2 * WPA Supplicant - driver interaction with Linux Prism54.org driver
3 * Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2004, Luis R. Rodriguez <mcgrof@ruslug.rutgers.edu>
5 * Copyright (c) 2004, Bell Kin <bell_kin@pek.com.tw>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * Alternatively, this software may be distributed under the terms of BSD
14 * See README and COPYING for more details.
18 #include <sys/ioctl.h>
20 #include "wireless_copy.h"
23 #include "driver_wext.h"
24 #include "driver_hostap.h"
28 #include <net/if_arp.h>
29 #include <netpacket/packet.h>
34 #include "radius/radius.h"
35 #include "../../hostapd/hostapd.h"
36 #include "../../hostapd/config.h"
37 #include "../../hostapd/ieee802_1x.h"
38 #include "../../hostapd/ieee802_11.h"
39 #include "../../hostapd/wpa.h"
40 #include "../../hostapd/sta_info.h"
41 #include "../../hostapd/accounting.h"
44 const int PIM_BUF_SIZE = 4096;
46 struct prism54_driver_data {
47 struct hostapd_data *hapd;
48 char iface[IFNAMSIZ + 1];
49 int sock; /* raw packet socket for 802.3 access */
50 int pim_sock; /* socket for pimfor packet */
55 static int mac_id_refresh(struct prism54_driver_data *data, int id, char *mac)
57 if (id < 0 || id > 2006) {
60 memcpy(&data->macs[id][0], mac, ETH_ALEN);
65 static char * mac_id_get(struct prism54_driver_data *data, int id)
67 if (id < 0 || id > 2006) {
70 return &data->macs[id][0];
74 /* wait for a specific pimfor, timeout in 10ms resolution */
75 /* pim_sock must be non-block to prevent dead lock from no response */
76 /* or same response type in series */
77 static int prism54_waitpim(void *priv, unsigned long oid, void *buf, int len,
80 struct prism54_driver_data *drv = priv;
81 struct timeval tv, stv, ctv;
91 gettimeofday(&stv, NULL);
93 FD_SET(drv->pim_sock, &pfd);
96 if (select(drv->pim_sock + 1, &pfd, NULL, NULL, &tv)) {
97 rlen = recv(drv->pim_sock, pkt, 8192, 0);
99 if (pkt->oid == htonl(oid)) {
102 memcpy(buf, pkt, rlen);
107 printf("buffer too small\n");
112 gettimeofday(&ctv, NULL);
117 gettimeofday(&ctv, NULL);
118 } while (((ctv.tv_sec - stv.tv_sec) * 100 +
119 (ctv.tv_usec - stv.tv_usec) / 10000) > timeout);
125 /* send an eapol packet */
126 static int prism54_send_eapol(void *priv, const u8 *addr,
127 const u8 *data, size_t data_len, int encrypt,
130 struct prism54_driver_data *drv = priv;
136 len = sizeof(*hdr) + data_len;
137 hdr = os_zalloc(len);
139 printf("malloc() failed for prism54_send_data(len=%lu)\n",
140 (unsigned long) len);
144 memcpy(&hdr->da[0], addr, ETH_ALEN);
145 memcpy(&hdr->sa[0], own_addr, ETH_ALEN);
146 hdr->type = htons(ETH_P_PAE);
147 pos = (u8 *) (hdr + 1);
148 memcpy(pos, data, data_len);
150 res = send(drv->sock, hdr, len, 0);
154 perror("hostapd_send_eapol: send");
155 printf("hostapd_send_eapol - packet len: %lu - failed\n",
156 (unsigned long) len);
163 /* open data channel(auth-1) or eapol only(unauth-0) */
164 static int prism54_set_sta_authorized(void *priv, const u8 *addr,
167 struct prism54_driver_data *drv = priv;
171 hdr = os_zalloc(sizeof(*hdr) + ETH_ALEN);
174 hdr->op = htonl(PIMOP_SET);
176 hdr->oid = htonl(DOT11_OID_EAPAUTHSTA);
178 hdr->oid = htonl(DOT11_OID_EAPUNAUTHSTA);
180 pos = (char *) (hdr + 1);
181 memcpy(pos, addr, ETH_ALEN);
182 send(drv->pim_sock, hdr, sizeof(*hdr) + ETH_ALEN, 0);
183 prism54_waitpim(priv, hdr->oid, hdr, sizeof(*hdr) + ETH_ALEN, 10);
190 prism54_sta_set_flags(void *priv, const u8 *addr, int total_flags,
191 int flags_or, int flags_and)
193 /* For now, only support setting Authorized flag */
194 if (flags_or & WLAN_STA_AUTHORIZED)
195 return prism54_set_sta_authorized(priv, addr, 1);
196 if (flags_and & WLAN_STA_AUTHORIZED)
197 return prism54_set_sta_authorized(priv, addr, 0);
202 static int wpa_driver_prism54_set_key(const char *ifname, void *priv,
203 wpa_alg alg, const u8 *addr, int key_idx,
205 const u8 *seq, size_t seq_len,
206 const u8 *key, size_t key_len)
208 struct prism54_driver_data *drv = priv;
210 struct obj_stakey *keys;
