Commit 76ea4c7f authored by Daniel Drake's avatar Daniel Drake Committed by John W. Linville

[PATCH] softmac: complete shared key authentication

This patch finishes of the partially-complete shared key authentication
implementation in softmac.

The complication here is that we need to encrypt a management frame during
the authentication process. I don't think there are any other scenarios where
this would have to happen.

To get around this without causing too many headaches, we decided to just use
software encryption for this frame. The softmac config option now selects
IEEE80211_CRYPT_WEP so that we can ensure this available. This also involved
a modification to some otherwise unused ieee80211 API.
Signed-off-by: default avatarDaniel Drake <dsd@gentoo.org>
Acked-by: default avatarJohannes Berg <johannes@sipsolutions.net>
Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
parent 47fbe1bf
...@@ -1247,7 +1247,8 @@ extern int ieee80211_set_encryption(struct ieee80211_device *ieee); ...@@ -1247,7 +1247,8 @@ extern int ieee80211_set_encryption(struct ieee80211_device *ieee);
extern int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev); extern int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev);
extern void ieee80211_txb_free(struct ieee80211_txb *); extern void ieee80211_txb_free(struct ieee80211_txb *);
extern int ieee80211_tx_frame(struct ieee80211_device *ieee, extern int ieee80211_tx_frame(struct ieee80211_device *ieee,
struct ieee80211_hdr *frame, int len); struct ieee80211_hdr *frame, int hdr_len,
int total_len, int encrypt_mpdu);
/* ieee80211_rx.c */ /* ieee80211_rx.c */
extern int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, extern int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
......
...@@ -555,7 +555,8 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev) ...@@ -555,7 +555,8 @@ int ieee80211_xmit(struct sk_buff *skb, struct net_device *dev)
/* Incoming 802.11 strucure is converted to a TXB /* Incoming 802.11 strucure is converted to a TXB
* a block of 802.11 fragment packets (stored as skbs) */ * a block of 802.11 fragment packets (stored as skbs) */
int ieee80211_tx_frame(struct ieee80211_device *ieee, int ieee80211_tx_frame(struct ieee80211_device *ieee,
struct ieee80211_hdr *frame, int len) struct ieee80211_hdr *frame, int hdr_len, int total_len,
int encrypt_mpdu)
{ {
struct ieee80211_txb *txb = NULL; struct ieee80211_txb *txb = NULL;
unsigned long flags; unsigned long flags;
...@@ -565,6 +566,9 @@ int ieee80211_tx_frame(struct ieee80211_device *ieee, ...@@ -565,6 +566,9 @@ int ieee80211_tx_frame(struct ieee80211_device *ieee,
spin_lock_irqsave(&ieee->lock, flags); spin_lock_irqsave(&ieee->lock, flags);
if (encrypt_mpdu && !ieee->sec.encrypt)
encrypt_mpdu = 0;
/* If there is no driver handler to take the TXB, dont' bother /* If there is no driver handler to take the TXB, dont' bother
* creating it... */ * creating it... */
if (!ieee->hard_start_xmit) { if (!ieee->hard_start_xmit) {
...@@ -572,32 +576,41 @@ int ieee80211_tx_frame(struct ieee80211_device *ieee, ...@@ -572,32 +576,41 @@ int ieee80211_tx_frame(struct ieee80211_device *ieee,
goto success; goto success;
} }
if (unlikely(len < 24)) { if (unlikely(total_len < 24)) {
