2 * wpa_supplicant - TDLS
3 * Copyright (c) 2010-2011, Atheros Communications
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
15 #include "utils/includes.h"
17 #include "utils/common.h"
18 #include "utils/eloop.h"
20 #include "common/ieee802_11_defs.h"
21 #include "crypto/sha256.h"
22 #include "crypto/crypto.h"
23 #include "crypto/aes_wrap.h"
24 #include "rsn_supp/wpa.h"
25 #include "rsn_supp/wpa_ie.h"
26 #include "rsn_supp/wpa_i.h"
27 #include "drivers/driver.h"
28 #include "l2_packet/l2_packet.h"
30 #ifdef CONFIG_TDLS_TESTING
31 #define TDLS_TESTING_LONG_FRAME BIT(0)
32 #define TDLS_TESTING_ALT_RSN_IE BIT(1)
33 #define TDLS_TESTING_DIFF_BSSID BIT(2)
34 #define TDLS_TESTING_SHORT_LIFETIME BIT(3)
35 #define TDLS_TESTING_WRONG_LIFETIME_RESP BIT(4)
36 #define TDLS_TESTING_WRONG_LIFETIME_CONF BIT(5)
37 #define TDLS_TESTING_LONG_LIFETIME BIT(6)
38 #define TDLS_TESTING_CONCURRENT_INIT BIT(7)
39 #define TDLS_TESTING_NO_TPK_EXPIRATION BIT(8)
40 #define TDLS_TESTING_DECLINE_RESP BIT(9)
41 unsigned int tdls_testing = 0;
42 #endif /* CONFIG_TDLS_TESTING */
44 #define TPK_LIFETIME 43200 /* 12 hours */
45 #define TPK_RETRY_COUNT 3
46 #define TPK_TIMEOUT 5000 /* in milliseconds */
48 #define TDLS_MIC_LEN 16
50 #define TDLS_TIMEOUT_LEN 4
52 struct wpa_tdls_ftie {
53 u8 ie_type; /* FTIE */
57 u8 Anonce[WPA_NONCE_LEN]; /* Responder Nonce in TDLS */
58 u8 Snonce[WPA_NONCE_LEN]; /* Initiator Nonce in TDLS */
59 /* followed by optional elements */
62 struct wpa_tdls_timeoutie {
63 u8 ie_type; /* Timeout IE */
66 u8 value[TDLS_TIMEOUT_LEN];
69 struct wpa_tdls_lnkid {
70 u8 ie_type; /* Link Identifier IE */
73 u8 init_sta[ETH_ALEN];
74 u8 resp_sta[ETH_ALEN];
77 /* TDLS frame headers as per IEEE Std 802.11z-2010 */
78 struct wpa_tdls_frame {
79 u8 payloadtype; /* IEEE80211_TDLS_RFTYPE */
80 u8 category; /* Category */
81 u8 action; /* Action (enum tdls_frame_type) */
84 static u8 * wpa_add_tdls_timeoutie(u8 *pos, u8 *ie, size_t ie_len, u32 tsecs);
85 static void wpa_tdls_tpk_retry_timeout(void *eloop_ctx, void *timeout_ctx);
86 static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer);
89 #define TDLS_MAX_IE_LEN 80
90 struct wpa_tdls_peer {
91 struct wpa_tdls_peer *next;
92 int initiator; /* whether this end was initiator for TDLS setup */
93 u8 addr[ETH_ALEN]; /* other end MAC address */
94 u8 inonce[WPA_NONCE_LEN]; /* Initiator Nonce */
95 u8 rnonce[WPA_NONCE_LEN]; /* Responder Nonce */
96 u8 rsnie_i[TDLS_MAX_IE_LEN]; /* Initiator RSN IE */
98 u8 rsnie_p[TDLS_MAX_IE_LEN]; /* Peer RSN IE */
101 int cipher; /* Selected cipher (WPA_CIPHER_*) */
105 u8 kck[16]; /* TPK-KCK */
106 u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */
113 int count; /* Retry Count */
114 int timer; /* Timeout in milliseconds */
115 u8 action_code; /* TDLS frame type */
118 int buf_len; /* length of TPK message for retransmission */
119 u8 *buf; /* buffer for TPK message */
124 static int wpa_tdls_get_privacy(struct wpa_sm *sm)
127 * Get info needed from supplicant to check if the current BSS supports
128 * security. Other than OPEN mode, rest are considered secured
129 * WEP/WPA/WPA2 hence TDLS frames are processed for TPK handshake.
131 return sm->pairwise_cipher != WPA_CIPHER_NONE;
135 static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len)
137 os_memcpy(pos, ie, ie_len);
142 static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
144 if (wpa_sm_set_key(sm, WPA_ALG_NONE, peer->addr,
145 0, 0, NULL, 0, NULL, 0) < 0) {
146 wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from "
155 static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
161 os_memset(rsc, 0, 6);
163 switch (peer->cipher) {
164 case WPA_CIPHER_CCMP:
168 case WPA_CIPHER_NONE:
169 wpa_printf(MSG_DEBUG, "TDLS: Pairwise Cipher Suite: "
170 "NONE - do not use pairwise keys");
173 wpa_printf(MSG_WARNING, "TDLS: Unsupported pairwise cipher %d",
174 sm->pairwise_cipher);
178 if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1,
179 rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) {
180 wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
188 static int wpa_tdls_send_tpk_msg(struct wpa_sm *sm, const u8 *dst,
189 u8 action_code, u8 dialog_token,
190 u16 status_code, const u8 *buf, size_t len)
192 return wpa_sm_send_tdls_mgmt(sm, dst, action_code, dialog_token,
193 status_code, buf, len);
197 static int wpa_tdls_tpk_send(struct wpa_sm *sm, const u8 *dest, u8 action_code,
198 u8 dialog_token, u16 status_code,
199 const u8 *msg, size_t msg_len)
201 struct wpa_tdls_peer *peer;
203 wpa_printf(MSG_DEBUG, "TDLS: TPK send dest=" MACSTR " action_code=%u "
204 "dialog_token=%u status_code=%u msg_len=%u",
205 MAC2STR(dest), action_code, dialog_token, status_code,
206 (unsigned int) msg_len);
208 if (wpa_tdls_send_tpk_msg(sm, dest, action_code, dialog_token,
209 status_code, msg, msg_len)) {
210 wpa_printf(MSG_INFO, "TDLS: Failed to send message "
211 "(action_code=%u)", action_code);
215 if (action_code == WLAN_TDLS_SETUP_CONFIRM ||
216 action_code == WLAN_TDLS_TEARDOWN)
217 return 0; /* No retries */
219 for (peer = sm->tdls; peer; peer = peer->next) {
220 if (os_memcmp(peer->addr, dest, ETH_ALEN) == 0)
225 wpa_printf(MSG_INFO, "TDLS: No matching entry found for "
226 "retry " MACSTR, MAC2STR(dest));
230 eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);
232 peer->sm_tmr.count = TPK_RETRY_COUNT;
233 peer->sm_tmr.timer = TPK_TIMEOUT;
235 /* Copy message to resend on timeout */
236 os_memcpy(peer->sm_tmr.dest, dest, ETH_ALEN);
237 peer->sm_tmr.action_code = action_code;
238 peer->sm_tmr.dialog_token = dialog_token;
239 peer->sm_tmr.status_code = status_code;
240 peer->sm_tmr.buf_len = msg_len;
241 os_free(peer->sm_tmr.buf);
242 peer->sm_tmr.buf = os_malloc(msg_len);
243 if (peer->sm_tmr.buf == NULL)
245 os_memcpy(peer->sm_tmr.buf, msg, msg_len);
247 wpa_printf(MSG_DEBUG, "TDLS: Retry timeout registered "
248 "(action_code=%u)", action_code);
249 eloop_register_timeout(peer->sm_tmr.timer / 1000, 0,
