]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/sme.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
IEEE 802.11u: Allow Interworking and HESSID to be configured
[thirdparty/hostap.git] / wpa_supplicant / sme.c
CommitLineData
c2a04078
JM		 1/*
2 * wpa_supplicant - SME
71024cb2 3 * Copyright (c) 2009-2010, Jouni Malinen <j@w1.fi>
c2a04078
JM		 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15#include "includes.h"
16
17#include "common.h"
7d878ca7 18#include "utils/eloop.h"
90973fb2 19#include "common/ieee802_11_defs.h"
d9a27b04 20#include "common/ieee802_11_common.h"
c2a04078 21#include "eapol_supp/eapol_supp_sm.h"
90973fb2 22#include "common/wpa_common.h"
3acb5005
JM		 23#include "rsn_supp/wpa.h"
24#include "rsn_supp/pmksa_cache.h"
c2a04078
JM		 25#include "config.h"
26#include "wpa_supplicant_i.h"
2d5b792d 27#include "driver_i.h"
c2a04078
JM		 28#include "wpas_glue.h"
29#include "wps_supplicant.h"
5f3a6aa0 30#include "p2p_supplicant.h"
8bac466b 31#include "notify.h"
76d11d3f 32#include "blacklist.h"
6fa81a3b 33#include "bss.h"
9ba9fa07 34#include "scan.h"
c2a04078
JM		 35#include "sme.h"
36
e29853bb
BG		 37#define SME_AUTH_TIMEOUT 5
38#define SME_ASSOC_TIMEOUT 5
39
40static void sme_auth_timer(void *eloop_ctx, void *timeout_ctx);
41static void sme_assoc_timer(void *eloop_ctx, void *timeout_ctx);
42#ifdef CONFIG_IEEE80211W
43static void sme_stop_sa_query(struct wpa_supplicant *wpa_s);
44#endif /* CONFIG_IEEE80211W */
45
46
c2a04078 47void sme_authenticate(struct wpa_supplicant *wpa_s,
6fa81a3b 48 struct wpa_bss *bss, struct wpa_ssid *ssid)
c2a04078
JM		 49{
50 struct wpa_driver_auth_params params;
8bac466b 51 struct wpa_ssid *old_ssid;
fdbe50ed 52#ifdef CONFIG_IEEE80211R
c2a04078 53 const u8 *ie;
fdbe50ed 54#endif /* CONFIG_IEEE80211R */
c2a04078
JM		 55#ifdef CONFIG_IEEE80211R
56 const u8 *md = NULL;
57#endif /* CONFIG_IEEE80211R */
8bac466b 58 int i, bssid_changed;
c2a04078
JM		 59
60 if (bss == NULL) {
f049052b
BG		 61 wpa_msg(wpa_s, MSG_ERROR, "SME: No scan result available for "
62 "the network");
c2a04078
JM		 63 return;
64 }
65
8f770587
JM		 66 wpa_s->current_bss = bss;
67
c2a04078
JM		 68 os_memset(&params, 0, sizeof(params));
69 wpa_s->reassociate = 0;
70
71 params.freq = bss->freq;
72 params.bssid = bss->bssid;
6fa81a3b
JM		 73 params.ssid = bss->ssid;
74 params.ssid_len = bss->ssid_len;
2f4f73b1 75 params.p2p = ssid->p2p_group;
c2a04078 76
62fa124c
JM		 77 if (wpa_s->sme.ssid_len != params.ssid_len ||
78 os_memcmp(wpa_s->sme.ssid, params.ssid, params.ssid_len) != 0)
79 wpa_s->sme.prev_bssid_set = 0;
80
c2a04078
JM		 81 wpa_s->sme.freq = params.freq;
82 os_memcpy(wpa_s->sme.ssid, params.ssid, params.ssid_len);
83 wpa_s->sme.ssid_len = params.ssid_len;
84
abd9fafa 85 params.auth_alg = WPA_AUTH_ALG_OPEN;
c2a04078
JM		 86#ifdef IEEE8021X_EAPOL
87 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
88 if (ssid->leap) {
89 if (ssid->non_leap == 0)
abd9fafa 90 params.auth_alg = WPA_AUTH_ALG_LEAP;
c2a04078 91 else
abd9fafa 92 params.auth_alg |= WPA_AUTH_ALG_LEAP;
c2a04078
JM		 93 }
94 }
95#endif /* IEEE8021X_EAPOL */
f049052b
BG		 96 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x",
97 params.auth_alg);
c2a04078 98 if (ssid->auth_alg) {
abd9fafa 99 params.auth_alg = ssid->auth_alg;
f049052b
