#
1.139 |
|
08-May-2024 |
stsp |
disable the regular ieee80211_encap() Tx path in monitor mode
Frames injected from user space carry the DLT_IEEE802_11_RADIO mbuf tag, and are handled as a special case. Do not fall back to regular encapsulation while we are in monitor mode and the frame injected by userspace is found to be invalid.
This fixes an issue when iwx(4) runs in monitor mode with addresses configured on the interface and leaving 11n/11ac mode directly for monitor mode. In this case, traffic generated by userspace or the kernel (such as ICMPv6) would trigger Tx attempts, which in turn would trigger an attempt to set up a block ACK agreement and then cause a firmware panic.
This points at a related issue where interface configuration state is not properly cleaned up while switching into monitor mode. The 11n/11ac interface config should ideally be cleared completely, preventing block ack from being initiated.
But preventing the stack from trying to send frames down the regular Tx path in monitor mode is a good idea in general because drivers may not handle this very well for various reasons, block ack being just one.
tested by jmc@ and myself on iwx ax200
|
#
1.138 |
|
14-Apr-2024 |
jsg |
with empty body loops, put final semicolon on a new line for readability ok bluhm@ jca@
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE OPENBSD_7_4_BASE OPENBSD_7_5_BASE
|
#
1.137 |
|
14-Mar-2022 |
stsp |
Add initial 802.11ac (VHT) support to net80211.
Add VHT capability and operation IE definitions to ieee80211.h. Introduce channel flags to identify 80MHz and 160MHz capable channels.
Parse VHT IEs in beacons, announce the driver's VHT capabilities in probe requests and assoc requests, and hop into 11ac mode after association to the AP if possible.
Enable VHT by default if the driver announces support for it.
ok claudio@
|
#
1.136 |
|
05-Jan-2022 |
dlg |
rename ETHERTYPE_PAE to ETHERTYPE_EAPOL.
everyone else seems to use ETHERTYPE_EAPOL, and as a bonus it also appears to be more correct.
ok deraadt@ stsp@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.135 |
|
08-Sep-2021 |
stsp |
Improve debug output when sending 802.11 action frames by showing the action frame subtypes we care about (i.e. those related to 11n block ack).
ok mpi@
|
#
1.134 |
|
11-May-2021 |
stsp |
In hostap mode don't send data frames to nodes which aren't in state ASSOC.
Sending data frames to nodes in other states is wrong since the node's data structure might not be set up properly in such states. This could explain occasional "key unset for sw crypto" panics observed with athn(4) hostap interfaces.
Problem reported and fix tested by Mikolaj Kucharski.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.133 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.138 |
|
14-Apr-2024 |
jsg |
with empty body loops, put final semicolon on a new line for readability ok bluhm@ jca@
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE OPENBSD_7_4_BASE OPENBSD_7_5_BASE
|
#
1.137 |
|
14-Mar-2022 |
stsp |
Add initial 802.11ac (VHT) support to net80211.
Add VHT capability and operation IE definitions to ieee80211.h. Introduce channel flags to identify 80MHz and 160MHz capable channels.
Parse VHT IEs in beacons, announce the driver's VHT capabilities in probe requests and assoc requests, and hop into 11ac mode after association to the AP if possible.
Enable VHT by default if the driver announces support for it.
ok claudio@
|
#
1.136 |
|
05-Jan-2022 |
dlg |
rename ETHERTYPE_PAE to ETHERTYPE_EAPOL.
everyone else seems to use ETHERTYPE_EAPOL, and as a bonus it also appears to be more correct.
ok deraadt@ stsp@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.135 |
|
08-Sep-2021 |
stsp |
Improve debug output when sending 802.11 action frames by showing the action frame subtypes we care about (i.e. those related to 11n block ack).
ok mpi@
|
#
1.134 |
|
11-May-2021 |
stsp |
In hostap mode don't send data frames to nodes which aren't in state ASSOC.
Sending data frames to nodes in other states is wrong since the node's data structure might not be set up properly in such states. This could explain occasional "key unset for sw crypto" panics observed with athn(4) hostap interfaces.
Problem reported and fix tested by Mikolaj Kucharski.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.133 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.137 |
|
14-Mar-2022 |
stsp |
Add initial 802.11ac (VHT) support to net80211.
