summaryrefslogtreecommitdiff
path: root/net/wireless
diff options
context:
space:
mode:
authorJuuso Oikarinen <juuso.oikarinen@nokia.com>2011-01-25 13:21:22 +0300
committerJohn W. Linville <linville@tuxdriver.com>2011-01-28 23:44:27 +0300
commit45cbad6a1299842b5ae9a8a9c09630af063692f8 (patch)
tree153e05300a1a6cee014441e0d4733165a1f60f37 /net/wireless
parent53e3b6e29eeda568fbe6c1e32d35cb56eea94415 (diff)
downloadlinux-45cbad6a1299842b5ae9a8a9c09630af063692f8.tar.xz
cfg80211: Allow non-zero indexes for device specific pair-wise ciphers
Some vendor specific cipher suites require non-zero key indexes for pairwise keys, but as of currently, the cfg80211 does not allow it. As validating they cipher parameters for vendor specific cipher suites is the job of the driver or hardware/firmware, change the cfg80211 to allow also non-zero pairwise key indexes for vendor specific ciphers. Signed-off-by: Juuso Oikarinen <juuso.oikarinen@nokia.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'net/wireless')
-rw-r--r--net/wireless/util.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/net/wireless/util.c b/net/wireless/util.c
index 4ed065d8bb51..6a750bc6bcfe 100644
--- a/net/wireless/util.c
+++ b/net/wireless/util.c
@@ -167,12 +167,15 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev,
/*
* Disallow pairwise keys with non-zero index unless it's WEP
- * (because current deployments use pairwise WEP keys with
- * non-zero indizes but 802.11i clearly specifies to use zero)
+ * or a vendor specific cipher (because current deployments use
+ * pairwise WEP keys with non-zero indices and for vendor specific
+ * ciphers this should be validated in the driver or hardware level
+ * - but 802.11i clearly specifies to use zero)
*/
if (pairwise && key_idx &&
- params->cipher != WLAN_CIPHER_SUITE_WEP40 &&
- params->cipher != WLAN_CIPHER_SUITE_WEP104)
+ ((params->cipher == WLAN_CIPHER_SUITE_TKIP) ||
+ (params->cipher == WLAN_CIPHER_SUITE_CCMP) ||
+ (params->cipher == WLAN_CIPHER_SUITE_AES_CMAC)))
return -EINVAL;
switch (params->cipher) {