forked from Minki/linux
Staging: rt28[67]0: merge rt28[67]0/sta/*.[ch]
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This commit is contained in:
parent
5f5d2df8ab
commit
ddaf557500
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -1,460 +1 @@
|
||||||
/*
|
#include "../../rt2860/sta/auth.c"
|
||||||
*************************************************************************
|
|
||||||
* Ralink Tech Inc.
|
|
||||||
* 5F., No.36, Taiyuan St., Jhubei City,
|
|
||||||
* Hsinchu County 302,
|
|
||||||
* Taiwan, R.O.C.
|
|
||||||
*
|
|
||||||
* (c) Copyright 2002-2007, Ralink Technology, Inc.
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify *
|
|
||||||
* it under the terms of the GNU General Public License as published by *
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or *
|
|
||||||
* (at your option) any later version. *
|
|
||||||
* *
|
|
||||||
* This program is distributed in the hope that it will be useful, *
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
|
|
||||||
* GNU General Public License for more details. *
|
|
||||||
* *
|
|
||||||
* You should have received a copy of the GNU General Public License *
|
|
||||||
* along with this program; if not, write to the *
|
|
||||||
* Free Software Foundation, Inc., *
|
|
||||||
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
|
|
||||||
* *
|
|
||||||
*************************************************************************
|
|
||||||
|
|
||||||
Module Name:
|
|
||||||
auth.c
|
|
||||||
|
|
||||||
Abstract:
|
|
||||||
|
|
||||||
Revision History:
|
|
||||||
Who When What
|
|
||||||
-------- ---------- ----------------------------------------------
|
|
||||||
John 2004-9-3 porting from RT2500
|
|
||||||
*/
|
|
||||||
#include "../rt_config.h"
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
authenticate state machine init, including state transition and timer init
|
|
||||||
Parameters:
|
|
||||||
Sm - pointer to the auth state machine
|
|
||||||
Note:
|
|
||||||
The state machine looks like this
|
|
||||||
|
|
||||||
AUTH_REQ_IDLE AUTH_WAIT_SEQ2 AUTH_WAIT_SEQ4
|
|
||||||
MT2_MLME_AUTH_REQ mlme_auth_req_action invalid_state_when_auth invalid_state_when_auth
|
|
||||||
MT2_PEER_AUTH_EVEN drop peer_auth_even_at_seq2_action peer_auth_even_at_seq4_action
|
|
||||||
MT2_AUTH_TIMEOUT Drop auth_timeout_action auth_timeout_action
|
|
||||||
|
|
||||||
IRQL = PASSIVE_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
|
|
||||||
void AuthStateMachineInit(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN STATE_MACHINE *Sm,
|
|
||||||
OUT STATE_MACHINE_FUNC Trans[])
|
|
||||||
{
|
|
||||||
StateMachineInit(Sm, Trans, MAX_AUTH_STATE, MAX_AUTH_MSG, (STATE_MACHINE_FUNC)Drop, AUTH_REQ_IDLE, AUTH_MACHINE_BASE);
|
|
||||||
|
|
||||||
// the first column
|
|
||||||
StateMachineSetAction(Sm, AUTH_REQ_IDLE, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)MlmeAuthReqAction);
|
|
||||||
|
|
||||||
// the second column
|
|
||||||
StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);
|
|
||||||
StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq2Action);
|
|
||||||
StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);
|
|
||||||
|
|
||||||
// the third column
|
|
||||||
StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);
|
|
||||||
StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq4Action);
|
|
||||||
StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);
|
|
||||||
|
|
||||||
RTMPInitTimer(pAd, &pAd->MlmeAux.AuthTimer, GET_TIMER_FUNCTION(AuthTimeout), pAd, FALSE);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
function to be executed at timer thread when auth timer expires
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID AuthTimeout(
|
|
||||||
IN PVOID SystemSpecific1,
|
|
||||||
IN PVOID FunctionContext,
|
|
||||||
IN PVOID SystemSpecific2,
|
|
||||||
IN PVOID SystemSpecific3)
|
|
||||||
{
|
|
||||||
RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
|
|
||||||
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE,("AUTH - AuthTimeout\n"));
|
|
||||||
|
|
||||||
// Do nothing if the driver is starting halt state.
