From 38ba3c57af1c737966fb58bcbeecdc71f5f4fa90 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 21 Sep 2011 18:14:56 +0300 Subject: cfg80211: Validate cipher suite against supported ciphers Instead of using a hardcoded list of cipher suites in nl80211.c, use a shared function in util.c to verify that the driver advertises support for the specified cipher. This provides more accurate validation of the values and allows vendor-specific cipher suites to be added in drivers. Signed-off-by: Jouni Malinen Signed-off-by: John W. Linville --- net/wireless/util.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'net/wireless/util.c') diff --git a/net/wireless/util.c b/net/wireless/util.c index 39dbf4ad7ca1..6304ed63588a 100644 --- a/net/wireless/util.c +++ b/net/wireless/util.c @@ -151,12 +151,19 @@ void ieee80211_set_bitrate_flags(struct wiphy *wiphy) set_mandatory_flags_band(wiphy->bands[band], band); } +bool cfg80211_supported_cipher_suite(struct wiphy *wiphy, u32 cipher) +{ + int i; + for (i = 0; i < wiphy->n_cipher_suites; i++) + if (cipher == wiphy->cipher_suites[i]) + return true; + return false; +} + int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, struct key_params *params, int key_idx, bool pairwise, const u8 *mac_addr) { - int i; - if (key_idx > 5) return -EINVAL; @@ -226,10 +233,7 @@ int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, } } - for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) - if (params->cipher == rdev->wiphy.cipher_suites[i]) - break; - if (i == rdev->wiphy.n_cipher_suites) + if (!cfg80211_supported_cipher_suite(&rdev->wiphy, params->cipher)) return -EINVAL; return 0; -- cgit v1.2.3