VOID PeerProbeReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
UCHAR Addr2[MAC_ADDR_LEN];
CHAR Ssid[MAX_LEN_OF_SSID];
UCHAR SsidLen;
#ifdef DOT11_N_SUPPORT
UCHAR HtLen, AddHtLen, NewExtLen;
#endif
HEADER_802_11 ProbeRspHdr;
NDIS_STATUS NStatus;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
LARGE_INTEGER FakeTimestamp;
UCHAR DsLen = 1, IbssLen = 2;
UCHAR LocalErpIe[3] = {IE_ERP, 1, 0};
BOOLEAN Privacy;
USHORT CapabilityInfo;
UCHAR RSNIe = IE_WPA;
if (! ADHOC_ON(pAd))
return;
if (PeerProbeReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, Ssid, &SsidLen))
{
if ((SsidLen == 0) || SSID_EQUAL(Ssid, SsidLen, pAd->CommonCfg.Ssid, pAd->CommonCfg.SsidLen))
{
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
Privacy = (pAd->StaCfg.WepStatus == Ndis802_11Encryption1Enabled) ||
(pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled) ||
(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled);
CapabilityInfo = CAP_GENERATE(0, 1, Privacy, (pAd->CommonCfg.TxPreamble == Rt802_11PreambleShort), 0, 0);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &ProbeRspHdr,
TIMESTAMP_LEN, &FakeTimestamp,
2, &pAd->CommonCfg.BeaconPeriod,
2, &CapabilityInfo,
1, &SsidIe,
1, &pAd->CommonCfg.SsidLen,
pAd->CommonCfg.SsidLen, pAd->CommonCfg.Ssid,
1, &SupRateIe,
1, &pAd->StaActive.SupRateLen,
pAd->StaActive.SupRateLen, pAd->StaActive.SupRate,
1, &DsIe,
1, &DsLen,
1, &pAd->CommonCfg.Channel,
1, &IbssIe,
1, &IbssLen,
2, &pAd->StaActive.AtimWin,
END_OF_ARGS);
if (pAd->StaActive.ExtRateLen)
{
ULONG tmp;
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
3, LocalErpIe,
1, &ExtRateIe,
1, &pAd->StaActive.ExtRateLen,
pAd->StaActive.ExtRateLen, &pAd->StaActive.ExtRate,
END_OF_ARGS);
FrameLen += tmp;
}
if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPANone)
{
ULONG tmp;
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
1, &RSNIe,
1, &pAd->StaCfg.RSNIE_Len,
pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE,
END_OF_ARGS);
FrameLen += tmp;
}
#ifdef DOT11_N_SUPPORT
if (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED)
{
ULONG TmpLen;
UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33};
HtLen = sizeof(pAd->CommonCfg.HtCapability);
AddHtLen = sizeof(pAd->CommonCfg.AddHTInfo);
NewExtLen = 1;
if (pAd->bBroadComHT == TRUE)
{
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &WpaIe,
4, &BROADCOM[0],
pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
END_OF_ARGS);
}
else
{
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &HtCapIe,
1, &HtLen,
sizeof(HT_CAPABILITY_IE), &pAd->CommonCfg.HtCapability,
1, &AddHtInfoIe,
1, &AddHtLen,
sizeof(ADD_HT_INFO_IE), &pAd->CommonCfg.AddHTInfo,
1, &NewExtChanIe,
1, &NewExtLen,
sizeof(NEW_EXT_CHAN_IE), &pAd->CommonCfg.NewExtChanOffset,
END_OF_ARGS);
}
FrameLen += TmpLen;
}
#endif
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
}
}
/*
==========================================================================
Description:
mlme assoc req handling procedure
Parameters:
Adapter - Adapter pointer
Elem - MLME Queue Element
Pre:
the station has been authenticated and the following information is stored in the config
-# SSID
-# supported rates and their length
Post :
-# An association request frame is generated and sent to the air
-# Association timer starts
-# Association state -> ASSOC_WAIT_RSP
==========================================================================
*/
static VOID ApCliMlmeAssocReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
NDIS_STATUS NStatus;
BOOLEAN Cancelled;
UCHAR ApAddr[6];
HEADER_802_11 AssocHdr;
UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00};
USHORT ListenIntv;
ULONG Timeout;
USHORT CapabilityInfo;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
ULONG tmp;
UCHAR SsidIe = IE_SSID;
UCHAR SupRateIe = IE_SUPP_RATES;
UCHAR ExtRateIe = IE_EXT_SUPP_RATES;
APCLI_CTRL_MSG_STRUCT ApCliCtrlMsg;
USHORT ifIndex = (USHORT)(Elem->Priv);
PULONG pCurrState = NULL;
PAPCLI_STRUCT pApCliEntry = NULL;
#ifdef APCLI_WPA_SUPPLICANT_SUPPORT
USHORT VarIesOffset = 0;
#endif /* APCLI_WPA_SUPPLICANT_SUPPORT */
UCHAR RSNIe = IE_WPA;
#ifdef MAC_REPEATER_SUPPORT
UCHAR CliIdx = 0xFF;
#endif /* MAC_REPEATER_SUPPORT */
if ((ifIndex >= MAX_APCLI_NUM)
#ifdef MAC_REPEATER_SUPPORT
&& (ifIndex < 64)
#endif /* MAC_REPEATER_SUPPORT */
)
return;
#ifdef MAC_REPEATER_SUPPORT
if (ifIndex >= 64)
{
CliIdx = ((ifIndex - 64) % 16);
ifIndex = ((ifIndex - 64) / 16);
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].AssocCurrState;
}
else
#endif /* MAC_REPEATER_SUPPORT */
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].AssocCurrState;
pApCliEntry = &pAd->ApCfg.ApCliTab[ifIndex];
/* Block all authentication request durning WPA block period */
if (pApCliEntry->bBlockAssoc == TRUE)
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - Block Auth request durning WPA block period!\n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_STATE_MACHINE_REJECT;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_ASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
}
else if(MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv))
{
//RTMPCancelTimer(&pAd->ApCliMlmeAux.ApCliAssocTimer, &Cancelled);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
RTMPCancelTimer(&pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].ApCliAssocTimer, &Cancelled);
else
#endif /* MAC_REPEATER_SUPPORT */
RTMPCancelTimer(&pApCliEntry->ApCliMlmeAux.ApCliAssocTimer, &Cancelled);
/* allocate and send out AssocRsp frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); /*Get an unused nonpaged memory */
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_ERROR, ("APCLI_ASSOC - ApCliMlmeAssocReqAction() allocate memory failed \n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_FAIL_NO_RESOURCE;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_ASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
return;
}
#ifdef APCLI_WPA_SUPPLICANT_SUPPORT
pApCliEntry->AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
pApCliEntry->AssocInfo.AvailableRequestFixedIEs =
NDIS_802_11_AI_REQFI_CAPABILITIES | NDIS_802_11_AI_REQFI_LISTENINTERVAL;
pApCliEntry->AssocInfo.RequestFixedIEs.Capabilities = CapabilityInfo;
pApCliEntry->AssocInfo.RequestFixedIEs.ListenInterval = ListenIntv;
pApCliEntry->AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
NdisZeroMemory(pApCliEntry->ReqVarIEs, MAX_VIE_LEN);
/*First add SSID*/
VarIesOffset = 0;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, &SsidIe, 1);
VarIesOffset += 1;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SsidLen, 1);
VarIesOffset += 1;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen);
VarIesOffset += pAd->MlmeAux.SsidLen;
/*Second add Supported rates*/
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, &SupRateIe, 1);
VarIesOffset += 1;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SupRateLen, 1);
VarIesOffset += 1;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, pAd->MlmeAux.SupRate, pAd->MlmeAux.SupRateLen);
VarIesOffset += pAd->MlmeAux.SupRateLen;
#endif /* APCLI_WPA_SUPPLICANT_SUPPORT */
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - Send ASSOC request...\n"));
ApCliMgtMacHeaderInit(pAd, &AssocHdr, SUBTYPE_ASSOC_REQ, 0, ApAddr, ApAddr, ifIndex);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
COPY_MAC_ADDR(AssocHdr.Addr2, pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].CurrentAddress);
#endif /* MAC_REPEATER_SUPPORT */
/* Build basic frame first */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AssocHdr,
2, &CapabilityInfo,
2, &ListenIntv,
1, &SsidIe,
1, &pApCliEntry->ApCliMlmeAux.SsidLen,
pApCliEntry->ApCliMlmeAux.SsidLen, pApCliEntry->ApCliMlmeAux.Ssid,
1, &SupRateIe,
1, &pApCliEntry->ApCliMlmeAux.SupRateLen,
pApCliEntry->ApCliMlmeAux.SupRateLen, pApCliEntry->ApCliMlmeAux.SupRate,
END_OF_ARGS);
if(pApCliEntry->ApCliMlmeAux.ExtRateLen != 0)
{
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
1, &ExtRateIe,
1, &pApCliEntry->ApCliMlmeAux.ExtRateLen,
pApCliEntry->ApCliMlmeAux.ExtRateLen, pApCliEntry->ApCliMlmeAux.ExtRate,
END_OF_ARGS);
FrameLen += tmp;
}
#ifdef DOT11_N_SUPPORT
/* HT */
if ((pApCliEntry->ApCliMlmeAux.HtCapabilityLen > 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED))
{
ULONG TmpLen;
HT_CAPABILITY_IE HtCapabilityTmp;
NdisZeroMemory(&HtCapabilityTmp, sizeof(HT_CAPABILITY_IE));
NdisMoveMemory(&HtCapabilityTmp, &pApCliEntry->ApCliMlmeAux.HtCapability, pApCliEntry->ApCliMlmeAux.HtCapabilityLen);
#ifdef DOT11N_SS3_SUPPORT
HtCapabilityTmp.MCSSet[2] = (pApCliEntry->ApCliMlmeAux.HtCapability.MCSSet[2] & pApCliEntry->RxMcsSet[2]);
#endif /* DOT11N_SS3_SUPPORT */
#ifdef RT_BIG_ENDIAN
*(USHORT *)(&HtCapabilityTmp.HtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.HtCapInfo));
*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo));
#endif /* RT_BIG_ENDINA */
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &HtCapIe,
1, &pApCliEntry->ApCliMlmeAux.HtCapabilityLen,
pApCliEntry->ApCliMlmeAux.HtCapabilityLen, &HtCapabilityTmp,
END_OF_ARGS);
FrameLen += TmpLen;
}
#ifdef DOT11N_DRAFT3
#ifdef APCLI_CERT_SUPPORT
if (pAd->bApCliCertTest == TRUE)
{
ULONG TmpLen;
EXT_CAP_INFO_ELEMENT extCapInfo;
UCHAR extInfoLen;
extInfoLen = sizeof (EXT_CAP_INFO_ELEMENT);
NdisZeroMemory(&extCapInfo, extInfoLen);
if ((pAd->CommonCfg.bBssCoexEnable == TRUE) &&
(pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED)
&& (pAd->CommonCfg.Channel <= 14)
)
{
extCapInfo.BssCoexistMgmtSupport = 1;
DBGPRINT(RT_DEBUG_TRACE, ("%s: BssCoexistMgmtSupport = 1\n", __FUNCTION__));
}
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &ExtCapIe,
1, &extInfoLen,
extInfoLen, &extCapInfo,
END_OF_ARGS);
FrameLen += TmpLen;
}
#endif /* APCLI_CERT_SUPPORT */
#endif /* DOT11N_DRAFT3 */
#endif /* DOT11_N_SUPPORT */
#ifdef AGGREGATION_SUPPORT
/*
add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION
Case I: (Aggregation + Piggy-Back)
1. user enable aggregation, AND
2. Mac support piggy-back
3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON
Case II: (Aggregation)
1. user enable aggregation, AND
2. AP annouces it's AGGREGATION-capable in BEACON
*/
if (pAd->CommonCfg.bAggregationCapable)
{
#ifdef PIGGYBACK_SUPPORT
if ((pAd->CommonCfg.bPiggyBackCapable) && ((pApCliEntry->ApCliMlmeAux.APRalinkIe & 0x00000003) == 3))
{
ULONG TmpLen;
UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00};
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
9, RalinkIe,
END_OF_ARGS);
FrameLen += TmpLen;
} else
#endif /* PIGGYBACK_SUPPORT */
if (pApCliEntry->ApCliMlmeAux.APRalinkIe & 0x00000001)
{
ULONG TmpLen;
UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00};
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
9, RalinkIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
}
else
{
ULONG TmpLen;
UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x06, 0x00, 0x00, 0x00};
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
9, RalinkIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
#endif /* AGGREGATION_SUPPORT */
if (pApCliEntry->ApCliMlmeAux.APEdcaParm.bValid)
{
if (pApCliEntry->UapsdInfo.bAPSDCapable &&
pApCliEntry->ApCliMlmeAux.APEdcaParm.bAPSDCapable)
{
QBSS_STA_INFO_PARM QosInfo;
NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM));
QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE;
QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK;
QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI;
QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO;
QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength;
WmeIe[8] |= *(PUCHAR)&QosInfo;
}
else
{
/* The Parameter Set Count is set to бз0би in the association request frames */
/* WmeIe[8] |= (pAd->MlmeAux.APEdcaParm.EdcaUpdateCount & 0x0f); */
}
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
9, &WmeIe[0],
END_OF_ARGS);
FrameLen += tmp;
}
/* Append RSN_IE when WPAPSK OR WPA2PSK, */
if (((pApCliEntry->AuthMode == Ndis802_11AuthModeWPAPSK) ||
(pApCliEntry->AuthMode == Ndis802_11AuthModeWPA2PSK))
#ifdef APCLI_WPA_SUPPLICANT_SUPPORT
|| (pApCliEntry->AuthMode >= Ndis802_11AuthModeWPA)
#endif /* APCLI_WPA_SUPPLICANT_SUPPORT */
#ifdef WSC_AP_SUPPORT
&& ((pApCliEntry->WscControl.WscConfMode == WSC_DISABLE) ||
((pApCliEntry->WscControl.WscConfMode != WSC_DISABLE) &&
!(pApCliEntry->WscControl.bWscTrigger
)))
#endif /* WSC_AP_SUPPORT */
)
{
RSNIe = IE_WPA;
if ((pApCliEntry->AuthMode == Ndis802_11AuthModeWPA2PSK)
#ifdef APCLI_WPA_SUPPLICANT_SUPPORT
||(pApCliEntry->AuthMode == Ndis802_11AuthModeWPA2)
#endif/*APCLI_WPA_SUPPLICANT_SUPPORT*/
)
RSNIe = IE_WPA2;
#ifdef APCLI_WPA_SUPPLICANT_SUPPORT
if (pApCliEntry->AuthMode == Ndis802_11AuthModeWPA2)
{
INT idx;
BOOLEAN FoundPMK = FALSE;
/* Search chched PMKID, append it if existed */
for (idx = 0; idx < PMKID_NO; idx++)
{
if (NdisEqualMemory(ApAddr, &pApCliEntry->SavedPMK[idx].BSSID, 6))
{
FoundPMK = TRUE;
break;
}
}
/*
When AuthMode is WPA2-Enterprise and AP reboot or STA lost AP,
AP would not do PMK cache with STA after STA re-connect to AP again.
In this case, driver doesn't need to send PMKID to AP and WpaSupplicant.
*/
if ((pApCliEntry->AuthMode == Ndis802_11AuthModeWPA2) &&
(NdisEqualMemory(pAd->MlmeAux.Bssid, pAd->CommonCfg.LastBssid, MAC_ADDR_LEN)))
{
FoundPMK = FALSE;
}
if (FoundPMK)
{
// Set PMK number
*(PUSHORT) &pApCliEntry->RSN_IE[pApCliEntry->RSNIE_Len] = 1;
NdisMoveMemory(&pApCliEntry->RSN_IE[pApCliEntry->RSNIE_Len + 2], &pApCliEntry->SavedPMK[idx].PMKID, 16);
pApCliEntry->RSNIE_Len += 18;
}
}
#ifdef SIOCSIWGENIE
if ((pApCliEntry->WpaSupplicantUP & WPA_SUPPLICANT_ENABLE) &&
(pApCliEntry->bRSN_IE_FromWpaSupplicant == TRUE))
{
;
}
else
#endif
#endif /*APCLI_WPA_SUPPLICANT_SUPPORT*/
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
1, &RSNIe,
1, &pApCliEntry->RSNIE_Len,
pApCliEntry->RSNIE_Len, pApCliEntry->RSN_IE,
END_OF_ARGS);
FrameLen += tmp;
}
#ifdef APCLI_WPA_SUPPLICANT_SUPPORT
#ifdef SIOCSIWGENIE
if (((pApCliEntry->WpaSupplicantUP & 0x7F) != WPA_SUPPLICANT_ENABLE) ||
(pApCliEntry->bRSN_IE_FromWpaSupplicant == FALSE))
#endif
{
// Append Variable IE
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, &RSNIe, 1);
VarIesOffset += 1;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, &pApCliEntry->RSNIE_Len, 1);
VarIesOffset += 1;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, pApCliEntry->RSN_IE, pApCliEntry->RSNIE_Len);
VarIesOffset += pAd->ApCfg.ApCliTab[ifIndex].RSNIE_Len;
// Set Variable IEs Length
pApCliEntry->ReqVarIELen = VarIesOffset;
}
#ifdef SIOCSIWGENIE
if ((pApCliEntry->WpaSupplicantUP & WPA_SUPPLICANT_ENABLE) &&
(pApCliEntry->bRSN_IE_FromWpaSupplicant == TRUE))
{
ULONG TmpWpaAssocIeLen = 0;
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpWpaAssocIeLen,
pApCliEntry->WpaAssocIeLen, pApCliEntry->pWpaAssocIe,
END_OF_ARGS);
FrameLen += TmpWpaAssocIeLen;
NdisMoveMemory(pApCliEntry->ReqVarIEs + VarIesOffset, pApCliEntry->pWpaAssocIe, pApCliEntry->WpaAssocIeLen);
VarIesOffset += pApCliEntry->WpaAssocIeLen;
// Set Variable IEs Length
pApCliEntry->ReqVarIELen = VarIesOffset;
}
#endif
#endif /* APCLI_WPA_SUPPLICANT_SUPPORT */
#ifdef WSC_AP_SUPPORT
/* Add WSC IE if we are connecting to WSC AP */
if ((pAd->ApCfg.ApCliTab[ifIndex].WscControl.WscConfMode != WSC_DISABLE) &&
(pAd->ApCfg.ApCliTab[ifIndex].WscControl.bWscTrigger))
{
UCHAR *pWscBuf = NULL, WscIeLen = 0;
ULONG WscTmpLen = 0;
os_alloc_mem(pAd, (UCHAR **) & pWscBuf, 512);
/* if( (pWscBuf = kmalloc(512, GFP_ATOMIC)) != NULL) */
if (pWscBuf != NULL) {
NdisZeroMemory(pWscBuf, 512);
WscBuildAssocReqIE(&pAd->ApCfg.ApCliTab[ifIndex].WscControl, pWscBuf, &WscIeLen);
MakeOutgoingFrame(pOutBuffer + FrameLen,
&WscTmpLen, WscIeLen, pWscBuf,
END_OF_ARGS);
FrameLen += WscTmpLen;
/* kfree(pWscBuf); */
os_free_mem(NULL, pWscBuf);
} else
DBGPRINT(RT_DEBUG_WARN,
("%s:: WscBuf Allocate failed!\n",
__FUNCTION__));
}
#endif /* WSC_AP_SUPPORT */
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
RTMPSetTimer(&pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].ApCliAssocTimer, Timeout);
else
#endif /* MAC_REPEATER_SUPPORT */
RTMPSetTimer(&pApCliEntry->ApCliMlmeAux.ApCliAssocTimer, Timeout);
*pCurrState = APCLI_ASSOC_WAIT_RSP;
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - ApCliMlmeAssocReqAction() sanity check failed. BUG!!!!!! \n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_INVALID_FORMAT;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_ASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
}
return;
}
/*
========================================================================
Routine Description:
Handle a alarm.