|
|
||||||
// This might happen when timer already been fired before cancel timer with mlmehalt
|
|
||||||
if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
|
|
||||||
return;
|
|
||||||
|
|
||||||
// send a de-auth to reset AP's state machine (Patch AP-Dir635)
|
|
||||||
if (pAd->Mlme.AuthMachine.CurrState == AUTH_WAIT_SEQ2)
|
|
||||||
Cls2errAction(pAd, pAd->MlmeAux.Bssid);
|
|
||||||
|
|
||||||
|
|
||||||
MlmeEnqueue(pAd, AUTH_STATE_MACHINE, MT2_AUTH_TIMEOUT, 0, NULL);
|
|
||||||
RT28XX_MLME_HANDLER(pAd);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID MlmeAuthReqAction(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN MLME_QUEUE_ELEM *Elem)
|
|
||||||
{
|
|
||||||
UCHAR Addr[6];
|
|
||||||
USHORT Alg, Seq, Status;
|
|
||||||
ULONG Timeout;
|
|
||||||
HEADER_802_11 AuthHdr;
|
|
||||||
BOOLEAN TimerCancelled;
|
|
||||||
NDIS_STATUS NStatus;
|
|
||||||
PUCHAR pOutBuffer = NULL;
|
|
||||||
ULONG FrameLen = 0;
|
|
||||||
|
|
||||||
// Block all authentication request durning WPA block period
|
|
||||||
if (pAd->StaCfg.bBlockAssoc == TRUE)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Block Auth request durning WPA block period!\n"));
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status = MLME_STATE_MACHINE_REJECT;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
}
|
|
||||||
else if(MlmeAuthReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr, &Timeout, &Alg))
|
|
||||||
{
|
|
||||||
// reset timer
|
|
||||||
RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled);
|
|
||||||
COPY_MAC_ADDR(pAd->MlmeAux.Bssid, Addr);
|
|
||||||
pAd->MlmeAux.Alg = Alg;
|
|
||||||
Seq = 1;
|
|
||||||
Status = MLME_SUCCESS;
|
|
||||||
|
|
||||||
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
|
|
||||||
if(NStatus != NDIS_STATUS_SUCCESS)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - MlmeAuthReqAction(Alg:%d) allocate memory failed\n", Alg));
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status = MLME_FAIL_NO_RESOURCE;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH request seq#1 (Alg=%d)...\n", Alg));
|
|
||||||
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr, pAd->MlmeAux.Bssid);
|
|
||||||
MakeOutgoingFrame(pOutBuffer, &FrameLen,
|
|
||||||
sizeof(HEADER_802_11),&AuthHdr,
|
|
||||||
2, &Alg,
|
|
||||||
2, &Seq,
|
|
||||||
2, &Status,
|
|
||||||
END_OF_ARGS);
|
|
||||||
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
|
|
||||||
MlmeFreeMemory(pAd, pOutBuffer);
|
|
||||||
|
|
||||||
RTMPSetTimer(&pAd->MlmeAux.AuthTimer, Timeout);
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ2;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DBGPRINT_ERR(("AUTH - MlmeAuthReqAction() sanity check failed\n"));
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status = MLME_INVALID_FORMAT;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID PeerAuthRspAtSeq2Action(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN MLME_QUEUE_ELEM *Elem)
|
|
||||||
{
|
|
||||||
UCHAR Addr2[MAC_ADDR_LEN];
|
|
||||||
USHORT Seq, Status, RemoteStatus, Alg;
|
|
||||||
UCHAR ChlgText[CIPHER_TEXT_LEN];
|
|
||||||
UCHAR CyperChlgText[CIPHER_TEXT_LEN + 8 + 8];
|
|
||||||
UCHAR Element[2];
|
|
||||||
HEADER_802_11 AuthHdr;
|
|
||||||
BOOLEAN TimerCancelled;
|
|
||||||
PUCHAR pOutBuffer = NULL;
|
|
||||||
NDIS_STATUS NStatus;
|
|
||||||
ULONG FrameLen = 0;
|
|
||||||
USHORT Status2;
|
|
||||||
|
|
||||||
if (PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, ChlgText))
|
|
||||||
{
|
|
||||||
if (MAC_ADDR_EQUAL(pAd->MlmeAux.Bssid, Addr2) && Seq == 2)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Receive AUTH_RSP seq#2 to me (Alg=%d, Status=%d)\n", Alg, Status));
|
|
||||||
RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled);
|
|
||||||
|
|
||||||
if (Status == MLME_SUCCESS)
|
|
||||||
{
|
|
||||||
// Authentication Mode "LEAP" has allow for CCX 1.X
|
|
||||||
if ((pAd->MlmeAux.Alg == Ndis802_11AuthModeOpen)
|
|
||||||
)
|
|
||||||
{
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
// 2. shared key, need to be challenged
|
|
||||||
Seq++;
|
|
||||||
RemoteStatus = MLME_SUCCESS;
|
|
||||||
|
|
||||||
// Get an unused nonpaged memory
|
|
||||||
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
|
|
||||||
if(NStatus != NDIS_STATUS_SUCCESS)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthRspAtSeq2Action() allocate memory fail\n"));
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status2 = MLME_FAIL_NO_RESOURCE;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status2);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH request seq#3...\n"));
|
|
||||||
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2, pAd->MlmeAux.Bssid);
|
|
||||||
AuthHdr.FC.Wep = 1;
|
|
||||||
// Encrypt challenge text & auth information
|
|
||||||
RTMPInitWepEngine(
|
|
||||||
pAd,
|
|
||||||
pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key,
|
|
||||||
pAd->StaCfg.DefaultKeyId,
|
|
||||||
pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].KeyLen,
|
|
||||||
CyperChlgText);
|
|
||||||
|
|
||||||
Alg = cpu2le16(*(USHORT *)&Alg);
|
|
||||||
Seq = cpu2le16(*(USHORT *)&Seq);
|
|
||||||
RemoteStatus= cpu2le16(*(USHORT *)&RemoteStatus);
|
|
||||||
|
|
||||||
RTMPEncryptData(pAd, (PUCHAR) &Alg, CyperChlgText + 4, 2);
|
|
||||||
RTMPEncryptData(pAd, (PUCHAR) &Seq, CyperChlgText + 6, 2);
|
|
||||||
RTMPEncryptData(pAd, (PUCHAR) &RemoteStatus, CyperChlgText + 8, 2);
|
|
||||||
Element[0] = 16;
|
|
||||||
Element[1] = 128;
|
|
||||||
RTMPEncryptData(pAd, Element, CyperChlgText + 10, 2);
|
|
||||||
RTMPEncryptData(pAd, ChlgText, CyperChlgText + 12, 128);
|
|
||||||
RTMPSetICV(pAd, CyperChlgText + 140);
