#
1.198 |
|
22-Oct-2023 |
stsp |
fix 40 MHz channel validation checks for the 2.4 GHz channel range
Just like the 5 GHz channels, 2.4 GHz channels are spaced 5 MHz apart. 40 MHz wide channels hence span channels [N, N + 4] not [N, N + 1]. Adjust our secondary channel range checks accordingly.
|
#
1.197 |
|
21-Oct-2023 |
stsp |
ignore wide channel configs that do not appear in the 802.11ac spec
Wide channel configurations not listed in operating class tables of the 802.11ac spec can trigger regulatory assertion failures in iwm(4) firmware, and potentially other device firmware. Ignore non-standard channels configs such that we downgrade to 40MHz or even 20MHz to make such APs usable, albeit at lower speed.
Found by dlg@ with a mikrotik AP advertising channel configs that do not appear as such in the spec: 80 MHz: |104|108|112|116| 40 MHz: |primary: 112|secondary above: 116| Either of these triggered iwm0: 0x000014FD | ADVANCED_SYSASSERT
Fix tested by myself on iwx(4) AX200 and dlg@ on iwm(4) 7260. Johannes Berg helped with deciphering the error code, thanks!
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.196 |
|
11-Apr-2023 |
jsg |
fix double words in comments feedback and ok jmc@ miod, ok millert@
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.195 |
|
20-Mar-2022 |
stsp |
Make background scans pick up APs on 2GHz channels while in 11ac mode.
found by landry@
|
#
1.194 |
|
19-Mar-2022 |
stsp |
Fix wrongly implemented check for 5GHz access point RSSI threshold.
This check was wrong for drivers which report RSSI as a percentage, such as iwm(4) and iwx(4). Such drivers will now prefer 5GHz with 50% or greater RSSI, as was intended.
ok phessler@
|
#
1.193 |
|
19-Mar-2022 |
stsp |
Give 11n and 11ac networks a higher score during SSID selection.
ok phessler@
|
#
1.192 |
|
14-Mar-2022 |
stsp |
Add initial 802.11ac (VHT) support to net80211.
Add VHT capability and operation IE definitions to ieee80211.h. Introduce channel flags to identify 80MHz and 160MHz capable channels.
Parse VHT IEs in beacons, announce the driver's VHT capabilities in probe requests and assoc requests, and hop into 11ac mode after association to the AP if possible.
Enable VHT by default if the driver announces support for it.
ok claudio@
|
#
1.191 |
|
12-Jan-2022 |
stsp |
Remove ieee80211_find_node_for_beacon().
The original purpose of ieee80211_find_node_for_beacon() was to avoid storing duplicate nodes with the same source MAC address in a hash table. Later on, our node table data structure was changed from a hash table to an RB tree. The RB tree can only store a single node per MAC address. However, find_node_for_beacon() was kept regardless, now documented to serve a different purpose.
Its new purpose is to tell apart different nodes which happen to use the same MAC address and hence cannot both be stored in the RB tree. The idea is to filter such duplicate nodes out during a scan. But colliding nodes are told apart by RSSI and channel, and either may change over time. So this does not really prevent duplicate MAC addresses from causing issues.
The code which decides which node is "better" can erroneously match an AP against itself, in case the AP uses a hidden SSID. This caused workarounds for hidden SSID to pile up over time. Just a bit further down, the code looks up the same node again and performs all of the intended node state updates. Simply skipping the ieee80211_find_node_for_beacon() check makes such state updates work.
ok tobhe@
|
#
1.190 |
|
07-Dec-2021 |
stsp |
Teach the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface.
Prevents a "key unset for sw crypto" panic as we try to send a frame to a node which is in COLLECT state with its WPA keys already cleared.
We were already clearing the queue which buffers power-saved frames for the client node. This queue is stored within the node structure itself. However, the interface has another global queue for frames which need to be transmitted by the driver to a set of nodes during the next DTIM. We missed removing frames for a departing node from this global queue.
While here, add missing node refcount adjustments as frames get purged.
Problem reported by Mikolaj Kucharski, who tested this fix for more than a week with athn(4), with no further panics observed.
|
#
1.189 |
|
03-Dec-2021 |
stsp |
Introduce an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence. This handler allows drivers to ensure that race conditions between firmware state and net80211 state are avoided, and will be used by the iwm(4) and iwx(4) drivers soon.
Split the existing roaming teardown sequence into two steps, one step for tearing down Tx block ack sessions which sends a DELBA frame, and a second step for flushing Tx rings followed by sending a DEAUTH frame. We used to queue both frames, expecting to switch APs once both were sent. Now we effectively expect everything to be sent before we queue a final DEAUTH frame, and wait for just this frame to be sent before switching. This already made issues on iwm/iwx less frequent but by itself this was not enough to close all races for those drivers. It should however help when adding background scan support to a non-firmware device driver.
Tested, with driver patches: iwm 8265: Aaron Poffenberger, stsp iwm 9260: florian iwm 9560: sthen iwx ax200: jmc, stsp
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.196 |
|
11-Apr-2023 |
jsg |
fix double words in comments feedback and ok jmc@ miod, ok millert@
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.195 |
|
20-Mar-2022 |
stsp |
Make background scans pick up APs on 2GHz channels while in 11ac mode.
found by landry@
|
#
1.194 |
|
19-Mar-2022 |
stsp |
Fix wrongly implemented check for 5GHz access point RSSI threshold.
This check was wrong for drivers which report RSSI as a percentage, such as iwm(4) and iwx(4). Such drivers will now prefer 5GHz with 50% or greater RSSI, as was intended.
ok phessler@
|
#
1.193 |
|
19-Mar-2022 |
stsp |
Give 11n and 11ac networks a higher score during SSID selection.
ok phessler@
|
#
1.192 |
|
14-Mar-2022 |
stsp |
Add initial 802.11ac (VHT) support to net80211.
Add VHT capability and operation IE definitions to ieee80211.h. Introduce channel flags to identify 80MHz and 160MHz capable channels.
Parse VHT IEs in beacons, announce the driver's VHT capabilities in probe requests and assoc requests, and hop into 11ac mode after association to the AP if possible.
Enable VHT by default if the driver announces support for it.
ok claudio@
|
#
1.191 |
|
12-Jan-2022 |
stsp |
Remove ieee80211_find_node_for_beacon().
The original purpose of ieee80211_find_node_for_beacon() was to avoid storing duplicate nodes with the same source MAC address in a hash table. Later on, our node table data structure was changed from a hash table to an RB tree. The RB tree can only store a single node per MAC address. However, find_node_for_beacon() was kept regardless, now documented to serve a different purpose.
Its new purpose is to tell apart different nodes which happen to use the same MAC address and hence cannot both be stored in the RB tree. The idea is to filter such duplicate nodes out during a scan. But colliding nodes are told apart by RSSI and channel, and either may change over time. So this does not really prevent duplicate MAC addresses from causing issues.
The code which decides which node is "better" can erroneously match an AP against itself, in case the AP uses a hidden SSID. This caused workarounds for hidden SSID to pile up over time. Just a bit further down, the code looks up the same node again and performs all of the intended node state updates. Simply skipping the ieee80211_find_node_for_beacon() check makes such state updates work.
ok tobhe@
|
#
1.190 |
|
07-Dec-2021 |
stsp |
Teach the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface.
Prevents a "key unset for sw crypto" panic as we try to send a frame to a node which is in COLLECT state with its WPA keys already cleared.
We were already clearing the queue which buffers power-saved frames for the client node. This queue is stored within the node structure itself. However, the interface has another global queue for frames which need to be transmitted by the driver to a set of nodes during the next DTIM. We missed removing frames for a departing node from this global queue.
While here, add missing node refcount adjustments as frames get purged.
Problem reported by Mikolaj Kucharski, who tested this fix for more than a week with athn(4), with no further panics observed.
|
#
1.189 |
|
03-Dec-2021 |
stsp |
Introduce an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence. This handler allows drivers to ensure that race conditions between firmware state and net80211 state are avoided, and will be used by the iwm(4) and iwx(4) drivers soon.
Split the existing roaming teardown sequence into two steps, one step for tearing down Tx block ack sessions which sends a DELBA frame, and a second step for flushing Tx rings followed by sending a DEAUTH frame. We used to queue both frames, expecting to switch APs once both were sent. Now we effectively expect everything to be sent before we queue a final DEAUTH frame, and wait for just this frame to be sent before switching. This already made issues on iwm/iwx less frequent but by itself this was not enough to close all races for those drivers. It should however help when adding background scan support to a non-firmware device driver.
Tested, with driver patches: iwm 8265: Aaron Poffenberger, stsp iwm 9260: florian iwm 9560: sthen iwx ax200: jmc, stsp
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.195 |
|
20-Mar-2022 |
stsp |
Make background scans pick up APs on 2GHz channels while in 11ac mode.
found by landry@
|
#
1.194 |
|
19-Mar-2022 |
stsp |
Fix wrongly implemented check for 5GHz access point RSSI threshold.
This check was wrong for drivers which report RSSI as a percentage, such as iwm(4) and iwx(4). Such drivers will now prefer 5GHz with 50% or greater RSSI, as was intended.
ok phessler@
|
#
1.193 |
|
19-Mar-2022 |
stsp |
Give 11n and 11ac networks a higher score during SSID selection.
ok phessler@
|
#
1.192 |
|
14-Mar-2022 |
stsp |
Add initial 802.11ac (VHT) support to net80211.