BG		 100 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
101 "0x%x", params.auth_alg);
c2a04078
JM		 102 }
103
a0b2f99b
JM		 104 for (i = 0; i < NUM_WEP_KEYS; i++) {
105 if (ssid->wep_key_len[i])
106 params.wep_key[i] = ssid->wep_key[i];
107 params.wep_key_len[i] = ssid->wep_key_len[i];
108 }
109 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
110
8bac466b 111 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
c2a04078
JM		 112 os_memset(wpa_s->bssid, 0, ETH_ALEN);
113 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 114 if (bssid_changed)
115 wpas_notify_bssid_changed(wpa_s);
c2a04078 116
f337f0e9
JM		 117 if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
118 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
c2a04078
JM		 119 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
120 WPA_KEY_MGMT_FT_IEEE8021X |
121 WPA_KEY_MGMT_FT_PSK |
122 WPA_KEY_MGMT_IEEE8021X_SHA256 |
123 WPA_KEY_MGMT_PSK_SHA256))) {
124 int try_opportunistic;
125 try_opportunistic = ssid->proactive_key_caching &&
126 (ssid->proto & WPA_PROTO_RSN);
127 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
128 wpa_s->current_ssid,
129 try_opportunistic) == 0)
130 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
131 wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
132 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
133 wpa_s->sme.assoc_req_ie,
134 &wpa_s->sme.assoc_req_ie_len)) {
f049052b
BG		 135 wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
136 "key management and encryption suites");
c2a04078
JM		 137 return;
138 }
139 } else if (ssid->key_mgmt &
140 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
141 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
142 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
143 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
144 wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
145 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
146 wpa_s->sme.assoc_req_ie,
147 &wpa_s->sme.assoc_req_ie_len)) {
f049052b
BG		 148 wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
149 "key management and encryption suites (no "
150 "scan results)");
c2a04078
JM		 151 return;
152 }
153#ifdef CONFIG_WPS
154 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
155 struct wpabuf *wps_ie;
156 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
157 if (wps_ie && wpabuf_len(wps_ie) <=
158 sizeof(wpa_s->sme.assoc_req_ie)) {
159 wpa_s->sme.assoc_req_ie_len = wpabuf_len(wps_ie);
160 os_memcpy(wpa_s->sme.assoc_req_ie, wpabuf_head(wps_ie),
161 wpa_s->sme.assoc_req_ie_len);
162 } else
163 wpa_s->sme.assoc_req_ie_len = 0;
164 wpabuf_free(wps_ie);
165 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
166#endif /* CONFIG_WPS */
167 } else {
168 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
169 wpa_s->sme.assoc_req_ie_len = 0;
170 }
171
172#ifdef CONFIG_IEEE80211R
6fa81a3b 173 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
c2a04078
JM		 174 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
175 md = ie + 2;
e7846b68 176 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
c2a04078
JM		 177 if (md) {
178 /* Prepare for the next transition */
76b7981d 179 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
c2a04078
JM		 180 }
181
182 if (md && ssid->key_mgmt & (WPA_KEY_MGMT_FT_PSK |
