/*
* wpa_supplicant - SME
- * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2009-2010, Jouni Malinen <j@w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
#include "includes.h"
#include "common.h"
-#include "drivers/driver.h"
-#include "ieee802_11_defs.h"
+#include "common/ieee802_11_defs.h"
+#include "common/ieee802_11_common.h"
#include "eapol_supp/eapol_supp_sm.h"
-#include "wpa_common.h"
-#include "wpa.h"
-#include "pmksa_cache.h"
+#include "common/wpa_common.h"
+#include "rsn_supp/wpa.h"
+#include "rsn_supp/pmksa_cache.h"
#include "config.h"
#include "wpa_supplicant_i.h"
+#include "driver_i.h"
#include "wpas_glue.h"
#include "wps_supplicant.h"
+#include "p2p_supplicant.h"
+#include "notify.h"
+#include "blacklist.h"
+#include "bss.h"
+#include "scan.h"
#include "sme.h"
void sme_authenticate(struct wpa_supplicant *wpa_s,
- struct wpa_scan_res *bss, struct wpa_ssid *ssid)
+ struct wpa_bss *bss, struct wpa_ssid *ssid)
{
struct wpa_driver_auth_params params;
+ struct wpa_ssid *old_ssid;
+#ifdef CONFIG_IEEE80211R
const u8 *ie;
+#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211R
const u8 *md = NULL;
#endif /* CONFIG_IEEE80211R */
+ int i, bssid_changed;
if (bss == NULL) {
wpa_printf(MSG_ERROR, "SME: No scan result available for the "
return;
}
+ wpa_s->current_bss = bss;
+
os_memset(¶ms, 0, sizeof(params));
wpa_s->reassociate = 0;
params.freq = bss->freq;
params.bssid = bss->bssid;
- ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
- if (ie == NULL) {
- wpa_printf(MSG_ERROR, "SME: SSID not available for the BSS");
- return;
- }
- params.ssid = ie + 2;
- params.ssid_len = ie[1];
+ params.ssid = bss->ssid;
+ params.ssid_len = bss->ssid_len;
+
+ if (wpa_s->sme.ssid_len != params.ssid_len ||
+ os_memcmp(wpa_s->sme.ssid, params.ssid, params.ssid_len) != 0)
+ wpa_s->sme.prev_bssid_set = 0;
wpa_s->sme.freq = params.freq;
os_memcpy(wpa_s->sme.ssid, params.ssid, params.ssid_len);
wpa_s->sme.ssid_len = params.ssid_len;
- params.auth_alg = AUTH_ALG_OPEN_SYSTEM;
+ params.auth_alg = WPA_AUTH_ALG_OPEN;
#ifdef IEEE8021X_EAPOL
if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
if (ssid->leap) {
if (ssid->non_leap == 0)
- params.auth_alg = AUTH_ALG_LEAP;
+ params.auth_alg = WPA_AUTH_ALG_LEAP;
else
- params.auth_alg |= AUTH_ALG_LEAP;
+ params.auth_alg |= WPA_AUTH_ALG_LEAP;
}
}
#endif /* IEEE8021X_EAPOL */
wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x",
params.auth_alg);
if (ssid->auth_alg) {
- params.auth_alg = 0;
- if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
- params.auth_alg |= AUTH_ALG_OPEN_SYSTEM;
- if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
- params.auth_alg |= AUTH_ALG_SHARED_KEY;
- if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
- params.auth_alg |= AUTH_ALG_LEAP;
+ params.auth_alg = ssid->auth_alg;
wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
params.auth_alg);
}
+ for (i = 0; i < NUM_WEP_KEYS; i++) {
+ if (ssid->wep_key_len[i])
+ params.wep_key[i] = ssid->wep_key[i];
+ params.wep_key_len[i] = ssid->wep_key_len[i];
+ }
+ params.wep_tx_keyidx = ssid->wep_tx_keyidx;
+
+ bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
os_memset(wpa_s->bssid, 0, ETH_ALEN);
os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
+ if (bssid_changed)
+ wpas_notify_bssid_changed(wpa_s);
- if (bss && (wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
- wpa_scan_get_ie(bss, WLAN_EID_RSN)) &&
+ if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
+ wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
(ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
WPA_KEY_MGMT_FT_IEEE8021X |
WPA_KEY_MGMT_FT_PSK |
}
#ifdef CONFIG_IEEE80211R
- ie = wpa_scan_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
+ ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
md = ie + 2;
- wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
+ wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
if (md) {
/* Prepare for the next transition */
- wpa_ft_prepare_auth_request(wpa_s->wpa);
+ wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
}
if (md && ssid->key_mgmt & (WPA_KEY_MGMT_FT_PSK |
mdie = (struct rsn_mdie *) pos;
