search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
First Support on Ginger and OMAP TI
[linux-ginger.git] / drivers / staging / rt3090 / sta / auth.c
blob157e2999fa192f9f6b4ae281eee3540e5ede6f32
1 /*
2 *************************************************************************
3 * Ralink Tech Inc.
4 * 5F., No.36, Taiyuan St., Jhubei City,
5 * Hsinchu County 302,
6 * Taiwan, R.O.C.
7 *
8 * (c) Copyright 2002-2007, Ralink Technology, Inc.
9 *
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
14 * *
15 * This program is distributed in the hope that it will be useful, *
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
18 * GNU General Public License for more details. *
19 * *
20 * You should have received a copy of the GNU General Public License *
21 * along with this program; if not, write to the *
22 * Free Software Foundation, Inc., *
23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
24 * *
25 *************************************************************************
26
27 Module Name:
28 auth.c
29
30 Abstract:
31
32 Revision History:
33 Who When What
34 -------- ---------- ----------------------------------------------
35 John 2004-9-3 porting from RT2500
36 */
37
38 #include "../rt_config.h"
39
40
41 /*
42 ==========================================================================
43 Description:
44 authenticate state machine init, including state transition and timer init
45 Parameters:
46 Sm - pointer to the auth state machine
47 Note:
48 The state machine looks like this
49
50 AUTH_REQ_IDLE AUTH_WAIT_SEQ2 AUTH_WAIT_SEQ4
51 MT2_MLME_AUTH_REQ mlme_auth_req_action invalid_state_when_auth invalid_state_when_auth
52 MT2_PEER_AUTH_EVEN drop peer_auth_even_at_seq2_action peer_auth_even_at_seq4_action
53 MT2_AUTH_TIMEOUT Drop auth_timeout_action auth_timeout_action
54
55 IRQL = PASSIVE_LEVEL
56
57 ==========================================================================
58 */
59
60 void AuthStateMachineInit(
61 IN PRTMP_ADAPTER pAd,
62 IN STATE_MACHINE *Sm,
63 OUT STATE_MACHINE_FUNC Trans[])
64 {
65 StateMachineInit(Sm, Trans, MAX_AUTH_STATE, MAX_AUTH_MSG, (STATE_MACHINE_FUNC)Drop, AUTH_REQ_IDLE, AUTH_MACHINE_BASE);
66
67 // the first column
68 StateMachineSetAction(Sm, AUTH_REQ_IDLE, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)MlmeAuthReqAction);
69
70 // the second column
71 StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);
72 StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq2Action);
73 StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);
74
75 // the third column
76 StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);
77 StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq4Action);
78 StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);
79
80 RTMPInitTimer(pAd, &pAd->MlmeAux.AuthTimer, GET_TIMER_FUNCTION(AuthTimeout), pAd, FALSE);
81 }
82
83 /*
84 ==========================================================================
85 Description:
86 function to be executed at timer thread when auth timer expires
87
88 IRQL = DISPATCH_LEVEL
89
90 ==========================================================================
91 */
92 VOID AuthTimeout(
93 IN PVOID SystemSpecific1,
94 IN PVOID FunctionContext,
95 IN PVOID SystemSpecific2,
96 IN PVOID SystemSpecific3)
97 {
98 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
99
100 DBGPRINT(RT_DEBUG_TRACE,("AUTH - AuthTimeout\n"));
101
102 // Do nothing if the driver is starting halt state.
103 // This might happen when timer already been fired before cancel timer with mlmehalt
104 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
105 return;
106
107 // send a de-auth to reset AP's state machine (Patch AP-Dir635)
108 if (pAd->Mlme.AuthMachine.CurrState == AUTH_WAIT_SEQ2)
109 Cls2errAction(pAd, pAd->MlmeAux.Bssid);
110
111
112 MlmeEnqueue(pAd, AUTH_STATE_MACHINE, MT2_AUTH_TIMEOUT, 0, NULL);
113 RTMP_MLME_HANDLER(pAd);
114 }
115
116
117 /*
118 ==========================================================================
119 Description:
120
121 IRQL = DISPATCH_LEVEL
122
123 ==========================================================================
124 */
125 VOID MlmeAuthReqAction(
126 IN PRTMP_ADAPTER pAd,
127 IN MLME_QUEUE_ELEM *Elem)
128 {
129 if (AUTH_ReqSend(pAd, Elem, &pAd->MlmeAux.AuthTimer, "AUTH", 1, NULL, 0))
130 pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ2;
131 else
132 {
133 USHORT Status;
134
135 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
136 Status = MLME_INVALID_FORMAT;
137 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
138 }
139 }
140
141 /*
142 ==========================================================================
143 Description:
144
145 IRQL = DISPATCH_LEVEL
146
147 ==========================================================================
148 */
149 VOID PeerAuthRspAtSeq2Action(
150 IN PRTMP_ADAPTER pAd,
151 IN MLME_QUEUE_ELEM *Elem)
152 {
153 UCHAR Addr2[MAC_ADDR_LEN];
154 USHORT Seq, Status, RemoteStatus, Alg;
155 UCHAR ChlgText[CIPHER_TEXT_LEN];
156 UCHAR CyperChlgText[CIPHER_TEXT_LEN + 8 + 8];
157 UCHAR Element[2];
158 HEADER_802_11 AuthHdr;
159 BOOLEAN TimerCancelled;
160 PUCHAR pOutBuffer = NULL;
161 NDIS_STATUS NStatus;
162 ULONG FrameLen = 0;
163 USHORT Status2;
164
165 if (PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, (PCHAR)ChlgText))
166 {
167 if (MAC_ADDR_EQUAL(pAd->MlmeAux.Bssid, Addr2) && Seq == 2)
168 {
169 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Receive AUTH_RSP seq#2 to me (Alg=%d, Status=%d)\n", Alg, Status));
170 RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled);
171
172 if (Status == MLME_SUCCESS)
173 {
174 // Authentication Mode "LEAP" has allow for CCX 1.X
175 if (pAd->MlmeAux.Alg == Ndis802_11AuthModeOpen)
176 {
177 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
178 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
179 }
180 else
181 {
182 // 2. shared key, need to be challenged
183 Seq++;
184 RemoteStatus = MLME_SUCCESS;
185
186 // Get an unused nonpaged memory
187 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
188 if(NStatus != NDIS_STATUS_SUCCESS)
189 {
190 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthRspAtSeq2Action() allocate memory fail\n"));
191 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
192 Status2 = MLME_FAIL_NO_RESOURCE;
193 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status2);
194 return;
195 }
196
197 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send AUTH request seq#3...\n"));
198 MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr2, pAd->MlmeAux.Bssid);
199 AuthHdr.FC.Wep = 1;
200 // Encrypt challenge text & auth information
201 RTMPInitWepEngine(
202 pAd,
203 pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].Key,
204 pAd->StaCfg.DefaultKeyId,
205 pAd->SharedKey[BSS0][pAd->StaCfg.DefaultKeyId].KeyLen,
206 CyperChlgText);
207
208 Alg = cpu2le16(*(USHORT *)&Alg);
209 Seq = cpu2le16(*(USHORT *)&Seq);
210 RemoteStatus= cpu2le16(*(USHORT *)&RemoteStatus);
211
212 RTMPEncryptData(pAd, (PUCHAR) &Alg, CyperChlgText + 4, 2);
213 RTMPEncryptData(pAd, (PUCHAR) &Seq, CyperChlgText + 6, 2);
214 RTMPEncryptData(pAd, (PUCHAR) &RemoteStatus, CyperChlgText + 8, 2);
215 Element[0] = 16;
216 Element[1] = 128;
217 RTMPEncryptData(pAd, Element, CyperChlgText + 10, 2);
218 RTMPEncryptData(pAd, ChlgText, CyperChlgText + 12, 128);
219 RTMPSetICV(pAd, CyperChlgText + 140);
220 MakeOutgoingFrame(pOutBuffer, &FrameLen,
221 sizeof(HEADER_802_11), &AuthHdr,
222 CIPHER_TEXT_LEN + 16, CyperChlgText,
223 END_OF_ARGS);
224 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
225 MlmeFreeMemory(pAd, pOutBuffer);
226
227 RTMPSetTimer(&pAd->MlmeAux.AuthTimer, AUTH_TIMEOUT);
228 pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ4;
229 }
230 }
231 else
232 {
233 pAd->StaCfg.AuthFailReason = Status;
234 COPY_MAC_ADDR(pAd->StaCfg.AuthFailSta, Addr2);
235 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
236 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
237 }
238 }
239 }
240 else
241 {
242 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthSanity() sanity check fail\n"));
243 }
244 }
245
246 /*
247 ==========================================================================
248 Description:
249
250 IRQL = DISPATCH_LEVEL
251
252 ==========================================================================
253 */
254 VOID PeerAuthRspAtSeq4Action(
255 IN PRTMP_ADAPTER pAd,
256 IN MLME_QUEUE_ELEM *Elem)
257 {
258 UCHAR Addr2[MAC_ADDR_LEN];
259 USHORT Alg, Seq, Status;
260 CHAR ChlgText[CIPHER_TEXT_LEN];
261 BOOLEAN TimerCancelled;
262
263 if(PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, ChlgText))
264 {
265 if(MAC_ADDR_EQUAL(pAd->MlmeAux.Bssid, Addr2) && Seq == 4)
266 {
267 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Receive AUTH_RSP seq#4 to me\n"));
268 RTMPCancelTimer(&pAd->MlmeAux.AuthTimer, &TimerCancelled);
269
270 if (Status != MLME_SUCCESS)
271 {
272 pAd->StaCfg.AuthFailReason = Status;
273 COPY_MAC_ADDR(pAd->StaCfg.AuthFailSta, Addr2);
274 }
275
276 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
277 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
278 }
279 }
280 else
281 {
282 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - PeerAuthRspAtSeq4Action() sanity check fail\n"));
283 }
284 }
285
286 /*
287 ==========================================================================
288 Description:
289
290 IRQL = DISPATCH_LEVEL
291
292 ==========================================================================
293 */
294 VOID MlmeDeauthReqAction(
295 IN PRTMP_ADAPTER pAd,
296 IN MLME_QUEUE_ELEM *Elem)
297 {
298 MLME_DEAUTH_REQ_STRUCT *pInfo;
299 HEADER_802_11 DeauthHdr;
300 PUCHAR pOutBuffer = NULL;
301 NDIS_STATUS NStatus;
302 ULONG FrameLen = 0;
303 USHORT Status;
304
305 pInfo = (MLME_DEAUTH_REQ_STRUCT *)Elem->Msg;
306
307 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
308 if (NStatus != NDIS_STATUS_SUCCESS)
309 {
310 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - MlmeDeauthReqAction() allocate memory fail\n"));
311 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
312 Status = MLME_FAIL_NO_RESOURCE;
313 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DEAUTH_CONF, 2, &Status);
314 return;
315 }
316
317
318 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Send DE-AUTH request (Reason=%d)...\n", pInfo->Reason));
319 MgtMacHeaderInit(pAd, &DeauthHdr, SUBTYPE_DEAUTH, 0, pInfo->Addr, pAd->MlmeAux.Bssid);
320 MakeOutgoingFrame(pOutBuffer, &FrameLen,
321 sizeof(HEADER_802_11),&DeauthHdr,
322 2, &pInfo->Reason,
323 END_OF_ARGS);
324 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
325 MlmeFreeMemory(pAd, pOutBuffer);
326
327 pAd->StaCfg.DeauthReason = pInfo->Reason;
328 COPY_MAC_ADDR(pAd->StaCfg.DeauthSta, pInfo->Addr);
329 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
330 Status = MLME_SUCCESS;
331 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DEAUTH_CONF, 2, &Status);
332
333 // send wireless event - for deauthentication
334 if (pAd->CommonCfg.bWirelessEvent)
335 RTMPSendWirelessEvent(pAd, IW_DEAUTH_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0);
336 }
337
338 /*
339 ==========================================================================
340 Description:
341
342 IRQL = DISPATCH_LEVEL
343
344 ==========================================================================
345 */
346 VOID AuthTimeoutAction(
347 IN PRTMP_ADAPTER pAd,
348 IN MLME_QUEUE_ELEM *Elem)
349 {
350 USHORT Status;
351 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - AuthTimeoutAction\n"));
352 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
353 Status = MLME_REJ_TIMEOUT;
354 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
355 }
356
357 /*
358 ==========================================================================
359 Description:
360
361 IRQL = DISPATCH_LEVEL
362
363 ==========================================================================
364 */
365 VOID InvalidStateWhenAuth(
366 IN PRTMP_ADAPTER pAd,
367 IN MLME_QUEUE_ELEM *Elem)
368 {
369 USHORT Status;
370 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - InvalidStateWhenAuth (state=%ld), reset AUTH state machine\n", pAd->Mlme.AuthMachine.CurrState));
371 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
372 Status = MLME_STATE_MACHINE_REJECT;
373 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
374 }
375
376 /*
377 ==========================================================================
378 Description:
379 Some STA/AP
380 Note:
381 This action should never trigger AUTH state transition, therefore we
382 separate it from AUTH state machine, and make it as a standalone service
383
384 IRQL = DISPATCH_LEVEL
385
386 ==========================================================================
387 */
388 VOID Cls2errAction(
389 IN PRTMP_ADAPTER pAd,
390 IN PUCHAR pAddr)
391 {
392 HEADER_802_11 DeauthHdr;
393 PUCHAR pOutBuffer = NULL;
394 NDIS_STATUS NStatus;
395 ULONG FrameLen = 0;
396 USHORT Reason = REASON_CLS2ERR;
397
398 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
399 if (NStatus != NDIS_STATUS_SUCCESS)
400 return;
401
402 DBGPRINT(RT_DEBUG_TRACE, ("AUTH - Class 2 error, Send DEAUTH frame...\n"));
403 MgtMacHeaderInit(pAd, &DeauthHdr, SUBTYPE_DEAUTH, 0, pAddr, pAd->MlmeAux.Bssid);
404 MakeOutgoingFrame(pOutBuffer, &FrameLen,
405 sizeof(HEADER_802_11),&DeauthHdr,
406 2, &Reason,
407 END_OF_ARGS);
408 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
409 MlmeFreeMemory(pAd, pOutBuffer);
410
411 pAd->StaCfg.DeauthReason = Reason;
412 COPY_MAC_ADDR(pAd->StaCfg.DeauthSta, pAddr);
413 }
414
415 BOOLEAN AUTH_ReqSend(
416 IN PRTMP_ADAPTER pAd,
417 IN PMLME_QUEUE_ELEM pElem,
418 IN PRALINK_TIMER_STRUCT pAuthTimer,
419 IN PSTRING pSMName,
420 IN USHORT SeqNo,
421 IN PUCHAR pNewElement,
422 IN ULONG ElementLen)
423 {
424 USHORT Alg, Seq, Status;
425 UCHAR Addr[6];
426 ULONG Timeout;
427 HEADER_802_11 AuthHdr;
428 BOOLEAN TimerCancelled;
429 NDIS_STATUS NStatus;
430 PUCHAR pOutBuffer = NULL;
431 ULONG FrameLen = 0, tmp = 0;
432
433 // Block all authentication request durning WPA block period
434 if (pAd->StaCfg.bBlockAssoc == TRUE)
435 {
436 DBGPRINT(RT_DEBUG_TRACE, ("%s - Block Auth request durning WPA block period!\n", pSMName));
437 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
438 Status = MLME_STATE_MACHINE_REJECT;
439 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
440 }
441 else if(MlmeAuthReqSanity(pAd, pElem->Msg, pElem->MsgLen, Addr, &Timeout, &Alg))
442 {
443 /* reset timer */
444 RTMPCancelTimer(pAuthTimer, &TimerCancelled);
445
446 COPY_MAC_ADDR(pAd->MlmeAux.Bssid, Addr);
447 pAd->MlmeAux.Alg = Alg;
448 Seq = SeqNo;
449 Status = MLME_SUCCESS;
450
451 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
452 if(NStatus != NDIS_STATUS_SUCCESS)
453 {
454 DBGPRINT(RT_DEBUG_TRACE, ("%s - MlmeAuthReqAction(Alg:%d) allocate memory failed\n", pSMName, Alg));
455 pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;
456 Status = MLME_FAIL_NO_RESOURCE;
457 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);
458 return FALSE;
459 }
460
461 DBGPRINT(RT_DEBUG_TRACE, ("%s - Send AUTH request seq#1 (Alg=%d)...\n", pSMName, Alg));
462 MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr, pAd->MlmeAux.Bssid);
463 MakeOutgoingFrame(pOutBuffer, &FrameLen,
464 sizeof(HEADER_802_11),&AuthHdr,
465 2, &Alg,
466 2, &Seq,
467 2, &Status,
468 END_OF_ARGS);
469
470 if (pNewElement && ElementLen)
471 {
472 MakeOutgoingFrame(pOutBuffer+FrameLen, &tmp,
473 ElementLen, pNewElement,
474 END_OF_ARGS);
475 FrameLen += tmp;
476 }
477
478 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
479 MlmeFreeMemory(pAd, pOutBuffer);
480
481 RTMPSetTimer(pAuthTimer, Timeout);
482 return TRUE;
483 }
484 else
485 {
486 DBGPRINT_ERR(("%s - MlmeAuthReqAction() sanity check failed\n", pSMName));
487 return FALSE;
488 }
489
490 return TRUE;
491 }
Linux for Ginger Game Console