250 wpa_tdls_tpk_retry_timeout, sm, peer);
255 static void wpa_tdls_tpk_retry_timeout(void *eloop_ctx, void *timeout_ctx)
258 struct wpa_sm *sm = eloop_ctx;
259 struct wpa_tdls_peer *peer = timeout_ctx;
261 if (peer->sm_tmr.count) {
262 peer->sm_tmr.count--;
263 peer->sm_tmr.timer = TPK_TIMEOUT;
265 wpa_printf(MSG_INFO, "TDLS: Retrying sending of message "
267 peer->sm_tmr.action_code);
269 if (peer->sm_tmr.buf == NULL) {
270 wpa_printf(MSG_INFO, "TDLS: No retry buffer available "
271 "for action_code=%u",
272 peer->sm_tmr.action_code);
273 eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm,
278 /* resend TPK Handshake Message to Peer */
279 if (wpa_tdls_send_tpk_msg(sm, peer->sm_tmr.dest,
280 peer->sm_tmr.action_code,
281 peer->sm_tmr.dialog_token,
282 peer->sm_tmr.status_code,
284 peer->sm_tmr.buf_len)) {
285 wpa_printf(MSG_INFO, "TDLS: Failed to retry "
289 eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);
290 eloop_register_timeout(peer->sm_tmr.timer / 1000, 0,
291 wpa_tdls_tpk_retry_timeout, sm, peer);
293 wpa_printf(MSG_INFO, "Sending Tear_Down Request");
294 wpa_sm_tdls_oper(sm, TDLS_TEARDOWN, peer->addr);
296 wpa_printf(MSG_INFO, "Clearing SM: Peerkey(" MACSTR ")",
297 MAC2STR(peer->addr));
298 eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);
300 /* clear the Peerkey statemachine */
301 wpa_tdls_peer_free(sm, peer);
306 static void wpa_tdls_tpk_retry_timeout_cancel(struct wpa_sm *sm,
307 struct wpa_tdls_peer *peer,
310 if (action_code == peer->sm_tmr.action_code) {
311 wpa_printf(MSG_DEBUG, "TDLS: Retry timeout cancelled for "
312 "action_code=%u", action_code);
314 /* Cancel Timeout registered */
315 eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);
317 /* free all resources meant for retry */
318 os_free(peer->sm_tmr.buf);
319 peer->sm_tmr.buf = NULL;
321 peer->sm_tmr.count = 0;
322 peer->sm_tmr.timer = 0;
323 peer->sm_tmr.buf_len = 0;
324 peer->sm_tmr.action_code = 0xff;
326 wpa_printf(MSG_INFO, "TDLS: Error in cancelling retry timeout "
327 "(Unknown action_code=%u)", action_code);
332 static void wpa_tdls_generate_tpk(struct wpa_tdls_peer *peer,
333 const u8 *own_addr, const u8 *bssid)
335 u8 key_input[SHA256_MAC_LEN];
338 u8 data[3 * ETH_ALEN];
340 /* IEEE Std 802.11z-2010 8.5.9.1:
341 * TPK-Key-Input = SHA-256(min(SNonce, ANonce) || max(SNonce, ANonce))
343 len[0] = WPA_NONCE_LEN;
344 len[1] = WPA_NONCE_LEN;
345 if (os_memcmp(peer->inonce, peer->rnonce, WPA_NONCE_LEN) < 0) {
346 nonce[0] = peer->inonce;
347 nonce[1] = peer->rnonce;
349 nonce[0] = peer->rnonce;
350 nonce[1] = peer->inonce;
352 wpa_hexdump(MSG_DEBUG, "TDLS: min(Nonce)", nonce[0], WPA_NONCE_LEN);
353 wpa_hexdump(MSG_DEBUG, "TDLS: max(Nonce)", nonce[1], WPA_NONCE_LEN);
354 sha256_vector(2, nonce, len, key_input);
355 wpa_hexdump_key(MSG_DEBUG, "TDLS: TPK-Key-Input",
356 key_input, SHA256_MAC_LEN);
359 * TPK-Key-Data = KDF-N_KEY(TPK-Key-Input, "TDLS PMK",
360 * min(MAC_I, MAC_R) || max(MAC_I, MAC_R) || BSSID || N_KEY)
361 * TODO: is N_KEY really included in KDF Context and if so, in which
362 * presentation format (little endian 16-bit?) is it used? It gets
363 * added by the KDF anyway..
366 if (os_memcmp(own_addr, peer->addr, ETH_ALEN) < 0) {
367 os_memcpy(data, own_addr, ETH_ALEN);
368 os_memcpy(data + ETH_ALEN, peer->addr, ETH_ALEN);
370 os_memcpy(data, peer->addr, ETH_ALEN);
371 os_memcpy(data + ETH_ALEN, own_addr, ETH_ALEN);
373 os_memcpy(data + 2 * ETH_ALEN, bssid, ETH_ALEN);
374 wpa_hexdump(MSG_DEBUG, "TDLS: KDF Context", data, sizeof(data));
376 sha256_prf(key_input, SHA256_MAC_LEN, "TDLS PMK", data, sizeof(data),
377 (u8 *) &peer->tpk, sizeof(peer->tpk));
378 wpa_hexdump_key(MSG_DEBUG, "TDLS: TPK-KCK",
379 peer->tpk.kck, sizeof(peer->tpk.kck));
380 wpa_hexdump_key(MSG_DEBUG, "TDLS: TPK-TK",
381 peer->tpk.tk, sizeof(peer->tpk.tk));
387 * wpa_tdls_ftie_mic - Calculate TDLS FTIE MIC
389 * @lnkid: Pointer to the beginning of Link Identifier IE
390 * @rsnie: Pointer to the beginning of RSN IE used for handshake
391 * @timeoutie: Pointer to the beginning of Timeout IE used for handshake
392 * @ftie: Pointer to the beginning of FT IE
393 * @mic: Pointer for writing MIC
395 * Calculate MIC for TDLS frame.
397 static int wpa_tdls_ftie_mic(const u8 *kck, u8 trans_seq, const u8 *lnkid,
398 const u8 *rsnie, const u8 *timeoutie,
399 const u8 *ftie, u8 *mic)
402 struct wpa_tdls_ftie *_ftie;
403 const struct wpa_tdls_lnkid *_lnkid;
405 int len = 2 * ETH_ALEN + 1 + 2 + lnkid[1] + 2 + rsnie[1] +
406 2 + timeoutie[1] + 2 + ftie[1];
407 buf = os_zalloc(len);
409 wpa_printf(MSG_WARNING, "TDLS: No memory for MIC calculation");
414 _lnkid = (const struct wpa_tdls_lnkid *) lnkid;
415 /* 1) TDLS initiator STA MAC address */
416 os_memcpy(pos, _lnkid->init_sta, ETH_ALEN);
418 /* 2) TDLS responder STA MAC address */
419 os_memcpy(pos, _lnkid->resp_sta, ETH_ALEN);
421 /* 3) Transaction Sequence number */
423 /* 4) Link Identifier IE */
424 os_memcpy(pos, lnkid, 2 + lnkid[1]);
427 os_memcpy(pos, rsnie, 2 + rsnie[1]);
429 /* 6) Timeout Interval IE */
430 os_memcpy(pos, timeoutie, 2 + timeoutie[1]);
431 pos += 2 + timeoutie[1];
432 /* 7) FTIE, with the MIC field of the FTIE set to 0 */
433 os_memcpy(pos, ftie, 2 + ftie[1]);
434 _ftie = (struct wpa_tdls_ftie *) pos;
435 os_memset(_ftie->mic, 0, TDLS_MIC_LEN);
438 wpa_hexdump(MSG_DEBUG, "TDLS: Data for FTIE MIC", buf, pos - buf);
439 wpa_hexdump_key(MSG_DEBUG, "TDLS: KCK", kck, 16);
440 ret = omac1_aes_128(kck, buf, pos - buf, mic);
442 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE MIC", mic, 16);
448 * wpa_tdls_key_mic_teardown - Calculate TDLS FTIE MIC for Teardown frame
450 * @trans_seq: Transaction Sequence Number (4 - Teardown)
451 * @rcode: Reason code for Teardown
452 * @dtoken: Dialog Token used for that particular link
453 * @lnkid: Pointer to the beginning of Link Identifier IE
454 * @ftie: Pointer to the beginning of FT IE
455 * @mic: Pointer for writing MIC
457 * Calculate MIC for TDLS frame.
