On Sat, Mar 11, 2017 at 09:55:15AM +0900, Stefan Sperling wrote: > While a wifi interface is configured to use WEP 'ifconfig scan' will > mistakenly show all WPA APs as WEP ones. Fix below. > > This is a small ABI change in struct ieee80211_nodereq.
My diff has been committed but tb@ noticed that it does not actually work in all cases. This diff tries to introduce a clear distinction between what is supported and what is enabled. 'ifconfig scan' now only shows what is supported. I hope this is more clear and correct. Index: ieee80211_input.c =================================================================== RCS file: /cvs/src/sys/net80211/ieee80211_input.c,v retrieving revision 1.187 diff -u -p -r1.187 ieee80211_input.c --- ieee80211_input.c 1 Mar 2017 19:28:48 -0000 1.187 +++ ieee80211_input.c 12 Mar 2017 00:48:02 -0000 @@ -1654,35 +1654,57 @@ ieee80211_recv_probe_resp(struct ieee802 && ic->ic_opmode != IEEE80211_M_HOSTAP #endif ) { - struct ieee80211_rsnparams rsn; - const u_int8_t *saveie = NULL; + struct ieee80211_rsnparams rsn, wpa; + + ni->ni_rsnprotos = IEEE80211_PROTO_NONE; + ni->ni_supported_rsnprotos = IEEE80211_PROTO_NONE; + ni->ni_rsnakms = 0; + ni->ni_supported_rsnakms = 0; + ni->ni_rsnciphers = 0; + ni->ni_rsngroupcipher = 0; + ni->ni_rsngroupmgmtcipher = 0; + ni->ni_rsncaps = 0; + + if (rsnie != NULL && + ieee80211_parse_rsn(ic, rsnie, &rsn) == 0) { + ni->ni_supported_rsnprotos |= IEEE80211_PROTO_RSN; + ni->ni_supported_rsnakms |= rsn.rsn_akms; + } + if (wpaie != NULL && + ieee80211_parse_wpa(ic, wpaie, &wpa) == 0) { + ni->ni_supported_rsnprotos |= IEEE80211_PROTO_WPA; + ni->ni_supported_rsnakms |= wpa.rsn_akms; + } + /* - * If the AP advertises both RSN and WPA IEs (WPA1+WPA2), - * we only store the parameters of the highest protocol - * version we support. + * If the AP advertises both WPA and RSN IEs (WPA1+WPA2), + * we only use the highest protocol version we support. */ if (rsnie != NULL && + (ni->ni_supported_rsnprotos & IEEE80211_PROTO_RSN) && (ic->ic_rsnprotos & IEEE80211_PROTO_RSN)) { - if (ieee80211_parse_rsn(ic, rsnie, &rsn) == 0) { + if (ieee80211_save_ie(rsnie, &ni->ni_rsnie) == 0) { ni->ni_rsnprotos = IEEE80211_PROTO_RSN; - saveie = rsnie; + ni->ni_rsnakms = rsn.rsn_akms; + ni->ni_rsnciphers = rsn.rsn_ciphers; + ni->ni_rsngroupcipher = rsn.rsn_groupcipher; + ni->ni_rsngroupmgmtcipher = + rsn.rsn_groupmgmtcipher; + ni->ni_rsncaps = rsn.rsn_caps; } } else if (wpaie != NULL && + (ni->ni_supported_rsnprotos & IEEE80211_PROTO_WPA) && (ic->ic_rsnprotos & IEEE80211_PROTO_WPA)) { - if (ieee80211_parse_wpa(ic, wpaie, &rsn) == 0) { + if (ieee80211_save_ie(wpaie, &ni->ni_rsnie) == 0) { ni->ni_rsnprotos = IEEE80211_PROTO_WPA; - saveie = wpaie; + ni->ni_rsnakms = wpa.rsn_akms; + ni->ni_rsnciphers = wpa.rsn_ciphers; + ni->ni_rsngroupcipher = wpa.rsn_groupcipher; + ni->ni_rsngroupmgmtcipher = + wpa.rsn_groupmgmtcipher; + ni->ni_rsncaps = wpa.rsn_caps; } } - if (saveie != NULL && - ieee80211_save_ie(saveie, &ni->ni_rsnie) == 0) { - ni->ni_rsnakms = rsn.rsn_akms; - ni->ni_rsnciphers = rsn.rsn_ciphers; - ni->ni_rsngroupcipher = rsn.rsn_groupcipher; - ni->ni_rsngroupmgmtcipher = rsn.rsn_groupmgmtcipher; - ni->ni_rsncaps = rsn.rsn_caps; - } else - ni->ni_rsnprotos = IEEE80211_PROTO_NONE; } if (ssid[1] != 0 && ni->ni_esslen == 0) { @@ -2018,6 +2040,15 @@ ieee80211_recv_assoc_req(struct