Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / vendor / qcom-opensource / wlan / prima / e7245744a820869678f8c470cf342df3fc81d9fa / . / CORE / MAC / src / pe / lim / limProcessAuthFrame.c
blob: 5049af5b646693e270504f78d5dd2970e73a1ae8 [file] [log] [blame]
Jeff Johnson295189b2012-06-20 16:38:30 -0700[diff] [blame]1/*
2 * Copyright (c) 2012, Code Aurora Forum. All rights reserved.
3 *
4 * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
5 *
6 *
7 * Permission to use, copy, modify, and/or distribute this software for
8 * any purpose with or without fee is hereby granted, provided that the
9 * above copyright notice and this permission notice appear in all
10 * copies.
11 *
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
13 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
14 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
15 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
16 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
17 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
18 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
19 * PERFORMANCE OF THIS SOFTWARE.
20 */
21
22/*
23 *
24 * Airgo Networks, Inc proprietary. All rights reserved.
25 * This file limProcessAuthFrame.cc contains the code
26 * for processing received Authentication Frame.
27 * Author: Chandra Modumudi
28 * Date: 03/11/02
29 * History:-
30 * Date Modified by Modification Information
31 * --------------------------------------------------------------------
32 * 05/12/2010 js To support Shared key authentication at AP side
33 *
34 */
35
36#include "wniApi.h"
37#ifdef FEATURE_WLAN_NON_INTEGRATED_SOC
38#include "halDataStruct.h"
39#endif
40#if (WNI_POLARIS_FW_PRODUCT == AP)
41#include "wniCfgAp.h"
42#else
43#include "wniCfgSta.h"
44#endif
45#include "aniGlobal.h"
46#include "cfgApi.h"
47
48#include "utilsApi.h"
49#include "limUtils.h"
50#include "limAssocUtils.h"
51#include "limSecurityUtils.h"
52#include "limSerDesUtils.h"
53#ifdef WLAN_FEATURE_VOWIFI_11R
54#include "limFT.h"
55#endif
56#include "vos_utils.h"
57
58
59/**
60 * isAuthValid
61 *
62 *FUNCTION:
63 * This function is called by limProcessAuthFrame() upon Authentication
64 * frame reception.
65 *
66 *LOGIC:
67 * This function is used to test validity of auth frame:
68 * - AUTH1 and AUTH3 must be received in AP mode
69 * - AUTH2 and AUTH4 must be received in STA mode
70 * - AUTH3 and AUTH4 must have challenge text IE, that is,'type' field has been set to
71 * SIR_MAC_CHALLENGE_TEXT_EID by parser
72 * -
73 *
74 *ASSUMPTIONS:
75 *
76 *NOTE:
77 *
78 * @param *auth - Pointer to extracted auth frame body
79 *
80 * @return 0 or 1 (Valid)
81 */
82
83
84static inline unsigned int isAuthValid(tpAniSirGlobal pMac, tpSirMacAuthFrameBody auth,tpPESession sessionEntry) {
85 unsigned int valid;
86 valid=1;
87
88 if ( ((auth->authTransactionSeqNumber==SIR_MAC_AUTH_FRAME_1)||
89 (auth->authTransactionSeqNumber==SIR_MAC_AUTH_FRAME_3)) &&
90 ((sessionEntry->limSystemRole == eLIM_STA_ROLE)||(sessionEntry->limSystemRole == eLIM_BT_AMP_STA_ROLE)))
91 valid=0;
92
93 if ( ((auth->authTransactionSeqNumber==SIR_MAC_AUTH_FRAME_2)||(auth->authTransactionSeqNumber==SIR_MAC_AUTH_FRAME_4))&&
94 ((sessionEntry->limSystemRole == eLIM_AP_ROLE)||(sessionEntry->limSystemRole == eLIM_BT_AMP_AP_ROLE)))
95 valid=0;
96
97 if ( ((auth->authTransactionSeqNumber==SIR_MAC_AUTH_FRAME_3)||(auth->authTransactionSeqNumber==SIR_MAC_AUTH_FRAME_4))&&
98 (auth->type!=SIR_MAC_CHALLENGE_TEXT_EID)&&(auth->authAlgoNumber != eSIR_SHARED_KEY))
99 valid=0;
100
101 return valid;
102}
103
104
105/**
106 * limProcessAuthFrame
107 *
108 *FUNCTION:
109 * This function is called by limProcessMessageQueue() upon Authentication
110 * frame reception.
111 *
112 *LOGIC:
113 * This function processes received Authentication frame and responds
114 * with either next Authentication frame in sequence to peer MAC entity
115 * or LIM_MLM_AUTH_IND on AP or LIM_MLM_AUTH_CNF on STA.
116 *
117 *ASSUMPTIONS:
118 *
119 *NOTE:
120 * 1. Authentication failures are reported to SME with same status code
121 * received from the peer MAC entity.
122 * 2. Authentication frame2/4 received with alogirthm number other than
123 * one requested in frame1/3 are logged with an error and auth confirm
124 * will be sent to SME only after auth failure timeout.
125 * 3. Inconsistency in the spec:
126 * On receiving Auth frame2, specs says that if WEP key mapping key
127 * or default key is NULL, Auth frame3 with a status code 15 (challenge
128 * failure to be returned to peer entity. However, section 7.2.3.10,
129 * table 14 says that status code field is 'reserved' for frame3 !
130 * In the current implementation, Auth frame3 is returned with status
131 * code 15 overriding section 7.2.3.10.
132 * 4. If number pre-authentications reach configrable max limit,
133 * Authentication frame with 'unspecified failure' status code is
134 * returned to requesting entity.
135 *
136 * @param pMac - Pointer to Global MAC structure
137 * @param *pRxPacketInfo - A pointer to Rx packet info structure
138 * @return None
139 */
140
141void
142limProcessAuthFrame(tpAniSirGlobal pMac, tANI_U8 *pRxPacketInfo, tpPESession psessionEntry)
143{
144 tANI_U8 *pBody, keyId, cfgPrivacyOptImp,
145 defaultKey[SIR_MAC_KEY_LENGTH],
146 encrAuthFrame[LIM_ENCR_AUTH_BODY_LEN],
147 plainBody[256];
148 tANI_U16 frameLen;
149 //tANI_U32 authRspTimeout, maxNumPreAuth, val;
150 tANI_U32 maxNumPreAuth, val;
151 tSirMacAuthFrameBody *pRxAuthFrameBody, rxAuthFrame, authFrame;
152 tpSirMacMgmtHdr pHdr;
153 tCfgWepKeyEntry *pKeyMapEntry = NULL;
154 struct tLimPreAuthNode *pAuthNode;
155 tLimMlmAuthInd mlmAuthInd;
156 tANI_U8 decryptResult;
157 tANI_U8 *pChallenge;
158 tANI_U32 key_length=8;
159 tANI_U8 challengeTextArray[SIR_MAC_AUTH_CHALLENGE_LENGTH];
160#ifdef WLAN_SOFTAP_FEATURE
161 tpDphHashNode pStaDs = NULL;
162 tANI_U16 assocId = 0;
163#endif
164 /* Added For BT -AMP support */
165 // Get pointer to Authentication frame header and body
166
167
168 pHdr = WDA_GET_RX_MAC_HEADER(pRxPacketInfo);
169 frameLen = WDA_GET_RX_PAYLOAD_LEN(pRxPacketInfo);
170
171
172 if (!frameLen)
173 {
174 // Log error
175 limLog(pMac, LOGE,
176 FL("received Authentication frame with no body from "));
177 limPrintMacAddr(pMac, pHdr->sa, LOGE);
178
179 return;
180 }
181
182 if (limIsGroupAddr(pHdr->sa))
183 {
184 // Received Auth frame from a BC/MC address
185 // Log error and ignore it
186 PELOG1(limLog(pMac, LOG1,
187 FL("received Auth frame from a BC/MC address - "));)
188 PELOG1( limPrintMacAddr(pMac, pHdr->sa, LOG1);)
189
190 return;
191 }
192
193 pBody = WDA_GET_RX_MPDU_DATA(pRxPacketInfo);
194
Jeff Johnsone7245742012-09-05 17:12:55 -0700[diff] [blame^]195 //PELOG3(sirDumpBuf(pMac, SIR_LIM_MODULE_ID, LOG3, (tANI_U8*)pBd, ((tpHalBufDesc) pBd)->mpduDataOffset + frameLen);)
Jeff Johnson295189b2012-06-20 16:38:30 -0700[diff] [blame]196
197
198
199 /// Determine if WEP bit is set in the FC or received MAC header
200 if (pHdr->fc.wep)
201 {
202 /**
203 * WEP bit is set in FC of MAC header.
