]>
Commit | Line | Data |
---|---|---|
6fc6879b JM |
1 | /* |
2 | * WPA Supplicant - Client mode MLME | |
3 | * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> | |
4 | * Copyright (c) 2004, Instant802 Networks, Inc. | |
5 | * Copyright (c) 2005-2006, Devicescape Software, Inc. | |
6 | * | |
7 | * This program is free software; you can redistribute it and/or modify | |
8 | * it under the terms of the GNU General Public License version 2 as | |
9 | * published by the Free Software Foundation. | |
10 | * | |
11 | * Alternatively, this software may be distributed under the terms of BSD | |
12 | * license. | |
13 | * | |
14 | * See README and COPYING for more details. | |
15 | */ | |
16 | ||
17 | #include "includes.h" | |
18 | ||
19 | #include "common.h" | |
20 | #include "eloop.h" | |
21 | #include "config_ssid.h" | |
22 | #include "wpa_supplicant_i.h" | |
8bac466b | 23 | #include "notify.h" |
2d5b792d | 24 | #include "driver_i.h" |
6fc6879b | 25 | #include "wpa.h" |
6fc6879b | 26 | #include "ieee802_11_defs.h" |
1add3c33 | 27 | #include "ieee802_11_common.h" |
6fc6879b JM |
28 | #include "mlme.h" |
29 | ||
30 | ||
31 | /* Timeouts and intervals in milliseconds */ | |
32 | #define IEEE80211_AUTH_TIMEOUT (200) | |
33 | #define IEEE80211_AUTH_MAX_TRIES 3 | |
34 | #define IEEE80211_ASSOC_TIMEOUT (200) | |
35 | #define IEEE80211_ASSOC_MAX_TRIES 3 | |
36 | #define IEEE80211_MONITORING_INTERVAL (2000) | |
37 | #define IEEE80211_PROBE_INTERVAL (60000) | |
38 | #define IEEE80211_RETRY_AUTH_INTERVAL (1000) | |
39 | #define IEEE80211_SCAN_INTERVAL (2000) | |
40 | #define IEEE80211_SCAN_INTERVAL_SLOW (15000) | |
41 | #define IEEE80211_IBSS_JOIN_TIMEOUT (20000) | |
42 | ||
43 | #define IEEE80211_PROBE_DELAY (33) | |
44 | #define IEEE80211_CHANNEL_TIME (33) | |
45 | #define IEEE80211_PASSIVE_CHANNEL_TIME (200) | |
46 | #define IEEE80211_SCAN_RESULT_EXPIRE (10000) | |
47 | #define IEEE80211_IBSS_MERGE_INTERVAL (30000) | |
48 | #define IEEE80211_IBSS_INACTIVITY_LIMIT (60000) | |
49 | ||
50 | #define IEEE80211_IBSS_MAX_STA_ENTRIES 128 | |
51 | ||
52 | ||
53 | #define IEEE80211_FC(type, stype) host_to_le16((type << 2) | (stype << 4)) | |
54 | ||
55 | ||
56 | struct ieee80211_sta_bss { | |
57 | struct ieee80211_sta_bss *next; | |
58 | struct ieee80211_sta_bss *hnext; | |
59 | ||
60 | u8 bssid[ETH_ALEN]; | |
61 | u8 ssid[MAX_SSID_LEN]; | |
62 | size_t ssid_len; | |
63 | u16 capability; /* host byte order */ | |
64 | int hw_mode; | |
65 | int channel; | |
66 | int freq; | |
67 | int rssi; | |
68 | u8 *ie; | |
69 | size_t ie_len; | |
70 | u8 *wpa_ie; | |
71 | size_t wpa_ie_len; | |
72 | u8 *rsn_ie; | |
73 | size_t rsn_ie_len; | |
74 | u8 *wmm_ie; | |
75 | size_t wmm_ie_len; | |
76 | u8 *mdie; | |
77 | size_t mdie_len; | |
78 | #define IEEE80211_MAX_SUPP_RATES 32 | |
79 | u8 supp_rates[IEEE80211_MAX_SUPP_RATES]; | |
80 | size_t supp_rates_len; | |
81 | int beacon_int; | |
82 | u64 timestamp; | |
83 | ||
84 | int probe_resp; | |
85 | struct os_time last_update; | |
86 | }; | |
87 | ||
88 | ||
89 | static void ieee80211_send_probe_req(struct wpa_supplicant *wpa_s, | |
90 | const u8 *dst, | |
91 | const u8 *ssid, size_t ssid_len); | |
92 | static struct ieee80211_sta_bss * | |
93 | ieee80211_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid); | |
94 | static int ieee80211_sta_find_ibss(struct wpa_supplicant *wpa_s); | |
95 | static int ieee80211_sta_wep_configured(struct wpa_supplicant *wpa_s); | |
96 | static void ieee80211_sta_timer(void *eloop_ctx, void *timeout_ctx); | |
97 | static void ieee80211_sta_scan_timer(void *eloop_ctx, void *timeout_ctx); | |
babfbf15 | 98 | static void ieee80211_build_tspec(struct wpabuf *buf); |
6fc6879b JM |
99 | |
100 | ||
6fc6879b | 101 | static int ieee80211_sta_set_channel(struct wpa_supplicant *wpa_s, |
6caf9ca6 | 102 | hostapd_hw_mode phymode, int chan, |
6fc6879b JM |
103 | int freq) |
104 | { | |
105 | size_t i; | |
6caf9ca6 | 106 | struct hostapd_hw_modes *mode; |
6fc6879b JM |
107 | |
108 | for (i = 0; i < wpa_s->mlme.num_modes; i++) { | |
109 | mode = &wpa_s->mlme.modes[i]; | |
110 | if (mode->mode == phymode) { | |
111 | wpa_s->mlme.curr_rates = mode->rates; | |
112 | wpa_s->mlme.num_curr_rates = mode->num_rates; | |
113 | break; | |
114 | } | |
115 | } | |
116 | ||
117 | return wpa_drv_set_channel(wpa_s, phymode, chan, freq); | |
118 | } | |
119 | ||
120 | ||
6fc6879b JM |
121 | static int ecw2cw(int ecw) |
122 | { | |
123 | int cw = 1; | |
124 | while (ecw > 0) { | |
125 | cw <<= 1; | |
126 | ecw--; | |
127 | } | |
128 | return cw - 1; | |
129 | } | |
6fc6879b JM |
130 | |
131 | ||
132 | static void ieee80211_sta_wmm_params(struct wpa_supplicant *wpa_s, | |
133 | u8 *wmm_param, size_t wmm_param_len) | |
134 | { | |
135 | size_t left; | |
136 | int count; | |
137 | u8 *pos; | |
5c3dd4eb | 138 | u8 wmm_acm; |
6fc6879b JM |
139 | |
140 | if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1) | |
141 | return; | |
142 | count = wmm_param[6] & 0x0f; | |
143 | if (count == wpa_s->mlme.wmm_last_param_set) | |
144 | return; | |
145 | wpa_s->mlme.wmm_last_param_set = count; | |
146 | ||
147 | pos = wmm_param + 8; | |
148 | left = wmm_param_len - 8; | |
149 | ||
6fc6879b JM |
150 | wmm_acm = 0; |
151 | for (; left >= 4; left -= 4, pos += 4) { | |
152 | int aci = (pos[0] >> 5) & 0x03; | |
153 | int acm = (pos[0] >> 4) & 0x01; | |
5c3dd4eb | 154 | int aifs, cw_max, cw_min, burst_time; |
6fc6879b JM |
155 | |
156 | switch (aci) { | |
5c3dd4eb | 157 | case 1: /* AC_BK */ |
6fc6879b | 158 | if (acm) |
5c3dd4eb | 159 | wmm_acm |= BIT(1) | BIT(2); /* BK/- */ |
6fc6879b | 160 | break; |
5c3dd4eb | 161 | case 2: /* AC_VI */ |
6fc6879b | 162 | if (acm) |
5c3dd4eb | 163 | wmm_acm |= BIT(4) | BIT(5); /* CL/VI */ |
6fc6879b | 164 | break; |
5c3dd4eb | 165 | case 3: /* AC_VO */ |
6fc6879b | 166 | if (acm) |
5c3dd4eb | 167 | wmm_acm |= BIT(6) | BIT(7); /* VO/NC */ |
6fc6879b | 168 | break; |
5c3dd4eb | 169 | case 0: /* AC_BE */ |
6fc6879b | 170 | default: |
6fc6879b | 171 | if (acm) |
5c3dd4eb | 172 | wmm_acm |= BIT(0) | BIT(3); /* BE/EE */ |
6fc6879b JM |
173 | break; |
174 | } | |
175 | ||
5c3dd4eb JM |
176 | aifs = pos[0] & 0x0f; |
177 | cw_max = ecw2cw((pos[1] & 0xf0) >> 4); | |
178 | cw_min = ecw2cw(pos[1] & 0x0f); | |
6fc6879b | 179 | /* TXOP is in units of 32 usec; burst_time in 0.1 ms */ |
5c3dd4eb JM |
180 | burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100; |
181 | wpa_printf(MSG_DEBUG, "MLME: WMM aci=%d acm=%d aifs=%d " | |
182 | "cWmin=%d cWmax=%d burst=%d", | |
183 | aci, acm, aifs, cw_min, cw_max, burst_time); | |
184 | /* TODO: driver configuration */ | |
6fc6879b | 185 | } |
6fc6879b JM |
186 | } |
187 | ||
188 | ||
189 | static void ieee80211_set_associated(struct wpa_supplicant *wpa_s, int assoc) | |
190 | { | |
658d1662 | 191 | if (wpa_s->mlme.associated == assoc && !assoc) |
6fc6879b JM |
192 | return; |
193 | ||
194 | wpa_s->mlme.associated = assoc; | |
195 | ||
196 | if (assoc) { | |
197 | union wpa_event_data data; | |
198 | os_memset(&data, 0, sizeof(data)); | |
199 | wpa_s->mlme.prev_bssid_set = 1; | |
200 | os_memcpy(wpa_s->mlme.prev_bssid, wpa_s->bssid, ETH_ALEN); | |
201 | data.assoc_info.req_ies = wpa_s->mlme.assocreq_ies; | |
202 | data.assoc_info.req_ies_len = wpa_s->mlme.assocreq_ies_len; | |
203 | data.assoc_info.resp_ies = wpa_s->mlme.assocresp_ies; | |
204 | data.assoc_info.resp_ies_len = wpa_s->mlme.assocresp_ies_len; | |
205 | wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data); | |
206 | } else { | |
207 | wpa_supplicant_event(wpa_s, EVENT_DISASSOC, NULL); | |
208 | } | |
209 | os_get_time(&wpa_s->mlme.last_probe); | |
210 | } | |
211 | ||
212 | ||
213 | static int ieee80211_sta_tx(struct wpa_supplicant *wpa_s, const u8 *buf, | |
214 | size_t len) | |
215 | { | |
216 | return wpa_drv_send_mlme(wpa_s, buf, len); | |
217 | } | |
218 | ||
219 | ||
220 | static void ieee80211_send_auth(struct wpa_supplicant *wpa_s, | |
221 | int transaction, u8 *extra, size_t extra_len, | |
222 | int encrypt) | |
223 | { | |
224 | u8 *buf; | |
225 | size_t len; | |
226 | struct ieee80211_mgmt *mgmt; | |
227 | ||
228 | buf = os_malloc(sizeof(*mgmt) + 6 + extra_len); | |
229 | if (buf == NULL) { | |
230 | wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for " | |
231 | "auth frame"); | |
232 | return; | |
233 | } | |
234 | ||
235 | mgmt = (struct ieee80211_mgmt *) buf; | |
236 | len = 24 + 6; | |
237 | os_memset(mgmt, 0, 24 + 6); | |
238 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
239 | WLAN_FC_STYPE_AUTH); | |
240 | if (encrypt) | |
241 | mgmt->frame_control |= host_to_le16(WLAN_FC_ISWEP); | |
242 | os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); | |
243 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
244 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
245 | mgmt->u.auth.auth_alg = host_to_le16(wpa_s->mlme.auth_alg); | |
246 | mgmt->u.auth.auth_transaction = host_to_le16(transaction); | |
247 | wpa_s->mlme.auth_transaction = transaction + 1; | |
248 | mgmt->u.auth.status_code = host_to_le16(0); | |
249 | if (extra) { | |
250 | os_memcpy(buf + len, extra, extra_len); | |
251 | len += extra_len; | |
252 | } | |
253 | ||
254 | ieee80211_sta_tx(wpa_s, buf, len); | |
255 | os_free(buf); | |
256 | } | |
257 | ||
258 | ||
259 | static void ieee80211_reschedule_timer(struct wpa_supplicant *wpa_s, int ms) | |
260 | { | |
261 | eloop_cancel_timeout(ieee80211_sta_timer, wpa_s, NULL); | |
262 | eloop_register_timeout(ms / 1000, 1000 * (ms % 1000), | |
263 | ieee80211_sta_timer, wpa_s, NULL); | |
264 | } | |
265 | ||
266 | ||
267 | static void ieee80211_authenticate(struct wpa_supplicant *wpa_s) | |
268 | { | |
269 | u8 *extra; | |
270 | size_t extra_len; | |
271 | ||
272 | wpa_s->mlme.auth_tries++; | |
273 | if (wpa_s->mlme.auth_tries > IEEE80211_AUTH_MAX_TRIES) { | |
274 | wpa_printf(MSG_DEBUG, "MLME: authentication with AP " MACSTR | |
275 | " timed out", MAC2STR(wpa_s->bssid)); | |
276 | return; | |
277 | } | |
278 | ||
279 | wpa_s->mlme.state = IEEE80211_AUTHENTICATE; | |
280 | wpa_printf(MSG_DEBUG, "MLME: authenticate with AP " MACSTR, | |
281 | MAC2STR(wpa_s->bssid)); | |
282 | ||
283 | extra = NULL; | |
284 | extra_len = 0; | |
285 | ||
286 | #ifdef CONFIG_IEEE80211R | |
287 | if ((wpa_s->mlme.key_mgmt == KEY_MGMT_FT_802_1X || | |
288 | wpa_s->mlme.key_mgmt == KEY_MGMT_FT_PSK) && | |
289 | wpa_s->mlme.ft_ies) { | |
290 | struct ieee80211_sta_bss *bss; | |
291 | struct rsn_mdie *mdie = NULL; | |
292 | bss = ieee80211_bss_get(wpa_s, wpa_s->bssid); | |
293 | if (bss && bss->mdie_len >= 2 + sizeof(*mdie)) | |
294 | mdie = (struct rsn_mdie *) (bss->mdie + 2); | |
295 | if (mdie && | |
296 | os_memcmp(mdie->mobility_domain, wpa_s->mlme.current_md, | |
297 | MOBILITY_DOMAIN_ID_LEN) == 0) { | |
298 | wpa_printf(MSG_DEBUG, "MLME: Trying to use FT " | |
299 | "over-the-air"); | |
300 | wpa_s->mlme.auth_alg = WLAN_AUTH_FT; | |
301 | extra = wpa_s->mlme.ft_ies; | |
302 | extra_len = wpa_s->mlme.ft_ies_len; | |
303 | } | |
304 | } | |
305 | #endif /* CONFIG_IEEE80211R */ | |
306 | ||
307 | ieee80211_send_auth(wpa_s, 1, extra, extra_len, 0); | |
308 | ||
309 | ieee80211_reschedule_timer(wpa_s, IEEE80211_AUTH_TIMEOUT); | |
310 | } | |
311 | ||
312 | ||
313 | static void ieee80211_send_assoc(struct wpa_supplicant *wpa_s) | |
314 | { | |
315 | struct ieee80211_mgmt *mgmt; | |
316 | u8 *pos, *ies, *buf; | |
317 | int i, len; | |
318 | u16 capab; | |
319 | struct ieee80211_sta_bss *bss; | |
320 | int wmm = 0; | |
321 | size_t blen, buflen; | |
322 | ||
323 | if (wpa_s->mlme.curr_rates == NULL) { | |
324 | wpa_printf(MSG_DEBUG, "MLME: curr_rates not set for assoc"); | |
325 | return; | |
326 | } | |
327 | ||
328 | buflen = sizeof(*mgmt) + 200 + wpa_s->mlme.extra_ie_len + | |
329 | wpa_s->mlme.ssid_len; | |
330 | #ifdef CONFIG_IEEE80211R | |
331 | if (wpa_s->mlme.ft_ies) | |
332 | buflen += wpa_s->mlme.ft_ies_len; | |
333 | #endif /* CONFIG_IEEE80211R */ | |
334 | buf = os_malloc(buflen); | |
335 | if (buf == NULL) { | |
336 | wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for " | |
337 | "assoc frame"); | |
338 | return; | |
339 | } | |
340 | blen = 0; | |
341 | ||
342 | capab = wpa_s->mlme.capab; | |
6caf9ca6 | 343 | if (wpa_s->mlme.phymode == HOSTAPD_MODE_IEEE80211G) { |
6fc6879b JM |
344 | capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME | |
345 | WLAN_CAPABILITY_SHORT_PREAMBLE; | |
346 | } | |
347 | bss = ieee80211_bss_get(wpa_s, wpa_s->bssid); | |
348 | if (bss) { | |
349 | if (bss->capability & WLAN_CAPABILITY_PRIVACY) | |
350 | capab |= WLAN_CAPABILITY_PRIVACY; | |
351 | if (bss->wmm_ie) { | |
352 | wmm = 1; | |
353 | } | |
354 | } | |
355 | ||
356 | mgmt = (struct ieee80211_mgmt *) buf; | |
357 | blen += 24; | |
358 | os_memset(mgmt, 0, 24); | |
359 | os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); | |
360 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
361 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
362 | ||
363 | if (wpa_s->mlme.prev_bssid_set) { | |
364 | blen += 10; | |
365 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
366 | WLAN_FC_STYPE_REASSOC_REQ); | |
367 | mgmt->u.reassoc_req.capab_info = host_to_le16(capab); | |
368 | mgmt->u.reassoc_req.listen_interval = host_to_le16(1); | |
369 | os_memcpy(mgmt->u.reassoc_req.current_ap, | |
370 | wpa_s->mlme.prev_bssid, | |
371 | ETH_ALEN); | |
372 | } else { | |
373 | blen += 4; | |
374 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
375 | WLAN_FC_STYPE_ASSOC_REQ); | |
376 | mgmt->u.assoc_req.capab_info = host_to_le16(capab); | |
377 | mgmt->u.assoc_req.listen_interval = host_to_le16(1); | |
378 | } | |
379 | ||
380 | /* SSID */ | |
381 | ies = pos = buf + blen; | |
382 | blen += 2 + wpa_s->mlme.ssid_len; | |
383 | *pos++ = WLAN_EID_SSID; | |
384 | *pos++ = wpa_s->mlme.ssid_len; | |
385 | os_memcpy(pos, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len); | |
386 | ||
387 | len = wpa_s->mlme.num_curr_rates; | |
388 | if (len > 8) | |
389 | len = 8; | |
390 | pos = buf + blen; | |
391 | blen += len + 2; | |
392 | *pos++ = WLAN_EID_SUPP_RATES; | |
393 | *pos++ = len; | |
394 | for (i = 0; i < len; i++) { | |
395 | int rate = wpa_s->mlme.curr_rates[i].rate; | |
396 | *pos++ = (u8) (rate / 5); | |
397 | } | |
398 | ||
399 | if (wpa_s->mlme.num_curr_rates > len) { | |
400 | pos = buf + blen; | |
401 | blen += wpa_s->mlme.num_curr_rates - len + 2; | |
402 | *pos++ = WLAN_EID_EXT_SUPP_RATES; | |
403 | *pos++ = wpa_s->mlme.num_curr_rates - len; | |
404 | for (i = len; i < wpa_s->mlme.num_curr_rates; i++) { | |
405 | int rate = wpa_s->mlme.curr_rates[i].rate; | |