459 static int wpa_tdls_key_mic_teardown(const u8 *kck, u8 trans_seq, u16 rcode,
460 u8 dtoken, const u8 *lnkid,
461 const u8 *ftie, u8 *mic)
464 struct wpa_tdls_ftie *_ftie;
471 len = 2 + lnkid[1] + sizeof(rcode) + sizeof(dtoken) +
472 sizeof(trans_seq) + 2 + ftie[1];
474 buf = os_zalloc(len);
476 wpa_printf(MSG_WARNING, "TDLS: No memory for MIC calculation");
481 /* 1) Link Identifier IE */
482 os_memcpy(pos, lnkid, 2 + lnkid[1]);
485 WPA_PUT_LE16(pos, rcode);
486 pos += sizeof(rcode);
487 /* 3) Dialog token */
489 /* 4) Transaction Sequence number */
491 /* 7) FTIE, with the MIC field of the FTIE set to 0 */
492 os_memcpy(pos, ftie, 2 + ftie[1]);
493 _ftie = (struct wpa_tdls_ftie *) pos;
494 os_memset(_ftie->mic, 0, TDLS_MIC_LEN);
497 wpa_hexdump(MSG_DEBUG, "TDLS: Data for FTIE MIC", buf, pos - buf);
498 wpa_hexdump_key(MSG_DEBUG, "TDLS: KCK", kck, 16);
499 ret = omac1_aes_128(kck, buf, pos - buf, mic);
501 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE MIC", mic, 16);
506 static int wpa_supplicant_verify_tdls_mic(u8 trans_seq,
507 struct wpa_tdls_peer *peer,
508 const u8 *lnkid, const u8 *timeoutie,
509 const struct wpa_tdls_ftie *ftie)
514 wpa_tdls_ftie_mic(peer->tpk.kck, trans_seq, lnkid,
515 peer->rsnie_p, timeoutie, (u8 *) ftie,
517 if (os_memcmp(mic, ftie->mic, 16) != 0) {
518 wpa_printf(MSG_INFO, "TDLS: Invalid MIC in FTIE - "
520 wpa_hexdump(MSG_DEBUG, "TDLS: Received MIC",
522 wpa_hexdump(MSG_DEBUG, "TDLS: Calculated MIC",
527 wpa_printf(MSG_WARNING, "TDLS: Could not verify TDLS MIC, "
528 "TPK not set - dropping packet");
535 static int wpa_supplicant_verify_tdls_mic_teardown(
536 u8 trans_seq, u16 rcode, u8 dtoken, struct wpa_tdls_peer *peer,
537 const u8 *lnkid, const struct wpa_tdls_ftie *ftie)
542 wpa_tdls_key_mic_teardown(peer->tpk.kck, trans_seq, rcode,
543 dtoken, lnkid, (u8 *) ftie, mic);
544 if (os_memcmp(mic, ftie->mic, 16) != 0) {
545 wpa_printf(MSG_INFO, "TDLS: Invalid MIC in Teardown - "
550 wpa_printf(MSG_INFO, "TDLS: Could not verify TDLS Teardown "
551 "MIC, TPK not set - dropping packet");
558 static void wpa_tdls_tpk_timeout(void *eloop_ctx, void *timeout_ctx)
560 struct wpa_sm *sm = eloop_ctx;
561 struct wpa_tdls_peer *peer = timeout_ctx;
564 * On TPK lifetime expiration, we have an option of either tearing down
565 * the direct link or trying to re-initiate it. The selection of what
566 * to do is not strictly speaking controlled by our role in the expired
567 * link, but for now, use that to select whether to renew or tear down
571 if (peer->initiator) {
572 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime expired for " MACSTR
573 " - try to renew", MAC2STR(peer->addr));
574 wpa_tdls_start(sm, peer->addr);
576 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime expired for " MACSTR
577 " - tear down", MAC2STR(peer->addr));
578 wpa_sm_tdls_oper(sm, TDLS_TEARDOWN, peer->addr);
583 static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
585 wpa_printf(MSG_DEBUG, "TDLS: Clear state for peer " MACSTR,
586 MAC2STR(peer->addr));
587 eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer);
588 eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);
590 os_free(peer->sm_tmr.buf);
591 peer->sm_tmr.buf = NULL;
592 peer->rsnie_i_len = peer->rsnie_p_len = 0;
594 peer->tpk_set = peer->tpk_success = 0;
595 os_memset(&peer->tpk, 0, sizeof(peer->tpk));
596 os_memset(peer->inonce, 0, WPA_NONCE_LEN);
597 os_memset(peer->rnonce, 0, WPA_NONCE_LEN);
601 static void wpa_tdls_linkid(struct wpa_sm *sm, struct wpa_tdls_peer *peer,
602 struct wpa_tdls_lnkid *lnkid)
604 lnkid->ie_type = WLAN_EID_LINK_ID;
605 lnkid->ie_len = 3 * ETH_ALEN;
606 os_memcpy(lnkid->bssid, sm->bssid, ETH_ALEN);
607 if (peer->initiator) {
608 os_memcpy(lnkid->init_sta, sm->own_addr, ETH_ALEN);
609 os_memcpy(lnkid->resp_sta, peer->addr, ETH_ALEN);
611 os_memcpy(lnkid->init_sta, peer->addr, ETH_ALEN);
612 os_memcpy(lnkid->resp_sta, sm->own_addr, ETH_ALEN);
617 int wpa_tdls_recv_teardown_notify(struct wpa_sm *sm, const u8 *addr,
620 struct wpa_tdls_peer *peer;
621 struct wpa_tdls_ftie *ftie;
622 struct wpa_tdls_lnkid lnkid;
627 /* Find the node and free from the list */
628 for (peer = sm->tdls; peer; peer = peer->next) {
629 if (os_memcmp(peer->addr, addr, ETH_ALEN) == 0)
634 wpa_printf(MSG_INFO, "TDLS: No matching entry found for "
635 "Teardown " MACSTR, MAC2STR(addr));
639 dialog_token = peer->dtoken;
641 wpa_printf(MSG_DEBUG, "TDLS: TDLS Teardown for " MACSTR,
645 if (wpa_tdls_get_privacy(sm) && peer->tpk_set && peer->tpk_success) {
646 /* To add FTIE for Teardown request and compute MIC */
647 ielen += sizeof(*ftie);
648 #ifdef CONFIG_TDLS_TESTING
649 if (tdls_testing & TDLS_TESTING_LONG_FRAME)
651 #endif /* CONFIG_TDLS_TESTING */
654 rbuf = os_zalloc(ielen + 1);
659 if (!wpa_tdls_get_privacy(sm) || !peer->tpk_set || !peer->tpk_success)
662 ftie = (struct wpa_tdls_ftie *) pos;
663 ftie->ie_type = WLAN_EID_FAST_BSS_TRANSITION;
664 /* Using the recent nonce which should be for CONFIRM frame */
665 os_memcpy(ftie->Anonce, peer->rnonce, WPA_NONCE_LEN);
666 os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
667 ftie->ie_len = sizeof(struct wpa_tdls_ftie) - 2;
668 pos = (u8 *) (ftie + 1);
669 #ifdef CONFIG_TDLS_TESTING
670 if (tdls_testing & TDLS_TESTING_LONG_FRAME) {
671 wpa_printf(MSG_DEBUG, "TDLS: Testing - add extra subelem to "
674 *pos++ = 255; /* FTIE subelem */
675 *pos++ = 168; /* FTIE subelem length */
677 #endif /* CONFIG_TDLS_TESTING */
678 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE for TDLS Teardown handshake",
679 (u8 *) ftie, sizeof(*ftie));
681 /* compute MIC before sending */
682 wpa_tdls_linkid(sm, peer, &lnkid);
683 wpa_tdls_key_mic_teardown(peer->tpk.kck, 4, reason_code,
684 dialog_token, (u8 *) &lnkid, (u8 *) ftie,
688 /* TODO: register for a Timeout handler, if Teardown is not received at
689 * the other end, then try again another time */
691 /* request driver to send Teardown using this FTIE */
692 wpa_tdls_tpk_send(sm, addr, WLAN_TDLS_TEARDOWN, 0,
693 WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED, rbuf,
697 /* clear the Peerkey statemachine */
698 wpa_tdls_peer_free(sm, peer);
704 static int wpa_tdls_recv_teardown(struct wpa_sm *sm, const u8 *src_addr,
705 const u8 *buf, size_t len)
707 struct wpa_tdls_peer *peer = NULL;
708 struct wpa_tdls_ftie *ftie;
709 struct wpa_tdls_lnkid *lnkid;
710 struct wpa_eapol_ie_parse kde;
715 /* Find the node and free from the list */
716 for (peer = sm->tdls; peer; peer = peer->next) {
717 if (os_memcmp(peer->addr, src_addr, ETH_ALEN) == 0)
722 wpa_printf(MSG_INFO, "TDLS: No matching entry found for "
723 "Teardown " MACSTR, MAC2STR(src_addr));
728 pos += 1 /* pkt_type */ + 1 /* Category */ + 1 /* Action */;
730 reason_code = WPA_GET_LE16(pos);
733 wpa_printf(MSG_DEBUG, "TDLS: TDLS Teardown Request from " MACSTR
734 " (reason code %u)", MAC2STR(src_addr), reason_code);
736 ielen = len - (pos - buf); /* start of IE in buf */
737 if (wpa_supplicant_parse_ies((const u8 *) pos, ielen, &kde) < 0) {
738 wpa_printf(MSG_INFO, "TDLS: Failed to parse IEs in Teardown");
742 if (kde.lnkid == NULL || kde.lnkid_len < 3 * ETH_ALEN) {
743 wpa_printf(MSG_INFO, "TDLS: No Link Identifier IE in TDLS "
747 lnkid = (struct wpa_tdls_lnkid *) kde.lnkid;
749 if (!wpa_tdls_get_privacy(sm) || !peer->tpk_set || !peer->tpk_success)
752 if (kde.ftie == NULL) {
753 wpa_printf(MSG_INFO, "TDLS: No FTIE in TDLS Teardown");
757 ftie = (struct wpa_tdls_ftie *) kde.ftie;
759 /* Process MIC check to see if TDLS Teardown is right */
760 if (wpa_supplicant_verify_tdls_mic_teardown(4, reason_code,
762 (u8 *) lnkid, ftie) < 0) {
763 wpa_printf(MSG_DEBUG, "TDLS: MIC failure for TDLS "
764 "Teardown Request from " MACSTR, MAC2STR(src_addr));
768 /* TODO: figure out whether this workaround could be disabled
770 wpa_printf(MSG_DEBUG, "TDLS: Workaround - ignore Teardown MIC "
777 * Request the driver to disable the direct link and clear associated
780 wpa_sm_tdls_oper(sm, TDLS_DISABLE_LINK, src_addr);
782 /* clear the Peerkey statemachine */
783 wpa_tdls_peer_free(sm, peer);
790 * wpa_tdls_send_error - To send suitable TDLS status response with
791 * appropriate status code mentioning reason for error/failure.
