2 * WPA Supplicant - Client mode MLME
3 * Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * Alternatively, this software may be distributed under the terms of BSD
14 * See README and COPYING for more details.
22 #include "wpa_supplicant.h"
23 #include "wpa_supplicant_i.h"
26 #include "l2_packet.h"
31 /* Timeouts and intervals in milliseconds */
32 #define IEEE80211_AUTH_TIMEOUT (200)
33 #define IEEE80211_AUTH_MAX_TRIES 3
34 #define IEEE80211_ASSOC_TIMEOUT (200)
35 #define IEEE80211_ASSOC_MAX_TRIES 3
36 #define IEEE80211_MONITORING_INTERVAL (2000)
37 #define IEEE80211_PROBE_INTERVAL (60000)
38 #define IEEE80211_RETRY_AUTH_INTERVAL (1000)
39 #define IEEE80211_SCAN_INTERVAL (2000)
40 #define IEEE80211_SCAN_INTERVAL_SLOW (15000)
41 #define IEEE80211_IBSS_JOIN_TIMEOUT (20000)
43 #define IEEE80211_PROBE_DELAY (33)
44 #define IEEE80211_CHANNEL_TIME (33)
45 #define IEEE80211_PASSIVE_CHANNEL_TIME (200)
46 #define IEEE80211_SCAN_RESULT_EXPIRE (10000)
47 #define IEEE80211_IBSS_MERGE_INTERVAL (30000)
48 #define IEEE80211_IBSS_INACTIVITY_LIMIT (60000)
50 #define IEEE80211_IBSS_MAX_STA_ENTRIES 128
53 /* Information Element IDs */
54 #define WLAN_EID_SSID 0
55 #define WLAN_EID_SUPP_RATES 1
56 #define WLAN_EID_FH_PARAMS 2
57 #define WLAN_EID_DS_PARAMS 3
58 #define WLAN_EID_CF_PARAMS 4
59 #define WLAN_EID_TIM 5
60 #define WLAN_EID_IBSS_PARAMS 6
61 #define WLAN_EID_COUNTRY 7
62 #define WLAN_EID_CHALLENGE 16
63 /* EIDs defined as part fo 11h - starts */
64 #define WLAN_EID_PWR_CONSTRAINT 32
65 #define WLAN_EID_PWR_CAPABILITY 33
66 #define WLAN_EID_TPC_REQUEST 34
67 #define WLAN_EID_TPC_REPORT 35
68 #define WLAN_EID_SUPPORTED_CHANNELS 36
69 #define WLAN_EID_CHANNEL_SWITCH 37
70 #define WLAN_EID_MEASURE_REQUEST 38
71 #define WLAN_EID_MEASURE_REPORT 39
72 #define WLAN_EID_QUITE 40
73 #define WLAN_EID_IBSS_DFS 41
74 /* EIDs defined as part fo 11h - ends */
75 #define WLAN_EID_ERP_INFO 42
76 #define WLAN_EID_RSN 48
77 #define WLAN_EID_EXT_SUPP_RATES 50
78 #define WLAN_EID_VENDOR_SPECIFIC 221
85 struct ieee80211_mgmt {
97 /* possibly followed by Challenge text */
102 } STRUCT_PACKED deauth;
106 /* followed by SSID and Supported rates */
108 } STRUCT_PACKED assoc_req;
113 /* followed by Supported rates */
115 } STRUCT_PACKED assoc_resp, reassoc_resp;
120 /* followed by SSID and Supported rates */
122 } STRUCT_PACKED reassoc_req;
125 } STRUCT_PACKED disassoc;
130 /* followed by some of SSID, Supported rates,
131 * FH Params, DS Params, CF Params, IBSS Params, TIM */
133 } STRUCT_PACKED beacon;
135 /* only variable items: SSID, Supported rates */
137 } STRUCT_PACKED probe_req;
142 /* followed by some of SSID, Supported rates,
143 * FH Params, DS Params, CF Params, IBSS Params */
145 } STRUCT_PACKED probe_resp;
154 } STRUCT_PACKED wme_action;
162 } __attribute__((packed)) chan_switch;
164 } STRUCT_PACKED action;
170 #endif /* _MSC_VER */
172 /* Authentication algorithms */
173 #define WLAN_AUTH_OPEN 0
174 #define WLAN_AUTH_SHARED_KEY 1
175 #define WLAN_AUTH_LEAP 128
177 #define WLAN_AUTH_CHALLENGE_LEN 128
179 #define WLAN_CAPABILITY_ESS BIT(0)
180 #define WLAN_CAPABILITY_IBSS BIT(1)
181 #define WLAN_CAPABILITY_CF_POLLABLE BIT(2)
182 #define WLAN_CAPABILITY_CF_POLL_REQUEST BIT(3)
183 #define WLAN_CAPABILITY_PRIVACY BIT(4)
184 #define WLAN_CAPABILITY_SHORT_PREAMBLE BIT(5)
185 #define WLAN_CAPABILITY_PBCC BIT(6)
186 #define WLAN_CAPABILITY_CHANNEL_AGILITY BIT(7)
188 #define WLAN_CAPABILITY_SPECTRUM_MGMT BIT(8)
189 #define WLAN_CAPABILITY_SHORT_SLOT_TIME BIT(10)
190 #define WLAN_CAPABILITY_DSSS_OFDM BIT(13)
193 #define WLAN_STATUS_SUCCESS 0
194 #define WLAN_STATUS_UNSPECIFIED_FAILURE 1
195 #define WLAN_STATUS_CAPS_UNSUPPORTED 10
196 #define WLAN_STATUS_REASSOC_NO_ASSOC 11
197 #define WLAN_STATUS_ASSOC_DENIED_UNSPEC 12
198 #define WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG 13
199 #define WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION 14
200 #define WLAN_STATUS_CHALLENGE_FAIL 15
201 #define WLAN_STATUS_AUTH_TIMEOUT 16
202 #define WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA 17
203 #define WLAN_STATUS_ASSOC_DENIED_RATES 18
205 #define WLAN_STATUS_ASSOC_DENIED_NOSHORT 19
206 #define WLAN_STATUS_ASSOC_DENIED_NOPBCC 20
207 #define WLAN_STATUS_ASSOC_DENIED_NOAGILITY 21
209 #define WLAN_STATUS_SPEC_MGMT_REQUIRED 22
210 #define WLAN_STATUS_PWR_CAPABILITY_NOT_VALID 23
211 #define WLAN_STATUS_SUPPORTED_CHANNEL_NOT_VALID 24
213 #define WLAN_STATUS_ASSOC_DENOED_NO_SHORT_SLOT_TIME 25
214 #define WLAN_STATUS_ASSOC_DENOED_NO_ER_PBCC 26
215 #define WLAN_STATUS_ASSOC_DENOED_NO_DSSS_OFDM 27
219 #define WLAN_REASON_UNSPECIFIED 1
220 #define WLAN_REASON_PREV_AUTH_NOT_VALID 2
221 #define WLAN_REASON_DEAUTH_LEAVING 3
222 #define WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY 4
223 #define WLAN_REASON_DISASSOC_AP_BUSY 5
224 #define WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA 6
225 #define WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA 7
226 #define WLAN_REASON_DISASSOC_STA_HAS_LEFT 8
227 #define WLAN_REASON_STA_REQ_ASSOC_WITHOUT_AUTH 9
229 #define WLAN_REASON_PWR_CAPABILITY_NOT_VALID 10
230 #define WLAN_REASON_SUPPORTED_CHANNEL_NOT_VALID 11
232 #define WLAN_REASON_MIC_FAILURE 14
235 #define WLAN_FC_PVER 0x0003
236 #define WLAN_FC_TODS 0x0100
237 #define WLAN_FC_FROMDS 0x0200
238 #define WLAN_FC_MOREFRAG 0x0400
239 #define WLAN_FC_RETRY 0x0800
240 #define WLAN_FC_PWRMGT 0x1000
241 #define WLAN_FC_MOREDATA 0x2000
242 #define WLAN_FC_ISWEP 0x4000
243 #define WLAN_FC_ORDER 0x8000
245 #define WLAN_FC_GET_TYPE(fc) (((fc) & 0x000c) >> 2)
246 #define WLAN_FC_GET_STYPE(fc) (((fc) & 0x00f0) >> 4)
249 #define IEEE80211_FC(type, stype) host_to_le16((type << 2) | (stype << 4))
251 #define WLAN_FC_TYPE_MGMT 0
252 #define WLAN_FC_TYPE_CTRL 1
253 #define WLAN_FC_TYPE_DATA 2
256 #define WLAN_FC_STYPE_ASSOC_REQ 0
257 #define WLAN_FC_STYPE_ASSOC_RESP 1
258 #define WLAN_FC_STYPE_REASSOC_REQ 2
259 #define WLAN_FC_STYPE_REASSOC_RESP 3
260 #define WLAN_FC_STYPE_PROBE_REQ 4
261 #define WLAN_FC_STYPE_PROBE_RESP 5
262 #define WLAN_FC_STYPE_BEACON 8
263 #define WLAN_FC_STYPE_ATIM 9
264 #define WLAN_FC_STYPE_DISASSOC 10
265 #define WLAN_FC_STYPE_AUTH 11
266 #define WLAN_FC_STYPE_DEAUTH 12
267 #define WLAN_FC_STYPE_ACTION 13
270 #define ERP_INFO_USE_PROTECTION BIT(1)
273 struct ieee80211_sta_bss {
274 struct ieee80211_sta_bss *next;
275 struct ieee80211_sta_bss *hnext;
278 u8 ssid[MAX_SSID_LEN];
280 u16 capability; /* host byte order */
291 #define IEEE80211_MAX_SUPP_RATES 32
292 u8 supp_rates[IEEE80211_MAX_SUPP_RATES];
293 size_t supp_rates_len;
298 struct os_time last_update;
302 static void ieee80211_send_probe_req(struct wpa_supplicant *wpa_s,
304 const u8 *ssid, size_t ssid_len);
305 static struct ieee80211_sta_bss *
306 ieee80211_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid);
307 static int ieee80211_sta_find_ibss(struct wpa_supplicant *wpa_s);
308 static int ieee80211_sta_wep_configured(struct wpa_supplicant *wpa_s);
309 static void ieee80211_sta_timer(void *eloop_ctx, void *timeout_ctx);
310 static void ieee80211_sta_scan_timer(void *eloop_ctx, void *timeout_ctx);
313 /* Parsed Information Elements */
314 struct ieee802_11_elems {
338 u8 ext_supp_rates_len;
345 typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes;
348 static ParseRes ieee802_11_parse_elems(u8 *start, size_t len,
349 struct ieee802_11_elems *elems)
355 os_memset(elems, 0, sizeof(*elems));
366 wpa_printf(MSG_MSGDUMP, "MLME: IEEE 802.11 element "
367 "parse failed (id=%d elen=%d left=%d)",
376 elems->ssid_len = elen;
378 case WLAN_EID_SUPP_RATES:
379 elems->supp_rates = pos;
380 elems->supp_rates_len = elen;
382 case WLAN_EID_FH_PARAMS:
383 elems->fh_params = pos;
384 elems->fh_params_len = elen;
386 case WLAN_EID_DS_PARAMS:
387 elems->ds_params = pos;
388 elems->ds_params_len = elen;
390 case WLAN_EID_CF_PARAMS:
391 elems->cf_params = pos;
392 elems->cf_params_len = elen;
396 elems->tim_len = elen;
398 case WLAN_EID_IBSS_PARAMS:
399 elems->ibss_params = pos;
400 elems->ibss_params_len = elen;
402 case WLAN_EID_CHALLENGE:
403 elems->challenge = pos;
404 elems->challenge_len = elen;
406 case WLAN_EID_VENDOR_SPECIFIC:
407 if (elen >= 4 && pos[0] == 0x00 && pos[1] == 0x50 &&
409 /* Microsoft OUI (00:50:F2) */
411 /* OUI Type 1 - WPA IE */
413 elems->wpa_len = elen;
414 } else if (elen >= 5 && pos[3] == 2) {
416 elems->wmm_info = pos;
417 elems->wmm_info_len = elen;
418 } else if (pos[4] == 1) {
419 elems->wmm_param = pos;
420 elems->wmm_param_len = elen;
427 elems->rsn_len = elen;
429 case WLAN_EID_ERP_INFO:
430 elems->erp_info = pos;
431 elems->erp_info_len = elen;
433 case WLAN_EID_EXT_SUPP_RATES:
434 elems->ext_supp_rates = pos;
435 elems->ext_supp_rates_len = elen;
