/*
==========================================================================
Description:
Some STA/AP
Note:
This action should never trigger AUTH state transition, therefore we
separate it from AUTH state machine, and make it as a standalone service
==========================================================================
*/
VOID APCls2errAction(
IN PRTMP_ADAPTER pAd,
IN ULONG Wcid,
IN PHEADER_802_11 pHeader)
{
HEADER_802_11 Hdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
USHORT Reason = REASON_CLS2ERR;
MAC_TABLE_ENTRY *pEntry = NULL;
UCHAR idx;
if (Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &(pAd->MacTab.Content[Wcid]);
}
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
/*ApLogEvent(pAd, pAddr, EVENT_DISASSOCIATED); */
MacTableDeleteEntry(pAd, pEntry->Aid, pHeader->Addr2);
}
else
{
for (idx = 0; idx < pAd->ApCfg.BssidNum; idx++)
{
PMULTISSID_STRUCT pMbss = &pAd->ApCfg.MBSSID[idx];
if (NdisEqualMemory(pMbss->Bssid, pHeader->Addr1, MAC_ADDR_LEN))
break;
}
if (idx == pAd->ApCfg.BssidNum)
return;
}
/* send out DEAUTH request frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - Class 2 error, Send DEAUTH frame to "
"%02x:%02x:%02x:%02x:%02x:%02x \n",
PRINT_MAC(pHeader->Addr2)));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pHeader->Addr2,
#ifdef P2P_SUPPORT
pHeader->Addr1,
#endif /* P2P_SUPPORT */
pHeader->Addr1);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
/*
==========================================================================
Description:
Upper Layer request to kick out a STA
==========================================================================
*/
static VOID APMlmeDeauthReqAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
MLME_DEAUTH_REQ_STRUCT *pInfo;
HEADER_802_11 Hdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
UCHAR apidx;
pInfo = (MLME_DEAUTH_REQ_STRUCT *)Elem->Msg;
if (Elem->Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &pAd->MacTab.Content[Elem->Wcid];
if (!pEntry)
return;
#ifdef WAPI_SUPPORT
WAPI_InternalCmdAction(pAd,
pEntry->AuthMode,
pEntry->func_tb_idx,
pEntry->Addr,
WAI_MLME_DISCONNECT);
#endif /* WAPI_SUPPORT */
/* send wireless event - for deauthentication */
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pInfo->Addr, 0, 0);
ApLogEvent(pAd, pInfo->Addr, EVENT_DISASSOCIATED);
apidx = pEntry->func_tb_idx;
/* 1. remove this STA from MAC table */
MacTableDeleteEntry(pAd, Elem->Wcid, pInfo->Addr);
/* 2. send out DE-AUTH request frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - Send DE-AUTH req to %02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(pInfo->Addr)));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pInfo->Addr,
pAd->ApCfg.MBSSID[apidx].wdev.if_addr,
pAd->ApCfg.MBSSID[apidx].wdev.bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr,
2, &pInfo->Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
}
static VOID APPeerDeauthReqAction(
IN PRTMP_ADAPTER pAd,
IN PMLME_QUEUE_ELEM Elem)
{
UCHAR Addr2[MAC_ADDR_LEN];
USHORT Reason;
UINT16 SeqNum;
MAC_TABLE_ENTRY *pEntry;
if (! PeerDeauthReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &SeqNum, &Reason))
return;
pEntry = NULL;
/*pEntry = MacTableLookup(pAd, Addr2); */
if (Elem->Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &pAd->MacTab.Content[Elem->Wcid];
#ifdef DOT1X_SUPPORT
/* Notify 802.1x daemon to clear this sta info */
if (pEntry->AuthMode == Ndis802_11AuthModeWPA ||
pEntry->AuthMode == Ndis802_11AuthModeWPA2 ||
pAd->ApCfg.MBSSID[pEntry->apidx].IEEE8021X)
DOT1X_InternalCmdAction(pAd, pEntry, DOT1X_DISCONNECT_ENTRY);
#endif /* DOT1X_SUPPORT */
#ifdef WAPI_SUPPORT
WAPI_InternalCmdAction(pAd,
pEntry->AuthMode,
pEntry->apidx,
pEntry->Addr,
WAI_MLME_DISCONNECT);
#endif /* WAPI_SUPPORT */
/* send wireless event - for deauthentication */
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, Addr2, 0, 0);
ApLogEvent(pAd, Addr2, EVENT_DISASSOCIATED);
if (pEntry->CMTimerRunning == TRUE)
{
/*
If one who initilized Counter Measure deauth itself,
AP doesn't log the MICFailTime
*/
pAd->ApCfg.aMICFailTime = pAd->ApCfg.PrevaMICFailTime;
}
MacTableDeleteEntry(pAd, Elem->Wcid, Addr2);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - receive DE-AUTH(seq-%d) from "
"%02x:%02x:%02x:%02x:%02x:%02x, reason=%d\n", SeqNum,
Addr2[0], Addr2[1], Addr2[2], Addr2[3], Addr2[4], Addr2[5], Reason));
}
}
/*
==========================================================================
Description:
Delete all WDS Entry in pAd->MacTab
==========================================================================
*/
BOOLEAN MacTableDeleteWDSEntry(
IN PRTMP_ADAPTER pAd,
IN USHORT wcid,
IN PUCHAR pAddr)
{
if (wcid >= MAX_LEN_OF_MAC_TABLE)
return FALSE;
else
