| Age | Commit message (Collapse) | Author |
|---|
|
drivers update hardware configuration accordingly.
tested by myself, tb@, deraadt@, abieber@
ok mpi@
|
|
which only worked with ath(4) devices from a decade ago.
Diff tested on ath(4) hardware by me to verify that 11a/b modes still work.
ok reyk deraadt chris sthen kettenis
|
|
ok kettenis@
|
|
in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@.
ok sthen@ jasper@ deraadt@
|
|
Make sure 11n features are enabled only if media type is autoselect or 11n.
11n mode uses MCS (modulation & coding scheme) instead of rates like 11a/b/g.
This means we'll have to take the current mode into account and decide whether
to use a rate or an MCS for transmission. Receiving frames on legacy rates
will still work in 11n mode. We just won't be using legacy rates to send
data frames to an STA or AP we negotiated 11n features with.
My initial plan was to grow the ieee80211_rateset structure and treat MCS
just like rates. However, ieee80211_rateset corresponds to rates and xrates
elements in management frames and is copied directly into such elements
so its size cannot change. Thus, MCS stands on its own and corresponds to
elements in management frames related to 11n HT capabilities.
ok deraadt mpi phessler kettenis guenther
|
|
ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking
the build in rsu(4) for RAMDISK_CD.
Also declare 11n protection modes and MCS count.
ok deraadt mpi kettenis guenther
|
|
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw
had its own queue for beacons.
tested by mpi@ and jmc@
ok mpi@
|
|
Will be used by iwm(4) soon.
ok kettenis@
|
|
This changes numbers of the SIOCSIFMEDIA and SIOCGIFMEDIA ioctls and
grows struct ifmediareq.
Old ifconfig and dhclient binaries can still assign addresses, however
the 'media' subcommand stops working. Recompiling ifconfig and dhclient
with new headers before a reboot should not be necessary unless in very
special circumstances where non-default media settings must be used to
get link and console access is not available.
There may be some MD fallout but that will be cleared up later.
ok deraadt miod
with help and suggestions from several sharks attending l2k15
|
|
Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within
5 minutes. Inactive cached nodes (not authenticated or associated) are
automatically cleared from the cache once every hour, making room for
new nodes. If the node cache is full and room must be made for a new node,
clean either a cached node (active or inactive), or an inactive
authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated,
and only send a de-auth frame once for a given node.
This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl.
ok deraadt@
|
|
the BSS. this is needed by drivers that need to maintain a hardware
table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
|
that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL).
also, perform all the sanity checks on injected raw 802.11 frames earlier
(in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng.
when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
|
of defining it unconditionnaly.
although the HT code is not ready yet, making it compile on
GENERIC kernels will help catch regressions/bugs if any.
|
|
the code will allow the concurrent reception of fragments of three
fragmented MSDUs or MMPDUs as required by the 802.11 standard.
|
|
Maintain state for both originator and recipient roles separately.
Do not allocate receive reordering buffer in addba_request().
Test the "initiator" bit in incoming DELBA frames and set it appropriately
in outgoing DELBA frames.
Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
|
- implement A-MPDU frames buffering and reordering
- implement A-MSDU decapsulation
- process/send ADDBA Request, ADDBA Response and DELBA action frames
- process Block Ack Request control frames (including MTBAR)
- implement PBAC support (Protected Block Ack)
- add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0:
- implement SA Query procedure (both AP and STA)
- cleanup BIP
Fix some bugs:
- fix check for WEP key length that otherwise caused a stack smash in
ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc)
- properly stop EAPOL timeout: fixes a panic that occured in HostAP mode
when turning the interface down while a 4-way handshake is in progress
(pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined)
because they won't be ready until after the next release and I didn't
want to grow the kernel or to inadvertently introduce new bugs.
They are here such that other people can look at the code.
Notice that I had to add an extra parameter to ic_send_mgmt() for
action frames, that is why there are small changes in drivers defining
their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in
my tree for too long now.
|
|
to our AP as we enter TKIP countermeasures by caching the TSC of
the last frame to fail the MIC; prompted by and ok damien@
|
|
This will be required for future WPA-Enterprise support (802.1X).
Add ieee80211_needs_auth() function (not implemented yet) to
notify the userland 802.1X PACP machine when an 802.1X port
becomes enabled (that is after successfull 802.11 Open System
authentication).
Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the
PACP state machine can kick the 802.11 key state machine and
install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw).
