2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Purpose: Handles the 802.11 management functions
29 * nsMgrObjectInitial - Initialize Management Objet data structure
30 * vMgrObjectReset - Reset Management Object data structure
31 * vMgrAssocBeginSta - Start associate function
32 * vMgrReAssocBeginSta - Start reassociate function
33 * vMgrDisassocBeginSta - Start disassociate function
34 * s_vMgrRxAssocRequest - Handle Rcv associate_request
35 * s_vMgrRxAssocResponse - Handle Rcv associate_response
36 * vMrgAuthenBeginSta - Start authentication function
37 * vMgrDeAuthenDeginSta - Start deauthentication function
38 * s_vMgrRxAuthentication - Handle Rcv authentication
39 * s_vMgrRxAuthenSequence_1 - Handle Rcv authentication sequence 1
40 * s_vMgrRxAuthenSequence_2 - Handle Rcv authentication sequence 2
41 * s_vMgrRxAuthenSequence_3 - Handle Rcv authentication sequence 3
42 * s_vMgrRxAuthenSequence_4 - Handle Rcv authentication sequence 4
43 * s_vMgrRxDisassociation - Handle Rcv disassociation
44 * s_vMgrRxBeacon - Handle Rcv Beacon
45 * vMgrCreateOwnIBSS - Create ad_hoc IBSS or AP BSS
46 * vMgrJoinBSSBegin - Join BSS function
47 * s_vMgrSynchBSS - Synch & adopt BSS parameters
48 * s_MgrMakeBeacon - Create Baecon frame
49 * s_MgrMakeProbeResponse - Create Probe Response frame
50 * s_MgrMakeAssocRequest - Create Associate Request frame
51 * s_MgrMakeReAssocRequest - Create ReAssociate Request frame
52 * s_vMgrRxProbeResponse - Handle Rcv probe_response
53 * s_vMrgRxProbeRequest - Handle Rcv probe_request
54 * bMgrPrepareBeaconToSend - Prepare Beacon frame
55 * s_vMgrLogStatus - Log 802.11 Status
56 * vMgrRxManagePacket - Rcv management frame dispatch function
57 * s_vMgrFormatTIM- Assembler TIM field of beacon
58 * vMgrTimerInit- Initial 1-sec and command call back funtions
84 /*--------------------- Static Definitions -------------------------*/
88 /*--------------------- Static Classes ----------------------------*/
90 /*--------------------- Static Variables --------------------------*/
91 static int msglevel =MSG_LEVEL_INFO;
92 //static int msglevel =MSG_LEVEL_DEBUG;
94 /*--------------------- Static Functions --------------------------*/
96 static BOOL ChannelExceedZoneType(
101 // Association/diassociation functions
104 s_MgrMakeAssocRequest(
109 WORD wListenInterval,
110 PWLAN_IE_SSID pCurrSSID,
111 PWLAN_IE_SUPP_RATES pCurrRates,
112 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
117 s_vMgrRxAssocRequest(
120 PSRxMgmtPacket pRxPacket,
121 unsigned int uNodeIndex
126 s_MgrMakeReAssocRequest(
131 WORD wListenInterval,
132 PWLAN_IE_SSID pCurrSSID,
133 PWLAN_IE_SUPP_RATES pCurrRates,
134 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
139 s_vMgrRxAssocResponse(
142 PSRxMgmtPacket pRxPacket,
148 s_vMgrRxDisassociation(
151 PSRxMgmtPacket pRxPacket
154 // Authentication/deauthen functions
157 s_vMgrRxAuthenSequence_1(
160 PWLAN_FR_AUTHEN pFrame
165 s_vMgrRxAuthenSequence_2(
168 PWLAN_FR_AUTHEN pFrame
173 s_vMgrRxAuthenSequence_3(
176 PWLAN_FR_AUTHEN pFrame
181 s_vMgrRxAuthenSequence_4(
184 PWLAN_FR_AUTHEN pFrame
189 s_vMgrRxAuthentication(
192 PSRxMgmtPacket pRxPacket
197 s_vMgrRxDeauthentication(
200 PSRxMgmtPacket pRxPacket
204 // probe request/response functions
207 s_vMgrRxProbeRequest(
210 PSRxMgmtPacket pRxPacket
215 s_vMgrRxProbeResponse(
218 PSRxMgmtPacket pRxPacket
227 PSRxMgmtPacket pRxPacket,
244 WORD wCurrBeaconPeriod,
245 unsigned int uCurrChannel,
246 WORD wCurrATIMWinodw,
247 PWLAN_IE_SSID pCurrSSID,
249 PWLAN_IE_SUPP_RATES pCurrSuppRates,
250 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
254 // Association response
257 s_MgrMakeAssocResponse(
264 PWLAN_IE_SUPP_RATES pCurrSuppRates,
265 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
268 // ReAssociation response
271 s_MgrMakeReAssocResponse(
278 PWLAN_IE_SUPP_RATES pCurrSuppRates,
279 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
285 s_MgrMakeProbeResponse(
289 WORD wCurrBeaconPeriod,
290 unsigned int uCurrChannel,
291 WORD wCurrATIMWinodw,
293 PWLAN_IE_SSID pCurrSSID,
295 PWLAN_IE_SUPP_RATES pCurrSuppRates,
296 PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
313 unsigned int uBSSMode,
322 NDIS_802_11_ENCRYPTION_STATUS EncStatus,
327 static void Encyption_Rebuild(
332 /*--------------------- Export Variables --------------------------*/
334 /*--------------------- Export Functions --------------------------*/
338 * Routine Description:
339 * Allocates and initializes the Management object.
346 void vMgrObjectInit(void *hDeviceContext)
348 PSDevice pDevice = (PSDevice)hDeviceContext;
349 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
353 pMgmt->pbyPSPacketPool = &pMgmt->byPSPacketPool[0];
354 pMgmt->pbyMgmtPacketPool = &pMgmt->byMgmtPacketPool[0];
355 pMgmt->uCurrChannel = pDevice->uChannel;
356 for (ii = 0; ii < WLAN_BSSID_LEN; ii++)
357 pMgmt->abyDesireBSSID[ii] = 0xFF;
359 pMgmt->sAssocInfo.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
360 //memset(pMgmt->abyDesireSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN +1);
361 pMgmt->byCSSPK = KEY_CTL_NONE;
362 pMgmt->byCSSGK = KEY_CTL_NONE;
363 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
364 BSSvClearBSSList((void *) pDevice, FALSE);
366 init_timer(&pMgmt->sTimerSecondCallback);
367 pMgmt->sTimerSecondCallback.data = (unsigned long)pDevice;
368 pMgmt->sTimerSecondCallback.function = (TimerFunction)BSSvSecondCallBack;
369 pMgmt->sTimerSecondCallback.expires = RUN_AT(HZ);
371 init_timer(&pDevice->sTimerCommand);
372 pDevice->sTimerCommand.data = (unsigned long)pDevice;
373 pDevice->sTimerCommand.function = (TimerFunction)vRunCommand;
374 pDevice->sTimerCommand.expires = RUN_AT(HZ);
376 init_timer(&pDevice->sTimerTxData);
377 pDevice->sTimerTxData.data = (unsigned long)pDevice;
378 pDevice->sTimerTxData.function = (TimerFunction)BSSvSecondTxData;
379 pDevice->sTimerTxData.expires = RUN_AT(10*HZ); //10s callback
380 pDevice->fTxDataInSleep = FALSE;
381 pDevice->IsTxDataTrigger = FALSE;
382 pDevice->nTxDataTimeCout = 0;
384 pDevice->cbFreeCmdQueue = CMD_Q_SIZE;
385 pDevice->uCmdDequeueIdx = 0;
386 pDevice->uCmdEnqueueIdx = 0;
387 pDevice->eCommandState = WLAN_CMD_IDLE;
388 pDevice->bCmdRunning = FALSE;
389 pDevice->bCmdClear = FALSE;
396 * Routine Description:
397 * Start the station association procedure. Namely, send an
398 * association request frame to the AP.