Arguments:
pAd - WLAN control block pointer
Return Value:
None
Note:
You can use different methods to handle QBSS Load alarm here.
Current methods are:
1. Change 20/40 to 20-only.
2. Change channel to the clear channel.
========================================================================
*/
static VOID QBSS_LoadAlarm(
IN RTMP_ADAPTER *pAd)
{
/* suspend alarm until channel switch */
QBSS_LoadAlarmSuspend(pAd);
pAd->QloadAlarmNumber ++;
/* check if we have already been 20M bandwidth */
#ifdef DOT11_N_SUPPORT
#ifdef DOT11N_DRAFT3
if ((pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset != 0) &&
(pAd->CommonCfg.AddHTInfo.AddHtInfo.RecomWidth != 0))
{
MAC_TABLE *pMacTable;
UINT32 StaId;
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Change to 20 bw...\n"));
/* disassociate stations without D3 2040Coexistence function */
pMacTable = &pAd->MacTab;
for(StaId=1; StaId<MAX_LEN_OF_MAC_TABLE; StaId++)
{
MAC_TABLE_ENTRY *pEntry = &pMacTable->Content[StaId];
BOOLEAN bDisconnectSta = FALSE;
if (!IS_ENTRY_CLIENT(pEntry))
continue;
/* End of if */
if (pEntry->Sst != SST_ASSOC)
continue;
/* End of if */
if (pEntry->BSS2040CoexistenceMgmtSupport)
bDisconnectSta = TRUE;
/* End of if */
if (bDisconnectSta)
{
// send wireless event - for ageout
RTMPSendWirelessEvent(pAd, IW_AGEOUT_EVENT_FLAG, pEntry->Addr, 0, 0);
{
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
HEADER_802_11 DeAuthHdr;
USHORT Reason;
// send out a DISASSOC request frame
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, (" MlmeAllocateMemory fail ..\n"));
//NdisReleaseSpinLock(&pAd->MacTabLock);
continue;
}
Reason = REASON_DEAUTH_STA_LEAVING;
MgtMacHeaderInit(pAd, &DeAuthHdr, SUBTYPE_DEAUTH, 0,
pEntry->Addr,
pAd->ApCfg.MBSSID[pEntry->apidx].Bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &DeAuthHdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Deauth the station "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
pEntry->Addr[0], pEntry->Addr[1],
pEntry->Addr[2], pEntry->Addr[3],
pEntry->Addr[4], pEntry->Addr[5]));
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
continue;
} /* End of if */
} /* End of for */
/* for 11n */
pAd->CommonCfg.AddHTInfo.AddHtInfo.RecomWidth = 0;
pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset = 0;
/* always 20M */
pAd->CommonCfg.RegTransmitSetting.field.BW = BW_20;
/* mark alarm flag */
pAd->FlgQloadAlarm = TRUE;
QBSS_LoadAlarmResume(pAd);
}
else
#endif // DOT11N_DRAFT3 //
#endif // DOT11_N_SUPPORT //
{
/* we are in 20MHz bandwidth so try to switch channel */
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Switch channel...\n"));
/* send command to switch channel */
RTEnqueueInternalCmd(pAd, CMDTHREAD_CHAN_RESCAN, NULL, 0);
} /* End of if */
} /* End of QBSS_LoadAlarm */
/*
==========================================================================
Description:
mlme assoc req handling procedure
Parameters:
Adapter - Adapter pointer
Elem - MLME Queue Element
Pre:
the station has been authenticated and the following information is stored in the config
-# SSID
-# supported rates and their length
Post :
-# An association request frame is generated and sent to the air
-# Association timer starts
-# Association state -> ASSOC_WAIT_RSP
==========================================================================
*/
static VOID ApCliMlmeAssocReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
NDIS_STATUS NStatus;
BOOLEAN Cancelled;
UCHAR ApAddr[6];
HEADER_802_11 AssocHdr;
UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00};
USHORT ListenIntv;
ULONG Timeout;
USHORT CapabilityInfo;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
ULONG tmp;
UCHAR SsidIe = IE_SSID;
UCHAR SupRateIe = IE_SUPP_RATES;
UCHAR ExtRateIe = IE_EXT_SUPP_RATES;
APCLI_CTRL_MSG_STRUCT ApCliCtrlMsg;
USHORT ifIndex = (USHORT)(Elem->Priv);
PULONG pCurrState = NULL;
UCHAR RSNIe = IE_WPA;
APCLI_STRUCT *apcli_entry;
struct wifi_dev *wdev;
#ifdef MAC_REPEATER_SUPPORT
UCHAR CliIdx = 0xFF;
#endif /* MAC_REPEATER_SUPPORT */
if ((ifIndex >= MAX_APCLI_NUM)
#ifdef MAC_REPEATER_SUPPORT
&& (ifIndex < 64)
#endif /* MAC_REPEATER_SUPPORT */
)
return;
#ifdef MAC_REPEATER_SUPPORT
if (ifIndex >= 64)
{
CliIdx = ((ifIndex - 64) % 16);
ifIndex = ((ifIndex - 64) / 16);
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].AssocCurrState;
}
else
#endif /* MAC_REPEATER_SUPPORT */
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].AssocCurrState;
apcli_entry = &pAd->ApCfg.ApCliTab[ifIndex];
wdev = &apcli_entry->wdev;
/* Block all authentication request durning WPA block period */
if (apcli_entry->bBlockAssoc == TRUE)
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - Block Auth request durning WPA block period!\n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_STATE_MACHINE_REJECT;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_ASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
}
else if(MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv))
{
//RTMPCancelTimer(&apcli_entry->MlmeAux.ApCliAssocTimer, &Cancelled);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
RTMPCancelTimer(&apcli_entry->RepeaterCli[CliIdx].ApCliAssocTimer, &Cancelled);
else
#endif /* MAC_REPEATER_SUPPORT */
RTMPCancelTimer(&apcli_entry->MlmeAux.ApCliAssocTimer, &Cancelled);
/* allocate and send out AssocRsp frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); /*Get an unused nonpaged memory */
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - ApCliMlmeAssocReqAction() allocate memory failed \n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_FAIL_NO_RESOURCE;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_ASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
return;
}
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - Send ASSOC request...\n"));
ApCliMgtMacHeaderInit(pAd, &AssocHdr, SUBTYPE_ASSOC_REQ, 0, ApAddr, ApAddr, ifIndex);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
COPY_MAC_ADDR(AssocHdr.Addr2, apcli_entry->RepeaterCli[CliIdx].CurrentAddress);
#endif /* MAC_REPEATER_SUPPORT */
/* Build basic frame first */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AssocHdr,
2, &CapabilityInfo,
2, &ListenIntv,
1, &SsidIe,
1, &apcli_entry->MlmeAux.SsidLen,
apcli_entry->MlmeAux.SsidLen, apcli_entry->MlmeAux.Ssid,
1, &SupRateIe,
1, &apcli_entry->MlmeAux.SupRateLen,
apcli_entry->MlmeAux.SupRateLen, apcli_entry->MlmeAux.SupRate,
END_OF_ARGS);
if(apcli_entry->MlmeAux.ExtRateLen != 0)
{
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
1, &ExtRateIe,
1, &apcli_entry->MlmeAux.ExtRateLen,
apcli_entry->MlmeAux.ExtRateLen, apcli_entry->MlmeAux.ExtRate,
END_OF_ARGS);
FrameLen += tmp;
}
#ifdef DOT11_N_SUPPORT
/*
WFA recommend to restrict the encryption type in 11n-HT mode.
So, the WEP and TKIP are not allowed in HT rate.
*/
if (pAd->CommonCfg.HT_DisallowTKIP &&
IS_INVALID_HT_SECURITY(wdev->WepStatus))
{
/* Force to None-HT mode due to WiFi 11n policy */
apcli_entry->MlmeAux.HtCapabilityLen = 0;
#ifdef DOT11_VHT_AC
apcli_entry->MlmeAux.vht_cap_len = 0;
#endif /* DOT11_VHT_AC */
DBGPRINT(RT_DEBUG_TRACE, ("%s : Force AP-client as Non-HT mode\n", __FUNCTION__));
}
/* HT */
if ((apcli_entry->MlmeAux.HtCapabilityLen > 0) &&
WMODE_CAP_N(pAd->CommonCfg.PhyMode))
{
ULONG TmpLen;
HT_CAPABILITY_IE HtCapabilityTmp;
NdisZeroMemory(&HtCapabilityTmp, sizeof(HT_CAPABILITY_IE));
NdisMoveMemory(&HtCapabilityTmp, &apcli_entry->MlmeAux.HtCapability, apcli_entry->MlmeAux.HtCapabilityLen);
#ifdef DOT11N_SS3_SUPPORT
HtCapabilityTmp.MCSSet[2] = (apcli_entry->MlmeAux.HtCapability.MCSSet[2] & apcli_entry->RxMcsSet[2]);
#endif /* DOT11N_SS3_SUPPORT */
#ifdef RT_BIG_ENDIAN
*(USHORT *)(&HtCapabilityTmp.HtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.HtCapInfo));
*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo));
#endif /* RT_BIG_ENDINA */
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &HtCapIe,
1, &apcli_entry->MlmeAux.HtCapabilityLen,
apcli_entry->MlmeAux.HtCapabilityLen, &HtCapabilityTmp,
END_OF_ARGS);
FrameLen += TmpLen;
#ifdef DOT11_VHT_AC
if (WMODE_CAP_AC(pAd->CommonCfg.PhyMode) &&
(pAd->CommonCfg.Channel > 14) &&
(apcli_entry->MlmeAux.vht_cap_len))
{
FrameLen += build_vht_ies(pAd, (UCHAR *)(pOutBuffer + FrameLen), SUBTYPE_ASSOC_REQ);
}
#endif /* DOT11_VHT_AC */
}
#endif /* DOT11_N_SUPPORT */
#ifdef AGGREGATION_SUPPORT
/*
add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION
Case I: (Aggregation + Piggy-Back)
1. user enable aggregation, AND
2. Mac support piggy-back
3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON
Case II: (Aggregation)
1. user enable aggregation, AND
2. AP annouces it's AGGREGATION-capable in BEACON
*/
if (pAd->CommonCfg.bAggregationCapable)
{
#ifdef PIGGYBACK_SUPPORT
if ((pAd->CommonCfg.bPiggyBackCapable) && ((apcli_entry->MlmeAux.APRalinkIe & 0x00000003) == 3))
{
ULONG TmpLen;
UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00};
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
9, RalinkIe,
END_OF_ARGS);
FrameLen += TmpLen;
} else
#endif /* PIGGYBACK_SUPPORT */
if (apcli_entry->MlmeAux.APRalinkIe & 0x00000001)
{
ULONG TmpLen;
UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00};
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
9, RalinkIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
}
else
{
ULONG TmpLen;
UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x06, 0x00, 0x00, 0x00};
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
9, RalinkIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
#endif /* AGGREGATION_SUPPORT */
if (apcli_entry->MlmeAux.APEdcaParm.bValid)
{
if (apcli_entry->wdev.UapsdInfo.bAPSDCapable &&
apcli_entry->MlmeAux.APEdcaParm.bAPSDCapable)
{
QBSS_STA_INFO_PARM QosInfo;
NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM));
QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE;
QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK;
QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI;
QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO;
QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength;
WmeIe[8] |= *(PUCHAR)&QosInfo;
}
else
{
/* The Parameter Set Count is set to бз0би in the association request frames */
/* WmeIe[8] |= (pAd->MlmeAux.APEdcaParm.EdcaUpdateCount & 0x0f); */
}
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
9, &WmeIe[0],
END_OF_ARGS);
FrameLen += tmp;
}
#if defined(RT_CFG80211_P2P_CONCURRENT_DEVICE) || defined(CFG80211_MULTI_STA)
apcli_entry->ReqVarIELen = 0;
NdisZeroMemory(apcli_entry->ReqVarIEs, MAX_VIE_LEN);
if ((apcli_entry->wpa_supplicant_info.WpaSupplicantUP & 0x7F ) == WPA_SUPPLICANT_ENABLE)
{
DBGPRINT(RT_DEBUG_TRACE,("%s:: APCLI WPA_ASSOC_IE FROM SUPPLICANT\n", __FUNCTION__));
ULONG TmpWpaAssocIeLen = 0;
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpWpaAssocIeLen,
apcli_entry->wpa_supplicant_info.WpaAssocIeLen, apcli_entry->wpa_supplicant_info.pWpaAssocIe,
END_OF_ARGS);
FrameLen += TmpWpaAssocIeLen;
VarIesOffset = 0;
NdisMoveMemory(apcli_entry->ReqVarIEs + VarIesOffset,
apcli_entry->wpa_supplicant_info.pWpaAssocIe, apcli_entry->wpa_supplicant_info.WpaAssocIeLen);
VarIesOffset += apcli_entry->wpa_supplicant_info.WpaAssocIeLen;
// Set Variable IEs Length
apcli_entry->ReqVarIELen = VarIesOffset;
}
else
#endif /* RT_CFG80211_P2P_CONCURRENT_DEVICE || CFG80211_MULTI_STA */
/* Append RSN_IE when WPAPSK OR WPA2PSK, */
if (((wdev->AuthMode == Ndis802_11AuthModeWPAPSK) ||
(wdev->AuthMode == Ndis802_11AuthModeWPA2PSK))
#ifdef WSC_AP_SUPPORT
&& ((apcli_entry->WscControl.WscConfMode == WSC_DISABLE)
|| ((apcli_entry->WscControl.WscConfMode != WSC_DISABLE)
&& !(apcli_entry->WscControl.bWscTrigger)))
#endif /* WSC_AP_SUPPORT */
)
{
RSNIe = IE_WPA;
if ((wdev->AuthMode == Ndis802_11AuthModeWPA2PSK)
)
RSNIe = IE_WPA2;
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
1, &RSNIe,
1, &apcli_entry->RSNIE_Len,
apcli_entry->RSNIE_Len, apcli_entry->RSN_IE,
END_OF_ARGS);
FrameLen += tmp;
}
#ifdef WSC_AP_SUPPORT
/* Add WSC IE if we are connecting to WSC AP */
if ((pAd->ApCfg.ApCliTab[ifIndex].WscControl.WscConfMode != WSC_DISABLE) &&
(pAd->ApCfg.ApCliTab[ifIndex].WscControl.bWscTrigger))
{
UCHAR *pWscBuf = NULL, WscIeLen = 0;
ULONG WscTmpLen = 0;
os_alloc_mem(pAd, (UCHAR **) &pWscBuf, 512);
/* if( (pWscBuf = kmalloc(512, GFP_ATOMIC)) != NULL) */
if (pWscBuf != NULL) {
NdisZeroMemory(pWscBuf, 512);
WscBuildAssocReqIE(&pAd->ApCfg.ApCliTab[ifIndex].WscControl, pWscBuf, &WscIeLen);
MakeOutgoingFrame(pOutBuffer + FrameLen,
&WscTmpLen, WscIeLen, pWscBuf,
END_OF_ARGS);
FrameLen += WscTmpLen;
/* kfree(pWscBuf); */
os_free_mem(NULL, pWscBuf);
} else
DBGPRINT(RT_DEBUG_WARN,
("%s:: WscBuf Allocate failed!\n",
__FUNCTION__));
}
#endif /* WSC_AP_SUPPORT */
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
RTMPSetTimer(&apcli_entry->RepeaterCli[CliIdx].ApCliAssocTimer, Timeout);
else
#endif /* MAC_REPEATER_SUPPORT */
RTMPSetTimer(&apcli_entry->MlmeAux.ApCliAssocTimer, Timeout);
*pCurrState = APCLI_ASSOC_WAIT_RSP;
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - ApCliMlmeAssocReqAction() sanity check failed. BUG!!!!!! \n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_INVALID_FORMAT;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_ASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
}
return;
}
/*
==========================================================================
Description:
==========================================================================
*/
static VOID ApCliEnqueueProbeRequest(
IN PRTMP_ADAPTER pAd,
IN UCHAR SsidLen,
OUT PCHAR Ssid,
IN USHORT ifIndex)
{
NDIS_STATUS NState;
PUCHAR pOutBuffer;
ULONG FrameLen = 0;
HEADER_802_11 Hdr80211;
UCHAR SsidIe = IE_SSID;
UCHAR SupRateIe = IE_SUPP_RATES;
UCHAR ssidLen;
CHAR ssid[MAX_LEN_OF_SSID];
APCLI_STRUCT *pApCliEntry = NULL;
BOOLEAN bHasWscIe = FALSE;
DBGPRINT(RT_DEBUG_TRACE, ("force out a ProbeRequest ...\n"));
if (ifIndex >= MAX_APCLI_NUM)
return;
pApCliEntry = &pAd->ApCfg.ApCliTab[ifIndex];
NState = MlmeAllocateMemory(pAd, &pOutBuffer); /* Get an unused nonpaged memory */
if(NState != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, ("EnqueueProbeRequest() allocate memory fail\n"));
return;
}
else
{
if(MAC_ADDR_EQUAL(pAd->ApCfg.ApCliTab[ifIndex].CfgApCliBssid, ZERO_MAC_ADDR))
ApCliMgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0,
BROADCAST_ADDR, BROADCAST_ADDR, ifIndex);
else
ApCliMgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0,
pAd->ApCfg.ApCliTab[ifIndex].CfgApCliBssid, pAd->ApCfg.ApCliTab[ifIndex].CfgApCliBssid, ifIndex);
ssidLen = SsidLen;
NdisZeroMemory(ssid, MAX_LEN_OF_SSID);
NdisMoveMemory(ssid, Ssid, ssidLen);
/* this ProbeRequest explicitly specify SSID to reduce unwanted ProbeResponse */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr80211,
1, &SsidIe,
1, &ssidLen,
ssidLen, ssid,
1, &SupRateIe,
1, &pApCliEntry->MlmeAux.SupRateLen,
pApCliEntry->MlmeAux.SupRateLen, pApCliEntry->MlmeAux.SupRate,
END_OF_ARGS);
/* Add the extended rate IE */
if (pApCliEntry->MlmeAux.ExtRateLen != 0)
{
ULONG tmp;
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
1, &ExtRateIe,
1, &pApCliEntry->MlmeAux.ExtRateLen,
pApCliEntry->MlmeAux.ExtRateLen, pApCliEntry->MlmeAux.ExtRate,
END_OF_ARGS);
FrameLen += tmp;
}
#ifdef DOT11_VHT_AC
if (WMODE_CAP_AC(pAd->CommonCfg.PhyMode) &&
(pAd->CommonCfg.Channel > 14))
{
