Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-11-29 10:48:22 -05:00
Code Issues Projects Releases Wiki Activity
ecd40fef74
fragattacks/src/ap
History
Masashi Honma ecd40fef74 mesh: Fix mesh SAE auth on low spec devices 
The mesh SAE auth often fails with master branch. By bisect I found
commit eb5fee0bf5 ('SAE: Add side-channel
protection to PWE derivation with ECC') causes this issue. This does not
mean the commit has a bug. This is just a CPU resource issue.

After the commit, sae_derive_pwe_ecc() spends 101(msec) on my PC (Intel
Atom N270 1.6GHz). But dot11RSNASAERetransPeriod is 40(msec). So
auth_sae_retransmit_timer() is always called and it can causes
continuous frame exchanges. Before the commit, it was 23(msec).

On the IEEE 802.11 spec, the default value of dot11RSNASAERetransPeriod
is defined as 40(msec). But it looks short because generally mesh
functionality will be used on low spec devices. Indeed Raspberry Pi B+
(ARM ARM1176JZF-S 700MHz) requires 287(msec) for new
sae_derive_pwe_ecc().

So this patch makes the default to 1000(msec) and makes it configurable.

This issue does not occur on infrastructure SAE because the
dot11RSNASAERetransPeriod is not used on it.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-08-02 21:37:10 +03:00
..
accounting.c Fix spelling of initialize in a comment and an error message 2015-06-10 12:02:46 +03:00
accounting.h Add Acct-Session-Id into Access-Request messages 2012-12-18 18:13:31 +02:00
acs.c ACS: Scan only channels specified in the channel list 2015-05-24 10:38:27 +03:00
acs.h Move declaration of hostapd_acs_completed() into correct header file 2013-12-31 19:34:43 +02:00
ap_config.c hostapd: check validity of cwMin/cwMax values 2015-05-07 20:57:32 +03:00
ap_config.h FST: hostapd configuration parameters 2015-07-16 18:26:15 +03:00
ap_drv_ops.c Fix generating offloaded ACS channel list when hw_mode is set to any 2015-07-28 23:22:24 +03:00
ap_drv_ops.h atheros: Clear WPS appie during deinit 2015-03-24 15:05:43 +02:00
ap_list.c Move ap_list_timer() to use common AP periodic cleanup mechanism 2015-07-20 13:42:35 +03:00
ap_list.h Move ap_list_timer() to use common AP periodic cleanup mechanism 2015-07-20 13:42:35 +03:00
ap_mlme.c Remove unused STA entry information 2014-03-15 09:57:10 +02:00
ap_mlme.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
authsrv.c Improve error messages related to EAP DB 2015-03-28 13:16:26 +02:00
authsrv.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
beacon.c FST: Add FST IEs into AP mode management frames 2015-07-16 18:26:15 +03:00
beacon.h Remove obsolete license notifications 2013-12-24 22:59:52 +02:00
bss_load.c AP: Add support for BSS load element (STA Count, Channel Utilization) 2014-10-21 23:25:48 +03:00
bss_load.h AP: Add support for BSS load element (STA Count, Channel Utilization) 2014-10-21 23:25:48 +03:00
ctrl_iface_ap.c FST: hostapd control interface 2015-07-16 18:26:15 +03:00
ctrl_iface_ap.h Add STOP_AP control interface command 2015-02-08 13:35:49 +02:00
dfs.c Extend offloaded ACS QCA vendor command to support VHT 2015-03-23 12:18:05 +02:00
dfs.h DFS offload: Add main DFS handler for offloaded case 2015-03-05 17:21:30 +02:00
dhcp_snoop.c dhcp_snoop: Make IPv4 addresses human readable in debug log 2015-01-30 18:55:22 +02:00
dhcp_snoop.h AP: Add support for Proxy ARP, DHCP snooping mechanism 2014-10-28 01:08:29 +02:00
drv_callbacks.c atheros: Enable PMF functionality without CONFIG_IEEE80211R=y 2015-07-24 16:55:16 +03:00
eap_user_db.c Improve error messages related to EAP DB 2015-03-28 13:16:26 +02:00
gas_serv.c Use os_calloc() instead of os_zalloc() 2014-12-08 11:42:07 +02:00
gas_serv.h GAS server: Remove incomplete remote ANQP processing 2014-03-13 21:12:39 +02:00
hostapd.c Move ap_list_timer() to use common AP periodic cleanup mechanism 2015-07-20 13:42:35 +03:00
hostapd.h mesh: Fix mesh SAE auth on low spec devices 2015-08-02 21:37:10 +03:00
hs20.c HS 2.0R2 AP: Add support for deauthentication request 2014-02-26 01:24:24 +02:00
hs20.h HS 2.0R2 AP: Add support for deauthentication request 2014-02-26 01:24:24 +02:00
hw_features.c P2P: Do not allow 40 MHz co-ex PRI/SEC switch to force MCC 2015-06-28 18:14:58 +03:00
