2 * wpa_supplicant - IBSS RSN
3 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
12 #include "l2_packet/l2_packet.h"
13 #include "rsn_supp/wpa.h"
14 #include "rsn_supp/wpa_ie.h"
15 #include "ap/wpa_auth.h"
16 #include "wpa_supplicant_i.h"
21 static struct ibss_rsn_peer
* ibss_rsn_get_peer(struct ibss_rsn
*ibss_rsn
,
24 struct ibss_rsn_peer
*peer
;
26 for (peer
= ibss_rsn
->peers
; peer
; peer
= peer
->next
)
27 if (os_memcmp(addr
, peer
->addr
, ETH_ALEN
) == 0)
33 static void ibss_rsn_free(struct ibss_rsn_peer
*peer
)
35 wpa_auth_sta_deinit(peer
->auth
);
36 wpa_sm_deinit(peer
->supp
);
41 static void supp_set_state(void *ctx
, enum wpa_states state
)
43 struct ibss_rsn_peer
*peer
= ctx
;
44 peer
->supp_state
= state
;
48 static enum wpa_states
supp_get_state(void *ctx
)
50 struct ibss_rsn_peer
*peer
= ctx
;
51 return peer
->supp_state
;
55 static int supp_ether_send(void *ctx
, const u8
*dest
, u16 proto
, const u8
*buf
,
58 struct ibss_rsn_peer
*peer
= ctx
;
59 struct wpa_supplicant
*wpa_s
= peer
->ibss_rsn
->wpa_s
;
61 wpa_printf(MSG_DEBUG
, "SUPP: %s(dest=" MACSTR
" proto=0x%04x "
63 __func__
, MAC2STR(dest
), proto
, (unsigned long) len
);
66 return l2_packet_send(wpa_s
->l2
, dest
, proto
, buf
, len
);
68 return wpa_drv_send_eapol(wpa_s
, dest
, proto
, buf
, len
);
72 static u8
* supp_alloc_eapol(void *ctx
, u8 type
, const void *data
,
73 u16 data_len
, size_t *msg_len
, void **data_pos
)
75 struct ieee802_1x_hdr
*hdr
;
77 wpa_printf(MSG_DEBUG
, "SUPP: %s(type=%d data_len=%d)",
78 __func__
, type
, data_len
);
80 *msg_len
= sizeof(*hdr
) + data_len
;
81 hdr
= os_malloc(*msg_len
);
87 hdr
->length
= host_to_be16(data_len
);
90 os_memcpy(hdr
+ 1, data
, data_len
);
92 os_memset(hdr
+ 1, 0, data_len
);
101 static int supp_get_beacon_ie(void *ctx
)
103 struct ibss_rsn_peer
*peer
= ctx
;
105 wpa_printf(MSG_DEBUG
, "SUPP: %s", __func__
);
106 /* TODO: get correct RSN IE */
107 return wpa_sm_set_ap_rsn_ie(peer
->supp
,
108 (u8
*) "\x30\x14\x01\x00"
110 "\x01\x00\x00\x0f\xac\x04"
111 "\x01\x00\x00\x0f\xac\x02"
116 static int supp_set_key(void *ctx
, enum wpa_alg alg
,
117 const u8
*addr
, int key_idx
, int set_tx
,
118 const u8
*seq
, size_t seq_len
,
119 const u8
*key
, size_t key_len
)
121 struct ibss_rsn_peer
*peer
= ctx
;
123 wpa_printf(MSG_DEBUG
, "SUPP: %s(alg=%d addr=" MACSTR
" key_idx=%d "
125 __func__
, alg
, MAC2STR(addr
), key_idx
, set_tx
);
126 wpa_hexdump(MSG_DEBUG
, "SUPP: set_key - seq", seq
, seq_len
);
127 wpa_hexdump_key(MSG_DEBUG
, "SUPP: set_key - key", key
, key_len
);
131 * In IBSS RSN, the pairwise key from the 4-way handshake
132 * initiated by the peer with highest MAC address is used.
