2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Purpose: Handles the 802.11 management functions
29 * nsMgrObjectInitial - Initialize Management Object data structure
30 * vMgrObjectReset - Reset Management Object data structure
31 * vMgrAssocBeginSta - Start associate function
32 * vMgrReAssocBeginSta - Start reassociate function
33 * vMgrDisassocBeginSta - Start disassociate function
34 * s_vMgrRxAssocRequest - Handle Rcv associate_request
35 * s_vMgrRxAssocResponse - Handle Rcv associate_response
36 * vMrgAuthenBeginSta - Start authentication function
37 * vMgrDeAuthenDeginSta - Start deauthentication function
38 * s_vMgrRxAuthentication - Handle Rcv authentication
39 * s_vMgrRxAuthenSequence_1 - Handle Rcv authentication sequence 1
40 * s_vMgrRxAuthenSequence_2 - Handle Rcv authentication sequence 2
41 * s_vMgrRxAuthenSequence_3 - Handle Rcv authentication sequence 3
42 * s_vMgrRxAuthenSequence_4 - Handle Rcv authentication sequence 4
43 * s_vMgrRxDisassociation - Handle Rcv disassociation
44 * s_vMgrRxBeacon - Handle Rcv Beacon
45 * vMgrCreateOwnIBSS - Create ad_hoc IBSS or AP BSS
46 * vMgrJoinBSSBegin - Join BSS function
47 * s_vMgrSynchBSS - Synch & adopt BSS parameters
48 * s_MgrMakeBeacon - Create Baecon frame
49 * s_MgrMakeProbeResponse - Create Probe Response frame
50 * s_MgrMakeAssocRequest - Create Associate Request frame
51 * s_MgrMakeReAssocRequest - Create ReAssociate Request frame
52 * s_vMgrRxProbeResponse - Handle Rcv probe_response
53 * s_vMrgRxProbeRequest - Handle Rcv probe_request
54 * bMgrPrepareBeaconToSend - Prepare Beacon frame
55 * s_vMgrLogStatus - Log 802.11 Status
56 * vMgrRxManagePacket - Rcv management frame dispatch function
57 * s_vMgrFormatTIM- Assembler TIM field of beacon
58 * vMgrTimerInit- Initial 1-sec and command call back funtions
85 /*--------------------- Static Definitions -------------------------*/
87 /*--------------------- Static Classes ----------------------------*/
89 /*--------------------- Static Variables --------------------------*/
90 static int msglevel = MSG_LEVEL_INFO;
92 /*--------------------- Static Functions --------------------------*/
93 //2008-8-4 <add> by chester
94 static bool ChannelExceedZoneType(
96 unsigned char byCurrChannel
99 // Association/diassociation functions
102 s_MgrMakeAssocRequest(
105 unsigned char *pDAddr,
106 unsigned short wCurrCapInfo,
107 unsigned short wListenInterval,
108 PWLAN_IE_SSID pCurrSSID,
109 PWLAN_IE_SUPP_RATES pCurrRates,
110 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
115 s_vMgrRxAssocRequest(
118 PSRxMgmtPacket pRxPacket,
119 unsigned int uNodeIndex
124 s_MgrMakeReAssocRequest(
127 unsigned char *pDAddr,
128 unsigned short wCurrCapInfo,
129 unsigned short wListenInterval,
130 PWLAN_IE_SSID pCurrSSID,
131 PWLAN_IE_SUPP_RATES pCurrRates,
132 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
137 s_vMgrRxAssocResponse(
140 PSRxMgmtPacket pRxPacket,
146 s_vMgrRxDisassociation(
149 PSRxMgmtPacket pRxPacket
152 // Authentication/deauthen functions
155 s_vMgrRxAuthenSequence_1(
158 PWLAN_FR_AUTHEN pFrame
163 s_vMgrRxAuthenSequence_2(
166 PWLAN_FR_AUTHEN pFrame
171 s_vMgrRxAuthenSequence_3(
174 PWLAN_FR_AUTHEN pFrame
179 s_vMgrRxAuthenSequence_4(
182 PWLAN_FR_AUTHEN pFrame
187 s_vMgrRxAuthentication(
190 PSRxMgmtPacket pRxPacket
195 s_vMgrRxDeauthentication(
198 PSRxMgmtPacket pRxPacket
202 // probe request/response functions
205 s_vMgrRxProbeRequest(
208 PSRxMgmtPacket pRxPacket
213 s_vMgrRxProbeResponse(
216 PSRxMgmtPacket pRxPacket
225 PSRxMgmtPacket pRxPacket,
241 unsigned short wCurrCapInfo,
242 unsigned short wCurrBeaconPeriod,
243 unsigned int uCurrChannel,
244 unsigned short wCurrATIMWinodw,
245 PWLAN_IE_SSID pCurrSSID,
246 unsigned char *pCurrBSSID,
247 PWLAN_IE_SUPP_RATES pCurrSuppRates,
248 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
251 // Association response
254 s_MgrMakeAssocResponse(
257 unsigned short wCurrCapInfo,
258 unsigned short wAssocStatus,
259 unsigned short wAssocAID,
260 unsigned char *pDstAddr,
261 PWLAN_IE_SUPP_RATES pCurrSuppRates,
262 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
265 // ReAssociation response
268 s_MgrMakeReAssocResponse(
271 unsigned short wCurrCapInfo,
272 unsigned short wAssocStatus,
273 unsigned short wAssocAID,
274 unsigned char *pDstAddr,
275 PWLAN_IE_SUPP_RATES pCurrSuppRates,
276 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
282 s_MgrMakeProbeResponse(
285 unsigned short wCurrCapInfo,
286 unsigned short wCurrBeaconPeriod,
287 unsigned int uCurrChannel,
288 unsigned short wCurrATIMWinodw,
289 unsigned char *pDstAddr,
290 PWLAN_IE_SSID pCurrSSID,
291 unsigned char *pCurrBSSID,
292 PWLAN_IE_SUPP_RATES pCurrSuppRates,
293 PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
294 unsigned char byPHYType
302 unsigned short wStatus
309 unsigned int uBSSMode,
317 NDIS_802_11_ENCRYPTION_STATUS EncStatus,
318 unsigned char *pbyCCSPK,
319 unsigned char *pbyCCSGK
322 static void Encyption_Rebuild(
327 /*--------------------- Export Variables --------------------------*/
329 /*--------------------- Export Functions --------------------------*/
333 * Routine Description:
334 * Allocates and initializes the Management object.
346 PSDevice pDevice = (PSDevice)hDeviceContext;
347 PSMgmtObject pMgmt = pDevice->pMgmt;
350 pMgmt->pbyPSPacketPool = &pMgmt->byPSPacketPool[0];
351 pMgmt->pbyMgmtPacketPool = &pMgmt->byMgmtPacketPool[0];
352 pMgmt->uCurrChannel = pDevice->uChannel;
353 for (ii = 0; ii < WLAN_BSSID_LEN; ii++)
354 pMgmt->abyDesireBSSID[ii] = 0xFF;
356 pMgmt->sAssocInfo.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
357 pMgmt->byCSSPK = KEY_CTL_NONE;
358 pMgmt->byCSSGK = KEY_CTL_NONE;
359 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
360 BSSvClearBSSList((void *)pDevice, false);
365 * Routine Description:
366 * Initializes timer object
378 PSDevice pDevice = (PSDevice)hDeviceContext;
379 PSMgmtObject pMgmt = pDevice->pMgmt;
381 init_timer(&pMgmt->sTimerSecondCallback);
382 pMgmt->sTimerSecondCallback.data = (unsigned long) pDevice;
383 pMgmt->sTimerSecondCallback.function = (TimerFunction)BSSvSecondCallBack;
384 pMgmt->sTimerSecondCallback.expires = RUN_AT(HZ);
386 init_timer(&pDevice->sTimerCommand);
387 pDevice->sTimerCommand.data = (unsigned long) pDevice;
388 pDevice->sTimerCommand.function = (TimerFunction)vCommandTimer;
389 pDevice->sTimerCommand.expires = RUN_AT(HZ);
392 init_timer(&pDevice->sTimerTxData);
393 pDevice->sTimerTxData.data = (unsigned long) pDevice;
394 pDevice->sTimerTxData.function = (TimerFunction)BSSvSecondTxData;
395 pDevice->sTimerTxData.expires = RUN_AT(10*HZ); //10s callback
396 pDevice->fTxDataInSleep = false;
397 pDevice->IsTxDataTrigger = false;
398 pDevice->nTxDataTimeCout = 0;
401 pDevice->cbFreeCmdQueue = CMD_Q_SIZE;
402 pDevice->uCmdDequeueIdx = 0;
403 pDevice->uCmdEnqueueIdx = 0;
408 * Routine Description:
409 * Reset the management object structure.
421 PSDevice pDevice = (PSDevice)hDeviceContext;
422 PSMgmtObject pMgmt = pDevice->pMgmt;
424 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
425 pMgmt->eCurrState = WMAC_STATE_IDLE;
426 pDevice->bEnablePSMode = false;
432 * Routine Description:
433 * Start the station association procedure. Namely, send an
434 * association request frame to the AP.
443 void *hDeviceContext,
448 PSDevice pDevice = (PSDevice)hDeviceContext;
449 PSTxMgmtPacket pTxPacket;
451 pMgmt->wCurrCapInfo = 0;
452 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
453 if (pDevice->bEncryptionEnable)
454 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
456 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
457 if (pMgmt->wListenInterval == 0)
458 pMgmt->wListenInterval = 1; // at least one.
460 // ERP Phy (802.11g) should support short preamble.
461 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
462 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
463 if (CARDbIsShorSlotTime(pMgmt->pAdapter))
464 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
465 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
466 if (CARDbIsShortPreamble(pMgmt->pAdapter))
467 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
469 if (pMgmt->b11hEnable)
470 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
472 /* build an assocreq frame and send it */
473 pTxPacket = s_MgrMakeAssocRequest
479 pMgmt->wListenInterval,
480 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
481 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
482 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
485 if (pTxPacket != NULL) {
487 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
488 if (*pStatus == CMD_STATUS_PENDING) {
489 pMgmt->eCurrState = WMAC_STATE_ASSOCPENDING;
490 *pStatus = CMD_STATUS_SUCCESS;
493 *pStatus = CMD_STATUS_RESOURCES;
499 * Routine Description:
500 * Start the station re-association procedure.
509 void *hDeviceContext,
514 PSDevice pDevice = (PSDevice)hDeviceContext;
515 PSTxMgmtPacket pTxPacket;
517 pMgmt->wCurrCapInfo = 0;
518 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
519 if (pDevice->bEncryptionEnable)
520 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
522 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
524 if (pMgmt->wListenInterval == 0)
525 pMgmt->wListenInterval = 1; // at least one.
527 // ERP Phy (802.11g) should support short preamble.
528 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
529 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
530 if (CARDbIsShorSlotTime(pMgmt->pAdapter))
531 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
532 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
533 if (CARDbIsShortPreamble(pMgmt->pAdapter))
534 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
537 if (pMgmt->b11hEnable)
538 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
540 pTxPacket = s_MgrMakeReAssocRequest
546 pMgmt->wListenInterval,
547 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
548 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
549 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
552 if (pTxPacket != NULL) {
554 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
555 if (*pStatus != CMD_STATUS_PENDING)
556 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx failed.\n");
558 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx sending.\n");
564 * Routine Description:
565 * Send an dis-association request frame to the AP.
573 vMgrDisassocBeginSta(
574 void *hDeviceContext,
576 unsigned char *abyDestAddress,
577 unsigned short wReason,
581 PSDevice pDevice = (PSDevice)hDeviceContext;
582 PSTxMgmtPacket pTxPacket = NULL;
583 WLAN_FR_DISASSOC sFrame;
585 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
586 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DISASSOC_FR_MAXLEN);
587 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
589 // Setup the sFrame structure
590 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
591 sFrame.len = WLAN_DISASSOC_FR_MAXLEN;
593 // format fixed field frame structure
594 vMgrEncodeDisassociation(&sFrame);
597 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
599 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
600 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DISASSOC)
603 memcpy(sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
604 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
605 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
608 *(sFrame.pwReason) = cpu_to_le16(wReason);
609 pTxPacket->cbMPDULen = sFrame.len;
610 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
613 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
614 if (*pStatus == CMD_STATUS_PENDING) {
615 pMgmt->eCurrState = WMAC_STATE_IDLE;
616 *pStatus = CMD_STATUS_SUCCESS;
622 * Routine Description:(AP function)
623 * Handle incoming station association request frames.
632 s_vMgrRxAssocRequest(
635 PSRxMgmtPacket pRxPacket,
636 unsigned int uNodeIndex
639 WLAN_FR_ASSOCREQ sFrame;
641 PSTxMgmtPacket pTxPacket;
642 unsigned short wAssocStatus = 0;
643 unsigned short wAssocAID = 0;
644 unsigned int uRateLen = WLAN_RATES_MAXLEN;
645 unsigned char abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
646 unsigned char abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
648 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
650 // node index not found
654 //check if node is authenticated
656 memset(&sFrame, 0, sizeof(WLAN_FR_ASSOCREQ));
657 memset(abyCurrSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
658 memset(abyCurrExtSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
659 sFrame.len = pRxPacket->cbMPDULen;
660 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
662 vMgrDecodeAssocRequest(&sFrame);
664 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
665 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
666 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
667 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
668 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
669 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? true : false;
670 // Todo: check sta basic rate, if ap can't support, set status code
671 if (pDevice->eCurrentPHYType == PHY_TYPE_11B)
672 uRateLen = WLAN_RATES_MAXLEN_11B;
674 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
675 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
676 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
678 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
679 if (pDevice->eCurrentPHYType == PHY_TYPE_11G)
680 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
681 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
684 abyCurrExtSuppRates[1] = 0;
686 RATEvParseMaxRate((void *)pDevice,
687 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
688 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
689 false, // do not change our basic rate
690 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
691 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
692 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
693 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
694 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
698 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
699 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
701 printk("RxAssocRequest:wTxDataRate is %d\n", pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate);
703 // Todo: check sta preamble, if ap can't support, set status code
704 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
705 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
706 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
707 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
708 pMgmt->sNodeDBTable[uNodeIndex].wAID = (unsigned short)uNodeIndex;
709 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
710 wAssocAID = (unsigned short)uNodeIndex;
711 // check if ERP support
712 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
713 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = true;
715 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
717 pDevice->bProtectMode = true;
718 pDevice->bNonERPPresent = true;
720 if (!pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble)
721 pDevice->bBarkerPreambleMd = true;
723 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Associate AID= %d \n", wAssocAID);
724 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
725 sFrame.pHdr->sA3.abyAddr2[0],
726 sFrame.pHdr->sA3.abyAddr2[1],
727 sFrame.pHdr->sA3.abyAddr2[2],
728 sFrame.pHdr->sA3.abyAddr2[3],
729 sFrame.pHdr->sA3.abyAddr2[4],
730 sFrame.pHdr->sA3.abyAddr2[5]
732 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
733 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
735 /* TODO: received STA under state1 handle */
739 // assoc response reply..
740 pTxPacket = s_MgrMakeAssocResponse
747 sFrame.pHdr->sA3.abyAddr2,
748 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
749 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
751 if (pTxPacket != NULL) {
752 if (pDevice->bEnableHostapd)
756 Status = csMgmt_xmit(pDevice, pTxPacket);
757 if (Status != CMD_STATUS_PENDING)
758 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx failed\n");
760 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx sending..\n");
766 * Description:(AP function)
767 * Handle incoming station re-association request frames.
771 * pMgmt - Management Object structure
772 * pRxPacket - Received Packet
776 * Return Value: None.