405 void vMgrAssocBeginSta(void *hDeviceContext,
409 PSDevice pDevice = (PSDevice)hDeviceContext;
410 PSTxMgmtPacket pTxPacket;
413 pMgmt->wCurrCapInfo = 0;
414 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
415 if (pDevice->bEncryptionEnable) {
416 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
418 // always allow receive short preamble
419 //if (pDevice->byPreambleType == 1) {
420 // pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
422 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
423 if (pMgmt->wListenInterval == 0)
424 pMgmt->wListenInterval = 1; // at least one.
426 // ERP Phy (802.11g) should support short preamble.
427 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
428 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
429 if (pDevice->bShortSlotTime == TRUE)
430 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
432 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
433 if (pDevice->byPreambleType == 1) {
434 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
437 if (pMgmt->b11hEnable == TRUE)
438 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
440 // build an assocreq frame and send it
441 pTxPacket = s_MgrMakeAssocRequest
447 pMgmt->wListenInterval,
448 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
449 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
450 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
453 if (pTxPacket != NULL ){
455 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
456 if (*pStatus == CMD_STATUS_PENDING) {
457 pMgmt->eCurrState = WMAC_STATE_ASSOCPENDING;
458 *pStatus = CMD_STATUS_SUCCESS;
462 *pStatus = CMD_STATUS_RESOURCES;
470 * Routine Description:
471 * Start the station re-association procedure.
478 void vMgrReAssocBeginSta(void *hDeviceContext,
482 PSDevice pDevice = (PSDevice)hDeviceContext;
483 PSTxMgmtPacket pTxPacket;
487 pMgmt->wCurrCapInfo = 0;
488 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
489 if (pDevice->bEncryptionEnable) {
490 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
493 //if (pDevice->byPreambleType == 1) {
494 // pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
496 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
498 if (pMgmt->wListenInterval == 0)
499 pMgmt->wListenInterval = 1; // at least one.
502 // ERP Phy (802.11g) should support short preamble.
503 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
504 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
505 if (pDevice->bShortSlotTime == TRUE)
506 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
508 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
509 if (pDevice->byPreambleType == 1) {
510 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
513 if (pMgmt->b11hEnable == TRUE)
514 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
517 pTxPacket = s_MgrMakeReAssocRequest
523 pMgmt->wListenInterval,
524 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
525 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
526 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
529 if (pTxPacket != NULL ){
531 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
532 if (*pStatus != CMD_STATUS_PENDING) {
533 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx failed.\n");
536 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx sending.\n");
546 * Routine Description:
547 * Send an dis-association request frame to the AP.
554 void vMgrDisassocBeginSta(void *hDeviceContext,
556 PBYTE abyDestAddress,
560 PSDevice pDevice = (PSDevice)hDeviceContext;
561 PSTxMgmtPacket pTxPacket = NULL;
562 WLAN_FR_DISASSOC sFrame;
564 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
565 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DISASSOC_FR_MAXLEN);
566 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
568 // Setup the sFrame structure
569 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
570 sFrame.len = WLAN_DISASSOC_FR_MAXLEN;
572 // format fixed field frame structure
573 vMgrEncodeDisassociation(&sFrame);
576 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
578 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
579 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DISASSOC)
582 memcpy( sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
583 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
584 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
587 *(sFrame.pwReason) = cpu_to_le16(wReason);
588 pTxPacket->cbMPDULen = sFrame.len;
589 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
592 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
593 if (*pStatus == CMD_STATUS_PENDING) {
594 pMgmt->eCurrState = WMAC_STATE_IDLE;
595 *pStatus = CMD_STATUS_SUCCESS;
605 * Routine Description:(AP function)
606 * Handle incoming station association request frames.
615 s_vMgrRxAssocRequest(
618 PSRxMgmtPacket pRxPacket,
619 unsigned int uNodeIndex
622 WLAN_FR_ASSOCREQ sFrame;
624 PSTxMgmtPacket pTxPacket;
625 WORD wAssocStatus = 0;
627 unsigned int uRateLen = WLAN_RATES_MAXLEN;
628 BYTE abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
629 BYTE abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
632 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
634 // node index not found
638 //check if node is authenticated
640 memset(&sFrame, 0, sizeof(WLAN_FR_ASSOCREQ));
641 memset(abyCurrSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
642 memset(abyCurrExtSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
643 sFrame.len = pRxPacket->cbMPDULen;
644 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
646 vMgrDecodeAssocRequest(&sFrame);
648 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
649 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
650 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
651 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
652 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
653 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? TRUE : FALSE;
654 // Todo: check sta basic rate, if ap can't support, set status code
655 if (pDevice->byBBType == BB_TYPE_11B) {
656 uRateLen = WLAN_RATES_MAXLEN_11B;
658 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
659 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
660 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
662 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
663 if (pDevice->byBBType == BB_TYPE_11G) {
664 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
665 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
668 abyCurrExtSuppRates[1] = 0;
672 RATEvParseMaxRate((void *)pDevice,
673 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
674 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
675 FALSE, // do not change our basic rate
676 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
677 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
678 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
679 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
680 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
684 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
685 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
686 // Todo: check sta preamble, if ap can't support, set status code
687 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
688 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
689 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
690 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
691 pMgmt->sNodeDBTable[uNodeIndex].wAID = (WORD)uNodeIndex;
692 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
693 wAssocAID = (WORD)uNodeIndex;
694 // check if ERP support
695 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
696 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
698 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
700 pDevice->bProtectMode = TRUE;
701 pDevice->bNonERPPresent = TRUE;
703 if (pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble == FALSE) {
704 pDevice->bBarkerPreambleMd = TRUE;
707 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Associate AID= %d \n", wAssocAID);
708 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
709 sFrame.pHdr->sA3.abyAddr2[0],
710 sFrame.pHdr->sA3.abyAddr2[1],
711 sFrame.pHdr->sA3.abyAddr2[2],
712 sFrame.pHdr->sA3.abyAddr2[3],
713 sFrame.pHdr->sA3.abyAddr2[4],
714 sFrame.pHdr->sA3.abyAddr2[5]
716 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
717 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
721 // assoc response reply..
722 pTxPacket = s_MgrMakeAssocResponse
729 sFrame.pHdr->sA3.abyAddr2,
730 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
731 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
733 if (pTxPacket != NULL ){
735 if (pDevice->bEnableHostapd) {
739 Status = csMgmt_xmit(pDevice, pTxPacket);
740 if (Status != CMD_STATUS_PENDING) {
741 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx failed\n");
744 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx sending..\n");
755 * Description:(AP function)
756 * Handle incoming station re-association request frames.
760 * pMgmt - Management Object structure
761 * pRxPacket - Received Packet
765 * Return Value: None.
