Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / vendor / qcom-opensource / wlan / qcacld-3.0 / 7090c5fd8d2bc46a463549bf26505e67a32d1d0e / . / core / mac / src / pe / lim / lim_process_auth_frame.c
blob: 9871cff47c9bde0a4df3219ef99ad030a1a2a20c [file] [log] [blame]
Prakash Dhavali7090c5f2015-11-02 17:55:19 -0800[diff] [blame^]1/*
2 * Copyright (c) 2011-2015 The Linux Foundation. All rights reserved.
3 *
4 * Previously licensed under the ISC license by Qualcomm Atheros, Inc.
5 *
6 *
7 * Permission to use, copy, modify, and/or distribute this software for
8 * any purpose with or without fee is hereby granted, provided that the
9 * above copyright notice and this permission notice appear in all
10 * copies.
11 *
12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
13 * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
14 * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
15 * AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
16 * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
17 * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
18 * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
19 * PERFORMANCE OF THIS SOFTWARE.
20 */
21
22/*
23 * This file was originally distributed by Qualcomm Atheros, Inc.
24 * under proprietary terms before Copyright ownership was assigned
25 * to the Linux Foundation.
26 */
27
28/*
29 *
30 * This file lim_process_auth_frame.cc contains the code
31 * for processing received Authentication Frame.
32 * Author: Chandra Modumudi
33 * Date: 03/11/02
34 * History:-
35 * Date Modified by Modification Information
36 * --------------------------------------------------------------------
37 * 05/12/2010 js To support Shared key authentication at AP side
38 *
39 */
40
41#include "wni_api.h"
42#include "wni_cfg.h"
43#include "ani_global.h"
44#include "cfg_api.h"
45
46#include "utils_api.h"
47#include "lim_utils.h"
48#include "lim_assoc_utils.h"
49#include "lim_security_utils.h"
50#include "lim_ser_des_utils.h"
51#ifdef WLAN_FEATURE_VOWIFI_11R
52#include "lim_ft.h"
53#endif
54#include "cds_utils.h"
55
56/**
57 * is_auth_valid
58 *
59 ***FUNCTION:
60 * This function is called by lim_process_auth_frame() upon Authentication
61 * frame reception.
62 *
63 ***LOGIC:
64 * This function is used to test validity of auth frame:
65 * - AUTH1 and AUTH3 must be received in AP mode
66 * - AUTH2 and AUTH4 must be received in STA mode
67 * - AUTH3 and AUTH4 must have challenge text IE, that is,'type' field has been set to
68 * SIR_MAC_CHALLENGE_TEXT_EID by parser
69 * -
70 *
71 ***ASSUMPTIONS:
72 *
73 ***NOTE:
74 *
75 * @param *auth - Pointer to extracted auth frame body
76 *
77 * @return 0 or 1 (Valid)
78 */
79
80static inline unsigned int is_auth_valid(tpAniSirGlobal pMac,
81 tpSirMacAuthFrameBody auth,
82 tpPESession sessionEntry)
83{
84 unsigned int valid = 1;
85
86 if (((auth->authTransactionSeqNumber == SIR_MAC_AUTH_FRAME_1) ||
87 (auth->authTransactionSeqNumber == SIR_MAC_AUTH_FRAME_3)) &&
88 (LIM_IS_STA_ROLE(sessionEntry) ||
89 LIM_IS_BT_AMP_STA_ROLE(sessionEntry)))
90 valid = 0;
91
92 if (((auth->authTransactionSeqNumber == SIR_MAC_AUTH_FRAME_2) ||
93 (auth->authTransactionSeqNumber == SIR_MAC_AUTH_FRAME_4)) &&
94 (LIM_IS_AP_ROLE(sessionEntry) ||
95 LIM_IS_BT_AMP_AP_ROLE(sessionEntry)))
96 valid = 0;
97
98 if (((auth->authTransactionSeqNumber == SIR_MAC_AUTH_FRAME_3) ||
99 (auth->authTransactionSeqNumber == SIR_MAC_AUTH_FRAME_4)) &&
100 (auth->type != SIR_MAC_CHALLENGE_TEXT_EID) &&
101 (auth->authAlgoNumber != eSIR_SHARED_KEY))
102 valid = 0;
103
104 return valid;
105}
106
107/**
108 * lim_process_auth_frame
109 *
110 ***FUNCTION:
111 * This function is called by limProcessMessageQueue() upon Authentication
112 * frame reception.
113 *
114 ***LOGIC:
115 * This function processes received Authentication frame and responds
116 * with either next Authentication frame in sequence to peer MAC entity
117 * or LIM_MLM_AUTH_IND on AP or LIM_MLM_AUTH_CNF on STA.
118 *
119 ***ASSUMPTIONS:
120 *
121 ***NOTE:
122 * 1. Authentication failures are reported to SME with same status code
123 * received from the peer MAC entity.
124 * 2. Authentication frame2/4 received with alogirthm number other than
125 * one requested in frame1/3 are logged with an error and auth confirm
126 * will be sent to SME only after auth failure timeout.
127 * 3. Inconsistency in the spec:
128 * On receiving Auth frame2, specs says that if WEP key mapping key
129 * or default key is NULL, Auth frame3 with a status code 15 (challenge
130 * failure to be returned to peer entity. However, section 7.2.3.10,
131 * table 14 says that status code field is 'reserved' for frame3 !
132 * In the current implementation, Auth frame3 is returned with status
133 * code 15 overriding section 7.2.3.10.
134 * 4. If number pre-authentications reach configrable max limit,
135 * Authentication frame with 'unspecified failure' status code is
136 * returned to requesting entity.
137 *
138 * @param pMac - Pointer to Global MAC structure
139 * @param *pRxPacketInfo - A pointer to Rx packet info structure
140 * @return None
141 */
142
143void
144lim_process_auth_frame(tpAniSirGlobal pMac, uint8_t *pRxPacketInfo,
145 tpPESession psessionEntry)
146{
147 uint8_t *pBody, keyId, cfgPrivacyOptImp,
148 defaultKey[SIR_MAC_KEY_LENGTH],
149 encrAuthFrame[LIM_ENCR_AUTH_BODY_LEN], plainBody[256];
150 uint16_t frameLen;
151 uint32_t maxNumPreAuth, val;
152 tSirMacAuthFrameBody *pRxAuthFrameBody, rxAuthFrame, authFrame;
153 tpSirMacMgmtHdr pHdr;
154 struct tLimPreAuthNode *pAuthNode;
155 uint8_t decryptResult;
156 uint8_t *pChallenge;
157 uint32_t key_length = 8;
158 uint8_t challengeTextArray[SIR_MAC_AUTH_CHALLENGE_LENGTH];
159 tpDphHashNode pStaDs = NULL;
160 uint16_t assocId = 0;
161 uint16_t curr_seq_num = 0;
162
163 /* Get pointer to Authentication frame header and body */
164 pHdr = WMA_GET_RX_MAC_HEADER(pRxPacketInfo);
165 frameLen = WMA_GET_RX_PAYLOAD_LEN(pRxPacketInfo);
166
167 if (!frameLen) {
168 /* Log error */
169 lim_log(pMac, LOGE,
170 FL("received Authentication frame with no body from "));
171 lim_print_mac_addr(pMac, pHdr->sa, LOGE);
172
173 return;
174 }
175
176 if (lim_is_group_addr(pHdr->sa)) {
177 /* Received Auth frame from a BC/MC address */
178 /* Log error and ignore it */
179 lim_log(pMac, LOGE, FL (
180 "received Auth frame from a BC/MC addr - "));
181 PELOGE(lim_print_mac_addr(pMac, pHdr->sa, LOGE);)
182
183 return;
184 }
185 curr_seq_num = (pHdr->seqControl.seqNumHi << 4) |
186 (pHdr->seqControl.seqNumLo);
187
188 lim_log(pMac, LOG1,
189 FL("Sessionid: %d System role : %d limMlmState: %d :Auth "
190 "Frame Received: BSSID: " MAC_ADDRESS_STR " (RSSI %d)"),
191 psessionEntry->peSessionId, GET_LIM_SYSTEM_ROLE(psessionEntry),
192 psessionEntry->limMlmState, MAC_ADDR_ARRAY(pHdr->bssId),
193 (uint) abs((int8_t) WMA_GET_RX_RSSI_DB(pRxPacketInfo)));
194
195 pBody = WMA_GET_RX_MPDU_DATA(pRxPacketInfo);
196
197 /* Restore default failure timeout */
198 if (CDF_P2P_CLIENT_MODE == psessionEntry->pePersona
199 && psessionEntry->defaultAuthFailureTimeout) {
200 lim_log(pMac, LOG1, FL("Restore default failure timeout"));
201 cfg_set_int(pMac, WNI_CFG_AUTHENTICATE_FAILURE_TIMEOUT,
202 psessionEntry->defaultAuthFailureTimeout);
203 }
204 /* / Determine if WEP bit is set in the FC or received MAC header */
205 if (pHdr->fc.wep) {
206 /**
207 * WEP bit is set in FC of MAC header.
