]>
Commit | Line | Data |
---|---|---|
c2a04078 JM |
1 | /* |
2 | * wpa_supplicant - SME | |
71024cb2 | 3 | * Copyright (c) 2009-2010, Jouni Malinen <j@w1.fi> |
c2a04078 JM |
4 | * |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License version 2 as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * Alternatively, this software may be distributed under the terms of BSD | |
10 | * license. | |
11 | * | |
12 | * See README and COPYING for more details. | |
13 | */ | |
14 | ||
15 | #include "includes.h" | |
16 | ||
17 | #include "common.h" | |
7d878ca7 | 18 | #include "utils/eloop.h" |
90973fb2 | 19 | #include "common/ieee802_11_defs.h" |
d9a27b04 | 20 | #include "common/ieee802_11_common.h" |
c2a04078 | 21 | #include "eapol_supp/eapol_supp_sm.h" |
90973fb2 | 22 | #include "common/wpa_common.h" |
3acb5005 JM |
23 | #include "rsn_supp/wpa.h" |
24 | #include "rsn_supp/pmksa_cache.h" | |
c2a04078 JM |
25 | #include "config.h" |
26 | #include "wpa_supplicant_i.h" | |
2d5b792d | 27 | #include "driver_i.h" |
c2a04078 JM |
28 | #include "wpas_glue.h" |
29 | #include "wps_supplicant.h" | |
5f3a6aa0 | 30 | #include "p2p_supplicant.h" |
8bac466b | 31 | #include "notify.h" |
76d11d3f | 32 | #include "blacklist.h" |
6fa81a3b | 33 | #include "bss.h" |
9ba9fa07 | 34 | #include "scan.h" |
c2a04078 JM |
35 | #include "sme.h" |
36 | ||
37 | void sme_authenticate(struct wpa_supplicant *wpa_s, | |
6fa81a3b | 38 | struct wpa_bss *bss, struct wpa_ssid *ssid) |
c2a04078 JM |
39 | { |
40 | struct wpa_driver_auth_params params; | |
8bac466b | 41 | struct wpa_ssid *old_ssid; |
fdbe50ed | 42 | #ifdef CONFIG_IEEE80211R |
c2a04078 | 43 | const u8 *ie; |
fdbe50ed | 44 | #endif /* CONFIG_IEEE80211R */ |
c2a04078 JM |
45 | #ifdef CONFIG_IEEE80211R |
46 | const u8 *md = NULL; | |
47 | #endif /* CONFIG_IEEE80211R */ | |
8bac466b | 48 | int i, bssid_changed; |
c2a04078 JM |
49 | |
50 | if (bss == NULL) { | |
51 | wpa_printf(MSG_ERROR, "SME: No scan result available for the " | |
52 | "network"); | |
53 | return; | |
54 | } | |
55 | ||
8f770587 JM |
56 | wpa_s->current_bss = bss; |
57 | ||
c2a04078 JM |
58 | os_memset(¶ms, 0, sizeof(params)); |
59 | wpa_s->reassociate = 0; | |
60 | ||
61 | params.freq = bss->freq; | |
62 | params.bssid = bss->bssid; | |
6fa81a3b JM |
63 | params.ssid = bss->ssid; |
64 | params.ssid_len = bss->ssid_len; | |
c2a04078 | 65 | |
62fa124c JM |
66 | if (wpa_s->sme.ssid_len != params.ssid_len || |
67 | os_memcmp(wpa_s->sme.ssid, params.ssid, params.ssid_len) != 0) | |
68 | wpa_s->sme.prev_bssid_set = 0; | |
69 | ||
c2a04078 JM |
70 | wpa_s->sme.freq = params.freq; |
71 | os_memcpy(wpa_s->sme.ssid, params.ssid, params.ssid_len); | |
72 | wpa_s->sme.ssid_len = params.ssid_len; | |
73 | ||
abd9fafa | 74 | params.auth_alg = WPA_AUTH_ALG_OPEN; |
c2a04078 JM |
75 | #ifdef IEEE8021X_EAPOL |
76 | if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { | |
77 | if (ssid->leap) { | |
78 | if (ssid->non_leap == 0) | |
abd9fafa | 79 | params.auth_alg = WPA_AUTH_ALG_LEAP; |
c2a04078 | 80 | else |
abd9fafa | 81 | params.auth_alg |= WPA_AUTH_ALG_LEAP; |
c2a04078 JM |
82 | } |
83 | } | |
84 | #endif /* IEEE8021X_EAPOL */ | |
85 | wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", | |
86 | params.auth_alg); | |
87 | if (ssid->auth_alg) { | |
