Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.

sme.c 22KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748
  1. /*
  2. * wpa_supplicant - SME
  3. * Copyright (c) 2009-2010, Jouni Malinen <j@w1.fi>
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License version 2 as
  7. * published by the Free Software Foundation.
  8. *
  9. * Alternatively, this software may be distributed under the terms of BSD
  10. * license.
  11. *
  12. * See README and COPYING for more details.
  13. */
  14. #include "includes.h"
  15. #include "common.h"
  16. #include "utils/eloop.h"
  17. #include "common/ieee802_11_defs.h"
  18. #include "common/ieee802_11_common.h"
  19. #include "eapol_supp/eapol_supp_sm.h"
  20. #include "common/wpa_common.h"
  21. #include "rsn_supp/wpa.h"
  22. #include "rsn_supp/pmksa_cache.h"
  23. #include "config.h"
  24. #include "wpa_supplicant_i.h"
  25. #include "driver_i.h"
  26. #include "wpas_glue.h"
  27. #include "wps_supplicant.h"
  28. #include "p2p_supplicant.h"
  29. #include "notify.h"
  30. #include "blacklist.h"
  31. #include "bss.h"
  32. #include "scan.h"
  33. #include "sme.h"
  34. #define SME_AUTH_TIMEOUT 5
  35. #define SME_ASSOC_TIMEOUT 5
  36. static void sme_auth_timer(void *eloop_ctx, void *timeout_ctx);
  37. static void sme_assoc_timer(void *eloop_ctx, void *timeout_ctx);
  38. #ifdef CONFIG_IEEE80211W
  39. static void sme_stop_sa_query(struct wpa_supplicant *wpa_s);
  40. #endif /* CONFIG_IEEE80211W */
  41. void sme_authenticate(struct wpa_supplicant *wpa_s,
  42. struct wpa_bss *bss, struct wpa_ssid *ssid)
  43. {
  44. struct wpa_driver_auth_params params;
  45. struct wpa_ssid *old_ssid;
  46. #ifdef CONFIG_IEEE80211R
  47. const u8 *ie;
  48. #endif /* CONFIG_IEEE80211R */
  49. #ifdef CONFIG_IEEE80211R
  50. const u8 *md = NULL;
  51. #endif /* CONFIG_IEEE80211R */
  52. int i, bssid_changed;
  53. if (bss == NULL) {
  54. wpa_msg(wpa_s, MSG_ERROR, "SME: No scan result available for "
  55. "the network");
  56. return;
  57. }
  58. wpa_s->current_bss = bss;
  59. os_memset(&params, 0, sizeof(params));
  60. wpa_s->reassociate = 0;
  61. params.freq = bss->freq;
  62. params.bssid = bss->bssid;
  63. params.ssid = bss->ssid;
  64. params.ssid_len = bss->ssid_len;
  65. if (wpa_s->sme.ssid_len != params.ssid_len ||
  66. os_memcmp(wpa_s->sme.ssid, params.ssid, params.ssid_len) != 0)
  67. wpa_s->sme.prev_bssid_set = 0;
  68. wpa_s->sme.freq = params.freq;
  69. os_memcpy(wpa_s->sme.ssid, params.ssid, params.ssid_len);
  70. wpa_s->sme.ssid_len = params.ssid_len;
  71. params.auth_alg = WPA_AUTH_ALG_OPEN;
  72. #ifdef IEEE8021X_EAPOL
  73. if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
  74. if (ssid->leap) {
  75. if (ssid->non_leap == 0)
  76. params.auth_alg = WPA_AUTH_ALG_LEAP;
  77. else
  78. params.auth_alg |= WPA_AUTH_ALG_LEAP;
  79. }
  80. }
  81. #endif /* IEEE8021X_EAPOL */
  82. wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x",
  83. params.auth_alg);
  84. if (ssid->auth_alg) {
  85. params.auth_alg = ssid->auth_alg;
  86. wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
  87. "0x%x", params.auth_alg);
  88. }
  89. for (i = 0; i < NUM_WEP_KEYS; i++) {
  90. if (ssid->wep_key_len[i])
  91. params.wep_key[i] = ssid->wep_key[i];
  92. params.wep_key_len[i] = ssid->wep_key_len[i];
  93. }
  94. params.wep_tx_keyidx = ssid->wep_tx_keyidx;
  95. bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
  96. os_memset(wpa_s->bssid, 0, ETH_ALEN);
  97. os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
  98. if (bssid_changed)
  99. wpas_notify_bssid_changed(wpa_s);
  100. if ((wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
  101. wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
  102. (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
  103. WPA_KEY_MGMT_FT_IEEE8021X |
  104. WPA_KEY_MGMT_FT_PSK |
  105. WPA_KEY_MGMT_IEEE8021X_SHA256 |
  106. WPA_KEY_MGMT_PSK_SHA256))) {
  107. int try_opportunistic;
