]> git.ipfire.org Git - thirdparty/hostap.git/blame - src/ap/wpa_auth.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nl80211: Avoid infinite loop when searching a BSS
[thirdparty/hostap.git] / src / ap / wpa_auth.c
CommitLineData
6fc6879b
JM		 1/*
2 * hostapd - IEEE 802.11i-2004 / WPA Authenticator
e6965d4e 3 * Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi>
6fc6879b
JM		 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
6226e38d 15#include "utils/includes.h"
6fc6879b 16
6226e38d
JM		 17#include "utils/common.h"
18#include "utils/eloop.h"
19#include "utils/state_machine.h"
81f4f619 20#include "common/ieee802_11_defs.h"
03da66bd
JM		 21#include "crypto/aes_wrap.h"
22#include "crypto/crypto.h"
23#include "crypto/sha1.h"
24#include "crypto/sha256.h"
3642c431 25#include "crypto/random.h"
281c950b 26#include "eapol_auth/eapol_auth_sm.h"
6226e38d 27#include "ap_config.h"
6fc6879b 28#include "ieee802_11.h"
6226e38d
JM		 29#include "wpa_auth.h"
30#include "pmksa_cache_auth.h"
6fc6879b
JM		 31#include "wpa_auth_i.h"
32#include "wpa_auth_ie.h"
33
34#define STATE_MACHINE_DATA struct wpa_state_machine
35#define STATE_MACHINE_DEBUG_PREFIX "WPA"
36#define STATE_MACHINE_ADDR sm->addr
37
38
39static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx);
e4a6ea1d 40static int wpa_sm_step(struct wpa_state_machine *sm);
6fc6879b
JM		 41static int wpa_verify_key_mic(struct wpa_ptk *PTK, u8 *data, size_t data_len);
42static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx);
43static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
44 struct wpa_group *group);
581a8cde 45static void wpa_request_new_ptk(struct wpa_state_machine *sm);
e6965d4e
JM		 46static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
47 struct wpa_group *group);
1bdb7ab3
JM		 48static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth,
49 struct wpa_group *group);
6fc6879b 50
bae61562
JM		 51static const u32 dot11RSNAConfigGroupUpdateCount = 4;
52static const u32 dot11RSNAConfigPairwiseUpdateCount = 4;
53static const u32 eapol_key_timeout_first = 100; /* ms */
54static const u32 eapol_key_timeout_subseq = 1000; /* ms */
6fc6879b
JM		 55
56/* TODO: make these configurable */
57static const int dot11RSNAConfigPMKLifetime = 43200;
58static const int dot11RSNAConfigPMKReauthThreshold = 70;
59static const int dot11RSNAConfigSATimeout = 60;
60
61
62static inline void wpa_auth_mic_failure_report(
63 struct wpa_authenticator *wpa_auth, const u8 *addr)
64{
65 if (wpa_auth->cb.mic_failure_report)
66 wpa_auth->cb.mic_failure_report(wpa_auth->cb.ctx, addr);
67}
68
69
70static inline void wpa_auth_set_eapol(struct wpa_authenticator *wpa_auth,
71 const u8 *addr, wpa_eapol_variable var,
72 int value)
73{
74 if (wpa_auth->cb.set_eapol)
75 wpa_auth->cb.set_eapol(wpa_auth->cb.ctx, addr, var, value);
76}
77
78
79static inline int wpa_auth_get_eapol(struct wpa_authenticator *wpa_auth,
80 const u8 *addr, wpa_eapol_variable var)
81{
82 if (wpa_auth->cb.get_eapol == NULL)
83 return -1;
84 return wpa_auth->cb.get_eapol(wpa_auth->cb.ctx, addr, var);
85}
86
87
88static inline const u8 * wpa_auth_get_psk(struct wpa_authenticator *wpa_auth,
89 const u8 *addr, const u8 *prev_psk)
90{
91 if (wpa_auth->cb.get_psk == NULL)
92 return NULL;
93 return wpa_auth->cb.get_psk(wpa_auth->cb.ctx, addr, prev_psk);
94}
95
96
97static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth,
98 const u8 *addr, u8 *msk, size_t *len)
99{
100 if (wpa_auth->cb.get_msk == NULL)
101 return -1;
102 return wpa_auth->cb.get_msk(wpa_auth->cb.ctx, addr, msk, len);
103}
104
105
106static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth,
107 int vlan_id,
71934751 108 enum wpa_alg alg, const u8 *addr, int idx,
6fc6879b
JM		 109 u8 *key, size_t key_len)
110{
111 if (wpa_auth->cb.set_key == NULL)
112 return -1;
113 return wpa_auth->cb.set_key(wpa_auth->cb.ctx, vlan_id, alg, addr, idx,
114 key, key_len);
115}
116
117
118static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth,
119 const u8 *addr, int idx, u8 *seq)
120{
121 if (wpa_auth->cb.get_seqnum == NULL)
122 return -1;
123 return wpa_auth->cb.get_seqnum(wpa_auth->cb.ctx, addr, idx, seq);
124}
125
126
6fc6879b
JM		 127static inline int
128wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr,
129 const u8 *data, size_t data_len, int encrypt)
130{
131 if (wpa_auth->cb.send_eapol == NULL)
132 return -1;
133 return wpa_auth->cb.send_eapol(wpa_auth->cb.ctx, addr, data, data_len,
134 encrypt);
135}
136
137
138int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
139 int (*cb)(struct wpa_state_machine *sm, void *ctx),
140 void *cb_ctx)
141{
142 if (wpa_auth->cb.for_each_sta == NULL)
143 return 0;
144 return wpa_auth->cb.for_each_sta(wpa_auth->cb.ctx, cb, cb_ctx);
145}
146
147
bf98f7f3
JM		 148int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth,
149 int (*cb)(struct wpa_authenticator *a, void *ctx),
150 void *cb_ctx)
151{
152 if (wpa_auth->cb.for_each_auth == NULL)
153 return 0;
154 return wpa_auth->cb.for_each_auth(wpa_auth->cb.ctx, cb, cb_ctx);
155}
156
157
6fc6879b
JM		 158void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr,
159 logger_level level, const char *txt)
160{
161 if (wpa_auth->cb.logger == NULL)
162 return;
163 wpa_auth->cb.logger(wpa_auth->cb.ctx, addr, level, txt);
164}
165
166
167void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr,
168 logger_level level, const char *fmt, ...)
169{
170 char *format;
171 int maxlen;
172 va_list ap;
173
174 if (wpa_auth->cb.logger == NULL)
175 return;
176
177 maxlen = os_strlen(fmt) + 100;
178 format = os_malloc(maxlen);
179 if (!format)
180 return;
181
182 va_start(ap, fmt);
183 vsnprintf(format, maxlen, fmt, ap);
184 va_end(ap);
185
186 wpa_auth_logger(wpa_auth, addr, level, format);
187
188 os_free(format);
189}
190
191
192static void wpa_sta_disconnect(struct wpa_authenticator *wpa_auth,
193 const u8 *addr)
194{
195 if (wpa_auth->cb.disconnect == NULL)
196 return;
197 wpa_auth->cb.disconnect(wpa_auth->cb.ctx, addr,
198 WLAN_REASON_PREV_AUTH_NOT_VALID);
199}
200
201
202static int wpa_use_aes_cmac(struct wpa_state_machine *sm)
203{
56586197 204 int ret = 0;
6fc6879b 205#ifdef CONFIG_IEEE80211R
56586197
JM		 206 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
207 ret = 1;
6fc6879b 208#endif /* CONFIG_IEEE80211R */
56586197
JM		 209#ifdef CONFIG_IEEE80211W
210 if (wpa_key_mgmt_sha256(sm->wpa_key_mgmt))
211 ret = 1;
212#endif /* CONFIG_IEEE80211W */
213 return ret;
6fc6879b
JM		 214}
215
216
217static void wpa_rekey_gmk(void *eloop_ctx, void *timeout_ctx)
218{
219 struct wpa_authenticator *wpa_auth = eloop_ctx;
220
3642c431 221 if (random_get_bytes(wpa_auth->group->GMK, WPA_GMK_LEN)) {
6fc6879b
JM		 222 wpa_printf(MSG_ERROR, "Failed to get random data for WPA "
223 "initialization.");
224 } else {
225 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "GMK rekeyd");
5cb9d5c3
JM		 226 wpa_hexdump_key(MSG_DEBUG, "GMK",
227 wpa_auth->group->GMK, WPA_GMK_LEN);
6fc6879b
JM		 228 }
229
230 if (wpa_auth->conf.wpa_gmk_rekey) {
231 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
232 wpa_rekey_gmk, wpa_auth, NULL);
233 }
234}
235
236
237static void wpa_rekey_gtk(void *eloop_ctx, void *timeout_ctx)
238{
239 struct wpa_authenticator *wpa_auth = eloop_ctx;
240 struct wpa_group *group;
241
242 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "rekeying GTK");
243 for (group = wpa_auth->group; group; group = group->next) {
244 group->GTKReKey = TRUE;
245 do {
246 group->changed = FALSE;
247 wpa_group_sm_step(wpa_auth, group);
248 } while (group->changed);
249 }
250
251 if (wpa_auth->conf.wpa_group_rekey) {
252 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey,
253 0, wpa_rekey_gtk, wpa_auth, NULL);
254 }
255}
256
257
581a8cde
JM		 258static void wpa_rekey_ptk(void *eloop_ctx, void *timeout_ctx)
259{
260 struct wpa_authenticator *wpa_auth = eloop_ctx;
261 struct wpa_state_machine *sm = timeout_ctx;
262
263 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
264 wpa_request_new_ptk(sm);
265 wpa_sm_step(sm);
266}
267
268
6fc6879b
JM		 269static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx)
270{
271 if (sm->pmksa == ctx)
272 sm->pmksa = NULL;
273 return 0;
274}
275
276
277static void wpa_auth_pmksa_free_cb(struct rsn_pmksa_cache_entry *entry,
278 void *ctx)
279{
280 struct wpa_authenticator *wpa_auth = ctx;
281 wpa_auth_for_each_sta(wpa_auth, wpa_auth_pmksa_clear_cb, entry);
282}
283
284
e6965d4e 285static void wpa_group_set_key_len(struct wpa_group *group, int cipher)
6fc6879b 286{
e6965d4e 287 switch (cipher) {
6fc6879b
JM		 288 case WPA_CIPHER_CCMP:
289 group->GTK_len = 16;
290 break;
291 case WPA_CIPHER_TKIP:
292 group->GTK_len = 32;
293 break;
294 case WPA_CIPHER_WEP104:
295 group->GTK_len = 13;
296 break;
297 case WPA_CIPHER_WEP40:
298 group->GTK_len = 5;
299 break;
300 }
e6965d4e
JM		 301}
302
303
1bdb7ab3
JM		 304static int wpa_group_init_gmk_and_counter(struct wpa_authenticator *wpa_auth,
305 struct wpa_group *group)
306{
307 u8 buf[ETH_ALEN + 8 + sizeof(group)];
308 u8 rkey[32];
309
3642c431 310 if (random_get_bytes(group->GMK, WPA_GMK_LEN) < 0)
1bdb7ab3
JM		 311 return -1;
312 wpa_hexdump_key(MSG_DEBUG, "GMK", group->GMK, WPA_GMK_LEN);
313
314 /*
315 * Counter = PRF-256(Random number, "Init Counter",
316 * Local MAC Address || Time)
317 */
318 os_memcpy(buf, wpa_auth->addr, ETH_ALEN);
319 wpa_get_ntp_timestamp(buf + ETH_ALEN);
320 os_memcpy(buf + ETH_ALEN + 8, &group, sizeof(group));
3642c431 321 if (random_get_bytes(rkey, sizeof(rkey)) < 0)
1bdb7ab3
JM		 322 return -1;
323
324 if (sha1_prf(rkey, sizeof(rkey), "Init Counter", buf, sizeof(buf),
325 group->Counter, WPA_NONCE_LEN) < 0)
326 return -1;
327 wpa_hexdump_key(MSG_DEBUG, "Key Counter",
328 group->Counter, WPA_NONCE_LEN);
329
330 return 0;
331}
332
333
e6965d4e
JM		 334static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth,
335 int vlan_id)
336{
337 struct wpa_group *group;
e6965d4e
JM		 338
339 group = os_zalloc(sizeof(struct wpa_group));
340 if (group == NULL)
341 return NULL;
342
343 group->GTKAuthenticator = TRUE;
344 group->vlan_id = vlan_id;
345
346 wpa_group_set_key_len(group, wpa_auth->conf.wpa_group);
6fc6879b 347
08704cd8
JM		 348 if (random_pool_ready() != 1) {
349 wpa_printf(MSG_INFO, "WPA: Not enough entropy in random pool "
350 "for secure operations - update keys later when "
351 "the first station connects");
352 }
353
1bdb7ab3
JM		 354 /*
355 * Set initial GMK/Counter value here. The actual values that will be
356 * used in negotiations will be set once the first station tries to
357 * connect. This allows more time for collecting additional randomness
358 * on embedded devices.