Add VHT capability and operation IE definitions to ieee80211.h. Introduce channel flags to identify 80MHz and 160MHz capable channels.
Parse VHT IEs in beacons, announce the driver's VHT capabilities in probe requests and assoc requests, and hop into 11ac mode after association to the AP if possible.
Enable VHT by default if the driver announces support for it.
ok claudio@
|
#
1.136 |
|
05-Jan-2022 |
dlg |
rename ETHERTYPE_PAE to ETHERTYPE_EAPOL.
everyone else seems to use ETHERTYPE_EAPOL, and as a bonus it also appears to be more correct.
ok deraadt@ stsp@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.135 |
|
08-Sep-2021 |
stsp |
Improve debug output when sending 802.11 action frames by showing the action frame subtypes we care about (i.e. those related to 11n block ack).
ok mpi@
|
#
1.134 |
|
11-May-2021 |
stsp |
In hostap mode don't send data frames to nodes which aren't in state ASSOC.
Sending data frames to nodes in other states is wrong since the node's data structure might not be set up properly in such states. This could explain occasional "key unset for sw crypto" panics observed with athn(4) hostap interfaces.
Problem reported and fix tested by Mikolaj Kucharski.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.133 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.136 |
|
05-Jan-2022 |
dlg |
rename ETHERTYPE_PAE to ETHERTYPE_EAPOL.
everyone else seems to use ETHERTYPE_EAPOL, and as a bonus it also appears to be more correct.
ok deraadt@ stsp@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.135 |
|
08-Sep-2021 |
stsp |
Improve debug output when sending 802.11 action frames by showing the action frame subtypes we care about (i.e. those related to 11n block ack).
ok mpi@
|
#
1.134 |
|
11-May-2021 |
stsp |
In hostap mode don't send data frames to nodes which aren't in state ASSOC.
Sending data frames to nodes in other states is wrong since the node's data structure might not be set up properly in such states. This could explain occasional "key unset for sw crypto" panics observed with athn(4) hostap interfaces.
Problem reported and fix tested by Mikolaj Kucharski.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.133 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.135 |
|
08-Sep-2021 |
stsp |
Improve debug output when sending 802.11 action frames by showing the action frame subtypes we care about (i.e. those related to 11n block ack).
ok mpi@
|
#
1.134 |
|
11-May-2021 |
stsp |
In hostap mode don't send data frames to nodes which aren't in state ASSOC.
Sending data frames to nodes in other states is wrong since the node's data structure might not be set up properly in such states. This could explain occasional "key unset for sw crypto" panics observed with athn(4) hostap interfaces.
Problem reported and fix tested by Mikolaj Kucharski.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.133 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.134 |
|
11-May-2021 |
stsp |
In hostap mode don't send data frames to nodes which aren't in state ASSOC.
Sending data frames to nodes in other states is wrong since the node's data structure might not be set up properly in such states. This could explain occasional "key unset for sw crypto" panics observed with athn(4) hostap interfaces.
Problem reported and fix tested by Mikolaj Kucharski.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.133 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.133 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.132 |
|
08-Dec-2020 |
stsp |
Fix 802.11 RSN capabilities announced to peers.
We were echoing back all RSN capabilities announced by our peer, even for features which we don't support. One such feature is Management Frame Protection (MFP). If we announce this capability then the peer sends us encrypted management frames which won't be processed. One symptom of this is that we fail to negotiate block ack with APs that support MFP.
Only echo the RSN capabilities which we support, i.e. key replay counters. Handle MFP and PBAR bits here as done elsewhere. Neither of these features is enabled yet at run-time. As far as I can tell, the remaining RSN caps are not supported by drivers (e.g. SPP A-MPDU) or won't be supported (outdated WEP->TKIP transition support). The corresponding bits should always be clear.
Problem with 0 input block ack sessions found by sthen@ and robert@ Fix tested by sthen@, robert@, phessler@, and kmos@
ok phessler@ kmos@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.131 |
|
19-May-2020 |
stsp |
Revert previous; Set the ESS capability bit in assoc requests again.
Association to some access points breaks without the ESS capability bit. Apparently I misunderstood something.
Reported by krw@ and tb@
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.130 |
|
19-May-2020 |
stsp |
Do not set the 802.11 ESS capability bit in association requests.
