2 * Generic advertisement service (GAS) query
3 * Copyright (c) 2009, Atheros Communications
4 * Copyright (c) 2011-2013, Qualcomm Atheros, Inc.
5 * Copyright (c) 2011-2014, Jouni Malinen <j@w1.fi>
7 * This software may be distributed under the terms of the BSD license.
8 * See README for more details.
14 #include "utils/eloop.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/gas.h"
17 #include "common/wpa_ctrl.h"
18 #include "wpa_supplicant_i.h"
20 #include "offchannel.h"
21 #include "gas_query.h"
24 /** GAS query timeout in seconds */
25 #define GAS_QUERY_TIMEOUT_PERIOD 2
29 * struct gas_query_pending - Pending GAS query
31 struct gas_query_pending {
33 struct gas_query *gas;
37 unsigned int wait_comeback:1;
38 unsigned int offchannel_tx_started:1;
42 struct wpabuf *adv_proto;
44 void (*cb)(void *ctx, const u8 *dst, u8 dialog_token,
45 enum gas_query_result result,
46 const struct wpabuf *adv_proto,
47 const struct wpabuf *resp, u16 status_code);
52 * struct gas_query - Internal GAS query data
55 struct wpa_supplicant *wpa_s;
56 struct dl_list pending; /* struct gas_query_pending */
57 struct gas_query_pending *current;
58 struct wpa_radio_work *work;
62 static void gas_query_tx_comeback_timeout(void *eloop_data, void *user_ctx);
63 static void gas_query_timeout(void *eloop_data, void *user_ctx);
67 * gas_query_init - Initialize GAS query component
68 * @wpa_s: Pointer to wpa_supplicant data
69 * Returns: Pointer to GAS query data or %NULL on failure
71 struct gas_query * gas_query_init(struct wpa_supplicant *wpa_s)
73 struct gas_query *gas;
75 gas = os_zalloc(sizeof(*gas));
80 dl_list_init(&gas->pending);
86 static const char * gas_result_txt(enum gas_query_result result)
89 case GAS_QUERY_SUCCESS:
91 case GAS_QUERY_FAILURE:
93 case GAS_QUERY_TIMEOUT:
95 case GAS_QUERY_PEER_ERROR:
97 case GAS_QUERY_INTERNAL_ERROR:
98 return "INTERNAL_ERROR";
99 case GAS_QUERY_CANCELLED:
101 case GAS_QUERY_DELETED_AT_DEINIT:
102 return "DELETED_AT_DEINIT";
109 static void gas_query_free(struct gas_query_pending *query, int del_list)
111 struct gas_query *gas = query->gas;
114 dl_list_del(&query->list);
116 if (gas->work && gas->work->ctx == query) {
117 radio_work_done(gas->work);
121 wpabuf_free(query->req);
122 wpabuf_free(query->adv_proto);
123 wpabuf_free(query->resp);
128 static void gas_query_done(struct gas_query *gas,
129 struct gas_query_pending *query,
130 enum gas_query_result result)
132 wpa_msg(gas->wpa_s, MSG_INFO, GAS_QUERY_DONE "addr=" MACSTR
133 " dialog_token=%u freq=%d status_code=%u result=%s",
134 MAC2STR(query->addr), query->dialog_token, query->freq,
135 query->status_code, gas_result_txt(result));
136 if (gas->current == query)
138 if (query->offchannel_tx_started)
139 offchannel_send_action_done(gas->wpa_s);
140 eloop_cancel_timeout(gas_query_tx_comeback_timeout, gas, query);
141 eloop_cancel_timeout(gas_query_timeout, gas, query);
142 dl_list_del(&query->list);
143 query->cb(query->ctx, query->addr, query->dialog_token, result,
144 query->adv_proto, query->resp, query->status_code);
145 gas_query_free(query, 0);
150 * gas_query_deinit - Deinitialize GAS query component
151 * @gas: GAS query data from gas_query_init()