215 blen = sizeof(struct obj_stakey) + sizeof(pimdev_hdr);
216 hdr = os_zalloc(blen);
218 printf("memory low\n");
221 keys = (struct obj_stakey *) &hdr[1];
223 memset(&keys->address[0], 0xff, ETH_ALEN);
225 memcpy(&keys->address[0], addr, ETH_ALEN);
229 keys->type = DOT11_PRIV_WEP;
232 keys->type = DOT11_PRIV_TKIP;
235 /* the only way to clear the key is to deauth it */
236 /* and prism54 is capable to receive unencrypted packet */
237 /* so we do nothing here */
241 printf("bad auth type: %d\n", alg);
245 buf = (u8 *) &keys->key[0];
246 keys->length = key_len;
247 keys->keyid = key_idx;
248 keys->options = htons(DOT11_STAKEY_OPTION_DEFAULTKEY);
251 hdr->op = htonl(PIMOP_SET);
252 hdr->oid = htonl(DOT11_OID_STAKEY);
254 memcpy(buf, key, key_len);
256 ret = send(drv->pim_sock, hdr, blen, 0);
261 prism54_waitpim(priv, hdr->oid, hdr, blen, 10);
269 /* get TKIP station sequence counter, prism54 is only 6 bytes */
270 static int prism54_get_seqnum(const char *ifname, void *priv, const u8 *addr,
273 struct prism54_driver_data *drv = priv;
274 struct obj_stasc *stasc;
279 blen = sizeof(*stasc) + sizeof(*hdr);
280 hdr = os_zalloc(blen);
284 stasc = (struct obj_stasc *) &hdr[1];
287 memset(&stasc->address[0], 0xff, ETH_ALEN);
289 memcpy(&stasc->address[0], addr, ETH_ALEN);
291 hdr->oid = htonl(DOT11_OID_STASC);
292 hdr->op = htonl(PIMOP_GET);
294 if (send(drv->pim_sock,hdr,blen,0) <= 0) {
298 if (prism54_waitpim(priv, DOT11_OID_STASC, hdr, blen, 10) <= 0) {
301 if (hdr->op == (int) htonl(PIMOP_RESPONSE)) {
302 memcpy(seq + 2, &stasc->sc_high, ETH_ALEN);
314 /* include unencrypted, set mlme autolevel to extended */
315 static int prism54_init_1x(void *priv)
317 struct prism54_driver_data *drv = priv;
320 int blen = sizeof(*hdr) + sizeof(*ul);
322 hdr = os_zalloc(blen);
326 ul = (unsigned long *) &hdr[1];
327 hdr->op = htonl(PIMOP_SET);
328 hdr->oid = htonl(DOT11_OID_EXUNENCRYPTED);
329 *ul = htonl(DOT11_BOOL_TRUE); /* not accept */
330 send(drv->pim_sock, hdr, blen, 0);
331 prism54_waitpim(priv, DOT11_OID_EXUNENCRYPTED, hdr, blen, 10);
332 hdr->op = htonl(PIMOP_SET);
333 hdr->oid = htonl(DOT11_OID_MLMEAUTOLEVEL);
334 *ul = htonl(DOT11_MLME_EXTENDED);
335 send(drv->pim_sock, hdr, blen, 0);
336 prism54_waitpim(priv, DOT11_OID_MLMEAUTOLEVEL, hdr, blen, 10);
337 hdr->op = htonl(PIMOP_SET);
338 hdr->oid = htonl(DOT11_OID_DOT1XENABLE);
339 *ul = htonl(DOT11_BOOL_TRUE);
340 send(drv->pim_sock, hdr, blen, 0);
341 prism54_waitpim(priv, DOT11_OID_DOT1XENABLE, hdr, blen, 10);
342 hdr->op = htonl(PIMOP_SET);
343 hdr->oid = htonl(DOT11_OID_AUTHENABLE);
344 *ul = htonl(DOT11_AUTH_OS); /* OS */
345 send(drv->pim_sock, hdr, blen, 0);
346 prism54_waitpim(priv, DOT11_OID_AUTHENABLE, hdr, blen, 10);
352 static int prism54_set_privacy_invoked(const char *ifname, void *priv,
355 struct prism54_driver_data *drv = priv;
359 int blen = sizeof(*hdr) + sizeof(*ul);
360 hdr = os_zalloc(blen);
363 ul = (unsigned long *) &hdr[1];
364 hdr->op = htonl(PIMOP_SET);
365 hdr->oid = htonl(DOT11_OID_PRIVACYINVOKED);
367 *ul = htonl(DOT11_BOOL_TRUE); /* has privacy */
371 ret = send(drv->pim_sock, hdr, blen, 0);
373 ret = prism54_waitpim(priv, DOT11_OID_PRIVACYINVOKED, hdr,
381 static int prism54_ioctl_setiwessid(const char *ifname, void *priv,
382 const u8 *buf, int len)
385 struct prism54_driver_data *drv = priv;
388 memset(&iwr, 0, sizeof(iwr));
389 os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ);
390 iwr.u.essid.flags = 1; /* SSID active */
391 iwr.u.essid.pointer = (caddr_t) buf;
392 iwr.u.essid.length = len + 1;
394 if (ioctl(drv->pim_sock, SIOCSIWESSID, &iwr) < 0) {
395 perror("ioctl[SIOCSIWESSID]");
396 printf("len=%d\n", len);
404 /* kick all stations */
405 /* does not work during init, but at least it won't crash firmware */
406 static int prism54_flush(void *priv)
408 struct prism54_driver_data *drv = priv;
409 struct obj_mlmeex *mlme;
414 int blen = sizeof(*hdr) + sizeof(*mlme);
417 hdr = os_zalloc(blen);
421 mlme = (struct obj_mlmeex *) &hdr[1];
