search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Allow Probe Request callbacks to terminate iteration
[hostap-gosc2009.git] / src / drivers / driver_broadcom.c
blob9b9644f3ff28bac5f44dc9b16e95ade183f8e4a7
1 /*
2 * WPA Supplicant - driver interaction with old Broadcom wl.o driver
3 * Copyright (c) 2004, Nikki Chumkov <nikki@gattaca.ru>
4 * Copyright (c) 2004, Jouni Malinen <j@w1.fi>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 *
10 * Alternatively, this software may be distributed under the terms of BSD
11 * license.
12 *
13 * See README and COPYING for more details.
14 *
15 * Please note that the newer Broadcom driver ("hybrid Linux driver") supports
16 * Linux wireless extensions and does not need (or even work) with this old
17 * driver wrapper. Use driver_wext.c with that driver.
18 */
19
20 #include "includes.h"
21
22 #include <sys/ioctl.h>
23
24 #include "common.h"
25
26 #if 0
27 #include <netpacket/packet.h>
28 #include <net/ethernet.h> /* the L2 protocols */
29 #else
30 #include <linux/if_packet.h>
31 #include <linux/if_ether.h> /* The L2 protocols */
32 #endif
33 #include <net/if.h>
34 #include <typedefs.h>
35
36 /* wlioctl.h is a Broadcom header file and it is available, e.g., from Linksys
37 * WRT54G GPL tarball. */
38 #include <wlioctl.h>
39
40 #include "driver.h"
41 #include "eloop.h"
42
43 struct wpa_driver_broadcom_data {
44 void *ctx;
45 int ioctl_sock;
46 int event_sock;
47 char ifname[IFNAMSIZ + 1];
48 };
49
50
51 #ifndef WLC_DEAUTHENTICATE
52 #define WLC_DEAUTHENTICATE 143
53 #endif
54 #ifndef WLC_DEAUTHENTICATE_WITH_REASON
55 #define WLC_DEAUTHENTICATE_WITH_REASON 201
56 #endif
57 #ifndef WLC_SET_TKIP_COUNTERMEASURES
58 #define WLC_SET_TKIP_COUNTERMEASURES 202
59 #endif
60
61 #if !defined(PSK_ENABLED) /* NEW driver interface */
62 #define WL_VERSION 360130
63 /* wireless authentication bit vector */
64 #define WPA_ENABLED 1
65 #define PSK_ENABLED 2
66
67 #define WAUTH_WPA_ENABLED(wauth) ((wauth) & WPA_ENABLED)
68 #define WAUTH_PSK_ENABLED(wauth) ((wauth) & PSK_ENABLED)
69 #define WAUTH_ENABLED(wauth) ((wauth) & (WPA_ENABLED | PSK_ENABLED))
70
71 #define WSEC_PRIMARY_KEY WL_PRIMARY_KEY
72
73 typedef wl_wsec_key_t wsec_key_t;
74 #endif
75
76 typedef struct {
77 uint32 val;
78 struct ether_addr ea;
79 uint16 res;
80 } wlc_deauth_t;
81
82
83 static void wpa_driver_broadcom_scan_timeout(void *eloop_ctx,
84 void *timeout_ctx);
85
86 static int broadcom_ioctl(struct wpa_driver_broadcom_data *drv, int cmd,
87 void *buf, int len)
88 {
89 struct ifreq ifr;
90 wl_ioctl_t ioc;
91 int ret = 0;
92
93 wpa_printf(MSG_MSGDUMP, "BROADCOM: wlioctl(%s,%d,len=%d,val=%p)",
94 drv->ifname, cmd, len, buf);
95 /* wpa_hexdump(MSG_MSGDUMP, "BROADCOM: wlioctl buf", buf, len); */
96
97 ioc.cmd = cmd;
98 ioc.buf = buf;