abd9fafa | 88 | params.auth_alg = ssid->auth_alg; |
c2a04078 JM |
89 | wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x", |
90 | params.auth_alg); | |
91 | } | |
92 | ||
a0b2f99b JM |
93 | for (i = 0; i < NUM_WEP_KEYS; i++) { |
94 | if (ssid->wep_key_len[i]) | |
95 | params.wep_key[i] = ssid->wep_key[i]; | |
96 | params.wep_key_len[i] = ssid->wep_key_len[i]; | |
97 | } | |
98 | params.wep_tx_keyidx = ssid->wep_tx_keyidx; | |
99 | ||
8bac466b | 100 | bssid_changed = !is_zero_ether_addr(wpa_s->bssid); |
c2a04078 JM |
101 | os_memset(wpa_s->bssid, 0, ETH_ALEN); |
102 | os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); | |
8bac466b JM |
103 | if (bssid_changed) |
104 | wpas_notify_bssid_changed(wpa_s); | |
c2a04078 | 105 | |
f337f0e9 JM |
106 | if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || |
107 | wpa_bss_get_ie(bss, WLAN_EID_RSN)) && | |
c2a04078 JM |
108 | (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK | |
109 | WPA_KEY_MGMT_FT_IEEE8021X | | |
110 | WPA_KEY_MGMT_FT_PSK | | |
111 | WPA_KEY_MGMT_IEEE8021X_SHA256 | | |
112 | WPA_KEY_MGMT_PSK_SHA256))) { | |
113 | int try_opportunistic; | |
114 | try_opportunistic = ssid->proactive_key_caching && | |
115 | (ssid->proto & WPA_PROTO_RSN); | |
116 | if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, | |
117 | wpa_s->current_ssid, | |
118 | try_opportunistic) == 0) | |
119 | eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); | |
120 | wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); | |
121 | if (wpa_supplicant_set_suites(wpa_s, bss, ssid, | |
122 | wpa_s->sme.assoc_req_ie, | |
123 | &wpa_s->sme.assoc_req_ie_len)) { | |
124 | wpa_printf(MSG_WARNING, "SME: Failed to set WPA key " | |
125 | "management and encryption suites"); | |
126 | return; | |
127 | } | |
128 | } else if (ssid->key_mgmt & | |
129 | (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X | | |
130 | WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK | | |
131 | WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 | | |
132 | WPA_KEY_MGMT_IEEE8021X_SHA256)) { | |
133 | wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); | |
134 | if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, | |
135 | wpa_s->sme.assoc_req_ie, | |
136 | &wpa_s->sme.assoc_req_ie_len)) { | |
137 | wpa_printf(MSG_WARNING, "SME: Failed to set WPA key " | |
138 | "management and encryption suites (no scan " | |
139 | "results)"); | |
140 | return; | |
141 | } | |
142 | #ifdef CONFIG_WPS | |
143 | } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { | |
144 | struct wpabuf *wps_ie; | |
145 | wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); | |
146 | if (wps_ie && wpabuf_len(wps_ie) <= | |
147 | sizeof(wpa_s->sme.assoc_req_ie)) { | |
148 | wpa_s->sme.assoc_req_ie_len = wpabuf_len(wps_ie); | |
149 | os_memcpy(wpa_s->sme.assoc_req_ie, wpabuf_head(wps_ie), | |
150 | wpa_s->sme.assoc_req_ie_len); | |
151 | } else | |
152 | wpa_s->sme.assoc_req_ie_len = 0; | |
153 | wpabuf_free(wps_ie); | |
154 | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); | |
155 | #endif /* CONFIG_WPS */ | |
156 | } else { | |
157 | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); | |
158 | wpa_s->sme.assoc_req_ie_len = 0; | |
159 | } | |
160 | ||
161 | #ifdef CONFIG_IEEE80211R | |