439 wpa_printf(MSG_MSGDUMP "MLME: IEEE 802.11 element "
440 "parse ignored unknown element (id=%d "
441 "elen=%d)", id, elen);
454 return unknown ? ParseUnknown : ParseOK;
458 static int ieee80211_sta_set_channel(struct wpa_supplicant *wpa_s,
459 wpa_hw_mode phymode, int chan,
463 struct wpa_hw_modes *mode;
465 for (i = 0; i < wpa_s->mlme.num_modes; i++) {
466 mode = &wpa_s->mlme.modes[i];
467 if (mode->mode == phymode) {
468 wpa_s->mlme.curr_rates = mode->rates;
469 wpa_s->mlme.num_curr_rates = mode->num_rates;
474 return wpa_drv_set_channel(wpa_s, phymode, chan, freq);
480 static int ecw2cw(int ecw)
492 static void ieee80211_sta_wmm_params(struct wpa_supplicant *wpa_s,
493 u8 *wmm_param, size_t wmm_param_len)
499 if (wmm_param_len < 8 || wmm_param[5] /* version */ != 1)
501 count = wmm_param[6] & 0x0f;
502 if (count == wpa_s->mlme.wmm_last_param_set)
504 wpa_s->mlme.wmm_last_param_set = count;
507 left = wmm_param_len - 8;
511 for (; left >= 4; left -= 4, pos += 4) {
512 int aci = (pos[0] >> 5) & 0x03;
513 int acm = (pos[0] >> 4) & 0x01;
518 queue = IEEE80211_TX_QUEUE_DATA3;
520 wmm_acm |= BIT(1) | BIT(2);
523 queue = IEEE80211_TX_QUEUE_DATA1;
525 wmm_acm |= BIT(4) | BIT(5);
528 queue = IEEE80211_TX_QUEUE_DATA0;
530 wmm_acm |= BIT(6) | BIT(7);
534 queue = IEEE80211_TX_QUEUE_DATA2;
536 wpa_s->mlme.wmm_acm |= BIT(0) | BIT(3);
540 params.aifs = pos[0] & 0x0f;
541 params.cw_max = ecw2cw((pos[1] & 0xf0) >> 4);
542 params.cw_min = ecw2cw(pos[1] & 0x0f);
543 /* TXOP is in units of 32 usec; burst_time in 0.1 ms */
544 params.burst_time = (pos[2] | (pos[3] << 8)) * 32 / 100;
545 wpa_printf(MSG_DEBUG, "MLME: WMM queue=%d aci=%d acm=%d "
546 "aifs=%d cWmin=%d cWmax=%d burst=%d",
547 queue, aci, acm, params.aifs, params.cw_min,
548 params.cw_max, params.burst_time);
549 /* TODO: handle ACM (block TX, fallback to next lowest allowed
551 if (local->hw->conf_tx(local->mdev, queue, ¶ms)) {
552 wpa_printf(MSG_DEBUG, "MLME: failed to set TX queue "
553 "parameters for queue %d", queue);
560 static void ieee80211_set_associated(struct wpa_supplicant *wpa_s, int assoc)
562 if (wpa_s->mlme.associated == assoc)
565 wpa_s->mlme.associated = assoc;
568 union wpa_event_data data;
569 os_memset(&data, 0, sizeof(data));
570 wpa_s->mlme.prev_bssid_set = 1;
571 os_memcpy(wpa_s->mlme.prev_bssid, wpa_s->bssid, ETH_ALEN);
572 data.assoc_info.req_ies = wpa_s->mlme.assocreq_ies;
573 data.assoc_info.req_ies_len = wpa_s->mlme.assocreq_ies_len;
574 data.assoc_info.resp_ies = wpa_s->mlme.assocresp_ies;
575 data.assoc_info.resp_ies_len = wpa_s->mlme.assocresp_ies_len;
576 wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data);
578 wpa_supplicant_event(wpa_s, EVENT_DISASSOC, NULL);
580 os_get_time(&wpa_s->mlme.last_probe);
584 static void ieee80211_sta_tx(struct wpa_supplicant *wpa_s, const u8 *buf,
587 wpa_drv_send_mlme(wpa_s, buf, len);
591 static void ieee80211_send_auth(struct wpa_supplicant *wpa_s,
592 int transaction, u8 *extra, size_t extra_len,
597 struct ieee80211_mgmt *mgmt;
599 buf = os_malloc(sizeof(*mgmt) + 6 + extra_len);
601 wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for "
606 mgmt = (struct ieee80211_mgmt *) buf;
608 os_memset(mgmt, 0, 24 + 6);
609 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
612 mgmt->frame_control |= host_to_le16(WLAN_FC_ISWEP);
613 os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN);
614 os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN);
615 os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN);
616 mgmt->u.auth.auth_alg = host_to_le16(wpa_s->mlme.auth_alg);
617 mgmt->u.auth.auth_transaction = host_to_le16(transaction);
618 wpa_s->mlme.auth_transaction = transaction + 1;
619 mgmt->u.auth.status_code = host_to_le16(0);
621 os_memcpy(buf + len, extra, extra_len);
625 ieee80211_sta_tx(wpa_s, buf, len);
630 static void ieee80211_reschedule_timer(struct wpa_supplicant *wpa_s, int ms)
632 eloop_cancel_timeout(ieee80211_sta_timer, wpa_s, NULL);
633 eloop_register_timeout(ms / 1000, 1000 * (ms % 1000),
634 ieee80211_sta_timer, wpa_s, NULL);
638 static void ieee80211_authenticate(struct wpa_supplicant *wpa_s)
640 wpa_s->mlme.auth_tries++;
641 if (wpa_s->mlme.auth_tries > IEEE80211_AUTH_MAX_TRIES) {
642 wpa_printf(MSG_DEBUG, "MLME: authentication with AP " MACSTR
643 " timed out", MAC2STR(wpa_s->bssid));
647 wpa_s->mlme.state = IEEE80211_AUTHENTICATE;
648 wpa_printf(MSG_DEBUG, "MLME: authenticate with AP " MACSTR,
649 MAC2STR(wpa_s->bssid));
651 ieee80211_send_auth(wpa_s, 1, NULL, 0, 0);
653 ieee80211_reschedule_timer(wpa_s, IEEE80211_AUTH_TIMEOUT);
657 static void ieee80211_send_assoc(struct wpa_supplicant *wpa_s)
659 struct ieee80211_mgmt *mgmt;
663 struct ieee80211_sta_bss *bss;
667 if (wpa_s->mlme.curr_rates == NULL) {
668 wpa_printf(MSG_DEBUG, "MLME: curr_rates not set for assoc");
672 buf = os_malloc(sizeof(*mgmt) + 200 + wpa_s->mlme.extra_ie_len +
673 wpa_s->mlme.ssid_len);
675 wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for "
681 capab = wpa_s->mlme.capab;
682 if (wpa_s->mlme.phymode == WPA_MODE_IEEE80211G) {
683 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME |
684 WLAN_CAPABILITY_SHORT_PREAMBLE;
686 bss = ieee80211_bss_get(wpa_s, wpa_s->bssid);
688 if (bss->capability & WLAN_CAPABILITY_PRIVACY)
689 capab |= WLAN_CAPABILITY_PRIVACY;
695 mgmt = (struct ieee80211_mgmt *) buf;
697 os_memset(mgmt, 0, 24);
698 os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN);
699 os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN);
700 os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN);
702 if (wpa_s->mlme.prev_bssid_set) {
704 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
705 WLAN_FC_STYPE_REASSOC_REQ);
706 mgmt->u.reassoc_req.capab_info = host_to_le16(capab);
707 mgmt->u.reassoc_req.listen_interval = host_to_le16(1);
708 os_memcpy(mgmt->u.reassoc_req.current_ap,
709 wpa_s->mlme.prev_bssid,
713 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
714 WLAN_FC_STYPE_ASSOC_REQ);
715 mgmt->u.assoc_req.capab_info = host_to_le16(capab);
716 mgmt->u.assoc_req.listen_interval = host_to_le16(1);
720 ies = pos = buf + blen;
721 blen += 2 + wpa_s->mlme.ssid_len;
722 *pos++ = WLAN_EID_SSID;
723 *pos++ = wpa_s->mlme.ssid_len;
724 os_memcpy(pos, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len);
726 len = wpa_s->mlme.num_curr_rates;
731 *pos++ = WLAN_EID_SUPP_RATES;
733 for (i = 0; i < len; i++) {
734 int rate = wpa_s->mlme.curr_rates[i].rate;
735 *pos++ = (u8) (rate / 5);
738 if (wpa_s->mlme.num_curr_rates > len) {
740 blen += wpa_s->mlme.num_curr_rates - len + 2;
741 *pos++ = WLAN_EID_EXT_SUPP_RATES;
742 *pos++ = wpa_s->mlme.num_curr_rates - len;
743 for (i = len; i < wpa_s->mlme.num_curr_rates; i++) {
744 int rate = wpa_s->mlme.curr_rates[i].rate;
745 *pos++ = (u8) (rate / 5);
749 if (wpa_s->mlme.extra_ie) {
751 blen += wpa_s->mlme.extra_ie_len;
752 os_memcpy(pos, wpa_s->mlme.extra_ie, wpa_s->mlme.extra_ie_len);
755 if (wmm && wpa_s->mlme.wmm_enabled) {
758 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
759 *pos++ = 7; /* len */
760 *pos++ = 0x00; /* Microsoft OUI 00:50:F2 */
763 *pos++ = 2; /* WME */
764 *pos++ = 0; /* WME info */
765 *pos++ = 1; /* WME ver */
769 os_free(wpa_s->mlme.assocreq_ies);
770 wpa_s->mlme.assocreq_ies_len = (buf + blen) - ies;
771 wpa_s->mlme.assocreq_ies = os_malloc(wpa_s->mlme.assocreq_ies_len);
772 if (wpa_s->mlme.assocreq_ies) {
773 os_memcpy(wpa_s->mlme.assocreq_ies, ies,
774 wpa_s->mlme.assocreq_ies_len);
777 ieee80211_sta_tx(wpa_s, buf, blen);
782 static void ieee80211_send_deauth(struct wpa_supplicant *wpa_s, u16 reason)
786 struct ieee80211_mgmt *mgmt;
788 buf = os_zalloc(sizeof(*mgmt));
790 wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for "
795 mgmt = (struct ieee80211_mgmt *) buf;
797 os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN);
798 os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN);
799 os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN);
800 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
801 WLAN_FC_STYPE_DEAUTH);
803 mgmt->u.deauth.reason_code = host_to_le16(reason);
805 ieee80211_sta_tx(wpa_s, buf, len);
810 static void ieee80211_send_disassoc(struct wpa_supplicant *wpa_s, u16 reason)
814 struct ieee80211_mgmt *mgmt;
816 buf = os_zalloc(sizeof(*mgmt));
818 wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for "
823 mgmt = (struct ieee80211_mgmt *) buf;
825 os_memcpy(mgmt->da, wpa_s->bssid, ETH_ALEN);
826 os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN);
827 os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN);
828 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
829 WLAN_FC_STYPE_DISASSOC);
831 mgmt->u.disassoc.reason_code = host_to_le16(reason);
