diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2004-03-15 21:53:29 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2004-03-15 21:53:29 +0000 |
| commit | 953b63caed4e531183db037ef2338f649606d05a (patch) | |
| tree | 0d640fc430723969fac2a9798707f9ec326e633a /sys/dev/ic/if_wi_hostap.c | |
| parent | eabcac87670a685ae9abd3552128ce95d9c65d83 (diff) | |
Changes to wihap_auth_req():
If the station sends a bogus challenge when authorizing, send back
a response to that effect instead of just returning.
Simplify sequence number handling--there's no need to update the sequence
value by hand since we just need to increment it for the response packet.
Diffstat (limited to 'sys/dev/ic/if_wi_hostap.c')
| -rw-r--r-- | sys/dev/ic/if_wi_hostap.c | 32 |
1 files changed, 15 insertions, 17 deletions
diff --git a/sys/dev/ic/if_wi_hostap.c b/sys/dev/ic/if_wi_hostap.c index 20373622106..6afb63386e2 100644 --- a/sys/dev/ic/if_wi_hostap.c +++ b/sys/dev/ic/if_wi_hostap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_wi_hostap.c,v 1.28 2004/03/02 21:55:07 millert Exp $ */ +/* $OpenBSD: if_wi_hostap.c,v 1.29 2004/03/15 21:53:28 millert Exp $ */ /* * Copyright (c) 2002 @@ -543,8 +543,7 @@ wihap_check_rates(struct wihap_sta_info *sta, u_int8_t rates[], int rates_len) /* wihap_auth_req() * - * Handle incoming authentication request. Only handle OPEN - * requests. + * Handle incoming authentication request. */ void wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm, @@ -562,22 +561,28 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm, struct wi_80211_hdr *resp_hdr; - if (len < 6) + if (len < 6) { + if (sc->sc_arpcom.ac_if.if_flags & IFF_DEBUG) + printf("wihap_auth_req: station %s short request\n", + ether_sprintf(rxfrm->wi_addr2)); return; + } /* Break open packet. */ algo = take_hword(&pkt, &len); seq = take_hword(&pkt, &len); status = take_hword(&pkt, &len); - challenge_len = 0; - if (len > 0 && (challenge_len = take_tlv(&pkt, &len, - IEEE80211_ELEMID_CHALLENGE, challenge, sizeof(challenge))) < 0) - return; - if (sc->sc_arpcom.ac_if.if_flags & IFF_DEBUG) printf("wihap_auth_req: station %s algo=0x%x seq=0x%x\n", ether_sprintf(rxfrm->wi_addr2), algo, seq); + challenge_len = 0; + if (len > 0 && (challenge_len = take_tlv(&pkt, &len, + IEEE80211_ELEMID_CHALLENGE, challenge, sizeof(challenge))) < 0) { + status = IEEE80211_STATUS_CHALLENGE; + goto fail; + } + /* Find or create station info. */ sta = wihap_sta_find(whi, rxfrm->wi_addr2); if (sta == NULL) { @@ -617,22 +622,18 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm, switch (algo) { case IEEE80211_AUTH_ALG_OPEN: if (sc->wi_authtype != IEEE80211_AUTH_OPEN) { - seq = 2; status = IEEE80211_STATUS_ALG; goto fail; } if (seq != 1) { - seq = 2; status = IEEE80211_STATUS_SEQUENCE; goto fail; } challenge_len = 0; - seq = 2; sta->flags |= WI_SIFLAGS_AUTHEN; break; case IEEE80211_AUTH_ALG_SHARED: if (sc->wi_authtype != IEEE80211_AUTH_SHARED) { - seq = 2; status = IEEE80211_STATUS_ALG; goto fail; } @@ -653,7 +654,6 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm, printf("\tchallenge: 0x%x 0x%x ...\n", challenge[0], challenge[1]); challenge_len = 128; - seq = 2; break; case 3: if (challenge_len != 128 || !sta->challenge || @@ -672,10 +672,8 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm, FREE(sta->challenge, M_TEMP); sta->challenge = NULL; challenge_len = 0; - seq = 4; break; default: - seq = 2; status = IEEE80211_STATUS_SEQUENCE; goto fail; } /* switch (seq) */ @@ -704,7 +702,7 @@ fail: pkt = (caddr_t)&sc->wi_txbuf + sizeof(struct wi_80211_hdr); put_hword(&pkt, algo); - put_hword(&pkt, seq); + put_hword(&pkt, seq + 1); put_hword(&pkt, status); if (challenge_len > 0) put_tlv(&pkt, IEEE80211_ELEMID_CHALLENGE, |