99 ioc.len = len;
100 os_strlcpy(ifr.ifr_name, drv->ifname, IFNAMSIZ);
101 ifr.ifr_data = (caddr_t) &ioc;
102 if ((ret = ioctl(drv->ioctl_sock, SIOCDEVPRIVATE, &ifr)) < 0) {
103 if (cmd != WLC_GET_MAGIC)
104 perror(ifr.ifr_name);
105 wpa_printf(MSG_MSGDUMP, "BROADCOM: wlioctl cmd=%d res=%d",
106 cmd, ret);
107 }
108
109 return ret;
110 }
111
112 static int wpa_driver_broadcom_get_bssid(void *priv, u8 *bssid)
113 {
114 struct wpa_driver_broadcom_data *drv = priv;
115 if (broadcom_ioctl(drv, WLC_GET_BSSID, bssid, ETH_ALEN) == 0)
116 return 0;
117
118 os_memset(bssid, 0, ETH_ALEN);
119 return -1;
120 }
121
122 static int wpa_driver_broadcom_get_ssid(void *priv, u8 *ssid)
123 {
124 struct wpa_driver_broadcom_data *drv = priv;
125 wlc_ssid_t s;
126
127 if (broadcom_ioctl(drv, WLC_GET_SSID, &s, sizeof(s)) == -1)
128 return -1;
129
130 os_memcpy(ssid, s.SSID, s.SSID_len);
131 return s.SSID_len;
132 }
133
134 static int wpa_driver_broadcom_set_wpa(void *priv, int enable)
135 {
136 struct wpa_driver_broadcom_data *drv = priv;
137 unsigned int wauth, wsec;
138 struct ether_addr ea;
139
140 os_memset(&ea, enable ? 0xff : 0, sizeof(ea));
141 if (broadcom_ioctl(drv, WLC_GET_WPA_AUTH, &wauth, sizeof(wauth)) ==
142 -1 ||
143 broadcom_ioctl(drv, WLC_GET_WSEC, &wsec, sizeof(wsec)) == -1)
144 return -1;
145
146 if (enable) {
147 wauth = PSK_ENABLED;
148 wsec = TKIP_ENABLED;
149 } else {
150 wauth = 255;
151 wsec &= ~(TKIP_ENABLED | AES_ENABLED);
152 }
153
154 if (broadcom_ioctl(drv, WLC_SET_WPA_AUTH, &wauth, sizeof(wauth)) ==
155 -1 ||
156 broadcom_ioctl(drv, WLC_SET_WSEC, &wsec, sizeof(wsec)) == -1)
157 return -1;
158
159 /* FIX: magic number / error handling? */
160 broadcom_ioctl(drv, 122, &ea, sizeof(ea));
161
162 return 0;
163 }
164
165 static int wpa_driver_broadcom_set_key(const char *ifname, void *priv,
166 enum wpa_alg alg,
167 const u8 *addr, int key_idx, int set_tx,
168 const u8 *seq, size_t seq_len,
169 const u8 *key, size_t key_len)
170 {
171 struct wpa_driver_broadcom_data *drv = priv;
172 int ret;
173 wsec_key_t wkt;
174
175 os_memset(&wkt, 0, sizeof wkt);
176 wpa_printf(MSG_MSGDUMP, "BROADCOM: SET %sKEY[%d] alg=%d",
177 set_tx ? "PRIMARY " : "", key_idx, alg);
178 if (key && key_len > 0)
179 wpa_hexdump_key(MSG_MSGDUMP, "BROADCOM: key", key, key_len);
180
181 switch (alg) {
182 case WPA_ALG_NONE:
183 wkt.algo = CRYPTO_ALGO_OFF;
184 break;
185 case WPA_ALG_WEP:
186 wkt.algo = CRYPTO_ALGO_WEP128; /* CRYPTO_ALGO_WEP1? */
187 break;
188 case WPA_ALG_TKIP:
189 wkt.algo = 0; /* CRYPTO_ALGO_TKIP? */
190 break;
191 case WPA_ALG_CCMP:
192 wkt.algo = 0; /* CRYPTO_ALGO_AES_CCM;
193 * AES_OCB_MSDU, AES_OCB_MPDU? */
194 break;
195 default:
196 wkt.algo = CRYPTO_ALGO_NALG;
197 break;
198 }
199
200 if (seq && seq_len > 0)