406 | *pos++ = (u8) (rate / 5); | |
407 | } | |
408 | } | |
409 | ||
410 | if (wpa_s->mlme.extra_ie && wpa_s->mlme.auth_alg != WLAN_AUTH_FT) { | |
411 | pos = buf + blen; | |
412 | blen += wpa_s->mlme.extra_ie_len; | |
413 | os_memcpy(pos, wpa_s->mlme.extra_ie, wpa_s->mlme.extra_ie_len); | |
414 | } | |
415 | ||
416 | #ifdef CONFIG_IEEE80211R | |
417 | if ((wpa_s->mlme.key_mgmt == KEY_MGMT_FT_802_1X || | |
418 | wpa_s->mlme.key_mgmt == KEY_MGMT_FT_PSK) && | |
419 | wpa_s->mlme.auth_alg != WLAN_AUTH_FT && | |
420 | bss && bss->mdie && | |
421 | bss->mdie_len >= 2 + sizeof(struct rsn_mdie) && | |
422 | bss->mdie[1] >= sizeof(struct rsn_mdie)) { | |
423 | pos = buf + blen; | |
424 | blen += 2 + sizeof(struct rsn_mdie); | |
425 | *pos++ = WLAN_EID_MOBILITY_DOMAIN; | |
426 | *pos++ = sizeof(struct rsn_mdie); | |
427 | os_memcpy(pos, bss->mdie + 2, MOBILITY_DOMAIN_ID_LEN); | |
428 | pos += MOBILITY_DOMAIN_ID_LEN; | |
429 | *pos++ = 0; /* FIX: copy from the target AP's MDIE */ | |
430 | } | |
431 | ||
432 | if ((wpa_s->mlme.key_mgmt == KEY_MGMT_FT_802_1X || | |
433 | wpa_s->mlme.key_mgmt == KEY_MGMT_FT_PSK) && | |
434 | wpa_s->mlme.auth_alg == WLAN_AUTH_FT && wpa_s->mlme.ft_ies) { | |
435 | pos = buf + blen; | |
436 | os_memcpy(pos, wpa_s->mlme.ft_ies, wpa_s->mlme.ft_ies_len); | |
437 | pos += wpa_s->mlme.ft_ies_len; | |
438 | blen += wpa_s->mlme.ft_ies_len; | |
439 | } | |
440 | #endif /* CONFIG_IEEE80211R */ | |
441 | ||
442 | if (wmm && wpa_s->mlme.wmm_enabled) { | |
443 | pos = buf + blen; | |
444 | blen += 9; | |
445 | *pos++ = WLAN_EID_VENDOR_SPECIFIC; | |
446 | *pos++ = 7; /* len */ | |
447 | *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */ | |
448 | *pos++ = 0x50; | |
449 | *pos++ = 0xf2; | |
77ac4466 JM |
450 | *pos++ = 2; /* WMM */ |
451 | *pos++ = 0; /* WMM info */ | |
452 | *pos++ = 1; /* WMM ver */ | |
6fc6879b JM |
453 | *pos++ = 0; |
454 | } | |
455 | ||
456 | os_free(wpa_s->mlme.assocreq_ies); | |
457 | wpa_s->mlme.assocreq_ies_len = (buf + blen) - ies; | |
458 | wpa_s->mlme.assocreq_ies = os_malloc(wpa_s->mlme.assocreq_ies_len); | |
459 | if (wpa_s->mlme.assocreq_ies) { | |
460 | os_memcpy(wpa_s->mlme.assocreq_ies, ies, | |
461 | wpa_s->mlme.assocreq_ies_len); | |
462 | } | |
463 | ||
464 | ieee80211_sta_tx(wpa_s, buf, blen); | |
465 | os_free(buf); | |
466 | } | |
467 | ||
468 | ||
469 | static void ieee80211_send_deauth(struct wpa_supplicant *wpa_s, u16 reason) | |
470 | { | |
471 | u8 *buf; | |
472 | size_t len; | |
473 | struct ieee80211_mgmt *mgmt; | |
474 | ||
475 | buf = os_zalloc(sizeof(*mgmt)); | |
476 | if (buf == NULL) { | |
477 | wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for " | |
478 | "deauth frame"); | |
479 | return; | |
480 | } | |
481 | ||
482 | mgmt = (struct ieee80211_mgmt *) buf; | |
483 | len = 24; | |
484 | os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); | |
485 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
486 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
487 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
488 | WLAN_FC_STYPE_DEAUTH); | |
489 | len += 2; | |
490 | mgmt->u.deauth.reason_code = host_to_le16(reason); | |
491 | ||
492 | ieee80211_sta_tx(wpa_s, buf, len); | |
493 | os_free(buf); | |
494 | } | |
495 | ||
496 | ||
497 | static void ieee80211_send_disassoc(struct wpa_supplicant *wpa_s, u16 reason) | |
498 | { | |
499 | u8 *buf; | |
500 | size_t len; | |
501 | struct ieee80211_mgmt *mgmt; | |
502 | ||
503 | buf = os_zalloc(sizeof(*mgmt)); | |
504 | if (buf == NULL) { | |
505 | wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for " | |
506 | "disassoc frame"); | |
507 | return; | |
508 | } | |
509 | ||
510 | mgmt = (struct ieee80211_mgmt *) buf; | |
511 | len = 24; | |
512 | os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); | |
513 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
514 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
515 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
516 | WLAN_FC_STYPE_DISASSOC); | |
517 | len += 2; | |
518 | mgmt->u.disassoc.reason_code = host_to_le16(reason); | |
519 | ||
520 | ieee80211_sta_tx(wpa_s, buf, len); | |
521 | os_free(buf); | |
522 | } | |
523 | ||
524 | ||
525 | static int ieee80211_privacy_mismatch(struct wpa_supplicant *wpa_s) | |
526 | { | |
527 | struct ieee80211_sta_bss *bss; | |
528 | int res = 0; | |
529 | ||
530 | if (wpa_s->mlme.mixed_cell || | |
531 | wpa_s->mlme.key_mgmt != KEY_MGMT_NONE) | |
532 | return 0; | |
533 | ||
534 | bss = ieee80211_bss_get(wpa_s, wpa_s->bssid); | |
535 | if (bss == NULL) | |
536 | return 0; | |
537 | ||
538 | if (ieee80211_sta_wep_configured(wpa_s) != | |
539 | !!(bss->capability & WLAN_CAPABILITY_PRIVACY)) | |
540 | res = 1; | |
541 | ||
542 | return res; | |
543 | } | |
544 | ||
545 | ||
546 | static void ieee80211_associate(struct wpa_supplicant *wpa_s) | |
547 | { | |
548 | wpa_s->mlme.assoc_tries++; | |
549 | if (wpa_s->mlme.assoc_tries > IEEE80211_ASSOC_MAX_TRIES) { | |
550 | wpa_printf(MSG_DEBUG, "MLME: association with AP " MACSTR | |
551 | " timed out", MAC2STR(wpa_s->bssid)); | |
552 | return; | |
553 | } | |
554 | ||
555 | wpa_s->mlme.state = IEEE80211_ASSOCIATE; | |
556 | wpa_printf(MSG_DEBUG, "MLME: associate with AP " MACSTR, | |
557 | MAC2STR(wpa_s->bssid)); | |
558 | if (ieee80211_privacy_mismatch(wpa_s)) { | |
559 | wpa_printf(MSG_DEBUG, "MLME: mismatch in privacy " | |
560 | "configuration and mixed-cell disabled - abort " | |
561 | "association"); | |
562 | return; | |
563 | } | |
564 | ||
565 | ieee80211_send_assoc(wpa_s); | |
566 | ||
567 | ieee80211_reschedule_timer(wpa_s, IEEE80211_ASSOC_TIMEOUT); | |
568 | } | |
569 | ||
570 | ||
571 | static void ieee80211_associated(struct wpa_supplicant *wpa_s) | |
572 | { | |
573 | int disassoc; | |
574 | ||
575 | /* TODO: start monitoring current AP signal quality and number of | |
576 | * missed beacons. Scan other channels every now and then and search | |
577 | * for better APs. */ | |
578 | /* TODO: remove expired BSSes */ | |
579 | ||
580 | wpa_s->mlme.state = IEEE80211_ASSOCIATED; | |
581 | ||
582 | #if 0 /* FIX */ | |
583 | sta = sta_info_get(local, wpa_s->bssid); | |
584 | if (sta == NULL) { | |
585 | wpa_printf(MSG_DEBUG "MLME: No STA entry for own AP " MACSTR, | |
586 | MAC2STR(wpa_s->bssid)); | |
587 | disassoc = 1; | |
588 | } else { | |
589 | disassoc = 0; | |
590 | if (time_after(jiffies, | |
591 | sta->last_rx + IEEE80211_MONITORING_INTERVAL)) { | |
592 | if (wpa_s->mlme.probereq_poll) { | |
593 | wpa_printf(MSG_DEBUG "MLME: No ProbeResp from " | |
594 | "current AP " MACSTR " - assume " | |
595 | "out of range", | |
596 | MAC2STR(wpa_s->bssid)); | |
597 | disassoc = 1; | |
598 | } else { | |
599 | ieee80211_send_probe_req( | |
600 | wpa_s->bssid, | |
601 | wpa_s->mlme.scan_ssid, | |
602 | wpa_s->mlme.scan_ssid_len); | |
603 | wpa_s->mlme.probereq_poll = 1; | |
604 | } | |
605 | } else { | |
606 | wpa_s->mlme.probereq_poll = 0; | |
607 | if (time_after(jiffies, wpa_s->mlme.last_probe + | |
608 | IEEE80211_PROBE_INTERVAL)) { | |
609 | wpa_s->mlme.last_probe = jiffies; | |
610 | ieee80211_send_probe_req(wpa_s->bssid, | |
611 | wpa_s->mlme.ssid, | |
612 | wpa_s->mlme.ssid_len); | |
613 | } | |
614 | } | |
615 | sta_info_release(local, sta); | |
616 | } | |
617 | #else | |
618 | disassoc = 0; | |
619 | #endif | |
620 | if (disassoc) { | |
621 | wpa_supplicant_event(wpa_s, EVENT_DISASSOC, NULL); | |
622 | ieee80211_reschedule_timer(wpa_s, | |
623 | IEEE80211_MONITORING_INTERVAL + | |
624 | 30000); | |
625 | } else { | |
626 | ieee80211_reschedule_timer(wpa_s, | |
627 | IEEE80211_MONITORING_INTERVAL); | |
628 | } | |
629 | } | |
630 | ||
631 | ||
632 | static void ieee80211_send_probe_req(struct wpa_supplicant *wpa_s, | |
633 | const u8 *dst, | |
634 | const u8 *ssid, size_t ssid_len) | |
635 | { | |
636 | u8 *buf; | |
637 | size_t len; | |
638 | struct ieee80211_mgmt *mgmt; | |
639 | u8 *pos, *supp_rates; | |
640 | u8 *esupp_rates = NULL; | |
641 | int i; | |
642 | ||
643 | buf = os_malloc(sizeof(*mgmt) + 200 + wpa_s->mlme.extra_probe_ie_len); | |
644 | if (buf == NULL) { | |
645 | wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for " | |
646 | "probe request"); | |
647 | return; | |
648 | } | |
649 | ||
650 | mgmt = (struct ieee80211_mgmt *) buf; | |
651 | len = 24; | |
652 | os_memset(mgmt, 0, 24); | |
653 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
654 | WLAN_FC_STYPE_PROBE_REQ); | |
655 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
656 | if (dst) { | |
657 | os_memcpy(mgmt->da, dst, ETH_ALEN); | |
658 | os_memcpy(mgmt->bssid, dst, ETH_ALEN); | |
659 | } else { | |
660 | os_memset(mgmt->da, 0xff, ETH_ALEN); | |
661 | os_memset(mgmt->bssid, 0xff, ETH_ALEN); | |
662 | } | |
663 | pos = buf + len; | |
664 | len += 2 + ssid_len; | |
665 | *pos++ = WLAN_EID_SSID; | |
666 | *pos++ = ssid_len; | |
667 | os_memcpy(pos, ssid, ssid_len); | |
668 | ||
669 | supp_rates = buf + len; | |
670 | len += 2; | |
671 | supp_rates[0] = WLAN_EID_SUPP_RATES; | |
672 | supp_rates[1] = 0; | |
673 | for (i = 0; i < wpa_s->mlme.num_curr_rates; i++) { | |
6caf9ca6 | 674 | struct hostapd_rate_data *rate = &wpa_s->mlme.curr_rates[i]; |
6fc6879b JM |
675 | if (esupp_rates) { |
676 | pos = buf + len; | |
677 | len++; | |
678 | esupp_rates[1]++; | |
679 | } else if (supp_rates[1] == 8) { | |
680 | esupp_rates = pos; | |
681 | esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES; | |
682 | esupp_rates[1] = 1; | |
683 | pos = &esupp_rates[2]; | |
10153326 | 684 | len += 3; |
6fc6879b JM |
685 | } else { |
686 | pos = buf + len; | |
687 | len++; | |
688 | supp_rates[1]++; | |
689 | } | |
690 | *pos++ = rate->rate / 5; | |
691 | } | |
692 | ||
693 | if (wpa_s->mlme.extra_probe_ie) { | |
694 | os_memcpy(pos, wpa_s->mlme.extra_probe_ie, | |
695 | wpa_s->mlme.extra_probe_ie_len); | |
696 | len += wpa_s->mlme.extra_probe_ie_len; | |
697 | } | |
698 | ||
699 | ieee80211_sta_tx(wpa_s, buf, len); | |
700 | os_free(buf); | |
701 | } | |
702 | ||
703 | ||
704 | static int ieee80211_sta_wep_configured(struct wpa_supplicant *wpa_s) | |
705 | { | |
706 | #if 0 /* FIX */ | |
707 | if (sdata == NULL || sdata->default_key == NULL || | |
708 | sdata->default_key->alg != ALG_WEP) | |
709 | return 0; | |
710 | return 1; | |
711 | #else | |
712 | return 0; | |
713 | #endif | |
714 | } | |
715 | ||
716 | ||
717 | static void ieee80211_auth_completed(struct wpa_supplicant *wpa_s) | |
718 | { | |
719 | wpa_printf(MSG_DEBUG, "MLME: authenticated"); | |
720 | wpa_s->mlme.authenticated = 1; | |
721 | ieee80211_associate(wpa_s); | |
722 | } | |
723 | ||
724 | ||
725 | static void ieee80211_auth_challenge(struct wpa_supplicant *wpa_s, | |
726 | struct ieee80211_mgmt *mgmt, | |
727 | size_t len, | |
728 | struct ieee80211_rx_status *rx_status) | |
729 | { | |
730 | u8 *pos; | |
731 | struct ieee802_11_elems elems; | |
732 | ||
733 | wpa_printf(MSG_DEBUG, "MLME: replying to auth challenge"); | |
734 | pos = mgmt->u.auth.variable; | |
1add3c33 | 735 | if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems, 0) |
6fc6879b JM |
736 | == ParseFailed) { |
737 | wpa_printf(MSG_DEBUG, "MLME: failed to parse Auth(challenge)"); | |
738 | return; | |
739 | } | |
740 | if (elems.challenge == NULL) { | |
741 | wpa_printf(MSG_DEBUG, "MLME: no challenge IE in shared key " | |
742 | "auth frame"); | |
743 | return; | |
744 | } | |
745 | ieee80211_send_auth(wpa_s, 3, elems.challenge - 2, | |
746 | elems.challenge_len + 2, 1); | |
747 | } | |
748 | ||
749 | ||
750 | static void ieee80211_rx_mgmt_auth(struct wpa_supplicant *wpa_s, | |
751 | struct ieee80211_mgmt *mgmt, | |
752 | size_t len, | |
753 | struct ieee80211_rx_status *rx_status) | |
754 | { | |
755 | struct wpa_ssid *ssid = wpa_s->current_ssid; | |
756 | u16 auth_alg, auth_transaction, status_code; | |
757 | int adhoc; | |
758 | ||
759 | adhoc = ssid && ssid->mode == 1; | |
760 | ||
761 | if (wpa_s->mlme.state != IEEE80211_AUTHENTICATE && !adhoc) { | |
762 | wpa_printf(MSG_DEBUG, "MLME: authentication frame received " | |
763 | "from " MACSTR ", but not in authenticate state - " | |
764 | "ignored", MAC2STR(mgmt->sa)); | |
765 | return; | |
766 | } | |
767 | ||
768 | if (len < 24 + 6) { | |
769 | wpa_printf(MSG_DEBUG, "MLME: too short (%lu) authentication " | |
770 | "frame received from " MACSTR " - ignored", | |
771 | (unsigned long) len, MAC2STR(mgmt->sa)); | |
772 | return; | |
773 | } | |
774 | ||
775 | if (!adhoc && os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) { | |
776 | wpa_printf(MSG_DEBUG, "MLME: authentication frame received " | |
777 | "from unknown AP (SA=" MACSTR " BSSID=" MACSTR | |
778 | ") - ignored", | |
779 | MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid)); | |
780 | return; | |
781 | } | |
782 | ||
783 | if (adhoc && os_memcmp(wpa_s->bssid, mgmt->bssid, ETH_ALEN) != 0) { | |
784 | wpa_printf(MSG_DEBUG, "MLME: authentication frame received " | |
785 | "from unknown BSSID (SA=" MACSTR " BSSID=" MACSTR | |
786 | ") - ignored", | |
787 | MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid)); | |
788 | return; | |
789 | } | |
790 | ||
791 | auth_alg = le_to_host16(mgmt->u.auth.auth_alg); | |
792 | auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction); | |
793 | status_code = le_to_host16(mgmt->u.auth.status_code); | |
794 | ||
795 | wpa_printf(MSG_DEBUG, "MLME: RX authentication from " MACSTR | |
796 | " (alg=%d transaction=%d status=%d)", | |
797 | MAC2STR(mgmt->sa), auth_alg, auth_transaction, status_code); | |
798 | ||
799 | if (adhoc) { | |
800 | /* IEEE 802.11 standard does not require authentication in IBSS | |
801 | * networks and most implementations do not seem to use it. | |
802 | * However, try to reply to authentication attempts if someone | |
803 | * has actually implemented this. | |
804 | * TODO: Could implement shared key authentication. */ | |
805 | if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) { | |
806 | wpa_printf(MSG_DEBUG, "MLME: unexpected IBSS " | |
807 | "authentication frame (alg=%d " | |
808 | "transaction=%d)", | |
809 | auth_alg, auth_transaction); | |
810 | return; | |
811 | } | |
812 | ieee80211_send_auth(wpa_s, 2, NULL, 0, 0); | |
813 | } | |
814 | ||
815 | if (auth_alg != wpa_s->mlme.auth_alg || | |
816 | auth_transaction != wpa_s->mlme.auth_transaction) { | |
817 | wpa_printf(MSG_DEBUG, "MLME: unexpected authentication frame " | |
818 | "(alg=%d transaction=%d)", | |
819 | auth_alg, auth_transaction); | |
820 | return; | |
821 | } | |
822 | ||
823 | if (status_code != WLAN_STATUS_SUCCESS) { | |
824 | wpa_printf(MSG_DEBUG, "MLME: AP denied authentication " | |