return MacTableDeleteEntry(pAd, wcid, pAddr);
}
/*
==========================================================================
Description:
Some STA/AP
Note:
This action should never trigger AUTH state transition, therefore we
separate it from AUTH state machine, and make it as a standalone service
==========================================================================
*/
VOID APCls2errAction(
IN PRTMP_ADAPTER pAd,
IN ULONG Wcid,
IN PHEADER_802_11 pHeader)
{
HEADER_802_11 Hdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
USHORT Reason = REASON_CLS2ERR;
MAC_TABLE_ENTRY *pEntry = NULL;
if (Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &(pAd->MacTab.Content[Wcid]);
}
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
/*ApLogEvent(pAd, pAddr, EVENT_DISASSOCIATED); */
MacTableDeleteEntry(pAd, pEntry->Aid, pHeader->Addr2);
}
else
{
UCHAR bssid[MAC_ADDR_LEN];
NdisMoveMemory(bssid, pHeader->Addr1, MAC_ADDR_LEN);
bssid[5] &= pAd->ApCfg.MacMask;
if (NdisEqualMemory(pAd->CurrentAddress, bssid, MAC_ADDR_LEN) == 0)
return;
}
/* send out DEAUTH request frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - Class 2 error, Send DEAUTH frame to "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(pHeader->Addr2)));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pHeader->Addr2,
pHeader->Addr1);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
/*
==========================================================================
Description:
Some STA/AP
Note:
This action should never trigger AUTH state transition, therefore we
separate it from AUTH state machine, and make it as a standalone service
==========================================================================
*/
VOID APCls2errAction(
IN RTMP_ADAPTER *pAd,
IN ULONG Wcid,
IN HEADER_802_11 *pHeader)
{
HEADER_802_11 Hdr;
UCHAR *pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
USHORT Reason = REASON_CLS2ERR;
MAC_TABLE_ENTRY *pEntry = NULL;
UCHAR apidx;
if (Wcid < MAX_LEN_OF_MAC_TABLE)
pEntry = &(pAd->MacTab.Content[Wcid]);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
/*ApLogEvent(pAd, pAddr, EVENT_DISASSOCIATED); */
MacTableDeleteEntry(pAd, pEntry->wcid, pHeader->Addr2);
}
else
{
apidx = get_apidx_by_addr(pAd, pHeader->Addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE,("AUTH - Class 2 error but not my bssid %02x:%02x:%02x:%02x:%02x:%02x\n", PRINT_MAC(pHeader->Addr1)));
return;
}
}
/* send out DEAUTH frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
return;
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - Class 2 error, Send DEAUTH frame to "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(pHeader->Addr2)));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pHeader->Addr2,
pHeader->Addr1,
pHeader->Addr1);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
/*
==========================================================================
Description:
Some STA/AP
Note:
This action should never trigger AUTH state transition, therefore we
separate it from AUTH state machine, and make it as a standalone service
==========================================================================
*/
VOID APCls2errAction(
IN struct rtmp_adapter *pAd,
IN ULONG Wcid,
IN HEADER_802_11 *pHeader)
{
HEADER_802_11 Hdr;
u8 *pOutBuffer = NULL;
int NStatus;
ULONG FrameLen = 0;
unsigned short Reason = REASON_CLS2ERR;
MAC_TABLE_ENTRY *pEntry = NULL;
u8 apidx;
if (Wcid < MAX_LEN_OF_MAC_TABLE)
pEntry = &(pAd->MacTab.Content[Wcid]);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
/*ApLogEvent(pAd, pAddr, EVENT_DISASSOCIATED); */
MacTableDeleteEntry(pAd, pEntry->wcid, pHeader->Addr2);
}
else
{
apidx = get_apidx_by_addr(pAd, pHeader->Addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE,("AUTH - Class 2 error but not my bssid %02x:%02x:%02x:%02x:%02x:%02x\n", PRINT_MAC(pHeader->Addr1)));
return;
}
}
/* send out DEAUTH frame */
pOutBuffer = kmalloc(MGMT_DMA_BUFFER_SIZE, GFP_ATOMIC);
if (pOutBuffer == NULL)
return;
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - Class 2 error, Send DEAUTH frame to "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(pHeader->Addr2)));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pHeader->Addr2,
pHeader->Addr1,
pHeader->Addr1);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
kfree(pOutBuffer);
}
INT Set_P2P_DelDevByAddr_Proc(
IN PRTMP_ADAPTER pAd,
IN PSTRING arg)
{
POS_COOKIE pObj;
UCHAR DevAddr[6] = {0};
PMAC_TABLE_ENTRY pEntry = NULL;
pObj = (POS_COOKIE) pAd->OS_Cookie;
if (pObj->ioctl_if_type != INT_P2P)
return 0;
if (rtstrmactohex(arg, (PSTRING) &DevAddr[0]) == FALSE)
return FALSE;
DBGPRINT(RT_DEBUG_TRACE, ("%s:: DevMac = %02x:%02x:%02x:%02x:%02x:%02x\n", __FUNCTION__, PRINT_MAC(DevAddr)));
