search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
List.mui: Update entries count prior to range change
[AROS.git] / workbench / network / WirelessManager / src / drivers / driver_wext.c
blob2614f23093fac7b9ea4ab1f6fe7c5f4e0e58b43f
1 /*
2 * Driver interaction with generic Linux Wireless Extensions
3 * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements a driver interface for the Linux Wireless Extensions.
15 * When used with WE-18 or newer, this interface can be used as-is with number
16 * of drivers. In addition to this, some of the common functions in this file
17 * can be used by other driver interface implementations that use generic WE
18 * ioctls, but require private ioctls for some of the functionality.
19 */
20
21 #include "includes.h"
22 #include <sys/ioctl.h>
23 #include <sys/stat.h>
24 #include <net/if_arp.h>
25
26 #include "wireless_copy.h"
27 #include "common.h"
28 #include "eloop.h"
29 #include "common/ieee802_11_defs.h"
30 #include "common/wpa_common.h"
31 #include "priv_netlink.h"
32 #include "netlink.h"
33 #include "linux_ioctl.h"
34 #include "driver.h"
35 #include "driver_wext.h"
36
37
38 static int wpa_driver_wext_flush_pmkid(void *priv);
39 static int wpa_driver_wext_get_range(void *priv);
40 static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv);
41 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv);
42 static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg);
43
44
45 int wpa_driver_wext_set_auth_param(struct wpa_driver_wext_data *drv,
46 int idx, u32 value)
47 {
48 struct iwreq iwr;
49 int ret = 0;
50
51 os_memset(&iwr, 0, sizeof(iwr));
52 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
53 iwr.u.param.flags = idx & IW_AUTH_INDEX;
54 iwr.u.param.value = value;
55
56 if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
57 if (errno != EOPNOTSUPP) {
58 wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
59 "value 0x%x) failed: %s)",
60 idx, value, strerror(errno));
61 }
62 ret = errno == EOPNOTSUPP ? -2 : -1;
63 }
64
65 return ret;
66 }
67
68
69 /**
70 * wpa_driver_wext_get_bssid - Get BSSID, SIOCGIWAP
71 * @priv: Pointer to private wext data from wpa_driver_wext_init()
72 * @bssid: Buffer for BSSID
73 * Returns: 0 on success, -1 on failure
74 */
75 int wpa_driver_wext_get_bssid(void *priv, u8 *bssid)
76 {
77 struct wpa_driver_wext_data *drv = priv;
78 struct iwreq iwr;
79 int ret = 0;
80
81 os_memset(&iwr, 0, sizeof(iwr));
82 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
83
84 if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
85 perror("ioctl[SIOCGIWAP]");
86 ret = -1;
87 }
88 os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
89
90 return ret;
91 }
92
93
94 /**
95 * wpa_driver_wext_set_bssid - Set BSSID, SIOCSIWAP
96 * @priv: Pointer to private wext data from wpa_driver_wext_init()
97 * @bssid: BSSID
98 * Returns: 0 on success, -1 on failure
99 */
100 int wpa_driver_wext_set_bssid(void *priv, const u8 *bssid)
101 {
102 struct wpa_driver_wext_data *drv = priv;
103 struct iwreq iwr;
104 int ret = 0;
105
106 os_memset(&iwr, 0, sizeof(iwr));
107 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
108 iwr.u.ap_addr.sa_family = ARPHRD_ETHER;
109 if (bssid)
110 os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN);
111 else
112 os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN);
113
114 if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) {
115 perror("ioctl[SIOCSIWAP]");
116 ret = -1;
117 }
118
119 return ret;
120 }
121
122
123 /**
124 * wpa_driver_wext_get_ssid - Get SSID, SIOCGIWESSID
125 * @priv: Pointer to private wext data from wpa_driver_wext_init()
126 * @ssid: Buffer for the SSID; must be at least 32 bytes long
127 * Returns: SSID length on success, -1 on failure
128 */
129 int wpa_driver_wext_get_ssid(void *priv, u8 *ssid)
130 {
131 struct wpa_driver_wext_data *drv = priv;
132 struct iwreq iwr;
133 int ret = 0;
134
135 os_memset(&iwr, 0, sizeof(iwr));
136 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
137 iwr.u.essid.pointer = (caddr_t) ssid;
138 iwr.u.essid.length = 32;
139
140 if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
141 perror("ioctl[SIOCGIWESSID]");
142 ret = -1;
143 } else {
144 ret = iwr.u.essid.length;
145 if (ret > 32)
146 ret = 32;
147 /* Some drivers include nul termination in the SSID, so let's
148 * remove it here before further processing. WE-21 changes this
149 * to explicitly require the length _not_ to include nul
150 * termination. */
151 if (ret > 0 && ssid[ret - 1] == '\0' &&
152 drv->we_version_compiled < 21)
153 ret--;
154 }
155
156 return ret;
157 }
158
159
160 /**
161 * wpa_driver_wext_set_ssid - Set SSID, SIOCSIWESSID
162 * @priv: Pointer to private wext data from wpa_driver_wext_init()
163 * @ssid: SSID
164 * @ssid_len: Length of SSID (0..32)
165 * Returns: 0 on success, -1 on failure
166 */
167 int wpa_driver_wext_set_ssid(void *priv, const u8 *ssid, size_t ssid_len)
168 {
169 struct wpa_driver_wext_data *drv = priv;
170 struct iwreq iwr;
171 int ret = 0;
172 char buf[33];
173
174 if (ssid_len > 32)
175 return -1;
176
177 os_memset(&iwr, 0, sizeof(iwr));
178 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
179 /* flags: 1 = ESSID is active, 0 = not (promiscuous) */
180 iwr.u.essid.flags = (ssid_len != 0);
181 os_memset(buf, 0, sizeof(buf));
182 os_memcpy(buf, ssid, ssid_len);
183 iwr.u.essid.pointer = (caddr_t) buf;
184 if (drv->we_version_compiled < 21) {
185 /* For historic reasons, set SSID length to include one extra
186 * character, C string nul termination, even though SSID is
187 * really an octet string that should not be presented as a C
188 * string. Some Linux drivers decrement the length by one and
189 * can thus end up missing the last octet of the SSID if the
190 * length is not incremented here. WE-21 changes this to
191 * explicitly require the length _not_ to include nul
192 * termination. */
193 if (ssid_len)
194 ssid_len++;
195 }
196 iwr.u.essid.length = ssid_len;
197
198 if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) {
199 perror("ioctl[SIOCSIWESSID]");
200 ret = -1;
201 }
202
203 return ret;
204 }
205
206
207 /**
208 * wpa_driver_wext_set_freq - Set frequency/channel, SIOCSIWFREQ
209 * @priv: Pointer to private wext data from wpa_driver_wext_init()
210 * @freq: Frequency in MHz
211 * Returns: 0 on success, -1 on failure
212 */
213 int wpa_driver_wext_set_freq(void *priv, int freq)
214 {
215 struct wpa_driver_wext_data *drv = priv;
216 struct iwreq iwr;
217 int ret = 0;
218
219 os_memset(&iwr, 0, sizeof(iwr));
220 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
221 iwr.u.freq.m = freq * 100000;
222 iwr.u.freq.e = 1;
223
224 if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) {
225 perror("ioctl[SIOCSIWFREQ]");
226 ret = -1;
227 }
228
229 return ret;
230 }
231
232
233 static void
234 wpa_driver_wext_event_wireless_custom(void *ctx, char *custom)
235 {
236 union wpa_event_data data;
237
238 wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'",
239 custom);
240
241 os_memset(&data, 0, sizeof(data));
242 /* Host AP driver */
243 if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
244 data.michael_mic_failure.unicast =
245 os_strstr(custom, " unicast ") != NULL;
246 /* TODO: parse parameters(?) */
247 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
248 } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) {
249 char *spos;
250 int bytes;
251 u8 *req_ies = NULL, *resp_ies = NULL;
252
253 spos = custom + 17;
254
255 bytes = strspn(spos, "0123456789abcdefABCDEF");
256 if (!bytes || (bytes & 1))
257 return;
258 bytes /= 2;
259
260 req_ies = os_malloc(bytes);
261 if (req_ies == NULL ||
262 hexstr2bin(spos, req_ies, bytes) < 0)
263 goto done;
264 data.assoc_info.req_ies = req_ies;
265 data.assoc_info.req_ies_len = bytes;
266
267 spos += bytes * 2;
268
269 data.assoc_info.resp_ies = NULL;
270 data.assoc_info.resp_ies_len = 0;
271
272 if (os_strncmp(spos, " RespIEs=", 9) == 0) {
273 spos += 9;
274
275 bytes = strspn(spos, "0123456789abcdefABCDEF");
276 if (!bytes || (bytes & 1))
277 goto done;
278 bytes /= 2;
279
280 resp_ies = os_malloc(bytes);
281 if (resp_ies == NULL ||
282 hexstr2bin(spos, resp_ies, bytes) < 0)
283 goto done;
284 data.assoc_info.resp_ies = resp_ies;
285 data.assoc_info.resp_ies_len = bytes;