792 * @dst - MAC addr of Peer station
793 * @tdls_action - TDLS frame type for which error code is sent
794 * @status - status code mentioning reason
797 static int wpa_tdls_send_error(struct wpa_sm *sm, const u8 *dst,
798 u8 tdls_action, u8 dialog_token, u16 status)
800 wpa_printf(MSG_DEBUG, "TDLS: Sending error to " MACSTR
801 " (action=%u status=%u)",
802 MAC2STR(dst), tdls_action, status);
803 return wpa_tdls_tpk_send(sm, dst, tdls_action, dialog_token, status,
808 static int wpa_tdls_send_tpk_m1(struct wpa_sm *sm,
809 struct wpa_tdls_peer *peer)
812 struct wpa_tdls_timeoutie timeoutie;
814 struct wpa_tdls_ftie *ftie;
815 u8 *rbuf, *pos, *count_pos;
817 struct rsn_ie_hdr *hdr;
819 if (!wpa_tdls_get_privacy(sm)) {
820 wpa_printf(MSG_DEBUG, "TDLS: No security used on the link");
821 peer->rsnie_i_len = 0;
826 * TPK Handshake Message 1:
827 * FTIE: ANonce=0, SNonce=initiator nonce MIC=0, DataKDs=(RSNIE_I,
828 * Timeout Interval IE))
832 hdr = (struct rsn_ie_hdr *) peer->rsnie_i;
833 hdr->elem_id = WLAN_EID_RSN;
834 WPA_PUT_LE16(hdr->version, RSN_VERSION);
836 pos = (u8 *) (hdr + 1);
837 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED);
838 pos += RSN_SELECTOR_LEN;
845 * AES-CCMP is the default Encryption preferred for TDLS, so
846 * RSN IE is filled only with CCMP CIPHER
847 * Note: TKIP is not used to encrypt TDLS link.
849 * Regardless of the cipher used on the AP connection, select CCMP
852 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP);
853 pos += RSN_SELECTOR_LEN;
856 WPA_PUT_LE16(count_pos, count);
858 WPA_PUT_LE16(pos, 1);
860 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_TPK_HANDSHAKE);
861 pos += RSN_SELECTOR_LEN;
863 rsn_capab = WPA_CAPABILITY_PEERKEY_ENABLED;
864 rsn_capab |= RSN_NUM_REPLAY_COUNTERS_16 << 2;
865 #ifdef CONFIG_TDLS_TESTING
866 if (tdls_testing & TDLS_TESTING_ALT_RSN_IE) {
867 wpa_printf(MSG_DEBUG, "TDLS: Use alternative RSN IE for "
869 rsn_capab = WPA_CAPABILITY_PEERKEY_ENABLED;
871 #endif /* CONFIG_TDLS_TESTING */
872 WPA_PUT_LE16(pos, rsn_capab);
874 #ifdef CONFIG_TDLS_TESTING
875 if (tdls_testing & TDLS_TESTING_ALT_RSN_IE) {
876 /* Number of PMKIDs */
880 #endif /* CONFIG_TDLS_TESTING */
882 hdr->len = (pos - peer->rsnie_i) - 2;
883 peer->rsnie_i_len = pos - peer->rsnie_i;
884 wpa_hexdump(MSG_DEBUG, "TDLS: RSN IE for TPK handshake",
885 peer->rsnie_i, peer->rsnie_i_len);
889 if (wpa_tdls_get_privacy(sm))
890 buf_len += peer->rsnie_i_len + sizeof(struct wpa_tdls_ftie) +
891 sizeof(struct wpa_tdls_timeoutie);
892 #ifdef CONFIG_TDLS_TESTING
893 if (wpa_tdls_get_privacy(sm) &&
894 (tdls_testing & TDLS_TESTING_LONG_FRAME))
896 if (tdls_testing & TDLS_TESTING_DIFF_BSSID)
897 buf_len += sizeof(struct wpa_tdls_lnkid);
898 #endif /* CONFIG_TDLS_TESTING */
899 rbuf = os_zalloc(buf_len + 1);
901 wpa_tdls_peer_free(sm, peer);
906 if (!wpa_tdls_get_privacy(sm))
909 /* Initiator RSN IE */
910 pos = wpa_add_ie(pos, peer->rsnie_i, peer->rsnie_i_len);
912 ftie = (struct wpa_tdls_ftie *) pos;
913 ftie->ie_type = WLAN_EID_FAST_BSS_TRANSITION;
914 ftie->ie_len = sizeof(struct wpa_tdls_ftie) - 2;
916 if (os_get_random(peer->inonce, WPA_NONCE_LEN)) {
917 wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
918 "TDLS: Failed to get random data for initiator Nonce");
920 wpa_tdls_peer_free(sm, peer);
923 wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
924 peer->inonce, WPA_NONCE_LEN);
925 os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
927 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE for TPK Handshake M1",
928 (u8 *) ftie, sizeof(struct wpa_tdls_ftie));
930 pos = (u8 *) (ftie + 1);
932 #ifdef CONFIG_TDLS_TESTING
933 if (tdls_testing & TDLS_TESTING_LONG_FRAME) {
934 wpa_printf(MSG_DEBUG, "TDLS: Testing - add extra subelem to "
937 *pos++ = 255; /* FTIE subelem */
938 *pos++ = 168; /* FTIE subelem length */
941 #endif /* CONFIG_TDLS_TESTING */
944 peer->lifetime = TPK_LIFETIME;
945 #ifdef CONFIG_TDLS_TESTING
946 if (tdls_testing & TDLS_TESTING_SHORT_LIFETIME) {
947 wpa_printf(MSG_DEBUG, "TDLS: Testing - use short TPK "
949 peer->lifetime = 301;
951 if (tdls_testing & TDLS_TESTING_LONG_LIFETIME) {
952 wpa_printf(MSG_DEBUG, "TDLS: Testing - use long TPK "
954 peer->lifetime = 0xffffffff;
956 #endif /* CONFIG_TDLS_TESTING */
957 pos = wpa_add_tdls_timeoutie(pos, (u8 *) &timeoutie,
958 sizeof(timeoutie), peer->lifetime);
959 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime %u seconds", peer->lifetime);
963 #ifdef CONFIG_TDLS_TESTING
964 if (tdls_testing & TDLS_TESTING_DIFF_BSSID) {
965 wpa_printf(MSG_DEBUG, "TDLS: Testing - use incorrect BSSID in "
967 struct wpa_tdls_lnkid *l = (struct wpa_tdls_lnkid *) pos;
968 wpa_tdls_linkid(sm, peer, l);
972 #endif /* CONFIG_TDLS_TESTING */
974 wpa_printf(MSG_DEBUG, "TDLS: Sending TDLS Setup Request / TPK "
975 "Handshake Message 1 (peer " MACSTR ")",
976 MAC2STR(peer->addr));
978 wpa_tdls_tpk_send(sm, peer->addr, WLAN_TDLS_SETUP_REQUEST, 0, 0,
986 static int wpa_tdls_send_tpk_m2(struct wpa_sm *sm,
987 const unsigned char *src_addr, u8 dtoken,
988 struct wpa_tdls_lnkid *lnkid,
989 const struct wpa_tdls_peer *peer)
994 struct wpa_tdls_timeoutie timeoutie;
995 struct wpa_tdls_ftie *ftie;
998 if (wpa_tdls_get_privacy(sm)) {
999 /* Peer RSN IE, FTIE(Initiator Nonce, Responder Nonce),
1001 buf_len += peer->rsnie_i_len + sizeof(struct wpa_tdls_ftie) +
1002 sizeof(struct wpa_tdls_timeoutie);
1003 #ifdef CONFIG_TDLS_TESTING
1004 if (tdls_testing & TDLS_TESTING_LONG_FRAME)
1006 #endif /* CONFIG_TDLS_TESTING */
1009 rbuf = os_zalloc(buf_len + 1);
1014 if (!wpa_tdls_get_privacy(sm))
1018 pos = wpa_add_ie(pos, peer->rsnie_p, peer->rsnie_p_len);
1020 ftie = (struct wpa_tdls_ftie *) pos;
1021 ftie->ie_type = WLAN_EID_FAST_BSS_TRANSITION;
1022 /* TODO: ftie->mic_control to set 2-RESPONSE */
1023 os_memcpy(ftie->Anonce, peer->rnonce, WPA_NONCE_LEN);
1024 os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
1025 ftie->ie_len = sizeof(struct wpa_tdls_ftie) - 2;
1026 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE for TPK M2",
1027 (u8 *) ftie, sizeof(*ftie));
1029 pos = (u8 *) (ftie + 1);
1031 #ifdef CONFIG_TDLS_TESTING
1032 if (tdls_testing & TDLS_TESTING_LONG_FRAME) {
1033 wpa_printf(MSG_DEBUG, "TDLS: Testing - add extra subelem to "
1035 ftie->ie_len += 170;
1036 *pos++ = 255; /* FTIE subelem */
1037 *pos++ = 168; /* FTIE subelem length */
1040 #endif /* CONFIG_TDLS_TESTING */
1043 lifetime = peer->lifetime;
1044 #ifdef CONFIG_TDLS_TESTING
1045 if (tdls_testing & TDLS_TESTING_WRONG_LIFETIME_RESP) {
1046 wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong TPK "
1047 "lifetime in response");
1050 #endif /* CONFIG_TDLS_TESTING */
1051 pos = wpa_add_tdls_timeoutie(pos, (u8 *) &timeoutie,
1052 sizeof(timeoutie), lifetime);
1053 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime %u seconds from initiator",
1056 /* compute MIC before sending */
