summaryrefslogtreecommitdiffstats
path: root/sys/net80211 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* nuke unused fields.damien2008-08-121-5/+1
|
* add the code to encrypt/decrypt management frames, retrieve key iddamien2008-08-123-19/+105
| | | | | from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
* reserves the correct number of bytes in ieee80211_send_4way_msg2().damien2008-08-121-2/+4
|
* clear Tx_Rx protection bits properly.damien2008-08-122-3/+6
|
* do not drop frames that have an invalid IE, just stop processingdamien2008-08-121-5/+5
| | | | more IEs.
* populate ieee80211_recv_action(), does nothing yet.damien2008-08-121-2/+53
|
* add a couple of new definitions (action frames, new subtypes for controldamien2008-08-121-4/+37
| | | | frames, new IEs etc...)
* missing SHA-256 bits.damien2008-08-121-2/+3
|
* v3 descriptors use AES Key Wrap too.damien2008-08-121-2/+2
|
* new SHA-256 based AKMPs.damien2008-08-128-24/+62
|
* add/process group integrity cipher suite in RSN IEs.damien2008-08-124-21/+108
| | | | add support for MFP negotiation during association.
* add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitionsdamien2008-08-123-14/+40
| | | | | instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
* add support for EAPOL-Key v3 descriptors (similar to v2 except that thedamien2008-08-122-5/+56
| | | | | MIC is computed using AES-128-CMAC instead of HMAC-SHA1). add a SHA-256 based key derivation function (not used yet).
* the only integrity group cipher currently supported is AES-128-CMAC.damien2008-08-122-2/+6
|
* generate a random IGTK in HostAP mode if we're MFP-capable.damien2008-08-122-2/+33
|
* add IEEE80211_F_MFPR config flags (management frame protection required)damien2008-08-121-1/+4
| | | | and IEEE80211_C_MFP capability bit (driver supports MFP).
* add definitions for RSN capabilities field (RSN IE).damien2008-08-121-1/+12
|
* AES Key Wrap adds a 64-bit MIC to the payload but we pad the contentdamien2008-08-121-3/+3
| | | | | of the frame so that it is a multiple of 8 bytes before encryption. So we must reserve up to 15 bytes in the mbuf for the worst case, not 8.
* process IGTK KDEs in EAPOL-Key frames and install integrity group keysdamien2008-08-124-60/+174
| | | | if MFP was negotiated with the peer (not possible yet).
* extend the ic_nw_keys[] array to 6 elements.damien2008-08-122-28/+33
| | | | | | indices 0-3 will be used for group data keys while indices 4-5 will be used for integrity group keys. add a ic_rsngroupmgmtcipher field too.
* in a near future, unicast management frames will be encrypted/decrypteddamien2008-08-121-2/+5
| | | | using CCMP. use the right replay counter in this case.
* Change the way we process EAPOL-Key frames.damien2008-08-125-27/+41
| | | | | | | | | | | | Free the mbuf in the ieee80211_eapol_key_input() function. Do not assume the frame is contiguous, call m_pullup2() if it is not. We need the frame to be contiguous to process KDEs efficiently in EAPOL-Key frames (just like we process IEs in management frames). However, there are drivers like upgt(4) that use m_devget() in the RX path. m_devget() can return fragmented mbuf chains. Notice that we should do the same m_pullup2() for management frames. This will be done later. Remove the ic_recv_eapol callback.
* add new IEEE80211_CIPHER_AES128_CMAC cipher and new key flagdamien2008-08-121-92/+80
| | | | | | IEEE80211_KEY_IGTK. lot of cleanup while i'm here (indent function prototypes). change license since this file was completely rewritten.
* Welcome BIP: the Broadcast/Multicast Integrity Protocol defineddamien2008-08-124-3/+239
| | | | | | | in Draft IEEE P802.11w. It provides data integrity and replay protection for broadcast/ multicast robust management frames (not used yet) using AES-128 in CMAC mode.
* maintain a count of TKIP and CCMP replayed frames.damien2008-08-124-18/+31
| | | | some cleanup while i'm here.
* add replay counter for management frames.damien2008-08-121-1/+2
|
* fix values for QoS control field.damien2008-08-121-6/+6
|
* retrieve the TID from QoS frames to use with the appropriatedamien2008-08-122-9/+49
| | | | replay counter.
* use MINCLSIZE to decide wether we need to allocate an mbuf cluster insteadhenning2008-08-123-9/+9
| | | | of MLEM, damien ok
* get rid of the map_ptk()/map_gtk() functions, just inline themdamien2008-08-125-80/+76
| | | | which makes things easier to track.
* simplify ieee80211_derive_ptk() prototype.damien2008-08-123-20/+17
| | | | | pass the AKMP so we can support other key derivation functions in the future.
* use HMAC-MD5, HMAC-SHA1 and AES Key Wrap sys/crypto/damien2008-08-121-231/+78
|
* do not use IEEE80211_QOS_TID. its definition in ieee80211.h isdamien2008-08-022-5/+5
| | | | wrong. hard-code 0xf for now. will be fixed post-release.
* do not touch m after it has been enqueued with IFQ_ENQUEUE().damien2008-08-022-10/+13
| | | | | | | | copy m_pkthdr.len and m_flags before and use that after to update the statistics. from altq(4) man page and for consistency with what is done in other parts of the tree.
* print the correct value in a debug message.damien2008-08-021-4/+4
|
* typo in a comment. no binary change.damien2008-08-021-2/+2
|
* Drop frames that are received unencrypted when WEP is on or whendamien2008-08-025-17/+43
| | | | | | | | | | | | | | WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on. tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days. pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time. ok deraadt@
* ignore PS mode changes and PS-Poll from non-associated STAs.damien2008-07-283-26/+28
| | | | keep track of the number of associated STAs in PS mode.
* missing "goto err".damien2008-07-281-5/+6
| | | | fix IEEE80211_DEBUG builds.
* sanitize RX path a bit.damien2008-07-273-159/+137
| | | | | | | make sure drivers pass a contiguous header, check header length earlier. fix checking of frames sequence number for frames containing an Address 4 field (required for future work). fix processing of control frames (only pspoll for now).
* s/IEEE80211_DPRINTF/DPRINTF/damien2008-07-279-203/+152
| | | | | | | automatically prepend __func__ to output. deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
* remove unused structures and duplicated definitions.damien2008-07-271-143/+70
| | | | remove clause 3 of license while I'm here (from FreeBSD).
* shrink ieee80211_set_link_state().damien2008-07-261-66/+7
|
* remove useless #includes.damien2008-07-261-4/+1
|
* properly handle management frames (required for future work).damien2008-07-261-16/+27
| | | | remove useless #includes.
* call Phase1 every 2**16 frames instead of calling it for every frame.damien2008-07-261-14/+18
| | | | | properly handle frames with an address 4 field (required for future work). remove useless #includes.
* Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59damien2008-07-232-4/+4
| | | | | | | | | | | The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1. Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track. Tested by giovanni. Should fix system/5881 too.
* add ieee80211_priv.h file: contains definitions private to net80211.damien2008-07-2112-96/+120
| | | | this must not be included by drivers.
* move processing of EAPOL frames away from ieee80211_{input,output}.cdamien2008-07-215-1447/+1531
|
* instead of passing rx tstamp and rssi to the ieee80211_input function,damien2008-07-214-45/+51
| | | | | | | pass a pointer to an ieee80211_rxinfo structure containing those two fields plus an extra flags field that indicates whether the frame was decrypted by hardware or not. required for a future fix.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.