422 nsta = (long *) &hdr[1];
423 hdr->op = htonl(PIMOP_GET);
424 hdr->oid = htonl(DOT11_OID_CLIENTS);
425 ret = send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(long), 0);
426 ret = prism54_waitpim(priv, DOT11_OID_CLIENTS, hdr, blen, 10);
427 if ((ret < 0) || (hdr->op != (int) htonl(PIMOP_RESPONSE)) ||
428 (le_to_host32(*nsta) > 2007)) {
432 for (i = 0; i < le_to_host32(*nsta); i++) {
434 mac_id = mac_id_get(drv, i);
436 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
437 mlme->code = host_to_le16(WLAN_REASON_UNSPECIFIED);
438 mlme->state = htons(DOT11_STATE_NONE);
440 hdr->op = htonl(PIMOP_SET);
441 hdr->oid = htonl(DOT11_OID_DISASSOCIATEEX);
442 ret = send(drv->pim_sock, hdr, blen, 0);
443 prism54_waitpim(priv, DOT11_OID_DISASSOCIATEEX, hdr, blen,
446 for (i = 0; i < le_to_host32(*nsta); i++) {
448 mac_id = mac_id_get(drv, i);
450 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
451 mlme->code = host_to_le16(WLAN_REASON_UNSPECIFIED);
452 mlme->state = htons(DOT11_STATE_NONE);
454 hdr->op = htonl(PIMOP_SET);
455 hdr->oid = htonl(DOT11_OID_DEAUTHENTICATEEX);
456 ret = send(drv->pim_sock, hdr, blen, 0);
457 prism54_waitpim(priv, DOT11_OID_DEAUTHENTICATEEX, hdr, blen,
465 static int prism54_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr,
468 struct prism54_driver_data *drv = priv;
470 struct obj_mlmeex *mlme;
472 int blen = sizeof(*hdr) + sizeof(*mlme);
473 hdr = os_zalloc(blen);
476 mlme = (struct obj_mlmeex *) &hdr[1];
477 hdr->op = htonl(PIMOP_SET);
478 hdr->oid = htonl(DOT11_OID_DEAUTHENTICATEEX);
479 memcpy(&mlme->address[0], addr, ETH_ALEN);
481 mlme->state = htons(DOT11_STATE_NONE);
482 mlme->code = host_to_le16(reason);
484 ret = send(drv->pim_sock, hdr, blen, 0);
485 prism54_waitpim(priv, DOT11_OID_DEAUTHENTICATEEX, hdr, blen, 10);
491 static int prism54_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr,
494 struct prism54_driver_data *drv = priv;
496 struct obj_mlmeex *mlme;
498 int blen = sizeof(*hdr) + sizeof(*mlme);
499 hdr = os_zalloc(blen);
502 mlme = (struct obj_mlmeex *) &hdr[1];
503 hdr->op = htonl(PIMOP_SET);
504 hdr->oid = htonl(DOT11_OID_DISASSOCIATEEX);
505 memcpy(&mlme->address[0], addr, ETH_ALEN);
507 mlme->state = htons(DOT11_STATE_NONE);
508 mlme->code = host_to_le16(reason);
510 ret = send(drv->pim_sock, hdr, blen, 0);
511 prism54_waitpim(priv, DOT11_OID_DISASSOCIATEEX, hdr, blen, 10);
517 static int prism54_get_inact_sec(void *priv, const u8 *addr)
519 struct prism54_driver_data *drv = priv;
522 int blen = sizeof(*hdr) + sizeof(*sta);
525 hdr = os_zalloc(blen);
528 hdr->op = htonl(PIMOP_GET);
529 hdr->oid = htonl(DOT11_OID_CLIENTFIND);
530 sta = (struct obj_sta *) &hdr[1];
531 memcpy(&sta->address[0], addr, ETH_ALEN);
532 ret = send(drv->pim_sock, hdr, blen, 0);
533 ret = prism54_waitpim(priv, DOT11_OID_CLIENTFIND, hdr, blen, 10);
535 printf("get_inact_sec: bad return %d\n", ret);
539 if (hdr->op != (int) htonl(PIMOP_RESPONSE)) {
540 printf("get_inact_sec: bad resp\n");
545 return le_to_host16(sta->age);
549 /* set attachments */
550 static int prism54_set_generic_elem(const char *ifname, void *priv,
551 const u8 *elem, size_t elem_len)
553 struct prism54_driver_data *drv = priv;
556 struct obj_attachment_hdr *attach;
557 size_t blen = sizeof(*hdr) + sizeof(*attach) + elem_len;
558 hdr = os_zalloc(blen);
560 printf("%s: memory low\n", __func__);
563 hdr->op = htonl(PIMOP_SET);
564 hdr->oid = htonl(DOT11_OID_ATTACHMENT);
565 attach = (struct obj_attachment_hdr *)&hdr[1];
566 attach->type = DOT11_PKT_BEACON;
568 attach->size = host_to_le16((short)elem_len);
569 pos = ((char*) attach) + sizeof(*attach);
571 memcpy(pos, elem, elem_len);
572 send(drv->pim_sock, hdr, blen, 0);
573 attach->type = DOT11_PKT_PROBE_RESP;
574 send(drv->pim_sock, hdr, blen, 0);
580 /* tell the card to auth the sta */
581 static void prism54_handle_probe(struct prism54_driver_data *drv,
582 void *buf, size_t len)
584 struct obj_mlmeex *mlme;
586 struct sta_info *sta;