ieee8021 goto end; } + ni->ni_rsnprotos = IEEE80211_PROTO_NONE; + ni->ni_supported_rsnprotos = IEEE80211_PROTO_NONE; + ni->ni_rsnakms = 0; + ni->ni_supported_rsnakms = 0; + ni->ni_rsnciphers = 0; + ni->ni_rsngroupcipher = 0; + ni->ni_rsngroupmgmtcipher = 0; + ni->ni_rsncaps = 0; + if (ic->ic_flags & IEEE80211_F_RSNON) { const u_int8_t *saveie; /* @@ -2032,6 +2063,7 @@ ieee80211_recv_assoc_req(struct ieee8021 if (status != 0) goto end; ni->ni_rsnprotos = IEEE80211_PROTO_RSN; + ni->ni_supported_rsnprotos = IEEE80211_PROTO_RSN; saveie = rsnie; } else if (wpaie != NULL && (ic->ic_rsnprotos & IEEE80211_PROTO_WPA)) { @@ -2039,6 +2071,7 @@ ieee80211_recv_assoc_req(struct ieee8021 if (status != 0) goto end; ni->ni_rsnprotos = IEEE80211_PROTO_WPA; + ni->ni_supported_rsnprotos = IEEE80211_PROTO_WPA; saveie = wpaie; } else { /* @@ -2112,6 +2145,7 @@ ieee80211_recv_assoc_req(struct ieee8021 goto end; } ni->ni_rsnakms = rsn.rsn_akms; + ni->ni_supported_rsnakms = rsn.rsn_akms; ni->ni_rsnciphers = rsn.rsn_ciphers; ni->ni_rsngroupcipher = ic->ic_bss->ni_rsngroupcipher; ni->ni_rsngroupmgmtcipher = ic->ic_bss->ni_rsngroupmgmtcipher; @@ -2138,8 +2172,7 @@ ieee80211_recv_assoc_req(struct ieee8021 ni->ni_flags |= IEEE80211_NODE_PMK; } } - } else - ni->ni_rsnprotos = IEEE80211_PROTO_NONE; + } ni->ni_rssi = rxi->rxi_rssi; ni->ni_rstamp = rxi->rxi_tstamp; Index: ieee80211_ioctl.c =================================================================== RCS file: /cvs/src/sys/net80211/ieee80211_ioctl.c,v retrieving revision 1.49 diff -u -p -r1.49 ieee80211_ioctl.c --- ieee80211_ioctl.c 11 Mar 2017 13:22:36 -0000 1.49 +++ ieee80211_ioctl.c 12 Mar 2017 01:04:01 -0000 @@ -108,17 +108,17 @@ ieee80211_node2req(struct ieee80211com * nr->nr_rsnciphers = ni->ni_rsnciphers; nr->nr_rsnakms = 0; nr->nr_rsnprotos = 0; - if (ni->ni_rsnprotos & IEEE80211_PROTO_WPA) - nr->nr_rsnprotos |= IEEE80211_WPA_PROTO_WPA1; - if (ni->ni_rsnprotos & IEEE80211_PROTO_RSN) + if (ni->ni_supported_rsnprotos & IEEE80211_PROTO_RSN) nr->nr_rsnprotos |= IEEE80211_WPA_PROTO_WPA2; - if (ni->ni_rsnakms & IEEE80211_AKM_8021X) + if (ni->ni_supported_rsnprotos & IEEE80211_PROTO_WPA) + nr->nr_rsnprotos |= IEEE80211_WPA_PROTO_WPA1; + if (ni->ni_supported_rsnakms & IEEE80211_AKM_8021X) nr->nr_rsnakms |= IEEE80211_WPA_AKM_8021X; - if (ni->ni_rsnakms & IEEE80211_AKM_PSK) + if (ni->ni_supported_rsnakms & IEEE80211_AKM_PSK) nr->nr_rsnakms |= IEEE80211_WPA_AKM_PSK; - if (ni->ni_rsnakms & IEEE80211_AKM_SHA256_8021X) + if (ni->ni_supported_rsnakms & IEEE80211_AKM_SHA256_8021X) nr->nr_rsnakms |= IEEE80211_WPA_AKM_SHA256_8021X; - if (ni->ni_rsnakms & IEEE80211_AKM_SHA256_PSK) + if (ni->ni_supported_rsnakms & IEEE80211_AKM_SHA256_PSK) nr->nr_rsnakms |= IEEE80211_WPA_AKM_SHA256_PSK; /* Node flags */ Index: ieee80211_node.h =================================================================== RCS file: /cvs/src/sys/net80211/ieee80211_node.h,v retrieving revision 1.67 diff -u -p -r1.67 ieee80211_node.h --- ieee80211_node.h 4 Mar 2017 12:44:27 -0000 1.67 +++ ieee80211_node.h 12 Mar 2017 00:31:47 -0000 @@ -219,7 +219,9 @@ struct ieee80211_node { u_int ni_rsn_supp_state; u_int ni_rsn_gstate; u_int ni_rsn_retries; + u_int ni_supported_rsnprotos; u_int ni_rsnprotos; + u_int ni_supported_rsnakms; u_int ni_rsnakms; u_int ni_rsnciphers; enum ieee80211_cipher ni_rsngroupcipher;