The ESS capability bit should be set if the transmitter is an AP. Association requests are sent by clients.
ok jca@
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.129 |
|
06-Mar-2020 |
stsp |
Properly wrap 802.11 frame sequence numbers when incrementing them.
ok tb@ tobhe@ mpi@
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.128 |
|
03-Mar-2020 |
stsp |
Do not send any QoS data frames unless Tx aggregation has been negotiated.
Actual QoS support could be added to net80211 in the future, but for now we only use QoS frames for A-MPDU aggregation. Without QoS support, sending non-aggregated QoS frames does not actually buy us anything and makes it harder to look at packet captures and tell whether frames sent by an OpenBSD machine were in fact aggregated or not.
Tested on iwn(4) by jmc@, paco@, bket@, paco@, and Lauri Tirkkonen
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.127 |
|
18-Feb-2020 |
stsp |
Fix an mbuf corruption issue which occurs in net80211 hostap mode.
When sizing a memory allocation for a probe response frame, the AP used the SSID length stored in the node structure which represents the client, but used the actual length of the SSID when copying it into the frame.
If the actual length is sufficiently large this will result in corruption of an adjacent mbuf on the free list since m->m_next will be overwritten with data written to the tail of the probe response frame.
Bad things happen later on when the adjacent mbuf is used. Sometimes the corruption is detected by mbufpl's use-after-free checking, at other times we end up crashing somewhere in the network stack.
To prevent such a mistake from occuring again I am removing the 'ni' argument from ieee80211_get_probe_resp() altogether. It is not needed.
A quick workaround is to configure a short SSID.
Debugged with help from claudio, kettenis, and dlg.
ok claudio
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.126 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.125 |
|
12-May-2019 |
stsp |
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future.
Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@
ok beck@ phessler@
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.124 |
|
10-May-2019 |
patrick |
On the transmit path the ethernet and ip headers might not be in contiguous memory. Taking the pointer to the data and simply looking at the IP header by adding an offset can lead to an out- of-bounds access. Make the ieee80211 classify function copy the ethernet and ip header into stack variables to fix it.
Fixes a panic for florian@ Discussed with claudio@ ok stsp@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.123 |
|
30-Nov-2018 |
claudio |
MH_ALIGN -> m_align and make the spacing look the same in all three places. OK bluhm@
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.122 |
|
14-Dec-2017 |
stsp |
My previous commit broke the ramdisk build; fix it
|
#
1.121 |
|
14-Dec-2017 |
stsp |
Stop printing debug info about stations leaving a wifi network when we aren't running in hostap or ibss mode.
|
#
1.120 |
|
11-Dec-2017 |
stsp |
Omit the PMKID count field from RSN information elements (IE) if the PMKID list has zero elements and PMKID would be the last field in the RSN IE.
This is correct as per 802.11-2012 8.4.2.27.1 and aligns net80211 code with behaviour of bwfm(4) firmware, unblocking further progress in that driver.
ok patrick@ phessler@
|
#
1.119 |
|
21-Oct-2017 |
patrick |
Make ieee80211_classify() available in a header so we can make the priority visible to underlying bus protocols like bwfm(4)'s bcdc.
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.118 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.117 |
|
31-Jan-2017 |
stsp |
In a comment inside ieee80211_up_to_ac(), update a reference section number from the 802.11-2007 standard to the 802.11-2012 standard.
|
#
1.116 |
|
31-Jan-2017 |
stsp |
When telling clients which EDCA parameters to use, copy these parameters from the client parameter set, rather than from the AP parameter set. ok mpi@
|
#
1.115 |
|
30-Jan-2017 |
stsp |
Enable ieee80211_edca_table, which was under #if 0. This table can be used by drivers to pass default EDCA parameters to firmware instead of passing local hardcoded values. ok millert@
|
#
1.114 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.113 |
|
09-Jan-2017 |
stsp |
When acting as 11n hostap, send Microsoft WME parameters to clients so that Linux clients will decide to use 11n mode. ok phessler@
|
#
1.112 |
|
09-Jan-2017 |
stsp |
Fix ieee80211_add_htop(), which is not yet called in active code paths. It was creating a corrupt beacon element by ommitting one byte. Fix this and fill the element with actual data from the ic_bss node instead of filling it with zeroes, allowing future 11n hostap to announce the current HT protection mode correctly.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.111 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.110 |
|
05-Feb-2016 |
stsp |
Define EDCA tables for 11n mode. Per 802.11-2012 they are the same as the tables for 11a/11g modes. Add a function to append a Microsoft WME parameter element to a frame, using EDCA tables to construct the parameter records. Some 11n AP's I have observed provide this element.