587 hdr = (pimdev_hdr *)buf;
588 mlme = (struct obj_mlmeex *) &hdr[1];
589 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
591 if (sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC))
594 if (len < sizeof(*mlme)) {
595 printf("bad probe packet\n");
598 mlme->state = htons(DOT11_STATE_AUTHING);
600 hdr->op = htonl(PIMOP_SET);
601 hdr->oid = htonl(DOT11_OID_AUTHENTICATEEX);
603 send(drv->pim_sock, hdr, sizeof(*hdr)+sizeof(*mlme), 0);
607 static void prism54_handle_deauth(struct prism54_driver_data *drv,
608 void *buf, size_t len)
610 struct obj_mlme *mlme;
612 struct sta_info *sta;
615 hdr = (pimdev_hdr *) buf;
616 mlme = (struct obj_mlme *) &hdr[1];
617 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
618 mac_id = mac_id_get(drv, mlme->id);
619 if (sta == NULL || mac_id == NULL)
621 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
622 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
623 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
624 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
625 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
626 ap_free_sta(drv->hapd, sta);
630 static void prism54_handle_disassoc(struct prism54_driver_data *drv,
631 void *buf, size_t len)
633 struct obj_mlme *mlme;
635 struct sta_info *sta;
638 hdr = (pimdev_hdr *) buf;
639 mlme = (struct obj_mlme *) &hdr[1];
640 mac_id = mac_id_get(drv, mlme->id);
643 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
644 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
648 sta->flags &= ~WLAN_STA_ASSOC;
649 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
650 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
651 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
652 accounting_sta_stop(drv->hapd, sta);
653 ieee802_1x_free_station(sta);
657 /* to auth it, just allow it now, later for os/sk */
658 static void prism54_handle_auth(struct prism54_driver_data *drv,
659 void *buf, size_t len)
661 struct obj_mlmeex *mlme;
663 struct sta_info *sta;
666 hdr = (pimdev_hdr *) buf;
667 mlme = (struct obj_mlmeex *) &hdr[1];
668 if (len < sizeof(*mlme)) {
669 printf("bad auth packet\n");
673 if (mlme->state == htons(DOT11_STATE_AUTHING)) {
674 sta = ap_sta_add(drv->hapd, (u8 *) &mlme->address[0]);
675 if (drv->hapd->tkip_countermeasures) {
676 resp = WLAN_REASON_MICHAEL_MIC_FAILURE;
679 mac_id_refresh(drv, mlme->id, &mlme->address[0]);
681 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
684 sta->flags &= ~WLAN_STA_PREAUTH;
686 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0);
687 sta->flags |= WLAN_STA_AUTH;
688 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
690 mlme->state=htons(DOT11_STATE_AUTH);
691 hdr->op = htonl(PIMOP_SET);
692 hdr->oid = htonl(DOT11_OID_AUTHENTICATEEX);
694 sta->timeout_next = STA_NULLFUNC;
695 send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(*mlme), 0);
700 printf("auth fail: %x\n", resp);
701 mlme->code = host_to_le16(resp);
704 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
705 hdr->oid = htonl(DOT11_OID_DEAUTHENTICATEEX);
706 hdr->op = htonl(PIMOP_SET);
707 send(drv->pim_sock, hdr, sizeof(*hdr)+sizeof(*mlme), 0);
711 /* do the wpa thing */
712 static void prism54_handle_assoc(struct prism54_driver_data *drv,
713 void *buf, size_t len)
716 struct obj_mlmeex *mlme;
717 struct ieee802_11_elems elems;
718 struct sta_info *sta;
727 hdr = (pimdev_hdr *) buf;
728 mlme = (struct obj_mlmeex *) &hdr[1];
729 switch (ntohl(hdr->oid)) {
730 case DOT11_OID_ASSOCIATE:
731 case DOT11_OID_REASSOCIATE:
736 if ((mlme->state == (int) htonl(DOT11_STATE_ASSOCING)) ||
737 (mlme->state == (int) htonl(DOT11_STATE_REASSOCING))) {
738 if (len < sizeof(pimdev_hdr) + sizeof(struct obj_mlme)) {
739 printf("bad assoc packet\n");
742 mac_id = mac_id_get(drv, mlme->id);
745 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
746 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
748 printf("cannot get sta\n");
751 cb = (u8 *) &mlme->data[0];