1057 wpa_tdls_ftie_mic(peer->tpk.kck, 2, (u8 *) lnkid, peer->rsnie_p,
1058 (u8 *) &timeoutie, (u8 *) ftie, ftie->mic);
1061 wpa_tdls_tpk_send(sm, src_addr, WLAN_TDLS_SETUP_RESPONSE, dtoken, 0,
1069 static int wpa_tdls_send_tpk_m3(struct wpa_sm *sm,
1070 const unsigned char *src_addr, u8 dtoken,
1071 struct wpa_tdls_lnkid *lnkid,
1072 const struct wpa_tdls_peer *peer)
1076 struct wpa_tdls_ftie *ftie;
1077 struct wpa_tdls_timeoutie timeoutie;
1081 if (wpa_tdls_get_privacy(sm)) {
1082 /* Peer RSN IE, FTIE(Initiator Nonce, Responder Nonce),
1084 buf_len += peer->rsnie_i_len + sizeof(struct wpa_tdls_ftie) +
1085 sizeof(struct wpa_tdls_timeoutie);
1086 #ifdef CONFIG_TDLS_TESTING
1087 if (tdls_testing & TDLS_TESTING_LONG_FRAME)
1089 #endif /* CONFIG_TDLS_TESTING */
1092 rbuf = os_zalloc(buf_len + 1);
1097 if (!wpa_tdls_get_privacy(sm))
1101 pos = wpa_add_ie(pos, peer->rsnie_p, peer->rsnie_p_len);
1103 ftie = (struct wpa_tdls_ftie *) pos;
1104 ftie->ie_type = WLAN_EID_FAST_BSS_TRANSITION;
1105 /*TODO: ftie->mic_control to set 3-CONFIRM */
1106 os_memcpy(ftie->Anonce, peer->rnonce, WPA_NONCE_LEN);
1107 os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
1108 ftie->ie_len = sizeof(struct wpa_tdls_ftie) - 2;
1110 pos = (u8 *) (ftie + 1);
1112 #ifdef CONFIG_TDLS_TESTING
1113 if (tdls_testing & TDLS_TESTING_LONG_FRAME) {
1114 wpa_printf(MSG_DEBUG, "TDLS: Testing - add extra subelem to "
1116 ftie->ie_len += 170;
1117 *pos++ = 255; /* FTIE subelem */
1118 *pos++ = 168; /* FTIE subelem length */
1121 #endif /* CONFIG_TDLS_TESTING */
1124 lifetime = peer->lifetime;
1125 #ifdef CONFIG_TDLS_TESTING
1126 if (tdls_testing & TDLS_TESTING_WRONG_LIFETIME_CONF) {
1127 wpa_printf(MSG_DEBUG, "TDLS: Testing - use wrong TPK "
1128 "lifetime in confirm");
1131 #endif /* CONFIG_TDLS_TESTING */
1132 pos = wpa_add_tdls_timeoutie(pos, (u8 *) &timeoutie,
1133 sizeof(timeoutie), lifetime);
1134 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime %u seconds",
1137 /* compute MIC before sending */
1138 wpa_tdls_ftie_mic(peer->tpk.kck, 3, (u8 *) lnkid, peer->rsnie_p,
1139 (u8 *) &timeoutie, (u8 *) ftie, ftie->mic);
1142 wpa_tdls_tpk_send(sm, src_addr, WLAN_TDLS_SETUP_CONFIRM, dtoken, 0,
1150 static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
1151 const u8 *buf, size_t len)
1153 struct wpa_tdls_peer *peer;
1154 struct wpa_eapol_ie_parse kde;
1155 struct wpa_ie_data ie;
1158 struct wpa_tdls_ftie *ftie = NULL;
1159 struct wpa_tdls_timeoutie *timeoutie;
1160 struct wpa_tdls_lnkid *lnkid;
1163 struct rsn_ie_hdr *hdr;
1170 u16 status = WLAN_STATUS_UNSPECIFIED_FAILURE;
1176 cpos += 1 /* pkt_type */ + 1 /* Category */ + 1 /* Action */;
1178 /* driver had already verified the frame format */
1179 dtoken = *cpos++; /* dialog token */
1181 wpa_printf(MSG_INFO, "TDLS: Dialog Token in TPK M1 %d", dtoken);
1183 cpos += 2; /* capability information */
1185 ielen = len - (cpos - buf); /* start of IE in buf */
1186 if (wpa_supplicant_parse_ies(cpos, ielen, &kde) < 0) {
1187 wpa_printf(MSG_INFO, "TDLS: Failed to parse IEs in TPK M1");
1191 if (kde.lnkid == NULL || kde.lnkid_len < 3 * ETH_ALEN) {
1192 wpa_printf(MSG_INFO, "TDLS: No valid Link Identifier IE in "
1196 wpa_hexdump(MSG_DEBUG, "TDLS: Link ID Received from TPK M1",
1197 kde.lnkid, kde.lnkid_len);
1198 lnkid = (struct wpa_tdls_lnkid *) kde.lnkid;
1199 if (os_memcmp(sm->bssid, lnkid->bssid, ETH_ALEN) != 0) {
1200 wpa_printf(MSG_INFO, "TDLS: TPK M1 from diff BSS");
1201 status = WLAN_STATUS_NOT_IN_SAME_BSS;
1205 wpa_printf(MSG_DEBUG, "TDLS: TPK M1 - TPK initiator " MACSTR,
1208 #ifdef CONFIG_TDLS_TESTING
1209 if (tdls_testing & TDLS_TESTING_CONCURRENT_INIT) {
1210 for (peer = sm->tdls; peer; peer = peer->next) {
1211 if (os_memcmp(peer->addr, src_addr, ETH_ALEN) == 0)
1215 peer = os_zalloc(sizeof(*peer));
1218 os_memcpy(peer->addr, src_addr, ETH_ALEN);
1219 peer->next = sm->tdls;
1222 wpa_printf(MSG_DEBUG, "TDLS: Testing concurrent initiation of "
1223 "TDLS setup - send own request");
1224 peer->initiator = 1;
1225 wpa_tdls_send_tpk_m1(sm, peer);
1227 #endif /* CONFIG_TDLS_TESTING */
1229 if (!wpa_tdls_get_privacy(sm)) {
1231 wpa_printf(MSG_INFO, "TDLS: RSN IE in TPK M1 while "
1232 "security is disabled");
1233 status = WLAN_STATUS_SECURITY_DISABLED;
1239 if (kde.ftie == NULL || kde.rsn_ie == NULL) {
1240 wpa_printf(MSG_INFO, "TDLS: No FTIE or RSN IE in TPK M1");
1241 status = WLAN_STATUS_INVALID_PARAMETERS;
1245 if (kde.rsn_ie_len > TDLS_MAX_IE_LEN) {
1246 wpa_printf(MSG_INFO, "TDLS: Too long Initiator RSN IE in "
1248 status = WLAN_STATUS_INVALID_RSNIE;
1252 if (wpa_parse_wpa_ie_rsn(kde.rsn_ie, kde.rsn_ie_len, &ie) < 0) {
1253 wpa_printf(MSG_INFO, "TDLS: Failed to parse RSN IE in TPK M1");
1254 status = WLAN_STATUS_INVALID_RSNIE;
1258 cipher = ie.pairwise_cipher;
1259 if (cipher & WPA_CIPHER_CCMP) {
1260 wpa_printf(MSG_DEBUG, "TDLS: Using CCMP for direct link");
1261 cipher = WPA_CIPHER_CCMP;
1263 wpa_printf(MSG_INFO, "TDLS: No acceptable cipher in TPK M1");
1264 status = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID;
1268 if ((ie.capabilities &
1269 (WPA_CAPABILITY_NO_PAIRWISE | WPA_CAPABILITY_PEERKEY_ENABLED)) !=
1270 WPA_CAPABILITY_PEERKEY_ENABLED) {
1271 wpa_printf(MSG_INFO, "TDLS: Invalid RSN Capabilities in "
1273 status = WLAN_STATUS_INVALID_RSN_IE_CAPAB;
1278 if (kde.key_lifetime == NULL) {
1279 wpa_printf(MSG_INFO, "TDLS: No Key Lifetime IE in TPK M1");
1280 status = WLAN_STATUS_UNACCEPTABLE_LIFETIME;
1283 timeoutie = (struct wpa_tdls_timeoutie *) kde.key_lifetime;
1284 lifetime = WPA_GET_LE32(timeoutie->value);
1285 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime %u seconds", lifetime);
1286 if (lifetime < 300) {
1287 wpa_printf(MSG_INFO, "TDLS: Too short TPK lifetime");
1288 status = WLAN_STATUS_UNACCEPTABLE_LIFETIME;
1293 /* Find existing entry and if found, use that instead of adding
1294 * a new one; how to handle the case where both ends initiate at the
1296 for (peer = sm->tdls; peer; peer = peer->next) {
1297 if (os_memcmp(peer->addr, src_addr, ETH_ALEN) == 0)
1302 wpa_printf(MSG_INFO, "TDLS: No matching entry found for "
1303 "peer, creating one for " MACSTR,
1305 peer = os_malloc(sizeof(*peer));
1308 os_memset(peer, 0, sizeof(*peer));
1309 os_memcpy(peer->addr, src_addr, ETH_ALEN);
1310 peer->next = sm->tdls;
1313 if (peer->tpk_success) {
1314 wpa_printf(MSG_DEBUG, "TDLS: TDLS Setup Request while "
1315 "direct link is enabled - tear down the "
1318 /* TODO: Disabling the link would be more proper
1319 * operation here, but it seems to trigger a race with
1320 * some drivers handling the new request frame. */
1321 wpa_sm_tdls_oper(sm, TDLS_DISABLE_LINK, src_addr);
1323 wpa_tdls_del_key(sm, peer);
1325 wpa_tdls_peer_free(sm, peer);
1329 * An entry is already present, so check if we already sent a
1330 * TDLS Setup Request. If so, compare MAC addresses and let the
1331 * STA with the lower MAC address continue as the initiator.
