08.03.2023 12:20, Klemens Nanni пишет:
> 06.03.2023 14:13, Jonathan Gray пишет:
>> Parts of bwfm already mention wep. Is it just a matter of needing to
>> set IEEE80211_C_WEP or is more needed?
>
> stsp quote from the initial 'Re: ifconfig: return non-zero on failed "nwkey"'
> https://marc.info/?l=openbsd-tech&m=163587479013162&w=2 :
>
>> But regardless, this error should never happen.
>> It looks like bwfm(4) does support WEP but the C_WEP capability is missing
>> from ic_caps so net80211 believes WEP was not supported by this driver.
>>
>> I don't think we have any supported wifi device that does not support WEP.
>> Even an(4) supports WEP!
>
> Noone ever stood up and gave WEP on bwfm a try.
>
> Until someone fixes it or rips out WEP completely, we should remove the
> false claim from the manual.
>
> I've intentionally left the recommendation against WEP and WPA1 untouched
> to it informative and the diff simple.
I've committed the manual diff for 7.3 docs to be accurate.
Here is an yet untested WEP removal diff based on 'grep WEP' in case we go
this way rather than fixing WEP.
Index: dev/ic/bwfmreg.h
===================================================================
RCS file: /cvs/src/sys/dev/ic/bwfmreg.h,v
retrieving revision 1.26
diff -u -p -r1.26 bwfmreg.h
--- dev/ic/bwfmreg.h 4 Mar 2022 22:34:41 -0000 1.26
+++ dev/ic/bwfmreg.h 14 Mar 2023 10:54:25 -0000
@@ -643,7 +643,6 @@ struct bwfm_wsec_key {
uint16_t pad_4;
} rxiv;
uint32_t pad_5[2];
- uint8_t ea[ETHER_ADDR_LEN];
};
struct bwfm_wsec_pmk {
Index: dev/ic/bwfm.c
===================================================================
RCS file: /cvs/src/sys/dev/ic/bwfm.c,v
retrieving revision 1.106
diff -u -p -r1.106 bwfm.c
--- dev/ic/bwfm.c 30 Dec 2022 16:49:34 -0000 1.106
+++ dev/ic/bwfm.c 14 Mar 2023 10:49:39 -0000
@@ -2837,33 +2837,16 @@ bwfm_set_key_cb(struct bwfm_softc *sc, v
struct ieee80211com *ic = &sc->sc_ic;
struct bwfm_wsec_key key;
uint32_t wsec, wsec_enable;
- int ext_key = 0;
sc->sc_key_tasks--;
- if ((k->k_flags & IEEE80211_KEY_GROUP) == 0 &&
- k->k_cipher != IEEE80211_CIPHER_WEP40 &&
- k->k_cipher != IEEE80211_CIPHER_WEP104)
- ext_key = 1;
-
memset(&key, 0, sizeof(key));
- if (ext_key && !IEEE80211_IS_MULTICAST(ni->ni_macaddr))
- memcpy(key.ea, ni->ni_macaddr, sizeof(key.ea));
key.index = htole32(k->k_id);
key.len = htole32(k->k_len);
memcpy(key.data, k->k_key, sizeof(key.data));
- if (!ext_key)
- key.flags = htole32(BWFM_WSEC_PRIMARY_KEY);
+ key.flags = htole32(BWFM_WSEC_PRIMARY_KEY);
switch (k->k_cipher) {
- case IEEE80211_CIPHER_WEP40:
- key.algo = htole32(BWFM_CRYPTO_ALGO_WEP1);
- wsec_enable = BWFM_WSEC_WEP;
- break;
- case IEEE80211_CIPHER_WEP104:
- key.algo = htole32(BWFM_CRYPTO_ALGO_WEP128);
- wsec_enable = BWFM_WSEC_WEP;
- break;
case IEEE80211_CIPHER_TKIP:
key.algo = htole32(BWFM_CRYPTO_ALGO_TKIP);
wsec_enable = BWFM_WSEC_TKIP;