6fc6879b 359 */
1bdb7ab3 360 if (wpa_group_init_gmk_and_counter(wpa_auth, group) < 0) {
6fc6879b
JM		 361 wpa_printf(MSG_ERROR, "Failed to get random data for WPA "
362 "initialization.");
363 os_free(group);
364 return NULL;
365 }
6fc6879b
JM		 366
367 group->GInit = TRUE;
368 wpa_group_sm_step(wpa_auth, group);
369 group->GInit = FALSE;
370 wpa_group_sm_step(wpa_auth, group);
371
372 return group;
373}
374
375
376/**
377 * wpa_init - Initialize WPA authenticator
378 * @addr: Authenticator address
379 * @conf: Configuration for WPA authenticator
a17df5fb 380 * @cb: Callback functions for WPA authenticator
6fc6879b
JM		 381 * Returns: Pointer to WPA authenticator data or %NULL on failure
382 */
383struct wpa_authenticator * wpa_init(const u8 *addr,
384 struct wpa_auth_config *conf,
385 struct wpa_auth_callbacks *cb)
386{
387 struct wpa_authenticator *wpa_auth;
388
389 wpa_auth = os_zalloc(sizeof(struct wpa_authenticator));
390 if (wpa_auth == NULL)
391 return NULL;
392 os_memcpy(wpa_auth->addr, addr, ETH_ALEN);
393 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
394 os_memcpy(&wpa_auth->cb, cb, sizeof(*cb));
395
396 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
397 wpa_printf(MSG_ERROR, "Could not generate WPA IE.");
398 os_free(wpa_auth);
399 return NULL;
400 }
401
402 wpa_auth->group = wpa_group_init(wpa_auth, 0);
403 if (wpa_auth->group == NULL) {
404 os_free(wpa_auth->wpa_ie);
405 os_free(wpa_auth);
406 return NULL;
407 }
408
4bb081f1
JM		 409 wpa_auth->pmksa = pmksa_cache_auth_init(wpa_auth_pmksa_free_cb,
410 wpa_auth);
6fc6879b
JM		 411 if (wpa_auth->pmksa == NULL) {
412 wpa_printf(MSG_ERROR, "PMKSA cache initialization failed.");
413 os_free(wpa_auth->wpa_ie);
414 os_free(wpa_auth);
415 return NULL;
416 }
417
418#ifdef CONFIG_IEEE80211R
419 wpa_auth->ft_pmk_cache = wpa_ft_pmk_cache_init();
420 if (wpa_auth->ft_pmk_cache == NULL) {
421 wpa_printf(MSG_ERROR, "FT PMK cache initialization failed.");
422 os_free(wpa_auth->wpa_ie);
4bb081f1 423 pmksa_cache_auth_deinit(wpa_auth->pmksa);
6fc6879b
JM		 424 os_free(wpa_auth);
425 return NULL;
426 }
427#endif /* CONFIG_IEEE80211R */
428
429 if (wpa_auth->conf.wpa_gmk_rekey) {
430 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
431 wpa_rekey_gmk, wpa_auth, NULL);
432 }
433
434 if (wpa_auth->conf.wpa_group_rekey) {
435 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey, 0,
436 wpa_rekey_gtk, wpa_auth, NULL);
437 }
438
439 return wpa_auth;
440}
441
442
443/**
444 * wpa_deinit - Deinitialize WPA authenticator
445 * @wpa_auth: Pointer to WPA authenticator data from wpa_init()
446 */
447void wpa_deinit(struct wpa_authenticator *wpa_auth)
448{
449 struct wpa_group *group, *prev;
450
451 eloop_cancel_timeout(wpa_rekey_gmk, wpa_auth, NULL);
452 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
453
454#ifdef CONFIG_PEERKEY
455 while (wpa_auth->stsl_negotiations)
456 wpa_stsl_remove(wpa_auth, wpa_auth->stsl_negotiations);
457#endif /* CONFIG_PEERKEY */
458
4bb081f1 459 pmksa_cache_auth_deinit(wpa_auth->pmksa);
6fc6879b
JM		 460
461#ifdef CONFIG_IEEE80211R
462 wpa_ft_pmk_cache_deinit(wpa_auth->ft_pmk_cache);
463 wpa_auth->ft_pmk_cache = NULL;
464#endif /* CONFIG_IEEE80211R */
465
466 os_free(wpa_auth->wpa_ie);
467
468 group = wpa_auth->group;
469 while (group) {
470 prev = group;
471 group = group->next;
472 os_free(prev);
473 }
474
475 os_free(wpa_auth);
476}
477
478
479/**
480 * wpa_reconfig - Update WPA authenticator configuration
481 * @wpa_auth: Pointer to WPA authenticator data from wpa_init()
482 * @conf: Configuration for WPA authenticator
483 */
484int wpa_reconfig(struct wpa_authenticator *wpa_auth,
485 struct wpa_auth_config *conf)
486{
e6965d4e 487 struct wpa_group *group;
6fc6879b
JM		 488 if (wpa_auth == NULL)
489 return 0;
490
491 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
ad08c363
JM		 492 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
493 wpa_printf(MSG_ERROR, "Could not generate WPA IE.");
494 return -1;
495 }
496
e6965d4e
JM		 497 /*
498 * Reinitialize GTK to make sure it is suitable for the new
499 * configuration.
500 */
501 group = wpa_auth->group;
502 wpa_group_set_key_len(group, wpa_auth->conf.wpa_group);
503 group->GInit = TRUE;
504 wpa_group_sm_step(wpa_auth, group);
505 group->GInit = FALSE;
506 wpa_group_sm_step(wpa_auth, group);
507
6fc6879b
JM		 508 return 0;
509}
510
511
512struct wpa_state_machine *
513wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr)
514{
515 struct wpa_state_machine *sm;
516
517 sm = os_zalloc(sizeof(struct wpa_state_machine));
518 if (sm == NULL)
519 return NULL;
520 os_memcpy(sm->addr, addr, ETH_ALEN);
521
522 sm->wpa_auth = wpa_auth;
523 sm->group = wpa_auth->group;
524
525 return sm;
526}
527
528
6f9b5d16
JM		 529int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth,
530 struct wpa_state_machine *sm)
6fc6879b
JM		 531{
532 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
6f9b5d16 533 return -1;
6fc6879b
JM		 534
535#ifdef CONFIG_IEEE80211R
536 if (sm->ft_completed) {
537 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
538 "FT authentication already completed - do not "
539 "start 4-way handshake");
6f9b5d16 540 return 0;
6fc6879b
JM		 541 }
542#endif /* CONFIG_IEEE80211R */
543
544 if (sm->started) {
22a299ee 545 os_memset(&sm->key_replay, 0, sizeof(sm->key_replay));
6fc6879b 546 sm->ReAuthenticationRequest = TRUE;
6f9b5d16 547 return wpa_sm_step(sm);
6fc6879b
JM		 548 }
549
550 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
551 "start authentication");
552 sm->started = 1;
553
554 sm->Init = TRUE;
e4a6ea1d 555 if (wpa_sm_step(sm) == 1)
6f9b5d16 556 return 1; /* should not really happen */
6fc6879b
JM		 557 sm->Init = FALSE;
558 sm->AuthenticationRequest = TRUE;
6f9b5d16 559 return wpa_sm_step(sm);
6fc6879b
JM		 560}
561
562
a8d05fca
JM		 563void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm)
564{
565 /* WPA/RSN was not used - clear WPA state. This is needed if the STA
566 * reassociates back to the same AP while the previous entry for the
567 * STA has not yet been removed. */
568 if (sm == NULL)
569 return;
570
571 sm->wpa_key_mgmt = 0;
572}
573
574
6fc6879b
JM		 575static void wpa_free_sta_sm(struct wpa_state_machine *sm)
576{
0f857f43
JM		 577#ifdef CONFIG_IEEE80211R
578 os_free(sm->assoc_resp_ftie);
579#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 580 os_free(sm->last_rx_eapol_key);
581 os_free(sm->wpa_ie);
582 os_free(sm);
583}
584
585
586void wpa_auth_sta_deinit(struct wpa_state_machine *sm)
587{
588 if (sm == NULL)
589 return;
590
591 if (sm->wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) {
592 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
593 "strict rekeying - force GTK rekey since STA "
594 "is leaving");
595 eloop_cancel_timeout(wpa_rekey_gtk, sm->wpa_auth, NULL);
596 eloop_register_timeout(0, 500000, wpa_rekey_gtk, sm->wpa_auth,
597 NULL);
598 }
599
600 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
601 eloop_cancel_timeout(wpa_sm_call_step, sm, NULL);
581a8cde 602 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
6fc6879b
JM		 603 if (sm->in_step_loop) {
604 /* Must not free state machine while wpa_sm_step() is running.
605 * Freeing will be completed in the end of wpa_sm_step(). */
606 wpa_printf(MSG_DEBUG, "WPA: Registering pending STA state "
607 "machine deinit for " MACSTR, MAC2STR(sm->addr));
608 sm->pending_deinit = 1;
609 } else
610 wpa_free_sta_sm(sm);
611}
612
613
614static void wpa_request_new_ptk(struct wpa_state_machine *sm)
615{
616 if (sm == NULL)
617 return;
618
619 sm->PTKRequest = TRUE;
620 sm->PTK_valid = 0;
621}
622
623
22a299ee
JM		 624static int wpa_replay_counter_valid(struct wpa_state_machine *sm,
625 const u8 *replay_counter)
626{
627 int i;
628 for (i = 0; i < RSNA_MAX_EAPOL_RETRIES; i++) {
629 if (!sm->key_replay[i].valid)
630 break;
631 if (os_memcmp(replay_counter, sm->key_replay[i].counter,
632 WPA_REPLAY_COUNTER_LEN) == 0)
633 return 1;
634 }
635 return 0;
636}
637
638
0f857f43
JM		 639#ifdef CONFIG_IEEE80211R
640static int ft_check_msg_2_of_4(struct wpa_authenticator *wpa_auth,
641 struct wpa_state_machine *sm,
642 struct wpa_eapol_ie_parse *kde)
643{
644 struct wpa_ie_data ie;
645 struct rsn_mdie *mdie;
646
647 if (wpa_parse_wpa_ie_rsn(kde->rsn_ie, kde->rsn_ie_len, &ie) < 0 ||
648 ie.num_pmkid != 1 || ie.pmkid == NULL) {
649 wpa_printf(MSG_DEBUG, "FT: No PMKR1Name in "
650 "FT 4-way handshake message 2/4");
651 return -1;
652 }
653
654 os_memcpy(sm->sup_pmk_r1_name, ie.pmkid, PMKID_LEN);
655 wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name from Supplicant",
656 sm->sup_pmk_r1_name, PMKID_LEN);
657
658 if (!kde->mdie || !kde->ftie) {
659 wpa_printf(MSG_DEBUG, "FT: No %s in FT 4-way handshake "
660 "message 2/4", kde->mdie ? "FTIE" : "MDIE");
661 return -1;
662 }
663
664 mdie = (struct rsn_mdie *) (kde->mdie + 2);
665 if (kde->mdie[1] < sizeof(struct rsn_mdie) ||
666 os_memcmp(wpa_auth->conf.mobility_domain, mdie->mobility_domain,
667 MOBILITY_DOMAIN_ID_LEN) != 0) {
668 wpa_printf(MSG_DEBUG, "FT: MDIE mismatch");
669 return -1;
670 }
671
672 if (sm->assoc_resp_ftie &&
673 (kde->ftie[1] != sm->assoc_resp_ftie[1] ||
674 os_memcmp(kde->ftie, sm->assoc_resp_ftie,
675 2 + sm->assoc_resp_ftie[1]) != 0)) {
676 wpa_printf(MSG_DEBUG, "FT: FTIE mismatch");
677 wpa_hexdump(MSG_DEBUG, "FT: FTIE in EAPOL-Key msg 2/4",
678 kde->ftie, kde->ftie_len);
679 wpa_hexdump(MSG_DEBUG, "FT: FTIE in (Re)AssocResp",
680 sm->assoc_resp_ftie, 2 + sm->assoc_resp_ftie[1]);
681 return -1;
682 }
683
684 return 0;
685}
686#endif /* CONFIG_IEEE80211R */
687
688
6fc6879b
JM		 689void wpa_receive(struct wpa_authenticator *wpa_auth,
690 struct wpa_state_machine *sm,
691 u8 *data, size_t data_len)
692{
693 struct ieee802_1x_hdr *hdr;
694 struct wpa_eapol_key *key;
695 u16 key_info, key_data_length;
696 enum { PAIRWISE_2, PAIRWISE_4, GROUP_2, REQUEST,
697 SMK_M1, SMK_M3, SMK_ERROR } msg;
698 char *msgtxt;
699 struct wpa_eapol_ie_parse kde;
26e23750 700 int ft;
1566ec46
JM		 701 const u8 *eapol_key_ie;
702 size_t eapol_key_ie_len;
6fc6879b
JM		 703
704 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
705 return;
706
707 if (data_len < sizeof(*hdr) + sizeof(*key))
708 return;
709
710 hdr = (struct ieee802_1x_hdr *) data;
711 key = (struct wpa_eapol_key *) (hdr + 1);
712 key_info = WPA_GET_BE16(key->key_info);
713 key_data_length = WPA_GET_BE16(key->key_data_length);
714 if (key_data_length > data_len - sizeof(*hdr) - sizeof(*key)) {
715 wpa_printf(MSG_INFO, "WPA: Invalid EAPOL-Key frame - "
716 "key_data overflow (%d > %lu)",
717 key_data_length,
718 (unsigned long) (data_len - sizeof(*hdr) -
719 sizeof(*key)));
720 return;
721 }
722
f8e96eb6
JM		 723 if (sm->wpa == WPA_VERSION_WPA2) {
724 if (key->type != EAPOL_KEY_TYPE_RSN) {
725 wpa_printf(MSG_DEBUG, "Ignore EAPOL-Key with "
726 "unexpected type %d in RSN mode",
727 key->type);
728 return;
729 }
730 } else {
731 if (key->type != EAPOL_KEY_TYPE_WPA) {
732 wpa_printf(MSG_DEBUG, "Ignore EAPOL-Key with "
733 "unexpected type %d in WPA mode",
734 key->type);
735 return;
736 }
737 }
738
6fc6879b
JM		 739 /* FIX: verify that the EAPOL-Key frame was encrypted if pairwise keys
740 * are set */
741
742 if ((key_info & (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) ==
743 (WPA_KEY_INFO_SMK_MESSAGE | WPA_KEY_INFO_REQUEST)) {
744 if (key_info & WPA_KEY_INFO_ERROR) {
745 msg = SMK_ERROR;
746 msgtxt = "SMK Error";
747 } else {
748 msg = SMK_M1;
749 msgtxt = "SMK M1";
750 }
751 } else if (key_info & WPA_KEY_INFO_SMK_MESSAGE) {
752 msg = SMK_M3;
753 msgtxt = "SMK M3";
754 } else if (key_info & WPA_KEY_INFO_REQUEST) {
755 msg = REQUEST;
756 msgtxt = "Request";
757 } else if (!(key_info & WPA_KEY_INFO_KEY_TYPE)) {
758 msg = GROUP_2;
759 msgtxt = "2/2 Group";
760 } else if (key_data_length == 0) {
761 msg = PAIRWISE_4;
762 msgtxt = "4/4 Pairwise";
763 } else {
764 msg = PAIRWISE_2;
765 msgtxt = "2/4 Pairwise";
766 }
767
768 /* TODO: key_info type validation for PeerKey */
769 if (msg == REQUEST || msg == PAIRWISE_2 || msg == PAIRWISE_4 ||
770 msg == GROUP_2) {
771 u16 ver = key_info & WPA_KEY_INFO_TYPE_MASK;
772 if (sm->pairwise == WPA_CIPHER_CCMP) {
773 if (wpa_use_aes_cmac(sm) &&
774 ver != WPA_KEY_INFO_TYPE_AES_128_CMAC) {
775 wpa_auth_logger(wpa_auth, sm->addr,
776 LOGGER_WARNING,
777 "advertised support for "
778 "AES-128-CMAC, but did not "
779 "use it");
780 return;
781 }
782
783 if (!wpa_use_aes_cmac(sm) &&
784 ver != WPA_KEY_INFO_TYPE_HMAC_SHA1_AES) {
785 wpa_auth_logger(wpa_auth, sm->addr,
786 LOGGER_WARNING,
787 "did not use HMAC-SHA1-AES "
788 "with CCMP");
789 return;
790 }
791 }
792 }
793
794 if (key_info & WPA_KEY_INFO_REQUEST) {
795 if (sm->req_replay_counter_used &&
796 os_memcmp(key->replay_counter, sm->req_replay_counter,
797 WPA_REPLAY_COUNTER_LEN) <= 0) {
798 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING,
799 "received EAPOL-Key request with "
800 "replayed counter");
801 return;
802 }
803 }
804
805 if (!(key_info & WPA_KEY_INFO_REQUEST) &&
22a299ee
JM		 806 !wpa_replay_counter_valid(sm, key->replay_counter)) {
807 int i;
6fc6879b
JM		 808 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
809 "received EAPOL-Key %s with unexpected "
810 "replay counter", msgtxt);
22a299ee
JM		 811 for (i = 0; i < RSNA_MAX_EAPOL_RETRIES; i++) {
812 if (!sm->key_replay[i].valid)
813 break;
814 wpa_hexdump(MSG_DEBUG, "pending replay counter",
815 sm->key_replay[i].counter,
816 WPA_REPLAY_COUNTER_LEN);
817 }
6fc6879b
JM		 818 wpa_hexdump(MSG_DEBUG, "received replay counter",
819 key->replay_counter, WPA_REPLAY_COUNTER_LEN);
820 return;
821 }
822
823 switch (msg) {
824 case PAIRWISE_2:
825 if (sm->wpa_ptk_state != WPA_PTK_PTKSTART &&
826 sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING) {
827 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
828 "received EAPOL-Key msg 2/4 in "
829 "invalid state (%d) - dropped",
830 sm->wpa_ptk_state);
831 return;
832 }
bbb921da 833 random_add_randomness(key->key_nonce, WPA_NONCE_LEN);
08704cd8
JM		 834 if (sm->group->reject_4way_hs_for_entropy) {
835 /*
836 * The system did not have enough entropy to generate
837 * strong random numbers. Reject the first 4-way
838 * handshake(s) and collect some entropy based on the
839 * information from it. Once enough entropy is
840 * available, the next atempt will trigger GMK/Key
841 * Counter update and the station will be allowed to
842 * continue.