286 }
287
288 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
289
290 done:
291 os_free(resp_ies);
292 os_free(req_ies);
293 #ifdef CONFIG_PEERKEY
294 } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) {
295 if (hwaddr_aton(custom + 17, data.stkstart.peer)) {
296 wpa_printf(MSG_DEBUG, "WEXT: unrecognized "
297 "STKSTART.request '%s'", custom + 17);
298 return;
299 }
300 wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
301 #endif /* CONFIG_PEERKEY */
302 }
303 }
304
305
306 static int wpa_driver_wext_event_wireless_michaelmicfailure(
307 void *ctx, const char *ev, size_t len)
308 {
309 const struct iw_michaelmicfailure *mic;
310 union wpa_event_data data;
311
312 if (len < sizeof(*mic))
313 return -1;
314
315 mic = (const struct iw_michaelmicfailure *) ev;
316
317 wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: "
318 "flags=0x%x src_addr=" MACSTR, mic->flags,
319 MAC2STR(mic->src_addr.sa_data));
320
321 os_memset(&data, 0, sizeof(data));
322 data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP);
323 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
324
325 return 0;
326 }
327
328
329 static int wpa_driver_wext_event_wireless_pmkidcand(
330 struct wpa_driver_wext_data *drv, const char *ev, size_t len)
331 {
332 const struct iw_pmkid_cand *cand;
333 union wpa_event_data data;
334 const u8 *addr;
335
336 if (len < sizeof(*cand))
337 return -1;
338
339 cand = (const struct iw_pmkid_cand *) ev;
340 addr = (const u8 *) cand->bssid.sa_data;
341
342 wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: "
343 "flags=0x%x index=%d bssid=" MACSTR, cand->flags,
344 cand->index, MAC2STR(addr));
345
346 os_memset(&data, 0, sizeof(data));
347 os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN);
348 data.pmkid_candidate.index = cand->index;
349 data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH;
350 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
351
352 return 0;
353 }
354
355
356 static int wpa_driver_wext_event_wireless_assocreqie(
357 struct wpa_driver_wext_data *drv, const char *ev, int len)
358 {
359 if (len < 0)
360 return -1;
361
362 wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
363 len);
364 os_free(drv->assoc_req_ies);
365 drv->assoc_req_ies = os_malloc(len);
366 if (drv->assoc_req_ies == NULL) {
367 drv->assoc_req_ies_len = 0;
368 return -1;
369 }
370 os_memcpy(drv->assoc_req_ies, ev, len);
371 drv->assoc_req_ies_len = len;
372
373 return 0;
374 }
375
376
377 static int wpa_driver_wext_event_wireless_assocrespie(
378 struct wpa_driver_wext_data *drv, const char *ev, int len)
379 {
380 if (len < 0)
381 return -1;
382
383 wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
384 len);
385 os_free(drv->assoc_resp_ies);
386 drv->assoc_resp_ies = os_malloc(len);
387 if (drv->assoc_resp_ies == NULL) {
388 drv->assoc_resp_ies_len = 0;
389 return -1;
390 }
391 os_memcpy(drv->assoc_resp_ies, ev, len);
392 drv->assoc_resp_ies_len = len;
393
394 return 0;
395 }
396
397
398 static void wpa_driver_wext_event_assoc_ies(struct wpa_driver_wext_data *drv)
399 {
400 union wpa_event_data data;
401
402 if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL)
403 return;
404
405 os_memset(&data, 0, sizeof(data));
406 if (drv->assoc_req_ies) {
407 data.assoc_info.req_ies = drv->assoc_req_ies;
408 data.assoc_info.req_ies_len = drv->assoc_req_ies_len;
409 }
410 if (drv->assoc_resp_ies) {
411 data.assoc_info.resp_ies = drv->assoc_resp_ies;
412 data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len;
413 }
414
415 wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data);
416
417 os_free(drv->assoc_req_ies);
418 drv->assoc_req_ies = NULL;
419 os_free(drv->assoc_resp_ies);
420 drv->assoc_resp_ies = NULL;
421 }
422
423
424 static void wpa_driver_wext_event_wireless(struct wpa_driver_wext_data *drv,
425 char *data, int len)
426 {
427 struct iw_event iwe_buf, *iwe = &iwe_buf;
428 char *pos, *end, *custom, *buf;
429
430 pos = data;
431 end = data + len;
432
433 while (pos + IW_EV_LCP_LEN <= end) {
434 /* Event data may be unaligned, so make a local, aligned copy
435 * before processing. */
436 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
437 wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
438 iwe->cmd, iwe->len);
439 if (iwe->len <= IW_EV_LCP_LEN)
440 return;
441
442 custom = pos + IW_EV_POINT_LEN;
443 if (drv->we_version_compiled > 18 &&
444 (iwe->cmd == IWEVMICHAELMICFAILURE ||
445 iwe->cmd == IWEVCUSTOM ||
446 iwe->cmd == IWEVASSOCREQIE ||
447 iwe->cmd == IWEVASSOCRESPIE ||
448 iwe->cmd == IWEVPMKIDCAND)) {
449 /* WE-19 removed the pointer from struct iw_point */
450 char *dpos = (char *) &iwe_buf.u.data.length;
451 int dlen = dpos - (char *) &iwe_buf;
452 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
453 sizeof(struct iw_event) - dlen);
454 } else {
455 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
456 custom += IW_EV_POINT_OFF;
457 }
458
459 switch (iwe->cmd) {
460 case SIOCGIWAP:
461 wpa_printf(MSG_DEBUG, "Wireless event: new AP: "
462 MACSTR,
463 MAC2STR((u8 *) iwe->u.ap_addr.sa_data));
464 if (is_zero_ether_addr(
465 (const u8 *) iwe->u.ap_addr.sa_data) ||
466 os_memcmp(iwe->u.ap_addr.sa_data,
467 "\x44\x44\x44\x44\x44\x44", ETH_ALEN) ==
468 0) {
469 os_free(drv->assoc_req_ies);
470 drv->assoc_req_ies = NULL;
471 os_free(drv->assoc_resp_ies);
472 drv->assoc_resp_ies = NULL;
473 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC,
474 NULL);
475
476 } else {
477 wpa_driver_wext_event_assoc_ies(drv);
478 wpa_supplicant_event(drv->ctx, EVENT_ASSOC,
479 NULL);
480 }
481 break;
482 case IWEVMICHAELMICFAILURE:
483 if (custom + iwe->u.data.length > end) {
484 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
485 "IWEVMICHAELMICFAILURE length");
486 return;
487 }
488 wpa_driver_wext_event_wireless_michaelmicfailure(
489 drv->ctx, custom, iwe->u.data.length);
490 break;
491 case IWEVCUSTOM:
492 if (custom + iwe->u.data.length > end) {
493 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
494 "IWEVCUSTOM length");
495 return;
496 }
497 buf = os_malloc(iwe->u.data.length + 1);
498 if (buf == NULL)
499 return;
500 os_memcpy(buf, custom, iwe->u.data.length);
501 buf[iwe->u.data.length] = '\0';
502 wpa_driver_wext_event_wireless_custom(drv->ctx, buf);
503 os_free(buf);
504 break;
505 case SIOCGIWSCAN:
506 drv->scan_complete_events = 1;
507 eloop_cancel_timeout(wpa_driver_wext_scan_timeout,
508 drv, drv->ctx);
509 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS,
510 NULL);
511 break;
512 case IWEVASSOCREQIE:
513 if (custom + iwe->u.data.length > end) {
514 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
515 "IWEVASSOCREQIE length");
516 return;
517 }
518 wpa_driver_wext_event_wireless_assocreqie(
519 drv, custom, iwe->u.data.length);
520 break;
521 case IWEVASSOCRESPIE:
522 if (custom + iwe->u.data.length > end) {
523 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
524 "IWEVASSOCRESPIE length");
525 return;
526 }
527 wpa_driver_wext_event_wireless_assocrespie(
528 drv, custom, iwe->u.data.length);
529 break;
530 case IWEVPMKIDCAND:
531 if (custom + iwe->u.data.length > end) {
532 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
533 "IWEVPMKIDCAND length");
534 return;
535 }
536 wpa_driver_wext_event_wireless_pmkidcand(
537 drv, custom, iwe->u.data.length);
538 break;
539 }
540
541 pos += iwe->len;
542 }
543 }
544
545
546 static void wpa_driver_wext_event_link(struct wpa_driver_wext_data *drv,
547 char *buf, size_t len, int del)
548 {
549 union wpa_event_data event;
550
551 os_memset(&event, 0, sizeof(event));
552 if (len > sizeof(event.interface_status.ifname))
553 len = sizeof(event.interface_status.ifname) - 1;
554 os_memcpy(event.interface_status.ifname, buf, len);
555 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
556 EVENT_INTERFACE_ADDED;
557
558 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
559 del ? "DEL" : "NEW",
560 event.interface_status.ifname,
561 del ? "removed" : "added");
562
563 if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
564 if (del)
565 drv->if_removed = 1;
566 else
567 drv->if_removed = 0;
568 }
569
570 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
571 }
572
573
574 static int wpa_driver_wext_own_ifname(struct wpa_driver_wext_data *drv,