771 s_vMgrRxReAssocRequest(
774 PSRxMgmtPacket pRxPacket,
775 unsigned int uNodeIndex
778 WLAN_FR_REASSOCREQ sFrame;
780 PSTxMgmtPacket pTxPacket;
781 WORD wAssocStatus = 0;
783 unsigned int uRateLen = WLAN_RATES_MAXLEN;
784 BYTE abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
785 BYTE abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
787 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
789 // node index not found
792 //check if node is authenticated
794 memset(&sFrame, 0, sizeof(WLAN_FR_REASSOCREQ));
795 sFrame.len = pRxPacket->cbMPDULen;
796 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
797 vMgrDecodeReassocRequest(&sFrame);
799 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
800 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
801 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
802 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
803 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
804 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? TRUE : FALSE;
805 // Todo: check sta basic rate, if ap can't support, set status code
807 if (pDevice->byBBType == BB_TYPE_11B) {
808 uRateLen = WLAN_RATES_MAXLEN_11B;
811 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
812 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
813 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
815 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
816 if (pDevice->byBBType == BB_TYPE_11G) {
817 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
818 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
821 abyCurrExtSuppRates[1] = 0;
825 RATEvParseMaxRate((void *)pDevice,
826 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
827 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
828 FALSE, // do not change our basic rate
829 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
830 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
831 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
832 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
833 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
837 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
838 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
839 // Todo: check sta preamble, if ap can't support, set status code
840 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
841 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
842 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
843 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
844 pMgmt->sNodeDBTable[uNodeIndex].wAID = (WORD)uNodeIndex;
845 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
846 wAssocAID = (WORD)uNodeIndex;
849 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
850 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
852 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
854 pDevice->bProtectMode = TRUE;
855 pDevice->bNonERPPresent = TRUE;
857 if (pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble == FALSE) {
858 pDevice->bBarkerPreambleMd = TRUE;
861 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Rx ReAssociate AID= %d \n", wAssocAID);
862 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
863 sFrame.pHdr->sA3.abyAddr2[0],
864 sFrame.pHdr->sA3.abyAddr2[1],
865 sFrame.pHdr->sA3.abyAddr2[2],
866 sFrame.pHdr->sA3.abyAddr2[3],
867 sFrame.pHdr->sA3.abyAddr2[4],
868 sFrame.pHdr->sA3.abyAddr2[5]
870 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
871 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
876 // assoc response reply..
877 pTxPacket = s_MgrMakeReAssocResponse
884 sFrame.pHdr->sA3.abyAddr2,
885 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
886 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
889 if (pTxPacket != NULL ){
891 if (pDevice->bEnableHostapd) {
894 Status = csMgmt_xmit(pDevice, pTxPacket);
895 if (Status != CMD_STATUS_PENDING) {
896 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx failed\n");
899 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx sending..\n");
908 * Routine Description:
909 * Handle incoming association response frames.
918 s_vMgrRxAssocResponse(
921 PSRxMgmtPacket pRxPacket,
925 WLAN_FR_ASSOCRESP sFrame;
926 PWLAN_IE_SSID pItemSSID;
931 if (pMgmt->eCurrState == WMAC_STATE_ASSOCPENDING ||
932 pMgmt->eCurrState == WMAC_STATE_ASSOC) {
934 sFrame.len = pRxPacket->cbMPDULen;
935 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
937 vMgrDecodeAssocResponse(&sFrame);
938 if ((sFrame.pwCapInfo == NULL)
939 || (sFrame.pwStatus == NULL)
940 || (sFrame.pwAid == NULL)
941 || (sFrame.pSuppRates == NULL)) {
946 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.Capabilities = *(sFrame.pwCapInfo);
947 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.StatusCode = *(sFrame.pwStatus);
948 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.AssociationId = *(sFrame.pwAid);
949 pMgmt->sAssocInfo.AssocInfo.AvailableResponseFixedIEs |= 0x07;
951 pMgmt->sAssocInfo.AssocInfo.ResponseIELength = sFrame.len - 24 - 6;
952 pMgmt->sAssocInfo.AssocInfo.OffsetResponseIEs = pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs + pMgmt->sAssocInfo.AssocInfo.RequestIELength;
953 pbyIEs = pMgmt->sAssocInfo.abyIEs;
954 pbyIEs += pMgmt->sAssocInfo.AssocInfo.RequestIELength;
955 memcpy(pbyIEs, (sFrame.pBuf + 24 +6), pMgmt->sAssocInfo.AssocInfo.ResponseIELength);
957 // save values and set current BSS state
958 if (cpu_to_le16((*(sFrame.pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
960 pMgmt->wCurrAID = cpu_to_le16((*(sFrame.pwAid)));
961 if ( (pMgmt->wCurrAID >> 14) != (BIT0 | BIT1) )
963 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "AID from AP, has two msb clear.\n");
965 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Association Successful, AID=%d.\n", pMgmt->wCurrAID & ~(BIT14|BIT15));
966 pMgmt->eCurrState = WMAC_STATE_ASSOC;
967 BSSvUpdateAPNode((void *) pDevice,
970 sFrame.pExtSuppRates);
971 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyCurrSSID;
972 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Link with AP(SSID): %s\n", pItemSSID->abySSID);
973 pDevice->bLinkPass = TRUE;
974 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_INTER);
976 //if(pDevice->bWPASuppWextEnabled == TRUE)
980 union iwreq_data wrqu;
985 len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
987 memcpy(buf, pMgmt->sAssocInfo.abyIEs, len);
988 memset(&wrqu, 0, sizeof (wrqu));
989 wrqu.data.length = len;
990 we_event = IWEVASSOCREQIE;
991 PRINT_K("wireless_send_event--->IWEVASSOCREQIE\n");
992 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
996 len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
999 memcpy(buf, pbyIEs, len);
1000 memset(&wrqu, 0, sizeof (wrqu));
1001 wrqu.data.length = len;
1002 we_event = IWEVASSOCRESPIE;
1003 PRINT_K("wireless_send_event--->IWEVASSOCRESPIE\n");
1004 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1007 memset(&wrqu, 0, sizeof (wrqu));
1008 memcpy(wrqu.ap_addr.sa_data, &pMgmt->abyCurrBSSID[0], ETH_ALEN);
1009 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1010 PRINT_K("wireless_send_event--->SIOCGIWAP(associated)\n");
1011 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1018 pMgmt->eCurrState = WMAC_STATE_IDLE;
1021 // jump back to the auth state and indicate the error
1022 pMgmt->eCurrState = WMAC_STATE_AUTH;
1024 s_vMgrLogStatus(pMgmt,cpu_to_le16((*(sFrame.pwStatus))));
1029 //need clear flags related to Networkmanager
1030 pDevice->bwextstep0 = FALSE;
1031 pDevice->bwextstep1 = FALSE;
1032 pDevice->bwextstep2 = FALSE;
1033 pDevice->bwextstep3 = FALSE;
1034 pDevice->bWPASuppWextEnabled = FALSE;
1036 if(pMgmt->eCurrState == WMAC_STATE_ASSOC)
1037 timer_expire(pDevice->sTimerCommand, 0);
1044 * Routine Description:
1045 * Start the station authentication procedure. Namely, send an
1046 * authentication frame to the AP.
1053 void vMgrAuthenBeginSta(void *hDeviceContext,
1055 PCMD_STATUS pStatus)
1057 PSDevice pDevice = (PSDevice)hDeviceContext;
1058 WLAN_FR_AUTHEN sFrame;
1059 PSTxMgmtPacket pTxPacket = NULL;
1061 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1062 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1063 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1064 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1065 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1066 vMgrEncodeAuthen(&sFrame);
1068 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1070 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1071 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)
1073 memcpy( sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_ADDR_LEN);
1074 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1075 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1076 if (pMgmt->bShareKeyAlgorithm)
1077 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_SHAREDKEY);
1079 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_OPENSYSTEM);
1081 *(sFrame.pwAuthSequence) = cpu_to_le16(1);
1082 /* Adjust the length fields */
1083 pTxPacket->cbMPDULen = sFrame.len;
1084 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1086 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1087 if (*pStatus == CMD_STATUS_PENDING){
1088 pMgmt->eCurrState = WMAC_STATE_AUTHPENDING;
1089 *pStatus = CMD_STATUS_SUCCESS;
1097 * Routine Description:
1098 * Start the station(AP) deauthentication procedure. Namely, send an
1099 * deauthentication frame to the AP or Sta.