|
|
||||||
MakeOutgoingFrame(pOutBuffer, &FrameLen,
|
|
||||||
sizeof(HEADER_802_11), &AuthHdr,
|
|
||||||
CIPHER_TEXT_LEN + 16, CyperChlgText,
|
|
||||||
END_OF_ARGS);
|
|
||||||
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
|
|
||||||
MlmeFreeMemory(pAd, pOutBuffer);
|
|
||||||
|
|
||||||
RTMPSetTimer(&pAd->MlmeAux.AuthTimer, AUTH_TIMEOUT);
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ4;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
pAd->StaCfg.AuthFailReason = Status;
|
|
||||||
COPY_MAC_ADDR(pAd->StaCfg.AuthFailSta, Addr2);
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthSanity() sanity check fail\n"));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID PeerAuthRspAtSeq4Action(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN MLME_QUEUE_ELEM *Elem)
|
|
||||||
{
|
|
||||||
UCHAR Addr2[MAC_ADDR_LEN];
|
|
||||||
USHORT Alg, Seq, Status;
|
|
||||||
CHAR ChlgText[CIPHER_TEXT_LEN];
|
|
||||||
BOOLEAN TimerCancelled;
|
|
||||||
|
|
||||||
if(PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, ChlgText))
|
|
||||||
{
|
|
||||||
if(MAC_ADDR_EQUAL(pAd->MlmeAux.Bssid, Addr2) && Seq == 4)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Receive AUTH_RSP seq#4 to me\n"));
|
|
||||||
RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled);
|
|
||||||
|
|
||||||
if (Status != MLME_SUCCESS)
|
|
||||||
{
|
|
||||||
pAd->StaCfg.AuthFailReason = Status;
|
|
||||||
COPY_MAC_ADDR(pAd->StaCfg.AuthFailSta, Addr2);
|
|
||||||
}
|
|
||||||
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthRspAtSeq4Action() sanity check fail\n"));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID MlmeDeauthReqAction(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN MLME_QUEUE_ELEM *Elem)
|
|
||||||
{
|
|
||||||
MLME_DEAUTH_REQ_STRUCT *pInfo;
|
|
||||||
HEADER_802_11 DeauthHdr;
|
|
||||||
PUCHAR pOutBuffer = NULL;
|
|
||||||
NDIS_STATUS NStatus;
|
|
||||||
ULONG FrameLen = 0;
|
|
||||||
USHORT Status;
|
|
||||||
|
|
||||||
pInfo = (MLME_DEAUTH_REQ_STRUCT *)Elem->Msg;
|
|
||||||
|
|
||||||
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
|
|
||||||
if (NStatus != NDIS_STATUS_SUCCESS)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - MlmeDeauthReqAction() allocate memory fail\n"));
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status = MLME_FAIL_NO_RESOURCE;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DEAUTH_CONF, 2, &Status);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send DE-AUTH request (Reason=%d)...\n", pInfo->Reason));
|
|
||||||
MgtMacHeaderInit(pAd, &DeauthHdr, SUBTYPE_DEAUTH, 0, pInfo->Addr, pAd->MlmeAux.Bssid);
|
|
||||||
MakeOutgoingFrame(pOutBuffer, &FrameLen,
|
|
||||||
sizeof(HEADER_802_11),&DeauthHdr,
|
|
||||||
2, &pInfo->Reason,
|
|
||||||
END_OF_ARGS);
|
|
||||||
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
|
|
||||||
MlmeFreeMemory(pAd, pOutBuffer);
|
|
||||||
|
|
||||||
pAd->StaCfg.DeauthReason = pInfo->Reason;
|
|
||||||
COPY_MAC_ADDR(pAd->StaCfg.DeauthSta, pInfo->Addr);
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status = MLME_SUCCESS;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DEAUTH_CONF, 2, &Status);
|
|
||||||
|
|
||||||
// send wireless event - for deauthentication
|
|
||||||
if (pAd->CommonCfg.bWirelessEvent)
|
|
||||||
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID AuthTimeoutAction(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN MLME_QUEUE_ELEM *Elem)
|
|
||||||
{
|
|
||||||
USHORT Status;
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - AuthTimeoutAction\n"));
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status = MLME_REJ_TIMEOUT;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID InvalidStateWhenAuth(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN MLME_QUEUE_ELEM *Elem)
|
|
||||||
{
|
|
||||||
USHORT Status;
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - InvalidStateWhenAuth (state=%ld), reset AUTH state machine\n", pAd->Mlme.AuthMachine.CurrState));
|
|
||||||
pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
|
|
||||||
Status = MLME_STATE_MACHINE_REJECT;
|
|
||||||
MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
Some STA/AP
|
|
||||||
Note:
|
|
||||||
This action should never trigger AUTH state transition, therefore we
|
|
||||||
separate it from AUTH state machine, and make it as a standalone service
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID Cls2errAction(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN PUCHAR pAddr)
|
|
||||||
{
|
|
||||||
HEADER_802_11 DeauthHdr;
|
|
||||||
PUCHAR pOutBuffer = NULL;
|
|
||||||
NDIS_STATUS NStatus;
|
|
||||||
ULONG FrameLen = 0;
|
|
||||||
USHORT Reason = REASON_CLS2ERR;
|
|
||||||
|
|
||||||
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
|
|
||||||
if (NStatus != NDIS_STATUS_SUCCESS)
|
|
||||||
return;
|
|
||||||
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Class 2 error, Send DEAUTH frame...\n"));
|
|
||||||
MgtMacHeaderInit(pAd, &DeauthHdr, SUBTYPE_DEAUTH, 0, pAddr, pAd->MlmeAux.Bssid);
|
|
||||||
MakeOutgoingFrame(pOutBuffer, &FrameLen,
|
|
||||||
sizeof(HEADER_802_11),&DeauthHdr,
|
|
||||||
2, &Reason,
|
|
||||||
END_OF_ARGS);
|
|
||||||
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
|
|
||||||
MlmeFreeMemory(pAd, pOutBuffer);
|
|
||||||
|
|
||||||
pAd->StaCfg.DeauthReason = Reason;
|
|
||||||
COPY_MAC_ADDR(pAd->StaCfg.DeauthSta, pAddr);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,148 +1 @@
|
||||||
/*
|
#include "../../rt2860/sta/auth_rsp.c"
|
||||||
*************************************************************************
|
|
||||||
* Ralink Tech Inc.