183 WPA_KEY_MGMT_FT_IEEE8021X)) {
184 if (wpa_s->sme.assoc_req_ie_len + 5 <
185 sizeof(wpa_s->sme.assoc_req_ie)) {
186 struct rsn_mdie *mdie;
187 u8 *pos = wpa_s->sme.assoc_req_ie +
188 wpa_s->sme.assoc_req_ie_len;
189 *pos++ = WLAN_EID_MOBILITY_DOMAIN;
190 *pos++ = sizeof(*mdie);
191 mdie = (struct rsn_mdie *) pos;
192 os_memcpy(mdie->mobility_domain, md,
193 MOBILITY_DOMAIN_ID_LEN);
f4ec630d 194 mdie->ft_capab = md[MOBILITY_DOMAIN_ID_LEN];
c2a04078
JM		 195 wpa_s->sme.assoc_req_ie_len += 5;
196 }
197
198 if (wpa_s->sme.ft_used &&
0d7b4409
JM		 199 os_memcmp(md, wpa_s->sme.mobility_domain, 2) == 0 &&
200 wpa_sm_has_ptk(wpa_s->wpa)) {
f049052b
BG		 201 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying to use FT "
202 "over-the-air");
abd9fafa 203 params.auth_alg = WPA_AUTH_ALG_FT;
c2a04078
JM		 204 params.ie = wpa_s->sme.ft_ies;
205 params.ie_len = wpa_s->sme.ft_ies_len;
206 }
207 }
208#endif /* CONFIG_IEEE80211R */
209
210#ifdef CONFIG_IEEE80211W
70f8cc8e 211 wpa_s->sme.mfp = ssid->ieee80211w;
f337f0e9 212 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
6fa81a3b 213 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
c2a04078
JM		 214 struct wpa_ie_data _ie;
215 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &_ie) == 0 &&
216 _ie.capabilities &
217 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 218 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Selected AP supports "
219 "MFP: require MFP");
c2a04078
JM		 220 wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED;
221 }
222 }
223#endif /* CONFIG_IEEE80211W */
224
5f3a6aa0
JM		 225#ifdef CONFIG_P2P
226 if (wpa_s->global->p2p) {
227 u8 *pos;
228 size_t len;
229 int res;
5f3a6aa0
JM		 230 pos = wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len;
231 len = sizeof(wpa_s->sme.assoc_req_ie) -
232 wpa_s->sme.assoc_req_ie_len;
ffad8858
JM		 233 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
234 ssid->p2p_group);
5f3a6aa0
JM		 235 if (res >= 0)
236 wpa_s->sme.assoc_req_ie_len += res;
237 }
238#endif /* CONFIG_P2P */
239
a4cba8f1 240 wpa_supplicant_cancel_sched_scan(wpa_s);
c2a04078
JM		 241 wpa_supplicant_cancel_scan(wpa_s);
242
f049052b 243 wpa_msg(wpa_s, MSG_INFO, "SME: Trying to authenticate with " MACSTR
c2a04078
JM		 244 " (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid),
245 wpa_ssid_txt(params.ssid, params.ssid_len), params.freq);
246
247 wpa_clear_keys(wpa_s, bss->bssid);
248 wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING);
8bac466b 249 old_ssid = wpa_s->current_ssid;
c2a04078
JM		 250 wpa_s->current_ssid = ssid;
251 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
252 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 253 if (old_ssid != wpa_s->current_ssid)
254 wpas_notify_network_changed(wpa_s);
c2a04078 255
62c72d72 256 wpa_s->sme.auth_alg = params.auth_alg;
c2a04078 257 if (wpa_drv_authenticate(wpa_s, &params) < 0) {
f049052b 258 wpa_msg(wpa_s, MSG_INFO, "SME: Authentication request to the "
c2a04078 259 "driver failed");
6e3f7173 260 wpa_supplicant_req_scan(wpa_s, 1, 0);
c2a04078
JM		 261 return;
262 }
263
e29853bb
BG		 264 eloop_register_timeout(SME_AUTH_TIMEOUT, 0, sme_auth_timer, wpa_s,
265 NULL);
c2a04078
JM		 266
267 /*
268 * Association will be started based on the authentication event from
269 * the driver.