6fa81a3b | 162 | ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); |
c2a04078 JM |
163 | if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) |
164 | md = ie + 2; | |
e7846b68 | 165 | wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); |
c2a04078 JM |
166 | if (md) { |
167 | /* Prepare for the next transition */ | |
76b7981d | 168 | wpa_ft_prepare_auth_request(wpa_s->wpa, ie); |
c2a04078 JM |
169 | } |
170 | ||
171 | if (md && ssid->key_mgmt & (WPA_KEY_MGMT_FT_PSK | | |
172 | WPA_KEY_MGMT_FT_IEEE8021X)) { | |
173 | if (wpa_s->sme.assoc_req_ie_len + 5 < | |
174 | sizeof(wpa_s->sme.assoc_req_ie)) { | |
175 | struct rsn_mdie *mdie; | |
176 | u8 *pos = wpa_s->sme.assoc_req_ie + | |
177 | wpa_s->sme.assoc_req_ie_len; | |
178 | *pos++ = WLAN_EID_MOBILITY_DOMAIN; | |
179 | *pos++ = sizeof(*mdie); | |
180 | mdie = (struct rsn_mdie *) pos; | |
181 | os_memcpy(mdie->mobility_domain, md, | |
182 | MOBILITY_DOMAIN_ID_LEN); | |
f4ec630d | 183 | mdie->ft_capab = md[MOBILITY_DOMAIN_ID_LEN]; |
c2a04078 JM |
184 | wpa_s->sme.assoc_req_ie_len += 5; |
185 | } | |
186 | ||
187 | if (wpa_s->sme.ft_used && | |
0d7b4409 JM |
188 | os_memcmp(md, wpa_s->sme.mobility_domain, 2) == 0 && |
189 | wpa_sm_has_ptk(wpa_s->wpa)) { | |
c2a04078 JM |
190 | wpa_printf(MSG_DEBUG, "SME: Trying to use FT " |
191 | "over-the-air"); | |
abd9fafa | 192 | params.auth_alg = WPA_AUTH_ALG_FT; |
c2a04078 JM |
193 | params.ie = wpa_s->sme.ft_ies; |
194 | params.ie_len = wpa_s->sme.ft_ies_len; | |
195 | } | |
196 | } | |
197 | #endif /* CONFIG_IEEE80211R */ | |
198 | ||
199 | #ifdef CONFIG_IEEE80211W | |
70f8cc8e | 200 | wpa_s->sme.mfp = ssid->ieee80211w; |
f337f0e9 | 201 | if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { |
6fa81a3b | 202 | const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); |
c2a04078 JM |
203 | struct wpa_ie_data _ie; |
204 | if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &_ie) == 0 && | |
205 | _ie.capabilities & | |
206 | (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { | |
207 | wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: " | |
208 | "require MFP"); | |
209 | wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED; | |
210 | } | |
211 | } | |
212 | #endif /* CONFIG_IEEE80211W */ | |
213 | ||
5f3a6aa0 JM |
214 | #ifdef CONFIG_P2P |
215 | if (wpa_s->global->p2p) { | |
216 | u8 *pos; | |
217 | size_t len; | |
218 | int res; | |
219 | int p2p_group; | |
220 | p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE; | |
221 | pos = wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len; | |
222 | len = sizeof(wpa_s->sme.assoc_req_ie) - | |
223 | wpa_s->sme.assoc_req_ie_len; | |
4c08c0bd | 224 | res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group); |
5f3a6aa0 JM |
225 | if (res >= 0) |
226 | wpa_s->sme.assoc_req_ie_len += res; | |
227 | } | |
228 | #endif /* CONFIG_P2P */ | |
229 | ||
c2a04078 JM |
230 | wpa_supplicant_cancel_scan(wpa_s); |
231 | ||
232 | wpa_msg(wpa_s, MSG_INFO, "Trying to authenticate with " MACSTR | |
233 | " (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid), | |
234 | wpa_ssid_txt(params.ssid, params.ssid_len), params.freq); | |
235 | ||
236 | wpa_clear_keys(wpa_s, bss->bssid); | |
237 | wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING); | |
8bac466b | 238 | old_ssid = wpa_s->current_ssid; |
c2a04078 JM |
