src - OpenBSD base system

diff options


context:
space:
mode:

author	Damien Bergamini <damien@cvs.openbsd.org>	2007-07-06 18:18:44 +0000
committer	Damien Bergamini <damien@cvs.openbsd.org>	2007-07-06 18:18:44 +0000
commit	722610f772570c2cfa63e828916f01634ffaa7d3 (patch)
tree	f23ada2fe9061e4c3e66b5ca819108f836535844
parent	69b20f8d7ea28a8a527c1cfee0aa5c2b17aa3a69 (diff)

remove remaining bits for pre-RSNA shared authmode support.

it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).

Diffstat

-rw-r--r--

sys/net80211/ieee80211_input.c

186

-rw-r--r--

sys/net80211/ieee80211_node.c

-rw-r--r--

sys/net80211/ieee80211_node.h

-rw-r--r--

sys/net80211/ieee80211_output.c

-rw-r--r--

sys/net80211/ieee80211_proto.h

5 files changed, 9 insertions, 248 deletions

diff --git a/sys/net80211/ieee80211_input.c b/sys/net80211/ieee80211_input.c
index fcf9b6c0b19..b81299c3d13 100644
--- a/sys/net80211/ieee80211_input.c
+++ b/sys/net80211/ieee80211_input.c

@@ -1,5 +1,5 @@

/* $NetBSD: ieee80211_input.c,v 1.24 2004/05/31 11:12:24 dyoung Exp $ */

-/* $OpenBSD: ieee80211_input.c,v 1.37 2007/07/06 17:58:04 damien Exp $ */

+/* $OpenBSD: ieee80211_input.c,v 1.38 2007/07/06 18:18:43 damien Exp $ */

/*-

@@ -770,179 +770,6 @@ ieee80211_auth_open(struct ieee80211com *ic, const struct ieee80211_frame *wh,

}

-#if 0

-/* TBD send appropriate responses on error? */

-void

-ieee80211_auth_shared(struct ieee80211com *ic, struct ieee80211_frame *wh,

- u_int8_t *frm, u_int8_t *efrm, struct ieee80211_node *ni, int rssi,

- u_int32_t rstamp, u_int16_t seq, u_int16_t status)

- struct ifnet *ifp = &ic->ic_if;

- u_int8_t *challenge = NULL;

- int i;

- if ((ic->ic_flags & IEEE80211_F_WEPON) == 0) {

- IEEE80211_DPRINTF(("%s: WEP is off\n", __func__));

- return;

- }

- if (frm + 1 < efrm) {

- if (frm[1] + 2 > efrm - frm) {

- IEEE80211_DPRINTF(("elt %d %d bytes too long\n",

- frm[0], (frm[1] + 2) - (int)(efrm - frm)));

- ic->ic_stats.is_rx_bad_auth++;

- return;

- }

- if (*frm == IEEE80211_ELEMID_CHALLENGE)

- challenge = frm;

- frm += frm[1] + 2;

- }

- switch (seq) {

- case IEEE80211_AUTH_SHARED_CHALLENGE:

- case IEEE80211_AUTH_SHARED_RESPONSE:

- if (challenge == NULL) {

- IEEE80211_DPRINTF(("%s: no challenge sent\n",

- __func__));

- ic->ic_stats.is_rx_bad_auth++;

- return;

- }

- if (challenge[1] != IEEE80211_CHALLENGE_LEN) {

- IEEE80211_DPRINTF(("%s: bad challenge len %d\n",

- __func__, challenge[1]));

- ic->ic_stats.is_rx_bad_auth++;

- return;

- }

- default:

- break;

- }

- switch (ic->ic_opmode) {

- case IEEE80211_M_MONITOR:

- case IEEE80211_M_AHDEMO:

- case IEEE80211_M_IBSS:

- IEEE80211_DPRINTF(("%s: unexpected operating mode\n",

- __func__));

- return;

- case IEEE80211_M_HOSTAP:

- if (ic->ic_state != IEEE80211_S_RUN) {

- IEEE80211_DPRINTF(("%s: not running\n", __func__));

- return;

- }

- switch (seq) {

- case IEEE80211_AUTH_SHARED_REQUEST:

- if (ni == ic->ic_bss) {

- ni = ieee80211_alloc_node(ic, wh->i_addr2);

- if (ni == NULL) {

- ic->ic_stats.is_rx_nodealloc++;

- return;

- }

- IEEE80211_ADDR_COPY(ni->ni_bssid,

- ic->ic_bss->ni_bssid);

- ni->ni_rssi = rssi;

- ni->ni_rstamp = rstamp;

- ni->ni_chan = ic->ic_bss->ni_chan;