270 */
271}
272
273
274void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
275{
c2a04078
JM		 276 struct wpa_ssid *ssid = wpa_s->current_ssid;
277
278 if (ssid == NULL) {
f049052b
BG		 279 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Ignore authentication event "
280 "when network is not selected");
c2a04078
JM		 281 return;
282 }
283
284 if (wpa_s->wpa_state != WPA_AUTHENTICATING) {
f049052b
BG		 285 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Ignore authentication event "
286 "when not in authenticating state");
c2a04078
JM		 287 return;
288 }
289
290 if (os_memcmp(wpa_s->pending_bssid, data->auth.peer, ETH_ALEN) != 0) {
f049052b
BG		 291 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Ignore authentication with "
292 "unexpected peer " MACSTR,
293 MAC2STR(data->auth.peer));
c2a04078
JM		 294 return;
295 }
296
f049052b
BG		 297 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Authentication response: peer=" MACSTR
298 " auth_type=%d status_code=%d",
299 MAC2STR(data->auth.peer), data->auth.auth_type,
300 data->auth.status_code);
c2a04078
JM		 301 wpa_hexdump(MSG_MSGDUMP, "SME: Authentication response IEs",
302 data->auth.ies, data->auth.ies_len);
303
e29853bb
BG		 304 eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
305
c2a04078 306 if (data->auth.status_code != WLAN_STATUS_SUCCESS) {
f049052b
BG		 307 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Authentication failed (status "
308 "code %d)", data->auth.status_code);
cb1583f6
SO		 309
310 if (data->auth.status_code !=
311 WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG ||
312 wpa_s->sme.auth_alg == data->auth.auth_type ||
7e6646c7 313 wpa_s->current_ssid->auth_alg == WPA_AUTH_ALG_LEAP) {
0fb337c1 314 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
cb1583f6 315 return;
7e6646c7 316 }
cb1583f6
SO		 317
318 switch (data->auth.auth_type) {
319 case WLAN_AUTH_OPEN:
320 wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_SHARED;
321
f049052b 322 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying SHARED auth");
cb1583f6
SO		 323 wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
324 wpa_s->current_ssid);
325 return;
326
327 case WLAN_AUTH_SHARED_KEY:
328 wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_LEAP;
329
f049052b 330 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying LEAP auth");
cb1583f6
SO		 331 wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
332 wpa_s->current_ssid);
333 return;
334
335 default:
336 return;
337 }
c2a04078
JM		 338 }
339
340#ifdef CONFIG_IEEE80211R
341 if (data->auth.auth_type == WLAN_AUTH_FT) {
342 union wpa_event_data edata;
343 os_memset(&edata, 0, sizeof(edata));
344 edata.ft_ies.ies = data->auth.ies;
345 edata.ft_ies.ies_len = data->auth.ies_len;
346 os_memcpy(edata.ft_ies.target_ap, data->auth.peer, ETH_ALEN);
347 wpa_supplicant_event(wpa_s, EVENT_FT_RESPONSE, &edata);
348 }
349#endif /* CONFIG_IEEE80211R */
350
71024cb2
JM		 351 sme_associate(wpa_s, ssid->mode, data->auth.peer,
352 data->auth.auth_type);
353}
354
355
356void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
357 const u8 *bssid, u16 auth_type)
358{
359 struct wpa_driver_associate_params params;
d9a27b04 360 struct ieee802_11_elems elems;
71024cb2 361
c2a04078 362 os_memset(&params, 0, sizeof(params));
71024cb2 363 params.bssid = bssid;
c2a04078
JM		 364 params.ssid = wpa_s->sme.ssid;
365 params.ssid_len = wpa_s->sme.ssid_len;
366 params.freq = wpa_s->sme.freq;
367 params.wpa_ie = wpa_s->sme.assoc_req_ie_len ?