1332 * The other negotiation is terminated.
1334 if (peer->initiator) {
1335 if (os_memcmp(sm->own_addr, src_addr, ETH_ALEN) < 0) {
1336 wpa_printf(MSG_DEBUG, "TDLS: Discard request "
1337 "from peer with higher address "
1338 MACSTR, MAC2STR(src_addr));
1341 wpa_printf(MSG_DEBUG, "TDLS: Accept request "
1342 "from peer with lower address "
1343 MACSTR " (terminate previously "
1344 "initiated negotiation",
1346 wpa_tdls_peer_free(sm, peer);
1351 peer->initiator = 0; /* Need to check */
1352 peer->dtoken = dtoken;
1354 if (!wpa_tdls_get_privacy(sm)) {
1355 peer->rsnie_i_len = 0;
1356 peer->rsnie_p_len = 0;
1357 peer->cipher = WPA_CIPHER_NONE;
1358 goto skip_rsn_check;
1361 ftie = (struct wpa_tdls_ftie *) kde.ftie;
1362 os_memcpy(peer->inonce, ftie->Snonce, WPA_NONCE_LEN);
1363 os_memcpy(peer->rsnie_i, kde.rsn_ie, kde.rsn_ie_len);
1364 peer->rsnie_i_len = kde.rsn_ie_len;
1365 peer->cipher = cipher;
1367 if (os_get_random(peer->rnonce, WPA_NONCE_LEN)) {
1368 wpa_msg(sm->ctx->ctx, MSG_WARNING,
1369 "TDLS: Failed to get random data for responder nonce");
1370 wpa_tdls_peer_free(sm, peer);
1375 /* get version info from RSNIE received from Peer */
1376 hdr = (struct rsn_ie_hdr *) kde.rsn_ie;
1377 rsn_ver = WPA_GET_LE16(hdr->version);
1379 /* use min(peer's version, out version) */
1380 if (rsn_ver > RSN_VERSION)
1381 rsn_ver = RSN_VERSION;
1383 hdr = (struct rsn_ie_hdr *) peer->rsnie_p;
1385 hdr->elem_id = WLAN_EID_RSN;
1386 WPA_PUT_LE16(hdr->version, rsn_ver);
1387 pos = (u8 *) (hdr + 1);
1389 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_NO_GROUP_ADDRESSED);
1390 pos += RSN_SELECTOR_LEN;
1391 /* Include only the selected cipher in pairwise cipher suite */
1392 WPA_PUT_LE16(pos, 1);
1394 if (cipher == WPA_CIPHER_CCMP)
1395 RSN_SELECTOR_PUT(pos, RSN_CIPHER_SUITE_CCMP);
1396 pos += RSN_SELECTOR_LEN;
1398 WPA_PUT_LE16(pos, 1);
1400 RSN_SELECTOR_PUT(pos, RSN_AUTH_KEY_MGMT_TPK_HANDSHAKE);
1401 pos += RSN_SELECTOR_LEN;
1403 rsn_capab = WPA_CAPABILITY_PEERKEY_ENABLED;
1404 rsn_capab |= RSN_NUM_REPLAY_COUNTERS_16 << 2;
1405 WPA_PUT_LE16(pos, rsn_capab);
1408 hdr->len = (pos - peer->rsnie_p) - 2;
1409 peer->rsnie_p_len = pos - peer->rsnie_p;
1412 /* temp fix: validation of RSNIE later */
1413 os_memcpy(peer->rsnie_p, peer->rsnie_i, peer->rsnie_i_len);
1414 peer->rsnie_p_len = peer->rsnie_i_len;
1416 wpa_hexdump(MSG_DEBUG, "TDLS: RSN IE for TPK handshake",
1417 peer->rsnie_p, peer->rsnie_p_len);
1419 peer->lifetime = lifetime;
1421 wpa_tdls_generate_tpk(peer, sm->own_addr, sm->bssid);
1424 wpa_printf(MSG_DEBUG, "TDLS: Sending TDLS Setup Response / TPK M2");
1425 wpa_tdls_send_tpk_m2(sm, src_addr, dtoken, lnkid, peer);
1430 wpa_tdls_send_error(sm, src_addr, WLAN_TDLS_SETUP_RESPONSE, dtoken,
1436 static void wpa_tdls_enable_link(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
1438 peer->tpk_success = 1;
1439 eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer);
1440 if (wpa_tdls_get_privacy(sm)) {
1441 u32 lifetime = peer->lifetime;
1443 * Start the initiator process a bit earlier to avoid race
1444 * condition with the responder sending teardown request.