134 if (os_memcmp(peer
->ibss_rsn
->wpa_s
->own_addr
, peer
->addr
,
136 wpa_printf(MSG_DEBUG
, "SUPP: Do not use this PTK");
141 if (is_broadcast_ether_addr(addr
))
143 return wpa_drv_set_key(peer
->ibss_rsn
->wpa_s
, alg
, addr
, key_idx
,
144 set_tx
, seq
, seq_len
, key
, key_len
);
148 static void * supp_get_network_ctx(void *ctx
)
150 struct ibss_rsn_peer
*peer
= ctx
;
151 return wpa_supplicant_get_ssid(peer
->ibss_rsn
->wpa_s
);
155 static int supp_mlme_setprotection(void *ctx
, const u8
*addr
,
156 int protection_type
, int key_type
)
158 wpa_printf(MSG_DEBUG
, "SUPP: %s(addr=" MACSTR
" protection_type=%d "
160 __func__
, MAC2STR(addr
), protection_type
, key_type
);
165 static void supp_cancel_auth_timeout(void *ctx
)
167 wpa_printf(MSG_DEBUG
, "SUPP: %s", __func__
);
171 static void supp_deauthenticate(void * ctx
, int reason_code
)
173 wpa_printf(MSG_DEBUG
, "SUPP: %s (TODO)", __func__
);
177 static int ibss_rsn_supp_init(struct ibss_rsn_peer
*peer
, const u8
*own_addr
,
180 struct wpa_sm_ctx
*ctx
= os_zalloc(sizeof(*ctx
));
185 ctx
->msg_ctx
= peer
->ibss_rsn
->wpa_s
;
186 ctx
->set_state
= supp_set_state
;
187 ctx
->get_state
= supp_get_state
;
188 ctx
->ether_send
= supp_ether_send
;
189 ctx
->get_beacon_ie
= supp_get_beacon_ie
;
190 ctx
->alloc_eapol
= supp_alloc_eapol
;
191 ctx
->set_key
= supp_set_key
;
192 ctx
->get_network_ctx
= supp_get_network_ctx
;
193 ctx
->mlme_setprotection
= supp_mlme_setprotection
;
194 ctx
->cancel_auth_timeout
= supp_cancel_auth_timeout
;
195 ctx
->deauthenticate
= supp_deauthenticate
;
196 peer
->supp
= wpa_sm_init(ctx
);
197 if (peer
->supp
== NULL
) {
198 wpa_printf(MSG_DEBUG
, "SUPP: wpa_sm_init() failed");
202 wpa_sm_set_own_addr(peer
->supp
, own_addr
);
203 wpa_sm_set_param(peer
->supp
, WPA_PARAM_RSN_ENABLED
, 1);
204 wpa_sm_set_param(peer
->supp
, WPA_PARAM_PROTO
, WPA_PROTO_RSN
);
205 wpa_sm_set_param(peer
->supp
, WPA_PARAM_PAIRWISE
, WPA_CIPHER_CCMP
);
206 wpa_sm_set_param(peer
->supp
, WPA_PARAM_GROUP
, WPA_CIPHER_CCMP
);
207 wpa_sm_set_param(peer
->supp
, WPA_PARAM_KEY_MGMT
, WPA_KEY_MGMT_PSK
);
208 wpa_sm_set_pmk(peer
->supp
, psk
, PMK_LEN
);
210 peer
->supp_ie_len
= sizeof(peer
->supp_ie
);
211 if (wpa_sm_set_assoc_wpa_ie_default(peer
->supp
, peer
->supp_ie
,
212 &peer
->supp_ie_len
) < 0) {
213 wpa_printf(MSG_DEBUG
, "SUPP: wpa_sm_set_assoc_wpa_ie_default()"
218 wpa_sm_notify_assoc(peer
->supp
, peer
->addr
);
224 static void auth_logger(void *ctx
, const u8
*addr
, logger_level level
,
228 wpa_printf(MSG_DEBUG
, "AUTH: " MACSTR
" - %s",
231 wpa_printf(MSG_DEBUG
, "AUTH: %s", txt
);
235 static const u8
* auth_get_psk(void *ctx
, const u8
*addr
, const u8
*prev_psk
)
237 struct ibss_rsn
*ibss_rsn
= ctx
;
238 wpa_printf(MSG_DEBUG
, "AUTH: %s (addr=" MACSTR
" prev_psk=%p)",
239 __func__
, MAC2STR(addr
), prev_psk
);
242 return ibss_rsn