208 */
209
210 /* If TKIP counter measures enabled issue Deauth frame to station */
211 if (psessionEntry->bTkipCntrMeasActive &&
212 LIM_IS_AP_ROLE(psessionEntry)) {
213 PELOGE(lim_log
214 (pMac, LOGE,
215 FL
216 ("Tkip counter measures Enabled, sending Deauth frame to"));
217 )
218 lim_print_mac_addr(pMac, pHdr->sa, LOGE);
219
220 lim_send_deauth_mgmt_frame(pMac,
221 eSIR_MAC_MIC_FAILURE_REASON,
222 pHdr->sa, psessionEntry, false);
223 return;
224 }
225 /* Extract key ID from IV (most 2 bits of 4th byte of IV) */
226
227 keyId = (*(pBody + 3)) >> 6;
228
229 /**
230 * On STA in infrastructure BSS, Authentication frames received
231 * with WEP bit set in the FC must be rejected with challenge
232 * failure status code (wierd thing in the spec - this should have
233 * been rejected with unspecified failure or unexpected assertion
234 * of wep bit (this status code does not exist though) or
235 * Out-of-sequence-Authentication-Frame status code.
236 */
237
238 if (LIM_IS_STA_ROLE(psessionEntry) ||
239 LIM_IS_BT_AMP_STA_ROLE(psessionEntry)) {
240 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
241 authFrame.authTransactionSeqNumber =
242 SIR_MAC_AUTH_FRAME_4;
243 authFrame.authStatusCode =
244 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
245 /* Log error */
246 PELOGE(lim_log(pMac, LOGE,
247 FL
248 ("received Authentication frame with wep bit set on role=%d "
249 MAC_ADDRESS_STR),
250 GET_LIM_SYSTEM_ROLE(psessionEntry),
251 MAC_ADDR_ARRAY(pHdr->sa));
252 )
253
254 lim_send_auth_mgmt_frame(pMac, &authFrame,
255 pHdr->sa,
256 LIM_NO_WEP_IN_FC,
257 psessionEntry);
258 return;
259 }
260
261 if (frameLen < LIM_ENCR_AUTH_BODY_LEN) {
262 /* Log error */
263 lim_log(pMac, LOGE,
264 FL
265 ("Not enough size [%d] to decrypt received Auth frame"),
266 frameLen);
267 lim_print_mac_addr(pMac, pHdr->sa, LOGE);
268
269 return;
270 }
271 if (LIM_IS_AP_ROLE(psessionEntry)) {
272 val = psessionEntry->privacy;
273 } else
274 /* Accept Authentication frame only if Privacy is implemented */
275 if (wlan_cfg_get_int(pMac, WNI_CFG_PRIVACY_ENABLED,
276 &val) != eSIR_SUCCESS) {
277 /**
278 * Could not get Privacy option
279 * from CFG. Log error.
280 */
281 lim_log(pMac, LOGP,
282 FL("could not retrieve Privacy option"));
283 }
284
285 cfgPrivacyOptImp = (uint8_t) val;
286 if (cfgPrivacyOptImp) {
287 /**
288 * Privacy option is implemented.
289 * Check if the received frame is Authentication
290 * frame3 and there is a context for requesting STA.
291 * If not, reject with unspecified failure status code
292 */
293 pAuthNode = lim_search_pre_auth_list(pMac, pHdr->sa);
294
295 if (pAuthNode == NULL) {
296 /* Log error */
297 PELOGE(lim_log(pMac, LOGE,
298 FL
299 ("received Authentication frame from peer that has no preauth context with WEP bit set "
300 MAC_ADDRESS_STR),
301 MAC_ADDR_ARRAY(pHdr->sa));
302 )
303
304 /**
305 * No 'pre-auth' context exists for this STA that sent
306 * an Authentication frame with FC bit set.
307 * Send Auth frame4 with 'out of sequence' status code.
308 */
309 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
310 authFrame.authTransactionSeqNumber =
311 SIR_MAC_AUTH_FRAME_4;
312 authFrame.authStatusCode =
313 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
314
315 lim_send_auth_mgmt_frame(pMac, &authFrame,
316 pHdr->sa,
317 LIM_NO_WEP_IN_FC,
318 psessionEntry);
319 return;
320 } else {
321 /* / Change the auth-response timeout */
322 lim_deactivate_and_change_per_sta_id_timer(pMac,
323 eLIM_AUTH_RSP_TIMER,
324 pAuthNode->
325 authNodeIdx);
326
327 /* / 'Pre-auth' status exists for STA */
328 if ((pAuthNode->mlmState !=
329 eLIM_MLM_WT_AUTH_FRAME3_STATE) &&
330 (pAuthNode->mlmState !=
331 eLIM_MLM_AUTH_RSP_TIMEOUT_STATE)) {
332 /* Log error */
333 PELOGE(lim_log(pMac, LOGE,
334 FL
335 ("received Authentication frame from peer that is in state %d "
336 MAC_ADDRESS_STR),
337 pAuthNode->mlmState,
338 MAC_ADDR_ARRAY(pHdr->sa));)
339 /**
340 * Should not have received Authentication frame
341 * with WEP bit set in FC in other states.
342 * Reject by sending Authenticaton frame with
343 * out of sequence Auth frame status code.
344 */
345 authFrame.authAlgoNumber =
346 eSIR_SHARED_KEY;
347 authFrame.authTransactionSeqNumber =
348 SIR_MAC_AUTH_FRAME_4;
349 authFrame.authStatusCode =
350 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
351
352 lim_send_auth_mgmt_frame(pMac, &authFrame,
353 pHdr->sa,
354 LIM_NO_WEP_IN_FC,
355 psessionEntry);
356 return;
357 }
358 }
359
360 val = SIR_MAC_KEY_LENGTH;
361
362 if (LIM_IS_AP_ROLE(psessionEntry)) {
363 tpSirKeys pKey;
364 pKey =
365 &psessionEntry->
366 WEPKeyMaterial[keyId].key[0];
367 cdf_mem_copy(defaultKey, pKey->key,
368 pKey->keyLength);
369 val = pKey->keyLength;
370 } else if (wlan_cfg_get_str(pMac,
371 (uint16_t) (WNI_CFG_WEP_DEFAULT_KEY_1 +
372 keyId), defaultKey,
373 &val) != eSIR_SUCCESS) {
374 /* / Could not get Default key from CFG. */
375 /* Log error. */
376 lim_log(pMac, LOGP,
377 FL
378 ("could not retrieve Default key"));
379
380 /**
381 * Send Authentication frame
382 * with challenge failure status code
383 */
384
385 authFrame.authAlgoNumber =
386 eSIR_SHARED_KEY;
387 authFrame.authTransactionSeqNumber =
388 SIR_MAC_AUTH_FRAME_4;
389 authFrame.authStatusCode =
390 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
391
392 lim_send_auth_mgmt_frame(pMac, &authFrame,
393 pHdr->sa,
394 LIM_NO_WEP_IN_FC,
395 psessionEntry);
396
397 return;
398 }
399
400 key_length = val;
401
402 decryptResult = lim_decrypt_auth_frame(pMac, defaultKey,
403 pBody, plainBody, key_length,
404 (uint16_t) (frameLen -
405 SIR_MAC_WEP_IV_LENGTH));
406 if (decryptResult == LIM_DECRYPT_ICV_FAIL) {
407 /* Log error */
408 PELOGE(lim_log(pMac, LOGE,
409 FL
410 ("received Authentication frame from peer that failed decryption: "
411 MAC_ADDRESS_STR),
412 MAC_ADDR_ARRAY(pHdr->sa));
413 )
414 /* / ICV failure */
415 lim_delete_pre_auth_node(pMac,
416 pHdr->sa);
417 authFrame.authAlgoNumber =
418 eSIR_SHARED_KEY;
419 authFrame.authTransactionSeqNumber =
420 SIR_MAC_AUTH_FRAME_4;
421 authFrame.authStatusCode =
422 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
423
424 lim_send_auth_mgmt_frame(pMac, &authFrame,
425 pHdr->sa,
426 LIM_NO_WEP_IN_FC,
427 psessionEntry);
428 return;
429 }
430 if ((sir_convert_auth_frame2_struct
431 (pMac, plainBody, frameLen - 8,
432 &rxAuthFrame) != eSIR_SUCCESS) ||
433 (!is_auth_valid
434 (pMac, &rxAuthFrame, psessionEntry))) {
435 lim_log(pMac, LOGE,
436 FL
437 ("failed to convert Auth Frame to structure or Auth is not valid "));
438 return;
439 }
440 } else {
441 /* Log error */
442 PELOGE(lim_log(pMac, LOGE,
443 FL
444 ("received Authentication frame3 from peer that while privacy option is turned OFF "
445 MAC_ADDRESS_STR),
446 MAC_ADDR_ARRAY(pHdr->sa));
447 )
448 /**
449 * Privacy option is not implemented.
450 * So reject Authentication frame received with
451 * WEP bit set by sending Authentication frame
452 * with 'challenge failure' status code. This is
453 * another strange thing in the spec. Status code
454 * should have been 'unsupported algorithm' status code.