843 */
844 wpa_printf(MSG_DEBUG, "WPA: Reject 4-way handshake to "
845 "collect more entropy for random number "
846 "generation");
847 sm->group->reject_4way_hs_for_entropy = FALSE;
848 random_mark_pool_ready();
849 sm->group->first_sta_seen = FALSE;
850 wpa_sta_disconnect(wpa_auth, sm->addr);
851 return;
852 }
1566ec46
JM		 853 if (wpa_parse_kde_ies((u8 *) (key + 1), key_data_length,
854 &kde) < 0) {
855 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
856 "received EAPOL-Key msg 2/4 with "
857 "invalid Key Data contents");
858 return;
859 }
860 if (kde.rsn_ie) {
861 eapol_key_ie = kde.rsn_ie;
862 eapol_key_ie_len = kde.rsn_ie_len;
863 } else {
864 eapol_key_ie = kde.wpa_ie;
865 eapol_key_ie_len = kde.wpa_ie_len;
866 }
26e23750
JM		 867 ft = sm->wpa == WPA_VERSION_WPA2 &&
868 wpa_key_mgmt_ft(sm->wpa_key_mgmt);
6fc6879b 869 if (sm->wpa_ie == NULL ||
26e23750
JM		 870 wpa_compare_rsn_ie(ft,
871 sm->wpa_ie, sm->wpa_ie_len,
1566ec46 872 eapol_key_ie, eapol_key_ie_len)) {
6fc6879b
JM		 873 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
874 "WPA IE from (Re)AssocReq did not "
875 "match with msg 2/4");
876 if (sm->wpa_ie) {
877 wpa_hexdump(MSG_DEBUG, "WPA IE in AssocReq",
878 sm->wpa_ie, sm->wpa_ie_len);
879 }
880 wpa_hexdump(MSG_DEBUG, "WPA IE in msg 2/4",
1566ec46 881 eapol_key_ie, eapol_key_ie_len);
6fc6879b
JM		 882 /* MLME-DEAUTHENTICATE.request */
883 wpa_sta_disconnect(wpa_auth, sm->addr);
884 return;
885 }
26e23750 886#ifdef CONFIG_IEEE80211R
0f857f43
JM		 887 if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) {
888 wpa_sta_disconnect(wpa_auth, sm->addr);
889 return;
26e23750
JM		 890 }
891#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 892 break;
893 case PAIRWISE_4:
894 if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING ||
895 !sm->PTK_valid) {
896 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
897 "received EAPOL-Key msg 4/4 in "
898 "invalid state (%d) - dropped",
899 sm->wpa_ptk_state);
900 return;
901 }
902 break;
903 case GROUP_2:
904 if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING
905 || !sm->PTK_valid) {
906 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
907 "received EAPOL-Key msg 2/2 in "
908 "invalid state (%d) - dropped",
909 sm->wpa_ptk_group_state);
910 return;
911 }
912 break;
913#ifdef CONFIG_PEERKEY
914 case SMK_M1:
915 case SMK_M3:
916 case SMK_ERROR:
917 if (!wpa_auth->conf.peerkey) {
918 wpa_printf(MSG_DEBUG, "RSN: SMK M1/M3/Error, but "
919 "PeerKey use disabled - ignoring message");
920 return;
921 }
922 if (!sm->PTK_valid) {
923 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
924 "received EAPOL-Key msg SMK in "
925 "invalid state - dropped");
926 return;
927 }
928 break;
929#else /* CONFIG_PEERKEY */
930 case SMK_M1:
931 case SMK_M3:
932 case SMK_ERROR:
933 return; /* STSL disabled - ignore SMK messages */
934#endif /* CONFIG_PEERKEY */
935 case REQUEST:
936 break;
937 }
938
939 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
940 "received EAPOL-Key frame (%s)", msgtxt);
941
942 if (key_info & WPA_KEY_INFO_ACK) {
943 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
944 "received invalid EAPOL-Key: Key Ack set");
945 return;
946 }
947
948 if (!(key_info & WPA_KEY_INFO_MIC)) {
949 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
950 "received invalid EAPOL-Key: Key MIC not set");
951 return;
952 }
953
954 sm->MICVerified = FALSE;
955 if (sm->PTK_valid) {
956 if (wpa_verify_key_mic(&sm->PTK, data, data_len)) {
957 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
958 "received EAPOL-Key with invalid MIC");
959 return;
960 }
961 sm->MICVerified = TRUE;
962 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
963 }
964
965 if (key_info & WPA_KEY_INFO_REQUEST) {
966 if (sm->MICVerified) {
967 sm->req_replay_counter_used = 1;
968 os_memcpy(sm->req_replay_counter, key->replay_counter,
969 WPA_REPLAY_COUNTER_LEN);
970 } else {
971 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
972 "received EAPOL-Key request with "
973 "invalid MIC");
974 return;
975 }
976
977 /*
978 * TODO: should decrypt key data field if encryption was used;
979 * even though MAC address KDE is not normally encrypted,
980 * supplicant is allowed to encrypt it.
981 */
982 if (msg == SMK_ERROR) {
983#ifdef CONFIG_PEERKEY
984 wpa_smk_error(wpa_auth, sm, key);
985#endif /* CONFIG_PEERKEY */
986 return;
987 } else if (key_info & WPA_KEY_INFO_ERROR) {
988 /* Supplicant reported a Michael MIC error */
989 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
990 "received EAPOL-Key Error Request "
991 "(STA detected Michael MIC failure)");
992 wpa_auth_mic_failure_report(wpa_auth, sm->addr);
993 sm->dot11RSNAStatsTKIPRemoteMICFailures++;
994 wpa_auth->dot11RSNAStatsTKIPRemoteMICFailures++;
995 /* Error report is not a request for a new key
996 * handshake, but since Authenticator may do it, let's
997 * change the keys now anyway. */
998 wpa_request_new_ptk(sm);
999 } else if (key_info & WPA_KEY_INFO_KEY_TYPE) {
1000 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1001 "received EAPOL-Key Request for new "
1002 "4-Way Handshake");
1003 wpa_request_new_ptk(sm);
1004#ifdef CONFIG_PEERKEY
1005 } else if (msg == SMK_M1) {
1006 wpa_smk_m1(wpa_auth, sm, key);
1007#endif /* CONFIG_PEERKEY */
1008 } else if (key_data_length > 0 &&
1009 wpa_parse_kde_ies((const u8 *) (key + 1),
1010 key_data_length, &kde) == 0 &&
1011 kde.mac_addr) {
1012 } else {
1013 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1014 "received EAPOL-Key Request for GTK "
1015 "rekeying");
1016 /* FIX: why was this triggering PTK rekeying for the
1017 * STA that requested Group Key rekeying?? */
1018 /* wpa_request_new_ptk(sta->wpa_sm); */
1019 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
1020 wpa_rekey_gtk(wpa_auth, NULL);
1021 }
1022 } else {
22a299ee
JM		 1023 /* Do not allow the same key replay counter to be reused. This
1024 * does also invalidate all other pending replay counters if
1025 * retransmissions were used, i.e., we will only process one of
1026 * the pending replies and ignore rest if more than one is
1027 * received. */
1028 sm->key_replay[0].valid = FALSE;
6fc6879b
JM		 1029 }
1030
1031#ifdef CONFIG_PEERKEY
1032 if (msg == SMK_M3) {
1033 wpa_smk_m3(wpa_auth, sm, key);
1034 return;
1035 }
1036#endif /* CONFIG_PEERKEY */
1037
1038 os_free(sm->last_rx_eapol_key);
1039 sm->last_rx_eapol_key = os_malloc(data_len);
1040 if (sm->last_rx_eapol_key == NULL)
1041 return;
1042 os_memcpy(sm->last_rx_eapol_key, data, data_len);
1043 sm->last_rx_eapol_key_len = data_len;
1044
1045 sm->EAPOLKeyReceived = TRUE;
1046 sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE);
1047 sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST);
1048 os_memcpy(sm->SNonce, key->key_nonce, WPA_NONCE_LEN);
1049 wpa_sm_step(sm);
1050}
1051
1052
3c7302c2
JM		 1053static int wpa_gmk_to_gtk(const u8 *gmk, const char *label, const u8 *addr,
1054 const u8 *gnonce, u8 *gtk, size_t gtk_len)
6fc6879b 1055{
5cb9d5c3
JM		 1056 u8 data[ETH_ALEN + WPA_NONCE_LEN + 8 + 16];
1057 u8 *pos;
3c7302c2 1058 int ret = 0;
6fc6879b 1059
5cb9d5c3
JM		 1060 /* GTK = PRF-X(GMK, "Group key expansion",
1061 * AA || GNonce || Time || random data)
1062 * The example described in the IEEE 802.11 standard uses only AA and
1063 * GNonce as inputs here. Add some more entropy since this derivation
1064 * is done only at the Authenticator and as such, does not need to be
1065 * exactly same.