575 u8 *buf, size_t len)
576 {
577 int attrlen, rta_len;
578 struct rtattr *attr;
579
580 attrlen = len;
581 attr = (struct rtattr *) buf;
582
583 rta_len = RTA_ALIGN(sizeof(struct rtattr));
584 while (RTA_OK(attr, attrlen)) {
585 if (attr->rta_type == IFLA_IFNAME) {
586 if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
587 == 0)
588 return 1;
589 else
590 break;
591 }
592 attr = RTA_NEXT(attr, attrlen);
593 }
594
595 return 0;
596 }
597
598
599 static int wpa_driver_wext_own_ifindex(struct wpa_driver_wext_data *drv,
600 int ifindex, u8 *buf, size_t len)
601 {
602 if (drv->ifindex == ifindex || drv->ifindex2 == ifindex)
603 return 1;
604
605 if (drv->if_removed && wpa_driver_wext_own_ifname(drv, buf, len)) {
606 drv->ifindex = if_nametoindex(drv->ifname);
607 wpa_printf(MSG_DEBUG, "WEXT: Update ifindex for a removed "
608 "interface");
609 wpa_driver_wext_finish_drv_init(drv);
610 return 1;
611 }
612
613 return 0;
614 }
615
616
617 static void wpa_driver_wext_event_rtm_newlink(void *ctx, struct ifinfomsg *ifi,
618 u8 *buf, size_t len)
619 {
620 struct wpa_driver_wext_data *drv = ctx;
621 int attrlen, rta_len;
622 struct rtattr *attr;
623
624 if (!wpa_driver_wext_own_ifindex(drv, ifi->ifi_index, buf, len)) {
625 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
626 ifi->ifi_index);
627 return;
628 }
629
630 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
631 "(%s%s%s%s)",
632 drv->operstate, ifi->ifi_flags,
633 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
634 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
635 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
636 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
637 /*
638 * Some drivers send the association event before the operup event--in
639 * this case, lifting operstate in wpa_driver_wext_set_operstate()
640 * fails. This will hit us when wpa_supplicant does not need to do
641 * IEEE 802.1X authentication
642 */
643 if (drv->operstate == 1 &&
644 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
645 !(ifi->ifi_flags & IFF_RUNNING))
646 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
647 -1, IF_OPER_UP);
648
649 attrlen = len;
650 attr = (struct rtattr *) buf;
651
652 rta_len = RTA_ALIGN(sizeof(struct rtattr));
653 while (RTA_OK(attr, attrlen)) {
654 if (attr->rta_type == IFLA_WIRELESS) {
655 wpa_driver_wext_event_wireless(
656 drv, ((char *) attr) + rta_len,
657 attr->rta_len - rta_len);
658 } else if (attr->rta_type == IFLA_IFNAME) {
659 wpa_driver_wext_event_link(drv,
660 ((char *) attr) + rta_len,
661 attr->rta_len - rta_len, 0);
662 }
663 attr = RTA_NEXT(attr, attrlen);
664 }
665 }
666
667
668 static void wpa_driver_wext_event_rtm_dellink(void *ctx, struct ifinfomsg *ifi,
669 u8 *buf, size_t len)
670 {
671 struct wpa_driver_wext_data *drv = ctx;
672 int attrlen, rta_len;
673 struct rtattr *attr;
674
675 attrlen = len;
676 attr = (struct rtattr *) buf;
677
678 rta_len = RTA_ALIGN(sizeof(struct rtattr));
679 while (RTA_OK(attr, attrlen)) {
680 if (attr->rta_type == IFLA_IFNAME) {
681 wpa_driver_wext_event_link(drv,
682 ((char *) attr) + rta_len,
683 attr->rta_len - rta_len, 1);
684 }
685 attr = RTA_NEXT(attr, attrlen);
686 }
687 }
688
689
690 /**
691 * wpa_driver_wext_init - Initialize WE driver interface
692 * @ctx: context to be used when calling wpa_supplicant functions,
693 * e.g., wpa_supplicant_event()
694 * @ifname: interface name, e.g., wlan0
695 * Returns: Pointer to private data, %NULL on failure
696 */
697 void * wpa_driver_wext_init(void *ctx, const char *ifname)
698 {
699 struct wpa_driver_wext_data *drv;
700 struct netlink_config *cfg;
701 char path[128];
702 struct stat buf;
703
704 drv = os_zalloc(sizeof(*drv));
705 if (drv == NULL)
706 return NULL;
707 drv->ctx = ctx;
708 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
709
710 os_snprintf(path, sizeof(path), "/sys/class/net/%s/phy80211", ifname);
711 if (stat(path, &buf) == 0) {
712 wpa_printf(MSG_DEBUG, "WEXT: cfg80211-based driver detected");
713 drv->cfg80211 = 1;
714 }
715
716 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
717 if (drv->ioctl_sock < 0) {
718 perror("socket(PF_INET,SOCK_DGRAM)");
719 goto err1;
720 }
721
722 cfg = os_zalloc(sizeof(*cfg));
723 if (cfg == NULL)
724 goto err1;
725 cfg->ctx = drv;
726 cfg->newlink_cb = wpa_driver_wext_event_rtm_newlink;
727 cfg->dellink_cb = wpa_driver_wext_event_rtm_dellink;
728 drv->netlink = netlink_init(cfg);
729 if (drv->netlink == NULL) {
730 os_free(cfg);
731 goto err2;
732 }
733
734 drv->mlme_sock = -1;
735
736 if (wpa_driver_wext_finish_drv_init(drv) < 0)
737 goto err3;
738
739 wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 1);
740
741 return drv;
742
743 err3:
744 netlink_deinit(drv->netlink);
745 err2:
746 close(drv->ioctl_sock);
747 err1:
748 os_free(drv);
749 return NULL;
750 }
751
752
753 static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv)
754 {
755 if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1) < 0)
756 return -1;
757
758 /*
759 * Make sure that the driver does not have any obsolete PMKID entries.
760 */
761 wpa_driver_wext_flush_pmkid(drv);
762
763 if (wpa_driver_wext_set_mode(drv, 0) < 0) {
764 wpa_printf(MSG_DEBUG, "Could not configure driver to use "
765 "managed mode");
766 /* Try to use it anyway */
767 }
768
769 wpa_driver_wext_get_range(drv);
770
771 /*
772 * Unlock the driver's BSSID and force to a random SSID to clear any
773 * previous association the driver might have when the supplicant
774 * starts up.
775 */
776 wpa_driver_wext_disconnect(drv);
777
778 drv->ifindex = if_nametoindex(drv->ifname);
779
780 if (os_strncmp(drv->ifname, "wlan", 4) == 0) {
781 /*
782 * Host AP driver may use both wlan# and wifi# interface in
783 * wireless events. Since some of the versions included WE-18
784 * support, let's add the alternative ifindex also from
785 * driver_wext.c for the time being. This may be removed at
786 * some point once it is believed that old versions of the
787 * driver are not in use anymore.
788 */
789 char ifname2[IFNAMSIZ + 1];
790 os_strlcpy(ifname2, drv->ifname, sizeof(ifname2));
791 os_memcpy(ifname2, "wifi", 4);
792 wpa_driver_wext_alternative_ifindex(drv, ifname2);
793 }
794
795 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
796 1, IF_OPER_DORMANT);
797
798 return 0;
799 }
800
801
802 /**
803 * wpa_driver_wext_deinit - Deinitialize WE driver interface
804 * @priv: Pointer to private wext data from wpa_driver_wext_init()
805 *
806 * Shut down driver interface and processing of driver events. Free
807 * private data buffer if one was allocated in wpa_driver_wext_init().
808 */
809 void wpa_driver_wext_deinit(void *priv)
810 {
811 struct wpa_driver_wext_data *drv = priv;
812
813 wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 0);
814
815 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
816
817 /*
818 * Clear possibly configured driver parameters in order to make it
819 * easier to use the driver after wpa_supplicant has been terminated.
820 */
821 wpa_driver_wext_disconnect(drv);
822
823 netlink_send_oper_ifla(drv->netlink, drv->ifindex, 0, IF_OPER_UP);
824 netlink_deinit(drv->netlink);
825
826 if (drv->mlme_sock >= 0)
827 eloop_unregister_read_sock(drv->mlme_sock);
828
829 (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0);
830
831 close(drv->ioctl_sock);
832 if (drv->mlme_sock >= 0)
833 close(drv->mlme_sock);
834 os_free(drv->assoc_req_ies);
835 os_free(drv->assoc_resp_ies);
836 os_free(drv);
837 }
838
839
840 /**
841 * wpa_driver_wext_scan_timeout - Scan timeout to report scan completion
842 * @eloop_ctx: Unused
843 * @timeout_ctx: ctx argument given to wpa_driver_wext_init()
844 *
845 * This function can be used as registered timeout when starting a scan to
846 * generate a scan completed event if the driver does not report this.
847 */
848 void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx)
849 {
850 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
851 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
852 }
853
854
855 /**
856 * wpa_driver_wext_scan - Request the driver to initiate scan
857 * @priv: Pointer to private wext data from wpa_driver_wext_init()
858 * @param: Scan parameters (specific SSID to scan for (ProbeReq), etc.)