->psk
;
246 static int auth_send_eapol(void *ctx
, const u8
*addr
, const u8
*data
,
247 size_t data_len
, int encrypt
)
249 struct ibss_rsn
*ibss_rsn
= ctx
;
250 struct wpa_supplicant
*wpa_s
= ibss_rsn
->wpa_s
;
252 wpa_printf(MSG_DEBUG
, "AUTH: %s(addr=" MACSTR
" data_len=%lu "
254 __func__
, MAC2STR(addr
), (unsigned long) data_len
, encrypt
);
257 return l2_packet_send(wpa_s
->l2
, addr
, ETH_P_EAPOL
, data
,
260 return wpa_drv_send_eapol(wpa_s
, addr
, ETH_P_EAPOL
, data
, data_len
);
264 static int auth_set_key(void *ctx
, int vlan_id
, enum wpa_alg alg
,
265 const u8
*addr
, int idx
, u8
*key
, size_t key_len
)
267 struct ibss_rsn
*ibss_rsn
= ctx
;
270 os_memset(seq
, 0, sizeof(seq
));
273 wpa_printf(MSG_DEBUG
, "AUTH: %s(alg=%d addr=" MACSTR
275 __func__
, alg
, MAC2STR(addr
), idx
);
277 wpa_printf(MSG_DEBUG
, "AUTH: %s(alg=%d key_idx=%d)",
280 wpa_hexdump_key(MSG_DEBUG
, "AUTH: set_key - key", key
, key_len
);
284 * In IBSS RSN, the pairwise key from the 4-way handshake
285 * initiated by the peer with highest MAC address is used.
288 os_memcmp(ibss_rsn
->wpa_s
->own_addr
, addr
, ETH_ALEN
) < 0) {
289 wpa_printf(MSG_DEBUG
, "AUTH: Do not use this PTK");
294 return wpa_drv_set_key(ibss_rsn
->wpa_s
, alg
, addr
, idx
,
295 1, seq
, 6, key
, key_len
);
299 static int auth_for_each_sta(void *ctx
, int (*cb
)(struct wpa_state_machine
*sm
,
303 struct ibss_rsn
*ibss_rsn
= ctx
;
304 struct ibss_rsn_peer
*peer
;
306 wpa_printf(MSG_DEBUG
, "AUTH: for_each_sta");
308 for (peer
= ibss_rsn
->peers
; peer
; peer
= peer
->next
) {
309 if (peer
->auth
&& cb(peer
->auth
, cb_ctx
))
317 static void ibss_set_sta_authorized(struct ibss_rsn
*ibss_rsn
,
318 struct ibss_rsn_peer
*peer
, int authorized
)
323 res
= wpa_drv_sta_set_flags(ibss_rsn
->wpa_s
, peer
->addr
,
325 WPA_STA_AUTHORIZED
, ~0);
326 wpa_printf(MSG_DEBUG
, "AUTH: " MACSTR
" authorizing port",
327 MAC2STR(peer
->addr
));
329 res
= wpa_drv_sta_set_flags(ibss_rsn
->wpa_s
, peer
->addr
,
330 0, 0, ~WPA_STA_AUTHORIZED
);
331 wpa_printf(MSG_DEBUG
, "AUTH: " MACSTR
" unauthorizing port",
332 MAC2STR(peer
->addr
));
335 if (res
&& errno
!= ENOENT
) {
336 wpa_printf(MSG_DEBUG
, "Could not set station " MACSTR
" flags "
337 "for kernel driver (errno=%d)",
338 MAC2STR(peer
->addr
), errno
);
343 static void auth_set_eapol(void *ctx
, const u8
*addr
,
344 wpa_eapol_variable var
, int value
)
346 struct ibss_rsn
*ibss_rsn
= ctx
;
347 struct ibss_rsn_peer
*peer
= ibss_rsn_get_peer(ibss_rsn
, addr
);
353 case WPA_EAPOL_authorized
:
354 ibss_set_sta_authorized(ibss_rsn
, peer
, value
);
357 /* do not handle any other event */
358 wpa_printf(MSG_DEBUG
, "AUTH: eapol event not handled %d", var
);
364 static int ibss_rsn_auth_init_group(struct ibss_rsn
*ibss_rsn
,
367 struct wpa_auth_config conf
;
368 struct wpa_auth_callbacks cb
;
370 wpa_printf(MSG_DEBUG
