PERFORCE change 46441 for review

[Sam Leffler]

http://perforce.freebsd.org/chv.cgi?CH=46441

Change 46441 by sam at sam_ebb on 2004/02/03 14:12:16

	add some comments about pre-shared key

Affected files ...

.. //depot/projects/netperf+sockets/sys/net80211/ieee80211_input.c#15 edit

Differences ...

==== //depot/projects/netperf+sockets/sys/net80211/ieee80211_input.c#15 (text+ko) ====

@@ -779,6 +779,7 @@
 	}
 }
 
+/* XXX TODO: add statistics */
 static void
 ieee80211_auth_shared(struct ieee80211com *ic, struct ieee80211_frame *wh,
     u_int8_t *frm, u_int8_t *efrm, struct ieee80211_node *ni, int rssi,
@@ -787,17 +788,31 @@
 	u_int8_t *challenge = NULL;
 	int allocbs, i, estatus;
 
+	/*
+	 * NB: this can happen as we allow pre-shared key
+	 * authentication to be enabled w/o wep being turned
+	 * on so that configuration of these can be done
+	 * in any order.  It may be better to enforce the
+	 * ordering in which case this check would just be
+	 * for sanity/consistency.
+	 */
 	if ((ic->ic_flags & IEEE80211_F_WEPON) == 0) {
 		IEEE80211_DPRINTF(ic, IEEE80211_MSG_AUTH,
 			("%s: WEP is off\n", __func__));
 		estatus = IEEE80211_STATUS_ALG;
 		goto bad;
 	}
+	/*
+	 * Pre-shared key authentication is evil; accept
+	 * it only if explicitly configured (it is supported
+	 * mainly for compatibility with clients like OS X).
+	 */
 	if (ic->ic_authmode != IEEE80211_AUTH_AUTO &&
 	    ic->ic_authmode != IEEE80211_AUTH_SHARED) {
 		IEEE80211_DPRINTF(ic, IEEE80211_MSG_AUTH,
 			("%s: operating in %u mode, reject\n",
 			 __func__, ic->ic_authmode));
+		ic->ic_stats.is_rx_bad_auth++;	/* XXX maybe a unique error? */
 		estatus = IEEE80211_STATUS_ALG;
 		goto bad;
 	}