os_memcpy(mdie->mobility_domain, md,
MOBILITY_DOMAIN_ID_LEN);
- mdie->ft_capab = 0;
+ mdie->ft_capab = md[MOBILITY_DOMAIN_ID_LEN];
wpa_s->sme.assoc_req_ie_len += 5;
}
if (wpa_s->sme.ft_used &&
- os_memcmp(md, wpa_s->sme.mobility_domain, 2) == 0) {
+ os_memcmp(md, wpa_s->sme.mobility_domain, 2) == 0 &&
+ wpa_sm_has_ptk(wpa_s->wpa)) {
wpa_printf(MSG_DEBUG, "SME: Trying to use FT "
"over-the-air");
- params.auth_alg = AUTH_ALG_FT;
+ params.auth_alg = WPA_AUTH_ALG_FT;
params.ie = wpa_s->sme.ft_ies;
params.ie_len = wpa_s->sme.ft_ies_len;
}
#endif /* CONFIG_IEEE80211R */
#ifdef CONFIG_IEEE80211W
- switch (ssid->ieee80211w) {
- case NO_IEEE80211W:
- wpa_s->sme.mfp = NO_MGMT_FRAME_PROTECTION;
- break;
- case IEEE80211W_OPTIONAL:
- wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_OPTIONAL;
- break;
- case IEEE80211W_REQUIRED:
- wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED;
- break;
- }
- if (ssid->ieee80211w != NO_IEEE80211W && bss) {
- const u8 *rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
+ wpa_s->sme.mfp = ssid->ieee80211w;
+ if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
+ const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
struct wpa_ie_data _ie;
if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &_ie) == 0 &&
_ie.capabilities &
}
#endif /* CONFIG_IEEE80211W */
+#ifdef CONFIG_P2P
+ if (wpa_s->global->p2p) {
+ u8 *pos;
+ size_t len;
+ int res;
+ int p2p_group;
+ p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
+ pos = wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len;
+ len = sizeof(wpa_s->sme.assoc_req_ie) -
+ wpa_s->sme.assoc_req_ie_len;
+ res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
+ if (res >= 0)
+ wpa_s->sme.assoc_req_ie_len += res;
+ }
+#endif /* CONFIG_P2P */
+
wpa_supplicant_cancel_scan(wpa_s);
wpa_msg(wpa_s, MSG_INFO, "Trying to authenticate with " MACSTR
wpa_clear_keys(wpa_s, bss->bssid);
wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING);
+ old_ssid = wpa_s->current_ssid;
wpa_s->current_ssid = ssid;
wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
wpa_supplicant_initiate_eapol(wpa_s);
+ if (old_ssid != wpa_s->current_ssid)
+ wpas_notify_network_changed(wpa_s);
+ wpa_s->sme.auth_alg = params.auth_alg;
if (wpa_drv_authenticate(wpa_s, ¶ms) < 0) {
wpa_msg(wpa_s, MSG_INFO, "Authentication request to the "
"driver failed");
+ wpa_supplicant_req_scan(wpa_s, 1, 0);
return;
}
void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
{
- struct wpa_driver_associate_params params;
struct wpa_ssid *ssid = wpa_s->current_ssid;
if (ssid == NULL) {
if (data->auth.status_code != WLAN_STATUS_SUCCESS) {
wpa_printf(MSG_DEBUG, "SME: Authentication failed (status "
"code %d)", data->auth.status_code);
- return;
+
+ if (data->auth.status_code !=
+ WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG ||
+ wpa_s->sme.auth_alg == data->auth.auth_type ||
+ wpa_s->current_ssid->auth_alg == WPA_AUTH_ALG_LEAP)
+ return;
+
+ switch (data->auth.auth_type) {
+ case WLAN_AUTH_OPEN:
+ wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_SHARED;
+
+ wpa_printf(MSG_DEBUG, "SME: Trying SHARED auth");
+ wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
+ wpa_s->current_ssid);
+ return;
+
+ case WLAN_AUTH_SHARED_KEY:
+ wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_LEAP;
+
+ wpa_printf(MSG_DEBUG, "SME: Trying LEAP auth");
+ wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
+ wpa_s->current_ssid);
+ return;
+
+ default:
+ return;
+ }
}
#ifdef CONFIG_IEEE80211R
}
#endif /* CONFIG_IEEE80211R */
+ sme_associate(wpa_s, ssid->mode, data->auth.peer,
+ data->auth.auth_type);
+}
+
+
+void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
+ const u8 *bssid, u16 auth_type)
+{
+ struct wpa_driver_associate_params params;
+ struct ieee802_11_elems elems;
+
os_memset(¶ms, 0, sizeof(params));
- params.bssid = data->auth.peer;
+ params.bssid = bssid;
params.ssid = wpa_s->sme.ssid;
params.ssid_len = wpa_s->sme.ssid_len;
params.freq = wpa_s->sme.freq;
wpa_s->sme.assoc_req_ie : NULL;
params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len;
#ifdef CONFIG_IEEE80211R
- if (data->auth.auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) {
