summaryrefslogtreecommitdiff
path: root/sys/dev/ic
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2004-03-15 21:53:29 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2004-03-15 21:53:29 +0000
commit953b63caed4e531183db037ef2338f649606d05a (patch)
tree0d640fc430723969fac2a9798707f9ec326e633a /sys/dev/ic
parenteabcac87670a685ae9abd3552128ce95d9c65d83 (diff)
Changes to wihap_auth_req():
If the station sends a bogus challenge when authorizing, send back a response to that effect instead of just returning. Simplify sequence number handling--there's no need to update the sequence value by hand since we just need to increment it for the response packet.
Diffstat (limited to 'sys/dev/ic')
-rw-r--r--sys/dev/ic/if_wi_hostap.c32
1 files changed, 15 insertions, 17 deletions
diff --git a/sys/dev/ic/if_wi_hostap.c b/sys/dev/ic/if_wi_hostap.c
index 20373622106..6afb63386e2 100644
--- a/sys/dev/ic/if_wi_hostap.c
+++ b/sys/dev/ic/if_wi_hostap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_wi_hostap.c,v 1.28 2004/03/02 21:55:07 millert Exp $ */
+/* $OpenBSD: if_wi_hostap.c,v 1.29 2004/03/15 21:53:28 millert Exp $ */
/*
* Copyright (c) 2002
@@ -543,8 +543,7 @@ wihap_check_rates(struct wihap_sta_info *sta, u_int8_t rates[], int rates_len)
/* wihap_auth_req()
*
- * Handle incoming authentication request. Only handle OPEN
- * requests.
+ * Handle incoming authentication request.
*/
void
wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
@@ -562,22 +561,28 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
struct wi_80211_hdr *resp_hdr;
- if (len < 6)
+ if (len < 6) {
+ if (sc->sc_arpcom.ac_if.if_flags & IFF_DEBUG)
+ printf("wihap_auth_req: station %s short request\n",
+ ether_sprintf(rxfrm->wi_addr2));
return;
+ }
/* Break open packet. */
algo = take_hword(&pkt, &len);
seq = take_hword(&pkt, &len);
status = take_hword(&pkt, &len);
- challenge_len = 0;
- if (len > 0 && (challenge_len = take_tlv(&pkt, &len,
- IEEE80211_ELEMID_CHALLENGE, challenge, sizeof(challenge))) < 0)
- return;
-
if (sc->sc_arpcom.ac_if.if_flags & IFF_DEBUG)
printf("wihap_auth_req: station %s algo=0x%x seq=0x%x\n",
ether_sprintf(rxfrm->wi_addr2), algo, seq);
+ challenge_len = 0;
+ if (len > 0 && (challenge_len = take_tlv(&pkt, &len,
+ IEEE80211_ELEMID_CHALLENGE, challenge, sizeof(challenge))) < 0) {
+ status = IEEE80211_STATUS_CHALLENGE;
+ goto fail;
+ }
+
/* Find or create station info. */
sta = wihap_sta_find(whi, rxfrm->wi_addr2);
if (sta == NULL) {
@@ -617,22 +622,18 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
switch (algo) {
case IEEE80211_AUTH_ALG_OPEN:
if (sc->wi_authtype != IEEE80211_AUTH_OPEN) {
- seq = 2;
status = IEEE80211_STATUS_ALG;
goto fail;
}
if (seq != 1) {
- seq = 2;
status = IEEE80211_STATUS_SEQUENCE;
goto fail;
}
challenge_len = 0;
- seq = 2;
sta->flags |= WI_SIFLAGS_AUTHEN;
break;
case IEEE80211_AUTH_ALG_SHARED:
if (sc->wi_authtype != IEEE80211_AUTH_SHARED) {
- seq = 2;
status = IEEE80211_STATUS_ALG;
goto fail;
}
@@ -653,7 +654,6 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
printf("\tchallenge: 0x%x 0x%x ...\n",
challenge[0], challenge[1]);
challenge_len = 128;
- seq = 2;
break;
case 3:
if (challenge_len != 128 || !sta->challenge ||
@@ -672,10 +672,8 @@ wihap_auth_req(struct wi_softc *sc, struct wi_frame *rxfrm,
FREE(sta->challenge, M_TEMP);
sta->challenge = NULL;
challenge_len = 0;
- seq = 4;
break;
default:
- seq = 2;
status = IEEE80211_STATUS_SEQUENCE;
goto fail;
} /* switch (seq) */
@@ -704,7 +702,7 @@ fail:
pkt = (caddr_t)&sc->wi_txbuf + sizeof(struct wi_80211_hdr);
put_hword(&pkt, algo);
- put_hword(&pkt, seq);
+ put_hword(&pkt, seq + 1);
put_hword(&pkt, status);
if (challenge_len > 0)
put_tlv(&pkt, IEEE80211_ELEMID_CHALLENGE,