239 | wpa_s->current_ssid = ssid; |
240 | wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); | |
241 | wpa_supplicant_initiate_eapol(wpa_s); | |
8bac466b JM |
242 | if (old_ssid != wpa_s->current_ssid) |
243 | wpas_notify_network_changed(wpa_s); | |
c2a04078 | 244 | |
62c72d72 | 245 | wpa_s->sme.auth_alg = params.auth_alg; |
c2a04078 JM |
246 | if (wpa_drv_authenticate(wpa_s, ¶ms) < 0) { |
247 | wpa_msg(wpa_s, MSG_INFO, "Authentication request to the " | |
248 | "driver failed"); | |
6e3f7173 | 249 | wpa_supplicant_req_scan(wpa_s, 1, 0); |
c2a04078 JM |
250 | return; |
251 | } | |
252 | ||
253 | /* TODO: add timeout on authentication */ | |
254 | ||
255 | /* | |
256 | * Association will be started based on the authentication event from | |
257 | * the driver. | |
258 | */ | |
259 | } | |
260 | ||
261 | ||
262 | void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data) | |
263 | { | |
c2a04078 JM |
264 | struct wpa_ssid *ssid = wpa_s->current_ssid; |
265 | ||
266 | if (ssid == NULL) { | |
267 | wpa_printf(MSG_DEBUG, "SME: Ignore authentication event when " | |
268 | "network is not selected"); | |
269 | return; | |
270 | } | |
271 | ||
272 | if (wpa_s->wpa_state != WPA_AUTHENTICATING) { | |
273 | wpa_printf(MSG_DEBUG, "SME: Ignore authentication event when " | |
274 | "not in authenticating state"); | |
275 | return; | |
276 | } | |
277 | ||
278 | if (os_memcmp(wpa_s->pending_bssid, data->auth.peer, ETH_ALEN) != 0) { | |
279 | wpa_printf(MSG_DEBUG, "SME: Ignore authentication with " | |
280 | "unexpected peer " MACSTR, | |
281 | MAC2STR(data->auth.peer)); | |
282 | return; | |
283 | } | |
284 | ||
285 | wpa_printf(MSG_DEBUG, "SME: Authentication response: peer=" MACSTR | |
286 | " auth_type=%d status_code=%d", | |
287 | MAC2STR(data->auth.peer), data->auth.auth_type, | |
288 | data->auth.status_code); | |
289 | wpa_hexdump(MSG_MSGDUMP, "SME: Authentication response IEs", | |
290 | data->auth.ies, data->auth.ies_len); | |
291 | ||
292 | if (data->auth.status_code != WLAN_STATUS_SUCCESS) { | |
293 | wpa_printf(MSG_DEBUG, "SME: Authentication failed (status " | |
294 | "code %d)", data->auth.status_code); | |
cb1583f6 SO |
295 | |
296 | if (data->auth.status_code != | |
297 | WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG || | |
298 | wpa_s->sme.auth_alg == data->auth.auth_type || | |
7e6646c7 | 299 | wpa_s->current_ssid->auth_alg == WPA_AUTH_ALG_LEAP) { |
0fb337c1 | 300 | wpas_connection_failed(wpa_s, wpa_s->pending_bssid); |
cb1583f6 | 301 | return; |
7e6646c7 | 302 | } |
cb1583f6 SO |
303 | |
304 | switch (data->auth.auth_type) { | |
305 | case WLAN_AUTH_OPEN: | |
306 | wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_SHARED; | |
307 | ||
308 | wpa_printf(MSG_DEBUG, "SME: Trying SHARED auth"); | |
309 | wpa_supplicant_associate(wpa_s, wpa_s->current_bss, | |
310 | wpa_s->current_ssid); | |
311 | return; | |
312 | ||
313 | case WLAN_AUTH_SHARED_KEY: | |
314 | wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_LEAP; | |
315 | ||
316 | wpa_printf(MSG_DEBUG, "SME: Trying LEAP auth"); | |
317 | wpa_supplicant_associate(wpa_s, wpa_s->current_bss, | |
318 | wpa_s->current_ssid); | |
319 | return; | |
320 | ||
321 | default: | |
322 | return; | |
323 | } | |
c2a04078 JM |
324 | } |
325 | ||
326 | #ifdef CONFIG_IEEE80211R | |