, "AUTH: Initializing group state machine");
372 os_memset(&conf
, 0, sizeof(conf
));
374 conf
.wpa_key_mgmt
= WPA_KEY_MGMT_PSK
;
375 conf
.wpa_pairwise
= WPA_CIPHER_CCMP
;
376 conf
.rsn_pairwise
= WPA_CIPHER_CCMP
;
377 conf
.wpa_group
= WPA_CIPHER_CCMP
;
378 conf
.eapol_version
= 2;
379 conf
.wpa_group_rekey
= 600;
381 os_memset(&cb
, 0, sizeof(cb
));
383 cb
.logger
= auth_logger
;
384 cb
.set_eapol
= auth_set_eapol
;
385 cb
.send_eapol
= auth_send_eapol
;
386 cb
.get_psk
= auth_get_psk
;
387 cb
.set_key
= auth_set_key
;
388 cb
.for_each_sta
= auth_for_each_sta
;
390 ibss_rsn
->auth_group
= wpa_init(own_addr
, &conf
, &cb
);
391 if (ibss_rsn
->auth_group
== NULL
) {
392 wpa_printf(MSG_DEBUG
, "AUTH: wpa_init() failed");
396 wpa_init_keys(ibss_rsn
->auth_group
);
402 static int ibss_rsn_auth_init(struct ibss_rsn
*ibss_rsn
,
403 struct ibss_rsn_peer
*peer
)
405 peer
->auth
= wpa_auth_sta_init(ibss_rsn
->auth_group
, peer
->addr
);
406 if (peer
->auth
== NULL
) {
407 wpa_printf(MSG_DEBUG
, "AUTH: wpa_auth_sta_init() failed");
411 /* TODO: get peer RSN IE with Probe Request */
412 if (wpa_validate_wpa_ie(ibss_rsn
->auth_group
, peer
->auth
,
413 (u8
*) "\x30\x14\x01\x00"
415 "\x01\x00\x00\x0f\xac\x04"
416 "\x01\x00\x00\x0f\xac\x02"
417 "\x00\x00", 22, NULL
, 0) !=
419 wpa_printf(MSG_DEBUG
, "AUTH: wpa_validate_wpa_ie() failed");
423 if (wpa_auth_sm_event(peer
->auth
, WPA_ASSOC
))
426 if (wpa_auth_sta_associated(ibss_rsn
->auth_group
, peer
->auth
))
433 int ibss_rsn_start(struct ibss_rsn
*ibss_rsn
, const u8
*addr
)
435 struct ibss_rsn_peer
*peer
;
437 if (ibss_rsn
== NULL
)
440 if (ibss_rsn_get_peer(ibss_rsn
, addr
)) {
441 wpa_printf(MSG_DEBUG
, "RSN: IBSS Authenticator and Supplicant "
442 "for peer " MACSTR
" already running",
447 wpa_printf(MSG_DEBUG
, "RSN: Starting IBSS Authenticator and "
448 "Supplicant for peer " MACSTR
, MAC2STR(addr
));
450 peer
= os_zalloc(sizeof(*peer
));
454 peer
->ibss_rsn
= ibss_rsn
;
455 os_memcpy(peer
->addr
, addr
, ETH_ALEN
);
457 if (ibss_rsn_supp_init(peer
, ibss_rsn
->wpa_s
->own_addr
, ibss_rsn
->psk
)
463 if (ibss_rsn_auth_init(ibss_rsn
, peer
) < 0) {
468 peer
->next
= ibss_rsn
->peers
;
469 ibss_rsn
->peers
= peer
;
475 void ibss_rsn_stop(struct ibss_rsn
*ibss_rsn
, const u8
*peermac
)
477 struct ibss_rsn_peer
*peer
, *prev
;
479 if (ibss_rsn
== NULL
)
482 if (peermac
== NULL
) {
483 /* remove all peers */
484 wpa_printf(MSG_DEBUG
, "%s: Remove all peers", __func__
);
485 peer
= ibss_rsn
->peers
;
490 ibss_rsn
->peers
= peer
;
493 /* remove specific peer */
494 wpa_printf(MSG_DEBUG
, "%s: Remove specific peer " MACSTR
,
495 __func__
, MAC2STR(peermac
));
497 for (prev
= NULL
, peer
= ibss_rsn
->peers
; peer
!= NULL
;
498 prev
= peer
, peer
= peer
->next
) {
499 if (os_memcmp(peermac
, peer
->addr
, ETH_ALEN
) == 0) {
501 ibss_rsn
->peers
= peer
->next
;
