|
|
@@ -46,7 +46,7 @@
|
|
|
#include "version.h"
|
|
|
#include "l2_packet/l2_packet.h"
|
|
|
#include "wps_hostapd.h"
|
|
|
-#include "mlme.h"
|
|
|
+#include "tkip_countermeasures.h"
|
|
|
|
|
|
|
|
|
static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
|
|
|
@@ -168,76 +168,6 @@ static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module,
|
|
|
}
|
|
|
|
|
|
|
|
|
-static void ieee80211_tkip_countermeasures_stop(void *eloop_ctx,
|
|
|
- void *timeout_ctx)
|
|
|
-{
|
|
|
- struct hostapd_data *hapd = eloop_ctx;
|
|
|
- hapd->tkip_countermeasures = 0;
|
|
|
- hostapd_set_countermeasures(hapd, 0);
|
|
|
- hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
|
|
|
- HOSTAPD_LEVEL_INFO, "TKIP countermeasures ended");
|
|
|
-}
|
|
|
-
|
|
|
-
|
|
|
-static void ieee80211_tkip_countermeasures_start(struct hostapd_data *hapd)
|
|
|
-{
|
|
|
- struct sta_info *sta;
|
|
|
-
|
|
|
- hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
|
|
|
- HOSTAPD_LEVEL_INFO, "TKIP countermeasures initiated");
|
|
|
-
|
|
|
- wpa_auth_countermeasures_start(hapd->wpa_auth);
|
|
|
- hapd->tkip_countermeasures = 1;
|
|
|
- hostapd_set_countermeasures(hapd, 1);
|
|
|
- wpa_gtk_rekey(hapd->wpa_auth);
|
|
|
- eloop_cancel_timeout(ieee80211_tkip_countermeasures_stop, hapd, NULL);
|
|
|
- eloop_register_timeout(60, 0, ieee80211_tkip_countermeasures_stop,
|
|
|
- hapd, NULL);
|
|
|
- for (sta = hapd->sta_list; sta != NULL; sta = sta->next) {
|
|
|
- hostapd_sta_deauth(hapd, sta->addr,
|
|
|
- WLAN_REASON_MICHAEL_MIC_FAILURE);
|
|
|
- sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC |
|
|
|
- WLAN_STA_AUTHORIZED);
|
|
|
- hostapd_sta_remove(hapd, sta->addr);
|
|
|
- }
|
|
|
-}
|
|
|
-
|
|
|
-
|
|
|
-static void ieee80211_michael_mic_failure(struct hostapd_data *hapd,
|
|
|
- const u8 *addr, int local)
|
|
|
-{
|
|
|
- time_t now;
|
|
|
-
|
|
|
- if (addr && local) {
|
|
|
- struct sta_info *sta = ap_get_sta(hapd, addr);
|
|
|
- if (sta != NULL) {
|
|
|
- wpa_auth_sta_local_mic_failure_report(sta->wpa_sm);
|
|
|
- hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
|
|
|
- HOSTAPD_LEVEL_INFO,
|
|
|
- "Michael MIC failure detected in "
|
|
|
- "received frame");
|
|
|
- mlme_michaelmicfailure_indication(hapd, addr);
|
|
|
- } else {
|
|
|
- wpa_printf(MSG_DEBUG,
|
|
|
- "MLME-MICHAELMICFAILURE.indication "
|
|
|
- "for not associated STA (" MACSTR
|
|
|
- ") ignored", MAC2STR(addr));
|
|
|
- return;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- time(&now);
|
|
|
- if (now > hapd->michael_mic_failure + 60) {
|
|
|
- hapd->michael_mic_failures = 1;
|
|
|
- } else {
|
|
|
- hapd->michael_mic_failures++;
|
|
|
- if (hapd->michael_mic_failures > 1)
|
|
|
- ieee80211_tkip_countermeasures_start(hapd);
|
|
|
- }
|
|
|
- hapd->michael_mic_failure = now;
|
|
|
-}
|
|
|
-
|
|
|
-
|
|
|
/**
|
|
|
* hostapd_prune_associations - Remove extraneous associations
|
|
|
* @hapd: Pointer to BSS data for the most recent association
|
|
|
@@ -467,7 +397,7 @@ void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, u8 *buf, size_t len,
|
|
|
|
|
|
void hostapd_michael_mic_failure(struct hostapd_data *hapd, const u8 *addr)
|
|
|
{
|
|
|
- ieee80211_michael_mic_failure(hapd, addr, 1);
|
|
|
+ michael_mic_failure(hapd, addr, 1);
|
|
|
}
|
|
|
|
|
|
|
|
|
@@ -1027,7 +957,7 @@ static void hostapd_wpa_auth_disconnect(void *ctx, const u8 *addr,
|
|
|
static void hostapd_wpa_auth_mic_failure_report(void *ctx, const u8 *addr)
|
|
|
{
|
|
|
struct hostapd_data *hapd = ctx;
|
|
|
- ieee80211_michael_mic_failure(hapd, addr, 0);
|
|
|
+ michael_mic_failure(hapd, addr, 0);
|
|
|
}
|
|
|
|
|
|
|
Jouni Malinen