printk(KERN_WARNING "%s: skb too small (%d).\n", printk(KERN_WARNING "%s: skb too small (%d).\n",
ieee->dev->name, len); ieee->dev->name, total_len);
goto success; goto success;
} }
if (encrypt_mpdu)
frame->frame_ctl |= cpu_to_le16(IEEE80211_FCTL_PROTECTED);
/* When we allocate the TXB we allocate enough space for the reserve /* When we allocate the TXB we allocate enough space for the reserve
* and full fragment bytes (bytes_per_frag doesn't include prefix, * and full fragment bytes (bytes_per_frag doesn't include prefix,
* postfix, header, FCS, etc.) */ * postfix, header, FCS, etc.) */
txb = ieee80211_alloc_txb(1, len, ieee->tx_headroom, GFP_ATOMIC); txb = ieee80211_alloc_txb(1, total_len, ieee->tx_headroom, GFP_ATOMIC);
if (unlikely(!txb)) { if (unlikely(!txb)) {
printk(KERN_WARNING "%s: Could not allocate TXB\n", printk(KERN_WARNING "%s: Could not allocate TXB\n",
ieee->dev->name); ieee->dev->name);
goto failed; goto failed;
} }
txb->encrypted = 0; txb->encrypted = 0;
txb->payload_size = len; txb->payload_size = total_len;
skb_frag = txb->fragments[0]; skb_frag = txb->fragments[0];
memcpy(skb_put(skb_frag, len), frame, len); memcpy(skb_put(skb_frag, total_len), frame, total_len);
if (ieee->config & if (ieee->config &
(CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS)) (CFG_IEEE80211_COMPUTE_FCS | CFG_IEEE80211_RESERVE_FCS))
skb_put(skb_frag, 4); skb_put(skb_frag, 4);
/* To avoid overcomplicating things, we do the corner-case frame
* encryption in software. The only real situation where encryption is
* needed here is during software-based shared key authentication. */
if (encrypt_mpdu)
ieee80211_encrypt_fragment(ieee, skb_frag, hdr_len);
success: success:
spin_unlock_irqrestore(&ieee->lock, flags); spin_unlock_irqrestore(&ieee->lock, flags);
......
...@@ -2,6 +2,7 @@ config IEEE80211_SOFTMAC ...@@ -2,6 +2,7 @@ config IEEE80211_SOFTMAC
tristate "Software MAC add-on to the IEEE 802.11 networking stack" tristate "Software MAC add-on to the IEEE 802.11 networking stack"
depends on IEEE80211 && EXPERIMENTAL depends on IEEE80211 && EXPERIMENTAL
select WIRELESS_EXT select WIRELESS_EXT
select IEEE80211_CRYPT_WEP
---help--- ---help---
This option enables the hardware independent software MAC addon This option enables the hardware independent software MAC addon
for the IEEE 802.11 networking stack. for the IEEE 802.11 networking stack.
......
...@@ -107,6 +107,7 @@ ieee80211softmac_auth_queue(void *data) ...@@ -107,6 +107,7 @@ ieee80211softmac_auth_queue(void *data)
printkl(KERN_WARNING PFX "Authentication timed out with "MAC_FMT"\n", MAC_ARG(net->bssid)); printkl(KERN_WARNING PFX "Authentication timed out with "MAC_FMT"\n", MAC_ARG(net->bssid));
/* Remove this item from the queue */ /* Remove this item from the queue */
spin_lock_irqsave(&mac->lock, flags); spin_lock_irqsave(&mac->lock, flags);
net->authenticating = 0;
ieee80211softmac_call_events_locked(mac, IEEE80211SOFTMAC_EVENT_AUTH_TIMEOUT, net); ieee80211softmac_call_events_locked(mac, IEEE80211SOFTMAC_EVENT_AUTH_TIMEOUT, net);
cancel_delayed_work(&auth->work); /* just to make sure... */ cancel_delayed_work(&auth->work); /* just to make sure... */
list_del(&auth->list); list_del(&auth->list);