|
|
||||||
* 5F., No.36, Taiyuan St., Jhubei City,
|
|
||||||
* Hsinchu County 302,
|
|
||||||
* Taiwan, R.O.C.
|
|
||||||
*
|
|
||||||
* (c) Copyright 2002-2007, Ralink Technology, Inc.
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify *
|
|
||||||
* it under the terms of the GNU General Public License as published by *
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or *
|
|
||||||
* (at your option) any later version. *
|
|
||||||
* *
|
|
||||||
* This program is distributed in the hope that it will be useful, *
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
|
|
||||||
* GNU General Public License for more details. *
|
|
||||||
* *
|
|
||||||
* You should have received a copy of the GNU General Public License *
|
|
||||||
* along with this program; if not, write to the *
|
|
||||||
* Free Software Foundation, Inc., *
|
|
||||||
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
|
|
||||||
* *
|
|
||||||
*************************************************************************
|
|
||||||
|
|
||||||
Module Name:
|
|
||||||
auth_rsp.c
|
|
||||||
|
|
||||||
Abstract:
|
|
||||||
|
|
||||||
Revision History:
|
|
||||||
Who When What
|
|
||||||
-------- ---------- ----------------------------------------------
|
|
||||||
John 2004-10-1 copy from RT2560
|
|
||||||
*/
|
|
||||||
#include "../rt_config.h"
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
authentication state machine init procedure
|
|
||||||
Parameters:
|
|
||||||
Sm - the state machine
|
|
||||||
|
|
||||||
IRQL = PASSIVE_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID AuthRspStateMachineInit(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN PSTATE_MACHINE Sm,
|
|
||||||
IN STATE_MACHINE_FUNC Trans[])
|
|
||||||
{
|
|
||||||
StateMachineInit(Sm, Trans, MAX_AUTH_RSP_STATE, MAX_AUTH_RSP_MSG, (STATE_MACHINE_FUNC)Drop, AUTH_RSP_IDLE, AUTH_RSP_MACHINE_BASE);
|
|
||||||
|
|
||||||
// column 1
|
|
||||||
StateMachineSetAction(Sm, AUTH_RSP_IDLE, MT2_PEER_DEAUTH, (STATE_MACHINE_FUNC)PeerDeauthAction);
|
|
||||||
|
|
||||||
// column 2
|
|
||||||
StateMachineSetAction(Sm, AUTH_RSP_WAIT_CHAL, MT2_PEER_DEAUTH, (STATE_MACHINE_FUNC)PeerDeauthAction);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID PeerAuthSimpleRspGenAndSend(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN PHEADER_802_11 pHdr80211,
|
|
||||||
IN USHORT Alg,
|
|
||||||
IN USHORT Seq,
|
|
||||||
IN USHORT Reason,
|
|
||||||
IN USHORT Status)
|
|
||||||
{
|
|
||||||
HEADER_802_11 AuthHdr;
|
|
||||||
ULONG FrameLen = 0;
|
|
||||||
PUCHAR pOutBuffer = NULL;
|
|
||||||
NDIS_STATUS NStatus;
|
|
||||||
|
|
||||||
if (Reason != MLME_SUCCESS)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("Peer AUTH fail...\n"));
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
//Get an unused nonpaged memory
|
|
||||||
NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
|
|
||||||
if (NStatus != NDIS_STATUS_SUCCESS)
|
|
||||||
return;
|
|
||||||
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("Send AUTH response (seq#2)...\n"));
|
|
||||||
MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, pHdr80211->Addr2, pAd->MlmeAux.Bssid);
|
|
||||||
MakeOutgoingFrame(pOutBuffer, &FrameLen,
|
|
||||||
sizeof(HEADER_802_11), &AuthHdr,
|
|
||||||
2, &Alg,
|
|
||||||
2, &Seq,
|
|
||||||
2, &Reason,
|
|
||||||
END_OF_ARGS);
|
|
||||||
MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
|
|
||||||
MlmeFreeMemory(pAd, pOutBuffer);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
VOID PeerDeauthAction(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN PMLME_QUEUE_ELEM Elem)
|
|
||||||
{
|
|
||||||
UCHAR Addr2[MAC_ADDR_LEN];
|
|
||||||
USHORT Reason;
|
|
||||||
|
|
||||||
if (PeerDeauthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Reason))
|
|
||||||
{
|
|
||||||
if (INFRA_ON(pAd) && MAC_ADDR_EQUAL(Addr2, pAd->CommonCfg.Bssid))
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE,("AUTH_RSP - receive DE-AUTH from our AP (Reason=%d)\n", Reason));
|
|
||||||
|
|
||||||
{
|
|
||||||
union iwreq_data wrqu;
|
|
||||||
memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN);
|
|
||||||
wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL);
|
|
||||||
}
|
|
||||||
|
|
||||||
// send wireless event - for deauthentication
|
|
||||||
if (pAd->CommonCfg.bWirelessEvent)
|
|
||||||
RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0);
|
|
||||||
|
|
||||||
LinkDown(pAd, TRUE);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE,("AUTH_RSP - PeerDeauthAction() sanity check fail\n"));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -1,418 +1 @@
|
||||||
/*
|
#include "../../rt2860/sta/sanity.c"
|
||||||
*************************************************************************
|
|
||||||
* Ralink Tech Inc.
