(&group->vlan_id));
 	group->changed = FALSE; /* GInit is not cleared here; avoid loop */
 	group->wpa_group_state = WPA_GROUP_GTK_INIT;
 
@@ -2532,7 +2534,7 @@ static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth,
 	int tmp;
 
 	wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
-		   "SETKEYS (VLAN-ID %d)", group->vlan_id);
+		   "SETKEYS (VLAN-ID %d)", vlan_untagged(&group->vlan_id));
 	group->changed = TRUE;
 	group->wpa_group_state = WPA_GROUP_SETKEYS;
 	group->GTKReKey = FALSE;
@@ -2589,7 +2591,7 @@ static int wpa_group_setkeysdone(struct wpa_authenticator *wpa_auth,
 				 struct wpa_group *group)
 {
 	wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
-		   "SETKEYSDONE (VLAN-ID %d)", group->vlan_id);
+		   "SETKEYSDONE (VLAN-ID %d)", vlan_untagged(&group->vlan_id));
 	group->changed = TRUE;
 	group->wpa_group_state = WPA_GROUP_SETKEYSDONE;
 
@@ -2981,7 +2983,7 @@ static void wpa_group_free(void *eloop_ctx, void *timeout_ctx)
 	struct wpa_group *prev = wpa_auth->group;
 
 	wpa_printf(MSG_DEBUG, "WPA: Remove group state machine for VLAN-ID %d",
-		   group->vlan_id);
+		   vlan_untagged(&group->vlan_id));
 
 	while (prev) {
 		if (prev->next == group) {
@@ -2992,7 +2994,6 @@ static void wpa_group_free(void *eloop_ctx, void *timeout_ctx)
 		}
 		prev = prev->next;
 	}
-
 }
 
 
@@ -3029,7 +3030,7 @@ wpa_group_put(struct wpa_authenticator *wpa_auth, struct wpa_group *group)
 
 
 static struct wpa_group *
-wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id)
+wpa_auth_add_group(struct wpa_authenticator *wpa_auth, vlan_t vlan_id)
 {
 	struct wpa_group *group;
 
@@ -3037,7 +3038,7 @@ wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id)
 		return NULL;
 
 	wpa_printf(MSG_DEBUG, "WPA: Add group state machine for VLAN-ID %d",
-		   vlan_id);
+		   vlan_untagged(&vlan_id));
 	group = wpa_group_init(wpa_auth, vlan_id, 0);
 	if (group == NULL)
 		return NULL;
@@ -3049,7 +3050,7 @@ wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id)
 }
 
 
-int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id)
+int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, vlan_t vlan_id)
 {
 	struct wpa_group *group;
 
@@ -3058,7 +3059,7 @@ int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id)
 
 	group = sm->wpa_auth->group;
 	while (group) {
-		if (group->vlan_id == vlan_id)
+		if (vlan_cmp(&group->vlan_id, &vlan_id))
 			break;
 		group = group->next;
 	}
@@ -3073,7 +3074,8 @@ int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id)
 		return 0;
 
 	wpa_printf(MSG_DEBUG, "WPA: Moving STA " MACSTR " to use group state "
-		   "machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id);
+		   "machine for VLAN ID %d", MAC2STR(sm->addr),
+		   vlan_untagged(&vlan_id));
 
 	wpa_group_put(sm->wpa_auth, sm->group);
 	sm->group = group;
diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
index ebfe86f..f4c17a0 100644
--- a/src/ap/wpa_auth.h
+++ b/src/ap/wpa_auth.h
@@ -10,6 +10,7 @@
 #define WPA_AUTH_H
 
 #include "common/defs.h"
+#include "common/vlan.h"
 #include "common/eapol_common.h"
 #include "common/wpa_common.h"
 