825 | "(auth_alg=%d code=%d)", wpa_s->mlme.auth_alg, | |
826 | status_code); | |
827 | if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) { | |
828 | const int num_algs = 3; | |
829 | u8 algs[num_algs]; | |
830 | int i, pos; | |
831 | algs[0] = algs[1] = algs[2] = 0xff; | |
832 | if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_OPEN) | |
833 | algs[0] = WLAN_AUTH_OPEN; | |
834 | if (wpa_s->mlme.auth_algs & | |
835 | IEEE80211_AUTH_ALG_SHARED_KEY) | |
836 | algs[1] = WLAN_AUTH_SHARED_KEY; | |
837 | if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_LEAP) | |
838 | algs[2] = WLAN_AUTH_LEAP; | |
839 | if (wpa_s->mlme.auth_alg == WLAN_AUTH_OPEN) | |
840 | pos = 0; | |
841 | else if (wpa_s->mlme.auth_alg == WLAN_AUTH_SHARED_KEY) | |
842 | pos = 1; | |
843 | else | |
844 | pos = 2; | |
845 | for (i = 0; i < num_algs; i++) { | |
846 | pos++; | |
847 | if (pos >= num_algs) | |
848 | pos = 0; | |
849 | if (algs[pos] == wpa_s->mlme.auth_alg || | |
850 | algs[pos] == 0xff) | |
851 | continue; | |
852 | if (algs[pos] == WLAN_AUTH_SHARED_KEY && | |
853 | !ieee80211_sta_wep_configured(wpa_s)) | |
854 | continue; | |
855 | wpa_s->mlme.auth_alg = algs[pos]; | |
856 | wpa_printf(MSG_DEBUG, "MLME: set auth_alg=%d " | |
857 | "for next try", | |
858 | wpa_s->mlme.auth_alg); | |
859 | break; | |
860 | } | |
861 | } | |
862 | return; | |
863 | } | |
864 | ||
865 | switch (wpa_s->mlme.auth_alg) { | |
866 | case WLAN_AUTH_OPEN: | |
867 | case WLAN_AUTH_LEAP: | |
868 | ieee80211_auth_completed(wpa_s); | |
869 | break; | |
870 | case WLAN_AUTH_SHARED_KEY: | |
871 | if (wpa_s->mlme.auth_transaction == 4) | |
872 | ieee80211_auth_completed(wpa_s); | |
873 | else | |
874 | ieee80211_auth_challenge(wpa_s, mgmt, len, | |
875 | rx_status); | |
876 | break; | |
877 | #ifdef CONFIG_IEEE80211R | |
878 | case WLAN_AUTH_FT: | |
879 | { | |
880 | union wpa_event_data data; | |
babfbf15 | 881 | struct wpabuf *ric = NULL; |
6fc6879b JM |
882 | os_memset(&data, 0, sizeof(data)); |
883 | data.ft_ies.ies = mgmt->u.auth.variable; | |
884 | data.ft_ies.ies_len = len - | |
885 | (mgmt->u.auth.variable - (u8 *) mgmt); | |
658d1662 | 886 | os_memcpy(data.ft_ies.target_ap, wpa_s->bssid, ETH_ALEN); |
babfbf15 JM |
887 | if (os_strcmp(wpa_s->driver->name, "test") == 0 && |
888 | wpa_s->mlme.wmm_enabled) { | |
889 | ric = wpabuf_alloc(200); | |
890 | if (ric) { | |
891 | /* Build simple RIC-Request: RDIE | TSPEC */ | |
892 | ||
893 | /* RIC Data (RDIE) */ | |
894 | wpabuf_put_u8(ric, WLAN_EID_RIC_DATA); | |
895 | wpabuf_put_u8(ric, 4); | |
896 | wpabuf_put_u8(ric, 0); /* RDIE Identifier */ | |
897 | wpabuf_put_u8(ric, 1); /* Resource Descriptor | |
898 | * Count */ | |
899 | wpabuf_put_le16(ric, 0); /* Status Code */ | |
900 | ||
901 | /* WMM TSPEC */ | |
902 | ieee80211_build_tspec(ric); | |
903 | ||
904 | data.ft_ies.ric_ies = wpabuf_head(ric); | |
905 | data.ft_ies.ric_ies_len = wpabuf_len(ric); | |
906 | } | |
907 | } | |
908 | ||
6fc6879b | 909 | wpa_supplicant_event(wpa_s, EVENT_FT_RESPONSE, &data); |
babfbf15 | 910 | wpabuf_free(ric); |
6fc6879b JM |
911 | ieee80211_auth_completed(wpa_s); |
912 | break; | |
913 | } | |
914 | #endif /* CONFIG_IEEE80211R */ | |
915 | } | |
916 | } | |
917 | ||
918 | ||
919 | static void ieee80211_rx_mgmt_deauth(struct wpa_supplicant *wpa_s, | |
920 | struct ieee80211_mgmt *mgmt, | |
921 | size_t len, | |
922 | struct ieee80211_rx_status *rx_status) | |
923 | { | |
924 | u16 reason_code; | |
925 | ||
926 | if (len < 24 + 2) { | |
927 | wpa_printf(MSG_DEBUG, "MLME: too short (%lu) deauthentication " | |
928 | "frame received from " MACSTR " - ignored", | |
929 | (unsigned long) len, MAC2STR(mgmt->sa)); | |
930 | return; | |
931 | } | |
932 | ||
933 | if (os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) { | |
934 | wpa_printf(MSG_DEBUG, "MLME: deauthentication frame received " | |
935 | "from unknown AP (SA=" MACSTR " BSSID=" MACSTR | |
936 | ") - ignored", | |
937 | MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid)); | |
938 | return; | |
939 | } | |
940 | ||
941 | reason_code = le_to_host16(mgmt->u.deauth.reason_code); | |
942 | ||
943 | wpa_printf(MSG_DEBUG, "MLME: RX deauthentication from " MACSTR | |
944 | " (reason=%d)", MAC2STR(mgmt->sa), reason_code); | |
945 | ||
946 | if (wpa_s->mlme.authenticated) | |
947 | wpa_printf(MSG_DEBUG, "MLME: deauthenticated"); | |
948 | ||
949 | if (wpa_s->mlme.state == IEEE80211_AUTHENTICATE || | |
950 | wpa_s->mlme.state == IEEE80211_ASSOCIATE || | |
951 | wpa_s->mlme.state == IEEE80211_ASSOCIATED) { | |
952 | wpa_s->mlme.state = IEEE80211_AUTHENTICATE; | |
953 | ieee80211_reschedule_timer(wpa_s, | |
954 | IEEE80211_RETRY_AUTH_INTERVAL); | |
955 | } | |
956 | ||
957 | ieee80211_set_associated(wpa_s, 0); | |
958 | wpa_s->mlme.authenticated = 0; | |
959 | } | |
960 | ||
961 | ||
962 | static void ieee80211_rx_mgmt_disassoc(struct wpa_supplicant *wpa_s, | |
963 | struct ieee80211_mgmt *mgmt, | |
964 | size_t len, | |
965 | struct ieee80211_rx_status *rx_status) | |
966 | { | |
967 | u16 reason_code; | |
968 | ||
969 | if (len < 24 + 2) { | |
970 | wpa_printf(MSG_DEBUG, "MLME: too short (%lu) disassociation " | |
971 | "frame received from " MACSTR " - ignored", | |
972 | (unsigned long) len, MAC2STR(mgmt->sa)); | |
973 | return; | |
974 | } | |
975 | ||
976 | if (os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) { | |
977 | wpa_printf(MSG_DEBUG, "MLME: disassociation frame received " | |
978 | "from unknown AP (SA=" MACSTR " BSSID=" MACSTR | |
979 | ") - ignored", | |
980 | MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid)); | |
981 | return; | |
982 | } | |
983 | ||
984 | reason_code = le_to_host16(mgmt->u.disassoc.reason_code); | |
985 | ||
986 | wpa_printf(MSG_DEBUG, "MLME: RX disassociation from " MACSTR | |
987 | " (reason=%d)", MAC2STR(mgmt->sa), reason_code); | |
988 | ||
989 | if (wpa_s->mlme.associated) | |
990 | wpa_printf(MSG_DEBUG, "MLME: disassociated"); | |
991 | ||
992 | if (wpa_s->mlme.state == IEEE80211_ASSOCIATED) { | |
993 | wpa_s->mlme.state = IEEE80211_ASSOCIATE; | |
994 | ieee80211_reschedule_timer(wpa_s, | |
995 | IEEE80211_RETRY_AUTH_INTERVAL); | |
996 | } | |
997 | ||
998 | ieee80211_set_associated(wpa_s, 0); | |
999 | } | |
1000 | ||
1001 | ||
1002 | static int ieee80211_ft_assoc_resp(struct wpa_supplicant *wpa_s, | |
1003 | struct ieee802_11_elems *elems) | |
1004 | { | |
1005 | #ifdef CONFIG_IEEE80211R | |
1006 | const u8 *mobility_domain = NULL; | |
1007 | const u8 *r0kh_id = NULL; | |
1008 | size_t r0kh_id_len = 0; | |
1009 | const u8 *r1kh_id = NULL; | |
1010 | struct rsn_ftie *hdr; | |
1011 | const u8 *pos, *end; | |
1012 | ||
1013 | if (elems->mdie && elems->mdie_len >= MOBILITY_DOMAIN_ID_LEN) | |
1014 | mobility_domain = elems->mdie; | |
1015 | if (elems->ftie && elems->ftie_len >= sizeof(struct rsn_ftie)) { | |
1016 | end = elems->ftie + elems->ftie_len; | |
1017 | hdr = (struct rsn_ftie *) elems->ftie; | |
1018 | pos = (const u8 *) (hdr + 1); | |
1019 | while (pos + 1 < end) { | |
1020 | if (pos + 2 + pos[1] > end) | |
1021 | break; | |
1022 | if (pos[0] == FTIE_SUBELEM_R1KH_ID && | |
1023 | pos[1] == FT_R1KH_ID_LEN) | |
1024 | r1kh_id = pos + 2; | |
1025 | else if (pos[0] == FTIE_SUBELEM_R0KH_ID && | |
1026 | pos[1] >= 1 && pos[1] <= FT_R0KH_ID_MAX_LEN) { | |
1027 | r0kh_id = pos + 2; | |
1028 | r0kh_id_len = pos[1]; | |
1029 | } | |
1030 | pos += 2 + pos[1]; | |
1031 | } | |
1032 | } | |
1033 | return wpa_sm_set_ft_params(wpa_s->wpa, mobility_domain, r0kh_id, | |
1034 | r0kh_id_len, r1kh_id); | |
1035 | #else /* CONFIG_IEEE80211R */ | |
1036 | return 0; | |
1037 | #endif /* CONFIG_IEEE80211R */ | |
1038 | } | |
1039 | ||
1040 | ||
babfbf15 | 1041 | static void ieee80211_build_tspec(struct wpabuf *buf) |
ed843aaa | 1042 | { |
ed843aaa | 1043 | struct wmm_tspec_element *tspec; |
ed843aaa JM |
1044 | int tid, up; |
1045 | ||
ed843aaa JM |
1046 | tspec = wpabuf_put(buf, sizeof(*tspec)); |
1047 | tspec->eid = WLAN_EID_VENDOR_SPECIFIC; | |
1048 | tspec->length = sizeof(*tspec) - 2; | |
1049 | tspec->oui[0] = 0x00; | |
1050 | tspec->oui[1] = 0x50; | |
1051 | tspec->oui[2] = 0xf2; | |
1052 | tspec->oui_type = 2; | |
1053 | tspec->oui_subtype = 2; | |
1054 | tspec->version = 1; | |
1055 | ||
1056 | tid = 1; | |
1057 | up = 6; /* Voice */ | |
1058 | tspec->ts_info[0] = (tid << 1) | | |
1059 | (WMM_TSPEC_DIRECTION_BI_DIRECTIONAL << 5) | | |
1060 | BIT(7); | |
1061 | tspec->ts_info[1] = up << 3; | |
1062 | tspec->nominal_msdu_size = host_to_le16(1530); | |
1063 | tspec->mean_data_rate = host_to_le32(128000); /* bits per second */ | |
1064 | tspec->minimum_phy_rate = host_to_le32(6000000); | |
1065 | tspec->surplus_bandwidth_allowance = host_to_le16(0x3000); /* 150% */ | |
babfbf15 JM |
1066 | } |
1067 | ||
1068 | ||
1069 | static void ieee80211_tx_addts(struct wpa_supplicant *wpa_s) | |
1070 | { | |
1071 | struct wpabuf *buf; | |
1072 | struct ieee80211_mgmt *mgmt; | |
1073 | size_t alen; | |
1074 | ||
1075 | wpa_printf(MSG_DEBUG, "MLME: Send ADDTS Request for Voice TSPEC"); | |
1076 | mgmt = NULL; | |
1077 | alen = mgmt->u.action.u.wmm_action.variable - (u8 *) mgmt; | |
1078 | ||
1079 | buf = wpabuf_alloc(alen + sizeof(struct wmm_tspec_element)); | |
1080 | if (buf == NULL) | |
1081 | return; | |
1082 | ||
1083 | mgmt = wpabuf_put(buf, alen); | |
1084 | os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); | |
1085 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
1086 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
1087 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
1088 | WLAN_FC_STYPE_ACTION); | |
1089 | mgmt->u.action.category = WLAN_ACTION_WMM; | |
1090 | mgmt->u.action.u.wmm_action.action_code = WMM_ACTION_CODE_ADDTS_REQ; | |
1091 | mgmt->u.action.u.wmm_action.dialog_token = 1; | |
1092 | mgmt->u.action.u.wmm_action.status_code = 0; | |
1093 | ||
1094 | ieee80211_build_tspec(buf); | |
ed843aaa JM |
1095 | |
1096 | ieee80211_sta_tx(wpa_s, wpabuf_head(buf), wpabuf_len(buf)); | |
1097 | wpabuf_free(buf); | |
1098 | } | |
1099 | ||
1100 | ||
6fc6879b JM |
1101 | static void ieee80211_rx_mgmt_assoc_resp(struct wpa_supplicant *wpa_s, |
1102 | struct ieee80211_mgmt *mgmt, | |
1103 | size_t len, | |
1104 | struct ieee80211_rx_status *rx_status, | |
1105 | int reassoc) | |
1106 | { | |
1107 | u8 rates[32]; | |
1108 | size_t rates_len; | |
1109 | u16 capab_info, status_code, aid; | |
1110 | struct ieee802_11_elems elems; | |
1111 | u8 *pos; | |
1112 | ||
1113 | /* AssocResp and ReassocResp have identical structure, so process both | |
1114 | * of them in this function. */ | |
1115 | ||
1116 | if (wpa_s->mlme.state != IEEE80211_ASSOCIATE) { | |
1117 | wpa_printf(MSG_DEBUG, "MLME: association frame received from " | |
1118 | MACSTR ", but not in associate state - ignored", | |
1119 | MAC2STR(mgmt->sa)); | |
1120 | return; | |
1121 | } | |
1122 | ||
1123 | if (len < 24 + 6) { | |
1124 | wpa_printf(MSG_DEBUG, "MLME: too short (%lu) association " | |
1125 | "frame received from " MACSTR " - ignored", | |
1126 | (unsigned long) len, MAC2STR(mgmt->sa)); | |
1127 | return; | |
1128 | } | |
1129 | ||
1130 | if (os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) { | |
1131 | wpa_printf(MSG_DEBUG, "MLME: association frame received from " | |
1132 | "unknown AP (SA=" MACSTR " BSSID=" MACSTR ") - " | |
1133 | "ignored", MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid)); | |
1134 | return; | |
1135 | } | |
1136 | ||
1137 | capab_info = le_to_host16(mgmt->u.assoc_resp.capab_info); | |
1138 | status_code = le_to_host16(mgmt->u.assoc_resp.status_code); | |
1139 | aid = le_to_host16(mgmt->u.assoc_resp.aid); | |
1140 | if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) | |
1141 | wpa_printf(MSG_DEBUG, "MLME: invalid aid value %d; bits 15:14 " | |
1142 | "not set", aid); | |
1143 | aid &= ~(BIT(15) | BIT(14)); | |
1144 | ||
1145 | wpa_printf(MSG_DEBUG, "MLME: RX %sssocResp from " MACSTR | |
1146 | " (capab=0x%x status=%d aid=%d)", | |
1147 | reassoc ? "Rea" : "A", MAC2STR(mgmt->sa), | |
1148 | capab_info, status_code, aid); | |
1149 | ||
6fc6879b | 1150 | pos = mgmt->u.assoc_resp.variable; |
1add3c33 | 1151 | if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems, 0) |
6fc6879b JM |
1152 | == ParseFailed) { |
1153 | wpa_printf(MSG_DEBUG, "MLME: failed to parse AssocResp"); | |
1154 | return; | |
1155 | } | |
1156 | ||
6572fc0d JM |
1157 | if (status_code != WLAN_STATUS_SUCCESS) { |
1158 | wpa_printf(MSG_DEBUG, "MLME: AP denied association (code=%d)", | |
1159 | status_code); | |
1160 | #ifdef CONFIG_IEEE80211W | |
1161 | if (status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY && | |
adddffd1 JM |
1162 | elems.timeout_int && elems.timeout_int_len == 5 && |
1163 | elems.timeout_int[0] == WLAN_TIMEOUT_ASSOC_COMEBACK) { | |
6572fc0d | 1164 | u32 tu, ms; |
adddffd1 | 1165 | tu = WPA_GET_LE32(elems.timeout_int + 1); |
6572fc0d JM |
1166 | ms = tu * 1024 / 1000; |
1167 | wpa_printf(MSG_DEBUG, "MLME: AP rejected association " | |
1168 | "temporarily; comeback duration %u TU " | |
1169 | "(%u ms)", tu, ms); | |
1170 | if (ms > IEEE80211_ASSOC_TIMEOUT) { | |
1171 | wpa_printf(MSG_DEBUG, "MLME: Update timer " | |
1172 | "based on comeback duration"); | |
1173 | ieee80211_reschedule_timer(wpa_s, ms); | |
1174 | } | |
1175 | } | |
1176 | #endif /* CONFIG_IEEE80211W */ | |
1177 | return; | |
1178 | } | |
1179 | ||
6fc6879b JM |
1180 | if (elems.supp_rates == NULL) { |
1181 | wpa_printf(MSG_DEBUG, "MLME: no SuppRates element in " | |
1182 | "AssocResp"); | |
1183 | return; | |
1184 | } | |
1185 | ||
1186 | if (wpa_s->mlme.auth_alg == WLAN_AUTH_FT) { | |
1187 | if (!reassoc) { | |
1188 | wpa_printf(MSG_DEBUG, "MLME: AP tried to use " | |
1189 | "association, not reassociation, response " | |
1190 | "with FT"); | |
1191 | return; | |
1192 | } | |
1193 | if (wpa_ft_validate_reassoc_resp( | |
658d1662 JM |
1194 | wpa_s->wpa, pos, len - (pos - (u8 *) mgmt), |
1195 | mgmt->sa) < 0) { | |
6fc6879b JM |
1196 | wpa_printf(MSG_DEBUG, "MLME: FT validation of Reassoc" |
1197 | "Resp failed"); | |
1198 | return; | |
1199 | } | |
1200 | } else if (ieee80211_ft_assoc_resp(wpa_s, &elems) < 0) | |
1201 | return; | |
1202 | ||
1203 | wpa_printf(MSG_DEBUG, "MLME: associated"); | |
1204 | wpa_s->mlme.aid = aid; | |
1205 | wpa_s->mlme.ap_capab = capab_info; | |
1206 | ||
1207 | os_free(wpa_s->mlme.assocresp_ies); | |
1208 | wpa_s->mlme.assocresp_ies_len = len - (pos - (u8 *) mgmt); | |
1209 | wpa_s->mlme.assocresp_ies = os_malloc(wpa_s->mlme.assocresp_ies_len); | |
1210 | if (wpa_s->mlme.assocresp_ies) { | |