...@@ -212,13 +213,13 @@ ieee80211softmac_auth_resp(struct net_device *dev, struct ieee80211_auth *auth) ...@@ -212,13 +213,13 @@ ieee80211softmac_auth_resp(struct net_device *dev, struct ieee80211_auth *auth)
aq->state = IEEE80211SOFTMAC_AUTH_SHARED_RESPONSE; aq->state = IEEE80211SOFTMAC_AUTH_SHARED_RESPONSE;
spin_unlock_irqrestore(&mac->lock, flags); spin_unlock_irqrestore(&mac->lock, flags);
/* Switch to correct channel for this network */ /* Send our response */
mac->set_channel(mac->dev, net->channel);
/* Send our response (How to encrypt?) */
ieee80211softmac_send_mgt_frame(mac, aq->net, IEEE80211_STYPE_AUTH, aq->state); ieee80211softmac_send_mgt_frame(mac, aq->net, IEEE80211_STYPE_AUTH, aq->state);
break; return 0;
case IEEE80211SOFTMAC_AUTH_SHARED_PASS: case IEEE80211SOFTMAC_AUTH_SHARED_PASS:
kfree(net->challenge);
net->challenge = NULL;
net->challenge_len = 0;
/* Check the status code of the response */ /* Check the status code of the response */
switch(auth->status) { switch(auth->status) {
case WLAN_STATUS_SUCCESS: case WLAN_STATUS_SUCCESS:
...@@ -229,6 +230,7 @@ ieee80211softmac_auth_resp(struct net_device *dev, struct ieee80211_auth *auth) ...@@ -229,6 +230,7 @@ ieee80211softmac_auth_resp(struct net_device *dev, struct ieee80211_auth *auth)
spin_unlock_irqrestore(&mac->lock, flags); spin_unlock_irqrestore(&mac->lock, flags);
printkl(KERN_NOTICE PFX "Shared Key Authentication completed with "MAC_FMT"\n", printkl(KERN_NOTICE PFX "Shared Key Authentication completed with "MAC_FMT"\n",
MAC_ARG(net->bssid)); MAC_ARG(net->bssid));
ieee80211softmac_call_events(mac, IEEE80211SOFTMAC_EVENT_AUTHENTICATED, net);
break; break;
default: default:
printkl(KERN_NOTICE PFX "Shared Key Authentication with "MAC_FMT" failed, error code: %i\n", printkl(KERN_NOTICE PFX "Shared Key Authentication with "MAC_FMT" failed, error code: %i\n",
......
...@@ -268,26 +268,27 @@ ieee80211softmac_reassoc_req(struct ieee80211_reassoc_request **pkt, ...@@ -268,26 +268,27 @@ ieee80211softmac_reassoc_req(struct ieee80211_reassoc_request **pkt,
static u32 static u32
ieee80211softmac_auth(struct ieee80211_auth **pkt, ieee80211softmac_auth(struct ieee80211_auth **pkt,
struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net, struct ieee80211softmac_device *mac, struct ieee80211softmac_network *net,
u16 transaction, u16 status) u16 transaction, u16 status, int *encrypt_mpdu)
{ {
u8 *data; u8 *data;
int auth_mode = mac->ieee->sec.auth_mode;
int is_shared_response = (auth_mode == WLAN_AUTH_SHARED_KEY
&& transaction == IEEE80211SOFTMAC_AUTH_SHARED_RESPONSE);
/* Allocate Packet */ /* Allocate Packet */
(*pkt) = (struct ieee80211_auth *)ieee80211softmac_alloc_mgt( (*pkt) = (struct ieee80211_auth *)ieee80211softmac_alloc_mgt(
2 + /* Auth Algorithm */ 2 + /* Auth Algorithm */
2 + /* Auth Transaction Seq */ 2 + /* Auth Transaction Seq */
2 + /* Status Code */ 2 + /* Status Code */
/* Challenge Text IE */ /* Challenge Text IE */
mac->ieee->open_wep ? 0 : is_shared_response ? 0 : 1 + 1 + net->challenge_len
1 + 1 + WLAN_AUTH_CHALLENGE_LEN
); );
if (unlikely((*pkt) == NULL)) if (unlikely((*pkt) == NULL))
return 0; return 0;
ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), IEEE80211_STYPE_AUTH, net->bssid, net->bssid); ieee80211softmac_hdr_3addr(mac, &((*pkt)->header), IEEE80211_STYPE_AUTH, net->bssid, net->bssid);