build_vht_cap_ie(pAd, (UCHAR *)&pApCliEntry->MlmeAux.vht_cap);
pApCliEntry->MlmeAux.vht_cap_len = sizeof(VHT_CAP_IE);
FrameLen += build_vht_ies(pAd, (UCHAR *)(pOutBuffer + FrameLen), SUBTYPE_PROBE_REQ);
}
#endif /* DOT11_VHT_AC */
#ifdef RT_CFG80211_P2P_CONCURRENT_DEVICE
if ((pAd->StaCfg.wpa_supplicant_info.WpaSupplicantUP != WPA_SUPPLICANT_DISABLE) &&
(pAd->cfg80211_ctrl.ExtraIeLen != 0))
{
ULONG ExtraIeTmpLen = 0;
MakeOutgoingFrame(pOutBuffer + FrameLen, &ExtraIeTmpLen,
pAd->cfg80211_ctrl.ExtraIeLen, pAd->cfg80211_ctrl.pExtraIe,
END_OF_ARGS);
FrameLen += ExtraIeTmpLen;
}
#endif /* RT_CFG80211_P2P_CONCURRENT_DEVICE*/
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
return;
}
/*
==========================================================================
Description:
Process the received ProbeRequest from clients
Parameters:
Elem - msg containing the ProbeReq frame
==========================================================================
*/
VOID APPeerProbeReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
UCHAR Addr2[MAC_ADDR_LEN];
CHAR Ssid[MAX_LEN_OF_SSID];
UCHAR SsidLen;
HEADER_802_11 ProbeRspHdr;
NDIS_STATUS NStatus;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0, TmpLen;
LARGE_INTEGER FakeTimestamp;
UCHAR DsLen = 1;
UCHAR ErpIeLen = 1;
UCHAR apidx = 0, PhyMode, SupRateLen;
UCHAR RSNIe=IE_WPA, RSNIe2=IE_WPA2;
BOOLEAN bRequestRssi=FALSE;
#ifdef WSC_AP_SUPPORT
UCHAR Addr3[MAC_ADDR_LEN];
PFRAME_802_11 pFrame = (PFRAME_802_11)Elem->Msg;
COPY_MAC_ADDR(Addr3, pFrame->Hdr.Addr3);
#endif /* WSC_AP_SUPPORT */
#ifdef WDS_SUPPORT
/* if in bridge mode, no need to reply probe req. */
if (pAd->WdsTab.Mode == WDS_BRIDGE_MODE)
return;
#endif /* WDS_SUPPORT */
if (! PeerProbeReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, Ssid, &SsidLen, &bRequestRssi))
return;
for(apidx=0; apidx<pAd->ApCfg.BssidNum; apidx++)
{
RSNIe = IE_WPA;
if ((pAd->ApCfg.MBSSID[apidx].MSSIDDev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(pAd->ApCfg.MBSSID[apidx].MSSIDDev)))
{
/* the interface is down, so we can not send probe response */
continue;
}
PhyMode = pAd->ApCfg.MBSSID[apidx].PhyMode;
if (((SsidLen == 0) && (! pAd->ApCfg.MBSSID[apidx].bHideSsid)) ||
#ifdef WSC_AP_SUPPORT
/* buffalo WPS testbed STA send ProbrRequest ssid length = 32 and ssid are not AP , but DA are AP. for WPS test send ProbeResponse */
((SsidLen == 32) && MAC_ADDR_EQUAL(Addr3, pAd->ApCfg.MBSSID[apidx].Bssid) && (pAd->ApCfg.MBSSID[apidx].bHideSsid == 0)) ||
#endif /* WSC_AP_SUPPORT */
((SsidLen == pAd->ApCfg.MBSSID[apidx].SsidLen) && NdisEqualMemory(Ssid, pAd->ApCfg.MBSSID[apidx].Ssid, (ULONG) SsidLen)))
;
else
continue; /* check next BSS */
#ifdef RT_CFG80211_SUPPORT
if (pAd->Cfg80211RegisterProbeReqFrame)
{
UINT32 freq;
MAP_CHANNEL_ID_TO_KHZ(Elem->Channel, freq);
freq /= 1000;
CFG80211OS_RxMgmt(pAd->ApCfg.MBSSID[apidx].MSSIDDev, freq, (PUCHAR)Elem->Msg, Elem->MsgLen);
}
#endif /* RT_CFG80211_SUPPORT */
#ifdef BAND_STEERING
BND_STRG_CHECK_CONNECTION_REQ( pAd,
NULL,
Addr2,
Elem->MsgType,
Elem->Rssi0,
Elem->Rssi1,
Elem->Rssi2,
NULL);
#endif /* BAND_STEERING */
/* allocate and send out ProbeRsp frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
MgtMacHeaderInit(pAd, &ProbeRspHdr, SUBTYPE_PROBE_RSP, 0, Addr2,
pAd->ApCfg.MBSSID[apidx].Bssid);
if ((pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWPA) ||
(pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWPAPSK))
RSNIe = IE_WPA;
else if ((pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWPA2) ||
(pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWPA2PSK))
RSNIe = IE_WPA2;
#ifdef WAPI_SUPPORT
else if ((pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWAICERT) ||
(pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWAIPSK))
RSNIe = IE_WAPI;
#endif /* WAPI_SUPPORT */
{
SupRateLen = pAd->CommonCfg.SupRateLen;
if (PhyMode == WMODE_B)
SupRateLen = 4;
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &ProbeRspHdr,
TIMESTAMP_LEN, &FakeTimestamp,
2, &pAd->CommonCfg.BeaconPeriod,
2, &pAd->ApCfg.MBSSID[apidx].CapabilityInfo,
1, &SsidIe,
1, &pAd->ApCfg.MBSSID[apidx].SsidLen,
pAd->ApCfg.MBSSID[apidx].SsidLen, pAd->ApCfg.MBSSID[apidx].Ssid,
1, &SupRateIe,
1, &SupRateLen,
SupRateLen, pAd->CommonCfg.SupRate,
1, &DsIe,
1, &DsLen,
1, &pAd->CommonCfg.Channel,
END_OF_ARGS);
}
if ((pAd->CommonCfg.ExtRateLen) && (PhyMode != WMODE_B))
{
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &ErpIe,
1, &ErpIeLen,
1, &pAd->ApCfg.ErpIeContent,
1, &ExtRateIe,
1, &pAd->CommonCfg.ExtRateLen,
pAd->CommonCfg.ExtRateLen, pAd->CommonCfg.ExtRate,
END_OF_ARGS);
FrameLen += TmpLen;
}
#ifdef DOT11_N_SUPPORT
if (WMODE_CAP_N(PhyMode) &&
(pAd->ApCfg.MBSSID[apidx].DesiredHtPhyInfo.bHtEnable))
{
ULONG TmpLen;
UCHAR HtLen, AddHtLen, NewExtLen;
#ifdef RT_BIG_ENDIAN
HT_CAPABILITY_IE HtCapabilityTmp;
ADD_HT_INFO_IE addHTInfoTmp;
#endif
#ifdef A_BAND_SUPPORT
if (pAd->CommonCfg.bExtChannelSwitchAnnouncement && (pAd->CommonCfg.Channel > 14))
{
HT_EXT_CHANNEL_SWITCH_ANNOUNCEMENT_IE HtExtChannelSwitchIe;
build_ext_channel_switch_ie(pAd, &HtExtChannelSwitchIe);
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
sizeof(HT_EXT_CHANNEL_SWITCH_ANNOUNCEMENT_IE), &HtExtChannelSwitchIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
#endif /* A_BAND_SUPPORT */
HtLen = sizeof(pAd->CommonCfg.HtCapability);
AddHtLen = sizeof(pAd->CommonCfg.AddHTInfo);
NewExtLen = 1;
/*New extension channel offset IE is included in Beacon, Probe Rsp or channel Switch Announcement Frame */
#ifndef RT_BIG_ENDIAN
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &HtCapIe,
1, &HtLen,
sizeof(HT_CAPABILITY_IE), &pAd->CommonCfg.HtCapability,
1, &AddHtInfoIe,
1, &AddHtLen,
sizeof(ADD_HT_INFO_IE), &pAd->CommonCfg.AddHTInfo,
END_OF_ARGS);
#else
NdisMoveMemory(&HtCapabilityTmp, &pAd->CommonCfg.HtCapability, HtLen);
*(USHORT *)(&HtCapabilityTmp.HtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.HtCapInfo));
#ifdef UNALIGNMENT_SUPPORT
{
EXT_HT_CAP_INFO extHtCapInfo;
NdisMoveMemory((PUCHAR)(&extHtCapInfo), (PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), sizeof(EXT_HT_CAP_INFO));
*(USHORT *)(&extHtCapInfo) = cpu2le16(*(USHORT *)(&extHtCapInfo));
NdisMoveMemory((PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), (PUCHAR)(&extHtCapInfo), sizeof(EXT_HT_CAP_INFO));
}
#else
*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo) = cpu2le16(*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo));
#endif /* UNALIGNMENT_SUPPORT */
NdisMoveMemory(&addHTInfoTmp, &pAd->CommonCfg.AddHTInfo, AddHtLen);
*(USHORT *)(&addHTInfoTmp.AddHtInfo2) = SWAP16(*(USHORT *)(&addHTInfoTmp.AddHtInfo2));
*(USHORT *)(&addHTInfoTmp.AddHtInfo3) = SWAP16(*(USHORT *)(&addHTInfoTmp.AddHtInfo3));
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &HtCapIe,
1, &HtLen,
HtLen, &HtCapabilityTmp,
1, &AddHtInfoIe,
1, &AddHtLen,
AddHtLen, &addHTInfoTmp,
END_OF_ARGS);
#endif
FrameLen += TmpLen;
}
#endif /* DOT11_N_SUPPORT */
/* Append RSN_IE when WPA OR WPAPSK, */
if (pAd->ApCfg.MBSSID[apidx].AuthMode < Ndis802_11AuthModeWPA)
; /* enough information */
else if ((pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWPA1WPA2) ||
(pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeWPA1PSKWPA2PSK))
{
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &RSNIe,
1, &pAd->ApCfg.MBSSID[apidx].RSNIE_Len[0],
pAd->ApCfg.MBSSID[apidx].RSNIE_Len[0], pAd->ApCfg.MBSSID[apidx].RSN_IE[0],
1, &RSNIe2,
1, &pAd->ApCfg.MBSSID[apidx].RSNIE_Len[1],
pAd->ApCfg.MBSSID[apidx].RSNIE_Len[1], pAd->ApCfg.MBSSID[apidx].RSN_IE[1],
END_OF_ARGS);
FrameLen += TmpLen;
}
else
{
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &RSNIe,
1, &pAd->ApCfg.MBSSID[apidx].RSNIE_Len[0],
pAd->ApCfg.MBSSID[apidx].RSNIE_Len[0], pAd->ApCfg.MBSSID[apidx].RSN_IE[0],
END_OF_ARGS);
FrameLen += TmpLen;
}
/* add WMM IE here */
if (pAd->ApCfg.MBSSID[apidx].bWmmCapable)
{
UCHAR i;
UCHAR WmeParmIe[26] = {IE_VENDOR_SPECIFIC, 24, 0x00, 0x50, 0xf2, 0x02, 0x01, 0x01, 0, 0};
WmeParmIe[8] = pAd->ApCfg.BssEdcaParm.EdcaUpdateCount & 0x0f;
#ifdef UAPSD_SUPPORT
UAPSD_MR_IE_FILL(WmeParmIe[8], &pAd->ApCfg.MBSSID[apidx].UapsdInfo);
#endif /* UAPSD_SUPPORT */
for (i=QID_AC_BE; i<=QID_AC_VO; i++)
{
WmeParmIe[10+ (i*4)] = (i << 5) + /* b5-6 is ACI */
((UCHAR)pAd->ApCfg.BssEdcaParm.bACM[i] << 4) + /* b4 is ACM */
(pAd->ApCfg.BssEdcaParm.Aifsn[i] & 0x0f); /* b0-3 is AIFSN */
WmeParmIe[11+ (i*4)] = (pAd->ApCfg.BssEdcaParm.Cwmax[i] << 4) + /* b5-8 is CWMAX */
(pAd->ApCfg.BssEdcaParm.Cwmin[i] & 0x0f); /* b0-3 is CWMIN */
WmeParmIe[12+ (i*4)] = (UCHAR)(pAd->ApCfg.BssEdcaParm.Txop[i] & 0xff); /* low byte of TXOP */
WmeParmIe[13+ (i*4)] = (UCHAR)(pAd->ApCfg.BssEdcaParm.Txop[i] >> 8); /* high byte of TXOP */
}
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
26, WmeParmIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
#ifdef AP_QLOAD_SUPPORT
if (pAd->FlgQloadEnable != 0)
{
FrameLen += QBSS_LoadElementAppend(pAd, pOutBuffer+FrameLen);
}
#endif /* AP_QLOAD_SUPPORT */
/* add country IE, power constraint IE */
if (pAd->CommonCfg.bCountryFlag)
{
ULONG TmpLen2=0;
UCHAR *TmpFrame = NULL;
os_alloc_mem(NULL, (UCHAR **)&TmpFrame, 256);
if (TmpFrame != NULL)
{
NdisZeroMemory(TmpFrame, 256);
/* prepare channel information */
#ifdef EXT_BUILD_CHANNEL_LIST
BuildBeaconChList(pAd, TmpFrame, &TmpLen2);
#else
{
ULONG TmpLen = 0;
UCHAR MaxTxPower = GetCuntryMaxTxPwr(pAd, pAd->CommonCfg.Channel);
MakeOutgoingFrame(TmpFrame+TmpLen2, &TmpLen,
1, &pAd->ChannelList[0].Channel,
1, &pAd->ChannelListNum,
1, &MaxTxPower,
END_OF_ARGS);
TmpLen2 += TmpLen;
}
#endif /* EXT_BUILD_CHANNEL_LIST */
os_free_mem(NULL, TmpFrame);
}
else
DBGPRINT(RT_DEBUG_ERROR, ("%s: Allocate memory fail!!!\n", __FUNCTION__));
}
#ifdef DOT11_N_SUPPORT
#ifdef DOT11N_DRAFT3
/* P802.11n_D3.03, 7.3.2.60 Overlapping BSS Scan Parameters IE */
if (WMODE_CAP_N(PhyMode) &&
(pAd->CommonCfg.Channel <= 14) &&
(pAd->ApCfg.MBSSID[apidx].DesiredHtPhyInfo.bHtEnable) &&
(pAd->CommonCfg.HtCapability.HtCapInfo.ChannelWidth == 1))
{
OVERLAP_BSS_SCAN_IE OverlapScanParam;
ULONG TmpLen;
UCHAR OverlapScanIE, ScanIELen;
OverlapScanIE = IE_OVERLAPBSS_SCAN_PARM;
ScanIELen = 14;
OverlapScanParam.ScanPassiveDwell = cpu2le16(pAd->CommonCfg.Dot11OBssScanPassiveDwell);
OverlapScanParam.ScanActiveDwell = cpu2le16(pAd->CommonCfg.Dot11OBssScanActiveDwell);
OverlapScanParam.TriggerScanInt = cpu2le16(pAd->CommonCfg.Dot11BssWidthTriggerScanInt);
OverlapScanParam.PassiveTalPerChannel = cpu2le16(pAd->CommonCfg.Dot11OBssScanPassiveTotalPerChannel);
OverlapScanParam.ActiveTalPerChannel = cpu2le16(pAd->CommonCfg.Dot11OBssScanActiveTotalPerChannel);
OverlapScanParam.DelayFactor = cpu2le16(pAd->CommonCfg.Dot11BssWidthChanTranDelayFactor);
OverlapScanParam.ScanActThre = cpu2le16(pAd->CommonCfg.Dot11OBssScanActivityThre);
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &OverlapScanIE,
1, &ScanIELen,
ScanIELen, &OverlapScanParam,
END_OF_ARGS);
FrameLen += TmpLen;
}
/* 7.3.2.27 Extended Capabilities IE */
{
ULONG TmpLen;
EXT_CAP_INFO_ELEMENT extCapInfo;
UCHAR extInfoLen;
extInfoLen = sizeof(EXT_CAP_INFO_ELEMENT);
NdisZeroMemory(&extCapInfo, extInfoLen);
/* P802.11n_D1.10, HT Information Exchange Support */
if (WMODE_CAP_N(PhyMode) && (pAd->CommonCfg.Channel <= 14) &&
(pAd->ApCfg.MBSSID[apidx].DesiredHtPhyInfo.bHtEnable) &&
(pAd->CommonCfg.bBssCoexEnable == TRUE))
{
extCapInfo.BssCoexistMgmtSupport = 1;
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &ExtCapIe,
1, &extInfoLen,
extInfoLen, &extCapInfo,
END_OF_ARGS);
FrameLen += TmpLen;
}
}
#endif /* DOT11N_DRAFT3 */
#endif /* DOT11_N_SUPPORT */
/*
add Ralink-specific IE here - Byte0.b0=1 for aggregation, Byte0.b1=1 for piggy-back
Byte0.b3=1 for rssi-feedback
*/
{
ULONG TmpLen;
UCHAR RalinkSpecificIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x00, 0x00, 0x00, 0x00};
if (pAd->CommonCfg.bAggregationCapable)
RalinkSpecificIe[5] |= 0x1;
if (pAd->CommonCfg.bPiggyBackCapable)
RalinkSpecificIe[5] |= 0x2;
#ifdef DOT11_N_SUPPORT
if (pAd->CommonCfg.bRdg)
RalinkSpecificIe[5] |= 0x4;
#endif /* DOT11_N_SUPPORT */
#ifdef RSSI_FEEDBACK
if (bRequestRssi == TRUE)
{
MAC_TABLE_ENTRY *pEntry=NULL;
DBGPRINT(RT_DEBUG_ERROR, ("SYNC - Send PROBE_RSP to %02x:%02x:%02x:%02x:%02x:%02x...\n",
PRINT_MAC(Addr2)));
RalinkSpecificIe[5] |= 0x8;
pEntry = MacTableLookup(pAd, Addr2);
if (pEntry != NULL)
{
RalinkSpecificIe[6] = (UCHAR)pEntry->RssiSample.AvgRssi0;
RalinkSpecificIe[7] = (UCHAR)pEntry->RssiSample.AvgRssi1;
RalinkSpecificIe[8] = (UCHAR)pEntry->RssiSample.AvgRssi2;
}
}
#endif /* RSSI_FEEDBACK */
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
9, RalinkSpecificIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
#ifdef A_BAND_SUPPORT
/* add Channel switch announcement IE */
if ((pAd->CommonCfg.Channel > 14)
&& (pAd->CommonCfg.bIEEE80211H == 1)
&& (pAd->Dot11_H.RDMode == RD_SWITCHING_MODE))
{
UCHAR CSAIe=IE_CHANNEL_SWITCH_ANNOUNCEMENT;
UCHAR CSALen=3;
UCHAR CSAMode=1;
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &CSAIe,
1, &CSALen,
1, &CSAMode,
1, &pAd->CommonCfg.Channel,
1, &pAd->Dot11_H.CSCount,
END_OF_ARGS);
FrameLen += TmpLen;
#ifdef DOT11_N_SUPPORT
if (pAd->CommonCfg.bExtChannelSwitchAnnouncement)
{
HT_EXT_CHANNEL_SWITCH_ANNOUNCEMENT_IE HtExtChannelSwitchIe;
build_ext_channel_switch_ie(pAd, &HtExtChannelSwitchIe);
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
sizeof(HT_EXT_CHANNEL_SWITCH_ANNOUNCEMENT_IE), &HtExtChannelSwitchIe,
END_OF_ARGS);
FrameLen += TmpLen;
}
#endif /* DOT11_N_SUPPORT */
}
#endif /* A_BAND_SUPPORT */
/* add country IE, power constraint IE */
if (pAd->CommonCfg.bCountryFlag)
{
ULONG TmpLen2=0;
UCHAR TmpFrame[256];
UCHAR CountryIe = IE_COUNTRY;
UCHAR MaxTxPower=16;
#ifdef A_BAND_SUPPORT
/*
Only 802.11a APs that comply with 802.11h are required to include
a Power Constrint Element(IE=32) in beacons and probe response frames
*/
if (pAd->CommonCfg.Channel > 14 && pAd->CommonCfg.bIEEE80211H == TRUE)
{
/* prepare power constraint IE */
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
3, PowerConstraintIE,
END_OF_ARGS);
FrameLen += TmpLen;
#ifdef DOT11_VHT_AC
if (WMODE_CAP_AC(PhyMode)) {
ULONG TmpLen;
UINT8 vht_txpwr_env_ie = IE_VHT_TXPWR_ENV;
UINT8 ie_len;
VHT_TXPWR_ENV_IE txpwr_env;
ie_len = build_vht_txpwr_envelope(pAd, (UCHAR *)&txpwr_env);
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &vht_txpwr_env_ie,
1, &ie_len,
ie_len, &txpwr_env,
END_OF_ARGS);
FrameLen += TmpLen;
}
#endif /* DOT11_VHT_AC */
}
#endif /* A_BAND_SUPPORT */
NdisZeroMemory(TmpFrame, sizeof(TmpFrame));
/* prepare channel information */
MakeOutgoingFrame(TmpFrame+TmpLen2, &TmpLen,
1, &pAd->ChannelList[0].Channel,
1, &pAd->ChannelListNum,
1, &MaxTxPower,
END_OF_ARGS);
TmpLen2 += TmpLen;
/* need to do the padding bit check, and concatenate it */
if ((TmpLen2%2) == 0)
{
UCHAR TmpLen3 = TmpLen2+4;
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &CountryIe,
1, &TmpLen3,
3, pAd->CommonCfg.CountryCode,
TmpLen2+1, TmpFrame,
END_OF_ARGS);
}
else
{
UCHAR TmpLen3 = TmpLen2+3;
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
1, &CountryIe,
1, &TmpLen3,
3, pAd->CommonCfg.CountryCode,
TmpLen2, TmpFrame,
END_OF_ARGS);
}
FrameLen += TmpLen;
}/* Country IE - */
#ifdef DOT11_N_SUPPORT
if (WMODE_CAP_N(PhyMode) &&
(pAd->ApCfg.MBSSID[apidx].DesiredHtPhyInfo.bHtEnable))
{
ULONG TmpLen;
UCHAR HtLen, AddHtLen;/*, NewExtLen; */