Add VHT capability and operation IE definitions to ieee80211.h. Introduce channel flags to identify 80MHz and 160MHz capable channels.
Parse VHT IEs in beacons, announce the driver's VHT capabilities in probe requests and assoc requests, and hop into 11ac mode after association to the AP if possible.
Enable VHT by default if the driver announces support for it.
ok claudio@
|
#
1.191 |
|
12-Jan-2022 |
stsp |
Remove ieee80211_find_node_for_beacon().
The original purpose of ieee80211_find_node_for_beacon() was to avoid storing duplicate nodes with the same source MAC address in a hash table. Later on, our node table data structure was changed from a hash table to an RB tree. The RB tree can only store a single node per MAC address. However, find_node_for_beacon() was kept regardless, now documented to serve a different purpose.
Its new purpose is to tell apart different nodes which happen to use the same MAC address and hence cannot both be stored in the RB tree. The idea is to filter such duplicate nodes out during a scan. But colliding nodes are told apart by RSSI and channel, and either may change over time. So this does not really prevent duplicate MAC addresses from causing issues.
The code which decides which node is "better" can erroneously match an AP against itself, in case the AP uses a hidden SSID. This caused workarounds for hidden SSID to pile up over time. Just a bit further down, the code looks up the same node again and performs all of the intended node state updates. Simply skipping the ieee80211_find_node_for_beacon() check makes such state updates work.
ok tobhe@
|
#
1.190 |
|
07-Dec-2021 |
stsp |
Teach the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface.
Prevents a "key unset for sw crypto" panic as we try to send a frame to a node which is in COLLECT state with its WPA keys already cleared.
We were already clearing the queue which buffers power-saved frames for the client node. This queue is stored within the node structure itself. However, the interface has another global queue for frames which need to be transmitted by the driver to a set of nodes during the next DTIM. We missed removing frames for a departing node from this global queue.
While here, add missing node refcount adjustments as frames get purged.
Problem reported by Mikolaj Kucharski, who tested this fix for more than a week with athn(4), with no further panics observed.
|
#
1.189 |
|
03-Dec-2021 |
stsp |
Introduce an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence. This handler allows drivers to ensure that race conditions between firmware state and net80211 state are avoided, and will be used by the iwm(4) and iwx(4) drivers soon.
Split the existing roaming teardown sequence into two steps, one step for tearing down Tx block ack sessions which sends a DELBA frame, and a second step for flushing Tx rings followed by sending a DEAUTH frame. We used to queue both frames, expecting to switch APs once both were sent. Now we effectively expect everything to be sent before we queue a final DEAUTH frame, and wait for just this frame to be sent before switching. This already made issues on iwm/iwx less frequent but by itself this was not enough to close all races for those drivers. It should however help when adding background scan support to a non-firmware device driver.
Tested, with driver patches: iwm 8265: Aaron Poffenberger, stsp iwm 9260: florian iwm 9560: sthen iwx ax200: jmc, stsp
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.192 |
|
14-Mar-2022 |
stsp |
Add initial 802.11ac (VHT) support to net80211.
Add VHT capability and operation IE definitions to ieee80211.h. Introduce channel flags to identify 80MHz and 160MHz capable channels.
Parse VHT IEs in beacons, announce the driver's VHT capabilities in probe requests and assoc requests, and hop into 11ac mode after association to the AP if possible.
Enable VHT by default if the driver announces support for it.
ok claudio@
|
#
1.191 |
|
12-Jan-2022 |
stsp |
Remove ieee80211_find_node_for_beacon().
The original purpose of ieee80211_find_node_for_beacon() was to avoid storing duplicate nodes with the same source MAC address in a hash table. Later on, our node table data structure was changed from a hash table to an RB tree. The RB tree can only store a single node per MAC address. However, find_node_for_beacon() was kept regardless, now documented to serve a different purpose.
Its new purpose is to tell apart different nodes which happen to use the same MAC address and hence cannot both be stored in the RB tree. The idea is to filter such duplicate nodes out during a scan. But colliding nodes are told apart by RSSI and channel, and either may change over time. So this does not really prevent duplicate MAC addresses from causing issues.
The code which decides which node is "better" can erroneously match an AP against itself, in case the AP uses a hidden SSID. This caused workarounds for hidden SSID to pile up over time. Just a bit further down, the code looks up the same node again and performs all of the intended node state updates. Simply skipping the ieee80211_find_node_for_beacon() check makes such state updates work.
ok tobhe@
|
#
1.190 |
|
07-Dec-2021 |
stsp |
Teach the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface.
Prevents a "key unset for sw crypto" panic as we try to send a frame to a node which is in COLLECT state with its WPA keys already cleared.
We were already clearing the queue which buffers power-saved frames for the client node. This queue is stored within the node structure itself. However, the interface has another global queue for frames which need to be transmitted by the driver to a set of nodes during the next DTIM. We missed removing frames for a departing node from this global queue.
While here, add missing node refcount adjustments as frames get purged.
Problem reported by Mikolaj Kucharski, who tested this fix for more than a week with athn(4), with no further panics observed.
|
#
1.189 |
|
03-Dec-2021 |
stsp |
Introduce an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence. This handler allows drivers to ensure that race conditions between firmware state and net80211 state are avoided, and will be used by the iwm(4) and iwx(4) drivers soon.
Split the existing roaming teardown sequence into two steps, one step for tearing down Tx block ack sessions which sends a DELBA frame, and a second step for flushing Tx rings followed by sending a DEAUTH frame. We used to queue both frames, expecting to switch APs once both were sent. Now we effectively expect everything to be sent before we queue a final DEAUTH frame, and wait for just this frame to be sent before switching. This already made issues on iwm/iwx less frequent but by itself this was not enough to close all races for those drivers. It should however help when adding background scan support to a non-firmware device driver.
Tested, with driver patches: iwm 8265: Aaron Poffenberger, stsp iwm 9260: florian iwm 9560: sthen iwx ax200: jmc, stsp
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.191 |
|
12-Jan-2022 |
stsp |
Remove ieee80211_find_node_for_beacon().
The original purpose of ieee80211_find_node_for_beacon() was to avoid storing duplicate nodes with the same source MAC address in a hash table. Later on, our node table data structure was changed from a hash table to an RB tree. The RB tree can only store a single node per MAC address. However, find_node_for_beacon() was kept regardless, now documented to serve a different purpose.
Its new purpose is to tell apart different nodes which happen to use the same MAC address and hence cannot both be stored in the RB tree. The idea is to filter such duplicate nodes out during a scan. But colliding nodes are told apart by RSSI and channel, and either may change over time. So this does not really prevent duplicate MAC addresses from causing issues.
The code which decides which node is "better" can erroneously match an AP against itself, in case the AP uses a hidden SSID. This caused workarounds for hidden SSID to pile up over time. Just a bit further down, the code looks up the same node again and performs all of the intended node state updates. Simply skipping the ieee80211_find_node_for_beacon() check makes such state updates work.
ok tobhe@
|
#
1.190 |
|
07-Dec-2021 |
stsp |
Teach the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface.
Prevents a "key unset for sw crypto" panic as we try to send a frame to a node which is in COLLECT state with its WPA keys already cleared.
We were already clearing the queue which buffers power-saved frames for the client node. This queue is stored within the node structure itself. However, the interface has another global queue for frames which need to be transmitted by the driver to a set of nodes during the next DTIM. We missed removing frames for a departing node from this global queue.
While here, add missing node refcount adjustments as frames get purged.
Problem reported by Mikolaj Kucharski, who tested this fix for more than a week with athn(4), with no further panics observed.
|
#
1.189 |
|
03-Dec-2021 |
stsp |
Introduce an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence. This handler allows drivers to ensure that race conditions between firmware state and net80211 state are avoided, and will be used by the iwm(4) and iwx(4) drivers soon.
Split the existing roaming teardown sequence into two steps, one step for tearing down Tx block ack sessions which sends a DELBA frame, and a second step for flushing Tx rings followed by sending a DEAUTH frame. We used to queue both frames, expecting to switch APs once both were sent. Now we effectively expect everything to be sent before we queue a final DEAUTH frame, and wait for just this frame to be sent before switching. This already made issues on iwm/iwx less frequent but by itself this was not enough to close all races for those drivers. It should however help when adding background scan support to a non-firmware device driver.
Tested, with driver patches: iwm 8265: Aaron Poffenberger, stsp iwm 9260: florian iwm 9560: sthen iwx ax200: jmc, stsp
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.190 |
|
07-Dec-2021 |
stsp |
Teach the net80211 stack to remove corresponding frames from ic_pwrsaveq when a power-saving client decides to leave our hostap interface.
Prevents a "key unset for sw crypto" panic as we try to send a frame to a node which is in COLLECT state with its WPA keys already cleared.
We were already clearing the queue which buffers power-saved frames for the client node. This queue is stored within the node structure itself. However, the interface has another global queue for frames which need to be transmitted by the driver to a set of nodes during the next DTIM. We missed removing frames for a departing node from this global queue.
While here, add missing node refcount adjustments as frames get purged.
Problem reported by Mikolaj Kucharski, who tested this fix for more than a week with athn(4), with no further panics observed.
|
#
1.189 |
|
03-Dec-2021 |
stsp |
Introduce an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence. This handler allows drivers to ensure that race conditions between firmware state and net80211 state are avoided, and will be used by the iwm(4) and iwx(4) drivers soon.
Split the existing roaming teardown sequence into two steps, one step for tearing down Tx block ack sessions which sends a DELBA frame, and a second step for flushing Tx rings followed by sending a DEAUTH frame. We used to queue both frames, expecting to switch APs once both were sent. Now we effectively expect everything to be sent before we queue a final DEAUTH frame, and wait for just this frame to be sent before switching. This already made issues on iwm/iwx less frequent but by itself this was not enough to close all races for those drivers. It should however help when adding background scan support to a non-firmware device driver.
Tested, with driver patches: iwm 8265: Aaron Poffenberger, stsp iwm 9260: florian iwm 9560: sthen iwx ax200: jmc, stsp
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.189 |
|
03-Dec-2021 |
stsp |
Introduce an optional driver-specific bgscan_done() handler which allows the driver to take control of the roaming teardown sequence. This handler allows drivers to ensure that race conditions between firmware state and net80211 state are avoided, and will be used by the iwm(4) and iwx(4) drivers soon.
Split the existing roaming teardown sequence into two steps, one step for tearing down Tx block ack sessions which sends a DELBA frame, and a second step for flushing Tx rings followed by sending a DEAUTH frame. We used to queue both frames, expecting to switch APs once both were sent. Now we effectively expect everything to be sent before we queue a final DEAUTH frame, and wait for just this frame to be sent before switching. This already made issues on iwm/iwx less frequent but by itself this was not enough to close all races for those drivers. It should however help when adding background scan support to a non-firmware device driver.
Tested, with driver patches: iwm 8265: Aaron Poffenberger, stsp iwm 9260: florian iwm 9560: sthen iwx ax200: jmc, stsp
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.188 |
|
03-Nov-2021 |
krw |
In addition to the WEP key(s) being set at device initialization with 'nwid'/'nwkey', the keys will be set at random times when 'join'/'nwkey' is used. So also stop trying to set IEEE80211_CIPHER_NONE keys on that path.
James Hastings confirms this fixes his '(null node)' panics on run(4). Thanks!
ok stsp@
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.187 |
|
08-Oct-2021 |
stsp |
Revert my previous commit to ieee80211_node.c (CVS commit Hne35XgzezGa9zmv).
Sending frames from ieee80211_node_join_bss() won't work as expected. I missed that IEEE80211_SEND_MGMT() calls if_start() immediately after queueing the management frame. This means the probe request is being sent in a state where, while ic_bss represents our new AP, the driver did not yet have a chance to move the device over to our new AP.
The auth request for the new AP is sent from ieee80211_newstate() which runs after the driver has reconfigured the device. If want to send a probe request to the new AP then we would need to send it at that point, before the auth frame gets sent.
|
#
1.186 |
|
07-Oct-2021 |
stsp |
Send a probe request to our new AP when we are about to roam to it.
Tested by fkr on iwx ax200/ax201 and myself on iwm 8265. Also tested by florian and bket as part of a larger diff.
ok mpi@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.185 |
|
29-Apr-2021 |
stsp |
Make iwn, iwm, and iwx keep track of beacon parameters at run-time.
- HT protection settings (this was already implemented) - ERP (11g) protection setting - short slottime setting - short preamble setting - EDCA (QoS) parameters
All of these parameters are communicated in beacons and hardware is now kept up-to-date with them.
Prompted by a problem report from Christian Ehrhardt regarding ERP.
Tested: iwn 6205: stsp, Josh Grosse iwm 7265: trondd iwm 8265: stsp, Matthias Schmidt iwm 9260: phessler iwx ax200: stsp, jmc, gnezdo
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.184 |
|
15-Apr-2021 |
stsp |
When starting an AP or IBSS network, reconfigure the operation mode to 11ac/n/a/g/b as applicable. Fixes an issue where hostap would end up running in the rather meaningless MODE_AUTO unless a mode was explicitly configured with ifconfig.
Found while investigating issues reported by trondd testing my athn RA patch.
ok deraadt@
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.183 |
|
10-Mar-2021 |
jsg |
spelling
ok gnezdo@ semarie@ mpi@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.182 |
|
31-May-2020 |
stsp |
Remove a dead assignment to ni_rsn_state in ieee80211_node_leave_rsn().
Patch by Mikolaj Kucharski
|
Revision tags: OPENBSD_6_7_BASE
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.181 |
|
05-May-2020 |
stsp |
Purge the ic_bss->ni_savedq mbuf queue when a wireless interface goes down.
Purging this queue prevents a panic which occurs when a WPA2-enabled athn(4) hostap interface is reconfigured while this queue contains frames.
In hostap mode, this queue contains group-addressed (broadcast) frames which are buffered for clients sleeping in powersave state. Frames on this queue are transmitted when it is time to send another beacon, at which point in time sleeping clients wake up to receive such frames.
The panic message is "key unset for sw crypto", which can be explained as follows: Group keys are cleared when the interface goes down. The beacon Tx interrupt handler gets triggered by hardware when the interface comes back up. This handler attempts to encrypt the queued frames for transmission, resulting in the above panic since the group key has been zeroed out.
This panic has been observed with athn(4) by Jan Stary and Ted Patterson, and Ted has confirmed that this patch fixes the problem.
ok kettenis@ (with the caveat that it's been a long time since he put our AP-side powersave support into a working state)
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.180 |
|
08-Apr-2020 |
stsp |
Fix ifconfig "media:" line for 11n wifi interfaces during and after bgscan.
Media was displayed as e.g. "autoselect (OFDM6)" even though 11n was active because the current media mode is changed to AUTO for background scanning and was never switched back to 11N.
ok mpi@ pirofti@
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.179 |
|
15-Jan-2020 |
phessler |
If join is connected to an AP, remove the node from the cache so we properly reconnect to the AP
OK stsp@
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.178 |
|
29-Dec-2019 |
stsp |
If the new candidate AP found after a background scan has an RSSI level that will also trigger background scans, remain with the current AP. Avoids ping-pong in environments where APs are tuned for low transmit range, such as 36c3.
ok phessler benno
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.177 |
|
10-Nov-2019 |
stsp |
Stop connecting to available open wifi networks when the interface is put up. From now on, this behaviour must be explicitly enabled with ifconfig join "". ok sthen jcs deraadt
|
#
1.176 |
|
09-Nov-2019 |
stsp |
Give access points which fail to AUTH or ASSOC less priority during the next selection of networks from the join list. Prevents endless attempts to connect to an AP which is out of reach but still somehow manages to get a beacon or two across to us during scan.
Tested with wifi networks at the University of Bucharest. Makes switching wifi networks possible after walking to a different room without having to down/up the interface or suspend/resume.
ok phessler@
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.175 |
|
09-Nov-2019 |
stsp |
Clear the unref callback function pointer when cleaning up an ieee80211_node. ok mpi@
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.174 |
|
31-Oct-2019 |
stsp |
Make background scans less frequent if we keep choosing the same AP.
This helps a bit in situations where a single AP is used and background scans are causing packet loss, as seen with Jesper Wellin's Broadcom-based AP and my Android phone in hotspot mode. This is not a proper fix but our background scan frequency against a single AP was much higher than needed anyway.
Tested by jan, job, benno, Tracey Emery, Jesper Wallin
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.173 |
|
02-Sep-2019 |
stsp |
Make net80211 expose reasons for association failures to userland and have ifconfig display them in 'scan' output and on the ieee80211 status line if the failure is applicable to an already selected AP (e.g. wrong WPA key).
This will hopefully reduce the amount of help requests for what often turn out to be trivial misconfiguration issues that were previously hard to diagnose without debug mode.
ifconfig must be recompiled with the new ieee80211_ioctl.h to stay in sync with the kernel. A full 'make build' will do the right thing!
Very helpful input by mpi@ and deraadt@
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.172 |
|
27-Aug-2019 |
stsp |
Keep ieee80211_node structures cached across scans, rather than wiping the entire cache every time a scan is triggered.
This has benefits for userland programs trying to look at scan results, and for drivers which don't get a full view from hardware on every scan.
Nodes will still be evicted from the cache in one of several ways:
Add a new way of timing out inactive nodes which don't send a beacon within 10 scan iterations, for client mode only. This should get rid of stale APs if we're scanning for some time in a changing environment.
If we fail to associate a few times, the corresponding node is removed.
If net80211 transitions back to INIT state (e.g. because of a user-initiated configuration change) all nodes are removed.
When a background scan starts all nodes will be removed. This could be revisited later but has been intentionally left as-is for now.
Tested by myself, jmc@, benno@, procter@ on iwm(4), athn(4) and ral(4).
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.171 |
|
26-Aug-2019 |
stsp |
remove redundant assignment to ic_curmode
This assignment to ic_curmode is redundant because it already occurs inside ieee80211_setmode(), and channel information in selbs and ni is equivalent after node_copy().
ok mpi@ kevlo@
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.170 |
|
29-Jul-2019 |
stsp |
Add support for 802.11n Tx aggregation to net80211 and the iwn(4) driver.
In particular, add Tx block ack session management to net80211, with enough funcionality to support Tx aggregation on devices which perform A-MPDU subframe scheduling in firmware. Make use of the iwn(4) firmware Tx scheduler to build A-MPDUs.
net80211's QoS support code is now enabled and used by Tx aggregation.
A-MSDU frames inside A-MPDUs have been tested and work in principle. For now, this feature is disabled because unfair TCP connection sharing was observed during testing, where bursts of TCP Ack frames for a single tcpbench(1) connection arriving in A-MSDUs made other TCP connections stall. Switch off support for A-MSDUs inside A-MPDUs on the Rx side as well.
Tested on iwn chipsets 1000, 4965, 5100, 5300, 2200, 6200, 6205, 6300 (committed version of tested diff has all debug printfs removed) tests/ok benno kmos mlarkin kevlo
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.169 |
|
23-Jul-2019 |
stsp |
In 11n hostap mode, properly disable HT protection when needed by actually overwriting the relevant bits in ni_htop1. ok tedu@ phessler@ kettenis@
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.168 |
|
10-Jun-2019 |
stsp |
Revised version of 'ifconfig mode' command fix.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew (earlier version) relentless testing by krw@
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.167 |
|
31-May-2019 |
stsp |
Revert my "Repair the 'ifconfig mode' command" commit.
The "recursion in end_scan()" problem is apparently still present in the committed version of the diff (reported by krw@).
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.166 |
|
29-May-2019 |
stsp |
Repair the 'ifconfig mode' command.
The 'mode' command is supposed to force a wireless interface into 11a/b/g/n media mode. This stopped working some time ago, probably during my work on background scanning. Problem spotted by mlarkin@ who noticed that interfaces were using 11g mode while forced to 11b mode.
ok phessler, jmatthew
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.165 |
|
11-May-2019 |
stsp |
Show driver name on net80211 scan debug lines. ok mpi@
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.164 |
|
28-Apr-2019 |
mpi |
Removes the KERNEL_LOCK() from bridge(4)'s output fast-path.
This redefines the ifp <-> bridge relationship. No lock can be currently used across the multiples contexts where the bridge has tentacles to protect a pointer, use an interface index.
Tested by various, ok dlg@, visa@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.163 |
|
15-Mar-2019 |
phessler |
fix autojoin for WEP network by actually saving the WEP auth key
discovered while attempting to autojoin WEP networks
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.162 |
|
01-Mar-2019 |
stsp |
Improve handling of HT protection for 'mode 11n' hostap.
Consider the mere presence of HTCAP IEs as indicator of 11n support, rather than checking advertised Rx MCS. Fixes some devices being misclassified as 11a/g, causing HT protection to be enabled even though it is not needed.
Use CTS-to-self frames for HT protection instead of RTS/CTS.
These changes make my athn(4) AR9280 hostap perform much better.
ok phessler@
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.161 |
|
23-Jan-2019 |
stsp |
Move 802.11n rateset definitions out of MiRA and make them available to net80211 and drivers in general. Add ratesets for 'short guard interval' (SGI) rates, and add SGI support to MiRA. SGI is currently only used by iwm(4), and of course internally by bwfm(4) firmware. Ratesets for 11n 40 MHz channels and 11ac will come later. ok mpi@ phessler@
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.160 |
|
18-Jan-2019 |
phessler |
add a len field when we delete an essid from the joinlist. this will have us properly match, instead of hoping we got lucky when selecting it.
OK stsp@
|
#
1.159 |
|
18-Jan-2019 |
phessler |
let users automatically use join to connect to any open wifi network. if a known network is visible, always prefer that instead.
requested by many, OK stsp@
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.158 |
|
25-Nov-2018 |
phessler |
print more details about the join'd networks we have saved when a user runs ifconfig if joinlist
OK stsp@
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.157 |
|
20-Nov-2018 |
phessler |
fix whitespace in debugging function
|
#
1.156 |
|
20-Nov-2018 |
patrick |
The first packet received from each AP in each QoS class would be dropped as the sequence number matches the initial value of the cached last sequence number (zero). On some APs (notably Android WIFI hotspots) this hits the first packet of the WPA2 4-way handshake. This causes connection delays and in some cases connection to the AP fails completely. Initialize the cached last sequence numbers for received packets to an invalid value instead.
From Christian Ehrhardt ok gerhard@ stsp@
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.155 |
|
27-Oct-2018 |
phessler |
pass around the ess and ni structures we plan to use directly, instead of rediscovering them (possibly badly).
OK stsp@
|
#
1.154 |
|
27-Oct-2018 |
phessler |
clean up accounting of the AUTO_JOIN flag by making sure it is set or cleared based on the state of the joinlist
OK stsp@
|
#
1.153 |
|
27-Oct-2018 |
phessler |
don't join to a network where we expect cleartext, and the AP is using crypto
OK stsp@
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.152 |
|
18-Sep-2018 |
mestre |
fix memory leak in ieee80211_end_scan()
OK phessler@ jsg@
|
#
1.151 |
|
17-Sep-2018 |
jsg |
fix memory leaks in ieee80211_add_ess() ok stsp@ phessler@
|
#
1.150 |
|
11-Sep-2018 |
phessler |
ues the format string for signed ints, for signed ints
reminded by stsp@
|
#
1.149 |
|
11-Sep-2018 |
phessler |
With the interface debug flag enabled, print a "score" for each AP we consider during auto-join. This can help users determine why a specific network was chosen.
OK stsp@
|
#
1.148 |
|
10-Sep-2018 |
phessler |
fix typo in the length of the essid we want to switch to
found with and OK stsp@
|
#
1.147 |
|
10-Sep-2018 |
phessler |
extract clearing WEP/WPA in ess into helper functions
|
#
1.146 |
|
10-Sep-2018 |
phessler |
give set_ess a len variable, so we can correctly match the essid we want to switch to.
pointed out by stsp@
|
#
1.145 |
|
09-Sep-2018 |
phessler |
convert the things we save in 'join' into a single ioctl. mixing related settings over multiple calls was risky and racy. Pass essid, wpa, and wep paramaters in a single ioctl and process it atomically.
no change for 'nwid' users
OK stsp@ benno@
|
#
1.144 |
|
06-Sep-2018 |
jsg |
fix whitespace
|
#
1.143 |
|
01-Sep-2018 |
stsp |
Make 'ifconfig nwid' override 'ifconfig join'.
There was no way to override a decision made by join's network selection algorithm (apart from disabling the feature by clearing the join list). Automatic selection is based on heuristics which cannot always guess correctly so we need to provide an override.
One specific problem was that if 'nwid foo' and 'nwid bar' were both visible in the scan and only 'nwid foo' was a member of the join list, then there was no way at all to connect to 'nwid bar'. The wireless stack would keep selecting 'nwid foo' instead.
'ifconfig iwm0 nwid bar' command will now disable automatic network selection and force the use of ESSID 'bar'. Any of these commands will re-enable automatic network selection: ifconfig iwm0 -nwid ifconfig iwm0 nwid '' ifconfig iwm0 join some-network-id
ok phessler@ deraadt@
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.142 |
|
15-Aug-2018 |
stsp |
Update AP selection heuristics for auto-join.
We now prefer stronger crypto over weaker crypto over none, prefer 5 GHz band with reasonable RSSI, and use RSSI as a tie-breaker with a slight advantage for 5GHz. Candidate APs are now ranked by a score which is calculated based on these attributes.
There is likely room for improvements to make these heuristics work well across many different environments, but it's a start.
ok phessler@
|
#
1.141 |
|
13-Aug-2018 |
stsp |
Add support for band-steering access points to net80211.
Some access points have a feature called "band steering" where they will try to push clients from 2 GHz channels to 5 GHz channels. If a client sends probe-requests on both 2 GHz and 5GHz channels, and then attempts to authenticate on a 2 GHz channel, such APs will deny authentication and hope that the client will come back on a 5 GHz channel.
So if we fail to AUTH for any reason, and if there is a different AP with the same ESSID that we haven't tried yet, try that AP next. Keep trying until no APs are left, and only then continue scanning.
APs with support for this feature were provided by Mischa Peters.
ok phessler@ mpi@
|
#
1.140 |
|
11-Aug-2018 |
stsp |
Add comment explaining why we read basic MCS set only from beacon/probereq. requested by mpi@
|
#
1.139 |
|
07-Aug-2018 |
stsp |
Ignore basic MCS set information found in association responses.
Some APs (Aruba 105) send a bogus basic MCS set in assoc responses which prevents us from enabling 11n support with those APs, while these APs still behave as if were were an 11n client which renders the association unusable.
The basic MSC set is already provided in beacons anyway, and the 802.11 2012 standard says the basic MSC set is reserved in frames other than beacons (see Table 8-130).
ok mpi@
|
#
1.138 |
|
06-Aug-2018 |
stsp |
Refactor ieee80211_add_ess():
Drop ieee80211_add_ess's nwid parameter. Read nwid and length directly from the ic to make it more obvious where this function is reading from.
nwids are binary data with an explicit length, so treat them as such instead of treating them like strings.
ok florian phessler
|
#
1.137 |
|
06-Aug-2018 |
florian |
Do not set nwid over and over again. We just found the ess by comparing the nwid. It will not have changed in the meantime. OK stsp
|
#
1.136 |
|
03-Aug-2018 |
phessler |
revert 1.133 and part of 1.131 the stack doesn't always fill in the paramaters correctly
reported by many
|
#
1.135 |
|
30-Jul-2018 |
stsp |
Don't ask drivers to join a wifi network before an AP has been chosen. Should fix a panic with bwfm(4) reported by mlarkin@ ok phessler@
|
#
1.134 |
|
19-Jul-2018 |
florian |
ieee80211_ess_is_better() returns 0 or 1, comparing > 1 is always false so we always selected the first wifi available, not the best one.
While here shuffle some deck chairs to make it clearer that anything is better than nothing.
tweak & OK phessler
|
#
1.133 |
|
16-Jul-2018 |
phessler |
the AP sends their crypto parameters as a mask, so let us still select it in case we want WPA2 and they have WPA1 still enabled
|
#
1.132 |
|
16-Jul-2018 |
phessler |
don't save or use auto-join when the card is not in station (aka client) mode
OK stsp@
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.131 |
|
13-Jul-2018 |
phessler |
Some more checks before auto-join switches networks.
Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match.
OK stsp@
|
#
1.130 |
|
11-Jul-2018 |
phessler |
Introduce 'auto-join' to the wifi 802.11 stack.
This allows a system to remember which ESSIDs it wants to connect to, any relevant security configuration, and switch to it when the network we are currently connected to is no longer available.
Works when connecting and switching between WPA2/WPA1/WEP/clear encryptions.
example hostname.if: join home wpakey password join work wpakey mekmitasdigoat join open-lounge join cafe wpakey cafe2018 join "wepnetwork" nwkey "12345" dhcp inet6 autoconf up
OK stsp@ reyk@ and enthusiasm from every hackroom I've been in for the last 3 years
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.129 |
|
28-Apr-2018 |
stsp |
When starting a background scan, free the nodes table to ensure we get an up-to-date view of APs around us. In particular, we need to kick out the AP we are associated to. Otherwise, our current AP might stay cached if it is turned off while we are scanning, and we could end up picking a now non-existent but "good looking" AP over and over.
found with and ok phessler@
|
#
1.128 |
|
27-Apr-2018 |
stsp |
Fix the scan loop: We were only looking for an AP once and stopped scanning if none was found. Accidentally broken in recent ifconfig scan changes by pirofti and me. ok pirofti
|
#
1.127 |
|
26-Apr-2018 |
pirofti |
net80211: stub SIOCS80211SCAN, make ifconfig scan instant.
The following removes the functionality of the SIOCS80211SCAN ioctl. After long discussions with stps@, mpi@, and deraadt@ we decided that this was the correct way of fixing ifconfig scan from blocking the network stack.
The kernel will continue scanning in the background and filling the nodes array, but ifconfig scan commands will now basically do just a SIOCG80211ALLNODES and pretty print the array. So the output stays the same but is instant.
In fact, when the interface is freshly brought up, if you type fast enough, you can see the array being filled by running multiple ifconfig scans in sequence.
The SIOCS80211SCAN ioctl stays for now as wi(4), pgt(4) and malo(4) still need it around. But not for long...
Another change that this introduces is the fact that ifconfig scan no longer plays with UP and DOWN. If the interface is down it complains and exits. This is needed in order to maintain the nodes list.
Works on iwm(4), iwn(4), urtwn(4), run(4) and athn(4).
Tested by mpi@, landry@, florian@, thanks! OK mpi@.
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.126 |
|
06-Feb-2018 |
phessler |
convert the test if a node support HT (aka, 11n) into an inline function, instead of testing some un-obvious bitfield
OK stsp@
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|
#
1.125 |
|
12-Dec-2017 |
stsp |
Don't dereference IEEE80211_CHAN_ANYC pointer in ieee80211_node_checkrssi().
Problem reported by Gregoire Jadi on bugs@
|
#
1.124 |
|
12-Dec-2017 |
phessler |
Allow interfaces that aren't SCANNALLBAND drivers to benefit from the strongest received signal.
OK stsp@
|
#
1.123 |
|
12-Dec-2017 |
jcs |
Fix the behavior of preferring weaker-but-still-good 5Ghz APs over 2Ghz APs because the 5Ghz band is generally less saturated.
The previous implementation was dependent upon the order of walking APs.
ok stsp
|
#
1.122 |
|
08-Dec-2017 |
stsp |
Add support for background scanning to net80211 and iwm(4).
The iwm(4) driver will now roam between access points which share an SSID. Use 'ifconfig iwm0 debug' and 'tail -f /var/log/messages' to watch it do so.
Tested by several people in various iterations. As usual, let me know if you run into issues.
ok phessler deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.121 |
|
05-Sep-2017 |
stsp |
When starting a new scan always set the mode to AUTO if the driver scans all bands at once. Fixes a problem where e.g. 5GHz APs were filtered out if we were previously associated to an 11g-only AP. ok mpi@ phessler@
|
#
1.120 |
|
17-Aug-2017 |
stsp |
Add an entry to dmesg if pairwise WPA keys arrive unexpectedly or if WPA group keys are being reused. OpenBSD wireless clients will now leave a trail of such events in their message log.
There has been increased public scrutiny of WPA's security recently, so I am curious to see if anyone is attempting replay attacks in the wild.
ok deraadt
|
#
1.119 |
|
04-Aug-2017 |
stsp |
Compile a debug printf in ieee80211_match_bss() by default, previously guarded by the IEEE80211_DEBUG preprocessor flag. This shows one line per detected AP after a scan, and indicates which APs are considered candidates for association. Shorten the output a bit to fit into 80 columns more likely. ok sthen@
|
#
1.118 |
|
19-Jul-2017 |
stsp |
Improve the heuristic which selects 5GHz APs over 2GHz APs.
The previous code wasn't quite right: it didn't account for the fact that some drivers don't set ic_max_rssi, and it compared 5GHz APs to a threshold relative to the max RSSI, rather than comparing RSSI on 5GHz relative to RSSI on 2GHz.
This heuristic is only used by SCANNALLBAND drivers: iwn(4), iwm(4), wpi(4)
In the future the AP selection heuristic should be made more intelligent, e.g. it should take BSS load information in beacons into account. Another open problem is inconsistent representation of RSSI measurement values throughout our drivers and stack. Help is welcome!
For now, this hopefully improves AP selection at busy airports.
ok sthen@ deraadt@
|
#
1.117 |
|
04-Jun-2017 |
tb |
Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly to make it more readable.
help, many explanations and ok stsp
|
#
1.116 |
|
03-Jun-2017 |
tb |
Add a few sizes to free().
Input, help & ok stsp
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.115 |
|
04-Mar-2017 |
stsp |
branches: 1.115.4; In 11n hostap mode, dynamically adjust HT protection settings based on the presence of non-HT nodes in the node cache. OpenBSD 11n APs will now disable HT protection if it is not necessary. ok mpi@
|
#
1.114 |
|
03-Feb-2017 |
stsp |
Fix 11b clients sending bogus ratesets in association requests. The common rateset with the AP is calculated only after the association response was received, which is too late. Fix rates when an AP is selected after a scan. ok mpi@ tb@
|
#
1.113 |
|
02-Feb-2017 |
stsp |
Remove global counters from struct ieee80211com which track the number of associated nodes with particular properties: 11b-only ("non-ERP") nodes, nodes requiring long slot time, nodes using WPA, nodes not supporting 11n, nodes currently dozing in powersave state, and nodes with a pending group key update confirmation.
These counters weren't properly maintained. There are bugs in the stack where these counters and actual node properties got out of sync. This is exposed by panics which are supposed to help us catch such bugs. But these panics don't provide real clues.
Instead of maintaining global counters forcing us to hunt refcounting bugs, count nodes with the property in question on demand, by iterating over all nodes and checking their state. This is cheap since we'll never have more than 100 nodes cached, and none of the cases where we need such information is in a performance critical path.
Prevents panics in hostap mode reported by Lauri Tirkkonen on bugs@ last year (https://marc.info/?l=openbsd-bugs&m=147513817930489&w=2) and also encountered by my 11n APs ("panic: bogus non-HT station count 0").
tested by Lauri, tb@, and myself ok mpi@ tb@
|
#
1.112 |
|
16-Jan-2017 |
stsp |
Reset block ack state and cancel related timeouts when a HT node disassociates. The existing code (from damien@) already took care of freeing related buffers but because block ack state was not reset we were still trying to use these buffers if the node sent another A-MPDU. This problem only affects 11n hostap. Fixes kernel crash reported by Timo Myyra on bugs@
|
#
1.111 |
|
09-Jan-2017 |
stsp |
When a HT node leaves or reassociates as a non-HT node, clear HT capabilities stored in its node cache object.
A node may switch from 11n mode to 11a/b/g mode. If we don't clear HT capabilities from the cache the node will be mistaken as 11n-capable after reassociation.
ok phessler@ mpi@
|
#
1.110 |
|
09-Jan-2017 |
stsp |
Make the net80211 stack send EDCA parameters to the driver in hostap mode. Fixes problems with timing of frame transmissions which caused packet loss. tested by myself and tb@ ok phessler@ mpi@ tb@
|
#
1.109 |
|
09-Jan-2017 |
stsp |
Manage the HT protection setting if acting as hostap with 11n enabled.
For now we flip-flop only between non-member protection and non-HT protection. Running a HT network without protection would require monitoring environmental conditions (e.g. foreign beacons) which make HT protection necessary.
The ic_update_htprot driver function becomes optional because it won't be needed by all drivers. Only call it if the driver has set a function pointer.
ok tb@
|
#
1.108 |
|
09-Jan-2017 |
stsp |
The point of ieee80211_node_leave() is to place the node in COLLECT state. Return early and do nothing if the node is already in COLLECT state upon entry to this function.
|
#
1.107 |
|
09-Jan-2017 |
stsp |
When acting as hostap, negotiate HT before calling the driver's ic_newassoc() function, not afterwards. Drivers now know whether a joining node supports HT which helps with setting up state such as which Tx rate to use.
|
#
1.106 |
|
17-Dec-2016 |
stsp |
Complete our half-done implementation of TKIP countermeasures in hostap mode.
The previous code would disable the AP until next reboot upon MIC failure. Instead, disable the AP for 60 seconds, as required by the 802.11 standard. I randomly added a bit of time (up to 120 seconds total) just because we can.
