Accueil Explorer Aide
S'inscrire Connexion
wareck
/
krackattacks
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: 4c355e3ed1
Branches Tags
krackattacks
/
src
/
ap
/
tkip_countermeasures.c

tkip_countermeasures.c 2.8 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 
  1. /*
    2. 

  2.  * hostapd / TKIP countermeasures
    3. 

  3.  * Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
    4. 

  4.  *
    5. 

  5.  * This software may be distributed under the terms of the BSD license.
    6. 

  6.  * See README for more details.
    7. 

  7.  */
    8. 

  8. 

  9. #include "utils/includes.h"
    10. 

  10. 

  11. #include "utils/common.h"
    12. 

  12. #include "utils/eloop.h"
    13. 

  13. #include "common/ieee802_11_defs.h"
    14. 

  14. #include "radius/radius.h"
    15. 

  15. #include "hostapd.h"
    16. 

  16. #include "sta_info.h"
    17. 

  17. #include "ap_mlme.h"
    18. 

  18. #include "wpa_auth.h"
    19. 

  19. #include "ap_drv_ops.h"
    20. 

  20. #include "tkip_countermeasures.h"
    21. 

  21. 

  22. 

  23. static void ieee80211_tkip_countermeasures_stop(void *eloop_ctx,
    24. 

  24. 						void *timeout_ctx)
    25. 

  25. {
    26. 

  26. 	struct hostapd_data *hapd = eloop_ctx;
    27. 

  27. 	hapd->tkip_countermeasures = 0;
    28. 

  28. 	hostapd_drv_set_countermeasures(hapd, 0);
    29. 

  29. 	hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
    30. 

  30. 		       HOSTAPD_LEVEL_INFO, "TKIP countermeasures ended");
    31. 

  31. }
    32. 

  32. 

  33. 

  34. static void ieee80211_tkip_countermeasures_start(struct hostapd_data *hapd)
    35. 

  35. {
    36. 

  36. 	struct sta_info *sta;
    37. 

  37. 

  38. 	hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
    39. 

  39. 		       HOSTAPD_LEVEL_INFO, "TKIP countermeasures initiated");
    40. 

  40. 

  41. 	wpa_auth_countermeasures_start(hapd->wpa_auth);
    42. 

  42. 	hapd->tkip_countermeasures = 1;
    43. 

  43. 	hostapd_drv_set_countermeasures(hapd, 1);
    44. 

  44. 	wpa_gtk_rekey(hapd->wpa_auth);
    45. 

  45. 	eloop_cancel_timeout(ieee80211_tkip_countermeasures_stop, hapd, NULL);
    46. 

  46. 	eloop_register_timeout(60, 0, ieee80211_tkip_countermeasures_stop,
    47. 

  47. 			       hapd, NULL);
    48. 

  48. 	while ((sta = hapd->sta_list)) {
    49. 

  49. 		sta->acct_terminate_cause =
    50. 

  50. 			RADIUS_ACCT_TERMINATE_CAUSE_ADMIN_RESET;
    51. 

  51. 		if (sta->flags & WLAN_STA_AUTH) {
    52. 

  52. 			mlme_deauthenticate_indication(
    53. 

  53. 				hapd, sta,
    54. 

  54. 				WLAN_REASON_MICHAEL_MIC_FAILURE);
    55. 

  55. 		}
    56. 

  56. 		hostapd_drv_sta_deauth(hapd, sta->addr,
    57. 

  57. 				       WLAN_REASON_MICHAEL_MIC_FAILURE);
    58. 

  58. 		ap_free_sta(hapd, sta);
    59. 

  59. 	}
    60. 

  60. }
    61. 

  61. 

  62. 

  63. void ieee80211_tkip_countermeasures_deinit(struct hostapd_data *hapd)
    64. 

  64. {
    65. 

  65. 	eloop_cancel_timeout(ieee80211_tkip_countermeasures_stop, hapd, NULL);
    66. 

  66. }
    67. 

  67. 

  68. 

  69. int michael_mic_failure(struct hostapd_data *hapd, const u8 *addr, int local)
    70. 

  70. {
    71. 

  71. 	struct os_reltime now;
    72. 

  72. 	int ret = 0;
    73. 

  73. 

  74. 	if (addr && local) {
    75. 

  75. 		struct sta_info *sta = ap_get_sta(hapd, addr);
    76. 

  76. 		if (sta != NULL) {
    77. 

  77. 			wpa_auth_sta_local_mic_failure_report(sta->wpa_sm);
    78. 

  78. 			hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
    79. 

  79. 				       HOSTAPD_LEVEL_INFO,
    80. 

  80. 				       "Michael MIC failure detected in "
    81. 

  81. 				       "received frame");
    82. 

  82. 			mlme_michaelmicfailure_indication(hapd, addr);
    83. 

  83. 		} else {
    84. 

  84. 			wpa_printf(MSG_DEBUG,
    85. 

  85. 				   "MLME-MICHAELMICFAILURE.indication "
    86. 

  86. 				   "for not associated STA (" MACSTR
    87. 

  87. 				   ") ignored", MAC2STR(addr));
    88. 

  88. 			return ret;
    89. 

  89. 		}
    90. 

  90. 	}
    91. 

  91. 

  92. 	os_get_reltime(&now);
    93. 

  93. 	if (os_reltime_expired(&now, &hapd->michael_mic_failure, 60)) {
    94. 

  94. 		hapd->michael_mic_failures = 1;
    95. 

  95. 	} else {
    96. 

  96. 		hapd->michael_mic_failures++;
    97. 

  97. 		if (hapd->michael_mic_failures > 1) {
    98. 

  98. 			ieee80211_tkip_countermeasures_start(hapd);
    99. 

  99. 			ret = 1;
    100. 

  100. 		}
    101. 

  101. 	}
    102. 

  102. 	hapd->michael_mic_failure = now;
    103. 

  103. 

  104. 	return ret;
    105. 

  105. }
    106.