1106 void vMgrDeAuthenBeginSta(void *hDeviceContext,
1108 PBYTE abyDestAddress,
1110 PCMD_STATUS pStatus)
1112 PSDevice pDevice = (PSDevice)hDeviceContext;
1113 WLAN_FR_DEAUTHEN sFrame;
1114 PSTxMgmtPacket pTxPacket = NULL;
1117 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1118 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DEAUTHEN_FR_MAXLEN);
1119 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1120 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1121 sFrame.len = WLAN_DEAUTHEN_FR_MAXLEN;
1122 vMgrEncodeDeauthen(&sFrame);
1124 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1126 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1127 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DEAUTHEN)
1130 memcpy( sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
1131 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1132 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1134 *(sFrame.pwReason) = cpu_to_le16(wReason); // deauthen. bcs left BSS
1135 /* Adjust the length fields */
1136 pTxPacket->cbMPDULen = sFrame.len;
1137 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1139 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1140 if (*pStatus == CMD_STATUS_PENDING){
1141 *pStatus = CMD_STATUS_SUCCESS;
1151 * Routine Description:
1152 * Handle incoming authentication frames.
1161 s_vMgrRxAuthentication(
1164 PSRxMgmtPacket pRxPacket
1167 WLAN_FR_AUTHEN sFrame;
1169 // we better be an AP or a STA in AUTHPENDING otherwise ignore
1170 if (!(pMgmt->eCurrMode == WMAC_MODE_ESS_AP ||
1171 pMgmt->eCurrState == WMAC_STATE_AUTHPENDING)) {
1176 sFrame.len = pRxPacket->cbMPDULen;
1177 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1178 vMgrDecodeAuthen(&sFrame);
1179 switch (cpu_to_le16((*(sFrame.pwAuthSequence )))){
1182 s_vMgrRxAuthenSequence_1(pDevice,pMgmt, &sFrame);
1185 s_vMgrRxAuthenSequence_2(pDevice, pMgmt, &sFrame);
1189 s_vMgrRxAuthenSequence_3(pDevice, pMgmt, &sFrame);
1192 s_vMgrRxAuthenSequence_4(pDevice, pMgmt, &sFrame);
1195 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Auth Sequence error, seq = %d\n",
1196 cpu_to_le16((*(sFrame.pwAuthSequence))));
1206 * Routine Description:
1207 * Handles incoming authen frames with sequence 1. Currently
1208 * assumes we're an AP. So far, no one appears to use authentication
1219 s_vMgrRxAuthenSequence_1(
1222 PWLAN_FR_AUTHEN pFrame
1225 PSTxMgmtPacket pTxPacket = NULL;
1226 unsigned int uNodeIndex;
1227 WLAN_FR_AUTHEN sFrame;
1228 PSKeyItem pTransmitKey;
1230 // Insert a Node entry
1231 if (!BSSbIsSTAInNodeDB(pDevice, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1232 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
1233 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, pFrame->pHdr->sA3.abyAddr2,
1237 if (pMgmt->bShareKeyAlgorithm) {
1238 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_KNOWN;
1239 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 1;
1242 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1246 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1247 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1248 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1249 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1250 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1251 // format buffer structure
1252 vMgrEncodeAuthen(&sFrame);
1254 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1256 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1257 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1258 WLAN_SET_FC_ISWEP(0)
1260 memcpy( sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1261 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1262 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1263 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1264 *(sFrame.pwAuthSequence) = cpu_to_le16(2);
1266 if (cpu_to_le16(*(pFrame->pwAuthAlgorithm)) == WLAN_AUTH_ALG_SHAREDKEY) {
1267 if (pMgmt->bShareKeyAlgorithm)
1268 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1270 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1273 if (pMgmt->bShareKeyAlgorithm)
1274 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1276 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1279 if (pMgmt->bShareKeyAlgorithm &&
1280 (cpu_to_le16(*(sFrame.pwStatus)) == WLAN_MGMT_STATUS_SUCCESS)) {
1282 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1283 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1284 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1285 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1286 memset(pMgmt->abyChallenge, 0, WLAN_CHALLENGE_LEN);
1288 if(KeybGetTransmitKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, GROUP_KEY, &pTransmitKey) == TRUE) {
1289 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pTransmitKey->uKeyLength+3);
1290 rc4_encrypt(&pDevice->SBox, pMgmt->abyChallenge, pMgmt->abyChallenge, WLAN_CHALLENGE_LEN);
1292 memcpy(sFrame.pChallenge->abyChallenge, pMgmt->abyChallenge , WLAN_CHALLENGE_LEN);
1295 /* Adjust the length fields */
1296 pTxPacket->cbMPDULen = sFrame.len;
1297 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1299 if (pDevice->bEnableHostapd) {
1302 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx.. \n");
1303 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1304 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx failed.\n");
1313 * Routine Description:
1314 * Handles incoming auth frames with sequence number 2. Currently
1315 * assumes we're a station.
1325 s_vMgrRxAuthenSequence_2(
1328 PWLAN_FR_AUTHEN pFrame
1331 WLAN_FR_AUTHEN sFrame;
1332 PSTxMgmtPacket pTxPacket = NULL;
1335 switch (cpu_to_le16((*(pFrame->pwAuthAlgorithm))))
1337 case WLAN_AUTH_ALG_OPENSYSTEM:
1338 if ( cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1339 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Successful.\n");
1340 pMgmt->eCurrState = WMAC_STATE_AUTH;
1341 timer_expire(pDevice->sTimerCommand, 0);
1344 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Failed.\n");
1345 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1346 pMgmt->eCurrState = WMAC_STATE_IDLE;
1348 if (pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT) {
1349 /* spin_unlock_irq(&pDevice->lock);
1350 vCommandTimerWait((void *) pDevice, 0);
1351 spin_lock_irq(&pDevice->lock); */
1355 case WLAN_AUTH_ALG_SHAREDKEY:
1357 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1358 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1359 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1360 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1361 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1362 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1363 // format buffer structure
1364 vMgrEncodeAuthen(&sFrame);
1366 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1368 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1369 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1370 WLAN_SET_FC_ISWEP(1)
1372 memcpy( sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1373 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1374 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1375 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1376 *(sFrame.pwAuthSequence) = cpu_to_le16(3);
1377 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1378 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1379 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1380 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1381 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1382 memcpy( sFrame.pChallenge->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN);
1383 // Adjust the length fields
1384 pTxPacket->cbMPDULen = sFrame.len;
1385 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1387 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1388 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx failed.\n");
1390 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx ...\n");
1393 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:rx Auth_reply sequence_2 status error ...\n");
1394 if ( pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1395 /* spin_unlock_irq(&pDevice->lock);
1396 vCommandTimerWait((void *) pDevice, 0);
1397 spin_lock_irq(&pDevice->lock); */
1399 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1403 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt: rx auth.seq = 2 unknown AuthAlgorithm=%d\n", cpu_to_le16((*(pFrame->pwAuthAlgorithm))));
1413 * Routine Description:
1414 * Handles incoming authen frames with sequence 3. Currently
1415 * assumes we're an AP. This function assumes the frame has
1416 * already been successfully decrypted.