1066 */
6fc6879b
JM		 1067 os_memcpy(data, addr, ETH_ALEN);
1068 os_memcpy(data + ETH_ALEN, gnonce, WPA_NONCE_LEN);
5cb9d5c3
JM		 1069 pos = data + ETH_ALEN + WPA_NONCE_LEN;
1070 wpa_get_ntp_timestamp(pos);
1071 pos += 8;
3642c431 1072 if (random_get_bytes(pos, 16) < 0)
3c7302c2 1073 ret = -1;
6fc6879b 1074
56586197 1075#ifdef CONFIG_IEEE80211W
5cb9d5c3 1076 sha256_prf(gmk, WPA_GMK_LEN, label, data, sizeof(data), gtk, gtk_len);
56586197 1077#else /* CONFIG_IEEE80211W */
3c7302c2
JM		 1078 if (sha1_prf(gmk, WPA_GMK_LEN, label, data, sizeof(data), gtk, gtk_len)
1079 < 0)
1080 ret = -1;
56586197 1081#endif /* CONFIG_IEEE80211W */
3c7302c2
JM		 1082
1083 return ret;
6fc6879b
JM		 1084}
1085
1086
1087static void wpa_send_eapol_timeout(void *eloop_ctx, void *timeout_ctx)
1088{
1089 struct wpa_authenticator *wpa_auth = eloop_ctx;
1090 struct wpa_state_machine *sm = timeout_ctx;
1091
1092 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "EAPOL-Key timeout");
1093 sm->TimeoutEvt = TRUE;
1094 wpa_sm_step(sm);
1095}
1096
1097
1098void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
1099 struct wpa_state_machine *sm, int key_info,
1100 const u8 *key_rsc, const u8 *nonce,
1101 const u8 *kde, size_t kde_len,
1102 int keyidx, int encr, int force_version)
1103{
1104 struct ieee802_1x_hdr *hdr;
1105 struct wpa_eapol_key *key;
1106 size_t len;
1107 int alg;
1108 int key_data_len, pad_len = 0;
1109 u8 *buf, *pos;
1110 int version, pairwise;
22a299ee 1111 int i;
6fc6879b
JM		 1112
1113 len = sizeof(struct ieee802_1x_hdr) + sizeof(struct wpa_eapol_key);
1114
1115 if (force_version)
1116 version = force_version;
1117 else if (wpa_use_aes_cmac(sm))
1118 version = WPA_KEY_INFO_TYPE_AES_128_CMAC;
1119 else if (sm->pairwise == WPA_CIPHER_CCMP)
1120 version = WPA_KEY_INFO_TYPE_HMAC_SHA1_AES;
1121 else
1122 version = WPA_KEY_INFO_TYPE_HMAC_MD5_RC4;
1123
1124 pairwise = key_info & WPA_KEY_INFO_KEY_TYPE;
1125
1126 wpa_printf(MSG_DEBUG, "WPA: Send EAPOL(version=%d secure=%d mic=%d "
1127 "ack=%d install=%d pairwise=%d kde_len=%lu keyidx=%d "
1128 "encr=%d)",
1129 version,
1130 (key_info & WPA_KEY_INFO_SECURE) ? 1 : 0,
1131 (key_info & WPA_KEY_INFO_MIC) ? 1 : 0,
1132 (key_info & WPA_KEY_INFO_ACK) ? 1 : 0,
1133 (key_info & WPA_KEY_INFO_INSTALL) ? 1 : 0,
1134 pairwise, (unsigned long) kde_len, keyidx, encr);
1135
1136 key_data_len = kde_len;
1137
1138 if ((version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
1139 version == WPA_KEY_INFO_TYPE_AES_128_CMAC) && encr) {
1140 pad_len = key_data_len % 8;
1141 if (pad_len)
1142 pad_len = 8 - pad_len;
1143 key_data_len += pad_len + 8;
1144 }
1145
1146 len += key_data_len;
1147
1148 hdr = os_zalloc(len);
1149 if (hdr == NULL)
1150 return;
1151 hdr->version = wpa_auth->conf.eapol_version;
1152 hdr->type = IEEE802_1X_TYPE_EAPOL_KEY;
1153 hdr->length = host_to_be16(len - sizeof(*hdr));
1154 key = (struct wpa_eapol_key *) (hdr + 1);
1155
1156 key->type = sm->wpa == WPA_VERSION_WPA2 ?
1157 EAPOL_KEY_TYPE_RSN : EAPOL_KEY_TYPE_WPA;
1158 key_info |= version;
1159 if (encr && sm->wpa == WPA_VERSION_WPA2)
1160 key_info |= WPA_KEY_INFO_ENCR_KEY_DATA;
1161 if (sm->wpa != WPA_VERSION_WPA2)
1162 key_info |= keyidx << WPA_KEY_INFO_KEY_INDEX_SHIFT;
1163 WPA_PUT_BE16(key->key_info, key_info);
1164
1165 alg = pairwise ? sm->pairwise : wpa_auth->conf.wpa_group;
1166 switch (alg) {
1167 case WPA_CIPHER_CCMP:
1168 WPA_PUT_BE16(key->key_length, 16);
1169 break;
1170 case WPA_CIPHER_TKIP:
1171 WPA_PUT_BE16(key->key_length, 32);
1172 break;
1173 case WPA_CIPHER_WEP40:
1174 WPA_PUT_BE16(key->key_length, 5);
1175 break;
1176 case WPA_CIPHER_WEP104:
1177 WPA_PUT_BE16(key->key_length, 13);
1178 break;
1179 }
1180 if (key_info & WPA_KEY_INFO_SMK_MESSAGE)
1181 WPA_PUT_BE16(key->key_length, 0);
1182
1183 /* FIX: STSL: what to use as key_replay_counter? */
22a299ee
JM		 1184 for (i = RSNA_MAX_EAPOL_RETRIES - 1; i > 0; i--) {
1185 sm->key_replay[i].valid = sm->key_replay[i - 1].valid;
1186 os_memcpy(sm->key_replay[i].counter,
1187 sm->key_replay[i - 1].counter,
1188 WPA_REPLAY_COUNTER_LEN);
1189 }
1190 inc_byte_array(sm->key_replay[0].counter, WPA_REPLAY_COUNTER_LEN);
1191 os_memcpy(key->replay_counter, sm->key_replay[0].counter,
6fc6879b 1192 WPA_REPLAY_COUNTER_LEN);
22a299ee 1193 sm->key_replay[0].valid = TRUE;
6fc6879b
JM		 1194
1195 if (nonce)
1196 os_memcpy(key->key_nonce, nonce, WPA_NONCE_LEN);
1197
1198 if (key_rsc)
1199 os_memcpy(key->key_rsc, key_rsc, WPA_KEY_RSC_LEN);
1200
1201 if (kde && !encr) {
1202 os_memcpy(key + 1, kde, kde_len);
1203 WPA_PUT_BE16(key->key_data_length, kde_len);
1204 } else if (encr && kde) {
1205 buf = os_zalloc(key_data_len);
1206 if (buf == NULL) {
1207 os_free(hdr);
1208 return;
1209 }
1210 pos = buf;
1211 os_memcpy(pos, kde, kde_len);
1212 pos += kde_len;
1213
1214 if (pad_len)
1215 *pos++ = 0xdd;
1216
1217 wpa_hexdump_key(MSG_DEBUG, "Plaintext EAPOL-Key Key Data",
1218 buf, key_data_len);
1219 if (version == WPA_KEY_INFO_TYPE_HMAC_SHA1_AES ||
1220 version == WPA_KEY_INFO_TYPE_AES_128_CMAC) {
1221 if (aes_wrap(sm->PTK.kek, (key_data_len - 8) / 8, buf,
1222 (u8 *) (key + 1))) {
1223 os_free(hdr);
1224 os_free(buf);
1225 return;
1226 }
1227 WPA_PUT_BE16(key->key_data_length, key_data_len);
1228 } else {
1229 u8 ek[32];
1230 os_memcpy(key->key_iv,
1231 sm->group->Counter + WPA_NONCE_LEN - 16, 16);
1232 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
1233 os_memcpy(ek, key->key_iv, 16);
1234 os_memcpy(ek + 16, sm->PTK.kek, 16);
1235 os_memcpy(key + 1, buf, key_data_len);
1236 rc4_skip(ek, 32, 256, (u8 *) (key + 1), key_data_len);
1237 WPA_PUT_BE16(key->key_data_length, key_data_len);
1238 }
1239 os_free(buf);
1240 }
1241
1242 if (key_info & WPA_KEY_INFO_MIC) {
1243 if (!sm->PTK_valid) {
1244 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
1245 "PTK not valid when sending EAPOL-Key "
1246 "frame");
1247 os_free(hdr);
1248 return;
1249 }
1250 wpa_eapol_key_mic(sm->PTK.kck, version, (u8 *) hdr, len,
1251 key->key_mic);
1252 }
1253
1254 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx,
1255 1);
1256 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len,
1257 sm->pairwise_set);
1258 os_free(hdr);
1259}
1260
1261
1262static void wpa_send_eapol(struct wpa_authenticator *wpa_auth,
1263 struct wpa_state_machine *sm, int key_info,
1264 const u8 *key_rsc, const u8 *nonce,
1265 const u8 *kde, size_t kde_len,
1266 int keyidx, int encr)
1267{
1268 int timeout_ms;
1269 int pairwise = key_info & WPA_KEY_INFO_KEY_TYPE;
bae61562 1270 int ctr;
6fc6879b
JM		 1271
1272 if (sm == NULL)
1273 return;
1274
1275 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len,
1276 keyidx, encr, 0);
1277
bae61562
JM		 1278 ctr = pairwise ? sm->TimeoutCtr : sm->GTimeoutCtr;
1279 if (ctr == 1)
1280 timeout_ms = eapol_key_timeout_first;
1281 else
1282 timeout_ms = eapol_key_timeout_subseq;
6fc6879b
JM		 1283 eloop_register_timeout(timeout_ms / 1000, (timeout_ms % 1000) * 1000,
1284 wpa_send_eapol_timeout, wpa_auth, sm);
1285}
1286
1287
1288static int wpa_verify_key_mic(struct wpa_ptk *PTK, u8 *data, size_t data_len)
1289{
1290 struct ieee802_1x_hdr *hdr;
1291 struct wpa_eapol_key *key;
1292 u16 key_info;
1293 int ret = 0;
1294 u8 mic[16];
1295
1296 if (data_len < sizeof(*hdr) + sizeof(*key))
1297 return -1;
1298
1299 hdr = (struct ieee802_1x_hdr *) data;
1300 key = (struct wpa_eapol_key *) (hdr + 1);
1301 key_info = WPA_GET_BE16(key->key_info);
1302 os_memcpy(mic, key->key_mic, 16);
1303 os_memset(key->key_mic, 0, 16);
1304 if (wpa_eapol_key_mic(PTK->kck, key_info & WPA_KEY_INFO_TYPE_MASK,
1305 data, data_len, key->key_mic) ||
1306 os_memcmp(mic, key->key_mic, 16) != 0)
1307 ret = -1;
1308 os_memcpy(key->key_mic, mic, 16);
1309 return ret;
1310}
1311
1312
1313void wpa_remove_ptk(struct wpa_state_machine *sm)
1314{
1315 sm->PTK_valid = FALSE;
1316 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
26083221 1317 wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, 0);
6fc6879b 1318 sm->pairwise_set = FALSE;
581a8cde 1319 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
6fc6879b
JM		 1320}
1321
1322
6f9b5d16 1323int wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event)
6fc6879b 1324{
5d22a1d5
JM		 1325 int remove_ptk = 1;
1326
6fc6879b 1327 if (sm == NULL)
6f9b5d16 1328 return -1;
6fc6879b
JM		 1329
1330 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1331 "event %d notification", event);
1332
1333 switch (event) {
1334 case WPA_AUTH:
1335 case WPA_ASSOC:
1336 break;
1337 case WPA_DEAUTH:
1338 case WPA_DISASSOC:
1339 sm->DeauthenticationRequest = TRUE;
1340 break;
1341 case WPA_REAUTH:
1342 case WPA_REAUTH_EAPOL:
3ab72b62
JM		 1343 if (!sm->started) {
1344 /*
1345 * When using WPS, we may end up here if the STA
1346 * manages to re-associate without the previous STA
1347 * entry getting removed. Consequently, we need to make
1348 * sure that the WPA state machines gets initialized
1349 * properly at this point.
1350 */
1351 wpa_printf(MSG_DEBUG, "WPA state machine had not been "
1352 "started - initialize now");
1353 sm->started = 1;
1354 sm->Init = TRUE;
1355 if (wpa_sm_step(sm) == 1)
1356 return 1; /* should not really happen */
1357 sm->Init = FALSE;
1358 sm->AuthenticationRequest = TRUE;
1359 break;
1360 }
9663596f
JM		 1361 if (sm->GUpdateStationKeys) {
1362 /*
1363 * Reauthentication cancels the pending group key
1364 * update for this STA.