/* Algorithm */ /* Algorithm */
(*pkt)->algorithm = mac->ieee->open_wep ? (*pkt)->algorithm = cpu_to_le16(auth_mode);
cpu_to_le16(WLAN_AUTH_OPEN) :
cpu_to_le16(WLAN_AUTH_SHARED_KEY);
/* Transaction */ /* Transaction */
(*pkt)->transaction = cpu_to_le16(transaction); (*pkt)->transaction = cpu_to_le16(transaction);
/* Status */ /* Status */
...@@ -295,18 +296,20 @@ ieee80211softmac_auth(struct ieee80211_auth **pkt, ...@@ -295,18 +296,20 @@ ieee80211softmac_auth(struct ieee80211_auth **pkt,
data = (u8 *)(*pkt)->info_element; data = (u8 *)(*pkt)->info_element;
/* Challenge Text */ /* Challenge Text */
if(!mac->ieee->open_wep){ if (is_shared_response) {
*data = MFIE_TYPE_CHALLENGE; *data = MFIE_TYPE_CHALLENGE;
data++; data++;
/* Copy the challenge in */ /* Copy the challenge in */
// *data = challenge length *data = net->challenge_len;
// data += sizeof(u16); data++;
// memcpy(data, challenge, challenge length); memcpy(data, net->challenge, net->challenge_len);
// data += challenge length; data += net->challenge_len;
/* Add the full size to the packet length */ /* Make sure this frame gets encrypted with the shared key */
} *encrypt_mpdu = 1;
} else
*encrypt_mpdu = 0;
/* Return the packet size */ /* Return the packet size */
return (data - (u8 *)(*pkt)); return (data - (u8 *)(*pkt));
...@@ -396,6 +399,7 @@ ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac, ...@@ -396,6 +399,7 @@ ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac,
{ {
void *pkt = NULL; void *pkt = NULL;
u32 pkt_size = 0; u32 pkt_size = 0;
int encrypt_mpdu = 0;
switch(type) { switch(type) {
case IEEE80211_STYPE_ASSOC_REQ: case IEEE80211_STYPE_ASSOC_REQ:
...@@ -405,7 +409,7 @@ ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac, ...@@ -405,7 +409,7 @@ ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac,
pkt_size = ieee80211softmac_reassoc_req((struct ieee80211_reassoc_request **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg); pkt_size = ieee80211softmac_reassoc_req((struct ieee80211_reassoc_request **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg);
break; break;
case IEEE80211_STYPE_AUTH: case IEEE80211_STYPE_AUTH:
pkt_size = ieee80211softmac_auth((struct ieee80211_auth **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg, (u16)(arg & 0xFFFF), (u16) (arg >> 16)); pkt_size = ieee80211softmac_auth((struct ieee80211_auth **)(&pkt), mac, (struct ieee80211softmac_network *)ptrarg, (u16)(arg & 0xFFFF), (u16) (arg >> 16), &encrypt_mpdu);
break; break;
case IEEE80211_STYPE_DISASSOC: case IEEE80211_STYPE_DISASSOC:
case IEEE80211_STYPE_DEAUTH: case IEEE80211_STYPE_DEAUTH:
...@@ -434,7 +438,8 @@ ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac, ...@@ -434,7 +438,8 @@ ieee80211softmac_send_mgt_frame(struct ieee80211softmac_device *mac,
* or get rid of it alltogether? * or get rid of it alltogether?
* Does this work for you now? * Does this work for you now?
*/ */
ieee80211_tx_frame(mac->ieee, (struct ieee80211_hdr *)pkt, pkt_size); ieee80211_tx_frame(mac->ieee, (struct ieee80211_hdr *)pkt,
IEEE80211_3ADDR_LEN, pkt_size, encrypt_mpdu);
kfree(pkt); kfree(pkt);
return 0; return 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment