mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
13adc57b39
To better support the IBSS/RSN mechanism, wpa_supplicant has to be able to detect a possible peer reboot and in this case it should start a new EAPOL handshake. To perform such reboot detection wpa_supplicant has to perform an Open Authentication by sending an Authentication frame and then replying to it. IF an Authentication frame is received when the key have already been exchanged, wpa_supplicant understands that the peer has rebooted and can reset its state machine. Whenever a new peer is added to the IBSS wpa_supplicant will start the Open Authentication and only after having accomplished it will start the key exchange. If the driver does not support Authentication frame exchange initiated from user space, this step is skipped to maintain previous behavior (just go through EAPOL-Key frame processing). The Open Authentication was partly supported by the Linux kernel but now wpa_supplicant can register for Authentication frames, handle it in userspace and so avoid any possible race condition. Signed-hostap: Nicolas Cavallari <cavallar@lri.fr> Signed-hostap: Antonio Quartulli <antonio@open-mesh.com>
57 lines
1.4 KiB
C
57 lines
1.4 KiB
C
/*
|
|
* wpa_supplicant - IBSS RSN
|
|
* Copyright (c) 2009, Jouni Malinen <j@w1.fi>
|
|
*
|
|
* This software may be distributed under the terms of the BSD license.
|
|
* See README for more details.
|
|
*/
|
|
|
|
#ifndef IBSS_RSN_H
|
|
#define IBSS_RSN_H
|
|
|
|
struct ibss_rsn;
|
|
|
|
/* not authenticated */
|
|
#define IBSS_RSN_AUTH_NOT_AUTHENTICATED 0x00
|
|
/* remote peer sent an EAPOL message */
|
|
#define IBSS_RSN_AUTH_EAPOL_BY_PEER 0x01
|
|
/* we sent an AUTH message with seq 1 */
|
|
#define IBSS_RSN_AUTH_BY_US 0x02
|
|
/* we sent an EAPOL message */
|
|
#define IBSS_RSN_AUTH_EAPOL_BY_US 0x04
|
|
|
|
struct ibss_rsn_peer {
|
|
struct ibss_rsn_peer *next;
|
|
struct ibss_rsn *ibss_rsn;
|
|
|
|
u8 addr[ETH_ALEN];
|
|
|
|
struct wpa_sm *supp;
|
|
enum wpa_states supp_state;
|
|
u8 supp_ie[80];
|
|
size_t supp_ie_len;
|
|
|
|
struct wpa_state_machine *auth;
|
|
int authentication_status;
|
|
};
|
|
|
|
struct ibss_rsn {
|
|
struct wpa_supplicant *wpa_s;
|
|
struct wpa_authenticator *auth_group;
|
|
struct ibss_rsn_peer *peers;
|
|
u8 psk[PMK_LEN];
|
|
};
|
|
|
|
|
|
struct ibss_rsn * ibss_rsn_init(struct wpa_supplicant *wpa_s);
|
|
void ibss_rsn_deinit(struct ibss_rsn *ibss_rsn);
|
|
int ibss_rsn_start(struct ibss_rsn *ibss_rsn, const u8 *addr);
|
|
void ibss_rsn_stop(struct ibss_rsn *ibss_rsn, const u8 *peermac);
|
|
int ibss_rsn_rx_eapol(struct ibss_rsn *ibss_rsn, const u8 *src_addr,
|
|
const u8 *buf, size_t len);
|
|
void ibss_rsn_set_psk(struct ibss_rsn *ibss_rsn, const u8 *psk);
|
|
void ibss_rsn_handle_auth(struct ibss_rsn *ibss_rsn, const u8 *auth_frame,
|
|
size_t len);
|
|
|
|
#endif /* IBSS_RSN_H */
|