- }

- if (ni->ni_challenge == NULL)

- ni->ni_challenge = (u_int32_t*)malloc(

- IEEE80211_CHALLENGE_LEN, M_DEVBUF,

- M_NOWAIT);

- if (ni->ni_challenge == NULL) {

- IEEE80211_DPRINTF(("%s: "

- "challenge alloc failed\n", __func__));

- /* XXX statistic */

- return;

- }

- for (i = IEEE80211_CHALLENGE_LEN / sizeof(u_int32_t);

- --i >= 0; )

- ni->ni_challenge[i] = arc4random();

- if (ifp->if_flags & IFF_DEBUG)

- printf("%s: station %s shared key "

- "%sauthentication\n", ifp->if_xname,

- ether_sprintf(ni->ni_macaddr),

- ni->ni_state != IEEE80211_STA_CACHE ?

- "" : "re");

- break;

- case IEEE80211_AUTH_SHARED_RESPONSE:

- if (ni == ic->ic_bss) {

- IEEE80211_DPRINTF(("%s: unknown STA\n",

- __func__));

- return;

- }

- if (ni->ni_challenge == NULL) {

- IEEE80211_DPRINTF((

- "%s: no challenge recorded\n", __func__));

- ic->ic_stats.is_rx_bad_auth++;

- return;

- }

- if (memcmp(ni->ni_challenge, &challenge[2],

- challenge[1]) != 0) {

- IEEE80211_DPRINTF(("%s: challenge mismatch\n",

- __func__));

- ic->ic_stats.is_rx_auth_fail++;

- return;

- }

- if (ifp->if_flags & IFF_DEBUG)

- printf("%s: station %s authenticated "

- "(shared key)\n", ifp->if_xname,

- ether_sprintf(ni->ni_macaddr));

- ieee80211_node_newstate(ni, IEEE80211_STA_AUTH);

- break;

- default:

- IEEE80211_DPRINTF(("%s: bad seq %d from %s\n",

- __func__, seq, ether_sprintf(wh->i_addr2)));

- ic->ic_stats.is_rx_bad_auth++;

- return;

- }

- IEEE80211_SEND_MGMT(ic, ni,

- IEEE80211_FC0_SUBTYPE_AUTH, seq + 1);

- break;

- case IEEE80211_M_STA:

- if (ic->ic_state != IEEE80211_S_AUTH)

- return;

- switch (seq) {

- case IEEE80211_AUTH_SHARED_PASS:

- if (ni->ni_challenge != NULL) {

- FREE(ni->ni_challenge, M_DEVBUF);

- ni->ni_challenge = NULL;

- }

- if (status != 0) {

- printf("%s: %s: shared authentication failed "

- "(reason %d) for %s\n", ifp->if_xname,

- __func__, status,

- ether_sprintf(wh->i_addr3));

- if (ni != ic->ic_bss)

- ni->ni_fails++;

- ic->ic_stats.is_rx_auth_fail++;

- return;

- }

- ieee80211_new_state(ic, IEEE80211_S_ASSOC,

- wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK);

- break;

- case IEEE80211_AUTH_SHARED_CHALLENGE:

- if (ni->ni_challenge == NULL)

- ni->ni_challenge = (u_int32_t*)malloc(

- challenge[1], M_DEVBUF, M_NOWAIT);

- if (ni->ni_challenge == NULL) {

- IEEE80211_DPRINTF((

- "%s: challenge alloc failed\n", __func__));

- /* XXX statistic */

- return;

- }

- memcpy(ni->ni_challenge, &challenge[2], challenge[1]);

- IEEE80211_SEND_MGMT(ic, ni,

- IEEE80211_FC0_SUBTYPE_AUTH, seq + 1);

- break;

- default:

- IEEE80211_DPRINTF(("%s: bad seq %d from %s\n",

- __func__, seq, ether_sprintf(wh->i_addr2)));

- ic->ic_stats.is_rx_bad_auth++;

- return;

- }

- break;

- }

-#endif

/* unaligned little endian access */

#define LE_READ_2(p) \

((u_int16_t) \

@@ -1564,7 +1391,6 @@ ieee80211_recv_probe_req(struct ieee80211com *ic, struct mbuf *m0,

* [2] Authentication algorithm number

* [2] Authentication transaction sequence number

* [2] Status code

- * [tlv*] Challenge text

void

ieee80211_recv_auth(struct ieee80211com *ic, struct mbuf *m0,

@@ -1587,11 +1413,6 @@ ieee80211_recv_auth(struct ieee80211com *ic, struct mbuf *m0,

if (algo == IEEE80211_AUTH_ALG_OPEN)

ieee80211_auth_open(ic, wh, ni, rssi, rstamp, seq, status);

