| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
The ic_bss is never put into the RB tree.
|
| |
|
|
|
|
| |
There is no need to keep nodes cached with never associated and were
inactive within the last 5 minutes or more. Keeps the node cache pretty
clean in my environment with typical city-center wlan noise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within
5 minutes. Inactive cached nodes (not authenticated or associated) are
automatically cleared from the cache once every hour, making room for
new nodes. If the node cache is full and room must be made for a new node,
clean either a cached node (active or inactive), or an inactive
authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated,
and only send a de-auth frame once for a given node.
This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl.
ok deraadt@
|
| |
|
|
|
|
| |
and freeing the node. Just in case an interrupt happens to ref the node after
the refcount was checked but before the node is freed.
Tested by several as part of a larger diff.
|
| |
|
|
|
|
| |
only scanning for networks). These were never put into COLLECT state and
were thus never evicted from the node cache in hostap mode.
ok jsg@
|
| |
|
|
|
|
|
| |
of nodes, otherwise we'll never actually clean any nodes. Fixes issues with
clients failing too attach because the node cache is completely filled.
ok damien@
|
| |
|
|
|
|
|
| |
Bogus chunks pointed out by matthew@ and miod@. No cookies for
marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
| |
|
|
|
|
|
| |
the BSS. this is needed by drivers that need to maintain a hardware
table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
| |
|
|
|
|
|
|
|
|
|
| |
ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn()
calls ic_delete_key() and drivers like ral(4) RT2860 need
a valid associd in their delete_key callbacks.
This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
| |
|
|
| |
what is not supported as a group cipher, enumerate what is supported.
|
| |
|
|
|
|
| |
otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
| |
|
|
|
|
|
| |
and athn are only theoretically interesting. i33380211_node fixes a real
bug in occupied channel detection.
ok damien@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
is received. The creation of a new node is already handled in
ieee80211_recv_probe_resp() when necessary.
This avoids creating empty nodes with wrong channels when beacons
are received on the wrong channel (overlapping channels).
Those empty nodes may also prevent the real node from being
discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form:
nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M
in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
| |
|
|
|
| |
noticed by ray@, more investigation from sthen@
fix tested by sthen@
|
| |
|
|
|
|
|
|
|
|
| |
Maintain state for both originator and recipient roles separately.
Do not allocate receive reordering buffer in addba_request().
Test the "initiator" bit in incoming DELBA frames and set it appropriately
in outgoing DELBA frames.
Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
| |
|
|
|
| |
instead of resorting to horrid hacks/casts.
Restore the ieee80211_node structure back to its original state.
|
| |
|
|
| |
pointed out by krw@
|
| |
|
|
|
|
|
| |
this way we can avoid putting a full node structure (which is huge)
on the stack in ieee80211_find_node().
this is a bit tricky but the RB_FIND macro wants an "elem" structure,
not a field of "elem".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- implement A-MPDU frames buffering and reordering
- implement A-MSDU decapsulation
- process/send ADDBA Request, ADDBA Response and DELBA action frames
- process Block Ack Request control frames (including MTBAR)
- implement PBAC support (Protected Block Ack)
- add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0:
- implement SA Query procedure (both AP and STA)
- cleanup BIP
Fix some bugs:
- fix check for WEP key length that otherwise caused a stack smash in
ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc)
- properly stop EAPOL timeout: fixes a panic that occured in HostAP mode
when turning the interface down while a 4-way handshake is in progress
(pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined)
because they won't be ready until after the next release and I didn't
want to grow the kernel or to inadvertently introduce new bugs.
They are here such that other people can look at the code.
Notice that I had to add an extra parameter to ic_send_mgmt() for
action frames, that is why there are small changes in drivers defining
their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in
my tree for too long now.
|
| |
|
|
|
| |
every DTIM in HostAP mode.
Flushes all group addressed MSDUs buffered at the AP for power management.
|
| |
|
|
|
|
| |
hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
| |
|
|
|
|
|
| |
This should take care of the simpler ones (i.e., timeout values of
integer multiples of hz).
ok krw@, art@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will be required for future WPA-Enterprise support (802.1X).
Add ieee80211_needs_auth() function (not implemented yet) to
notify the userland 802.1X PACP machine when an 802.1X port
becomes enabled (that is after successfull 802.11 Open System
authentication).
Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the
PACP state machine can kick the 802.11 key state machine and
install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw).
This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC
for data integrity, and AES Key Wrap for data protection of EAPOL-Key
frames. An OpenBSD AP will always advertise this capability and an
OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based
ones if both are supported by an AP.
|
| |
|
|
|
|
|
| |
to the Attic. nothing uses it in the tree and it is very unlikely
that something will use it one day.
the only driver supporting FHSS PHYs in the tree is ray(4) and it
does not use net80211.
|
| |
|
|
|
|
|
|
|
| |
remove IBSS and HostAP support from net80211 and 802.11 drivers.
it can be used to shrink RAMDISK kernels for instance (like what
was done for wi(4)).
it also has the benefit of highlighting what is specific to IBSS
and HostAP modes in the code.
the cost is that we now have two code paths to maintain.
|
| | |
|
| |
|
|
| |
add support for MFP negotiation during association.
|
| | |
|
| | |
|
| |
|
|
| |
which makes things easier to track.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
WPA is on and RX protection for TA is on.
Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa).
hints from bluhm@
has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have
the right infrastructure to fix it properly at that time.
ok deraadt@
|
| |
|
|
| |
keep track of the number of associated STAs in PS mode.
|
| |
|
|
|
|
|
| |
automatically prepend __func__ to output.
deobfuscates debug messages a bit.
no binary change unless compiled with IEEE80211_DEBUG.
|
| |
|
|
| |
this must not be included by drivers.
|
| |
|
|
| |
ok deraadt@
|
| | |
|
| |
|
|
|
| |
move ieee80211_setup_rates() to ieee80211_node.c
move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
handshake protocols (both supplicant and authenticator state
machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity
Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication
protocols and thus only PSK authentication (using pre-shared
keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK
protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should
work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4),
rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8):
wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@
ok deraadt@
|
| |
|
|
| |
ok krw@
|
| | |
|
| |
|
|
|
| |
it has been #if 0'd since 3.9 and we have never supported this mode (no
ifconfig option etc...).
|
| | |
|
| |
|
|
|
| |
a default ieee80211_set_tim() function that drivers can override
by setting ic_set_tim.
|
| | |
|
| | |
|
| |
|
|
| |
use u_int{8,16,32}_t everywhere.
|
| |
|
|
| |
ok jsg@
|
| |
|
|
|
|
|
| |
definitions.
remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
| |
|
|
|
|
| |
Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
| | |
|
stsp
kettenis
krw
damien
mk
blambert
djm
chl
miod