#ifdef RT_BIG_ENDIAN
HT_CAPABILITY_IE HtCapabilityTmp;
ADD_HT_INFO_IE addHTInfoTmp;
#endif
HtLen = sizeof(pAd->CommonCfg.HtCapability);
AddHtLen = sizeof(pAd->CommonCfg.AddHTInfo);
if (pAd->bBroadComHT == TRUE)
{
UCHAR epigram_ie_len;
UCHAR BROADCOM_HTC[4] = {0x0, 0x90, 0x4c, 0x33};
UCHAR BROADCOM_AHTINFO[4] = {0x0, 0x90, 0x4c, 0x34};
epigram_ie_len = HtLen + 4;
#ifndef RT_BIG_ENDIAN
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &WpaIe,
1, &epigram_ie_len,
4, &BROADCOM_HTC[0],
HtLen, &pAd->CommonCfg.HtCapability,
END_OF_ARGS);
#else
NdisMoveMemory(&HtCapabilityTmp, &pAd->CommonCfg.HtCapability, HtLen);
*(USHORT *)(&HtCapabilityTmp.HtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.HtCapInfo));
#ifdef UNALIGNMENT_SUPPORT
{
EXT_HT_CAP_INFO extHtCapInfo;
NdisMoveMemory((PUCHAR)(&extHtCapInfo), (PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), sizeof(EXT_HT_CAP_INFO));
*(USHORT *)(&extHtCapInfo) = cpu2le16(*(USHORT *)(&extHtCapInfo));
NdisMoveMemory((PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), (PUCHAR)(&extHtCapInfo), sizeof(EXT_HT_CAP_INFO));
}
#else
*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo) = cpu2le16(*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo));
#endif /* UNALIGNMENT_SUPPORT */
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &WpaIe,
1, &epigram_ie_len,
4, &BROADCOM_HTC[0],
HtLen, &HtCapabilityTmp,
END_OF_ARGS);
#endif
FrameLen += TmpLen;
epigram_ie_len = AddHtLen + 4;
#ifndef RT_BIG_ENDIAN
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &WpaIe,
1, &epigram_ie_len,
4, &BROADCOM_AHTINFO[0],
AddHtLen, &pAd->CommonCfg.AddHTInfo,
END_OF_ARGS);
#else
NdisMoveMemory(&addHTInfoTmp, &pAd->CommonCfg.AddHTInfo, AddHtLen);
*(USHORT *)(&addHTInfoTmp.AddHtInfo2) = SWAP16(*(USHORT *)(&addHTInfoTmp.AddHtInfo2));
*(USHORT *)(&addHTInfoTmp.AddHtInfo3) = SWAP16(*(USHORT *)(&addHTInfoTmp.AddHtInfo3));
MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
1, &WpaIe,
1, &epigram_ie_len,
4, &BROADCOM_AHTINFO[0],
AddHtLen, &addHTInfoTmp,
END_OF_ARGS);
#endif
FrameLen += TmpLen;
}
#ifdef DOT11_VHT_AC
if (WMODE_CAP_AC(PhyMode) &&
(pAd->CommonCfg.Channel > 14)) {
FrameLen += build_vht_ies(pAd, (UCHAR *)(pOutBuffer+FrameLen), SUBTYPE_PROBE_RSP, pAd->CommonCfg.vht_max_mcs_cap);
}
#endif /* DOT11_VHT_AC */
}
#endif /* DOT11_N_SUPPORT */
#ifdef WSC_AP_SUPPORT
/* for windows 7 logo test */
if ((pAd->ApCfg.MBSSID[apidx].WscControl.WscConfMode != WSC_DISABLE) &&
#ifdef DOT1X_SUPPORT
(pAd->ApCfg.MBSSID[apidx].IEEE8021X == FALSE) &&
#endif /* DOT1X_SUPPORT */
(pAd->ApCfg.MBSSID[apidx].WepStatus == Ndis802_11WEPEnabled))
{
/*
Non-WPS Windows XP and Vista PCs are unable to determine if a WEP enalbed network is static key based
or 802.1X based. If the legacy station gets an EAP-Rquest/Identity from the AP, it assume the WEP
network is 802.1X enabled & will prompt the user for 802.1X credentials. If the legacy station doesn't
receive anything after sending an EAPOL-Start, it will assume the WEP network is static key based and
prompt user for the WEP key. <<from "WPS and Static Key WEP Networks">>
A WPS enabled AP should include this IE in the beacon when the AP is hosting a static WEP key network.
The IE would be 7 bytes long with the Extended Capability field set to 0 (all bits zero)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/randz/protocol/securing_public_wi-fi_hotspots.asp
*/
ULONG TempLen1 = 0;
UCHAR PROVISION_SERVICE_IE[7] = {0xDD, 0x05, 0x00, 0x50, 0xF2, 0x05, 0x00};
MakeOutgoingFrame(pOutBuffer+FrameLen, &TempLen1,
7, PROVISION_SERVICE_IE,
END_OF_ARGS);
FrameLen += TempLen1;
}
/* add Simple Config Information Element */
if ((pAd->ApCfg.MBSSID[apidx].WscControl.WscConfMode > WSC_DISABLE) && (pAd->ApCfg.MBSSID[apidx].WscIEProbeResp.ValueLen))
{
ULONG WscTmpLen = 0;
MakeOutgoingFrame(pOutBuffer+FrameLen, &WscTmpLen,
pAd->ApCfg.MBSSID[apidx].WscIEProbeResp.ValueLen, pAd->ApCfg.MBSSID[apidx].WscIEProbeResp.Value,
END_OF_ARGS);
FrameLen += WscTmpLen;
}
#endif /* WSC_AP_SUPPORT */
#ifdef RT_CFG80211_SUPPORT
if (pAd->ApCfg.MBSSID[apidx].ProbRespExtraIeLen != 0)
{
MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
pAd->ApCfg.MBSSID[apidx].ProbRespExtraIeLen, &pAd->ApCfg.MBSSID[apidx].ProbRespExtraIe[0],
END_OF_ARGS);
FrameLen += TmpLen;
}
#endif /* RT_CFG80211_SUPPORT */
/* 802.11n 11.1.3.2.2 active scanning. sending probe response with MCS rate is */
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
/*
==========================================================================
Description:
==========================================================================
*/
static VOID ApCliPeerAuthRspAtSeq2Action(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
BOOLEAN Cancelled;
UCHAR Addr2[MAC_ADDR_LEN];
USHORT Seq, Status, Alg;
USHORT RemoteStatus;
UCHAR iv_hdr[LEN_WEP_IV_HDR];
/* UCHAR ChlgText[CIPHER_TEXT_LEN]; */
UCHAR *ChlgText = NULL;
UCHAR CyperChlgText[CIPHER_TEXT_LEN + 8 + 8];
ULONG c_len = 0;
HEADER_802_11 AuthHdr;
NDIS_STATUS NState;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
APCLI_CTRL_MSG_STRUCT ApCliCtrlMsg;
UCHAR ChallengeIe = IE_CHALLENGE_TEXT;
UCHAR len_challengeText = CIPHER_TEXT_LEN;
USHORT ifIndex = (USHORT)(Elem->Priv);
PULONG pCurrState = NULL;
#ifdef MAC_REPEATER_SUPPORT
UCHAR CliIdx = 0xFF;
#endif /* MAC_REPEATER_SUPPORT */
if ((ifIndex >= MAX_APCLI_NUM)
#ifdef MAC_REPEATER_SUPPORT
&& (ifIndex < 64)
#endif /* MAC_REPEATER_SUPPORT */
)
return;
#ifdef MAC_REPEATER_SUPPORT
if (ifIndex >= 64)
{
CliIdx = ((ifIndex - 64) % 16);
ifIndex = ((ifIndex - 64) / 16);
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].AuthCurrState;
}
else
#endif /* MAC_REPEATER_SUPPORT */
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].AuthCurrState;
/* allocate memory */
os_alloc_mem(NULL, (UCHAR **)&ChlgText, CIPHER_TEXT_LEN);
if (ChlgText == NULL)
{
DBGPRINT(RT_DEBUG_ERROR, ("%s: Allocate memory fail!!!\n", __FUNCTION__));
return;
}
if(PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, (CHAR *) ChlgText))
{
if(MAC_ADDR_EQUAL(pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.Bssid, Addr2) && Seq == 2)
{
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Repeater Cli Receive AUTH_RSP seq#2 to me (Alg=%d, Status=%d)\n", Alg, Status));
RTMPCancelTimer(&pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].ApCliAuthTimer, &Cancelled);
}
else
#endif /* MAC_REPEATER_SUPPORT */
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI AUTH - Receive AUTH_RSP seq#2 to me (Alg=%d, Status=%d)\n", Alg, Status));
RTMPCancelTimer(&pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.ApCliAuthTimer, &Cancelled);
}
if(Status == MLME_SUCCESS)
{
if(pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.Alg == Ndis802_11AuthModeOpen)
{
*pCurrState = APCLI_AUTH_REQ_IDLE;
ApCliCtrlMsg.Status= MLME_SUCCESS;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.CliIdx = CliIdx;
ApCliCtrlMsg.BssIdx = ifIndex;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_AUTH_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
}
else
{
PCIPHER_KEY pKey;
UINT default_key = pAd->ApCfg.ApCliTab[ifIndex].DefaultKeyId;
pKey = &pAd->ApCfg.ApCliTab[ifIndex].SharedKey[default_key];
/* 2. shared key, need to be challenged */
Seq++;
RemoteStatus = MLME_SUCCESS;
/* allocate and send out AuthRsp frame */
NState = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NState != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - ApCliPeerAuthRspAtSeq2Action allocate memory fail\n"));
*pCurrState = APCLI_AUTH_REQ_IDLE;
ApCliCtrlMsg.Status= MLME_FAIL_NO_RESOURCE;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.CliIdx = CliIdx;
ApCliCtrlMsg.BssIdx = ifIndex;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_AUTH_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
goto LabelOK;
}
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Repeater Cli Send AUTH request seq#3...\n"));
else
#endif /* MAC_REPEATER_SUPPORT */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH request seq#3...\n"));
ApCliMgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2, pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.Bssid, ifIndex);
AuthHdr.FC.Wep = 1;
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
COPY_MAC_ADDR(AuthHdr.Addr2, pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].CurrentAddress);
#endif /* MAC_REPEATER_SUPPORT */
/* Encrypt challenge text & auth information */
/* TSC increment */
INC_TX_TSC(pKey->TxTsc, LEN_WEP_TSC);
/* Construct the 4-bytes WEP IV header */
RTMPConstructWEPIVHdr(default_key, pKey->TxTsc, iv_hdr);
Alg = cpu2le16(*(USHORT *)&Alg);
Seq = cpu2le16(*(USHORT *)&Seq);
RemoteStatus= cpu2le16(*(USHORT *)&RemoteStatus);
/* Construct message text */
MakeOutgoingFrame(CyperChlgText, &c_len,
2, &Alg,
2, &Seq,
2, &RemoteStatus,
1, &ChallengeIe,
1, &len_challengeText,
len_challengeText, ChlgText,
END_OF_ARGS);
if (RTMPSoftEncryptWEP(pAd,
iv_hdr,
pKey,
CyperChlgText,
c_len) == FALSE)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - ApCliPeerAuthRspAtSeq2Action allocate memory fail\n"));
*pCurrState = APCLI_AUTH_REQ_IDLE;
ApCliCtrlMsg.Status= MLME_FAIL_NO_RESOURCE;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.BssIdx = ifIndex;
ApCliCtrlMsg.CliIdx = CliIdx;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_AUTH_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
goto LabelOK;
}
/* Update the total length for 4-bytes ICV */
c_len += LEN_ICV;
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
LEN_WEP_IV_HDR, iv_hdr,
c_len, CyperChlgText,
END_OF_ARGS);
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
RTMPSetTimer(&pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].ApCliAuthTimer, AUTH_TIMEOUT);
else
#endif /* MAC_REPEATER_SUPPORT */
RTMPSetTimer(&pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.ApCliAuthTimer, AUTH_TIMEOUT);
*pCurrState = APCLI_AUTH_WAIT_SEQ4;
}
}
else
{
*pCurrState = APCLI_AUTH_REQ_IDLE;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.CliIdx = CliIdx;
ApCliCtrlMsg.BssIdx = ifIndex;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
ApCliCtrlMsg.Status= Status;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_AUTH_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
}
}
}
else
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI AUTH - PeerAuthSanity() sanity check fail\n"));
}
LabelOK:
if (pOutBuffer != NULL)
MlmeFreeMemory(pAd, pOutBuffer);
if (ChlgText != NULL)
os_free_mem(NULL, ChlgText);
return;
}
/*
========================================================================
Routine Description:
Send a traffic response frame.
Arguments:
pAd - WLAN control block pointer
pTDLS - the peer entry
Return Value:
NDIS_STATUS_SUCCESS
NDIS_STATUS_FAILURE
Note:
========================================================================
*/
static NDIS_STATUS TDLS_UAPSD_TrafficRspSend(
IN PRTMP_ADAPTER pAd,
IN UCHAR *pPeerMac,
IN UCHAR PeerToken)
{
MAC_TABLE_ENTRY *pMacEntry;
RT_802_11_TDLS *pTDLS = NULL;
UCHAR TDLS_ETHERTYPE[] = {0x89, 0x0d};
UCHAR Header802_3[14];
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
ULONG TempLen;
INT32 LinkId;
UCHAR RemoteFrameType = PROTO_NAME_TDLS;
NDIS_STATUS NStatus = NDIS_STATUS_FAILURE;
DBGPRINT(RT_DEBUG_TRACE, ("====> %s\n", __FUNCTION__));
/* search TDLS entry */
LinkId = TDLS_SearchLinkId(pAd, pPeerMac);
if (TDLS_UAPSD_IS_LINK_INVALID(LinkId))
{
DBGPRINT(RT_DEBUG_TRACE,
("%s: can not find the LinkId!\n", __FUNCTION__));
TDLS_UAPSD_REBUILD_LINK(pAd, pPeerMac);
goto LabelExit;
}
DBGPRINT(RT_DEBUG_TRACE, ("tdls uapsd> LinkId = %d\n", LinkId));
pTDLS = TDLS_UAPSD_ENTRY_GET(pAd, LinkId);
/* sanity check */
if (TDLS_UAPSD_IS_CONN_NOT_BUILT(pTDLS))
{
DBGPRINT(RT_DEBUG_TRACE, ("tdls uapsd> link is not yet built "
"so we can not send a traffic ind to the peer!!!"));
goto LabelExit;
}
/* init */
MAKE_802_3_HEADER(Header802_3, pTDLS->MacAddr,
pAd->CurrentAddress, TDLS_ETHERTYPE);
/* allocate buffer for transmitting message */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
goto LabelExit;
/* build the frame */
MakeOutgoingFrame(pOutBuffer, &TempLen,
1, &RemoteFrameType,
END_OF_ARGS);
FrameLen = FrameLen + TempLen;
TDLS_UAPSD_TrafficRspBuild(pAd, pOutBuffer, &FrameLen, pTDLS, PeerToken);
hex_dump("TDLS UAPSD Peer Traffic Response sending packet", pOutBuffer, FrameLen);
/* need to set the power save mode of the peer to ACTIVE */
/* we will recover its mode after EOSP frame is received */
pMacEntry = MacTableLookup(pAd, pTDLS->MacAddr);
if (pMacEntry == NULL)
goto LabelExit;
/* peer can not sleep for a while */
RTMP_PS_VIRTUAL_WAKEUP_PEER(pMacEntry);
/* send the frame to the peer without AP's help */
TDLS_UAPSD_PKT_SEND_TO_PEER(pAd, Header802_3, pOutBuffer, FrameLen, pTDLS);
/* hex_dump("TDLS traffic response send pack", pOutBuffer, FrameLen); */
NStatus = NDIS_STATUS_SUCCESS;
/* free resources */
LabelExit:
if (pOutBuffer != NULL)
MlmeFreeMemory(pAd, pOutBuffer);
return NStatus;
}
static VOID APPeerAuthReqAtIdleAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
int i;
USHORT Seq, Alg, RspReason, Status;
UCHAR Addr1[MAC_ADDR_LEN];
UCHAR Addr2[MAC_ADDR_LEN];
CHAR Chtxt[CIPHER_TEXT_LEN];
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
if (! APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr1,
Addr2, &Alg, &Seq, &Status, Chtxt
))
return;
/* Find which MBSSID to be authenticate */
for (apidx=0; apidx<pAd->ApCfg.BssidNum; apidx++)
{
if (RTMPEqualMemory(Addr1, pAd->ApCfg.MBSSID[apidx].Bssid, MAC_ADDR_LEN))
break;
}
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
if ((pAd->ApCfg.MBSSID[apidx].MSSIDDev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(pAd->ApCfg.MBSSID[apidx].MSSIDDev)))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
} /* End of if */
pEntry = MacTableLookup(pAd, Addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
if (!RTMPEqualMemory(Addr1, pAd->ApCfg.MBSSID[pEntry->apidx].Bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->Aid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, Seq, Alg, Status, Elem->Wcid, PRINT_MAC(Addr2)));
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, Addr2, apidx))
{
ASSERT(Seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((Alg == AUTH_MODE_OPEN) &&
(pAd->ApCfg.MBSSID[apidx].AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((Alg == AUTH_MODE_KEY) &&
((pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeShared)
|| (pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, Addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
Seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2,
pAd->ApCfg.MBSSID[apidx].Bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &Alg,
2, &Seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
Alg, Seq, pAd->ApCfg.MBSSID[apidx].AuthMode));
}
}
/*
========================================================================
Routine Description:
Simulate to send a TDLS Setup request to a peer.
Arguments:
pAd - WLAN control block pointer
Argc - the number of input parameters
*pArgv - input parameters
Return Value:
None
Note:
1. Command Format:
iwpriv ra0 set tdls=51_[PEER MAC]
11.21.4 TDLS direct-link establishment
TDLS Setup Request frames, TDLS Setup Response frames, and TDLS Setup
Confirm frames shall be transmitted through the AP and shall not be
transmitted to a group address.