859 * Returns: 0 on success, -1 on failure
860 */
861 int wpa_driver_wext_scan(void *priv, struct wpa_driver_scan_params *params)
862 {
863 struct wpa_driver_wext_data *drv = priv;
864 struct iwreq iwr;
865 int ret = 0, timeout;
866 struct iw_scan_req req;
867 const u8 *ssid = params->ssids[0].ssid;
868 size_t ssid_len = params->ssids[0].ssid_len;
869
870 if (ssid_len > IW_ESSID_MAX_SIZE) {
871 wpa_printf(MSG_DEBUG, "%s: too long SSID (%lu)",
872 __FUNCTION__, (unsigned long) ssid_len);
873 return -1;
874 }
875
876 os_memset(&iwr, 0, sizeof(iwr));
877 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
878
879 if (ssid && ssid_len) {
880 os_memset(&req, 0, sizeof(req));
881 req.essid_len = ssid_len;
882 req.bssid.sa_family = ARPHRD_ETHER;
883 os_memset(req.bssid.sa_data, 0xff, ETH_ALEN);
884 os_memcpy(req.essid, ssid, ssid_len);
885 iwr.u.data.pointer = (caddr_t) &req;
886 iwr.u.data.length = sizeof(req);
887 iwr.u.data.flags = IW_SCAN_THIS_ESSID;
888 }
889
890 if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) {
891 perror("ioctl[SIOCSIWSCAN]");
892 ret = -1;
893 }
894
895 /* Not all drivers generate "scan completed" wireless event, so try to
896 * read results after a timeout. */
897 timeout = 5;
898 if (drv->scan_complete_events) {
899 /*
900 * The driver seems to deliver SIOCGIWSCAN events to notify
901 * when scan is complete, so use longer timeout to avoid race
902 * conditions with scanning and following association request.
903 */
904 timeout = 30;
905 }
906 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
907 "seconds", ret, timeout);
908 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
909 eloop_register_timeout(timeout, 0, wpa_driver_wext_scan_timeout, drv,
910 drv->ctx);
911
912 return ret;
913 }
914
915
916 static u8 * wpa_driver_wext_giwscan(struct wpa_driver_wext_data *drv,
917 size_t *len)
918 {
919 struct iwreq iwr;
920 u8 *res_buf;
921 size_t res_buf_len;
922
923 res_buf_len = IW_SCAN_MAX_DATA;
924 for (;;) {
925 res_buf = os_malloc(res_buf_len);
926 if (res_buf == NULL)
927 return NULL;
928 os_memset(&iwr, 0, sizeof(iwr));
929 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
930 iwr.u.data.pointer = res_buf;
931 iwr.u.data.length = res_buf_len;
932
933 if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
934 break;
935
936 if (errno == E2BIG && res_buf_len < 65535) {
937 os_free(res_buf);
938 res_buf = NULL;
939 res_buf_len *= 2;
940 if (res_buf_len > 65535)
941 res_buf_len = 65535; /* 16-bit length field */
942 wpa_printf(MSG_DEBUG, "Scan results did not fit - "
943 "trying larger buffer (%lu bytes)",
944 (unsigned long) res_buf_len);
945 } else {
946 perror("ioctl[SIOCGIWSCAN]");
947 os_free(res_buf);
948 return NULL;
949 }
950 }
951
952 if (iwr.u.data.length > res_buf_len) {
953 os_free(res_buf);
954 return NULL;
955 }
956 *len = iwr.u.data.length;
957
958 return res_buf;
959 }
960
961
962 /*
963 * Data structure for collecting WEXT scan results. This is needed to allow
964 * the various methods of reporting IEs to be combined into a single IE buffer.
965 */
966 struct wext_scan_data {
967 struct wpa_scan_res res;
968 u8 *ie;
969 size_t ie_len;
970 u8 ssid[32];
971 size_t ssid_len;
972 int maxrate;
973 };
974
975
976 static void wext_get_scan_mode(struct iw_event *iwe,
977 struct wext_scan_data *res)
978 {
979 if (iwe->u.mode == IW_MODE_ADHOC)
980 res->res.caps |= IEEE80211_CAP_IBSS;
981 else if (iwe->u.mode == IW_MODE_MASTER || iwe->u.mode == IW_MODE_INFRA)
982 res->res.caps |= IEEE80211_CAP_ESS;
983 }
984
985
986 static void wext_get_scan_ssid(struct iw_event *iwe,
987 struct wext_scan_data *res, char *custom,
988 char *end)
989 {
990 int ssid_len = iwe->u.essid.length;
991 if (custom + ssid_len > end)
992 return;
993 if (iwe->u.essid.flags &&
994 ssid_len > 0 &&
995 ssid_len <= IW_ESSID_MAX_SIZE) {
996 os_memcpy(res->ssid, custom, ssid_len);
997 res->ssid_len = ssid_len;
998 }
999 }
1000
1001
1002 static void wext_get_scan_freq(struct iw_event *iwe,
1003 struct wext_scan_data *res)
1004 {
1005 int divi = 1000000, i;
1006
1007 if (iwe->u.freq.e == 0) {
1008 /*
1009 * Some drivers do not report frequency, but a channel.
1010 * Try to map this to frequency by assuming they are using
1011 * IEEE 802.11b/g. But don't overwrite a previously parsed
1012 * frequency if the driver sends both frequency and channel,
1013 * since the driver may be sending an A-band channel that we
1014 * don't handle here.
1015 */
1016
1017 if (res->res.freq)
1018 return;
1019
1020 if (iwe->u.freq.m >= 1 && iwe->u.freq.m <= 13) {
1021 res->res.freq = 2407 + 5 * iwe->u.freq.m;
1022 return;
1023 } else if (iwe->u.freq.m == 14) {
1024 res->res.freq = 2484;
1025 return;
1026 }
1027 }
1028
1029 if (iwe->u.freq.e > 6) {
1030 wpa_printf(MSG_DEBUG, "Invalid freq in scan results (BSSID="
1031 MACSTR " m=%d e=%d)",
1032 MAC2STR(res->res.bssid), iwe->u.freq.m,
1033 iwe->u.freq.e);
1034 return;
1035 }
1036
1037 for (i = 0; i < iwe->u.freq.e; i++)
1038 divi /= 10;
1039 res->res.freq = iwe->u.freq.m / divi;
1040 }
1041
1042
1043 static void wext_get_scan_qual(struct iw_event *iwe,
1044 struct wext_scan_data *res)
1045 {
1046 res->res.qual = iwe->u.qual.qual;
1047 res->res.noise = iwe->u.qual.noise;
1048 res->res.level = iwe->u.qual.level;
1049 if (iwe->u.qual.updated & IW_QUAL_QUAL_INVALID)
1050 res->res.flags |= WPA_SCAN_QUAL_INVALID;
1051 if (iwe->u.qual.updated & IW_QUAL_LEVEL_INVALID)
1052 res->res.flags |= WPA_SCAN_LEVEL_INVALID;
1053 if (iwe->u.qual.updated & IW_QUAL_NOISE_INVALID)
1054 res->res.flags |= WPA_SCAN_NOISE_INVALID;
1055 if (iwe->u.qual.updated & IW_QUAL_DBM)
1056 res->res.flags |= WPA_SCAN_LEVEL_DBM;
1057 }
1058
1059
1060 static void wext_get_scan_encode(struct iw_event *iwe,
1061 struct wext_scan_data *res)
1062 {
1063 if (!(iwe->u.data.flags & IW_ENCODE_DISABLED))
1064 res->res.caps |= IEEE80211_CAP_PRIVACY;
1065 }
1066
1067
1068 static void wext_get_scan_rate(struct iw_event *iwe,
1069 struct wext_scan_data *res, char *pos,
1070 char *end)
1071 {
1072 int maxrate;
1073 char *custom = pos + IW_EV_LCP_LEN;
1074 struct iw_param p;
1075 size_t clen;
1076
1077 clen = iwe->len;
1078 if (custom + clen > end)
1079 return;
1080 maxrate = 0;
1081 while (((ssize_t) clen) >= (ssize_t) sizeof(struct iw_param)) {
1082 /* Note: may be misaligned, make a local, aligned copy */
1083 os_memcpy(&p, custom, sizeof(struct iw_param));
1084 if (p.value > maxrate)
1085 maxrate = p.value;
1086 clen -= sizeof(struct iw_param);
1087 custom += sizeof(struct iw_param);
1088 }
1089
1090 /* Convert the maxrate from WE-style (b/s units) to
1091 * 802.11 rates (500000 b/s units).