153 void gas_query_deinit(struct gas_query *gas)
155 struct gas_query_pending *query, *next;
160 dl_list_for_each_safe(query, next, &gas->pending,
161 struct gas_query_pending, list)
162 gas_query_done(gas, query, GAS_QUERY_DELETED_AT_DEINIT);
168 static struct gas_query_pending *
169 gas_query_get_pending(struct gas_query *gas, const u8 *addr, u8 dialog_token)
171 struct gas_query_pending *q;
172 dl_list_for_each(q, &gas->pending, struct gas_query_pending, list) {
173 if (os_memcmp(q->addr, addr, ETH_ALEN) == 0 &&
174 q->dialog_token == dialog_token)
181 static int gas_query_append(struct gas_query_pending *query, const u8 *data,
184 if (wpabuf_resize(&query->resp, len) < 0) {
185 wpa_printf(MSG_DEBUG, "GAS: No memory to store the response");
188 wpabuf_put_data(query->resp, data, len);
193 static void gas_query_tx_status(struct wpa_supplicant *wpa_s,
194 unsigned int freq, const u8 *dst,
195 const u8 *src, const u8 *bssid,
196 const u8 *data, size_t data_len,
197 enum offchannel_send_action_result result)
199 struct gas_query_pending *query;
200 struct gas_query *gas = wpa_s->gas;
202 if (gas->current == NULL) {
203 wpa_printf(MSG_DEBUG, "GAS: Unexpected TX status: freq=%u dst="
204 MACSTR " result=%d - no query in progress",
205 freq, MAC2STR(dst), result);
209 query = gas->current;
211 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
212 " result=%d query=%p dialog_token=%u",
213 freq, MAC2STR(dst), result, query, query->dialog_token);
214 if (os_memcmp(dst, query->addr, ETH_ALEN) != 0) {
215 wpa_printf(MSG_DEBUG, "GAS: TX status for unexpected destination");
219 if (result == OFFCHANNEL_SEND_ACTION_SUCCESS) {
220 eloop_cancel_timeout(gas_query_timeout, gas, query);
221 eloop_register_timeout(GAS_QUERY_TIMEOUT_PERIOD, 0,
222 gas_query_timeout, gas, query);
224 if (result == OFFCHANNEL_SEND_ACTION_FAILED) {
225 eloop_cancel_timeout(gas_query_timeout, gas, query);
226 eloop_register_timeout(0, 0, gas_query_timeout, gas, query);
231 static int gas_query_tx(struct gas_query *gas, struct gas_query_pending *query,
235 wpa_printf(MSG_DEBUG, "GAS: Send action frame to " MACSTR " len=%u "
236 "freq=%d", MAC2STR(query->addr),
237 (unsigned int) wpabuf_len(req), query->freq);
238 res = offchannel_send_action(gas->wpa_s, query->freq, query->addr,
239 gas->wpa_s->own_addr, query->addr,
240 wpabuf_head(req), wpabuf_len(req), 1000,
241 gas_query_tx_status, 0);
243 query->offchannel_tx_started = 1;
248 static void gas_query_tx_comeback_req(struct gas_query *gas,
249 struct gas_query_pending *query)
253 req = gas_build_comeback_req(query->dialog_token);
255 gas_query_done(gas, query, GAS_QUERY_INTERNAL_ERROR);
259 if (gas_query_tx(gas, query, req) < 0) {
260 wpa_printf(MSG_DEBUG, "GAS: Failed to send Action frame to "
261 MACSTR, MAC2STR(query->addr));
262 gas_query_done(gas, query, GAS_QUERY_INTERNAL_ERROR);
269 static void gas_query_tx_comeback_timeout(void *eloop_data, void *user_ctx)
271 struct gas_query *gas = eloop_data;
272 struct gas_query_pending *query = user_ctx;
274 wpa_printf(MSG_DEBUG, "GAS: Comeback timeout for request to " MACSTR,
275 MAC2STR(query->addr));
276 gas_query_tx_comeback_req(gas, query);