1365 */
1366 sm->group->GKeyDoneStations--;
1367 sm->GUpdateStationKeys = FALSE;
1368 sm->PtkGroupInit = TRUE;
1369 }
6fc6879b
JM		 1370 sm->ReAuthenticationRequest = TRUE;
1371 break;
1372 case WPA_ASSOC_FT:
1373#ifdef CONFIG_IEEE80211R
81a658d7
JM		 1374 wpa_printf(MSG_DEBUG, "FT: Retry PTK configuration "
1375 "after association");
1376 wpa_ft_install_ptk(sm);
1377
6fc6879b
JM		 1378 /* Using FT protocol, not WPA auth state machine */
1379 sm->ft_completed = 1;
6f9b5d16 1380 return 0;
6fc6879b
JM		 1381#else /* CONFIG_IEEE80211R */
1382 break;
1383#endif /* CONFIG_IEEE80211R */
1384 }
1385
1386#ifdef CONFIG_IEEE80211R
1387 sm->ft_completed = 0;
1388#endif /* CONFIG_IEEE80211R */
1389
5d22a1d5
JM		 1390#ifdef CONFIG_IEEE80211W
1391 if (sm->mgmt_frame_prot && event == WPA_AUTH)
1392 remove_ptk = 0;
1393#endif /* CONFIG_IEEE80211W */
6fc6879b 1394
5d22a1d5
JM		 1395 if (remove_ptk) {
1396 sm->PTK_valid = FALSE;
1397 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1398
1399 if (event != WPA_REAUTH_EAPOL)
1400 wpa_remove_ptk(sm);
1401 }
6fc6879b 1402
6f9b5d16 1403 return wpa_sm_step(sm);
6fc6879b
JM		 1404}
1405
1406
71934751 1407static enum wpa_alg wpa_alg_enum(int alg)
6fc6879b
JM		 1408{
1409 switch (alg) {
1410 case WPA_CIPHER_CCMP:
89d39d9d 1411 return WPA_ALG_CCMP;
6fc6879b 1412 case WPA_CIPHER_TKIP:
89d39d9d 1413 return WPA_ALG_TKIP;
6fc6879b
JM		 1414 case WPA_CIPHER_WEP104:
1415 case WPA_CIPHER_WEP40:
89d39d9d 1416 return WPA_ALG_WEP;
6fc6879b 1417 default:
89d39d9d 1418 return WPA_ALG_NONE;
6fc6879b
JM		 1419 }
1420}
1421
1422
1423SM_STATE(WPA_PTK, INITIALIZE)
1424{
1425 SM_ENTRY_MA(WPA_PTK, INITIALIZE, wpa_ptk);
1426 if (sm->Init) {
1427 /* Init flag is not cleared here, so avoid busy
1428 * loop by claiming nothing changed. */
1429 sm->changed = FALSE;
1430 }
1431
1432 sm->keycount = 0;
1433 if (sm->GUpdateStationKeys)
1434 sm->group->GKeyDoneStations--;
1435 sm->GUpdateStationKeys = FALSE;
1436 if (sm->wpa == WPA_VERSION_WPA)
1437 sm->PInitAKeys = FALSE;
1438 if (1 /* Unicast cipher supported AND (ESS OR ((IBSS or WDS) and
1439 * Local AA > Remote AA)) */) {
1440 sm->Pair = TRUE;
1441 }
1442 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0);
1443 wpa_remove_ptk(sm);
1444 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0);
1445 sm->TimeoutCtr = 0;
56586197 1446 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1447 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1448 WPA_EAPOL_authorized, 0);
1449 }
1450}
1451
1452
1453SM_STATE(WPA_PTK, DISCONNECT)
1454{
1455 SM_ENTRY_MA(WPA_PTK, DISCONNECT, wpa_ptk);
1456 sm->Disconnect = FALSE;
1457 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1458}
1459
1460
1461SM_STATE(WPA_PTK, DISCONNECTED)
1462{
1463 SM_ENTRY_MA(WPA_PTK, DISCONNECTED, wpa_ptk);
1464 sm->DeauthenticationRequest = FALSE;
1465}
1466
1467
1468SM_STATE(WPA_PTK, AUTHENTICATION)
1469{
1470 SM_ENTRY_MA(WPA_PTK, AUTHENTICATION, wpa_ptk);
1471 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1472 sm->PTK_valid = FALSE;
1473 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
1474 1);
1475 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1);
1476 sm->AuthenticationRequest = FALSE;
1477}
1478
1479
1bdb7ab3
JM		 1480static void wpa_group_first_station(struct wpa_authenticator *wpa_auth,
1481 struct wpa_group *group)
1482{
1483 /*
1484 * System has run bit further than at the time hostapd was started
1485 * potentially very early during boot up. This provides better chances
1486 * of collecting more randomness on embedded systems. Re-initialize the
1487 * GMK and Counter here to improve their strength if there was not
1488 * enough entropy available immediately after system startup.
1489 */
1490 wpa_printf(MSG_DEBUG, "WPA: Re-initialize GMK/Counter on first "
1491 "station");
08704cd8
JM		 1492 if (random_pool_ready() != 1) {
1493 wpa_printf(MSG_INFO, "WPA: Not enough entropy in random pool "
1494 "to proceed - reject first 4-way handshake");
1495 group->reject_4way_hs_for_entropy = TRUE;
1496 }
1bdb7ab3
JM		 1497 wpa_group_init_gmk_and_counter(wpa_auth, group);
1498 wpa_gtk_update(wpa_auth, group);
1499 wpa_group_config_group_keys(wpa_auth, group);
1500}
1501
1502
6fc6879b
JM		 1503SM_STATE(WPA_PTK, AUTHENTICATION2)
1504{
1505 SM_ENTRY_MA(WPA_PTK, AUTHENTICATION2, wpa_ptk);
1bdb7ab3
JM		 1506
1507 if (!sm->group->first_sta_seen) {
1508 wpa_group_first_station(sm->wpa_auth, sm->group);
1509 sm->group->first_sta_seen = TRUE;
1510 }
1511
6fc6879b
JM		 1512 os_memcpy(sm->ANonce, sm->group->Counter, WPA_NONCE_LEN);
1513 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
1514 sm->ReAuthenticationRequest = FALSE;
1515 /* IEEE 802.11i does not clear TimeoutCtr here, but this is more
1516 * logical place than INITIALIZE since AUTHENTICATION2 can be
1517 * re-entered on ReAuthenticationRequest without going through
1518 * INITIALIZE. */
1519 sm->TimeoutCtr = 0;
1520}
1521
1522
1523SM_STATE(WPA_PTK, INITPMK)
1524{
1525 u8 msk[2 * PMK_LEN];
1526 size_t len = 2 * PMK_LEN;
1527
1528 SM_ENTRY_MA(WPA_PTK, INITPMK, wpa_ptk);
1529#ifdef CONFIG_IEEE80211R
1530 sm->xxkey_len = 0;
1531#endif /* CONFIG_IEEE80211R */
1532 if (sm->pmksa) {
1533 wpa_printf(MSG_DEBUG, "WPA: PMK from PMKSA cache");
1534 os_memcpy(sm->PMK, sm->pmksa->pmk, PMK_LEN);
1535 } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) {
1536 wpa_printf(MSG_DEBUG, "WPA: PMK from EAPOL state machine "
1537 "(len=%lu)", (unsigned long) len);
1538 os_memcpy(sm->PMK, msk, PMK_LEN);
1539#ifdef CONFIG_IEEE80211R
1540 if (len >= 2 * PMK_LEN) {
1541 os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
1542 sm->xxkey_len = PMK_LEN;
1543 }
1544#endif /* CONFIG_IEEE80211R */
1545 } else {
1546 wpa_printf(MSG_DEBUG, "WPA: Could not get PMK");
1547 }
1548
1549 sm->req_replay_counter_used = 0;
1550 /* IEEE 802.11i does not set keyRun to FALSE, but not doing this
1551 * will break reauthentication since EAPOL state machines may not be
1552 * get into AUTHENTICATING state that clears keyRun before WPA state
1553 * machine enters AUTHENTICATION2 state and goes immediately to INITPMK
1554 * state and takes PMK from the previously used AAA Key. This will
1555 * eventually fail in 4-Way Handshake because Supplicant uses PMK
1556 * derived from the new AAA Key. Setting keyRun = FALSE here seems to
1557 * be good workaround for this issue. */
1558 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, 0);
1559}
1560
1561
1562SM_STATE(WPA_PTK, INITPSK)
1563{
1564 const u8 *psk;
1565 SM_ENTRY_MA(WPA_PTK, INITPSK, wpa_ptk);
1566 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL);
1567 if (psk) {
1568 os_memcpy(sm->PMK, psk, PMK_LEN);
1569#ifdef CONFIG_IEEE80211R
1570 os_memcpy(sm->xxkey, psk, PMK_LEN);
1571 sm->xxkey_len = PMK_LEN;
1572#endif /* CONFIG_IEEE80211R */
1573 }
1574 sm->req_replay_counter_used = 0;
1575}
1576
1577
1578SM_STATE(WPA_PTK, PTKSTART)
1579{
1580 u8 buf[2 + RSN_SELECTOR_LEN + PMKID_LEN], *pmkid = NULL;
1581 size_t pmkid_len = 0;
1582
1583 SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk);
1584 sm->PTKRequest = FALSE;
1585 sm->TimeoutEvt = FALSE;
bae61562
JM		 1586
1587 sm->TimeoutCtr++;
1588 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1589 /* No point in sending the EAPOL-Key - we will disconnect
1590 * immediately following this. */
1591 return;
1592 }
1593
6fc6879b
JM		 1594 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1595 "sending 1/4 msg of 4-Way Handshake");
1596 /*
1597 * TODO: Could add PMKID even with WPA2-PSK, but only if there is only
1598 * one possible PSK for this STA.
1599 */
1600 if (sm->wpa == WPA_VERSION_WPA2 &&
56586197 1601 wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1602 pmkid = buf;
1603 pmkid_len = 2 + RSN_SELECTOR_LEN + PMKID_LEN;
1604 pmkid[0] = WLAN_EID_VENDOR_SPECIFIC;
1605 pmkid[1] = RSN_SELECTOR_LEN + PMKID_LEN;
1606 RSN_SELECTOR_PUT(&pmkid[2], RSN_KEY_DATA_PMKID);
1607 if (sm->pmksa)
1608 os_memcpy(&pmkid[2 + RSN_SELECTOR_LEN],
1609 sm->pmksa->pmkid, PMKID_LEN);
1610 else {
1611 /*
1612 * Calculate PMKID since no PMKSA cache entry was
1613 * available with pre-calculated PMKID.
1614 */
1615 rsn_pmkid(sm->PMK, PMK_LEN, sm->wpa_auth->addr,
56586197
JM		 1616 sm->addr, &pmkid[2 + RSN_SELECTOR_LEN],
1617 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
6fc6879b
JM		 1618 }
1619 }
1620 wpa_send_eapol(sm->wpa_auth, sm,
1621 WPA_KEY_INFO_ACK | WPA_KEY_INFO_KEY_TYPE, NULL,
1622 sm->ANonce, pmkid, pmkid_len, 0, 0);
6fc6879b
JM		 1623}
1624
1625
1626static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *pmk,
1627 struct wpa_ptk *ptk)
1628{
c0a61908 1629 size_t ptk_len = sm->pairwise == WPA_CIPHER_CCMP ? 48 : 64;
6fc6879b 1630#ifdef CONFIG_IEEE80211R
56586197 1631 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
c0a61908 1632 return wpa_auth_derive_ptk_ft(sm, pmk, ptk, ptk_len);
6fc6879b
JM		 1633#endif /* CONFIG_IEEE80211R */
1634
1635 wpa_pmk_to_ptk(pmk, PMK_LEN, "Pairwise key expansion",
1636 sm->wpa_auth->addr, sm->addr, sm->ANonce, sm->SNonce,
c0a61908 1637 (u8 *) ptk, ptk_len,
56586197 1638 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
6fc6879b
JM		 1639
1640 return 0;
1641}
1642
1643
1644SM_STATE(WPA_PTK, PTKCALCNEGOTIATING)
1645{
1646 struct wpa_ptk PTK;
1647 int ok = 0;
1648 const u8 *pmk = NULL;
1649
1650 SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING, wpa_ptk);
1651 sm->EAPOLKeyReceived = FALSE;
1652
1653 /* WPA with IEEE 802.1X: use the derived PMK from EAP
1654 * WPA-PSK: iterate through possible PSKs and select the one matching
1655 * the packet */
1656 for (;;) {
56586197 1657 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1658 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, pmk);
1659 if (pmk == NULL)
1660 break;
1661 } else
1662 pmk = sm->PMK;
1663
1664 wpa_derive_ptk(sm, pmk, &PTK);
1665
1666 if (wpa_verify_key_mic(&PTK, sm->last_rx_eapol_key,
1667 sm->last_rx_eapol_key_len) == 0) {
1668 ok = 1;
1669 break;
1670 }
1671
56586197 1672 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt))
6fc6879b
JM		 1673 break;
1674 }
1675
1676 if (!ok) {
1677 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1678 "invalid MIC in msg 2/4 of 4-Way Handshake");
1679 return;
1680 }
1681
26e23750
JM		 1682#ifdef CONFIG_IEEE80211R
1683 if (sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1684 /*
1685 * Verify that PMKR1Name from EAPOL-Key message 2/4 matches
1686 * with the value we derived.
1687 */
1688 if (os_memcmp(sm->sup_pmk_r1_name, sm->pmk_r1_name,
1689 WPA_PMK_NAME_LEN) != 0) {
1690 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1691 "PMKR1Name mismatch in FT 4-way "
1692 "handshake");
1693 wpa_hexdump(MSG_DEBUG, "FT: PMKR1Name from "
1694 "Supplicant",
1695 sm->sup_pmk_r1_name, WPA_PMK_NAME_LEN);
1696 wpa_hexdump(MSG_DEBUG, "FT: Derived PMKR1Name",
1697 sm->pmk_r1_name, WPA_PMK_NAME_LEN);
1698 return;
1699 }
1700 }
1701#endif /* CONFIG_IEEE80211R */
1702
6fc6879b
JM		 1703 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
1704
56586197 1705 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1706 /* PSK may have changed from the previous choice, so update
1707 * state machine data based on whatever PSK was selected here.