327 | if (data->auth.auth_type == WLAN_AUTH_FT) { | |
328 | union wpa_event_data edata; | |
329 | os_memset(&edata, 0, sizeof(edata)); | |
330 | edata.ft_ies.ies = data->auth.ies; | |
331 | edata.ft_ies.ies_len = data->auth.ies_len; | |
332 | os_memcpy(edata.ft_ies.target_ap, data->auth.peer, ETH_ALEN); | |
333 | wpa_supplicant_event(wpa_s, EVENT_FT_RESPONSE, &edata); | |
334 | } | |
335 | #endif /* CONFIG_IEEE80211R */ | |
336 | ||
71024cb2 JM |
337 | sme_associate(wpa_s, ssid->mode, data->auth.peer, |
338 | data->auth.auth_type); | |
339 | } | |
340 | ||
341 | ||
342 | void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode, | |
343 | const u8 *bssid, u16 auth_type) | |
344 | { | |
345 | struct wpa_driver_associate_params params; | |
d9a27b04 | 346 | struct ieee802_11_elems elems; |
71024cb2 | 347 | |
c2a04078 | 348 | os_memset(¶ms, 0, sizeof(params)); |
71024cb2 | 349 | params.bssid = bssid; |
c2a04078 JM |
350 | params.ssid = wpa_s->sme.ssid; |
351 | params.ssid_len = wpa_s->sme.ssid_len; | |
352 | params.freq = wpa_s->sme.freq; | |
353 | params.wpa_ie = wpa_s->sme.assoc_req_ie_len ? | |
354 | wpa_s->sme.assoc_req_ie : NULL; | |
355 | params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len; | |
aca01605 JM |
356 | params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher); |
357 | params.group_suite = cipher_suite2driver(wpa_s->group_cipher); | |
c2a04078 | 358 | #ifdef CONFIG_IEEE80211R |
71024cb2 | 359 | if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) { |
c2a04078 JM |
360 | params.wpa_ie = wpa_s->sme.ft_ies; |
361 | params.wpa_ie_len = wpa_s->sme.ft_ies_len; | |
362 | } | |
363 | #endif /* CONFIG_IEEE80211R */ | |
71024cb2 | 364 | params.mode = mode; |
c2a04078 | 365 | params.mgmt_frame_protection = wpa_s->sme.mfp; |
62fa124c JM |
366 | if (wpa_s->sme.prev_bssid_set) |
367 | params.prev_bssid = wpa_s->sme.prev_bssid; | |
c2a04078 JM |
368 | |
369 | wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR | |
370 | " (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid), | |
371 | params.ssid ? wpa_ssid_txt(params.ssid, params.ssid_len) : "", | |
372 | params.freq); | |
373 | ||
374 | wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); | |
375 | ||
9efc3f2a JM |
376 | if (params.wpa_ie == NULL || |
377 | ieee802_11_parse_elems(params.wpa_ie, params.wpa_ie_len, &elems, 0) | |
d9a27b04 JM |
378 | < 0) { |
379 | wpa_printf(MSG_DEBUG, "SME: Could not parse own IEs?!"); | |
380 | os_memset(&elems, 0, sizeof(elems)); | |
381 | } | |
382 | if (elems.rsn_ie) | |
383 | wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.rsn_ie - 2, | |
384 | elems.rsn_ie_len + 2); | |
385 | else if (elems.wpa_ie) | |
386 | wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.wpa_ie - 2, | |
387 | elems.wpa_ie_len + 2); | |
388 | else | |
389 | wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); | |
6e3f4b89 JM |
390 | if (elems.p2p && |
391 | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE)) | |
392 | params.p2p = 1; | |
d9a27b04 | 393 | |
eea2fd9e JM |
394 | if (wpa_s->parent->set_sta_uapsd) |
395 | params.uapsd = wpa_s->parent->sta_uapsd; | |
396 | else | |
397 | params.uapsd = -1; | |
398 | ||
c2a04078 JM |
399 | if (wpa_drv_associate(wpa_s, ¶ms) < 0) { |
400 | wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " | |
401 | "failed"); | |
e5ad96b7 JM |
402 | wpas_connection_failed(wpa_s, wpa_s->pending_bssid); |
403 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); | |
c2a04078 JM |
404 | return; |
405 | } | |
406 | ||
407 | /* TODO: add timeout on association */ | |
408 | } | |
409 | ||
410 | ||
411 | int sme_update_ft_ies(struct wpa_supplicant *wpa_s, const u8 *md, | |
412 | const u8 *ies, size_t ies_len) | |
413 | { | |
414 | if (md == NULL || ies == NULL) { | |
415 | wpa_printf(MSG_DEBUG, "SME: Remove mobility domain"); | |
416 | os_free(wpa_s->sme.ft_ies); | |
417 | wpa_s->sme.ft_ies = NULL; | |
418 | wpa_s->sme.ft_ies_len = 0; | |
419 | wpa_s->sme.ft_used = 0; | |
420 | return 0; | |
421 | } | |
422 | ||
423 | os_memcpy(wpa_s->sme.mobility_domain, md, MOBILITY_DOMAIN_ID_LEN); | |
424 | wpa_hexdump(MSG_DEBUG, "SME: FT IEs", ies, ies_len); | |
425 | os_free(wpa_s->sme.ft_ies); | |
426 | wpa_s->sme.ft_ies = os_malloc(ies_len); | |
427 | if (wpa_s->sme.ft_ies == NULL) | |
428 | return -1; | |
429 | os_memcpy(wpa_s->sme.ft_ies, ies, ies_len); | |
430 | wpa_s->sme.ft_ies_len = ies_len; | |
431 | return 0; | |
432 | } | |
efa46078 JM |
433 | |
434 | ||
435 | void sme_event_assoc_reject(struct wpa_supplicant *wpa_s, | |
436 | union wpa_event_data *data) | |
437 | { | |
8bac466b JM |
438 | int bssid_changed; |
439 | ||
76d11d3f JM |
440 | wpa_printf(MSG_DEBUG, "SME: Association with " MACSTR " failed: " |
441 | "status code %d", MAC2STR(wpa_s->pending_bssid), | |
efa46078 JM |
442 | data->assoc_reject.status_code); |
443 | ||
8bac466b | 444 | bssid_changed = !is_zero_ether_addr(wpa_s->bssid); |
76d11d3f JM |
445 | |
446 | /* | |
447 | * For now, unconditionally terminate the previous authentication. In | |
448 | * theory, this should not be needed, but mac80211 gets quite confused | |
449 | * if the authentication is left pending.. Some roaming cases might | |
450 | * benefit from using the previous authentication, so this could be | |
451 | * optimized in the future. | |
452 | */ | |
453 | if (wpa_drv_deauthenticate(wpa_s, wpa_s->pending_bssid, | |
454 | WLAN_REASON_DEAUTH_LEAVING) < 0) { | |
455 | wpa_msg(wpa_s, MSG_INFO, | |
456 | "Deauth request to the driver failed"); | |
457 | } | |
62fa124c | 458 | wpa_s->sme.prev_bssid_set = 0; |
76d11d3f | 459 | |
0fb337c1 | 460 | wpas_connection_failed(wpa_s, wpa_s->pending_bssid); |
76d11d3f | 461 | wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); |
efa46078 JM |
462 | os_memset(wpa_s->bssid, 0, ETH_ALEN); |
463 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); | |
8bac466b JM |
464 | if (bssid_changed) |
465 | wpas_notify_bssid_changed(wpa_s); | |
efa46078 | 466 | } |
da1fb17c JM |
467 | |
468 | ||
469 | void sme_event_auth_timed_out(struct wpa_supplicant *wpa_s, | |
470 | union wpa_event_data *data) | |
471 | { | |
472 | wpa_printf(MSG_DEBUG, "SME: Authentication timed out"); | |
0fb337c1 | 473 | wpas_connection_failed(wpa_s, wpa_s->pending_bssid); |
da1fb17c JM |
474 | } |
475 | ||
476 | ||
477 | void sme_event_assoc_timed_out(struct wpa_supplicant *wpa_s, | |
478 | union wpa_event_data *data) | |
479 | { | |
480 | wpa_printf(MSG_DEBUG, "SME: Association timed out"); | |
0fb337c1 | 481 | wpas_connection_failed(wpa_s, wpa_s->pending_bssid); |