201 wpa_hexdump(MSG_MSGDUMP, "BROADCOM: SEQ", seq, seq_len);
202
203 if (addr)
204 wpa_hexdump(MSG_MSGDUMP, "BROADCOM: addr", addr, ETH_ALEN);
205
206 wkt.index = key_idx;
207 wkt.len = key_len;
208 if (key && key_len > 0) {
209 os_memcpy(wkt.data, key, key_len);
210 if (key_len == 32) {
211 /* hack hack hack XXX */
212 os_memcpy(&wkt.data[16], &key[24], 8);
213 os_memcpy(&wkt.data[24], &key[16], 8);
214 }
215 }
216 /* wkt.algo = CRYPTO_ALGO_...; */
217 wkt.flags = set_tx ? 0 : WSEC_PRIMARY_KEY;
218 if (addr && set_tx)
219 os_memcpy(&wkt.ea, addr, sizeof(wkt.ea));
220 ret = broadcom_ioctl(drv, WLC_SET_KEY, &wkt, sizeof(wkt));
221 if (addr && set_tx) {
222 /* FIX: magic number / error handling? */
223 broadcom_ioctl(drv, 121, &wkt.ea, sizeof(wkt.ea));
224 }
225 return ret;
226 }
227
228
229 static void wpa_driver_broadcom_event_receive(int sock, void *ctx,
230 void *sock_ctx)
231 {
232 char buf[8192];
233 int left;
234 wl_wpa_header_t *wwh;
235 union wpa_event_data data;
236
237 if ((left = recv(sock, buf, sizeof buf, 0)) < 0)
238 return;
239
240 wpa_hexdump(MSG_DEBUG, "RECEIVE EVENT", (u8 *) buf, left);
241
242 if ((size_t) left < sizeof(wl_wpa_header_t))
243 return;
244
245 wwh = (wl_wpa_header_t *) buf;
246
247 if (wwh->snap.type != WL_WPA_ETHER_TYPE)
248 return;
249 if (os_memcmp(&wwh->snap, wl_wpa_snap_template, 6) != 0)
250 return;
251
252 os_memset(&data, 0, sizeof(data));
253
254 switch (wwh->type) {
255 case WLC_ASSOC_MSG:
256 left -= WL_WPA_HEADER_LEN;
257 wpa_printf(MSG_DEBUG, "BROADCOM: ASSOC MESSAGE (left: %d)",
258 left);
259 if (left > 0) {
260 data.assoc_info.resp_ies = os_malloc(left);
261 if (data.assoc_info.resp_ies == NULL)
262 return;
263 os_memcpy(data.assoc_info.resp_ies,
264 buf + WL_WPA_HEADER_LEN, left);
265 data.assoc_info.resp_ies_len = left;
266 wpa_hexdump(MSG_MSGDUMP, "BROADCOM: copying %d bytes "
267 "into resp_ies",
268 data.assoc_info.resp_ies, left);
269 }
270 /* data.assoc_info.req_ies = NULL; */
271 /* data.assoc_info.req_ies_len = 0; */
272
273 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
274 wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
275 break;
276 case WLC_DISASSOC_MSG:
277 wpa_printf(MSG_DEBUG, "BROADCOM: DISASSOC MESSAGE");
278 wpa_supplicant_event(ctx, EVENT_DISASSOC, NULL);
279 break;
280 case WLC_PTK_MIC_MSG:
281 wpa_printf(MSG_DEBUG, "BROADCOM: PTK MIC MSG MESSAGE");
282 data.michael_mic_failure.unicast = 1;
283 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
284 break;
285 case WLC_GTK_MIC_MSG:
286 wpa_printf(MSG_DEBUG, "BROADCOM: GTK MIC MSG MESSAGE");
287 data.michael_mic_failure.unicast = 0;
288 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
289 break;
290 default:
291 wpa_printf(MSG_DEBUG, "BROADCOM: UNKNOWN MESSAGE (%d)",
292 wwh->type);
293 break;
294 }