204 */
205
206#ifdef WLAN_SOFTAP_FEATURE
207 // If TKIP counter measures enabled issue Deauth frame to station
208 if ((psessionEntry->bTkipCntrMeasActive) && (psessionEntry->limSystemRole == eLIM_AP_ROLE))
209 {
210 PELOGE( limLog(pMac, LOGE,
211 FL("Tkip counter measures Enabled, sending Deauth frame to")); )
212 limPrintMacAddr(pMac, pHdr->sa, LOGE);
213
214 limSendDeauthMgmtFrame( pMac, eSIR_MAC_MIC_FAILURE_REASON,
215 pHdr->sa, psessionEntry );
216 return;
217 }
218#endif
219
220 // Extract key ID from IV (most 2 bits of 4th byte of IV)
221
222 keyId = (*(pBody + 3)) >> 6;
223
224 /**
225 * On STA in infrastructure BSS, Authentication frames received
226 * with WEP bit set in the FC must be rejected with challenge
227 * failure status code (wierd thing in the spec - this should have
228 * been rejected with unspecified failure or unexpected assertion
229 * of wep bit (this status code does not exist though) or
230 * Out-of-sequence-Authentication-Frame status code.
231 */
232
233 if (psessionEntry->limSystemRole == eLIM_STA_ROLE || psessionEntry->limSystemRole == eLIM_BT_AMP_STA_ROLE)
234 {
235 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
236 authFrame.authTransactionSeqNumber = SIR_MAC_AUTH_FRAME_4;
237 authFrame.authStatusCode = eSIR_MAC_CHALLENGE_FAILURE_STATUS;
238
239 limSendAuthMgmtFrame(pMac, &authFrame,
240 pHdr->sa,
241 LIM_NO_WEP_IN_FC,psessionEntry);
242 // Log error
243 PELOG1(limLog(pMac, LOG1,
244 FL("received Authentication frame with wep bit set on role=%d from "),
245 psessionEntry->limSystemRole );
246 limPrintMacAddr(pMac, pHdr->sa, LOG1);)
247
248 return;
249 }
250
251 if (frameLen < LIM_ENCR_AUTH_BODY_LEN)
252 {
253 // Log error
254 limLog(pMac, LOGE,
255 FL("Not enough size [%d] to decrypt received Auth frame"),
256 frameLen);
257 limPrintMacAddr(pMac, pHdr->sa, LOGE);
258
259 return;
260 }
261#ifdef WLAN_SOFTAP_FEATURE
262 if(psessionEntry->limSystemRole == eLIM_AP_ROLE)
263 {
264 val = psessionEntry->privacy;
265 }
266 else
267#endif
268 // Accept Authentication frame only if Privacy is implemented
269 if (wlan_cfgGetInt(pMac, WNI_CFG_PRIVACY_ENABLED,
270 &val) != eSIR_SUCCESS)
271 {
272 /**
273 * Could not get Privacy option
274 * from CFG. Log error.
275 */
276 limLog(pMac, LOGP, FL("could not retrieve Privacy option\n"));
277 }
278
279 cfgPrivacyOptImp = (tANI_U8)val;
280 if (cfgPrivacyOptImp)
281 {
282 /**
283 * Privacy option is implemented.
284 * Check if the received frame is Authentication
285 * frame3 and there is a context for requesting STA.
286 * If not, reject with unspecified failure status code
287 */
288 pAuthNode = limSearchPreAuthList(pMac, pHdr->sa);
289
290 if (pAuthNode == NULL)
291 {
292 /**
293 * No 'pre-auth' context exists for this STA that sent
294 * an Authentication frame with FC bit set.
295 * Send Auth frame4 with 'out of sequence' status code.
296 */
297 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
298 authFrame.authTransactionSeqNumber =
299 SIR_MAC_AUTH_FRAME_4;
300 authFrame.authStatusCode =
301 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
302
303 limSendAuthMgmtFrame(pMac, &authFrame,
304 pHdr->sa,
305 LIM_NO_WEP_IN_FC,psessionEntry);
306
307 // Log error
308 PELOG1(limLog(pMac, LOG1,
309 FL("received Authentication frame from peer that has no preauth context with WEP bit set. Addr "));)
310 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
311
312 return;
313 }
314 else
315 {
316 /// Change the auth-response timeout
317 limDeactivateAndChangePerStaIdTimer(pMac,
318 eLIM_AUTH_RSP_TIMER,
319 pAuthNode->authNodeIdx);
320
321 /// 'Pre-auth' status exists for STA
322 if ((pAuthNode->mlmState !=
323 eLIM_MLM_WT_AUTH_FRAME3_STATE) &&
324 (pAuthNode->mlmState !=
325 eLIM_MLM_AUTH_RSP_TIMEOUT_STATE))
326 {
327 /**
328 * Should not have received Authentication frame
329 * with WEP bit set in FC in other states.
330 * Reject by sending Authenticaton frame with
331 * out of sequence Auth frame status code.
332 */
333
334 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
335 authFrame.authTransactionSeqNumber =
336 SIR_MAC_AUTH_FRAME_4;
337 authFrame.authStatusCode =
338 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
339
340 limSendAuthMgmtFrame(pMac, &authFrame,
341 pHdr->sa,
342 LIM_NO_WEP_IN_FC,psessionEntry);
343
344 // Log error
345 PELOG1(limLog(pMac, LOG1,
346 FL("received Authentication frame from peer that is in state %d. Addr "),
347 pAuthNode->mlmState);)
348 PELOG1( limPrintMacAddr(pMac, pHdr->sa, LOG1);)
349
350 return;
351 }
352 }
353
354 /**
355 * Check if there exists a key mappping key
356 * for the STA that sent Authentication frame
357 */
358 pKeyMapEntry = limLookUpKeyMappings(pHdr->sa);
359
360 if (pKeyMapEntry)
361 {
362 if (!pKeyMapEntry->wepOn)
363 {
364 /**
365 * Key Mapping entry has null key.
366 * Send Authentication frame
367 * with challenge failure status code
368 */
369 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
370 authFrame.authTransactionSeqNumber =
371 SIR_MAC_AUTH_FRAME_4;
372 authFrame.authStatusCode =
373 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
374
375 limSendAuthMgmtFrame(pMac, &authFrame,
376 pHdr->sa,
377 LIM_NO_WEP_IN_FC,psessionEntry);
378
379 // Log error
380 PELOG1(limLog(pMac, LOG1,
381 FL("received Auth frame3 from peer that has NULL key map entry, Addr "));)
382 PELOG1( limPrintMacAddr(pMac, pHdr->sa, LOG1);)
383
384 return;
385 } // if (!pKeyMapEntry->wepOn)
386 else
387 {
388 decryptResult = limDecryptAuthFrame(pMac, pKeyMapEntry->key,
389 pBody,
390 plainBody,
391 key_length,
392 (tANI_U16) (frameLen-SIR_MAC_WEP_IV_LENGTH));
393 if (decryptResult == LIM_DECRYPT_ICV_FAIL)
394 {
395 /// ICV failure
396 PELOGW(limLog(pMac, LOGW, FL("=====> decryptResult == LIM_DECRYPT_ICV_FAIL ...\n"));)
397 limDeletePreAuthNode(pMac,
398 pHdr->sa);
399 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
400 authFrame.authTransactionSeqNumber =
401 SIR_MAC_AUTH_FRAME_4;
402 authFrame.authStatusCode =
403 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
404
405 limSendAuthMgmtFrame(
406 pMac, &authFrame,
407 pHdr->sa,
408 LIM_NO_WEP_IN_FC,psessionEntry);
409
410 // Log error
411 PELOG1(limLog(pMac, LOG1,
412 FL("received Authentication frame from peer that failed decryption, Addr "));)
413 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
414
415 return;
416 }
417
418 if ((sirConvertAuthFrame2Struct(pMac, plainBody, frameLen-8, &rxAuthFrame)!=eSIR_SUCCESS)||(!isAuthValid(pMac, &rxAuthFrame,psessionEntry)))
419 return;
420
421
422 } // end if (pKeyMapEntry->key == NULL)
423 } // if keyMappings has entry
424 else
425 {
426
427 val = SIR_MAC_KEY_LENGTH;
428
429#ifdef WLAN_SOFTAP_FEATURE
430 if(psessionEntry->limSystemRole == eLIM_AP_ROLE)
431 {
432 tpSirKeys pKey;
433 pKey = &psessionEntry->WEPKeyMaterial[keyId].key[0];
434 palCopyMemory( pMac->hHdd, defaultKey, pKey->key, pKey->keyLength);
435 val = pKey->keyLength;
436 }
437 else
438#endif
439 if (wlan_cfgGetStr(pMac, (tANI_U16) (WNI_CFG_WEP_DEFAULT_KEY_1 + keyId),
440 defaultKey, &val) != eSIR_SUCCESS)
441 {
442 /// Could not get Default key from CFG.