368 wpa_s->sme.assoc_req_ie : NULL;
369 params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len;
aca01605
JM		 370 params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher);
371 params.group_suite = cipher_suite2driver(wpa_s->group_cipher);
c2a04078 372#ifdef CONFIG_IEEE80211R
71024cb2 373 if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) {
c2a04078
JM		 374 params.wpa_ie = wpa_s->sme.ft_ies;
375 params.wpa_ie_len = wpa_s->sme.ft_ies_len;
376 }
377#endif /* CONFIG_IEEE80211R */
71024cb2 378 params.mode = mode;
c2a04078 379 params.mgmt_frame_protection = wpa_s->sme.mfp;
62fa124c
JM		 380 if (wpa_s->sme.prev_bssid_set)
381 params.prev_bssid = wpa_s->sme.prev_bssid;
c2a04078
JM		 382
383 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
384 " (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid),
385 params.ssid ? wpa_ssid_txt(params.ssid, params.ssid_len) : "",
386 params.freq);
387
388 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
389
9efc3f2a
JM		 390 if (params.wpa_ie == NULL ||
391 ieee802_11_parse_elems(params.wpa_ie, params.wpa_ie_len, &elems, 0)
d9a27b04 392 < 0) {
f049052b 393 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Could not parse own IEs?!");
d9a27b04
JM		 394 os_memset(&elems, 0, sizeof(elems));
395 }
64fa840a
JM		 396 if (elems.rsn_ie) {
397 params.wpa_proto = WPA_PROTO_RSN;
d9a27b04
JM		 398 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.rsn_ie - 2,
399 elems.rsn_ie_len + 2);
64fa840a
JM		 400 } else if (elems.wpa_ie) {
401 params.wpa_proto = WPA_PROTO_WPA;
d9a27b04
JM		 402 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.wpa_ie - 2,
403 elems.wpa_ie_len + 2);
64fa840a 404 } else
d9a27b04 405 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
ffad8858 406 if (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group)
6e3f4b89 407 params.p2p = 1;
d9a27b04 408
eea2fd9e
JM		 409 if (wpa_s->parent->set_sta_uapsd)
410 params.uapsd = wpa_s->parent->sta_uapsd;
411 else
412 params.uapsd = -1;
413
c2a04078 414 if (wpa_drv_associate(wpa_s, &params) < 0) {
f049052b
BG		 415 wpa_msg(wpa_s, MSG_INFO, "SME: Association request to the "
416 "driver failed");
e5ad96b7
JM		 417 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
418 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
c2a04078
JM		 419 return;
420 }
421
e29853bb
BG		 422 eloop_register_timeout(SME_ASSOC_TIMEOUT, 0, sme_assoc_timer, wpa_s,
423 NULL);
c2a04078
JM		 424}
425
426
427int sme_update_ft_ies(struct wpa_supplicant *wpa_s, const u8 *md,
428 const u8 *ies, size_t ies_len)
429{
430 if (md == NULL || ies == NULL) {
f049052b 431 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Remove mobility domain");
c2a04078
JM		 432 os_free(wpa_s->sme.ft_ies);
433 wpa_s->sme.ft_ies = NULL;
434 wpa_s->sme.ft_ies_len = 0;
435 wpa_s->sme.ft_used = 0;
436 return 0;
437 }
438
439 os_memcpy(wpa_s->sme.mobility_domain, md, MOBILITY_DOMAIN_ID_LEN);
440 wpa_hexdump(MSG_DEBUG, "SME: FT IEs", ies, ies_len);
441 os_free(wpa_s->sme.ft_ies);
442 wpa_s->sme.ft_ies = os_malloc(ies_len);
443 if (wpa_s->sme.ft_ies == NULL)
444 return -1;
445 os_memcpy(wpa_s->sme.ft_ies, ies, ies_len);
446 wpa_s->sme.ft_ies_len = ies_len;
447 return 0;
448}
efa46078
JM		 449
450
e29853bb 451static void sme_deauth(struct wpa_supplicant *wpa_s)
efa46078 452{
8bac466b
JM		 453 int bssid_changed;
454
8bac466b 455 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
76d11d3f 456
76d11d3f
JM		 457 if (wpa_drv_deauthenticate(wpa_s, wpa_s->pending_bssid,
458 WLAN_REASON_DEAUTH_LEAVING) < 0) {
f049052b
BG		 459 wpa_msg(wpa_s, MSG_INFO, "SME: Deauth request to the driver "
460 "failed");
76d11d3f 461 }
62fa124c 462 wpa_s->sme.prev_bssid_set = 0;
76d11d3f 463
0fb337c1 464 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
76d11d3f 465 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
efa46078
JM		 466 os_memset(wpa_s->bssid, 0, ETH_ALEN);
467 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
8bac466b
JM		 468 if (bssid_changed)
469 wpas_notify_bssid_changed(wpa_s);
efa46078 470}
da1fb17c
JM		 471
472
e29853bb
BG		 473void sme_event_assoc_reject(struct wpa_supplicant *wpa_s,
474 union wpa_event_data *data)
475{
476 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Association with " MACSTR " failed: "
477 "status code %d", MAC2STR(wpa_s->pending_bssid),
478 data->assoc_reject.status_code);
479
480 eloop_cancel_timeout(sme_assoc_timer, wpa_s, NULL);
481
482 /*
483 * For now, unconditionally terminate the previous authentication. In
484 * theory, this should not be needed, but mac80211 gets quite confused
485 * if the authentication is left pending.. Some roaming cases might
486 * benefit from using the previous authentication, so this could be
487 * optimized in the future.