833 ieee80211_sta_tx(wpa_s, buf, len);
838 static int ieee80211_privacy_mismatch(struct wpa_supplicant *wpa_s)
840 struct ieee80211_sta_bss *bss;
843 if (wpa_s->mlme.mixed_cell ||
844 wpa_s->mlme.key_mgmt != KEY_MGMT_NONE)
847 bss = ieee80211_bss_get(wpa_s, wpa_s->bssid);
851 if (ieee80211_sta_wep_configured(wpa_s) !=
852 !!(bss->capability & WLAN_CAPABILITY_PRIVACY))
859 static void ieee80211_associate(struct wpa_supplicant *wpa_s)
861 wpa_s->mlme.assoc_tries++;
862 if (wpa_s->mlme.assoc_tries > IEEE80211_ASSOC_MAX_TRIES) {
863 wpa_printf(MSG_DEBUG, "MLME: association with AP " MACSTR
864 " timed out", MAC2STR(wpa_s->bssid));
868 wpa_s->mlme.state = IEEE80211_ASSOCIATE;
869 wpa_printf(MSG_DEBUG, "MLME: associate with AP " MACSTR,
870 MAC2STR(wpa_s->bssid));
871 if (ieee80211_privacy_mismatch(wpa_s)) {
872 wpa_printf(MSG_DEBUG, "MLME: mismatch in privacy "
873 "configuration and mixed-cell disabled - abort "
878 ieee80211_send_assoc(wpa_s);
880 ieee80211_reschedule_timer(wpa_s, IEEE80211_ASSOC_TIMEOUT);
884 static void ieee80211_associated(struct wpa_supplicant *wpa_s)
888 /* TODO: start monitoring current AP signal quality and number of
889 * missed beacons. Scan other channels every now and then and search
891 /* TODO: remove expired BSSes */
893 wpa_s->mlme.state = IEEE80211_ASSOCIATED;
896 sta = sta_info_get(local, wpa_s->bssid);
898 wpa_printf(MSG_DEBUG "MLME: No STA entry for own AP " MACSTR,
899 MAC2STR(wpa_s->bssid));
903 if (time_after(jiffies,
904 sta->last_rx + IEEE80211_MONITORING_INTERVAL)) {
905 if (wpa_s->mlme.probereq_poll) {
906 wpa_printf(MSG_DEBUG "MLME: No ProbeResp from "
907 "current AP " MACSTR " - assume "
909 MAC2STR(wpa_s->bssid));
912 ieee80211_send_probe_req(
914 wpa_s->mlme.scan_ssid,
915 wpa_s->mlme.scan_ssid_len);
916 wpa_s->mlme.probereq_poll = 1;
919 wpa_s->mlme.probereq_poll = 0;
920 if (time_after(jiffies, wpa_s->mlme.last_probe +
921 IEEE80211_PROBE_INTERVAL)) {
922 wpa_s->mlme.last_probe = jiffies;
923 ieee80211_send_probe_req(wpa_s->bssid,
925 wpa_s->mlme.ssid_len);
928 sta_info_release(local, sta);
934 wpa_supplicant_event(wpa_s, EVENT_DISASSOC, NULL);
935 ieee80211_reschedule_timer(wpa_s,
936 IEEE80211_MONITORING_INTERVAL +
939 ieee80211_reschedule_timer(wpa_s,
940 IEEE80211_MONITORING_INTERVAL);
945 static void ieee80211_send_probe_req(struct wpa_supplicant *wpa_s,
947 const u8 *ssid, size_t ssid_len)
951 struct ieee80211_mgmt *mgmt;
952 u8 *pos, *supp_rates;
953 u8 *esupp_rates = NULL;
956 buf = os_malloc(sizeof(*mgmt) + 200);
958 wpa_printf(MSG_DEBUG, "MLME: failed to allocate buffer for "
963 mgmt = (struct ieee80211_mgmt *) buf;
965 os_memset(mgmt, 0, 24);
966 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
967 WLAN_FC_STYPE_PROBE_REQ);
968 os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN);
970 os_memcpy(mgmt->da, dst, ETH_ALEN);
971 os_memcpy(mgmt->bssid, dst, ETH_ALEN);
973 os_memset(mgmt->da, 0xff, ETH_ALEN);
974 os_memset(mgmt->bssid, 0xff, ETH_ALEN);
978 *pos++ = WLAN_EID_SSID;
980 os_memcpy(pos, ssid, ssid_len);
982 supp_rates = buf + len;
984 supp_rates[0] = WLAN_EID_SUPP_RATES;
986 for (i = 0; i < wpa_s->mlme.num_curr_rates; i++) {
987 struct wpa_rate_data *rate = &wpa_s->mlme.curr_rates[i];
992 } else if (supp_rates[1] == 8) {
994 esupp_rates[0] = WLAN_EID_EXT_SUPP_RATES;
996 pos = &esupp_rates[2];
1003 *pos = rate->rate / 5;
1006 ieee80211_sta_tx(wpa_s, buf, len);
1011 static int ieee80211_sta_wep_configured(struct wpa_supplicant *wpa_s)
1014 if (sdata == NULL || sdata->default_key == NULL ||
1015 sdata->default_key->alg != ALG_WEP)
1024 static void ieee80211_auth_completed(struct wpa_supplicant *wpa_s)
1026 wpa_printf(MSG_DEBUG, "MLME: authenticated");
1027 wpa_s->mlme.authenticated = 1;
1028 ieee80211_associate(wpa_s);
1032 static void ieee80211_auth_challenge(struct wpa_supplicant *wpa_s,
1033 struct ieee80211_mgmt *mgmt,
1035 struct ieee80211_rx_status *rx_status)
1038 struct ieee802_11_elems elems;
1040 wpa_printf(MSG_DEBUG, "MLME: replying to auth challenge");
1041 pos = mgmt->u.auth.variable;
1042 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
1044 wpa_printf(MSG_DEBUG, "MLME: failed to parse Auth(challenge)");
1047 if (elems.challenge == NULL) {
1048 wpa_printf(MSG_DEBUG, "MLME: no challenge IE in shared key "
1052 ieee80211_send_auth(wpa_s, 3, elems.challenge - 2,
1053 elems.challenge_len + 2, 1);
1057 static void ieee80211_rx_mgmt_auth(struct wpa_supplicant *wpa_s,
1058 struct ieee80211_mgmt *mgmt,
1060 struct ieee80211_rx_status *rx_status)
1062 struct wpa_ssid *ssid = wpa_s->current_ssid;
1063 u16 auth_alg, auth_transaction, status_code;
1066 adhoc = ssid && ssid->mode == 1;
1068 if (wpa_s->mlme.state != IEEE80211_AUTHENTICATE && !adhoc) {
1069 wpa_printf(MSG_DEBUG, "MLME: authentication frame received "
1070 "from " MACSTR ", but not in authenticate state - "
1071 "ignored", MAC2STR(mgmt->sa));
1076 wpa_printf(MSG_DEBUG, "MLME: too short (%lu) authentication "
1077 "frame received from " MACSTR " - ignored",
1078 (unsigned long) len, MAC2STR(mgmt->sa));
1082 if (!adhoc && os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) {
1083 wpa_printf(MSG_DEBUG, "MLME: authentication frame received "
1084 "from unknown AP (SA=" MACSTR " BSSID=" MACSTR
1086 MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid));
1090 if (adhoc && os_memcmp(wpa_s->bssid, mgmt->bssid, ETH_ALEN) != 0) {
1091 wpa_printf(MSG_DEBUG, "MLME: authentication frame received "
1092 "from unknown BSSID (SA=" MACSTR " BSSID=" MACSTR
1094 MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid));
1098 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
1099 auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction);
1100 status_code = le_to_host16(mgmt->u.auth.status_code);
1102 wpa_printf(MSG_DEBUG, "MLME: RX authentication from " MACSTR
1103 " (alg=%d transaction=%d status=%d)",
1104 MAC2STR(mgmt->sa), auth_alg, auth_transaction, status_code);
1107 /* IEEE 802.11 standard does not require authentication in IBSS
1108 * networks and most implementations do not seem to use it.
1109 * However, try to reply to authentication attempts if someone
1110 * has actually implemented this.
1111 * TODO: Could implement shared key authentication. */
1112 if (auth_alg != WLAN_AUTH_OPEN || auth_transaction != 1) {
1113 wpa_printf(MSG_DEBUG, "MLME: unexpected IBSS "
1114 "authentication frame (alg=%d "
1116 auth_alg, auth_transaction);
1119 ieee80211_send_auth(wpa_s, 2, NULL, 0, 0);
1122 if (auth_alg != wpa_s->mlme.auth_alg ||
1123 auth_transaction != wpa_s->mlme.auth_transaction) {
1124 wpa_printf(MSG_DEBUG, "MLME: unexpected authentication frame "
1125 "(alg=%d transaction=%d)",
1126 auth_alg, auth_transaction);
1130 if (status_code != WLAN_STATUS_SUCCESS) {
1131 wpa_printf(MSG_DEBUG, "MLME: AP denied authentication "
1132 "(auth_alg=%d code=%d)", wpa_s->mlme.auth_alg,
1134 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG) {
1135 const int num_algs = 3;
1138 algs[0] = algs[1] = algs[2] = 0xff;
1139 if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_OPEN)
1140 algs[0] = WLAN_AUTH_OPEN;
1141 if (wpa_s->mlme.auth_algs &
1142 IEEE80211_AUTH_ALG_SHARED_KEY)
1143 algs[1] = WLAN_AUTH_SHARED_KEY;
1144 if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_LEAP)
1145 algs[2] = WLAN_AUTH_LEAP;
1146 if (wpa_s->mlme.auth_alg == WLAN_AUTH_OPEN)
1148 else if (wpa_s->mlme.auth_alg == WLAN_AUTH_SHARED_KEY)
1152 for (i = 0; i < num_algs; i++) {
1154 if (pos >= num_algs)
1156 if (algs[pos] == wpa_s->mlme.auth_alg ||
1159 if (algs[pos] == WLAN_AUTH_SHARED_KEY &&
1160 !ieee80211_sta_wep_configured(wpa_s))
1162 wpa_s->mlme.auth_alg = algs[pos];
1163 wpa_printf(MSG_DEBUG, "MLME: set auth_alg=%d "
1165 wpa_s->mlme.auth_alg);
1172 switch (wpa_s->mlme.auth_alg) {
1173 case WLAN_AUTH_OPEN:
1174 case WLAN_AUTH_LEAP:
1175 ieee80211_auth_completed(wpa_s);
1177 case WLAN_AUTH_SHARED_KEY:
1178 if (wpa_s->mlme.auth_transaction == 4)
1179 ieee80211_auth_completed(wpa_s);
1181 ieee80211_auth_challenge(wpa_s, mgmt, len,
1188 static void ieee80211_rx_mgmt_deauth(struct wpa_supplicant *wpa_s,
1189 struct ieee80211_mgmt *mgmt,
1191 struct ieee80211_rx_status *rx_status)
1196 wpa_printf(MSG_DEBUG, "MLME: too short (%lu) deauthentication "
1197 "frame received from " MACSTR " - ignored",
1198 (unsigned long) len, MAC2STR(mgmt->sa));
1202 if (os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) {
1203 wpa_printf(MSG_DEBUG, "MLME: deauthentication frame received "
1204 "from unknown AP (SA=" MACSTR " BSSID=" MACSTR
1206 MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid));
1210 reason_code = le_to_host16(mgmt->u.deauth.reason_code);
1212 wpa_printf(MSG_DEBUG, "MLME: RX deauthentication from " MACSTR