280 static void gas_query_tx_comeback_req_delay(struct gas_query *gas,
281 struct gas_query_pending *query,
284 unsigned int secs, usecs;
286 secs = (comeback_delay * 1024) / 1000000;
287 usecs = comeback_delay * 1024 - secs * 1000000;
288 wpa_printf(MSG_DEBUG, "GAS: Send comeback request to " MACSTR
289 " in %u secs %u usecs", MAC2STR(query->addr), secs, usecs);
290 eloop_cancel_timeout(gas_query_tx_comeback_timeout, gas, query);
291 eloop_register_timeout(secs, usecs, gas_query_tx_comeback_timeout,
296 static void gas_query_rx_initial(struct gas_query *gas,
297 struct gas_query_pending *query,
298 const u8 *adv_proto, const u8 *resp,
299 size_t len, u16 comeback_delay)
301 wpa_printf(MSG_DEBUG, "GAS: Received initial response from "
302 MACSTR " (dialog_token=%u comeback_delay=%u)",
303 MAC2STR(query->addr), query->dialog_token, comeback_delay);
305 query->adv_proto = wpabuf_alloc_copy(adv_proto, 2 + adv_proto[1]);
306 if (query->adv_proto == NULL) {
307 gas_query_done(gas, query, GAS_QUERY_INTERNAL_ERROR);
311 if (comeback_delay) {
312 query->wait_comeback = 1;
313 gas_query_tx_comeback_req_delay(gas, query, comeback_delay);
317 /* Query was completed without comeback mechanism */
318 if (gas_query_append(query, resp, len) < 0) {
319 gas_query_done(gas, query, GAS_QUERY_INTERNAL_ERROR);
323 gas_query_done(gas, query, GAS_QUERY_SUCCESS);
327 static void gas_query_rx_comeback(struct gas_query *gas,
328 struct gas_query_pending *query,
329 const u8 *adv_proto, const u8 *resp,
330 size_t len, u8 frag_id, u8 more_frags,
333 wpa_printf(MSG_DEBUG, "GAS: Received comeback response from "
334 MACSTR " (dialog_token=%u frag_id=%u more_frags=%u "
335 "comeback_delay=%u)",
336 MAC2STR(query->addr), query->dialog_token, frag_id,
337 more_frags, comeback_delay);
339 if ((size_t) 2 + adv_proto[1] != wpabuf_len(query->adv_proto) ||
340 os_memcmp(adv_proto, wpabuf_head(query->adv_proto),
341 wpabuf_len(query->adv_proto)) != 0) {
342 wpa_printf(MSG_DEBUG, "GAS: Advertisement Protocol changed "
343 "between initial and comeback response from "
344 MACSTR, MAC2STR(query->addr));
345 gas_query_done(gas, query, GAS_QUERY_PEER_ERROR);
349 if (comeback_delay) {
351 wpa_printf(MSG_DEBUG, "GAS: Invalid comeback response "
352 "with non-zero frag_id and comeback_delay "
353 "from " MACSTR, MAC2STR(query->addr));
354 gas_query_done(gas, query, GAS_QUERY_PEER_ERROR);
357 gas_query_tx_comeback_req_delay(gas, query, comeback_delay);
361 if (frag_id != query->next_frag_id) {
362 wpa_printf(MSG_DEBUG, "GAS: Unexpected frag_id in response "
363 "from " MACSTR, MAC2STR(query->addr));
364 if (frag_id + 1 == query->next_frag_id) {
365 wpa_printf(MSG_DEBUG, "GAS: Drop frame as possible "
366 "retry of previous fragment");
369 gas_query_done(gas, query, GAS_QUERY_PEER_ERROR);
372 query->next_frag_id++;
374 if (gas_query_append(query, resp, len) < 0) {
375 gas_query_done(gas, query, GAS_QUERY_INTERNAL_ERROR);
380 gas_query_tx_comeback_req(gas, query);
384 gas_query_done(gas, query, GAS_QUERY_SUCCESS);
389 * gas_query_rx - Indicate reception of a Public Action frame
390 * @gas: GAS query data from gas_query_init()
391 * @da: Destination MAC address of the Action frame