782 s_vMgrRxReAssocRequest(
785 PSRxMgmtPacket pRxPacket,
786 unsigned int uNodeIndex
789 WLAN_FR_REASSOCREQ sFrame;
791 PSTxMgmtPacket pTxPacket;
792 unsigned short wAssocStatus = 0;
793 unsigned short wAssocAID = 0;
794 unsigned int uRateLen = WLAN_RATES_MAXLEN;
795 unsigned char abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
796 unsigned char abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
798 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
800 // node index not found
803 //check if node is authenticated
805 memset(&sFrame, 0, sizeof(WLAN_FR_REASSOCREQ));
806 sFrame.len = pRxPacket->cbMPDULen;
807 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
808 vMgrDecodeReassocRequest(&sFrame);
810 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
811 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
812 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
813 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
814 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
815 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? true : false;
816 // Todo: check sta basic rate, if ap can't support, set status code
818 if (pDevice->eCurrentPHYType == PHY_TYPE_11B)
819 uRateLen = WLAN_RATES_MAXLEN_11B;
821 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
822 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
823 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
825 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
826 if (pDevice->eCurrentPHYType == PHY_TYPE_11G) {
827 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
828 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
831 abyCurrExtSuppRates[1] = 0;
834 RATEvParseMaxRate((void *)pDevice,
835 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
836 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
837 false, // do not change our basic rate
838 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
839 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
840 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
841 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
842 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
846 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
847 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
849 printk("RxReAssocRequest:TxDataRate is %d\n", pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate);
851 // Todo: check sta preamble, if ap can't support, set status code
852 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
853 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
854 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
855 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
856 pMgmt->sNodeDBTable[uNodeIndex].wAID = (unsigned short)uNodeIndex;
857 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
858 wAssocAID = (unsigned short)uNodeIndex;
861 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
862 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = true;
864 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
866 pDevice->bProtectMode = true;
867 pDevice->bNonERPPresent = true;
869 if (!pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble)
870 pDevice->bBarkerPreambleMd = true;
872 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Rx ReAssociate AID= %d \n", wAssocAID);
873 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
874 sFrame.pHdr->sA3.abyAddr2[0],
875 sFrame.pHdr->sA3.abyAddr2[1],
876 sFrame.pHdr->sA3.abyAddr2[2],
877 sFrame.pHdr->sA3.abyAddr2[3],
878 sFrame.pHdr->sA3.abyAddr2[4],
879 sFrame.pHdr->sA3.abyAddr2[5]
881 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
882 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
886 // assoc response reply..
887 pTxPacket = s_MgrMakeReAssocResponse
894 sFrame.pHdr->sA3.abyAddr2,
895 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
896 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
899 if (pTxPacket != NULL) {
901 if (pDevice->bEnableHostapd)
904 Status = csMgmt_xmit(pDevice, pTxPacket);
905 if (Status != CMD_STATUS_PENDING)
906 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx failed\n");
908 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx sending..\n");
914 * Routine Description:
915 * Handle incoming association response frames.
924 s_vMgrRxAssocResponse(
927 PSRxMgmtPacket pRxPacket,
931 WLAN_FR_ASSOCRESP sFrame;
932 PWLAN_IE_SSID pItemSSID;
933 unsigned char *pbyIEs;
934 viawget_wpa_header *wpahdr;
936 if (pMgmt->eCurrState == WMAC_STATE_ASSOCPENDING ||
937 pMgmt->eCurrState == WMAC_STATE_ASSOC) {
938 sFrame.len = pRxPacket->cbMPDULen;
939 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
941 vMgrDecodeAssocResponse(&sFrame);
942 if ((sFrame.pwCapInfo == NULL) ||
943 (sFrame.pwStatus == NULL) ||
944 (sFrame.pwAid == NULL) ||
945 (sFrame.pSuppRates == NULL)) {
950 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.Capabilities = *(sFrame.pwCapInfo);
951 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.StatusCode = *(sFrame.pwStatus);
952 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.AssociationId = *(sFrame.pwAid);
953 pMgmt->sAssocInfo.AssocInfo.AvailableResponseFixedIEs |= 0x07;
955 pMgmt->sAssocInfo.AssocInfo.ResponseIELength = sFrame.len - 24 - 6;
956 pMgmt->sAssocInfo.AssocInfo.OffsetResponseIEs = pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs + pMgmt->sAssocInfo.AssocInfo.RequestIELength;
957 pbyIEs = pMgmt->sAssocInfo.abyIEs;
958 pbyIEs += pMgmt->sAssocInfo.AssocInfo.RequestIELength;
959 memcpy(pbyIEs, (sFrame.pBuf + 24 + 6), pMgmt->sAssocInfo.AssocInfo.ResponseIELength);
961 // save values and set current BSS state
962 if (cpu_to_le16((*(sFrame.pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
964 pMgmt->wCurrAID = cpu_to_le16((*(sFrame.pwAid)));
965 if ((pMgmt->wCurrAID >> 14) != (BIT0 | BIT1))
966 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "AID from AP, has two msb clear.\n");
968 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Association Successful, AID=%d.\n", pMgmt->wCurrAID & ~(BIT14 | BIT15));
969 pMgmt->eCurrState = WMAC_STATE_ASSOC;
970 BSSvUpdateAPNode((void *)pDevice, sFrame.pwCapInfo, sFrame.pSuppRates, sFrame.pExtSuppRates);
971 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyCurrSSID;
972 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Link with AP(SSID): %s\n", pItemSSID->abySSID);
973 pDevice->bLinkPass = true;
974 pDevice->uBBVGADiffCount = 0;
975 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
976 if (skb_tailroom(pDevice->skb) < (sizeof(viawget_wpa_header) + pMgmt->sAssocInfo.AssocInfo.ResponseIELength +
977 pMgmt->sAssocInfo.AssocInfo.RequestIELength)) { //data room not enough
978 dev_kfree_skb(pDevice->skb);
979 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
981 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
982 wpahdr->type = VIAWGET_ASSOC_MSG;
983 wpahdr->resp_ie_len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
984 wpahdr->req_ie_len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
985 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header), pMgmt->sAssocInfo.abyIEs, wpahdr->req_ie_len);
986 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header) + wpahdr->req_ie_len,
990 skb_put(pDevice->skb, sizeof(viawget_wpa_header) + wpahdr->resp_ie_len + wpahdr->req_ie_len);
991 pDevice->skb->dev = pDevice->wpadev;
992 skb_reset_mac_header(pDevice->skb);
993 pDevice->skb->pkt_type = PACKET_HOST;
994 pDevice->skb->protocol = htons(ETH_P_802_2);
995 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
996 netif_rx(pDevice->skb);
997 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1000 //2008-0409-07, <Add> by Einsn Liu
1001 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1003 unsigned char buf[512];
1005 union iwreq_data wrqu;
1008 memset(buf, 0, 512);
1010 len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1012 memcpy(buf, pMgmt->sAssocInfo.abyIEs, len);
1013 memset(&wrqu, 0, sizeof(wrqu));
1014 wrqu.data.length = len;
1015 we_event = IWEVASSOCREQIE;
1016 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1019 memset(buf, 0, 512);
1020 len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
1023 memcpy(buf, pbyIEs, len);
1024 memset(&wrqu, 0, sizeof(wrqu));
1025 wrqu.data.length = len;
1026 we_event = IWEVASSOCRESPIE;
1027 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1030 memset(&wrqu, 0, sizeof(wrqu));
1031 memcpy(wrqu.ap_addr.sa_data, &pMgmt->abyCurrBSSID[0], ETH_ALEN);
1032 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1033 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1035 #endif //#ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1036 //End Add -- //2008-0409-07, <Add> by Einsn Liu
1039 pMgmt->eCurrState = WMAC_STATE_IDLE;
1041 // jump back to the auth state and indicate the error
1042 pMgmt->eCurrState = WMAC_STATE_AUTH;
1044 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(sFrame.pwStatus))));
1049 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1050 //need clear flags related to Networkmanager
1052 pDevice->bwextcount = 0;
1053 pDevice->bWPASuppWextEnabled = false;
1056 if (pMgmt->eCurrState == WMAC_STATE_ASSOC)
1057 timer_expire(pDevice->sTimerCommand, 0);
1062 * Routine Description:
1063 * Start the station authentication procedure. Namely, send an
1064 * authentication frame to the AP.
1073 void *hDeviceContext,
1078 PSDevice pDevice = (PSDevice)hDeviceContext;
1079 WLAN_FR_AUTHEN sFrame;
1080 PSTxMgmtPacket pTxPacket = NULL;
1082 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1083 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1084 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1085 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1086 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1087 vMgrEncodeAuthen(&sFrame);
1089 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1091 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1092 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)
1094 memcpy(sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_ADDR_LEN);
1095 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1096 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1097 if (pMgmt->bShareKeyAlgorithm)
1098 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_SHAREDKEY);
1100 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_OPENSYSTEM);
1102 *(sFrame.pwAuthSequence) = cpu_to_le16(1);
1103 /* Adjust the length fields */
1104 pTxPacket->cbMPDULen = sFrame.len;
1105 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1107 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1108 if (*pStatus == CMD_STATUS_PENDING) {
1109 pMgmt->eCurrState = WMAC_STATE_AUTHPENDING;
1110 *pStatus = CMD_STATUS_SUCCESS;
1116 * Routine Description:
1117 * Start the station(AP) deauthentication procedure. Namely, send an
1118 * deauthentication frame to the AP or Sta.
1126 vMgrDeAuthenBeginSta(
1127 void *hDeviceContext,
1129 unsigned char *abyDestAddress,
1130 unsigned short wReason,
1134 PSDevice pDevice = (PSDevice)hDeviceContext;
1135 WLAN_FR_DEAUTHEN sFrame;
1136 PSTxMgmtPacket pTxPacket = NULL;
1138 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1139 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DEAUTHEN_FR_MAXLEN);
1140 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1141 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1142 sFrame.len = WLAN_DEAUTHEN_FR_MAXLEN;
1143 vMgrEncodeDeauthen(&sFrame);
1145 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1147 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1148 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DEAUTHEN)
1151 memcpy(sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
1152 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1153 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1155 *(sFrame.pwReason) = cpu_to_le16(wReason); // deauthen. bcs left BSS
1156 /* Adjust the length fields */
1157 pTxPacket->cbMPDULen = sFrame.len;
1158 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1160 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1161 if (*pStatus == CMD_STATUS_PENDING)
1162 *pStatus = CMD_STATUS_SUCCESS;
1167 * Routine Description:
1168 * Handle incoming authentication frames.
1177 s_vMgrRxAuthentication(
1180 PSRxMgmtPacket pRxPacket
1183 WLAN_FR_AUTHEN sFrame;
1185 // we better be an AP or a STA in AUTHPENDING otherwise ignore
1186 if (!(pMgmt->eCurrMode == WMAC_MODE_ESS_AP ||
1187 pMgmt->eCurrState == WMAC_STATE_AUTHPENDING)) {
1192 sFrame.len = pRxPacket->cbMPDULen;
1193 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1194 vMgrDecodeAuthen(&sFrame);
1195 switch (cpu_to_le16((*(sFrame.pwAuthSequence)))) {
1198 s_vMgrRxAuthenSequence_1(pDevice, pMgmt, &sFrame);
1201 s_vMgrRxAuthenSequence_2(pDevice, pMgmt, &sFrame);
1205 s_vMgrRxAuthenSequence_3(pDevice, pMgmt, &sFrame);
1208 s_vMgrRxAuthenSequence_4(pDevice, pMgmt, &sFrame);
1211 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Auth Sequence error, seq = %d\n",
1212 cpu_to_le16((*(sFrame.pwAuthSequence))));
1219 * Routine Description:
1220 * Handles incoming authen frames with sequence 1. Currently
1221 * assumes we're an AP. So far, no one appears to use authentication
1231 s_vMgrRxAuthenSequence_1(
1234 PWLAN_FR_AUTHEN pFrame
1237 PSTxMgmtPacket pTxPacket = NULL;
1238 unsigned int uNodeIndex;
1239 WLAN_FR_AUTHEN sFrame;
1240 PSKeyItem pTransmitKey;
1242 // Insert a Node entry
1243 if (!BSSDBbIsSTAInNodeDB(pMgmt, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1244 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
1245 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, pFrame->pHdr->sA3.abyAddr2,
1249 if (pMgmt->bShareKeyAlgorithm) {
1250 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_KNOWN;
1251 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 1;
1253 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1257 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1258 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1259 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1260 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1261 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1262 // format buffer structure
1263 vMgrEncodeAuthen(&sFrame);
1265 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1267 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1268 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1269 WLAN_SET_FC_ISWEP(0)
1271 memcpy(sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1272 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1273 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1274 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1275 *(sFrame.pwAuthSequence) = cpu_to_le16(2);
1277 if (cpu_to_le16(*(pFrame->pwAuthAlgorithm)) == WLAN_AUTH_ALG_SHAREDKEY) {
1278 if (pMgmt->bShareKeyAlgorithm)
1279 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1281 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1283 if (pMgmt->bShareKeyAlgorithm)
1284 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1286 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1289 if (pMgmt->bShareKeyAlgorithm &&
1290 (cpu_to_le16(*(sFrame.pwStatus)) == WLAN_MGMT_STATUS_SUCCESS)) {
1291 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1292 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1293 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1294 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1295 memset(pMgmt->abyChallenge, 0, WLAN_CHALLENGE_LEN);
1297 if (KeybGetTransmitKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, GROUP_KEY, &pTransmitKey) == true) {
1298 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pTransmitKey->uKeyLength+3);
1299 rc4_encrypt(&pDevice->SBox, pMgmt->abyChallenge, pMgmt->abyChallenge, WLAN_CHALLENGE_LEN);
1301 memcpy(sFrame.pChallenge->abyChallenge, pMgmt->abyChallenge , WLAN_CHALLENGE_LEN);
1304 /* Adjust the length fields */
1305 pTxPacket->cbMPDULen = sFrame.len;
1306 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1308 if (pDevice->bEnableHostapd)
1311 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx.. \n");
1312 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING)
1313 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx failed.\n");
1318 * Routine Description:
1319 * Handles incoming auth frames with sequence number 2. Currently
1320 * assumes we're a station.
1330 s_vMgrRxAuthenSequence_2(
1333 PWLAN_FR_AUTHEN pFrame
1336 WLAN_FR_AUTHEN sFrame;
1337 PSTxMgmtPacket pTxPacket = NULL;
1339 switch (cpu_to_le16((*(pFrame->pwAuthAlgorithm)))) {
1340 case WLAN_AUTH_ALG_OPENSYSTEM:
1341 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1342 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Successful.\n");
1343 pMgmt->eCurrState = WMAC_STATE_AUTH;
1344 timer_expire(pDevice->sTimerCommand, 0);
1346 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Failed.\n");
1347 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1348 pMgmt->eCurrState = WMAC_STATE_IDLE;
1353 case WLAN_AUTH_ALG_SHAREDKEY:
1355 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1356 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1357 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1358 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1359 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1360 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1361 // format buffer structure
1362 vMgrEncodeAuthen(&sFrame);
1364 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1366 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1367 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1368 WLAN_SET_FC_ISWEP(1)
1370 memcpy(sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1371 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1372 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1373 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1374 *(sFrame.pwAuthSequence) = cpu_to_le16(3);
1375 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1376 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1377 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1378 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1379 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1380 memcpy(sFrame.pChallenge->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN);
1381 // Adjust the length fields
1382 pTxPacket->cbMPDULen = sFrame.len;
1383 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1385 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING)
1386 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx failed.\n");
1388 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx ...\n");
1390 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:rx Auth_reply sequence_2 status error ...\n");
1391 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1395 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt: rx auth.seq = 2 unknown AuthAlgorithm=%d\n", cpu_to_le16((*(pFrame->pwAuthAlgorithm))));
1402 * Routine Description:
1403 * Handles incoming authen frames with sequence 3. Currently
1404 * assumes we're an AP. This function assumes the frame has
1405 * already been successfully decrypted.