|
|
||||||
* 5F., No.36, Taiyuan St., Jhubei City,
|
|
||||||
* Hsinchu County 302,
|
|
||||||
* Taiwan, R.O.C.
|
|
||||||
*
|
|
||||||
* (c) Copyright 2002-2007, Ralink Technology, Inc.
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify *
|
|
||||||
* it under the terms of the GNU General Public License as published by *
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or *
|
|
||||||
* (at your option) any later version. *
|
|
||||||
* *
|
|
||||||
* This program is distributed in the hope that it will be useful, *
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
|
|
||||||
* GNU General Public License for more details. *
|
|
||||||
* *
|
|
||||||
* You should have received a copy of the GNU General Public License *
|
|
||||||
* along with this program; if not, write to the *
|
|
||||||
* Free Software Foundation, Inc., *
|
|
||||||
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
|
|
||||||
* *
|
|
||||||
*************************************************************************
|
|
||||||
|
|
||||||
Module Name:
|
|
||||||
sanity.c
|
|
||||||
|
|
||||||
Abstract:
|
|
||||||
|
|
||||||
Revision History:
|
|
||||||
Who When What
|
|
||||||
-------- ---------- ----------------------------------------------
|
|
||||||
John Chang 2004-09-01 add WMM support
|
|
||||||
*/
|
|
||||||
#include "../rt_config.h"
|
|
||||||
|
|
||||||
extern UCHAR CISCO_OUI[];
|
|
||||||
|
|
||||||
extern UCHAR WPA_OUI[];
|
|
||||||
extern UCHAR RSN_OUI[];
|
|
||||||
extern UCHAR WME_INFO_ELEM[];
|
|
||||||
extern UCHAR WME_PARM_ELEM[];
|
|
||||||
extern UCHAR Ccx2QosInfo[];
|
|
||||||
extern UCHAR RALINK_OUI[];
|
|
||||||
extern UCHAR BROADCOM_OUI[];
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
MLME message sanity check
|
|
||||||
Return:
|
|
||||||
TRUE if all parameters are OK, FALSE otherwise
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
BOOLEAN MlmeStartReqSanity(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN VOID *Msg,
|
|
||||||
IN ULONG MsgLen,
|
|
||||||
OUT CHAR Ssid[],
|
|
||||||
OUT UCHAR *pSsidLen)
|
|
||||||
{
|
|
||||||
MLME_START_REQ_STRUCT *Info;
|
|
||||||
|
|
||||||
Info = (MLME_START_REQ_STRUCT *)(Msg);
|
|
||||||
|
|
||||||
if (Info->SsidLen > MAX_LEN_OF_SSID)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("MlmeStartReqSanity fail - wrong SSID length\n"));
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
*pSsidLen = Info->SsidLen;
|
|
||||||
NdisMoveMemory(Ssid, Info->Ssid, *pSsidLen);
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
MLME message sanity check
|
|
||||||
Return:
|
|
||||||
TRUE if all parameters are OK, FALSE otherwise
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
BOOLEAN PeerAssocRspSanity(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN VOID *pMsg,
|
|
||||||
IN ULONG MsgLen,
|
|
||||||
OUT PUCHAR pAddr2,
|
|
||||||
OUT USHORT *pCapabilityInfo,
|
|
||||||
OUT USHORT *pStatus,
|
|
||||||
OUT USHORT *pAid,
|
|
||||||
OUT UCHAR SupRate[],
|
|
||||||
OUT UCHAR *pSupRateLen,
|
|
||||||
OUT UCHAR ExtRate[],
|
|
||||||
OUT UCHAR *pExtRateLen,
|
|
||||||
OUT HT_CAPABILITY_IE *pHtCapability,
|
|
||||||
OUT ADD_HT_INFO_IE *pAddHtInfo, // AP might use this additional ht info IE
|
|
||||||
OUT UCHAR *pHtCapabilityLen,
|
|
||||||
OUT UCHAR *pAddHtInfoLen,
|
|
||||||
OUT UCHAR *pNewExtChannelOffset,
|
|
||||||
OUT PEDCA_PARM pEdcaParm,
|
|
||||||
OUT UCHAR *pCkipFlag)
|
|
||||||
{
|
|
||||||
CHAR IeType, *Ptr;
|
|
||||||
PFRAME_802_11 pFrame = (PFRAME_802_11)pMsg;
|
|
||||||
PEID_STRUCT pEid;