+ if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) {
params.wpa_ie = wpa_s->sme.ft_ies;
params.wpa_ie_len = wpa_s->sme.ft_ies_len;
}
#endif /* CONFIG_IEEE80211R */
- params.mode = ssid->mode;
+ params.mode = mode;
params.mgmt_frame_protection = wpa_s->sme.mfp;
+ if (wpa_s->sme.prev_bssid_set)
+ params.prev_bssid = wpa_s->sme.prev_bssid;
wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
" (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid),
wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
+ if (params.wpa_ie == NULL ||
+ ieee802_11_parse_elems(params.wpa_ie, params.wpa_ie_len, &elems, 0)
+ < 0) {
+ wpa_printf(MSG_DEBUG, "SME: Could not parse own IEs?!");
+ os_memset(&elems, 0, sizeof(elems));
+ }
+ if (elems.rsn_ie)
+ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.rsn_ie - 2,
+ elems.rsn_ie_len + 2);
+ else if (elems.wpa_ie)
+ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.wpa_ie - 2,
+ elems.wpa_ie_len + 2);
+ else
+ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
+ if (elems.p2p &&
+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE))
+ params.p2p = 1;
+
+ if (wpa_s->parent->set_sta_uapsd)
+ params.uapsd = wpa_s->parent->sta_uapsd;
+ else
+ params.uapsd = -1;
+
if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
"failed");
+ wpa_supplicant_req_scan(wpa_s, 5, 0);
return;
}
wpa_s->sme.ft_ies_len = ies_len;
return 0;
}
+
+
+void sme_event_assoc_reject(struct wpa_supplicant *wpa_s,
+ union wpa_event_data *data)
+{
+ int bssid_changed;
+ int timeout = 5000;
+
+ wpa_printf(MSG_DEBUG, "SME: Association with " MACSTR " failed: "
+ "status code %d", MAC2STR(wpa_s->pending_bssid),
+ data->assoc_reject.status_code);
+
+ bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
+
+ /*
+ * For now, unconditionally terminate the previous authentication. In
+ * theory, this should not be needed, but mac80211 gets quite confused
+ * if the authentication is left pending.. Some roaming cases might
+ * benefit from using the previous authentication, so this could be
+ * optimized in the future.
+ */
+ if (wpa_drv_deauthenticate(wpa_s, wpa_s->pending_bssid,
+ WLAN_REASON_DEAUTH_LEAVING) < 0) {
+ wpa_msg(wpa_s, MSG_INFO,
+ "Deauth request to the driver failed");
+ }
+ wpa_s->sme.prev_bssid_set = 0;
+
+ if (wpa_blacklist_add(wpa_s, wpa_s->pending_bssid) == 0) {
+ struct wpa_blacklist *b;
+ b = wpa_blacklist_get(wpa_s, wpa_s->pending_bssid);
+ if (b && b->count < 3) {
+ /*
+ * Speed up next attempt if there could be other APs
+ * that could accept association.
+ */
+ timeout = 100;
+ }
+ }
+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
+ os_memset(wpa_s->bssid, 0, ETH_ALEN);
+ os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
+ if (bssid_changed)
+ wpas_notify_bssid_changed(wpa_s);
+
+ /*
+ * TODO: if more than one possible AP is available in scan results,
+ * could try the other ones before requesting a new scan.
+ */
+ wpa_supplicant_req_scan(wpa_s, timeout / 1000,
+ 1000 * (timeout % 1000));
+}
+
+
+void sme_event_auth_timed_out(struct wpa_supplicant *wpa_s,
+ union wpa_event_data *data)
+{
+ wpa_printf(MSG_DEBUG, "SME: Authentication timed out");
+ wpa_supplicant_req_scan(wpa_s, 5, 0);
+}
+
+
+void sme_event_assoc_timed_out(struct wpa_supplicant *wpa_s,
+ union wpa_event_data *data)
+{
+ wpa_printf(MSG_DEBUG, "SME: Association timed out");
+ wpa_supplicant_mark_disassoc(wpa_s);
+ wpa_supplicant_req_scan(wpa_s, 5, 0);
+}
+
+
+void sme_event_disassoc(struct wpa_supplicant *wpa_s,
+ union wpa_event_data *data)
+{
+ wpa_printf(MSG_DEBUG, "SME: Disassociation event received");
+ if (wpa_s->sme.prev_bssid_set &&
+ !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)) {
+ /*
+ * cfg80211/mac80211 can get into somewhat confused state if
+ * the AP only disassociates us and leaves us in authenticated
+ * state. For now, force the state to be cleared to avoid
+ * confusing errors if we try to associate with the AP again.
+ */
+ wpa_printf(MSG_DEBUG, "SME: Deauthenticate to clear driver "
+ "state");
+ wpa_drv_deauthenticate(wpa_s, wpa_s->sme.prev_bssid,
+ WLAN_REASON_DEAUTH_LEAVING);
+ }
+}
projects / libeap.git / blobdiff