From: Jouni Malinen <jkmaline@cc.hut.fi>
To: Jeff Garzik <jgarzik@pobox.com>
Cc: netdev@oss.sgi.com
Subject: [PATCH wireless-2.6 8/12] Host AP: Do not bridge packets to unauthorized ports
Date: Sun, 7 Nov 2004 23:14:59 -0800 [thread overview]
Message-ID: <20041108071459.GI1076@jm.kir.nu> (raw)
In-Reply-To: <20041108070156.GA1076@jm.kir.nu>
Fix inner-BSS bridge (ap_bridge_packets=1) not to bridge packets to
unauthorized ports when IEEE 802.1X/WPA is used (i.e., require that
the STA completes authentication before capturing packets in the inner
bridge); previously, only association status was used and an attacker
could have capture packets to any MAC address even without having
proper credentials for using the network (although, the packets were
dropped because the controlled port for the STA was unauthorized).
Signed-off-by: Jouni Malinen <jkmaline@cc.hut.fi>
diff -Nru a/drivers/net/wireless/hostap/hostap_80211_rx.c b/drivers/net/wireless/hostap/hostap_80211_rx.c
--- a/drivers/net/wireless/hostap/hostap_80211_rx.c 2004-11-07 22:38:51 -08:00
+++ b/drivers/net/wireless/hostap/hostap_80211_rx.c 2004-11-07 22:38:51 -08:00
@@ -1035,7 +1035,7 @@
if (skb2 == NULL)
printk(KERN_DEBUG "%s: skb_clone failed for "
"multicast frame\n", dev->name);
- } else if (hostap_is_sta_assoc(local->ap, dst)) {
+ } else if (hostap_is_sta_authorized(local->ap, dst)) {
/* send frame directly to the associated STA using
* wireless media and not passing to higher layers */
local->ap->bridged_unicast++;
diff -Nru a/drivers/net/wireless/hostap/hostap_ap.c b/drivers/net/wireless/hostap/hostap_ap.c
--- a/drivers/net/wireless/hostap/hostap_ap.c 2004-11-07 22:38:51 -08:00
+++ b/drivers/net/wireless/hostap/hostap_ap.c 2004-11-07 22:38:51 -08:00
@@ -3061,6 +3061,24 @@
/* Called only as a tasklet (software IRQ) */
+int hostap_is_sta_authorized(struct ap_data *ap, u8 *sta_addr)
+{
+ struct sta_info *sta;
+ int ret = 0;
+
+ spin_lock(&ap->sta_table_lock);
+ sta = ap_get_sta(ap, sta_addr);
+ if (sta != NULL && (sta->flags & WLAN_STA_ASSOC) && !sta->ap &&
+ ((sta->flags & WLAN_STA_AUTHORIZED) ||
+ ap->local->ieee_802_1x == 0))
+ ret = 1;
+ spin_unlock(&ap->sta_table_lock);
+
+ return ret;
+}
+
+
+/* Called only as a tasklet (software IRQ) */
int hostap_add_sta(struct ap_data *ap, u8 *sta_addr)
{
struct sta_info *sta;
@@ -3219,6 +3237,7 @@
EXPORT_SYMBOL(hostap_update_sta_ps);
EXPORT_SYMBOL(hostap_handle_sta_rx);
EXPORT_SYMBOL(hostap_is_sta_assoc);
+EXPORT_SYMBOL(hostap_is_sta_authorized);
EXPORT_SYMBOL(hostap_add_sta);
EXPORT_SYMBOL(hostap_update_rates);
EXPORT_SYMBOL(hostap_add_wds_links);
diff -Nru a/drivers/net/wireless/hostap/hostap_ap.h b/drivers/net/wireless/hostap/hostap_ap.h
--- a/drivers/net/wireless/hostap/hostap_ap.h 2004-11-07 22:38:51 -08:00
+++ b/drivers/net/wireless/hostap/hostap_ap.h 2004-11-07 22:38:51 -08:00
@@ -255,6 +255,7 @@
struct hostap_ieee80211_hdr *hdr,
struct prism2_crypt_data **crypt, void **sta_ptr);