pEntry = MacTableLookup(pAd, DevAddr);
if (pEntry)
{
PUCHAR pOutBuffer = NULL;
ULONG FrameLen = 0;
USHORT Reason = REASON_NO_LONGER_VALID;
HEADER_802_11 DeAuthHdr;
MlmeAllocateMemory(pAd, &pOutBuffer);
if (pOutBuffer)
{
DBGPRINT(RT_DEBUG_WARN, ("Send DEAUTH - Reason = %d frame tO %02x:%02x:%02x:%02x:%02x:%02x \n",
Reason, PRINT_MAC(DevAddr)));
MgtMacHeaderInit(pAd, &DeAuthHdr, SUBTYPE_DEAUTH, 0,
pEntry->HdrAddr1,
pEntry->HdrAddr2,
pEntry->HdrAddr3);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &DeAuthHdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
P2pGroupTabDelete(pAd, P2P_NOT_FOUND, DevAddr);
}
}
return TRUE;
}
/*
==========================================================================
Description:
Upper Layer request to kick out a STA
==========================================================================
*/
static VOID APMlmeDeauthReqAction(
IN struct rtmp_adapter *pAd,
IN MLME_QUEUE_ELEM *Elem)
{
MLME_DEAUTH_REQ_STRUCT *pInfo;
HEADER_802_11 Hdr;
u8 * pOutBuffer = NULL;
int NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
u8 apidx;
pInfo = (MLME_DEAUTH_REQ_STRUCT *)Elem->Msg;
if (Elem->Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &pAd->MacTab.Content[Elem->Wcid];
if (!pEntry)
return;
/* send wireless event - for deauthentication */
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pInfo->Addr, 0, 0);
ApLogEvent(pAd, pInfo->Addr, EVENT_DISASSOCIATED);
apidx = pEntry->apidx;
/* 1. remove this STA from MAC table */
MacTableDeleteEntry(pAd, Elem->Wcid, pInfo->Addr);
/* 2. send out DE-AUTH request frame */
pOutBuffer = kmalloc(MGMT_DMA_BUFFER_SIZE, GFP_ATOMIC);
if (pOutBuffer == NULL)
return;
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - Send DE-AUTH req to %02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(pInfo->Addr)));
MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pInfo->Addr,
pAd->ApCfg.MBSSID[apidx].wdev.if_addr,
pAd->ApCfg.MBSSID[apidx].wdev.bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &Hdr,
2, &pInfo->Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
kfree(pOutBuffer);
}
}
VOID PMF_SAQueryTimeOut(
IN PVOID SystemSpecific1,
IN PVOID FunctionContext,
IN PVOID SystemSpecific2,
IN PVOID SystemSpecific3)
{
MAC_TABLE_ENTRY *pEntry = (MAC_TABLE_ENTRY *)FunctionContext;
if (pEntry)
{
DBGPRINT(RT_DEBUG_ERROR, ("[PMF]%s - STA(%02x:%02x:%02x:%02x:%02x:%02x)\n", __FUNCTION__, PRINT_MAC(pEntry->Addr)));
PRTMP_ADAPTER pAd = (PRTMP_ADAPTER)pEntry->pAd;
#ifdef CONFIG_AP_SUPPORT
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
#endif /* CONFIG_AP_SUPPORT */
}
}
static VOID APPeerDeauthReqAction(
IN PRTMP_ADAPTER pAd,
IN PMLME_QUEUE_ELEM Elem)
{
UCHAR Addr2[MAC_ADDR_LEN];
UINT16 Reason, SeqNum;
MAC_TABLE_ENTRY *pEntry;
if (! PeerDeauthReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &SeqNum, &Reason))
return;
pEntry = NULL;
/*pEntry = MacTableLookup(pAd, Addr2); */
if (Elem->Wcid < MAX_LEN_OF_MAC_TABLE)
{
pEntry = &pAd->MacTab.Content[Elem->Wcid];
//JERRY
{
BSS_STRUCT *pMbss = &pAd->ApCfg.MBSSID[pEntry->apidx];
PFRAME_802_11 Fr = (PFRAME_802_11)Elem->Msg;
unsigned char *tmp = (unsigned char *)pMbss->wdev.bssid;
unsigned char *tmp2 = (unsigned char *)&Fr->Hdr.Addr1;
if (memcmp(&Fr->Hdr.Addr1, pMbss->wdev.bssid, 6) != 0)
{
printk("da not match bssid,bssid:0x%02x%02x%02x%02x%02x%02x, addr1:0x%02x%02x%02x%02x%02x%02x\n",*tmp, *(tmp+1), *(tmp+2), *(tmp+3), *(tmp+4), *(tmp+5), *tmp2, *(tmp2+1), *(tmp2+2), *(tmp2+3), *(tmp2+4), *(tmp2+5));
return;
}
else
printk("da match,0x%02x%02x%02x%02x%02x%02x\n", *tmp, *(tmp+1), *(tmp+2), *(tmp+3), *(tmp+4), *(tmp+5));
}
#ifdef DOT1X_SUPPORT
/* Notify 802.1x daemon to clear this sta info */
if (pEntry->AuthMode == Ndis802_11AuthModeWPA ||
pEntry->AuthMode == Ndis802_11AuthModeWPA2 ||
pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.IEEE8021X)
DOT1X_InternalCmdAction(pAd, pEntry, DOT1X_DISCONNECT_ENTRY);
#endif /* DOT1X_SUPPORT */
#ifdef WAPI_SUPPORT
WAPI_InternalCmdAction(pAd,
pEntry->AuthMode,
pEntry->func_tb_idx,
pEntry->Addr,
WAI_MLME_DISCONNECT);
#endif /* WAPI_SUPPORT */
/* send wireless event - for deauthentication */
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, Addr2, 0, 0);
ApLogEvent(pAd, Addr2, EVENT_DISASSOCIATED);
if (pEntry->CMTimerRunning == TRUE)
{
/*
If one who initilized Counter Measure deauth itself,
AP doesn't log the MICFailTime
*/
pAd->ApCfg.aMICFailTime = pAd->ApCfg.PrevaMICFailTime;
}
MacTableDeleteEntry(pAd, Elem->Wcid, Addr2);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - receive DE-AUTH(seq-%d) from "
"%02x:%02x:%02x:%02x:%02x:%02x, reason=%d\n",
SeqNum, PRINT_MAC(Addr2), Reason));
#ifdef MAC_REPEATER_SUPPORT
if (pAd->ApCfg.bMACRepeaterEn == TRUE)