1415 s_vMgrRxAuthenSequence_3(
1418 PWLAN_FR_AUTHEN pFrame
1421 PSTxMgmtPacket pTxPacket = NULL;
1422 unsigned int uStatusCode = 0;
1423 unsigned int uNodeIndex = 0;
1424 WLAN_FR_AUTHEN sFrame;
1426 if (!WLAN_GET_FC_ISWEP(pFrame->pHdr->sA3.wFrameCtl)) {
1427 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1430 if (BSSDBbIsSTAInNodeDB(pMgmt, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1431 if (pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence != 1) {
1432 uStatusCode = WLAN_MGMT_STATUS_RX_AUTH_NOSEQ;
1435 if (memcmp(pMgmt->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN) != 0) {
1436 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1440 uStatusCode = WLAN_MGMT_STATUS_UNSPEC_FAILURE;
1445 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1446 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 0;
1448 uStatusCode = WLAN_MGMT_STATUS_SUCCESS;
1449 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Challenge text check ok..\n");
1453 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1454 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1455 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1456 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1457 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1458 // format buffer structure
1459 vMgrEncodeAuthen(&sFrame);
1461 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1463 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1464 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1465 WLAN_SET_FC_ISWEP(0)
1467 memcpy(sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1468 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1469 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1470 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1471 *(sFrame.pwAuthSequence) = cpu_to_le16(4);
1472 *(sFrame.pwStatus) = cpu_to_le16(uStatusCode);
1474 /* Adjust the length fields */
1475 pTxPacket->cbMPDULen = sFrame.len;
1476 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1478 if (pDevice->bEnableHostapd)
1481 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING)
1482 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_4 tx failed.\n");
1487 * Routine Description:
1488 * Handles incoming authen frames with sequence 4
1497 s_vMgrRxAuthenSequence_4(
1500 PWLAN_FR_AUTHEN pFrame
1503 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1504 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Successful.\n");
1505 pMgmt->eCurrState = WMAC_STATE_AUTH;
1506 timer_expire(pDevice->sTimerCommand, 0);
1508 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Failed.\n");
1509 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1510 pMgmt->eCurrState = WMAC_STATE_IDLE;
1516 * Routine Description:
1517 * Handles incoming disassociation frames
1527 s_vMgrRxDisassociation(
1530 PSRxMgmtPacket pRxPacket
1533 WLAN_FR_DISASSOC sFrame;
1534 unsigned int uNodeIndex = 0;
1535 viawget_wpa_header *wpahdr;
1537 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1538 // if is acting an AP..
1539 // a STA is leaving this BSS..
1540 sFrame.len = pRxPacket->cbMPDULen;
1541 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1542 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
1543 BSSvRemoveOneNode(pDevice, uNodeIndex);
1545 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx disassoc, sta not found\n");
1547 } else if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) {
1548 sFrame.len = pRxPacket->cbMPDULen;
1549 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1550 vMgrDecodeDisassociation(&sFrame);
1551 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP disassociated me, reason=%d.\n", cpu_to_le16(*(sFrame.pwReason)));
1552 //TODO: do something let upper layer know or
1553 //try to send associate packet again because of inactivity timeout
1554 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1555 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1556 wpahdr->type = VIAWGET_DISASSOC_MSG;
1557 wpahdr->resp_ie_len = 0;
1558 wpahdr->req_ie_len = 0;
1559 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1560 pDevice->skb->dev = pDevice->wpadev;
1561 skb_reset_mac_header(pDevice->skb);
1563 pDevice->skb->pkt_type = PACKET_HOST;
1564 pDevice->skb->protocol = htons(ETH_P_802_2);
1565 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1566 netif_rx(pDevice->skb);
1567 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1570 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1572 union iwreq_data wrqu;
1573 memset(&wrqu, 0, sizeof(wrqu));
1574 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1575 printk("wireless_send_event--->SIOCGIWAP(disassociated)\n");
1576 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1580 /* else, ignore it */
1585 * Routine Description:
1586 * Handles incoming deauthentication frames
1596 s_vMgrRxDeauthentication(
1599 PSRxMgmtPacket pRxPacket
1602 WLAN_FR_DEAUTHEN sFrame;
1603 unsigned int uNodeIndex = 0;
1604 viawget_wpa_header *wpahdr;
1606 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1608 // if is acting an AP..
1609 // a STA is leaving this BSS..
1610 sFrame.len = pRxPacket->cbMPDULen;
1611 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1612 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
1613 BSSvRemoveOneNode(pDevice, uNodeIndex);
1615 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Rx deauth, sta not found\n");
1617 if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) {
1618 sFrame.len = pRxPacket->cbMPDULen;
1619 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1620 vMgrDecodeDeauthen(&sFrame);
1621 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP deauthed me, reason=%d.\n", cpu_to_le16((*(sFrame.pwReason))));
1622 // TODO: update BSS list for specific BSSID if pre-authentication case
1623 if (ether_addr_equal(sFrame.pHdr->sA3.abyAddr3,
1624 pMgmt->abyCurrBSSID)) {
1625 if (pMgmt->eCurrState >= WMAC_STATE_AUTHPENDING) {
1626 pMgmt->sNodeDBTable[0].bActive = false;
1627 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
1628 pMgmt->eCurrState = WMAC_STATE_IDLE;
1629 netif_stop_queue(pDevice->dev);
1630 pDevice->bLinkPass = false;
1634 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1635 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1636 wpahdr->type = VIAWGET_DISASSOC_MSG;
1637 wpahdr->resp_ie_len = 0;
1638 wpahdr->req_ie_len = 0;
1639 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1640 pDevice->skb->dev = pDevice->wpadev;
1641 skb_reset_mac_header(pDevice->skb);
1642 pDevice->skb->pkt_type = PACKET_HOST;
1643 pDevice->skb->protocol = htons(ETH_P_802_2);
1644 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1645 netif_rx(pDevice->skb);
1646 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1649 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1651 union iwreq_data wrqu;
1653 memset(&wrqu, 0, sizeof(wrqu));
1654 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1655 PRINT_K("wireless_send_event--->SIOCGIWAP(disauthen)\n");
1656 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1661 /* else, ignore it. TODO: IBSS authentication service
1662 would be implemented here */
1666 //2008-8-4 <add> by chester
1669 * Routine Description:
1670 * check if current channel is match ZoneType.
1679 ChannelExceedZoneType(
1681 unsigned char byCurrChannel
1684 bool exceed = false;
1686 switch (pDevice->byZoneType) {
1687 case 0x00: //USA:1~11
1688 if ((byCurrChannel < 1) || (byCurrChannel > 11))
1691 case 0x01: //Japan:1~13
1692 case 0x02: //Europe:1~13
1693 if ((byCurrChannel < 1) || (byCurrChannel > 13))
1696 default: //reserve for other zonetype
1705 * Routine Description:
1706 * Handles and analysis incoming beacon frames.
1719 PSRxMgmtPacket pRxPacket,
1724 WLAN_FR_BEACON sFrame;
1726 bool bIsBSSIDEqual = false;
1727 bool bIsSSIDEqual = false;
1728 bool bTSFLargeDiff = false;
1729 bool bTSFOffsetPostive = false;
1730 bool bUpdateTSF = false;
1731 bool bIsAPBeacon = false;
1732 bool bIsChannelEqual = false;
1733 unsigned int uLocateByteIndex;
1734 unsigned char byTIMBitOn = 0;
1735 unsigned short wAIDNumber = 0;
1736 unsigned int uNodeIndex;
1737 QWORD qwTimestamp, qwLocalTSF;
1739 unsigned short wStartIndex = 0;
1740 unsigned short wAIDIndex = 0;
1741 unsigned char byCurrChannel = pRxPacket->byRxChannel;
1743 unsigned int uRateLen = WLAN_RATES_MAXLEN;
1744 bool bChannelHit = false;
1745 bool bUpdatePhyParameter = false;
1746 unsigned char byIEChannel = 0;
1748 memset(&sFrame, 0, sizeof(WLAN_FR_BEACON));
1749 sFrame.len = pRxPacket->cbMPDULen;
1750 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1752 // decode the beacon frame
1753 vMgrDecodeBeacon(&sFrame);
1755 if ((sFrame.pwBeaconInterval == NULL) ||
1756 (sFrame.pwCapInfo == NULL) ||
1757 (sFrame.pSSID == NULL) ||
1758 (sFrame.pSuppRates == NULL)) {
1759 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx beacon frame error\n");
1763 if (sFrame.pDSParms != NULL) {
1764 if (byCurrChannel > CB_MAX_CHANNEL_24G) {
1765 // channel remapping to
1766 byIEChannel = get_channel_mapping(pDevice, sFrame.pDSParms->byCurrChannel, PHY_TYPE_11A);
1768 byIEChannel = sFrame.pDSParms->byCurrChannel;
1770 if (byCurrChannel != byIEChannel) {
1771 // adjust channel info. bcs we rcv adjacent channel packets
1772 bChannelHit = false;
1773 byCurrChannel = byIEChannel;
1776 // no DS channel info
1779 //2008-0730-01<Add>by MikeLiu
1780 if (ChannelExceedZoneType(pDevice, byCurrChannel))
1783 if (sFrame.pERP != NULL) {
1784 sERP.byERP = sFrame.pERP->byContext;
1785 sERP.bERPExist = true;
1788 sERP.bERPExist = false;
1792 pBSSList = BSSpAddrIsInBSSList((void *)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
1793 if (pBSSList == NULL) {
1794 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Beacon/insert: RxChannel = : %d\n", byCurrChannel);
1795 BSSbInsertToBSSList((void *)pDevice,
1796 sFrame.pHdr->sA3.abyAddr3,
1797 *sFrame.pqwTimestamp,
1798 *sFrame.pwBeaconInterval,
1803 sFrame.pExtSuppRates,
1809 sFrame.len - WLAN_HDR_ADDR3_LEN,
1810 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
1814 BSSbUpdateToBSSList((void *)pDevice,
1815 *sFrame.pqwTimestamp,
1816 *sFrame.pwBeaconInterval,
1822 sFrame.pExtSuppRates,
1829 sFrame.len - WLAN_HDR_ADDR3_LEN,
1830 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
1839 if (byCurrChannel == (unsigned char)pMgmt->uCurrChannel)
1840 bIsChannelEqual = true;
1842 if (bIsChannelEqual && (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)) {
1843 // if rx beacon without ERP field
1844 if (sERP.bERPExist) {
1845 if (WLAN_GET_ERP_USE_PROTECTION(sERP.byERP)) {
1846 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
1847 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
1850 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
1851 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
1854 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
1855 if (!WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo))
1856 pDevice->byERPFlag |= WLAN_SET_ERP_BARKER_MODE(1);
1857 if (!sERP.bERPExist)
1858 pDevice->byERPFlag |= WLAN_SET_ERP_NONERP_PRESENT(1);
1862 if (WLAN_GET_ERP_USE_PROTECTION(pDevice->byERPFlag)) {
1863 if (!pDevice->bProtectMode) {
1864 MACvEnableProtectMD(pDevice->PortOffset);
1865 pDevice->bProtectMode = true;
1870 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)
1873 // check if BSSID the same
1874 if (memcmp(sFrame.pHdr->sA3.abyAddr3,
1875 pMgmt->abyCurrBSSID,
1876 WLAN_BSSID_LEN) == 0) {
1877 bIsBSSIDEqual = true;
1879 // 2008-05-21 <add> by Richardtai
1880 pDevice->uCurrRSSI = pRxPacket->uRSSI;
1881 pDevice->byCurrSQ = pRxPacket->bySQ;
1883 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
1884 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
1886 // check if SSID the same
1887 if (sFrame.pSSID->len == ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) {
1888 if (memcmp(sFrame.pSSID->abySSID,
1889 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
1892 bIsSSIDEqual = true;
1896 if (WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo) &&
1899 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
1900 (pMgmt->eCurrState == WMAC_STATE_ASSOC)) {
1901 // add state check to prevent reconnect fail since we'll receive Beacon
1905 if (pBSSList != NULL) {
1906 // Compare PHY parameter setting
1907 if (pMgmt->wCurrCapInfo != pBSSList->wCapInfo) {
1908 bUpdatePhyParameter = true;
1909 pMgmt->wCurrCapInfo = pBSSList->wCapInfo;
1911 if (sFrame.pERP != NULL) {
1912 if ((sFrame.pERP->byElementID == WLAN_EID_ERP) &&
1913 (pMgmt->byERPContext != sFrame.pERP->byContext)) {
1914 bUpdatePhyParameter = true;
1915 pMgmt->byERPContext = sFrame.pERP->byContext;
1919 // Basic Rate Set may change dynamically
1921 if (pBSSList->eNetworkTypeInUse == PHY_TYPE_11B)
1922 uRateLen = WLAN_RATES_MAXLEN_11B;
1924 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abySuppRates,
1925 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
1927 pMgmt->abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abyExtSuppRates,
1928 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
1930 RATEvParseMaxRate((void *)pDevice,
1931 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
1932 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
1934 &(pMgmt->sNodeDBTable[0].wMaxBasicRate),
1935 &(pMgmt->sNodeDBTable[0].wMaxSuppRate),
1936 &(pMgmt->sNodeDBTable[0].wSuppRate),
1937 &(pMgmt->sNodeDBTable[0].byTopCCKBasicRate),
1938 &(pMgmt->sNodeDBTable[0].byTopOFDMBasicRate)
1940 if (bUpdatePhyParameter) {
1941 CARDbSetPhyParameter(pMgmt->pAdapter,
1942 pMgmt->eCurrentPHYMode,
1943 pMgmt->wCurrCapInfo,
1944 pMgmt->byERPContext,
1945 pMgmt->abyCurrSuppRates,
1946 pMgmt->abyCurrExtSuppRates
1949 if (sFrame.pIE_PowerConstraint != NULL) {
1950 CARDvSetPowerConstraint(pMgmt->pAdapter,
1951 (unsigned char) pBSSList->uChannel,
1952 sFrame.pIE_PowerConstraint->byPower
1955 if (sFrame.pIE_CHSW != NULL) {
1956 CARDbChannelSwitch(pMgmt->pAdapter,
1957 sFrame.pIE_CHSW->byMode,
1958 get_channel_mapping(pMgmt->pAdapter, sFrame.pIE_CHSW->byMode, pMgmt->eCurrentPHYMode),
1959 sFrame.pIE_CHSW->byCount
1962 } else if (!bIsChannelEqual) {
1963 set_channel(pMgmt->pAdapter, pBSSList->uChannel);
1968 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Beacon 2 \n");
1969 // check if CF field exists
1970 if (WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)) {
1971 if (sFrame.pCFParms->wCFPDurRemaining > 0) {
1972 // TODO: deal with CFP period to set NAV
1976 HIDWORD(qwTimestamp) = cpu_to_le32(HIDWORD(*sFrame.pqwTimestamp));
1977 LODWORD(qwTimestamp) = cpu_to_le32(LODWORD(*sFrame.pqwTimestamp));
1978 HIDWORD(qwLocalTSF) = HIDWORD(pRxPacket->qwLocalTSF);
1979 LODWORD(qwLocalTSF) = LODWORD(pRxPacket->qwLocalTSF);
1981 // check if beacon TSF larger or small than our local TSF
1982 if (HIDWORD(qwTimestamp) == HIDWORD(qwLocalTSF)) {
1983 if (LODWORD(qwTimestamp) >= LODWORD(qwLocalTSF))
1984 bTSFOffsetPostive = true;
1986 bTSFOffsetPostive = false;
1987 } else if (HIDWORD(qwTimestamp) > HIDWORD(qwLocalTSF)) {
1988 bTSFOffsetPostive = true;
1989 } else if (HIDWORD(qwTimestamp) < HIDWORD(qwLocalTSF)) {
1990 bTSFOffsetPostive = false;
1993 if (bTSFOffsetPostive)
1994 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwTimestamp), (qwLocalTSF));
1996 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwLocalTSF), (qwTimestamp));
1998 if (HIDWORD(qwTSFOffset) != 0 ||
1999 (LODWORD(qwTSFOffset) > TRIVIAL_SYNC_DIFFERENCE)) {
2000 bTSFLargeDiff = true;
2005 // Infra mode: Local TSF always follow AP's TSF if Difference huge.