752 if (hdr->oid == htonl(DOT11_OID_ASSOCIATEEX)) {
754 } else if (hdr->oid == htonl(DOT11_OID_REASSOCIATEEX)) {
757 if (le_to_host16(mlme->size) <= ieofs) {
758 printf("attach too small\n");
759 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
762 if (ieee802_11_parse_elems(cb + ieofs,
763 le_to_host16(mlme->size) - ieofs,
764 &elems, 1) == ParseFailed) {
765 printf("STA " MACSTR " sent invalid association "
766 "request\n", MAC2STR(sta->addr));
767 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
770 if ((drv->hapd->conf->wpa & WPA_PROTO_RSN) &&
772 wpa_ie = elems.rsn_ie;
773 wpa_ie_len = elems.rsn_ie_len;
774 } else if ((drv->hapd->conf->wpa & WPA_PROTO_WPA) &&
776 wpa_ie = elems.wpa_ie;
777 wpa_ie_len = elems.wpa_ie_len;
782 if (drv->hapd->conf->wpa && wpa_ie == NULL) {
783 printf("STA " MACSTR ": No WPA/RSN IE in association "
784 "request\n", MAC2STR(sta->addr));
785 resp = WLAN_STATUS_INVALID_IE;
788 if (drv->hapd->conf->wpa) {
792 if (sta->wpa_sm == NULL)
793 sta->wpa_sm = wpa_auth_sta_init(
794 drv->hapd->wpa_auth, sta->addr);
795 if (sta->wpa_sm == NULL) {
796 printf("Failed to initialize WPA state "
798 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
801 res = wpa_validate_wpa_ie(drv->hapd->wpa_auth,
805 if (res == WPA_INVALID_GROUP)
806 resp = WLAN_STATUS_GROUP_CIPHER_NOT_VALID;
807 else if (res == WPA_INVALID_PAIRWISE)
808 resp = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID;
809 else if (res == WPA_INVALID_AKMP)
810 resp = WLAN_STATUS_AKMP_NOT_VALID;
811 else if (res == WPA_ALLOC_FAIL)
812 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
813 else if (res != WPA_IE_OK)
814 resp = WLAN_STATUS_INVALID_IE;
815 if (resp != WLAN_STATUS_SUCCESS)
818 hdr->oid = (hdr->oid == htonl(DOT11_OID_ASSOCIATEEX)) ?
819 htonl(DOT11_OID_ASSOCIATEEX) :
820 htonl(DOT11_OID_REASSOCIATEEX);
821 hdr->op = htonl(PIMOP_SET);
823 mlme->state = htons(DOT11_STATE_ASSOC);
825 send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(*mlme), 0);
827 } else if (mlme->state==htons(DOT11_STATE_ASSOC)) {
828 if (len < sizeof(pimdev_hdr) + sizeof(struct obj_mlme)) {
829 printf("bad assoc packet\n");
832 mac_id = mac_id_get(drv, mlme->id);
835 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
836 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
838 printf("cannot get sta\n");
841 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0;
842 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
843 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);
844 hostapd_new_assoc_sta(drv->hapd, sta, !new_assoc);
845 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
846 sta->timeout_next = STA_NULLFUNC;
852 printf("Prism54: assoc fail: %x\n", resp);
853 mlme->code = host_to_le16(resp);
855 mlme->state = htons(DOT11_STATE_ASSOCING);
856 hdr->oid = htonl(DOT11_OID_DISASSOCIATEEX);
857 hdr->op = htonl(PIMOP_SET);
858 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
859 send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(*mlme), 0);
863 static void handle_pim(int sock, void *eloop_ctx, void *sock_ctx)
865 struct prism54_driver_data *drv = eloop_ctx;
869 hdr = malloc(PIM_BUF_SIZE);
872 len = recv(sock, hdr, PIM_BUF_SIZE, 0);
879 printf("handle_pim: too short (%d)\n", len);
884 if (hdr->op != (int) htonl(PIMOP_TRAP)) {
888 switch (ntohl(hdr->oid)) {
889 case DOT11_OID_PROBE:
890 prism54_handle_probe(drv, hdr, len);
892 case DOT11_OID_DEAUTHENTICATEEX:
893 case DOT11_OID_DEAUTHENTICATE:
894 prism54_handle_deauth(drv, hdr, len);
896 case DOT11_OID_DISASSOCIATEEX:
897 case DOT11_OID_DISASSOCIATE:
898 prism54_handle_disassoc(drv, hdr, len);
900 case DOT11_OID_AUTHENTICATEEX:
901 case DOT11_OID_AUTHENTICATE:
902 prism54_handle_auth(drv, hdr, len);
904 case DOT11_OID_ASSOCIATEEX:
905 case DOT11_OID_REASSOCIATEEX:
906 case DOT11_OID_ASSOCIATE:
907 case DOT11_OID_REASSOCIATE:
908 prism54_handle_assoc(drv, hdr, len);
917 static void handle_802_3(int sock, void *eloop_ctx, void *sock_ctx)
