From owner-p4-projects@FreeBSD.ORG Fri Feb 22 17:25:13 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 67AA216A40F; Fri, 22 Feb 2008 17:25:13 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2C76716A40A for ; Fri, 22 Feb 2008 17:25:13 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 0CCD213C459 for ; Fri, 22 Feb 2008 17:25:13 +0000 (UTC) (envelope-from sam@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m1MHPCSU033421 for ; Fri, 22 Feb 2008 17:25:12 GMT (envelope-from sam@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.1/8.14.1/Submit) id m1MHPCR2033418 for perforce@freebsd.org; Fri, 22 Feb 2008 17:25:12 GMT (envelope-from sam@freebsd.org) Date: Fri, 22 Feb 2008 17:25:12 GMT Message-Id: <200802221725.m1MHPCR2033418@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to sam@freebsd.org using -f From: Sam Leffler To: Perforce Change Reviews Cc: Subject: PERFORCE change 135972 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Feb 2008 17:25:13 -0000 http://perforce.freebsd.org/chv.cgi?CH=135972 Change 135972 by sam@sam_ebb on 2008/02/22 17:24:37 o discard auth frames w/ a broadcast bssid o move [re]assoc req checks for bssid + authentication up to be before all the hard work Affected files ... .. //depot/projects/vap/sys/net80211/ieee80211_hostap.c#16 edit Differences ... ==== //depot/projects/vap/sys/net80211/ieee80211_hostap.c#16 (text+ko) ==== @@ -1847,6 +1847,12 @@ vap->iv_stats.is_rx_mgtdiscard++; return; } + if (!IEEE80211_ADDR_EQ(wh->i_addr3, vap->iv_bss->ni_bssid)) { + IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY, + wh, NULL, "%s", "wrong bssid"); + vap->iv_stats.is_rx_wrongbss++; /*XXX unique stat?*/ + return; + } /* * auth frame format * [2] algorithm @@ -1919,7 +1925,12 @@ vap->iv_stats.is_rx_mgtdiscard++; return; } - + if (!IEEE80211_ADDR_EQ(wh->i_addr3, vap->iv_bss->ni_bssid)) { + IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY, + wh, NULL, "%s", "wrong bssid"); + vap->iv_stats.is_rx_assoc_bss++; + return; + } if (subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) { reassoc = 1; resp = IEEE80211_FC0_SUBTYPE_REASSOC_RESP; @@ -1927,6 +1938,17 @@ reassoc = 0; resp = IEEE80211_FC0_SUBTYPE_ASSOC_RESP; } + if (ni == vap->iv_bss) { + IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_ANY, wh->i_addr2, + "deny %s request, sta not authenticated", + reassoc ? "reassoc" : "assoc"); + ieee80211_send_error(ni, wh->i_addr2, + IEEE80211_FC0_SUBTYPE_DEAUTH, + IEEE80211_REASON_ASSOC_NOT_AUTHED); + vap->iv_stats.is_rx_assoc_notauth++; + return; + } + /* * asreq frame format * [2] capability information @@ -1940,12 +1962,6 @@ * [tlv] Atheros capabilities */ IEEE80211_VERIFY_LENGTH(efrm - frm, (reassoc ? 10 : 4), return); - if (!IEEE80211_ADDR_EQ(wh->i_addr3, vap->iv_bss->ni_bssid)) { - IEEE80211_DISCARD(vap, IEEE80211_MSG_ANY, - wh, NULL, "%s", "wrong bssid"); - vap->iv_stats.is_rx_assoc_bss++; - return; - } capinfo = le16toh(*(uint16_t *)frm); frm += 2; lintval = le16toh(*(uint16_t *)frm); frm += 2; if (reassoc) @@ -1999,16 +2015,6 @@ return); /* XXX just NULL out? */ } - if (ni == vap->iv_bss) { - IEEE80211_NOTE_MAC(vap, IEEE80211_MSG_ANY, wh->i_addr2, - "deny %s request, sta not authenticated", - reassoc ? "reassoc" : "assoc"); - ieee80211_send_error(ni, wh->i_addr2, - IEEE80211_FC0_SUBTYPE_DEAUTH, - IEEE80211_REASON_ASSOC_NOT_AUTHED); - vap->iv_stats.is_rx_assoc_notauth++; - return; - } if ((vap->iv_flags & IEEE80211_F_WPA) && !wpa_assocreq(ni, &rsnparms, wh, wpa, rsn, capinfo)) return;