443 //Log error.
444 limLog(pMac, LOGP,
445 FL("could not retrieve Default key\n"));
446
447 /**
448 * Send Authentication frame
449 * with challenge failure status code
450 */
451
452 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
453 authFrame.authTransactionSeqNumber =
454 SIR_MAC_AUTH_FRAME_4;
455 authFrame.authStatusCode =
456 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
457
458 limSendAuthMgmtFrame(pMac, &authFrame,
459 pHdr->sa,
460 LIM_NO_WEP_IN_FC,psessionEntry);
461
462 return;
463 }
464
465 key_length=val;
466
467 decryptResult = limDecryptAuthFrame(pMac, defaultKey,
468 pBody,
469 plainBody,
470 key_length,
471 (tANI_U16) (frameLen-SIR_MAC_WEP_IV_LENGTH));
472 if (decryptResult == LIM_DECRYPT_ICV_FAIL)
473 {
474 PELOGW(limLog(pMac, LOGW, FL("=====> decryptResult == LIM_DECRYPT_ICV_FAIL ...\n"));)
475 /// ICV failure
476 limDeletePreAuthNode(pMac,
477 pHdr->sa);
478 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
479 authFrame.authTransactionSeqNumber =
480 SIR_MAC_AUTH_FRAME_4;
481 authFrame.authStatusCode =
482 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
483
484 limSendAuthMgmtFrame(
485 pMac, &authFrame,
486 pHdr->sa,
487 LIM_NO_WEP_IN_FC,psessionEntry);
488
489 // Log error
490 PELOG1(limLog(pMac, LOG1,
491 FL("received Authentication frame from peer that failed decryption, Addr "));)
492 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
493
494 return;
495 }
496 if ((sirConvertAuthFrame2Struct(pMac, plainBody, frameLen-8, &rxAuthFrame)!=eSIR_SUCCESS)||(!isAuthValid(pMac, &rxAuthFrame,psessionEntry)))
497 return;
498
499 } // End of check for Key Mapping/Default key presence
500 }
501 else
502 {
503 /**
504 * Privacy option is not implemented.
505 * So reject Authentication frame received with
506 * WEP bit set by sending Authentication frame
507 * with 'challenge failure' status code. This is
508 * another strange thing in the spec. Status code
509 * should have been 'unsupported algorithm' status code.
510 */
511
512 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
513 authFrame.authTransactionSeqNumber =
514 SIR_MAC_AUTH_FRAME_4;
515 authFrame.authStatusCode =
516 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
517
518 limSendAuthMgmtFrame(pMac, &authFrame,
519 pHdr->sa,
520 LIM_NO_WEP_IN_FC,psessionEntry);
521
522 // Log error
523 PELOG1(limLog(pMac, LOG1,
524 FL("received Authentication frame3 from peer that while privacy option is turned OFF, Addr "));)
525 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
526
527 return;
528 } // else if (wlan_cfgGetInt(CFG_PRIVACY_OPTION_IMPLEMENTED))
529 } // if (fc.wep)
530 else
531 {
532
533
534 if ((sirConvertAuthFrame2Struct(pMac, pBody, frameLen, &rxAuthFrame)!=eSIR_SUCCESS)||(!isAuthValid(pMac, &rxAuthFrame,psessionEntry)))
535 return;
536 }
537
538
539 pRxAuthFrameBody = &rxAuthFrame;
540
541 PELOG2(limLog(pMac, LOG2,
542 FL("Received Auth frame with type=%d seqnum=%d, status=%d (%d)\n"),
543 (tANI_U32) pRxAuthFrameBody->authAlgoNumber,
544 (tANI_U32) pRxAuthFrameBody->authTransactionSeqNumber,
545 (tANI_U32) pRxAuthFrameBody->authStatusCode,(tANI_U32)pMac->lim.gLimNumPreAuthContexts);)
546
547 switch (pRxAuthFrameBody->authTransactionSeqNumber)
548 {
549 case SIR_MAC_AUTH_FRAME_1:
550 // AuthFrame 1
551
552 /// Check if there exists pre-auth context for this STA
553 pAuthNode = limSearchPreAuthList(pMac, pHdr->sa);
554 if (pAuthNode)
555 {
556 /// Pre-auth context exists for the STA
557 if (pHdr->fc.retry == 0)
558 {
559 /**
560 * STA is initiating brand-new Authentication
561 * sequence after local Auth Response timeout.
562 * Or STA retrying to transmit First Auth frame due to packet drop OTA
563 * Delete Pre-auth node and fall through.
564 */
565 if(pAuthNode->fTimerStarted)
566 {
567 limDeactivateAndChangePerStaIdTimer(pMac,
568 eLIM_AUTH_RSP_TIMER,
569 pAuthNode->authNodeIdx);
570 }
571 PELOGE(limLog(pMac, LOGE, FL("STA is initiating brand-new Authentication ...\n"));)
572 limDeletePreAuthNode(pMac,
573 pHdr->sa);
574#ifdef WLAN_SOFTAP_FEATURE
575 /**
576 * SAP Mode:Disassociate the station and
577 * delete its entry if we have its entry
578 * already and received "auth" from the
579 * same station.
580 */
581
582 for (assocId = 0; assocId < psessionEntry->dph.dphHashTable.size; assocId++)// Softap dphHashTable.size = 8
583 {
584 pStaDs = dphGetHashEntry(pMac, assocId, &psessionEntry->dph.dphHashTable);
585
586 if (NULL == pStaDs)
587 continue;
588
589 if (pStaDs->valid)
590 {
591 if (palEqualMemory( pMac->hHdd,(tANI_U8 *) &pStaDs->staAddr,
592 (tANI_U8 *) &(pHdr->sa), (tANI_U8) (sizeof(tSirMacAddr))) )
593 break;
594 }
595 }
596
597 if (NULL != pStaDs)
598 {
599 PELOGE(limLog(pMac, LOGE, FL("lim Delete Station Context (staId: %d, assocId: %d) \n"),pStaDs->staIndex, assocId);)
600 limSendDeauthMgmtFrame(pMac,
601 eSIR_MAC_UNSPEC_FAILURE_REASON, (tANI_U8 *) pAuthNode->peerMacAddr,psessionEntry);
602 limTriggerSTAdeletion(pMac, pStaDs, psessionEntry);
603 return;
604 }
605#endif
606 }
607 else
608 {
609 /*
610 * This can happen when first authentication frame is received
611 * but ACK lost at STA side, in this case 2nd auth frame is already
612 * in transmission queue
613 * */
614 PELOGE(limLog(pMac, LOGE, FL("STA is initiating Authentication after ACK lost...\n"));)
615 return;
616 }
617 }
618 if (wlan_cfgGetInt(pMac, WNI_CFG_MAX_NUM_PRE_AUTH,
619 (tANI_U32 *) &maxNumPreAuth) != eSIR_SUCCESS)
620 {
621 /**
622 * Could not get MaxNumPreAuth
623 * from CFG. Log error.
624 */
625 limLog(pMac, LOGP,
626 FL("could not retrieve MaxNumPreAuth\n"));
627 }
628#ifdef ANI_AP_SDK_OPT
629 if(maxNumPreAuth > SIR_SDK_OPT_MAX_NUM_PRE_AUTH)
630 maxNumPreAuth = SIR_SDK_OPT_MAX_NUM_PRE_AUTH;
631#endif // ANI_AP_SDK_OPT
632 if (pMac->lim.gLimNumPreAuthContexts == maxNumPreAuth)
633 {
634 /**
635 * Maximum number of pre-auth contexts
636 * reached. Send Authentication frame
637 * with unspecified failure
638 */
639 authFrame.authAlgoNumber =
640 pRxAuthFrameBody->authAlgoNumber;
641 authFrame.authTransactionSeqNumber =
642 pRxAuthFrameBody->authTransactionSeqNumber + 1;
643 authFrame.authStatusCode =
644 eSIR_MAC_UNSPEC_FAILURE_STATUS;
645
646 limSendAuthMgmtFrame(pMac, &authFrame,
647 pHdr->sa,
648 LIM_NO_WEP_IN_FC,psessionEntry);
649
650 return;
651 }
652 /// No Pre-auth context exists for the STA.