1211 | os_memcpy(wpa_s->mlme.assocresp_ies, pos, | |
1212 | wpa_s->mlme.assocresp_ies_len); | |
1213 | } | |
1214 | ||
1215 | ieee80211_set_associated(wpa_s, 1); | |
1216 | ||
1217 | rates_len = elems.supp_rates_len; | |
1218 | if (rates_len > sizeof(rates)) | |
1219 | rates_len = sizeof(rates); | |
1220 | os_memcpy(rates, elems.supp_rates, rates_len); | |
1221 | if (elems.ext_supp_rates) { | |
1222 | size_t _len = elems.ext_supp_rates_len; | |
1223 | if (_len > sizeof(rates) - rates_len) | |
1224 | _len = sizeof(rates) - rates_len; | |
1225 | os_memcpy(rates + rates_len, elems.ext_supp_rates, _len); | |
1226 | rates_len += _len; | |
1227 | } | |
1228 | ||
1229 | if (wpa_drv_set_bssid(wpa_s, wpa_s->bssid) < 0) { | |
1230 | wpa_printf(MSG_DEBUG, "MLME: failed to set BSSID for the " | |
1231 | "netstack"); | |
1232 | } | |
1233 | if (wpa_drv_set_ssid(wpa_s, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len) < | |
1234 | 0) { | |
1235 | wpa_printf(MSG_DEBUG, "MLME: failed to set SSID for the " | |
1236 | "netstack"); | |
1237 | } | |
1238 | ||
1239 | /* Remove STA entry before adding a new one just in case to avoid | |
1240 | * problems with existing configuration (e.g., keys). */ | |
1241 | wpa_drv_mlme_remove_sta(wpa_s, wpa_s->bssid); | |
1242 | if (wpa_drv_mlme_add_sta(wpa_s, wpa_s->bssid, rates, rates_len) < 0) { | |
1243 | wpa_printf(MSG_DEBUG, "MLME: failed to add STA entry to the " | |
1244 | "netstack"); | |
1245 | } | |
1246 | ||
5c3dd4eb | 1247 | if (elems.wmm && wpa_s->mlme.wmm_enabled) |
77ac4466 | 1248 | ieee80211_sta_wmm_params(wpa_s, elems.wmm, elems.wmm_len); |
6fc6879b JM |
1249 | |
1250 | ieee80211_associated(wpa_s); | |
ed843aaa | 1251 | |
babfbf15 JM |
1252 | if (wpa_s->mlme.auth_alg != WLAN_AUTH_FT && |
1253 | os_strcmp(wpa_s->driver->name, "test") == 0 && | |
ed843aaa JM |
1254 | elems.wmm && wpa_s->mlme.wmm_enabled) { |
1255 | /* Test WMM-AC - send ADDTS for WMM TSPEC */ | |
1256 | ieee80211_tx_addts(wpa_s); | |
1257 | } | |
6fc6879b JM |
1258 | } |
1259 | ||
1260 | ||
1261 | /* Caller must hold local->sta_bss_lock */ | |
1262 | static void __ieee80211_bss_hash_add(struct wpa_supplicant *wpa_s, | |
1263 | struct ieee80211_sta_bss *bss) | |
1264 | { | |
1265 | bss->hnext = wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)]; | |
1266 | wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)] = bss; | |
1267 | } | |
1268 | ||
1269 | ||
1270 | /* Caller must hold local->sta_bss_lock */ | |
1271 | static void __ieee80211_bss_hash_del(struct wpa_supplicant *wpa_s, | |
1272 | struct ieee80211_sta_bss *bss) | |
1273 | { | |
1274 | struct ieee80211_sta_bss *b, *prev = NULL; | |
1275 | b = wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)]; | |
1276 | while (b) { | |
1277 | if (b == bss) { | |
1278 | if (prev == NULL) { | |
1279 | wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)] | |
1280 | = bss->hnext; | |
1281 | } else { | |
1282 | prev->hnext = bss->hnext; | |
1283 | } | |
1284 | break; | |
1285 | } | |
1286 | prev = b; | |
1287 | b = b->hnext; | |
1288 | } | |
1289 | } | |
1290 | ||
1291 | ||
1292 | static struct ieee80211_sta_bss * | |
1293 | ieee80211_bss_add(struct wpa_supplicant *wpa_s, const u8 *bssid) | |
1294 | { | |
1295 | struct ieee80211_sta_bss *bss; | |
1296 | ||
1297 | bss = os_zalloc(sizeof(*bss)); | |
1298 | if (bss == NULL) | |
1299 | return NULL; | |
1300 | os_memcpy(bss->bssid, bssid, ETH_ALEN); | |
1301 | ||
1302 | /* TODO: order by RSSI? */ | |
1303 | bss->next = wpa_s->mlme.sta_bss_list; | |
1304 | wpa_s->mlme.sta_bss_list = bss; | |
1305 | __ieee80211_bss_hash_add(wpa_s, bss); | |
1306 | return bss; | |
1307 | } | |
1308 | ||
1309 | ||
1310 | static struct ieee80211_sta_bss * | |
1311 | ieee80211_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid) | |
1312 | { | |
1313 | struct ieee80211_sta_bss *bss; | |
1314 | ||
1315 | bss = wpa_s->mlme.sta_bss_hash[STA_HASH(bssid)]; | |
1316 | while (bss) { | |
1317 | if (os_memcmp(bss->bssid, bssid, ETH_ALEN) == 0) | |
1318 | break; | |
1319 | bss = bss->hnext; | |
1320 | } | |
1321 | return bss; | |
1322 | } | |
1323 | ||
1324 | ||
1325 | static void ieee80211_bss_free(struct wpa_supplicant *wpa_s, | |
1326 | struct ieee80211_sta_bss *bss) | |
1327 | { | |
1328 | __ieee80211_bss_hash_del(wpa_s, bss); | |
1329 | os_free(bss->ie); | |
1330 | os_free(bss->wpa_ie); | |
1331 | os_free(bss->rsn_ie); | |
1332 | os_free(bss->wmm_ie); | |
1333 | os_free(bss->mdie); | |
1334 | os_free(bss); | |
1335 | } | |
1336 | ||
1337 | ||
1338 | static void ieee80211_bss_list_deinit(struct wpa_supplicant *wpa_s) | |
1339 | { | |
1340 | struct ieee80211_sta_bss *bss, *prev; | |
1341 | ||
1342 | bss = wpa_s->mlme.sta_bss_list; | |
1343 | wpa_s->mlme.sta_bss_list = NULL; | |
1344 | while (bss) { | |
1345 | prev = bss; | |
1346 | bss = bss->next; | |
1347 | ieee80211_bss_free(wpa_s, prev); | |
1348 | } | |
1349 | } | |
1350 | ||
1351 | ||
1352 | static void ieee80211_bss_info(struct wpa_supplicant *wpa_s, | |
1353 | struct ieee80211_mgmt *mgmt, | |
1354 | size_t len, | |
1355 | struct ieee80211_rx_status *rx_status, | |
1356 | int beacon) | |
1357 | { | |
1358 | struct ieee802_11_elems elems; | |
1359 | size_t baselen; | |
1360 | int channel, invalid = 0, clen; | |
1361 | struct ieee80211_sta_bss *bss; | |
1362 | u64 timestamp; | |
1363 | u8 *pos, *ie_pos; | |
1364 | size_t ie_len; | |
1365 | ||
1366 | if (!beacon && os_memcmp(mgmt->da, wpa_s->own_addr, ETH_ALEN)) | |
1367 | return; /* ignore ProbeResp to foreign address */ | |
1368 | ||
1369 | #if 0 | |
1370 | wpa_printf(MSG_MSGDUMP, "MLME: RX %s from " MACSTR " to " MACSTR, | |
1371 | beacon ? "Beacon" : "Probe Response", | |
1372 | MAC2STR(mgmt->sa), MAC2STR(mgmt->da)); | |
1373 | #endif | |
1374 | ||
1375 | baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; | |
1376 | if (baselen > len) | |
1377 | return; | |
1378 | ||
1379 | pos = mgmt->u.beacon.timestamp; | |
1380 | timestamp = WPA_GET_LE64(pos); | |
1381 | ||
1382 | #if 0 /* FIX */ | |
1383 | if (local->conf.mode == IW_MODE_ADHOC && beacon && | |
1384 | os_memcmp(mgmt->bssid, local->bssid, ETH_ALEN) == 0) { | |
1385 | #ifdef IEEE80211_IBSS_DEBUG | |
1386 | static unsigned long last_tsf_debug = 0; | |
1387 | u64 tsf; | |
1388 | if (local->hw->get_tsf) | |
1389 | tsf = local->hw->get_tsf(local->mdev); | |
1390 | else | |
1391 | tsf = -1LLU; | |
1392 | if (time_after(jiffies, last_tsf_debug + 5 * HZ)) { | |
1393 | wpa_printf(MSG_DEBUG, "RX beacon SA=" MACSTR " BSSID=" | |
1394 | MACSTR " TSF=0x%llx BCN=0x%llx diff=%lld " | |
1395 | "@%ld", | |
1396 | MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid), | |
1397 | tsf, timestamp, tsf - timestamp, jiffies); | |
1398 | last_tsf_debug = jiffies; | |
1399 | } | |
1400 | #endif /* IEEE80211_IBSS_DEBUG */ | |
1401 | } | |
1402 | #endif | |
1403 | ||
1404 | ie_pos = mgmt->u.beacon.variable; | |
1405 | ie_len = len - baselen; | |
1add3c33 | 1406 | if (ieee802_11_parse_elems(ie_pos, ie_len, &elems, 0) == ParseFailed) |
6fc6879b JM |
1407 | invalid = 1; |
1408 | ||
1409 | #if 0 /* FIX */ | |
1410 | if (local->conf.mode == IW_MODE_ADHOC && elems.supp_rates && | |
1411 | os_memcmp(mgmt->bssid, local->bssid, ETH_ALEN) == 0 && | |
1412 | (sta = sta_info_get(local, mgmt->sa))) { | |
1413 | struct ieee80211_rate *rates; | |
1414 | size_t num_rates; | |
1415 | u32 supp_rates, prev_rates; | |
1416 | int i, j, oper_mode; | |
1417 | ||
1418 | rates = local->curr_rates; | |
1419 | num_rates = local->num_curr_rates; | |
1420 | oper_mode = wpa_s->mlme.sta_scanning ? | |
1421 | local->scan_oper_phymode : local->conf.phymode; | |
1422 | for (i = 0; i < local->hw->num_modes; i++) { | |
1423 | struct ieee80211_hw_modes *mode = &local->hw->modes[i]; | |
1424 | if (oper_mode == mode->mode) { | |
1425 | rates = mode->rates; | |
1426 | num_rates = mode->num_rates; | |
1427 | break; | |
1428 | } | |
1429 | } | |
1430 | ||
1431 | supp_rates = 0; | |
1432 | for (i = 0; i < elems.supp_rates_len + | |
1433 | elems.ext_supp_rates_len; i++) { | |
1434 | u8 rate = 0; | |
1435 | int own_rate; | |
1436 | if (i < elems.supp_rates_len) | |
1437 | rate = elems.supp_rates[i]; | |
1438 | else if (elems.ext_supp_rates) | |
1439 | rate = elems.ext_supp_rates | |
1440 | [i - elems.supp_rates_len]; | |
1441 | own_rate = 5 * (rate & 0x7f); | |
1442 | if (oper_mode == MODE_ATHEROS_TURBO) | |
1443 | own_rate *= 2; | |
1444 | for (j = 0; j < num_rates; j++) | |
1445 | if (rates[j].rate == own_rate) | |
1446 | supp_rates |= BIT(j); | |
1447 | } | |
1448 | ||
1449 | prev_rates = sta->supp_rates; | |
1450 | sta->supp_rates &= supp_rates; | |
1451 | if (sta->supp_rates == 0) { | |
1452 | /* No matching rates - this should not really happen. | |
1453 | * Make sure that at least one rate is marked | |
1454 | * supported to avoid issues with TX rate ctrl. */ | |
1455 | sta->supp_rates = wpa_s->mlme.supp_rates_bits; | |
1456 | } | |
1457 | if (sta->supp_rates != prev_rates) { | |
1458 | wpa_printf(MSG_DEBUG, "MLME: updated supp_rates set " | |
1459 | "for " MACSTR " based on beacon info " | |
1460 | "(0x%x & 0x%x -> 0x%x)", | |
1461 | MAC2STR(sta->addr), prev_rates, | |
1462 | supp_rates, sta->supp_rates); | |
1463 | } | |
1464 | sta_info_release(local, sta); | |
1465 | } | |
1466 | #endif | |
1467 | ||
1468 | if (elems.ssid == NULL) | |
1469 | return; | |
1470 | ||
1471 | if (elems.ds_params && elems.ds_params_len == 1) | |
1472 | channel = elems.ds_params[0]; | |
1473 | else | |
1474 | channel = rx_status->channel; | |
1475 | ||
1476 | bss = ieee80211_bss_get(wpa_s, mgmt->bssid); | |
1477 | if (bss == NULL) { | |
1478 | bss = ieee80211_bss_add(wpa_s, mgmt->bssid); | |
1479 | if (bss == NULL) | |
1480 | return; | |
1481 | } else { | |
1482 | #if 0 | |
1483 | /* TODO: order by RSSI? */ | |
1484 | spin_lock_bh(&local->sta_bss_lock); | |
1485 | list_move_tail(&bss->list, &local->sta_bss_list); | |
1486 | spin_unlock_bh(&local->sta_bss_lock); | |
1487 | #endif | |
1488 | } | |
1489 | ||
1490 | if (bss->probe_resp && beacon) { | |
1491 | /* Do not allow beacon to override data from Probe Response. */ | |
1492 | return; | |
1493 | } | |
1494 | ||
1495 | bss->beacon_int = le_to_host16(mgmt->u.beacon.beacon_int); | |
1496 | bss->capability = le_to_host16(mgmt->u.beacon.capab_info); | |
1497 | ||
1498 | if (bss->ie == NULL || bss->ie_len < ie_len) { | |
1499 | os_free(bss->ie); | |
1500 | bss->ie = os_malloc(ie_len); | |
1501 | } | |
1502 | if (bss->ie) { | |
1503 | os_memcpy(bss->ie, ie_pos, ie_len); | |
1504 | bss->ie_len = ie_len; | |
1505 | } | |
1506 | ||
1507 | if (elems.ssid && elems.ssid_len <= MAX_SSID_LEN) { | |
1508 | os_memcpy(bss->ssid, elems.ssid, elems.ssid_len); | |
1509 | bss->ssid_len = elems.ssid_len; | |
1510 | } | |
1511 | ||
1512 | bss->supp_rates_len = 0; | |
1513 | if (elems.supp_rates) { | |
1514 | clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len; | |
1515 | if (clen > elems.supp_rates_len) | |
1516 | clen = elems.supp_rates_len; | |
1517 | os_memcpy(&bss->supp_rates[bss->supp_rates_len], | |
1518 | elems.supp_rates, clen); | |
1519 | bss->supp_rates_len += clen; | |
1520 | } | |
1521 | if (elems.ext_supp_rates) { | |
1522 | clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len; | |
1523 | if (clen > elems.ext_supp_rates_len) | |
1524 | clen = elems.ext_supp_rates_len; | |
1525 | os_memcpy(&bss->supp_rates[bss->supp_rates_len], | |
1526 | elems.ext_supp_rates, clen); | |
1527 | bss->supp_rates_len += clen; | |
1528 | } | |
1529 | ||
1add3c33 JM |
1530 | if (elems.wpa_ie && |
1531 | (bss->wpa_ie == NULL || bss->wpa_ie_len != elems.wpa_ie_len || | |
1532 | os_memcmp(bss->wpa_ie, elems.wpa_ie, elems.wpa_ie_len))) { | |
6fc6879b | 1533 | os_free(bss->wpa_ie); |
1add3c33 | 1534 | bss->wpa_ie = os_malloc(elems.wpa_ie_len + 2); |
6fc6879b | 1535 | if (bss->wpa_ie) { |
1add3c33 JM |
1536 | os_memcpy(bss->wpa_ie, elems.wpa_ie - 2, |
1537 | elems.wpa_ie_len + 2); | |
1538 | bss->wpa_ie_len = elems.wpa_ie_len + 2; | |
6fc6879b JM |
1539 | } else |
1540 | bss->wpa_ie_len = 0; | |
1add3c33 | 1541 | } else if (!elems.wpa_ie && bss->wpa_ie) { |
6fc6879b JM |
1542 | os_free(bss->wpa_ie); |
1543 | bss->wpa_ie = NULL; | |
1544 | bss->wpa_ie_len = 0; | |
1545 | } | |
1546 | ||
1add3c33 JM |
1547 | if (elems.rsn_ie && |
1548 | (bss->rsn_ie == NULL || bss->rsn_ie_len != elems.rsn_ie_len || | |
1549 | os_memcmp(bss->rsn_ie, elems.rsn_ie, elems.rsn_ie_len))) { | |
6fc6879b | 1550 | os_free(bss->rsn_ie); |
1add3c33 | 1551 | bss->rsn_ie = os_malloc(elems.rsn_ie_len + 2); |
6fc6879b | 1552 | if (bss->rsn_ie) { |
1add3c33 JM |
1553 | os_memcpy(bss->rsn_ie, elems.rsn_ie - 2, |
1554 | elems.rsn_ie_len + 2); | |
1555 | bss->rsn_ie_len = elems.rsn_ie_len + 2; | |
6fc6879b JM |
1556 | } else |
1557 | bss->rsn_ie_len = 0; | |
1add3c33 | 1558 | } else if (!elems.rsn_ie && bss->rsn_ie) { |
6fc6879b JM |
1559 | os_free(bss->rsn_ie); |
1560 | bss->rsn_ie = NULL; | |
1561 | bss->rsn_ie_len = 0; | |
1562 | } | |
1563 | ||
77ac4466 JM |
1564 | if (elems.wmm && |
1565 | (bss->wmm_ie == NULL || bss->wmm_ie_len != elems.wmm_len || | |
1566 | os_memcmp(bss->wmm_ie, elems.wmm, elems.wmm_len))) { | |
6fc6879b | 1567 | os_free(bss->wmm_ie); |
77ac4466 | 1568 | bss->wmm_ie = os_malloc(elems.wmm_len + 2); |
6fc6879b | 1569 | if (bss->wmm_ie) { |
77ac4466 JM |
1570 | os_memcpy(bss->wmm_ie, elems.wmm - 2, |
1571 | elems.wmm_len + 2); | |
1572 | bss->wmm_ie_len = elems.wmm_len + 2; | |
6fc6879b JM |
1573 | } else |
1574 | bss->wmm_ie_len = 0; | |
77ac4466 | 1575 | } else if (!elems.wmm && bss->wmm_ie) { |
6fc6879b JM |
1576 | os_free(bss->wmm_ie); |
1577 | bss->wmm_ie = NULL; | |
1578 | bss->wmm_ie_len = 0; | |
1579 | } | |
1580 | ||
1581 | #ifdef CONFIG_IEEE80211R | |
1582 | if (elems.mdie && | |
1583 | (bss->mdie == NULL || bss->mdie_len != elems.mdie_len || | |
1584 | os_memcmp(bss->mdie, elems.mdie, elems.mdie_len))) { | |
1585 | os_free(bss->mdie); | |
1586 | bss->mdie = os_malloc(elems.mdie_len + 2); | |
1587 | if (bss->mdie) { | |
1588 | os_memcpy(bss->mdie, elems.mdie - 2, | |
1589 | elems.mdie_len + 2); | |
1590 | bss->mdie_len = elems.mdie_len + 2; | |
1591 | } else | |
1592 | bss->mdie_len = 0; | |
1593 | } else if (!elems.mdie && bss->mdie) { | |
1594 | os_free(bss->mdie); | |
1595 | bss->mdie = NULL; | |
1596 | bss->mdie_len = 0; | |
1597 | } | |
1598 | #endif /* CONFIG_IEEE80211R */ | |
1599 | ||
1600 | bss->hw_mode = wpa_s->mlme.phymode; | |
1601 | bss->channel = channel; | |
1602 | bss->freq = wpa_s->mlme.freq; | |
1603 | if (channel != wpa_s->mlme.channel && | |
6caf9ca6 JM |
1604 | (wpa_s->mlme.phymode == HOSTAPD_MODE_IEEE80211G || |