This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC
for data integrity, and AES Key Wrap for data protection of EAPOL-Key
frames. An OpenBSD AP will always advertise this capability and an
OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based
ones if both are supported by an AP.
|
|
the size of install media.
ok damien@ deraadt@
|
|
0=normal ack). all bits are currently set to 0.
use this bitmap to set the ACK policy of the QoS control field of
outgoing QoS frames.
|
|
ieee80211_mgmt_output() and ieee80211_encap().
use new IEEE80211_C_APPMGT capability flag where appropriate.
rename ic_tim_mcast to ic_tim_mcast_pending.
|
|
to the Attic. nothing uses it in the tree and it is very unlikely
that something will use it one day.
the only driver supporting FHSS PHYs in the tree is ray(4) and it
does not use net80211.
|
|
add two capabilities flags: IEEE80211_C_HT for HT STAs (802.11n)
and IEEE80211_C_APPMGT which indicates the capability for an AP
to buffer unicast and multicast traffic for STAs in PS mode.
all drivers claiming HostAP support should support that but the
truth is that none of them do.
most of them are still at the 802.11b-only era and do not update
dynamic parts of beacons or process frames from ic_pwrsaveq.
|
|
that ieee80211.h contains only definitions that are part of the
802.11 standard and not constants used internally by net80211.
because channels attributes are exported to userland through the
radiotap BPF interface, add the definitions to ieee80211_radiotap.h
too (which must be kept in sync with what is used in net80211).
also, do not export combinations of channel attributes to userland
so that noone get stupid ideas.
|
|
remove IBSS and HostAP support from net80211 and 802.11 drivers.
it can be used to shrink RAMDISK kernels for instance (like what
was done for wi(4)).
it also has the benefit of highlighting what is specific to IBSS
and HostAP modes in the code.
the cost is that we now have two code paths to maintain.
|
|
|
|
and IEEE80211_C_MFP capability bit (driver supports MFP).
|
|
indices 0-3 will be used for group data keys while indices 4-5 will
be used for integrity group keys.
add a ic_rsngroupmgmtcipher field too.
|
|
Free the mbuf in the ieee80211_eapol_key_input() function.
Do not assume the frame is contiguous, call m_pullup2() if it is not.
We need the frame to be contiguous to process KDEs efficiently in
EAPOL-Key frames (just like we process IEs in management frames).
However, there are drivers like upgt(4) that use m_devget() in the
RX path. m_devget() can return fragmented mbuf chains.
Notice that we should do the same m_pullup2() for management frames.
This will be done later.
Remove the ic_recv_eapol callback.
|
|
keep track of the number of associated STAs in PS mode.
|
|
make sure drivers pass a contiguous header, check header length earlier.
fix checking of frames sequence number for frames containing an Address 4
field (required for future work).
fix processing of control frames (only pspoll for now).
|
|
this must not be included by drivers.
|
|
pass a pointer to an ieee80211_rxinfo structure containing those two
fields plus an extra flags field that indicates whether the frame was
decrypted by hardware or not.
required for a future fix.
|
|
handshake protocols (both supplicant and authenticator state
machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity
Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication
protocols and thus only PSK authentication (using pre-shared
keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK
protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should
work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4),
rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8):
wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@
ok deraadt@
|
|
plcp2rate functions use plcp codes in most-significant-bit-first format
(R4-R1).
some drivers like wpi(4) and iwn(4) want plcp codes in lsb-first format
so they can't use those functions.
also the IEEE standard uses R1-R4 notation so this can be a bit confusing
for those refering to it.
use u_int8_t for plcp code and rate instead of int.
|
|
convert the PLCP header signal field to a rate value and vice versa.
This implementation has been discussed with Damien and doesn't change
any existing net80211 structures.
ok damien@
|
|
ieee80211_plcp2rate() because I've got a late feedback from Damien that
he dislike the implementation method a lot.
|
|
Help and OK reyk@
|
|
Tx/Rx MIC for TKIP.
- add two functions to map a PTK and a GTK to an IEEE 802.11 key and
use them in ieee80211_input.c instead of duplicating the same code.
properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP.
- add ic_psk to struct ieee80211com to store the pre-shared key.
- fix setting of the SECURE bit in outgoing EAPOL-Key frames.
- when receiving msg 2 of the 4-way handshake, deauthenticate the
station if the RSN IE does not match that of the (Re)Association
request.
- before parsing an RSN or WPA IE, check that there's enough room for
the version field (2 bytes) which is mandatory.
- various tweaks while i'm here.
|
|
add a 64-bit replay counter for sending EAPOL-Key request frames.
add a ic_recv_eapol callback to process EAPOL frames.
drivers can redefine this callback but net80211 will implement it.
|
|
in an RSNA, each STA must maintain a 256-bit global key counter that
must be initialized to a random value (see 8.5.7).
|
|
one that can be used with other ciphers than WEP.
|
|
vendor-specific IE.
|
|
|
|
a default ieee80211_set_tim() function that drivers can override
by setting ic_set_tim.
|
|
|
|
|
|
|
|
supports QoS.
Add a new flag IEEE80211_F_QOS indicating whether QoS is enabled or not.
Add a callback to notify drivers that AC parameters have changed in
the QBSS. Drivers implementing QoS should define this callback and
update their EDCA settings accordingly.
|
|
|