|
|
||||||
ULONG Length = 0;
|
|
||||||
|
|
||||||
*pNewExtChannelOffset = 0xff;
|
|
||||||
*pHtCapabilityLen = 0;
|
|
||||||
*pAddHtInfoLen = 0;
|
|
||||||
COPY_MAC_ADDR(pAddr2, pFrame->Hdr.Addr2);
|
|
||||||
Ptr = pFrame->Octet;
|
|
||||||
Length += LENGTH_802_11;
|
|
||||||
|
|
||||||
NdisMoveMemory(pCapabilityInfo, &pFrame->Octet[0], 2);
|
|
||||||
Length += 2;
|
|
||||||
NdisMoveMemory(pStatus, &pFrame->Octet[2], 2);
|
|
||||||
Length += 2;
|
|
||||||
*pCkipFlag = 0;
|
|
||||||
*pExtRateLen = 0;
|
|
||||||
pEdcaParm->bValid = FALSE;
|
|
||||||
|
|
||||||
if (*pStatus != MLME_SUCCESS)
|
|
||||||
return TRUE;
|
|
||||||
|
|
||||||
NdisMoveMemory(pAid, &pFrame->Octet[4], 2);
|
|
||||||
Length += 2;
|
|
||||||
|
|
||||||
// Aid already swaped byte order in RTMPFrameEndianChange() for big endian platform
|
|
||||||
*pAid = (*pAid) & 0x3fff; // AID is low 14-bit
|
|
||||||
|
|
||||||
// -- get supported rates from payload and advance the pointer
|
|
||||||
IeType = pFrame->Octet[6];
|
|
||||||
*pSupRateLen = pFrame->Octet[7];
|
|
||||||
if ((IeType != IE_SUPP_RATES) || (*pSupRateLen > MAX_LEN_OF_SUPPORTED_RATES))
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspSanity fail - wrong SupportedRates IE\n"));
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
NdisMoveMemory(SupRate, &pFrame->Octet[8], *pSupRateLen);
|
|
||||||
|
|
||||||
Length = Length + 2 + *pSupRateLen;
|
|
||||||
|
|
||||||
// many AP implement proprietary IEs in non-standard order, we'd better
|
|
||||||
// tolerate mis-ordered IEs to get best compatibility
|
|
||||||
pEid = (PEID_STRUCT) &pFrame->Octet[8 + (*pSupRateLen)];
|
|
||||||
|
|
||||||
// get variable fields from payload and advance the pointer
|
|
||||||
while ((Length + 2 + pEid->Len) <= MsgLen)
|
|
||||||
{
|
|
||||||
switch (pEid->Eid)
|
|
||||||
{
|
|
||||||
case IE_EXT_SUPP_RATES:
|
|
||||||
if (pEid->Len <= MAX_LEN_OF_SUPPORTED_RATES)
|
|
||||||
{
|
|
||||||
NdisMoveMemory(ExtRate, pEid->Octet, pEid->Len);
|
|
||||||
*pExtRateLen = pEid->Len;
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
case IE_HT_CAP:
|
|
||||||
case IE_HT_CAP2:
|
|
||||||
if (pEid->Len >= SIZE_HT_CAP_IE) //Note: allow extension.!!
|
|
||||||
{
|
|
||||||
NdisMoveMemory(pHtCapability, pEid->Octet, SIZE_HT_CAP_IE);
|
|
||||||
|
|
||||||
*(USHORT *)(&pHtCapability->HtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->HtCapInfo));
|
|
||||||
*(USHORT *)(&pHtCapability->ExtHtCapInfo) = cpu2le16(*(USHORT *)(&pHtCapability->ExtHtCapInfo));
|
|
||||||
|
|
||||||
*pHtCapabilityLen = SIZE_HT_CAP_IE;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_WARN, ("PeerAssocRspSanity - wrong IE_HT_CAP. \n"));
|
|
||||||
}
|
|
||||||
|
|
||||||
break;
|
|
||||||
case IE_ADD_HT:
|
|
||||||
case IE_ADD_HT2:
|
|
||||||
if (pEid->Len >= sizeof(ADD_HT_INFO_IE))
|
|
||||||
{
|
|
||||||
// This IE allows extension, but we can ignore extra bytes beyond our knowledge , so only
|
|
||||||
// copy first sizeof(ADD_HT_INFO_IE)
|
|
||||||
NdisMoveMemory(pAddHtInfo, pEid->Octet, sizeof(ADD_HT_INFO_IE));
|
|
||||||
|
|
||||||
*(USHORT *)(&pAddHtInfo->AddHtInfo2) = cpu2le16(*(USHORT *)(&pAddHtInfo->AddHtInfo2));
|
|
||||||
*(USHORT *)(&pAddHtInfo->AddHtInfo3) = cpu2le16(*(USHORT *)(&pAddHtInfo->AddHtInfo3));
|
|
||||||
|
|
||||||
*pAddHtInfoLen = SIZE_ADD_HT_INFO_IE;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_WARN, ("PeerAssocRspSanity - wrong IE_ADD_HT. \n"));
|
|
||||||
}
|
|
||||||
|
|
||||||
break;
|
|
||||||
case IE_SECONDARY_CH_OFFSET:
|
|
||||||
if (pEid->Len == 1)