1605 | wpa_s->mlme.phymode == HOSTAPD_MODE_IEEE80211B) && | |
6fc6879b JM |
1606 | channel >= 1 && channel <= 14) { |
1607 | static const int freq_list[] = { | |
1608 | 2412, 2417, 2422, 2427, 2432, 2437, 2442, | |
1609 | 2447, 2452, 2457, 2462, 2467, 2472, 2484 | |
1610 | }; | |
1611 | /* IEEE 802.11g/b mode can receive packets from neighboring | |
1612 | * channels, so map the channel into frequency. */ | |
1613 | bss->freq = freq_list[channel - 1]; | |
1614 | } | |
1615 | bss->timestamp = timestamp; | |
1616 | os_get_time(&bss->last_update); | |
1617 | bss->rssi = rx_status->ssi; | |
1618 | if (!beacon) | |
1619 | bss->probe_resp++; | |
1620 | } | |
1621 | ||
1622 | ||
1623 | static void ieee80211_rx_mgmt_probe_resp(struct wpa_supplicant *wpa_s, | |
1624 | struct ieee80211_mgmt *mgmt, | |
1625 | size_t len, | |
1626 | struct ieee80211_rx_status *rx_status) | |
1627 | { | |
1628 | ieee80211_bss_info(wpa_s, mgmt, len, rx_status, 0); | |
1629 | } | |
1630 | ||
1631 | ||
1632 | static void ieee80211_rx_mgmt_beacon(struct wpa_supplicant *wpa_s, | |
1633 | struct ieee80211_mgmt *mgmt, | |
1634 | size_t len, | |
1635 | struct ieee80211_rx_status *rx_status) | |
1636 | { | |
1637 | int use_protection; | |
1638 | size_t baselen; | |
1639 | struct ieee802_11_elems elems; | |
1640 | ||
1641 | ieee80211_bss_info(wpa_s, mgmt, len, rx_status, 1); | |
1642 | ||
1643 | if (!wpa_s->mlme.associated || | |
1644 | os_memcmp(wpa_s->bssid, mgmt->bssid, ETH_ALEN) != 0) | |
1645 | return; | |
1646 | ||
1647 | /* Process beacon from the current BSS */ | |
1648 | baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt; | |
1649 | if (baselen > len) | |
1650 | return; | |
1651 | ||
1652 | if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, | |
1add3c33 | 1653 | &elems, 0) == ParseFailed) |
6fc6879b JM |
1654 | return; |
1655 | ||
1656 | use_protection = 0; | |
1657 | if (elems.erp_info && elems.erp_info_len >= 1) { | |
1658 | use_protection = | |
1659 | (elems.erp_info[0] & ERP_INFO_USE_PROTECTION) != 0; | |
1660 | } | |
1661 | ||
1662 | if (use_protection != !!wpa_s->mlme.use_protection) { | |
1663 | wpa_printf(MSG_DEBUG, "MLME: CTS protection %s (BSSID=" MACSTR | |
1664 | ")", | |
1665 | use_protection ? "enabled" : "disabled", | |
1666 | MAC2STR(wpa_s->bssid)); | |
1667 | wpa_s->mlme.use_protection = use_protection ? 1 : 0; | |
1668 | wpa_s->mlme.cts_protect_erp_frames = use_protection; | |
1669 | } | |
1670 | ||
77ac4466 JM |
1671 | if (elems.wmm && wpa_s->mlme.wmm_enabled) { |
1672 | ieee80211_sta_wmm_params(wpa_s, elems.wmm, | |
1673 | elems.wmm_len); | |
6fc6879b JM |
1674 | } |
1675 | } | |
1676 | ||
1677 | ||
1678 | static void ieee80211_rx_mgmt_probe_req(struct wpa_supplicant *wpa_s, | |
1679 | struct ieee80211_mgmt *mgmt, | |
1680 | size_t len, | |
1681 | struct ieee80211_rx_status *rx_status) | |
1682 | { | |
1683 | int tx_last_beacon, adhoc; | |
1684 | #if 0 /* FIX */ | |
1685 | struct ieee80211_mgmt *resp; | |
1686 | #endif | |
1687 | u8 *pos, *end; | |
1688 | struct wpa_ssid *ssid = wpa_s->current_ssid; | |
1689 | ||
1690 | adhoc = ssid && ssid->mode == 1; | |
1691 | ||
1692 | if (!adhoc || wpa_s->mlme.state != IEEE80211_IBSS_JOINED || | |
1693 | len < 24 + 2 || wpa_s->mlme.probe_resp == NULL) | |
1694 | return; | |
1695 | ||
1696 | #if 0 /* FIX */ | |
1697 | if (local->hw->tx_last_beacon) | |
1698 | tx_last_beacon = local->hw->tx_last_beacon(local->mdev); | |
1699 | else | |
1700 | #endif | |
1701 | tx_last_beacon = 1; | |
1702 | ||
1703 | #ifdef IEEE80211_IBSS_DEBUG | |
1704 | wpa_printf(MSG_DEBUG, "MLME: RX ProbeReq SA=" MACSTR " DA=" MACSTR | |
1705 | " BSSID=" MACSTR " (tx_last_beacon=%d)", | |
1706 | MAC2STR(mgmt->sa), MAC2STR(mgmt->da), | |
1707 | MAC2STR(mgmt->bssid), tx_last_beacon); | |
1708 | #endif /* IEEE80211_IBSS_DEBUG */ | |
1709 | ||
1710 | if (!tx_last_beacon) | |
1711 | return; | |
1712 | ||
1713 | if (os_memcmp(mgmt->bssid, wpa_s->bssid, ETH_ALEN) != 0 && | |
1714 | os_memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0) | |
1715 | return; | |
1716 | ||
1717 | end = ((u8 *) mgmt) + len; | |
1718 | pos = mgmt->u.probe_req.variable; | |
1719 | if (pos[0] != WLAN_EID_SSID || | |
1720 | pos + 2 + pos[1] > end) { | |
1721 | wpa_printf(MSG_DEBUG, "MLME: Invalid SSID IE in ProbeReq from " | |
1722 | MACSTR, MAC2STR(mgmt->sa)); | |
1723 | return; | |
1724 | } | |
1725 | if (pos[1] != 0 && | |
1726 | (pos[1] != wpa_s->mlme.ssid_len || | |
1727 | os_memcmp(pos + 2, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len) != 0)) | |
1728 | { | |
1729 | /* Ignore ProbeReq for foreign SSID */ | |
1730 | return; | |
1731 | } | |
1732 | ||
1733 | #if 0 /* FIX */ | |
1734 | /* Reply with ProbeResp */ | |
1735 | skb = skb_copy(wpa_s->mlme.probe_resp, GFP_ATOMIC); | |
1736 | if (skb == NULL) | |
1737 | return; | |
1738 | ||
1739 | resp = (struct ieee80211_mgmt *) skb->data; | |
1740 | os_memcpy(resp->da, mgmt->sa, ETH_ALEN); | |
1741 | #ifdef IEEE80211_IBSS_DEBUG | |
1742 | wpa_printf(MSG_DEBUG, "MLME: Sending ProbeResp to " MACSTR, | |
1743 | MAC2STR(resp->da)); | |
1744 | #endif /* IEEE80211_IBSS_DEBUG */ | |
1745 | ieee80211_sta_tx(wpa_s, skb, 0, 1); | |
1746 | #endif | |
1747 | } | |
1748 | ||
1749 | ||
5d22a1d5 | 1750 | #ifdef CONFIG_IEEE80211R |
6fc6879b JM |
1751 | static void ieee80211_rx_mgmt_ft_action(struct wpa_supplicant *wpa_s, |
1752 | struct ieee80211_mgmt *mgmt, | |
1753 | size_t len, | |
1754 | struct ieee80211_rx_status *rx_status) | |
1755 | { | |
1756 | union wpa_event_data data; | |
1757 | u16 status; | |
1758 | u8 *sta_addr, *target_ap_addr; | |
1759 | ||
1760 | if (len < 24 + 1 + sizeof(mgmt->u.action.u.ft_action_resp)) { | |
1761 | wpa_printf(MSG_DEBUG, "MLME: Too short FT Action frame"); | |
1762 | return; | |
1763 | } | |
1764 | ||
1765 | /* | |
1766 | * Only FT Action Response is needed for now since reservation | |
1767 | * protocol is not supported. | |
1768 | */ | |
1769 | if (mgmt->u.action.u.ft_action_resp.action != 2) { | |
1770 | wpa_printf(MSG_DEBUG, "MLME: Unexpected FT Action %d", | |
1771 | mgmt->u.action.u.ft_action_resp.action); | |
1772 | return; | |
1773 | } | |
1774 | ||
1775 | status = le_to_host16(mgmt->u.action.u.ft_action_resp.status_code); | |
1776 | sta_addr = mgmt->u.action.u.ft_action_resp.sta_addr; | |
1777 | target_ap_addr = mgmt->u.action.u.ft_action_resp.target_ap_addr; | |
1778 | wpa_printf(MSG_DEBUG, "MLME: Received FT Action Response: STA " MACSTR | |
1779 | " TargetAP " MACSTR " Status Code %d", | |
1780 | MAC2STR(sta_addr), MAC2STR(target_ap_addr), status); | |
1781 | if (os_memcmp(sta_addr, wpa_s->own_addr, ETH_ALEN) != 0) { | |
1782 | wpa_printf(MSG_DEBUG, "MLME: Foreign STA Address " MACSTR | |
1783 | " in FT Action Response", MAC2STR(sta_addr)); | |
1784 | return; | |
6fc6879b JM |
1785 | } |
1786 | ||
1787 | if (status) { | |
1788 | wpa_printf(MSG_DEBUG, "MLME: FT Action Response indicates " | |
1789 | "failure (status code %d)", status); | |
1790 | /* TODO: report error to FT code(?) */ | |
1791 | return; | |
1792 | } | |
1793 | ||
1794 | os_memset(&data, 0, sizeof(data)); | |
1795 | data.ft_ies.ies = mgmt->u.action.u.ft_action_resp.variable; | |
1796 | data.ft_ies.ies_len = len - (mgmt->u.action.u.ft_action_resp.variable - | |
1797 | (u8 *) mgmt); | |
1798 | data.ft_ies.ft_action = 1; | |
1799 | os_memcpy(data.ft_ies.target_ap, target_ap_addr, ETH_ALEN); | |
1800 | wpa_supplicant_event(wpa_s, EVENT_FT_RESPONSE, &data); | |
1801 | /* TODO: should only re-associate, if EVENT_FT_RESPONSE was processed | |
1802 | * successfully */ | |
1803 | wpa_s->mlme.prev_bssid_set = 1; | |
1804 | wpa_s->mlme.auth_alg = WLAN_AUTH_FT; | |
1805 | os_memcpy(wpa_s->mlme.prev_bssid, wpa_s->bssid, ETH_ALEN); | |
1806 | os_memcpy(wpa_s->bssid, target_ap_addr, ETH_ALEN); | |
1807 | ieee80211_associate(wpa_s); | |
1808 | } | |
5d22a1d5 JM |
1809 | #endif /* CONFIG_IEEE80211R */ |
1810 | ||
1811 | ||
1812 | #ifdef CONFIG_IEEE80211W | |
1813 | ||
93b76319 JM |
1814 | /* MLME-SAQuery.response */ |
1815 | static int ieee80211_sta_send_sa_query_resp(struct wpa_supplicant *wpa_s, | |
1816 | const u8 *addr, const u8 *trans_id) | |
5d22a1d5 JM |
1817 | { |
1818 | struct ieee80211_mgmt *mgmt; | |
1819 | int res; | |
1820 | size_t len; | |
1821 | ||
1822 | mgmt = os_zalloc(sizeof(*mgmt)); | |
1823 | if (mgmt == NULL) { | |
1824 | wpa_printf(MSG_DEBUG, "MLME: Failed to allocate buffer for " | |
93b76319 | 1825 | "SA Query action frame"); |
5d22a1d5 JM |
1826 | return -1; |
1827 | } | |
1828 | ||
1829 | len = 24; | |
1830 | os_memcpy(mgmt->da, addr, ETH_ALEN); | |
1831 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
1832 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
1833 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
1834 | WLAN_FC_STYPE_ACTION); | |
93b76319 JM |
1835 | mgmt->u.action.category = WLAN_ACTION_SA_QUERY; |
1836 | mgmt->u.action.u.sa_query_resp.action = WLAN_SA_QUERY_RESPONSE; | |
1837 | os_memcpy(mgmt->u.action.u.sa_query_resp.trans_id, trans_id, | |
1838 | WLAN_SA_QUERY_TR_ID_LEN); | |
1839 | len += 1 + sizeof(mgmt->u.action.u.sa_query_resp); | |
5d22a1d5 JM |
1840 | |
1841 | res = ieee80211_sta_tx(wpa_s, (u8 *) mgmt, len); | |
1842 | os_free(mgmt); | |
1843 | ||
1844 | return res; | |
1845 | } | |
1846 | ||
1847 | ||
93b76319 | 1848 | static void ieee80211_rx_mgmt_sa_query_action( |
5d22a1d5 JM |
1849 | struct wpa_supplicant *wpa_s, struct ieee80211_mgmt *mgmt, size_t len, |
1850 | struct ieee80211_rx_status *rx_status) | |
1851 | { | |
93b76319 JM |
1852 | if (len < 24 + 1 + sizeof(mgmt->u.action.u.sa_query_req)) { |
1853 | wpa_printf(MSG_DEBUG, "MLME: Too short SA Query Action frame"); | |
5d22a1d5 JM |
1854 | return; |
1855 | } | |
1856 | ||
93b76319 JM |
1857 | if (mgmt->u.action.u.sa_query_req.action != WLAN_SA_QUERY_REQUEST) { |
1858 | wpa_printf(MSG_DEBUG, "MLME: Unexpected SA Query Action %d", | |
1859 | mgmt->u.action.u.sa_query_req.action); | |
5d22a1d5 JM |
1860 | return; |
1861 | } | |
1862 | ||
1863 | if (os_memcmp(mgmt->sa, wpa_s->bssid, ETH_ALEN) != 0) { | |
93b76319 JM |
1864 | wpa_printf(MSG_DEBUG, "MLME: Ignore SA Query from unknown " |
1865 | "source " MACSTR, MAC2STR(mgmt->sa)); | |
5d22a1d5 JM |
1866 | return; |
1867 | } | |
1868 | ||
1869 | if (wpa_s->mlme.state == IEEE80211_ASSOCIATE) { | |
93b76319 | 1870 | wpa_printf(MSG_DEBUG, "MLME: Ignore SA query request during " |
5d22a1d5 JM |
1871 | "association process"); |
1872 | return; | |
1873 | } | |
1874 | ||
93b76319 JM |
1875 | wpa_printf(MSG_DEBUG, "MLME: Replying to SA Query request"); |
1876 | ieee80211_sta_send_sa_query_resp(wpa_s, mgmt->sa, mgmt->u.action.u. | |
1877 | sa_query_req.trans_id); | |
5d22a1d5 JM |
1878 | } |
1879 | ||
1880 | #endif /* CONFIG_IEEE80211W */ | |
6fc6879b JM |
1881 | |
1882 | ||
ed843aaa JM |
1883 | static void dump_tspec(struct wmm_tspec_element *tspec) |
1884 | { | |
1885 | int up, psb, dir, tid; | |
1886 | u16 val; | |
1887 | ||
1888 | up = (tspec->ts_info[1] >> 3) & 0x07; | |
1889 | psb = (tspec->ts_info[1] >> 2) & 0x01; | |
1890 | dir = (tspec->ts_info[0] >> 5) & 0x03; | |
1891 | tid = (tspec->ts_info[0] >> 1) & 0x0f; | |
1892 | wpa_printf(MSG_DEBUG, "WMM: TS Info: UP=%d PSB=%d Direction=%d TID=%d", | |
1893 | up, psb, dir, tid); | |
1894 | val = le_to_host16(tspec->nominal_msdu_size); | |
1895 | wpa_printf(MSG_DEBUG, "WMM: Nominal MSDU Size: %d%s", | |
1896 | val & 0x7fff, val & 0x8000 ? " (fixed)" : ""); | |
1897 | wpa_printf(MSG_DEBUG, "WMM: Mean Data Rate: %u bps", | |
1898 | le_to_host32(tspec->mean_data_rate)); | |
1899 | wpa_printf(MSG_DEBUG, "WMM: Minimum PHY Rate: %u bps", | |
1900 | le_to_host32(tspec->minimum_phy_rate)); | |
1901 | val = le_to_host16(tspec->surplus_bandwidth_allowance); | |
1902 | wpa_printf(MSG_DEBUG, "WMM: Surplus Bandwidth Allowance: %u.%04u", | |
1903 | val >> 13, 10000 * (val & 0x1fff) / 0x2000); | |
1904 | val = le_to_host16(tspec->medium_time); | |
1905 | wpa_printf(MSG_DEBUG, "WMM: Medium Time: %u (= %u usec/sec)", | |
1906 | val, 32 * val); | |
1907 | } | |
1908 | ||
1909 | ||
1910 | static int is_wmm_tspec(const u8 *ie, size_t len) | |
1911 | { | |
1912 | const struct wmm_tspec_element *tspec; | |
1913 | ||
1914 | if (len < sizeof(*tspec)) | |
1915 | return 0; | |
1916 | ||
1917 | tspec = (const struct wmm_tspec_element *) ie; | |
1918 | if (tspec->eid != WLAN_EID_VENDOR_SPECIFIC || | |
1919 | tspec->length < sizeof(*tspec) - 2 || | |
1920 | tspec->oui[0] != 0x00 || tspec->oui[1] != 0x50 || | |
1921 | tspec->oui[2] != 0xf2 || tspec->oui_type != 2 || | |
1922 | tspec->oui_subtype != 2 || tspec->version != 1) | |
1923 | return 0; | |
1924 | ||
1925 | return 1; | |
1926 | } | |
1927 | ||
1928 | ||
1929 | static void ieee80211_rx_addts_resp( | |
1930 | struct wpa_supplicant *wpa_s, struct ieee80211_mgmt *mgmt, size_t len, | |
1931 | size_t var_len) | |
1932 | { | |
1933 | struct wmm_tspec_element *tspec; | |
1934 | ||
1935 | wpa_printf(MSG_DEBUG, "WMM: Received ADDTS Response"); | |
1936 | wpa_hexdump(MSG_MSGDUMP, "WMM: ADDTS Response IE(s)", | |
1937 | mgmt->u.action.u.wmm_action.variable, var_len); | |
1938 | if (!is_wmm_tspec(mgmt->u.action.u.wmm_action.variable, var_len)) | |
1939 | return; | |
1940 | tspec = (struct wmm_tspec_element *) | |
1941 | mgmt->u.action.u.wmm_action.variable; | |
1942 | dump_tspec(tspec); | |
1943 | } | |
1944 | ||
1945 | ||
1946 | static void ieee80211_rx_delts( | |
1947 | struct wpa_supplicant *wpa_s, struct ieee80211_mgmt *mgmt, size_t len, | |
1948 | size_t var_len) | |
1949 | { | |
1950 | struct wmm_tspec_element *tspec; | |
1951 | ||
1952 | wpa_printf(MSG_DEBUG, "WMM: Received DELTS"); | |
1953 | wpa_hexdump(MSG_MSGDUMP, "WMM: DELTS IE(s)", | |
1954 | mgmt->u.action.u.wmm_action.variable, var_len); | |
1955 | if (!is_wmm_tspec(mgmt->u.action.u.wmm_action.variable, var_len)) | |
1956 | return; | |
1957 | tspec = (struct wmm_tspec_element *) | |
1958 | mgmt->u.action.u.wmm_action.variable; | |
1959 | dump_tspec(tspec); | |
1960 | } | |
1961 | ||
1962 | ||
1963 | static void ieee80211_rx_mgmt_wmm_action( | |
1964 | struct wpa_supplicant *wpa_s, struct ieee80211_mgmt *mgmt, size_t len, | |
1965 | struct ieee80211_rx_status *rx_status) | |
1966 | { | |
1967 | size_t alen; | |
1968 | ||
1969 | alen = mgmt->u.action.u.wmm_action.variable - (u8 *) mgmt; | |
1970 | if (len < alen) { | |
1971 | wpa_printf(MSG_DEBUG, "WMM: Received Action frame too short"); | |
1972 | return; | |
1973 | } | |
1974 | ||
1975 | wpa_printf(MSG_DEBUG, "WMM: Received Action frame: Action Code %d, " | |
1976 | "Dialog Token %d, Status Code %d", | |
1977 | mgmt->u.action.u.wmm_action.action_code, | |