1213 " (reason=%d)", MAC2STR(mgmt->sa), reason_code);
1215 if (wpa_s->mlme.authenticated)
1216 wpa_printf(MSG_DEBUG, "MLME: deauthenticated");
1218 if (wpa_s->mlme.state == IEEE80211_AUTHENTICATE ||
1219 wpa_s->mlme.state == IEEE80211_ASSOCIATE ||
1220 wpa_s->mlme.state == IEEE80211_ASSOCIATED) {
1221 wpa_s->mlme.state = IEEE80211_AUTHENTICATE;
1222 ieee80211_reschedule_timer(wpa_s,
1223 IEEE80211_RETRY_AUTH_INTERVAL);
1226 ieee80211_set_associated(wpa_s, 0);
1227 wpa_s->mlme.authenticated = 0;
1231 static void ieee80211_rx_mgmt_disassoc(struct wpa_supplicant *wpa_s,
1232 struct ieee80211_mgmt *mgmt,
1234 struct ieee80211_rx_status *rx_status)
1239 wpa_printf(MSG_DEBUG, "MLME: too short (%lu) disassociation "
1240 "frame received from " MACSTR " - ignored",
1241 (unsigned long) len, MAC2STR(mgmt->sa));
1245 if (os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) {
1246 wpa_printf(MSG_DEBUG, "MLME: disassociation frame received "
1247 "from unknown AP (SA=" MACSTR " BSSID=" MACSTR
1249 MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid));
1253 reason_code = le_to_host16(mgmt->u.disassoc.reason_code);
1255 wpa_printf(MSG_DEBUG, "MLME: RX disassociation from " MACSTR
1256 " (reason=%d)", MAC2STR(mgmt->sa), reason_code);
1258 if (wpa_s->mlme.associated)
1259 wpa_printf(MSG_DEBUG, "MLME: disassociated");
1261 if (wpa_s->mlme.state == IEEE80211_ASSOCIATED) {
1262 wpa_s->mlme.state = IEEE80211_ASSOCIATE;
1263 ieee80211_reschedule_timer(wpa_s,
1264 IEEE80211_RETRY_AUTH_INTERVAL);
1267 ieee80211_set_associated(wpa_s, 0);
1271 static void ieee80211_rx_mgmt_assoc_resp(struct wpa_supplicant *wpa_s,
1272 struct ieee80211_mgmt *mgmt,
1274 struct ieee80211_rx_status *rx_status,
1279 u16 capab_info, status_code, aid;
1280 struct ieee802_11_elems elems;
1283 /* AssocResp and ReassocResp have identical structure, so process both
1284 * of them in this function. */
1286 if (wpa_s->mlme.state != IEEE80211_ASSOCIATE) {
1287 wpa_printf(MSG_DEBUG, "MLME: association frame received from "
1288 MACSTR ", but not in associate state - ignored",
1294 wpa_printf(MSG_DEBUG, "MLME: too short (%lu) association "
1295 "frame received from " MACSTR " - ignored",
1296 (unsigned long) len, MAC2STR(mgmt->sa));
1300 if (os_memcmp(wpa_s->bssid, mgmt->sa, ETH_ALEN) != 0) {
1301 wpa_printf(MSG_DEBUG, "MLME: association frame received from "
1302 "unknown AP (SA=" MACSTR " BSSID=" MACSTR ") - "
1303 "ignored", MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid));
1307 capab_info = le_to_host16(mgmt->u.assoc_resp.capab_info);
1308 status_code = le_to_host16(mgmt->u.assoc_resp.status_code);
1309 aid = le_to_host16(mgmt->u.assoc_resp.aid);
1310 if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14)))
1311 wpa_printf(MSG_DEBUG, "MLME: invalid aid value %d; bits 15:14 "
1313 aid &= ~(BIT(15) | BIT(14));
1315 wpa_printf(MSG_DEBUG, "MLME: RX %sssocResp from " MACSTR
1316 " (capab=0x%x status=%d aid=%d)",
1317 reassoc ? "Rea" : "A", MAC2STR(mgmt->sa),
1318 capab_info, status_code, aid);
1320 if (status_code != WLAN_STATUS_SUCCESS) {
1321 wpa_printf(MSG_DEBUG, "MLME: AP denied association (code=%d)",
1326 pos = mgmt->u.assoc_resp.variable;
1327 if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems)
1329 wpa_printf(MSG_DEBUG, "MLME: failed to parse AssocResp");
1333 if (elems.supp_rates == NULL) {
1334 wpa_printf(MSG_DEBUG, "MLME: no SuppRates element in "
1339 wpa_printf(MSG_DEBUG, "MLME: associated");
1340 wpa_s->mlme.aid = aid;
1341 wpa_s->mlme.ap_capab = capab_info;
1343 os_free(wpa_s->mlme.assocresp_ies);
1344 wpa_s->mlme.assocresp_ies_len = len - (pos - (u8 *) mgmt);
1345 wpa_s->mlme.assocresp_ies = os_malloc(wpa_s->mlme.assocresp_ies_len);
1346 if (wpa_s->mlme.assocresp_ies) {
1347 os_memcpy(wpa_s->mlme.assocresp_ies, pos,
1348 wpa_s->mlme.assocresp_ies_len);
1351 ieee80211_set_associated(wpa_s, 1);
1353 rates_len = elems.supp_rates_len;
1354 if (rates_len > sizeof(rates))
1355 rates_len = sizeof(rates);
1356 os_memcpy(rates, elems.supp_rates, rates_len);
1357 if (elems.ext_supp_rates) {
1358 size_t _len = elems.ext_supp_rates_len;
1359 if (_len > sizeof(rates) - rates_len)
1360 _len = sizeof(rates) - rates_len;
1361 os_memcpy(rates + rates_len, elems.ext_supp_rates, _len);
1365 if (wpa_drv_set_bssid(wpa_s, wpa_s->bssid) < 0) {
1366 wpa_printf(MSG_DEBUG, "MLME: failed to set BSSID for the "
1369 if (wpa_drv_set_ssid(wpa_s, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len) <
1371 wpa_printf(MSG_DEBUG, "MLME: failed to set SSID for the "
1375 /* Remove STA entry before adding a new one just in case to avoid
1376 * problems with existing configuration (e.g., keys). */
1377 wpa_drv_mlme_remove_sta(wpa_s, wpa_s->bssid);
1378 if (wpa_drv_mlme_add_sta(wpa_s, wpa_s->bssid, rates, rates_len) < 0) {
1379 wpa_printf(MSG_DEBUG, "MLME: failed to add STA entry to the "
1386 if (elems.wmm_param && wpa_s->mlme.wmm_enabled) {
1387 sta->flags |= WLAN_STA_WME;
1388 ieee80211_sta_wmm_params(wpa_s, elems.wmm_param,
1389 elems.wmm_param_len);
1393 ieee80211_associated(wpa_s);
1397 /* Caller must hold local->sta_bss_lock */
1398 static void __ieee80211_bss_hash_add(struct wpa_supplicant *wpa_s,
1399 struct ieee80211_sta_bss *bss)
1401 bss->hnext = wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)];
1402 wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)] = bss;
1406 /* Caller must hold local->sta_bss_lock */
1407 static void __ieee80211_bss_hash_del(struct wpa_supplicant *wpa_s,
1408 struct ieee80211_sta_bss *bss)
1410 struct ieee80211_sta_bss *b, *prev = NULL;
1411 b = wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)];
1415 wpa_s->mlme.sta_bss_hash[STA_HASH(bss->bssid)]
1418 prev->hnext = bss->hnext;
1428 static struct ieee80211_sta_bss *
1429 ieee80211_bss_add(struct wpa_supplicant *wpa_s, const u8 *bssid)
1431 struct ieee80211_sta_bss *bss;
1433 bss = os_zalloc(sizeof(*bss));
1436 os_memcpy(bss->bssid, bssid, ETH_ALEN);
1438 /* TODO: order by RSSI? */
1439 bss->next = wpa_s->mlme.sta_bss_list;
1440 wpa_s->mlme.sta_bss_list = bss;
1441 __ieee80211_bss_hash_add(wpa_s, bss);
1446 static struct ieee80211_sta_bss *
1447 ieee80211_bss_get(struct wpa_supplicant *wpa_s, const u8 *bssid)
1449 struct ieee80211_sta_bss *bss;
1451 bss = wpa_s->mlme.sta_bss_hash[STA_HASH(bssid)];
1453 if (os_memcmp(bss->bssid, bssid, ETH_ALEN) == 0)
1461 static void ieee80211_bss_free(struct wpa_supplicant *wpa_s,
1462 struct ieee80211_sta_bss *bss)
1464 __ieee80211_bss_hash_del(wpa_s, bss);
1465 os_free(bss->wpa_ie);
1466 os_free(bss->rsn_ie);
1467 os_free(bss->wmm_ie);
1472 static void ieee80211_bss_list_deinit(struct wpa_supplicant *wpa_s)
1474 struct ieee80211_sta_bss *bss, *prev;
1476 bss = wpa_s->mlme.sta_bss_list;
1477 wpa_s->mlme.sta_bss_list = NULL;
1481 ieee80211_bss_free(wpa_s, prev);
1486 static void ieee80211_bss_info(struct wpa_supplicant *wpa_s,
1487 struct ieee80211_mgmt *mgmt,
1489 struct ieee80211_rx_status *rx_status,
1492 struct ieee802_11_elems elems;
1494 int channel, invalid = 0, clen;
1495 struct ieee80211_sta_bss *bss;
1499 if (!beacon && os_memcmp(mgmt->da, wpa_s->own_addr, ETH_ALEN))
1500 return; /* ignore ProbeResp to foreign address */
1503 wpa_printf(MSG_MSGDUMP, "MLME: RX %s from " MACSTR " to " MACSTR,
1504 beacon ? "Beacon" : "Probe Response",
1505 MAC2STR(mgmt->sa), MAC2STR(mgmt->da));
1508 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1512 pos = mgmt->u.beacon.timestamp;
1513 timestamp = ((u64) pos[7] << 56) | ((u64) pos[6] << 48) |
1514 ((u64) pos[5] << 40) | ((u64) pos[4] << 32) |
1515 ((u64) pos[3] << 24) | ((u64) pos[2] << 16) |
1516 ((u64) pos[1] << 8) | ((u64) pos[0]);
1519 if (local->conf.mode == IW_MODE_ADHOC && beacon &&
1520 os_memcmp(mgmt->bssid, local->bssid, ETH_ALEN) == 0) {
1521 #ifdef IEEE80211_IBSS_DEBUG
1522 static unsigned long last_tsf_debug = 0;
1524 if (local->hw->get_tsf)
1525 tsf = local->hw->get_tsf(local->mdev);
1528 if (time_after(jiffies, last_tsf_debug + 5 * HZ)) {
1529 wpa_printf(MSG_DEBUG, "RX beacon SA=" MACSTR " BSSID="
1530 MACSTR " TSF=0x%llx BCN=0x%llx diff=%lld "
1532 MAC2STR(mgmt->sa), MAC2STR(mgmt->bssid),
1533 tsf, timestamp, tsf - timestamp, jiffies);
1534 last_tsf_debug = jiffies;
1536 #endif /* IEEE80211_IBSS_DEBUG */
1540 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1541 &elems) == ParseFailed)
1545 if (local->conf.mode == IW_MODE_ADHOC && elems.supp_rates &&
1546 os_memcmp(mgmt->bssid, local->bssid, ETH_ALEN) == 0 &&
1547 (sta = sta_info_get(local, mgmt->sa))) {
1548 struct ieee80211_rate *rates;
1550 u32 supp_rates, prev_rates;
1551 int i, j, oper_mode;
1553 rates = local->curr_rates;
1554 num_rates = local->num_curr_rates;
1555 oper_mode = wpa_s->mlme.sta_scanning ?