455 */
456 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
457 authFrame.authTransactionSeqNumber =
458 SIR_MAC_AUTH_FRAME_4;
459 authFrame.authStatusCode =
460 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
461
462 lim_send_auth_mgmt_frame(pMac, &authFrame,
463 pHdr->sa,
464 LIM_NO_WEP_IN_FC, psessionEntry);
465 return;
466 } /* else if (wlan_cfg_get_int(CFG_PRIVACY_OPTION_IMPLEMENTED)) */
467 } /* if (fc.wep) */
468 else {
469 if ((sir_convert_auth_frame2_struct(pMac, pBody,
470 frameLen,
471 &rxAuthFrame) != eSIR_SUCCESS)
472 || (!is_auth_valid(pMac, &rxAuthFrame, psessionEntry))) {
473 PELOGE(lim_log
474 (pMac, LOGE,
475 FL
476 ("failed to convert Auth Frame to structure or Auth is not valid "));
477 )
478 return;
479 }
480 }
481
482 pRxAuthFrameBody = &rxAuthFrame;
483
484 PELOGW(lim_log(pMac, LOGW,
485 FL
486 ("Received Auth frame with type=%d seqnum=%d, status=%d (%d)"),
487 (uint32_t) pRxAuthFrameBody->authAlgoNumber,
488 (uint32_t) pRxAuthFrameBody->authTransactionSeqNumber,
489 (uint32_t) pRxAuthFrameBody->authStatusCode,
490 (uint32_t) pMac->lim.gLimNumPreAuthContexts);
491 )
492
493 switch (pRxAuthFrameBody->authTransactionSeqNumber) {
494 case SIR_MAC_AUTH_FRAME_1:
495 /* AuthFrame 1 */
496
497 pStaDs = dph_lookup_hash_entry(pMac, pHdr->sa,
498 &assocId,
499 &psessionEntry->dph.dphHashTable);
500 if (pStaDs) {
501 tLimMlmDisassocReq *pMlmDisassocReq = NULL;
502 tLimMlmDeauthReq *pMlmDeauthReq = NULL;
503 tAniBool isConnected = eSIR_TRUE;
504
505 pMlmDisassocReq =
506 pMac->lim.limDisassocDeauthCnfReq.pMlmDisassocReq;
507 if (pMlmDisassocReq
508 &&
509 (cdf_mem_compare
510 ((uint8_t *) pHdr->sa,
511 (uint8_t *) &pMlmDisassocReq->peerMacAddr,
512 sizeof(tSirMacAddr)))) {
513 PELOGE(lim_log
514 (pMac, LOGE,
515 FL("TODO:Ack for disassoc "
516 "frame is pending Issue delsta for "
517 MAC_ADDRESS_STR),
518 MAC_ADDR_ARRAY(pMlmDisassocReq->
519 peerMacAddr));
520 )
521 lim_process_disassoc_ack_timeout(pMac);
522 isConnected = eSIR_FALSE;
523 }
524 pMlmDeauthReq =
525 pMac->lim.limDisassocDeauthCnfReq.pMlmDeauthReq;
526 if (pMlmDeauthReq
527 &&
528 (cdf_mem_compare
529 ((uint8_t *) pHdr->sa,
530 (uint8_t *) &pMlmDeauthReq->peerMacAddr,
531 sizeof(tSirMacAddr)))) {
532 PELOGE(lim_log
533 (pMac, LOGE,
534 FL("TODO:Ack for deauth frame "
535 "is pending Issue delsta for "
536 MAC_ADDRESS_STR),
537 MAC_ADDR_ARRAY(pMlmDeauthReq->
538 peerMacAddr));
539 )
540 lim_process_deauth_ack_timeout(pMac);
541 isConnected = eSIR_FALSE;
542 }
543
544 /* pStaDS != NULL and isConnected = 1 means the STA is already
545 * connected, But SAP received the Auth from that station.
546 * For non PMF connection send Deauth frame as STA will retry
547 * to connect back.
548 *
549 * For PMF connection the AP should not tear down or otherwise
550 * modify the state of the existing association until the
551 * SA-Query procedure determines that the original SA is
552 * invalid.
553 */
554 if (isConnected
555#ifdef WLAN_FEATURE_11W
556 && !pStaDs->rmfEnabled
557#endif
558 ) {
559 lim_log(pMac, LOGE,
560 FL
561 ("STA is already connected but received auth frame"
562 "Send the Deauth and lim Delete Station Context"
563 "(staId: %d, assocId: %d) "),
564 pStaDs->staIndex, assocId);
565 lim_send_deauth_mgmt_frame(pMac,
566 eSIR_MAC_UNSPEC_FAILURE_REASON,
567 (uint8_t *) pHdr->sa,
568 psessionEntry, false);
569 lim_trigger_sta_deletion(pMac, pStaDs,
570 psessionEntry);
571 return;
572 }
573 }
574 /* / Check if there exists pre-auth context for this STA */
575 pAuthNode = lim_search_pre_auth_list(pMac, pHdr->sa);
576 if (pAuthNode) {
577 /* / Pre-auth context exists for the STA */
578 if (pHdr->fc.retry == 0 ||
579 pAuthNode->seq_num != curr_seq_num) {
580 /**
581 * STA is initiating brand-new Authentication
582 * sequence after local Auth Response timeout.
583 * Or STA retrying to transmit First Auth frame due to packet drop OTA
584 * Delete Pre-auth node and fall through.
585 */
586 if (pAuthNode->fTimerStarted) {
587 lim_deactivate_and_change_per_sta_id_timer
588 (pMac, eLIM_AUTH_RSP_TIMER,
589 pAuthNode->authNodeIdx);
590 }
591 PELOGE(lim_log
592 (pMac, LOGE,
593 FL
594 ("STA is initiating brand-new Authentication ..."));
595 )
596 lim_delete_pre_auth_node(pMac, pHdr->sa);
597 /**
598 * SAP Mode:Disassociate the station and
599 * delete its entry if we have its entry
600 * already and received "auth" from the
601 * same station.
602 */
603
604 for (assocId = 0; assocId < psessionEntry->dph.dphHashTable.size; assocId++) /* Softap dphHashTable.size = 8 */
605 {
606 pStaDs =
607 dph_get_hash_entry(pMac, assocId,
608 &psessionEntry->dph.
609 dphHashTable);
610
611 if (NULL == pStaDs)
612 continue;
613
614 if (pStaDs->valid) {
615 if (cdf_mem_compare
616 ((uint8_t *) &pStaDs->
617 staAddr,
618 (uint8_t *) &(pHdr->sa),
619 (uint8_t) (sizeof
620 (tSirMacAddr))))
621 break;
622 }
623
624 pStaDs = NULL;
625 }
626
627 if (NULL != pStaDs
628#ifdef WLAN_FEATURE_11W
629 && !pStaDs->rmfEnabled
630#endif
631 ) {
632 PELOGE(lim_log(pMac, LOGE,
633 FL
634 ("lim Delete Station Context (staId: %d, assocId: %d) "),
635 pStaDs->staIndex,
636 assocId);
637 )
638 lim_send_deauth_mgmt_frame(pMac,
639 eSIR_MAC_UNSPEC_FAILURE_REASON,
640 (uint8_t *)
641 pAuthNode->
642 peerMacAddr,
643 psessionEntry,
644 false);
645 lim_trigger_sta_deletion(pMac, pStaDs,
646 psessionEntry);
647 return;
648 }
649 } else {
650 /*
651 * This can happen when first authentication frame is received
652 * but ACK lost at STA side, in this case 2nd auth frame is already
653 * in transmission queue
654 * */
655 PELOGE(lim_log
656 (pMac, LOGE,
657 FL
658 ("STA is initiating Authentication after ACK lost..."));
659 )
660 return;
661 }
662 }
663 if (wlan_cfg_get_int(pMac, WNI_CFG_MAX_NUM_PRE_AUTH,
664 (uint32_t *) &maxNumPreAuth) !=
665 eSIR_SUCCESS) {
666 /**
667 * Could not get MaxNumPreAuth
668 * from CFG. Log error.
669 */
670 lim_log(pMac, LOGP,
671 FL("could not retrieve MaxNumPreAuth"));
672 }
673 if (pMac->lim.gLimNumPreAuthContexts == maxNumPreAuth &&
674 !lim_delete_open_auth_pre_auth_node(pMac)) {
675 PELOGE(lim_log
676 (pMac, LOGE,
677 FL("Max number of preauth context reached"));
678 )
679 /**
680 * Maximum number of pre-auth contexts
681 * reached. Send Authentication frame
682 * with unspecified failure
683 */
684 authFrame.authAlgoNumber =
685 pRxAuthFrameBody->authAlgoNumber;
686 authFrame.authTransactionSeqNumber =
687 pRxAuthFrameBody->authTransactionSeqNumber + 1;
688 authFrame.authStatusCode =
689 eSIR_MAC_UNSPEC_FAILURE_STATUS;
690
691 lim_send_auth_mgmt_frame(pMac, &authFrame,
692 pHdr->sa,
693 LIM_NO_WEP_IN_FC, psessionEntry);
694
695 return;
696 }
697 /* / No Pre-auth context exists for the STA. */
698 if (lim_is_auth_algo_supported(pMac, (tAniAuthType)
699 pRxAuthFrameBody->authAlgoNumber,
700 psessionEntry)) {
701 switch (pRxAuthFrameBody->authAlgoNumber) {
702 case eSIR_OPEN_SYSTEM:
703 PELOGW(lim_log
704 (pMac, LOGW,
705 FL("=======> eSIR_OPEN_SYSTEM ..."));
706 )
707 /* / Create entry for this STA in pre-auth list */
708 pAuthNode =
709 lim_acquire_free_pre_auth_node(pMac,
710 &pMac->lim.