1708 */
1709 os_memcpy(sm->PMK, pmk, PMK_LEN);
1710 }
1711
1712 sm->MICVerified = TRUE;
1713
1714 os_memcpy(&sm->PTK, &PTK, sizeof(PTK));
1715 sm->PTK_valid = TRUE;
1716}
1717
1718
1719SM_STATE(WPA_PTK, PTKCALCNEGOTIATING2)
1720{
1721 SM_ENTRY_MA(WPA_PTK, PTKCALCNEGOTIATING2, wpa_ptk);
1722 sm->TimeoutCtr = 0;
1723}
1724
1725
1726#ifdef CONFIG_IEEE80211W
1727
1728static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1729{
1730 if (sm->mgmt_frame_prot) {
1731 return 2 + RSN_SELECTOR_LEN + sizeof(struct wpa_igtk_kde);
1732 }
1733
1734 return 0;
1735}
1736
1737
1738static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1739{
1740 struct wpa_igtk_kde igtk;
1741 struct wpa_group *gsm = sm->group;
1742
1743 if (!sm->mgmt_frame_prot)
1744 return pos;
1745
1746 igtk.keyid[0] = gsm->GN_igtk;
1747 igtk.keyid[1] = 0;
7b1080da
JM		 1748 if (gsm->wpa_group_state != WPA_GROUP_SETKEYSDONE ||
1749 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, igtk.pn) < 0)
6fc6879b
JM		 1750 os_memset(igtk.pn, 0, sizeof(igtk.pn));
1751 os_memcpy(igtk.igtk, gsm->IGTK[gsm->GN_igtk - 4], WPA_IGTK_LEN);
1752 pos = wpa_add_kde(pos, RSN_KEY_DATA_IGTK,
1753 (const u8 *) &igtk, sizeof(igtk), NULL, 0);
1754
1755 return pos;
1756}
1757
1758#else /* CONFIG_IEEE80211W */
1759
1760static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1761{
1762 return 0;
1763}
1764
1765
1766static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1767{
1768 return pos;
1769}
1770
1771#endif /* CONFIG_IEEE80211W */
1772
1773
1774SM_STATE(WPA_PTK, PTKINITNEGOTIATING)
1775{
1776 u8 rsc[WPA_KEY_RSC_LEN], *_rsc, *gtk, *kde, *pos;
1777 size_t gtk_len, kde_len;
1778 struct wpa_group *gsm = sm->group;
1779 u8 *wpa_ie;
1780 int wpa_ie_len, secure, keyidx, encr = 0;
1781
1782 SM_ENTRY_MA(WPA_PTK, PTKINITNEGOTIATING, wpa_ptk);
1783 sm->TimeoutEvt = FALSE;
bae61562
JM		 1784
1785 sm->TimeoutCtr++;
1786 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1787 /* No point in sending the EAPOL-Key - we will disconnect
1788 * immediately following this. */
1789 return;
1790 }
1791
86dfabb8
JM		 1792 /* Send EAPOL(1, 1, 1, Pair, P, RSC, ANonce, MIC(PTK), RSNIE, [MDIE],
1793 GTK[GN], IGTK, [FTIE], [TIE * 2])
6fc6879b
JM		 1794 */
1795 os_memset(rsc, 0, WPA_KEY_RSC_LEN);
1796 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
86dfabb8 1797 /* If FT is used, wpa_auth->wpa_ie includes both RSNIE and MDIE */
6fc6879b
JM		 1798 wpa_ie = sm->wpa_auth->wpa_ie;
1799 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
1800 if (sm->wpa == WPA_VERSION_WPA &&
1801 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
1802 wpa_ie_len > wpa_ie[1] + 2 && wpa_ie[0] == WLAN_EID_RSN) {
1803 /* WPA-only STA, remove RSN IE */
1804 wpa_ie = wpa_ie + wpa_ie[1] + 2;
1805 wpa_ie_len = wpa_ie[1] + 2;
1806 }
1807 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1808 "sending 3/4 msg of 4-Way Handshake");
1809 if (sm->wpa == WPA_VERSION_WPA2) {
1810 /* WPA2 send GTK in the 4-way handshake */
1811 secure = 1;
1812 gtk = gsm->GTK[gsm->GN - 1];
1813 gtk_len = gsm->GTK_len;
1814 keyidx = gsm->GN;
1815 _rsc = rsc;
1816 encr = 1;
1817 } else {
1818 /* WPA does not include GTK in msg 3/4 */
1819 secure = 0;
1820 gtk = NULL;
1821 gtk_len = 0;
1822 keyidx = 0;
1823 _rsc = NULL;
1824 }
1825
1826 kde_len = wpa_ie_len + ieee80211w_kde_len(sm);
1827 if (gtk)
1828 kde_len += 2 + RSN_SELECTOR_LEN + 2 + gtk_len;
26e23750 1829#ifdef CONFIG_IEEE80211R
86dfabb8
JM		 1830 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1831 kde_len += 2 + PMKID_LEN; /* PMKR1Name into RSN IE */
1832 kde_len += 300; /* FTIE + 2 * TIE */
1833 }
26e23750 1834#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1835 kde = os_malloc(kde_len);
1836 if (kde == NULL)
1837 return;
1838
1839 pos = kde;
1840 os_memcpy(pos, wpa_ie, wpa_ie_len);
1841 pos += wpa_ie_len;
26e23750
JM		 1842#ifdef CONFIG_IEEE80211R
1843 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1844 int res = wpa_insert_pmkid(kde, pos - kde, sm->pmk_r1_name);
1845 if (res < 0) {
1846 wpa_printf(MSG_ERROR, "FT: Failed to insert "
1847 "PMKR1Name into RSN IE in EAPOL-Key data");
1848 os_free(kde);
1849 return;
1850 }
1851 pos += res;
1852 }
1853#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1854 if (gtk) {
1855 u8 hdr[2];
1856 hdr[0] = keyidx & 0x03;
1857 hdr[1] = 0;
1858 pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
1859 gtk, gtk_len);
1860 }
1861 pos = ieee80211w_kde_add(sm, pos);
1862
86dfabb8
JM		 1863#ifdef CONFIG_IEEE80211R
1864 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1865 int res;
1866 struct wpa_auth_config *conf;
1867
1868 conf = &sm->wpa_auth->conf;
1869 res = wpa_write_ftie(conf, conf->r0_key_holder,
1870 conf->r0_key_holder_len,
1871 NULL, NULL, pos, kde + kde_len - pos,
1872 NULL, 0);
1873 if (res < 0) {
1874 wpa_printf(MSG_ERROR, "FT: Failed to insert FTIE "
1875 "into EAPOL-Key Key Data");
1876 os_free(kde);
1877 return;
1878 }
1879 pos += res;
1880
1881 /* TIE[ReassociationDeadline] (TU) */
1882 *pos++ = WLAN_EID_TIMEOUT_INTERVAL;
1883 *pos++ = 5;
1884 *pos++ = WLAN_TIMEOUT_REASSOC_DEADLINE;
1885 WPA_PUT_LE32(pos, conf->reassociation_deadline);
1886 pos += 4;
1887
1888 /* TIE[KeyLifetime] (seconds) */
1889 *pos++ = WLAN_EID_TIMEOUT_INTERVAL;
1890 *pos++ = 5;
1891 *pos++ = WLAN_TIMEOUT_KEY_LIFETIME;
1892 WPA_PUT_LE32(pos, conf->r0_key_lifetime * 60);
1893 pos += 4;
1894 }
1895#endif /* CONFIG_IEEE80211R */
1896
6fc6879b
JM		 1897 wpa_send_eapol(sm->wpa_auth, sm,
1898 (secure ? WPA_KEY_INFO_SECURE : 0) | WPA_KEY_INFO_MIC |
1899 WPA_KEY_INFO_ACK | WPA_KEY_INFO_INSTALL |
1900 WPA_KEY_INFO_KEY_TYPE,
1901 _rsc, sm->ANonce, kde, pos - kde, keyidx, encr);
1902 os_free(kde);
6fc6879b
JM		 1903}
1904
1905
1906SM_STATE(WPA_PTK, PTKINITDONE)
1907{
1908 SM_ENTRY_MA(WPA_PTK, PTKINITDONE, wpa_ptk);
1909 sm->EAPOLKeyReceived = FALSE;
1910 if (sm->Pair) {
71934751 1911 enum wpa_alg alg;
6fc6879b
JM		 1912 int klen;
1913 if (sm->pairwise == WPA_CIPHER_TKIP) {
89d39d9d 1914 alg = WPA_ALG_TKIP;
6fc6879b
JM		 1915 klen = 32;
1916 } else {
89d39d9d 1917 alg = WPA_ALG_CCMP;
6fc6879b
JM		 1918 klen = 16;
1919 }
1920 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
1921 sm->PTK.tk1, klen)) {
1922 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1923 return;
1924 }
1925 /* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
1926 sm->pairwise_set = TRUE;
1927
581a8cde
JM		 1928 if (sm->wpa_auth->conf.wpa_ptk_rekey) {
1929 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
1930 eloop_register_timeout(sm->wpa_auth->conf.
1931 wpa_ptk_rekey, 0, wpa_rekey_ptk,
1932 sm->wpa_auth, sm);
1933 }
1934
56586197 1935 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
6fc6879b
JM		 1936 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1937 WPA_EAPOL_authorized, 1);
1938 }
1939 }
1940
1941 if (0 /* IBSS == TRUE */) {
1942 sm->keycount++;
1943 if (sm->keycount == 2) {
1944 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1945 WPA_EAPOL_portValid, 1);
1946 }
1947 } else {
1948 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid,
1949 1);
1950 }
1951 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable, 0);
1952 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, 1);
1953 if (sm->wpa == WPA_VERSION_WPA)
1954 sm->PInitAKeys = TRUE;
1955 else
1956 sm->has_GTK = TRUE;
1957 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
1958 "pairwise key handshake completed (%s)",
1959 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
1960
1961#ifdef CONFIG_IEEE80211R
1962 wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr);
1963#endif /* CONFIG_IEEE80211R */
1964}
1965
1966
1967SM_STEP(WPA_PTK)
1968{
1969 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
1970
1971 if (sm->Init)
1972 SM_ENTER(WPA_PTK, INITIALIZE);
1973 else if (sm->Disconnect
1974 /* || FIX: dot11RSNAConfigSALifetime timeout */)
1975 SM_ENTER(WPA_PTK, DISCONNECT);
1976 else if (sm->DeauthenticationRequest)
1977 SM_ENTER(WPA_PTK, DISCONNECTED);
1978 else if (sm->AuthenticationRequest)
1979 SM_ENTER(WPA_PTK, AUTHENTICATION);
1980 else if (sm->ReAuthenticationRequest)
1981 SM_ENTER(WPA_PTK, AUTHENTICATION2);
1982 else if (sm->PTKRequest)
1983 SM_ENTER(WPA_PTK, PTKSTART);
1984 else switch (sm->wpa_ptk_state) {
1985 case WPA_PTK_INITIALIZE:
1986 break;
1987 case WPA_PTK_DISCONNECT:
1988 SM_ENTER(WPA_PTK, DISCONNECTED);
1989 break;
1990 case WPA_PTK_DISCONNECTED:
1991 SM_ENTER(WPA_PTK, INITIALIZE);
1992 break;
1993 case WPA_PTK_AUTHENTICATION:
1994 SM_ENTER(WPA_PTK, AUTHENTICATION2);
1995 break;
1996 case WPA_PTK_AUTHENTICATION2:
56586197 1997 if (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) &&
6fc6879b
JM		 1998 wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
1999 WPA_EAPOL_keyRun) > 0)
2000 SM_ENTER(WPA_PTK, INITPMK);
56586197 2001 else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)
6fc6879b
JM		 2002 /* FIX: && 802.1X::keyRun */)
2003 SM_ENTER(WPA_PTK, INITPSK);
2004 break;
2005 case WPA_PTK_INITPMK:
2006 if (wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
2007 WPA_EAPOL_keyAvailable) > 0)
2008 SM_ENTER(WPA_PTK, PTKSTART);
2009 else {
2010 wpa_auth->dot11RSNA4WayHandshakeFailures++;
2011 SM_ENTER(WPA_PTK, DISCONNECT);
2012 }
2013 break;
2014 case WPA_PTK_INITPSK:
2015 if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL))
2016 SM_ENTER(WPA_PTK, PTKSTART);
2017 else {
2018 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO,
2019 "no PSK configured for the STA");
2020 wpa_auth->dot11RSNA4WayHandshakeFailures++;
2021 SM_ENTER(WPA_PTK, DISCONNECT);
2022 }
2023 break;
2024 case WPA_PTK_PTKSTART:
2025 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2026 sm->EAPOLKeyPairwise)
2027 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING);
2028 else if (sm->TimeoutCtr >
2029 (int) dot11RSNAConfigPairwiseUpdateCount) {
2030 wpa_auth->dot11RSNA4WayHandshakeFailures++;
2031 SM_ENTER(WPA_PTK, DISCONNECT);
2032 } else if (sm->TimeoutEvt)
2033 SM_ENTER(WPA_PTK, PTKSTART);
2034 break;
2035 case WPA_PTK_PTKCALCNEGOTIATING:
2036 if (sm->MICVerified)
2037 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING2);
2038 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2039 sm->EAPOLKeyPairwise)
2040 SM_ENTER(WPA_PTK, PTKCALCNEGOTIATING);
2041 else if (sm->TimeoutEvt)
2042 SM_ENTER(WPA_PTK, PTKSTART);
2043 break;
2044 case WPA_PTK_PTKCALCNEGOTIATING2:
2045 SM_ENTER(WPA_PTK, PTKINITNEGOTIATING);
2046 break;
2047 case WPA_PTK_PTKINITNEGOTIATING:
2048 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2049 sm->EAPOLKeyPairwise && sm->MICVerified)
2050 SM_ENTER(WPA_PTK, PTKINITDONE);
2051 else if (sm->TimeoutCtr >
2052 (int) dot11RSNAConfigPairwiseUpdateCount) {
2053 wpa_auth->dot11RSNA4WayHandshakeFailures++;