1556 local->scan_oper_phymode : local->conf.phymode;
1557 for (i = 0; i < local->hw->num_modes; i++) {
1558 struct ieee80211_hw_modes *mode = &local->hw->modes[i];
1559 if (oper_mode == mode->mode) {
1560 rates = mode->rates;
1561 num_rates = mode->num_rates;
1567 for (i = 0; i < elems.supp_rates_len +
1568 elems.ext_supp_rates_len; i++) {
1571 if (i < elems.supp_rates_len)
1572 rate = elems.supp_rates[i];
1573 else if (elems.ext_supp_rates)
1574 rate = elems.ext_supp_rates
1575 [i - elems.supp_rates_len];
1576 own_rate = 5 * (rate & 0x7f);
1577 if (oper_mode == MODE_ATHEROS_TURBO)
1579 for (j = 0; j < num_rates; j++)
1580 if (rates[j].rate == own_rate)
1581 supp_rates |= BIT(j);
1584 prev_rates = sta->supp_rates;
1585 sta->supp_rates &= supp_rates;
1586 if (sta->supp_rates == 0) {
1587 /* No matching rates - this should not really happen.
1588 * Make sure that at least one rate is marked
1589 * supported to avoid issues with TX rate ctrl. */
1590 sta->supp_rates = wpa_s->mlme.supp_rates_bits;
1592 if (sta->supp_rates != prev_rates) {
1593 wpa_printf(MSG_DEBUG, "MLME: updated supp_rates set "
1594 "for " MACSTR " based on beacon info "
1595 "(0x%x & 0x%x -> 0x%x)",
1596 MAC2STR(sta->addr), prev_rates,
1597 supp_rates, sta->supp_rates);
1599 sta_info_release(local, sta);
1603 if (elems.ssid == NULL)
1606 if (elems.ds_params && elems.ds_params_len == 1)
1607 channel = elems.ds_params[0];
1609 channel = rx_status->channel;
1611 bss = ieee80211_bss_get(wpa_s, mgmt->bssid);
1613 bss = ieee80211_bss_add(wpa_s, mgmt->bssid);
1618 /* TODO: order by RSSI? */
1619 spin_lock_bh(&local->sta_bss_lock);
1620 list_move_tail(&bss->list, &local->sta_bss_list);
1621 spin_unlock_bh(&local->sta_bss_lock);
1625 if (bss->probe_resp && beacon) {
1626 /* Do not allow beacon to override data from Probe Response. */
1630 bss->beacon_int = le_to_host16(mgmt->u.beacon.beacon_int);
1631 bss->capability = le_to_host16(mgmt->u.beacon.capab_info);
1632 if (elems.ssid && elems.ssid_len <= MAX_SSID_LEN) {
1633 os_memcpy(bss->ssid, elems.ssid, elems.ssid_len);
1634 bss->ssid_len = elems.ssid_len;
1637 bss->supp_rates_len = 0;
1638 if (elems.supp_rates) {
1639 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1640 if (clen > elems.supp_rates_len)
1641 clen = elems.supp_rates_len;
1642 os_memcpy(&bss->supp_rates[bss->supp_rates_len],
1643 elems.supp_rates, clen);
1644 bss->supp_rates_len += clen;
1646 if (elems.ext_supp_rates) {
1647 clen = IEEE80211_MAX_SUPP_RATES - bss->supp_rates_len;
1648 if (clen > elems.ext_supp_rates_len)
1649 clen = elems.ext_supp_rates_len;
1650 os_memcpy(&bss->supp_rates[bss->supp_rates_len],
1651 elems.ext_supp_rates, clen);
1652 bss->supp_rates_len += clen;
1656 (bss->wpa_ie == NULL || bss->wpa_ie_len != elems.wpa_len ||
1657 os_memcmp(bss->wpa_ie, elems.wpa, elems.wpa_len))) {
1658 os_free(bss->wpa_ie);
1659 bss->wpa_ie = os_malloc(elems.wpa_len + 2);
1661 os_memcpy(bss->wpa_ie, elems.wpa - 2,
1663 bss->wpa_ie_len = elems.wpa_len + 2;
1665 bss->wpa_ie_len = 0;
1666 } else if (!elems.wpa && bss->wpa_ie) {
1667 os_free(bss->wpa_ie);
1669 bss->wpa_ie_len = 0;
1673 (bss->rsn_ie == NULL || bss->rsn_ie_len != elems.rsn_len ||
1674 os_memcmp(bss->rsn_ie, elems.rsn, elems.rsn_len))) {
1675 os_free(bss->rsn_ie);
1676 bss->rsn_ie = os_malloc(elems.rsn_len + 2);
1678 os_memcpy(bss->rsn_ie, elems.rsn - 2,
1680 bss->rsn_ie_len = elems.rsn_len + 2;
1682 bss->rsn_ie_len = 0;
1683 } else if (!elems.rsn && bss->rsn_ie) {
1684 os_free(bss->rsn_ie);
1686 bss->rsn_ie_len = 0;
1689 if (elems.wmm_param &&
1690 (bss->wmm_ie == NULL || bss->wmm_ie_len != elems.wmm_param_len ||
1691 os_memcmp(bss->wmm_ie, elems.wmm_param, elems.wmm_param_len))) {
1692 os_free(bss->wmm_ie);
1693 bss->wmm_ie = os_malloc(elems.wmm_param_len + 2);
1695 os_memcpy(bss->wmm_ie, elems.wmm_param - 2,
1696 elems.wmm_param_len + 2);
1697 bss->wmm_ie_len = elems.wmm_param_len + 2;
1699 bss->wmm_ie_len = 0;
1700 } else if (!elems.wmm_param && bss->wmm_ie) {
1701 os_free(bss->wmm_ie);
1703 bss->wmm_ie_len = 0;
1707 bss->hw_mode = wpa_s->mlme.phymode;
1708 bss->channel = channel;
1709 bss->freq = wpa_s->mlme.freq;
1710 if (channel != wpa_s->mlme.channel &&
1711 (wpa_s->mlme.phymode == WPA_MODE_IEEE80211G ||
1712 wpa_s->mlme.phymode == WPA_MODE_IEEE80211B) &&
1713 channel >= 1 && channel <= 14) {
1714 static const int freq_list[] = {
1715 2412, 2417, 2422, 2427, 2432, 2437, 2442,
1716 2447, 2452, 2457, 2462, 2467, 2472, 2484
1718 /* IEEE 802.11g/b mode can receive packets from neighboring
1719 * channels, so map the channel into frequency. */
1720 bss->freq = freq_list[channel - 1];
1722 bss->timestamp = timestamp;
1723 os_get_time(&bss->last_update);
1724 bss->rssi = rx_status->ssi;
1730 static void ieee80211_rx_mgmt_probe_resp(struct wpa_supplicant *wpa_s,
1731 struct ieee80211_mgmt *mgmt,
1733 struct ieee80211_rx_status *rx_status)
1735 ieee80211_bss_info(wpa_s, mgmt, len, rx_status, 0);
1739 static void ieee80211_rx_mgmt_beacon(struct wpa_supplicant *wpa_s,
1740 struct ieee80211_mgmt *mgmt,
1742 struct ieee80211_rx_status *rx_status)
1746 struct ieee802_11_elems elems;
1748 ieee80211_bss_info(wpa_s, mgmt, len, rx_status, 1);
1750 if (!wpa_s->mlme.associated ||
1751 os_memcmp(wpa_s->bssid, mgmt->bssid, ETH_ALEN) != 0)
1754 /* Process beacon from the current BSS */
1755 baselen = (u8 *) mgmt->u.beacon.variable - (u8 *) mgmt;
1759 if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen,
1760 &elems) == ParseFailed)
1764 if (elems.erp_info && elems.erp_info_len >= 1) {
1766 (elems.erp_info[0] & ERP_INFO_USE_PROTECTION) != 0;
1769 if (use_protection != !!wpa_s->mlme.use_protection) {
1770 wpa_printf(MSG_DEBUG, "MLME: CTS protection %s (BSSID=" MACSTR
1772 use_protection ? "enabled" : "disabled",
1773 MAC2STR(wpa_s->bssid));
1774 wpa_s->mlme.use_protection = use_protection ? 1 : 0;
1775 wpa_s->mlme.cts_protect_erp_frames = use_protection;
1778 if (elems.wmm_param && wpa_s->mlme.wmm_enabled) {
1779 ieee80211_sta_wmm_params(wpa_s, elems.wmm_param,
1780 elems.wmm_param_len);
1785 static void ieee80211_rx_mgmt_probe_req(struct wpa_supplicant *wpa_s,
1786 struct ieee80211_mgmt *mgmt,
1788 struct ieee80211_rx_status *rx_status)
1790 int tx_last_beacon, adhoc;
1792 struct ieee80211_mgmt *resp;
1795 struct wpa_ssid *ssid = wpa_s->current_ssid;
1797 adhoc = ssid && ssid->mode == 1;
1799 if (!adhoc || wpa_s->mlme.state != IEEE80211_IBSS_JOINED ||
1800 len < 24 + 2 || wpa_s->mlme.probe_resp == NULL)
1804 if (local->hw->tx_last_beacon)
1805 tx_last_beacon = local->hw->tx_last_beacon(local->mdev);
1810 #ifdef IEEE80211_IBSS_DEBUG
1811 wpa_printf(MSG_DEBUG, "MLME: RX ProbeReq SA=" MACSTR " DA=" MACSTR
1812 " BSSID=" MACSTR " (tx_last_beacon=%d)",
1813 MAC2STR(mgmt->sa), MAC2STR(mgmt->da),
1814 MAC2STR(mgmt->bssid), tx_last_beacon);
1815 #endif /* IEEE80211_IBSS_DEBUG */
1817 if (!tx_last_beacon)
1820 if (os_memcmp(mgmt->bssid, wpa_s->bssid, ETH_ALEN) != 0 &&
1821 os_memcmp(mgmt->bssid, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1824 end = ((u8 *) mgmt) + len;
1825 pos = mgmt->u.probe_req.variable;
1826 if (pos[0] != WLAN_EID_SSID ||
1827 pos + 2 + pos[1] > end) {
1828 wpa_printf(MSG_DEBUG, "MLME: Invalid SSID IE in ProbeReq from "
1829 MACSTR, MAC2STR(mgmt->sa));
1833 (pos[1] != wpa_s->mlme.ssid_len ||
1834 os_memcmp(pos + 2, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len) != 0))
1836 /* Ignore ProbeReq for foreign SSID */
1841 /* Reply with ProbeResp */
1842 skb = skb_copy(wpa_s->mlme.probe_resp, GFP_ATOMIC);
1846 resp = (struct ieee80211_mgmt *) skb->data;
1847 os_memcpy(resp->da, mgmt->sa, ETH_ALEN);
1848 #ifdef IEEE80211_IBSS_DEBUG
1849 wpa_printf(MSG_DEBUG, "MLME: Sending ProbeResp to " MACSTR,
1851 #endif /* IEEE80211_IBSS_DEBUG */
1852 ieee80211_sta_tx(wpa_s, skb, 0, 1);
1857 static void ieee80211_sta_rx_mgmt(struct wpa_supplicant *wpa_s,
1858 const u8 *buf, size_t len,
1859 struct ieee80211_rx_status *rx_status)
1861 struct ieee80211_mgmt *mgmt;
1867 mgmt = (struct ieee80211_mgmt *) buf;
1868 fc = le_to_host16(mgmt->frame_control);
1870 switch (WLAN_FC_GET_STYPE(fc)) {
1871 case WLAN_FC_STYPE_PROBE_REQ:
1872 ieee80211_rx_mgmt_probe_req(wpa_s, mgmt, len, rx_status);
1874 case WLAN_FC_STYPE_PROBE_RESP:
1875 ieee80211_rx_mgmt_probe_resp(wpa_s, mgmt, len, rx_status);
1877 case WLAN_FC_STYPE_BEACON:
1878 ieee80211_rx_mgmt_beacon(wpa_s, mgmt, len, rx_status);
1880 case WLAN_FC_STYPE_AUTH:
1881 ieee80211_rx_mgmt_auth(wpa_s, mgmt, len, rx_status);
1883 case WLAN_FC_STYPE_ASSOC_RESP:
1884 ieee80211_rx_mgmt_assoc_resp(wpa_s, mgmt, len, rx_status, 0);
1886 case WLAN_FC_STYPE_REASSOC_RESP:
1887 ieee80211_rx_mgmt_assoc_resp(wpa_s, mgmt, len, rx_status, 1);
1889 case WLAN_FC_STYPE_DEAUTH:
1890 ieee80211_rx_mgmt_deauth(wpa_s, mgmt, len, rx_status);
1892 case WLAN_FC_STYPE_DISASSOC:
1893 ieee80211_rx_mgmt_disassoc(wpa_s, mgmt, len, rx_status);
1896 wpa_printf(MSG_DEBUG, "MLME: received unknown management "
1897 "frame - stype=%d", WLAN_FC_GET_STYPE(fc));
1903 static void ieee80211_sta_rx_scan(struct wpa_supplicant *wpa_s,
1904 const u8 *buf, size_t len,
1905 struct ieee80211_rx_status *rx_status)
1907 struct ieee80211_mgmt *mgmt;
1913 mgmt = (struct ieee80211_mgmt *) buf;
1914 fc = le_to_host16(mgmt->frame_control);
1916 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT) {
1917 if (WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_RESP) {
1918 ieee80211_rx_mgmt_probe_resp(wpa_s, mgmt,
1920 } else if (WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) {
1921 ieee80211_rx_mgmt_beacon(wpa_s, mgmt, len, rx_status);
1927 static int ieee80211_sta_active_ibss(struct wpa_supplicant *wpa_s)
1932 list_for_each(ptr, &local->sta_list) {
1933 sta = list_entry(ptr, struct sta_info, list);
1934 if (sta->dev == dev &&
1935 time_after(sta->last_rx + IEEE80211_IBSS_MERGE_INTERVAL,
1947 static void ieee80211_sta_expire(struct wpa_supplicant *wpa_s)
1950 list_for_each_safe(ptr, n, &local->sta_list) {
1951 sta = list_entry(ptr, struct sta_info, list);
1952 if (time_after(jiffies, sta->last_rx +
1953 IEEE80211_IBSS_INACTIVITY_LIMIT)) {
1954 wpa_printf(MSG_DEBUG, "MLME: expiring inactive STA "
1955 MACSTR, MAC2STR(sta->addr));
1956 sta_info_free(local, sta, 1);
1963 static void ieee80211_sta_merge_ibss(struct wpa_supplicant *wpa_s)
1965 ieee80211_reschedule_timer(wpa_s, IEEE80211_IBSS_MERGE_INTERVAL);
1967 ieee80211_sta_expire(wpa_s);
1968 if (ieee80211_sta_active_ibss(wpa_s))
1971 wpa_printf(MSG_DEBUG, "MLME: No active IBSS STAs - trying to scan for "
1972 "other IBSS networks with same SSID (merge)");
1973 ieee80211_sta_req_scan(wpa_s, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len);
1977 static void ieee80211_sta_timer(void *eloop_ctx, void *timeout_ctx)
1979 struct wpa_supplicant *wpa_s = eloop_ctx;
1981 switch (wpa_s->mlme.state) {
1982 case IEEE80211_DISABLED:
1984 case IEEE80211_AUTHENTICATE:
1985 ieee80211_authenticate(wpa_s);
1987 case IEEE80211_ASSOCIATE:
1988 ieee80211_associate(wpa_s);
1990 case IEEE80211_ASSOCIATED:
1991 ieee80211_associated(wpa_s);
1993 case IEEE80211_IBSS_SEARCH:
1994 ieee80211_sta_find_ibss(wpa_s);
1996 case IEEE80211_IBSS_JOINED:
1997 ieee80211_sta_merge_ibss(wpa_s);
2000 wpa_printf(MSG_DEBUG, "ieee80211_sta_timer: Unknown state %d",
2005 if (ieee80211_privacy_mismatch(wpa_s)) {
2006 wpa_printf(MSG_DEBUG, "MLME: privacy configuration mismatch "
2007 "and mixed-cell disabled - disassociate");
2009 ieee80211_send_disassoc(wpa_s, WLAN_REASON_UNSPECIFIED);
2010 ieee80211_set_associated(wpa_s, 0);
2015 static void ieee80211_sta_new_auth(struct wpa_supplicant *wpa_s)
2017 struct wpa_ssid *ssid = wpa_s->current_ssid;
2018 if (ssid && ssid->mode != 0)
2022 if (local->hw->reset_tsf) {
2023 /* Reset own TSF to allow time synchronization work. */
2024 local->hw->reset_tsf(local->mdev);
2028 wpa_s->mlme.wmm_last_param_set = -1; /* allow any WMM update */
2031 if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_OPEN)
2032 wpa_s->mlme.auth_alg = WLAN_AUTH_OPEN;
2033 else if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_SHARED_KEY)
2034 wpa_s->mlme.auth_alg = WLAN_AUTH_SHARED_KEY;
2035 else if (wpa_s->mlme.auth_algs & IEEE80211_AUTH_ALG_LEAP)
2036 wpa_s->mlme.auth_alg = WLAN_AUTH_LEAP;
2038 wpa_s->mlme.auth_alg = WLAN_AUTH_OPEN;
2039 wpa_printf(MSG_DEBUG, "MLME: Initial auth_alg=%d",
2040 wpa_s->mlme.auth_alg);
2041 wpa_s->mlme.auth_transaction = -1;
2042 wpa_s->mlme.auth_tries = wpa_s->mlme.assoc_tries = 0;
2043 ieee80211_authenticate(wpa_s);
2047 static int ieee80211_ibss_allowed(struct wpa_supplicant *wpa_s)
2052 for (m = 0; m < local->hw->num_modes; m++) {
2053 struct ieee80211_hw_modes *mode = &local->hw->modes[m];
2054 if (mode->mode != local->conf.phymode)
2056 for (c = 0; c < mode->num_channels; c++) {
2057 struct ieee80211_channel *chan = &mode->channels[c];
2058 if (chan->flag & IEEE80211_CHAN_W_SCAN &&
2059 chan->chan == local->conf.channel) {
2060 if (chan->flag & IEEE80211_CHAN_W_IBSS)
2072 static int ieee80211_sta_join_ibss(struct wpa_supplicant *wpa_s,
2073 struct ieee80211_sta_bss *bss)
2075 int res = 0, rates, done = 0;
2076 struct ieee80211_mgmt *mgmt;
2078 struct ieee80211_tx_control control;
2079 struct ieee80211_rate *rate;
2080 struct rate_control_extra extra;
2085 /* Remove possible STA entries from other IBSS networks. */
2087 sta_info_flush(local, NULL);
2089 if (local->hw->reset_tsf) {
2090 /* Reset own TSF to allow time synchronization work. */
2091 local->hw->reset_tsf(local->mdev);
2094 os_memcpy(wpa_s->bssid, bss->bssid, ETH_ALEN);
2097 local->conf.beacon_int = bss->beacon_int >= 10 ? bss->beacon_int : 10;
2099 sdata->drop_unencrypted = bss->capability &
2100 host_to_le16(WLAN_CAPABILITY_PRIVACY) ? 1 : 0;
2104 os_memset(&rq, 0, sizeof(rq));
2105 rq.m = bss->freq * 100000;
2107 res = ieee80211_ioctl_siwfreq(wpa_s, NULL, &rq, NULL);
2110 if (!ieee80211_ibss_allowed(wpa_s)) {
2112 wpa_printf(MSG_DEBUG, "MLME: IBSS not allowed on channel %d "
2113 "(%d MHz)", local->conf.channel,
2119 /* Set beacon template based on scan results */
2120 buf = os_malloc(400);
2126 mgmt = (struct ieee80211_mgmt *) buf;
2127 len += 24 + sizeof(mgmt->u.beacon);
2128 os_memset(mgmt, 0, 24 + sizeof(mgmt->u.beacon));
2129 mgmt->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
2130 WLAN_FC_STYPE_BEACON);
2131 os_memset(mgmt->da, 0xff, ETH_ALEN);
2132 os_memcpy(mgmt->sa, wpa_s->own_addr, ETH_ALEN);
2133 os_memcpy(mgmt->bssid, wpa_s->bssid, ETH_ALEN);
2135 mgmt->u.beacon.beacon_int =
2136 host_to_le16(local->conf.beacon_int);
2138 mgmt->u.beacon.capab_info = host_to_le16(bss->capability);
2141 len += 2 + wpa_s->mlme.ssid_len;
2142 *pos++ = WLAN_EID_SSID;
2143 *pos++ = wpa_s->mlme.ssid_len;
2144 os_memcpy(pos, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len);
2146 rates = bss->supp_rates_len;
2151 *pos++ = WLAN_EID_SUPP_RATES;
2153 os_memcpy(pos, bss->supp_rates, rates);
2157 *pos++ = WLAN_EID_DS_PARAMS;
2159 *pos++ = bss->channel;
2163 *pos++ = WLAN_EID_IBSS_PARAMS;
2165 /* FIX: set ATIM window based on scan results */
2169 if (bss->supp_rates_len > 8) {
2170 rates = bss->supp_rates_len - 8;
2173 *pos++ = WLAN_EID_EXT_SUPP_RATES;
2175 os_memcpy(pos, &bss->supp_rates[8], rates);
2179 os_memset(&control, 0, sizeof(control));
2180 control.pkt_type = PKT_PROBE_RESP;
2181 os_memset(&extra, 0, sizeof(extra));
2182 extra.endidx = local->num_curr_rates;
2183 rate = rate_control_get_rate(wpa_s, skb, &extra);
2185 wpa_printf(MSG_DEBUG, "MLME: Failed to determine TX "
2186 "rate for IBSS beacon");
2189 control.tx_rate = (wpa_s->mlme.short_preamble &&
2190 (rate->flags & IEEE80211_RATE_PREAMBLE2)) ?
2191 rate->val2 : rate->val;
2192 control.antenna_sel = local->conf.antenna_sel;
2193 control.power_level = local->conf.power_level;
2195 control.retry_limit = 1;
2196 control.rts_cts_duration = 0;
2200 wpa_s->mlme.probe_resp = skb_copy(skb, GFP_ATOMIC);
2201 if (wpa_s->mlme.probe_resp) {
2202 mgmt = (struct ieee80211_mgmt *)
2203 wpa_s->mlme.probe_resp->data;
2204 mgmt->frame_control =
2205 IEEE80211_FC(WLAN_FC_TYPE_MGMT,
2206 WLAN_FC_STYPE_PROBE_RESP);
2208 wpa_printf(MSG_DEBUG, "MLME: Could not allocate "
2209 "ProbeResp template for IBSS");
2212 if (local->hw->beacon_update &&
2213 local->hw->beacon_update(wpa_s, skb, &control) == 0) {
2214 wpa_printf(MSG_DEBUG, "MLME: Configured IBSS beacon "
2215 "template based on scan results");
2220 for (i = 0; i < bss->supp_rates_len; i++) {
2221 int rate = (bss->supp_rates[i] & 0x7f) * 5;
2222 if (local->conf.phymode == MODE_ATHEROS_TURBO)
2224 for (j = 0; j < local->num_curr_rates; j++)
2225 if (local->curr_rates[j].rate == rate)
2228 wpa_s->mlme.supp_rates_bits = rates;
2235 wpa_printf(MSG_DEBUG, "MLME: Failed to configure IBSS beacon "
2239 wpa_s->mlme.state = IEEE80211_IBSS_JOINED;
2240 ieee80211_reschedule_timer(wpa_s, IEEE80211_IBSS_MERGE_INTERVAL);
2247 static int ieee80211_sta_create_ibss(struct wpa_supplicant *wpa_s)
2249 struct ieee80211_sta_bss *bss;
2250 u8 bssid[ETH_ALEN], *pos;
2254 /* Easier testing, use fixed BSSID. */
2255 os_memset(bssid, 0xfe, ETH_ALEN);
2257 /* Generate random, not broadcast, locally administered BSSID. Mix in
2258 * own MAC address to make sure that devices that do not have proper
2259 * random number generator get different BSSID. */
2260 os_get_random(bssid, ETH_ALEN);
2261 for (i = 0; i < ETH_ALEN; i++)
2262 bssid[i] ^= wpa_s->own_addr[i];
2267 wpa_printf(MSG_DEBUG, "MLME: Creating new IBSS network, BSSID "
2268 MACSTR "", MAC2STR(bssid));
2270 bss = ieee80211_bss_add(wpa_s, bssid);
2275 if (local->conf.beacon_int == 0)
2276 local->conf.beacon_int = 100;
2277 bss->beacon_int = local->conf.beacon_int;
2278 bss->hw_mode = local->conf.phymode;
2279 bss->channel = local->conf.channel;
2280 bss->freq = local->conf.freq;
2282 os_get_time(&bss->last_update);
2283 bss->capability = host_to_le16(WLAN_CAPABILITY_IBSS);
2285 if (sdata->default_key) {
2286 bss->capability |= host_to_le16(WLAN_CAPABILITY_PRIVACY);
2288 sdata->drop_unencrypted = 0;
2289 bss->supp_rates_len = local->num_curr_rates;
2291 pos = bss->supp_rates;
2293 for (i = 0; i < local->num_curr_rates; i++) {
2294 int rate = local->curr_rates[i].rate;
2295 if (local->conf.phymode == MODE_ATHEROS_TURBO)
2297 *pos++ = (u8) (rate / 5);
2301 return ieee80211_sta_join_ibss(wpa_s, bss);
2306 static int ieee80211_sta_find_ibss(struct wpa_supplicant *wpa_s)
2308 struct ieee80211_sta_bss *bss;
2314 if (wpa_s->mlme.ssid_len == 0)
2317 active_ibss = ieee80211_sta_active_ibss(wpa_s);
2318 #ifdef IEEE80211_IBSS_DEBUG
2319 wpa_printf(MSG_DEBUG, "MLME: sta_find_ibss (active_ibss=%d)",
2321 #endif /* IEEE80211_IBSS_DEBUG */
2322 for (bss = wpa_s->mlme.sta_bss_list; bss; bss = bss->next) {
2323 if (wpa_s->mlme.ssid_len != bss->ssid_len ||
2324 os_memcmp(wpa_s->mlme.ssid, bss->ssid, bss->ssid_len) != 0
2325 || !(bss->capability & WLAN_CAPABILITY_IBSS))
2327 #ifdef IEEE80211_IBSS_DEBUG
2328 wpa_printf(MSG_DEBUG, " bssid=" MACSTR " found",
2329 MAC2STR(bss->bssid));
2330 #endif /* IEEE80211_IBSS_DEBUG */
2331 os_memcpy(bssid, bss->bssid, ETH_ALEN);
2334 os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0)
2338 #ifdef IEEE80211_IBSS_DEBUG
2339 wpa_printf(MSG_DEBUG, " sta_find_ibss: selected " MACSTR " current "
2340 MACSTR, MAC2STR(bssid), MAC2STR(wpa_s->bssid));
2341 #endif /* IEEE80211_IBSS_DEBUG */
2342 if (found && os_memcmp(wpa_s->bssid, bssid, ETH_ALEN) != 0 &&
2343 (bss = ieee80211_bss_get(wpa_s, bssid))) {
2344 wpa_printf(MSG_DEBUG, "MLME: Selected IBSS BSSID " MACSTR
2345 " based on configured SSID",
2347 return ieee80211_sta_join_ibss(wpa_s, bss);
2349 #ifdef IEEE80211_IBSS_DEBUG
2350 wpa_printf(MSG_DEBUG, " did not try to join ibss");
2351 #endif /* IEEE80211_IBSS_DEBUG */
2353 /* Selected IBSS not found in current scan results - try to scan */
2356 if (wpa_s->mlme.state == IEEE80211_IBSS_JOINED &&
2357 !ieee80211_sta_active_ibss(wpa_s)) {
2358 ieee80211_reschedule_timer(wpa_s,
2359 IEEE80211_IBSS_MERGE_INTERVAL);
2360 } else if (time_after(jiffies, wpa_s->mlme.last_scan_completed +
2361 IEEE80211_SCAN_INTERVAL)) {
2362 wpa_printf(MSG_DEBUG, "MLME: Trigger new scan to find an IBSS "
2364 return ieee80211_sta_req_scan(wpa_s->mlme.ssid,
2365 wpa_s->mlme.ssid_len);
2366 } else if (wpa_s->mlme.state != IEEE80211_IBSS_JOINED) {
2367 int interval = IEEE80211_SCAN_INTERVAL;
2369 if (time_after(jiffies, wpa_s->mlme.ibss_join_req +
2370 IEEE80211_IBSS_JOIN_TIMEOUT)) {
2371 if (wpa_s->mlme.create_ibss &&
2372 ieee80211_ibss_allowed(wpa_s))
2373 return ieee80211_sta_create_ibss(wpa_s);
2374 if (wpa_s->mlme.create_ibss) {
2375 wpa_printf(MSG_DEBUG, "MLME: IBSS not allowed "
2376 "on the configured channel %d "
2378 local->conf.channel,
2382 /* No IBSS found - decrease scan interval and continue
2384 interval = IEEE80211_SCAN_INTERVAL_SLOW;
2387 wpa_s->mlme.state = IEEE80211_IBSS_SEARCH;
2388 ieee80211_reschedule_timer(wpa_s, interval);
2397 int ieee80211_sta_get_ssid(struct wpa_supplicant *wpa_s, u8 *ssid,
2400 os_memcpy(ssid, wpa_s->mlme.ssid, wpa_s->mlme.ssid_len);
2401 *len = wpa_s->mlme.ssid_len;
2406 int ieee80211_sta_associate(struct wpa_supplicant *wpa_s,
2407 struct wpa_driver_associate_params *params)
2409 struct ieee80211_sta_bss *bss;
2411 wpa_s->mlme.bssid_set = 0;
2412 wpa_s->mlme.freq = params->freq;
2413 if (params->bssid) {
2414 os_memcpy(wpa_s->bssid, params->bssid, ETH_ALEN);
2415 if (os_memcmp(params->bssid, "\x00\x00\x00\x00\x00\x00",
2417 wpa_s->mlme.bssid_set = 1;
2418 bss = ieee80211_bss_get(wpa_s, wpa_s->bssid);
2420 wpa_s->mlme.phymode = bss->hw_mode;
2421 wpa_s->mlme.channel = bss->channel;
2422 wpa_s->mlme.freq = bss->freq;
2427 /* TODO: This should always be done for IBSS, even if IEEE80211_QOS is
2429 if (local->hw->conf_tx) {
2430 struct ieee80211_tx_queue_params qparam;
2433 os_memset(&qparam, 0, sizeof(qparam));
2434 /* TODO: are these ok defaults for all hw_modes? */
2437 local->conf.phymode == MODE_IEEE80211B ? 31 : 15;
2438 qparam.cw_max = 1023;
2439 qparam.burst_time = 0;
2440 for (i = IEEE80211_TX_QUEUE_DATA0; i < NUM_TX_DATA_QUEUES; i++)
2442 local->hw->conf_tx(wpa_s, i + IEEE80211_TX_QUEUE_DATA0,
2445 /* IBSS uses different parameters for Beacon sending */
2449 local->hw->conf_tx(wpa_s, IEEE80211_TX_QUEUE_BEACON, &qparam);
2453 if (wpa_s->mlme.ssid_len != params->ssid_len ||
2454 os_memcmp(wpa_s->mlme.ssid, params->ssid, params->ssid_len) != 0)
2455 wpa_s->mlme.prev_bssid_set = 0;
2456 os_memcpy(wpa_s->mlme.ssid, params->ssid, params->ssid_len);
2457 os_memset(wpa_s->mlme.ssid + params->ssid_len, 0,
2458 MAX_SSID_LEN - params->ssid_len);
2459 wpa_s->mlme.ssid_len = params->ssid_len;
2460 wpa_s->mlme.ssid_set = 1;
2462 os_free(wpa_s->mlme.extra_ie);
2463 if (params->wpa_ie == NULL || params->wpa_ie_len == 0) {
2464 wpa_s->mlme.extra_ie = NULL;
2465 wpa_s->mlme.extra_ie_len = 0;
2468 wpa_s->mlme.extra_ie = os_malloc(params->wpa_ie_len);
2469 if (wpa_s->mlme.extra_ie == NULL) {
2470 wpa_s->mlme.extra_ie_len = 0;
2473 os_memcpy(wpa_s->mlme.extra_ie, params->wpa_ie, params->wpa_ie_len);
2474 wpa_s->mlme.extra_ie_len = params->wpa_ie_len;
2476 wpa_s->mlme.key_mgmt = params->key_mgmt_suite;
2478 ieee80211_sta_set_channel(wpa_s, wpa_s->mlme.phymode,
2479 wpa_s->mlme.channel, wpa_s->mlme.freq);
2481 if (params->mode == 1 && !wpa_s->mlme.bssid_set) {
2482 os_get_time(&wpa_s->mlme.ibss_join_req);
2483 wpa_s->mlme.state = IEEE80211_IBSS_SEARCH;
2484 return ieee80211_sta_find_ibss(wpa_s);
2487 if (wpa_s->mlme.bssid_set)
2488 ieee80211_sta_new_auth(wpa_s);
2494 static void ieee80211_sta_save_oper_chan(struct wpa_supplicant *wpa_s)
2496 wpa_s->mlme.scan_oper_channel = wpa_s->mlme.channel;
2497 wpa_s->mlme.scan_oper_freq = wpa_s->mlme.freq;
2498 wpa_s->mlme.scan_oper_phymode = wpa_s->mlme.phymode;
2502 static int ieee80211_sta_restore_oper_chan(struct wpa_supplicant *wpa_s)
2504 wpa_s->mlme.channel = wpa_s->mlme.scan_oper_channel;
2505 wpa_s->mlme.freq = wpa_s->mlme.scan_oper_freq;
2506 wpa_s->mlme.phymode = wpa_s->mlme.scan_oper_phymode;
2507 if (wpa_s->mlme.freq == 0)
2509 return ieee80211_sta_set_channel(wpa_s, wpa_s->mlme.phymode,
2510 wpa_s->mlme.channel,
2515 static int ieee80211_active_scan(struct wpa_supplicant *wpa_s)
2520 for (m = 0; m < wpa_s->mlme.num_modes; m++) {
2521 struct wpa_hw_modes *mode = &wpa_s->mlme.modes[m];
2522 if ((int) mode->mode != (int) wpa_s->mlme.phymode)
2524 for (c = 0; c < mode->num_channels; c++) {
2525 struct wpa_channel_data *chan = &mode->channels[c];
2526 if (chan->flag & WPA_CHAN_W_SCAN &&
2527 chan->chan == wpa_s->mlme.channel) {
2528 if (chan->flag & WPA_CHAN_W_ACTIVE_SCAN)
2539 static void ieee80211_sta_scan_timer(void *eloop_ctx, void *timeout_ctx)
2541 struct wpa_supplicant *wpa_s = eloop_ctx;
2542 struct wpa_hw_modes *mode;
2543 struct wpa_channel_data *chan;
2546 struct wpa_ssid *ssid = wpa_s->current_ssid;
2549 if (!wpa_s->mlme.sta_scanning || wpa_s->mlme.modes == NULL)
2552 adhoc = ssid && ssid->mode == 1;
2554 switch (wpa_s->mlme.scan_state) {
2555 case SCAN_SET_CHANNEL:
2556 mode = &wpa_s->mlme.modes[wpa_s->mlme.scan_hw_mode_idx];
2557 if (wpa_s->mlme.scan_hw_mode_idx >=
2558 (int) wpa_s->mlme.num_modes ||
2559 (wpa_s->mlme.scan_hw_mode_idx + 1 ==
2560 (int) wpa_s->mlme.num_modes
2561 && wpa_s->mlme.scan_channel_idx >= mode->num_channels)) {
2562 if (ieee80211_sta_restore_oper_chan(wpa_s)) {
2563 wpa_printf(MSG_DEBUG, "MLME: failed to "
2564 "restore operational channel after "
2567 wpa_printf(MSG_DEBUG, "MLME: scan completed");
2568 wpa_s->mlme.sta_scanning = 0;
2569 os_get_time(&wpa_s->mlme.last_scan_completed);
2570 wpa_supplicant_event(wpa_s, EVENT_SCAN_RESULTS, NULL);
2572 if (!wpa_s->mlme.bssid_set ||
2573 (wpa_s->mlme.state ==
2574 IEEE80211_IBSS_JOINED &&
2575 !ieee80211_sta_active_ibss(wpa_s)))
2576 ieee80211_sta_find_ibss(wpa_s);
2580 skip = !(wpa_s->mlme.hw_modes & (1 << mode->mode));
2581 chan = &mode->channels[wpa_s->mlme.scan_channel_idx];
2582 if (!(chan->flag & WPA_CHAN_W_SCAN) ||
2583 (adhoc && !(chan->flag & WPA_CHAN_W_IBSS)) ||
2584 (wpa_s->mlme.hw_modes & (1 << WPA_MODE_IEEE80211G) &&
2585 mode->mode == WPA_MODE_IEEE80211B &&
2586 wpa_s->mlme.scan_skip_11b))
2590 wpa_printf(MSG_MSGDUMP,
2591 "MLME: scan channel %d (%d MHz)",
2592 chan->chan, chan->freq);
2594 wpa_s->mlme.channel = chan->chan;
2595 wpa_s->mlme.freq = chan->freq;
2596 wpa_s->mlme.phymode = mode->mode;
2597 if (ieee80211_sta_set_channel(wpa_s, mode->mode,
2598 chan->chan, chan->freq))
2600 wpa_printf(MSG_DEBUG, "MLME: failed to set "
2601 "channel %d (%d MHz) for scan",
2602 chan->chan, chan->freq);
2607 wpa_s->mlme.scan_channel_idx++;
2608 if (wpa_s->mlme.scan_channel_idx >=
2609 wpa_s->mlme.modes[wpa_s->mlme.scan_hw_mode_idx].