1426 s_vMgrRxAuthenSequence_3(
1429 PWLAN_FR_AUTHEN pFrame
1432 PSTxMgmtPacket pTxPacket = NULL;
1433 unsigned int uStatusCode = 0 ;
1434 unsigned int uNodeIndex = 0;
1435 WLAN_FR_AUTHEN sFrame;
1437 if (!WLAN_GET_FC_ISWEP(pFrame->pHdr->sA3.wFrameCtl)) {
1438 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1441 if (BSSbIsSTAInNodeDB(pDevice, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1442 if (pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence != 1) {
1443 uStatusCode = WLAN_MGMT_STATUS_RX_AUTH_NOSEQ;
1446 if (memcmp(pMgmt->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN) != 0) {
1447 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1452 uStatusCode = WLAN_MGMT_STATUS_UNSPEC_FAILURE;
1457 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1458 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 0;
1460 uStatusCode = WLAN_MGMT_STATUS_SUCCESS;
1461 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Challenge text check ok..\n");
1465 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1466 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1467 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1468 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1469 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1470 // format buffer structure
1471 vMgrEncodeAuthen(&sFrame);
1473 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1475 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1476 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1477 WLAN_SET_FC_ISWEP(0)
1479 memcpy( sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1480 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1481 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1482 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1483 *(sFrame.pwAuthSequence) = cpu_to_le16(4);
1484 *(sFrame.pwStatus) = cpu_to_le16(uStatusCode);
1486 /* Adjust the length fields */
1487 pTxPacket->cbMPDULen = sFrame.len;
1488 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1490 if (pDevice->bEnableHostapd) {
1493 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1494 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_4 tx failed.\n");
1504 * Routine Description:
1505 * Handles incoming authen frames with sequence 4
1514 s_vMgrRxAuthenSequence_4(
1517 PWLAN_FR_AUTHEN pFrame
1521 if ( cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1522 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Successful.\n");
1523 pMgmt->eCurrState = WMAC_STATE_AUTH;
1524 timer_expire(pDevice->sTimerCommand, 0);
1527 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Failed.\n");
1528 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))) );
1529 pMgmt->eCurrState = WMAC_STATE_IDLE;
1532 if ( pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1533 /* spin_unlock_irq(&pDevice->lock);
1534 vCommandTimerWait((void *) pDevice, 0);
1535 spin_lock_irq(&pDevice->lock); */
1541 * Routine Description:
1542 * Handles incoming disassociation frames
1552 s_vMgrRxDisassociation(
1555 PSRxMgmtPacket pRxPacket
1558 WLAN_FR_DISASSOC sFrame;
1559 unsigned int uNodeIndex = 0;
1560 CMD_STATUS CmdStatus;
1562 if ( pMgmt->eCurrMode == WMAC_MODE_ESS_AP ){
1563 // if is acting an AP..
1564 // a STA is leaving this BSS..
1565 sFrame.len = pRxPacket->cbMPDULen;
1566 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1567 if (BSSbIsSTAInNodeDB(pDevice, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex)) {
1568 BSSvRemoveOneNode(pDevice, uNodeIndex);
1571 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx disassoc, sta not found\n");
1574 else if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA ){
1575 sFrame.len = pRxPacket->cbMPDULen;
1576 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1577 vMgrDecodeDisassociation(&sFrame);
1578 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP disassociated me, reason=%d.\n", cpu_to_le16(*(sFrame.pwReason)));
1580 pDevice->fWPA_Authened = FALSE;
1582 //TODO: do something let upper layer know or
1583 //try to send associate packet again because of inactivity timeout
1584 if (pMgmt->eCurrState == WMAC_STATE_ASSOC) {
1585 pDevice->bLinkPass = FALSE;
1586 pMgmt->sNodeDBTable[0].bActive = FALSE;
1587 pDevice->byReAssocCount = 0;
1588 pMgmt->eCurrState = WMAC_STATE_AUTH; // jump back to the auth state!
1589 pDevice->eCommandState = WLAN_ASSOCIATE_WAIT;
1590 vMgrReAssocBeginSta((PSDevice)pDevice, pMgmt, &CmdStatus);
1591 if(CmdStatus == CMD_STATUS_PENDING) {
1592 pDevice->byReAssocCount ++;
1593 return; //mike add: you'll retry for many times, so it cann't be regarded as disconnected!
1597 // if(pDevice->bWPASuppWextEnabled == TRUE)
1599 union iwreq_data wrqu;
1600 memset(&wrqu, 0, sizeof (wrqu));
1601 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1602 PRINT_K("wireless_send_event--->SIOCGIWAP(disassociated)\n");
1603 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1606 /* else, ignore it */
1614 * Routine Description:
1615 * Handles incoming deauthentication frames
1625 s_vMgrRxDeauthentication(
1628 PSRxMgmtPacket pRxPacket
1631 WLAN_FR_DEAUTHEN sFrame;
1632 unsigned int uNodeIndex = 0;
1635 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP ){
1637 // if is acting an AP..
1638 // a STA is leaving this BSS..
1639 sFrame.len = pRxPacket->cbMPDULen;
1640 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1641 if (BSSbIsSTAInNodeDB(pDevice, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex)) {
1642 BSSvRemoveOneNode(pDevice, uNodeIndex);
1645 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Rx deauth, sta not found\n");
1649 if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA ) {
1650 sFrame.len = pRxPacket->cbMPDULen;
1651 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1652 vMgrDecodeDeauthen(&sFrame);
1653 pDevice->fWPA_Authened = FALSE;
1654 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP deauthed me, reason=%d.\n", cpu_to_le16((*(sFrame.pwReason))));
1655 // TODO: update BSS list for specific BSSID if pre-authentication case
1656 if (!compare_ether_addr(sFrame.pHdr->sA3.abyAddr3,
1657 pMgmt->abyCurrBSSID)) {
1658 if (pMgmt->eCurrState >= WMAC_STATE_AUTHPENDING) {
1659 pMgmt->sNodeDBTable[0].bActive = FALSE;
1660 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
1661 pMgmt->eCurrState = WMAC_STATE_IDLE;
1662 netif_stop_queue(pDevice->dev);
1663 pDevice->bLinkPass = FALSE;
1664 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_SLOW);
1668 // if(pDevice->bWPASuppWextEnabled == TRUE)
1670 union iwreq_data wrqu;
1671 memset(&wrqu, 0, sizeof (wrqu));
1672 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1673 PRINT_K("wireless_send_event--->SIOCGIWAP(disauthen)\n");
1674 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1678 /* else, ignore it. TODO: IBSS authentication service
1679 would be implemented here */
1686 * Routine Description:
1687 * check if current channel is match ZoneType.
1696 ChannelExceedZoneType(
1703 switch(pDevice->byZoneType) {
1704 case 0x00: //USA:1~11
1705 if((byCurrChannel<1) ||(byCurrChannel>11))
1708 case 0x01: //Japan:1~13
1709 case 0x02: //Europe:1~13
1710 if((byCurrChannel<1) ||(byCurrChannel>13))
1713 default: //reserve for other zonetype
1722 * Routine Description:
1723 * Handles and analysis incoming beacon frames.