1978 | mgmt->u.action.u.wmm_action.dialog_token, | |
1979 | mgmt->u.action.u.wmm_action.status_code); | |
1980 | ||
1981 | switch (mgmt->u.action.u.wmm_action.action_code) { | |
1982 | case WMM_ACTION_CODE_ADDTS_RESP: | |
1983 | ieee80211_rx_addts_resp(wpa_s, mgmt, len, len - alen); | |
1984 | break; | |
1985 | case WMM_ACTION_CODE_DELTS: | |
1986 | ieee80211_rx_delts(wpa_s, mgmt, len, len - alen); | |
1987 | break; | |
1988 | default: | |
1989 | wpa_printf(MSG_DEBUG, "WMM: Unsupported Action Code %d", | |
1990 | mgmt->u.action.u.wmm_action.action_code); | |
1991 | break; | |
1992 | } | |
1993 | } | |
1994 | ||
1995 | ||
6fc6879b JM |
1996 | static void ieee80211_rx_mgmt_action(struct wpa_supplicant *wpa_s, |
1997 | struct ieee80211_mgmt *mgmt, | |
1998 | size_t len, | |
1999 | struct ieee80211_rx_status *rx_status) | |
2000 | { | |
2001 | wpa_printf(MSG_DEBUG, "MLME: received Action frame"); | |
2002 | ||
2003 | if (len < 25) | |
2004 | return; | |
2005 | ||
5d22a1d5 JM |
2006 | switch (mgmt->u.action.category) { |
2007 | #ifdef CONFIG_IEEE80211R | |
2008 | case WLAN_ACTION_FT: | |
6fc6879b | 2009 | ieee80211_rx_mgmt_ft_action(wpa_s, mgmt, len, rx_status); |
5d22a1d5 JM |
2010 | break; |
2011 | #endif /* CONFIG_IEEE80211R */ | |
488af690 | 2012 | #ifdef CONFIG_IEEE80211W |
93b76319 JM |
2013 | case WLAN_ACTION_SA_QUERY: |
2014 | ieee80211_rx_mgmt_sa_query_action(wpa_s, mgmt, len, rx_status); | |
5d22a1d5 | 2015 | break; |
5d22a1d5 | 2016 | #endif /* CONFIG_IEEE80211W */ |
ed843aaa JM |
2017 | case WLAN_ACTION_WMM: |
2018 | ieee80211_rx_mgmt_wmm_action(wpa_s, mgmt, len, rx_status); | |
2019 | break; | |
5d22a1d5 | 2020 | default: |
6fc6879b JM |
2021 | wpa_printf(MSG_DEBUG, "MLME: unknown Action Category %d", |
2022 | mgmt->u.action.category); | |
5d22a1d5 JM |
2023 | break; |
2024 | } | |
6fc6879b JM |
2025 | } |
2026 | ||
2027 | ||
2028 | static void ieee80211_sta_rx_mgmt(struct wpa_supplicant *wpa_s, | |
2029 | const u8 *buf, size_t len, | |
2030 | struct ieee80211_rx_status *rx_status) | |
2031 | { | |
2032 | struct ieee80211_mgmt *mgmt; | |
2033 | u16 fc; | |
2034 | ||
2035 | if (len < 24) | |
2036 | return; | |
2037 | ||
2038 | mgmt = (struct ieee80211_mgmt *) buf; | |
2039 | fc = le_to_host16(mgmt->frame_control); | |
2040 | ||
2041 | switch (WLAN_FC_GET_STYPE(fc)) { | |
2042 | case WLAN_FC_STYPE_PROBE_REQ: | |
2043 | ieee80211_rx_mgmt_probe_req(wpa_s, mgmt, len, rx_status); | |
2044 | break; | |
2045 | case WLAN_FC_STYPE_PROBE_RESP: | |
2046 | ieee80211_rx_mgmt_probe_resp(wpa_s, mgmt, len, rx_status); | |
2047 | break; | |
2048 | case WLAN_FC_STYPE_BEACON: | |
2049 | ieee80211_rx_mgmt_beacon(wpa_s, mgmt, len, rx_status); | |
2050 | break; | |
2051 | case WLAN_FC_STYPE_AUTH: | |
2052 | ieee80211_rx_mgmt_auth(wpa_s, mgmt, len, rx_status); | |
2053 | break; | |
2054 | case WLAN_FC_STYPE_ASSOC_RESP: | |
2055 | ieee80211_rx_mgmt_assoc_resp(wpa_s, mgmt, len, rx_status, 0); | |
2056 | break; | |
2057 | case WLAN_FC_STYPE_REASSOC_RESP: | |
2058 | ieee80211_rx_mgmt_assoc_resp(wpa_s, mgmt, len, rx_status, 1); | |
2059 | break; | |
2060 | case WLAN_FC_STYPE_DEAUTH: | |
2061 | ieee80211_rx_mgmt_deauth(wpa_s, mgmt, len, rx_status); | |
2062 | break; | |
2063 | case WLAN_FC_STYPE_DISASSOC: | |
2064 | ieee80211_rx_mgmt_disassoc(wpa_s, mgmt, len, rx_status); | |
2065 | break; | |
2066 | case WLAN_FC_STYPE_ACTION: | |
2067 | ieee80211_rx_mgmt_action(wpa_s, mgmt, len, rx_status); | |
2068 | break; | |
2069 | default: | |
2070 | wpa_printf(MSG_DEBUG, "MLME: received unknown management " | |
2071 | "frame - stype=%d", WLAN_FC_GET_STYPE(fc)); | |
2072 | break; | |
2073 | } | |
2074 | } | |
2075 | ||
2076 | ||
2077 | static void ieee80211_sta_rx_scan(struct wpa_supplicant *wpa_s, | |
2078 | const u8 *buf, size_t len, | |
2079 | struct ieee80211_rx_status *rx_status) | |
2080 | { | |
2081 | struct ieee80211_mgmt *mgmt; | |
2082 | u16 fc; | |
2083 | ||
2084 | if (len < 24) | |
2085 | return; | |
2086 | ||
2087 | mgmt = (struct ieee80211_mgmt *) buf; | |
2088 | fc = le_to_host16(mgmt->frame_control); | |
2089 | ||
2090 | if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT) { | |
2091 | if (WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) { | |
2092 | ieee80211_rx_mgmt_probe_resp(wpa_s, mgmt, | |
2093 | len, rx_status); | |
2094 | } else if (WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) { | |
2095 | ieee80211_rx_mgmt_beacon(wpa_s, mgmt, len, rx_status); | |
2096 | } | |
2097 | } | |
2098 | } | |
2099 | ||
2100 | ||
2101 | static int ieee80211_sta_active_ibss(struct wpa_supplicant *wpa_s) | |
2102 | { | |
2103 | int active = 0; | |
2104 | ||
2105 | #if 0 /* FIX */ | |
2106 | list_for_each(ptr, &local->sta_list) { | |
2107 | sta = list_entry(ptr, struct sta_info, list); | |
2108 | if (sta->dev == dev && | |
2109 | time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL, | |
2110 | jiffies)) { | |
2111 | active++; | |
2112 | break; | |
2113 | } | |
2114 | } | |
2115 | #endif | |
2116 | ||
2117 | return active; | |
2118 | } | |
2119 | ||
2120 | ||
2121 | static void ieee80211_sta_expire(struct wpa_supplicant *wpa_s) | |
2122 | { | |
2123 | #if 0 /* FIX */ | |
2124 | list_for_each_safe(ptr, n, &local->sta_list) { | |
2125 | sta = list_entry(ptr, struct sta_info, list); | |
2126 | if (time_after(jiffies, sta->last_rx + | |
2127 | IEEE80211_IBSS_INACTIVITY_LIMIT)) { | |
2128 | wpa_printf(MSG_DEBUG, "MLME: expiring inactive STA " | |
2129 | MACSTR, MAC2STR(sta->addr)); | |
2130 | sta_info_free(local, sta, 1); | |
2131 | } | |
2132 | } | |
2133 | #endif | |
2134 | } | |
2135 | ||
2136 | ||
2137 | static void ieee80211_sta_merge_ibss(struct wpa_supplicant *wpa_s) | |
2138 | { | |
2139 | ieee80211_reschedule_timer(wpa_s, IEEE80211_IBSS_MERGE_INTERVAL); | |
2140 | ||
2141 | ieee80211_sta_expire(wpa_s); | |
2142 | if (ieee80211_sta_active_ibss(wpa_s)) | |
2143 | return; | |
2144 | ||
2145 | wpa_printf(MSG_DEBUG, "MLME: No active IBSS STAs - trying to scan for " | |
2146 | "other IBSS networks with same SSID (merge)"); | |
2147 | ieee80211_sta_req_scan(wpa_s, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len); | |
2148 | } | |
2149 | ||
2150 | ||
2151 | static void ieee80211_sta_timer(void *eloop_ctx, void *timeout_ctx) | |
2152 | { | |
2153 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
2154 | ||
2155 | switch (wpa_s->mlme.state) { | |
2156 | case IEEE80211_DISABLED: | |
2157 | break; | |
2158 | case IEEE80211_AUTHENTICATE: | |
2159 | ieee80211_authenticate(wpa_s); | |
2160 | break; | |
2161 | case IEEE80211_ASSOCIATE: | |
2162 | ieee80211_associate(wpa_s); | |
2163 | break; | |
2164 | case IEEE80211_ASSOCIATED: | |
2165 | ieee80211_associated(wpa_s); | |
2166 | break; | |
2167 | case IEEE80211_IBSS_SEARCH: | |
2168 | ieee80211_sta_find_ibss(wpa_s); | |
2169 | break; | |
2170 | case IEEE80211_IBSS_JOINED: | |
2171 | ieee80211_sta_merge_ibss(wpa_s); | |
2172 | break; | |
2173 | default: | |
2174 | wpa_printf(MSG_DEBUG, "ieee80211_sta_timer: Unknown state %d", | |
2175 | wpa_s->mlme.state); | |
2176 | break; | |
2177 | } | |
2178 | ||
2179 | if (ieee80211_privacy_mismatch(wpa_s)) { | |
2180 | wpa_printf(MSG_DEBUG, "MLME: privacy configuration mismatch " | |
2181 | "and mixed-cell disabled - disassociate"); | |
2182 | ||
2183 | ieee80211_send_disassoc(wpa_s, WLAN_REASON_UNSPECIFIED); | |
2184 | ieee80211_set_associated(wpa_s, 0); | |
2185 | } | |
2186 | } | |
2187 | ||
2188 | ||
2189 | static void ieee80211_sta_new_auth(struct wpa_supplicant *wpa_s) | |
2190 | { | |
2191 | struct wpa_ssid *ssid = wpa_s->current_ssid; | |
2192 | if (ssid && ssid->mode != 0) | |
2193 | return; | |
2194 | ||
2195 | #if 0 /* FIX */ | |
2196 | if (local->hw->reset_tsf) { | |
2197 | /* Reset own TSF to allow time synchronization work. */ | |
2198 | local->hw->reset_tsf(local->mdev); | |
2199 | } | |
2200 | #endif | |
2201 | ||
2202 | wpa_s->mlme.wmm_last_param_set = -1; /* allow any WMM update */ | |
2203 | ||
2204 | ||
2205 | if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_OPEN) | |
2206 | wpa_s->mlme.auth_alg = WLAN_AUTH_OPEN; | |
2207 | else if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY) | |
2208 | wpa_s->mlme.auth_alg = WLAN_AUTH_SHARED_KEY; | |
2209 | else if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_LEAP) | |
2210 | wpa_s->mlme.auth_alg = WLAN_AUTH_LEAP; | |
2211 | else | |
2212 | wpa_s->mlme.auth_alg = WLAN_AUTH_OPEN; | |
2213 | wpa_printf(MSG_DEBUG, "MLME: Initial auth_alg=%d", | |
2214 | wpa_s->mlme.auth_alg); | |
2215 | wpa_s->mlme.auth_transaction = -1; | |
2216 | wpa_s->mlme.auth_tries = wpa_s->mlme.assoc_tries = 0; | |
2217 | ieee80211_authenticate(wpa_s); | |
2218 | } | |
2219 | ||
2220 | ||
2221 | static int ieee80211_ibss_allowed(struct wpa_supplicant *wpa_s) | |
2222 | { | |
2223 | #if 0 /* FIX */ | |
2224 | int m, c; | |
2225 | ||
2226 | for (m = 0; m < local->hw->num_modes; m++) { | |
2227 | struct ieee80211_hw_modes *mode = &local->hw->modes[m]; | |
2228 | if (mode->mode != local->conf.phymode) | |
2229 | continue; | |
2230 | for (c = 0; c < mode->num_channels; c++) { | |
2231 | struct ieee80211_channel *chan = &mode->channels[c]; | |
2232 | if (chan->flag & IEEE80211_CHAN_W_SCAN && | |
2233 | chan->chan == local->conf.channel) { | |
2234 | if (chan->flag & IEEE80211_CHAN_W_IBSS) | |
2235 | return 1; | |
2236 | break; | |
2237 | } | |
2238 | } | |
2239 | } | |
2240 | #endif | |
2241 | ||
2242 | return 0; | |
2243 | } | |
2244 | ||
2245 | ||
2246 | static int ieee80211_sta_join_ibss(struct wpa_supplicant *wpa_s, | |
2247 | struct ieee80211_sta_bss *bss) | |
2248 | { | |
8bac466b | 2249 | int res = 0, rates, done = 0, bssid_changed; |
6fc6879b JM |
2250 | struct ieee80211_mgmt *mgmt; |
2251 | #if 0 /* FIX */ | |
2252 | struct ieee80211_tx_control control; | |
2253 | struct ieee80211_rate *rate; | |
2254 | struct rate_control_extra extra; | |
2255 | #endif | |
2256 | u8 *pos, *buf; | |
2257 | size_t len; | |
2258 | ||
2259 | /* Remove possible STA entries from other IBSS networks. */ | |
2260 | #if 0 /* FIX */ | |
2261 | sta_info_flush(local, NULL); | |
2262 | ||
2263 | if (local->hw->reset_tsf) { | |
2264 | /* Reset own TSF to allow time synchronization work. */ | |
2265 | local->hw->reset_tsf(local->mdev); | |
2266 | } | |
2267 | #endif | |
8bac466b | 2268 | bssid_changed = os_memcmp(wpa_s->bssid, bss->bssid, ETH_ALEN); |
6fc6879b | 2269 | os_memcpy(wpa_s->bssid, bss->bssid, ETH_ALEN); |
8bac466b JM |
2270 | if (bssid_changed) |
2271 | wpas_notify_bssid_changed(wpa_s); | |
6fc6879b JM |
2272 | |
2273 | #if 0 /* FIX */ | |
2274 | local->conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10; | |
2275 | ||
2276 | sdata->drop_unencrypted = bss->capability & | |
2277 | host_to_le16(WLAN_CAPABILITY_PRIVACY) ? 1 : 0; | |
2278 | #endif | |
2279 | ||
2280 | #if 0 /* FIX */ | |
2281 | os_memset(&rq, 0, sizeof(rq)); | |
2282 | rq.m = bss->freq * 100000; | |
2283 | rq.e = 1; | |
2284 | res = ieee80211_ioctl_siwfreq(wpa_s, NULL, &rq, NULL); | |
2285 | #endif | |
2286 | ||
2287 | if (!ieee80211_ibss_allowed(wpa_s)) { | |
2288 | #if 0 /* FIX */ | |
2289 | wpa_printf(MSG_DEBUG, "MLME: IBSS not allowed on channel %d " | |
2290 | "(%d MHz)", local->conf.channel, | |
2291 | local->conf.freq); | |
2292 | #endif | |
2293 | return -1; | |
2294 | } | |
2295 | ||
2296 | /* Set beacon template based on scan results */ | |
2297 | buf = os_malloc(400); | |
2298 | len = 0; | |
2299 | do { | |
2300 | if (buf == NULL) | |
2301 | break; | |
2302 | ||
2303 | mgmt = (struct ieee80211_mgmt *) buf; | |
2304 | len += 24 + sizeof(mgmt->u.beacon); | |
2305 | os_memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon)); | |
2306 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
2307 | WLAN_FC_STYPE_BEACON); | |
2308 | os_memset(mgmt->da, 0xff, ETH_ALEN); | |
2309 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
2310 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
2311 | #if 0 /* FIX */ | |
2312 | mgmt->u.beacon.beacon_int = | |
2313 | host_to_le16(local->conf.beacon_int); | |
2314 | #endif | |
2315 | mgmt->u.beacon.capab_info = host_to_le16(bss->capability); | |
2316 | ||
2317 | pos = buf + len; | |
2318 | len += 2 + wpa_s->mlme.ssid_len; | |
2319 | *pos++ = WLAN_EID_SSID; | |
2320 | *pos++ = wpa_s->mlme.ssid_len; | |
2321 | os_memcpy(pos, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len); | |
2322 | ||
2323 | rates = bss->supp_rates_len; | |
2324 | if (rates > 8) | |
2325 | rates = 8; | |
2326 | pos = buf + len; | |
2327 | len += 2 + rates; | |
2328 | *pos++ = WLAN_EID_SUPP_RATES; | |
2329 | *pos++ = rates; | |
2330 | os_memcpy(pos, bss->supp_rates, rates); | |
2331 | ||
2332 | pos = buf + len; | |
2333 | len += 2 + 1; | |
2334 | *pos++ = WLAN_EID_DS_PARAMS; | |
2335 | *pos++ = 1; | |
2336 | *pos++ = bss->channel; | |
2337 | ||
2338 | pos = buf + len; | |
2339 | len += 2 + 2; | |
2340 | *pos++ = WLAN_EID_IBSS_PARAMS; | |
2341 | *pos++ = 2; | |
2342 | /* FIX: set ATIM window based on scan results */ | |
2343 | *pos++ = 0; | |
2344 | *pos++ = 0; | |
2345 | ||
2346 | if (bss->supp_rates_len > 8) { | |
2347 | rates = bss->supp_rates_len - 8; | |
2348 | pos = buf + len; | |
2349 | len += 2 + rates; | |
2350 | *pos++ = WLAN_EID_EXT_SUPP_RATES; | |
2351 | *pos++ = rates; | |
2352 | os_memcpy(pos, &bss->supp_rates[8], rates); | |
2353 | } | |
2354 | ||
2355 | #if 0 /* FIX */ | |
2356 | os_memset(&control, 0, sizeof(control)); | |
2357 | control.pkt_type = PKT_PROBE_RESP; | |
2358 | os_memset(&extra, 0, sizeof(extra)); | |
2359 | extra.endidx = local->num_curr_rates; | |
2360 | rate = rate_control_get_rate(wpa_s, skb, &extra); | |
2361 | if (rate == NULL) { | |
2362 | wpa_printf(MSG_DEBUG, "MLME: Failed to determine TX " | |
2363 | "rate for IBSS beacon"); | |
2364 | break; | |
2365 | } | |
2366 | control.tx_rate = (wpa_s->mlme.short_preamble && | |
2367 | (rate->flags & IEEE80211_RATE_PREAMBLE2)) ? | |
2368 | rate->val2 : rate->val; | |
2369 | control.antenna_sel = local->conf.antenna_sel; | |
2370 | control.power_level = local->conf.power_level; | |
2371 | control.no_ack = 1; | |
2372 | control.retry_limit = 1; | |
2373 | control.rts_cts_duration = 0; | |
2374 | #endif | |
2375 | ||
2376 | #if 0 /* FIX */ | |
2377 | wpa_s->mlme.probe_resp = skb_copy(skb, GFP_ATOMIC); | |
2378 | if (wpa_s->mlme.probe_resp) { | |
2379 | mgmt = (struct ieee80211_mgmt *) | |
2380 | wpa_s->mlme.probe_resp->data; | |
2381 | mgmt->frame_control = | |
2382 | IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
2383 | WLAN_FC_STYPE_PROBE_RESP); | |
2384 | } else { | |
2385 | wpa_printf(MSG_DEBUG, "MLME: Could not allocate " | |
2386 | "ProbeResp template for IBSS"); | |