{
UCHAR apCliIdx, CliIdx;
REPEATER_CLIENT_ENTRY *pReptEntry = NULL;
pReptEntry = RTMPLookupRepeaterCliEntry(pAd, TRUE, Addr2);
if (pReptEntry && (pReptEntry->CliConnectState != 0))
{
apCliIdx = pReptEntry->MatchApCliIdx;
CliIdx = pReptEntry->MatchLinkIdx;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_DISCONNECT_REQ, 0, NULL,
(64 + MAX_EXT_MAC_ADDR_SIZE*apCliIdx + CliIdx));
RTMP_MLME_HANDLER(pAd);
RTMPRemoveRepeaterEntry(pAd, apCliIdx, CliIdx);
}
}
#endif /* MAC_REPEATER_SUPPORT */
}
}
static VOID APPeerAuthReqAtIdleAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
INT i;
USHORT Seq, Alg, RspReason, Status;
UCHAR Addr1[MAC_ADDR_LEN];
UCHAR Addr2[MAC_ADDR_LEN];
CHAR Chtxt[CIPHER_TEXT_LEN];
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
MULTISSID_STRUCT *pMbss;
struct wifi_dev *wdev;
CHAR rssi;
if (! APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr1,
Addr2, &Alg, &Seq, &Status, Chtxt
))
return;
/* Find which MBSSID to be authenticate */
apidx = get_apidx_by_addr(pAd, Addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
pMbss = &pAd->ApCfg.MBSSID[apidx];
wdev = &pMbss->wdev;
if ((wdev->if_dev == NULL) || ((wdev->if_dev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(wdev->if_dev))))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
}
pEntry = MacTableLookup(pAd, Addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
#ifdef DOT11W_PMF_SUPPORT
if ((CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
&& (pEntry->PortSecured == WPA_802_1X_PORT_SECURED))
goto SendAuth;
#endif /* DOT11W_PMF_SUPPORT */
if (!RTMPEqualMemory(Addr1, pAd->ApCfg.MBSSID[pEntry->apidx].wdev.bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->wcid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
#ifdef DOT11W_PMF_SUPPORT
SendAuth:
#endif /* DOT11W_PMF_SUPPORT */
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, Seq, Alg, Status, Elem->Wcid, PRINT_MAC(Addr2)));
/* YF@20130102: Refuse the weak signal of AuthReq */
rssi = RTMPMaxRssi(pAd, ConvertToRssi(pAd, (CHAR)Elem->Rssi0, RSSI_0),
ConvertToRssi(pAd, (CHAR)Elem->Rssi1, RSSI_1),
ConvertToRssi(pAd, (CHAR)Elem->Rssi2, RSSI_2));
DBGPRINT(RT_DEBUG_TRACE, ("%s: AUTH_FAIL_REQ Threshold = %d, AUTH_NO_RSP_REQ Threshold = %d, AUTH RSSI = %d\n",
wdev->if_dev->name, pMbss->AuthFailRssiThreshold, pMbss->AuthNoRspRssiThreshold, rssi));
if (((pMbss->AuthFailRssiThreshold != 0) && (rssi < pMbss->AuthFailRssiThreshold)) ||
((pMbss->AuthNoRspRssiThreshold != 0) && (rssi < pMbss->AuthNoRspRssiThreshold)))
{
DBGPRINT(RT_DEBUG_TRACE, ("Reject this AUTH_REQ due to Weak Signal.\n"));
if ((pMbss->AuthFailRssiThreshold != 0) && (rssi < pMbss->AuthFailRssiThreshold))
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
return;
}
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, Addr2, apidx))
{
ASSERT(Seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((Alg == AUTH_MODE_OPEN) &&
(pMbss->wdev.AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, wdev, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
#ifdef DOT11W_PMF_SUPPORT
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
|| (pEntry->PortSecured != WPA_802_1X_PORT_SECURED))
#endif /* DOT11W_PMF_SUPPORT */
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((Alg == AUTH_MODE_KEY) &&
((wdev->AuthMode == Ndis802_11AuthModeShared)
|| (wdev->AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, wdev, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, Addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
Seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2,
wdev->if_addr,
wdev->bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &Alg,
2, &Seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
Alg, Seq, pAd->ApCfg.MBSSID[apidx].wdev.AuthMode));
}
}
static VOID APPeerAuthReqAtIdleAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
int i;
USHORT Seq, Alg, RspReason, Status;
UCHAR Addr1[MAC_ADDR_LEN];
UCHAR Addr2[MAC_ADDR_LEN];
CHAR Chtxt[CIPHER_TEXT_LEN];
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
if (! APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr1,
Addr2, &Alg, &Seq, &Status, Chtxt
))
return;
/* Find which MBSSID to be authenticate */
for (apidx=0; apidx<pAd->ApCfg.BssidNum; apidx++)
{
if (RTMPEqualMemory(Addr1, pAd->ApCfg.MBSSID[apidx].Bssid, MAC_ADDR_LEN))
break;
}
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
if ((pAd->ApCfg.MBSSID[apidx].MSSIDDev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(pAd->ApCfg.MBSSID[apidx].MSSIDDev)))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
} /* End of if */
pEntry = MacTableLookup(pAd, Addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