Problem reported by Mathy Vanhoef, thanks! ok deraadt@ random input reyk@
|
#
1.105 |
|
15-Sep-2016 |
dlg |
move from RB macros to the RBT functions.
shaves about 5k off an amd64 GENERIC.MP kernel
|
#
1.104 |
|
17-Aug-2016 |
stsp |
If a wireless device or driver scans all bands at once give 5GHz APs a slight priority in cases where good matches exist in either band. ok sthen@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.103 |
|
21-May-2016 |
stsp |
branches: 1.103.2; Add a wireless driver capability flag for devices which scan 2GHz and 5GHz bands in a single scan offload request. This will be used by iwm(4) soon. ok kettenis@, earlier version ok phessler@
|
#
1.102 |
|
18-May-2016 |
stsp |
In hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice, once to a newly associated node and once to a different node in COLLECT cache state (i.e. marked for future eviction from the node cache).
Drivers (e.g. rt2860) may use AIDs to keep track of nodes in firmware tables and get confused when AIDs aren't unique across the node cache. The symptom observed with rt2860 were nodes stuck at 1 Mbps Tx rate since the duplicate AID made the driver perform Tx rate (AMRR) accounting on the wrong node object.
To find out if a node is associated we now check the node's cache state, rather than comparing the node's AID against zero. An AID is assigned when a node associates and it lasts until the node is eventually purged from the node cache (previously, the AID was made available for re-use when the node was placed in COLLECT state). There is no need to be stingy with AIDs since the number of possible AIDs exceeds the maximum number of nodes in the cache.
Problem found by Nathanael Rensen. Fix written by Nathanael and myself. Tested by Nathanael. Comitting now to get this change tested across as many drivers as possible.
|
#
1.101 |
|
12-Apr-2016 |
mpi |
Call if_enqueue() and if_start() instead of dereferencing the ifp pointers.
These functions have been introduced to abstract some of the MP- safeness^Wmadness and should be use everywhere.
Prodded by a comment from jsg@.
ok mikeb@, stsp@
|
#
1.100 |
|
03-Mar-2016 |
gerhard |
Restore assignment of ic_curmode that was accidentally removed when moving the ERP code to post-assoc phase. Fixes iwi(4) fatal firmware errors.
ok stsp@, sobrado@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.99 |
|
25-Jan-2016 |
stsp |
branches: 1.99.2; Honour ERP protection on 2 GHz channels in 11n mode, as done for 11g. ok millert@
|
#
1.98 |
|
25-Jan-2016 |
stsp |
Don't try to interpret htprot data if the last beacon didn't contain such data. ok mpi@ millert@
|
#
1.97 |
|
07-Jan-2016 |
stsp |
Make the A-MPDU reordering buffer more resilient against APs which drop some subframes or let the sequence number jump up by more than 1 (hard to tell which it is). We decrease the BA inactivity timeout for quicker recovery from stalled BA sessions, and add a new timeout which keeps track of gaps in the subframe sequence number space due to dropped frames. Gaps expire after 500 msec, the same value FreeBSD uses for their implementation of this workaround. And Linux uses this trick, too.
This should fix network stalls some people have been seeing in 11n mode.
ok deraadt@
|
#
1.96 |
|
05-Jan-2016 |
stsp |
Remove the IEEE80211_NO_HT macro. Reduces ifdef spaghetti, enables 11n mode in bsd.rd, and might uncover some bugs. Suggested by tedu@ and deraadt@. ok sthen@ jasper@ deraadt@
|
#
1.95 |
|
04-Jan-2016 |
stsp |
While configuring ERP we need to know if we're in 11a or 11g mode so only configure ERP once we are sure about our operation mode against the AP. ok sthen jasper kettenis deraadt mpi
|
#
1.94 |
|
18-Dec-2015 |
sthen |
unnoccupied->unoccupied
|
#
1.93 |
|
12-Dec-2015 |
stsp |
Finish support for receiving 11n A-MPDUs.
The initial implementation was added by damien@ years ago. Summary of the changes made in this commit: - In ieee80211_input(), process A-MPDUs before duplicate detection. - Don't forget to set ba->ba_ni in ieee80211_recv_addba_req() so we don't crash in ieee80211_rx_ba_timeout(). - In ieee80211_recv_addba_req(), tweak the logic to deny BlockAck requests if the driver has no callback for doing so. - Implement ieee80211_ba_del() which cleans up BlockAck state. - Increase the minimum and maximum lifetime for BlockAck agrements.
ok mpi@
|
#
1.92 |
|
24-Nov-2015 |
mpi |
No need to include <net/if_arp.h>
This header is only needed because <netinet/if_ether.h> declares a structure that needs it. But it turns out that <net/if.h> already includes it as workaround.
A proper solution would be to stop declarting "struct ether_arp" there. But no driver should need this header.
|
#
1.91 |
|
15-Nov-2015 |
stsp |
Parse 11n HT capabilities and operational info from association response frames, negotiate HT with the AP, and move the interface into or out of 11n mode accordingly. If running as AP negotiate HT with nodes joining the BSS.
ok deraadt mpi kettenis guenther
|
#
1.90 |
|
15-Nov-2015 |
stsp |
Extend struct ieee80211_node with fields for 11n STA HT capabilities and HT operational information sent by 11n APs. These fields reflect the structure of elements in management frames so that IEEE80211_HTCAP* and IEEE80211_HTOP* macros designed to operate on frame elements can be used directly to read or set the fields.
Populate nodes with HT information received in probe responses, probe requests, and association requests.
ok deraadt mpi phessler kettenis guenther
|
#
1.89 |
|
04-Nov-2015 |
dlg |
replace the ifqueues in net80211 with mbuf_queues.
the specific queues are ic_mgtq, ic_pwrsaveq, and ni_savedq. rtw had its own queue for beacons.
tested by mpi@ and jmc@ ok mpi@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.88 |
|
15-Jul-2015 |
deraadt |
m_freem() can handle NULL, do not check for this condition beforehands. ok stsp mpi
|
#
1.87 |
|
14-Mar-2015 |
jsg |
Remove some includes include-what-you-use claims don't have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels.
ok tedu@ deraadt@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.86 |
|
23-Dec-2014 |
tedu |
unifdef some more INET. v4 4life.
|
#
1.85 |
|
18-Nov-2014 |
tedu |
move arc4random prototype to systm.h. more appropriate for most code to include that than rdnvar.h. ok deraadt dlg
|
#
1.84 |
|
14-Sep-2014 |
jsg |
remove uneeded proc.h includes ok mpi@ kspillner@
|
#
1.83 |
|
12-Sep-2014 |
sthen |
Remove cached 802.11 nodes in IEEE80211_STA_CACHE state (these are nodes which have been seen but which haven't otherwise interacted with us), fixing a problem where old cached nodes are seen when doing a scan. From Marcin Piotr Pawlowski, feedback stsp@ ok kspillner@ dcoppa@
|
#
1.82 |
|
08-Aug-2014 |
jasper |
use nitems() instead of various local constructs
ok stsp@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.81 |
|
12-Jul-2014 |
tedu |
add a size argument to free. will be used soon, but for now default to 0. after discussions with beck deraadt kettenis.
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.80 |
|
01-Dec-2013 |
stsp |
Reset txrate array index after changing a node's rate list. Should prevent "bogus xmit rate %d setup" panics, which I ran into again in IBSS mode. ok kettenis
|
#
1.79 |
|
21-Nov-2013 |
mpi |
Remove unneeded include.
ok deraadt@
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.78 |
|
24-Mar-2013 |
claudio |
Make ieee80211_set_tim() available from outside of ieee80211_node.c so drivers like acx(4) can use that function directly instead of reimplementing the function again. Requested by kettenis@ long time ago.
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.77 |
|
07-Nov-2012 |
stsp |
Fix DPRINTF() format string treating n->ni_refcnt, which is unsigned, as signed. diff from dhill; ok kettenis reyk
|
#
1.76 |
|
10-Oct-2012 |
kettenis |
Clear the powersave flag and purge queued packets when a node leaves the AP (either by disassociating or by timeout). Fixes (most) remaining issues with power saving.
From Nathanael Rensen.
ok claudio@, krw@, sthen@
|
#
1.75 |
|
05-Oct-2012 |
camield |
Point an interface directly to its bridgeport configuration, instead of to the bridge itself. This is ok, since an interface can only be part of one bridge, and the parent bridge is easy to find from the bridgeport.