da1fb17c | 482 | wpa_supplicant_mark_disassoc(wpa_s); |
da1fb17c | 483 | } |
a84ed99e JM |
484 | |
485 | ||
486 | void sme_event_disassoc(struct wpa_supplicant *wpa_s, | |
487 | union wpa_event_data *data) | |
488 | { | |
489 | wpa_printf(MSG_DEBUG, "SME: Disassociation event received"); | |
7e26053a | 490 | if (wpa_s->sme.prev_bssid_set && |
a84ed99e JM |
491 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)) { |
492 | /* | |
493 | * cfg80211/mac80211 can get into somewhat confused state if | |
494 | * the AP only disassociates us and leaves us in authenticated | |
495 | * state. For now, force the state to be cleared to avoid | |
496 | * confusing errors if we try to associate with the AP again. | |
497 | */ | |
498 | wpa_printf(MSG_DEBUG, "SME: Deauthenticate to clear driver " | |
499 | "state"); | |
7e26053a | 500 | wpa_drv_deauthenticate(wpa_s, wpa_s->sme.prev_bssid, |
a84ed99e JM |
501 | WLAN_REASON_DEAUTH_LEAVING); |
502 | } | |
503 | } | |
7d878ca7 JM |
504 | |
505 | ||
506 | #ifdef CONFIG_IEEE80211W | |
507 | ||
508 | static const unsigned int sa_query_max_timeout = 1000; | |
509 | static const unsigned int sa_query_retry_timeout = 201; | |
510 | ||
511 | static int sme_check_sa_query_timeout(struct wpa_supplicant *wpa_s) | |
512 | { | |
513 | u32 tu; | |
514 | struct os_time now, passed; | |
515 | os_get_time(&now); | |
516 | os_time_sub(&now, &wpa_s->sme.sa_query_start, &passed); | |
517 | tu = (passed.sec * 1000000 + passed.usec) / 1024; | |
518 | if (sa_query_max_timeout < tu) { | |
519 | wpa_printf(MSG_DEBUG, "SME: SA Query timed out"); | |
520 | sme_stop_sa_query(wpa_s); | |
521 | wpa_supplicant_deauthenticate( | |
522 | wpa_s, WLAN_REASON_PREV_AUTH_NOT_VALID); | |
523 | return 1; | |
524 | } | |
525 | ||
526 | return 0; | |
527 | } | |
528 | ||
529 | ||
530 | static void sme_send_sa_query_req(struct wpa_supplicant *wpa_s, | |
531 | const u8 *trans_id) | |
532 | { | |
533 | u8 req[2 + WLAN_SA_QUERY_TR_ID_LEN]; | |
534 | wpa_printf(MSG_DEBUG, "SME: Sending SA Query Request to " | |
535 | MACSTR, MAC2STR(wpa_s->bssid)); | |
536 | wpa_hexdump(MSG_DEBUG, "SME: SA Query Transaction ID", | |
537 | trans_id, WLAN_SA_QUERY_TR_ID_LEN); | |
538 | req[0] = WLAN_ACTION_SA_QUERY; | |
539 | req[1] = WLAN_SA_QUERY_REQUEST; | |
540 | os_memcpy(req + 2, trans_id, WLAN_SA_QUERY_TR_ID_LEN); | |
541 | if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, wpa_s->bssid, | |
542 | wpa_s->own_addr, wpa_s->bssid, | |
543 | req, sizeof(req)) < 0) | |
544 | wpa_printf(MSG_INFO, "SME: Failed to send SA Query Request"); | |
545 | } | |
546 | ||
547 | ||
548 | static void sme_sa_query_timer(void *eloop_ctx, void *timeout_ctx) | |
549 | { | |
550 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
551 | unsigned int timeout, sec, usec; | |
552 | u8 *trans_id, *nbuf; | |
553 | ||
554 | if (wpa_s->sme.sa_query_count > 0 && | |
555 | sme_check_sa_query_timeout(wpa_s)) | |
556 | return; | |
557 | ||
558 | nbuf = os_realloc(wpa_s->sme.sa_query_trans_id, | |
559 | (wpa_s->sme.sa_query_count + 1) * | |
560 | WLAN_SA_QUERY_TR_ID_LEN); | |
561 | if (nbuf == NULL) | |
562 | return; | |
563 | if (wpa_s->sme.sa_query_count == 0) { | |
564 | /* Starting a new SA Query procedure */ | |
565 | os_get_time(&wpa_s->sme.sa_query_start); | |
566 | } | |