488 */
489 sme_deauth(wpa_s);
490}
491
492
da1fb17c
JM		 493void sme_event_auth_timed_out(struct wpa_supplicant *wpa_s,
494 union wpa_event_data *data)
495{
f049052b 496 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Authentication timed out");
0fb337c1 497 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
da1fb17c
JM		 498}
499
500
501void sme_event_assoc_timed_out(struct wpa_supplicant *wpa_s,
502 union wpa_event_data *data)
503{
f049052b 504 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Association timed out");
0fb337c1 505 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
da1fb17c 506 wpa_supplicant_mark_disassoc(wpa_s);
da1fb17c 507}
a84ed99e
JM		 508
509
510void sme_event_disassoc(struct wpa_supplicant *wpa_s,
511 union wpa_event_data *data)
512{
f049052b 513 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Disassociation event received");
7e26053a 514 if (wpa_s->sme.prev_bssid_set &&
a84ed99e
JM		 515 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)) {
516 /*
517 * cfg80211/mac80211 can get into somewhat confused state if
518 * the AP only disassociates us and leaves us in authenticated
519 * state. For now, force the state to be cleared to avoid
520 * confusing errors if we try to associate with the AP again.
521 */
f049052b
BG		 522 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Deauthenticate to clear "
523 "driver state");
7e26053a 524 wpa_drv_deauthenticate(wpa_s, wpa_s->sme.prev_bssid,
a84ed99e
JM		 525 WLAN_REASON_DEAUTH_LEAVING);
526 }
527}
7d878ca7
JM		 528
529
e29853bb
BG		 530static void sme_auth_timer(void *eloop_ctx, void *timeout_ctx)
531{
532 struct wpa_supplicant *wpa_s = eloop_ctx;
533 if (wpa_s->wpa_state == WPA_AUTHENTICATING) {
534 wpa_msg(wpa_s, MSG_DEBUG, "SME: Authentication timeout");
535 sme_deauth(wpa_s);
536 }
537}
538
539
540static void sme_assoc_timer(void *eloop_ctx, void *timeout_ctx)
541{
542 struct wpa_supplicant *wpa_s = eloop_ctx;
543 if (wpa_s->wpa_state == WPA_ASSOCIATING) {
544 wpa_msg(wpa_s, MSG_DEBUG, "SME: Association timeout");
545 sme_deauth(wpa_s);
546 }
547}
548
549
550void sme_state_changed(struct wpa_supplicant *wpa_s)
551{
552 /* Make sure timers are cleaned up appropriately. */
553 if (wpa_s->wpa_state != WPA_ASSOCIATING)
554 eloop_cancel_timeout(sme_assoc_timer, wpa_s, NULL);
555 if (wpa_s->wpa_state != WPA_AUTHENTICATING)
556 eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
557}
558
559
560void sme_disassoc_while_authenticating(struct wpa_supplicant *wpa_s,
561 const u8 *prev_pending_bssid)
562{
563 /*
564 * mac80211-workaround to force deauth on failed auth cmd,
565 * requires us to remain in authenticating state to allow the
566 * second authentication attempt to be continued properly.