|
|
||||||
{
|
|
||||||
*pNewExtChannelOffset = pEid->Octet[0];
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_WARN, ("PeerAssocRspSanity - wrong IE_SECONDARY_CH_OFFSET. \n"));
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
case IE_AIRONET_CKIP:
|
|
||||||
// 0. Check Aironet IE length, it must be larger or equal to 28
|
|
||||||
// Cisco's AP VxWork version(will not be supported) used this IE length as 28
|
|
||||||
// Cisco's AP IOS version used this IE length as 30
|
|
||||||
if (pEid->Len < (CKIP_NEGOTIATION_LENGTH - 2))
|
|
||||||
break;
|
|
||||||
|
|
||||||
// 1. Copy CKIP flag byte to buffer for process
|
|
||||||
*pCkipFlag = *(pEid->Octet + 8);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case IE_AIRONET_IPADDRESS:
|
|
||||||
if (pEid->Len != 0x0A)
|
|
||||||
break;
|
|
||||||
|
|
||||||
// Get Cisco Aironet IP information
|
|
||||||
if (NdisEqualMemory(pEid->Octet, CISCO_OUI, 3) == 1)
|
|
||||||
NdisMoveMemory(pAd->StaCfg.AironetIPAddress, pEid->Octet + 4, 4);
|
|
||||||
break;
|
|
||||||
|
|
||||||
// CCX2, WMM use the same IE value
|
|
||||||
// case IE_CCX_V2:
|
|
||||||
case IE_VENDOR_SPECIFIC:
|
|
||||||
// handle WME PARAMTER ELEMENT
|
|
||||||
if (NdisEqualMemory(pEid->Octet, WME_PARM_ELEM, 6) && (pEid->Len == 24))
|
|
||||||
{
|
|
||||||
PUCHAR ptr;
|
|
||||||
int i;
|
|
||||||
|
|
||||||
// parsing EDCA parameters
|
|
||||||
pEdcaParm->bValid = TRUE;
|
|
||||||
pEdcaParm->bQAck = FALSE; // pEid->Octet[0] & 0x10;
|
|
||||||
pEdcaParm->bQueueRequest = FALSE; // pEid->Octet[0] & 0x20;
|
|
||||||
pEdcaParm->bTxopRequest = FALSE; // pEid->Octet[0] & 0x40;
|
|
||||||
//pEdcaParm->bMoreDataAck = FALSE; // pEid->Octet[0] & 0x80;
|
|
||||||
pEdcaParm->EdcaUpdateCount = pEid->Octet[6] & 0x0f;
|
|
||||||
pEdcaParm->bAPSDCapable = (pEid->Octet[6] & 0x80) ? 1 : 0;
|
|
||||||
ptr = &pEid->Octet[8];
|
|
||||||
for (i=0; i<4; i++)
|
|
||||||
{
|
|
||||||
UCHAR aci = (*ptr & 0x60) >> 5; // b5~6 is AC INDEX
|
|
||||||
pEdcaParm->bACM[aci] = (((*ptr) & 0x10) == 0x10); // b5 is ACM
|
|
||||||
pEdcaParm->Aifsn[aci] = (*ptr) & 0x0f; // b0~3 is AIFSN
|
|
||||||
pEdcaParm->Cwmin[aci] = *(ptr+1) & 0x0f; // b0~4 is Cwmin
|
|
||||||
pEdcaParm->Cwmax[aci] = *(ptr+1) >> 4; // b5~8 is Cwmax
|
|
||||||
pEdcaParm->Txop[aci] = *(ptr+2) + 256 * (*(ptr+3)); // in unit of 32-us
|
|
||||||
ptr += 4; // point to next AC
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// handle CCX IE
|
|
||||||
else
|
|
||||||
{
|
|
||||||
// 0. Check the size and CCX admin control
|
|
||||||
if (pAd->StaCfg.CCXControl.field.Enable == 0)
|
|
||||||
break;
|
|
||||||
if (pEid->Len != 5)
|
|
||||||
break;
|
|
||||||
|
|
||||||
// Turn CCX2 if matched
|
|
||||||
if (NdisEqualMemory(pEid->Octet, Ccx2IeInfo, 5) == 1)
|
|
||||||
pAd->StaCfg.CCXEnable = TRUE;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
break;
|
|
||||||
|
|
||||||
default:
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspSanity - ignore unrecognized EID = %d\n", pEid->Eid));
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
Length = Length + 2 + pEid->Len;
|
|
||||||
pEid = (PEID_STRUCT)((UCHAR*)pEid + 2 + pEid->Len);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Force CCX2 enable to TRUE for those AP didn't replay CCX v2 IE, we still force it to be on
|
|
||||||
if (pAd->StaCfg.CCXControl.field.Enable == 1)
|
|
||||||
pAd->StaCfg.CCXEnable = TRUE;
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
MLME message sanity check
|
|
||||||
Return:
|
|
||||||
TRUE if all parameters are OK, FALSE otherwise