  108. try_opportunistic = ssid->proactive_key_caching &&
  109. (ssid->proto & WPA_PROTO_RSN);
  110. if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
  111. wpa_s->current_ssid,
  112. try_opportunistic) == 0)
  113. eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
  114. wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
  115. if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
  116. wpa_s->sme.assoc_req_ie,
  117. &wpa_s->sme.assoc_req_ie_len)) {
  118. wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
  119. "key management and encryption suites");
  120. return;
  121. }
  122. } else if (ssid->key_mgmt &
  123. (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
  124. WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
  125. WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
  126. WPA_KEY_MGMT_IEEE8021X_SHA256)) {
  127. wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie);
  128. if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
  129. wpa_s->sme.assoc_req_ie,
  130. &wpa_s->sme.assoc_req_ie_len)) {
  131. wpa_msg(wpa_s, MSG_WARNING, "SME: Failed to set WPA "
  132. "key management and encryption suites (no "
  133. "scan results)");
  134. return;
  135. }
  136. #ifdef CONFIG_WPS
  137. } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
  138. struct wpabuf *wps_ie;
  139. wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
  140. if (wps_ie && wpabuf_len(wps_ie) <=
  141. sizeof(wpa_s->sme.assoc_req_ie)) {
  142. wpa_s->sme.assoc_req_ie_len = wpabuf_len(wps_ie);
  143. os_memcpy(wpa_s->sme.assoc_req_ie, wpabuf_head(wps_ie),
  144. wpa_s->sme.assoc_req_ie_len);
  145. } else
  146. wpa_s->sme.assoc_req_ie_len = 0;
  147. wpabuf_free(wps_ie);
  148. wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
  149. #endif /* CONFIG_WPS */
  150. } else {
  151. wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
  152. wpa_s->sme.assoc_req_ie_len = 0;
  153. }
  154. #ifdef CONFIG_IEEE80211R
  155. ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
  156. if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
  157. md = ie + 2;
  158. wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
  159. if (md) {
  160. /* Prepare for the next transition */
  161. wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
  162. }
  163. if (md && ssid->key_mgmt & (WPA_KEY_MGMT_FT_PSK |
  164. WPA_KEY_MGMT_FT_IEEE8021X)) {
  165. if (wpa_s->sme.assoc_req_ie_len + 5 <
  166. sizeof(wpa_s->sme.assoc_req_ie)) {
  167. struct rsn_mdie *mdie;
  168. u8 *pos = wpa_s->sme.assoc_req_ie +
  169. wpa_s->sme.assoc_req_ie_len;
  170. *pos++ = WLAN_EID_MOBILITY_DOMAIN;
  171. *pos++ = sizeof(*mdie);
  172. mdie = (struct rsn_mdie *) pos;
  173. os_memcpy(mdie->mobility_domain, md,
  174. MOBILITY_DOMAIN_ID_LEN);
  175. mdie->ft_capab = md[MOBILITY_DOMAIN_ID_LEN];
  176. wpa_s->sme.assoc_req_ie_len += 5;
  177. }
  178. if (wpa_s->sme.ft_used &&
  179. os_memcmp(md, wpa_s->sme.mobility_domain, 2) == 0 &&
  180. wpa_sm_has_ptk(wpa_s->wpa)) {
  181. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying to use FT "
  182. "over-the-air");
  183. params.auth_alg = WPA_AUTH_ALG_FT;
  184. params.ie = wpa_s->sme.ft_ies;
  185. params.ie_len = wpa_s->sme.ft_ies_len;
  186. }
  187. }
  188. #endif /* CONFIG_IEEE80211R */
  189. #ifdef CONFIG_IEEE80211W
  190. wpa_s->sme.mfp = ssid->ieee80211w;
  191. if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
  192. const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
  193. struct wpa_ie_data _ie;
  194. if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &_ie) == 0 &&
  195. _ie.capabilities &
  196. (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
  197. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Selected AP supports "
  198. "MFP: require MFP");
  199. wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED;
  200. }
  201. }
  202. #endif /* CONFIG_IEEE80211W */
  203. #ifdef CONFIG_P2P
  204. if (wpa_s->global->p2p) {