711 gLimPreAuthTimerTable);
712 if (pAuthNode == NULL) {
713 /* Log error */
714 lim_log(pMac, LOGW,
715 FL
716 ("Max pre-auth nodes reached "));
717 lim_print_mac_addr(pMac, pHdr->sa, LOGW);
718
719 return;
720 }
721
722 PELOG1(lim_log
723 (pMac, LOG1,
724 FL("Alloc new data: %x peer "),
725 pAuthNode);
726 lim_print_mac_addr(pMac, pHdr->sa, LOG1);
727 )
728
729 cdf_mem_copy((uint8_t *) pAuthNode->
730 peerMacAddr, pHdr->sa,
731 sizeof(tSirMacAddr));
732
733 pAuthNode->mlmState =
734 eLIM_MLM_AUTHENTICATED_STATE;
735 pAuthNode->authType = (tAniAuthType)
736 pRxAuthFrameBody->authAlgoNumber;
737 pAuthNode->fSeen = 0;
738 pAuthNode->fTimerStarted = 0;
739 pAuthNode->seq_num =
740 ((pHdr->seqControl.seqNumHi << 4) |
741 (pHdr->seqControl.seqNumLo));
742 pAuthNode->timestamp =
743 cdf_mc_timer_get_system_ticks();
744 lim_add_pre_auth_node(pMac, pAuthNode);
745
746 /**
747 * Send Authenticaton frame with Success
748 * status code.
749 */
750
751 authFrame.authAlgoNumber =
752 pRxAuthFrameBody->authAlgoNumber;
753 authFrame.authTransactionSeqNumber =
754 pRxAuthFrameBody->authTransactionSeqNumber +
755 1;
756 authFrame.authStatusCode =
757 eSIR_MAC_SUCCESS_STATUS;
758 lim_send_auth_mgmt_frame(pMac, &authFrame, pHdr->sa,
759 LIM_NO_WEP_IN_FC,
760 psessionEntry);
761 break;
762
763 case eSIR_SHARED_KEY:
764 PELOGW(lim_log
765 (pMac, LOGW,
766 FL("=======> eSIR_SHARED_KEY ..."));
767 )
768 if (LIM_IS_AP_ROLE(psessionEntry)) {
769 val = psessionEntry->privacy;
770 } else
771 if (wlan_cfg_get_int
772 (pMac, WNI_CFG_PRIVACY_ENABLED,
773 &val) != eSIR_SUCCESS) {
774 /**
775 * Could not get Privacy option
776 * from CFG. Log error.
777 */
778 lim_log(pMac, LOGP,
779 FL
780 ("could not retrieve Privacy option"));
781 }
782 cfgPrivacyOptImp = (uint8_t) val;
783 if (!cfgPrivacyOptImp) {
784 /* Log error */
785 PELOGE(lim_log(pMac, LOGE,
786 FL
787 ("received Auth frame for unsupported auth algorithm %d "
788 MAC_ADDRESS_STR),
789 pRxAuthFrameBody->
790 authAlgoNumber,
791 MAC_ADDR_ARRAY(pHdr->sa));
792 )
793
794 /**
795 * Authenticator does not have WEP
796 * implemented.
797 * Reject by sending Authentication frame
798 * with Auth algorithm not supported status
799 * code.
800 */
801 authFrame.authAlgoNumber =
802 pRxAuthFrameBody->authAlgoNumber;
803 authFrame.authTransactionSeqNumber =
804 pRxAuthFrameBody->
805 authTransactionSeqNumber + 1;
806 authFrame.authStatusCode =
807 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
808
809 lim_send_auth_mgmt_frame(pMac, &authFrame,
810 pHdr->sa,
811 LIM_NO_WEP_IN_FC,
812 psessionEntry);
813 return;
814 } else {
815 /* Create entry for this STA */
816 /* in pre-auth list */
817 pAuthNode =
818 lim_acquire_free_pre_auth_node(pMac,
819 &pMac->
820 lim.
821 gLimPreAuthTimerTable);
822 if (pAuthNode == NULL) {
823 /* Log error */
824 lim_log(pMac, LOGW,
825 FL
826 ("Max pre-auth nodes reached "));
827 lim_print_mac_addr(pMac, pHdr->sa,
828 LOGW);
829
830 return;
831 }
832
833 cdf_mem_copy((uint8_t *) pAuthNode->
834 peerMacAddr, pHdr->sa,
835 sizeof(tSirMacAddr));
836
837 pAuthNode->mlmState =
838 eLIM_MLM_WT_AUTH_FRAME3_STATE;
839 pAuthNode->authType = (tAniAuthType)
840 pRxAuthFrameBody->authAlgoNumber;
841 pAuthNode->fSeen = 0;
842 pAuthNode->fTimerStarted = 0;
843 pAuthNode->seq_num =
844 ((pHdr->seqControl.seqNumHi <<
845 4) |
846 (pHdr->seqControl.seqNumLo));
847 pAuthNode->timestamp =
848 cdf_mc_timer_get_system_ticks();
849 lim_add_pre_auth_node(pMac, pAuthNode);
850
851 PELOG1(lim_log
852 (pMac, LOG1,
853 FL
854 ("Alloc new data: %x id %d peer "),
855 pAuthNode,
856 pAuthNode->authNodeIdx);
857 )
858 PELOG1(lim_print_mac_addr
859 (pMac, pHdr->sa, LOG1);
860 )
861 /* / Create and activate Auth Response timer */
862 if (tx_timer_change_context
863 (&pAuthNode->timer,
864 pAuthNode->authNodeIdx) !=
865 TX_SUCCESS) {
866 /* / Could not start Auth response timer. */
867 /* Log error */
868 lim_log(pMac, LOGP,
869 FL
870 ("Unable to chg context auth response timer for peer "));
871 lim_print_mac_addr(pMac, pHdr->sa,
872 LOGP);
873
874 /**
875 * Send Authenticaton frame with
876 * unspecified failure status code.
877 */
878
879 authFrame.authAlgoNumber =
880 pRxAuthFrameBody->
881 authAlgoNumber;
882 authFrame.
883 authTransactionSeqNumber =
884 pRxAuthFrameBody->
885 authTransactionSeqNumber +
886 1;
887 authFrame.authStatusCode =
888 eSIR_MAC_UNSPEC_FAILURE_STATUS;
889
890 lim_send_auth_mgmt_frame(pMac,
891 &authFrame,
892 pHdr->sa,
893 LIM_NO_WEP_IN_FC,
894 psessionEntry);
895
896 lim_delete_pre_auth_node(pMac,
897 pHdr->sa);
898 return;
899 }
900
901 lim_activate_auth_rsp_timer(pMac,
902 pAuthNode);
903
904 pAuthNode->fTimerStarted = 1;
905
906 /* get random bytes and use as */
907 /* challenge text. If it fails we already have random stack bytes. */
908 if (!CDF_IS_STATUS_SUCCESS
909 (cds_rand_get_bytes
910 (0, (uint8_t *) challengeTextArray,
911 SIR_MAC_AUTH_CHALLENGE_LENGTH))) {
912 lim_log(pMac, LOGE,
913 FL
914 ("Challenge text preparation failed in lim_process_auth_frame"));
915 }
916
917 pChallenge = pAuthNode->challengeText;
918
919 cdf_mem_copy(pChallenge,
920 (uint8_t *)
921 challengeTextArray,
922 sizeof
923 (challengeTextArray));
924
925 /**
926 * Sending Authenticaton frame with challenge.
927 */
928
929 authFrame.authAlgoNumber =
930 pRxAuthFrameBody->authAlgoNumber;
931 authFrame.authTransactionSeqNumber =
932 pRxAuthFrameBody->
933 authTransactionSeqNumber + 1;
934 authFrame.authStatusCode =
935 eSIR_MAC_SUCCESS_STATUS;
936 authFrame.type =
937 SIR_MAC_CHALLENGE_TEXT_EID;
938 authFrame.length =
939 SIR_MAC_AUTH_CHALLENGE_LENGTH;
940 cdf_mem_copy(authFrame.challengeText,
941 pAuthNode->challengeText,
942 SIR_MAC_AUTH_CHALLENGE_LENGTH);
943
944 lim_send_auth_mgmt_frame(pMac, &authFrame,
945 pHdr->sa,
946 LIM_NO_WEP_IN_FC,
947 psessionEntry);
948 } /* if (wlan_cfg_get_int(CFG_PRIVACY_OPTION_IMPLEMENTED)) */
949
950 break;
951
952 default:
953 /* Log error */
954 PELOGE(lim_log(pMac, LOGE,
955 FL
956 ("received Auth frame for unsupported auth algorithm %d "
957 MAC_ADDRESS_STR),
958 pRxAuthFrameBody->authAlgoNumber,
959 MAC_ADDR_ARRAY(pHdr->sa));
960 )
961
962 /**
963 * Responding party does not support the
964 * authentication algorithm requested by
965 * sending party.
966 * Reject by sending Authentication frame
967 * with auth algorithm not supported status code
968 */
969 authFrame.authAlgoNumber =
970 pRxAuthFrameBody->authAlgoNumber;
971 authFrame.authTransactionSeqNumber =
972 pRxAuthFrameBody->authTransactionSeqNumber +
973 1;
974 authFrame.authStatusCode =
975 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
976
977 lim_send_auth_mgmt_frame(pMac, &authFrame,
978 pHdr->sa,
979 LIM_NO_WEP_IN_FC,
980 psessionEntry);
981 return;
982 } /* end switch(pRxAuthFrameBody->authAlgoNumber) */
983 } /* if (lim_is_auth_algo_supported(pRxAuthFrameBody->authAlgoNumber)) */
984 else {
985 /* Log error */
986 PELOGE(lim_log(pMac, LOGE,
987 FL
988 ("received Authentication frame for unsupported auth algorithm %d "
989 MAC_ADDRESS_STR),
990 pRxAuthFrameBody->authAlgoNumber,
991 MAC_ADDR_ARRAY(pHdr->sa));
992 )
993
994 /**
995 * Responding party does not support the
996 * authentication algorithm requested by sending party.