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
BOOLEAN PeerProbeReqSanity(
|
|
||||||
IN PRTMP_ADAPTER pAd,
|
|
||||||
IN VOID *Msg,
|
|
||||||
IN ULONG MsgLen,
|
|
||||||
OUT PUCHAR pAddr2,
|
|
||||||
OUT CHAR Ssid[],
|
|
||||||
OUT UCHAR *pSsidLen)
|
|
||||||
{
|
|
||||||
UCHAR Idx;
|
|
||||||
UCHAR RateLen;
|
|
||||||
CHAR IeType;
|
|
||||||
PFRAME_802_11 pFrame = (PFRAME_802_11)Msg;
|
|
||||||
|
|
||||||
COPY_MAC_ADDR(pAddr2, pFrame->Hdr.Addr2);
|
|
||||||
|
|
||||||
if ((pFrame->Octet[0] != IE_SSID) || (pFrame->Octet[1] > MAX_LEN_OF_SSID))
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("PeerProbeReqSanity fail - wrong SSID IE(Type=%d,Len=%d)\n",pFrame->Octet[0],pFrame->Octet[1]));
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
*pSsidLen = pFrame->Octet[1];
|
|
||||||
NdisMoveMemory(Ssid, &pFrame->Octet[2], *pSsidLen);
|
|
||||||
|
|
||||||
Idx = *pSsidLen + 2;
|
|
||||||
|
|
||||||
// -- get supported rates from payload and advance the pointer
|
|
||||||
IeType = pFrame->Octet[Idx];
|
|
||||||
RateLen = pFrame->Octet[Idx + 1];
|
|
||||||
if (IeType != IE_SUPP_RATES)
|
|
||||||
{
|
|
||||||
DBGPRINT(RT_DEBUG_TRACE, ("PeerProbeReqSanity fail - wrong SupportRates IE(Type=%d,Len=%d)\n",pFrame->Octet[Idx],pFrame->Octet[Idx+1]));
|
|
||||||
return FALSE;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if ((pAd->CommonCfg.PhyMode == PHY_11G) && (RateLen < 8))
|
|
||||||
return (FALSE);
|
|
||||||
}
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
==========================================================================
|
|
||||||
Description:
|
|
||||||
|
|
||||||
IRQL = DISPATCH_LEVEL
|
|
||||||
|
|
||||||
==========================================================================
|
|
||||||
*/
|
|
||||||
BOOLEAN GetTimBit(
|
|
||||||
IN CHAR *Ptr,
|
|
||||||
IN USHORT Aid,
|
|
||||||
OUT UCHAR *TimLen,
|
|
||||||
OUT UCHAR *BcastFlag,
|
|
||||||
OUT UCHAR *DtimCount,
|
|
||||||
OUT UCHAR *DtimPeriod,
|
|
||||||
OUT UCHAR *MessageToMe)
|
|
||||||
{
|
|
||||||
UCHAR BitCntl, N1, N2, MyByte, MyBit;
|
|
||||||
CHAR *IdxPtr;
|
|
||||||
|
|
||||||
IdxPtr = Ptr;
|
|
||||||
|
|
||||||
IdxPtr ++;
|
|
||||||
*TimLen = *IdxPtr;
|
|
||||||
|
|
||||||
// get DTIM Count from TIM element
|
|
||||||
IdxPtr ++;
|
|
||||||
*DtimCount = *IdxPtr;
|
|
||||||
|
|
||||||
// get DTIM Period from TIM element
|
|
||||||
IdxPtr++;
|
|
||||||
*DtimPeriod = *IdxPtr;
|
|
||||||
|
|
||||||
// get Bitmap Control from TIM element
|
|
||||||
IdxPtr++;
|
|
||||||
BitCntl = *IdxPtr;
|
|
||||||
|
|
||||||
if ((*DtimCount == 0) && (BitCntl & 0x01))
|
|
||||||
*BcastFlag = TRUE;
|
|
||||||
else
|
|
||||||
*BcastFlag = FALSE;
|
|
||||||
|
|
||||||
// Parse Partial Virtual Bitmap from TIM element
|
|
||||||
N1 = BitCntl & 0xfe; // N1 is the first bitmap byte#
|
|
||||||
N2 = *TimLen - 4 + N1; // N2 is the last bitmap byte#
|
|
||||||
|
|
||||||
if ((Aid < (N1 << 3)) || (Aid >= ((N2 + 1) << 3)))
|
|
||||||
*MessageToMe = FALSE;
|
|
||||||
else
|
|
||||||
{
|
|
||||||
MyByte = (Aid >> 3) - N1; // my byte position in the bitmap byte-stream
|
|
||||||
MyBit = Aid % 16 - ((MyByte & 0x01)? 8:0);
|
|
||||||
|
|
||||||
IdxPtr += (MyByte + 1);
|
|
||||||
|
|
||||||
//if (*IdxPtr)
|
|
||||||
// DBGPRINT(RT_DEBUG_WARN, ("TIM bitmap = 0x%02x\n", *IdxPtr));
|
|
||||||
|
|
||||||
if (*IdxPtr & (0x01 << MyBit))
|
|
||||||
*MessageToMe = TRUE;
|
|
||||||
else
|
|
||||||
*MessageToMe = FALSE;
|
|
||||||
}
|
|
||||||
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user