1092 */
1093 res->maxrate = maxrate / 500000;
1094 }
1095
1096
1097 static void wext_get_scan_iwevgenie(struct iw_event *iwe,
1098 struct wext_scan_data *res, char *custom,
1099 char *end)
1100 {
1101 char *genie, *gpos, *gend;
1102 u8 *tmp;
1103
1104 if (iwe->u.data.length == 0)
1105 return;
1106
1107 gpos = genie = custom;
1108 gend = genie + iwe->u.data.length;
1109 if (gend > end) {
1110 wpa_printf(MSG_INFO, "IWEVGENIE overflow");
1111 return;
1112 }
1113
1114 tmp = os_realloc(res->ie, res->ie_len + gend - gpos);
1115 if (tmp == NULL)
1116 return;
1117 os_memcpy(tmp + res->ie_len, gpos, gend - gpos);
1118 res->ie = tmp;
1119 res->ie_len += gend - gpos;
1120 }
1121
1122
1123 static void wext_get_scan_custom(struct iw_event *iwe,
1124 struct wext_scan_data *res, char *custom,
1125 char *end)
1126 {
1127 size_t clen;
1128 u8 *tmp;
1129
1130 clen = iwe->u.data.length;
1131 if (custom + clen > end)
1132 return;
1133
1134 if (clen > 7 && os_strncmp(custom, "wpa_ie=", 7) == 0) {
1135 char *spos;
1136 int bytes;
1137 spos = custom + 7;
1138 bytes = custom + clen - spos;
1139 if (bytes & 1 || bytes == 0)
1140 return;
1141 bytes /= 2;
1142 tmp = os_realloc(res->ie, res->ie_len + bytes);
1143 if (tmp == NULL)
1144 return;
1145 res->ie = tmp;
1146 if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1147 return;
1148 res->ie_len += bytes;
1149 } else if (clen > 7 && os_strncmp(custom, "rsn_ie=", 7) == 0) {
1150 char *spos;
1151 int bytes;
1152 spos = custom + 7;
1153 bytes = custom + clen - spos;
1154 if (bytes & 1 || bytes == 0)
1155 return;
1156 bytes /= 2;
1157 tmp = os_realloc(res->ie, res->ie_len + bytes);
1158 if (tmp == NULL)
1159 return;
1160 res->ie = tmp;
1161 if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1162 return;
1163 res->ie_len += bytes;
1164 } else if (clen > 4 && os_strncmp(custom, "tsf=", 4) == 0) {
1165 char *spos;
1166 int bytes;
1167 u8 bin[8];
1168 spos = custom + 4;
1169 bytes = custom + clen - spos;
1170 if (bytes != 16) {
1171 wpa_printf(MSG_INFO, "Invalid TSF length (%d)", bytes);
1172 return;
1173 }
1174 bytes /= 2;
1175 if (hexstr2bin(spos, bin, bytes) < 0) {
1176 wpa_printf(MSG_DEBUG, "WEXT: Invalid TSF value");
1177 return;
1178 }
1179 res->res.tsf += WPA_GET_BE64(bin);
1180 }
1181 }
1182
1183
1184 static int wext_19_iw_point(struct wpa_driver_wext_data *drv, u16 cmd)
1185 {
1186 return drv->we_version_compiled > 18 &&
1187 (cmd == SIOCGIWESSID || cmd == SIOCGIWENCODE ||
1188 cmd == IWEVGENIE || cmd == IWEVCUSTOM);
1189 }
1190
1191
1192 static void wpa_driver_wext_add_scan_entry(struct wpa_scan_results *res,
1193 struct wext_scan_data *data)
1194 {
1195 struct wpa_scan_res **tmp;
1196 struct wpa_scan_res *r;
1197 size_t extra_len;
1198 u8 *pos, *end, *ssid_ie = NULL, *rate_ie = NULL;
1199
1200 /* Figure out whether we need to fake any IEs */
1201 pos = data->ie;
1202 end = pos + data->ie_len;
1203 while (pos && pos + 1 < end) {
1204 if (pos + 2 + pos[1] > end)
1205 break;
1206 if (pos[0] == WLAN_EID_SSID)
1207 ssid_ie = pos;
1208 else if (pos[0] == WLAN_EID_SUPP_RATES)
1209 rate_ie = pos;
1210 else if (pos[0] == WLAN_EID_EXT_SUPP_RATES)
1211 rate_ie = pos;
1212 pos += 2 + pos[1];
1213 }
1214
1215 extra_len = 0;
1216 if (ssid_ie == NULL)
1217 extra_len += 2 + data->ssid_len;
1218 if (rate_ie == NULL && data->maxrate)
1219 extra_len += 3;
1220
1221 r = os_zalloc(sizeof(*r) + extra_len + data->ie_len);
1222 if (r == NULL)
1223 return;
1224 os_memcpy(r, &data->res, sizeof(*r));
1225 r->ie_len = extra_len + data->ie_len;
1226 pos = (u8 *) (r + 1);
1227 if (ssid_ie == NULL) {
1228 /*
1229 * Generate a fake SSID IE since the driver did not report
1230 * a full IE list.
1231 */
1232 *pos++ = WLAN_EID_SSID;
1233 *pos++ = data->ssid_len;
1234 os_memcpy(pos, data->ssid, data->ssid_len);
1235 pos += data->ssid_len;
1236 }
1237 if (rate_ie == NULL && data->maxrate) {
1238 /*
1239 * Generate a fake Supported Rates IE since the driver did not
1240 * report a full IE list.
1241 */
1242 *pos++ = WLAN_EID_SUPP_RATES;
1243 *pos++ = 1;
1244 *pos++ = data->maxrate;
1245 }
1246 if (data->ie)
1247 os_memcpy(pos, data->ie, data->ie_len);
1248
1249 tmp = os_realloc(res->res,
1250 (res->num + 1) * sizeof(struct wpa_scan_res *));
1251 if (tmp == NULL) {
1252 os_free(r);
1253 return;
1254 }
1255 tmp[res->num++] = r;
1256 res->res = tmp;
1257 }
1258
1259
1260 /**
1261 * wpa_driver_wext_get_scan_results - Fetch the latest scan results
1262 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1263 * Returns: Scan results on success, -1 on failure
1264 */
1265 struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv)
1266 {
1267 struct wpa_driver_wext_data *drv = priv;
1268 size_t ap_num = 0, len;
1269 int first;
1270 u8 *res_buf;
1271 struct iw_event iwe_buf, *iwe = &iwe_buf;
1272 char *pos, *end, *custom;
1273 struct wpa_scan_results *res;
1274 struct wext_scan_data data;
1275
1276 res_buf = wpa_driver_wext_giwscan(drv, &len);
1277 if (res_buf == NULL)
1278 return NULL;
1279
1280 ap_num = 0;
1281 first = 1;
1282
1283 res = os_zalloc(sizeof(*res));
1284 if (res == NULL) {
1285 os_free(res_buf);
1286 return NULL;
1287 }
1288
1289 pos = (char *) res_buf;
1290 end = (char *) res_buf + len;
1291 os_memset(&data, 0, sizeof(data));
1292
1293 while (pos + IW_EV_LCP_LEN <= end) {
1294 /* Event data may be unaligned, so make a local, aligned copy
1295 * before processing. */
1296 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
1297 if (iwe->len <= IW_EV_LCP_LEN)
1298 break;
1299
1300 custom = pos + IW_EV_POINT_LEN;
1301 if (wext_19_iw_point(drv, iwe->cmd)) {
1302 /* WE-19 removed the pointer from struct iw_point */
1303 char *dpos = (char *) &iwe_buf.u.data.length;
1304 int dlen = dpos - (char *) &iwe_buf;
1305 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
1306 sizeof(struct iw_event) - dlen);
1307 } else {
1308 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
1309 custom += IW_EV_POINT_OFF;
1310 }
1311
1312 switch (iwe->cmd) {
1313 case SIOCGIWAP:
1314 if (!first)
1315 wpa_driver_wext_add_scan_entry(res, &data);
1316 first = 0;
1317 os_free(data.ie);
1318 os_memset(&data, 0, sizeof(data));
1319 os_memcpy(data.res.bssid,
1320 iwe->u.ap_addr.sa_data, ETH_ALEN);
1321 break;
1322 case SIOCGIWMODE:
1323 wext_get_scan_mode(iwe, &data);
1324 break;
1325 case SIOCGIWESSID:
1326 wext_get_scan_ssid(iwe, &data, custom, end);
1327 break;
1328 case SIOCGIWFREQ:
1329 wext_get_scan_freq(iwe, &data);
1330 break;
1331 case IWEVQUAL:
1332 wext_get_scan_qual(iwe, &data);
1333 break;
1334 case SIOCGIWENCODE:
1335 wext_get_scan_encode(iwe, &data);
1336 break;
1337 case SIOCGIWRATE:
1338 wext_get_scan_rate(iwe, &data, pos, end);
1339 break;
1340 case IWEVGENIE:
1341 wext_get_scan_iwevgenie(iwe, &data, custom, end);
1342 break;
1343 case IWEVCUSTOM:
1344 wext_get_scan_custom(iwe, &data, custom, end);
1345 break;
1346 }
1347
1348 pos += iwe->len;
1349 }
1350 os_free(res_buf);
1351 res_buf = NULL;
1352 if (!first)
1353 wpa_driver_wext_add_scan_entry(res, &data);
1354 os_free(data.ie);
1355
1356 wpa_printf(MSG_DEBUG, "Received %lu bytes of scan results (%lu BSSes)",
1357 (unsigned long) len, (unsigned long) res->num);
1358
1359 return res;
1360 }
1361
1362
1363 static int wpa_driver_wext_get_range(void *priv)
1364 {
1365 struct wpa_driver_wext_data *drv = priv;
1366 struct iw_range *range;
1367 struct iwreq iwr;
1368 int minlen;
1369 size_t buflen;
1370
1371 /*
1372 * Use larger buffer than struct iw_range in order to allow the
1373 * structure to grow in the future.