503 prev
->next
= peer
->next
;
505 wpa_printf(MSG_DEBUG
, "%s: Successfully "
506 "removed a specific peer",
515 struct ibss_rsn
* ibss_rsn_init(struct wpa_supplicant
*wpa_s
)
517 struct ibss_rsn
*ibss_rsn
;
519 ibss_rsn
= os_zalloc(sizeof(*ibss_rsn
));
520 if (ibss_rsn
== NULL
)
522 ibss_rsn
->wpa_s
= wpa_s
;
524 if (ibss_rsn_auth_init_group(ibss_rsn
, wpa_s
->own_addr
) < 0) {
525 ibss_rsn_deinit(ibss_rsn
);
533 void ibss_rsn_deinit(struct ibss_rsn
*ibss_rsn
)
535 struct ibss_rsn_peer
*peer
, *prev
;
537 if (ibss_rsn
== NULL
)
540 peer
= ibss_rsn
->peers
;
547 wpa_deinit(ibss_rsn
->auth_group
);
553 static int ibss_rsn_eapol_dst_supp(const u8
*buf
, size_t len
)
555 const struct ieee802_1x_hdr
*hdr
;
556 const struct wpa_eapol_key
*key
;
560 /* TODO: Support other EAPOL packets than just EAPOL-Key */
562 if (len
< sizeof(*hdr
) + sizeof(*key
))
565 hdr
= (const struct ieee802_1x_hdr
*) buf
;
566 key
= (const struct wpa_eapol_key
*) (hdr
+ 1);
567 plen
= be_to_host16(hdr
->length
);
569 if (hdr
->version
< EAPOL_VERSION
) {
570 /* TODO: backwards compatibility */
572 if (hdr
->type
!= IEEE802_1X_TYPE_EAPOL_KEY
) {
573 wpa_printf(MSG_DEBUG
, "RSN: EAPOL frame (type %u) discarded, "
574 "not a Key frame", hdr
->type
);
577 if (plen
> len
- sizeof(*hdr
) || plen
< sizeof(*key
)) {
578 wpa_printf(MSG_DEBUG
, "RSN: EAPOL frame payload size %lu "
579 "invalid (frame size %lu)",
580 (unsigned long) plen
, (unsigned long) len
);
584 if (key
->type
!= EAPOL_KEY_TYPE_RSN
) {
585 wpa_printf(MSG_DEBUG
, "RSN: EAPOL-Key type (%d) unknown, "
586 "discarded", key
->type
);
590 key_info
= WPA_GET_BE16(key
->key_info
);
592 return !!(key_info
& WPA_KEY_INFO_ACK
);
596 static int ibss_rsn_process_rx_eapol(struct ibss_rsn
*ibss_rsn
,
597 struct ibss_rsn_peer
*peer
,
598 const u8
*buf
, size_t len
)
603 supp
= ibss_rsn_eapol_dst_supp(buf
, len
);
607 tmp
= os_malloc(len
);
610 os_memcpy(tmp
, buf
, len
);
612 wpa_printf(MSG_DEBUG
, "RSN: IBSS RX EAPOL for Supplicant");
613 wpa_sm_rx_eapol(peer
->supp
, peer
->addr
, tmp
, len
);
615 wpa_printf(MSG_DEBUG
, "RSN: IBSS RX EAPOL for Authenticator");
616 wpa_receive(ibss_rsn
->auth_group
, peer
->auth
, tmp
, len
);
624 int ibss_rsn_rx_eapol(struct ibss_rsn
*ibss_rsn
, const u8
*src_addr
,
625 const u8
*buf
, size_t len
)
627 struct ibss_rsn_peer
*peer
;
629 if (ibss_rsn
== NULL
)
632 peer
= ibss_rsn_get_peer(ibss_rsn
, src_addr
);
634 return ibss_rsn_process_rx_eapol(ibss_rsn
, peer
, buf
, len
);
636 if (ibss_rsn_eapol_dst_supp(buf
, len
) > 0) {
638 * Create new IBSS peer based on an EAPOL message from the peer
641 if (ibss_rsn_start(ibss_rsn
, src_addr
) < 0)
643 return ibss_rsn_process_rx_eapol(ibss_rsn
, ibss_rsn
->peers
,
651 void ibss_rsn_set_psk(struct ibss_rsn
*ibss_rsn
, const u8
*psk
)
653 if (ibss_rsn
== NULL
)
655 os_memcpy(ibss_rsn
->psk
, psk
, PMK_LEN
);