if (!RTMPEqualMemory(Addr1, pAd->ApCfg.MBSSID[pEntry->apidx].Bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->Aid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, Seq, Alg, Status, Elem->Wcid, PRINT_MAC(Addr2)));
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, Addr2, apidx))
{
ASSERT(Seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, Addr2, apidx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((Alg == AUTH_MODE_OPEN) &&
(pAd->ApCfg.MBSSID[apidx].AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((Alg == AUTH_MODE_KEY) &&
((pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeShared)
|| (pAd->ApCfg.MBSSID[apidx].AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, Addr2, apidx, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, Addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
Seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2,
pAd->ApCfg.MBSSID[apidx].Bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &Alg,
2, &Seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, Alg, Seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
Alg, Seq, pAd->ApCfg.MBSSID[apidx].AuthMode));
}
}
static VOID APPeerAuthReqAtIdleAction(RTMP_ADAPTER *pAd, MLME_QUEUE_ELEM *Elem)
{
INT i;
USHORT RspReason;
AUTH_FRAME_INFO auth_info;
UINT32 apidx;
PHEADER_802_11 pRcvHdr;
HEADER_802_11 AuthHdr;
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
MAC_TABLE_ENTRY *pEntry;
STA_TR_ENTRY *tr_entry;
UCHAR ChTxtIe = 16, ChTxtLen = CIPHER_TEXT_LEN;
BSS_STRUCT *pMbss;
struct wifi_dev *wdev;
if (pAd->ApCfg.BANClass3Data == TRUE)
{
DBGPRINT(RT_DEBUG_TRACE, ("Disallow new Association\n"));
return;
}
if (!APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, &auth_info))
return;
/* Find which MBSSID to be authenticate */
apidx = get_apidx_by_addr(pAd, auth_info.addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
pMbss = &pAd->ApCfg.MBSSID[apidx];
wdev = &pMbss->wdev;
ASSERT((wdev->func_idx == apidx));
if ((wdev->if_dev == NULL) || ((wdev->if_dev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(wdev->if_dev))))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
}
pEntry = MacTableLookup(pAd, auth_info.addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
tr_entry = &pAd->MacTab.tr_entry[pEntry->wcid];
#ifdef DOT11W_PMF_SUPPORT
if ((CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
&& (tr_entry->PortSecured == WPA_802_1X_PORT_SECURED))
goto SendAuth;
#endif /* DOT11W_PMF_SUPPORT */
if (!RTMPEqualMemory(auth_info.addr1, pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->wcid);
#endif /* DOT11_N_SUPPORT */
ASSERT(pEntry->Aid == Elem->Wcid);
}
}
#ifdef DOT11W_PMF_SUPPORT
SendAuth:
#endif /* DOT11W_PMF_SUPPORT */
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, auth_info.auth_seq, auth_info.auth_alg,
auth_info.auth_status, Elem->Wcid,
PRINT_MAC(auth_info.addr2)));
#ifdef WSC_V2_SUPPORT
/* Do not check ACL when WPS V2 is enabled and ACL policy is positive. */
if ((pMbss->WscControl.WscConfMode != WSC_DISABLE) &&
(pMbss->WscControl.WscV2Info.bEnableWpsV2) &&
(pMbss->WscControl.WscV2Info.bWpsEnable) &&
(pMbss->AccessControlList.Policy == 1))
;
else
#endif /* WSC_V2_SUPPORT */
/* fail in ACL checking => send an AUTH-Fail seq#2. */
if (! ApCheckAccessControlList(pAd, auth_info.addr2, apidx))
{
ASSERT(auth_info.auth_seq == 1);
ASSERT(pEntry == NULL);
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
RTMPSendWirelessEvent(pAd, IW_MAC_FILTER_LIST_EVENT_FLAG, auth_info.addr2, wdev->wdev_idx, 0);
DBGPRINT(RT_DEBUG_TRACE,
("Failed in ACL checking => send an AUTH seq#2 with "
"Status code = %d\n", MLME_UNSPECIFY_FAIL));
return;
}
if ((auth_info.auth_alg == AUTH_MODE_OPEN) &&
(pMbss->wdev.AuthMode != Ndis802_11AuthModeShared))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, auth_info.addr2, wdev, ENTRY_CLIENT, OPMODE_AP, TRUE);
if (pEntry)
{
tr_entry = &pAd->MacTab.tr_entry[pEntry->wcid];
#ifdef DOT11W_PMF_SUPPORT
if (!(CLIENT_STATUS_TEST_FLAG(pEntry, fCLIENT_STATUS_PMF_CAPABLE))
|| (tr_entry->PortSecured != WPA_802_1X_PORT_SECURED))
#endif /* DOT11W_PMF_SUPPORT */
{
pEntry->AuthState = AS_AUTH_OPEN;
pEntry->Sst = SST_AUTH; /* what if it already in SST_ASSOC ??????? */
}
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_SUCCESS);
}
else
; /* MAC table full, what should we respond ????? */
}
else if ((auth_info.auth_alg == AUTH_MODE_KEY) &&
((wdev->AuthMode == Ndis802_11AuthModeShared)
|| (wdev->AuthMode == Ndis802_11AuthModeAutoSwitch)))
{
if (!pEntry)
pEntry = MacTableInsertEntry(pAd, auth_info.addr2, wdev, ENTRY_CLIENT, OPMODE_AP, TRUE);
if (pEntry)
{
pEntry->AuthState = AS_AUTHENTICATING;
pEntry->Sst = SST_NOT_AUTH; /* what if it already in SST_ASSOC ??????? */