2009 if (pDevice->bEnablePSMode && (sFrame.pTIM != NULL)) {
2010 // deal with DTIM, analysis TIM
2011 pMgmt->bMulticastTIM = WLAN_MGMT_IS_MULTICAST_TIM(sFrame.pTIM->byBitMapCtl) ? true : false;
2012 pMgmt->byDTIMCount = sFrame.pTIM->byDTIMCount;
2013 pMgmt->byDTIMPeriod = sFrame.pTIM->byDTIMPeriod;
2014 wAIDNumber = pMgmt->wCurrAID & ~(BIT14|BIT15);
2016 // check if AID in TIM field bit on
2018 wStartIndex = WLAN_MGMT_GET_TIM_OFFSET(sFrame.pTIM->byBitMapCtl) << 1;
2020 wAIDIndex = (wAIDNumber >> 3);
2021 if ((wAIDNumber > 0) && (wAIDIndex >= wStartIndex)) {
2022 uLocateByteIndex = wAIDIndex - wStartIndex;
2023 // len = byDTIMCount + byDTIMPeriod + byDTIMPeriod + byVirtBitMap[0~250]
2024 if (sFrame.pTIM->len >= (uLocateByteIndex + 4)) {
2025 byTIMBitOn = (0x01) << ((wAIDNumber) % 8);
2026 pMgmt->bInTIM = sFrame.pTIM->byVirtBitMap[uLocateByteIndex] & byTIMBitOn ? true : false;
2028 pMgmt->bInTIM = false;
2031 pMgmt->bInTIM = false;
2034 if (pMgmt->bInTIM ||
2035 (pMgmt->bMulticastTIM && (pMgmt->byDTIMCount == 0))) {
2036 pMgmt->bInTIMWake = true;
2037 // send out ps-poll packet
2040 PSvSendPSPOLL((PSDevice)pDevice);
2043 pMgmt->bInTIMWake = false;
2044 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Not In TIM..\n");
2045 if (!pDevice->bPWBitOn) {
2046 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Send Null Packet\n");
2047 if (PSbSendNullPacket(pDevice))
2048 pDevice->bPWBitOn = true;
2050 if (PSbConsiderPowerDown(pDevice, false, false))
2051 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Power down now...\n");
2058 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && !bIsAPBeacon && bIsChannelEqual) {
2059 if (bIsBSSIDEqual) {
2060 // Use sNodeDBTable[0].uInActiveCount as IBSS beacons received count.
2061 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
2062 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2064 // adhoc mode:TSF updated only when beacon larger than local TSF
2065 if (bTSFLargeDiff && bTSFOffsetPostive &&
2066 (pMgmt->eCurrState == WMAC_STATE_JOINTED))
2069 // During dpc, already in spinlocked.
2070 if (BSSDBbIsSTAInNodeDB(pMgmt, sFrame.pHdr->sA3.abyAddr2, &uNodeIndex)) {
2071 // Update the STA, (Technically the Beacons of all the IBSS nodes
2072 // should be identical, but that's not happening in practice.
2073 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2074 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2075 WLAN_RATES_MAXLEN_11B);
2076 RATEvParseMaxRate((void *)pDevice,
2077 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2080 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2081 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2082 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2083 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2084 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2086 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2087 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2088 pMgmt->sNodeDBTable[uNodeIndex].uInActiveCount = 0;
2090 // Todo, initial Node content
2091 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
2093 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2094 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2095 WLAN_RATES_MAXLEN_11B);
2096 RATEvParseMaxRate((void *)pDevice,
2097 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2100 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2101 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2102 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2103 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2104 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2107 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, sFrame.pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
2108 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2109 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate = pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
2112 printk("s_vMgrRxBeacon:TxDataRate is %d,Index is %d\n", pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate, uNodeIndex);
2117 // if other stations joined, indicate connection to upper layer..
2118 if (pMgmt->eCurrState == WMAC_STATE_STARTED) {
2119 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Current IBSS State: [Started]........to: [Jointed] \n");
2120 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2121 pDevice->bLinkPass = true;
2122 if (netif_queue_stopped(pDevice->dev))
2123 netif_wake_queue(pDevice->dev);
2125 pMgmt->sNodeDBTable[0].bActive = true;
2126 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2129 } else if (bIsSSIDEqual) {
2130 // See other adhoc sta with the same SSID but BSSID is different.
2131 // adpot this vars only when TSF larger then us.
2132 if (bTSFLargeDiff && bTSFOffsetPostive) {
2133 // we don't support ATIM under adhoc mode
2134 // if (sFrame.pIBSSParms->wATIMWindow == 0) {
2136 // TODO: check sFrame cap if privacy on, and support rate syn
2137 memcpy(pMgmt->abyCurrBSSID, sFrame.pHdr->sA3.abyAddr3, WLAN_BSSID_LEN);
2138 memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
2139 pMgmt->wCurrATIMWindow = cpu_to_le16(sFrame.pIBSSParms->wATIMWindow);
2140 pMgmt->wCurrBeaconPeriod = cpu_to_le16(*sFrame.pwBeaconInterval);
2141 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2142 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2143 WLAN_RATES_MAXLEN_11B);
2144 // set HW beacon interval and re-synchronizing....
2145 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rejoining to Other Adhoc group with same SSID........\n");
2146 VNSvOutPortW(pDevice->PortOffset + MAC_REG_BI, pMgmt->wCurrBeaconPeriod);
2147 CARDbUpdateTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, qwLocalTSF);
2148 CARDvUpdateNextTBTT(pDevice->PortOffset, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2149 // Turn off bssid filter to avoid filter others adhoc station which bssid is different.
2150 MACvWriteBSSIDAddress(pDevice->PortOffset, pMgmt->abyCurrBSSID);
2152 CARDbSetPhyParameter(pMgmt->pAdapter,
2153 pMgmt->eCurrentPHYMode,
2154 pMgmt->wCurrCapInfo,
2155 pMgmt->byERPContext,
2156 pMgmt->abyCurrSuppRates,
2157 pMgmt->abyCurrExtSuppRates);
2159 // Prepare beacon frame
2160 bMgrPrepareBeaconToSend((void *)pDevice, pMgmt);
2167 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2168 CARDbUpdateTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, pRxPacket->qwLocalTSF);
2169 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2170 CARDvUpdateNextTBTT(pDevice->PortOffset, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2176 * Routine Description:
2177 * Instructs the hw to create a bss using the supplied
2178 * attributes. Note that this implementation only supports Ad-Hoc
2188 void *hDeviceContext,
2192 PSDevice pDevice = (PSDevice)hDeviceContext;
2193 PSMgmtObject pMgmt = pDevice->pMgmt;
2194 unsigned short wMaxBasicRate;
2195 unsigned short wMaxSuppRate;
2196 unsigned char byTopCCKBasicRate;
2197 unsigned char byTopOFDMBasicRate;
2200 unsigned char abyRATE[] = {0x82, 0x84, 0x8B, 0x96, 0x24, 0x30, 0x48, 0x6C, 0x0C, 0x12, 0x18, 0x60};
2201 unsigned char abyCCK_RATE[] = {0x82, 0x84, 0x8B, 0x96};
2202 unsigned char abyOFDM_RATE[] = {0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2203 unsigned short wSuppRate;
2205 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Create Basic Service Set .......\n");
2207 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2208 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) &&
2209 (pDevice->eEncryptionStatus != Ndis802_11Encryption2Enabled) &&
2210 (pDevice->eEncryptionStatus != Ndis802_11Encryption3Enabled)) {
2211 // encryption mode error
2212 *pStatus = CMD_STATUS_FAILURE;
2217 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2218 pMgmt->abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
2220 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2221 pMgmt->eCurrentPHYMode = pMgmt->byAPBBType;
2223 if (pDevice->byBBType == BB_TYPE_11G)
2224 pMgmt->eCurrentPHYMode = PHY_TYPE_11G;
2225 if (pDevice->byBBType == BB_TYPE_11B)
2226 pMgmt->eCurrentPHYMode = PHY_TYPE_11B;
2227 if (pDevice->byBBType == BB_TYPE_11A)
2228 pMgmt->eCurrentPHYMode = PHY_TYPE_11A;
2231 if (pMgmt->eCurrentPHYMode != PHY_TYPE_11A) {
2232 pMgmt->abyCurrSuppRates[1] = WLAN_RATES_MAXLEN_11B;
2233 pMgmt->abyCurrExtSuppRates[1] = 0;
2234 for (ii = 0; ii < 4; ii++)
2235 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2237 pMgmt->abyCurrSuppRates[1] = 8;
2238 pMgmt->abyCurrExtSuppRates[1] = 0;
2239 for (ii = 0; ii < 8; ii++)
2240 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2243 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
2244 pMgmt->abyCurrSuppRates[1] = 8;
2245 pMgmt->abyCurrExtSuppRates[1] = 4;
2246 for (ii = 0; ii < 4; ii++)
2247 pMgmt->abyCurrSuppRates[2+ii] = abyCCK_RATE[ii];
2248 for (ii = 4; ii < 8; ii++)
2249 pMgmt->abyCurrSuppRates[2+ii] = abyOFDM_RATE[ii-4];
2250 for (ii = 0; ii < 4; ii++)
2251 pMgmt->abyCurrExtSuppRates[2+ii] = abyOFDM_RATE[ii+4];
2254 // Disable Protect Mode
2255 pDevice->bProtectMode = false;
2256 MACvDisableProtectMD(pDevice->PortOffset);
2258 pDevice->bBarkerPreambleMd = false;
2259 MACvDisableBarkerPreambleMd(pDevice->PortOffset);
2261 // Kyle Test 2003.11.04
2263 // set HW beacon interval
2264 if (pMgmt->wIBSSBeaconPeriod == 0)
2265 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
2267 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2268 // clear TSF counter
2269 VNSvOutPortB(pDevice->PortOffset + MAC_REG_TFTCTL, TFTCTL_TSFCNTRST);
2270 // enable TSF counter
2271 VNSvOutPortB(pDevice->PortOffset + MAC_REG_TFTCTL, TFTCTL_TSFCNTREN);
2274 CARDvSetFirstNextTBTT(pDevice->PortOffset, pMgmt->wIBSSBeaconPeriod);
2276 pMgmt->uIBSSChannel = pDevice->uChannel;
2278 if (pMgmt->uIBSSChannel == 0)
2279 pMgmt->uIBSSChannel = DEFAULT_IBSS_CHANNEL;
2283 RATEvParseMaxRate((void *)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2284 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates, true,
2285 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2286 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2288 if (pMgmt->eConfigMode == WMAC_CONFIG_AP)
2289 pMgmt->eCurrMode = WMAC_MODE_ESS_AP;
2291 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2292 memcpy(pMgmt->abyIBSSDFSOwner, pDevice->abyCurrentNetAddr, 6);
2293 pMgmt->byIBSSDFSRecovery = 10;
2294 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2297 // Adopt pre-configured IBSS vars to current vars
2298 pMgmt->eCurrState = WMAC_STATE_STARTED;
2299 pMgmt->wCurrBeaconPeriod = pMgmt->wIBSSBeaconPeriod;
2300 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2301 pMgmt->wCurrATIMWindow = pMgmt->wIBSSATIMWindow;
2302 MACvWriteATIMW(pDevice->PortOffset, pMgmt->wCurrATIMWindow);
2303 pDevice->uCurrRSSI = 0;
2304 pDevice->byCurrSQ = 0;
2305 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2306 memcpy(pMgmt->abyCurrSSID,
2307 pMgmt->abyDesireSSID,
2308 ((PWLAN_IE_SSID)pMgmt->abyDesireSSID)->len + WLAN_IEHDR_LEN
2311 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2312 // AP mode BSSID = MAC addr
2313 memcpy(pMgmt->abyCurrBSSID, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
2314 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "AP beacon created BSSID:%pM\n",
2315 pMgmt->abyCurrBSSID);
2318 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2319 // BSSID selected must be randomized as spec 11.1.3
2320 pMgmt->abyCurrBSSID[5] = (unsigned char) (LODWORD(qwCurrTSF) & 0x000000ff);
2321 pMgmt->abyCurrBSSID[4] = (unsigned char)((LODWORD(qwCurrTSF) & 0x0000ff00) >> 8);
2322 pMgmt->abyCurrBSSID[3] = (unsigned char)((LODWORD(qwCurrTSF) & 0x00ff0000) >> 16);
2323 pMgmt->abyCurrBSSID[2] = (unsigned char)((LODWORD(qwCurrTSF) & 0x00000ff0) >> 4);
2324 pMgmt->abyCurrBSSID[1] = (unsigned char)((LODWORD(qwCurrTSF) & 0x000ff000) >> 12);
2325 pMgmt->abyCurrBSSID[0] = (unsigned char)((LODWORD(qwCurrTSF) & 0x0ff00000) >> 20);
2326 pMgmt->abyCurrBSSID[5] ^= pMgmt->abyMACAddr[0];
2327 pMgmt->abyCurrBSSID[4] ^= pMgmt->abyMACAddr[1];
2328 pMgmt->abyCurrBSSID[3] ^= pMgmt->abyMACAddr[2];
2329 pMgmt->abyCurrBSSID[2] ^= pMgmt->abyMACAddr[3];
2330 pMgmt->abyCurrBSSID[1] ^= pMgmt->abyMACAddr[4];
2331 pMgmt->abyCurrBSSID[0] ^= pMgmt->abyMACAddr[5];
2332 pMgmt->abyCurrBSSID[0] &= ~IEEE_ADDR_GROUP;
2333 pMgmt->abyCurrBSSID[0] |= IEEE_ADDR_UNIVERSAL;
2335 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Adhoc beacon created bssid:%pM\n",
2336 pMgmt->abyCurrBSSID);
2339 // Set Capability Info
2340 pMgmt->wCurrCapInfo = 0;
2342 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2343 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
2344 pMgmt->byDTIMPeriod = DEFAULT_DTIM_PERIOD;
2345 pMgmt->byDTIMCount = pMgmt->byDTIMPeriod - 1;
2348 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)
2349 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_IBSS(1);
2351 if (pDevice->bEncryptionEnable) {
2352 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
2353 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2354 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2355 pMgmt->byCSSPK = KEY_CTL_CCMP;
2356 pMgmt->byCSSGK = KEY_CTL_CCMP;
2357 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2358 pMgmt->byCSSPK = KEY_CTL_TKIP;
2359 pMgmt->byCSSGK = KEY_CTL_TKIP;
2361 pMgmt->byCSSPK = KEY_CTL_NONE;
2362 pMgmt->byCSSGK = KEY_CTL_WEP;
2365 pMgmt->byCSSPK = KEY_CTL_WEP;
2366 pMgmt->byCSSGK = KEY_CTL_WEP;
2370 pMgmt->byERPContext = 0;
2372 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2373 CARDbSetBSSID(pMgmt->pAdapter, pMgmt->abyCurrBSSID, OP_MODE_AP);
2375 CARDbSetBSSID(pMgmt->pAdapter, pMgmt->abyCurrBSSID, OP_MODE_ADHOC);
2378 CARDbSetPhyParameter(pMgmt->pAdapter,
2379 pMgmt->eCurrentPHYMode,
2380 pMgmt->wCurrCapInfo,
2381 pMgmt->byERPContext,
2382 pMgmt->abyCurrSuppRates,
2383 pMgmt->abyCurrExtSuppRates
2386 CARDbSetBeaconPeriod(pMgmt->pAdapter, pMgmt->wIBSSBeaconPeriod);
2387 // set channel and clear NAV
2388 set_channel(pMgmt->pAdapter, pMgmt->uIBSSChannel);
2389 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2391 if (CARDbIsShortPreamble(pMgmt->pAdapter))
2392 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
2394 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SHORTPREAMBLE(1));
2396 if (pMgmt->b11hEnable &&
2397 (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
2398 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
2400 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SPECTRUMMNG(1));
2403 pMgmt->eCurrState = WMAC_STATE_STARTED;
2404 // Prepare beacon to send
2405 if (bMgrPrepareBeaconToSend((void *)pDevice, pMgmt))
2406 *pStatus = CMD_STATUS_SUCCESS;
2411 * Routine Description:
2412 * Instructs wmac to join a bss using the supplied attributes.
2413 * The arguments may the BSSID or SSID and the rest of the
2414 * attributes are obtained from the scan result of known bss list.
2424 void *hDeviceContext,
2428 PSDevice pDevice = (PSDevice)hDeviceContext;
2429 PSMgmtObject pMgmt = pDevice->pMgmt;
2430 PKnownBSS pCurr = NULL;
2431 unsigned int ii, uu;
2432 PWLAN_IE_SUPP_RATES pItemRates = NULL;
2433 PWLAN_IE_SUPP_RATES pItemExtRates = NULL;
2434 PWLAN_IE_SSID pItemSSID;
2435 unsigned int uRateLen = WLAN_RATES_MAXLEN;
2436 unsigned short wMaxBasicRate = RATE_1M;
2437 unsigned short wMaxSuppRate = RATE_1M;
2438 unsigned short wSuppRate;
2439 unsigned char byTopCCKBasicRate = RATE_1M;
2440 unsigned char byTopOFDMBasicRate = RATE_1M;
2442 for (ii = 0; ii < MAX_BSS_NUM; ii++) {
2443 if (pMgmt->sBSSList[ii].bActive)
2447 if (ii == MAX_BSS_NUM) {
2448 *pStatus = CMD_STATUS_RESOURCES;
2449 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "BSS finding:BSS list is empty.\n");
2453 // Search known BSS list for prefer BSSID or SSID
2455 pCurr = BSSpSearchBSSList(pDevice,
2456 pMgmt->abyDesireBSSID,
2457 pMgmt->abyDesireSSID,
2458 pMgmt->eConfigPHYMode
2461 if (pCurr == NULL) {
2462 *pStatus = CMD_STATUS_RESOURCES;
2463 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyDesireSSID;
2464 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Scanning [%s] not found, disconnected !\n", pItemSSID->abySSID);
2468 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP(BSS) finding:Found a AP(BSS)..\n");
2469 if (WLAN_GET_CAP_INFO_ESS(cpu_to_le16(pCurr->wCapInfo))) {
2470 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) || (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)) {
2471 // patch for CISCO migration mode
2474 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
2475 Encyption_Rebuild(pDevice, pCurr);
2477 // Infrastructure BSS
2478 s_vMgrSynchBSS(pDevice,
2484 if (*pStatus == CMD_STATUS_SUCCESS) {
2485 // Adopt this BSS state vars in Mgmt Object
2486 pMgmt->uCurrChannel = pCurr->uChannel;
2488 memset(pMgmt->abyCurrSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2489 memset(pMgmt->abyCurrExtSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2491 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B)
2492 uRateLen = WLAN_RATES_MAXLEN_11B;
2494 pItemRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates;
2495 pItemExtRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates;
2497 // Parse Support Rate IE
2498 pItemRates->byElementID = WLAN_EID_SUPP_RATES;
2499 pItemRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2503 // Parse Extension Support Rate IE
2504 pItemExtRates->byElementID = WLAN_EID_EXTSUPP_RATES;
2505 pItemExtRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abyExtSuppRates,
2509 if ((pItemExtRates->len > 0) && (pItemRates->len < 8)) {
2510 for (ii = 0; ii < (unsigned int)(8 - pItemRates->len);) {
2511 pItemRates->abyRates[pItemRates->len + ii] = pItemExtRates->abyRates[ii];
2513 if (pItemExtRates->len <= ii)
2516 pItemRates->len += (unsigned char)ii;
2517 if (pItemExtRates->len - ii > 0) {
2518 pItemExtRates->len -= (unsigned char)ii;
2519 for (uu = 0; uu < pItemExtRates->len; uu++)
2520 pItemExtRates->abyRates[uu] = pItemExtRates->abyRates[uu + ii];
2522 pItemExtRates->len = 0;
2526 RATEvParseMaxRate((void *)pDevice, pItemRates, pItemExtRates, true,
2527 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2528 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2530 // TODO: deal with if wCapInfo the privacy is on, but station WEP is off
2531 // TODO: deal with if wCapInfo the PS-Pollable is on.
2532 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2533 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2534 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2535 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2537 pMgmt->eCurrMode = WMAC_MODE_ESS_STA;
2539 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2541 // Add current BSS to Candidate list
2542 // This should only works for WPA2 BSS, and WPA2 BSS check must be done before.
2543 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
2544 bool bResult = bAdd_PMKID_Candidate((void *)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2546 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "bAdd_PMKID_Candidate: 1(%d)\n", bResult);
2548 vFlush_PMKID_Candidate((void *)pDevice);
2549 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "vFlush_PMKID_Candidate: 4\n");
2550 bAdd_PMKID_Candidate((void *)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2554 // Preamble type auto-switch: if AP can receive short-preamble cap,
2555 // we can turn on too.
2557 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Join ESS\n");
2559 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "End of Join AP -- A/B/G Action\n");
2561 pMgmt->eCurrState = WMAC_STATE_IDLE;
2566 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2567 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2568 if (!WPA_SearchRSN(0, WPA_TKIP, pCurr)) {
2569 // encryption mode error
2570 pMgmt->eCurrState = WMAC_STATE_IDLE;
2573 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2574 if (!WPA_SearchRSN(0, WPA_AESCCMP, pCurr)) {
2575 // encryption mode error
2576 pMgmt->eCurrState = WMAC_STATE_IDLE;
2580 // encryption mode error
2581 pMgmt->eCurrState = WMAC_STATE_IDLE;
2586 s_vMgrSynchBSS(pDevice,
2592 if (*pStatus == CMD_STATUS_SUCCESS) {
2593 // Adopt this BSS state vars in Mgmt Object
2594 // TODO: check if CapInfo privacy on, but we don't..
2595 pMgmt->uCurrChannel = pCurr->uChannel;
2597 // Parse Support Rate IE
2598 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2599 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2600 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2601 WLAN_RATES_MAXLEN_11B);
2603 RATEvParseMaxRate((void *)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2604 NULL, true, &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2605 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2607 pMgmt->wCurrCapInfo = pCurr->wCapInfo;
2608 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2609 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2610 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2611 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2612 MACvWriteATIMW(pDevice->PortOffset, pMgmt->wCurrATIMWindow);
2613 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2615 pMgmt->eCurrState = WMAC_STATE_STARTED;
2617 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Join IBSS ok:%pM\n",
2618 pMgmt->abyCurrBSSID);
2619 // Preamble type auto-switch: if AP can receive short-preamble cap,
2620 // and if registry setting is short preamble we can turn on too.
2623 bMgrPrepareBeaconToSend((void *)pDevice, pMgmt);
2625 pMgmt->eCurrState = WMAC_STATE_IDLE;
2632 * Routine Description:
2633 * Set HW to synchronize a specific BSS from known BSS list.
2644 unsigned int uBSSMode,
2649 CARD_PHY_TYPE ePhyType = PHY_TYPE_11B;
2650 PSMgmtObject pMgmt = pDevice->pMgmt;
2652 //1M, 2M, 5M, 11M, 18M, 24M, 36M, 54M
2653 unsigned char abyCurrSuppRatesG[] = {WLAN_EID_SUPP_RATES, 8, 0x02, 0x04, 0x0B, 0x16, 0x24, 0x30, 0x48, 0x6C};
2654 unsigned char abyCurrExtSuppRatesG[] = {WLAN_EID_EXTSUPP_RATES, 4, 0x0C, 0x12, 0x18, 0x60};
2656 unsigned char abyCurrSuppRatesA[] = {WLAN_EID_SUPP_RATES, 8, 0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2657 unsigned char abyCurrSuppRatesB[] = {WLAN_EID_SUPP_RATES, 4, 0x02, 0x04, 0x0B, 0x16};
2659 *pStatus = CMD_STATUS_FAILURE;
2661 if (!s_bCipherMatch(pCurr,
2662 pDevice->eEncryptionStatus,
2664 &(pMgmt->byCSSGK))) {
2665 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "s_bCipherMatch Fail .......\n");
2669 pMgmt->pCurrBSS = pCurr;
2671 // if previous mode is IBSS.
2672 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2673 MACvRegBitsOff(pDevice->PortOffset, MAC_REG_BCNDMACTL, BEACON_READY);
2674 MACvRegBitsOff(pDevice->PortOffset, MAC_REG_TCR, TCR_AUTOBCNTX);
2677 // Init the BSS informations
2678 pDevice->bCCK = true;
2679 pDevice->bProtectMode = false;
2680 MACvDisableProtectMD(pDevice->PortOffset);
2681 pDevice->bBarkerPreambleMd = false;
2682 MACvDisableBarkerPreambleMd(pDevice->PortOffset);
2683 pDevice->bNonERPPresent = false;
2684 pDevice->byPreambleType = 0;
2685 pDevice->wBasicRate = 0;
2687 CARDbAddBasicRate((void *)pDevice, RATE_1M);
2688 // calculate TSF offset
2689 // TSF Offset = Received Timestamp TSF - Marked Local's TSF
2690 CARDbUpdateTSF(pDevice, pCurr->byRxRate, pCurr->qwBSSTimestamp, pCurr->qwLocalTSF);
2692 CARDbSetBeaconPeriod(pDevice, pCurr->wBeaconInterval);
2695 // Next TBTT = ((local_current_TSF / beacon_interval) + 1) * beacon_interval
2696 CARDvSetFirstNextTBTT(pDevice->PortOffset, pCurr->wBeaconInterval);
2699 MACvWriteBSSIDAddress(pDevice->PortOffset, pCurr->abyBSSID);
2701 MACvReadBSSIDAddress(pDevice->PortOffset, pMgmt->abyCurrBSSID);
2703 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Sync:set CurrBSSID address = "
2704 "%pM\n", pMgmt->abyCurrBSSID);
2706 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11A) {
2707 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11A) ||
2708 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
2709 ePhyType = PHY_TYPE_11A;
2713 } else if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
2714 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11B) ||
2715 (pMgmt->eConfigPHYMode == PHY_TYPE_11G) ||
2716 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
2717 ePhyType = PHY_TYPE_11B;
2722 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11G) ||
2723 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
2724 ePhyType = PHY_TYPE_11G;
2725 } else if (pMgmt->eConfigPHYMode == PHY_TYPE_11B) {
2726 ePhyType = PHY_TYPE_11B;
2732 if (ePhyType == PHY_TYPE_11A) {
2733 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesA[0], sizeof(abyCurrSuppRatesA));
2734 pMgmt->abyCurrExtSuppRates[1] = 0;
2735 } else if (ePhyType == PHY_TYPE_11B) {
2736 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesB[0], sizeof(abyCurrSuppRatesB));
2737 pMgmt->abyCurrExtSuppRates[1] = 0;
2739 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesG[0], sizeof(abyCurrSuppRatesG));
2740 memcpy(pMgmt->abyCurrExtSuppRates, &abyCurrExtSuppRatesG[0], sizeof(abyCurrExtSuppRatesG));
2743 if (WLAN_GET_CAP_INFO_ESS(pCurr->wCapInfo)) {
2744 CARDbSetBSSID(pMgmt->pAdapter, pCurr->abyBSSID, OP_MODE_INFRASTRUCTURE);
2745 // Add current BSS to Candidate list
2746 // This should only works for WPA2 BSS, and WPA2 BSS check must be done before.
2747 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)
2748 CARDbAdd_PMKID_Candidate(pMgmt->pAdapter, pMgmt->abyCurrBSSID, pCurr->sRSNCapObj.bRSNCapExist, pCurr->sRSNCapObj.wRSNCap);
2750 CARDbSetBSSID(pMgmt->pAdapter, pCurr->abyBSSID, OP_MODE_ADHOC);
2753 if (!CARDbSetPhyParameter(pMgmt->pAdapter,
2757 pMgmt->abyCurrSuppRates,
2758 pMgmt->abyCurrExtSuppRates)) {
2759 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "<----s_bSynchBSS Set Phy Mode Fail [%d]\n", ePhyType);
2762 // set channel and clear NAV
2763 if (!set_channel(pMgmt->pAdapter, pCurr->uChannel)) {
2764 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "<----s_bSynchBSS Set Channel [%d]\n", pCurr->uChannel);
2768 pMgmt->uCurrChannel = pCurr->uChannel;
2769 pMgmt->eCurrentPHYMode = ePhyType;
2770 pMgmt->byERPContext = pCurr->sERP.byERP;
2771 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Sync:Set to channel = [%d]\n", (int)pCurr->uChannel);
2773 *pStatus = CMD_STATUS_SUCCESS;
2778 //mike add: fix NetworkManager 0.7.0 hidden ssid mode in WPA encryption
2779 // ,need reset eAuthenMode and eEncryptionStatus
2780 static void Encyption_Rebuild(
2785 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2787 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) || //networkmanager 0.7.0 does not give the pairwise-key selection,
2788 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) { // so we need re-select it according to real pairwise-key info.
2789 if (pCurr->bWPAValid) { //WPA-PSK
2790 pMgmt->eAuthenMode = WMAC_AUTH_WPAPSK;
2791 if (pCurr->abyPKType[0] == WPA_TKIP) {
2792 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
2793 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-TKIP]\n");
2794 } else if (pCurr->abyPKType[0] == WPA_AESCCMP) {
2795 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
2796 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-AES]\n");
2798 } else if (pCurr->bWPA2Valid) { //WPA2-PSK
2799 pMgmt->eAuthenMode = WMAC_AUTH_WPA2PSK;
2800 if (pCurr->abyCSSPK[0] == WLAN_11i_CSS_TKIP) {
2801 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
2802 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-TKIP]\n");
2803 } else if (pCurr->abyCSSPK[0] == WLAN_11i_CSS_CCMP) {
2804 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
2805 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-AES]\n");
2813 * Routine Description:
2829 unsigned char byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
2830 unsigned char byMap;
2831 unsigned int ii, jj;
2832 bool bStartFound = false;
2833 bool bMulticast = false;
2834 unsigned short wStartIndex = 0;
2835 unsigned short wEndIndex = 0;
2837 // Find size of partial virtual bitmap
2838 for (ii = 0; ii < (MAX_NODE_NUM + 1); ii++) {
2839 byMap = pMgmt->abyPSTxMap[ii];
2841 // Mask out the broadcast bit which is indicated separately.
2842 bMulticast = (byMap & byMask[0]) != 0;
2844 pMgmt->sNodeDBTable[0].bRxPSPoll = true;
2857 // Round start index down to nearest even number
2858 wStartIndex &= ~BIT0;
2860 // Round end index up to nearest even number
2861 wEndIndex = ((wEndIndex + 1) & ~BIT0);
2863 // Size of element payload
2865 pTIM->len = 3 + (wEndIndex - wStartIndex) + 1;
2867 // Fill in the Fixed parts of the TIM
2868 pTIM->byDTIMCount = pMgmt->byDTIMCount;
2869 pTIM->byDTIMPeriod = pMgmt->byDTIMPeriod;
2870 pTIM->byBitMapCtl = (bMulticast ? TIM_MULTICAST_MASK : 0) |
2871 (((wStartIndex >> 1) << 1) & TIM_BITMAPOFFSET_MASK);
2873 // Append variable part of TIM
2875 for (ii = wStartIndex, jj = 0; ii <= wEndIndex; ii++, jj++)
2876 pTIM->byVirtBitMap[jj] = pMgmt->abyPSTxMap[ii];
2878 // Aid = 0 don't used.
2879 pTIM->byVirtBitMap[0] &= ~BIT0;
2884 * Routine Description:
2885 * Constructs an Beacon frame(Ad-hoc mode)
2889 * PTR to frame; or NULL on allocation failure
2898 unsigned short wCurrCapInfo,
2899 unsigned short wCurrBeaconPeriod,
2900 unsigned int uCurrChannel,
2901 unsigned short wCurrATIMWinodw,
2902 PWLAN_IE_SSID pCurrSSID,
2903 unsigned char *pCurrBSSID,
2904 PWLAN_IE_SUPP_RATES pCurrSuppRates,
2905 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
2908 PSTxMgmtPacket pTxPacket = NULL;
2909 WLAN_FR_BEACON sFrame;
2910 unsigned char abyBroadcastAddr[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
2911 unsigned char *pbyBuffer;
2912 unsigned int uLength = 0;
2913 PWLAN_IE_IBSS_DFS pIBSSDFS = NULL;
2916 // prepare beacon frame
2917 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
2918 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_BEACON_FR_MAXLEN);
2919 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
2920 // Setup the sFrame structure.
2921 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
2922 sFrame.len = WLAN_BEACON_FR_MAXLEN;
2923 vMgrEncodeBeacon(&sFrame);
2925 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
2927 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
2928 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_BEACON)
2931 if (pDevice->bEnablePSMode)
2932 sFrame.pHdr->sA3.wFrameCtl |= cpu_to_le16((unsigned short)WLAN_SET_FC_PWRMGT(1));
2934 memcpy(sFrame.pHdr->sA3.abyAddr1, abyBroadcastAddr, WLAN_ADDR_LEN);
2935 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
2936 memcpy(sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
2937 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
2938 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
2940 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
2941 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
2942 memcpy(sFrame.pSSID,
2944 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
2946 // Copy the rate set
2947 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
2948 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
2949 memcpy(sFrame.pSuppRates,
2951 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
2954 if (pDevice->eCurrentPHYType != PHY_TYPE_11A) {
2955 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
2956 sFrame.len += (1) + WLAN_IEHDR_LEN;
2957 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
2958 sFrame.pDSParms->len = 1;
2959 sFrame.pDSParms->byCurrChannel = (unsigned char)uCurrChannel;
2962 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2963 sFrame.pTIM = (PWLAN_IE_TIM)(sFrame.pBuf + sFrame.len);
2964 sFrame.pTIM->byElementID = WLAN_EID_TIM;
2965 s_vMgrFormatTIM(pMgmt, sFrame.pTIM);
2966 sFrame.len += (WLAN_IEHDR_LEN + sFrame.pTIM->len);
2969 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2971 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
2972 sFrame.len += (2) + WLAN_IEHDR_LEN;
2973 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
2974 sFrame.pIBSSParms->len = 2;
2975 sFrame.pIBSSParms->wATIMWindow = wCurrATIMWinodw;
2976 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2978 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
2979 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
2980 sFrame.pRSNWPA->len = 12;
2981 sFrame.pRSNWPA->abyOUI[0] = 0x00;
2982 sFrame.pRSNWPA->abyOUI[1] = 0x50;
2983 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
2984 sFrame.pRSNWPA->abyOUI[3] = 0x01;
2985 sFrame.pRSNWPA->wVersion = 1;
2986 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
2987 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
2988 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
2989 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled)
2990 sFrame.pRSNWPA->abyMulticast[3] = 0x04;//AES
2991 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled)
2992 sFrame.pRSNWPA->abyMulticast[3] = 0x02;//TKIP
2993 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption1Enabled)
2994 sFrame.pRSNWPA->abyMulticast[3] = 0x01;//WEP40
2996 sFrame.pRSNWPA->abyMulticast[3] = 0x00;//NONE
2998 // Pairwise Key Cipher Suite
2999 sFrame.pRSNWPA->wPKCount = 0;
3000 // Auth Key Management Suite
3001 *((unsigned short *)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len)) = 0;
3002 sFrame.pRSNWPA->len += 2;
3005 *((unsigned short *)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len)) = 0;
3006 sFrame.pRSNWPA->len += 2;
3007 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3011 if (pMgmt->b11hEnable && (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
3013 pbyBuffer = (unsigned char *)(sFrame.pBuf + sFrame.len);
3014 set_country_IE(pMgmt->pAdapter, pbyBuffer);
3015 set_country_info(pMgmt->pAdapter, PHY_TYPE_11A, pbyBuffer);
3016 uLength += ((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN;
3017 pbyBuffer += (((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN);
3018 // Power Constrain IE
3019 ((PWLAN_IE_PW_CONST) pbyBuffer)->byElementID = WLAN_EID_PWR_CONSTRAINT;
3020 ((PWLAN_IE_PW_CONST) pbyBuffer)->len = 1;
3021 ((PWLAN_IE_PW_CONST) pbyBuffer)->byPower = 0;
3022 pbyBuffer += (1) + WLAN_IEHDR_LEN;
3023 uLength += (1) + WLAN_IEHDR_LEN;
3024 if (pMgmt->bSwitchChannel) {
3025 // Channel Switch IE
3026 ((PWLAN_IE_CH_SW) pbyBuffer)->byElementID = WLAN_EID_CH_SWITCH;
3027 ((PWLAN_IE_CH_SW) pbyBuffer)->len = 3;
3028 ((PWLAN_IE_CH_SW) pbyBuffer)->byMode = 1;
3029 ((PWLAN_IE_CH_SW) pbyBuffer)->byChannel = get_channel_number(pMgmt->pAdapter, pMgmt->byNewChannel);
3030 ((PWLAN_IE_CH_SW) pbyBuffer)->byCount = 0;
3031 pbyBuffer += (3) + WLAN_IEHDR_LEN;
3032 uLength += (3) + WLAN_IEHDR_LEN;
3035 ((PWLAN_IE_TPC_REP) pbyBuffer)->byElementID = WLAN_EID_TPC_REP;
3036 ((PWLAN_IE_TPC_REP) pbyBuffer)->len = 2;
3037 ((PWLAN_IE_TPC_REP) pbyBuffer)->byTxPower = CARDbyGetTransmitPower(pMgmt->pAdapter);
3038 ((PWLAN_IE_TPC_REP) pbyBuffer)->byLinkMargin = 0;
3039 pbyBuffer += (2) + WLAN_IEHDR_LEN;
3040 uLength += (2) + WLAN_IEHDR_LEN;
3042 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3043 pIBSSDFS = (PWLAN_IE_IBSS_DFS) pbyBuffer;
3044 pIBSSDFS->byElementID = WLAN_EID_IBSS_DFS;
3046 memcpy(pIBSSDFS->abyDFSOwner,
3047 pMgmt->abyIBSSDFSOwner,
3049 pIBSSDFS->byDFSRecovery = pMgmt->byIBSSDFSRecovery;
3050 pbyBuffer += (7) + WLAN_IEHDR_LEN;
3051 uLength += (7) + WLAN_IEHDR_LEN;
3052 for (ii = CB_MAX_CHANNEL_24G+1; ii <= CB_MAX_CHANNEL; ii++) {
3053 if (get_channel_map_info(pMgmt->pAdapter, ii, pbyBuffer, pbyBuffer+1)) {
3060 sFrame.len += uLength;
3063 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
3064 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3065 sFrame.len += 1 + WLAN_IEHDR_LEN;
3066 sFrame.pERP->byElementID = WLAN_EID_ERP;
3067 sFrame.pERP->len = 1;
3068 sFrame.pERP->byContext = 0;
3069 if (pDevice->bProtectMode)
3070 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3071 if (pDevice->bNonERPPresent)
3072 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3073 if (pDevice->bBarkerPreambleMd)
3074 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3076 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3077 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3078 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3079 memcpy(sFrame.pExtSuppRates,
3081 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3084 // hostapd wpa/wpa2 IE
3085 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && pDevice->bEnableHostapd) {
3086 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3087 if (pMgmt->wWPAIELen != 0) {
3088 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3089 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3090 sFrame.len += pMgmt->wWPAIELen;
3095 /* Adjust the length fields */
3096 pTxPacket->cbMPDULen = sFrame.len;
3097 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3104 * Routine Description:
3105 * Constructs an Prob-response frame
3109 * PTR to frame; or NULL on allocation failure
3113 static PSTxMgmtPacket
3114 s_MgrMakeProbeResponse(
3117 unsigned short wCurrCapInfo,
3118 unsigned short wCurrBeaconPeriod,
3119 unsigned int uCurrChannel,
3120 unsigned short wCurrATIMWinodw,
3121 unsigned char *pDstAddr,
3122 PWLAN_IE_SSID pCurrSSID,
3123 unsigned char *pCurrBSSID,
3124 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3125 PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
3126 unsigned char byPHYType
3129 PSTxMgmtPacket pTxPacket = NULL;
3130 WLAN_FR_PROBERESP sFrame;
3131 unsigned char *pbyBuffer;
3132 unsigned int uLength = 0;
3133 PWLAN_IE_IBSS_DFS pIBSSDFS = NULL;
3136 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3137 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_PROBERESP_FR_MAXLEN);
3138 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3139 // Setup the sFrame structure.
3140 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3141 sFrame.len = WLAN_PROBERESP_FR_MAXLEN;
3142 vMgrEncodeProbeResponse(&sFrame);
3144 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3146 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3147 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_PROBERESP)
3149 memcpy(sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3150 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3151 memcpy(sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3152 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3153 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3155 if (byPHYType == BB_TYPE_11B)
3156 *sFrame.pwCapInfo &= cpu_to_le16((unsigned short)~(WLAN_SET_CAP_INFO_SHORTSLOTTIME(1)));
3159 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3160 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3161 memcpy(sFrame.pSSID,
3163 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3165 // Copy the rate set
3166 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3168 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3169 memcpy(sFrame.pSuppRates,
3171 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3175 if (pDevice->eCurrentPHYType != PHY_TYPE_11A) {
3176 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3177 sFrame.len += (1) + WLAN_IEHDR_LEN;
3178 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3179 sFrame.pDSParms->len = 1;
3180 sFrame.pDSParms->byCurrChannel = (unsigned char)uCurrChannel;
3183 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3185 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3186 sFrame.len += (2) + WLAN_IEHDR_LEN;
3187 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3188 sFrame.pIBSSParms->len = 2;
3189 sFrame.pIBSSParms->wATIMWindow = 0;
3191 if (pDevice->eCurrentPHYType == PHY_TYPE_11G) {
3192 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3193 sFrame.len += 1 + WLAN_IEHDR_LEN;
3194 sFrame.pERP->byElementID = WLAN_EID_ERP;
3195 sFrame.pERP->len = 1;
3196 sFrame.pERP->byContext = 0;
3197 if (pDevice->bProtectMode)
3198 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3199 if (pDevice->bNonERPPresent)
3200 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3201 if (pDevice->bBarkerPreambleMd)
3202 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3205 if (pMgmt->b11hEnable && (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
3207 pbyBuffer = (unsigned char *)(sFrame.pBuf + sFrame.len);
3208 set_country_IE(pMgmt->pAdapter, pbyBuffer);
3209 set_country_info(pMgmt->pAdapter, PHY_TYPE_11A, pbyBuffer);
3210 uLength += ((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN;
3211 pbyBuffer += (((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN);
3212 // Power Constrain IE
3213 ((PWLAN_IE_PW_CONST) pbyBuffer)->byElementID = WLAN_EID_PWR_CONSTRAINT;
3214 ((PWLAN_IE_PW_CONST) pbyBuffer)->len = 1;
3215 ((PWLAN_IE_PW_CONST) pbyBuffer)->byPower = 0;
3216 pbyBuffer += (1) + WLAN_IEHDR_LEN;
3217 uLength += (1) + WLAN_IEHDR_LEN;
3218 if (pMgmt->bSwitchChannel) {
3219 // Channel Switch IE
3220 ((PWLAN_IE_CH_SW) pbyBuffer)->byElementID = WLAN_EID_CH_SWITCH;
3221 ((PWLAN_IE_CH_SW) pbyBuffer)->len = 3;
3222 ((PWLAN_IE_CH_SW) pbyBuffer)->byMode = 1;
3223 ((PWLAN_IE_CH_SW) pbyBuffer)->byChannel = get_channel_number(pMgmt->pAdapter, pMgmt->byNewChannel);
3224 ((PWLAN_IE_CH_SW) pbyBuffer)->byCount = 0;
3225 pbyBuffer += (3) + WLAN_IEHDR_LEN;
3226 uLength += (3) + WLAN_IEHDR_LEN;
3229 ((PWLAN_IE_TPC_REP) pbyBuffer)->byElementID = WLAN_EID_TPC_REP;
3230 ((PWLAN_IE_TPC_REP) pbyBuffer)->len = 2;
3231 ((PWLAN_IE_TPC_REP) pbyBuffer)->byTxPower = CARDbyGetTransmitPower(pMgmt->pAdapter);
3232 ((PWLAN_IE_TPC_REP) pbyBuffer)->byLinkMargin = 0;
3233 pbyBuffer += (2) + WLAN_IEHDR_LEN;
3234 uLength += (2) + WLAN_IEHDR_LEN;
3236 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3237 pIBSSDFS = (PWLAN_IE_IBSS_DFS) pbyBuffer;
3238 pIBSSDFS->byElementID = WLAN_EID_IBSS_DFS;
3240 memcpy(pIBSSDFS->abyDFSOwner,
3241 pMgmt->abyIBSSDFSOwner,
3243 pIBSSDFS->byDFSRecovery = pMgmt->byIBSSDFSRecovery;
3244 pbyBuffer += (7) + WLAN_IEHDR_LEN;
3245 uLength += (7) + WLAN_IEHDR_LEN;
3246 for (ii = CB_MAX_CHANNEL_24G + 1; ii <= CB_MAX_CHANNEL; ii++) {
3247 if (get_channel_map_info(pMgmt->pAdapter, ii, pbyBuffer, pbyBuffer+1)) {
3254 sFrame.len += uLength;
3257 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3258 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3259 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3260 memcpy(sFrame.pExtSuppRates,
3262 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3266 // hostapd wpa/wpa2 IE
3267 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && pDevice->bEnableHostapd) {
3268 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3269 if (pMgmt->wWPAIELen != 0) {
3270 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3271 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3272 sFrame.len += pMgmt->wWPAIELen;
3277 // Adjust the length fields
3278 pTxPacket->cbMPDULen = sFrame.len;
3279 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3286 * Routine Description:
3287 * Constructs an association request frame
3291 * A ptr to frame or NULL on allocation failure
3295 static PSTxMgmtPacket
3296 s_MgrMakeAssocRequest(
3299 unsigned char *pDAddr,
3300 unsigned short wCurrCapInfo,
3301 unsigned short wListenInterval,
3302 PWLAN_IE_SSID pCurrSSID,
3303 PWLAN_IE_SUPP_RATES pCurrRates,
3304 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3307 PSTxMgmtPacket pTxPacket = NULL;
3308 WLAN_FR_ASSOCREQ sFrame;
3309 unsigned char *pbyIEs;
3310 unsigned char *pbyRSN;
3312 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3313 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3314 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3315 // Setup the sFrame structure.
3316 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3317 sFrame.len = WLAN_ASSOCREQ_FR_MAXLEN;
3318 // format fixed field frame structure
3319 vMgrEncodeAssocRequest(&sFrame);
3321 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3323 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3324 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCREQ)
3326 memcpy(sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3327 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3328 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3330 // Set the capability and listen interval
3331 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3332 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3334 // sFrame.len point to end of fixed field
3335 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3336 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3337 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3339 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3340 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3341 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3342 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3343 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3345 // Copy the rate set
3346 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3347 if ((pDevice->eCurrentPHYType == PHY_TYPE_11B) && (pCurrRates->len > 4))
3348 sFrame.len += 4 + WLAN_IEHDR_LEN;
3350 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3351 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3353 // Copy the extension rate set
3354 if ((pDevice->eCurrentPHYType == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3355 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3356 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3357 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3360 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3361 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3362 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3365 if (pMgmt->b11hEnable) {
3366 if (sFrame.pCurrPowerCap == NULL) {
3367 sFrame.pCurrPowerCap = (PWLAN_IE_PW_CAP)(sFrame.pBuf + sFrame.len);
3368 sFrame.len += (2 + WLAN_IEHDR_LEN);
3369 sFrame.pCurrPowerCap->byElementID = WLAN_EID_PWR_CAPABILITY;
3370 sFrame.pCurrPowerCap->len = 2;
3371 CARDvGetPowerCapability(pMgmt->pAdapter,
3372 &(sFrame.pCurrPowerCap->byMinPower),
3373 &(sFrame.pCurrPowerCap->byMaxPower)
3376 if (sFrame.pCurrSuppCh == NULL) {
3377 sFrame.pCurrSuppCh = (PWLAN_IE_SUPP_CH)(sFrame.pBuf + sFrame.len);
3378 sFrame.len += set_support_channels(pMgmt->pAdapter, (unsigned char *)sFrame.pCurrSuppCh);
3382 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3383 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3384 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3385 (pMgmt->pCurrBSS != NULL)) {
3387 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3388 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3389 sFrame.pRSNWPA->len = 16;
3390 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3391 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3392 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3393 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3394 sFrame.pRSNWPA->wVersion = 1;
3395 //Group Key Cipher Suite
3396 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3397 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3398 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3399 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3400 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3401 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3402 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3403 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3404 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3406 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3408 // Pairwise Key Cipher Suite
3409 sFrame.pRSNWPA->wPKCount = 1;
3410 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3411 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3412 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3413 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3414 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3415 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3416 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3418 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3420 // Auth Key Management Suite
3421 pbyRSN = (unsigned char *)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3428 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)
3429 *pbyRSN++ = WPA_AUTH_PSK;
3430 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA)
3431 *pbyRSN++ = WPA_AUTH_IEEE802_1X;
3433 *pbyRSN++ = WPA_NONE;
3435 sFrame.pRSNWPA->len += 6;
3441 sFrame.pRSNWPA->len += 2;
3443 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3444 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3445 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3446 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3447 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3449 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3450 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3451 (pMgmt->pCurrBSS != NULL)) {
3453 unsigned short *pwPMKID;
3456 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3457 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3458 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3459 sFrame.pRSN->wVersion = 1;
3460 //Group Key Cipher Suite
3461 sFrame.pRSN->abyRSN[0] = 0x00;
3462 sFrame.pRSN->abyRSN[1] = 0x0F;
3463 sFrame.pRSN->abyRSN[2] = 0xAC;
3464 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3465 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3466 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3467 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3468 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3469 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3471 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3473 // Pairwise Key Cipher Suite
3474 sFrame.pRSN->abyRSN[4] = 1;
3475 sFrame.pRSN->abyRSN[5] = 0;
3476 sFrame.pRSN->abyRSN[6] = 0x00;
3477 sFrame.pRSN->abyRSN[7] = 0x0F;
3478 sFrame.pRSN->abyRSN[8] = 0xAC;
3479 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3480 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3481 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3482 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3483 else if (pMgmt->byCSSPK == KEY_CTL_NONE)
3484 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3486 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3488 sFrame.pRSN->len += 6;
3490 // Auth Key Management Suite
3491 sFrame.pRSN->abyRSN[10] = 1;
3492 sFrame.pRSN->abyRSN[11] = 0;
3493 sFrame.pRSN->abyRSN[12] = 0x00;
3494 sFrame.pRSN->abyRSN[13] = 0x0F;
3495 sFrame.pRSN->abyRSN[14] = 0xAC;
3496 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)
3497 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3498 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)
3499 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3501 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3503 sFrame.pRSN->len += 6;
3506 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist) {
3507 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3509 sFrame.pRSN->abyRSN[16] = 0;
3510 sFrame.pRSN->abyRSN[17] = 0;
3512 sFrame.pRSN->len += 2;
3514 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && pDevice->bRoaming && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3516 pbyRSN = &sFrame.pRSN->abyRSN[18];
3517 pwPMKID = (unsigned short *)pbyRSN; // Point to PMKID count
3518 *pwPMKID = 0; // Initialize PMKID count
3519 pbyRSN += 2; // Point to PMKID list
3520 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3521 if (!memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, ETH_ALEN)) {
3523 memcpy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
3528 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
3531 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3532 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3533 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3534 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3535 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3538 // Adjust the length fields
3539 pTxPacket->cbMPDULen = sFrame.len;
3540 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3546 * Routine Description:
3547 * Constructs an re-association request frame
3551 * A ptr to frame or NULL on allocation failure
3555 static PSTxMgmtPacket
3556 s_MgrMakeReAssocRequest(
3559 unsigned char *pDAddr,
3560 unsigned short wCurrCapInfo,
3561 unsigned short wListenInterval,
3562 PWLAN_IE_SSID pCurrSSID,
3563 PWLAN_IE_SUPP_RATES pCurrRates,
3564 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3567 PSTxMgmtPacket pTxPacket = NULL;
3568 WLAN_FR_REASSOCREQ sFrame;
3569 unsigned char *pbyIEs;
3570 unsigned char *pbyRSN;
3572 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3573 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_REASSOCREQ_FR_MAXLEN);
3574 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3575 /* Setup the sFrame structure. */
3576 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3577 sFrame.len = WLAN_REASSOCREQ_FR_MAXLEN;
3579 // format fixed field frame structure
3580 vMgrEncodeReassocRequest(&sFrame);
3582 /* Setup the header */
3583 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3585 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3586 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCREQ)
3588 memcpy(sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3589 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3590 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3592 /* Set the capability and listen interval */
3593 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3594 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3596 memcpy(sFrame.pAddrCurrAP, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3598 /* sFrame.len point to end of fixed field */
3599 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3600 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3601 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3603 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3604 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3605 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3606 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3607 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3609 /* Copy the rate set */
3610 /* sFrame.len point to end of SSID */
3611 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3612 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3613 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3615 // Copy the extension rate set
3616 if ((pMgmt->eCurrentPHYMode == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3617 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3618 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3619 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3622 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3623 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3624 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3626 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3627 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3628 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3629 (pMgmt->pCurrBSS != NULL)) {
3631 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3632 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3633 sFrame.pRSNWPA->len = 16;
3634 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3635 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3636 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3637 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3638 sFrame.pRSNWPA->wVersion = 1;
3639 //Group Key Cipher Suite
3640 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3641 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3642 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3643 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3644 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3645 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3646 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3647 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3648 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3650 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3652 // Pairwise Key Cipher Suite
3653 sFrame.pRSNWPA->wPKCount = 1;
3654 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3655 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3656 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3657 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3658 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3659 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3660 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3662 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3664 // Auth Key Management Suite
3665 pbyRSN = (unsigned char *)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3672 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)
3673 *pbyRSN++ = WPA_AUTH_PSK;
3674 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA)
3675 *pbyRSN++ = WPA_AUTH_IEEE802_1X;
3677 *pbyRSN++ = WPA_NONE;
3679 sFrame.pRSNWPA->len += 6;
3684 sFrame.pRSNWPA->len += 2;
3686 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3687 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3688 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3689 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3690 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3692 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3693 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3694 (pMgmt->pCurrBSS != NULL)) {
3696 unsigned short *pwPMKID;
3699 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3700 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3701 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3702 sFrame.pRSN->wVersion = 1;
3703 //Group Key Cipher Suite
3704 sFrame.pRSN->abyRSN[0] = 0x00;
3705 sFrame.pRSN->abyRSN[1] = 0x0F;
3706 sFrame.pRSN->abyRSN[2] = 0xAC;
3707 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3708 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3709 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3710 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3711 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3712 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3714 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3716 // Pairwise Key Cipher Suite
3717 sFrame.pRSN->abyRSN[4] = 1;
3718 sFrame.pRSN->abyRSN[5] = 0;
3719 sFrame.pRSN->abyRSN[6] = 0x00;
3720 sFrame.pRSN->abyRSN[7] = 0x0F;
3721 sFrame.pRSN->abyRSN[8] = 0xAC;
3722 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3723 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3724 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3725 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3726 else if (pMgmt->byCSSPK == KEY_CTL_NONE)
3727 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3729 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3731 sFrame.pRSN->len += 6;
3733 // Auth Key Management Suite
3734 sFrame.pRSN->abyRSN[10] = 1;
3735 sFrame.pRSN->abyRSN[11] = 0;
3736 sFrame.pRSN->abyRSN[12] = 0x00;
3737 sFrame.pRSN->abyRSN[13] = 0x0F;
3738 sFrame.pRSN->abyRSN[14] = 0xAC;
3739 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)
3740 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3741 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)
3742 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3744 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3746 sFrame.pRSN->len += 6;
3749 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist) {
3750 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3752 sFrame.pRSN->abyRSN[16] = 0;
3753 sFrame.pRSN->abyRSN[17] = 0;
3755 sFrame.pRSN->len += 2;
3757 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && pDevice->bRoaming && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3759 pbyRSN = &sFrame.pRSN->abyRSN[18];
3760 pwPMKID = (unsigned short *)pbyRSN; // Point to PMKID count
3761 *pwPMKID = 0; // Initialize PMKID count
3762 pbyRSN += 2; // Point to PMKID list
3763 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3764 if (!memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, ETH_ALEN)) {
3766 memcpy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
3772 sFrame.pRSN->len += (2 + (*pwPMKID) * 16);
3775 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3776 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3777 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3778 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3779 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3782 /* Adjust the length fields */
3783 pTxPacket->cbMPDULen = sFrame.len;
3784 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3791 * Routine Description:
3792 * Constructs an assoc-response frame
3796 * PTR to frame; or NULL on allocation failure
3800 static PSTxMgmtPacket
3801 s_MgrMakeAssocResponse(
3804 unsigned short wCurrCapInfo,
3805 unsigned short wAssocStatus,
3806 unsigned short wAssocAID,
3807 unsigned char *pDstAddr,
3808 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3809 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3812 PSTxMgmtPacket pTxPacket = NULL;
3813 WLAN_FR_ASSOCRESP sFrame;
3815 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3816 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3817 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3818 // Setup the sFrame structure
3819 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3820 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
3821 vMgrEncodeAssocResponse(&sFrame);
3823 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3825 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3826 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCRESP)
3828 memcpy(sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3829 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3830 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3832 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3833 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
3834 *sFrame.pwAid = cpu_to_le16((unsigned short)(wAssocAID | BIT14 | BIT15));
3836 // Copy the rate set
3837 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3838 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3839 memcpy(sFrame.pSuppRates,
3841 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3844 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3845 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3846 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3847 memcpy(sFrame.pExtSuppRates,
3849 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3853 // Adjust the length fields
3854 pTxPacket->cbMPDULen = sFrame.len;
3855 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3862 * Routine Description:
3863 * Constructs an reassoc-response frame
3867 * PTR to frame; or NULL on allocation failure
3871 static PSTxMgmtPacket
3872 s_MgrMakeReAssocResponse(
3875 unsigned short wCurrCapInfo,
3876 unsigned short wAssocStatus,
3877 unsigned short wAssocAID,
3878 unsigned char *pDstAddr,
3879 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3880 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3883 PSTxMgmtPacket pTxPacket = NULL;
3884 WLAN_FR_REASSOCRESP sFrame;
3886 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3887 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3888 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3889 // Setup the sFrame structure
3890 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3891 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
3892 vMgrEncodeReassocResponse(&sFrame);
3894 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3896 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3897 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCRESP)
3899 memcpy(sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3900 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3901 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3903 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3904 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
3905 *sFrame.pwAid = cpu_to_le16((unsigned short)(wAssocAID | BIT14 | BIT15));
3907 // Copy the rate set
3908 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3909 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3910 memcpy(sFrame.pSuppRates,
3912 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3915 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3916 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3917 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3918 memcpy(sFrame.pExtSuppRates,
3920 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3924 // Adjust the length fields
3925 pTxPacket->cbMPDULen = sFrame.len;
3926 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3933 * Routine Description:
3934 * Handles probe response management frames.
3944 s_vMgrRxProbeResponse(
3947 PSRxMgmtPacket pRxPacket
3950 PKnownBSS pBSSList = NULL;
3951 WLAN_FR_PROBERESP sFrame;
3952 unsigned char byCurrChannel = pRxPacket->byRxChannel;
3954 unsigned char byIEChannel = 0;
3955 bool bChannelHit = true;
3957 memset(&sFrame, 0, sizeof(WLAN_FR_PROBERESP));
3959 sFrame.len = pRxPacket->cbMPDULen;
3960 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
3961 vMgrDecodeProbeResponse(&sFrame);
3963 if ((sFrame.pqwTimestamp == NULL) ||
3964 (sFrame.pwBeaconInterval == NULL) ||
3965 (sFrame.pwCapInfo == NULL) ||
3966 (sFrame.pSSID == NULL) ||
3967 (sFrame.pSuppRates == NULL)) {
3968 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe resp:Fail addr:[%p] \n", pRxPacket->p80211Header);
3973 if (sFrame.pSSID->len == 0)
3974 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx Probe resp: SSID len = 0 \n");
3976 if (sFrame.pDSParms != NULL) {
3977 if (byCurrChannel > CB_MAX_CHANNEL_24G) {
3978 // channel remapping to
3979 byIEChannel = get_channel_mapping(pMgmt->pAdapter, sFrame.pDSParms->byCurrChannel, PHY_TYPE_11A);
3981 byIEChannel = sFrame.pDSParms->byCurrChannel;
3983 if (byCurrChannel != byIEChannel) {
3984 // adjust channel info. bcs we rcv adjacent channel packets
3985 bChannelHit = false;
3986 byCurrChannel = byIEChannel;
3989 // no DS channel info
3993 //2008-0730-01<Add>by MikeLiu
3994 if (ChannelExceedZoneType(pDevice, byCurrChannel))
3997 if (sFrame.pERP != NULL) {
3998 sERP.byERP = sFrame.pERP->byContext;
3999 sERP.bERPExist = true;
4001 sERP.bERPExist = false;
4005 // update or insert the bss
4006 pBSSList = BSSpAddrIsInBSSList((void *)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
4008 BSSbUpdateToBSSList((void *)pDevice,
4009 *sFrame.pqwTimestamp,
4010 *sFrame.pwBeaconInterval,
4016 sFrame.pExtSuppRates,
4023 sFrame.len - WLAN_HDR_ADDR3_LEN,
4024 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
4028 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe resp/insert: RxChannel = : %d\n", byCurrChannel);
4029 BSSbInsertToBSSList((void *)pDevice,
4030 sFrame.pHdr->sA3.abyAddr3,
4031 *sFrame.pqwTimestamp,
4032 *sFrame.pwBeaconInterval,
4037 sFrame.pExtSuppRates,
4043 sFrame.len - WLAN_HDR_ADDR3_LEN,
4044 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
4052 * Routine Description:(AP)or(Ad-hoc STA)
4053 * Handles probe request management frames.