1736 PSRxMgmtPacket pRxPacket,
1742 WLAN_FR_BEACON sFrame;
1744 BOOL bIsBSSIDEqual = FALSE;
1745 BOOL bIsSSIDEqual = FALSE;
1746 BOOL bTSFLargeDiff = FALSE;
1747 BOOL bTSFOffsetPostive = FALSE;
1748 BOOL bUpdateTSF = FALSE;
1749 BOOL bIsAPBeacon = FALSE;
1750 BOOL bIsChannelEqual = FALSE;
1751 unsigned int uLocateByteIndex;
1752 BYTE byTIMBitOn = 0;
1753 WORD wAIDNumber = 0;
1754 unsigned int uNodeIndex;
1755 u64 qwTimestamp, qwLocalTSF;
1757 WORD wStartIndex = 0;
1759 BYTE byCurrChannel = pRxPacket->byRxChannel;
1761 unsigned int uRateLen = WLAN_RATES_MAXLEN;
1762 BOOL bChannelHit = FALSE;
1763 BYTE byOldPreambleType;
1767 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)
1770 memset(&sFrame, 0, sizeof(WLAN_FR_BEACON));
1771 sFrame.len = pRxPacket->cbMPDULen;
1772 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1774 // decode the beacon frame
1775 vMgrDecodeBeacon(&sFrame);
1777 if ((sFrame.pwBeaconInterval == NULL)
1778 || (sFrame.pwCapInfo == NULL)
1779 || (sFrame.pSSID == NULL)
1780 || (sFrame.pSuppRates == NULL)) {
1782 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx beacon frame error\n");
1786 if( byCurrChannel > CB_MAX_CHANNEL_24G )
1788 if (sFrame.pDSParms != NULL) {
1789 if (byCurrChannel == RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1])
1791 byCurrChannel = RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1];
1797 if (sFrame.pDSParms != NULL) {
1798 if (byCurrChannel == sFrame.pDSParms->byCurrChannel)
1800 byCurrChannel = sFrame.pDSParms->byCurrChannel;
1806 if(ChannelExceedZoneType(pDevice,byCurrChannel)==TRUE)
1809 if (sFrame.pERP != NULL) {
1810 sERP.byERP = sFrame.pERP->byContext;
1811 sERP.bERPExist = TRUE;
1814 sERP.bERPExist = FALSE;
1818 pBSSList = BSSpAddrIsInBSSList((void *) pDevice,
1819 sFrame.pHdr->sA3.abyAddr3,
1821 if (pBSSList == NULL) {
1822 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Beacon/insert: RxChannel = : %d\n", byCurrChannel);
1823 BSSbInsertToBSSList((void *) pDevice,
1824 sFrame.pHdr->sA3.abyAddr3,
1825 *sFrame.pqwTimestamp,
1826 *sFrame.pwBeaconInterval,
1831 sFrame.pExtSuppRates,
1837 sFrame.len - WLAN_HDR_ADDR3_LEN,
1838 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
1839 (void *) pRxPacket);
1842 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"update bcn: RxChannel = : %d\n", byCurrChannel);
1843 BSSbUpdateToBSSList((void *) pDevice,
1844 *sFrame.pqwTimestamp,
1845 *sFrame.pwBeaconInterval,
1851 sFrame.pExtSuppRates,
1858 sFrame.len - WLAN_HDR_ADDR3_LEN,
1859 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
1860 (void *) pRxPacket);
1868 if(byCurrChannel == (BYTE)pMgmt->uCurrChannel)
1869 bIsChannelEqual = TRUE;
1871 if (bIsChannelEqual && (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)) {
1873 // if rx beacon without ERP field
1874 if (sERP.bERPExist) {
1875 if (WLAN_GET_ERP_USE_PROTECTION(sERP.byERP)){
1876 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
1877 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
1881 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
1882 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
1885 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
1886 if(!WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo))
1887 pDevice->byERPFlag |= WLAN_SET_ERP_BARKER_MODE(1);
1889 pDevice->byERPFlag |= WLAN_SET_ERP_NONERP_PRESENT(1);
1893 // check if BSSID the same
1894 if (memcmp(sFrame.pHdr->sA3.abyAddr3,
1895 pMgmt->abyCurrBSSID,
1896 WLAN_BSSID_LEN) == 0) {
1898 bIsBSSIDEqual = TRUE;
1899 pDevice->uCurrRSSI = pRxPacket->uRSSI;
1900 pDevice->byCurrSQ = pRxPacket->bySQ;
1901 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0) {
1902 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
1903 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"BCN:Wake Count= [%d]\n", pMgmt->wCountToWakeUp);
1906 // check if SSID the same
1907 if (sFrame.pSSID->len == ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) {
1908 if (memcmp(sFrame.pSSID->abySSID,
1909 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
1912 bIsSSIDEqual = TRUE;
1916 if ((WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)== TRUE) &&
1917 (bIsBSSIDEqual == TRUE) &&
1918 (bIsSSIDEqual == TRUE) &&
1919 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
1920 (pMgmt->eCurrState == WMAC_STATE_ASSOC)) {
1921 // add state check to prevent reconnect fail since we'll receive Beacon
1924 if (pBSSList != NULL) {
1927 if ((pBSSList->sERP.bERPExist == TRUE) && (pDevice->byBBType == BB_TYPE_11G)) {
1928 if ((pBSSList->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION) != pDevice->bProtectMode) {//0000 0010
1929 pDevice->bProtectMode = (pBSSList->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
1930 if (pDevice->bProtectMode) {
1931 MACvEnableProtectMD(pDevice);
1933 MACvDisableProtectMD(pDevice);
1935 vUpdateIFS(pDevice);
1937 if ((pBSSList->sERP.byERP & WLAN_EID_ERP_NONERP_PRESENT) != pDevice->bNonERPPresent) {//0000 0001
1938 pDevice->bNonERPPresent = (pBSSList->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
1940 if ((pBSSList->sERP.byERP & WLAN_EID_ERP_BARKER_MODE) != pDevice->bBarkerPreambleMd) {//0000 0100
1941 pDevice->bBarkerPreambleMd = (pBSSList->sERP.byERP & WLAN_EID_ERP_BARKER_MODE);
1942 //BarkerPreambleMd has higher priority than shortPreamble bit in Cap
1943 if (pDevice->bBarkerPreambleMd) {
1944 MACvEnableBarkerPreambleMd(pDevice);
1946 MACvDisableBarkerPreambleMd(pDevice);
1950 // Sync Short Slot Time
1951 if (WLAN_GET_CAP_INFO_SHORTSLOTTIME(pBSSList->wCapInfo) != pDevice->bShortSlotTime) {
1952 BOOL bShortSlotTime;
1954 bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(pBSSList->wCapInfo);
1955 //DBG_PRN_WLAN05(("Set Short Slot Time: %d\n", pDevice->bShortSlotTime));
1956 //Kyle check if it is OK to set G.