295 os_free(data.assoc_info.resp_ies);
296 }
297
298 static void * wpa_driver_broadcom_init(void *ctx, const char *ifname)
299 {
300 int s;
301 struct sockaddr_ll ll;
302 struct wpa_driver_broadcom_data *drv;
303 struct ifreq ifr;
304
305 /* open socket to kernel */
306 if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
307 perror("socket");
308 return NULL;
309 }
310 /* do it */
311 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
312 if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) {
313 perror(ifr.ifr_name);
314 return NULL;
315 }
316
317
318 drv = os_zalloc(sizeof(*drv));
319 if (drv == NULL)
320 return NULL;
321 drv->ctx = ctx;
322 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
323 drv->ioctl_sock = s;
324
325 s = socket(PF_PACKET, SOCK_RAW, ntohs(ETH_P_802_2));
326 if (s < 0) {
327 perror("socket(PF_PACKET, SOCK_RAW, ntohs(ETH_P_802_2))");
328 close(drv->ioctl_sock);
329 os_free(drv);
330 return NULL;
331 }
332
333 os_memset(&ll, 0, sizeof(ll));
334 ll.sll_family = AF_PACKET;
335 ll.sll_protocol = ntohs(ETH_P_802_2);
336 ll.sll_ifindex = ifr.ifr_ifindex;
337 ll.sll_hatype = 0;
338 ll.sll_pkttype = PACKET_HOST;
339 ll.sll_halen = 0;
340
341 if (bind(s, (struct sockaddr *) &ll, sizeof(ll)) < 0) {
342 perror("bind(netlink)");
343 close(s);
344 close(drv->ioctl_sock);
345 os_free(drv);
346 return NULL;
347 }
348
349 eloop_register_read_sock(s, wpa_driver_broadcom_event_receive, ctx,
350 NULL);
351 drv->event_sock = s;
352 wpa_driver_broadcom_set_wpa(drv, 1);
353
354 return drv;
355 }
356
357 static void wpa_driver_broadcom_deinit(void *priv)
358 {
359 struct wpa_driver_broadcom_data *drv = priv;
360 wpa_driver_broadcom_set_wpa(drv, 0);
361 eloop_cancel_timeout(wpa_driver_broadcom_scan_timeout, drv, drv->ctx);
362 eloop_unregister_read_sock(drv->event_sock);
363 close(drv->event_sock);
364 close(drv->ioctl_sock);
365 os_free(drv);
366 }
367
368 static int wpa_driver_broadcom_set_countermeasures(void *priv,
369 int enabled)
370 {
371 #if 0
372 struct wpa_driver_broadcom_data *drv = priv;
373 /* FIX: ? */
374 return broadcom_ioctl(drv, WLC_SET_TKIP_COUNTERMEASURES, &enabled,
375 sizeof(enabled));
376 #else
377 return 0;
378 #endif
379 }
380
381 static int wpa_driver_broadcom_set_drop_unencrypted(void *priv, int enabled)
382 {
383 struct wpa_driver_broadcom_data *drv = priv;
384 /* SET_EAP_RESTRICT, SET_WEP_RESTRICT */
385 int _restrict = (enabled ? 1 : 0);
386
387 if (broadcom_ioctl(drv, WLC_SET_WEP_RESTRICT,
388 &_restrict, sizeof(_restrict)) < 0 ||
389 broadcom_ioctl(drv, WLC_SET_EAP_RESTRICT,
390 &_restrict, sizeof(_restrict)) < 0)
391 return -1;
392
393 return 0;
394 }
395
396 static void wpa_driver_broadcom_scan_timeout(void *eloop_ctx,
397 void *timeout_ctx)
398 {
399 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