None of this code is used yet, so no functional change. I wrote this while debugging BlockAck and then realized it was only needed for hostap mode. Once we support 11n in hostap mode and send A-MPDUs, this code will be needed.
|
#
1.109 |
|
05-Feb-2016 |
stsp |
Store ADDBA request and response parameters in the block ack record of ieee80211_node. This way, we can keep track of the ACK policy and echo it back to the AP as required by the standard. And use the correct bit flag for the policy -- this code was confused between BlockAck and ADDBA, both of which have a policy bit but in different places.
Fixes apple airport APs.
tested by tb@, krw@, sthen@, abieber@, and Henrik Friedrichsen
|
#
1.108 |
|
21-Jan-2016 |
stsp |
Fix the timeout value sent in ADDBA request and response frames. ba_timeout_val is in usec so we must divide by TU when copying it to the frame. ok kettenis@ millert@
|
#
1.107 |
|
12-Jan-2016 |
stsp |
Remove wireless turbo mode support. It is a non-standard extension which only worked with ath(4) devices from a decade ago. Diff tested on ath(4) hardware by me to verify that 11a/b modes still work. ok reyk deraadt chris sthen kettenis
|
#
1.106 |
|
06-Jan-2016 |
stsp |
Initialize the A-MPDU parameters field in HT capability elements. ok kettenis@
|
#
1.105 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.104 |
|
04-Jan-2016 |
stsp |
Fix another case where the return value of ieee80211_chan2mode() was used for indexing something other than ic_sup_rates. Should have been part of earlier commit.
|
#
1.103 |
|
04-Jan-2016 |
stsp |
ADDBA frames have a parameter set which we check against our own capabilities but we were checking bits in these parameters with the wrong set of bitmasks. Negotiating A-MPDUs with some APs failed because of this bug. ok kettenis@
|
#
1.102 |
|
12-Dec-2015 |
stsp |
11n/HT negotiation fixes:
Some APs will not negotiate HT if the vendor-specific WME info element is missing in probe and association requests, so add one.
Fix the wrong flag (NODE_HT) being checked to determine whether 11n related elements should be included in management frames. If 11n mode is enabled (F_HTON flag) we can always include 11n related elements in management frames.
ok mpi@
|
#
1.101 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_types.h> for <net/if_vlan_var.h>
|
#
1.100 |
|
15-Nov-2015 |
stsp |
Declare 802.11n mode and channel flags. Tweak 11n related fields in struct ieee80211com and move them inside #ifndef IEEE80211_NO_HT without breaking the build in rsu(4) for RAMDISK_CD. Also declare 11n protection modes and MCS count. ok deraadt mpi kettenis guenther
|
#
1.99 |
|
08-Nov-2015 |
stsp |
Update section and table numbers inside comments in the RSN code to the 802.11-2012 standard. ok mpi@
|
#
1.98 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.97 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.96 |
|
30-Jun-2015 |
mpi |
Rename if_output() into if_enqueue() to avoid confusion with comments talking about (*ifp->if_output)().
ok claudio@, dlg@
|
#
1.95 |
|
26-May-2015 |
mpi |
Use if_output() instead of rerolling it.
ok stsp@
|
#
1.94 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.93 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.92 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.91 |
|
22-Jul-2014 |
mpi |
Fewer <netinet/in_systm.h> !
|
#
1.90 |
|
19-Mar-2014 |
mpi |
Stop abusing the rcvif pointer to pass wireless nodes down to the driver start routines. Instead add & use a pointer in the pkthdr since we don't want the overhead of using a mbuf_tags(9).
claudio@ pointed out that other subsystems might want to use this pointer too, so here's a new cookie!
ok claudio@, mikeb@, deraadt@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.89 |
|
07-Dec-2013 |
brad |
#if 0 out the ieee80211_edca_table table to appease the LLVM warning.
ieee80211_output.c:311:5: error: unused variable 'ieee80211_edca_table' [-Werror,-Wunused-const-variable]
ok stsp@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.88 |
|
17-Jul-2010 |
damien |
use the correct block ack structure when building an ADDBA response.