1374 */
1375 buflen = sizeof(struct iw_range) + 500;
1376 range = os_zalloc(buflen);
1377 if (range == NULL)
1378 return -1;
1379
1380 os_memset(&iwr, 0, sizeof(iwr));
1381 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1382 iwr.u.data.pointer = (caddr_t) range;
1383 iwr.u.data.length = buflen;
1384
1385 minlen = ((char *) &range->enc_capa) - (char *) range +
1386 sizeof(range->enc_capa);
1387
1388 if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) {
1389 perror("ioctl[SIOCGIWRANGE]");
1390 os_free(range);
1391 return -1;
1392 } else if (iwr.u.data.length >= minlen &&
1393 range->we_version_compiled >= 18) {
1394 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d "
1395 "WE(source)=%d enc_capa=0x%x",
1396 range->we_version_compiled,
1397 range->we_version_source,
1398 range->enc_capa);
1399 drv->has_capability = 1;
1400 drv->we_version_compiled = range->we_version_compiled;
1401 if (range->enc_capa & IW_ENC_CAPA_WPA) {
1402 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1403 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK;
1404 }
1405 if (range->enc_capa & IW_ENC_CAPA_WPA2) {
1406 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1407 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1408 }
1409 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
1410 WPA_DRIVER_CAPA_ENC_WEP104;
1411 if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP)
1412 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
1413 if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP)
1414 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
1415 if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
1416 drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
1417 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1418 WPA_DRIVER_AUTH_SHARED |
1419 WPA_DRIVER_AUTH_LEAP;
1420 drv->capa.max_scan_ssids = 1;
1421
1422 wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x "
1423 "flags 0x%x",
1424 drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags);
1425 } else {
1426 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - "
1427 "assuming WPA is not supported");
1428 }
1429
1430 os_free(range);
1431 return 0;
1432 }
1433
1434
1435 static int wpa_driver_wext_set_psk(struct wpa_driver_wext_data *drv,
1436 const u8 *psk)
1437 {
1438 struct iw_encode_ext *ext;
1439 struct iwreq iwr;
1440 int ret;
1441
1442 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1443
1444 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1445 return 0;
1446
1447 if (!psk)
1448 return 0;
1449
1450 os_memset(&iwr, 0, sizeof(iwr));
1451 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1452
1453 ext = os_zalloc(sizeof(*ext) + PMK_LEN);
1454 if (ext == NULL)
1455 return -1;
1456
1457 iwr.u.encoding.pointer = (caddr_t) ext;
1458 iwr.u.encoding.length = sizeof(*ext) + PMK_LEN;
1459 ext->key_len = PMK_LEN;
1460 os_memcpy(&ext->key, psk, ext->key_len);
1461 ext->alg = IW_ENCODE_ALG_PMK;
1462
1463 ret = ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr);
1464 if (ret < 0)
1465 perror("ioctl[SIOCSIWENCODEEXT] PMK");
1466 os_free(ext);
1467
1468 return ret;
1469 }
1470
1471
1472 static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg,
1473 const u8 *addr, int key_idx,
1474 int set_tx, const u8 *seq,
1475 size_t seq_len,
1476 const u8 *key, size_t key_len)
1477 {
1478 struct wpa_driver_wext_data *drv = priv;
1479 struct iwreq iwr;
1480 int ret = 0;
1481 struct iw_encode_ext *ext;
1482
1483 if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) {
1484 wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu",
1485 __FUNCTION__, (unsigned long) seq_len);
1486 return -1;
1487 }
1488
1489 ext = os_zalloc(sizeof(*ext) + key_len);
1490 if (ext == NULL)
1491 return -1;
1492 os_memset(&iwr, 0, sizeof(iwr));
1493 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1494 iwr.u.encoding.flags = key_idx + 1;
1495 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1496 if (alg == WPA_ALG_NONE)
1497 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1498 iwr.u.encoding.pointer = (caddr_t) ext;
1499 iwr.u.encoding.length = sizeof(*ext) + key_len;
1500
1501 if (addr == NULL ||
1502 os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) == 0)
1503 ext->ext_flags |= IW_ENCODE_EXT_GROUP_KEY;
1504 if (set_tx)
1505 ext->ext_flags |= IW_ENCODE_EXT_SET_TX_KEY;
1506
1507 ext->addr.sa_family = ARPHRD_ETHER;
1508 if (addr)
1509 os_memcpy(ext->addr.sa_data, addr, ETH_ALEN);
1510 else
1511 os_memset(ext->addr.sa_data, 0xff, ETH_ALEN);
1512 if (key && key_len) {
1513 os_memcpy(ext + 1, key, key_len);
1514 ext->key_len = key_len;
1515 }
1516 switch (alg) {
1517 case WPA_ALG_NONE:
1518 ext->alg = IW_ENCODE_ALG_NONE;
1519 break;
1520 case WPA_ALG_WEP:
1521 ext->alg = IW_ENCODE_ALG_WEP;
1522 break;
1523 case WPA_ALG_TKIP:
1524 ext->alg = IW_ENCODE_ALG_TKIP;
1525 break;
1526 case WPA_ALG_CCMP:
1527 ext->alg = IW_ENCODE_ALG_CCMP;
1528 break;
1529 case WPA_ALG_PMK:
1530 ext->alg = IW_ENCODE_ALG_PMK;
1531 break;
1532 #ifdef CONFIG_IEEE80211W
1533 case WPA_ALG_IGTK:
1534 ext->alg = IW_ENCODE_ALG_AES_CMAC;
1535 break;
1536 #endif /* CONFIG_IEEE80211W */
1537 default:
1538 wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d",
1539 __FUNCTION__, alg);
1540 os_free(ext);
1541 return -1;
1542 }
1543
1544 if (seq && seq_len) {
1545 ext->ext_flags |= IW_ENCODE_EXT_RX_SEQ_VALID;
1546 os_memcpy(ext->rx_seq, seq, seq_len);
1547 }
1548
1549 if (ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr) < 0) {
1550 ret = errno == EOPNOTSUPP ? -2 : -1;
1551 if (errno == ENODEV) {
1552 /*
1553 * ndiswrapper seems to be returning incorrect error
1554 * code.. */
1555 ret = -2;
1556 }
1557
1558 perror("ioctl[SIOCSIWENCODEEXT]");
1559 }
1560
1561 os_free(ext);
1562 return ret;
1563 }
1564
1565
1566 /**
1567 * wpa_driver_wext_set_key - Configure encryption key
1568 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1569 * @priv: Private driver interface data
1570 * @alg: Encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
1571 * %WPA_ALG_TKIP, %WPA_ALG_CCMP); %WPA_ALG_NONE clears the key.
1572 * @addr: Address of the peer STA or ff:ff:ff:ff:ff:ff for
1573 * broadcast/default keys
1574 * @key_idx: key index (0..3), usually 0 for unicast keys
1575 * @set_tx: Configure this key as the default Tx key (only used when
1576 * driver does not support separate unicast/individual key
1577 * @seq: Sequence number/packet number, seq_len octets, the next
1578 * packet number to be used for in replay protection; configured
1579 * for Rx keys (in most cases, this is only used with broadcast
1580 * keys and set to zero for unicast keys)
1581 * @seq_len: Length of the seq, depends on the algorithm:
1582 * TKIP: 6 octets, CCMP: 6 octets
1583 * @key: Key buffer; TKIP: 16-byte temporal key, 8-byte Tx Mic key,
1584 * 8-byte Rx Mic Key
1585 * @key_len: Length of the key buffer in octets (WEP: 5 or 13,
1586 * TKIP: 32, CCMP: 16)
1587 * Returns: 0 on success, -1 on failure
1588 *
1589 * This function uses SIOCSIWENCODEEXT by default, but tries to use
1590 * SIOCSIWENCODE if the extended ioctl fails when configuring a WEP key.
1591 */
1592 int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg,
1593 const u8 *addr, int key_idx,
1594 int set_tx, const u8 *seq, size_t seq_len,
1595 const u8 *key, size_t key_len)
1596 {
1597 struct wpa_driver_wext_data *drv = priv;
1598 struct iwreq iwr;
1599 int ret = 0;
1600
1601 wpa_printf(MSG_DEBUG, "%s: alg=%d key_idx=%d set_tx=%d seq_len=%lu "
1602 "key_len=%lu",
1603 __FUNCTION__, alg, key_idx, set_tx,
1604 (unsigned long) seq_len, (unsigned long) key_len);
1605
1606 ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, set_tx,
1607 seq, seq_len, key, key_len);
1608 if (ret == 0)
1609 return 0;
1610
1611 if (ret == -2 &&
1612 (alg == WPA_ALG_NONE || alg == WPA_ALG_WEP)) {
1613 wpa_printf(MSG_DEBUG, "Driver did not support "
1614 "SIOCSIWENCODEEXT, trying SIOCSIWENCODE");
1615 ret = 0;
1616 } else {
1617 wpa_printf(MSG_DEBUG, "Driver did not support "
1618 "SIOCSIWENCODEEXT");
1619 return ret;
1620 }
1621
1622 os_memset(&iwr, 0, sizeof(iwr));
1623 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1624 iwr.u.encoding.flags = key_idx + 1;
1625 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1626 if (alg == WPA_ALG_NONE)
1627 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1628 iwr.u.encoding.pointer = (caddr_t) key;
1629 iwr.u.encoding.length = key_len;
1630
1631 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1632 perror("ioctl[SIOCSIWENCODE]");
1633 ret = -1;
1634 }
1635
1636 if (set_tx && alg != WPA_ALG_NONE) {
1637 os_memset(&iwr, 0, sizeof(iwr));
1638 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1639 iwr.u.encoding.flags = key_idx + 1;
1640 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1641 iwr.u.encoding.pointer = (caddr_t) NULL;
1642 iwr.u.encoding.length = 0;
1643 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1644 perror("ioctl[SIOCSIWENCODE] (set_tx)");
1645 ret = -1;
1646 }
1647 }
1648
1649 return ret;
1650 }
1651
1652
1653 static int wpa_driver_wext_set_countermeasures(void *priv,
1654 int enabled)
1655 {
1656 struct wpa_driver_wext_data *drv = priv;
1657 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1658 return wpa_driver_wext_set_auth_param(drv,
1659 IW_AUTH_TKIP_COUNTERMEASURES,
1660 enabled);
1661 }
1662
1663
1664 static int wpa_driver_wext_set_drop_unencrypted(void *priv,
1665 int enabled)
1666 {
1667 struct wpa_driver_wext_data *drv = priv;
1668 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1669 drv->use_crypt = enabled;
1670 return wpa_driver_wext_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
1671 enabled);
1672 }
1673
1674
1675 static int wpa_driver_wext_mlme(struct wpa_driver_wext_data *drv,
1676 const u8 *addr, int cmd, int reason_code)
1677 {
1678 struct iwreq iwr;
1679 struct iw_mlme mlme;
1680 int ret = 0;
1681
1682 os_memset(&iwr, 0, sizeof(iwr));
1683 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1684 os_memset(&mlme, 0, sizeof(mlme));
1685 mlme.cmd = cmd;
1686 mlme.reason_code = reason_code;
1687 mlme.addr.sa_family = ARPHRD_ETHER;
1688 os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN);
1689 iwr.u.data.pointer = (caddr_t) &mlme;
1690 iwr.u.data.length = sizeof(mlme);
1691
1692 if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) {
1693 perror("ioctl[SIOCSIWMLME]");
1694 ret = -1;
1695 }
1696
1697 return ret;
1698 }
1699
1700
1701 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv)
1702 {
1703 struct iwreq iwr;
1704 const u8 null_bssid[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 };
1705 u8 ssid[32];
1706 int i;
1707
1708 /*
1709 * Only force-disconnect when the card is in infrastructure mode,
1710 * otherwise the driver might interpret the cleared BSSID and random
1711 * SSID as an attempt to create a new ad-hoc network.