392 * @sa: Source MAC address of the Action frame
393 * @bssid: BSSID of the Action frame
394 * @data: Payload of the Action frame
395 * @len: Length of @data
396 * @freq: Frequency (in MHz) on which the frame was received
397 * Returns: 0 if the Public Action frame was a GAS frame or -1 if not
399 int gas_query_rx(struct gas_query *gas, const u8 *da, const u8 *sa,
400 const u8 *bssid, const u8 *data, size_t len, int freq)
402 struct gas_query_pending *query;
403 u8 action, dialog_token, frag_id = 0, more_frags = 0;
404 u16 comeback_delay, resp_len;
405 const u8 *pos, *adv_proto;
407 if (gas == NULL || len < 4)
412 dialog_token = *pos++;
414 if (action != WLAN_PA_GAS_INITIAL_RESP &&
415 action != WLAN_PA_GAS_COMEBACK_RESP)
416 return -1; /* Not a GAS response */
418 query = gas_query_get_pending(gas, sa, dialog_token);
420 wpa_printf(MSG_DEBUG, "GAS: No pending query found for " MACSTR
421 " dialog token %u", MAC2STR(sa), dialog_token);
425 if (query->wait_comeback && action == WLAN_PA_GAS_INITIAL_RESP) {
426 wpa_printf(MSG_DEBUG, "GAS: Unexpected initial response from "
427 MACSTR " dialog token %u when waiting for comeback "
428 "response", MAC2STR(sa), dialog_token);
432 if (!query->wait_comeback && action == WLAN_PA_GAS_COMEBACK_RESP) {
433 wpa_printf(MSG_DEBUG, "GAS: Unexpected comeback response from "
434 MACSTR " dialog token %u when waiting for initial "
435 "response", MAC2STR(sa), dialog_token);
439 query->status_code = WPA_GET_LE16(pos);
442 if (query->status_code != WLAN_STATUS_SUCCESS) {
443 wpa_printf(MSG_DEBUG, "GAS: Query to " MACSTR " dialog token "
444 "%u failed - status code %u",
445 MAC2STR(sa), dialog_token, query->status_code);
446 gas_query_done(gas, query, GAS_QUERY_FAILURE);
450 if (action == WLAN_PA_GAS_COMEBACK_RESP) {
451 if (pos + 1 > data + len)
453 frag_id = *pos & 0x7f;
454 more_frags = (*pos & 0x80) >> 7;
459 if (pos + 2 > data + len)
461 comeback_delay = WPA_GET_LE16(pos);
464 /* Advertisement Protocol element */
465 if (pos + 2 > data + len || pos + 2 + pos[1] > data + len) {
466 wpa_printf(MSG_DEBUG, "GAS: No room for Advertisement "
467 "Protocol element in the response from " MACSTR,
472 if (*pos != WLAN_EID_ADV_PROTO) {
473 wpa_printf(MSG_DEBUG, "GAS: Unexpected Advertisement "
474 "Protocol element ID %u in response from " MACSTR,
482 /* Query Response Length */
483 if (pos + 2 > data + len) {
484 wpa_printf(MSG_DEBUG, "GAS: No room for GAS Response Length");
487 resp_len = WPA_GET_LE16(pos);
490 if (pos + resp_len > data + len) {
491 wpa_printf(MSG_DEBUG, "GAS: Truncated Query Response in "
492 "response from " MACSTR, MAC2STR(sa));
496 if (pos + resp_len < data + len) {
497 wpa_printf(MSG_DEBUG, "GAS: Ignore %u octets of extra data "
498 "after Query Response from " MACSTR,
499 (unsigned int) (data + len - pos - resp_len),
503 if (action == WLAN_PA_GAS_COMEBACK_RESP)
504 gas_query_rx_comeback(gas, query, adv_proto, pos, resp_len,
505 frag_id, more_frags, comeback_delay);
507 gas_query_rx_initial(gas, query, adv_proto, pos, resp_len,
514 static void gas_query_timeout(void *eloop_data, void *user_ctx)
516 struct gas_query *gas = eloop_data;
517 struct gas_query_pending *query = user_ctx;