========================================================================
*/
static VOID TDLS_UAPSD_CmdSimSetupReqSend(
IN PRTMP_ADAPTER pAd,
IN INT32 Argc,
IN CHAR *pArgv)
{
MLME_QUEUE_ELEM *pElem;
RT_802_11_TDLS TDLS, *pTDLS = &TDLS;
UCHAR TDLS_ETHERTYPE[] = {0x89, 0x0d};
UCHAR Header802_3[14];
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
ULONG TempLen;
UCHAR RemoteFrameType = PROTO_NAME_TDLS;
NDIS_STATUS NStatus = NDIS_STATUS_SUCCESS;
UCHAR PeerMac[6];
UINT32 IdTdls;
/* get MAC address */
TDLS_UAPSD_CmdUtilMacGet(&pArgv, PeerMac);
/* allocate buffer for transmitting message */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
os_alloc_mem(NULL, (UCHAR **)&pElem, sizeof(MLME_QUEUE_ELEM));
if (pElem == NULL)
{
MlmeFreeMemory(pAd, pOutBuffer);
return;
}
/* init link entry */
NdisZeroMemory(pTDLS, sizeof(RT_802_11_TDLS));
pTDLS->TimeOut = 0;
COPY_MAC_ADDR(pTDLS->MacAddr, PeerMac);
pTDLS->Valid = 1;
/* search a empty entry */
for(IdTdls=0; IdTdls<MAX_NUM_OF_TDLS_ENTRY; IdTdls++)
{
if (!pAd->StaCfg.TdlsInfo.TDLSEntry[IdTdls].Valid)
{
NdisMoveMemory(&pAd->StaCfg.TdlsInfo.TDLSEntry[IdTdls],
pTDLS, sizeof(RT_802_11_TDLS_UI));
break;
}
}
if (IdTdls == MAX_NUM_OF_TDLS_ENTRY)
{
MlmeFreeMemory(pAd, pOutBuffer);
os_free_mem(NULL, pElem);
return;
}
/* init request frame */
MAKE_802_3_HEADER(Header802_3, pTDLS->MacAddr,
pAd->CurrentAddress, TDLS_ETHERTYPE);
MakeOutgoingFrame(pOutBuffer, &TempLen,
1, &RemoteFrameType,
END_OF_ARGS);
FrameLen = FrameLen + TempLen;
TDLS_BuildSetupRequest(pAd, pOutBuffer, &FrameLen,
TDLS_UAPSD_ENTRY_GET(pAd, IdTdls));
hex_dump("Request=", pOutBuffer, FrameLen);
TDLS_UAPSD_PKT_SEND_THROUGH_AP(pAd, Header802_3, pOutBuffer, FrameLen);
/* init response frame */
FrameLen += LENGTH_802_11 + LENGTH_802_1_H;
pElem->MsgLen = LENGTH_802_11 + LENGTH_802_1_H + FrameLen;
/* copy payload type, category, action (3B) */
memcpy(pElem->Msg + LENGTH_802_11 + LENGTH_802_1_H,
pOutBuffer, 3);
/* status code = 0x00 00 (2B) */
*(USHORT *)(pElem->Msg + LENGTH_802_11 + LENGTH_802_1_H + 3) = 0x00;
/* copy others */
memcpy(pElem->Msg + LENGTH_802_11 + LENGTH_802_1_H + 3 + 2,
pOutBuffer + 3, FrameLen - 3);
/* handle response frame */
TDLS_PeerSetupRspAction(pAd, pElem);
/* free memory */
MlmeFreeMemory(pAd, pOutBuffer);
os_free_mem(NULL, pElem);
} /* End of TDLS_UAPSD_CmdSimSetupReqSend */
/*
========================================================================
Routine Description:
Simulate to receive a TDLS Traffic indication from a peer.
Arguments:
pAd - WLAN control block pointer
Argc - the number of input parameters
*pArgv - input parameters
Return Value:
None
Note:
1. Command Format:
iwpriv ra0 set tdls=53_[PEER MAC]
========================================================================
*/
static VOID TDLS_UAPSD_CmdSimTrafficIndRcv(
IN PRTMP_ADAPTER pAd,
IN INT32 Argc,
IN CHAR *pArgv)
{
UCHAR PeerMac[6];
MLME_QUEUE_ELEM *pElem = NULL;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
INT32 LinkId;
RT_802_11_TDLS *pTDLS = NULL;
NDIS_STATUS NStatus = NDIS_STATUS_SUCCESS;
UCHAR RemoteFrameType = PROTO_NAME_TDLS;
ULONG TempLen;
UCHAR Token; // Dialog token
/* get MAC address */
TDLS_UAPSD_CmdUtilMacGet(&pArgv, PeerMac);
/* allocate resources */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
goto LabelExit;
/* make up a virtual traffic indication frame */
/* search TDLS entry */
LinkId = TDLS_SearchLinkId(pAd, PeerMac);
if (TDLS_UAPSD_IS_LINK_INVALID(LinkId))
{
DBGPRINT(RT_DEBUG_ERROR,
("%s: can not find the LinkId!\n", __FUNCTION__));
TDLS_UAPSD_REBUILD_LINK(pAd, PeerMac);
goto LabelExit;
}
pTDLS = TDLS_UAPSD_ENTRY_GET(pAd, LinkId);
/* build the frame */
/* fill remote frame type */
MakeOutgoingFrame(pOutBuffer, &TempLen,
1, &RemoteFrameType,
END_OF_ARGS);
FrameLen = TempLen;
/* fill action code */
TDLS_InsertActField(pAd, (pOutBuffer + FrameLen), &FrameLen,
CATEGORY_TDLS, TDLS_ACTION_CODE_SETUP_REQUEST);
/* fill Dialog Token */
TDLS_UAPSD_DIALOG_GET(pAd, Token);
TDLS_InsertDialogToken(pAd, (pOutBuffer + FrameLen), &FrameLen,
Token);
/* fill link identifier */
TDLS_InsertLinkIdentifierIE(pAd, (pOutBuffer + FrameLen), &FrameLen,
pTDLS->MacAddr, pAd->CurrentAddress);
/* fill PU buffer status */
TDLS_InsertPuBufferStatus(pAd, (pOutBuffer + FrameLen), &FrameLen,
pTDLS->MacAddr);
if (FrameLen <= 0)
goto LabelExit;
/* hex_dump("TDLS traffic indication send pack", pOutBuffer, FrameLen); */
/* allocate resources */
os_alloc_mem(NULL, (UCHAR **)&pElem, sizeof(MLME_QUEUE_ELEM));
if (pElem == NULL)
goto LabelExit;
/* copy the indication frame */
FrameLen += LENGTH_802_11 + LENGTH_802_1_H;
pElem->MsgLen = LENGTH_802_11 + LENGTH_802_1_H + FrameLen;
/* copy payload */
memcpy(pElem->Msg + LENGTH_802_11 + LENGTH_802_1_H,
pOutBuffer, FrameLen);
/* handle it */
TDLS_UAPSD_PeerTrafficIndAction(pAd, pElem);
/* free resources */
LabelExit:
if (pElem != NULL)
os_free_mem(NULL, pElem);
if (pOutBuffer != NULL)
MlmeFreeMemory(pAd, pOutBuffer);
}
/*
==========================================================================
Description:
Upper Layer request to kick out a STA
==========================================================================
*/
static VOID APMlmeDeauthReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
MLME_DEAUTH_REQ_STRUCT *pInfo;
HEADER_802_11 Hdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
UCHAR apidx;
pInfo = (MLME_DEAUTH_REQ_STRUCT *)Elem->Msg;
if (Elem->Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &pAd->MacTab.Content[Elem->Wcid];
if (!pEntry)
return;
#ifdef WAPI_SUPPORT
WAPI_InternalCmdAction(pAd,
pEntry->AuthMode,
pEntry->apidx,
pEntry->Addr,
WAI_MLME_DISCONNECT);
#endif /* WAPI_SUPPORT */
/* send wireless event - for deauthentication */
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pInfo->Addr, 0, 0);
ApLogEvent(pAd, pInfo->Addr, EVENT_DISASSOCIATED);
apidx = pEntry->apidx;
/* 1. remove this STA from MAC table */
MacTableDeleteEntry(pAd, Elem->Wcid, pInfo->Addr);
/* 2. send out DE-AUTH request frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
DBGPRINT(RT_DEBUG_TRACE, //
("AUTH - Send DE-AUTH req to %02x:%02x:%02x:%02x:%02x:%02x\n",
pInfo->Addr[0], pInfo->Addr[1], pInfo->Addr[2],
pInfo->Addr[3], pInfo->Addr[4], pInfo->Addr[5]));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pInfo->Addr,
#ifdef P2P_SUPPORT
pAd->ApCfg.MBSSID[apidx].Bssid,
#endif /* P2P_SUPPORT */
pAd->ApCfg.MBSSID[apidx].Bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11),&Hdr,
2,&pInfo->Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
}
/*
==========================================================================
Description:
Some STA/AP
Note:
This action should never trigger AUTH state transition, therefore we
separate it from AUTH state machine, and make it as a standalone service
==========================================================================
*/
VOID APCls2errAction(
IN PRTMP_ADAPTER pAd,
IN ULONG Wcid,
IN PHEADER_802_11 pHeader)
{
HEADER_802_11 Hdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
USHORT Reason = REASON_CLS2ERR;
MAC_TABLE_ENTRY *pEntry = NULL;
if (Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &(pAd->MacTab.Content[Wcid]);
}
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
/*ApLogEvent(pAd, pAddr, EVENT_DISASSOCIATED); */
MacTableDeleteEntry(pAd, pEntry->Aid, pHeader->Addr2);
}
else
{
UCHAR idx;
for (idx = 0; idx < pAd->ApCfg.BssidNum; idx++)
{
PMULTISSID_STRUCT pMbss = &pAd->ApCfg.MBSSID[idx];
if (NdisEqualMemory(pMbss->Bssid, pHeader->Addr1, MAC_ADDR_LEN))
break;
}
if (idx == pAd->ApCfg.BssidNum)
return;
}
/* send out DEAUTH request frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
DBGPRINT(RT_DEBUG_TRACE, //
("AUTH - Class 2 error, Send DEAUTH frame to "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(pHeader->Addr2)));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pHeader->Addr2,
#ifdef P2P_SUPPORT
pHeader->Addr1,
#endif /* P2P_SUPPORT */
pHeader->Addr1);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
VOID MlmeJoinReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
UCHAR BBPValue = 0;
BSS_ENTRY *pBss;
BOOLEAN TimerCancelled;
HEADER_802_11 Hdr80211;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
PUCHAR pOutBuffer = NULL;
PUCHAR pSupRate = NULL;
UCHAR SupRateLen;
PUCHAR pExtRate = NULL;
UCHAR ExtRateLen;
UCHAR ASupRate[] = {0x8C, 0x12, 0x98, 0x24, 0xb0, 0x48, 0x60, 0x6C};
UCHAR ASupRateLen = sizeof(ASupRate)/sizeof(UCHAR);
MLME_JOIN_REQ_STRUCT *pInfo = (MLME_JOIN_REQ_STRUCT *)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - MlmeJoinReqAction(BSS #%ld)\n", pInfo->BssIdx));
#ifdef RTMP_MAC_PCI
if ((OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_PCIE_DEVICE)) &&
(IDLE_ON(pAd)) &&
(pAd->StaCfg.bRadio == TRUE) &&
(RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_IDLE_RADIO_OFF)))
{
RT28xxPciAsicRadioOn(pAd, GUI_IDLE_POWER_SAVE);
}
#endif
RTMPCancelTimer(&pAd->MlmeAux.ScanTimer, &TimerCancelled);
RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer, &TimerCancelled);
pBss = &pAd->MlmeAux.SsidBssTab.BssEntry[pInfo->BssIdx];
COPY_MAC_ADDR(pAd->MlmeAux.Bssid, pBss->Bssid);
if (pBss->Hidden == 0)
{
RTMPZeroMemory(pAd->MlmeAux.Ssid, MAX_LEN_OF_SSID);
NdisMoveMemory(pAd->MlmeAux.Ssid, pBss->Ssid, pBss->SsidLen);
pAd->MlmeAux.SsidLen = pBss->SsidLen;
}
pAd->MlmeAux.BssType = pBss->BssType;
pAd->MlmeAux.Channel = pBss->Channel;
pAd->MlmeAux.CentralChannel = pBss->CentralChannel;
#ifdef EXT_BUILD_CHANNEL_LIST
if ((pAd->StaCfg.IEEE80211dClientMode != Rt802_11_D_None) &&
(pBss->bHasCountryIE == TRUE))
{
NdisMoveMemory(&pAd->CommonCfg.CountryCode[0], &pBss->CountryString[0], 2);
if (pBss->CountryString[2] == 'I')
pAd->CommonCfg.Geography = IDOR;
else if (pBss->CountryString[2] == 'O')
pAd->CommonCfg.Geography = ODOR;
else
pAd->CommonCfg.Geography = BOTH;
BuildChannelListEx(pAd);
}
#endif
RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &BBPValue);
BBPValue &= (~0x18);
RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, BBPValue);
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - BBP R4 to 20MHz.l\n"));
AsicSwitchChannel(pAd, pAd->MlmeAux.Channel, FALSE);
AsicLockChannel(pAd, pAd->MlmeAux.Channel);
RTMPSetTimer(&pAd->MlmeAux.BeaconTimer, JOIN_TIMEOUT);
do
{
if (((pAd->CommonCfg.bIEEE80211H == 1) &&
(pAd->MlmeAux.Channel > 14) &&
RadarChannelCheck(pAd, pAd->MlmeAux.Channel))
#ifdef CARRIER_DETECTION_SUPPORT
|| (pAd->CommonCfg.CarrierDetect.Enable == TRUE)
#endif
)
{
if (pBss->Hidden == 0)
break;
}
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus == NDIS_STATUS_SUCCESS)
{
if (pAd->MlmeAux.Channel <= 14)
{
pSupRate = pAd->CommonCfg.SupRate;
SupRateLen = pAd->CommonCfg.SupRateLen;
pExtRate = pAd->CommonCfg.ExtRate;
ExtRateLen = pAd->CommonCfg.ExtRateLen;
}
else
{
pSupRate = ASupRate;
SupRateLen = ASupRateLen;
ExtRateLen = 0;
}
if (pAd->MlmeAux.BssType == BSS_INFRA)
MgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0, pAd->MlmeAux.Bssid, pAd->MlmeAux.Bssid);
else
MgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0, BROADCAST_ADDR, BROADCAST_ADDR);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr80211,
1, &SsidIe,
1, &pAd->MlmeAux.SsidLen,
pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid,
1, &SupRateIe,
1, &SupRateLen,
SupRateLen, pSupRate,
END_OF_ARGS);
if (ExtRateLen)
{
ULONG Tmp;
MakeOutgoingFrame(pOutBuffer + FrameLen, &Tmp,
1, &ExtRateIe,
1, &ExtRateLen,
ExtRateLen, pExtRate,
END_OF_ARGS);
FrameLen += Tmp;
}
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
} while (FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - Switch to ch %d, Wait BEACON from %02x:%02x:%02x:%02x:%02x:%02x\n",
pBss->Channel, pBss->Bssid[0], pBss->Bssid[1], pBss->Bssid[2], pBss->Bssid[3], pBss->Bssid[4], pBss->Bssid[5]));
pAd->Mlme.SyncMachine.CurrState = JOIN_WAIT_BEACON;
}
/*
Description : Send PSMP Action frame If PSMP mode switches.
*/
VOID SendPSMPAction(
IN PRTMP_ADAPTER pAd,
IN UCHAR Wcid,
IN UCHAR Psmp)
{
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
//ULONG Idx;
FRAME_PSMP_ACTION Frame;
ULONG FrameLen;
#ifdef RT30xx
UCHAR bbpdata=0;
UINT32 macdata;
#endif // RT30xx //
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_ERROR,("BA - MlmeADDBAAction() allocate memory failed \n"));
return;
}
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
ActHeaderInit(pAd, &Frame.Hdr, pAd->CommonCfg.Bssid, pAd->CurrentAddress, pAd->MacTab.Content[Wcid].Addr);
#endif // CONFIG_STA_SUPPORT //
Frame.Category = CATEGORY_HT;
Frame.Action = SMPS_ACTION;
switch (Psmp)
{
case MMPS_ENABLE:
#ifdef RT30xx
if (IS_RT3090(pAd))
{
// disable MMPS BBP control register
RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &bbpdata);
bbpdata &= ~(0x04); //bit 2
RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, bbpdata);
// disable MMPS MAC control register
RTMP_IO_READ32(pAd, 0x1210, &macdata);
macdata &= ~(0x09); //bit 0, 3
RTMP_IO_WRITE32(pAd, 0x1210, macdata);
}
#endif // RT30xx //
Frame.Psmp = 0;
break;
case MMPS_DYNAMIC:
#ifdef RT30xx
if (IS_RT3090(pAd))
{
// enable MMPS BBP control register
RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &bbpdata);
bbpdata |= 0x04; //bit 2
RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, bbpdata);
// enable MMPS MAC control register
RTMP_IO_READ32(pAd, 0x1210, &macdata);
macdata |= 0x09; //bit 0, 3
RTMP_IO_WRITE32(pAd, 0x1210, macdata);
}
#endif // RT30xx //
Frame.Psmp = 3;
break;
case MMPS_STATIC:
#ifdef RT30xx
if (IS_RT3090(pAd))
{
// enable MMPS BBP control register
RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R3, &bbpdata);
bbpdata |= 0x04; //bit 2
RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R3, bbpdata);
// enable MMPS MAC control register
RTMP_IO_READ32(pAd, 0x1210, &macdata);
macdata |= 0x09; //bit 0, 3
RTMP_IO_WRITE32(pAd, 0x1210, macdata);
}
#endif // RT30xx //
Frame.Psmp = 1;
break;
}
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(FRAME_PSMP_ACTION), &Frame,
END_OF_ARGS);
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
DBGPRINT(RT_DEBUG_ERROR,("HT - SendPSMPAction( %d ) \n", Frame.Psmp));
}
VOID WpaMicFailureReportFrame(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
PUCHAR pOutBuffer = NULL;
UCHAR Header802_3[14];
ULONG FrameLen = 0;
UCHAR *mpool;
PEAPOL_PACKET pPacket;
UCHAR Mic[16];
BOOLEAN bUnicast;
DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame ----->\n"));
bUnicast = (Elem->Msg[0] == 1 ? TRUE:FALSE);
pAd->Sequence = ((pAd->Sequence) + 1) & (MAX_SEQ_NUMBER);
/* init 802.3 header and Fill Packet */
MAKE_802_3_HEADER(Header802_3, pAd->CommonCfg.Bssid, pAd->CurrentAddress, EAPOL);
/* Allocate memory for output */
os_alloc_mem(NULL, (PUCHAR *)&mpool, TX_EAPOL_BUFFER);
if (mpool == NULL)
{
DBGPRINT(RT_DEBUG_ERROR, ("!!!%s : no memory!!!\n", __FUNCTION__));
return;
}
pPacket = (PEAPOL_PACKET)mpool;
NdisZeroMemory(pPacket, TX_EAPOL_BUFFER);
pPacket->ProVer = EAPOL_VER;
pPacket->ProType = EAPOLKey;
pPacket->KeyDesc.Type = WPA1_KEY_DESC;
/* Request field presented */
pPacket->KeyDesc.KeyInfo.Request = 1;
if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled)
{
pPacket->KeyDesc.KeyInfo.KeyDescVer = 2;
}
else /* TKIP */
{
pPacket->KeyDesc.KeyInfo.KeyDescVer = 1;
}
pPacket->KeyDesc.KeyInfo.KeyType = (bUnicast ? PAIRWISEKEY : GROUPKEY);
/* KeyMic field presented */
pPacket->KeyDesc.KeyInfo.KeyMic = 1;
/* Error field presented */
pPacket->KeyDesc.KeyInfo.Error = 1;
/* Update packet length after decide Key data payload */
SET_UINT16_TO_ARRARY(pPacket->Body_Len, MIN_LEN_OF_EAPOL_KEY_MSG)
/* Key Replay Count */
NdisMoveMemory(pPacket->KeyDesc.ReplayCounter, pAd->StaCfg.ReplayCounter, LEN_KEY_DESC_REPLAY);
inc_byte_array(pAd->StaCfg.ReplayCounter, 8);
/* Convert to little-endian format. */
*((USHORT *)&pPacket->KeyDesc.KeyInfo) = cpu2le16(*((USHORT *)&pPacket->KeyDesc.KeyInfo));
MlmeAllocateMemory(pAd, (PUCHAR *)&pOutBuffer); /* allocate memory */
if(pOutBuffer == NULL)
{
os_free_mem(NULL, mpool);
return;
}
/*
Prepare EAPOL frame for MIC calculation
Be careful, only EAPOL frame is counted for MIC calculation
*/
MakeOutgoingFrame(pOutBuffer, &FrameLen,
CONV_ARRARY_TO_UINT16(pPacket->Body_Len) + 4, pPacket,
END_OF_ARGS);
/* Prepare and Fill MIC value */
NdisZeroMemory(Mic, sizeof(Mic));
if(pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled)
{ /* AES */
UCHAR digest[20] = {0};
RT_HMAC_SHA1(pAd->StaCfg.PTK, LEN_PTK_KCK, pOutBuffer, FrameLen, digest, SHA1_DIGEST_SIZE);
NdisMoveMemory(Mic, digest, LEN_KEY_DESC_MIC);
}
else
{ /* TKIP */
RT_HMAC_MD5(pAd->StaCfg.PTK, LEN_PTK_KCK, pOutBuffer, FrameLen, Mic, MD5_DIGEST_SIZE);
}
NdisMoveMemory(pPacket->KeyDesc.KeyMic, Mic, LEN_KEY_DESC_MIC);
/* copy frame to Tx ring and send MIC failure report frame to authenticator */
RTMPToWirelessSta(pAd, &pAd->MacTab.Content[BSSID_WCID],
Header802_3, LENGTH_802_3,
(PUCHAR)pPacket,
CONV_ARRARY_TO_UINT16(pPacket->Body_Len) + 4, FALSE);
MlmeFreeMemory(pAd, (PUCHAR)pOutBuffer);
os_free_mem(NULL, mpool);
DBGPRINT(RT_DEBUG_TRACE, ("WpaMicFailureReportFrame <-----\n"));
}
VOID BAOriSessionAdd(
IN PRTMP_ADAPTER pAd,
IN MAC_TABLE_ENTRY *pEntry,
IN PFRAME_ADDBA_RSP pFrame)
{
BA_ORI_ENTRY *pBAEntry = NULL;
BOOLEAN Cancelled;
UCHAR TID;
USHORT Idx;
PUCHAR pOutBuffer2 = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen;
FRAME_BAR FrameBar;
TID = pFrame->BaParm.TID;
Idx = pEntry->BAOriWcidArray[TID];
pBAEntry =&pAd->BATable.BAOriEntry[Idx];
// Start fill in parameters.