2387 | } | |
2388 | ||
2389 | if (local->hw->beacon_update && | |
2390 | local->hw->beacon_update(wpa_s, skb, &control) == 0) { | |
2391 | wpa_printf(MSG_DEBUG, "MLME: Configured IBSS beacon " | |
2392 | "template based on scan results"); | |
2393 | skb = NULL; | |
2394 | } | |
2395 | ||
2396 | rates = 0; | |
2397 | for (i = 0; i < bss->supp_rates_len; i++) { | |
2398 | int rate = (bss->supp_rates[i] & 0x7f) * 5; | |
2399 | if (local->conf.phymode == MODE_ATHEROS_TURBO) | |
2400 | rate *= 2; | |
2401 | for (j = 0; j < local->num_curr_rates; j++) | |
2402 | if (local->curr_rates[j].rate == rate) | |
2403 | rates |= BIT(j); | |
2404 | } | |
2405 | wpa_s->mlme.supp_rates_bits = rates; | |
2406 | #endif | |
2407 | done = 1; | |
2408 | } while (0); | |
2409 | ||
2410 | os_free(buf); | |
2411 | if (!done) { | |
2412 | wpa_printf(MSG_DEBUG, "MLME: Failed to configure IBSS beacon " | |
2413 | "template"); | |
2414 | } | |
2415 | ||
2416 | wpa_s->mlme.state = IEEE80211_IBSS_JOINED; | |
2417 | ieee80211_reschedule_timer(wpa_s, IEEE80211_IBSS_MERGE_INTERVAL); | |
2418 | ||
2419 | return res; | |
2420 | } | |
2421 | ||
2422 | ||
2423 | #if 0 /* FIX */ | |
2424 | static int ieee80211_sta_create_ibss(struct wpa_supplicant *wpa_s) | |
2425 | { | |
2426 | struct ieee80211_sta_bss *bss; | |
2427 | u8 bssid[ETH_ALEN], *pos; | |
2428 | int i; | |
2429 | ||
2430 | #if 0 | |
2431 | /* Easier testing, use fixed BSSID. */ | |
2432 | os_memset(bssid, 0xfe, ETH_ALEN); | |
2433 | #else | |
2434 | /* Generate random, not broadcast, locally administered BSSID. Mix in | |
2435 | * own MAC address to make sure that devices that do not have proper | |
2436 | * random number generator get different BSSID. */ | |
2437 | os_get_random(bssid, ETH_ALEN); | |
2438 | for (i = 0; i < ETH_ALEN; i++) | |
2439 | bssid[i] ^= wpa_s->own_addr[i]; | |
2440 | bssid[0] &= ~0x01; | |
2441 | bssid[0] |= 0x02; | |
2442 | #endif | |
2443 | ||
2444 | wpa_printf(MSG_DEBUG, "MLME: Creating new IBSS network, BSSID " | |
2445 | MACSTR "", MAC2STR(bssid)); | |
2446 | ||
2447 | bss = ieee80211_bss_add(wpa_s, bssid); | |
2448 | if (bss == NULL) | |
2449 | return -ENOMEM; | |
2450 | ||
2451 | #if 0 /* FIX */ | |
2452 | if (local->conf.beacon_int == 0) | |
2453 | local->conf.beacon_int = 100; | |
2454 | bss->beacon_int = local->conf.beacon_int; | |
2455 | bss->hw_mode = local->conf.phymode; | |
2456 | bss->channel = local->conf.channel; | |
2457 | bss->freq = local->conf.freq; | |
2458 | #endif | |
2459 | os_get_time(&bss->last_update); | |
2460 | bss->capability = host_to_le16(WLAN_CAPABILITY_IBSS); | |
2461 | #if 0 /* FIX */ | |
2462 | if (sdata->default_key) { | |
2463 | bss->capability |= host_to_le16(WLAN_CAPABILITY_PRIVACY); | |
2464 | } else | |
2465 | sdata->drop_unencrypted = 0; | |
2466 | bss->supp_rates_len = local->num_curr_rates; | |
2467 | #endif | |
2468 | pos = bss->supp_rates; | |
2469 | #if 0 /* FIX */ | |
2470 | for (i = 0; i < local->num_curr_rates; i++) { | |
2471 | int rate = local->curr_rates[i].rate; | |
2472 | if (local->conf.phymode == MODE_ATHEROS_TURBO) | |
2473 | rate /= 2; | |
2474 | *pos++ = (u8) (rate / 5); | |
2475 | } | |
2476 | #endif | |
2477 | ||
2478 | return ieee80211_sta_join_ibss(wpa_s, bss); | |
2479 | } | |
2480 | #endif | |
2481 | ||
2482 | ||
2483 | static int ieee80211_sta_find_ibss(struct wpa_supplicant *wpa_s) | |
2484 | { | |
2485 | struct ieee80211_sta_bss *bss; | |
2486 | int found = 0; | |
2487 | u8 bssid[ETH_ALEN]; | |
2488 | int active_ibss; | |
2489 | struct os_time now; | |
2490 | ||
2491 | if (wpa_s->mlme.ssid_len == 0) | |
2492 | return -EINVAL; | |
2493 | ||
2494 | active_ibss = ieee80211_sta_active_ibss(wpa_s); | |
2495 | #ifdef IEEE80211_IBSS_DEBUG | |
2496 | wpa_printf(MSG_DEBUG, "MLME: sta_find_ibss (active_ibss=%d)", | |
2497 | active_ibss); | |
2498 | #endif /* IEEE80211_IBSS_DEBUG */ | |
2499 | for (bss = wpa_s->mlme.sta_bss_list; bss; bss = bss->next) { | |
2500 | if (wpa_s->mlme.ssid_len != bss->ssid_len || | |
2501 | os_memcmp(wpa_s->mlme.ssid, bss->ssid, bss->ssid_len) != 0 | |
2502 | || !(bss->capability & WLAN_CAPABILITY_IBSS)) | |
2503 | continue; | |
2504 | #ifdef IEEE80211_IBSS_DEBUG | |
2505 | wpa_printf(MSG_DEBUG, " bssid=" MACSTR " found", | |
2506 | MAC2STR(bss->bssid)); | |
2507 | #endif /* IEEE80211_IBSS_DEBUG */ | |
2508 | os_memcpy(bssid, bss->bssid, ETH_ALEN); | |
2509 | found = 1; | |
2510 | if (active_ibss || | |
2511 | os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) | |
2512 | break; | |
2513 | } | |
2514 | ||
2515 | #ifdef IEEE80211_IBSS_DEBUG | |
2516 | wpa_printf(MSG_DEBUG, " sta_find_ibss: selected " MACSTR " current " | |
2517 | MACSTR, MAC2STR(bssid), MAC2STR(wpa_s->bssid)); | |
2518 | #endif /* IEEE80211_IBSS_DEBUG */ | |
2519 | if (found && os_memcmp(wpa_s->bssid, bssid, ETH_ALEN) != 0 && | |
2520 | (bss = ieee80211_bss_get(wpa_s, bssid))) { | |
2521 | wpa_printf(MSG_DEBUG, "MLME: Selected IBSS BSSID " MACSTR | |
2522 | " based on configured SSID", | |
2523 | MAC2STR(bssid)); | |
2524 | return ieee80211_sta_join_ibss(wpa_s, bss); | |
2525 | } | |
2526 | #ifdef IEEE80211_IBSS_DEBUG | |
2527 | wpa_printf(MSG_DEBUG, " did not try to join ibss"); | |
2528 | #endif /* IEEE80211_IBSS_DEBUG */ | |
2529 | ||
2530 | /* Selected IBSS not found in current scan results - try to scan */ | |
2531 | os_get_time(&now); | |
2532 | #if 0 /* FIX */ | |
2533 | if (wpa_s->mlme.state == IEEE80211_IBSS_JOINED && | |
2534 | !ieee80211_sta_active_ibss(wpa_s)) { | |
2535 | ieee80211_reschedule_timer(wpa_s, | |
2536 | IEEE80211_IBSS_MERGE_INTERVAL); | |
2537 | } else if (time_after(jiffies, wpa_s->mlme.last_scan_completed + | |
2538 | IEEE80211_SCAN_INTERVAL)) { | |
2539 | wpa_printf(MSG_DEBUG, "MLME: Trigger new scan to find an IBSS " | |
2540 | "to join"); | |
2541 | return ieee80211_sta_req_scan(wpa_s->mlme.ssid, | |
2542 | wpa_s->mlme.ssid_len); | |
2543 | } else if (wpa_s->mlme.state != IEEE80211_IBSS_JOINED) { | |
2544 | int interval = IEEE80211_SCAN_INTERVAL; | |
2545 | ||
2546 | if (time_after(jiffies, wpa_s->mlme.ibss_join_req + | |
2547 | IEEE80211_IBSS_JOIN_TIMEOUT)) { | |
2548 | if (wpa_s->mlme.create_ibss && | |
2549 | ieee80211_ibss_allowed(wpa_s)) | |
2550 | return ieee80211_sta_create_ibss(wpa_s); | |
2551 | if (wpa_s->mlme.create_ibss) { | |
2552 | wpa_printf(MSG_DEBUG, "MLME: IBSS not allowed " | |
2553 | "on the configured channel %d " | |
2554 | "(%d MHz)", | |
2555 | local->conf.channel, | |
2556 | local->conf.freq); | |
2557 | } | |
2558 | ||
2559 | /* No IBSS found - decrease scan interval and continue | |
2560 | * scanning. */ | |
2561 | interval = IEEE80211_SCAN_INTERVAL_SLOW; | |
2562 | } | |
2563 | ||
2564 | wpa_s->mlme.state = IEEE80211_IBSS_SEARCH; | |
2565 | ieee80211_reschedule_timer(wpa_s, interval); | |
2566 | return 0; | |
2567 | } | |
2568 | #endif | |
2569 | ||
2570 | return 0; | |
2571 | } | |
2572 | ||
2573 | ||
2574 | int ieee80211_sta_get_ssid(struct wpa_supplicant *wpa_s, u8 *ssid, | |
2575 | size_t *len) | |
2576 | { | |
2577 | os_memcpy(ssid, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len); | |
2578 | *len = wpa_s->mlme.ssid_len; | |
2579 | return 0; | |
2580 | } | |
2581 | ||
2582 | ||
2583 | int ieee80211_sta_associate(struct wpa_supplicant *wpa_s, | |
2584 | struct wpa_driver_associate_params *params) | |
2585 | { | |
2586 | struct ieee80211_sta_bss *bss; | |
8bac466b | 2587 | int bssid_changed; |
6fc6879b JM |
2588 | |
2589 | wpa_s->mlme.bssid_set = 0; | |
2590 | wpa_s->mlme.freq = params->freq; | |
2591 | if (params->bssid) { | |
8bac466b JM |
2592 | bssid_changed = os_memcmp(wpa_s->bssid, params->bssid, |
2593 | ETH_ALEN); | |
6fc6879b | 2594 | os_memcpy(wpa_s->bssid, params->bssid, ETH_ALEN); |
8bac466b JM |
2595 | if (bssid_changed) |
2596 | wpas_notify_bssid_changed(wpa_s); | |
2597 | ||
a8e16edc | 2598 | if (!is_zero_ether_addr(params->bssid)) |
6fc6879b JM |
2599 | wpa_s->mlme.bssid_set = 1; |
2600 | bss = ieee80211_bss_get(wpa_s, wpa_s->bssid); | |
2601 | if (bss) { | |
2602 | wpa_s->mlme.phymode = bss->hw_mode; | |
2603 | wpa_s->mlme.channel = bss->channel; | |
2604 | wpa_s->mlme.freq = bss->freq; | |
2605 | } | |
2606 | } | |
2607 | ||
2608 | #if 0 /* FIX */ | |
2609 | /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is | |
2610 | * not defined. */ | |
2611 | if (local->hw->conf_tx) { | |
2612 | struct ieee80211_tx_queue_params qparam; | |
2613 | int i; | |
2614 | ||
2615 | os_memset(&qparam, 0, sizeof(qparam)); | |
2616 | /* TODO: are these ok defaults for all hw_modes? */ | |
2617 | qparam.aifs = 2; | |
2618 | qparam.cw_min = | |
2619 | local->conf.phymode == MODE_IEEE80211B ? 31 : 15; | |
2620 | qparam.cw_max = 1023; | |
2621 | qparam.burst_time = 0; | |
2622 | for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++) | |
2623 | { | |
2624 | local->hw->conf_tx(wpa_s, i + IEEE80211_TX_QUEUE_DATA0, | |
2625 | &qparam); | |
2626 | } | |
2627 | /* IBSS uses different parameters for Beacon sending */ | |
2628 | qparam.cw_min++; | |
2629 | qparam.cw_min *= 2; | |
2630 | qparam.cw_min--; | |
2631 | local->hw->conf_tx(wpa_s, IEEE80211_TX_QUEUE_BEACON, &qparam); | |
2632 | } | |
2633 | #endif | |
2634 | ||
2635 | if (wpa_s->mlme.ssid_len != params->ssid_len || | |
2636 | os_memcmp(wpa_s->mlme.ssid, params->ssid, params->ssid_len) != 0) | |
2637 | wpa_s->mlme.prev_bssid_set = 0; | |
2638 | os_memcpy(wpa_s->mlme.ssid, params->ssid, params->ssid_len); | |
2639 | os_memset(wpa_s->mlme.ssid + params->ssid_len, 0, | |
2640 | MAX_SSID_LEN - params->ssid_len); | |
2641 | wpa_s->mlme.ssid_len = params->ssid_len; | |
2642 | wpa_s->mlme.ssid_set = 1; | |
2643 | ||
2644 | os_free(wpa_s->mlme.extra_ie); | |
2645 | if (params->wpa_ie == NULL || params->wpa_ie_len == 0) { | |
2646 | wpa_s->mlme.extra_ie = NULL; | |
2647 | wpa_s->mlme.extra_ie_len = 0; | |
2648 | } else { | |
2649 | wpa_s->mlme.extra_ie = os_malloc(params->wpa_ie_len); | |
2650 | if (wpa_s->mlme.extra_ie == NULL) { | |
2651 | wpa_s->mlme.extra_ie_len = 0; | |
2652 | return -1; | |
2653 | } | |
2654 | os_memcpy(wpa_s->mlme.extra_ie, params->wpa_ie, | |
2655 | params->wpa_ie_len); | |
2656 | wpa_s->mlme.extra_ie_len = params->wpa_ie_len; | |
2657 | } | |
2658 | ||
2659 | wpa_s->mlme.key_mgmt = params->key_mgmt_suite; | |
2660 | ||
2661 | ieee80211_sta_set_channel(wpa_s, wpa_s->mlme.phymode, | |
2662 | wpa_s->mlme.channel, wpa_s->mlme.freq); | |
2663 | ||
2664 | if (params->mode == 1 && !wpa_s->mlme.bssid_set) { | |
2665 | os_get_time(&wpa_s->mlme.ibss_join_req); | |
2666 | wpa_s->mlme.state = IEEE80211_IBSS_SEARCH; | |
2667 | return ieee80211_sta_find_ibss(wpa_s); | |
2668 | } | |
2669 | ||
2670 | if (wpa_s->mlme.bssid_set) | |
2671 | ieee80211_sta_new_auth(wpa_s); | |
2672 | ||
2673 | return 0; | |
2674 | } | |
2675 | ||
2676 | ||
2677 | static void ieee80211_sta_save_oper_chan(struct wpa_supplicant *wpa_s) | |
2678 | { | |
2679 | wpa_s->mlme.scan_oper_channel = wpa_s->mlme.channel; | |
2680 | wpa_s->mlme.scan_oper_freq = wpa_s->mlme.freq; | |
2681 | wpa_s->mlme.scan_oper_phymode = wpa_s->mlme.phymode; | |
2682 | } | |
2683 | ||
2684 | ||
2685 | static int ieee80211_sta_restore_oper_chan(struct wpa_supplicant *wpa_s) | |
2686 | { | |
2687 | wpa_s->mlme.channel = wpa_s->mlme.scan_oper_channel; | |
2688 | wpa_s->mlme.freq = wpa_s->mlme.scan_oper_freq; | |
2689 | wpa_s->mlme.phymode = wpa_s->mlme.scan_oper_phymode; | |
2690 | if (wpa_s->mlme.freq == 0) | |
2691 | return 0; | |
2692 | return ieee80211_sta_set_channel(wpa_s, wpa_s->mlme.phymode, | |
2693 | wpa_s->mlme.channel, | |
2694 | wpa_s->mlme.freq); | |
2695 | } | |
2696 | ||
2697 | ||
2698 | static int ieee80211_active_scan(struct wpa_supplicant *wpa_s) | |
2699 | { | |
2700 | size_t m; | |
2701 | int c; | |
2702 | ||
2703 | for (m = 0; m < wpa_s->mlme.num_modes; m++) { | |
6caf9ca6 | 2704 | struct hostapd_hw_modes *mode = &wpa_s->mlme.modes[m]; |
6fc6879b JM |
2705 | if ((int) mode->mode != (int) wpa_s->mlme.phymode) |
2706 | continue; | |
2707 | for (c = 0; c < mode->num_channels; c++) { | |
6caf9ca6 JM |
2708 | struct hostapd_channel_data *chan = &mode->channels[c]; |
2709 | if (!(chan->flag & HOSTAPD_CHAN_DISABLED) && | |
6fc6879b | 2710 | chan->chan == wpa_s->mlme.channel) { |
6caf9ca6 | 2711 | if (!(chan->flag & HOSTAPD_CHAN_PASSIVE_SCAN)) |
6fc6879b JM |
2712 | return 1; |
2713 | break; | |
2714 | } | |
2715 | } | |
2716 | } | |
2717 | ||
2718 | return 0; | |
2719 | } | |
2720 | ||
2721 | ||
2722 | static void ieee80211_sta_scan_timer(void *eloop_ctx, void *timeout_ctx) | |
2723 | { | |
2724 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
6caf9ca6 JM |
2725 | struct hostapd_hw_modes *mode; |
2726 | struct hostapd_channel_data *chan; | |
6fc6879b JM |
2727 | int skip = 0; |
2728 | int timeout = 0; | |
2729 | struct wpa_ssid *ssid = wpa_s->current_ssid; | |
2730 | int adhoc; | |
2731 | ||
2732 | if (!wpa_s->mlme.sta_scanning || wpa_s->mlme.modes == NULL) | |
2733 | return; | |
2734 | ||
2735 | adhoc = ssid && ssid->mode == 1; | |
2736 | ||
2737 | switch (wpa_s->mlme.scan_state) { | |
2738 | case SCAN_SET_CHANNEL: | |
2739 | mode = &wpa_s->mlme.modes[wpa_s->mlme.scan_hw_mode_idx]; | |
2740 | if (wpa_s->mlme.scan_hw_mode_idx >= | |
2741 | (int) wpa_s->mlme.num_modes || | |
2742 | (wpa_s->mlme.scan_hw_mode_idx + 1 == | |
2743 | (int) wpa_s->mlme.num_modes | |
2744 | && wpa_s->mlme.scan_channel_idx >= mode->num_channels)) { | |
2745 | if (ieee80211_sta_restore_oper_chan(wpa_s)) { | |
2746 | wpa_printf(MSG_DEBUG, "MLME: failed to " | |
2747 | "restore operational channel after " | |
2748 | "scan"); | |
2749 | } | |
2750 | wpa_printf(MSG_DEBUG, "MLME: scan completed"); | |
2751 | wpa_s->mlme.sta_scanning = 0; | |
2752 | os_get_time(&wpa_s->mlme.last_scan_completed); | |
2753 | wpa_supplicant_event(wpa_s, EVENT_SCAN_RESULTS, NULL); | |
2754 | if (adhoc) { | |
2755 | if (!wpa_s->mlme.bssid_set || | |
2756 | (wpa_s->mlme.state == | |
2757 | IEEE80211_IBSS_JOINED && | |
2758 | !ieee80211_sta_active_ibss(wpa_s))) | |
2759 | ieee80211_sta_find_ibss(wpa_s); | |
2760 | } | |
2761 | return; | |
2762 | } | |
2763 | skip = !(wpa_s->mlme.hw_modes & (1 << mode->mode)); | |
2764 | chan = &mode->channels[wpa_s->mlme.scan_channel_idx]; | |
6caf9ca6 JM |
2765 | if ((chan->flag & HOSTAPD_CHAN_DISABLED) || |
2766 | (adhoc && (chan->flag & HOSTAPD_CHAN_NO_IBSS)) || | |
2767 | (wpa_s->mlme.hw_modes & (1 << HOSTAPD_MODE_IEEE80211G) && | |
2768 | mode->mode == HOSTAPD_MODE_IEEE80211B && | |
6fc6879b JM |
2769 | wpa_s->mlme.scan_skip_11b)) |
2770 | skip = 1; | |
2771 | ||
2772 | if (!skip) { | |
2773 | wpa_printf(MSG_MSGDUMP, | |