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE
|
#
1.87 |
|
24-May-2009 |
damien |
fix prev commit (s/ic_flags/ic_caps/).
from dhill@
|
#
1.86 |
|
19-May-2009 |
damien |
prevent injection of raw 802.11 control frames through bpf on drivers that do not explicitly state this capability (using flag IEEE80211_C_RAWCTL). also, perform all the sanity checks on injected raw 802.11 frames earlier (in ieee80211_output instead of ieee80211_encap).
prevent kernel panics with many drivers when running aircrack-ng. when/if all drivers are capable, we can remove this C_RAWCTL flag.
|
#
1.85 |
|
26-Mar-2009 |
damien |
sync with 802.11w draft 8.0. the SA Query Transaction Identifier field is now a 16-bit non-negative counter value instead of a 128-bit random value.
|
#
1.84 |
|
06-Mar-2009 |
damien |
Fix setting of the Short Slot Time subfield of the Capability Information field in (Re)Association Requests. This fixes association with APs refusing non-short-slot-time capable STAs. This should also prevent the AP we're associating with to disable the use of short slot time in the BSS as we join. Fix debug message in recv_assoc_resp() while I'm here (s/reason/status/). Scary.
Thanks to Adam Emanuel for spotting this.
|
Revision tags: OPENBSD_4_5_BASE
|
#
1.83 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.82 |
|
26-Jan-2009 |
damien |
remove ni_ba field from ieee80211_node structure as it is not used yet. this reduces memory footprint and avoids a stack usage warning in ieee80211_find_node() that breaks amd64 build.
pointed out by landry@
|
#
1.81 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.80 |
|
02-Dec-2008 |
damien |
cleanup ieee80211_classify(): retrieve VLAN tag from m_pkthdr.ether_vtag.
|
#
1.79 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.78 |
|
27-Sep-2008 |
damien |
Add some inline functions to test the presence of optional 802.11 header fields (Sequence Control, Address 4, QoS Control, +HTC) and use them where appropriate.
Add ieee80211_get_qos() inline function to extract the QoS control field of an 802.11 header instead of duplicating the same scary code everywhere (the location of this field depends on the presence of an Address 4 field).
Export ieee80211_up_to_ac() so that drivers can select the access category to use based on the TID subfield of the QoS Control field.
Define more QoS-related bits for the RSN Capabilities field of RSN IE (will be used later).
|
#
1.77 |
|
03-Sep-2008 |
damien |
third parameter of ieee80211_get_assoc_req() is a management frame subtype, not a boolean indicating assoc or reassoc. rename the parameter and use if (type == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) instead of if (reassoc). it worked only because IEEE80211_FC0_SUBTYPE_ASSOC_REQ is equal to 0.
|
#
1.76 |
|
01-Sep-2008 |
damien |
add ic_tid_noack bitmap to indicate a per-TID ACK policy (1=no ack, 0=normal ack). all bits are currently set to 0. use this bitmap to set the ACK policy of the QoS control field of outgoing QoS frames.
|
#
1.75 |
|
01-Sep-2008 |
damien |
extend ieee80211_classify() to extract DSCP field from IPv6 packets too.
|
#
1.74 |
|
01-Sep-2008 |
damien |
rework previously unused ieee80211_pwrsave() function, call it from ieee80211_mgmt_output() and ieee80211_encap(). use new IEEE80211_C_APPMGT capability flag where appropriate. rename ic_tim_mcast to ic_tim_mcast_pending.
|
#
1.73 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.72 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.71 |
|
15-Aug-2008 |
damien |
use LLC_SNAPFRAMELEN here too.
|
#
1.70 |
|
12-Aug-2008 |
damien |
add the code to encrypt/decrypt management frames, retrieve key id from MMIE etc... this code can't be triggered as no drivers claim MFP capability yet.
|
#
1.69 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.68 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.67 |
|
12-Aug-2008 |
damien |
add IEEE80211_RSNIE_MAXLEN and IEEE80211_WPAIE_MAXLEN definitions instead of hard-coding values. for RSN IE, request space for Group Integrity Cipher Suite.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.66 |
|
02-Aug-2008 |
damien |
do not use IEEE80211_QOS_TID. its definition in ieee80211.h is wrong. hard-code 0xf for now. will be fixed post-release.