997 * Reject Authentication with StatusCode=13.
998 */
999 authFrame.authAlgoNumber =
1000 pRxAuthFrameBody->authAlgoNumber;
1001 authFrame.authTransactionSeqNumber =
1002 pRxAuthFrameBody->authTransactionSeqNumber + 1;
1003 authFrame.authStatusCode =
1004 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
1005
1006 lim_send_auth_mgmt_frame(pMac, &authFrame,
1007 pHdr->sa,
1008 LIM_NO_WEP_IN_FC, psessionEntry);
1009 return;
1010 } /* end if (lim_is_auth_algo_supported(pRxAuthFrameBody->authAlgoNumber)) */
1011 break;
1012
1013 case SIR_MAC_AUTH_FRAME_2:
1014 /* AuthFrame 2 */
1015
1016 if (psessionEntry->limMlmState != eLIM_MLM_WT_AUTH_FRAME2_STATE) {
1017#ifdef WLAN_FEATURE_VOWIFI_11R
1018 /**
1019 * Check if a Reassociation is in progress and this is a
1020 * Pre-Auth frame
1021 */
1022 if ((LIM_IS_STA_ROLE(psessionEntry) ||
1023 LIM_IS_BT_AMP_STA_ROLE(psessionEntry))
1024 && (psessionEntry->limSmeState ==
1025 eLIM_SME_WT_REASSOC_STATE)
1026 && (pRxAuthFrameBody->authStatusCode ==
1027 eSIR_MAC_SUCCESS_STATUS)
1028 && (psessionEntry->ftPEContext.pFTPreAuthReq !=
1029 NULL)
1030 &&
1031 (cdf_mem_compare
1032 (psessionEntry->ftPEContext.pFTPreAuthReq->
1033 preAuthbssId, pHdr->sa, sizeof(tSirMacAddr)))) {
1034 /* Update the FTIEs in the saved auth response */
1035 PELOGW(lim_log
1036 (pMac, LOGW,
1037 FL("received another PreAuth frame2"
1038 " from peer " MAC_ADDRESS_STR
1039 " in Smestate %d"),
1040 MAC_ADDR_ARRAY(pHdr->sa),
1041 psessionEntry->limSmeState);
1042 )
1043
1044 psessionEntry->ftPEContext.
1045 saved_auth_rsp_length = 0;
1046 if ((pBody != NULL)
1047 && (frameLen < MAX_FTIE_SIZE)) {
1048 cdf_mem_copy(psessionEntry->ftPEContext.
1049 saved_auth_rsp, pBody,
1050 frameLen);
1051 psessionEntry->ftPEContext.
1052 saved_auth_rsp_length = frameLen;
1053 }
1054 } else
1055#endif
1056 {
1057 /**
1058 * Received Authentication frame2 in an unexpected state.
1059 * Log error and ignore the frame.
1060 */
1061
1062 /* Log error */
1063 PELOG1(lim_log(pMac, LOG1,
1064 FL
1065 ("received Auth frame2 from peer in state %d, addr "),
1066 psessionEntry->limMlmState);
1067 )
1068 PELOG1(lim_print_mac_addr
1069 (pMac, pHdr->sa, LOG1);
1070 )
1071 }
1072
1073 return;
1074
1075 }
1076
1077 if (!cdf_mem_compare((uint8_t *) pHdr->sa,
1078 (uint8_t *) &pMac->lim.gpLimMlmAuthReq->
1079 peerMacAddr, sizeof(tSirMacAddr))) {
1080 /**
1081 * Received Authentication frame from an entity
1082 * other than one request was initiated.
1083 * Wait until Authentication Failure Timeout.
1084 */
1085
1086 /* Log error */
1087 PELOGW(lim_log(pMac, LOGW,
1088 FL
1089 ("received Auth frame2 from unexpected peer "
1090 MAC_ADDRESS_STR),
1091 MAC_ADDR_ARRAY(pHdr->sa));
1092 )
1093
1094 break;
1095 }
1096
1097 if (pRxAuthFrameBody->authStatusCode ==
1098 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS) {
1099 /**
1100 * Interoperability workaround: Linksys WAP4400N is returning
1101 * wrong authType in OpenAuth response in case of
1102 * SharedKey AP configuration. Pretend we don't see that,
1103 * so upper layer can fallback to SharedKey authType,
1104 * and successfully connect to the AP.
1105 */
1106 if (pRxAuthFrameBody->authAlgoNumber !=
1107 pMac->lim.gpLimMlmAuthReq->authType) {
1108 pRxAuthFrameBody->authAlgoNumber =
1109 pMac->lim.gpLimMlmAuthReq->authType;
1110 }
1111 }
1112
1113 if (pRxAuthFrameBody->authAlgoNumber !=
1114 pMac->lim.gpLimMlmAuthReq->authType) {
1115 /**
1116 * Received Authentication frame with an auth
1117 * algorithm other than one requested.
1118 * Wait until Authentication Failure Timeout.
1119 */
1120
1121 /* Log error */
1122 PELOGW(lim_log(pMac, LOGW,
1123 FL
1124 ("received Auth frame2 for unexpected auth algo number %d "
1125 MAC_ADDRESS_STR),
1126 pRxAuthFrameBody->authAlgoNumber,
1127 MAC_ADDR_ARRAY(pHdr->sa));
1128 )
1129
1130 break;
1131 }
1132
1133 if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS) {
1134 if (pRxAuthFrameBody->authAlgoNumber ==
1135 eSIR_OPEN_SYSTEM) {
1136 psessionEntry->limCurrentAuthType =
1137 eSIR_OPEN_SYSTEM;
1138
1139 pAuthNode =
1140 lim_acquire_free_pre_auth_node(pMac,
1141 &pMac->lim.
1142 gLimPreAuthTimerTable);
1143
1144 if (pAuthNode == NULL) {
1145 /* Log error */
1146 lim_log(pMac, LOGW,
1147 FL
1148 ("Max pre-auth nodes reached "));
1149 lim_print_mac_addr(pMac, pHdr->sa, LOGW);
1150
1151 return;
1152 }
1153
1154 PELOG1(lim_log
1155 (pMac, LOG1,
1156 FL("Alloc new data: %x peer "),
1157 pAuthNode);
1158 )
1159 PELOG1(lim_print_mac_addr
1160 (pMac, pHdr->sa, LOG1);
1161 )
1162
1163 cdf_mem_copy((uint8_t *) pAuthNode->
1164 peerMacAddr,
1165 pMac->lim.gpLimMlmAuthReq->
1166 peerMacAddr,
1167 sizeof(tSirMacAddr));
1168 pAuthNode->fTimerStarted = 0;
1169 pAuthNode->authType =
1170 pMac->lim.gpLimMlmAuthReq->authType;
1171 pAuthNode->seq_num =
1172 ((pHdr->seqControl.seqNumHi << 4) |
1173 (pHdr->seqControl.seqNumLo));
1174 pAuthNode->timestamp =
1175 cdf_mc_timer_get_system_ticks();
1176 lim_add_pre_auth_node(pMac, pAuthNode);
1177
1178 lim_restore_from_auth_state(pMac, eSIR_SME_SUCCESS,
1179 pRxAuthFrameBody->
1180 authStatusCode,
1181 psessionEntry);
1182 } /* if (pRxAuthFrameBody->authAlgoNumber == eSIR_OPEN_SYSTEM) */
1183 else {
1184 /* Shared key authentication */
1185
1186 if (LIM_IS_AP_ROLE(psessionEntry)) {
1187 val = psessionEntry->privacy;
1188 } else
1189 if (wlan_cfg_get_int
1190 (pMac, WNI_CFG_PRIVACY_ENABLED,
1191 &val) != eSIR_SUCCESS) {
1192 /**
1193 * Could not get Privacy option
1194 * from CFG. Log error.
1195 */
1196 lim_log(pMac, LOGP,
1197 FL
1198 ("could not retrieve Privacy option"));
1199 }
1200 cfgPrivacyOptImp = (uint8_t) val;
1201 if (!cfgPrivacyOptImp) {
1202 /**
1203 * Requesting STA does not have WEP implemented.
1204 * Reject with unsupported authentication algorithm
1205 * Status code and wait until auth failure timeout
1206 */
1207
1208 /* Log error */
1209 PELOGE(lim_log(pMac, LOGE,
1210 FL
1211 ("received Auth frame from peer for unsupported auth algo %d "
1212 MAC_ADDRESS_STR),
1213 pRxAuthFrameBody->
1214 authAlgoNumber,
1215 MAC_ADDR_ARRAY(pHdr->sa));
1216 )
1217
1218 authFrame.authAlgoNumber =
1219 pRxAuthFrameBody->authAlgoNumber;
1220 authFrame.authTransactionSeqNumber =
1221 pRxAuthFrameBody->
1222 authTransactionSeqNumber + 1;
1223 authFrame.authStatusCode =
1224 eSIR_MAC_AUTH_ALGO_NOT_SUPPORTED_STATUS;
1225
1226 lim_send_auth_mgmt_frame(pMac, &authFrame,
1227 pHdr->sa,
1228 LIM_NO_WEP_IN_FC,
1229 psessionEntry);
1230 return;
1231 } else {
1232
1233 if (pRxAuthFrameBody->type !=
1234 SIR_MAC_CHALLENGE_TEXT_EID) {
1235 /* Log error */
1236 PELOGE(lim_log(pMac, LOGE,
1237 FL
1238 ("received Auth frame with invalid challenge text IE"));
1239 )
1240
1241 return;
1242 }
1243
1244 if (wlan_cfg_get_int
1245 (pMac,
1246 WNI_CFG_WEP_DEFAULT_KEYID,
1247 &val) != eSIR_SUCCESS) {
1248 /**
1249 * Could not get Default keyId
1250 * from CFG. Log error.
1251 */
1252 lim_log(pMac, LOGP,
1253 FL
1254 ("could not retrieve Default keyId"));
1255 }
1256 keyId = (uint8_t) val;
1257
1258 val = SIR_MAC_KEY_LENGTH;
1259
1260 if (LIM_IS_AP_ROLE(psessionEntry)) {
1261 tpSirKeys pKey;
1262 pKey =
1263 &psessionEntry->
1264 WEPKeyMaterial
1265 [keyId].key[0];
1266 cdf_mem_copy(defaultKey,
1267 pKey->key,
1268 pKey->
1269 keyLength);
1270 } else
1271 if (wlan_cfg_get_str
1272 (pMac,
1273 (uint16_t)
1274 (WNI_CFG_WEP_DEFAULT_KEY_1
1275 + keyId), defaultKey,
1276 &val)
1277 != eSIR_SUCCESS) {
1278 /* / Could not get Default key from CFG. */
1279 /* Log error. */
1280 lim_log(pMac, LOGP,
1281 FL
1282 ("could not retrieve Default key"));
1283
1284 authFrame.authAlgoNumber =
1285 pRxAuthFrameBody->
1286 authAlgoNumber;
1287 authFrame.
1288 authTransactionSeqNumber =
1289 pRxAuthFrameBody->
1290 authTransactionSeqNumber
1291 + 1;
1292 authFrame.authStatusCode =
1293 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
1294
1295 lim_send_auth_mgmt_frame
1296 (pMac, &authFrame,
1297 pHdr->sa,
1298 LIM_NO_WEP_IN_FC,
1299 psessionEntry);
1300
1301 lim_restore_from_auth_state
1302 (pMac,
1303 eSIR_SME_INVALID_WEP_DEFAULT_KEY,
1304 eSIR_MAC_UNSPEC_FAILURE_REASON,
1305 psessionEntry);
1306
1307 break;
1308 }
1309 key_length = val;
1310 ((tpSirMacAuthFrameBody)
1311 plainBody)->authAlgoNumber =
1312 sir_swap_u16if_needed(pRxAuthFrameBody->
1313 authAlgoNumber);
1314 ((tpSirMacAuthFrameBody)
1315 plainBody)->
1316 authTransactionSeqNumber =
1317 sir_swap_u16if_needed((uint16_t)
1318 (pRxAuthFrameBody->
1319 authTransactionSeqNumber + 1));
1320 ((tpSirMacAuthFrameBody)
1321 plainBody)->authStatusCode =
1322 eSIR_MAC_SUCCESS_STATUS;
1323 ((tpSirMacAuthFrameBody)
1324 plainBody)->type =
1325 SIR_MAC_CHALLENGE_TEXT_EID;
1326 ((tpSirMacAuthFrameBody)
1327 plainBody)->length =
1328 SIR_MAC_AUTH_CHALLENGE_LENGTH;
1329 cdf_mem_copy((uint8_t*) ((tpSirMacAuthFrameBody) plainBody)->challengeText,
1330 pRxAuthFrameBody->challengeText,
1331 SIR_MAC_AUTH_CHALLENGE_LENGTH);
1332
1333 lim_encrypt_auth_frame(pMac, keyId,
1334 defaultKey,
1335 plainBody,
1336 encrAuthFrame,
1337 key_length);
1338
1339 psessionEntry->limMlmState =
1340 eLIM_MLM_WT_AUTH_FRAME4_STATE;
1341 MTRACE(mac_trace
1342 (pMac,
1343 TRACE_CODE_MLM_STATE,
1344 psessionEntry->
1345 peSessionId,
1346 psessionEntry->
1347 limMlmState));
1348
1349 lim_send_auth_mgmt_frame(pMac,
1350 (tpSirMacAuthFrameBody)
1351 encrAuthFrame,
1352 pHdr->sa,
1353 LIM_WEP_IN_FC,
1354 psessionEntry);
1355
1356 break;
1357 } /* end if (!wlan_cfg_get_int(CFG_PRIVACY_OPTION_IMPLEMENTED)) */
1358 } /* end if (pRxAuthFrameBody->authAlgoNumber == eSIR_OPEN_SYSTEM) */
1359 } /* if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS) */
1360 else {
1361 /**
1362 * Authentication failure.
1363 * Return Auth confirm with received failure code to SME
1364 */
1365
1366 /* Log error */
1367 PELOGE(lim_log(pMac, LOGE,
1368 FL
1369 ("received Auth frame from peer with failure code %d "
1370 MAC_ADDRESS_STR),
1371 pRxAuthFrameBody->authStatusCode,
1372 MAC_ADDR_ARRAY(pHdr->sa));
1373 )
1374
1375 lim_restore_from_auth_state(pMac, eSIR_SME_AUTH_REFUSED,
1376 pRxAuthFrameBody->
1377 authStatusCode,
1378 psessionEntry);
1379 } /* end if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS) */
1380
1381 break;
1382
1383 case SIR_MAC_AUTH_FRAME_3:
1384 /* AuthFrame 3 */
1385
1386 if (pRxAuthFrameBody->authAlgoNumber != eSIR_SHARED_KEY) {
1387 /* Log error */
1388 PELOGE(lim_log(pMac, LOGE,
1389 FL
1390 ("received Auth frame3 from peer with auth algo number %d "
1391 MAC_ADDRESS_STR),
1392 pRxAuthFrameBody->authAlgoNumber,
1393 MAC_ADDR_ARRAY(pHdr->sa));
1394 )
1395
1396 /**
1397 * Received Authentication frame3 with algorithm other than
1398 * Shared Key authentication type. Reject with Auth frame4
1399 * with 'out of sequence' status code.
1400 */
1401 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1402 authFrame.authTransactionSeqNumber =
1403 SIR_MAC_AUTH_FRAME_4;
1404 authFrame.authStatusCode =
1405 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
1406
1407 lim_send_auth_mgmt_frame(pMac, &authFrame,
1408 pHdr->sa,
1409 LIM_NO_WEP_IN_FC, psessionEntry);
1410 return;
1411 }
1412
1413 if (LIM_IS_AP_ROLE(psessionEntry) ||
1414 LIM_IS_BT_AMP_AP_ROLE(psessionEntry) ||
1415 LIM_IS_IBSS_ROLE(psessionEntry)) {
1416 /**
1417 * Check if wep bit was set in FC. If not set,
1418 * reject with Authentication frame4 with
1419 * 'challenge failure' status code.
1420 */
1421 if (!pHdr->fc.wep) {
1422 /* Log error */
1423 PELOGE(lim_log(pMac, LOGE,
1424 FL
1425 ("received Auth frame3 from peer with no WEP bit set "
1426 MAC_ADDRESS_STR),
1427 MAC_ADDR_ARRAY(pHdr->sa));
1428 )
1429 /* / WEP bit is not set in FC of Auth Frame3 */
1430 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1431 authFrame.authTransactionSeqNumber =
1432 SIR_MAC_AUTH_FRAME_4;
1433 authFrame.authStatusCode =
1434 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
1435
1436 lim_send_auth_mgmt_frame(pMac, &authFrame,
1437 pHdr->sa,
1438 LIM_NO_WEP_IN_FC,
1439 psessionEntry);
1440 return;
1441 }
1442
1443 pAuthNode = lim_search_pre_auth_list(pMac, pHdr->sa);
1444 if (pAuthNode == NULL) {
1445 /* Log error */
1446 PELOGE(lim_log(pMac, LOGW,
1447 FL
1448 ("received AuthFrame3 from peer that has no preauth context "
1449 MAC_ADDRESS_STR),
1450 MAC_ADDR_ARRAY(pHdr->sa));
1451 )
1452 /**
1453 * No 'pre-auth' context exists for
1454 * this STA that sent an Authentication
1455 * frame3.
1456 * Send Auth frame4 with 'out of sequence'
1457 * status code.
1458 */
1459 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1460 authFrame.authTransactionSeqNumber =
1461 SIR_MAC_AUTH_FRAME_4;
1462 authFrame.authStatusCode =
1463 eSIR_MAC_AUTH_FRAME_OUT_OF_SEQ_STATUS;
1464
1465 lim_send_auth_mgmt_frame(pMac, &authFrame,
1466 pHdr->sa,
1467 LIM_NO_WEP_IN_FC,
1468 psessionEntry);
1469 return;
1470 }
1471
1472 if (pAuthNode->mlmState ==
1473 eLIM_MLM_AUTH_RSP_TIMEOUT_STATE) {
1474 /* Log error */
1475 lim_log(pMac, LOGW,
1476 FL
1477 ("auth response timer timedout for peer "
1478 MAC_ADDRESS_STR),
1479 MAC_ADDR_ARRAY(pHdr->sa));
1480
1481 /**
1482 * Received Auth Frame3 after Auth Response timeout.