1446 if (lifetime > 3 && peer->initiator)
1448 eloop_register_timeout(lifetime, 0, wpa_tdls_tpk_timeout,
1450 #ifdef CONFIG_TDLS_TESTING
1451 if (tdls_testing & TDLS_TESTING_NO_TPK_EXPIRATION) {
1452 wpa_printf(MSG_DEBUG, "TDLS: Testing - disable TPK "
1454 eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer);
1456 #endif /* CONFIG_TDLS_TESTING */
1458 wpa_sm_tdls_oper(sm, TDLS_ENABLE_LINK, peer->addr);
1462 static int wpa_tdls_process_tpk_m2(struct wpa_sm *sm, const u8 *src_addr,
1463 const u8 *buf, size_t len)
1465 struct wpa_tdls_peer *peer;
1466 struct wpa_eapol_ie_parse kde;
1467 struct wpa_ie_data ie;
1469 struct wpa_tdls_ftie *ftie;
1470 struct wpa_tdls_timeoutie *timeoutie;
1471 struct wpa_tdls_lnkid *lnkid;
1478 wpa_printf(MSG_DEBUG, "TDLS: Received TDLS Setup Response / TPK M2 "
1479 "(Peer " MACSTR ")", MAC2STR(src_addr));
1480 for (peer = sm->tdls; peer; peer = peer->next) {
1481 if (os_memcmp(peer->addr, src_addr, ETH_ALEN) == 0)
1485 wpa_printf(MSG_INFO, "TDLS: No matching peer found for "
1486 "TPK M2: " MACSTR, MAC2STR(src_addr));
1489 wpa_tdls_tpk_retry_timeout_cancel(sm, peer, WLAN_TDLS_SETUP_REQUEST);
1491 if (len < 3 + 2 + 1)
1494 pos += 1 /* pkt_type */ + 1 /* Category */ + 1 /* Action */;
1495 status = WPA_GET_LE16(pos);
1496 pos += 2 /* status code */;
1498 if (status != WLAN_STATUS_SUCCESS) {
1499 wpa_printf(MSG_INFO, "TDLS: Status code in TPK M2: %u",
1504 status = WLAN_STATUS_UNSPECIFIED_FAILURE;
1506 /* TODO: need to verify dialog token matches here or in kernel */
1507 dtoken = *pos++; /* dialog token */
1509 wpa_printf(MSG_DEBUG, "TDLS: Dialog Token in TPK M2 %d", dtoken);
1511 if (len < 3 + 2 + 1 + 2)
1513 pos += 2; /* capability information */
1515 ielen = len - (pos - buf); /* start of IE in buf */
1516 if (wpa_supplicant_parse_ies(pos, ielen, &kde) < 0) {
1517 wpa_printf(MSG_INFO, "TDLS: Failed to parse IEs in TPK M2");
1521 #ifdef CONFIG_TDLS_TESTING
1522 if (tdls_testing & TDLS_TESTING_DECLINE_RESP) {
1523 wpa_printf(MSG_DEBUG, "TDLS: Testing - decline response");
1524 status = WLAN_STATUS_REQUEST_DECLINED;
1527 #endif /* CONFIG_TDLS_TESTING */
1529 if (kde.lnkid == NULL || kde.lnkid_len < 3 * ETH_ALEN) {
1530 wpa_printf(MSG_INFO, "TDLS: No valid Link Identifier IE in "
1534 wpa_hexdump(MSG_DEBUG, "TDLS: Link ID Received from TPK M2",
1535 kde.lnkid, kde.lnkid_len);
1536 lnkid = (struct wpa_tdls_lnkid *) kde.lnkid;
1538 if (os_memcmp(sm->bssid, lnkid->bssid, ETH_ALEN) != 0) {
1539 wpa_printf(MSG_INFO, "TDLS: TPK M2 from different BSS");
1540 status = WLAN_STATUS_NOT_IN_SAME_BSS;
1544 if (!wpa_tdls_get_privacy(sm)) {
1545 peer->rsnie_p_len = 0;
1546 peer->cipher = WPA_CIPHER_NONE;
1550 if (kde.ftie == NULL || kde.rsn_ie == NULL) {
1551 wpa_printf(MSG_INFO, "TDLS: No FTIE or RSN IE in TPK M2");
1552 status = WLAN_STATUS_INVALID_PARAMETERS;
1555 wpa_hexdump(MSG_DEBUG, "TDLS: RSN IE Received from TPK M2",
1556 kde.rsn_ie, kde.rsn_ie_len);
1559 * FIX: bitwise comparison of RSN IE is not the correct way of
1560 * validation this. It can be different, but certain fields must
1561 * match. Since we list only a single pairwise cipher in TPK M1, the
1562 * memcmp is likely to work in most cases, though.
1564 if (kde.rsn_ie_len != peer->rsnie_i_len ||
1565 os_memcmp(peer->rsnie_i, kde.rsn_ie, peer->rsnie_i_len) != 0) {
1566 wpa_printf(MSG_INFO, "TDLS: RSN IE in TPK M2 does "
1567 "not match with RSN IE used in TPK M1");
1568 wpa_hexdump(MSG_DEBUG, "TDLS: RSN IE Sent in TPK M1",
1569 peer->rsnie_i, peer->rsnie_i_len);
1570 wpa_hexdump(MSG_DEBUG, "TDLS: RSN IE Received from TPK M2",
1571 kde.rsn_ie, kde.rsn_ie_len);
1572 status = WLAN_STATUS_INVALID_RSNIE;
1576 if (wpa_parse_wpa_ie_rsn(kde.rsn_ie, kde.rsn_ie_len, &ie) < 0) {
1577 wpa_printf(MSG_INFO, "TDLS: Failed to parse RSN IE in TPK M2");
1578 status = WLAN_STATUS_INVALID_RSNIE;
1582 cipher = ie.pairwise_cipher;
1583 if (cipher == WPA_CIPHER_CCMP) {
1584 wpa_printf(MSG_DEBUG, "TDLS: Using CCMP for direct link");
1585 cipher = WPA_CIPHER_CCMP;
1587 wpa_printf(MSG_INFO, "TDLS: No acceptable cipher in TPK M2");
1588 status = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID;
1592 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE Received from TPK M2",
1593 kde.ftie, sizeof(*ftie));
1594 ftie = (struct wpa_tdls_ftie *) kde.ftie;
1596 if (!os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) == 0) {
1597 wpa_printf(MSG_INFO, "TDLS: FTIE SNonce in TPK M2 does "
1598 "not match with FTIE SNonce used in TPK M1");
1599 /* Silently discard the frame */
1603 /* Responder Nonce and RSN IE */
1604 os_memcpy(peer->rnonce, ftie->Anonce, WPA_NONCE_LEN);
1605 os_memcpy(peer->rsnie_p, kde.rsn_ie, kde.rsn_ie_len);
1606 peer->rsnie_p_len = kde.rsn_ie_len;
1607 peer->cipher = cipher;
1610 if (kde.key_lifetime == NULL) {
1611 wpa_printf(MSG_INFO, "TDLS: No Key Lifetime IE in TPK M2");
1612 status = WLAN_STATUS_UNACCEPTABLE_LIFETIME;
1615 timeoutie = (struct wpa_tdls_timeoutie *) kde.key_lifetime;
1616 lifetime = WPA_GET_LE32(timeoutie->value);
1617 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime %u seconds in TPK M2",
1619 if (lifetime != peer->lifetime) {
1620 wpa_printf(MSG_INFO, "TDLS: Unexpected TPK lifetime %u in "
1621 "TPK M2 (expected %u)", lifetime, peer->lifetime);
1622 status = WLAN_STATUS_UNACCEPTABLE_LIFETIME;
1626 wpa_tdls_generate_tpk(peer, sm->own_addr, sm->bssid);
1628 /* Process MIC check to see if TPK M2 is right */
1629 if (wpa_supplicant_verify_tdls_mic(2, peer, (u8 *) lnkid,
1630 (u8 *) timeoutie, ftie) < 0) {
1631 /* Discard the frame */
1632 wpa_tdls_del_key(sm, peer);
1633 wpa_tdls_peer_free(sm, peer);
1637 wpa_tdls_set_key(sm, peer);
1640 peer->dtoken = dtoken;
1642 wpa_printf(MSG_DEBUG, "TDLS: Sending TDLS Setup Confirm / "
1643 "TPK Handshake Message 3");
1644 wpa_tdls_send_tpk_m3(sm, src_addr, dtoken, lnkid, peer);
1646 wpa_tdls_enable_link(sm, peer);
1651 wpa_tdls_send_error(sm, src_addr, WLAN_TDLS_SETUP_CONFIRM, dtoken,
1657 static int wpa_tdls_process_tpk_m3(struct wpa_sm *sm, const u8 *src_addr,
1658 const u8 *buf, size_t len)
1660 struct wpa_tdls_peer *peer;
1661 struct wpa_eapol_ie_parse kde;
1662 struct wpa_tdls_ftie *ftie;
1663 struct wpa_tdls_timeoutie *timeoutie;
1664 struct wpa_tdls_lnkid *lnkid;
1670 wpa_printf(MSG_DEBUG, "TDLS: Received TDLS Setup Confirm / TPK M3 "
1671 "(Peer " MACSTR ")", MAC2STR(src_addr));
1672 for (peer = sm->tdls; peer; peer = peer->next) {
1673 if (os_memcmp(peer->addr, src_addr, ETH_ALEN) == 0)
1677 wpa_printf(MSG_INFO, "TDLS: No matching peer found for "
1678 "TPK M3: " MACSTR, MAC2STR(src_addr));
1681 wpa_tdls_tpk_retry_timeout_cancel(sm, peer, WLAN_TDLS_SETUP_RESPONSE);
1686 pos += 1 /* pkt_type */ + 1 /* Category */ + 1 /* Action */;
1688 status = WPA_GET_LE16(pos);
1691 wpa_printf(MSG_INFO, "TDLS: Status code in TPK M3: %u",
1695 pos += 2 /* status code */ + 1 /* dialog token */;
1697 ielen = len - (pos - buf); /* start of IE in buf */