  205. u8 *pos;
  206. size_t len;
  207. int res;
  208. int p2p_group;
  209. p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
  210. pos = wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len;
  211. len = sizeof(wpa_s->sme.assoc_req_ie) -
  212. wpa_s->sme.assoc_req_ie_len;
  213. res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
  214. if (res >= 0)
  215. wpa_s->sme.assoc_req_ie_len += res;
  216. }
  217. #endif /* CONFIG_P2P */
  218. wpa_supplicant_cancel_scan(wpa_s);
  219. wpa_msg(wpa_s, MSG_INFO, "SME: Trying to authenticate with " MACSTR
  220. " (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid),
  221. wpa_ssid_txt(params.ssid, params.ssid_len), params.freq);
  222. wpa_clear_keys(wpa_s, bss->bssid);
  223. wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING);
  224. old_ssid = wpa_s->current_ssid;
  225. wpa_s->current_ssid = ssid;
  226. wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
  227. wpa_supplicant_initiate_eapol(wpa_s);
  228. if (old_ssid != wpa_s->current_ssid)
  229. wpas_notify_network_changed(wpa_s);
  230. wpa_s->sme.auth_alg = params.auth_alg;
  231. if (wpa_drv_authenticate(wpa_s, &params) < 0) {
  232. wpa_msg(wpa_s, MSG_INFO, "SME: Authentication request to the "
  233. "driver failed");
  234. wpa_supplicant_req_scan(wpa_s, 1, 0);
  235. return;
  236. }
  237. eloop_register_timeout(SME_AUTH_TIMEOUT, 0, sme_auth_timer, wpa_s,
  238. NULL);
  239. /*
  240. * Association will be started based on the authentication event from
  241. * the driver.
  242. */
  243. }
  244. void sme_event_auth(struct wpa_supplicant *wpa_s, union wpa_event_data *data)
  245. {
  246. struct wpa_ssid *ssid = wpa_s->current_ssid;
  247. if (ssid == NULL) {
  248. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Ignore authentication event "
  249. "when network is not selected");
  250. return;
  251. }
  252. if (wpa_s->wpa_state != WPA_AUTHENTICATING) {
  253. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Ignore authentication event "
  254. "when not in authenticating state");
  255. return;
  256. }
  257. if (os_memcmp(wpa_s->pending_bssid, data->auth.peer, ETH_ALEN) != 0) {
  258. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Ignore authentication with "
  259. "unexpected peer " MACSTR,
  260. MAC2STR(data->auth.peer));
  261. return;
  262. }
  263. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Authentication response: peer=" MACSTR
  264. " auth_type=%d status_code=%d",
  265. MAC2STR(data->auth.peer), data->auth.auth_type,
  266. data->auth.status_code);
  267. wpa_hexdump(MSG_MSGDUMP, "SME: Authentication response IEs",
  268. data->auth.ies, data->auth.ies_len);
  269. eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
  270. if (data->auth.status_code != WLAN_STATUS_SUCCESS) {
  271. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Authentication failed (status "
  272. "code %d)", data->auth.status_code);
  273. if (data->auth.status_code !=
  274. WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG ||
  275. wpa_s->sme.auth_alg == data->auth.auth_type ||
  276. wpa_s->current_ssid->auth_alg == WPA_AUTH_ALG_LEAP) {
  277. wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
  278. return;
  279. }
  280. switch (data->auth.auth_type) {
  281. case WLAN_AUTH_OPEN:
  282. wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_SHARED;
  283. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying SHARED auth");
  284. wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
  285. wpa_s->current_ssid);
  286. return;
  287. case WLAN_AUTH_SHARED_KEY:
  288. wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_LEAP;
  289. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Trying LEAP auth");
  290. wpa_supplicant_associate(wpa_s, wpa_s->current_bss,
  291. wpa_s->current_ssid);
  292. return;
  293. default:
  294. return;
  295. }
  296. }
  297. #ifdef CONFIG_IEEE80211R
  298. if (data->auth.auth_type == WLAN_AUTH_FT) {