653#ifdef WLAN_SOFTAP_FEATURE
654 if (limIsAuthAlgoSupported(
655 pMac,
656 (tAniAuthType)
657 pRxAuthFrameBody->authAlgoNumber, psessionEntry))
658#else
659 if (limIsAuthAlgoSupported(
660 pMac,
661 (tAniAuthType)
662 pRxAuthFrameBody->authAlgoNumber))
663
664#endif
665 {
666 switch (pRxAuthFrameBody->authAlgoNumber)
667 {
668 case eSIR_OPEN_SYSTEM:
669 PELOG1(limLog(pMac, LOG1, FL("=======> eSIR_OPEN_SYSTEM ...\n"));)
670 /// Create entry for this STA in pre-auth list
671 pAuthNode = limAcquireFreePreAuthNode(pMac, &pMac->lim.gLimPreAuthTimerTable);
672 if (pAuthNode == NULL)
673 {
674 // Log error
675 limLog(pMac, LOGW,
676 FL("Max pre-auth nodes reached "));
677 limPrintMacAddr(pMac, pHdr->sa, LOGW);
678
679 return;
680 }
681
682 PELOG1(limLog(pMac, LOG1, FL("Alloc new data: %x peer \n"), pAuthNode);
683 limPrintMacAddr(pMac, pHdr->sa, LOG1);)
684
685 palCopyMemory( pMac->hHdd,
686 (tANI_U8 *) pAuthNode->peerMacAddr,
687 pHdr->sa,
688 sizeof(tSirMacAddr));
689
690 pAuthNode->mlmState =
691 eLIM_MLM_AUTHENTICATED_STATE;
692 pAuthNode->authType = (tAniAuthType)
693 pRxAuthFrameBody->authAlgoNumber;
694 pAuthNode->fSeen = 0;
695 pAuthNode->fTimerStarted = 0;
696 limAddPreAuthNode(pMac, pAuthNode);
697
698 /**
699 * Send Authenticaton frame with Success
700 * status code.
701 */
702
703 authFrame.authAlgoNumber =
704 pRxAuthFrameBody->authAlgoNumber;
705 authFrame.authTransactionSeqNumber =
706 pRxAuthFrameBody->authTransactionSeqNumber + 1;
707 authFrame.authStatusCode = eSIR_MAC_SUCCESS_STATUS;
708 limSendAuthMgmtFrame(
709 pMac, &authFrame,
710 pHdr->sa,
711 LIM_NO_WEP_IN_FC,psessionEntry);
712
713 /// Send Auth indication to SME
714
715 palCopyMemory( pMac->hHdd,
716 (tANI_U8 *) mlmAuthInd.peerMacAddr,
717 (tANI_U8 *) pHdr->sa,
718 sizeof(tSirMacAddr));
719 mlmAuthInd.authType = (tAniAuthType)
720 pRxAuthFrameBody->authAlgoNumber;
721 mlmAuthInd.sessionId = psessionEntry->smeSessionId;
722
723 limPostSmeMessage(pMac,
724 LIM_MLM_AUTH_IND,
725 (tANI_U32 *) &mlmAuthInd);
726 break;
727
728 case eSIR_SHARED_KEY:
729 PELOG1(limLog(pMac, LOG1, FL("=======> eSIR_SHARED_KEY ...\n"));)
730#ifdef WLAN_SOFTAP_FEATURE
731 if(psessionEntry->limSystemRole == eLIM_AP_ROLE)
732 {
733 val = psessionEntry->privacy;
734 }
735 else
736#endif
737 if (wlan_cfgGetInt(pMac, WNI_CFG_PRIVACY_ENABLED,
738 &val) != eSIR_SUCCESS)
739 {
740 /**
741 * Could not get Privacy option
742 * from CFG. Log error.
743 */
744 limLog(pMac, LOGP,
745 FL("could not retrieve Privacy option\n"));
746 }
747 cfgPrivacyOptImp = (tANI_U8)val;
748 if (!cfgPrivacyOptImp)
749 {
750 /**
751 * Authenticator does not have WEP
752 * implemented.
753 * Reject by sending Authentication frame
754 * with Auth algorithm not supported status
755 * code.
756 */
757
758 authFrame.authAlgoNumber =
759 pRxAuthFrameBody->authAlgoNumber;
760 authFrame.authTransactionSeqNumber =
761 pRxAuthFrameBody->authTransactionSeqNumber + 1;
762 authFrame.authStatusCode =
763 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
764
765 limSendAuthMgmtFrame(
766 pMac, &authFrame,
767 pHdr->sa,
768 LIM_NO_WEP_IN_FC,psessionEntry);
769
770 // Log error
771 PELOG1(limLog(pMac, LOG1,
772 FL("received Auth frame for unsupported auth algorithm %d from "),
773 pRxAuthFrameBody->authAlgoNumber);)
774 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
775
776 return;
777 }
778 else
779 {
780 // Create entry for this STA
781 //in pre-auth list
782 pAuthNode = limAcquireFreePreAuthNode(pMac, &pMac->lim.gLimPreAuthTimerTable);
783 if (pAuthNode == NULL)
784 {
785 // Log error
786 limLog(pMac, LOGW,
787 FL("Max pre-auth nodes reached "));
788 limPrintMacAddr(pMac, pHdr->sa, LOGW);
789
790 return;
791 }
792
793 palCopyMemory( pMac->hHdd,
794 (tANI_U8 *) pAuthNode->peerMacAddr,
795 pHdr->sa,
796 sizeof(tSirMacAddr));
797
798 pAuthNode->mlmState =
799 eLIM_MLM_WT_AUTH_FRAME3_STATE;
800 pAuthNode->authType =
801 (tAniAuthType)
802 pRxAuthFrameBody->authAlgoNumber;
803 pAuthNode->fSeen = 0;
804 pAuthNode->fTimerStarted = 0;
805 limAddPreAuthNode(pMac, pAuthNode);
806
807 PELOG1(limLog(pMac, LOG1, FL("Alloc new data: %x id %d peer \n"),
808 pAuthNode, pAuthNode->authNodeIdx);)
809 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
810
811 /// Create and activate Auth Response timer
812 if (tx_timer_change_context(&pAuthNode->timer, pAuthNode->authNodeIdx) != TX_SUCCESS)
813 {
814 /// Could not start Auth response timer.
815 // Log error
816 limLog(pMac, LOGP,
817 FL("Unable to chg context auth response timer for peer "));
818 limPrintMacAddr(pMac, pHdr->sa, LOGP);
819
820 /**
821 * Send Authenticaton frame with
822 * unspecified failure status code.
823 */
824
825 authFrame.authAlgoNumber =
826 pRxAuthFrameBody->authAlgoNumber;
827 authFrame.authTransactionSeqNumber =
828 pRxAuthFrameBody->authTransactionSeqNumber + 1;
829 authFrame.authStatusCode =
830 eSIR_MAC_UNSPEC_FAILURE_STATUS;
831
832 limSendAuthMgmtFrame(pMac, &authFrame,
833 pHdr->sa,
834 LIM_NO_WEP_IN_FC,psessionEntry);
835
836 limDeletePreAuthNode(pMac, pHdr->sa);
837 return;
838 }
839
840 limActivateAuthRspTimer(pMac, pAuthNode);
841
842 pAuthNode->fTimerStarted = 1;
843
844 // get random bytes and use as
845 // challenge text
846 // TODO
847 //if( !VOS_IS_STATUS_SUCCESS( vos_rand_get_bytes( 0, (tANI_U8 *)challengeTextArray, SIR_MAC_AUTH_CHALLENGE_LENGTH ) ) )
848 {
849 limLog(pMac, LOGE,FL("Challenge text preparation failed in limProcessAuthFrame"));
850 }
851
852 pChallenge = pAuthNode->challengeText;
853
854 palCopyMemory( pMac->hHdd,
855 pChallenge,
856 (tANI_U8 *) challengeTextArray,
857 sizeof(challengeTextArray));
858
859 /**
860 * Sending Authenticaton frame with challenge.
861 */
862
863 authFrame.authAlgoNumber =
864 pRxAuthFrameBody->authAlgoNumber;
865 authFrame.authTransactionSeqNumber =
866 pRxAuthFrameBody->authTransactionSeqNumber + 1;
867 authFrame.authStatusCode =
868 eSIR_MAC_SUCCESS_STATUS;
869 authFrame.type = SIR_MAC_CHALLENGE_TEXT_EID;
870 authFrame.length = SIR_MAC_AUTH_CHALLENGE_LENGTH;
871 palCopyMemory( pMac->hHdd,
872 authFrame.challengeText,
873 pAuthNode->challengeText,
874 SIR_MAC_AUTH_CHALLENGE_LENGTH);
875
876 limSendAuthMgmtFrame(
877 pMac, &authFrame,
878 pHdr->sa,
879 LIM_NO_WEP_IN_FC,psessionEntry);
880 } // if (wlan_cfgGetInt(CFG_PRIVACY_OPTION_IMPLEMENTED))
881
882 break;
883
884 default:
885 /**
886 * Responding party does not support the
887 * authentication algorithm requested by
888 * sending party.
889 * Reject by sending Authentication frame
890 * with auth algorithm not supported status code
891 */
892
893 authFrame.authAlgoNumber =
894 pRxAuthFrameBody->authAlgoNumber;
895 authFrame.authTransactionSeqNumber =
896 pRxAuthFrameBody->authTransactionSeqNumber + 1;
897 authFrame.authStatusCode =
898 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
899
900 limSendAuthMgmtFrame(
901 pMac, &authFrame,
902 pHdr->sa,
903 LIM_NO_WEP_IN_FC,psessionEntry);
904
905 // Log error
906 PELOG1( limLog(pMac, LOG1,
907 FL("received Auth frame for unsupported auth algorithm %d from "),
908 pRxAuthFrameBody->authAlgoNumber);)
909 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
910
911 return;
912 } // end switch(pRxAuthFrameBody->authAlgoNumber)
913 } // if (limIsAuthAlgoSupported(pRxAuthFrameBody->authAlgoNumber))
914 else
915 {
916 /**
917 * Responding party does not support the
918 * authentication algorithm requested by sending party.
919 * Reject Authentication with StatusCode=13.
920 */
921 authFrame.authAlgoNumber =
922 pRxAuthFrameBody->authAlgoNumber;
923 authFrame.authTransactionSeqNumber =
924 pRxAuthFrameBody->authTransactionSeqNumber + 1;
925 authFrame.authStatusCode =
926 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
927
928 limSendAuthMgmtFrame(pMac, &authFrame,
929 pHdr->sa,
930 LIM_NO_WEP_IN_FC,psessionEntry);
931
932 // Log error
933 PELOG1(limLog(pMac, LOG1,
934 FL("received Authentication frame for unsupported auth algorithm %d from "),
935 pRxAuthFrameBody->authAlgoNumber);)
936 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
937 return;
938 } //end if (limIsAuthAlgoSupported(pRxAuthFrameBody->authAlgoNumber))
939 break;
940
941 case SIR_MAC_AUTH_FRAME_2:
942 // AuthFrame 2
943
944 if (psessionEntry->limMlmState != eLIM_MLM_WT_AUTH_FRAME2_STATE)
945 {
946 /**
947 * Received Authentication frame2 in an unexpected state.
948 * Log error and ignore the frame.
949 */
950
951 // Log error
952 PELOG1(limLog(pMac, LOG1,
953 FL("received Auth frame2 from peer in state %d, addr "),
954 psessionEntry->limMlmState);)
955 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
956
957 return;
958 }
959
960 if ( !palEqualMemory( pMac->hHdd,(tANI_U8 *) pHdr->sa,
961 (tANI_U8 *) &pMac->lim.gpLimMlmAuthReq->peerMacAddr,
962 sizeof(tSirMacAddr)) )
963 {
964 /**
965 * Received Authentication frame from an entity
966 * other than one request was initiated.
967 * Wait until Authentication Failure Timeout.
968 */
969
970 // Log error
971 PELOG1(limLog(pMac, LOG1,
972 FL("received Auth frame2 from unexpected peer "));)
973 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
974
975 break;
976 }
977
978 if (pRxAuthFrameBody->authStatusCode ==
979 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS)
980 {
981 /**
982 * Interoperability workaround: Linksys WAP4400N is returning
983 * wrong authType in OpenAuth response in case of
984 * SharedKey AP configuration. Pretend we don't see that,
985 * so upper layer can fallback to SharedKey authType,
986 * and successfully connect to the AP.
987 */
988 if (pRxAuthFrameBody->authAlgoNumber !=
989 pMac->lim.gpLimMlmAuthReq->authType)
990 {
991 pRxAuthFrameBody->authAlgoNumber =
992 pMac->lim.gpLimMlmAuthReq->authType;
993 }
994 }
995
996 if (pRxAuthFrameBody->authAlgoNumber !=
997 pMac->lim.gpLimMlmAuthReq->authType)
998 {
999 /**
1000 * Received Authentication frame with an auth
1001 * algorithm other than one requested.
1002 * Wait until Authentication Failure Timeout.
1003 */
1004
1005 // Log error
1006 PELOG1(limLog(pMac, LOG1,
1007 FL("received Auth frame2 for unexpected auth algo number %d from "),
1008 pRxAuthFrameBody->authAlgoNumber);)
1009 PELOG1( limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1010
1011 break;
1012 }
1013
1014 if (pRxAuthFrameBody->authStatusCode ==
1015 eSIR_MAC_SUCCESS_STATUS)
1016 {
1017 if (pRxAuthFrameBody->authAlgoNumber ==
1018 eSIR_OPEN_SYSTEM)
1019 {
1020 psessionEntry->limCurrentAuthType = eSIR_OPEN_SYSTEM;
1021
1022 pAuthNode = limAcquireFreePreAuthNode(pMac, &pMac->lim.gLimPreAuthTimerTable);
1023
1024 if (pAuthNode == NULL)
1025 {
1026 // Log error
1027 limLog(pMac, LOGW,
1028 FL("Max pre-auth nodes reached "));
1029 limPrintMacAddr(pMac, pHdr->sa, LOGW);
1030
1031 return;
1032 }
1033
1034 PELOG1(limLog(pMac, LOG1, FL("Alloc new data: %x peer \n"), pAuthNode);)
1035 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1036
1037 palCopyMemory( pMac->hHdd,
1038 (tANI_U8 *) pAuthNode->peerMacAddr,
1039 pMac->lim.gpLimMlmAuthReq->peerMacAddr,
1040 sizeof(tSirMacAddr));
1041 pAuthNode->fTimerStarted = 0;
1042 pAuthNode->authType = pMac->lim.gpLimMlmAuthReq->authType;
1043 limAddPreAuthNode(pMac, pAuthNode);
1044
1045 limRestoreFromAuthState(pMac, eSIR_SME_SUCCESS,
1046 pRxAuthFrameBody->authStatusCode,psessionEntry);
1047 } // if (pRxAuthFrameBody->authAlgoNumber == eSIR_OPEN_SYSTEM)
1048 else
1049 {
1050 // Shared key authentication
1051
1052#ifdef WLAN_SOFTAP_FEATURE
1053 if(psessionEntry->limSystemRole == eLIM_AP_ROLE)
1054 {
1055 val = psessionEntry->privacy;
1056 }
1057 else
1058#endif
1059 if (wlan_cfgGetInt(pMac, WNI_CFG_PRIVACY_ENABLED,
1060 &val) != eSIR_SUCCESS)
1061 {
1062 /**
1063 * Could not get Privacy option
1064 * from CFG. Log error.
1065 */
1066 limLog(pMac, LOGP,
1067 FL("could not retrieve Privacy option\n"));
1068 }
1069 cfgPrivacyOptImp = (tANI_U8)val;
1070 if (!cfgPrivacyOptImp)
1071 {
1072 /**
1073 * Requesting STA does not have WEP implemented.
1074 * Reject with unsupported authentication algorithm
1075 * Status code and wait until auth failure timeout
1076 */
1077
1078 // Log error
1079 PELOG1( limLog(pMac, LOG1,
1080 FL("received Auth frame from peer for unsupported auth algo %d, Addr "),
1081 pRxAuthFrameBody->authAlgoNumber);)
1082 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1083
1084 authFrame.authAlgoNumber =
1085 pRxAuthFrameBody->authAlgoNumber;
1086 authFrame.authTransactionSeqNumber =
1087 pRxAuthFrameBody->authTransactionSeqNumber + 1;
1088 authFrame.authStatusCode =
1089 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
1090
1091 limSendAuthMgmtFrame(pMac, &authFrame,
1092 pHdr->sa,
1093 LIM_NO_WEP_IN_FC,psessionEntry);
1094 return;
1095 }
1096 else
1097 {
1098
1099 if (pRxAuthFrameBody->type !=
1100 SIR_MAC_CHALLENGE_TEXT_EID)
1101 {
1102 // Log error
1103 PELOG1(limLog(pMac, LOG1,
1104 FL("received Auth frame with invalid challenge text IE\n"));)
1105
1106 return;
1107 }
1108
1109 /**
1110 * Check if there exists a key mappping key
1111 * for the STA that sent Authentication frame
1112 */
1113 pKeyMapEntry = limLookUpKeyMappings(
1114 pHdr->sa);
1115
1116 if (pKeyMapEntry)
1117 {
1118 if (pKeyMapEntry->key == NULL)
1119 {
1120 /**
1121 * Key Mapping entry has null key.