519 wpa_printf(MSG_DEBUG, "GAS: No response received for query to " MACSTR
521 MAC2STR(query->addr), query->dialog_token);
522 gas_query_done(gas, query, GAS_QUERY_TIMEOUT);
526 static int gas_query_dialog_token_available(struct gas_query *gas,
527 const u8 *dst, u8 dialog_token)
529 struct gas_query_pending *q;
530 dl_list_for_each(q, &gas->pending, struct gas_query_pending, list) {
531 if (os_memcmp(dst, q->addr, ETH_ALEN) == 0 &&
532 dialog_token == q->dialog_token)
540 static void gas_query_start_cb(struct wpa_radio_work *work, int deinit)
542 struct gas_query_pending *query = work->ctx;
543 struct gas_query *gas = query->gas;
546 gas_query_free(query, 1);
552 if (gas_query_tx(gas, query, query->req) < 0) {
553 wpa_printf(MSG_DEBUG, "GAS: Failed to send Action frame to "
554 MACSTR, MAC2STR(query->addr));
555 gas_query_free(query, 1);
558 gas->current = query;
560 wpa_printf(MSG_DEBUG, "GAS: Starting query timeout for dialog token %u",
561 query->dialog_token);
562 eloop_register_timeout(GAS_QUERY_TIMEOUT_PERIOD, 0,
563 gas_query_timeout, gas, query);
569 * gas_query_req - Request a GAS query
570 * @gas: GAS query data from gas_query_init()
571 * @dst: Destination MAC address for the query
572 * @freq: Frequency (in MHz) for the channel on which to send the query
573 * @req: GAS query payload (to be freed by gas_query module in case of success
575 * @cb: Callback function for reporting GAS query result and response
576 * @ctx: Context pointer to use with the @cb call
577 * Returns: dialog token (>= 0) on success or -1 on failure
579 int gas_query_req(struct gas_query *gas, const u8 *dst, int freq,
581 void (*cb)(void *ctx, const u8 *dst, u8 dialog_token,
582 enum gas_query_result result,
583 const struct wpabuf *adv_proto,
584 const struct wpabuf *resp, u16 status_code),
587 struct gas_query_pending *query;
589 static int next_start = 0;
591 if (wpabuf_len(req) < 3)
594 for (dialog_token = 0; dialog_token < 256; dialog_token++) {
595 if (gas_query_dialog_token_available(
596 gas, dst, (next_start + dialog_token) % 256))
599 if (dialog_token == 256)
600 return -1; /* Too many pending queries */
601 dialog_token = (next_start + dialog_token) % 256;
602 next_start = (dialog_token + 1) % 256;
604 query = os_zalloc(sizeof(*query));
609 os_memcpy(query->addr, dst, ETH_ALEN);
610 query->dialog_token = dialog_token;
615 dl_list_add(&gas->pending, &query->list);
617 *(wpabuf_mhead_u8(req) + 2) = dialog_token;
619 wpa_msg(gas->wpa_s, MSG_INFO, GAS_QUERY_START "addr=" MACSTR
620 " dialog_token=%u freq=%d",
621 MAC2STR(query->addr), query->dialog_token, query->freq);
623 if (radio_add_work(gas->wpa_s, freq, "gas-query", 0, gas_query_start_cb,
625 gas_query_free(query, 1);
634 * gas_query_cancel - Cancel a pending GAS query
635 * @gas: GAS query data from gas_query_init()
636 * @dst: Destination MAC address for the query
637 * @dialog_token: Dialog token from gas_query_req()
639 void gas_query_cancel(struct gas_query *gas, const u8 *dst, u8 dialog_token)
641 struct gas_query_pending *query;
643 query = gas_query_get_pending(gas, dst, dialog_token);
645 gas_query_done(gas, query, GAS_QUERY_CANCELLED);
projects / mech_eap.git / blob