400 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
401 }
402
403 static int wpa_driver_broadcom_scan(void *priv,
404 struct wpa_driver_scan_params *params)
405 {
406 struct wpa_driver_broadcom_data *drv = priv;
407 wlc_ssid_t wst = { 0, "" };
408 const u8 *ssid = params->ssids[0].ssid;
409 size_t ssid_len = params->ssids[0].ssid_len;
410
411 if (ssid && ssid_len > 0 && ssid_len <= sizeof(wst.SSID)) {
412 wst.SSID_len = ssid_len;
413 os_memcpy(wst.SSID, ssid, ssid_len);
414 }
415
416 if (broadcom_ioctl(drv, WLC_SCAN, &wst, sizeof(wst)) < 0)
417 return -1;
418
419 eloop_cancel_timeout(wpa_driver_broadcom_scan_timeout, drv, drv->ctx);
420 eloop_register_timeout(3, 0, wpa_driver_broadcom_scan_timeout, drv,
421 drv->ctx);
422 return 0;
423 }
424
425
426 static const int frequency_list[] = {
427 2412, 2417, 2422, 2427, 2432, 2437, 2442,
428 2447, 2452, 2457, 2462, 2467, 2472, 2484
429 };
430
431 struct bss_ie_hdr {
432 u8 elem_id;
433 u8 len;
434 u8 oui[3];
435 /* u8 oui_type; */
436 /* u16 version; */
437 } __attribute__ ((packed));
438
439 static struct wpa_scan_results *
440 wpa_driver_broadcom_get_scan_results(void *priv)
441 {
442 struct wpa_driver_broadcom_data *drv = priv;
443 char *buf;
444 wl_scan_results_t *wsr;
445 wl_bss_info_t *wbi;
446 size_t ap_num;
447 struct wpa_scan_results *res;
448
449 buf = os_malloc(WLC_IOCTL_MAXLEN);
450 if (buf == NULL)
451 return NULL;
452
453 wsr = (wl_scan_results_t *) buf;
454
455 wsr->buflen = WLC_IOCTL_MAXLEN - sizeof(wsr);
456 wsr->version = 107;
457 wsr->count = 0;
458
459 if (broadcom_ioctl(drv, WLC_SCAN_RESULTS, buf, WLC_IOCTL_MAXLEN) < 0) {
460 os_free(buf);
461 return NULL;
462 }
463
464 res = os_zalloc(sizeof(*res));
465 if (res == NULL) {
466 os_free(buf);
467 return NULL;
468 }
469
470 res->res = os_zalloc(wsr->count * sizeof(struct wpa_scan_res *));
471 if (res->res == NULL) {
472 os_free(res);
473 os_free(buf);
474 return NULL;
475 }
476
477 for (ap_num = 0, wbi = wsr->bss_info; ap_num < wsr->count; ++ap_num) {
478 struct wpa_scan_res *r;
479 r = os_malloc(sizeof(*r) + wbi->ie_length);
480 if (r == NULL)
481 break;
482 res->res[res->num++] = r;
483
484 os_memcpy(r->bssid, &wbi->BSSID, ETH_ALEN);
485 r->freq = frequency_list[wbi->channel - 1];
486 /* get ie's */
487 os_memcpy(r + 1, wbi + 1, wbi->ie_length);
488 r->ie_len = wbi->ie_length;
489
490 wbi = (wl_bss_info_t *) ((u8 *) wbi + wbi->length);
491 }
492
493 wpa_printf(MSG_MSGDUMP, "Received %d bytes of scan results (%lu "
494 "BSSes)",
495 wsr->buflen, (unsigned long) ap_num);
496
497 os_free(buf);
498 return res;
499 }
500
501 static int wpa_driver_broadcom_deauthenticate(void *priv, const u8 *addr,
502 int reason_code)
503 {
504 struct wpa_driver_broadcom_data *drv = priv;
505 wlc_deauth_t wdt;