2054 SM_ENTER(WPA_PTK, DISCONNECT);
2055 } else if (sm->TimeoutEvt)
2056 SM_ENTER(WPA_PTK, PTKINITNEGOTIATING);
2057 break;
2058 case WPA_PTK_PTKINITDONE:
2059 break;
2060 }
2061}
2062
2063
2064SM_STATE(WPA_PTK_GROUP, IDLE)
2065{
2066 SM_ENTRY_MA(WPA_PTK_GROUP, IDLE, wpa_ptk_group);
2067 if (sm->Init) {
2068 /* Init flag is not cleared here, so avoid busy
2069 * loop by claiming nothing changed. */
2070 sm->changed = FALSE;
2071 }
2072 sm->GTimeoutCtr = 0;
2073}
2074
2075
2076SM_STATE(WPA_PTK_GROUP, REKEYNEGOTIATING)
2077{
2078 u8 rsc[WPA_KEY_RSC_LEN];
2079 struct wpa_group *gsm = sm->group;
2080 u8 *kde, *pos, hdr[2];
2081 size_t kde_len;
2082
2083 SM_ENTRY_MA(WPA_PTK_GROUP, REKEYNEGOTIATING, wpa_ptk_group);
bae61562
JM		 2084
2085 sm->GTimeoutCtr++;
2086 if (sm->GTimeoutCtr > (int) dot11RSNAConfigGroupUpdateCount) {
2087 /* No point in sending the EAPOL-Key - we will disconnect
2088 * immediately following this. */
2089 return;
2090 }
2091
6fc6879b
JM		 2092 if (sm->wpa == WPA_VERSION_WPA)
2093 sm->PInitAKeys = FALSE;
2094 sm->TimeoutEvt = FALSE;
2095 /* Send EAPOL(1, 1, 1, !Pair, G, RSC, GNonce, MIC(PTK), GTK[GN]) */
2096 os_memset(rsc, 0, WPA_KEY_RSC_LEN);
2097 if (gsm->wpa_group_state == WPA_GROUP_SETKEYSDONE)
2098 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
2099 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2100 "sending 1/2 msg of Group Key Handshake");
2101
2102 if (sm->wpa == WPA_VERSION_WPA2) {
2103 kde_len = 2 + RSN_SELECTOR_LEN + 2 + gsm->GTK_len +
2104 ieee80211w_kde_len(sm);
2105 kde = os_malloc(kde_len);
2106 if (kde == NULL)
2107 return;
2108
2109 pos = kde;
2110 hdr[0] = gsm->GN & 0x03;
2111 hdr[1] = 0;
2112 pos = wpa_add_kde(pos, RSN_KEY_DATA_GROUPKEY, hdr, 2,
2113 gsm->GTK[gsm->GN - 1], gsm->GTK_len);
2114 pos = ieee80211w_kde_add(sm, pos);
2115 } else {
2116 kde = gsm->GTK[gsm->GN - 1];
2117 pos = kde + gsm->GTK_len;
2118 }
2119
2120 wpa_send_eapol(sm->wpa_auth, sm,
2121 WPA_KEY_INFO_SECURE | WPA_KEY_INFO_MIC |
2122 WPA_KEY_INFO_ACK |
2123 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0),
2124 rsc, gsm->GNonce, kde, pos - kde, gsm->GN, 1);
2125 if (sm->wpa == WPA_VERSION_WPA2)
2126 os_free(kde);
6fc6879b
JM		 2127}
2128
2129
2130SM_STATE(WPA_PTK_GROUP, REKEYESTABLISHED)
2131{
2132 SM_ENTRY_MA(WPA_PTK_GROUP, REKEYESTABLISHED, wpa_ptk_group);
2133 sm->EAPOLKeyReceived = FALSE;
2134 if (sm->GUpdateStationKeys)
2135 sm->group->GKeyDoneStations--;
2136 sm->GUpdateStationKeys = FALSE;
2137 sm->GTimeoutCtr = 0;
2138 /* FIX: MLME.SetProtection.Request(TA, Tx_Rx) */
2139 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
2140 "group key handshake completed (%s)",
2141 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
2142 sm->has_GTK = TRUE;
2143}
2144
2145
2146SM_STATE(WPA_PTK_GROUP, KEYERROR)
2147{
2148 SM_ENTRY_MA(WPA_PTK_GROUP, KEYERROR, wpa_ptk_group);
2149 if (sm->GUpdateStationKeys)
2150 sm->group->GKeyDoneStations--;
2151 sm->GUpdateStationKeys = FALSE;
2152 sm->Disconnect = TRUE;
2153}
2154
2155
2156SM_STEP(WPA_PTK_GROUP)
2157{
9663596f 2158 if (sm->Init || sm->PtkGroupInit) {
6fc6879b 2159 SM_ENTER(WPA_PTK_GROUP, IDLE);
9663596f
JM		 2160 sm->PtkGroupInit = FALSE;
2161 } else switch (sm->wpa_ptk_group_state) {
6fc6879b
JM		 2162 case WPA_PTK_GROUP_IDLE:
2163 if (sm->GUpdateStationKeys ||
2164 (sm->wpa == WPA_VERSION_WPA && sm->PInitAKeys))
2165 SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
2166 break;
2167 case WPA_PTK_GROUP_REKEYNEGOTIATING:
2168 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2169 !sm->EAPOLKeyPairwise && sm->MICVerified)
2170 SM_ENTER(WPA_PTK_GROUP, REKEYESTABLISHED);
2171 else if (sm->GTimeoutCtr >
2172 (int) dot11RSNAConfigGroupUpdateCount)
2173 SM_ENTER(WPA_PTK_GROUP, KEYERROR);
2174 else if (sm->TimeoutEvt)
2175 SM_ENTER(WPA_PTK_GROUP, REKEYNEGOTIATING);
2176 break;
2177 case WPA_PTK_GROUP_KEYERROR:
2178 SM_ENTER(WPA_PTK_GROUP, IDLE);
2179 break;
2180 case WPA_PTK_GROUP_REKEYESTABLISHED:
2181 SM_ENTER(WPA_PTK_GROUP, IDLE);
2182 break;
2183 }
2184}
2185
2186
2187static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
2188 struct wpa_group *group)
2189{
2190 int ret = 0;
2191
6fc6879b
JM		 2192 os_memcpy(group->GNonce, group->Counter, WPA_NONCE_LEN);
2193 inc_byte_array(group->Counter, WPA_NONCE_LEN);
3c7302c2
JM		 2194 if (wpa_gmk_to_gtk(group->GMK, "Group key expansion",
2195 wpa_auth->addr, group->GNonce,
2196 group->GTK[group->GN - 1], group->GTK_len) < 0)
2197 ret = -1;
5cb9d5c3
JM		 2198 wpa_hexdump_key(MSG_DEBUG, "GTK",
2199 group->GTK[group->GN - 1], group->GTK_len);
6fc6879b
JM		 2200
2201#ifdef CONFIG_IEEE80211W
70f8cc8e 2202 if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION) {
5cb9d5c3
JM		 2203 os_memcpy(group->GNonce, group->Counter, WPA_NONCE_LEN);
2204 inc_byte_array(group->Counter, WPA_NONCE_LEN);
3c7302c2
JM		 2205 if (wpa_gmk_to_gtk(group->GMK, "IGTK key expansion",
2206 wpa_auth->addr, group->GNonce,
2207 group->IGTK[group->GN_igtk - 4],
2208 WPA_IGTK_LEN) < 0)
2209 ret = -1;
6fc6879b
JM		 2210 wpa_hexdump_key(MSG_DEBUG, "IGTK",
2211 group->IGTK[group->GN_igtk - 4], WPA_IGTK_LEN);
2212 }
2213#endif /* CONFIG_IEEE80211W */
2214
2215 return ret;
2216}
2217
2218
2219static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth,
2220 struct wpa_group *group)
2221{
2222 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
2223 "GTK_INIT (VLAN-ID %d)", group->vlan_id);
2224 group->changed = FALSE; /* GInit is not cleared here; avoid loop */
2225 group->wpa_group_state = WPA_GROUP_GTK_INIT;
2226
2227 /* GTK[0..N] = 0 */
2228 os_memset(group->GTK, 0, sizeof(group->GTK));
2229 group->GN = 1;
2230 group->GM = 2;
2231#ifdef CONFIG_IEEE80211W
2232 group->GN_igtk = 4;
2233 group->GM_igtk = 5;
2234#endif /* CONFIG_IEEE80211W */
2235 /* GTK[GN] = CalcGTK() */
2236 wpa_gtk_update(wpa_auth, group);
2237}
2238
2239
2240static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
2241{
2242 if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
2243 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2244 "Not in PTKINITDONE; skip Group Key update");
2245 return 0;
2246 }
9663596f
JM		 2247 if (sm->GUpdateStationKeys) {
2248 /*
2249 * This should not really happen, but just in case, make sure
2250 * we do not count the same STA twice in GKeyDoneStations.
2251 */
2252 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2253 "GUpdateStationKeys already set - do not "
2254 "increment GKeyDoneStations");
2255 } else {
2256 sm->group->GKeyDoneStations++;
2257 sm->GUpdateStationKeys = TRUE;
2258 }
6fc6879b
JM		 2259 wpa_sm_step(sm);
2260 return 0;
2261}
2262
2263
2264static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth,
2265 struct wpa_group *group)
2266{
2267 int tmp;
2268
2269 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
2270 "SETKEYS (VLAN-ID %d)", group->vlan_id);
2271 group->changed = TRUE;
2272 group->wpa_group_state = WPA_GROUP_SETKEYS;
2273 group->GTKReKey = FALSE;
2274 tmp = group->GM;
2275 group->GM = group->GN;
2276 group->GN = tmp;
2277#ifdef CONFIG_IEEE80211W
2278 tmp = group->GM_igtk;
2279 group->GM_igtk = group->GN_igtk;
2280 group->GN_igtk = tmp;
2281#endif /* CONFIG_IEEE80211W */
2282 /* "GKeyDoneStations = GNoStations" is done in more robust way by
2283 * counting the STAs that are marked with GUpdateStationKeys instead of
2284 * including all STAs that could be in not-yet-completed state. */
2285 wpa_gtk_update(wpa_auth, group);
2286
2287 wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, NULL);
2288 wpa_printf(MSG_DEBUG, "wpa_group_setkeys: GKeyDoneStations=%d",
2289 group->GKeyDoneStations);
2290}
2291
2292
1bdb7ab3
JM		 2293static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth,
2294 struct wpa_group *group)
6fc6879b 2295{
3c7302c2
JM		 2296 int ret = 0;
2297
3c7302c2
JM		 2298 if (wpa_auth_set_key(wpa_auth, group->vlan_id,
2299 wpa_alg_enum(wpa_auth->conf.wpa_group),
2300 NULL, group->GN, group->GTK[group->GN - 1],
2301 group->GTK_len) < 0)
2302 ret = -1;
6fc6879b
JM		 2303
2304#ifdef CONFIG_IEEE80211W
3c7302c2
JM		 2305 if (wpa_auth->conf.ieee80211w != NO_MGMT_FRAME_PROTECTION &&
2306 wpa_auth_set_key(wpa_auth, group->vlan_id, WPA_ALG_IGTK,
2307 NULL, group->GN_igtk,
2308 group->IGTK[group->GN_igtk - 4],
2309 WPA_IGTK_LEN) < 0)
2310 ret = -1;
6fc6879b 2311#endif /* CONFIG_IEEE80211W */
3c7302c2
JM		 2312
2313 return ret;
6fc6879b
JM		 2314}
2315
2316
1bdb7ab3
JM		 2317static int wpa_group_setkeysdone(struct wpa_authenticator *wpa_auth,
2318 struct wpa_group *group)
2319{
2320 wpa_printf(MSG_DEBUG, "WPA: group state machine entering state "
2321 "SETKEYSDONE (VLAN-ID %d)", group->vlan_id);
2322 group->changed = TRUE;
2323 group->wpa_group_state = WPA_GROUP_SETKEYSDONE;
2324
2325 if (wpa_group_config_group_keys(wpa_auth, group) < 0)
2326 return -1;
2327
2328 return 0;
2329}
2330
2331
6fc6879b
JM		 2332static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
2333 struct wpa_group *group)
2334{
2335 if (group->GInit) {
2336 wpa_group_gtk_init(wpa_auth, group);
2337 } else if (group->wpa_group_state == WPA_GROUP_GTK_INIT &&
2338 group->GTKAuthenticator) {
2339 wpa_group_setkeysdone(wpa_auth, group);
2340 } else if (group->wpa_group_state == WPA_GROUP_SETKEYSDONE &&
2341 group->GTKReKey) {
2342 wpa_group_setkeys(wpa_auth, group);
2343 } else if (group->wpa_group_state == WPA_GROUP_SETKEYS) {
2344 if (group->GKeyDoneStations == 0)
2345 wpa_group_setkeysdone(wpa_auth, group);
2346 else if (group->GTKReKey)
2347 wpa_group_setkeys(wpa_auth, group);
2348 }
2349}
2350
2351
e4a6ea1d 2352static int wpa_sm_step(struct wpa_state_machine *sm)
6fc6879b
JM		 2353{
2354 if (sm == NULL)
e4a6ea1d 2355 return 0;
6fc6879b
JM		 2356
2357 if (sm->in_step_loop) {
2358 /* This should not happen, but if it does, make sure we do not
2359 * end up freeing the state machine too early by exiting the
2360 * recursive call. */
2361 wpa_printf(MSG_ERROR, "WPA: wpa_sm_step() called recursively");
e4a6ea1d 2362 return 0;
6fc6879b
JM		 2363 }
2364
2365 sm->in_step_loop = 1;
2366 do {
2367 if (sm->pending_deinit)
2368 break;
2369
2370 sm->changed = FALSE;
2371 sm->wpa_auth->group->changed = FALSE;
2372
2373 SM_STEP_RUN(WPA_PTK);
2374 if (sm->pending_deinit)
2375 break;
2376 SM_STEP_RUN(WPA_PTK_GROUP);
2377 if (sm->pending_deinit)
2378 break;
2379 wpa_group_sm_step(sm->wpa_auth, sm->group);
2380 } while (sm->changed || sm->wpa_auth->group->changed);
2381 sm->in_step_loop = 0;
2382
2383 if (sm->pending_deinit) {
2384 wpa_printf(MSG_DEBUG, "WPA: Completing pending STA state "
2385 "machine deinit for " MACSTR, MAC2STR(sm->addr));
2386 wpa_free_sta_sm(sm);
e4a6ea1d 2387 return 1;
6fc6879b 2388 }
e4a6ea1d 2389 return 0;
6fc6879b
JM		 2390}
2391
2392