-#if 0

- else if (algo == IEEE80211_AUTH_ALG_SHARED)

- ieee80211_auth_shared(ic, wh, frm, efrm, ni, rssi, rstamp,

- seq, status);

-#endif

else {

IEEE80211_DPRINTF(("%s: unsupported authentication "

"algorithm %d from %s\n",

@@ -1701,11 +1522,6 @@ ieee80211_recv_assoc_req(struct ieee80211com *ic, struct mbuf *m0,

else if (wpa != NULL)

ieee80211_parse_wpa(ic, ni, wpa);

- /* discard challenge after association */

- if (ni->ni_challenge != NULL) {

- FREE(ni->ni_challenge, M_DEVBUF);

- ni->ni_challenge = NULL;

- }

if (!(capinfo & IEEE80211_CAPINFO_ESS)) {

IEEE80211_DPRINTF(("%s: capinfo mismatch for %s\n",

__func__, ether_sprintf((u_int8_t *)wh->i_addr2)));

diff --git a/sys/net80211/ieee80211_node.c b/sys/net80211/ieee80211_node.c
index 03dd788bacb..95c0a2a32e3 100644
--- a/sys/net80211/ieee80211_node.c
+++ b/sys/net80211/ieee80211_node.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ieee80211_node.c,v 1.27 2007/07/06 17:47:19 damien Exp $ */

+/* $OpenBSD: ieee80211_node.c,v 1.28 2007/07/06 18:18:43 damien Exp $ */

/* $NetBSD: ieee80211_node.c,v 1.14 2004/05/09 09:18:47 dyoung Exp $ */

/*-

@@ -536,10 +536,6 @@ ieee80211_node_alloc(struct ieee80211com *ic)

void

ieee80211_node_cleanup(struct ieee80211com *ic, struct ieee80211_node *ni)

{

- if (ni->ni_challenge != NULL) {

- FREE(ni->ni_challenge, M_DEVBUF);

- ni->ni_challenge = NULL;

- }

}

void

@@ -555,7 +551,6 @@ ieee80211_node_copy(struct ieee80211com *ic,

{

ieee80211_node_cleanup(ic, dst);

*dst = *src;

- dst->ni_challenge = NULL;

}

u_int8_t

diff --git a/sys/net80211/ieee80211_node.h b/sys/net80211/ieee80211_node.h
index 57c9177681f..a1495998c28 100644
--- a/sys/net80211/ieee80211_node.h
+++ b/sys/net80211/ieee80211_node.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ieee80211_node.h,v 1.16 2007/07/03 19:44:54 damien Exp $ */

+/* $OpenBSD: ieee80211_node.h,v 1.17 2007/07/06 18:18:43 damien Exp $ */

/* $NetBSD: ieee80211_node.h,v 1.9 2004/04/30 22:57:32 dyoung Exp $ */

/*-

@@ -128,7 +128,6 @@ struct ieee80211_node {

int ni_inact; /* inactivity mark count */

int ni_txrate; /* index to ni_rates[] */

int ni_state;

- u_int32_t *ni_challenge; /* shared-key challenge */

u_int8_t ni_flags; /* special-purpose state */

#define IEEE80211_NODE_ERP 0x01

diff --git a/sys/net80211/ieee80211_output.c b/sys/net80211/ieee80211_output.c
index 08b2c2832f4..2e534b21f80 100644
--- a/sys/net80211/ieee80211_output.c
+++ b/sys/net80211/ieee80211_output.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ieee80211_output.c,v 1.43 2007/07/05 21:35:45 damien Exp $ */

+/* $OpenBSD: ieee80211_output.c,v 1.44 2007/07/06 18:18:43 damien Exp $ */

/* $NetBSD: ieee80211_output.c,v 1.13 2004/05/31 11:02:55 dyoung Exp $ */

/*-

@@ -192,13 +192,6 @@ ieee80211_mgmt_output(struct ifnet *ifp, struct ieee80211_node *ni,

IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr);

IEEE80211_ADDR_COPY(wh->i_addr3, ni->ni_bssid);

- if ((m->m_flags & M_LINK0) != 0 && ni->ni_challenge != NULL) {

- m->m_flags &= ~M_LINK0;

- IEEE80211_DPRINTF(("%s: encrypting frame for %s\n", __func__,

- ether_sprintf(wh->i_addr1)));

- wh->i_fc[1] |= IEEE80211_FC1_WEP;

- }

if (ifp->if_flags & IFF_DEBUG) {

/* avoid to print too many frames */

if (ic->ic_opmode == IEEE80211_M_IBSS ||

@@ -752,18 +745,6 @@ ieee80211_add_edca_params(u_int8_t *frm, struct ieee80211com *ic)

}

- * Add a Challenge Text element to a frame (see 7.3.2.8).

