2012-06-12 10:40:39

by Eyal Shapira

[permalink] [raw]
Subject: [PATCH] mac80211: handle auth failure returned with unmatching auth algo

Some Netgear APs like WNAP210 have a quirk behavior when
configured for WEP Shared. They send an auth response with algo
SHARED and status code NOT_SUPPORTED_AUTH_ALG (13) when being
sent a request made with auth algo OPEN. Enable such response to
propagate to userspace instead of discarding it so wpa_s can
reattempt to auth with SHARED.

Reported-by: Noam Shaked <[email protected]>
Signed-off-by: Eyal Shapira <[email protected]>
---
net/mac80211/mlme.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index 0f45d02..3ad4366 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -1783,7 +1783,8 @@ ieee80211_rx_mgmt_auth(struct ieee80211_sub_if_data *sdata,
auth_transaction = le16_to_cpu(mgmt->u.auth.auth_transaction);
status_code = le16_to_cpu(mgmt->u.auth.status_code);

- if (auth_alg != ifmgd->auth_data->algorithm ||
+ if ((auth_alg != ifmgd->auth_data->algorithm &&
+ status_code != WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) ||
auth_transaction != ifmgd->auth_data->expected_transaction)
return RX_MGMT_NONE;

--
1.7.4.1



2012-06-12 13:57:22

by Kalle Valo

[permalink] [raw]
Subject: Re: [PATCH] mac80211: handle auth failure returned with unmatching auth algo

Eyal Shapira <[email protected]> writes:

> Some Netgear APs like WNAP210 have a quirk behavior when
> configured for WEP Shared. They send an auth response with algo
> SHARED and status code NOT_SUPPORTED_AUTH_ALG (13) when being
> sent a request made with auth algo OPEN. Enable such response to
> propagate to userspace instead of discarding it so wpa_s can
> reattempt to auth with SHARED.
>
> Reported-by: Noam Shaked <[email protected]>
> Signed-off-by: Eyal Shapira <[email protected]>

[...]

> - if (auth_alg != ifmgd->auth_data->algorithm ||
> + if ((auth_alg != ifmgd->auth_data->algorithm &&
> + status_code != WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) ||

I think a small comment in the code would be nice, like
"WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG is a workaround for Netgear
WNAPxxx".

--
Kalle Valo

2012-06-12 14:50:58

by Eyal Shapira

[permalink] [raw]
Subject: Re: [PATCH] mac80211: handle auth failure returned with unmatching auth algo

On 12 June 2012 17:09, Johannes Berg <[email protected]> wrote:
>
> On Tue, 2012-06-12 at 13:40 +0300, Eyal Shapira wrote:
> > Some Netgear APs like WNAP210 have a quirk behavior when
> > configured for WEP Shared. They send an auth response with algo
> > SHARED and status code NOT_SUPPORTED_AUTH_ALG (13) when being
> > sent a request made with auth algo OPEN. Enable such response to
> > propagate to userspace instead of discarding it so wpa_s can
> > reattempt to auth with SHARED.
>
> Does cfg80211 need to handle this? How does wpa_s even handle it?

wpa_s has the following code in wpa_supplicant/sme.c/sme_event_auth()
to automatically
"escalate" in the auth algorithms it tries (from OPEN to SHARED to LEAP) :

switch (data->auth.auth_type) {
case WLAN_AUTH_OPEN:
wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_SHARED;

wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying SHARED auth");
wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
wpa_s->current_ssid);
return;

case WLAN_AUTH_SHARED_KEY:
wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_LEAP;

wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying LEAP auth");
wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
wpa_s->current_ssid);
return;

I have a patch for that code in wpa_s as well which attempts SHARED in
case we sent OPEN
and got the NOT_SUPPORTED_AUTH_ALG response on SHARED.
I first wanted to see that the kernel patch which allows the response
to go through is accepted.

You're right of course that I also need to take care of cfg80211 when
using its SME.
I'll send an additional patch for that.

>
> johannes
>

2012-06-12 14:52:05

by Eyal Shapira

[permalink] [raw]
Subject: Re: [PATCH] mac80211: handle auth failure returned with unmatching auth algo

On 12 June 2012 16:57, Kalle Valo <[email protected]> wrote:
> Eyal Shapira <[email protected]> writes:
>
>> Some Netgear APs like WNAP210 have a quirk behavior when
>> configured for WEP Shared. They send an auth response with algo
>> SHARED and status code NOT_SUPPORTED_AUTH_ALG (13) when being
>> sent a request made with auth algo OPEN. Enable such response to
>> propagate to userspace instead of discarding it so wpa_s can
>> reattempt to auth with SHARED.
>>
>> Reported-by: Noam Shaked <[email protected]>
>> Signed-off-by: Eyal Shapira <[email protected]>
>
> [...]
>
>> - ? ? if (auth_alg != ifmgd->auth_data->algorithm ||
>> + ? ? if ((auth_alg != ifmgd->auth_data->algorithm &&
>> + ? ? ? ? ?status_code != WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) ||
>
> I think a small comment in the code would be nice, like
> "WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG is a workaround for Netgear
> WNAPxxx".
>
Sure. I'll add that in v2.

> --
> Kalle Valo

2012-06-12 14:09:48

by Johannes Berg

[permalink] [raw]
Subject: Re: [PATCH] mac80211: handle auth failure returned with unmatching auth algo

On Tue, 2012-06-12 at 13:40 +0300, Eyal Shapira wrote:
> Some Netgear APs like WNAP210 have a quirk behavior when
> configured for WEP Shared. They send an auth response with algo
> SHARED and status code NOT_SUPPORTED_AUTH_ALG (13) when being
> sent a request made with auth algo OPEN. Enable such response to
> propagate to userspace instead of discarding it so wpa_s can
> reattempt to auth with SHARED.

Does cfg80211 need to handle this? How does wpa_s even handle it?

johannes