From: Johannes Berg <johannes@sipsolutions.net>
To: Jouni Malinen <j@w1.fi>
Cc: linux-wireless@vger.kernel.org, Samuel Ortiz <samuel@sortiz.org>
Subject: Re: [RFC] nl80211: Add MLME primitives to support external SME
Date: Mon, 09 Mar 2009 20:03:30 +0100 [thread overview]
Message-ID: <1236625410.9658.17.camel@johannes.local> (raw)
In-Reply-To: <20090303144038.GA8435@jm.kir.nu>
[-- Attachment #1: Type: text/plain, Size: 4175 bytes --]
On Tue, 2009-03-03 at 16:40 +0200, Jouni Malinen wrote:
> Here's my current version of the nl80211 patch to allow authentication
> and association (in station mode) to be requested. This is able to
> complete authentication and association for open network, WPA, and FT
> initial association using a patches version of wpa_supplicant. The
> earlier change for kernel to enable auth/assoc events with nl80211 and a
> patch for wpa_supplicant is available at http://w1.fi/sme/
>
> I think the nl80211 commands are in a state that would be ready to be
> merged into wireless-testing and I would like to get this functionality
> in in pieces. There is obviously room for further improvements in
> cfg80211/mac80211, but that does not need to change the user space
> interface and can be done as a separate step.
Agreed. I'll take another look over both patches, the events too, and I
think we can probably merge it soon then.
> +/**
> + * enum nl80211_auth_type - AuthenticationType
> + *
> + * @NL80211_AUTHTYPE_OPEN_SYSTEM: Open System authentication
> + * @NL80211_AUTHTYPE_SHARED_KEY: Shared Key authentication (WEP only)
> + * @NL80211_AUTHTYPE_FT: Fast BSS Transition (IEEE 802.11r)
> + * @NL80211_AUTHTYPE_NETWORK_EAP: Network EAP (some Cisco APs and mainly LEAP)
> + * @NL80211_AUTHTYPE_AUTO: Automatic selection (try Open System, Shared Key,
> + * Network EAP and accept first one that goes through)
Do we really need or even want "auto"? Or is that for a future
"connect()" method that replaces auth/assoc for some hardware designs?
Quoting these structs in full for Samuel:
> +struct cfg80211_auth_request {
> + struct ieee80211_channel *chan;
> + u8 *peer_addr;
> + const u8 *ssid;
> + size_t ssid_len;
> + enum nl80211_auth_type auth_type;
> + const u8 *ie;
> + size_t ie_len;
> +};
> +
> +struct cfg80211_assoc_request {
> + struct ieee80211_channel *chan;
> + u8 *peer_addr;
> + const u8 *ssid;
> + size_t ssid_len;
> + const u8 *ie;
> + size_t ie_len;
> +};
I think that eventually this should contain the "cfg80211_bss" rather
than all the information like this. Once more of the MLME moves to
cfg80211, that is; and only when it can be supported, "connect()" would
be completely different.
As it is now, I don't think this interface is well-suited for
implementation by a full-mac chip, since it requires
* implementing wext handlers separately, but compatibly
* implementing an auth/assoc state machine for wext
* manual lookup of the correct BSS etc.
As such, Samuel, I think you/we need to work on this before you can use
it. I'm willing to assist you with that.
> +static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev,
> + struct cfg80211_assoc_request *req)
> +{
> + struct ieee80211_sub_if_data *sdata;
> + int ret;
> +
> + if (!netif_running(dev))
> + return -ENETDOWN;
> +
> + sdata = IEEE80211_DEV_TO_SUB_IF(dev);
> +
> + if (sdata->vif.type != NL80211_IFTYPE_STATION)
> + return -EOPNOTSUPP;
> +
> + if (req->peer_addr) {
> + memcpy(sdata->u.mgd.bssid, req->peer_addr, ETH_ALEN);
> + sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_BSSID_SEL;
> + sdata->u.mgd.flags |= IEEE80211_STA_BSSID_SET;
> + } else {
> + sdata->u.mgd.flags |= IEEE80211_STA_AUTO_BSSID_SEL;
> + }
> +
> + /* TODO: req->chan */
> + sdata->u.mgd.flags |= IEEE80211_STA_AUTO_CHANNEL_SEL;
> +
> + if (req->ssid) {
> + sdata->u.mgd.flags |= IEEE80211_STA_SSID_SET;
> + memcpy(sdata->u.mgd.ssid, req->ssid, req->ssid_len);
> + sdata->u.mgd.ssid_len = req->ssid_len;
> + sdata->u.mgd.flags &= ~IEEE80211_STA_AUTO_SSID_SEL;
> + } else
> + sdata->u.mgd.flags |= IEEE80211_STA_AUTO_SSID_SEL;
> +
> + ret = ieee80211_sta_set_extra_ie(sdata, req->ie, req->ie_len);
> + if (ret)
> + return ret;
> +
> + sdata->u.mgd.flags |= IEEE80211_STA_EXT_SME;
> + sdata->u.mgd.state = IEEE80211_STA_MLME_ASSOCIATE;
> + ieee80211_sta_req_auth(sdata);
> + return 0;
> +}
This function or cfg80211 should eventually reject any calls that don't
refer to a BSS we have already authenticated with, otherwise weird
things might happen, I think?
johannes
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
next prev parent reply other threads:[~2009-03-09 19:38 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-03 14:40 [RFC] nl80211: Add MLME primitives to support external SME Jouni Malinen
2009-03-09 19:03 ` Johannes Berg [this message]
2009-03-18 8:43 ` Jouni Malinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1236625410.9658.17.camel@johannes.local \
--to=johannes@sipsolutions.net \
--cc=j@w1.fi \
--cc=linux-wireless@vger.kernel.org \
--cc=samuel@sortiz.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox