search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MOXA linux-2.6.x / linux-2.6.9-uc0 from sdlinux-moxaart.tgz
[linux-2.6.9-moxart.git] / drivers / net / wireless / rtlink.org / auth.c
blob6e9c662de8a384cec405c6630d2802b04b7841cb
1 /****************************************************************************
2 * Ralink Tech Inc.
3 * 4F, No. 2 Technology 5th Rd.
4 * Science-based Industrial Park
5 * Hsin-chu, Taiwan, R.O.C.
6 * (c) Copyright 2002, Ralink Technology, Inc.
7 *
8 * All rights reserved. Ralink's source code is an unpublished work and the
9 * use of a copyright notice does not imply otherwise. This source code
10 * contains confidential trade secret material of Ralink Tech. Any attemp
11 * or participation in deciphering, decoding, reverse engineering or in any
12 * way altering the source code is stricitly prohibited, unless the prior
13 * written consent of Ralink Technology, Inc. is obtained.
14 ****************************************************************************/
15
16 #include "rt_config.h"
17
18 /*
19 ==========================================================================
20 Description:
21 authenticate state machine init, including state transition and timer init
22 Parameters:
23 Sm - pointer to the auth state machine
24 Note:
25 The state machine looks like this
26
27 AUTH_REQ_IDLE AUTH_WAIT_SEQ2 AUTH_WAIT_SEQ4
28 MT2_MLME_AUTH_REQ mlme_auth_req_action invalid_state_when_auth invalid_state_when_auth
29 MT2_MLME_DEAUTH_REQ mlme_deauth_req_action mlme_deauth_req_action mlme_deauth_req_action
30 MT2_CLS2ERR cls2err_action cls2err_action cls2err_action
31 MT2_PEER_AUTH_EVEN drop peer_auth_even_at_seq2_action peer_auth_even_at_seq4_action
32 MT2_AUTH_TIMEOUT Drop auth_timeout_action auth_timeout_action
33 ==========================================================================
34 */
35
36 void AuthStateMachineInit(
37 IN PRTMP_ADAPTER pAd,
38 IN STATE_MACHINE *Sm,
39 OUT STATE_MACHINE_FUNC Trans[])
40 {
41 StateMachineInit(Sm, (STATE_MACHINE_FUNC*)Trans, MAX_AUTH_STATE, MAX_AUTH_MSG, (STATE_MACHINE_FUNC)Drop, AUTH_REQ_IDLE, AUTH_MACHINE_BASE);
42
43 // the first column
44 StateMachineSetAction(Sm, AUTH_REQ_IDLE, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)MlmeAuthReqAction);
45 // StateMachineSetAction(Sm, AUTH_REQ_IDLE, MT2_MLME_DEAUTH_REQ, (STATE_MACHINE_FUNC)MlmeDeauthReqAction);
46 // StateMachineSetAction(Sm, AUTH_REQ_IDLE, MT2_CLS2ERR, (STATE_MACHINE_FUNC)Cls2errAction);
47
48 // the second column
49 StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);
50 // StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_MLME_DEAUTH_REQ, (STATE_MACHINE_FUNC)MlmeDeauthReqAction);
51 // StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_CLS2ERR, (STATE_MACHINE_FUNC)Cls2errAction);
52 StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq2Action);
53 StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);
54
55 // the third column
56 StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);
57 // StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_MLME_DEAUTH_REQ, (STATE_MACHINE_FUNC)MlmeDeauthReqAction);
58 // StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_CLS2ERR, (STATE_MACHINE_FUNC)Cls2errAction);
59 StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq4Action);
60 StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);
61
62 RTMPInitTimer(pAd, &pAd->Mlme.AuthAux.AuthTimer, AuthTimeout);
63 }
64
65 /*
66 ==========================================================================
67 Description:
68 function to be executed at timer thread when auth timer expires
69 ==========================================================================
70 */
71 VOID AuthTimeout(
72 IN unsigned long data)
73 {
74 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)data;
75
76 DBGPRINT(RT_DEBUG_TRACE,"AUTH - AuthTimeout\n");
77 MlmeEnqueue(&pAd->Mlme.Queue, AUTH_STATE_MACHINE, MT2_AUTH_TIMEOUT, 0, NULL);
78 MlmeHandler(pAd);
79 }
80
81
82 /*
83 ==========================================================================
84 Description:
85 ==========================================================================
86 */
87 VOID MlmeAuthReqAction(
88 IN PRTMP_ADAPTER pAd,
89 IN MLME_QUEUE_ELEM *Elem)
90 {
91 MACADDR Addr;
92 USHORT Alg, Seq, Status;
93 ULONG Timeout;
94 MACHDR AuthHdr;
95 NDIS_STATUS NStatus;
96 UCHAR *OutBuffer = NULL;
97 ULONG FrameLen = 0;
98
99 // Block all authentication request durning WPA block period
100 if (pAd->PortCfg.bBlockAssoc == TRUE)
101 {
102 DBGPRINT(RT_DEBUG_TRACE, "AUTH - Block Auth request durning WPA block period!\n");
103 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
104 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, MLME_STATE_MACHINE_REJECT);
105 }
106 else if(MlmeAuthReqSanity(pAd, Elem->Msg, Elem->MsgLen, &Addr, &Timeout, &Alg))
107 {
108 // reset timer
109 RTMPCancelTimer(&pAd->Mlme.AuthAux.AuthTimer);
110 pAd->Mlme.AuthAux.Addr = Addr;
111 pAd->Mlme.AuthAux.Alg = Alg;
112 pAd->PortCfg.Mauth = FALSE;
113 Seq = 1;
114 Status = MLME_SUCCESS;
115
116 NStatus = MlmeAllocateMemory(pAd, (PVOID)&OutBuffer); //Get an unused nonpaged memory
117 if(NStatus != NDIS_STATUS_SUCCESS)
118 {
119 DBGPRINT(RT_DEBUG_TRACE, "AUTH - MlmeAuthReqAction() allocate memory failed\n");
120 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
121 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, MLME_FAIL_NO_RESOURCE);
122 return;
123 }
124
125 DBGPRINT(RT_DEBUG_TRACE, "AUTH - Send AUTH request seq#1 (Alg=%d)...\n", Alg);
126 MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, &Addr, &pAd->PortCfg.Bssid);
127 MakeOutgoingFrame(OutBuffer, &FrameLen,
128 MAC_HDR_LEN, &AuthHdr,
129 2, &Alg,
130 2, &Seq,
131 2, &Status,
132 END_OF_ARGS);
133 MiniportMMRequest(pAd, OutBuffer, FrameLen);
134
135 RTMPSetTimer(pAd, &pAd->Mlme.AuthAux.AuthTimer, Timeout);
136 pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ2;
137 }
138 else
139 {
140 DBGPRINT(RT_DEBUG_ERROR, "AUTH - MlmeAuthReqAction() sanity check failed. BUG!!!!!\n");
141 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
142 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, MLME_INVALID_FORMAT);
143 }
144 }
145
146 /*
147 ==========================================================================
148 Description:
149 ==========================================================================
150 */
151 VOID PeerAuthRspAtSeq2Action(
152 IN PRTMP_ADAPTER pAd,
153 IN MLME_QUEUE_ELEM *Elem)
154 {
155 MACADDR Addr2;
156 USHORT Seq, Status, RemoteStatus, Alg;
157 UCHAR ChlgText[CIPHER_TEXT_LEN];
158 UCHAR CyperChlgText[CIPHER_TEXT_LEN + 8 + 8];
159 UCHAR Element[2];
160 MACHDR AuthHdr;
161 UCHAR *OutBuffer = NULL;
162 NDIS_STATUS NStatus;
163 ULONG FrameLen = 0;
164
165 if (PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, &Addr2, &Alg, &Seq, &Status, ChlgText))
166 {
167 if (MAC_ADDR_EQUAL(&pAd->Mlme.AuthAux.Addr, &Addr2) && Seq == 2)
168 {
169 DBGPRINT(RT_DEBUG_TRACE, "AUTH - Receive AUTH_RSP seq#2 to me (Alg=%d, Status=%d)\n", Alg, Status);
170 RTMPCancelTimer(&pAd->Mlme.AuthAux.AuthTimer);
171
172 if (Status == MLME_SUCCESS)
173 {
174 if (pAd->Mlme.AuthAux.Alg == Ndis802_11AuthModeOpen)