1483 * Reject by sending Auth Frame4 with
1484 * Auth respone timeout Status Code.
1485 */
1486 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1487 authFrame.authTransactionSeqNumber =
1488 SIR_MAC_AUTH_FRAME_4;
1489 authFrame.authStatusCode =
1490 eSIR_MAC_AUTH_RSP_TIMEOUT_STATUS;
1491
1492 lim_send_auth_mgmt_frame(pMac, &authFrame,
1493 pHdr->sa,
1494 LIM_NO_WEP_IN_FC,
1495 psessionEntry);
1496
1497 /* / Delete pre-auth context of STA */
1498 lim_delete_pre_auth_node(pMac, pHdr->sa);
1499
1500 return;
1501 } /* end switch (pAuthNode->mlmState) */
1502
1503 if (pRxAuthFrameBody->authStatusCode !=
1504 eSIR_MAC_SUCCESS_STATUS) {
1505 /**
1506 * Received Authenetication Frame 3 with status code
1507 * other than success. Wait until Auth response timeout
1508 * to delete STA context.
1509 */
1510
1511 /* Log error */
1512 PELOGE(lim_log(pMac, LOGE,
1513 FL
1514 ("received Auth frame3 from peer with status code %d "
1515 MAC_ADDRESS_STR),
1516 pRxAuthFrameBody->authStatusCode,
1517 MAC_ADDR_ARRAY(pHdr->sa));
1518 )
1519
1520 return;
1521 }
1522
1523 /**
1524 * Check if received challenge text is same as one sent in
1525 * Authentication frame3
1526 */
1527
1528 if (cdf_mem_compare(pRxAuthFrameBody->challengeText,
1529 pAuthNode->challengeText,
1530 SIR_MAC_AUTH_CHALLENGE_LENGTH)) {
1531 /* / Challenge match. STA is autheticated ! */
1532
1533 /* / Delete Authentication response timer if running */
1534 lim_deactivate_and_change_per_sta_id_timer(pMac,
1535 eLIM_AUTH_RSP_TIMER,
1536 pAuthNode->
1537 authNodeIdx);
1538
1539 pAuthNode->fTimerStarted = 0;
1540 pAuthNode->mlmState =
1541 eLIM_MLM_AUTHENTICATED_STATE;
1542
1543 /**
1544 * Send Authentication Frame4 with 'success' Status Code.
1545 */
1546 authFrame.authAlgoNumber = eSIR_SHARED_KEY;
1547 authFrame.authTransactionSeqNumber =
1548 SIR_MAC_AUTH_FRAME_4;
1549 authFrame.authStatusCode =
1550 eSIR_MAC_SUCCESS_STATUS;
1551
1552 lim_send_auth_mgmt_frame(pMac, &authFrame,
1553 pHdr->sa,
1554 LIM_NO_WEP_IN_FC,
1555 psessionEntry);
1556 break;
1557 } else {
1558 /* Log error */
1559 PELOGE(lim_log(pMac, LOGW,
1560 FL("Challenge failure for peer "
1561 MAC_ADDRESS_STR),
1562 MAC_ADDR_ARRAY(pHdr->sa));
1563 )
1564 /**
1565 * Challenge Failure.
1566 * Send Authentication frame4 with 'challenge failure'
1567 * status code and wait until Auth response timeout to
1568 * delete STA context.
1569 */
1570 authFrame.authAlgoNumber =
1571 pRxAuthFrameBody->authAlgoNumber;
1572 authFrame.authTransactionSeqNumber =
1573 SIR_MAC_AUTH_FRAME_4;
1574 authFrame.authStatusCode =
1575 eSIR_MAC_CHALLENGE_FAILURE_STATUS;
1576
1577 lim_send_auth_mgmt_frame(pMac, &authFrame,
1578 pHdr->sa,
1579 LIM_NO_WEP_IN_FC,
1580 psessionEntry);
1581 return;
1582 }
1583 } /* if (pMac->lim.gLimSystemRole == eLIM_AP_ROLE || ... */
1584
1585 break;
1586
1587 case SIR_MAC_AUTH_FRAME_4:
1588 /* AuthFrame 4 */
1589 if (psessionEntry->limMlmState != eLIM_MLM_WT_AUTH_FRAME4_STATE) {
1590 /**
1591 * Received Authentication frame4 in an unexpected state.
1592 * Log error and ignore the frame.
1593 */
1594
1595 /* Log error */
1596 PELOG1(lim_log(pMac, LOG1,
1597 FL
1598 ("received unexpected Auth frame4 from peer in state %d, addr "
1599 MAC_ADDRESS_STR),
1600 psessionEntry->limMlmState,
1601 MAC_ADDR_ARRAY(pHdr->sa));
1602 )
1603
1604 return;
1605 }
1606
1607 if (pRxAuthFrameBody->authAlgoNumber != eSIR_SHARED_KEY) {
1608 /**
1609 * Received Authentication frame4 with algorithm other than
1610 * Shared Key authentication type.
1611 * Wait until Auth failure timeout to report authentication
1612 * failure to SME.
1613 */
1614
1615 /* Log error */
1616 PELOGE(lim_log(pMac, LOGE,
1617 FL
1618 ("received Auth frame4 from peer with invalid auth algo %d "
1619 MAC_ADDRESS_STR),
1620 pRxAuthFrameBody->authAlgoNumber,
1621 MAC_ADDR_ARRAY(pHdr->sa));
1622 )
1623
1624 return;
1625 }
1626
1627 if (!cdf_mem_compare((uint8_t *) pHdr->sa,
1628 (uint8_t *) &pMac->lim.gpLimMlmAuthReq->
1629 peerMacAddr, sizeof(tSirMacAddr))) {
1630 /**
1631 * Received Authentication frame from an entity
1632 * other than one to which request was initiated.
1633 * Wait until Authentication Failure Timeout.
1634 */
1635
1636 /* Log error */
1637 PELOGE(lim_log(pMac, LOGW,
1638 FL
1639 ("received Auth frame4 from unexpected peer "
1640 MAC_ADDRESS_STR),
1641 MAC_ADDR_ARRAY(pHdr->sa));
1642 )
1643
1644 break;
1645 }
1646
1647 if (pRxAuthFrameBody->authAlgoNumber !=
1648 pMac->lim.gpLimMlmAuthReq->authType) {
1649 /**
1650 * Received Authentication frame with an auth algorithm
1651 * other than one requested.
1652 * Wait until Authentication Failure Timeout.
1653 */
1654
1655 PELOGE(lim_log(pMac, LOGE,
1656 FL
1657 ("received Authentication frame from peer with invalid auth seq number %d "
1658 MAC_ADDRESS_STR),
1659 pRxAuthFrameBody->
1660 authTransactionSeqNumber,
1661 MAC_ADDR_ARRAY(pHdr->sa));
1662 )
1663
1664 break;
1665 }
1666
1667 if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS) {
1668 /**
1669 * Authentication Success !
1670 * Inform SME of same.
1671 */
1672 psessionEntry->limCurrentAuthType = eSIR_SHARED_KEY;
1673
1674 pAuthNode =
1675 lim_acquire_free_pre_auth_node(pMac,
1676 &pMac->lim.
1677 gLimPreAuthTimerTable);
1678 if (pAuthNode == NULL) {
1679 /* Log error */
1680 lim_log(pMac, LOGW,
1681 FL("Max pre-auth nodes reached "));
1682 lim_print_mac_addr(pMac, pHdr->sa, LOGW);
1683
1684 return;
1685 }
1686 PELOG1(lim_log
1687 (pMac, LOG1, FL("Alloc new data: %x peer "),
1688 pAuthNode);
1689 lim_print_mac_addr(pMac, pHdr->sa, LOG1);
1690 )
1691
1692 cdf_mem_copy((uint8_t *) pAuthNode->peerMacAddr,
1693 pMac->lim.gpLimMlmAuthReq->peerMacAddr,
1694 sizeof(tSirMacAddr));
1695 pAuthNode->fTimerStarted = 0;
1696 pAuthNode->authType =
1697 pMac->lim.gpLimMlmAuthReq->authType;
1698 pAuthNode->seq_num =
1699 ((pHdr->seqControl.seqNumHi << 4) |
1700 (pHdr->seqControl.seqNumLo));
1701 pAuthNode->timestamp = cdf_mc_timer_get_system_ticks();
1702 lim_add_pre_auth_node(pMac, pAuthNode);
1703
1704 lim_restore_from_auth_state(pMac, eSIR_SME_SUCCESS,
1705 pRxAuthFrameBody->
1706 authStatusCode, psessionEntry);
1707
1708 } /* if (pRxAuthFrameBody->authStatusCode == eSIR_MAC_SUCCESS_STATUS) */
1709 else {
1710 /**
1711 * Authentication failure.