|
#
1.65 |
|
02-Aug-2008 |
damien |
do not touch m after it has been enqueued with IFQ_ENQUEUE(). copy m_pkthdr.len and m_flags before and use that after to update the statistics.
from altq(4) man page and for consistency with what is done in other parts of the tree.
|
#
1.64 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.63 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.62 |
|
23-Jul-2008 |
damien |
Fix a blatant misuse of MINCLSIZE I introduced in ieee80211_output.c r1.59 The bug was added on 04/16 but it started to show up only after 06/12 when the value of MINCLSIZE was changed to something different from MHLEN + 1.
Thanks to dlg@ and giovanni (qgiovanni at gmail dot com) for putting me on the right track.
Tested by giovanni. Should fix system/5881 too.
|
#
1.61 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.60 |
|
21-Jul-2008 |
damien |
move processing of EAPOL frames away from ieee80211_{input,output}.c
|
#
1.59 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
27-Aug-2007 |
damien |
rework ieee80211_recv_4way_msg2() function. add some RSNA authenticator state machine bits.
|
#
1.57 |
|
27-Aug-2007 |
damien |
Checking the MIC early in ieee80211_recv_eapol() does not work for message 2/4 of the 4-way handshake because the authenticator must derive the PTK first (the MIC is computed using the KCK). Move calls to ieee80211_eapol_key_check_mic() - and as a consequence ieee80211_eapol_key_decrypt() - directly in the ieee80211_recv_{group,4way}_msg*() functions. Unconstify the first parameter since checking the MIC modifies the frame. Remove ni->ni_ptk_ok field while i'm here.
|
#
1.56 |
|
22-Aug-2007 |
damien |
- add k_rxmic and k_txmic fields to struct ieee80211_key to store the Tx/Rx MIC for TKIP. - add two functions to map a PTK and a GTK to an IEEE 802.11 key and use them in ieee80211_input.c instead of duplicating the same code. properly set Tx/Rx MIC in the IEEE 802.11 key in the case of TKIP. - add ic_psk to struct ieee80211com to store the pre-shared key. - fix setting of the SECURE bit in outgoing EAPOL-Key frames. - when receiving msg 2 of the 4-way handshake, deauthenticate the station if the RSN IE does not match that of the (Re)Association request. - before parsing an RSN or WPA IE, check that there's enough room for the version field (2 bytes) which is mandatory. - various tweaks while i'm here.
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
05-Aug-2007 |
claudio |
Fix the length calculation of the TIM bitmask in ieee80211_add_tim(). Even no bit was set we copied the full 225bytes bitmaks into the beacon. Found the hard way with acx(4) by mglocker@ and myself. OK mglocker@ damien@
|
#
1.54 |
|
03-Aug-2007 |
damien |
add a ni_eapol_desc field to struct ieee80211_node to know whether a station is using WPA1 or RSN descriptors. make sure that a station that advertises WPA1 capability in an IE uses the WPA1 EAPOL-Key descriptor type and not the RSN one. fix construction of EAPOL-Key frames for WPA1. i can now successfuly complete a 4-way and group-key handshake with both a WPA1 and a WPA2 access point. add some TKIP encapsulation code (no SW crypto yet).
ok deraadt@
|
#
1.53 |
|
01-Aug-2007 |
damien |
set key length field in message 1 & 3 of the 4-way handshake.
|
#
1.52 |
|
01-Aug-2007 |
damien |
pass the supplicant's nonce generated on reception of message 1 of the 4-way handshake to ieee80211_send_4way_msg2().
|
#
1.51 |
|
01-Aug-2007 |
damien |
fix parsing and construction of RSN/WPA IEs.
|
#
1.50 |
|
01-Aug-2007 |
damien |
the EAPOL-Key MIC must be computed with the MIC bit set. this simplifies ieee80211_eapol_key_mic() and ieee80211_eapol_key_check_mic() quite a bit. set the EAPOL-Key body length before computing the MIC since the MIC is computed with the 802.1X header too. add a missing htons() while i'm here.
|
#
1.49 |
|
01-Aug-2007 |
damien |
cipher suite type for CCMP is 4 not 3.