@@ -186,7 +187,7 @@ struct wpa_auth_callbacks {
 	int (*get_eapol)(void *ctx, const u8 *addr, wpa_eapol_variable var);
 	const u8 * (*get_psk)(void *ctx, const u8 *addr, const u8 *prev_psk);
 	int (*get_msk)(void *ctx, const u8 *addr, u8 *msk, size_t *len);
-	int (*set_key)(void *ctx, int vlan_id, enum wpa_alg alg,
+	int (*set_key)(void *ctx, vlan_t vlan_id, enum wpa_alg alg,
 		       const u8 *addr, int idx, u8 *key, size_t key_len);
 	int (*get_seqnum)(void *ctx, const u8 *addr, int idx, u8 *seq);
 	int (*send_eapol)(void *ctx, const u8 *addr, const u8 *data,
@@ -265,7 +266,7 @@ int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth,
 			       struct eapol_state_machine *eapol);
 void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth,
 			   const u8 *sta_addr);
-int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id);
+int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, vlan_t vlan_id);
 void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth,
 				  struct wpa_state_machine *sm, int ack);
 
diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
index 1bb5d97..5f944cc 100644
--- a/src/ap/wpa_auth_ft.c
+++ b/src/ap/wpa_auth_ft.c
@@ -737,7 +737,7 @@ u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos,
 
 
 static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth,
-				   int vlan_id,
+				   vlan_t vlan_id,
 				   enum wpa_alg alg, const u8 *addr, int idx,
 				   u8 *key, size_t key_len)
 {
@@ -768,7 +768,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
 	 * again after association to get the PTK configured, but that could be
 	 * optimized by adding the STA entry earlier.
 	 */
-	if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
+	if (wpa_auth_set_key(sm->wpa_auth, VLAN_NULL, alg, sm->addr, 0,
 			     sm->PTK.tk1, klen))
 		return;
 
diff --git a/src/ap/wpa_auth_glue.c b/src/ap/wpa_auth_glue.c
index e2be1ea..c769644 100644
--- a/src/ap/wpa_auth_glue.c
+++ b/src/ap/wpa_auth_glue.c
@@ -245,14 +245,14 @@ static int hostapd_wpa_auth_get_msk(void *ctx, const u8 *addr, u8 *msk,
 }
 
 
-static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, enum wpa_alg alg,
+static int hostapd_wpa_auth_set_key(void *ctx, vlan_t vlan_id, enum wpa_alg alg,
 				    const u8 *addr, int idx, u8 *key,
 				    size_t key_len)
 {
 	struct hostapd_data *hapd = ctx;
 	const char *ifname = hapd->conf->iface;
 
-	if (vlan_id > 0) {
+	if (vlan_notempty(&vlan_id) && vlan_untagged(&vlan_id) >= 0) {
 		ifname = hostapd_get_vlan_id_ifname(hapd->conf->vlan, vlan_id);
 		if (ifname == NULL)
 			return -1;
diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
index 82e6e3a..49d514d 100644
--- a/src/ap/wpa_auth_i.h
+++ b/src/ap/wpa_auth_i.h
@@ -126,7 +126,7 @@ struct wpa_state_machine {
 /* per group key state machine data */
 struct wpa_group {
 	struct wpa_group *next;
-	int vlan_id;
+	vlan_t vlan_id;
 
 	Boolean GInit;
 	int GKeyDoneStations;
diff --git a/src/ap/wpa_auth_ie.c b/src/ap/wpa_auth_ie.c
index cdfcca1..b0aa98a 100644
--- a/src/ap/wpa_auth_ie.c
+++ b/src/ap/wpa_auth_ie.c
@@ -609,7 +609,7 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
 				 "PMKID found from PMKSA cache "
 				 "eap_type=%d vlan_id=%d",
 				 sm->pmksa->eap_type_authsrv,
-				 sm->pmksa->vlan_id);
+				 vlan_untagged(&sm->pmksa->vlan_id));
 		os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmkid, PMKID_LEN);
 	}
 



More information about the HostAP mailing list