1712 */
1713 os_memset(&iwr, 0, sizeof(iwr));
1714 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1715 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
1716 perror("ioctl[SIOCGIWMODE]");
1717 iwr.u.mode = IW_MODE_INFRA;
1718 }
1719
1720 if (iwr.u.mode == IW_MODE_INFRA) {
1721 if (drv->cfg80211) {
1722 /*
1723 * cfg80211 supports SIOCSIWMLME commands, so there is
1724 * no need for the random SSID hack, but clear the
1725 * BSSID and SSID.
1726 */
1727 if (wpa_driver_wext_set_bssid(drv, null_bssid) < 0 ||
1728 wpa_driver_wext_set_ssid(drv, (u8 *) "", 0) < 0) {
1729 wpa_printf(MSG_DEBUG, "WEXT: Failed to clear "
1730 "to disconnect");
1731 }
1732 return;
1733 }
1734 /*
1735 * Clear the BSSID selection and set a random SSID to make sure
1736 * the driver will not be trying to associate with something
1737 * even if it does not understand SIOCSIWMLME commands (or
1738 * tries to associate automatically after deauth/disassoc).
1739 */
1740 for (i = 0; i < 32; i++)
1741 ssid[i] = rand() & 0xFF;
1742 if (wpa_driver_wext_set_bssid(drv, null_bssid) < 0 ||
1743 wpa_driver_wext_set_ssid(drv, ssid, 32) < 0) {
1744 wpa_printf(MSG_DEBUG, "WEXT: Failed to set bogus "
1745 "BSSID/SSID to disconnect");
1746 }
1747 }
1748 }
1749
1750
1751 static int wpa_driver_wext_deauthenticate(void *priv, const u8 *addr,
1752 int reason_code)
1753 {
1754 struct wpa_driver_wext_data *drv = priv;
1755 int ret;
1756 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1757 ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DEAUTH, reason_code);
1758 wpa_driver_wext_disconnect(drv);
1759 return ret;
1760 }
1761
1762
1763 static int wpa_driver_wext_disassociate(void *priv, const u8 *addr,
1764 int reason_code)
1765 {
1766 struct wpa_driver_wext_data *drv = priv;
1767 int ret;
1768 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1769 ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DISASSOC, reason_code);
1770 wpa_driver_wext_disconnect(drv);
1771 return ret;
1772 }
1773
1774
1775 static int wpa_driver_wext_set_gen_ie(void *priv, const u8 *ie,
1776 size_t ie_len)
1777 {
1778 struct wpa_driver_wext_data *drv = priv;
1779 struct iwreq iwr;
1780 int ret = 0;
1781
1782 os_memset(&iwr, 0, sizeof(iwr));
1783 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1784 iwr.u.data.pointer = (caddr_t) ie;
1785 iwr.u.data.length = ie_len;
1786
1787 if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) {
1788 perror("ioctl[SIOCSIWGENIE]");
1789 ret = -1;
1790 }
1791
1792 return ret;
1793 }
1794
1795
1796 int wpa_driver_wext_cipher2wext(int cipher)
1797 {
1798 switch (cipher) {
1799 case CIPHER_NONE:
1800 return IW_AUTH_CIPHER_NONE;
1801 case CIPHER_WEP40:
1802 return IW_AUTH_CIPHER_WEP40;
1803 case CIPHER_TKIP:
1804 return IW_AUTH_CIPHER_TKIP;
1805 case CIPHER_CCMP:
1806 return IW_AUTH_CIPHER_CCMP;
1807 case CIPHER_WEP104:
1808 return IW_AUTH_CIPHER_WEP104;
1809 default:
1810 return 0;
1811 }
1812 }
1813
1814
1815 int wpa_driver_wext_keymgmt2wext(int keymgmt)
1816 {
1817 switch (keymgmt) {
1818 case KEY_MGMT_802_1X:
1819 case KEY_MGMT_802_1X_NO_WPA:
1820 return IW_AUTH_KEY_MGMT_802_1X;
1821 case KEY_MGMT_PSK:
1822 return IW_AUTH_KEY_MGMT_PSK;
1823 default:
1824 return 0;
1825 }
1826 }
1827
1828
1829 static int
1830 wpa_driver_wext_auth_alg_fallback(struct wpa_driver_wext_data *drv,
1831 struct wpa_driver_associate_params *params)
1832 {
1833 struct iwreq iwr;
1834 int ret = 0;
1835
1836 wpa_printf(MSG_DEBUG, "WEXT: Driver did not support "
1837 "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE");
1838
1839 os_memset(&iwr, 0, sizeof(iwr));
1840 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1841 /* Just changing mode, not actual keys */
1842 iwr.u.encoding.flags = 0;
1843 iwr.u.encoding.pointer = (caddr_t) NULL;
1844 iwr.u.encoding.length = 0;
1845
1846 /*
1847 * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two
1848 * different things. Here they are used to indicate Open System vs.
1849 * Shared Key authentication algorithm. However, some drivers may use
1850 * them to select between open/restricted WEP encrypted (open = allow
1851 * both unencrypted and encrypted frames; restricted = only allow
1852 * encrypted frames).
1853 */
1854
1855 if (!drv->use_crypt) {
1856 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1857 } else {
1858 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
1859 iwr.u.encoding.flags |= IW_ENCODE_OPEN;
1860 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
1861 iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED;
1862 }
1863
1864 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1865 perror("ioctl[SIOCSIWENCODE]");
1866 ret = -1;
1867 }
1868
1869 return ret;
1870 }
1871
1872
1873 int wpa_driver_wext_associate(void *priv,
1874 struct wpa_driver_associate_params *params)
1875 {
1876 struct wpa_driver_wext_data *drv = priv;
1877 int ret = 0;
1878 int allow_unencrypted_eapol;
1879 int value;
1880
1881 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1882
1883 if (drv->cfg80211) {
1884 /*
1885 * Stop cfg80211 from trying to associate before we are done
1886 * with all parameters.
1887 */
1888 wpa_driver_wext_set_ssid(drv, (u8 *) "", 0);
1889 }
1890
1891 if (wpa_driver_wext_set_drop_unencrypted(drv, params->drop_unencrypted)
1892 < 0)
1893 ret = -1;
1894 if (wpa_driver_wext_set_auth_alg(drv, params->auth_alg) < 0)
1895 ret = -1;
1896 if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
1897 ret = -1;
1898
1899 /*
1900 * If the driver did not support SIOCSIWAUTH, fallback to
1901 * SIOCSIWENCODE here.