  299. union wpa_event_data edata;
  300. os_memset(&edata, 0, sizeof(edata));
  301. edata.ft_ies.ies = data->auth.ies;
  302. edata.ft_ies.ies_len = data->auth.ies_len;
  303. os_memcpy(edata.ft_ies.target_ap, data->auth.peer, ETH_ALEN);
  304. wpa_supplicant_event(wpa_s, EVENT_FT_RESPONSE, &edata);
  305. }
  306. #endif /* CONFIG_IEEE80211R */
  307. sme_associate(wpa_s, ssid->mode, data->auth.peer,
  308. data->auth.auth_type);
  309. }
  310. void sme_associate(struct wpa_supplicant *wpa_s, enum wpas_mode mode,
  311. const u8 *bssid, u16 auth_type)
  312. {
  313. struct wpa_driver_associate_params params;
  314. struct ieee802_11_elems elems;
  315. os_memset(&params, 0, sizeof(params));
  316. params.bssid = bssid;
  317. params.ssid = wpa_s->sme.ssid;
  318. params.ssid_len = wpa_s->sme.ssid_len;
  319. params.freq = wpa_s->sme.freq;
  320. params.wpa_ie = wpa_s->sme.assoc_req_ie_len ?
  321. wpa_s->sme.assoc_req_ie : NULL;
  322. params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len;
  323. params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher);
  324. params.group_suite = cipher_suite2driver(wpa_s->group_cipher);
  325. #ifdef CONFIG_IEEE80211R
  326. if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) {
  327. params.wpa_ie = wpa_s->sme.ft_ies;
  328. params.wpa_ie_len = wpa_s->sme.ft_ies_len;
  329. }
  330. #endif /* CONFIG_IEEE80211R */
  331. params.mode = mode;
  332. params.mgmt_frame_protection = wpa_s->sme.mfp;
  333. if (wpa_s->sme.prev_bssid_set)
  334. params.prev_bssid = wpa_s->sme.prev_bssid;
  335. wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
  336. " (SSID='%s' freq=%d MHz)", MAC2STR(params.bssid),
  337. params.ssid ? wpa_ssid_txt(params.ssid, params.ssid_len) : "",
  338. params.freq);
  339. wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
  340. if (params.wpa_ie == NULL ||
  341. ieee802_11_parse_elems(params.wpa_ie, params.wpa_ie_len, &elems, 0)
  342. < 0) {
  343. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Could not parse own IEs?!");
  344. os_memset(&elems, 0, sizeof(elems));
  345. }
  346. if (elems.rsn_ie)
  347. wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.rsn_ie - 2,
  348. elems.rsn_ie_len + 2);
  349. else if (elems.wpa_ie)
  350. wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.wpa_ie - 2,
  351. elems.wpa_ie_len + 2);
  352. else
  353. wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
  354. if (elems.p2p &&
  355. (wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE))
  356. params.p2p = 1;
  357. if (wpa_s->parent->set_sta_uapsd)
  358. params.uapsd = wpa_s->parent->sta_uapsd;
  359. else
  360. params.uapsd = -1;
  361. if (wpa_drv_associate(wpa_s, &params) < 0) {
  362. wpa_msg(wpa_s, MSG_INFO, "SME: Association request to the "
  363. "driver failed");
  364. wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
  365. os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
  366. return;
  367. }
  368. eloop_register_timeout(SME_ASSOC_TIMEOUT, 0, sme_assoc_timer, wpa_s,
  369. NULL);
  370. }
  371. int sme_update_ft_ies(struct wpa_supplicant *wpa_s, const u8 *md,
  372. const u8 *ies, size_t ies_len)
  373. {
  374. if (md == NULL || ies == NULL) {
  375. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Remove mobility domain");
  376. os_free(wpa_s->sme.ft_ies);
  377. wpa_s->sme.ft_ies = NULL;
  378. wpa_s->sme.ft_ies_len = 0;
  379. wpa_s->sme.ft_used = 0;
  380. return 0;
  381. }
  382. os_memcpy(wpa_s->sme.mobility_domain, md, MOBILITY_DOMAIN_ID_LEN);
  383. wpa_hexdump(MSG_DEBUG, "SME: FT IEs", ies, ies_len);
  384. os_free(wpa_s->sme.ft_ies);
  385. wpa_s->sme.ft_ies = os_malloc(ies_len);
  386. if (wpa_s->sme.ft_ies == NULL)
  387. return -1;
  388. os_memcpy(wpa_s->sme.ft_ies, ies, ies_len);
  389. wpa_s->sme.ft_ies_len = ies_len;
  390. return 0;
  391. }
  392. static void sme_deauth(struct wpa_supplicant *wpa_s)
  393. {
  394. int bssid_changed;