if ((Idx !=0) && (pBAEntry->TID == TID) && (pBAEntry->ORI_BA_Status == Originator_WaitRes))
{
pBAEntry->BAWinSize = min(pBAEntry->BAWinSize, ((UCHAR)pFrame->BaParm.BufSize));
BA_MaxWinSizeReasign(pAd, pEntry, &pBAEntry->BAWinSize);
pBAEntry->TimeOutValue = pFrame->TimeOutValue;
pBAEntry->ORI_BA_Status = Originator_Done;
// reset sequence number
pBAEntry->Sequence = BA_ORI_INIT_SEQ;
// Set Bitmap flag.
pEntry->TXBAbitmap |= (1<<TID);
RTMPCancelTimer(&pBAEntry->ORIBATimer, &Cancelled);
pBAEntry->ORIBATimer.TimerValue = 0; //pFrame->TimeOutValue;
DBGPRINT(RT_DEBUG_TRACE,("%s : TXBAbitmap = %x, BAWinSize = %d, TimeOut = %ld\n", __FUNCTION__, pEntry->TXBAbitmap,
pBAEntry->BAWinSize, pBAEntry->ORIBATimer.TimerValue));
// SEND BAR ;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer2); //Get an unused nonpaged memory
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE,("BA - BAOriSessionAdd() allocate memory failed \n"));
return;
}
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
BarHeaderInit(pAd, &FrameBar, pAd->MacTab.Content[pBAEntry->Wcid].Addr, pAd->CurrentAddress);
#endif // CONFIG_STA_SUPPORT //
FrameBar.StartingSeq.field.FragNum = 0; // make sure sequence not clear in DEL function.
FrameBar.StartingSeq.field.StartSeq = pBAEntry->Sequence; // make sure sequence not clear in DEL funciton.
FrameBar.BarControl.TID = pBAEntry->TID; // make sure sequence not clear in DEL funciton.
MakeOutgoingFrame(pOutBuffer2, &FrameLen,
sizeof(FRAME_BAR), &FrameBar,
END_OF_ARGS);
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer2, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer2);
if (pBAEntry->ORIBATimer.TimerValue)
RTMPSetTimer(&pBAEntry->ORIBATimer, pBAEntry->ORIBATimer.TimerValue); // in mSec
}
}
VOID trigger_vht_ndpa(RTMP_ADAPTER *pAd, MAC_TABLE_ENTRY *entry)
{
UCHAR *buf;
VHT_NDPA_FRAME *vht_ndpa;
struct wifi_dev *wdev = entry->wdev;
UINT frm_len, sta_cnt;
SNDING_STA_INFO *sta_info;
buf = MlmeAllocateMemory();
if (!buf)
return;
NdisZeroMemory(buf, MGMT_DMA_BUFFER_SIZE);
vht_ndpa = (VHT_NDPA_FRAME *)buf;
frm_len = sizeof(VHT_NDPA_FRAME);
vht_ndpa->fc.Type = FC_TYPE_CNTL;
vht_ndpa->fc.SubType = SUBTYPE_VHT_NDPA;
COPY_MAC_ADDR(vht_ndpa->ra, entry->Addr);
COPY_MAC_ADDR(vht_ndpa->ta, wdev->if_addr);
/* Currnetly we only support 1 STA for a VHT DNPA */
sta_info = vht_ndpa->sta_info;
for (sta_cnt = 0; sta_cnt < 1; sta_cnt++) {
sta_info->aid12 = entry->Aid;
sta_info->fb_type = SNDING_FB_SU;
sta_info->nc_idx = 0;
vht_ndpa->token.token_num = entry->snd_dialog_token;
frm_len += sizeof(SNDING_STA_INFO);
sta_info++;
if (frm_len >= (MGMT_DMA_BUFFER_SIZE - sizeof(SNDING_STA_INFO))) {
DBGPRINT(RT_DEBUG_ERROR, ("%s(): len(%d) too large!cnt=%d\n",
__FUNCTION__, frm_len, sta_cnt));
break;
}
}
if (entry->snd_dialog_token & 0xc0)
entry->snd_dialog_token = 0;
else
entry->snd_dialog_token++;
vht_ndpa->duration = pAd->CommonCfg.Dsifs +
RTMPCalcDuration(pAd, pAd->CommonCfg.MlmeRate, frm_len);
//DBGPRINT(RT_DEBUG_OFF, ("Send VHT NDPA Frame to STA(%02x:%02x:%02x:%02x:%02x:%02x)\n",
// PRINT_MAC(entry->Addr)));
//hex_dump("VHT NDPA Frame", buf, frm_len);
MiniportMMRequest(pAd, 0, buf, frm_len);
MlmeFreeMemory(buf);
#ifdef SOFT_SOUNDING
if (1) {
HEADER_802_11 *pNullFr;
UCHAR *qos_p;
UCHAR NullFrame[48];
NdisZeroMemory(NullFrame, 48);
pNullFr = (PHEADER_802_11)&NullFrame[0];
frm_len = sizeof(HEADER_802_11);
pNullFr->FC.Type = FC_TYPE_DATA;
pNullFr->FC.SubType = SUBTYPE_QOS_NULL;
pNullFr->FC.FrDs = 1;
pNullFr->FC.ToDs = 0;
COPY_MAC_ADDR(pNullFr->Addr1, entry->Addr);
COPY_MAC_ADDR(pNullFr->Addr2, wdev->if_addr);
COPY_MAC_ADDR(pNullFr->Addr3, wdev->bssid);
qos_p = ((UCHAR *)pNullFr) + frm_len;
qos_p[0] = 0;
qos_p[1] = 0;
frm_len += 2;
entry->snd_reqired = TRUE;
DBGPRINT(RT_DEBUG_OFF,
("Send sounding QoSNULL Frame to STA(%02x:%02x:%02x:%02x:%02x:%02x)\n",
PRINT_MAC(entry->Addr)));
hex_dump("VHT NDP Frame(QoSNull)", NullFrame, frm_len);
HAL_KickOutNullFrameTx(pAd, 0, NullFrame, frm_len);
}
#endif /* SOFT_SOUNDING */
}
/*
==========================================================================
Description:
==========================================================================
*/
static VOID ApCliMlmeAuthReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
BOOLEAN Cancelled;
NDIS_STATUS NState;
UCHAR Addr[MAC_ADDR_LEN];
USHORT Alg, Seq, Status;
ULONG Timeout;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
APCLI_CTRL_MSG_STRUCT ApCliCtrlMsg;
USHORT ifIndex = (USHORT)(Elem->Priv);
PULONG pCurrState = NULL;
#ifdef MAC_REPEATER_SUPPORT
UCHAR CliIdx = 0xFF;
#endif /* MAC_REPEATER_SUPPORT */
if ((ifIndex >= MAX_APCLI_NUM)
#ifdef MAC_REPEATER_SUPPORT
&& (ifIndex < 64)
#endif /* MAC_REPEATER_SUPPORT */
)
return;
#ifdef MAC_REPEATER_SUPPORT
if (ifIndex >= 64)
{
CliIdx = ((ifIndex - 64) % 16);
ifIndex = ((ifIndex - 64) / 16);
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].AuthCurrState;
}
else
#endif /* MAC_REPEATER_SUPPORT */
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].AuthCurrState;
/* Block all authentication request durning WPA block period */
if (pAd->ApCfg.ApCliTab[ifIndex].bBlockAssoc == TRUE)
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI AUTH - Block Auth request durning WPA block period!\n"));
*pCurrState = APCLI_AUTH_REQ_IDLE;
ApCliCtrlMsg.Status = MLME_STATE_MACHINE_REJECT;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.BssIdx = ifIndex;
ApCliCtrlMsg.CliIdx = CliIdx;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_AUTH_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
}
else if(MlmeAuthReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr, &Timeout, &Alg))
{
#ifdef MAC_REPEATER_SUPPORT
/* reset timer */
if (CliIdx != 0xFF)
RTMPCancelTimer(&pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].ApCliAuthTimer, &Cancelled);
else
#endif /* MAC_REPEATER_SUPPORT */
RTMPCancelTimer(&pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.ApCliAuthTimer, &Cancelled);
pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.Alg = Alg;
Seq = 1;
Status = MLME_SUCCESS;
/* allocate and send out AuthReq frame */
NState = MlmeAllocateMemory(pAd, &pOutBuffer); /*Get an unused nonpaged memory */
if(NState != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_ERROR, ("APCLI AUTH - MlmeAuthReqAction() allocate memory failed\n"));
*pCurrState = APCLI_AUTH_REQ_IDLE;
ApCliCtrlMsg.Status = MLME_FAIL_NO_RESOURCE;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.BssIdx = ifIndex;
ApCliCtrlMsg.CliIdx = CliIdx;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_AUTH_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
return;
}
DBGPRINT(RT_DEBUG_TRACE, ("APCLI AUTH - Send AUTH request seq#1 (Alg=%d)...\n", Alg));
ApCliMgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr, pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.Bssid, ifIndex);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
COPY_MAC_ADDR(AuthHdr.Addr2, pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].CurrentAddress);
#endif /* MAC_REPEATER_SUPPORT */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11),&AuthHdr,
2, &Alg,
2, &Seq,
2, &Status,
END_OF_ARGS);
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
RTMPSetTimer(&pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].ApCliAuthTimer, AUTH_TIMEOUT);
else
#endif /* MAC_REPEATER_SUPPORT */
RTMPSetTimer(&pAd->ApCfg.ApCliTab[ifIndex].ApCliMlmeAux.ApCliAuthTimer, AUTH_TIMEOUT);
*pCurrState = APCLI_AUTH_WAIT_SEQ2;
pAd->ApCfg.ApCliTab[ifIndex].ConnectState = APCLI_START_AUTH;
}
else
{
DBGPRINT(RT_DEBUG_ERROR, ("APCLI AUTH - MlmeAuthReqAction() sanity check failed. BUG!!!!!\n"));
*pCurrState = APCLI_AUTH_REQ_IDLE;
}
return;
}
VOID MlmeADDBAAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
MLME_ADDBA_REQ_STRUCT *pInfo;
UCHAR Addr[6];
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG Idx;
FRAME_ADDBA_REQ Frame;
ULONG FrameLen;
BA_ORI_ENTRY *pBAEntry = NULL;
#ifdef CONFIG_AP_SUPPORT
UCHAR apidx;
#endif /* CONFIG_AP_SUPPORT */
pInfo = (MLME_ADDBA_REQ_STRUCT *)Elem->Msg;
NdisZeroMemory(&Frame, sizeof(FRAME_ADDBA_REQ));
if(MlmeAddBAReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr) &&
VALID_WCID(pInfo->Wcid))
{
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); /* Get an unused nonpaged memory*/
if(NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE,("BA - MlmeADDBAAction() allocate memory failed \n"));
return;
}
/* 1. find entry */
Idx = pAd->MacTab.Content[pInfo->Wcid].BAOriWcidArray[pInfo->TID];
if (Idx == 0)
{
MlmeFreeMemory(pAd, pOutBuffer);
DBGPRINT(RT_DEBUG_ERROR,("BA - MlmeADDBAAction() can't find BAOriEntry \n"));
return;
}
else
{
pBAEntry =&pAd->BATable.BAOriEntry[Idx];
}
#ifdef CONFIG_AP_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_AP(pAd)
{
#ifdef APCLI_SUPPORT
if (IS_ENTRY_APCLI(&pAd->MacTab.Content[pInfo->Wcid]))
{
#ifdef MAC_REPEATER_SUPPORT
MAC_TABLE_ENTRY *pEntry = &pAd->MacTab.Content[pInfo->Wcid];
#endif /* MAC_REPEATER_SUPPORT */
apidx = pAd->MacTab.Content[pInfo->Wcid].MatchAPCLITabIdx;
#ifdef MAC_REPEATER_SUPPORT
if (pEntry && pEntry->bReptCli)
ActHeaderInit(pAd, &Frame.Hdr, pInfo->pAddr, pAd->ApCfg.ApCliTab[apidx].RepeaterCli[pEntry->MatchReptCliIdx].CurrentAddress, pInfo->pAddr);
else
#endif /* MAC_REPEATER_SUPPORT */
ActHeaderInit(pAd, &Frame.Hdr, pInfo->pAddr, pAd->ApCfg.ApCliTab[apidx].CurrentAddress, pInfo->pAddr);
}
else
#endif /* APCLI_SUPPORT */
{
apidx = pAd->MacTab.Content[pInfo->Wcid].apidx;
ActHeaderInit(pAd, &Frame.Hdr, pInfo->pAddr, pAd->ApCfg.MBSSID[apidx].Bssid, pAd->ApCfg.MBSSID[apidx].Bssid);
}
}
#endif /* CONFIG_AP_SUPPORT */
Frame.Category = CATEGORY_BA;
Frame.Action = ADDBA_REQ;
Frame.BaParm.AMSDUSupported = 0;
Frame.BaParm.BAPolicy = IMMED_BA;
Frame.BaParm.TID = pInfo->TID;
Frame.BaParm.BufSize = pInfo->BaBufSize;
Frame.Token = pInfo->Token;
Frame.TimeOutValue = pInfo->TimeOutValue;
Frame.BaStartSeq.field.FragNum = 0;
Frame.BaStartSeq.field.StartSeq = pAd->MacTab.Content[pInfo->Wcid].TxSeq[pInfo->TID];
#ifdef UNALIGNMENT_SUPPORT
{
BA_PARM tmpBaParm;
NdisMoveMemory((PUCHAR)(&tmpBaParm), (PUCHAR)(&Frame.BaParm), sizeof(BA_PARM));
*(USHORT *)(&tmpBaParm) = cpu2le16(*(USHORT *)(&tmpBaParm));
NdisMoveMemory((PUCHAR)(&Frame.BaParm), (PUCHAR)(&tmpBaParm), sizeof(BA_PARM));
}
#else
*(USHORT *)(&(Frame.BaParm)) = cpu2le16((*(USHORT *)(&(Frame.BaParm))));
#endif /* UNALIGNMENT_SUPPORT */
Frame.TimeOutValue = cpu2le16(Frame.TimeOutValue);
Frame.BaStartSeq.word = cpu2le16(Frame.BaStartSeq.word);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(FRAME_ADDBA_REQ), &Frame,
END_OF_ARGS);
MiniportMMRequest(pAd, (MGMT_USE_QUEUE_FLAG | MapUserPriorityToAccessCategory[pInfo->TID]), pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
DBGPRINT(RT_DEBUG_TRACE, ("BA - Send ADDBA request. StartSeq = %x, FrameLen = %ld. BufSize = %d\n", Frame.BaStartSeq.field.StartSeq, FrameLen, Frame.BaParm.BufSize));
}
/*
==========================================================================
Description:
==========================================================================
*/
static VOID ApCliMlmeDeauthReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
PMLME_DEAUTH_REQ_STRUCT pDeauthReq;
HEADER_802_11 DeauthHdr;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
NDIS_STATUS NStatus;
USHORT ifIndex = (USHORT)(Elem->Priv);
PULONG pCurrState = NULL;
#ifdef MAC_REPEATER_SUPPORT
UCHAR CliIdx = 0xFF;
#endif /* MAC_REPEATER_SUPPORT */
DBGPRINT(RT_DEBUG_TRACE, ("APCLI AUTH - ApCliMlmeDeAuthReqAction (state=%ld), reset AUTH state machine\n",
pAd->Mlme.ApCliAuthMachine.CurrState));
if ((ifIndex >= MAX_APCLI_NUM)
#ifdef MAC_REPEATER_SUPPORT
&& (ifIndex < 64)
#endif /* MAC_REPEATER_SUPPORT */
)
return;
#ifdef MAC_REPEATER_SUPPORT
if (ifIndex >= 64)
{
CliIdx = ((ifIndex - 64) % 16);
ifIndex = ((ifIndex - 64) / 16);
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].AuthCurrState;
}
else
#endif /* MAC_REPEATER_SUPPORT */
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].AuthCurrState;
pDeauthReq = (PMLME_DEAUTH_REQ_STRUCT)(Elem->Msg);
*pCurrState= APCLI_AUTH_REQ_IDLE;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); /*Get an unused nonpaged memory */
if (NStatus != NDIS_STATUS_SUCCESS)
return;
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send DE-AUTH request (Reason=%d)...\n", pDeauthReq->Reason));
ApCliMgtMacHeaderInit(pAd, &DeauthHdr, SUBTYPE_DEAUTH, 0, pDeauthReq->Addr, pDeauthReq->Addr, ifIndex);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
{
COPY_MAC_ADDR(DeauthHdr.Addr2, pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].CurrentAddress);
}
#endif /* MAC_REPEATER_SUPPORT */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11),&DeauthHdr,
2, &pDeauthReq->Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
return;
}
/*
==========================================================================
Description:
Scan next channel
==========================================================================
*/
VOID ScanNextChannel(
IN PRTMP_ADAPTER pAd)
{
HEADER_802_11 Hdr80211;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
UCHAR SsidLen = 0, ScanType = pAd->MlmeAux.ScanType, BBPValue = 0;
#ifdef CONFIG_STA_SUPPORT
USHORT Status;
PHEADER_802_11 pHdr80211;
#endif // CONFIG_STA_SUPPORT //
UINT ScanTimeIn5gChannel = SHORT_CHANNEL_TIME;
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
if (MONITOR_ON(pAd))
return;
}
#endif // CONFIG_STA_SUPPORT //
#ifdef RALINK_ATE
// Nothing to do in ATE mode.
if (ATE_ON(pAd))
return;
#endif // RALINK_ATE //
if (pAd->MlmeAux.Channel == 0)
{
if ((pAd->CommonCfg.BBPCurrentBW == BW_40)
#ifdef CONFIG_STA_SUPPORT
&& (INFRA_ON(pAd)
|| (pAd->OpMode == OPMODE_AP))
#endif // CONFIG_STA_SUPPORT //
)
{
AsicSwitchChannel(pAd, pAd->CommonCfg.CentralChannel, FALSE);
AsicLockChannel(pAd, pAd->CommonCfg.CentralChannel);
RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &BBPValue);
BBPValue &= (~0x18);
BBPValue |= 0x10;
RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, BBPValue);
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - End of SCAN, restore to 40MHz channel %d, Total BSS[%02d]\n",pAd->CommonCfg.CentralChannel, pAd->ScanTab.BssNr));
}
else
{
AsicSwitchChannel(pAd, pAd->CommonCfg.Channel, FALSE);
AsicLockChannel(pAd, pAd->CommonCfg.Channel);
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - End of SCAN, restore to channel %d, Total BSS[%02d]\n",pAd->CommonCfg.Channel, pAd->ScanTab.BssNr));
}
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
//
// To prevent data lost.