- */

-u_int8_t *

-ieee80211_add_challenge(u_int8_t *frm, const u_int8_t *challenge, u_int len)

- *frm++ = IEEE80211_ELEMID_CHALLENGE;

- *frm++ = len;

- memcpy(frm, challenge, len);

- return frm + len;

-/*

* Add an ERP element to a frame (see 7.3.2.13).

u_int8_t *

@@ -1074,7 +1055,6 @@ ieee80211_get_probe_resp(struct ieee80211com *ic, struct ieee80211_node *ni)

* [2] Authentication algorithm number

* [2] Authentication transaction sequence number

* [2] Status code

- * [tlv*] Challenge text

struct mbuf *

ieee80211_get_auth(struct ieee80211com *ic, struct ieee80211_node *ni,

@@ -1082,46 +1062,18 @@ ieee80211_get_auth(struct ieee80211com *ic, struct ieee80211_node *ni,

{

struct mbuf *m;

u_int8_t *frm;

- int has_challenge, is_shared_key;

MGETHDR(m, M_DONTWAIT, MT_DATA);

if (m == NULL)

return NULL;

- has_challenge = (seq == IEEE80211_AUTH_SHARED_CHALLENGE ||

- seq == IEEE80211_AUTH_SHARED_RESPONSE) &&

- ni->ni_challenge != NULL;

- is_shared_key = has_challenge || (ni->ni_challenge != NULL &&

- seq == IEEE80211_AUTH_SHARED_PASS);

- if (has_challenge && status == IEEE80211_STATUS_SUCCESS) {

- MH_ALIGN(m, 2 * 3 + 2 + IEEE80211_CHALLENGE_LEN);

- m->m_pkthdr.len = m->m_len =

- 2 * 3 + 2 + IEEE80211_CHALLENGE_LEN;

- } else {

- MH_ALIGN(m, 2 * 3);

- m->m_pkthdr.len = m->m_len = 2 * 3;

- }

+ MH_ALIGN(m, 2 * 3);

+ m->m_pkthdr.len = m->m_len = 2 * 3;

frm = mtod(m, u_int8_t *);

- if (is_shared_key)

- LE_WRITE_2(frm, IEEE80211_AUTH_ALG_SHARED);

- else

- LE_WRITE_2(frm, IEEE80211_AUTH_ALG_OPEN);

- frm += 2;

+ LE_WRITE_2(frm, IEEE80211_AUTH_ALG_OPEN); frm += 2;

LE_WRITE_2(frm, seq); frm += 2;

- LE_WRITE_2(frm, status); frm += 2;

+ LE_WRITE_2(frm, status);

- if (has_challenge && status == IEEE80211_STATUS_SUCCESS) {

- frm = ieee80211_add_challenge(frm,

- (u_int8_t *)ni->ni_challenge, IEEE80211_CHALLENGE_LEN);

- if (seq == IEEE80211_AUTH_SHARED_RESPONSE) {

- IEEE80211_DPRINTF((

- "%s: request encrypt frame\n", __func__));

- m->m_flags |= M_LINK0; /* WEP-encrypt, please */

- }

return m;

}

diff --git a/sys/net80211/ieee80211_proto.h b/sys/net80211/ieee80211_proto.h
index 902c9309fb1..6a1b7d37234 100644
--- a/sys/net80211/ieee80211_proto.h
+++ b/sys/net80211/ieee80211_proto.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: ieee80211_proto.h,v 1.19 2007/07/05 20:19:21 damien Exp $ */

+/* $OpenBSD: ieee80211_proto.h,v 1.20 2007/07/06 18:18:43 damien Exp $ */

/* $NetBSD: ieee80211_proto.h,v 1.3 2003/10/13 04:23:56 dyoung Exp $ */

/*-

@@ -91,7 +91,6 @@ extern u_int8_t *ieee80211_add_tim(u_int8_t *, struct ieee80211com *);

extern u_int8_t *ieee80211_add_ibss_params(u_int8_t *,

const struct ieee80211_node *);

extern u_int8_t *ieee80211_add_edca_params(u_int8_t *, struct ieee80211com *);

-extern u_int8_t *ieee80211_add_challenge(u_int8_t *, const u_int8_t *, u_int);

extern u_int8_t *ieee80211_add_erp(u_int8_t *, struct ieee80211com *);

extern u_int8_t *ieee80211_add_qos_capability(u_int8_t *,

struct ieee80211com *);