/* log this STA in AuthRspAux machine, only one STA is stored. If two STAs using */
/* SHARED_KEY authentication mingled together, then the late comer will win. */
COPY_MAC_ADDR(&pAd->ApMlmeAux.Addr, auth_info.addr2);
for(i=0; i<CIPHER_TEXT_LEN; i++)
pAd->ApMlmeAux.Challenge[i] = RandomByte(pAd);
RspReason = 0;
auth_info.auth_seq++;
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if(NStatus != NDIS_STATUS_SUCCESS)
return; /* if no memory, can't do anything */
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH seq#2 (Challenge)\n"));
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, auth_info.addr2,
wdev->if_addr,
wdev->bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &AuthHdr,
2, &auth_info.auth_alg,
2, &auth_info.auth_seq,
2, &RspReason,
1, &ChTxtIe,
1, &ChTxtLen,
CIPHER_TEXT_LEN, pAd->ApMlmeAux.Challenge,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
else
; /* MAC table full, what should we respond ???? */
}
else
{
/* wrong algorithm */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_ALG_NOT_SUPPORT);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Alg=%d, Seq=%d, AuthMode=%d\n",
auth_info.auth_alg, auth_info.auth_seq, pAd->ApCfg.MBSSID[apidx].wdev.AuthMode));
}
}
static VOID APPeerDeauthReqAction(
IN PRTMP_ADAPTER pAd,
IN PMLME_QUEUE_ELEM Elem)
{
UCHAR Addr2[MAC_ADDR_LEN];
USHORT Reason;
UINT16 SeqNum;
MAC_TABLE_ENTRY *pEntry;
if (! PeerDeauthReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &SeqNum, &Reason))
return;
pEntry = NULL;
/*pEntry = MacTableLookup(pAd, Addr2); */
if (Elem->Wcid < MAX_LEN_OF_MAC_TABLE) {
pEntry = &pAd->MacTab.Content[Elem->Wcid];
#ifdef DOT1X_SUPPORT
/* Notify 802.1x daemon to clear this sta info */
if (pEntry->AuthMode == Ndis802_11AuthModeWPA ||
pEntry->AuthMode == Ndis802_11AuthModeWPA2 ||
pAd->ApCfg.MBSSID[pEntry->apidx].IEEE8021X)
DOT1X_InternalCmdAction(pAd, pEntry, DOT1X_DISCONNECT_ENTRY);
#endif /* DOT1X_SUPPORT */
#ifdef WAPI_SUPPORT
WAPI_InternalCmdAction(pAd,
pEntry->AuthMode,
pEntry->apidx,
pEntry->Addr,
WAI_MLME_DISCONNECT);
#endif /* WAPI_SUPPORT */
/* send wireless event - for deauthentication */
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, Addr2, 0, 0);
ApLogEvent(pAd, Addr2, EVENT_DISASSOCIATED);
if (pEntry->CMTimerRunning == TRUE)
{
/*
If one who initilized Counter Measure deauth itself,
AP doesn't log the MICFailTime
*/
pAd->ApCfg.aMICFailTime = pAd->ApCfg.PrevaMICFailTime;
}
MacTableDeleteEntry(pAd, Elem->Wcid, Addr2);
DBGPRINT(RT_DEBUG_TRACE, //
("AUTH - receive DE-AUTH(seq-%d) from "
"%02x:%02x:%02x:%02x:%02x:%02x, reason=%d\n", SeqNum,
Addr2[0], Addr2[1], Addr2[2], Addr2[3], Addr2[4], Addr2[5], Reason));
#ifdef MAC_REPEATER_SUPPORT
if (pAd->ApCfg.bMACRepeaterEn == TRUE)
{
UCHAR apCliIdx, CliIdx;
REPEATER_CLIENT_ENTRY *pReptEntry = NULL;
pReptEntry = RTMPLookupRepeaterCliEntry(pAd, TRUE, Addr2);
if (pReptEntry && (pReptEntry->CliConnectState != 0))
{
apCliIdx = pReptEntry->MatchApCliIdx;
CliIdx = pReptEntry->MatchLinkIdx;
MlmeEnqueue(pAd, APCLI_CTRL_STATE_MACHINE, APCLI_CTRL_DISCONNECT_REQ, 0, NULL,
(64 + MAX_EXT_MAC_ADDR_SIZE*apCliIdx + CliIdx));
RTMP_MLME_HANDLER(pAd);
RTMPRemoveRepeaterEntry(pAd, apCliIdx, CliIdx);
}
}
#endif /* MAC_REPEATER_SUPPORT */
}
}
static VOID APPeerAuthConfirmAction(
IN PRTMP_ADAPTER pAd,
IN MLME_QUEUE_ELEM *Elem)
{
AUTH_FRAME_INFO auth_info;
PHEADER_802_11 pRcvHdr;
MAC_TABLE_ENTRY *pEntry;
UINT32 apidx;
if (!APPeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, &auth_info))
return;
apidx = get_apidx_by_addr(pAd, auth_info.addr1);
if (apidx >= pAd->ApCfg.BssidNum)
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid not found\n"));
return;
}
if ((pAd->ApCfg.MBSSID[apidx].wdev.if_dev != NULL) &&
!(RTMP_OS_NETDEV_STATE_RUNNING(pAd->ApCfg.MBSSID[apidx].wdev.if_dev)))
{
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Bssid IF didn't up yet.\n"));
return;
} /* End of if */
if (Elem->Wcid >= MAX_LEN_OF_MAC_TABLE)
{
DBGPRINT(RT_DEBUG_ERROR, ("AUTH - Invalid wcid (%d).\n", Elem->Wcid));
return;
}
pEntry = &pAd->MacTab.Content[Elem->Wcid];
if (pEntry && IS_ENTRY_CLIENT(pEntry))
{
if (!RTMPEqualMemory(auth_info.addr1, pAd->ApCfg.MBSSID[pEntry->func_tb_idx].wdev.bssid, MAC_ADDR_LEN))
{
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
pEntry = NULL;
DBGPRINT(RT_DEBUG_WARN, ("AUTH - Bssid does not match\n"));
}
else
{
if (pEntry->bIAmBadAtheros == TRUE)
{
AsicUpdateProtect(pAd, 8, ALLN_SETPROTECT, FALSE, FALSE);
DBGPRINT(RT_DEBUG_TRACE, ("Atheros Problem. Turn on RTS/CTS!!!\n"));
pEntry->bIAmBadAtheros = FALSE;
}
ASSERT(pEntry->Aid == Elem->Wcid);
#ifdef DOT11_N_SUPPORT
BASessionTearDownALL(pAd, pEntry->wcid);
#endif /* DOT11_N_SUPPORT */
}
}
pRcvHdr = (PHEADER_802_11)(Elem->Msg);
