The WEP key index is in ic_def_txkey. The iGTK ("integrity group key") index
is specific to WPA. No driver has the IEEE80211_C_MFP capability, so the
integrity group key index is always zero at run-time. Hence this function
happened to select the key with index 0 for WEP, which usually happens
to be the right thing to do.
Hopefully the last fix for WEP forever.
Index: ieee80211_crypto.c
===================================================================
RCS file: /cvs/src/sys/net80211/ieee80211_crypto.c,v
retrieving revision 1.71
diff -u -p -c -5 -u -r1.71 ieee80211_crypto.c
--- ieee80211_crypto.c 18 Aug 2017 17:30:12 -0000 1.71
+++ ieee80211_crypto.c 27 Apr 2018 11:01:13 -0000
@@ -194,11 +194,12 @@ ieee80211_get_txkey(struct ieee80211com
if ((ic->ic_flags & IEEE80211_F_RSNON) &&
!IEEE80211_IS_MULTICAST(wh->i_addr1) &&
ni->ni_rsncipher != IEEE80211_CIPHER_USEGROUP)
return &ni->ni_pairwise_key;
- if (!IEEE80211_IS_MULTICAST(wh->i_addr1) ||
+ if ((ic->ic_flags & IEEE80211_F_WEPON) ||
+ !IEEE80211_IS_MULTICAST(wh->i_addr1) ||
(wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) !=
IEEE80211_FC0_TYPE_MGT)
kid = ic->ic_def_txkey;
else
kid = ic->ic_igtk_kid;