1957 if (pDevice->byBBType == BB_TYPE_11A) {
1958 bShortSlotTime = TRUE;
1960 else if (pDevice->byBBType == BB_TYPE_11B) {
1961 bShortSlotTime = FALSE;
1963 if (bShortSlotTime != pDevice->bShortSlotTime) {
1964 pDevice->bShortSlotTime = bShortSlotTime;
1965 BBvSetShortSlotTime(pDevice);
1966 vUpdateIFS(pDevice);
1971 // Preamble may change dynamically
1973 byOldPreambleType = pDevice->byPreambleType;
1974 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(pBSSList->wCapInfo)) {
1975 pDevice->byPreambleType = pDevice->byShortPreamble;
1978 pDevice->byPreambleType = 0;
1980 if (pDevice->byPreambleType != byOldPreambleType)
1981 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
1983 // Basic Rate Set may change dynamically
1985 if (pBSSList->eNetworkTypeInUse == PHY_TYPE_11B) {
1986 uRateLen = WLAN_RATES_MAXLEN_11B;
1988 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abySuppRates,
1989 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
1991 pMgmt->abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abyExtSuppRates,
1992 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
1994 RATEvParseMaxRate((void *)pDevice,
1995 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
1996 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
1998 &(pMgmt->sNodeDBTable[0].wMaxBasicRate),
1999 &(pMgmt->sNodeDBTable[0].wMaxSuppRate),
2000 &(pMgmt->sNodeDBTable[0].wSuppRate),
2001 &(pMgmt->sNodeDBTable[0].byTopCCKBasicRate),
2002 &(pMgmt->sNodeDBTable[0].byTopOFDMBasicRate)
2008 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Beacon 2 \n");
2009 // check if CF field exisit
2010 if (WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)) {
2011 if (sFrame.pCFParms->wCFPDurRemaining > 0) {
2012 // TODO: deal with CFP period to set NAV
2016 qwTimestamp = cpu_to_le64(*sFrame.pqwTimestamp);
2017 qwLocalTSF = pRxPacket->qwLocalTSF;
2019 // check if beacon TSF larger or small than our local TSF
2020 if (qwTimestamp >= qwLocalTSF)
2021 bTSFOffsetPostive = TRUE;
2023 bTSFOffsetPostive = FALSE;
2025 if (bTSFOffsetPostive) {
2026 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwTimestamp), (qwLocalTSF));
2029 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwLocalTSF), (qwTimestamp));
2032 if (qwTSFOffset > TRIVIAL_SYNC_DIFFERENCE)
2033 bTSFLargeDiff = TRUE;
2037 if (bIsAPBeacon == TRUE) {
2039 // Infra mode: Local TSF always follow AP's TSF if Difference huge.
2043 if ((pDevice->bEnablePSMode == TRUE) && (sFrame.pTIM)) {
2045 /* deal with DTIM, analysis TIM */
2046 pMgmt->bMulticastTIM = WLAN_MGMT_IS_MULTICAST_TIM(sFrame.pTIM->byBitMapCtl) ? TRUE : FALSE ;
2047 pMgmt->byDTIMCount = sFrame.pTIM->byDTIMCount;
2048 pMgmt->byDTIMPeriod = sFrame.pTIM->byDTIMPeriod;
2049 wAIDNumber = pMgmt->wCurrAID & ~(BIT14|BIT15);
2051 // check if AID in TIM field bit on
2053 wStartIndex = WLAN_MGMT_GET_TIM_OFFSET(sFrame.pTIM->byBitMapCtl) << 1;
2055 wAIDIndex = (wAIDNumber >> 3);
2056 if ((wAIDNumber > 0) && (wAIDIndex >= wStartIndex)) {
2057 uLocateByteIndex = wAIDIndex - wStartIndex;
2058 // len = byDTIMCount + byDTIMPeriod + byDTIMPeriod + byVirtBitMap[0~250]
2059 if (sFrame.pTIM->len >= (uLocateByteIndex + 4)) {
2060 byTIMBitOn = (0x01) << ((wAIDNumber) % 8);
2061 pMgmt->bInTIM = sFrame.pTIM->byVirtBitMap[uLocateByteIndex] & byTIMBitOn ? TRUE : FALSE;
2064 pMgmt->bInTIM = FALSE;
2068 pMgmt->bInTIM = FALSE;
2071 if (pMgmt->bInTIM ||
2072 (pMgmt->bMulticastTIM && (pMgmt->byDTIMCount == 0))) {
2073 pMgmt->bInTIMWake = TRUE;
2074 // send out ps-poll packet
2075 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN:In TIM\n");
2076 if (pMgmt->bInTIM) {
2077 PSvSendPSPOLL((PSDevice)pDevice);
2078 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN:PS-POLL sent..\n");
2083 pMgmt->bInTIMWake = FALSE;
2084 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Not In TIM..\n");
2085 if (pDevice->bPWBitOn == FALSE) {
2086 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Send Null Packet\n");
2087 if (PSbSendNullPacket(pDevice))
2088 pDevice->bPWBitOn = TRUE;
2090 if(PSbConsiderPowerDown(pDevice, FALSE, FALSE)) {
2091 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Power down now...\n");
2099 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && !bIsAPBeacon && bIsChannelEqual) {
2100 if (bIsBSSIDEqual) {
2101 // Use sNodeDBTable[0].uInActiveCount as IBSS beacons received count.
2102 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
2103 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2105 // adhoc mode:TSF updated only when beacon larger then local TSF
2106 if (bTSFLargeDiff && bTSFOffsetPostive &&
2107 (pMgmt->eCurrState == WMAC_STATE_JOINTED))
2110 // During dpc, already in spinlocked.
2111 if (BSSbIsSTAInNodeDB(pDevice, sFrame.pHdr->sA3.abyAddr2, &uNodeIndex)) {
2113 // Update the STA, (Technically the Beacons of all the IBSS nodes
2114 // should be identical, but that's not happening in practice.
2115 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2116 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2117 WLAN_RATES_MAXLEN_11B);
2118 RATEvParseMaxRate((void *)pDevice,
2119 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2122 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2123 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2124 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2125 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2126 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2128 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2129 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2130 pMgmt->sNodeDBTable[uNodeIndex].uInActiveCount = 0;
2133 // Todo, initial Node content
2134 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
2136 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2137 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2138 WLAN_RATES_MAXLEN_11B);
2139 RATEvParseMaxRate((void *)pDevice,
2140 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2143 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2144 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2145 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2146 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2147 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2150 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, sFrame.pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
2151 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2152 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate = pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
2154 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2155 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
2156 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
2160 // if other stations jointed, indicate connect to upper layer..
2161 if (pMgmt->eCurrState == WMAC_STATE_STARTED) {
2162 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Current IBSS State: [Started]........to: [Jointed] \n");
2163 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2164 pDevice->bLinkPass = TRUE;
2165 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_INTER);
2166 if (netif_queue_stopped(pDevice->dev)){
2167 netif_wake_queue(pDevice->dev);
2169 pMgmt->sNodeDBTable[0].bActive = TRUE;
2170 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2174 else if (bIsSSIDEqual) {
2176 // See other adhoc sta with the same SSID but BSSID is different.
2177 // adpot this vars only when TSF larger then us.
2178 if (bTSFLargeDiff && bTSFOffsetPostive) {
2179 // we don't support ATIM under adhoc mode
2180 // if ( sFrame.pIBSSParms->wATIMWindow == 0) {
2182 // TODO: check sFrame cap if privacy on, and support rate syn
2183 memcpy(pMgmt->abyCurrBSSID, sFrame.pHdr->sA3.abyAddr3, WLAN_BSSID_LEN);
2184 memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
2185 pMgmt->wCurrATIMWindow = cpu_to_le16(sFrame.pIBSSParms->wATIMWindow);
2186 pMgmt->wCurrBeaconPeriod = cpu_to_le16(*sFrame.pwBeaconInterval);
2187 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2188 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2189 WLAN_RATES_MAXLEN_11B);
2190 // set HW beacon interval and re-synchronizing....
2191 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rejoining to Other Adhoc group with same SSID........\n");
2193 MACvWriteBeaconInterval(pDevice, pMgmt->wCurrBeaconPeriod);
2194 CARDvAdjustTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, pRxPacket->qwLocalTSF);
2195 CARDvUpdateNextTBTT(pDevice, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2197 // Turn off bssid filter to avoid filter others adhoc station which bssid is different.