  395. bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
  396. if (wpa_drv_deauthenticate(wpa_s, wpa_s->pending_bssid,
  397. WLAN_REASON_DEAUTH_LEAVING) < 0) {
  398. wpa_msg(wpa_s, MSG_INFO, "SME: Deauth request to the driver "
  399. "failed");
  400. }
  401. wpa_s->sme.prev_bssid_set = 0;
  402. wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
  403. wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
  404. os_memset(wpa_s->bssid, 0, ETH_ALEN);
  405. os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
  406. if (bssid_changed)
  407. wpas_notify_bssid_changed(wpa_s);
  408. }
  409. void sme_event_assoc_reject(struct wpa_supplicant *wpa_s,
  410. union wpa_event_data *data)
  411. {
  412. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Association with " MACSTR " failed: "
  413. "status code %d", MAC2STR(wpa_s->pending_bssid),
  414. data->assoc_reject.status_code);
  415. eloop_cancel_timeout(sme_assoc_timer, wpa_s, NULL);
  416. /*
  417. * For now, unconditionally terminate the previous authentication. In
  418. * theory, this should not be needed, but mac80211 gets quite confused
  419. * if the authentication is left pending.. Some roaming cases might
  420. * benefit from using the previous authentication, so this could be
  421. * optimized in the future.
  422. */
  423. sme_deauth(wpa_s);
  424. }
  425. void sme_event_auth_timed_out(struct wpa_supplicant *wpa_s,
  426. union wpa_event_data *data)
  427. {
  428. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Authentication timed out");
  429. wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
  430. }
  431. void sme_event_assoc_timed_out(struct wpa_supplicant *wpa_s,
  432. union wpa_event_data *data)
  433. {
  434. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Association timed out");
  435. wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
  436. wpa_supplicant_mark_disassoc(wpa_s);
  437. }
  438. void sme_event_disassoc(struct wpa_supplicant *wpa_s,
  439. union wpa_event_data *data)
  440. {
  441. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Disassociation event received");
  442. if (wpa_s->sme.prev_bssid_set &&
  443. !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)) {
  444. /*
  445. * cfg80211/mac80211 can get into somewhat confused state if
  446. * the AP only disassociates us and leaves us in authenticated
  447. * state. For now, force the state to be cleared to avoid
  448. * confusing errors if we try to associate with the AP again.
  449. */
  450. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Deauthenticate to clear "
  451. "driver state");
  452. wpa_drv_deauthenticate(wpa_s, wpa_s->sme.prev_bssid,
  453. WLAN_REASON_DEAUTH_LEAVING);
  454. }
  455. }
  456. static void sme_auth_timer(void *eloop_ctx, void *timeout_ctx)
  457. {
  458. struct wpa_supplicant *wpa_s = eloop_ctx;
  459. if (wpa_s->wpa_state == WPA_AUTHENTICATING) {
  460. wpa_msg(wpa_s, MSG_DEBUG, "SME: Authentication timeout");
  461. sme_deauth(wpa_s);
  462. }
  463. }
  464. static void sme_assoc_timer(void *eloop_ctx, void *timeout_ctx)
  465. {
  466. struct wpa_supplicant *wpa_s = eloop_ctx;
  467. if (wpa_s->wpa_state == WPA_ASSOCIATING) {
  468. wpa_msg(wpa_s, MSG_DEBUG, "SME: Association timeout");
  469. sme_deauth(wpa_s);
  470. }
  471. }
  472. void sme_state_changed(struct wpa_supplicant *wpa_s)
  473. {
  474. /* Make sure timers are cleaned up appropriately. */
  475. if (wpa_s->wpa_state != WPA_ASSOCIATING)
  476. eloop_cancel_timeout(sme_assoc_timer, wpa_s, NULL);
  477. if (wpa_s->wpa_state != WPA_AUTHENTICATING)
  478. eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
  479. }
  480. void sme_disassoc_while_authenticating(struct wpa_supplicant *wpa_s,
  481. const u8 *prev_pending_bssid)
  482. {
  483. /*
  484. * mac80211-workaround to force deauth on failed auth cmd,
  485. * requires us to remain in authenticating state to allow the
  486. * second authentication attempt to be continued properly.