This way we can get rid of a lot of list walks, improving performance and shortening the code.
ok henning stsp sthen reyk
|
#
1.74 |
|
20-Sep-2012 |
stsp |
Nuke M_80211_NODE #define which mapped to M_DEVBUF and use M_DEVBUF directly. ok henning
|
#
1.73 |
|
25-Aug-2012 |
kettenis |
Set up ni_savedq for the initial BSS node such that it can actually be used to store multicast frames when one of the associated stations is in power saving mode.
ok stsp@
|
#
1.72 |
|
17-Aug-2012 |
stsp |
Fix possible panic while switching from STA mode into hostap/ibss modes. ieee80211_create_ibss() resets the set of supported rates but failed to update the index into the rate set array accordingly. If the rate configured during STA operation didn't belong to the newly configured rate set the system ran into an assertion ("bogus xmit rate %u setup") while trying to create the IBSS. ok fgsch@
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.71 |
|
18-Jul-2012 |
stsp |
Print messages about nodes purged from the node cache if hostap/ibss modes are compiled in and the interface is in debug mode. ok sthen
|
#
1.70 |
|
16-Jul-2012 |
stsp |
Move increment of ic_nnodes closer to where the node is actually inserted into the cache. Make sure we're at IPL_NET while incrementing/decrementing ic_nnodes. Add a debug message that warns about possible node leaks. All of this affects hostap mode only.
|
#
1.69 |
|
13-Jul-2012 |
stsp |
Tweak node cache eviction strategy when the cache is full: kick off new nodes in AUTH state that weren't active during the cache wait interval rather than keeping them for the entire cache timeout interval. Fixes association failures in noisy RF environments. Tested by edd and myself with a slow soekris suffering from RF noise with about of 50 interrupts per second on ral0. ok deraadt
|
Revision tags: OPENBSD_5_1_BASE
|
#
1.68 |
|
25-Jan-2012 |
stsp |
There is no need to explicitly skip ic_bss when iterating over cached nodes. The ic_bss is never put into the RB tree.
|
#
1.67 |
|
25-Jan-2012 |
stsp |
Clean inactive authenticated nodes during cache timeout as well. There is no need to keep nodes cached with never associated and were inactive within the last 5 minutes or more. Keeps the node cache pretty clean in my environment with typical city-center wlan noise.
|
#
1.66 |
|
21-Jan-2012 |
stsp |
Implement missing bits of node inactivity accounting in hostap mode. Small parts of code for this feature were already present but unused.
A node becomes inactive after not sending or receiving a frame within 5 minutes. Inactive cached nodes (not authenticated or associated) are automatically cleared from the cache once every hour, making room for new nodes. If the node cache is full and room must be made for a new node, clean either a cached node (active or inactive), or an inactive authenticated or associated node.
Also, do not send de-auth frames to nodes which never authenticated, and only send a de-auth frame once for a given node. This part was contributed by Steven Chamberlain, thanks!
Tested by myself, krw@, edd@, Steven Chamberlain, and Markus Schatzl. ok deraadt@
|
#
1.65 |
|
21-Jan-2012 |
stsp |
Hold interrupts blocked while comparing a cached node's refcount to zero and freeing the node. Just in case an interrupt happens to ref the node after the refcount was checked but before the node is freed. Tested by several as part of a larger diff.
|
#
1.64 |
|
18-Jan-2012 |
stsp |
Make it possible to free cached nodes which never associated (e.g. nodes only scanning for networks). These were never put into COLLECT state and were thus never evicted from the node cache in hostap mode. ok jsg@
|
Revision tags: OPENBSD_5_0_BASE
|
#
1.63 |
|
28-Mar-2011 |
kettenis |
Clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise we'll never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
ok damien@
|
Revision tags: OPENBSD_4_8_BASE OPENBSD_4_9_BASE
|
#
1.62 |
|
07-Aug-2010 |
krw |
No "\n" needed at the end of panic() strings.
Bogus chunks pointed out by matthew@ and miod@. No cookies for marco@ and jasper@.
ok deraadt@ miod@ matthew@ jasper@ macro@
|
#
1.61 |
|
19-Jul-2010 |
damien |
in hostap mode, notify drivers via a new callback when a STA leaves the BSS. this is needed by drivers that need to maintain a hardware table of associated STAs (like ral(4) RT2860).
idea from Nathanael Rensen
|
#
1.60 |
|
19-Jun-2010 |
damien |
In ieee80211_node_leave(), clear the associd after calling ieee80211_node_leave_rsn() since ieee80211_node_leave_rsn() calls ic_delete_key() and drivers like ral(4) RT2860 need a valid associd in their delete_key callbacks. This affects HostAP mode only.
from Nathanael Rensen.
remove a useless (nested) #ifndef IEEE80211_STA_ONLY while i'm here
|
#
1.59 |
|
14-Jun-2010 |
damien |
fix my previous commit, i forgot BIP, so instead of enumerating what is not supported as a group cipher, enumerate what is supported.
|
#
1.58 |
|
14-Jun-2010 |
damien |
do not try to associate with an AP using an unsupported group cipher, otherwise we will panic in ieee80211_add_rsn_body().
this may be the cause of a panic seen by reyk@ though i'm not 100% sure.
|
#
1.57 |
|
28-Mar-2010 |
krw |
Four uses of uninitialized variables found by clang via jsg@. ar5416, ar9287 and athn are only theoretically interesting. i33380211_node fixes a real bug in occupied channel detection.
ok damien@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.56 |
|
17-Feb-2010 |
damien |
Do not always create a new node when a beacon or a probe response is received. The creation of a new node is already handled in ieee80211_recv_probe_resp() when necessary. This avoids creating empty nodes with wrong channels when beacons are received on the wrong channel (overlapping channels). Those empty nodes may also prevent the real node from being discovered because of ieee80211_find_node_for_beacon() filtering.
This should prevent entries of the form: nwid "" chan 3 bssid 00:01:02:03:04:05 0dB 54M in "ifconfig if0 scan" output, like reported by Rivo Nurges.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.55 |
|
29-Jan-2009 |
damien |
fix a panic that occurs when IEEE80211_STA_ONLY is defined (SMALL_KERNEL).
noticed by ray@, more investigation from sthen@ fix tested by sthen@
|
#
1.54 |
|
28-Jan-2009 |
damien |
Block Ack agreements are unidirectional. Maintain state for both originator and recipient roles separately. Do not allocate receive reordering buffer in addba_request(). Test the "initiator" bit in incoming DELBA frames and set it appropriately in outgoing DELBA frames. Separate callbacks for Tx/Rx too.
no binary change since all this is #ifdef'ed out.
|
#
1.53 |
|
28-Jan-2009 |
damien |
In ieee80211_find_node(), roll our own RB_FIND() based on the key (macaddr) instead of resorting to horrid hacks/casts. Restore the ieee80211_node structure back to its original state.
|
#
1.52 |
|
27-Jan-2009 |
damien |
unbreak SMALL_KERNEL builds by adding missing #ifndef IEEE80211_STA_ONLY
pointed out by krw@
|
#
1.51 |
|
26-Jan-2009 |
damien |
move ni_macaddr field at the top of the ieee80211_node structure. this way we can avoid putting a full node structure (which is huge) on the stack in ieee80211_find_node(). this is a bit tricky but the RB_FIND macro wants an "elem" structure, not a field of "elem".
|
#
1.50 |
|
26-Jan-2009 |
damien |
Add some initial HT bits (not enabled yet) based on 802.11n Draft 7.01: - implement A-MPDU frames buffering and reordering - implement A-MSDU decapsulation - process/send ADDBA Request, ADDBA Response and DELBA action frames - process Block Ack Request control frames (including MTBAR) - implement PBAC support (Protected Block Ack) - add some incomplete HT Capabilities and HT Operation IEs parsing
Add more Management Frame Protection bits based on 802.11w Draft 7.0: - implement SA Query procedure (both AP and STA) - cleanup BIP
Fix some bugs: - fix check for WEP key length that otherwise caused a stack smash in ieee80211_wep_encrypt (pointed out by Xavier Santolaria on macppc) - properly stop EAPOL timeout: fixes a panic that occured in HostAP mode when turning the interface down while a 4-way handshake is in progress (pointed out by Doughertys)
Did some code cleanup too.
The HT bits are currently not compiled in (IEEE80211_NO_HT is defined) because they won't be ready until after the next release and I didn't want to grow the kernel or to inadvertently introduce new bugs. They are here such that other people can look at the code. Notice that I had to add an extra parameter to ic_send_mgmt() for action frames, that is why there are small changes in drivers defining their own ic_send_mgmt() handler.
Sorry for the not very incremental diff but this has been sitting in my tree for too long now.
|
#
1.49 |
|
14-Dec-2008 |
damien |
Add an ieee80211_notify_dtim() function that drivers should call after every DTIM in HostAP mode. Flushes all group addressed MSDUs buffered at the AP for power management.
|
#
1.48 |
|
23-Oct-2008 |
mk |
Prevent a crash in ieee80211_setkeys() when unplugging an interface in hostap mode by canceling the group rekey timeout in ieee80211_node_detach().
ok damien
|
#
1.47 |
|
15-Oct-2008 |
blambert |
Second pass of simple timeout_add -> timeout_add_sec conversions This should take care of the simpler ones (i.e., timeout values of integer multiples of hz).
ok krw@, art@
|
#
1.46 |
|
27-Sep-2008 |
damien |
Initial implementation of PMKSA caching and pre-authentication. This will be required for future WPA-Enterprise support (802.1X). Add ieee80211_needs_auth() function (not implemented yet) to notify the userland 802.1X PACP machine when an 802.1X port becomes enabled (that is after successfull 802.11 Open System authentication). Add SIOCS80211KEYRUN and SIOCS80211KEYAVAIL ioctls so that the PACP state machine can kick the 802.11 key state machine and install PMKs obtained from 802.1X (pre-)authentication.