1712 * Return Auth confirm with received failure code to SME
1713 */
1714
1715 /* Log error */
1716 PELOGE(lim_log
1717 (pMac, LOGE,
1718 FL("Authentication failure from peer "
1719 MAC_ADDRESS_STR), MAC_ADDR_ARRAY(pHdr->sa));
1720 )
1721
1722 lim_restore_from_auth_state(pMac, eSIR_SME_AUTH_REFUSED,
1723 pRxAuthFrameBody->
1724 authStatusCode,
1725 psessionEntry);
1726 } /* end if (pRxAuthFrameBody->Status == 0) */
1727
1728 break;
1729
1730 default:
1731 /* / Invalid Authentication Frame received. Ignore it. */
1732
1733 /* Log error */
1734 PELOGE(lim_log(pMac, LOGE,
1735 FL
1736 ("received Auth frame from peer with invalid auth seq "
1737 "number %d " MAC_ADDRESS_STR),
1738 pRxAuthFrameBody->authTransactionSeqNumber,
1739 MAC_ADDR_ARRAY(pHdr->sa));
1740 )
1741
1742 break;
1743 } /* end switch (pRxAuthFrameBody->authTransactionSeqNumber) */
1744} /*** end lim_process_auth_frame() ***/
1745
1746#ifdef WLAN_FEATURE_VOWIFI_11R
1747
1748/*----------------------------------------------------------------------
1749 *
1750 * Pass the received Auth frame. This is possibly the pre-auth from the
1751 * neighbor AP, in the same mobility domain.
1752 * This will be used in case of 11r FT.
1753 *
1754 * !!!! This is going to be renoved for the next checkin. We will be creating
1755 * the session before sending out the Auth. Thus when auth response
1756 * is received we will have a session in progress. !!!!!
1757 ***----------------------------------------------------------------------
1758 */
1759tSirRetStatus lim_process_auth_frame_no_session(tpAniSirGlobal pMac, uint8_t *pBd,
1760 void *body)
1761{
1762 tpSirMacMgmtHdr pHdr;
1763 tpPESession psessionEntry = NULL;
1764 uint8_t *pBody;
1765 uint16_t frameLen;
1766 tSirMacAuthFrameBody rxAuthFrame;
1767 tSirMacAuthFrameBody *pRxAuthFrameBody = NULL;
1768 tSirRetStatus ret_status = eSIR_FAILURE;
1769 int i;
1770
1771 pHdr = WMA_GET_RX_MAC_HEADER(pBd);
1772 pBody = WMA_GET_RX_MPDU_DATA(pBd);
1773 frameLen = WMA_GET_RX_PAYLOAD_LEN(pBd);
1774
1775 lim_log(pMac, LOG1,
1776 FL("Auth Frame Received: BSSID " MAC_ADDRESS_STR " (RSSI %d)"),
1777 MAC_ADDR_ARRAY(pHdr->bssId),
1778 (uint) abs((int8_t) WMA_GET_RX_RSSI_DB(pBd)));
1779
1780 /* Auth frame has come on a new BSS, however, we need to find the session
1781 * from where the auth-req was sent to the new AP
1782 */
1783 for (i = 0; i < pMac->lim.maxBssId; i++) {
1784 /* Find first free room in session table */
1785 if (pMac->lim.gpSession[i].valid == true &&
1786 pMac->lim.gpSession[i].ftPEContext.ftPreAuthSession ==
1787 true) {
1788 /* Found the session */
1789 psessionEntry = &pMac->lim.gpSession[i];
1790 pMac->lim.gpSession[i].ftPEContext.ftPreAuthSession =
1791 false;
1792 }
1793 }
1794
1795 if (psessionEntry == NULL) {
1796 lim_log(pMac, LOGE,
1797 FL
1798 ("Error: Unable to find session id while in pre-auth phase for FT"));
1799 return eSIR_FAILURE;
1800 }
1801
1802 if (psessionEntry->ftPEContext.pFTPreAuthReq == NULL) {
1803 lim_log(pMac, LOGE, FL("Error: No FT"));
1804 /* No FT in progress. */
1805 return eSIR_FAILURE;
1806 }
1807
1808 if (frameLen == 0) {
1809 lim_log(pMac, LOGE, FL("Error: Frame len = 0"));
1810 return eSIR_FAILURE;
1811 }
1812#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1813 lim_print_mac_addr(pMac, pHdr->bssId, LOG2);
1814 lim_print_mac_addr(pMac,
1815 psessionEntry->ftPEContext.pFTPreAuthReq->preAuthbssId,
1816 LOG2);
1817 lim_log(pMac, LOG2, FL("seqControl 0x%X"),
1818 ((pHdr->seqControl.seqNumHi << 8) | (pHdr->seqControl.
1819 seqNumLo << 4) | (pHdr->
1820 seqControl.
1821 fragNum)));
1822#endif
1823
1824 /* Check that its the same bssId we have for preAuth */
1825 if (!cdf_mem_compare
1826 (psessionEntry->ftPEContext.pFTPreAuthReq->preAuthbssId,
1827 pHdr->bssId, sizeof(tSirMacAddr))) {
1828 lim_log(pMac, LOGE, FL("Error: Same bssid as preauth BSSID"));
1829 /* In this case SME if indeed has triggered a */
1830 /* pre auth it will time out. */
1831 return eSIR_FAILURE;
1832 }
1833
1834 if (true ==
1835 psessionEntry->ftPEContext.pFTPreAuthReq->bPreAuthRspProcessed) {
1836 /*
1837 * This is likely a duplicate for the same pre-auth request.
1838 * PE/LIM already posted a response to SME. Hence, drop it.
1839 * TBD:
1840 * 1) How did we even receive multiple auth responses?
1841 * 2) Do we need to delete pre-auth session? Suppose we
1842 * previously received an auth resp with failure which
1843 * would not have created the session and forwarded to SME.
1844 * And, we subsequently received an auth resp with success
1845 * which would have created the session. This will now be
1846 * dropped without being forwarded to SME! However, it is
1847 * very unlikely to receive auth responses from the same
1848 * AP with different reason codes.
1849 * NOTE: return eSIR_SUCCESS so that the packet is dropped
1850 * as this was indeed a response from the BSSID we tried to
1851 * pre-auth.
1852 */
1853 PELOGE(lim_log(pMac, LOG1, "Auth rsp already posted to SME"
1854 " (session %p, FT session %p)", psessionEntry,
1855 psessionEntry);
1856 );
1857 return eSIR_SUCCESS;
1858 } else {
1859 PELOGE(lim_log(pMac, LOGW, "Auth rsp not yet posted to SME"
1860 " (session %p, FT session %p)", psessionEntry,
1861 psessionEntry);
1862 );
1863 psessionEntry->ftPEContext.pFTPreAuthReq->bPreAuthRspProcessed =
1864 true;
1865 }
1866
1867#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1868 lim_log(pMac, LOG1, FL("Pre-Auth response received from neighbor"));
1869 lim_log(pMac, LOG1, FL("Pre-Auth done state"));
1870#endif
1871 /* Stopping timer now, that we have our unicast from the AP */
1872 /* of our choice. */
1873 lim_deactivate_and_change_timer(pMac, eLIM_FT_PREAUTH_RSP_TIMER);
1874
1875 /* Save off the auth resp. */
1876 if ((sir_convert_auth_frame2_struct(pMac, pBody, frameLen, &rxAuthFrame) !=
1877 eSIR_SUCCESS)) {
1878 lim_log(pMac, LOGE,
1879 FL("failed to convert Auth frame to struct"));
1880 lim_handle_ft_pre_auth_rsp(pMac, eSIR_FAILURE, NULL, 0,
1881 psessionEntry);
1882 return eSIR_FAILURE;
1883 }
1884 pRxAuthFrameBody = &rxAuthFrame;
1885
1886#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1887 PELOGE(lim_log(pMac, LOG1,
1888 FL
1889 ("Received Auth frame with type=%d seqnum=%d, status=%d (%d)"),
1890 (uint32_t) pRxAuthFrameBody->authAlgoNumber,
1891 (uint32_t) pRxAuthFrameBody->authTransactionSeqNumber,
1892 (uint32_t) pRxAuthFrameBody->authStatusCode,
1893 (uint32_t) pMac->lim.gLimNumPreAuthContexts);
1894 )
1895#endif
1896 switch (pRxAuthFrameBody->authTransactionSeqNumber) {
1897 case SIR_MAC_AUTH_FRAME_2:
1898 if (pRxAuthFrameBody->authStatusCode != eSIR_MAC_SUCCESS_STATUS) {
1899#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1900 PELOGE(lim_log
1901 (pMac, LOGE, "Auth status code received is %d",
1902 (uint32_t) pRxAuthFrameBody->authStatusCode);
1903 );
1904#endif
1905 if (eSIR_MAC_MAX_ASSOC_STA_REACHED_STATUS ==
1906 pRxAuthFrameBody->authStatusCode)
1907 ret_status = eSIR_LIM_MAX_STA_REACHED_ERROR;
1908 } else {
1909 ret_status = eSIR_SUCCESS;
1910 }
1911 break;
1912
1913 default:
1914#ifdef WLAN_FEATURE_VOWIFI_11R_DEBUG
1915 PELOGE(lim_log
1916 (pMac, LOGE, "Seq. no incorrect expected 2 received %d",
1917 (uint32_t) pRxAuthFrameBody->authTransactionSeqNumber);
1918 )
1919#endif
1920 break;
1921 }
1922
1923 /* Send the Auth response to SME */
1924 lim_handle_ft_pre_auth_rsp(pMac, ret_status, pBody, frameLen, psessionEntry);
1925
1926 return ret_status;
1927}
1928
1929#endif /* WLAN_FEATURE_VOWIFI_11R */