// Send an NULL data with turned PSM bit on to current associated AP before SCAN progress.
// Now, we need to send an NULL data with turned PSM bit off to AP, when scan progress done
//
if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED) && (INFRA_ON(pAd)))
{
NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer);
if (NStatus == NDIS_STATUS_SUCCESS)
{
pHdr80211 = (PHEADER_802_11) pOutBuffer;
MgtMacHeaderInit(pAd, pHdr80211, SUBTYPE_NULL_FUNC, 1, pAd->CommonCfg.Bssid, pAd->CommonCfg.Bssid);
pHdr80211->Duration = 0;
pHdr80211->FC.Type = BTYPE_DATA;
pHdr80211->FC.PwrMgmt = (pAd->StaCfg.Psm == PWR_SAVE);
// Send using priority queue
MiniportMMRequest(pAd, 0, pOutBuffer, sizeof(HEADER_802_11));
DBGPRINT(RT_DEBUG_TRACE, ("MlmeScanReqAction -- Send PSM Data frame\n"));
MlmeFreeMemory(pAd, pOutBuffer);
RTMPusecDelay(5000);
}
}
pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE;
Status = MLME_SUCCESS;
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_SCAN_CONF, 2, &Status);
}
#endif // CONFIG_STA_SUPPORT //
RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_BSS_SCAN_IN_PROGRESS);
}
#ifdef RT2870
#ifdef CONFIG_STA_SUPPORT
else if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_NIC_NOT_EXIST) && (pAd->OpMode == OPMODE_STA))
/*
==========================================================================
Description:
Upper layer issues disassoc request
Parameters:
Elem -
==========================================================================
*/
static VOID ApCliMlmeDisassocReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
PMLME_DISASSOC_REQ_STRUCT pDisassocReq;
HEADER_802_11 DisassocHdr;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
NDIS_STATUS NStatus;
APCLI_CTRL_MSG_STRUCT ApCliCtrlMsg;
USHORT ifIndex = (USHORT)(Elem->Priv);
PULONG pCurrState = NULL;
#ifdef MAC_REPEATER_SUPPORT
UCHAR CliIdx = 0xFF;
#endif /* MAC_REPEATER_SUPPORT */
if ((ifIndex >= MAX_APCLI_NUM)
#ifdef MAC_REPEATER_SUPPORT
&& (ifIndex < 64)
#endif /* MAC_REPEATER_SUPPORT */
)
return;
#ifdef MAC_REPEATER_SUPPORT
if (ifIndex >= 64)
{
CliIdx = ((ifIndex - 64) % 16);
ifIndex = ((ifIndex - 64) / 16);
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].AssocCurrState;
}
else
#endif /* MAC_REPEATER_SUPPORT */
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].AssocCurrState;
/* skip sanity check */
pDisassocReq = (PMLME_DISASSOC_REQ_STRUCT)(Elem->Msg);
/* allocate and send out DeassocReq frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); /*Get an unused nonpaged memory */
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - ApCliMlmeDisassocReqAction() allocate memory failed\n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_FAIL_NO_RESOURCE;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.BssIdx = ifIndex;
ApCliCtrlMsg.CliIdx = CliIdx;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_DEASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
return;
}
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - Send DISASSOC request [BSSID::%02x:%02x:%02x:%02x:%02x:%02x] \n",
pDisassocReq->Addr[0], pDisassocReq->Addr[1], pDisassocReq->Addr[2],
pDisassocReq->Addr[3], pDisassocReq->Addr[4], pDisassocReq->Addr[5]));
ApCliMgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pDisassocReq->Addr, pDisassocReq->Addr, ifIndex);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
COPY_MAC_ADDR(DisassocHdr.Addr2, pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].CurrentAddress);
#endif /* MAC_REPEATER_SUPPORT */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &DisassocHdr,
2, &pDisassocReq->Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_SUCCESS;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.BssIdx = ifIndex;
ApCliCtrlMsg.CliIdx = CliIdx;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_DEASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
#if defined(RT_CFG80211_P2P_CONCURRENT_DEVICE) || defined(CFG80211_MULTI_STA)
RT_CFG80211_LOST_GO_INFORM(pAd);
#endif /* RT_CFG80211_P2P_CONCURRENT_DEVICE || CFG80211_MULTI_STA */
return;
}
static INT scan_active(RTMP_ADAPTER *pAd, UCHAR OpMode, UCHAR ScanType)
{
UCHAR *frm_buf = NULL;
HEADER_802_11 Hdr80211;
ULONG FrameLen = 0;
UCHAR SsidLen = 0;
if (MlmeAllocateMemory(pAd, &frm_buf) != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - ScanNextChannel() allocate memory fail\n"));
#ifdef CONFIG_AP_SUPPORT
if (OpMode == OPMODE_AP)
pAd->Mlme.ApSyncMachine.CurrState = AP_SYNC_IDLE;
#endif /* CONFIG_AP_SUPPORT */
return FALSE;
}
#ifdef DOT11_N_SUPPORT
#ifdef DOT11N_DRAFT3
if (ScanType == SCAN_2040_BSS_COEXIST)
{
DBGPRINT(RT_DEBUG_INFO, ("SYNC - SCAN_2040_BSS_COEXIST !! Prepare to send Probe Request\n"));
}
#endif /* DOT11N_DRAFT3 */
#endif /* DOT11_N_SUPPORT */
/* There is no need to send broadcast probe request if active scan is in effect.*/
SsidLen = 0;
#ifndef APCLI_CONNECTION_TRIAL
if ((ScanType == SCAN_ACTIVE) || (ScanType == FAST_SCAN_ACTIVE)
#ifdef WSC_STA_SUPPORT
|| ((ScanType == SCAN_WSC_ACTIVE) && (OpMode == OPMODE_STA))
#endif /* WSC_STA_SUPPORT */
)
SsidLen = pAd->MlmeAux.SsidLen;
#endif /* APCLI_CONNECTION_TRIAL */
{
#ifdef CONFIG_AP_SUPPORT
/*IF_DEV_CONFIG_OPMODE_ON_AP(pAd) */
if (OpMode == OPMODE_AP)
{
MgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0, BROADCAST_ADDR,
pAd->ApCfg.MBSSID[0].Bssid);
}
#endif /* CONFIG_AP_SUPPORT */
MakeOutgoingFrame(frm_buf, &FrameLen,
sizeof(HEADER_802_11), &Hdr80211,
1, &SsidIe,
1, &SsidLen,
SsidLen, pAd->MlmeAux.Ssid,
1, &SupRateIe,
1, &pAd->CommonCfg.SupRateLen,
pAd->CommonCfg.SupRateLen, pAd->CommonCfg.SupRate,
END_OF_ARGS);
if (pAd->CommonCfg.ExtRateLen)
{
ULONG Tmp;
MakeOutgoingFrame(frm_buf + FrameLen, &Tmp,
1, &ExtRateIe,
1, &pAd->CommonCfg.ExtRateLen,
pAd->CommonCfg.ExtRateLen, pAd->CommonCfg.ExtRate,
END_OF_ARGS);
FrameLen += Tmp;
}
}
#ifdef DOT11_N_SUPPORT
if (WMODE_CAP_N(pAd->CommonCfg.PhyMode))
{
ULONG Tmp;
UCHAR HtLen;
UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33};
#ifdef RT_BIG_ENDIAN
HT_CAPABILITY_IE HtCapabilityTmp;
#endif
if (pAd->bBroadComHT == TRUE)
{
HtLen = pAd->MlmeAux.HtCapabilityLen + 4;
#ifdef RT_BIG_ENDIAN
NdisMoveMemory(&HtCapabilityTmp, &pAd->MlmeAux.HtCapability, SIZE_HT_CAP_IE);
*(USHORT *)(&HtCapabilityTmp.HtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.HtCapInfo));
#ifdef UNALIGNMENT_SUPPORT
{
EXT_HT_CAP_INFO extHtCapInfo;
NdisMoveMemory((PUCHAR)(&extHtCapInfo), (PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), sizeof(EXT_HT_CAP_INFO));
*(USHORT *)(&extHtCapInfo) = cpu2le16(*(USHORT *)(&extHtCapInfo));
NdisMoveMemory((PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), (PUCHAR)(&extHtCapInfo), sizeof(EXT_HT_CAP_INFO));
}
#else
*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo) = cpu2le16(*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo));
#endif /* UNALIGNMENT_SUPPORT */
MakeOutgoingFrame(frm_buf + FrameLen, &Tmp,
1, &WpaIe,
1, &HtLen,
4, &BROADCOM[0],
pAd->MlmeAux.HtCapabilityLen, &HtCapabilityTmp,
END_OF_ARGS);
#else
MakeOutgoingFrame(frm_buf + FrameLen, &Tmp,
1, &WpaIe,
1, &HtLen,
4, &BROADCOM[0],
pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
END_OF_ARGS);
#endif /* RT_BIG_ENDIAN */
}
else
{
HtLen = sizeof(HT_CAPABILITY_IE);
#ifdef RT_BIG_ENDIAN
NdisMoveMemory(&HtCapabilityTmp, &pAd->CommonCfg.HtCapability, SIZE_HT_CAP_IE);
*(USHORT *)(&HtCapabilityTmp.HtCapInfo) = SWAP16(*(USHORT *)(&HtCapabilityTmp.HtCapInfo));
#ifdef UNALIGNMENT_SUPPORT
{
EXT_HT_CAP_INFO extHtCapInfo;
NdisMoveMemory((PUCHAR)(&extHtCapInfo), (PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), sizeof(EXT_HT_CAP_INFO));
*(USHORT *)(&extHtCapInfo) = cpu2le16(*(USHORT *)(&extHtCapInfo));
NdisMoveMemory((PUCHAR)(&HtCapabilityTmp.ExtHtCapInfo), (PUCHAR)(&extHtCapInfo), sizeof(EXT_HT_CAP_INFO));
}
#else
*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo) = cpu2le16(*(USHORT *)(&HtCapabilityTmp.ExtHtCapInfo));
#endif /* UNALIGNMENT_SUPPORT */
MakeOutgoingFrame(frm_buf + FrameLen, &Tmp,
1, &HtCapIe,
1, &HtLen,
HtLen, &HtCapabilityTmp,
END_OF_ARGS);
#else
MakeOutgoingFrame(frm_buf + FrameLen, &Tmp,
1, &HtCapIe,
1, &HtLen,
HtLen, &pAd->CommonCfg.HtCapability,
END_OF_ARGS);
#endif /* RT_BIG_ENDIAN */
}
FrameLen += Tmp;
#ifdef DOT11N_DRAFT3
if ((pAd->MlmeAux.Channel <= 14) && (pAd->CommonCfg.bBssCoexEnable == TRUE))
{
ULONG Tmp;
HtLen = 1;
MakeOutgoingFrame(frm_buf + FrameLen, &Tmp,
1, &ExtHtCapIe,
1, &HtLen,
1, &pAd->CommonCfg.BSSCoexist2040.word,
END_OF_ARGS);
FrameLen += Tmp;
}
#endif /* DOT11N_DRAFT3 */
}
#endif /* DOT11_N_SUPPORT */
#ifdef DOT11_VHT_AC
if (WMODE_CAP_AC(pAd->CommonCfg.PhyMode) &&
(pAd->MlmeAux.Channel > 14)) {
FrameLen += build_vht_ies(pAd, (UCHAR *)(frm_buf + FrameLen), SUBTYPE_PROBE_REQ, pAd->CommonCfg.vht_max_mcs_cap);
}
#endif /* DOT11_VHT_AC */
#ifdef WSC_STA_SUPPORT
if (OpMode == OPMODE_STA)
{
BOOLEAN bHasWscIe = FALSE;
/*
Append WSC information in probe request if WSC state is running
*/
if ((pAd->StaCfg.WscControl.WscEnProbeReqIE) &&
(pAd->StaCfg.WscControl.WscConfMode != WSC_DISABLE) &&
(pAd->StaCfg.WscControl.bWscTrigger == TRUE))
bHasWscIe = TRUE;
#ifdef WSC_V2_SUPPORT
else if ((pAd->StaCfg.WscControl.WscEnProbeReqIE) &&
(pAd->StaCfg.WscControl.WscV2Info.bEnableWpsV2))
bHasWscIe = TRUE;
#endif /* WSC_V2_SUPPORT */
if (bHasWscIe)
{
UCHAR *pWscBuf = NULL, WscIeLen = 0;
ULONG WscTmpLen = 0;
os_alloc_mem(NULL, (UCHAR **)&pWscBuf, 512);
if (pWscBuf != NULL)
{
NdisZeroMemory(pWscBuf, 512);
WscBuildProbeReqIE(pAd, STA_MODE, pWscBuf, &WscIeLen);
MakeOutgoingFrame(frm_buf + FrameLen, &WscTmpLen,
WscIeLen, pWscBuf,
END_OF_ARGS);
FrameLen += WscTmpLen;
os_free_mem(NULL, pWscBuf);
}
else
DBGPRINT(RT_DEBUG_WARN, ("%s:: WscBuf Allocate failed!\n", __FUNCTION__));
}
}
#endif /* WSC_STA_SUPPORT */
MiniportMMRequest(pAd, 0, frm_buf, FrameLen);
MlmeFreeMemory(pAd, frm_buf);
return TRUE;
}
static VOID APPeerAuthReqAtIdleAction(RTMP_ADAPTER *pAd, MLME_QUEUE_ELEM *Elem)
{
INT i;
USHORT RspReason;
AUTH_FRAME_INFO auth_info;
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
STA_TR_ENTRY *tr_entry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
BSS_STRUCT *pMbss;
struct wifi_dev *wdev;
if (pAd->ApCfg.BANClass3Data == TRUE)
{
DBGPRINT(RT_DEBUG_TRACE, ("Disallow new Association\n"));
return;
}
if (!APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, &auth_info))
return;
/* Find which MBSSID to be authenticate */
apidx = get_apidx_by_addr(pAd, auth_info.addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
pMbss = &pAd->ApCfg.MBSSID[apidx];
wdev = &pMbss->wdev;
ASSERT((wdev->func_idx == apidx));
if ((wdev->if_dev == NULL) || ((wdev->if_dev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(wdev->if_dev))))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
}
pEntry = MacTableLookup(pAd, auth_info.addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
tr_entry = &pAd->MacTab.tr_entry[pEntry->wcid];
#ifdef DOT11W_PMF_SUPPORT
if ((CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
&& (tr_entry->PortSecured == WPA_802_1X_PORT_SECURED))
goto SendAuth;
#endif /* DOT11W_PMF_SUPPORT */
if (!RTMPEqualMemory(auth_info.addr1, pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->wcid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
#ifdef DOT11W_PMF_SUPPORT
SendAuth:
#endif /* DOT11W_PMF_SUPPORT */
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, auth_info.auth_seq, auth_info.auth_alg,
auth_info.auth_status, Elem->Wcid,
PRINT_MAC(auth_info.addr2)));
#ifdef WSC_V2_SUPPORT
/* Do not check ACL when WPS V2 is enabled and ACL policy is positive. */
if ((pMbss->WscControl.WscConfMode != WSC_DISABLE) &&
(pMbss->WscControl.WscV2Info.bEnableWpsV2) &&
(pMbss->WscControl.WscV2Info.bWpsEnable) &&
(pMbss->AccessControlList.Policy == 1))
;
else
#endif /* WSC_V2_SUPPORT */
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, auth_info.addr2, apidx))
{
ASSERT(auth_info.auth_seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, auth_info.addr2, wdev->wdev_idx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((auth_info.auth_alg == AUTH_MODE_OPEN) &&
(pMbss->wdev.AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, auth_info.addr2, wdev, ENTRY_CLIENT, OPMODE_AP, TRUE);
if (pEntry)
{
tr_entry = &pAd->MacTab.tr_entry[pEntry->wcid];
#ifdef DOT11W_PMF_SUPPORT
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
|| (tr_entry->PortSecured != WPA_802_1X_PORT_SECURED))
#endif /* DOT11W_PMF_SUPPORT */
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((auth_info.auth_alg == AUTH_MODE_KEY) &&
((wdev->AuthMode == Ndis802_11AuthModeShared)
|| (wdev->AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, auth_info.addr2, wdev, ENTRY_CLIENT, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, auth_info.addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
auth_info.auth_seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, auth_info.addr2,
wdev->if_addr,
wdev->bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &auth_info.auth_alg,
2, &auth_info.auth_seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
auth_info.auth_alg, auth_info.auth_seq, pAd->ApCfg.MBSSID[apidx].wdev.AuthMode));
}
}
static VOID APPeerAuthReqAtIdleAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
INT i;
USHORT Seq, Alg, RspReason, Status;
UCHAR Addr1[MAC_ADDR_LEN];
UCHAR Addr2[MAC_ADDR_LEN];
CHAR Chtxt[CIPHER_TEXT_LEN];
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
MULTISSID_STRUCT *pMbss;
struct wifi_dev *wdev;
CHAR rssi;
if (! APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr1,
Addr2, &Alg, &Seq, &Status, Chtxt
))
return;
/* Find which MBSSID to be authenticate */
apidx = get_apidx_by_addr(pAd, Addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
pMbss = &pAd->ApCfg.MBSSID[apidx];
wdev = &pMbss->wdev;
if ((wdev->if_dev == NULL) || ((wdev->if_dev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(wdev->if_dev))))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
}
pEntry = MacTableLookup(pAd, Addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
#ifdef DOT11W_PMF_SUPPORT
if ((CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
&& (pEntry->PortSecured == WPA_802_1X_PORT_SECURED))
goto SendAuth;
#endif /* DOT11W_PMF_SUPPORT */