hw_features.h hostapd: Fix some compilation errors 2015-03-29 20:51:14 +03:00
iapp.c IAPP: Avoid warnings on unused write 2014-10-11 18:03:38 +03:00
iapp.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
ieee802_1x.c Add build option to remove all internal RC4 uses 2015-08-02 16:52:56 +03:00
ieee802_1x.h Make ieee802_1x_tx_key() static 2015-08-01 15:45:18 +03:00
ieee802_11_auth.c Move hostapd_acl_expire() to use common AP periodic cleanup mechanism 2015-07-20 13:39:22 +03:00
ieee802_11_auth.h Move hostapd_acl_expire() to use common AP periodic cleanup mechanism 2015-07-20 13:39:22 +03:00
ieee802_11_ht.c Simplify HT Capabilities element parsing 2015-04-22 22:05:11 +03:00
ieee802_11_shared.c AP: Add support for Proxy ARP, DHCP snooping mechanism 2014-10-28 01:08:29 +02:00
ieee802_11_vht.c Simplify VHT Capabilities element parsing 2015-04-22 22:05:11 +03:00
ieee802_11.c mesh: Fix mesh SAE auth on low spec devices 2015-08-02 21:37:10 +03:00
ieee802_11.h Simplify VHT Capabilities element parsing 2015-04-22 22:05:11 +03:00
Makefile tests: Add ap-mgmt-fuzzer 2015-04-22 11:44:19 +03:00
ndisc_snoop.c ndisc_snoop: Avoid misaligned read of IPv6 address 2015-07-07 16:25:06 +03:00
ndisc_snoop.h proxyarp: Use C library header files and CONFIG_IPV6 2014-11-25 16:58:21 +02:00
p2p_hostapd.c Use P2P_IE_VENDOR_TYPE more consistently 2014-03-05 23:36:54 +02:00
p2p_hostapd.h Remove the GPL notification from files contributed by Atheros 2012-02-11 19:39:36 +02:00
peerkey_auth.c PeerKey: Clean up EAPOL-Key Key Data processing on AP 2014-11-23 21:03:40 +02:00
pmksa_cache_auth.c Add Suite B 192-bit AKM 2015-01-27 01:43:52 +02:00
pmksa_cache_auth.h RADIUS DAS: Allow PMKSA cache entry to be removed without association 2015-01-16 15:55:39 +02:00
preauth_auth.c Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
preauth_auth.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
sta_info.c FST: Integration into hostapd 2015-07-16 18:26:15 +03:00
sta_info.h FST: Store MB IEs from (Re)Association Request 2015-07-16 18:26:15 +03:00
tkip_countermeasures.c AP: Use monotonic time for MMIC failure/TKIP countermeasures 2013-12-24 07:13:34 +02:00
tkip_countermeasures.h hostapd: Fix a regression in TKIP countermeasures processing 2012-11-18 13:06:03 +02:00
utils.c FST: Do not prune STAs belonging to the same FST 2015-07-16 18:26:15 +03:00
vlan_init.c Fix removal of tagged interface and bridge when multiple BSS share them 2015-06-14 13:33:07 +03:00
vlan_init.h Remove unused leftover from multi-SSID design 2015-04-22 11:17:32 +03:00
vlan_util.c vlan: Print libnl error message on vlan_add / vlan_del 2015-05-07 20:54:26 +03:00
vlan_util.h Add option to use netlink to create and remove VLAN interfaces 2012-08-10 14:09:05 +03:00
wmm.c AP WMM: Fix integer underflow in WMM Action frame parser 2015-05-03 18:26:50 +03:00
wmm.h Remove obsolete license notifications 2013-12-24 22:59:52 +02:00
wnm_ap.c WNM: Fix possible memory leak by free buf 2015-01-20 02:14:19 +02:00
wnm_ap.h Add BSS_TM_REQ command to send BSS Transition Management Request 2014-11-22 16:34:34 +02:00
wpa_auth_ft.c FT: Fix WMM TSPEC validation in driver-based AP MLME case 2015-04-22 11:44:19 +03:00
wpa_auth_glue.c FT: Register RRB l2_packet only if FT-over-DS is enabled 2015-07-17 11:16:15 +03:00
wpa_auth_glue.h Remove the GPL notification from files contributed by Jouni Malinen 2012-02-11 19:39:36 +02:00
wpa_auth_i.h Remove WPA per-VLAN groups when no more stations remain 2015-04-26 16:56:22 +03:00
wpa_auth_ie.c Add Suite B 192-bit AKM 2015-01-27 01:43:52 +02:00
wpa_auth_ie.h HS 2.0R2 AP: Add OSEN implementation 2014-02-26 01:24:24 +02:00
wpa_auth.c Add build option to remove all internal RC4 uses 2015-08-02 16:52:56 +03:00
wpa_auth.h Replace SSID_LEN with SSID_MAX_LEN 2015-04-22 11:44:19 +03:00
wps_hostapd.c WPS: Add support for 60 GHz band 2015-04-28 00:22:16 +03:00
wps_hostapd.h WPS NFC: Add AP mode connection handover report 2014-01-27 21:10:55 +02:00
x_snoop.c AP: Enable multicast snooping on bridge if ProxyARP IPv6 is in use 2015-04-13 14:00:32 +03:00
x_snoop.h AP: Add multicast-to-unicast conversion send for "x_snoop" 2014-11-19 16:25:13 +02:00