int hostap_is_sta_assoc(struct ap_data *ap, u8 *sta_addr);
+int hostap_is_sta_authorized(struct ap_data *ap, u8 *sta_addr);
int hostap_add_sta(struct ap_data *ap, u8 *sta_addr);
int hostap_update_rx_stats(struct ap_data *ap,
struct hostap_ieee80211_hdr *hdr,
--
Jouni Malinen PGP id EFC895FA
next prev parent reply other threads:[~2004-11-08 7:14 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-11-08 7:01 [PATCH wireless-2.6 0/12] Host AP update Jouni Malinen
2004-11-08 7:10 ` [PATCH wireless-2.6 1/12] Host AP: Disable EAPOL TX/RX debug messages Jouni Malinen
2004-11-09 7:40 ` Jeff Garzik
2004-11-08 7:11 ` [PATCH wireless-2.6 2/12] Host AP: Fix interface packet counters Jouni Malinen
2004-11-08 7:12 ` [PATCH wireless-2.6 3/12] Host AP: Ignore (Re)AssocResp messages silently Jouni Malinen
2004-11-08 7:12 ` [PATCH wireless-2.6 4/12] Host AP: Remove ioctl debug messages Jouni Malinen
2004-11-08 7:13 ` [PATCH wireless-2.6 5/12] Host AP: Fix hw address changing for wifi# interface Jouni Malinen
2004-11-08 7:13 ` [PATCH wireless-2.6 6/12] Host AP: Prevent STAs from associating using AP address Jouni Malinen
2004-11-08 7:14 ` [PATCH wireless-2.6 7/12] Host AP: Fix compilation with PRISM2_NO_STATION_MODES defined Jouni Malinen
2004-11-08 7:14 ` Jouni Malinen [this message]
2004-11-08 7:15 ` [PATCH wireless-2.6 9/12] Host AP: Fix card enabling after firmware download Jouni Malinen
2004-11-08 7:16 ` [PATCH wireless-2.6 10/12] Host AP: Use void * instead of unsigned long with {read,write}{b,w} Jouni Malinen
2004-11-09 7:29 ` Jeff Garzik
2004-11-14 5:18 ` [PATCH wireless-2.6 10/16] Host AP: Use void __iomem * " Jouni Malinen
2004-11-14 23:49 ` Jeff Garzik
2004-11-08 7:17 ` [PATCH wireless-2.6 11/12] Host AP: Fix PRISM2_IO_DEBUG Jouni Malinen
2004-11-09 7:29 ` Jeff Garzik
2004-11-14 5:20 ` [PATCH wireless-2.6 11/16] " Jouni Malinen
2004-11-08 7:17 ` [PATCH wireless-2.6 12/12] Host AP: Fix netif_carrier_off() in non-client modes Jouni Malinen
2004-11-09 8:04 ` [PATCH wireless-2.6 0/12] Host AP update Jeff Garzik
2004-11-09 9:09 ` Michael Renzmann
2004-11-09 15:26 ` Jeff Garzik
2004-11-09 21:32 ` Vladimir Kondratiev
2004-11-14 5:15 ` Jouni Malinen
2004-11-14 5:21 ` [PATCH wireless-2.6 12/16] Host AP: Fix netif_carrier_off() in non-client modes Jouni Malinen
2004-11-14 5:22 ` [PATCH wireless-2.6 13/16] Host AP: pci_register_driver() return value changes Jouni Malinen
2004-11-14 5:23 ` [PATCH wireless-2.6 14/16] Host AP: Updated to use Linux wireless extensions v17 Jouni Malinen
2004-11-14 5:24 ` [PATCH wireless-2.6 15/16] Host AP: Replaced direct dev->priv references with netdev_priv(dev) Jouni Malinen
2004-11-14 5:25 ` [PATCH wireless-2.6 16/16] Host AP: Replaced MODULE_PARM with module_param* Jouni Malinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20041108071459.GI1076@jm.kir.nu \
--to=jkmaline@cc.hut.fi \
--cc=jgarzik@pobox.com \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.