1902 */
1903 if (drv->auth_alg_fallback &&
1904 wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
1905 ret = -1;
1906
1907 if (!params->bssid &&
1908 wpa_driver_wext_set_bssid(drv, NULL) < 0)
1909 ret = -1;
1910
1911 /* TODO: should consider getting wpa version and cipher/key_mgmt suites
1912 * from configuration, not from here, where only the selected suite is
1913 * available */
1914 if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
1915 < 0)
1916 ret = -1;
1917 if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
1918 value = IW_AUTH_WPA_VERSION_DISABLED;
1919 else if (params->wpa_ie[0] == WLAN_EID_RSN)
1920 value = IW_AUTH_WPA_VERSION_WPA2;
1921 else
1922 value = IW_AUTH_WPA_VERSION_WPA;
1923 if (wpa_driver_wext_set_auth_param(drv,
1924 IW_AUTH_WPA_VERSION, value) < 0)
1925 ret = -1;
1926 value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
1927 if (wpa_driver_wext_set_auth_param(drv,
1928 IW_AUTH_CIPHER_PAIRWISE, value) < 0)
1929 ret = -1;
1930 value = wpa_driver_wext_cipher2wext(params->group_suite);
1931 if (wpa_driver_wext_set_auth_param(drv,
1932 IW_AUTH_CIPHER_GROUP, value) < 0)
1933 ret = -1;
1934 value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
1935 if (wpa_driver_wext_set_auth_param(drv,
1936 IW_AUTH_KEY_MGMT, value) < 0)
1937 ret = -1;
1938 value = params->key_mgmt_suite != KEY_MGMT_NONE ||
1939 params->pairwise_suite != CIPHER_NONE ||
1940 params->group_suite != CIPHER_NONE ||
1941 params->wpa_ie_len;
1942 if (wpa_driver_wext_set_auth_param(drv,
1943 IW_AUTH_PRIVACY_INVOKED, value) < 0)
1944 ret = -1;
1945
1946 /* Allow unencrypted EAPOL messages even if pairwise keys are set when
1947 * not using WPA. IEEE 802.1X specifies that these frames are not
1948 * encrypted, but WPA encrypts them when pairwise keys are in use. */
1949 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
1950 params->key_mgmt_suite == KEY_MGMT_PSK)
1951 allow_unencrypted_eapol = 0;
1952 else
1953 allow_unencrypted_eapol = 1;
1954
1955 if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
1956 ret = -1;
1957 if (wpa_driver_wext_set_auth_param(drv,
1958 IW_AUTH_RX_UNENCRYPTED_EAPOL,
1959 allow_unencrypted_eapol) < 0)
1960 ret = -1;
1961 #ifdef CONFIG_IEEE80211W
1962 switch (params->mgmt_frame_protection) {
1963 case NO_MGMT_FRAME_PROTECTION:
1964 value = IW_AUTH_MFP_DISABLED;
1965 break;
1966 case MGMT_FRAME_PROTECTION_OPTIONAL:
1967 value = IW_AUTH_MFP_OPTIONAL;
1968 break;
1969 case MGMT_FRAME_PROTECTION_REQUIRED:
1970 value = IW_AUTH_MFP_REQUIRED;
1971 break;
1972 };
1973 if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
1974 ret = -1;
1975 #endif /* CONFIG_IEEE80211W */
1976 if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
1977 ret = -1;
1978 if (!drv->cfg80211 &&
1979 wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
1980 ret = -1;
1981 if (params->bssid &&
1982 wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
1983 ret = -1;
1984 if (drv->cfg80211 &&
1985 wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
1986 ret = -1;
1987
1988 return ret;
1989 }
1990
1991
1992 static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg)
1993 {
1994 struct wpa_driver_wext_data *drv = priv;
1995 int algs = 0, res;
1996
1997 if (auth_alg & WPA_AUTH_ALG_OPEN)
1998 algs |= IW_AUTH_ALG_OPEN_SYSTEM;
1999 if (auth_alg & WPA_AUTH_ALG_SHARED)
2000 algs |= IW_AUTH_ALG_SHARED_KEY;
2001 if (auth_alg & WPA_AUTH_ALG_LEAP)
2002 algs |= IW_AUTH_ALG_LEAP;
2003 if (algs == 0) {
2004 /* at least one algorithm should be set */
2005 algs = IW_AUTH_ALG_OPEN_SYSTEM;
2006 }
2007
2008 res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
2009 algs);
2010 drv->auth_alg_fallback = res == -2;
2011 return res;
2012 }
2013
2014
2015 /**
2016 * wpa_driver_wext_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
2017 * @priv: Pointer to private wext data from wpa_driver_wext_init()
2018 * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
2019 * Returns: 0 on success, -1 on failure
2020 */
2021 int wpa_driver_wext_set_mode(void *priv, int mode)
2022 {
2023 struct wpa_driver_wext_data *drv = priv;
2024 struct iwreq iwr;
2025 int ret = -1;
2026 unsigned int new_mode = mode ? IW_MODE_ADHOC : IW_MODE_INFRA;
2027
2028 os_memset(&iwr, 0, sizeof(iwr));
2029 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2030 iwr.u.mode = new_mode;
2031 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) == 0) {
2032 ret = 0;
2033 goto done;
2034 }
2035
2036 if (errno != EBUSY) {
2037 perror("ioctl[SIOCSIWMODE]");
2038 goto done;
2039 }
2040
2041 /* mac80211 doesn't allow mode changes while the device is up, so if
2042 * the device isn't in the mode we're about to change to, take device
2043 * down, try to set the mode again, and bring it back up.
2044 */
2045 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
2046 perror("ioctl[SIOCGIWMODE]");
2047 goto done;
2048 }
2049
2050 if (iwr.u.mode == new_mode) {
2051 ret = 0;
2052 goto done;
2053 }
2054
2055 if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0) == 0) {
2056 /* Try to set the mode again while the interface is down */
2057 iwr.u.mode = new_mode;
2058 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) < 0)
2059 perror("ioctl[SIOCSIWMODE]");
2060 else
2061 ret = 0;
2062
2063 (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1);
2064 }
2065
2066 done:
2067 return ret;
2068 }
2069
2070
2071 static int wpa_driver_wext_pmksa(struct wpa_driver_wext_data *drv,
2072 u32 cmd, const u8 *bssid, const u8 *pmkid)
2073 {
2074 struct iwreq iwr;
2075 struct iw_pmksa pmksa;
2076 int ret = 0;
2077
2078 os_memset(&iwr, 0, sizeof(iwr));
2079 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2080 os_memset(&pmksa, 0, sizeof(pmksa));
2081 pmksa.cmd = cmd;
2082 pmksa.bssid.sa_family = ARPHRD_ETHER;
2083 if (bssid)
2084 os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN);
2085 if (pmkid)
2086 os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN);
2087 iwr.u.data.pointer = (caddr_t) &pmksa;
2088 iwr.u.data.length = sizeof(pmksa);
2089
2090 if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) {
2091 if (errno != EOPNOTSUPP)
2092 perror("ioctl[SIOCSIWPMKSA]");
2093 ret = -1;
2094 }
2095
2096 return ret;
2097 }
2098
2099
2100 static int wpa_driver_wext_add_pmkid(void *priv, const u8 *bssid,
2101 const u8 *pmkid)
2102 {
2103 struct wpa_driver_wext_data *drv = priv;
2104 return wpa_driver_wext_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid);
2105 }
2106
2107
2108 static int wpa_driver_wext_remove_pmkid(void *priv, const u8 *bssid,
2109 const u8 *pmkid)
2110 {
2111 struct wpa_driver_wext_data *drv = priv;
2112 return wpa_driver_wext_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid);
2113 }
2114
2115
2116 static int wpa_driver_wext_flush_pmkid(void *priv)
2117 {
2118 struct wpa_driver_wext_data *drv = priv;
2119 return wpa_driver_wext_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL);
2120 }
2121
2122
2123 int wpa_driver_wext_get_capa(void *priv, struct wpa_driver_capa *capa)
2124 {
2125 struct wpa_driver_wext_data *drv = priv;
2126 if (!drv->has_capability)
2127 return -1;
2128 os_memcpy(capa, &drv->capa, sizeof(*capa));
2129 return 0;
2130 }
2131
2132
2133 int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
2134 const char *ifname)
2135 {
2136 if (ifname == NULL) {
2137 drv->ifindex2 = -1;
2138 return 0;
2139 }
2140
2141 drv->ifindex2 = if_nametoindex(ifname);
2142 if (drv->ifindex2 <= 0)
2143 return -1;
2144
2145 wpa_printf(MSG_DEBUG, "Added alternative ifindex %d (%s) for "
2146 "wireless events", drv->ifindex2, ifname);
2147
2148 return 0;
2149 }
2150
2151
2152 int wpa_driver_wext_set_operstate(void *priv, int state)
2153 {
2154 struct wpa_driver_wext_data *drv = priv;
2155
2156 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
2157 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
2158 drv->operstate = state;
2159 return netlink_send_oper_ifla(drv->netlink, drv->ifindex, -1,
2160 state ? IF_OPER_UP : IF_OPER_DORMANT);
2161 }
2162
2163
2164 int wpa_driver_wext_get_version(struct wpa_driver_wext_data *drv)
2165 {
2166 return drv->we_version_compiled;
2167 }
2168
2169
2170 const struct wpa_driver_ops wpa_driver_wext_ops = {
2171 .name = "wext",
2172 .desc = "Linux wireless extensions (generic)",
2173 .get_bssid = wpa_driver_wext_get_bssid,
2174 .get_ssid = wpa_driver_wext_get_ssid,
2175 .set_key = wpa_driver_wext_set_key,
2176 .set_countermeasures = wpa_driver_wext_set_countermeasures,
2177 .scan2 = wpa_driver_wext_scan,
2178 .get_scan_results2 = wpa_driver_wext_get_scan_results,
2179 .deauthenticate = wpa_driver_wext_deauthenticate,
2180 .disassociate = wpa_driver_wext_disassociate,
2181 .associate = wpa_driver_wext_associate,
2182 .init = wpa_driver_wext_init,
2183 .deinit = wpa_driver_wext_deinit,
2184 .add_pmkid = wpa_driver_wext_add_pmkid,
2185 .remove_pmkid = wpa_driver_wext_remove_pmkid,
2186 .flush_pmkid = wpa_driver_wext_flush_pmkid,
2187 .get_capa = wpa_driver_wext_get_capa,
2188 .set_operstate = wpa_driver_wext_set_operstate,
2189 };
Mirror of AROS' svn.