Kernel implementation of the 4-way handshake and group-key

handshake protocols (both supplicant and authenticator state
machines) as defined in the IEEE 802.11i standard.

Software implementation of the TKIP (Temporal Key Integrity
Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.

This diff doesn't implement any of the 802.1X authentication
protocols and thus only PSK authentication (using pre-shared
keys) is currently supported.

In concrete terms, this adds support for WPA-PSK and WPA2-PSK
protocols, both in station and hostap modes.

The following drivers are marked as WPA-capable and should
work:  bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4),
rum(4), upgt(4), and zyd(4)

The following options have been added to ifconfig(8):
wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher

wpa-psk(8) can be used to generate keys from passphrases.

tested by many@
ok deraadt@

1 files changed, 7 insertions, 3 deletions

diff --git a/sys/dev/ic/atw.c b/sys/dev/ic/atw.c
index 3525221e361..56b9ae24c6a 100644
--- a/sys/dev/ic/atw.c
+++ b/sys/dev/ic/atw.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: atw.c,v 1.56 2008/03/13 23:07:29 brad Exp $	*/
+/*	$OpenBSD: atw.c,v 1.57 2008/04/16 18:32:15 damien Exp $	*/
 /*	$NetBSD: atw.c,v 1.69 2004/07/23 07:07:55 dyoung Exp $	*/
 
 /*-
@@ -3614,6 +3614,7 @@ atw_start(struct ifnet *ifp)
 	struct ieee80211com *ic = &sc->sc_ic;
 	struct ieee80211_node *ni;
 	struct ieee80211_frame *wh;
+	struct ieee80211_key *k;
 	struct atw_frame *hh;
 	struct mbuf *m0, *m;
 	struct atw_txsoft *txs, *last_txs;
@@ -3670,8 +3671,11 @@ atw_start(struct ifnet *ifp)
 				break;
 			}
 
-			if (sc->sc_ic.ic_flags & IEEE80211_F_WEPON) {
-				if ((m0 = ieee80211_wep_crypt(ifp, m0, 1)) == NULL) {
+			if (ic->ic_flags & IEEE80211_F_WEPON) {
+				wh = mtod(m0, struct ieee80211_frame *);
+				k = ieee80211_get_txkey(ic, wh, ni);
+				m0 = ieee80211_encrypt(ic, m0, k);
+				if (m0 == NULL) {
 					ifp->if_oerrors++;
 					break;	
 				}