919 struct hostapd_data *hapd = (struct hostapd_data *) eloop_ctx;
923 hdr = malloc(PIM_BUF_SIZE);
926 len = recv(sock, hdr, PIM_BUF_SIZE, 0);
933 wpa_printf(MSG_MSGDUMP, "handle_802_3: too short (%d)", len);
937 if (hdr->type == htons(ETH_P_PAE)) {
938 hostapd_eapol_receive(hapd, (u8 *) &hdr->sa[0], (u8 *) &hdr[1],
945 static int prism54_init_sockets(struct prism54_driver_data *drv,
946 struct wpa_init_params *params)
949 struct sockaddr_ll addr;
951 drv->sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE));
953 perror("socket[PF_PACKET,SOCK_RAW]");
957 if (eloop_register_read_sock(drv->sock, handle_802_3, drv->hapd, NULL))
959 printf("Could not register read socket\n");
963 memset(&ifr, 0, sizeof(ifr));
964 if (params->num_bridge && params->bridge[0]) {
965 printf("opening bridge: %s\n", params->bridge[0]);
966 os_strlcpy(ifr.ifr_name, params->bridge[0],
967 sizeof(ifr.ifr_name));
969 os_strlcpy(ifr.ifr_name, drv->iface, sizeof(ifr.ifr_name));
971 if (ioctl(drv->sock, SIOCGIFINDEX, &ifr) != 0) {
972 perror("ioctl(SIOCGIFINDEX)");
976 memset(&addr, 0, sizeof(addr));
977 addr.sll_family = AF_PACKET;
978 addr.sll_ifindex = ifr.ifr_ifindex;
979 addr.sll_protocol = htons(ETH_P_PAE);
980 wpa_printf(MSG_DEBUG, "Opening raw packet socket for ifindex %d",
983 if (bind(drv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
988 memset(&ifr, 0, sizeof(ifr));
989 os_strlcpy(ifr.ifr_name, drv->iface, sizeof(ifr.ifr_name));
990 if (ioctl(drv->sock, SIOCGIFHWADDR, &ifr) != 0) {
991 perror("ioctl(SIOCGIFHWADDR)");
995 if (ifr.ifr_hwaddr.sa_family != ARPHRD_ETHER) {
996 printf("Invalid HW-addr family 0x%04x\n",
997 ifr.ifr_hwaddr.sa_family);
1000 memcpy(params->own_addr, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
1002 drv->pim_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
1003 if (drv->pim_sock < 0) {
1004 perror("socket[PF_PACKET,SOCK_RAW]");
1008 if (eloop_register_read_sock(drv->pim_sock, handle_pim, drv, NULL)) {
1009 printf("Could not register read socket\n");
1013 memset(&ifr, 0, sizeof(ifr));
1014 snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%sap", drv->iface);
1015 if (ioctl(drv->pim_sock, SIOCGIFINDEX, &ifr) != 0) {
1016 perror("ioctl(SIOCGIFINDEX)");
1020 memset(&addr, 0, sizeof(addr));
1021 addr.sll_family = AF_PACKET;
1022 addr.sll_ifindex = ifr.ifr_ifindex;
1023 addr.sll_protocol = htons(ETH_P_ALL);
1024 wpa_printf(MSG_DEBUG, "Opening raw packet socket for ifindex %d",
1027 if (bind(drv->pim_sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
1036 static void * prism54_driver_init(struct hostapd_data *hapd,
1037 struct wpa_init_params *params)
1039 struct prism54_driver_data *drv;
1041 drv = os_zalloc(sizeof(struct prism54_driver_data));
1043 printf("Could not allocate memory for hostapd Prism54 driver "
1049 drv->pim_sock = drv->sock = -1;
1050 memcpy(drv->iface, params->ifname, sizeof(drv->iface));
1052 if (prism54_init_sockets(drv, params)) {
1056 prism54_init_1x(drv);
1057 /* must clean previous elems */
1058 prism54_set_generic_elem(drv->iface, drv, NULL, 0);
1064 static void prism54_driver_deinit(void *priv)
1066 struct prism54_driver_data *drv = priv;
1068 if (drv->pim_sock >= 0)
1069 close(drv->pim_sock);
1079 struct wpa_driver_prism54_data {
1080 void *wext; /* private data for driver_wext */
1082 char ifname[IFNAMSIZ + 1];
1086 #define PRISM54_SET_WPA SIOCIWFIRSTPRIV+12
1087 #define PRISM54_HOSTAPD SIOCIWFIRSTPRIV+25
1088 #define PRISM54_DROP_UNENCRYPTED SIOCIWFIRSTPRIV+26
1090 static void show_set_key_error(struct prism2_hostapd_param *);
1092 static int hostapd_ioctl_prism54(struct wpa_driver_prism54_data *drv,
1093 struct prism2_hostapd_param *param,
1094 int len, int show_err)
1098 os_memset(&iwr, 0, sizeof(iwr));
1099 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1100 iwr.u.data.pointer = (caddr_t) param;
1101 iwr.u.data.length = len;
1103 if (ioctl(drv->sock, PRISM54_HOSTAPD, &iwr) < 0) {
1106 perror("ioctl[PRISM54_HOSTAPD]");
1114 static int wpa_driver_prism54_set_wpa_ie(struct wpa_driver_prism54_data *drv,