2611 wpa_s->mlme.scan_hw_mode_idx++;
2612 wpa_s->mlme.scan_channel_idx = 0;
2620 timeout = IEEE80211_PROBE_DELAY;
2621 wpa_s->mlme.scan_state = SCAN_SEND_PROBE;
2623 case SCAN_SEND_PROBE:
2624 if (ieee80211_active_scan(wpa_s)) {
2625 ieee80211_send_probe_req(wpa_s, NULL,
2626 wpa_s->mlme.scan_ssid,
2627 wpa_s->mlme.scan_ssid_len);
2628 timeout = IEEE80211_CHANNEL_TIME;
2630 timeout = IEEE80211_PASSIVE_CHANNEL_TIME;
2632 wpa_s->mlme.scan_state = SCAN_SET_CHANNEL;
2636 eloop_register_timeout(timeout / 1000, 1000 * (timeout % 1000),
2637 ieee80211_sta_scan_timer, wpa_s, NULL);
2641 int ieee80211_sta_req_scan(struct wpa_supplicant *wpa_s, const u8 *ssid,
2644 if (ssid_len > MAX_SSID_LEN)
2647 /* MLME-SCAN.request (page 118) page 144 (11.1.3.1)
2648 * BSSType: INFRASTRUCTURE, INDEPENDENT, ANY_BSS
2651 * ScanType: ACTIVE, PASSIVE
2652 * ProbeDelay: delay (in microseconds) to be used prior to transmitting
2653 * a Probe frame during active scanning
2655 * MinChannelTime (>= ProbeDelay), in TU
2656 * MaxChannelTime: (>= MinChannelTime), in TU
2659 /* MLME-SCAN.confirm
2661 * ResultCode: SUCCESS, INVALID_PARAMETERS
2664 /* TODO: if assoc, move to power save mode for the duration of the
2667 if (wpa_s->mlme.sta_scanning)
2670 wpa_printf(MSG_DEBUG, "MLME: starting scan");
2672 ieee80211_sta_save_oper_chan(wpa_s);
2674 wpa_s->mlme.sta_scanning = 1;
2675 /* TODO: stop TX queue? */
2678 wpa_s->mlme.scan_ssid_len = ssid_len;
2679 os_memcpy(wpa_s->mlme.scan_ssid, ssid, ssid_len);
2681 wpa_s->mlme.scan_ssid_len = 0;
2682 wpa_s->mlme.scan_skip_11b = 1; /* FIX: clear this is 11g is not
2684 wpa_s->mlme.scan_state = SCAN_SET_CHANNEL;
2685 wpa_s->mlme.scan_hw_mode_idx = 0;
2686 wpa_s->mlme.scan_channel_idx = 0;
2687 eloop_register_timeout(0, 1, ieee80211_sta_scan_timer, wpa_s, NULL);
2693 int ieee80211_sta_get_scan_results(struct wpa_supplicant *wpa_s,
2694 struct wpa_scan_result *results,
2698 struct wpa_scan_result *r;
2699 struct ieee80211_sta_bss *bss;
2701 os_memset(results, 0, max_size * sizeof(struct wpa_scan_result));
2702 for (bss = wpa_s->mlme.sta_bss_list; bss; bss = bss->next) {
2703 r = &results[ap_num];
2704 os_memcpy(r->bssid, bss->bssid, ETH_ALEN);
2705 os_memcpy(r->ssid, bss->ssid, bss->ssid_len);
2706 r->ssid_len = bss->ssid_len;
2707 if (bss->wpa_ie && bss->wpa_ie_len < SSID_MAX_WPA_IE_LEN) {
2708 os_memcpy(r->wpa_ie, bss->wpa_ie, bss->wpa_ie_len);
2709 r->wpa_ie_len = bss->wpa_ie_len;
2711 if (bss->rsn_ie && bss->rsn_ie_len < SSID_MAX_WPA_IE_LEN) {
2712 os_memcpy(r->rsn_ie, bss->rsn_ie, bss->rsn_ie_len);
2713 r->rsn_ie_len = bss->rsn_ie_len;
2715 r->freq = bss->freq;
2716 r->caps = bss->capability;
2717 r->level = bss->rssi;
2720 if (ap_num >= max_size)
2729 struct sta_info * ieee80211_ibss_add_sta(struct wpa_supplicant *wpa_s,
2730 struct sk_buff *skb, u8 *bssid,
2733 struct ieee80211_local *local = dev->priv;
2734 struct list_head *ptr;
2735 struct sta_info *sta;
2736 struct wpa_supplicant *sta_dev = NULL;
2738 /* TODO: Could consider removing the least recently used entry and
2739 * allow new one to be added. */
2740 if (local->num_sta >= IEEE80211_IBSS_MAX_STA_ENTRIES) {
2741 if (net_ratelimit()) {
2742 wpa_printf(MSG_DEBUG, "MLME: No room for a new IBSS "
2743 "STA entry " MACSTR, MAC2STR(addr));
2748 spin_lock_bh(&local->sub_if_lock);
2749 list_for_each(ptr, &local->sub_if_list) {
2750 sdata = list_entry(ptr, struct ieee80211_sub_if_data, list);
2751 if (sdata->type == IEEE80211_SUB_IF_TYPE_STA &&
2752 os_memcmp(bssid, sdata->u.sta.bssid, ETH_ALEN) == 0) {
2753 sta_dev = sdata->dev;
2757 spin_unlock_bh(&local->sub_if_lock);
2759 if (sta_dev == NULL)
2762 wpa_printf(MSG_DEBUG, "MLME: Adding new IBSS station " MACSTR
2763 " (dev=%s)", MAC2STR(addr), sta_dev->name);
2765 sta = sta_info_add(wpa_s, addr);
2771 sta->supp_rates = wpa_s->mlme.supp_rates_bits;
2773 rate_control_rate_init(local, sta);
2775 return sta; /* caller will call sta_info_release() */
2780 int ieee80211_sta_deauthenticate(struct wpa_supplicant *wpa_s, u16 reason)
2782 wpa_printf(MSG_DEBUG, "MLME: deauthenticate(reason=%d)", reason);
2784 ieee80211_send_deauth(wpa_s, reason);
2785 ieee80211_set_associated(wpa_s, 0);
2790 int ieee80211_sta_disassociate(struct wpa_supplicant *wpa_s, u16 reason)
2792 wpa_printf(MSG_DEBUG, "MLME: disassociate(reason=%d)", reason);
2794 if (!wpa_s->mlme.associated)
2797 ieee80211_send_disassoc(wpa_s, reason);
2798 ieee80211_set_associated(wpa_s, 0);
2803 void ieee80211_sta_rx(struct wpa_supplicant *wpa_s, const u8 *buf, size_t len,
2804 struct ieee80211_rx_status *rx_status)
2806 struct ieee80211_mgmt *mgmt;
2810 /* wpa_hexdump(MSG_MSGDUMP, "MLME: Received frame", buf, len); */
2812 if (wpa_s->mlme.sta_scanning) {
2813 ieee80211_sta_rx_scan(wpa_s, buf, len, rx_status);
2820 mgmt = (struct ieee80211_mgmt *) buf;
2821 fc = le_to_host16(mgmt->frame_control);
2823 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT)
2824 ieee80211_sta_rx_mgmt(wpa_s, buf, len, rx_status);
2825 else if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_DATA) {
2826 if ((fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) !=
2829 /* mgmt->sa is actually BSSID for FromDS data frames */
2830 if (os_memcmp(mgmt->sa, wpa_s->bssid, ETH_ALEN) != 0)
2832 /* Skip IEEE 802.11 and LLC headers */
2834 if (WPA_GET_BE16(pos) != ETH_P_EAPOL)
2837 /* mgmt->bssid is actually BSSID for SA data frames */
2838 wpa_supplicant_rx_eapol(wpa_s, mgmt->bssid,
2839 pos, buf + len - pos);
2844 void ieee80211_sta_free_hw_features(struct wpa_hw_modes *hw_features,
2845 size_t num_hw_features)
2849 if (hw_features == NULL)
2852 for (i = 0; i < num_hw_features; i++) {
2853 os_free(hw_features[i].channels);
2854 os_free(hw_features[i].rates);
2857 os_free(hw_features);
2861 int ieee80211_sta_init(struct wpa_supplicant *wpa_s)
2863 u16 num_modes, flags;
2865 wpa_s->mlme.modes = wpa_drv_get_hw_feature_data(wpa_s, &num_modes,
2867 if (wpa_s->mlme.modes == NULL) {
2868 wpa_printf(MSG_ERROR, "MLME: Failed to read supported "
2869 "channels and rates from the driver");
2873 wpa_s->mlme.num_modes = num_modes;
2875 wpa_s->mlme.hw_modes = 1 << WPA_MODE_IEEE80211A;
2876 wpa_s->mlme.hw_modes |= 1 << WPA_MODE_IEEE80211B;
2877 wpa_s->mlme.hw_modes |= 1 << WPA_MODE_IEEE80211G;
2883 void ieee80211_sta_deinit(struct wpa_supplicant *wpa_s)
2885 eloop_cancel_timeout(ieee80211_sta_timer, wpa_s, NULL);
2886 eloop_cancel_timeout(ieee80211_sta_scan_timer, wpa_s, NULL);
2887 os_free(wpa_s->mlme.extra_ie);
2888 wpa_s->mlme.extra_ie = NULL;
2889 os_free(wpa_s->mlme.assocreq_ies);
2890 wpa_s->mlme.assocreq_ies = NULL;
2891 os_free(wpa_s->mlme.assocresp_ies);
2892 wpa_s->mlme.assocresp_ies = NULL;
2893 ieee80211_bss_list_deinit(wpa_s);
2894 ieee80211_sta_free_hw_features(wpa_s->mlme.modes,
2895 wpa_s->mlme.num_modes);
OSDN Git Service