2774 | "MLME: scan channel %d (%d MHz)", | |
2775 | chan->chan, chan->freq); | |
2776 | ||
2777 | wpa_s->mlme.channel = chan->chan; | |
2778 | wpa_s->mlme.freq = chan->freq; | |
2779 | wpa_s->mlme.phymode = mode->mode; | |
2780 | if (ieee80211_sta_set_channel(wpa_s, mode->mode, | |
2781 | chan->chan, chan->freq)) | |
2782 | { | |
2783 | wpa_printf(MSG_DEBUG, "MLME: failed to set " | |
2784 | "channel %d (%d MHz) for scan", | |
2785 | chan->chan, chan->freq); | |
2786 | skip = 1; | |
2787 | } | |
2788 | } | |
2789 | ||
2790 | wpa_s->mlme.scan_channel_idx++; | |
2791 | if (wpa_s->mlme.scan_channel_idx >= | |
2792 | wpa_s->mlme.modes[wpa_s->mlme.scan_hw_mode_idx]. | |
2793 | num_channels) { | |
2794 | wpa_s->mlme.scan_hw_mode_idx++; | |
2795 | wpa_s->mlme.scan_channel_idx = 0; | |
2796 | } | |
2797 | ||
2798 | if (skip) { | |
2799 | timeout = 0; | |
2800 | break; | |
2801 | } | |
2802 | ||
2803 | timeout = IEEE80211_PROBE_DELAY; | |
2804 | wpa_s->mlme.scan_state = SCAN_SEND_PROBE; | |
2805 | break; | |
2806 | case SCAN_SEND_PROBE: | |
2807 | if (ieee80211_active_scan(wpa_s)) { | |
2808 | ieee80211_send_probe_req(wpa_s, NULL, | |
2809 | wpa_s->mlme.scan_ssid, | |
2810 | wpa_s->mlme.scan_ssid_len); | |
2811 | timeout = IEEE80211_CHANNEL_TIME; | |
2812 | } else { | |
2813 | timeout = IEEE80211_PASSIVE_CHANNEL_TIME; | |
2814 | } | |
2815 | wpa_s->mlme.scan_state = SCAN_SET_CHANNEL; | |
2816 | break; | |
2817 | } | |
2818 | ||
2819 | eloop_register_timeout(timeout / 1000, 1000 * (timeout % 1000), | |
2820 | ieee80211_sta_scan_timer, wpa_s, NULL); | |
2821 | } | |
2822 | ||
2823 | ||
2824 | int ieee80211_sta_req_scan(struct wpa_supplicant *wpa_s, const u8 *ssid, | |
2825 | size_t ssid_len) | |
2826 | { | |
2827 | if (ssid_len > MAX_SSID_LEN) | |
2828 | return -1; | |
2829 | ||
2830 | /* MLME-SCAN.request (page 118) page 144 (11.1.3.1) | |
2831 | * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS | |
2832 | * BSSID: MACAddress | |
2833 | * SSID | |
2834 | * ScanType: ACTIVE, PASSIVE | |
2835 | * ProbeDelay: delay (in microseconds) to be used prior to transmitting | |
2836 | * a Probe frame during active scanning | |
2837 | * ChannelList | |
2838 | * MinChannelTime (>= ProbeDelay), in TU | |
2839 | * MaxChannelTime: (>= MinChannelTime), in TU | |
2840 | */ | |
2841 | ||
2842 | /* MLME-SCAN.confirm | |
2843 | * BSSDescriptionSet | |
2844 | * ResultCode: SUCCESS, INVALID_PARAMETERS | |
2845 | */ | |
2846 | ||
2847 | /* TODO: if assoc, move to power save mode for the duration of the | |
2848 | * scan */ | |
2849 | ||
2850 | if (wpa_s->mlme.sta_scanning) | |
2851 | return -1; | |
2852 | ||
2853 | wpa_printf(MSG_DEBUG, "MLME: starting scan"); | |
2854 | ||
2855 | ieee80211_sta_save_oper_chan(wpa_s); | |
2856 | ||
2857 | wpa_s->mlme.sta_scanning = 1; | |
2858 | /* TODO: stop TX queue? */ | |
2859 | ||
2860 | if (ssid) { | |
2861 | wpa_s->mlme.scan_ssid_len = ssid_len; | |
2862 | os_memcpy(wpa_s->mlme.scan_ssid, ssid, ssid_len); | |
2863 | } else | |
2864 | wpa_s->mlme.scan_ssid_len = 0; | |
2865 | wpa_s->mlme.scan_skip_11b = 1; /* FIX: clear this is 11g is not | |
2866 | * supported */ | |
2867 | wpa_s->mlme.scan_state = SCAN_SET_CHANNEL; | |
2868 | wpa_s->mlme.scan_hw_mode_idx = 0; | |
2869 | wpa_s->mlme.scan_channel_idx = 0; | |
2870 | eloop_register_timeout(0, 1, ieee80211_sta_scan_timer, wpa_s, NULL); | |
2871 | ||
2872 | return 0; | |
2873 | } | |
2874 | ||
2875 | ||
2876 | struct wpa_scan_results * | |
2877 | ieee80211_sta_get_scan_results(struct wpa_supplicant *wpa_s) | |
2878 | { | |
2879 | size_t ap_num = 0; | |
2880 | struct wpa_scan_results *res; | |
2881 | struct wpa_scan_res *r; | |
2882 | struct ieee80211_sta_bss *bss; | |
2883 | ||
2884 | res = os_zalloc(sizeof(*res)); | |
2885 | for (bss = wpa_s->mlme.sta_bss_list; bss; bss = bss->next) | |
2886 | ap_num++; | |
2887 | res->res = os_zalloc(ap_num * sizeof(struct wpa_scan_res *)); | |
2888 | if (res->res == NULL) { | |
2889 | os_free(res); | |
2890 | return NULL; | |
2891 | } | |
2892 | ||
2893 | for (bss = wpa_s->mlme.sta_bss_list; bss; bss = bss->next) { | |
2894 | r = os_zalloc(sizeof(*r) + bss->ie_len); | |
2895 | if (r == NULL) | |
2896 | break; | |
2897 | os_memcpy(r->bssid, bss->bssid, ETH_ALEN); | |
2898 | r->freq = bss->freq; | |
2899 | r->beacon_int = bss->beacon_int; | |
2900 | r->caps = bss->capability; | |
2901 | r->level = bss->rssi; | |
2902 | r->tsf = bss->timestamp; | |
2903 | if (bss->ie) { | |
2904 | r->ie_len = bss->ie_len; | |
2905 | os_memcpy(r + 1, bss->ie, bss->ie_len); | |
2906 | } | |
2907 | ||
2908 | res->res[res->num++] = r; | |
2909 | } | |
2910 | ||
2911 | return res; | |
2912 | } | |
2913 | ||
2914 | ||
2915 | #if 0 /* FIX */ | |
2916 | struct sta_info * ieee80211_ibss_add_sta(struct wpa_supplicant *wpa_s, | |
2917 | struct sk_buff *skb, u8 *bssid, | |
2918 | u8 *addr) | |
2919 | { | |
2920 | struct ieee80211_local *local = dev->priv; | |
2921 | struct list_head *ptr; | |
2922 | struct sta_info *sta; | |
2923 | struct wpa_supplicant *sta_dev = NULL; | |
2924 | ||
2925 | /* TODO: Could consider removing the least recently used entry and | |
2926 | * allow new one to be added. */ | |
2927 | if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) { | |
2928 | if (net_ratelimit()) { | |
2929 | wpa_printf(MSG_DEBUG, "MLME: No room for a new IBSS " | |
2930 | "STA entry " MACSTR, MAC2STR(addr)); | |
2931 | } | |
2932 | return NULL; | |
2933 | } | |
2934 | ||
2935 | spin_lock_bh(&local->sub_if_lock); | |
2936 | list_for_each(ptr, &local->sub_if_list) { | |
2937 | sdata = list_entry(ptr, struct ieee80211_sub_if_data, list); | |
2938 | if (sdata->type == IEEE80211_SUB_IF_TYPE_STA && | |
2939 | os_memcmp(bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) { | |
2940 | sta_dev = sdata->dev; | |
2941 | break; | |
2942 | } | |
2943 | } | |
2944 | spin_unlock_bh(&local->sub_if_lock); | |
2945 | ||
2946 | if (sta_dev == NULL) | |
2947 | return NULL; | |
2948 | ||
2949 | wpa_printf(MSG_DEBUG, "MLME: Adding new IBSS station " MACSTR | |
2950 | " (dev=%s)", MAC2STR(addr), sta_dev->name); | |
2951 | ||
2952 | sta = sta_info_add(wpa_s, addr); | |
2953 | if (sta == NULL) { | |
2954 | return NULL; | |
2955 | } | |
2956 | ||
2957 | sta->dev = sta_dev; | |
2958 | sta->supp_rates = wpa_s->mlme.supp_rates_bits; | |
2959 | ||
2960 | rate_control_rate_init(local, sta); | |
2961 | ||
2962 | return sta; /* caller will call sta_info_release() */ | |
2963 | } | |
2964 | #endif | |
2965 | ||
2966 | ||
2967 | int ieee80211_sta_deauthenticate(struct wpa_supplicant *wpa_s, u16 reason) | |
2968 | { | |
2969 | wpa_printf(MSG_DEBUG, "MLME: deauthenticate(reason=%d)", reason); | |
2970 | ||
2971 | ieee80211_send_deauth(wpa_s, reason); | |
2972 | ieee80211_set_associated(wpa_s, 0); | |
2973 | return 0; | |
2974 | } | |
2975 | ||
2976 | ||
2977 | int ieee80211_sta_disassociate(struct wpa_supplicant *wpa_s, u16 reason) | |
2978 | { | |
2979 | wpa_printf(MSG_DEBUG, "MLME: disassociate(reason=%d)", reason); | |
2980 | ||
2981 | if (!wpa_s->mlme.associated) | |
2982 | return -1; | |
2983 | ||
2984 | ieee80211_send_disassoc(wpa_s, reason); | |
2985 | ieee80211_set_associated(wpa_s, 0); | |
2986 | return 0; | |
2987 | } | |
2988 | ||
2989 | ||
2990 | void ieee80211_sta_rx(struct wpa_supplicant *wpa_s, const u8 *buf, size_t len, | |
2991 | struct ieee80211_rx_status *rx_status) | |
2992 | { | |
2993 | struct ieee80211_mgmt *mgmt; | |
2994 | u16 fc; | |
2995 | const u8 *pos; | |
2996 | ||
2997 | /* wpa_hexdump(MSG_MSGDUMP, "MLME: Received frame", buf, len); */ | |
2998 | ||
2999 | if (wpa_s->mlme.sta_scanning) { | |
3000 | ieee80211_sta_rx_scan(wpa_s, buf, len, rx_status); | |
3001 | return; | |
3002 | } | |
3003 | ||
3004 | if (len < 24) | |
3005 | return; | |
3006 | ||
3007 | mgmt = (struct ieee80211_mgmt *) buf; | |
3008 | fc = le_to_host16(mgmt->frame_control); | |
3009 | ||
3010 | if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT) | |
3011 | ieee80211_sta_rx_mgmt(wpa_s, buf, len, rx_status); | |
3012 | else if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_DATA) { | |
3013 | if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) != | |
3014 | WLAN_FC_FROMDS) | |
3015 | return; | |
3016 | /* mgmt->sa is actually BSSID for FromDS data frames */ | |
3017 | if (os_memcmp(mgmt->sa, wpa_s->bssid, ETH_ALEN) != 0) | |
3018 | return; | |
3019 | /* Skip IEEE 802.11 and LLC headers */ | |
3020 | pos = buf + 24 + 6; | |
3021 | if (WPA_GET_BE16(pos) != ETH_P_EAPOL) | |
3022 | return; | |
3023 | pos += 2; | |
3024 | /* mgmt->bssid is actually BSSID for SA data frames */ | |
3025 | wpa_supplicant_rx_eapol(wpa_s, mgmt->bssid, | |
3026 | pos, buf + len - pos); | |
3027 | } | |
3028 | } | |
3029 | ||
3030 | ||
6caf9ca6 | 3031 | void ieee80211_sta_free_hw_features(struct hostapd_hw_modes *hw_features, |
6fc6879b JM |
3032 | size_t num_hw_features) |
3033 | { | |
3034 | size_t i; | |
3035 | ||
3036 | if (hw_features == NULL) | |
3037 | return; | |
3038 | ||
3039 | for (i = 0; i < num_hw_features; i++) { | |
3040 | os_free(hw_features[i].channels); | |
3041 | os_free(hw_features[i].rates); | |
3042 | } | |
3043 | ||
3044 | os_free(hw_features); | |
3045 | } | |
3046 | ||
3047 | ||
3048 | int ieee80211_sta_init(struct wpa_supplicant *wpa_s) | |
3049 | { | |
3050 | u16 num_modes, flags; | |
3051 | ||
3052 | wpa_s->mlme.modes = wpa_drv_get_hw_feature_data(wpa_s, &num_modes, | |
3053 | &flags); | |
3054 | if (wpa_s->mlme.modes == NULL) { | |
3055 | wpa_printf(MSG_ERROR, "MLME: Failed to read supported " | |
3056 | "channels and rates from the driver"); | |
3057 | return -1; | |
3058 | } | |
3059 | ||
3060 | wpa_s->mlme.num_modes = num_modes; | |
3061 | ||
6caf9ca6 JM |
3062 | wpa_s->mlme.hw_modes = 1 << HOSTAPD_MODE_IEEE80211A; |
3063 | wpa_s->mlme.hw_modes |= 1 << HOSTAPD_MODE_IEEE80211B; | |
3064 | wpa_s->mlme.hw_modes |= 1 << HOSTAPD_MODE_IEEE80211G; | |
6fc6879b | 3065 | |
5c3dd4eb JM |
3066 | wpa_s->mlme.wmm_enabled = 1; |
3067 | ||
6fc6879b JM |
3068 | return 0; |
3069 | } | |
3070 | ||
3071 | ||
3072 | void ieee80211_sta_deinit(struct wpa_supplicant *wpa_s) | |
3073 | { | |
3074 | eloop_cancel_timeout(ieee80211_sta_timer, wpa_s, NULL); | |
3075 | eloop_cancel_timeout(ieee80211_sta_scan_timer, wpa_s, NULL); | |
3076 | os_free(wpa_s->mlme.extra_ie); | |
3077 | wpa_s->mlme.extra_ie = NULL; | |
3078 | os_free(wpa_s->mlme.extra_probe_ie); | |
3079 | wpa_s->mlme.extra_probe_ie = NULL; | |
3080 | os_free(wpa_s->mlme.assocreq_ies); | |
3081 | wpa_s->mlme.assocreq_ies = NULL; | |
3082 | os_free(wpa_s->mlme.assocresp_ies); | |
3083 | wpa_s->mlme.assocresp_ies = NULL; | |
3084 | ieee80211_bss_list_deinit(wpa_s); | |
3085 | ieee80211_sta_free_hw_features(wpa_s->mlme.modes, | |
3086 | wpa_s->mlme.num_modes); | |
3087 | #ifdef CONFIG_IEEE80211R | |
3088 | os_free(wpa_s->mlme.ft_ies); | |
3089 | wpa_s->mlme.ft_ies = NULL; | |
3090 | wpa_s->mlme.ft_ies_len = 0; | |
3091 | #endif /* CONFIG_IEEE80211R */ | |
3092 | } | |
3093 | ||
3094 | ||
3095 | #ifdef CONFIG_IEEE80211R | |
3096 | ||
3097 | int ieee80211_sta_update_ft_ies(struct wpa_supplicant *wpa_s, const u8 *md, | |
3098 | const u8 *ies, size_t ies_len) | |
3099 | { | |
3100 | if (md == NULL) { | |
3101 | wpa_printf(MSG_DEBUG, "MLME: Clear FT mobility domain"); | |
3102 | os_memset(wpa_s->mlme.current_md, 0, MOBILITY_DOMAIN_ID_LEN); | |
3103 | } else { | |
3104 | wpa_printf(MSG_DEBUG, "MLME: Update FT IEs for MD " MACSTR, | |
3105 | MAC2STR(md)); | |
3106 | os_memcpy(wpa_s->mlme.current_md, md, MOBILITY_DOMAIN_ID_LEN); | |
3107 | } | |
3108 | ||
3109 | wpa_hexdump(MSG_DEBUG, "MLME: FT IEs", ies, ies_len); | |
3110 | os_free(wpa_s->mlme.ft_ies); | |
3111 | wpa_s->mlme.ft_ies = os_malloc(ies_len); | |
3112 | if (wpa_s->mlme.ft_ies == NULL) | |
3113 | return -1; | |
3114 | os_memcpy(wpa_s->mlme.ft_ies, ies, ies_len); | |
3115 | wpa_s->mlme.ft_ies_len = ies_len; | |
3116 | ||
3117 | return 0; | |
3118 | } | |
3119 | ||
3120 | ||
3121 | int ieee80211_sta_send_ft_action(struct wpa_supplicant *wpa_s, u8 action, | |
3122 | const u8 *target_ap, | |
3123 | const u8 *ies, size_t ies_len) | |
3124 | { | |
3125 | u8 *buf; | |
3126 | size_t len; | |
3127 | struct ieee80211_mgmt *mgmt; | |
3128 | int res; | |
3129 | ||
3130 | /* | |
3131 | * Action frame payload: | |
3132 | * Category[1] = 6 (Fast BSS Transition) | |
3133 | * Action[1] = 1 (Fast BSS Transition Request) | |
3134 | * STA Address | |
3135 | * Target AP Address | |
3136 | * FT IEs | |
3137 | */ | |
3138 | ||
3139 | buf = os_zalloc(sizeof(*mgmt) + ies_len); | |
3140 | if (buf == NULL) { | |
3141 | wpa_printf(MSG_DEBUG, "MLME: Failed to allocate buffer for " | |
3142 | "FT action frame"); | |
3143 | return -1; | |
3144 | } | |
3145 | ||
3146 | mgmt = (struct ieee80211_mgmt *) buf; | |
3147 | len = 24; | |
3148 | os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN); | |
3149 | os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN); | |
3150 | os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN); | |
3151 | mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, | |
3152 | WLAN_FC_STYPE_ACTION); | |
3153 | mgmt->u.action.category = WLAN_ACTION_FT; | |
3154 | mgmt->u.action.u.ft_action_req.action = action; | |
3155 | os_memcpy(mgmt->u.action.u.ft_action_req.sta_addr, wpa_s->own_addr, | |
3156 | ETH_ALEN); | |
3157 | os_memcpy(mgmt->u.action.u.ft_action_req.target_ap_addr, target_ap, | |
3158 | ETH_ALEN); | |
3159 | os_memcpy(mgmt->u.action.u.ft_action_req.variable, ies, ies_len); | |
3160 | len += 1 + sizeof(mgmt->u.action.u.ft_action_req) + ies_len; | |
3161 | ||
3162 | wpa_printf(MSG_DEBUG, "MLME: Send FT Action Frame: Action=%d " | |
fa2ec7eb JM |
3163 | "Target AP=" MACSTR " body_len=%lu", |
3164 | action, MAC2STR(target_ap), (unsigned long) ies_len); | |
6fc6879b JM |
3165 | |
3166 | res = ieee80211_sta_tx(wpa_s, buf, len); | |
3167 | os_free(buf); | |
3168 | ||
3169 | return res; | |
3170 | } | |
3171 | ||
3172 | #endif /* CONFIG_IEEE80211R */ | |
3173 | ||
3174 | ||
3175 | int ieee80211_sta_set_probe_req_ie(struct wpa_supplicant *wpa_s, const u8 *ies, | |
3176 | size_t ies_len) | |
3177 | { | |
3178 | os_free(wpa_s->mlme.extra_probe_ie); | |
3179 | wpa_s->mlme.extra_probe_ie = NULL; | |
3180 | wpa_s->mlme.extra_probe_ie_len = 0; | |
3181 | ||
3182 | if (ies == NULL) | |
3183 | return 0; | |
3184 | ||
3185 | wpa_s->mlme.extra_probe_ie = os_malloc(ies_len); | |
3186 | if (wpa_s->mlme.extra_probe_ie == NULL) | |
3187 | return -1; | |
3188 | ||
3189 | os_memcpy(wpa_s->mlme.extra_probe_ie, ies, ies_len); | |
3190 | wpa_s->mlme.extra_probe_ie_len = ies_len; | |
3191 | ||
3192 | return 0; | |
3193 | } |