DBGPRINT(RT_DEBUG_TRACE,
("AUTH - MBSS(%d), Rcv AUTH seq#%d, Alg=%d, Status=%d from "
"[wcid=%d]%02x:%02x:%02x:%02x:%02x:%02x\n",
apidx, auth_info.auth_seq, auth_info.auth_alg,
auth_info.auth_status, Elem->Wcid,
PRINT_MAC(auth_info.addr2)));
if (pEntry && MAC_ADDR_EQUAL(auth_info.addr2, pAd->ApMlmeAux.Addr))
{
if ((pRcvHdr->FC.Wep == 1) &&
NdisEqualMemory(auth_info.Chtxt, pAd->ApMlmeAux.Challenge, CIPHER_TEXT_LEN))
{
/* Successful */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_SUCCESS);
pEntry->AuthState = AS_AUTH_KEY;
pEntry->Sst = SST_AUTH;
}
else
{
/* send wireless event - Authentication rejected because of challenge failure */
RTMPSendWirelessEvent(pAd, IW_AUTH_REJECT_CHALLENGE_FAILURE, pEntry->Addr, 0, 0);
/* fail - wep bit is not set or challenge text is not equal */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg,
auth_info.auth_seq + 1,
MLME_REJ_CHALLENGE_FAILURE);
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
/*Chtxt[127]='\0'; */
/*pAd->ApMlmeAux.Challenge[127]='\0'; */
DBGPRINT(RT_DEBUG_TRACE, ("%s\n",
((pRcvHdr->FC.Wep == 1) ? "challenge text is not equal" : "wep bit is not set")));
/*DBGPRINT(RT_DEBUG_TRACE, ("Sent Challenge = %s\n",&pAd->ApMlmeAux.Challenge[100])); */
/*DBGPRINT(RT_DEBUG_TRACE, ("Rcv Challenge = %s\n",&Chtxt[100])); */
}
}
else
{
/* fail for unknown reason. most likely is AuthRspAux machine be overwritten by another */
/* STA also using SHARED_KEY authentication */
APPeerAuthSimpleRspGenAndSend(pAd, pRcvHdr, auth_info.auth_alg, auth_info.auth_seq + 1, MLME_UNSPECIFY_FAIL);
/* If this STA exists, delete it. */
if (pEntry)
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
}
}
/*
==========================================================================
Description:
IRQL = DISPATCH_LEVEL
==========================================================================
*/
VOID PeerDeauthAction(
IN PRTMP_ADAPTER pAd,
IN PMLME_QUEUE_ELEM Elem)
{
UCHAR Addr1[MAC_ADDR_LEN];
UCHAR Addr2[MAC_ADDR_LEN];
UCHAR Addr3[MAC_ADDR_LEN];
USHORT Reason;
BOOLEAN bDoIterate = FALSE;
if (PeerDeauthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr1, Addr2, Addr3, &Reason))
{
if (INFRA_ON(pAd)
&& (MAC_ADDR_EQUAL(Addr1, pAd->CurrentAddress) || MAC_ADDR_EQUAL(Addr1, BROADCAST_ADDR))
&& MAC_ADDR_EQUAL(Addr2, pAd->CommonCfg.Bssid)
&& MAC_ADDR_EQUAL(Addr3, pAd->CommonCfg.Bssid)
)
{
DBGPRINT(RT_DEBUG_TRACE,("AUTH_RSP - receive DE-AUTH from our AP (Reason=%d)\n", Reason));
if (Reason == REASON_4_WAY_TIMEOUT)
RTMPSendWirelessEvent(pAd, IW_PAIRWISE_HS_TIMEOUT_EVENT_FLAG, NULL, 0, 0);
if (Reason == REASON_GROUP_KEY_HS_TIMEOUT)
RTMPSendWirelessEvent(pAd, IW_GROUP_HS_TIMEOUT_EVENT_FLAG, NULL, 0, 0);
#ifdef WAPI_SUPPORT
WAPI_InternalCmdAction(pAd,
pAd->StaCfg.AuthMode,
BSS0,
Addr2,
WAI_MLME_DISCONNECT);
#endif // WAPI_SUPPORT //
#ifdef NATIVE_WPA_SUPPLICANT_SUPPORT
RtmpOSWrielessEventSend(pAd->net_dev, RT_WLAN_EVENT_CGIWAP, -1, NULL, NULL, 0);
#endif // NATIVE_WPA_SUPPLICANT_SUPPORT //
// send wireless event - for deauthentication
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, NULL, BSS0, 0);
#ifdef WPA_SUPPLICANT_SUPPORT
if ((pAd->StaCfg.WpaSupplicantUP != WPA_SUPPLICANT_DISABLE) &&
(pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) &&
(pAd->StaCfg.PortSecured == WPA_802_1X_PORT_SECURED))
pAd->StaCfg.bLostAp = TRUE;
#endif // WPA_SUPPLICANT_SUPPORT //
/*
Some customer would set AP1 & AP2 same SSID, AuthMode & EncrypType but different WPAPSK,
therefore we need to do iterate here.
*/
if ((pAd->StaCfg.PortSecured == WPA_802_1X_PORT_NOT_SECURED)
&& ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) || (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK))
#ifdef WSC_STA_SUPPORT
&& (pAd->StaCfg.WscControl.WscState < WSC_STATE_LINK_UP)
#endif // WSC_STA_SUPPORT //
)
bDoIterate = TRUE;
LinkDown(pAd, TRUE);
if (bDoIterate)
{
pAd->MlmeAux.BssIdx++;
IterateOnBssTab(pAd);
}
}
#ifdef ADHOC_WPA2PSK_SUPPORT
else if (ADHOC_ON(pAd)
&& (MAC_ADDR_EQUAL(Addr1, pAd->CurrentAddress) || MAC_ADDR_EQUAL(Addr1, BROADCAST_ADDR)))
{
MAC_TABLE_ENTRY *pEntry;
pEntry = MacTableLookup(pAd, Addr2);
if (pEntry && IS_ENTRY_CLIENT(pEntry))
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
DBGPRINT(RT_DEBUG_TRACE,("AUTH_RSP - receive DE-AUTH from %02x:%02x:%02x:%02x:%02x:%02x \n", PRINT_MAC(Addr2)));
}
#endif // ADHOC_WPA2PSK_SUPPORT //
}
else
{
DBGPRINT(RT_DEBUG_TRACE,("AUTH_RSP - PeerDeauthAction() sanity check fail\n"));
}
}
/*
========================================================================
Routine Description:
Handle a alarm.
Arguments:
pAd - WLAN control block pointer
Return Value:
None
Note:
You can use different methods to handle QBSS Load alarm here.
Current methods are:
1. Change 20/40 to 20-only.
2. Change channel to the clear channel.
========================================================================
*/
static VOID QBSS_LoadAlarm(
IN RTMP_ADAPTER *pAd)
{
/* suspend alarm until channel switch */
QBSS_LoadAlarmSuspend(pAd);
pAd->QloadAlarmNumber ++;
/* check if we have already been 20M bandwidth */
#ifdef DOT11_N_SUPPORT
#ifdef DOT11N_DRAFT3
if ((pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset != 0) &&
(pAd->CommonCfg.AddHTInfo.AddHtInfo.RecomWidth != 0))
{
MAC_TABLE *pMacTable;
UINT32 StaId;
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Change to 20 bw...\n"));
/* disassociate stations without D3 2040Coexistence function */
pMacTable = &pAd->MacTab;
for(StaId=1; StaId<MAX_LEN_OF_MAC_TABLE; StaId++)
{
MAC_TABLE_ENTRY *pEntry = &pMacTable->Content[StaId];
BOOLEAN bDisconnectSta = FALSE;
if (!IS_ENTRY_CLIENT(pEntry))
continue;
/* End of if */
if (pEntry->Sst != SST_ASSOC)
continue;
/* End of if */
if (pEntry->BSS2040CoexistenceMgmtSupport)
bDisconnectSta = TRUE;
/* End of if */
if (bDisconnectSta)
{
/* send wireless event - for ageout */
RTMPSendWirelessEvent(pAd, IW_AGEOUT_EVENT_FLAG, pEntry->Addr, 0, 0);
{
PUCHAR pOutBuffer = NULL;
NDIS_STATUS NStatus;
ULONG FrameLen = 0;
HEADER_802_11 DeAuthHdr;
USHORT Reason;
/* send out a DISASSOC request frame */
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
if (NStatus != NDIS_STATUS_SUCCESS)
{
DBGPRINT(RT_DEBUG_TRACE, (" MlmeAllocateMemory fail ..\n"));
/*NdisReleaseSpinLock(&pAd->MacTabLock); */
continue;
}
Reason = REASON_DEAUTH_STA_LEAVING;
MgtMacHeaderInit(pAd, &DeAuthHdr, SUBTYPE_DEAUTH, 0,
pEntry->Addr,
#ifdef P2P_SUPPORT
pAd->ApCfg.MBSSID[pEntry->apidx].Bssid,
#endif /* P2P_SUPPORT */
pAd->ApCfg.MBSSID[pEntry->apidx].Bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &DeAuthHdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
MlmeFreeMemory(pAd, pOutBuffer);
}
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Deauth the station "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
pEntry->Addr[0], pEntry->Addr[1],
pEntry->Addr[2], pEntry->Addr[3],
pEntry->Addr[4], pEntry->Addr[5]));
MacTableDeleteEntry(pAd, pEntry->Aid, pEntry->Addr);
continue;
} /* End of if */
} /* End of for */
/* for 11n */
pAd->CommonCfg.AddHTInfo.AddHtInfo.RecomWidth = 0;
pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset = 0;
/* always 20M */
pAd->CommonCfg.RegTransmitSetting.field.BW = BW_20;
/* mark alarm flag */
pAd->FlgQloadAlarm = TRUE;
QBSS_LoadAlarmResume(pAd);
}
else
#endif /* DOT11N_DRAFT3 */
#endif /* DOT11_N_SUPPORT */
{
/* we are in 20MHz bandwidth so try to switch channel */
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Switch channel...\n"));
/* send command to switch channel */
RTEnqueueInternalCmd(pAd, CMDTHREAD_CHAN_RESCAN, NULL, 0);
} /* End of if */
} /* End of QBSS_LoadAlarm */
/*
========================================================================
Routine Description:
Handle a alarm.
Arguments:
pAd - WLAN control block pointer
Return Value:
None
Note:
You can use different methods to handle QBSS Load alarm here.
Current methods are:
1. Change 20/40 to 20-only.
2. Change channel to the clear channel.
========================================================================
*/
static VOID QBSS_LoadAlarm(
IN struct rtmp_adapter *pAd)
{
/* suspend alarm until channel switch */
QBSS_LoadAlarmSuspend(pAd);
pAd->QloadAlarmNumber ++;
/* check if we have already been 20M bandwidth */
if ((pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset != 0) &&
(pAd->CommonCfg.AddHTInfo.AddHtInfo.RecomWidth != 0))
{
struct mt7612u_mac_table *pMacTable;
uint32_t StaId;
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Change to 20 bw...\n"));
/* disassociate stations without D3 2040Coexistence function */
pMacTable = &pAd->MacTab;
for(StaId=1; StaId<MAX_LEN_OF_MAC_TABLE; StaId++)
{
MAC_TABLE_ENTRY *pEntry = &pMacTable->Content[StaId];
bool bDisconnectSta = false;
if (!IS_ENTRY_CLIENT(pEntry))
continue;
if (pEntry->Sst != SST_ASSOC)
continue;
if (pEntry->BSS2040CoexistenceMgmtSupport)
bDisconnectSta = true;
if (bDisconnectSta)
{
/* send wireless event - for ageout */
RTMPSendWirelessEvent(pAd, IW_AGEOUT_EVENT_FLAG, pEntry->Addr, 0, 0);
{
u8 *pOutBuffer = NULL;
int NStatus;
ULONG FrameLen = 0;
HEADER_802_11 DeAuthHdr;
unsigned short Reason;
/* send out a DISASSOC request frame */
pOutBuffer = kmalloc(MGMT_DMA_BUFFER_SIZE, GFP_ATOMIC);
if (pOutBuffer == NULL)
{
DBGPRINT(RT_DEBUG_TRACE, (" kmalloc fail ..\n"));
/*NdisReleaseSpinLock(&pAd->MacTabLock); */
continue;
}
Reason = REASON_DEAUTH_STA_LEAVING;
MgtMacHeaderInit(pAd, &DeAuthHdr, SUBTYPE_DEAUTH, 0,
pEntry->Addr,
pAd->ApCfg.MBSSID[pEntry->apidx].wdev.if_addr,
pAd->ApCfg.MBSSID[pEntry->apidx].wdev.bssid);
MakeOutgoingFrame(pOutBuffer, &FrameLen,
sizeof(HEADER_802_11), &DeAuthHdr,
2, &Reason,
END_OF_ARGS);
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
kfree(pOutBuffer);
}
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Deauth the station "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
PRINT_MAC(pEntry->Addr)));
MacTableDeleteEntry(pAd, pEntry->wcid, pEntry->Addr);
continue;
}
}
/* for 11n */
pAd->CommonCfg.AddHTInfo.AddHtInfo.RecomWidth = 0;
pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset = 0;
/* always 20M */
pAd->CommonCfg.RegTransmitSetting.field.BW = BW_20;
/* mark alarm flag */
pAd->FlgQloadAlarm = true;
QBSS_LoadAlarmResume(pAd);
}
else
{
/* we are in 20MHz bandwidth so try to switch channel */
DBGPRINT(RT_DEBUG_TRACE, ("qbss> Alarm! Switch channel...\n"));
/* send command to switch channel */
RTEnqueueInternalCmd(pAd, CMDTHREAD_CHAN_RESCAN, NULL, 0);
}
}