567 */
568 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Allow pending authentication "
569 "to proceed after disconnection event");
570 wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING);
571 os_memcpy(wpa_s->pending_bssid, prev_pending_bssid, ETH_ALEN);
572
573 /*
574 * Re-arm authentication timer in case auth fails for whatever reason.
575 */
576 eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
577 eloop_register_timeout(SME_AUTH_TIMEOUT, 0, sme_auth_timer, wpa_s,
578 NULL);
579}
580
581
582void sme_deinit(struct wpa_supplicant *wpa_s)
583{
584 os_free(wpa_s->sme.ft_ies);
585 wpa_s->sme.ft_ies = NULL;
586 wpa_s->sme.ft_ies_len = 0;
587#ifdef CONFIG_IEEE80211W
588 sme_stop_sa_query(wpa_s);
589#endif /* CONFIG_IEEE80211W */
590
591 eloop_cancel_timeout(sme_assoc_timer, wpa_s, NULL);
592 eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
593}
594
595
7d878ca7
JM		 596#ifdef CONFIG_IEEE80211W
597
598static const unsigned int sa_query_max_timeout = 1000;
599static const unsigned int sa_query_retry_timeout = 201;
600
601static int sme_check_sa_query_timeout(struct wpa_supplicant *wpa_s)
602{
603 u32 tu;
604 struct os_time now, passed;
605 os_get_time(&now);
606 os_time_sub(&now, &wpa_s->sme.sa_query_start, &passed);
607 tu = (passed.sec * 1000000 + passed.usec) / 1024;
608 if (sa_query_max_timeout < tu) {
f049052b 609 wpa_dbg(wpa_s, MSG_DEBUG, "SME: SA Query timed out");
7d878ca7
JM		 610 sme_stop_sa_query(wpa_s);
611 wpa_supplicant_deauthenticate(
612 wpa_s, WLAN_REASON_PREV_AUTH_NOT_VALID);
613 return 1;
614 }
615
616 return 0;
617}
618
619
620static void sme_send_sa_query_req(struct wpa_supplicant *wpa_s,
621 const u8 *trans_id)
622{
623 u8 req[2 + WLAN_SA_QUERY_TR_ID_LEN];
f049052b
BG		 624 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Sending SA Query Request to "
625 MACSTR, MAC2STR(wpa_s->bssid));
7d878ca7
JM		 626 wpa_hexdump(MSG_DEBUG, "SME: SA Query Transaction ID",
627 trans_id, WLAN_SA_QUERY_TR_ID_LEN);
628 req[0] = WLAN_ACTION_SA_QUERY;
629 req[1] = WLAN_SA_QUERY_REQUEST;
630 os_memcpy(req + 2, trans_id, WLAN_SA_QUERY_TR_ID_LEN);
190b9062 631 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
7d878ca7
JM		 632 wpa_s->own_addr, wpa_s->bssid,
633 req, sizeof(req)) < 0)
f049052b
BG		 634 wpa_msg(wpa_s, MSG_INFO, "SME: Failed to send SA Query "
635 "Request");
7d878ca7
JM		 636}
637
638
639static void sme_sa_query_timer(void *eloop_ctx, void *timeout_ctx)
640{
641 struct wpa_supplicant *wpa_s = eloop_ctx;
642 unsigned int timeout, sec, usec;
643 u8 *trans_id, *nbuf;
644
645 if (wpa_s->sme.sa_query_count > 0 &&
646 sme_check_sa_query_timeout(wpa_s))
647 return;
648
649 nbuf = os_realloc(wpa_s->sme.sa_query_trans_id,
650 (wpa_s->sme.sa_query_count + 1) *
651 WLAN_SA_QUERY_TR_ID_LEN);
652 if (nbuf == NULL)
653 return;
654 if (wpa_s->sme.sa_query_count == 0) {
655 /* Starting a new SA Query procedure */
656 os_get_time(&wpa_s->sme.sa_query_start);
657 }
658 trans_id = nbuf + wpa_s->sme.sa_query_count * WLAN_SA_QUERY_TR_ID_LEN;