4063 s_vMgrRxProbeRequest(
4066 PSRxMgmtPacket pRxPacket
4069 WLAN_FR_PROBEREQ sFrame;
4071 PSTxMgmtPacket pTxPacket;
4072 unsigned char byPHYType = BB_TYPE_11B;
4074 // STA in Ad-hoc mode: when latest TBTT beacon transmit success,
4075 // STA have to response this request.
4076 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) ||
4077 ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && pDevice->bBeaconSent)) {
4078 memset(&sFrame, 0, sizeof(WLAN_FR_PROBEREQ));
4080 sFrame.len = pRxPacket->cbMPDULen;
4081 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
4082 vMgrDecodeProbeRequest(&sFrame);
4084 if (sFrame.pSSID->len != 0) {
4085 if (sFrame.pSSID->len != ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len)
4087 if (memcmp(sFrame.pSSID->abySSID,
4088 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
4089 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) != 0) {
4094 if ((sFrame.pSuppRates->len > 4) || (sFrame.pExtSuppRates != NULL))
4095 byPHYType = BB_TYPE_11G;
4097 // Probe response reply..
4098 pTxPacket = s_MgrMakeProbeResponse
4102 pMgmt->wCurrCapInfo,
4103 pMgmt->wCurrBeaconPeriod,
4104 pMgmt->uCurrChannel,
4106 sFrame.pHdr->sA3.abyAddr2,
4107 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4108 (unsigned char *)pMgmt->abyCurrBSSID,
4109 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4110 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
4113 if (pTxPacket != NULL) {
4114 /* send the frame */
4115 Status = csMgmt_xmit(pDevice, pTxPacket);
4116 if (Status != CMD_STATUS_PENDING) {
4117 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Probe response tx failed\n");
4125 * Routine Description:
4127 * Entry point for the reception and handling of 802.11 management
4128 * frames. Makes a determination of the frame type and then calls
4129 * the appropriate function.
4139 void *hDeviceContext,
4141 PSRxMgmtPacket pRxPacket
4144 PSDevice pDevice = (PSDevice)hDeviceContext;
4145 bool bInScan = false;
4146 unsigned int uNodeIndex = 0;
4147 NODE_STATE eNodeState = 0;
4150 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
4151 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
4152 eNodeState = pMgmt->sNodeDBTable[uNodeIndex].eNodeState;
4155 switch (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl))) {
4156 case WLAN_FSTYPE_ASSOCREQ:
4158 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocreq\n");
4159 if (eNodeState < NODE_AUTH) {
4160 // send deauth notification
4161 // reason = (6) class 2 received from nonauth sta
4162 vMgrDeAuthenBeginSta(pDevice,
4164 pRxPacket->p80211Header->sA3.abyAddr2,
4168 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 1\n");
4170 s_vMgrRxAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4174 case WLAN_FSTYPE_ASSOCRESP:
4176 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp1\n");
4177 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, false);
4178 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp2\n");
4181 case WLAN_FSTYPE_REASSOCREQ:
4183 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocreq\n");
4185 if (eNodeState < NODE_AUTH) {
4186 // send deauth notification
4187 // reason = (6) class 2 received from nonauth sta
4188 vMgrDeAuthenBeginSta(pDevice,
4190 pRxPacket->p80211Header->sA3.abyAddr2,
4194 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 2\n");
4197 s_vMgrRxReAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4200 case WLAN_FSTYPE_REASSOCRESP:
4202 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocresp\n");
4203 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, true);
4206 case WLAN_FSTYPE_PROBEREQ:
4208 s_vMgrRxProbeRequest(pDevice, pMgmt, pRxPacket);
4211 case WLAN_FSTYPE_PROBERESP:
4213 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx proberesp\n");
4215 s_vMgrRxProbeResponse(pDevice, pMgmt, pRxPacket);
4218 case WLAN_FSTYPE_BEACON:
4220 if (pMgmt->eScanState != WMAC_NO_SCANNING)
4223 s_vMgrRxBeacon(pDevice, pMgmt, pRxPacket, bInScan);
4226 case WLAN_FSTYPE_ATIM:
4228 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx atim\n");
4231 case WLAN_FSTYPE_DISASSOC:
4233 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx disassoc\n");
4234 if (eNodeState < NODE_AUTH) {
4235 // send deauth notification
4236 // reason = (6) class 2 received from nonauth sta
4237 vMgrDeAuthenBeginSta(pDevice,
4239 pRxPacket->p80211Header->sA3.abyAddr2,
4243 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 3\n");
4245 s_vMgrRxDisassociation(pDevice, pMgmt, pRxPacket);
4248 case WLAN_FSTYPE_AUTHEN:
4250 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx authen\n");
4251 s_vMgrRxAuthentication(pDevice, pMgmt, pRxPacket);
4254 case WLAN_FSTYPE_DEAUTHEN:
4256 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx deauthen\n");
4257 s_vMgrRxDeauthentication(pDevice, pMgmt, pRxPacket);
4261 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx unknown mgmt\n");
4267 * Routine Description:
4270 * Prepare beacon to send
4273 * true if success; false if failed.
4277 bMgrPrepareBeaconToSend(
4278 void *hDeviceContext,
4282 PSDevice pDevice = (PSDevice)hDeviceContext;
4283 PSTxMgmtPacket pTxPacket;
4285 if (pDevice->bEncryptionEnable || pDevice->bEnable8021x)
4286 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
4288 pMgmt->wCurrCapInfo &= ~WLAN_SET_CAP_INFO_PRIVACY(1);
4290 pTxPacket = s_MgrMakeBeacon
4294 pMgmt->wCurrCapInfo,
4295 pMgmt->wCurrBeaconPeriod,
4296 pMgmt->uCurrChannel,
4297 pMgmt->wCurrATIMWindow,
4298 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4299 (unsigned char *)pMgmt->abyCurrBSSID,
4300 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4301 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
4304 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) &&
4305 (pMgmt->abyCurrBSSID[0] == 0))
4308 csBeacon_xmit(pDevice, pTxPacket);
4315 * Routine Description:
4317 * Log a warning message based on the contents of the Status
4318 * Code field of an 802.11 management frame. Defines are
4319 * derived from 802.11-1997 SPEC.
4329 unsigned short wStatus
4333 case WLAN_MGMT_STATUS_UNSPEC_FAILURE:
4334 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Unspecified error.\n");
4336 case WLAN_MGMT_STATUS_CAPS_UNSUPPORTED:
4337 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Can't support all requested capabilities.\n");
4339 case WLAN_MGMT_STATUS_REASSOC_NO_ASSOC:
4340 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Reassoc denied, can't confirm original Association.\n");
4342 case WLAN_MGMT_STATUS_ASSOC_DENIED_UNSPEC:
4343 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, undefine in spec\n");
4345 case WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG:
4346 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Peer doesn't support authen algorithm.\n");
4348 case WLAN_MGMT_STATUS_RX_AUTH_NOSEQ:
4349 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen frame received out of sequence.\n");
4351 case WLAN_MGMT_STATUS_CHALLENGE_FAIL:
4352 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, challenge failure.\n");
4354 case WLAN_MGMT_STATUS_AUTH_TIMEOUT:
4355 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, timeout waiting for next frame.\n");
4357 case WLAN_MGMT_STATUS_ASSOC_DENIED_BUSY:
4358 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, AP too busy.\n");
4360 case WLAN_MGMT_STATUS_ASSOC_DENIED_RATES:
4361 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we haven't enough basic rates.\n");
4363 case WLAN_MGMT_STATUS_ASSOC_DENIED_SHORTPREAMBLE:
4364 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support short preamble.\n");
4366 case WLAN_MGMT_STATUS_ASSOC_DENIED_PBCC:
4367 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support PBCC.\n");
4369 case WLAN_MGMT_STATUS_ASSOC_DENIED_AGILITY:
4370 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support channel agility.\n");
4373 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Unknown status code %d.\n", wStatus);
4381 * Add BSSID in PMKID Candidate list.
4385 * hDeviceContext - device structure point
4386 * pbyBSSID - BSSID address for adding
4387 * wRSNCap - BSS's RSN capability
4391 * Return Value: none.
4395 bAdd_PMKID_Candidate(
4396 void *hDeviceContext,
4397 unsigned char *pbyBSSID,
4398 PSRSNCapObject psRSNCapObj
4401 PSDevice pDevice = (PSDevice)hDeviceContext;
4402 struct pmkid_candidate *pCandidateList;
4403 unsigned int ii = 0;
4405 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "bAdd_PMKID_Candidate START: (%d)\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4407 if ((pDevice == NULL) || (pbyBSSID == NULL) || (psRSNCapObj == NULL))
4410 if (pDevice->gsPMKIDCandidate.NumCandidates >= MAX_PMKIDLIST)
4413 // Update Old Candidate
4414 for (ii = 0; ii < pDevice->gsPMKIDCandidate.NumCandidates; ii++) {
4415 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[ii];
4416 if (!memcmp(pCandidateList->BSSID, pbyBSSID, ETH_ALEN)) {
4417 if (psRSNCapObj->bRSNCapExist && (psRSNCapObj->wRSNCap & BIT0))
4418 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4420 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4427 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[pDevice->gsPMKIDCandidate.NumCandidates];
4428 if (psRSNCapObj->bRSNCapExist && (psRSNCapObj->wRSNCap & BIT0))
4429 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4431 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4433 memcpy(pCandidateList->BSSID, pbyBSSID, ETH_ALEN);
4434 pDevice->gsPMKIDCandidate.NumCandidates++;
4435 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "NumCandidates:%d\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4442 * Flush PMKID Candidate list.
4446 * hDeviceContext - device structure point
4450 * Return Value: none.
4454 vFlush_PMKID_Candidate(
4455 void *hDeviceContext
4458 PSDevice pDevice = (PSDevice)hDeviceContext;
4460 if (pDevice == NULL)
4463 memset(&pDevice->gsPMKIDCandidate, 0, sizeof(SPMKIDCandidateEvent));
4469 NDIS_802_11_ENCRYPTION_STATUS EncStatus,
4470 unsigned char *pbyCCSPK,
4471 unsigned char *pbyCCSGK
4474 unsigned char byMulticastCipher = KEY_CTL_INVALID;
4475 unsigned char byCipherMask = 0x00;
4478 if (pBSSNode == NULL)
4481 // check cap. of BSS
4482 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4483 (EncStatus == Ndis802_11Encryption1Enabled)) {
4484 // default is WEP only
4485 byMulticastCipher = KEY_CTL_WEP;
4488 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4489 pBSSNode->bWPA2Valid &&
4490 //20080123-01,<Add> by Einsn Liu
4491 ((EncStatus == Ndis802_11Encryption3Enabled) || (EncStatus == Ndis802_11Encryption2Enabled))) {
4493 // check Group Key Cipher
4494 if ((pBSSNode->byCSSGK == WLAN_11i_CSS_WEP40) ||
4495 (pBSSNode->byCSSGK == WLAN_11i_CSS_WEP104)) {
4496 byMulticastCipher = KEY_CTL_WEP;
4497 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_TKIP) {
4498 byMulticastCipher = KEY_CTL_TKIP;
4499 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_CCMP) {
4500 byMulticastCipher = KEY_CTL_CCMP;
4502 byMulticastCipher = KEY_CTL_INVALID;
4505 // check Pairwise Key Cipher
4506 for (i = 0; i < pBSSNode->wCSSPKCount; i++) {
4507 if ((pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP40) ||
4508 (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP104)) {
4509 // this should not happen as defined 802.11i
4510 byCipherMask |= 0x01;
4511 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_TKIP) {
4512 byCipherMask |= 0x02;
4513 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_CCMP) {
4514 byCipherMask |= 0x04;
4515 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_USE_GROUP) {
4516 // use group key only ignore all others
4518 i = pBSSNode->wCSSPKCount;
4522 } else if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4523 pBSSNode->bWPAValid &&
4524 ((EncStatus == Ndis802_11Encryption3Enabled) || (EncStatus == Ndis802_11Encryption2Enabled))) {
4526 // check Group Key Cipher
4527 if ((pBSSNode->byGKType == WPA_WEP40) ||
4528 (pBSSNode->byGKType == WPA_WEP104)) {
4529 byMulticastCipher = KEY_CTL_WEP;
4530 } else if (pBSSNode->byGKType == WPA_TKIP) {
4531 byMulticastCipher = KEY_CTL_TKIP;
4532 } else if (pBSSNode->byGKType == WPA_AESCCMP) {
4533 byMulticastCipher = KEY_CTL_CCMP;
4535 byMulticastCipher = KEY_CTL_INVALID;
4538 // check Pairwise Key Cipher
4539 for (i = 0; i < pBSSNode->wPKCount; i++) {
4540 if (pBSSNode->abyPKType[i] == WPA_TKIP) {
4541 byCipherMask |= 0x02;
4542 } else if (pBSSNode->abyPKType[i] == WPA_AESCCMP) {
4543 byCipherMask |= 0x04;
4544 } else if (pBSSNode->abyPKType[i] == WPA_NONE) {
4545 // use group key only ignore all others
4547 i = pBSSNode->wPKCount;
4552 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "%d, %d, %d, %d, EncStatus:%d\n",
4553 byMulticastCipher, byCipherMask, pBSSNode->bWPAValid, pBSSNode->bWPA2Valid, EncStatus);
4555 // mask our cap. with BSS
4556 if (EncStatus == Ndis802_11Encryption1Enabled) {
4557 // For supporting Cisco migration mode, don't care pairwise key cipher
4558 if ((byMulticastCipher == KEY_CTL_WEP) &&
4559 (byCipherMask == 0)) {
4560 *pbyCCSGK = KEY_CTL_WEP;
4561 *pbyCCSPK = KEY_CTL_NONE;
4567 } else if (EncStatus == Ndis802_11Encryption2Enabled) {
4568 if ((byMulticastCipher == KEY_CTL_TKIP) &&
4569 (byCipherMask == 0)) {
4570 *pbyCCSGK = KEY_CTL_TKIP;
4571 *pbyCCSPK = KEY_CTL_NONE;
4573 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4574 ((byCipherMask & 0x02) != 0)) {
4575 *pbyCCSGK = KEY_CTL_WEP;
4576 *pbyCCSPK = KEY_CTL_TKIP;
4578 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4579 ((byCipherMask & 0x02) != 0)) {
4580 *pbyCCSGK = KEY_CTL_TKIP;
4581 *pbyCCSPK = KEY_CTL_TKIP;
4586 } else if (EncStatus == Ndis802_11Encryption3Enabled) {
4587 if ((byMulticastCipher == KEY_CTL_CCMP) &&
4588 (byCipherMask == 0)) {
4589 // When CCMP is enable, "Use group cipher suite" shall not be a valid option.
4591 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4592 ((byCipherMask & 0x04) != 0)) {
4593 *pbyCCSGK = KEY_CTL_WEP;
4594 *pbyCCSPK = KEY_CTL_CCMP;
4596 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4597 ((byCipherMask & 0x04) != 0)) {
4598 *pbyCCSGK = KEY_CTL_TKIP;
4599 *pbyCCSPK = KEY_CTL_CCMP;
4601 } else if ((byMulticastCipher == KEY_CTL_CCMP) &&
4602 ((byCipherMask & 0x04) != 0)) {
4603 *pbyCCSGK = KEY_CTL_CCMP;
4604 *pbyCCSPK = KEY_CTL_CCMP;