  487. */
  488. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Allow pending authentication "
  489. "to proceed after disconnection event");
  490. wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING);
  491. os_memcpy(wpa_s->pending_bssid, prev_pending_bssid, ETH_ALEN);
  492. /*
  493. * Re-arm authentication timer in case auth fails for whatever reason.
  494. */
  495. eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
  496. eloop_register_timeout(SME_AUTH_TIMEOUT, 0, sme_auth_timer, wpa_s,
  497. NULL);
  498. }
  499. void sme_deinit(struct wpa_supplicant *wpa_s)
  500. {
  501. os_free(wpa_s->sme.ft_ies);
  502. wpa_s->sme.ft_ies = NULL;
  503. wpa_s->sme.ft_ies_len = 0;
  504. #ifdef CONFIG_IEEE80211W
  505. sme_stop_sa_query(wpa_s);
  506. #endif /* CONFIG_IEEE80211W */
  507. eloop_cancel_timeout(sme_assoc_timer, wpa_s, NULL);
  508. eloop_cancel_timeout(sme_auth_timer, wpa_s, NULL);
  509. }
  510. #ifdef CONFIG_IEEE80211W
  511. static const unsigned int sa_query_max_timeout = 1000;
  512. static const unsigned int sa_query_retry_timeout = 201;
  513. static int sme_check_sa_query_timeout(struct wpa_supplicant *wpa_s)
  514. {
  515. u32 tu;
  516. struct os_time now, passed;
  517. os_get_time(&now);
  518. os_time_sub(&now, &wpa_s->sme.sa_query_start, &passed);
  519. tu = (passed.sec * 1000000 + passed.usec) / 1024;
  520. if (sa_query_max_timeout < tu) {
  521. wpa_dbg(wpa_s, MSG_DEBUG, "SME: SA Query timed out");
  522. sme_stop_sa_query(wpa_s);
  523. wpa_supplicant_deauthenticate(
  524. wpa_s, WLAN_REASON_PREV_AUTH_NOT_VALID);
  525. return 1;
  526. }
  527. return 0;
  528. }
  529. static void sme_send_sa_query_req(struct wpa_supplicant *wpa_s,
  530. const u8 *trans_id)
  531. {
  532. u8 req[2 + WLAN_SA_QUERY_TR_ID_LEN];
  533. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Sending SA Query Request to "
  534. MACSTR, MAC2STR(wpa_s->bssid));
  535. wpa_hexdump(MSG_DEBUG, "SME: SA Query Transaction ID",
  536. trans_id, WLAN_SA_QUERY_TR_ID_LEN);
  537. req[0] = WLAN_ACTION_SA_QUERY;
  538. req[1] = WLAN_SA_QUERY_REQUEST;
  539. os_memcpy(req + 2, trans_id, WLAN_SA_QUERY_TR_ID_LEN);
  540. if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
  541. wpa_s->own_addr, wpa_s->bssid,
  542. req, sizeof(req)) < 0)
  543. wpa_msg(wpa_s, MSG_INFO, "SME: Failed to send SA Query "
  544. "Request");
  545. }
  546. static void sme_sa_query_timer(void *eloop_ctx, void *timeout_ctx)
  547. {
  548. struct wpa_supplicant *wpa_s = eloop_ctx;
  549. unsigned int timeout, sec, usec;
  550. u8 *trans_id, *nbuf;
  551. if (wpa_s->sme.sa_query_count > 0 &&
  552. sme_check_sa_query_timeout(wpa_s))
  553. return;
  554. nbuf = os_realloc(wpa_s->sme.sa_query_trans_id,
  555. (wpa_s->sme.sa_query_count + 1) *
  556. WLAN_SA_QUERY_TR_ID_LEN);
  557. if (nbuf == NULL)
  558. return;
  559. if (wpa_s->sme.sa_query_count == 0) {
  560. /* Starting a new SA Query procedure */
  561. os_get_time(&wpa_s->sme.sa_query_start);
  562. }