175 {
176 pAd->PortCfg.Mauth = TRUE;
177 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
178 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, MLME_SUCCESS);
179 }
180 else
181 {
182 // 2. shared key, need to be challenged
183 Seq++;
184 RemoteStatus = MLME_SUCCESS;
185 NStatus = MlmeAllocateMemory(pAd, (PVOID)&OutBuffer); //Get an unused nonpaged memory
186 if(NStatus != NDIS_STATUS_SUCCESS)
187 {
188 DBGPRINT(RT_DEBUG_TRACE, "AUTH - PeerAuthRspAtSeq2Action() allocate memory fail\n");
189 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
190 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, MLME_FAIL_NO_RESOURCE);
191 return;
192 }
193
194 DBGPRINT(RT_DEBUG_TRACE, "AUTH - Send AUTH request seq#3...\n");
195 MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, &Addr2, &pAd->PortCfg.Bssid);
196 AuthHdr.Wep = 1;
197 // Encrypt challenge text & auth information
198 RTMPInitWepEngine(
199 pAd,
200 pAd->PortCfg.SharedKey[pAd->PortCfg.DefaultKeyId].Key,
201 pAd->PortCfg.DefaultKeyId,
202 pAd->PortCfg.SharedKey[pAd->PortCfg.DefaultKeyId].KeyLen,
203 CyperChlgText);
204 #ifdef BIG_ENDIAN
205 Alg = SWAP16(*(USHORT *)&Alg);
206 Seq = SWAP16(*(USHORT *)&Seq);
207 RemoteStatus= SWAP16(*(USHORT *)&RemoteStatus);
208 pAd->NeedSwapToLittleEndian = FALSE;
209 #endif
210 RTMPEncryptData(pAd, (PUCHAR) &Alg, CyperChlgText + 4, 2);
211 RTMPEncryptData(pAd, (PUCHAR) &Seq, CyperChlgText + 6, 2);
212 RTMPEncryptData(pAd, (PUCHAR) &RemoteStatus, CyperChlgText + 8, 2);
213
214 Element[0] = 16;
215 Element[1] = 128;
216 RTMPEncryptData(pAd, Element, CyperChlgText + 10, 2);
217 RTMPEncryptData(pAd, ChlgText, CyperChlgText + 12, 128);
218 RTMPSetICV(pAd, CyperChlgText + 140);
219 MakeOutgoingFrame(OutBuffer, &FrameLen,
220 MAC_HDR_LEN, &AuthHdr,
221 CIPHER_TEXT_LEN + 16, CyperChlgText,
222 END_OF_ARGS);
223 MiniportMMRequest(pAd, OutBuffer, FrameLen);
224 #ifdef BIG_ENDIAN
225 pAd->NeedSwapToLittleEndian = TRUE;
226 #endif
227 RTMPSetTimer(pAd, &pAd->Mlme.AuthAux.AuthTimer, AUTH_TIMEOUT);
228 pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ4;
229 }
230 }
231 else
232 {
233 pAd->PortCfg.AuthFailReason = Status;
234 COPY_MAC_ADDR(&pAd->PortCfg.AuthFailSta, &Addr2);
235 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
236 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, Status);
237 }
238 }
239 }
240 else
241 {
242 DBGPRINT(RT_DEBUG_TRACE, "AUTH - PeerAuthSanity() sanity check fail\n");
243 }
244 }
245
246 /*
247 ==========================================================================
248 Description:
249 ==========================================================================
250 */
251 VOID PeerAuthRspAtSeq4Action(
252 IN PRTMP_ADAPTER pAd,
253 IN MLME_QUEUE_ELEM *Elem)
254 {
255 MACADDR Addr2;
256 USHORT Alg, Seq, Status;
257 CHAR ChlgText[CIPHER_TEXT_LEN];
258
259 if(PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, &Addr2, &Alg, &Seq, &Status, ChlgText))
260 {
261 if(MAC_ADDR_EQUAL(&(pAd->Mlme.AuthAux.Addr), &Addr2) && Seq == 4)
262 {
263 DBGPRINT(RT_DEBUG_TRACE, "AUTH - Receive AUTH_RSP seq#4 to me\n");
264 RTMPCancelTimer(&pAd->Mlme.AuthAux.AuthTimer);
265
266 if(Status == MLME_SUCCESS)
267 {
268 pAd->PortCfg.Mauth = TRUE;
269 }
270 else
271 {
272 pAd->PortCfg.AuthFailReason = Status;
273 pAd->PortCfg.AuthFailSta = Addr2;
274 }
275
276 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
277 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, Status);
278 }
279 }
280 else
281 {
282 DBGPRINT(RT_DEBUG_TRACE, "AUTH - PeerAuthRspAtSeq4Action() sanity check fail\n");
283 }
284 }
285
286 /*
