/**
* wpa_eapol_key_send - Send WPA/RSN EAPOL-Key message
* @sm: Pointer to WPA state machine data from wpa_sm_init()
* @kck: Key Confirmation Key (KCK, part of PTK)
* @ver: Version field from Key Info
* @dest: Destination address for the frame
* @proto: Ethertype (usually ETH_P_EAPOL)
* @msg: EAPOL-Key message
* @msg_len: Length of message
* @key_mic: Pointer to the buffer to which the EAPOL-Key MIC is written
*/
void wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck,
int ver, const u8 *dest, u16 proto,
u8 *msg, size_t msg_len, u8 *key_mic)
{
if (is_zero_ether_addr(dest) && is_zero_ether_addr(sm->bssid)) {
/*
* Association event was not yet received; try to fetch
* BSSID from the driver.
*/
if (wpa_sm_get_bssid(sm, sm->bssid) < 0) {
wpa_printf(MSG_DEBUG, "WPA: Failed to read BSSID for "
"EAPOL-Key destination address");
} else {
dest = sm->bssid;
wpa_printf(MSG_DEBUG, "WPA: Use BSSID (" MACSTR
") as the destination for EAPOL-Key",
MAC2STR(dest));
}
}
if (key_mic &&
wpa_eapol_key_mic(kck, ver, msg, msg_len, key_mic)) {
wpa_printf(MSG_ERROR, "WPA: Failed to generate EAPOL-Key "
"version %d MIC", ver);
goto out;
}
wpa_hexdump(MSG_MSGDUMP, "WPA: TX EAPOL-Key", msg, msg_len);
wpa_sm_ether_send(sm, dest, proto, msg, msg_len);
eapol_sm_notify_tx_eapol_key(sm->eapol);
out:
os_free(msg);
}
int ccx_send_report (void *ctx)
{
struct wpa_supplicant *wpa_s = ctx;
u8 data[128];
struct os_time t;
u32 length;
struct ccx_report *rep = (struct ccx_report *)data;
struct ccx_apinfo *apinfo = &wpa_s->apinfo;
os_memcpy(rep->aironet_snap, aironet_snap, sizeof(aironet_snap));
rep->type = 0x30; // REPORT FRAME
rep->function_type = 0x00;
os_memcpy(rep->destination, wpa_s->bssid, ETH_ALEN);
os_memcpy(rep->source, wpa_s->own_addr, ETH_ALEN);
WPA_PUT_BE16(rep->tlv_tag, 0x009b);
os_memcpy(rep->aironet_oui, aironet_oui, sizeof(aironet_oui));
os_memcpy(rep->bssid, apinfo->bssid, ETH_ALEN);
WPA_PUT_BE16(rep->channel, apinfo->channel);
WPA_PUT_BE16(rep->ssid_len, apinfo->ssid_len);
length = sizeof(struct ccx_report);
os_memcpy(&data[length], apinfo->ssid, apinfo->ssid_len);
length += apinfo->ssid_len;
os_get_time(&t);
if (apinfo->disconnect_time)
WPA_PUT_BE16(&data[length], (t.sec - apinfo->disconnect_time));
else
WPA_PUT_BE16(&data[length], 0);
length += 2;
WPA_PUT_BE16(rep->tlv_len, (apinfo->ssid_len + 16));
WPA_PUT_BE16(rep->length, (length - sizeof(aironet_snap)));
wpa_sm_ether_send(wpa_s->wpa, wpa_s->bssid, 0, data, length);
wpa_hexdump(MSG_DEBUG, "CCX REPORT", data, length);
return 0;
}
static int wpa_supplicant_get_pmk(struct wpa_sm *sm,
const unsigned char *src_addr,
const u8 *pmkid)
{
int abort_cached = 0;
if (pmkid && !sm->cur_pmksa) {
/* When using drivers that generate RSN IE, wpa_supplicant may
* not have enough time to get the association information
* event before receiving this 1/4 message, so try to find a
* matching PMKSA cache entry here. */
sm->cur_pmksa = pmksa_cache_get(sm->pmksa, src_addr, pmkid);
if (sm->cur_pmksa) {
wpa_printf(MSG_DEBUG, "RSN: found matching PMKID from "
"PMKSA cache");
} else {
wpa_printf(MSG_DEBUG, "RSN: no matching PMKID found");
abort_cached = 1;
}
}
if (pmkid && sm->cur_pmksa &&
os_memcmp(pmkid, sm->cur_pmksa->pmkid, PMKID_LEN) == 0) {
wpa_hexdump(MSG_DEBUG, "RSN: matched PMKID", pmkid, PMKID_LEN);
wpa_sm_set_pmk_from_pmksa(sm);
wpa_hexdump_key(MSG_DEBUG, "RSN: PMK from PMKSA cache",
sm->pmk, sm->pmk_len);
eapol_sm_notify_cached(sm->eapol);
#ifdef CONFIG_IEEE80211R
sm->xxkey_len = 0;
#endif /* CONFIG_IEEE80211R */
} else if (wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt) && sm->eapol) {
int res, pmk_len;
pmk_len = PMK_LEN;
res = eapol_sm_get_key(sm->eapol, sm->pmk, PMK_LEN);
if (res) {
/*
* EAP-LEAP is an exception from other EAP methods: it
* uses only 16-byte PMK.
*/
res = eapol_sm_get_key(sm->eapol, sm->pmk, 16);
pmk_len = 16;
} else {
#ifdef CONFIG_IEEE80211R
u8 buf[2 * PMK_LEN];
if (eapol_sm_get_key(sm->eapol, buf, 2 * PMK_LEN) == 0)
{
os_memcpy(sm->xxkey, buf + PMK_LEN, PMK_LEN);
sm->xxkey_len = PMK_LEN;
os_memset(buf, 0, sizeof(buf));
}
#endif /* CONFIG_IEEE80211R */
}
if (res == 0) {
wpa_hexdump_key(MSG_DEBUG, "WPA: PMK from EAPOL state "
"machines", sm->pmk, pmk_len);
sm->pmk_len = pmk_len;
if (sm->proto == WPA_PROTO_RSN) {
pmksa_cache_add(sm->pmksa, sm->pmk, pmk_len,
src_addr, sm->own_addr,
sm->network_ctx, sm->key_mgmt);
}
if (!sm->cur_pmksa && pmkid &&
pmksa_cache_get(sm->pmksa, src_addr, pmkid)) {
wpa_printf(MSG_DEBUG, "RSN: the new PMK "
"matches with the PMKID");
abort_cached = 0;
}
} else {
wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"WPA: Failed to get master session key from "
"EAPOL state machines");
wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"WPA: Key handshake aborted");
if (sm->cur_pmksa) {
wpa_printf(MSG_DEBUG, "RSN: Cancelled PMKSA "
"caching attempt");
sm->cur_pmksa = NULL;
abort_cached = 1;
} else if (!abort_cached) {
return -1;
}
}
}
if (abort_cached && wpa_key_mgmt_wpa_ieee8021x(sm->key_mgmt)) {
/* Send EAPOL-Start to trigger full EAP authentication. */
u8 *buf;
size_t buflen;
wpa_printf(MSG_DEBUG, "RSN: no PMKSA entry found - trigger "
"full EAP authentication");
buf = wpa_sm_alloc_eapol(sm, IEEE802_1X_TYPE_EAPOL_START,
NULL, 0, &buflen, NULL);
if (buf) {
wpa_sm_ether_send(sm, sm->bssid, ETH_P_EAPOL,
buf, buflen);
os_free(buf);
return -2;
}
return -1;
}
return 0;
}