1122 * Send Auth frame with
1123 * challenge failure status code
1124 */
1125 authFrame.authAlgoNumber =
1126 pRxAuthFrameBody->authAlgoNumber;
1127 authFrame.authTransactionSeqNumber =
1128 pRxAuthFrameBody->authTransactionSeqNumber + 1;
1129 authFrame.authStatusCode =
1130 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
1131
1132 limSendAuthMgmtFrame(pMac, &authFrame,
1133 pHdr->sa,
1134 LIM_NO_WEP_IN_FC,psessionEntry);
1135
1136 // Log error
1137 PELOG1(limLog(pMac, LOG1,
1138 FL("received Auth frame from peer when key mapping key is NULL, addr "));)
1139 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1140
1141 limRestoreFromAuthState(pMac, eSIR_SME_NO_KEY_MAPPING_KEY_FOR_PEER,
1142 eSIR_MAC_UNSPEC_FAILURE_REASON,psessionEntry);
1143
1144 return;
1145 } // if (pKeyMapEntry->key == NULL)
1146 else
1147 {
1148 ((tpSirMacAuthFrameBody) plainBody)->authAlgoNumber =
1149 sirSwapU16ifNeeded(pRxAuthFrameBody->authAlgoNumber);
1150 ((tpSirMacAuthFrameBody) plainBody)->authTransactionSeqNumber =
1151 sirSwapU16ifNeeded((tANI_U16) (pRxAuthFrameBody->authTransactionSeqNumber + 1));
1152 ((tpSirMacAuthFrameBody) plainBody)->authStatusCode = eSIR_MAC_SUCCESS_STATUS;
1153 ((tpSirMacAuthFrameBody) plainBody)->type = SIR_MAC_CHALLENGE_TEXT_EID;
1154 ((tpSirMacAuthFrameBody) plainBody)->length = SIR_MAC_AUTH_CHALLENGE_LENGTH;
1155 palCopyMemory( pMac->hHdd, (tANI_U8 *) ((tpSirMacAuthFrameBody) plainBody)->challengeText,
1156 pRxAuthFrameBody->challengeText,
1157 SIR_MAC_AUTH_CHALLENGE_LENGTH);
1158
1159 limEncryptAuthFrame(pMac, 0,
1160 pKeyMapEntry->key,
1161 plainBody,
1162 encrAuthFrame,key_length);
1163
1164 psessionEntry->limMlmState = eLIM_MLM_WT_AUTH_FRAME4_STATE;
Jeff Johnsone7245742012-09-05 17:12:55 -0700[diff] [blame^]1165 MTRACE(macTrace(pMac, TRACE_CODE_MLM_STATE, psessionEntry->peSessionId, psessionEntry->limMlmState));
Jeff Johnson295189b2012-06-20 16:38:30 -0700[diff] [blame]1166
1167 limSendAuthMgmtFrame(pMac,
1168 (tpSirMacAuthFrameBody) encrAuthFrame,
1169 pHdr->sa,
1170 LIM_WEP_IN_FC,psessionEntry);
1171
1172 break;
1173 } // end if (pKeyMapEntry->key == NULL)
1174 } // if (pKeyMapEntry)
1175 else
1176 {
1177 if (wlan_cfgGetInt(pMac, WNI_CFG_WEP_DEFAULT_KEYID,
1178 &val) != eSIR_SUCCESS)
1179 {
1180 /**
1181 * Could not get Default keyId
1182 * from CFG. Log error.
1183 */
1184 limLog(pMac, LOGP,
1185 FL("could not retrieve Default keyId\n"));
1186 }
1187 keyId = (tANI_U8)val;
1188
1189 val = SIR_MAC_KEY_LENGTH;
1190
1191#ifdef WLAN_SOFTAP_FEATURE
1192 if(psessionEntry->limSystemRole == eLIM_AP_ROLE)
1193 {
1194 tpSirKeys pKey;
1195 pKey = &psessionEntry->WEPKeyMaterial[keyId].key[0];
1196 palCopyMemory( pMac->hHdd, defaultKey, pKey->key, pKey->keyLength);
1197 }
1198 else
1199#endif
1200 if (wlan_cfgGetStr(pMac, (tANI_U16) (WNI_CFG_WEP_DEFAULT_KEY_1 + keyId),
1201 defaultKey,
1202 &val)
1203 != eSIR_SUCCESS)
1204 {
1205 /// Could not get Default key from CFG.
1206 //Log error.
1207 limLog(pMac, LOGP,
1208 FL("could not retrieve Default key\n"));
1209
1210 authFrame.authAlgoNumber =
1211 pRxAuthFrameBody->authAlgoNumber;
1212 authFrame.authTransactionSeqNumber =
1213 pRxAuthFrameBody->authTransactionSeqNumber + 1;
1214 authFrame.authStatusCode =
1215 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
1216
1217 limSendAuthMgmtFrame(
1218 pMac, &authFrame,
1219 pHdr->sa,
1220 LIM_NO_WEP_IN_FC,psessionEntry);
1221
1222 limRestoreFromAuthState(pMac, eSIR_SME_INVALID_WEP_DEFAULT_KEY,
1223 eSIR_MAC_UNSPEC_FAILURE_REASON,psessionEntry);
1224
1225 break;
1226 }
1227 key_length=val;
1228 ((tpSirMacAuthFrameBody) plainBody)->authAlgoNumber =
1229 sirSwapU16ifNeeded(pRxAuthFrameBody->authAlgoNumber);
1230 ((tpSirMacAuthFrameBody) plainBody)->authTransactionSeqNumber =
1231 sirSwapU16ifNeeded((tANI_U16) (pRxAuthFrameBody->authTransactionSeqNumber + 1));
1232 ((tpSirMacAuthFrameBody) plainBody)->authStatusCode = eSIR_MAC_SUCCESS_STATUS;
1233 ((tpSirMacAuthFrameBody) plainBody)->type = SIR_MAC_CHALLENGE_TEXT_EID;
1234 ((tpSirMacAuthFrameBody) plainBody)->length = SIR_MAC_AUTH_CHALLENGE_LENGTH;
1235 palCopyMemory( pMac->hHdd, (tANI_U8 *) ((tpSirMacAuthFrameBody) plainBody)->challengeText,
1236 pRxAuthFrameBody->challengeText,
1237 SIR_MAC_AUTH_CHALLENGE_LENGTH);
1238
1239 limEncryptAuthFrame(pMac, keyId,
1240 defaultKey,
1241 plainBody,
1242 encrAuthFrame,key_length);
1243
1244 psessionEntry->limMlmState =
1245 eLIM_MLM_WT_AUTH_FRAME4_STATE;
Jeff Johnsone7245742012-09-05 17:12:55 -0700[diff] [blame^]1246 MTRACE(macTrace(pMac, TRACE_CODE_MLM_STATE, psessionEntry->peSessionId, psessionEntry->limMlmState));
Jeff Johnson295189b2012-06-20 16:38:30 -0700[diff] [blame]1247
1248 limSendAuthMgmtFrame(pMac,
1249 (tpSirMacAuthFrameBody) encrAuthFrame,
1250 pHdr->sa,
1251 LIM_WEP_IN_FC,psessionEntry);
1252
1253 break;
1254 } // end if (pKeyMapEntry)
1255 } // end if (!wlan_cfgGetInt(CFG_PRIVACY_OPTION_IMPLEMENTED))
1256 } // end if (pRxAuthFrameBody->authAlgoNumber == eSIR_OPEN_SYSTEM)
1257 } // if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS)
1258 else
1259 {
1260 /**
1261 * Authentication failure.
1262 * Return Auth confirm with received failure code to SME
1263 */
1264
1265 // Log error
1266 PELOG1(limLog(pMac, LOG1,
1267 FL("received Auth frame from peer with failure code %d addr "),
1268 pRxAuthFrameBody->authStatusCode);)
1269 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1270
1271 limRestoreFromAuthState(pMac, eSIR_SME_AUTH_REFUSED,
1272 pRxAuthFrameBody->authStatusCode,psessionEntry);
1273 } // end if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS)
1274
1275 break;
1276
1277 case SIR_MAC_AUTH_FRAME_3:
1278 // AuthFrame 3
1279
1280 if (pRxAuthFrameBody->authAlgoNumber != eSIR_SHARED_KEY)
1281 {
1282 /**
1283 * Received Authentication frame3 with algorithm other than
1284 * Shared Key authentication type. Reject with Auth frame4
1285 * with 'out of sequence' status code.
1286 */
1287 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1288 authFrame.authTransactionSeqNumber =
1289 SIR_MAC_AUTH_FRAME_4;
1290 authFrame.authStatusCode =
1291 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
1292
1293 limSendAuthMgmtFrame(pMac, &authFrame,
1294 pHdr->sa,
1295 LIM_NO_WEP_IN_FC,psessionEntry);
1296
1297 // Log error
1298 PELOG1(limLog(pMac, LOG1,
1299 FL("received Auth frame3 from peer with auth algo number %d Addr "),
1300 pRxAuthFrameBody->authAlgoNumber);)
1301 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1302
1303 return;
1304 }
1305
1306 if (psessionEntry->limSystemRole == eLIM_AP_ROLE || psessionEntry->limSystemRole == eLIM_BT_AMP_AP_ROLE ||
1307 psessionEntry->limSystemRole == eLIM_STA_IN_IBSS_ROLE)
1308 {
1309 /**
1310 * Check if wep bit was set in FC. If not set,
1311 * reject with Authentication frame4 with
1312 * 'challenge failure' status code.
1313 */
1314 if (!pHdr->fc.wep)
1315 {
1316 /// WEP bit is not set in FC of Auth Frame3
1317 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1318 authFrame.authTransactionSeqNumber =
1319 SIR_MAC_AUTH_FRAME_4;
1320 authFrame.authStatusCode =
1321 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
1322
1323 limSendAuthMgmtFrame(pMac, &authFrame,
1324 pHdr->sa,
1325 LIM_NO_WEP_IN_FC,psessionEntry);
1326
1327 // Log error
1328 PELOG1(limLog(pMac, LOG1,
1329 FL("received Auth frame3 from peer with no WEP bit set, addr "));)
1330 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1331
1332 return;
1333 }
1334
1335 pAuthNode = limSearchPreAuthList(pMac,
1336 pHdr->sa);
1337 if (pAuthNode == NULL)
1338 {
1339 /**
1340 * No 'pre-auth' context exists for
1341 * this STA that sent an Authentication
1342 * frame3.
1343 * Send Auth frame4 with 'out of sequence'
1344 * status code.
1345 */
1346 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1347 authFrame.authTransactionSeqNumber =
1348 SIR_MAC_AUTH_FRAME_4;
1349 authFrame.authStatusCode =
1350 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
1351
1352 limSendAuthMgmtFrame(pMac, &authFrame,
1353 pHdr->sa,
1354 LIM_NO_WEP_IN_FC,psessionEntry);
1355
1356 // Log error
1357 PELOG1(limLog(pMac, LOG1,
1358 FL("received AuthFrame3 from peer that has no preauth context. Addr "));)
1359 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1360
1361 return;
1362 }
1363
1364 if (pAuthNode->mlmState == eLIM_MLM_AUTH_RSP_TIMEOUT_STATE)
1365 {
1366 /**
1367 * Received Auth Frame3 after Auth Response timeout.
1368 * Reject by sending Auth Frame4 with
1369 * Auth respone timeout Status Code.
1370 */
1371 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1372 authFrame.authTransactionSeqNumber =
1373 SIR_MAC_AUTH_FRAME_4;
1374 authFrame.authStatusCode =
1375 eSIR_MAC_AUTH_RSP_TIMEOUT_STATUS;
1376
1377 limSendAuthMgmtFrame(
1378 pMac, &authFrame,
1379 pHdr->sa,
1380 LIM_NO_WEP_IN_FC,psessionEntry);
1381
1382 // Log error
1383 limLog(pMac, LOGW,
1384 FL("auth response timer timedout for peer "));
1385 limPrintMacAddr(pMac, pHdr->sa, LOGW);
1386
1387 /// Delete pre-auth context of STA
1388 limDeletePreAuthNode(pMac,
1389 pHdr->sa);
1390
1391 return;
1392 } // end switch (pAuthNode->mlmState)
1393
1394 if (pRxAuthFrameBody->authStatusCode != eSIR_MAC_SUCCESS_STATUS)
1395 {
1396 /**
1397 * Received Authenetication Frame 3 with status code
1398 * other than success. Wait until Auth response timeout
1399 * to delete STA context.
1400 */
1401
1402 // Log error
1403 PELOG1(limLog(pMac, LOG1,
1404 FL("received Auth frame3 from peer with status code %d, addr "),
1405 pRxAuthFrameBody->authStatusCode);)
1406 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1407
1408 return;
1409 }
1410
1411 /**
1412 * Check if received challenge text is same as one sent in
1413 * Authentication frame3
1414 */
1415
1416 if (palEqualMemory( pMac->hHdd,pRxAuthFrameBody->challengeText,
1417 pAuthNode->challengeText,
1418 SIR_MAC_AUTH_CHALLENGE_LENGTH))
1419 {
1420 /// Challenge match. STA is autheticated !
1421
1422 /// Delete Authentication response timer if running
1423 limDeactivateAndChangePerStaIdTimer(pMac,
1424 eLIM_AUTH_RSP_TIMER,
1425 pAuthNode->authNodeIdx);
1426
1427 pAuthNode->fTimerStarted = 0;
1428 pAuthNode->mlmState = eLIM_MLM_AUTHENTICATED_STATE;
1429
1430 /**
1431 * Send Authentication Frame4 with 'success' Status Code.
1432 */
1433 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1434 authFrame.authTransactionSeqNumber =
1435 SIR_MAC_AUTH_FRAME_4;
1436 authFrame.authStatusCode = eSIR_MAC_SUCCESS_STATUS;
1437
1438 limSendAuthMgmtFrame(pMac, &authFrame,
1439 pHdr->sa,
1440 LIM_NO_WEP_IN_FC,psessionEntry);
1441
1442 /// Send Auth indication to SME
1443 palCopyMemory( pMac->hHdd,
1444 (tANI_U8 *) mlmAuthInd.peerMacAddr,
1445 (tANI_U8 *) pHdr->sa,
1446 sizeof(tSirMacAddr));
1447 mlmAuthInd.authType = (tAniAuthType)
1448 pRxAuthFrameBody->authAlgoNumber;
1449 mlmAuthInd.sessionId = psessionEntry->smeSessionId;
1450
1451 limPostSmeMessage(pMac,
1452 LIM_MLM_AUTH_IND,
1453 (tANI_U32 *) &mlmAuthInd);
1454
1455 break;
1456 }
1457 else
1458 {
1459 /**
1460 * Challenge Failure.
1461 * Send Authentication frame4 with 'challenge failure'
1462 * status code and wait until Auth response timeout to
1463 * delete STA context.
1464 */
1465
1466 authFrame.authAlgoNumber =
1467 pRxAuthFrameBody->authAlgoNumber;
1468 authFrame.authTransactionSeqNumber =
1469 SIR_MAC_AUTH_FRAME_4;
1470 authFrame.authStatusCode =
1471 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
1472
1473 limSendAuthMgmtFrame(pMac, &authFrame,
1474 pHdr->sa,
1475 LIM_NO_WEP_IN_FC,psessionEntry);
1476
1477 // Log error
1478 PELOG1( limLog(pMac, LOG1,
1479 FL("Challenge failure for peer "));)
1480 PELOG1(limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1481 return;
1482 }
1483 } // if (pMac->lim.gLimSystemRole == eLIM_AP_ROLE || ...
1484
1485 break;
1486
1487 case SIR_MAC_AUTH_FRAME_4:
1488 // AuthFrame 4
1489 if (psessionEntry->limMlmState != eLIM_MLM_WT_AUTH_FRAME4_STATE)
1490 {
1491 /**
1492 * Received Authentication frame4 in an unexpected state.
1493 * Log error and ignore the frame.
1494 */
1495
1496 // Log error
1497 PELOG1(limLog(pMac, LOG1,
1498 FL("received unexpected Auth frame4 from peer in state %d, addr "),
1499 psessionEntry->limMlmState);)
1500 PELOG1( limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1501
1502 return;
1503 }
1504
1505 if (pRxAuthFrameBody->authAlgoNumber != eSIR_SHARED_KEY)
1506 {
1507 /**
1508 * Received Authentication frame4 with algorithm other than
1509 * Shared Key authentication type.
1510 * Wait until Auth failure timeout to report authentication
1511 * failure to SME.
1512 */
1513
1514 // Log error
1515 PELOG1(limLog(pMac, LOG1,
1516 FL("received Auth frame4 from peer with invalid auth algo %d, addr "),
1517 pRxAuthFrameBody->authAlgoNumber);)
1518 PELOG1(limPrintMacAddr(pMac, pHdr->sa,
1519 LOG1);)
1520
1521 return;
1522 }
1523
1524 if ( !palEqualMemory( pMac->hHdd,(tANI_U8 *) pHdr->sa,
1525 (tANI_U8 *) &pMac->lim.gpLimMlmAuthReq->peerMacAddr,
1526 sizeof(tSirMacAddr)) )
1527 {
1528 /**
1529 * Received Authentication frame from an entity
1530 * other than one to which request was initiated.