|
#
1.48 |
|
28-Jul-2007 |
damien |
adds functions to parse and to build EAPOL-Key frames used in the 4-way and group-key handshake. the state machine is still missing though so this is not used anywhere yet.
|
#
1.47 |
|
14-Jul-2007 |
damien |
update QoS Tx/Rx sequence numbers for each TID. add a parameter to ieee80211_decap() to handle different 802.11 header sizes. cleanup and clarify ieee80211_classify().
|
#
1.46 |
|
13-Jul-2007 |
damien |
do not increment ic_stats.is_tx_nombuf in ieee80211_get_rts() and ieee80211_get_cts_to_self() if mbuf allocation fails.
|
#
1.45 |
|
06-Jul-2007 |
damien |
cleanup the computation of mgmt frames sizes. still very ugly but hopefully correct.
|
#
1.44 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.43 |
|
05-Jul-2007 |
damien |
always set the IEEE80211_CAPINFO_ESS bit in association requests. fixes my 1.36 commit (the bit should not be set for non-AP STA only in Probe Responses and Beacons).
|
#
1.42 |
|
05-Jul-2007 |
damien |
move the logic of determining whether an extended supported rates IE is needed or not to the callers (instead of doing nothing in add_xrates).
|
#
1.41 |
|
05-Jul-2007 |
damien |
split ieee80211_add_rsn() so that the code can be reused for vendor-specific IE.
|
#
1.40 |
|
04-Jul-2007 |
damien |
allow USEGROUP as the pairwise cipher for RSN IE. add RSN IE to beacons, probe responses and (re)association requests.
|
#
1.39 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.38 |
|
03-Jul-2007 |
damien |
add a function that builds an RSN IE (ieee80211_add_rsn).
|
#
1.37 |
|
03-Jul-2007 |
damien |
move construction of IEs into individual functions so that we don't duplicate the same code multiple times. add references to the spec for all these functions. fixes beacon_alloc() for FH PHYs as a side-effect.
|
#
1.36 |
|
03-Jul-2007 |
damien |
don't set the IEEE80211_CAPINFO_ESS bit in the Capability Information field if we're not operating as an AP (see 7.3.1.4).
|
#
1.35 |
|
03-Jul-2007 |
damien |
no TIM in probe reponses.
|
#
1.34 |
|
03-Jul-2007 |
damien |
In ieee80211_getmbuf(), if we need to allocate a mbuf cluster because the length is greater than MHLEN, test that the allocation succeeded. Otherwise, free the mbuf header and return NULL. Callers assume that if the function returns a value != NULL then enough space has been allocated.
|
#
1.33 |
|
03-Jul-2007 |
damien |
fix SSID IE in the case where HIDENWID is used. HIDENWID has been broken from the very beginning.
|
#
1.32 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.31 |
|
02-Jul-2007 |
damien |
split ieee80211_send_mgmt() like I did for ieee80211_recv_mgmt()
|
#
1.30 |
|
21-Jun-2007 |
damien |
add EDCA Parameter Set and QoS capability IEs to appropriate frames when QoS is supported and activated.
|
#
1.29 |
|
21-Jun-2007 |
damien |
add two new functions:
ieee80211_up_to_ac(): returns the access category to be used for transmitting a frame with a given user priority.
ieee80211_classify(): returns the user-priority of an mbuf based on VLAN 802.1D user-priority (if any) or IP TOS precedence field.
indent prototypes and add myself to the copyright list while i'm here.
|
#
1.28 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.27 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.26 |
|
11-Jun-2007 |
damien |
adds 802.11e EDCA tables for QAPs and non-AP QSTAs. not used yet.
ok jsg@ deraadt@
|
#
1.25 |
|
07-Jun-2007 |
damien |
move ieee80211_compute_duration() and ieee80211_compute_duration1() functions into the two drivers that use them (atw and rtw.) this code is not generic enough to be used by other drivers and there is no chance that it will ever be used in newer driver since it supports 802.11b only. plus, it hurts my eyes each time i look into ieee80211_output.c.