  563. trans_id = nbuf + wpa_s->sme.sa_query_count * WLAN_SA_QUERY_TR_ID_LEN;
  564. wpa_s->sme.sa_query_trans_id = nbuf;
  565. wpa_s->sme.sa_query_count++;
  566. os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN);
  567. timeout = sa_query_retry_timeout;
  568. sec = ((timeout / 1000) * 1024) / 1000;
  569. usec = (timeout % 1000) * 1024;
  570. eloop_register_timeout(sec, usec, sme_sa_query_timer, wpa_s, NULL);
  571. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Association SA Query attempt %d",
  572. wpa_s->sme.sa_query_count);
  573. sme_send_sa_query_req(wpa_s, trans_id);
  574. }
  575. static void sme_start_sa_query(struct wpa_supplicant *wpa_s)
  576. {
  577. sme_sa_query_timer(wpa_s, NULL);
  578. }
  579. void sme_stop_sa_query(struct wpa_supplicant *wpa_s)
  580. {
  581. eloop_cancel_timeout(sme_sa_query_timer, wpa_s, NULL);
  582. os_free(wpa_s->sme.sa_query_trans_id);
  583. wpa_s->sme.sa_query_trans_id = NULL;
  584. wpa_s->sme.sa_query_count = 0;
  585. }
  586. void sme_event_unprot_disconnect(struct wpa_supplicant *wpa_s, const u8 *sa,
  587. const u8 *da, u16 reason_code)
  588. {
  589. struct wpa_ssid *ssid;
  590. if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
  591. return;
  592. if (wpa_s->wpa_state != WPA_COMPLETED)
  593. return;
  594. ssid = wpa_s->current_ssid;
  595. if (ssid == NULL || ssid->ieee80211w == 0)
  596. return;
  597. if (os_memcmp(sa, wpa_s->bssid, ETH_ALEN) != 0)
  598. return;
  599. if (reason_code != WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA &&
  600. reason_code != WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA)
  601. return;
  602. if (wpa_s->sme.sa_query_count > 0)
  603. return;
  604. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Unprotected disconnect dropped - "
  605. "possible AP/STA state mismatch - trigger SA Query");
  606. sme_start_sa_query(wpa_s);
  607. }
  608. void sme_sa_query_rx(struct wpa_supplicant *wpa_s, const u8 *sa,
  609. const u8 *data, size_t len)
  610. {
  611. int i;
  612. if (wpa_s->sme.sa_query_trans_id == NULL ||
  613. len < 1 + WLAN_SA_QUERY_TR_ID_LEN ||
  614. data[0] != WLAN_SA_QUERY_RESPONSE)
  615. return;
  616. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Received SA Query response from "
  617. MACSTR " (trans_id %02x%02x)", MAC2STR(sa), data[1], data[2]);
  618. if (os_memcmp(sa, wpa_s->bssid, ETH_ALEN) != 0)
  619. return;
  620. for (i = 0; i < wpa_s->sme.sa_query_count; i++) {
  621. if (os_memcmp(wpa_s->sme.sa_query_trans_id +
  622. i * WLAN_SA_QUERY_TR_ID_LEN,
  623. data + 1, WLAN_SA_QUERY_TR_ID_LEN) == 0)
  624. break;
  625. }
  626. if (i >= wpa_s->sme.sa_query_count) {
  627. wpa_dbg(wpa_s, MSG_DEBUG, "SME: No matching SA Query "
  628. "transaction identifier found");
  629. return;
  630. }
  631. wpa_dbg(wpa_s, MSG_DEBUG, "SME: Reply to pending SA Query received "
  632. "from " MACSTR, MAC2STR(sa));
  633. sme_stop_sa_query(wpa_s);
  634. }
  635. #endif /* CONFIG_IEEE80211W */