1531 * Wait until Authentication Failure Timeout.
1532 */
1533
1534 // Log error
1535 PELOG1(limLog(pMac, LOG1,
1536 FL("received Auth frame4 from unexpected peer "));
1537 limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1538
1539 break;
1540 }
1541
1542 if (pRxAuthFrameBody->authAlgoNumber !=
1543 pMac->lim.gpLimMlmAuthReq->authType)
1544 {
1545 /**
1546 * Received Authentication frame with an auth algorithm
1547 * other than one requested.
1548 * Wait until Authentication Failure Timeout.
1549 */
1550
1551 PELOG1(limLog(pMac, LOG1,
1552 FL("received Authentication frame from peer with invalid auth seq number %d, addr "),
1553 pRxAuthFrameBody->authTransactionSeqNumber);
1554 limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1555
1556 break;
1557 }
1558
1559 if (pRxAuthFrameBody->authStatusCode ==
1560 eSIR_MAC_SUCCESS_STATUS)
1561 {
1562 /**
1563 * Authentication Success !
1564 * Inform SME of same.
1565 */
1566 psessionEntry->limCurrentAuthType = eSIR_SHARED_KEY;
1567
1568 pAuthNode = limAcquireFreePreAuthNode(pMac, &pMac->lim.gLimPreAuthTimerTable);
1569 if (pAuthNode == NULL)
1570 {
1571 // Log error
1572 limLog(pMac, LOGW,
1573 FL("Max pre-auth nodes reached "));
1574 limPrintMacAddr(pMac, pHdr->sa, LOGW);
1575
1576 return;
1577 }
1578 PELOG1(limLog(pMac, LOG1, FL("Alloc new data: %x peer \n"), pAuthNode);
1579 limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1580
1581 palCopyMemory( pMac->hHdd,
1582 (tANI_U8 *) pAuthNode->peerMacAddr,
1583 pMac->lim.gpLimMlmAuthReq->peerMacAddr,
1584 sizeof(tSirMacAddr));
1585 pAuthNode->fTimerStarted = 0;
1586 pAuthNode->authType = pMac->lim.gpLimMlmAuthReq->authType;
1587 limAddPreAuthNode(pMac, pAuthNode);
1588
1589 limRestoreFromAuthState(pMac, eSIR_SME_SUCCESS,
1590 pRxAuthFrameBody->authStatusCode,psessionEntry);
1591
1592 } // if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS)
1593 else
1594 {
1595 /**
1596 * Authentication failure.
1597 * Return Auth confirm with received failure code to SME
1598 */
1599
1600 // Log error
1601 PELOG1(limLog(pMac, LOG1, FL("Authentication failure from peer "));
1602 limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1603
1604 limRestoreFromAuthState(pMac, eSIR_SME_AUTH_REFUSED,
1605 pRxAuthFrameBody->authStatusCode,psessionEntry);
1606 } // end if (pRxAuthFrameBody->Status == 0)
1607
1608 break;
1609
1610 default:
1611 /// Invalid Authentication Frame received. Ignore it.
1612
1613 // Log error
1614 PELOG1(limLog(pMac, LOG1,
1615 FL("received Auth frame from peer with invalid auth seq number %d, addr "),
1616 pRxAuthFrameBody->authTransactionSeqNumber);
1617 limPrintMacAddr(pMac, pHdr->sa, LOG1);)
1618
1619 break;
1620 } // end switch (pRxAuthFrameBody->authTransactionSeqNumber)
1621} /*** end limProcessAuthFrame() ***/
1622
1623
1624
1625
1626
1627#ifdef WLAN_FEATURE_VOWIFI_11R
1628
1629/*----------------------------------------------------------------------
1630 *
1631 * Pass the received Auth frame. This is possibly the pre-auth from the
1632 * neighbor AP, in the same mobility domain.
1633 * This will be used in case of 11r FT.
1634 *
1635 * !!!! This is going to be renoved for the next checkin. We will be creating
1636 * the session before sending out the Auth. Thus when auth response
1637 * is received we will have a session in progress. !!!!!
1638 *----------------------------------------------------------------------
1639 */
1640int limProcessAuthFrameNoSession(tpAniSirGlobal pMac, tANI_U8 *pBd, void *body)
1641{
1642 tpSirMacMgmtHdr pHdr;
1643 tpPESession psessionEntry = NULL;
1644 tANI_U8 *pBody;
1645 tANI_U16 frameLen;
1646 tSirMacAuthFrameBody rxAuthFrame;
1647 tSirMacAuthFrameBody *pRxAuthFrameBody = NULL;
1648 int ret_status = eSIR_FAILURE;
1649
1650 pHdr = WDA_GET_RX_MAC_HEADER(pBd);
1651 pBody = WDA_GET_RX_MPDU_DATA(pBd);
1652 frameLen = WDA_GET_RX_PAYLOAD_LEN(pBd);
1653
1654 // Check for the operating channel and see what needs to be done next.
1655 psessionEntry = pMac->ft.ftPEContext.psavedsessionEntry;
1656 if (psessionEntry == NULL)
1657 {
1658 limLog(pMac, LOGW, FL("Error: Unable to find session id while in pre-auth phase for FT"));
1659 return eSIR_FAILURE;
1660 }
1661
1662 if (pMac->ft.ftPEContext.pFTPreAuthReq == NULL)
1663 {
1664 // No FT in progress.
1665 return eSIR_FAILURE;
1666 }
1667
1668 if (frameLen == 0)
1669 {
1670 return eSIR_FAILURE;
1671 }
1672#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1673 limPrintMacAddr(pMac, pHdr->bssId, LOGE);
1674 limPrintMacAddr(pMac, pMac->ft.ftPEContext.pFTPreAuthReq->preAuthbssId, LOGE);
1675#endif
1676
1677 // Check that its the same bssId we have for preAuth
1678 if (!palEqualMemory( pMac->hHdd, pMac->ft.ftPEContext.pFTPreAuthReq->preAuthbssId,
1679 pHdr->bssId, sizeof( tSirMacAddr )))
1680 {
1681 // In this case SME if indeed has triggered a
1682 // pre auth it will time out.
1683 return eSIR_FAILURE;
1684 }
1685
1686#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1687 limLog(pMac, LOGE, FL("Pre-Auth response received from neighbor"));
1688 limLog(pMac, LOGE, FL("Pre-Auth done state"));
1689#endif
1690 // Stopping timer now, that we have our unicast from the AP
1691 // of our choice.
1692 limDeactivateAndChangeTimer(pMac, eLIM_FT_PREAUTH_RSP_TIMER);
1693
1694
1695 // Save off the auth resp.
1696 if ((sirConvertAuthFrame2Struct(pMac, pBody, frameLen, &rxAuthFrame) != eSIR_SUCCESS))
1697 {
1698 limHandleFTPreAuthRsp(pMac, eSIR_FAILURE, NULL, 0, psessionEntry);
1699 return eSIR_FAILURE;
1700 }
1701 pRxAuthFrameBody = &rxAuthFrame;
1702
1703#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1704 PELOGE(limLog(pMac, LOGE,
1705 FL("Received Auth frame with type=%d seqnum=%d, status=%d (%d)\n"),
1706 (tANI_U32) pRxAuthFrameBody->authAlgoNumber,
1707 (tANI_U32) pRxAuthFrameBody->authTransactionSeqNumber,
1708 (tANI_U32) pRxAuthFrameBody->authStatusCode,(tANI_U32)pMac->lim.gLimNumPreAuthContexts);)
1709#endif
1710
1711 switch (pRxAuthFrameBody->authTransactionSeqNumber)
1712 {
1713 case SIR_MAC_AUTH_FRAME_2:
1714 if (pRxAuthFrameBody->authStatusCode != eSIR_MAC_SUCCESS_STATUS)
1715 {
1716#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1717 PELOGE(limLog( pMac, LOGE, "Auth status code received is %d\n",
1718 (tANI_U32) pRxAuthFrameBody->authStatusCode);)
1719#endif
1720 }
1721 else
1722 {
1723 ret_status = eSIR_SUCCESS;
1724 }
1725 break;
1726
1727 default:
1728#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1729 PELOGE(limLog( pMac, LOGE, "Seq. no incorrect expected 2 received %d\n",
1730 (tANI_U32) pRxAuthFrameBody->authTransactionSeqNumber);)
1731#endif
1732 break;
1733 }
1734
1735 // Send the Auth response to SME
1736 limHandleFTPreAuthRsp(pMac, ret_status, pBody, frameLen, psessionEntry);
1737
1738 return ret_status;
1739}
1740
1741#endif /* WLAN_FEATURE_VOWIFI_11R */
1742