659 wpa_s->sme.sa_query_trans_id = nbuf;
660 wpa_s->sme.sa_query_count++;
661
662 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN);
663
664 timeout = sa_query_retry_timeout;
665 sec = ((timeout / 1000) * 1024) / 1000;
666 usec = (timeout % 1000) * 1024;
667 eloop_register_timeout(sec, usec, sme_sa_query_timer, wpa_s, NULL);
668
f049052b
BG		 669 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Association SA Query attempt %d",
670 wpa_s->sme.sa_query_count);
7d878ca7
JM		 671
672 sme_send_sa_query_req(wpa_s, trans_id);
673}
674
675
676static void sme_start_sa_query(struct wpa_supplicant *wpa_s)
677{
678 sme_sa_query_timer(wpa_s, NULL);
679}
680
681
682void sme_stop_sa_query(struct wpa_supplicant *wpa_s)
683{
684 eloop_cancel_timeout(sme_sa_query_timer, wpa_s, NULL);
685 os_free(wpa_s->sme.sa_query_trans_id);
686 wpa_s->sme.sa_query_trans_id = NULL;
687 wpa_s->sme.sa_query_count = 0;
688}
689
690
691void sme_event_unprot_disconnect(struct wpa_supplicant *wpa_s, const u8 *sa,
692 const u8 *da, u16 reason_code)
693{
694 struct wpa_ssid *ssid;
695
696 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
697 return;
698 if (wpa_s->wpa_state != WPA_COMPLETED)
699 return;
700 ssid = wpa_s->current_ssid;
701 if (ssid == NULL || ssid->ieee80211w == 0)
702 return;
703 if (os_memcmp(sa, wpa_s->bssid, ETH_ALEN) != 0)
704 return;
705 if (reason_code != WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA &&
706 reason_code != WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA)
707 return;
708 if (wpa_s->sme.sa_query_count > 0)
709 return;
710
f049052b
BG		 711 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Unprotected disconnect dropped - "
712 "possible AP/STA state mismatch - trigger SA Query");
7d878ca7
JM		 713 sme_start_sa_query(wpa_s);
714}
715
716
717void sme_sa_query_rx(struct wpa_supplicant *wpa_s, const u8 *sa,
718 const u8 *data, size_t len)
719{
720 int i;
721
722 if (wpa_s->sme.sa_query_trans_id == NULL ||
723 len < 1 + WLAN_SA_QUERY_TR_ID_LEN ||
724 data[0] != WLAN_SA_QUERY_RESPONSE)
725 return;
f049052b
BG		 726 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Received SA Query response from "
727 MACSTR " (trans_id %02x%02x)", MAC2STR(sa), data[1], data[2]);
7d878ca7
JM		 728
729 if (os_memcmp(sa, wpa_s->bssid, ETH_ALEN) != 0)
730 return;
731
732 for (i = 0; i < wpa_s->sme.sa_query_count; i++) {
733 if (os_memcmp(wpa_s->sme.sa_query_trans_id +
734 i * WLAN_SA_QUERY_TR_ID_LEN,
735 data + 1, WLAN_SA_QUERY_TR_ID_LEN) == 0)
736 break;
737 }
738
739 if (i >= wpa_s->sme.sa_query_count) {
f049052b
BG		 740 wpa_dbg(wpa_s, MSG_DEBUG, "SME: No matching SA Query "
741 "transaction identifier found");
7d878ca7
JM		 742 return;
743 }
744
f049052b
BG		 745 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Reply to pending SA Query received "
746 "from " MACSTR, MAC2STR(sa));
7d878ca7
JM		 747 sme_stop_sa_query(wpa_s);
748}
749
750#endif /* CONFIG_IEEE80211W */
Unnamed repository; edit this file 'description' to name the repository.