506 wdt.val = reason_code;
507 os_memcpy(&wdt.ea, addr, sizeof wdt.ea);
508 wdt.res = 0x7fff;
509 return broadcom_ioctl(drv, WLC_DEAUTHENTICATE_WITH_REASON, &wdt,
510 sizeof(wdt));
511 }
512
513 static int wpa_driver_broadcom_disassociate(void *priv, const u8 *addr,
514 int reason_code)
515 {
516 struct wpa_driver_broadcom_data *drv = priv;
517 return broadcom_ioctl(drv, WLC_DISASSOC, NULL, 0);
518 }
519
520 static int
521 wpa_driver_broadcom_associate(void *priv,
522 struct wpa_driver_associate_params *params)
523 {
524 struct wpa_driver_broadcom_data *drv = priv;
525 wlc_ssid_t s;
526 int infra = 1;
527 int auth = 0;
528 int wsec = 4;
529 int dummy;
530 int wpa_auth;
531 int ret;
532
533 ret = wpa_driver_broadcom_set_drop_unencrypted(
534 drv, params->drop_unencrypted);
535
536 s.SSID_len = params->ssid_len;
537 os_memcpy(s.SSID, params->ssid, params->ssid_len);
538
539 switch (params->pairwise_suite) {
540 case CIPHER_WEP40:
541 case CIPHER_WEP104:
542 wsec = 1;
543 break;
544
545 case CIPHER_TKIP:
546 wsec = 2;
547 break;
548
549 case CIPHER_CCMP:
550 wsec = 4;
551 break;
552
553 default:
554 wsec = 0;
555 break;
556 }
557
558 switch (params->key_mgmt_suite) {
559 case KEY_MGMT_802_1X:
560 wpa_auth = 1;
561 break;
562
563 case KEY_MGMT_PSK:
564 wpa_auth = 2;
565 break;
566
567 default:
568 wpa_auth = 255;
569 break;
570 }
571
572 /* printf("broadcom_associate: %u %u %u\n", pairwise_suite,
573 * group_suite, key_mgmt_suite);
574 * broadcom_ioctl(ifname, WLC_GET_WSEC, &wsec, sizeof(wsec));
575 * wl join uses wlc_sec_wep here, not wlc_set_wsec */
576
577 if (broadcom_ioctl(drv, WLC_SET_WSEC, &wsec, sizeof(wsec)) < 0 ||
578 broadcom_ioctl(drv, WLC_SET_WPA_AUTH, &wpa_auth,
579 sizeof(wpa_auth)) < 0 ||
580 broadcom_ioctl(drv, WLC_GET_WEP, &dummy, sizeof(dummy)) < 0 ||
581 broadcom_ioctl(drv, WLC_SET_INFRA, &infra, sizeof(infra)) < 0 ||
582 broadcom_ioctl(drv, WLC_SET_AUTH, &auth, sizeof(auth)) < 0 ||
583 broadcom_ioctl(drv, WLC_SET_WEP, &wsec, sizeof(wsec)) < 0 ||
584 broadcom_ioctl(drv, WLC_SET_SSID, &s, sizeof(s)) < 0)
585 return -1;
586
587 return ret;
588 }
589
590 const struct wpa_driver_ops wpa_driver_broadcom_ops = {
591 .name = "broadcom",
592 .desc = "Broadcom wl.o driver",
593 .get_bssid = wpa_driver_broadcom_get_bssid,
594 .get_ssid = wpa_driver_broadcom_get_ssid,
595 .set_key = wpa_driver_broadcom_set_key,
596 .init = wpa_driver_broadcom_init,
597 .deinit = wpa_driver_broadcom_deinit,
598 .set_countermeasures = wpa_driver_broadcom_set_countermeasures,
599 .scan2 = wpa_driver_broadcom_scan,
600 .get_scan_results2 = wpa_driver_broadcom_get_scan_results,
601 .deauthenticate = wpa_driver_broadcom_deauthenticate,
602 .disassociate = wpa_driver_broadcom_disassociate,
603 .associate = wpa_driver_broadcom_associate,
604 };