287 ==========================================================================
288 Description:
289 ==========================================================================
290 */
291 VOID MlmeDeauthReqAction(
292 IN PRTMP_ADAPTER pAd,
293 IN MLME_QUEUE_ELEM *Elem)
294 {
295 MLME_DEAUTH_REQ_STRUCT *Info;
296 MACHDR Hdr;
297 UCHAR *OutBuffer = NULL;
298 NDIS_STATUS NStatus;
299 ULONG FrameLen = 0;
300
301 Info = (MLME_DEAUTH_REQ_STRUCT *)Elem->Msg;
302
303 NStatus = MlmeAllocateMemory(pAd, (PVOID)&OutBuffer); //Get an unused nonpaged memory
304 if (NStatus != NDIS_STATUS_SUCCESS)
305 {
306 DBGPRINT(RT_DEBUG_TRACE, "AUTH - MlmeDeauthReqAction() allocate memory fail\n");
307 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
308 MlmeCntlConfirm(pAd, MT2_DEAUTH_CONF, MLME_FAIL_NO_RESOURCE);
309 return;
310 }
311
312 DBGPRINT(RT_DEBUG_TRACE, "AUTH - Send DE-AUTH request...\n");
313 MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, &Info->Addr, &pAd->PortCfg.Bssid);
314 MakeOutgoingFrame(OutBuffer, &FrameLen,
315 sizeof(MACHDR), &Hdr,
316 2, &Info->Reason,
317 END_OF_ARGS);
318 MiniportMMRequest(pAd, OutBuffer, FrameLen);
319
320 pAd->PortCfg.DeauthReason = Info->Reason;
321 COPY_MAC_ADDR(&pAd->PortCfg.DeauthSta, &Info->Addr);
322 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
323 MlmeCntlConfirm(pAd, MT2_DEAUTH_CONF, MLME_SUCCESS);
324 }
325
326 /*
327 ==========================================================================
328 Description:
329 ==========================================================================
330 */
331 VOID AuthTimeoutAction(
332 IN PRTMP_ADAPTER pAd,
333 IN MLME_QUEUE_ELEM *Elem)
334 {
335 DBGPRINT(RT_DEBUG_TRACE, "AUTH - AuthTimeoutAction\n");
336 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
337 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, MLME_REJ_TIMEOUT);
338 }
339
340 /*
341 ==========================================================================
342 Description:
343 ==========================================================================
344 */
345 VOID InvalidStateWhenAuth(
346 IN PRTMP_ADAPTER pAd,
347 IN MLME_QUEUE_ELEM *Elem)
348 {
349 DBGPRINT(RT_DEBUG_TRACE, "AUTH - InvalidStateWhenAuth (state=%d), reset AUTH state machine\n", pAd->Mlme.AuthMachine.CurrState);
350 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
351 MlmeCntlConfirm(pAd, MT2_AUTH_CONF, MLME_STATE_MACHINE_REJECT);
352 }
353
354 /*
355 ==========================================================================
356 Description:
357 Some STA/AP
358 Note:
359 This action should never trigger AUTH state transition, therefore we
360 separate it from AUTH state machine, and make it as a standalone service
361 ==========================================================================
362 */
363 VOID Cls2errAction(
364 IN PRTMP_ADAPTER pAd,
365 IN PMACADDR pAddr)
366 {
367 MACHDR Hdr;
368 UCHAR *OutBuffer = NULL;
369 NDIS_STATUS NStatus;
370 ULONG FrameLen = 0;
371 USHORT Reason = REASON_CLS2ERR;
372
373 NStatus = MlmeAllocateMemory(pAd, (PVOID)&OutBuffer); //Get an unused nonpaged memory
374 if (NStatus != NDIS_STATUS_SUCCESS)
375 return;
376
377 DBGPRINT(RT_DEBUG_TRACE, "AUTH - Class 2 error, Send DEAUTH frame...\n");
378 MgtMacHeaderInit(pAd, &Hdr, SUBTYPE_DEAUTH, 0, pAddr, &pAd->PortCfg.Bssid);
379 MakeOutgoingFrame(OutBuffer, &FrameLen,
380 sizeof(MACHDR), &Hdr,
381 2, &Reason,
382 END_OF_ARGS);
383 MiniportMMRequest(pAd, OutBuffer, FrameLen);
384
385 pAd->PortCfg.DeauthReason = Reason;
386 COPY_MAC_ADDR(&pAd->PortCfg.DeauthSta, pAddr);
387 }
388
389
MOXA 2.6.9 from sdlinux-moxaart.tgz