1698 if (wpa_supplicant_parse_ies((const u8 *) pos, ielen, &kde) < 0) {
1699 wpa_printf(MSG_INFO, "TDLS: Failed to parse KDEs in TPK M3");
1703 if (kde.lnkid == NULL || kde.lnkid_len < 3 * ETH_ALEN) {
1704 wpa_printf(MSG_INFO, "TDLS: No Link Identifier IE in TPK M3");
1707 wpa_hexdump(MSG_DEBUG, "TDLS: Link ID Received from TPK M3",
1708 (u8 *) kde.lnkid, kde.lnkid_len);
1709 lnkid = (struct wpa_tdls_lnkid *) kde.lnkid;
1711 if (os_memcmp(sm->bssid, lnkid->bssid, ETH_ALEN) != 0) {
1712 wpa_printf(MSG_INFO, "TDLS: TPK M3 from diff BSS");
1716 if (!wpa_tdls_get_privacy(sm))
1719 if (kde.ftie == NULL) {
1720 wpa_printf(MSG_INFO, "TDLS: No FTIE in TPK M3");
1723 wpa_hexdump(MSG_DEBUG, "TDLS: FTIE Received from TPK M3",
1724 (u8 *) ftie, sizeof(*ftie));
1725 ftie = (struct wpa_tdls_ftie *) kde.ftie;
1727 if (kde.rsn_ie == NULL) {
1728 wpa_printf(MSG_INFO, "TDLS: No RSN IE in TPK M3");
1731 wpa_hexdump(MSG_DEBUG, "TDLS: RSN IE Received from TPK M3",
1732 kde.rsn_ie, kde.rsn_ie_len);
1733 if (kde.rsn_ie_len != peer->rsnie_p_len ||
1734 os_memcmp(kde.rsn_ie, peer->rsnie_p, peer->rsnie_p_len) != 0) {
1735 wpa_printf(MSG_INFO, "TDLS: RSN IE in TPK M3 does not match "
1736 "with the one sent in TPK M2");
1740 if (!os_memcmp(peer->rnonce, ftie->Anonce, WPA_NONCE_LEN) == 0) {
1741 wpa_printf(MSG_INFO, "TDLS: FTIE ANonce in TPK M3 does "
1742 "not match with FTIE ANonce used in TPK M2");
1746 if (!os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) == 0) {
1747 wpa_printf(MSG_INFO, "TDLS: FTIE SNonce in TPK M3 does not "
1748 "match with FTIE SNonce used in TPK M1");
1752 if (kde.key_lifetime == NULL) {
1753 wpa_printf(MSG_INFO, "TDLS: No Key Lifetime IE in TPK M3");
1756 timeoutie = (struct wpa_tdls_timeoutie *) kde.key_lifetime;
1757 wpa_hexdump(MSG_DEBUG, "TDLS: Timeout IE Received from TPK M3",
1758 (u8 *) timeoutie, sizeof(*timeoutie));
1759 lifetime = WPA_GET_LE32(timeoutie->value);
1760 wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime %u seconds in TPK M3",
1762 if (lifetime != peer->lifetime) {
1763 wpa_printf(MSG_INFO, "TDLS: Unexpected TPK lifetime %u in "
1764 "TPK M3 (expected %u)", lifetime, peer->lifetime);
1768 if (wpa_supplicant_verify_tdls_mic(3, peer, (u8 *) lnkid,
1769 (u8 *) timeoutie, ftie) < 0) {
1770 wpa_tdls_del_key(sm, peer);
1771 wpa_tdls_peer_free(sm, peer);
1775 if (wpa_tdls_set_key(sm, peer) < 0)
1779 wpa_tdls_enable_link(sm, peer);
1785 static u8 * wpa_add_tdls_timeoutie(u8 *pos, u8 *ie, size_t ie_len, u32 tsecs)
1787 struct wpa_tdls_timeoutie *lifetime = (struct wpa_tdls_timeoutie *) ie;
1789 os_memset(lifetime, 0, ie_len);
1790 lifetime->ie_type = WLAN_EID_TIMEOUT_INTERVAL;
1791 lifetime->ie_len = sizeof(struct wpa_tdls_timeoutie) - 2;
1792 lifetime->interval_type = WLAN_TIMEOUT_KEY_LIFETIME;
1793 WPA_PUT_LE32(lifetime->value, tsecs);
1794 os_memcpy(pos, ie, ie_len);
1795 return pos + ie_len;
1800 * wpa_tdls_start - Initiate TDLS handshake (send TPK Handshake Message 1)
1801 * @sm: Pointer to WPA state machine data from wpa_sm_init()
1802 * @peer: MAC address of the peer STA
1803 * Returns: 0 on success, or -1 on failure
1805 * Send TPK Handshake Message 1 info to driver to start TDLS
1806 * handshake with the peer.
1808 int wpa_tdls_start(struct wpa_sm *sm, const u8 *addr)
1810 struct wpa_tdls_peer *peer;
1812 /* Find existing entry and if found, use that instead of adding
1814 for (peer = sm->tdls; peer; peer = peer->next) {
1815 if (os_memcmp(peer->addr, addr, ETH_ALEN) == 0)
1820 wpa_printf(MSG_INFO, "TDLS: No matching entry found for "
1821 "peer, creating one for " MACSTR, MAC2STR(addr));
1822 peer = os_malloc(sizeof(*peer));
1825 os_memset(peer, 0, sizeof(*peer));
1826 os_memcpy(peer->addr, addr, ETH_ALEN);
1827 peer->next = sm->tdls;
1831 peer->initiator = 1;
1833 return wpa_tdls_send_tpk_m1(sm, peer);
1837 int wpa_tdls_reneg(struct wpa_sm *sm, const u8 *addr)
1839 struct wpa_tdls_peer *peer;
1841 for (peer = sm->tdls; peer; peer = peer->next) {
1842 if (os_memcmp(peer->addr, addr, ETH_ALEN) == 0)
1846 if (peer == NULL || !peer->tpk_success)
1849 return wpa_tdls_start(sm, addr);
1854 * wpa_supplicant_rx_tdls - Receive TDLS data frame
1856 * This function is called to receive TDLS (ethertype = 0x890d) data frames.
1858 static void wpa_supplicant_rx_tdls(void *ctx, const u8 *src_addr,
1859 const u8 *buf, size_t len)
1861 struct wpa_sm *sm = ctx;
1862 struct wpa_tdls_frame *tf;
1864 wpa_hexdump(MSG_DEBUG, "TDLS: Received Data frame encapsulation",
1867 if (os_memcmp(src_addr, sm->own_addr, ETH_ALEN) == 0) {
1868 wpa_printf(MSG_DEBUG, "TDLS: Discard copy of own message");
1872 if (len < sizeof(*tf)) {
1873 wpa_printf(MSG_INFO, "TDLS: Drop too short frame");
1877 /* Check to make sure its a valid encapsulated TDLS frame */
1878 tf = (struct wpa_tdls_frame *) buf;
1879 if (tf->payloadtype != 2 /* TDLS_RFTYPE */ ||
1880 tf->category != WLAN_ACTION_TDLS) {
1881 wpa_printf(MSG_INFO, "TDLS: Invalid frame - payloadtype=%u "
1882 "category=%u action=%u",
1883 tf->payloadtype, tf->category, tf->action);
1887 switch (tf->action) {
1888 case WLAN_TDLS_SETUP_REQUEST:
1889 wpa_tdls_process_tpk_m1(sm, src_addr, buf, len);
1891 case WLAN_TDLS_SETUP_RESPONSE:
1892 wpa_tdls_process_tpk_m2(sm, src_addr, buf, len);
1894 case WLAN_TDLS_SETUP_CONFIRM:
1895 wpa_tdls_process_tpk_m3(sm, src_addr, buf, len);
1897 case WLAN_TDLS_TEARDOWN:
1898 wpa_tdls_recv_teardown(sm, src_addr, buf, len);
1901 /* Kernel code will process remaining frames */
1902 wpa_printf(MSG_DEBUG, "TDLS: Ignore TDLS frame action code %u",
1910 * wpa_tdls_init - Initialize driver interface parameters for TDLS
1911 * @wpa_s: Pointer to wpa_supplicant data
1912 * Returns: 0 on success, -1 on failure
1914 * This function is called to initialize driver interface parameters for TDLS.
1915 * wpa_drv_init() must have been called before this function to initialize the
1918 int wpa_tdls_init(struct wpa_sm *sm)
1923 sm->l2_tdls = l2_packet_init(sm->ifname, sm->own_addr,
1924 ETH_P_80211_ENCAP, wpa_supplicant_rx_tdls,
1926 if (sm->l2_tdls == NULL) {
1927 wpa_printf(MSG_ERROR, "TDLS: Failed to open l2_packet "
1936 static void wpa_tdls_remove_peers(struct wpa_sm *sm)
1938 struct wpa_tdls_peer *peer, *tmp;
1946 res = wpa_sm_tdls_oper(sm, TDLS_DISABLE_LINK, peer->addr);
1947 wpa_printf(MSG_DEBUG, "TDLS: Remove peer " MACSTR " (res=%d)",
1948 MAC2STR(peer->addr), res);
1949 wpa_tdls_peer_free(sm, peer);
1957 * wpa_tdls_deinit - Deinitialize driver interface parameters for TDLS
1959 * This function is called to recover driver interface parameters for TDLS
1960 * and frees resources allocated for it.
1962 void wpa_tdls_deinit(struct wpa_sm *sm)
1968 l2_packet_deinit(sm->l2_tdls);
1971 wpa_tdls_remove_peers(sm);
1975 void wpa_tdls_assoc(struct wpa_sm *sm)
1977 wpa_printf(MSG_DEBUG, "TDLS: Remove peers on association");
1978 wpa_tdls_remove_peers(sm);
1982 void wpa_tdls_disassoc(struct wpa_sm *sm)
1984 wpa_printf(MSG_DEBUG, "TDLS: Remove peers on disassociation");
1985 wpa_tdls_remove_peers(sm);