[openfirmware] [commit] r2780 - dev ofw/wifi
repository service
svn at openfirmware.info
Thu Dec 22 03:17:47 CET 2011
Author: wmb
Date: Thu Dec 22 03:17:46 2011
New Revision: 2780
URL: http://tracker.coreboot.org/trac/openfirmware/changeset/2780
Log:
WiFi - Fixed a problem that made WEP authentication not work when the access point is set for WEP open authentication mode instead of WEP shared key mode. Shared key mode used to be the norm, but open is now believed to be somewhat better, eliminating a WEP-key recovery attack on the challenge phase of the shared-mode authentication protocol.
Modified:
dev/libertas.fth
ofw/wifi/eapol.fth
Modified: dev/libertas.fth
==============================================================================
--- dev/libertas.fth Thu Dec 22 03:17:42 2011 (r2779)
+++ dev/libertas.fth Thu Dec 22 03:17:46 2011 (r2780)
@@ -1404,6 +1404,12 @@
#rates +xw \ len
common-rates #rates +x$ \ common supported data rates
+ ktype kt-wep = if
+ h# 11f +xw
+ 2 +xw
+ auth-mode +xw
+ then
+
\ RSN (WPA2)
ktype kt-wpa2 = if
/x \ Save beginning offset
@@ -1443,7 +1449,15 @@
finish-cmd outbuf-wait if false exit then
respbuf >fw-data 2 + le-w@ ?dup if \ This is the IEEE Status Code
- ." Failed to associate: " u. cr
+ dup d# 13 = ktype kt-wep = and if ( status )
+ \ Retry, toggling the WEP authentication between shared (1) and open (0)
+ 1 auth-mode - set-auth-mode ( status )
+ ?set-wep
+ set-mac-control
+ drop ( )
+ else ( status )
+ ." Failed to associate: " u. cr ( )
+ then ( )
false
else
respbuf >fw-data 4 + le-w@ to assoc-id
@@ -1471,7 +1485,7 @@
then ( ch ssid$ target-mac$ )
?set-wep \ Set WEP keys again, if ktype is WEP
set-mac-control
- 2dup authenticate ( ch ssid$ target-mac$ )
+\ 2dup authenticate ( ch ssid$ target-mac$ )
d# 10 0 do ( ch ssid$ target-mac$ )
4 pick 4 pick 4 pick 4 pick 4 pick ( ch ssid$ target-mac$ ch ssid$ target-mac$ )
bss-type bss-type-managed = if (associate) else (join) then ( ch ssid$ target-mac$ ok? )
Modified: ofw/wifi/eapol.fth
==============================================================================
--- ofw/wifi/eapol.fth Thu Dec 22 03:17:42 2011 (r2779)
+++ ofw/wifi/eapol.fth Thu Dec 22 03:17:46 2011 (r2780)
@@ -735,7 +735,11 @@
disable-rsn
disable-wep
endof
- kt-wep of am-shared set-auth-mode
+ kt-wep of am-open set-auth-mode
+ \ Open authentication is best for WEP because it prevents attacks
+ \ on the authentication challenge that can lead to key recovery.
+ \ If open authentication fails, the driver can retry the association
+ \ attempt with shared key mode.
wifi-wep4$ wifi-wep3$ wifi-wep2$ wifi-wep1$ wifi-wep-idx set-wep
disable-rsn
endof
More information about the openfirmware
mailing list