1118 struct prism2_hostapd_param *param;
1120 size_t blen = PRISM2_HOSTAPD_GENERIC_ELEMENT_HDR_LEN + wpa_ie_len;
1121 if (blen < sizeof(*param))
1122 blen = sizeof(*param);
1124 param = os_zalloc(blen);
1128 param->cmd = PRISM2_HOSTAPD_SET_GENERIC_ELEMENT;
1129 param->u.generic_elem.len = wpa_ie_len;
1130 os_memcpy(param->u.generic_elem.data, wpa_ie, wpa_ie_len);
1131 res = hostapd_ioctl_prism54(drv, param, blen, 1);
1139 /* This is called at wpa_supplicant daemon init time */
1140 static int wpa_driver_prism54_set_wpa(void *priv, int enabled)
1142 struct wpa_driver_prism54_data *drv = priv;
1143 struct prism2_hostapd_param *param;
1145 size_t blen = PRISM2_HOSTAPD_GENERIC_ELEMENT_HDR_LEN;
1146 if (blen < sizeof(*param))
1147 blen = sizeof(*param);
1149 param = os_zalloc(blen);
1153 param->cmd = PRISM54_SET_WPA;
1154 param->u.generic_elem.len = 0;
1155 res = hostapd_ioctl_prism54(drv, param, blen, 1);
1163 static int wpa_driver_prism54_set_key(const char *ifname, void *priv,
1165 const u8 *addr, int key_idx, int set_tx,
1166 const u8 *seq, size_t seq_len,
1167 const u8 *key, size_t key_len)
1169 struct wpa_driver_prism54_data *drv = priv;
1170 struct prism2_hostapd_param *param;
1196 wpa_printf(MSG_DEBUG, "%s: alg=%s key_idx=%d set_tx=%d seq_len=%lu "
1197 "key_len=%lu", __FUNCTION__, alg_name, key_idx, set_tx,
1198 (unsigned long) seq_len, (unsigned long) key_len);
1203 blen = sizeof(*param) + key_len;
1204 buf = os_zalloc(blen);
1208 param = (struct prism2_hostapd_param *) buf;
1209 param->cmd = PRISM2_SET_ENCRYPTION;
1210 /* TODO: In theory, STA in client mode can use five keys; four default
1211 * keys for receiving (with keyidx 0..3) and one individual key for
1212 * both transmitting and receiving (keyidx 0) _unicast_ packets. Now,
1213 * keyidx 0 is reserved for this unicast use and default keys can only
1214 * use keyidx 1..3 (i.e., default key with keyidx 0 is not supported).
1215 * This should be fine for more or less all cases, but for completeness
1216 * sake, the driver could be enhanced to support the missing key. */
1219 os_memset(param->sta_addr, 0xff, ETH_ALEN);
1221 os_memcpy(param->sta_addr, addr, ETH_ALEN);
1223 os_memset(param->sta_addr, 0xff, ETH_ALEN);
1225 os_strlcpy((char *) param->u.crypt.alg, alg_name,
1226 HOSTAP_CRYPT_ALG_NAME_LEN);
1227 param->u.crypt.flags = set_tx ? HOSTAP_CRYPT_FLAG_SET_TX_KEY : 0;
1228 param->u.crypt.idx = key_idx;
1229 os_memcpy(param->u.crypt.seq, seq, seq_len);
1230 param->u.crypt.key_len = key_len;
1231 os_memcpy((u8 *) (param + 1), key, key_len);
1233 if (hostapd_ioctl_prism54(drv, param, blen, 1)) {
1234 wpa_printf(MSG_WARNING, "Failed to set encryption.");
1235 show_set_key_error(param);
1244 static int wpa_driver_prism54_set_countermeasures(void *priv,
1248 printf("wpa_driver_prism54_set_countermeasures - not yet "
1254 static int wpa_driver_prism54_set_drop_unencrypted(void *priv,
1257 struct wpa_driver_prism54_data *drv = priv;
1258 struct prism2_hostapd_param *param;
1260 size_t blen = PRISM2_HOSTAPD_GENERIC_ELEMENT_HDR_LEN;
1261 if (blen < sizeof(*param))
1262 blen = sizeof(*param);
1264 param = os_zalloc(blen);
1268 param->cmd = PRISM54_DROP_UNENCRYPTED;
1269 param->u.generic_elem.len = 0;
1270 res = hostapd_ioctl_prism54(drv, param, blen, 1);
1278 static int wpa_driver_prism54_deauthenticate(void *priv, const u8 *addr,
1282 printf("wpa_driver_prism54_deauthenticate - not yet implemented\n");
1287 static int wpa_driver_prism54_disassociate(void *priv, const u8 *addr,
1291 printf("wpa_driver_prism54_disassociate - not yet implemented\n");
1297 wpa_driver_prism54_associate(void *priv,
1298 struct wpa_driver_associate_params *params)
1300 struct wpa_driver_prism54_data *drv = priv;
1303 if (wpa_driver_prism54_set_drop_unencrypted(drv,
1304 params->drop_unencrypted)
1307 if (wpa_driver_prism54_set_wpa_ie(drv, params->wpa_ie,
1308 params->wpa_ie_len) < 0)
1310 if (wpa_driver_wext_set_freq(drv->wext, params->freq) < 0)