567 | trans_id = nbuf + wpa_s->sme.sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; | |
568 | wpa_s->sme.sa_query_trans_id = nbuf; | |
569 | wpa_s->sme.sa_query_count++; | |
570 | ||
571 | os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); | |
572 | ||
573 | timeout = sa_query_retry_timeout; | |
574 | sec = ((timeout / 1000) * 1024) / 1000; | |
575 | usec = (timeout % 1000) * 1024; | |
576 | eloop_register_timeout(sec, usec, sme_sa_query_timer, wpa_s, NULL); | |
577 | ||
578 | wpa_printf(MSG_DEBUG, "SME: Association SA Query attempt %d", | |
579 | wpa_s->sme.sa_query_count); | |
580 | ||
581 | sme_send_sa_query_req(wpa_s, trans_id); | |
582 | } | |
583 | ||
584 | ||
585 | static void sme_start_sa_query(struct wpa_supplicant *wpa_s) | |
586 | { | |
587 | sme_sa_query_timer(wpa_s, NULL); | |
588 | } | |
589 | ||
590 | ||
591 | void sme_stop_sa_query(struct wpa_supplicant *wpa_s) | |
592 | { | |
593 | eloop_cancel_timeout(sme_sa_query_timer, wpa_s, NULL); | |
594 | os_free(wpa_s->sme.sa_query_trans_id); | |
595 | wpa_s->sme.sa_query_trans_id = NULL; | |
596 | wpa_s->sme.sa_query_count = 0; | |
597 | } | |
598 | ||
599 | ||
600 | void sme_event_unprot_disconnect(struct wpa_supplicant *wpa_s, const u8 *sa, | |
601 | const u8 *da, u16 reason_code) | |
602 | { | |
603 | struct wpa_ssid *ssid; | |
604 | ||
605 | if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) | |
606 | return; | |
607 | if (wpa_s->wpa_state != WPA_COMPLETED) | |
608 | return; | |
609 | ssid = wpa_s->current_ssid; | |
610 | if (ssid == NULL || ssid->ieee80211w == 0) | |
611 | return; | |
612 | if (os_memcmp(sa, wpa_s->bssid, ETH_ALEN) != 0) | |
613 | return; | |
614 | if (reason_code != WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA && | |
615 | reason_code != WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA) | |
616 | return; | |
617 | if (wpa_s->sme.sa_query_count > 0) | |
618 | return; | |
619 | ||
620 | wpa_printf(MSG_DEBUG, "SME: Unprotected disconnect dropped - possible " | |
621 | "AP/STA state mismatch - trigger SA Query"); | |
622 | sme_start_sa_query(wpa_s); | |
623 | } | |
624 | ||
625 | ||
626 | void sme_sa_query_rx(struct wpa_supplicant *wpa_s, const u8 *sa, | |
627 | const u8 *data, size_t len) | |
628 | { | |
629 | int i; | |
630 | ||
631 | if (wpa_s->sme.sa_query_trans_id == NULL || | |
632 | len < 1 + WLAN_SA_QUERY_TR_ID_LEN || | |
633 | data[0] != WLAN_SA_QUERY_RESPONSE) | |
634 | return; | |
635 | wpa_printf(MSG_DEBUG, "SME: Received SA Query response from " MACSTR | |
636 | " (trans_id %02x%02x)", | |
637 | MAC2STR(sa), data[1], data[2]); | |
638 | ||
639 | if (os_memcmp(sa, wpa_s->bssid, ETH_ALEN) != 0) | |
640 | return; | |
641 | ||
642 | for (i = 0; i < wpa_s->sme.sa_query_count; i++) { | |
643 | if (os_memcmp(wpa_s->sme.sa_query_trans_id + | |
644 | i * WLAN_SA_QUERY_TR_ID_LEN, | |
645 | data + 1, WLAN_SA_QUERY_TR_ID_LEN) == 0) | |
646 | break; | |
647 | } | |
648 | ||
649 | if (i >= wpa_s->sme.sa_query_count) { | |
650 | wpa_printf(MSG_DEBUG, "SME: No matching SA Query " | |
651 | "transaction identifier found"); | |
652 | return; | |
653 | } | |
654 | ||
655 | wpa_printf(MSG_DEBUG, "SME: Reply to pending SA Query received from " | |
656 | MACSTR, MAC2STR(sa)); | |
657 | sme_stop_sa_query(wpa_s); | |
658 | } | |
659 | ||
660 | #endif /* CONFIG_IEEE80211W */ |