if (!RTMPEqualMemory(Addr1, pAd->ApCfg.MBSSID[pEntry->apidx].wdev.bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->wcid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
#ifdef DOT11W_PMF_SUPPORT
SendAuth:
#endif /* DOT11W_PMF_SUPPORT */
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, Seq, Alg, Status, Elem->Wcid, PRINT_MAC(Addr2)));
/* YF@20130102: Refuse the weak signal of AuthReq */
rssi = RTMPMaxRssi(pAd, ConvertToRssi(pAd, (CHAR)Elem->Rssi0, RSSI_0),
ConvertToRssi(pAd, (CHAR)Elem->Rssi1, RSSI_1),
ConvertToRssi(pAd, (CHAR)Elem->Rssi2, RSSI_2));
DBGPRINT(RT_DEBUG_TRACE, ("%s: AUTH_FAIL_REQ Threshold = %d, AUTH_NO_RSP_REQ Threshold = %d, AUTH RSSI = %d\n",
wdev->if_dev->name, pMbss->AuthFailRssiThreshold, pMbss->AuthNoRspRssiThreshold, rssi));
if (((pMbss->AuthFailRssiThreshold != 0) && (rssi < pMbss->AuthFailRssiThreshold)) ||
((pMbss->AuthNoRspRssiThreshold != 0) && (rssi < pMbss->AuthNoRspRssiThreshold)))
{
DBGPRINT(RT_DEBUG_TRACE, ("Reject this AUTH_REQ due to Weak Signal.\n"));
if ((pMbss->AuthFailRssiThreshold != 0) && (rssi < pMbss->AuthFailRssiThreshold))
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
return;
}
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, Addr2, apidx))
{
ASSERT(Seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((Alg == AUTH_MODE_OPEN) &&
(pMbss->wdev.AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, wdev, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
#ifdef DOT11W_PMF_SUPPORT
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
|| (pEntry->PortSecured != WPA_802_1X_PORT_SECURED))
#endif /* DOT11W_PMF_SUPPORT */
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((Alg == AUTH_MODE_KEY) &&
((wdev->AuthMode == Ndis802_11AuthModeShared)
|| (wdev->AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, wdev, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, Addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
Seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2,
wdev->if_addr,
wdev->bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &Alg,
2, &Seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
Alg, Seq, pAd->ApCfg.MBSSID[apidx].wdev.AuthMode));
}
}
/*
==========================================================================
Description:
Upper layer issues disassoc request
Parameters:
Elem -
==========================================================================
*/
static VOID ApCliMlmeDisassocReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
PMLME_DISASSOC_REQ_STRUCT pDisassocReq;
HEADER_802_11 DisassocHdr;
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
NDIS_STATUS NStatus;
APCLI_CTRL_MSG_STRUCT ApCliCtrlMsg;
USHORT ifIndex = (USHORT)(Elem->Priv);
PULONG pCurrState = NULL;
#ifdef MAC_REPEATER_SUPPORT
UCHAR CliIdx = 0xFF;
#endif /* MAC_REPEATER_SUPPORT */
if ((ifIndex >= MAX_APCLI_NUM)
#ifdef MAC_REPEATER_SUPPORT
&& (ifIndex < 64)
#endif /* MAC_REPEATER_SUPPORT */
)
return;
#ifdef MAC_REPEATER_SUPPORT
if (ifIndex >= 64)
{
CliIdx = ((ifIndex - 64) % 16);
ifIndex = ((ifIndex - 64) / 16);
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].AssocCurrState;
}
else
#endif /* MAC_REPEATER_SUPPORT */
pCurrState = &pAd->ApCfg.ApCliTab[ifIndex].AssocCurrState;
/* skip sanity check */
pDisassocReq = (PMLME_DISASSOC_REQ_STRUCT)(Elem->Msg);
/* allocate and send out DeassocReq frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); /*Get an unused nonpaged memory */
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - ApCliMlmeDisassocReqAction() allocate memory failed\n"));
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_FAIL_NO_RESOURCE;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.BssIdx = ifIndex;
ApCliCtrlMsg.CliIdx = CliIdx;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_DEASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
return;
}
DBGPRINT(RT_DEBUG_TRACE, ("APCLI_ASSOC - Send DISASSOC request [BSSID::%02x:%02x:%02x:%02x:%02x:%02x] \n",
pDisassocReq->Addr[0], pDisassocReq->Addr[1], pDisassocReq->Addr[2],
pDisassocReq->Addr[3], pDisassocReq->Addr[4], pDisassocReq->Addr[5]));
ApCliMgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pDisassocReq->Addr, pDisassocReq->Addr, ifIndex);
#ifdef MAC_REPEATER_SUPPORT
if (CliIdx != 0xFF)
{
COPY_MAC_ADDR(DisassocHdr.Addr2, pAd->ApCfg.ApCliTab[ifIndex].RepeaterCli[CliIdx].CurrentAddress);
COPY_MAC_ADDR(DisassocHdr.Addr2, pDisassocReq->Addr2);
}
#endif /* MAC_REPEATER_SUPPORT */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &DisassocHdr,
2, &pDisassocReq->Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
*pCurrState = APCLI_ASSOC_IDLE;
ApCliCtrlMsg.Status = MLME_SUCCESS;
#ifdef MAC_REPEATER_SUPPORT
ApCliCtrlMsg.BssIdx = ifIndex;
ApCliCtrlMsg.CliIdx = CliIdx;
ifIndex = (USHORT)(Elem->Priv);
#endif /* MAC_REPEATER_SUPPORT */
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_DEASSOC_RSP,
sizeof(APCLI_CTRL_MSG_STRUCT), &ApCliCtrlMsg, ifIndex);
#ifdef APCLI_WPA_SUPPLICANT_SUPPORT
if (pAd->ApCfg.ApCliTab[ifIndex].WpaSupplicantUP != WPA_SUPPLICANT_DISABLE)
{
/*send disassociate event to wpa_supplicant*/
RtmpOSWrielessEventSend(pAd->net_dev, RT_WLAN_EVENT_CUSTOM, RT_DISASSOC_EVENT_FLAG, NULL, NULL, 0);
}
RtmpOSWrielessEventSend(pAd->net_dev, SIOCGIWAP, -1, NULL, NULL, 0);
RTMPSendWirelessEvent(pAd, IW_DISASSOC_EVENT_FLAG, NULL, BSS0, 0);
#endif /*APCLI_WPA_SUPPLICANT_SUPPORT*/
return;
}
VOID PeerAddBAReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
// 7.4.4.1
//ULONG Idx;
UCHAR Status = 1;
UCHAR pAddr[6];
FRAME_ADDBA_RSP ADDframe;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
PFRAME_ADDBA_REQ pAddreqFrame = NULL;
//UCHAR BufSize;
ULONG FrameLen;
PULONG ptemp;
PMAC_TABLE_ENTRY pMacEntry;
DBGPRINT(RT_DEBUG_TRACE, ("%s ==> (Wcid = %d)\n", __FUNCTION__, Elem->Wcid));
//hex_dump("AddBAReq", Elem->Msg, Elem->MsgLen);
//ADDBA Request from unknown peer, ignore this.
if (Elem->Wcid >= MAX_LEN_OF_MAC_TABLE)
return;
pMacEntry = &pAd->MacTab.Content[Elem->Wcid];
DBGPRINT(RT_DEBUG_TRACE,("BA - PeerAddBAReqAction----> \n"));
ptemp = (PULONG)Elem->Msg;
//DBGPRINT_RAW(RT_DEBUG_EMU, ("%08x:: %08x:: %08x:: %08x:: %08x:: %08x:: %08x:: %08x:: %08x\n", *(ptemp), *(ptemp+1), *(ptemp+2), *(ptemp+3), *(ptemp+4), *(ptemp+5), *(ptemp+6), *(ptemp+7), *(ptemp+8)));
if (PeerAddBAReqActionSanity(pAd, Elem->Msg, Elem->MsgLen, pAddr))
{
if ((pAd->CommonCfg.bBADecline == FALSE) && IS_HT_STA(pMacEntry))
{
pAddreqFrame = (PFRAME_ADDBA_REQ)(&Elem->Msg[0]);
printk("Rcv Wcid(%d) AddBAReq\n", Elem->Wcid);
if (BARecSessionAdd(pAd, &pAd->MacTab.Content[Elem->Wcid], pAddreqFrame))
Status = 0;
else
Status = 38; // more parameters have invalid values
}
else
{
Status = 37; // the request has been declined.
}
}
if (pAd->MacTab.Content[Elem->Wcid].ValidAsCLI)
ASSERT(pAd->MacTab.Content[Elem->Wcid].Sst == SST_ASSOC);
pAddreqFrame = (PFRAME_ADDBA_REQ)(&Elem->Msg[0]);
// 2. Always send back ADDBA Response
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE,("ACTION - PeerBAAction() allocate memory failed \n"));
return;
}
NdisZeroMemory(&ADDframe, sizeof(FRAME_ADDBA_RSP));
// 2-1. Prepare ADDBA Response frame.
#ifdef CONFIG_STA_SUPPORT
IF_DEV_CONFIG_OPMODE_ON_STA(pAd)
{
if (ADHOC_ON(pAd))
ActHeaderInit(pAd, &ADDframe.Hdr, pAddr, pAd->CurrentAddress, pAd->CommonCfg.Bssid);
else
ActHeaderInit(pAd, &ADDframe.Hdr, pAd->CommonCfg.Bssid, pAd->CurrentAddress, pAddr);
}
#endif // CONFIG_STA_SUPPORT //
ADDframe.Category = CATEGORY_BA;
ADDframe.Action = ADDBA_RESP;
ADDframe.Token = pAddreqFrame->Token;
// What is the Status code?? need to check.
ADDframe.StatusCode = Status;
ADDframe.BaParm.BAPolicy = IMMED_BA;
ADDframe.BaParm.AMSDUSupported = 0;
ADDframe.BaParm.TID = pAddreqFrame->BaParm.TID;
ADDframe.BaParm.BufSize = min(((UCHAR)pAddreqFrame->BaParm.BufSize), (UCHAR)pAd->CommonCfg.BACapability.field.RxBAWinLimit);
if (ADDframe.BaParm.BufSize == 0)
{
ADDframe.BaParm.BufSize = 64;
}
ADDframe.TimeOutValue = 0; //pAddreqFrame->TimeOutValue;
*(USHORT *)(&ADDframe.BaParm) = cpu2le16(*(USHORT *)(&ADDframe.BaParm));
ADDframe.StatusCode = cpu2le16(ADDframe.StatusCode);
ADDframe.TimeOutValue = cpu2le16(ADDframe.TimeOutValue);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(FRAME_ADDBA_RSP), &ADDframe,
END_OF_ARGS);
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
DBGPRINT(RT_DEBUG_TRACE, ("%s(%d): TID(%d), BufSize(%d) <== \n", __FUNCTION__, Elem->Wcid, ADDframe.BaParm.TID,
ADDframe.BaParm.BufSize));
}
/*
==========================================================================
Description:
==========================================================================
*/
static VOID ApCliEnqueueProbeRequest(
IN PRTMP_ADAPTER pAd,
IN UCHAR SsidLen,
OUT PCHAR Ssid,
IN USHORT ifIndex)
{
NDIS_STATUS NState;
PUCHAR pOutBuffer;
ULONG FrameLen = 0;
HEADER_802_11 Hdr80211;
UCHAR SsidIe = IE_SSID;
UCHAR SupRateIe = IE_SUPP_RATES;
UCHAR ssidLen;
CHAR ssid[MAX_LEN_OF_SSID];
PAPCLI_STRUCT pApCliEntry = NULL;
#ifdef WSC_AP_SUPPORT
BOOLEAN bHasWscIe = FALSE;
#endif
DBGPRINT(RT_DEBUG_TRACE, ("force out a ProbeRequest ...\n"));
if (ifIndex >= MAX_APCLI_NUM)
return;
pApCliEntry = &pAd->ApCfg.ApCliTab[ifIndex];
NState = MlmeAllocateMemory(pAd, &pOutBuffer); /*Get an unused nonpaged memory */
if(NState != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, ("EnqueueProbeRequest() allocate memory fail\n"));
return;
} else
{
if(MAC_ADDR_EQUAL(pAd->ApCfg.ApCliTab[ifIndex].CfgApCliBssid, ZERO_MAC_ADDR))
ApCliMgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0,
BROADCAST_ADDR, BROADCAST_ADDR, ifIndex);
else
ApCliMgtMacHeaderInit(pAd, &Hdr80211, SUBTYPE_PROBE_REQ, 0,
pAd->ApCfg.ApCliTab[ifIndex].CfgApCliBssid, pAd->ApCfg.ApCliTab[ifIndex].CfgApCliBssid, ifIndex);
ssidLen = SsidLen;
NdisZeroMemory(ssid, MAX_LEN_OF_SSID);
NdisMoveMemory(ssid, Ssid, ssidLen);
/* this ProbeRequest explicitly specify SSID to reduce unwanted ProbeResponse */
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr80211,
1, &SsidIe,
1, &ssidLen,
ssidLen, ssid,
1, &SupRateIe,
1, &(pApCliEntry->ApCliMlmeAux.SupRateLen),
pApCliEntry->ApCliMlmeAux.SupRateLen, pApCliEntry->ApCliMlmeAux.SupRate,
END_OF_ARGS);
/* Add the extended rate IE */
if (pApCliEntry->ApCliMlmeAux.ExtRateLen != 0)
{
ULONG tmp;
MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
1, &ExtRateIe,
1, &(pApCliEntry->ApCliMlmeAux.ExtRateLen),
pApCliEntry->ApCliMlmeAux.ExtRateLen, pApCliEntry->ApCliMlmeAux.ExtRate,
END_OF_ARGS);
FrameLen += tmp;
}
#ifdef WSC_AP_SUPPORT
/* Append WSC information in probe request if WSC state is running */
if ((pAd->ApCfg.ApCliTab[ifIndex].WscControl.WscConfMode != WSC_DISABLE) &&
(pAd->ApCfg.ApCliTab[ifIndex].WscControl.bWscTrigger))
{
bHasWscIe = TRUE;
}
#ifdef WSC_V2_SUPPORT
else if (pAd->ApCfg.ApCliTab[ifIndex].WscControl.WscV2Info.bEnableWpsV2)
{
bHasWscIe = TRUE;
}
#endif /* WSC_V2_SUPPORT */
#ifdef CON_WPS
if ((pAd->conWscStatus != CON_WPS_STATUS_DISABLED) && bHasWscIe)
{
bHasWscIe = FALSE;
printk("YF DEBUG: Don't Put THE WSC IE IN ProbeReq due to CON_WPS\n");
}
#endif /* CON_WPS */
if (bHasWscIe)
{
UCHAR /* WscBuf[256], */ WscIeLen = 0;
UCHAR *WscBuf = NULL;
ULONG WscTmpLen = 0;
/* allocate memory */
os_alloc_mem(NULL, (UCHAR **)&WscBuf, 512);
if (WscBuf != NULL)
{
NdisZeroMemory(WscBuf, 512);
WscBuildProbeReqIE(&pAd->ApCfg.ApCliTab[ifIndex].WscControl, STA_MODE, WscBuf, &WscIeLen);
MakeOutgoingFrame(pOutBuffer + FrameLen, &WscTmpLen,
WscIeLen, WscBuf,
END_OF_ARGS);
FrameLen += WscTmpLen;
os_free_mem(NULL, WscBuf);
}
else
DBGPRINT(RT_DEBUG_ERROR, ("%s: Allocate memory fail!!!\n", __FUNCTION__));
}
#endif
MiniportMMRequest(pAd, QID_AC_BE, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
return;
}
VOID MlmeScanReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
UCHAR Ssid[MAX_LEN_OF_SSID], SsidLen, ScanType, BssType, BBPValue = 0;
BOOLEAN TimerCancelled;
ULONG Now;
USHORT Status;
PHEADER_802_11 pHdr80211;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
if ( !RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_START_UP))
{
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - MlmeScanReqAction before Startup\n"));
return;
}
pAd->StaCfg.ScanCnt++;
#ifdef RTMP_MAC_PCI
if ((OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_PCIE_DEVICE)) &&
(IDLE_ON(pAd)) &&
(pAd->StaCfg.bRadio == TRUE) &&
(RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_IDLE_RADIO_OFF)))
{
if (pAd->StaCfg.PSControl.field.EnableNewPS == FALSE)
{
AsicSendCommandToMcu(pAd, 0x31, PowerWakeCID, 0x00, 0x02);
AsicCheckCommanOk(pAd, PowerWakeCID);
RTMP_CLEAR_FLAG(pAd, fRTMP_ADAPTER_IDLE_RADIO_OFF);
DBGPRINT(RT_DEBUG_TRACE, ("PSM - Issue Wake up command \n"));
}
else
{
RT28xxPciAsicRadioOn(pAd, GUI_IDLE_POWER_SAVE);
}
}
#endif
if (MlmeScanReqSanity(pAd,
Elem->Msg,
Elem->MsgLen,
&BssType,
(PCHAR)Ssid,
&SsidLen,
&ScanType))
{
RTMPSuspendMsduTransmission(pAd);
if (OPSTATUS_TEST_FLAG(pAd, fOP_STATUS_MEDIA_STATE_CONNECTED) && (INFRA_ON(pAd)))
{
NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer);
if (NStatus == NDIS_STATUS_SUCCESS)
{
pHdr80211 = (PHEADER_802_11) pOutBuffer;
MgtMacHeaderInit(pAd, pHdr80211, SUBTYPE_NULL_FUNC, 1, pAd->CommonCfg.Bssid, pAd->CommonCfg.Bssid);
pHdr80211->Duration = 0;
pHdr80211->FC.Type = BTYPE_DATA;
pHdr80211->FC.PwrMgmt = PWR_SAVE;
MiniportMMRequest(pAd, 0, pOutBuffer, sizeof(HEADER_802_11));
DBGPRINT(RT_DEBUG_TRACE, ("MlmeScanReqAction -- Send PSM Data frame for off channel RM\n"));
MlmeFreeMemory(pAd, pOutBuffer);
RTMPusecDelay(5000);
}
}
NdisGetSystemUpTime(&Now);
pAd->StaCfg.LastScanTime = Now;
RTMPCancelTimer(&pAd->MlmeAux.BeaconTimer, &TimerCancelled);
RTMPCancelTimer(&pAd->MlmeAux.ScanTimer, &TimerCancelled);
pAd->MlmeAux.BssType = BssType;
pAd->MlmeAux.ScanType = ScanType;
pAd->MlmeAux.SsidLen = SsidLen;
NdisZeroMemory(pAd->MlmeAux.Ssid, MAX_LEN_OF_SSID);
NdisMoveMemory(pAd->MlmeAux.Ssid, Ssid, SsidLen);
pAd->MlmeAux.Channel = FirstChannel(pAd);
RTMP_BBP_IO_READ8_BY_REG_ID(pAd, BBP_R4, &BBPValue);
BBPValue &= (~0x18);
RTMP_BBP_IO_WRITE8_BY_REG_ID(pAd, BBP_R4, BBPValue);
DBGPRINT(RT_DEBUG_TRACE, ("SYNC - BBP R4 to 20MHz.l\n"));
ScanNextChannel(pAd);
}
else
{
DBGPRINT_ERR(("SYNC - MlmeScanReqAction() sanity check fail\n"));
pAd->Mlme.SyncMachine.CurrState = SYNC_IDLE;
Status = MLME_INVALID_FORMAT;
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_SCAN_CONF, 2, &Status);
}
}