1312 if (wpa_driver_wext_set_ssid(drv->wext, params->ssid,
1313 params->ssid_len) < 0)
1315 if (wpa_driver_wext_set_bssid(drv->wext, params->bssid) < 0)
1321 static void show_set_key_error(struct prism2_hostapd_param *param)
1323 switch (param->u.crypt.err) {
1324 case HOSTAP_CRYPT_ERR_UNKNOWN_ALG:
1325 wpa_printf(MSG_INFO, "Unknown algorithm '%s'.",
1326 param->u.crypt.alg);
1327 wpa_printf(MSG_INFO, "You may need to load kernel module to "
1328 "register that algorithm.");
1329 wpa_printf(MSG_INFO, "E.g., 'modprobe hostap_crypt_wep' for "
1332 case HOSTAP_CRYPT_ERR_UNKNOWN_ADDR:
1333 wpa_printf(MSG_INFO, "Unknown address " MACSTR ".",
1334 MAC2STR(param->sta_addr));
1336 case HOSTAP_CRYPT_ERR_CRYPT_INIT_FAILED:
1337 wpa_printf(MSG_INFO, "Crypt algorithm initialization failed.");
1339 case HOSTAP_CRYPT_ERR_KEY_SET_FAILED:
1340 wpa_printf(MSG_INFO, "Key setting failed.");
1342 case HOSTAP_CRYPT_ERR_TX_KEY_SET_FAILED:
1343 wpa_printf(MSG_INFO, "TX key index setting failed.");
1345 case HOSTAP_CRYPT_ERR_CARD_CONF_FAILED:
1346 wpa_printf(MSG_INFO, "Card configuration failed.");
1352 static int wpa_driver_prism54_get_bssid(void *priv, u8 *bssid)
1354 struct wpa_driver_prism54_data *drv = priv;
1355 return wpa_driver_wext_get_bssid(drv->wext, bssid);
1359 static int wpa_driver_prism54_get_ssid(void *priv, u8 *ssid)
1361 struct wpa_driver_prism54_data *drv = priv;
1362 return wpa_driver_wext_get_ssid(drv->wext, ssid);
1366 static int wpa_driver_prism54_scan(void *priv, const u8 *ssid, size_t ssid_len)
1368 struct wpa_driver_prism54_data *drv = priv;
1369 return wpa_driver_wext_scan(drv->wext, ssid, ssid_len);
1373 static struct wpa_scan_results *
1374 wpa_driver_prism54_get_scan_results(void *priv)
1376 struct wpa_driver_prism54_data *drv = priv;
1377 return wpa_driver_wext_get_scan_results(drv->wext);
1381 static int wpa_driver_prism54_set_operstate(void *priv, int state)
1383 struct wpa_driver_prism54_data *drv = priv;
1384 return wpa_driver_wext_set_operstate(drv->wext, state);
1388 static void * wpa_driver_prism54_init(void *ctx, const char *ifname)
1390 struct wpa_driver_prism54_data *drv;
1392 drv = os_zalloc(sizeof(*drv));
1395 drv->wext = wpa_driver_wext_init(ctx, ifname);
1396 if (drv->wext == NULL) {
1402 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
1403 drv->sock = socket(PF_INET, SOCK_DGRAM, 0);
1404 if (drv->sock < 0) {
1405 wpa_driver_wext_deinit(drv->wext);
1410 wpa_driver_prism54_set_wpa(drv, 1);
1416 static void wpa_driver_prism54_deinit(void *priv)
1418 struct wpa_driver_prism54_data *drv = priv;
1419 wpa_driver_prism54_set_wpa(drv, 0);
1420 wpa_driver_wext_deinit(drv->wext);
1425 #endif /* HOSTAPD */
1428 const struct wpa_driver_ops wpa_driver_prism54_ops = {
1430 .desc = "Prism54.org driver (Intersil Prism GT/Duette/Indigo)",
1431 .set_key = wpa_driver_prism54_set_key,
1433 .hapd_init = prism54_driver_init,
1434 .hapd_deinit = prism54_driver_deinit,
1435 /* .set_ieee8021x = prism54_init_1x, */
1436 .set_privacy = prism54_set_privacy_invoked,
1437 .get_seqnum = prism54_get_seqnum,
1438 .flush = prism54_flush,
1439 .set_generic_elem = prism54_set_generic_elem,
1440 .hapd_send_eapol = prism54_send_eapol,
1441 .sta_set_flags = prism54_sta_set_flags,
1442 .sta_deauth = prism54_sta_deauth,
1443 .sta_disassoc = prism54_sta_disassoc,
1444 .hapd_set_ssid = prism54_ioctl_setiwessid,
1445 .get_inact_sec = prism54_get_inact_sec,
1447 .get_bssid = wpa_driver_prism54_get_bssid,
1448 .get_ssid = wpa_driver_prism54_get_ssid,
1449 .set_countermeasures = wpa_driver_prism54_set_countermeasures,
1450 .scan = wpa_driver_prism54_scan,
1451 .get_scan_results2 = wpa_driver_prism54_get_scan_results,
1452 .deauthenticate = wpa_driver_prism54_deauthenticate,
1453 .disassociate = wpa_driver_prism54_disassociate,
1454 .associate = wpa_driver_prism54_associate,
1455 .init = wpa_driver_prism54_init,
1456 .deinit = wpa_driver_prism54_deinit,
1457 .set_operstate = wpa_driver_prism54_set_operstate,
1458 #endif /* HOSTAPD */