Enable SHA-256 based AKMPs by default while I'm here (TGw). This uses SHA-256 for key-derivation (instead of SHA1), AES-128-CMAC for data integrity, and AES Key Wrap for data protection of EAPOL-Key frames. An OpenBSD AP will always advertise this capability and an OpenBSD STA will always prefer SHA-256 based AKMPs over SHA1 based ones if both are supported by an AP.
|
#
1.45 |
|
29-Aug-2008 |
damien |
move code to support Frequency-Hopping spread spectrum (FHSS) PHYs to the Attic. nothing uses it in the tree and it is very unlikely that something will use it one day. the only driver supporting FHSS PHYs in the tree is ray(4) and it does not use net80211.
|
#
1.44 |
|
27-Aug-2008 |
damien |
introduce new IEEE80211_STA_ONLY kernel option that can be set to remove IBSS and HostAP support from net80211 and 802.11 drivers. it can be used to shrink RAMDISK kernels for instance (like what was done for wi(4)). it also has the benefit of highlighting what is specific to IBSS and HostAP modes in the code. the cost is that we now have two code paths to maintain.
|
#
1.43 |
|
12-Aug-2008 |
damien |
new SHA-256 based AKMPs.
|
#
1.42 |
|
12-Aug-2008 |
damien |
add/process group integrity cipher suite in RSN IEs. add support for MFP negotiation during association.
|
#
1.41 |
|
12-Aug-2008 |
damien |
the only integrity group cipher currently supported is AES-128-CMAC.
|
#
1.40 |
|
12-Aug-2008 |
damien |
generate a random IGTK in HostAP mode if we're MFP-capable.
|
#
1.39 |
|
12-Aug-2008 |
damien |
get rid of the map_ptk()/map_gtk() functions, just inline them which makes things easier to track.
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
02-Aug-2008 |
damien |
Drop frames that are received unencrypted when WEP is on or when WPA is on and RX protection for TA is on. Keep track of the TX/RX protection for each node when WPA is on.
tested by djm@ (ral+wpa), ckuethe@ (ath-noenc) and krw@ (wpi<->ral+wpa). hints from bluhm@ has been in snaps for a few days.
pointed out by bluhm@ something like 1 year ago but we did not have the right infrastructure to fix it properly at that time.
ok deraadt@
|
#
1.37 |
|
28-Jul-2008 |
damien |
ignore PS mode changes and PS-Poll from non-associated STAs. keep track of the number of associated STAs in PS mode.
|
#
1.36 |
|
27-Jul-2008 |
damien |
s/IEEE80211_DPRINTF/DPRINTF/ automatically prepend __func__ to output.
deobfuscates debug messages a bit. no binary change unless compiled with IEEE80211_DEBUG.
|
#
1.35 |
|
21-Jul-2008 |
damien |
add ieee80211_priv.h file: contains definitions private to net80211. this must not be included by drivers.
|
#
1.34 |
|
09-Jun-2008 |
djm |
rename arc4random_bytes => arc4random_buf to match libc's nicer name; ok deraadt@
|
#
1.33 |
|
21-Apr-2008 |
damien |
move ieee80211_ibss_merge() from ieee80211_input.c to ieee80211_node.c
|
#
1.32 |
|
21-Apr-2008 |
damien |
move ieee80211_auth_open() to ieee80211_proto.c move ieee80211_setup_rates() to ieee80211_node.c move some prototypes from ieee80211_proto.h to ieee80211_crypto.h
|
#
1.31 |
|
16-Apr-2008 |
damien |
Kernel implementation of the 4-way handshake and group-key handshake protocols (both supplicant and authenticator state machines) as defined in the IEEE 802.11i standard.
Software implementation of the TKIP (Temporal Key Integrity Protocol) and CCMP (CTR with CBC-MAC Protocol) protocols.
This diff doesn't implement any of the 802.1X authentication protocols and thus only PSK authentication (using pre-shared keys) is currently supported.
In concrete terms, this adds support for WPA-PSK and WPA2-PSK protocols, both in station and hostap modes.
The following drivers are marked as WPA-capable and should work: bwi(4), malo(4), ral(4), iwn(4), wpi(4), ural(4), rum(4), upgt(4), and zyd(4)
The following options have been added to ifconfig(8): wpa, wpapsk, wpaprotos, wpaakms, wpaciphers, wpagroupcipher
wpa-psk(8) can be used to generate keys from passphrases.
tested by many@ ok deraadt@
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.30 |
|
29-Oct-2007 |
chl |
MALLOC/FREE -> malloc/free
ok krw@
|
#
1.29 |
|
07-Sep-2007 |
damien |
use new malloc M_ZERO flag + replace MALLOC with malloc
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.28 |
|
06-Jul-2007 |
damien |
remove remaining bits for pre-RSNA shared authmode support. it has been #if 0'd since 3.9 and we have never supported this mode (no ifconfig option etc...).
|
#
1.27 |
|
06-Jul-2007 |
damien |
initialize an unitialized variable.
|
#
1.26 |
|
03-Jul-2007 |
damien |
maintain the traffic-indication (TIM) virtual bitmap by defining a default ieee80211_set_tim() function that drivers can override by setting ic_set_tim.
|
#
1.25 |
|
02-Jul-2007 |
damien |
initial bits for proper TIM support.
|
#
1.24 |
|
16-Jun-2007 |
damien |
constify
|
#
1.23 |
|
16-Jun-2007 |
damien |
don't mix u_int{8,16,32}_t and uint{8,16,32}_t use u_int{8,16,32}_t everywhere.
|
#
1.22 |
|
16-Jun-2007 |
damien |
de-static
ok jsg@
|
#
1.21 |
|
07-Jun-2007 |
damien |
expand the IEEE80211_NODE_{LOCK,UNLOCK}* macros into their respective definitions. remove comments about "lock order reversals" that are specific to freebsd.
ok reyk@ jsg@ mglocker@
|
#
1.20 |
|
06-Jun-2007 |
damien |
The license permits us to redistribute this code under the BSD or the GPLv2. Choose the BSD license so that future enhancements will be BSD-only.
ok jsg@ reyk@ deraadt@
|
#
1.19 |
|
10-Apr-2007 |
miod |
``it's'' -> ``its'' when the grammar gods require this change.
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.18 |
|
15-Nov-2006 |
damien |
s/roundup/howmany/ where it makes sense.
|
#
1.17 |
|
13-Nov-2006 |
damien |
fix a possible NULL deref.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.16 |
|
19-Jun-2006 |
reyk |
unbreak the code if compiled with IEEE80211_DEBUG by using the right node attribute.
ok damien@, figured out by claudio@
|
#
1.15 |
|
18-Jun-2006 |
damien |
Improve 802.11b/g interoperability and move toward better compliance with IEEE Std 802.11g-2003 standard:
- add ERP Information Element in probe responses and beacons - keep track of the number of associated non-ERP STAs and non-short slot time capable STAs in the BSS - enable use of RTS/CTS or CTS-to-self protection when required by the BSS - add a ic_updateslot() callback to notify drivers of slot time changes - cleanup computation of mgmt frames sizes in ieee80211_output.c - nuke unnecessary <sys/cdefs.h> includes - remove an unused macro (LOGICALLY_EQUAL) while i'm here
From {free,net}bsd, with additional fixes.
ok brad@, reyk@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.14 |
|
19-Feb-2006 |
damien |
Fix a comment in ieee80211_next_scan().
|
#
1.13 |
|
09-Oct-2005 |
reyk |
if the wireless hostap interface belongs to a bridge, learn the node's address dynamically on this interface after successful association. this could speed wireless roaming to openbsd accesspoints.
ok jason@, jsg@ can't see anything obectionable
|
#
1.12 |
|
07-Oct-2005 |
reyk |
minor knf
|
#
1.11 |
|
13-Sep-2005 |
reyk |
replace the node hash table with a red-black tree. this fixes some bugs in the node table (like duplicate nodes in hostap mode), we get rid of possible hash collisions, and it simplifies the code.
tested by many, ok damien@, jsg@
|
#
1.10 |
|
08-Sep-2005 |
reyk |
mostly knf
ok jsg@
|
#
1.9 |
|
08-Sep-2005 |
jsg |
Remove the last of the FreeBSD compatiblity goop. ok reyk@
|
#
1.8 |
|
08-Sep-2005 |
jsg |
Remove FreeBSD if_printf compat function from net80211. ok reyk@
|
#
1.7 |
|
08-Sep-2005 |
reyk |
reset the scan state for each new mode
ok jsg@
|
#
1.6 |
|
07-Sep-2005 |
jsg |
Remove FreeBSD/NetBSD ifdef mess. We are not likely to be doing a wholesale merge with them in future. very enthusiastic ok from reyk@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.5 |
|
25-May-2005 |
reyk |
add ifconfig -M option to replace wicontrol -L and -l for ap scanning and node listing. wicontrol is not supported by net80211 drivers anymore. further improvements will be done.
ok dlg@, jsg@
|
#
1.4 |
|
21-Apr-2005 |
reyk |
scan the next mode if nothing has been found. this is necessary if the device supports different incompatible modes in the same channel range, like like 11b and "pure" 11G mode.
ok dlg@ pvalchev@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.3 |
|
17-Feb-2005 |
reyk |
derived from NetBSD:
--- Make the node table into an LRU cache: least-recently used nodes are at the end of the node queue. Change the reference-counting discipline: ni->ni_refcnt indicates how many times net80211 has granted ni to the driver. Every node in the table with ni_refcnt=0 is eligible to be garbage-collected. The mere presence of a node in the table does not any longer indicate its auth/assoc state; nodes have a ni_state variable, now.
While I am here, patch ieee80211_find_node_for_beacon to do a "best match" by bssid/ssid/channel, not a "perfect match." This keeps net80211 from caching duplicate nodes in the table. ---
ok deraadt@ dlg@, looks good jsg@
|
#
1.2 |
|
02-Nov-2004 |
millert |
Don't call memset() if MALLOC returns NULL; also fix the rcs ID. From Patrick Latifi; OK reyk@
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.1 |
|
22-Jun-2004 |
millert |
Import current NetBSD/FreeBSD 802.11 framework. Based in part on a diff from Matthew Gream.
|