2393static void wpa_sm_call_step(void *eloop_ctx, void *timeout_ctx)
2394{
2395 struct wpa_state_machine *sm = eloop_ctx;
2396 wpa_sm_step(sm);
2397}
2398
2399
2400void wpa_auth_sm_notify(struct wpa_state_machine *sm)
2401{
2402 if (sm == NULL)
2403 return;
2404 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL);
2405}
2406
2407
2408void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth)
2409{
2410 int tmp, i;
2411 struct wpa_group *group;
2412
2413 if (wpa_auth == NULL)
2414 return;
2415
2416 group = wpa_auth->group;
2417
2418 for (i = 0; i < 2; i++) {
2419 tmp = group->GM;
2420 group->GM = group->GN;
2421 group->GN = tmp;
2422#ifdef CONFIG_IEEE80211W
2423 tmp = group->GM_igtk;
2424 group->GM_igtk = group->GN_igtk;
2425 group->GN_igtk = tmp;
2426#endif /* CONFIG_IEEE80211W */
2427 wpa_gtk_update(wpa_auth, group);
2428 }
2429}
2430
2431
2432static const char * wpa_bool_txt(int bool)
2433{
2434 return bool ? "TRUE" : "FALSE";
2435}
2436
2437
2438static int wpa_cipher_bits(int cipher)
2439{
2440 switch (cipher) {
2441 case WPA_CIPHER_CCMP:
2442 return 128;
2443 case WPA_CIPHER_TKIP:
2444 return 256;
2445 case WPA_CIPHER_WEP104:
2446 return 104;
2447 case WPA_CIPHER_WEP40:
2448 return 40;
2449 default:
2450 return 0;
2451 }
2452}
2453
2454
2455#define RSN_SUITE "%02x-%02x-%02x-%d"
2456#define RSN_SUITE_ARG(s) \
2457((s) >> 24) & 0xff, ((s) >> 16) & 0xff, ((s) >> 8) & 0xff, (s) & 0xff
2458
2459int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen)
2460{
2461 int len = 0, ret;
2462 char pmkid_txt[PMKID_LEN * 2 + 1];
2463
2464 if (wpa_auth == NULL)
2465 return len;
2466
2467 ret = os_snprintf(buf + len, buflen - len,
2468 "dot11RSNAOptionImplemented=TRUE\n"
2469#ifdef CONFIG_RSN_PREAUTH
2470 "dot11RSNAPreauthenticationImplemented=TRUE\n"
2471#else /* CONFIG_RSN_PREAUTH */
2472 "dot11RSNAPreauthenticationImplemented=FALSE\n"
2473#endif /* CONFIG_RSN_PREAUTH */
2474 "dot11RSNAEnabled=%s\n"
2475 "dot11RSNAPreauthenticationEnabled=%s\n",
2476 wpa_bool_txt(wpa_auth->conf.wpa & WPA_PROTO_RSN),
2477 wpa_bool_txt(wpa_auth->conf.rsn_preauth));
2478 if (ret < 0 || (size_t) ret >= buflen - len)
2479 return len;
2480 len += ret;
2481
2482 wpa_snprintf_hex(pmkid_txt, sizeof(pmkid_txt),
2483 wpa_auth->dot11RSNAPMKIDUsed, PMKID_LEN);
2484
2485 ret = os_snprintf(
2486 buf + len, buflen - len,
2487 "dot11RSNAConfigVersion=%u\n"
2488 "dot11RSNAConfigPairwiseKeysSupported=9999\n"
2489 /* FIX: dot11RSNAConfigGroupCipher */
2490 /* FIX: dot11RSNAConfigGroupRekeyMethod */
2491 /* FIX: dot11RSNAConfigGroupRekeyTime */
2492 /* FIX: dot11RSNAConfigGroupRekeyPackets */
2493 "dot11RSNAConfigGroupRekeyStrict=%u\n"
2494 "dot11RSNAConfigGroupUpdateCount=%u\n"
2495 "dot11RSNAConfigPairwiseUpdateCount=%u\n"
2496 "dot11RSNAConfigGroupCipherSize=%u\n"
2497 "dot11RSNAConfigPMKLifetime=%u\n"
2498 "dot11RSNAConfigPMKReauthThreshold=%u\n"
2499 "dot11RSNAConfigNumberOfPTKSAReplayCounters=0\n"
2500 "dot11RSNAConfigSATimeout=%u\n"
2501 "dot11RSNAAuthenticationSuiteSelected=" RSN_SUITE "\n"
2502 "dot11RSNAPairwiseCipherSelected=" RSN_SUITE "\n"
2503 "dot11RSNAGroupCipherSelected=" RSN_SUITE "\n"
2504 "dot11RSNAPMKIDUsed=%s\n"
2505 "dot11RSNAAuthenticationSuiteRequested=" RSN_SUITE "\n"
2506 "dot11RSNAPairwiseCipherRequested=" RSN_SUITE "\n"
2507 "dot11RSNAGroupCipherRequested=" RSN_SUITE "\n"
2508 "dot11RSNATKIPCounterMeasuresInvoked=%u\n"
2509 "dot11RSNA4WayHandshakeFailures=%u\n"
2510 "dot11RSNAConfigNumberOfGTKSAReplayCounters=0\n",
2511 RSN_VERSION,
2512 !!wpa_auth->conf.wpa_strict_rekey,
2513 dot11RSNAConfigGroupUpdateCount,
2514 dot11RSNAConfigPairwiseUpdateCount,
2515 wpa_cipher_bits(wpa_auth->conf.wpa_group),
2516 dot11RSNAConfigPMKLifetime,
2517 dot11RSNAConfigPMKReauthThreshold,
2518 dot11RSNAConfigSATimeout,
2519 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteSelected),
2520 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherSelected),
2521 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherSelected),
2522 pmkid_txt,
2523 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteRequested),
2524 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherRequested),
2525 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherRequested),
2526 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked,
2527 wpa_auth->dot11RSNA4WayHandshakeFailures);
2528 if (ret < 0 || (size_t) ret >= buflen - len)
2529 return len;
2530 len += ret;
2531
2532 /* TODO: dot11RSNAConfigPairwiseCiphersTable */
2533 /* TODO: dot11RSNAConfigAuthenticationSuitesTable */
2534
2535 /* Private MIB */
2536 ret = os_snprintf(buf + len, buflen - len, "hostapdWPAGroupState=%d\n",
2537 wpa_auth->group->wpa_group_state);
2538 if (ret < 0 || (size_t) ret >= buflen - len)
2539 return len;
2540 len += ret;
2541
2542 return len;
2543}
2544
2545
2546int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen)
2547{
2548 int len = 0, ret;
2549 u32 pairwise = 0;
2550
2551 if (sm == NULL)
2552 return 0;
2553
2554 /* TODO: FF-FF-FF-FF-FF-FF entry for broadcast/multicast stats */
2555
2556 /* dot11RSNAStatsEntry */
2557
2558 if (sm->wpa == WPA_VERSION_WPA) {
2559 if (sm->pairwise == WPA_CIPHER_CCMP)
2560 pairwise = WPA_CIPHER_SUITE_CCMP;
2561 else if (sm->pairwise == WPA_CIPHER_TKIP)
2562 pairwise = WPA_CIPHER_SUITE_TKIP;
2563 else if (sm->pairwise == WPA_CIPHER_WEP104)
2564 pairwise = WPA_CIPHER_SUITE_WEP104;
2565 else if (sm->pairwise == WPA_CIPHER_WEP40)
2566 pairwise = WPA_CIPHER_SUITE_WEP40;
2567 else if (sm->pairwise == WPA_CIPHER_NONE)
2568 pairwise = WPA_CIPHER_SUITE_NONE;
2569 } else if (sm->wpa == WPA_VERSION_WPA2) {
2570 if (sm->pairwise == WPA_CIPHER_CCMP)
2571 pairwise = RSN_CIPHER_SUITE_CCMP;
2572 else if (sm->pairwise == WPA_CIPHER_TKIP)
2573 pairwise = RSN_CIPHER_SUITE_TKIP;
2574 else if (sm->pairwise == WPA_CIPHER_WEP104)
2575 pairwise = RSN_CIPHER_SUITE_WEP104;
2576 else if (sm->pairwise == WPA_CIPHER_WEP40)
2577 pairwise = RSN_CIPHER_SUITE_WEP40;
2578 else if (sm->pairwise == WPA_CIPHER_NONE)
2579 pairwise = RSN_CIPHER_SUITE_NONE;
2580 } else
2581 return 0;
2582
2583 ret = os_snprintf(
2584 buf + len, buflen - len,
2585 /* TODO: dot11RSNAStatsIndex */
2586 "dot11RSNAStatsSTAAddress=" MACSTR "\n"
2587 "dot11RSNAStatsVersion=1\n"
2588 "dot11RSNAStatsSelectedPairwiseCipher=" RSN_SUITE "\n"
2589 /* TODO: dot11RSNAStatsTKIPICVErrors */
2590 "dot11RSNAStatsTKIPLocalMICFailures=%u\n"
2591 "dot11RSNAStatsTKIPRemoveMICFailures=%u\n"
2592 /* TODO: dot11RSNAStatsCCMPReplays */
2593 /* TODO: dot11RSNAStatsCCMPDecryptErrors */
2594 /* TODO: dot11RSNAStatsTKIPReplays */,
2595 MAC2STR(sm->addr),
2596 RSN_SUITE_ARG(pairwise),
2597 sm->dot11RSNAStatsTKIPLocalMICFailures,
2598 sm->dot11RSNAStatsTKIPRemoteMICFailures);
2599 if (ret < 0 || (size_t) ret >= buflen - len)
2600 return len;
2601 len += ret;
2602
2603 /* Private MIB */
2604 ret = os_snprintf(buf + len, buflen - len,
2605 "hostapdWPAPTKState=%d\n"
2606 "hostapdWPAPTKGroupState=%d\n",
2607 sm->wpa_ptk_state,
2608 sm->wpa_ptk_group_state);
2609 if (ret < 0 || (size_t) ret >= buflen - len)
2610 return len;
2611 len += ret;
2612
2613 return len;
2614}
2615
2616
2617void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth)
2618{
2619 if (wpa_auth)
2620 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked++;
2621}
2622
2623
2624int wpa_auth_pairwise_set(struct wpa_state_machine *sm)
2625{
2626 return sm && sm->pairwise_set;
2627}
2628
2629
ff36ff00
JM		 2630int wpa_auth_get_pairwise(struct wpa_state_machine *sm)
2631{
2632 return sm->pairwise;
2633}
2634
2635
6fc6879b
JM		 2636int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm)
2637{
2638 if (sm == NULL)
2639 return -1;
2640 return sm->wpa_key_mgmt;
2641}
2642
2643
2644int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
2645{
2646 if (sm == NULL)
2647 return 0;
2648 return sm->wpa;
2649}
2650
2651
2652int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
2653 struct rsn_pmksa_cache_entry *entry)
2654{
2655 if (sm == NULL || sm->pmksa != entry)
2656 return -1;
2657 sm->pmksa = NULL;
2658 return 0;
2659}
2660
2661
2662struct rsn_pmksa_cache_entry *
2663wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm)
2664{
2665 return sm ? sm->pmksa : NULL;
2666}
2667
2668
2669void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm)
2670{
2671 if (sm)
2672 sm->dot11RSNAStatsTKIPLocalMICFailures++;
2673}
2674
2675
2676const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth, size_t *len)
2677{
2678 if (wpa_auth == NULL)
2679 return NULL;
2680 *len = wpa_auth->wpa_ie_len;
2681 return wpa_auth->wpa_ie;
2682}
2683
2684
2685int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk,
2686 int session_timeout, struct eapol_state_machine *eapol)
2687{
2688 if (sm == NULL || sm->wpa != WPA_VERSION_WPA2)
2689 return -1;
2690
4bb081f1
JM		 2691 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, PMK_LEN,
2692 sm->wpa_auth->addr, sm->addr, session_timeout,
2693 eapol, sm->wpa_key_mgmt))
6fc6879b
JM		 2694 return 0;
2695
2696 return -1;
2697}
2698
2699
2700int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth,
2701 const u8 *pmk, size_t len, const u8 *sta_addr,
2702 int session_timeout,
2703 struct eapol_state_machine *eapol)
2704{
2705 if (wpa_auth == NULL)
2706 return -1;
2707
4bb081f1
JM		 2708 if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, len, wpa_auth->addr,
2709 sta_addr, session_timeout, eapol,
2710 WPA_KEY_MGMT_IEEE8021X))
6fc6879b
JM		 2711 return 0;
2712
2713 return -1;
2714}
2715
2716
2717static struct wpa_group *
2718wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id)
2719{
2720 struct wpa_group *group;
2721
2722 if (wpa_auth == NULL || wpa_auth->group == NULL)
2723 return NULL;
2724
2725 wpa_printf(MSG_DEBUG, "WPA: Add group state machine for VLAN-ID %d",
2726 vlan_id);
2727 group = wpa_group_init(wpa_auth, vlan_id);
2728 if (group == NULL)
2729 return NULL;
2730
2731 group->next = wpa_auth->group->next;
2732 wpa_auth->group->next = group;
2733
2734 return group;
2735}
2736
2737
2738int wpa_auth_sta_set_vlan(struct wpa_state_machine *sm, int vlan_id)
2739{
2740 struct wpa_group *group;
2741
2742 if (sm == NULL || sm->wpa_auth == NULL)
2743 return 0;
2744
2745 group = sm->wpa_auth->group;
2746 while (group) {
2747 if (group->vlan_id == vlan_id)
2748 break;
2749 group = group->next;
2750 }
2751
2752 if (group == NULL) {
2753 group = wpa_auth_add_group(sm->wpa_auth, vlan_id);
2754 if (group == NULL)
2755 return -1;
2756 }
2757
2758 if (sm->group == group)
2759 return 0;
2760
2761 wpa_printf(MSG_DEBUG, "WPA: Moving STA " MACSTR " to use group state "
2762 "machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id);
2763
2764 sm->group = group;
2765 return 0;
2766}
Unnamed repository; edit this file 'description' to name the repository.