"fine with me as long as the logic doesn't change in the functions" jsg@
|
#
1.24 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.23 |
|
25-Dec-2006 |
reyk |
print the phy mode in IFF_DEBUG status output which helps to debug dual/multi mode chipset operation.
ok jsg@
|
#
1.22 |
|
03-Nov-2006 |
damien |
Add two new functions: - ieee80211_get_rts - ieee80211_get_cts_to_self that can be use by drivers for chipsets that don't offer hardware assisted RTS/CTS protection (like ral/ural/rum).
"no objections here" jsg@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.21 |
|
27-Jun-2006 |
reyk |
add the net80211 hostap options "nwflag hidenwid" for hidden SSID mode and "nwflag nobridge" to prevent inter-station communications. "hidenwid" will also work with wi(4) to replace the old -E 3 option of wicontrol.
ok damien@ jmc@
|
#
1.20 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
#
1.19 |
|
21-May-2006 |
damien |
account for the size of a 802.11 header in ieee80211_getmbuf(). fix some typos while i'm here.
ok reyk@ brad@
|
#
1.18 |
|
19-May-2006 |
damien |
use ieee80211_add_ssid() in ieee80211_beacon_alloc() and wpi(4) instead of duplicating the code.
last commit was ok reyk@
|
#
1.17 |
|
19-May-2006 |
damien |
- export ieee80211_add_ssid() just like ieee80211_add_(x)rates() so I don't need to duplicate the code in wpi(4) - fix ieee80211_alloc_beacon() - clean two comments while i'm here
|
#
1.16 |
|
04-Mar-2006 |
brad |
With the exception of two other small uncommited diffs this moves the remainder of the network stack from splimp to splnet.
ok miod@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.15 |
|
20-Feb-2006 |
damien |
Fix kernel builds without bpfilter. Linking is still broken.
"Please commit this diff ASAP" brad@
|
#
1.14 |
|
11-Jan-2006 |
millert |
Disable shared key mode until we have a way for the user to specify that they explicitly want it. What we have currently doesn't seem to work anyway. Add support for specifying a status type when sending managemnent frames; adapted from FreeBSD. OK jsg@
|
#
1.13 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.12 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.11 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.10 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.9 |
|
20-Apr-2005 |
reyk |
send raw 802.11 frames with bpf(4) using the IEEE802_11 or IEEE802_11_RADIO data link types.
ok canacar@ damien@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
11-Mar-2005 |
jsg |
Make sure we associate an interface with the m_pkthdr in ieee80211_beacon_alloc. ok damien@ reyk@
|
#
1.7 |
|
03-Mar-2005 |
damien |
addtion of a generic function for allocating beacons: ieee80211_beacon_alloc(). ok jsg@, reyk@, dlg@
|
#
1.6 |
|
26-Feb-2005 |
jsg |
Fix a problem introduced with the recent lru cache change. Check that we actually have a node before trying to release it. This was causing a panic when playing with IBSS. ok reyk@
|
#
1.5 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.4 |
|
28-Dec-2004 |
jsg |
Sync with recent NetBSD ieee80211_compute_duration() changes.
|
#
1.3 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
ieee80211.h r 1.9
#define the difference in microseconds between a fast and a slow preamble and PLCP header.
ieee80211_output.c r 1.19
Fix a bug in ieee80211_compute_duration: the 802.11 Duration field in an 802.11 unicast data packet is equal to the duration of the SIFS and Acknowledgement. That is, the amount of time reserved *after* the packet has finished transmitting.
Change the arguments to ieee80211_compute_duration: pass the entire packet length, not just the payload length. Add a 'debug' argument to ieee80211_compute_duration and its helper subroutine, ieee80211_compute_duration1.
If debug != 0, ieee80211_compute_duration printfs its arguments and several local variables.
In rtw(4), load the 802.11 Duration field with the result from ieee80211_compute_duration.
|
#
1.2 |
|
23-Dec-2004 |
jsg |
From dyoung@NetBSD:
Define for more bits in the Service field of the 802.11 PLCP Header.
For use by the subroutine ieee80211_compute_duration, add struct ieee80211_duration, and #define a number of microsecond constants used for the transmit timing of 802.11 packets.
Add the subroutine ieee80211_compute_duration, which computes for any packet the appropriate 802.11 Duration field, the PLCP Length field, as well as the Duration and Length fields for an RTS frame.
atw(4), rtw(4), future drivers, and possibly ath(4) will share ieee80211_compute_duration.
ok millert@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|