PERFORCE change 46223 for review
Sam Leffler
sam at FreeBSD.org
Fri Jan 30 12:10:41 PST 2004
http://perforce.freebsd.org/chv.cgi?CH=46223
Change 46223 by sam at sam_ebb on 2004/01/30 12:09:35
o change pspoll handling to reflect replacement of ni_pwrsave
by ni_flags (with power save flag chosen to be identical to
frame bit to simplify checking on the input path)
o move bpf tap at the 802.11 layer to be after fragment reassembly;
the idea is that radiotap handles "raw frames" at the driver level
and the 802.11-level tap provides reassembled and decrypted frames
(based on discussion with David Young)
o add 802.1x check to reject data frames received prior to port
authentication
Affected files ...
.. //depot/projects/netperf+sockets/sys/net80211/ieee80211_input.c#10 edit
Differences ...
==== //depot/projects/netperf+sockets/sys/net80211/ieee80211_input.c#10 (text+ko) ====
@@ -202,31 +202,33 @@
ni->ni_inact = 0;
}
- if (ic->ic_set_tim != NULL &&
- (wh->i_fc[1] & IEEE80211_FC1_PWR_MGT)
- && ni->ni_pwrsave == 0) {
- /* turn on power save mode */
+ /*
+ * Check for ps-poll state change for the station.
+ * XXX is there a response when pspoll is not supported?
+ */
+ if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
+ ic->ic_set_tim != NULL &&
+ ((wh->i_fc[1] & IEEE80211_FC1_PWR_MGT) ^
+ (ni->ni_flags & IEEE80211_NODE_PWR_MGT))) {
+ /* XXX statistics? */
IEEE80211_DPRINTF(ic, IEEE80211_MSG_POWER,
- ("power save mode on for %s\n",
+ ("power save mode %s for %s\n",
+ (wh->i_fc[1] & IEEE80211_FC1_PWR_MGT ? "on" : "off"),
ether_sprintf(wh->i_addr2)));
- ni->ni_pwrsave = IEEE80211_PS_SLEEP;
- }
- if (ic->ic_set_tim != NULL &&
- (wh->i_fc[1] & IEEE80211_FC1_PWR_MGT) == 0 &&
- ni->ni_pwrsave != 0) {
- /* turn off power save mode, dequeue stored packets */
- ni->ni_pwrsave = 0;
- if (ic->ic_set_tim)
- ic->ic_set_tim(ic, ni->ni_associd, 0);
- IEEE80211_DPRINTF(ic, IEEE80211_MSG_POWER,
- ("power save mode off for %s\n",
- ether_sprintf(wh->i_addr2)));
- while (!_IF_QLEN(&ni->ni_savedq) != 0) {
- struct mbuf *m0;
- IF_DEQUEUE(&ni->ni_savedq, m0);
- /* XXX need different driver interface */
- IF_ENQUEUE(&ic->ic_pwrsaveq, m);
- (*ifp->if_start)(ifp);
+ if ((wh->i_fc[1] & IEEE80211_FC1_PWR_MGT) == 0) {
+ /* turn off power save mode, dequeue stored packets */
+ ni->ni_flags &= ~IEEE80211_NODE_PWR_MGT;
+ (*ic->ic_set_tim)(ic, ni->ni_associd, 0);
+ while (!_IF_QLEN(&ni->ni_savedq) != 0) {
+ struct mbuf *m0;
+ IF_DEQUEUE(&ni->ni_savedq, m0);
+ /* XXX need different driver interface */
+ IF_ENQUEUE(&ic->ic_pwrsaveq, m);
+ (*ifp->if_start)(ifp);
+ }
+ } else {
+ /* turn on power save mode */
+ ni->ni_flags |= IEEE80211_NODE_PWR_MGT;
}
}
@@ -292,11 +294,29 @@
ic->ic_stats.is_rx_notassoc++;
goto err;
}
+ /*
+ * When station is to be authenticated with 802.1x
+ * deny any data frames until authentication has
+ * been completed.
+ */
+ if (ni->ni_authmode == IEEE80211_AUTH_8021X &&
+ (ni->ni_flags & IEEE80211_NODE_AUTH) == 0) {
+ IEEE80211_DPRINTF(ic, IEEE80211_MSG_INPUT,
+ ("%s: data from unauthenticated src %s\n",
+ __func__, ether_sprintf(wh->i_addr2)));
+ ieee80211_unref_node(&ni);
+ ic->ic_stats.is_rx_not1xauth++;
+ /* XXX node statistic */
+ goto err;
+ }
break;
case IEEE80211_M_MONITOR:
break;
}
if (wh->i_fc[1] & IEEE80211_FC1_WEP) {
+ /*
+ * Device didn't handle WEP; do it in software.
+ */
if (ic->ic_flags & IEEE80211_F_WEPON) {
m = ieee80211_wep_crypt(ic, m, 0);
if (m == NULL) {
@@ -309,16 +329,19 @@
goto out;
}
}
- /* copy to listener after decrypt */
- if (ic->ic_rawbpf)
- bpf_mtap(ic->ic_rawbpf, m);
- /* XXX tap before or after defrag? */
m = ieee80211_defrag(ic, ni, m);
if (m == NULL) {
/* XXX statistic */
/* Fragment dropped or frame not complete yet */
goto out;
}
+ /*
+ * Copy to listener after decrypt and defrag.
+ * If someone wants fragments they can tap at
+ * the driver level.
+ */
+ if (ic->ic_rawbpf)
+ bpf_mtap(ic->ic_rawbpf, m);
m = ieee80211_decap(ic, m);
if (m == NULL) {
IEEE80211_DPRINTF(ic, IEEE80211_MSG_INPUT,
More information about the p4-projects
mailing list