2198 MACvWriteBSSIDAddress(pDevice, pMgmt->abyCurrBSSID);
2200 byOldPreambleType = pDevice->byPreambleType;
2201 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo)) {
2202 pDevice->byPreambleType = pDevice->byShortPreamble;
2205 pDevice->byPreambleType = 0;
2207 if (pDevice->byPreambleType != byOldPreambleType)
2208 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
2211 // MACvRegBitsOff(pDevice->PortOffset, MAC_REG_RCR, RCR_BSSID);
2212 // set highest basic rate
2213 // s_vSetHighestBasicRate(pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates);
2214 // Prepare beacon frame
2215 bMgrPrepareBeaconToSend((void *) pDevice, pMgmt);
2223 CARDbGetCurrentTSF(pDevice, &qwCurrTSF);
2224 CARDvAdjustTSF(pDevice, pRxPacket->byRxRate, qwTimestamp , pRxPacket->qwLocalTSF);
2225 CARDbGetCurrentTSF(pDevice, &qwCurrTSF);
2226 CARDvUpdateNextTBTT(pDevice, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2234 * Routine Description:
2235 * Instructs the hw to create a bss using the supplied
2236 * attributes. Note that this implementation only supports Ad-Hoc
2245 void vMgrCreateOwnIBSS(void *hDeviceContext,
2246 PCMD_STATUS pStatus)
2248 PSDevice pDevice = (PSDevice)hDeviceContext;
2249 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2252 BYTE byTopCCKBasicRate;
2253 BYTE byTopOFDMBasicRate;
2256 BYTE abyRATE[] = {0x82, 0x84, 0x8B, 0x96, 0x24, 0x30, 0x48, 0x6C, 0x0C, 0x12, 0x18, 0x60};
2257 BYTE abyCCK_RATE[] = {0x82, 0x84, 0x8B, 0x96};
2258 BYTE abyOFDM_RATE[] = {0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2263 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Create Basic Service Set .......\n");
2265 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2266 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) &&
2267 (pDevice->eEncryptionStatus != Ndis802_11Encryption2Enabled) &&
2268 (pDevice->eEncryptionStatus != Ndis802_11Encryption3Enabled)) {
2269 // encryption mode error
2270 *pStatus = CMD_STATUS_FAILURE;
2275 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2276 pMgmt->abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
2278 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2279 pMgmt->eCurrentPHYMode = pMgmt->byAPBBType;
2281 if (pDevice->byBBType == BB_TYPE_11G)
2282 pMgmt->eCurrentPHYMode = PHY_TYPE_11G;
2283 if (pDevice->byBBType == BB_TYPE_11B)
2284 pMgmt->eCurrentPHYMode = PHY_TYPE_11B;
2285 if (pDevice->byBBType == BB_TYPE_11A)
2286 pMgmt->eCurrentPHYMode = PHY_TYPE_11A;
2289 if (pMgmt->eCurrentPHYMode != PHY_TYPE_11A) {
2290 pMgmt->abyCurrSuppRates[1] = WLAN_RATES_MAXLEN_11B;
2291 pMgmt->abyCurrExtSuppRates[1] = 0;
2292 for (ii = 0; ii < 4; ii++)
2293 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2295 pMgmt->abyCurrSuppRates[1] = 8;
2296 pMgmt->abyCurrExtSuppRates[1] = 0;
2297 for (ii = 0; ii < 8; ii++)
2298 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2302 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
2303 pMgmt->abyCurrSuppRates[1] = 8;
2304 pMgmt->abyCurrExtSuppRates[1] = 4;
2305 for (ii = 0; ii < 4; ii++)
2306 pMgmt->abyCurrSuppRates[2+ii] = abyCCK_RATE[ii];
2307 for (ii = 4; ii < 8; ii++)
2308 pMgmt->abyCurrSuppRates[2+ii] = abyOFDM_RATE[ii-4];
2309 for (ii = 0; ii < 4; ii++)
2310 pMgmt->abyCurrExtSuppRates[2+ii] = abyOFDM_RATE[ii+4];
2314 // Disable Protect Mode
2315 pDevice->bProtectMode = 0;
2316 MACvDisableProtectMD(pDevice);
2318 pDevice->bBarkerPreambleMd = 0;
2319 MACvDisableBarkerPreambleMd(pDevice);
2321 // Kyle Test 2003.11.04
2323 // set HW beacon interval
2324 if (pMgmt->wIBSSBeaconPeriod == 0)
2325 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
2326 MACvWriteBeaconInterval(pDevice, pMgmt->wIBSSBeaconPeriod);
2328 CARDbGetCurrentTSF(pDevice, &qwCurrTSF);
2329 // clear TSF counter
2330 CARDbClearCurrentTSF(pDevice);
2332 // enable TSF counter
2333 MACvRegBitsOn(pDevice,MAC_REG_TFTCTL,TFTCTL_TSFCNTREN);
2335 CARDvSetFirstNextTBTT(pDevice, pMgmt->wIBSSBeaconPeriod);
2337 pMgmt->uIBSSChannel = pDevice->uChannel;
2339 if (pMgmt->uIBSSChannel == 0)
2340 pMgmt->uIBSSChannel = DEFAULT_IBSS_CHANNEL;
2342 // set channel and clear NAV
2343 CARDbSetMediaChannel(pDevice, pMgmt->uIBSSChannel);
2344 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2346 pDevice->byPreambleType = pDevice->byShortPreamble;
2350 RATEvParseMaxRate((void *)pDevice,
2351 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2352 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates, TRUE,
2353 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2354 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2358 if (pDevice->byBBType == BB_TYPE_11A) {
2359 pDevice->bShortSlotTime = TRUE;
2361 pDevice->bShortSlotTime = FALSE;
2363 BBvSetShortSlotTime(pDevice);
2364 // vUpdateIFS() use pDevice->bShortSlotTime as parameter so it must be called
2365 // after setting ShortSlotTime.
2366 // CARDvSetBSSMode call vUpdateIFS()
2367 CARDvSetBSSMode(pDevice);
2369 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2370 MACvRegBitsOn(pDevice, MAC_REG_HOSTCR, HOSTCR_AP);
2371 pMgmt->eCurrMode = WMAC_MODE_ESS_AP;
2374 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2375 MACvRegBitsOn(pDevice, MAC_REG_HOSTCR, HOSTCR_ADHOC);
2376 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2379 // Adopt pre-configured IBSS vars to current vars
2380 pMgmt->eCurrState = WMAC_STATE_STARTED;
2381 pMgmt->wCurrBeaconPeriod = pMgmt->wIBSSBeaconPeriod;
2382 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2383 pMgmt->wCurrATIMWindow = pMgmt->wIBSSATIMWindow;
2384 pDevice->uCurrRSSI = 0;
2385 pDevice->byCurrSQ = 0;
2387 memcpy(pMgmt->abyDesireSSID,pMgmt->abyAdHocSSID,
2388 ((PWLAN_IE_SSID)pMgmt->abyAdHocSSID)->len + WLAN_IEHDR_LEN);
2390 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2391 memcpy(pMgmt->abyCurrSSID,
2392 pMgmt->abyDesireSSID,
2393 ((PWLAN_IE_SSID)pMgmt->abyDesireSSID)->len + WLAN_IEHDR_LEN
2396 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2397 // AP mode BSSID = MAC addr
2398 memcpy(pMgmt->abyCurrBSSID, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
2399 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO"AP beacon created BSSID:"
2400 "%pM\n", pMgmt->abyCurrBSSID);
2403 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2405 // BSSID selected must be randomized as spec 11.1.3
2406 pMgmt->abyCurrBSSID[5] = (u8)(qwCurrTSF & 0x000000ff);
2407 pMgmt->abyCurrBSSID[4] = (u8)((qwCurrTSF & 0x0000ff00) >> 8);
2408 pMgmt->abyCurrBSSID[3] = (u8)((qwCurrTSF & 0x00ff0000) >> 16);
2409 pMgmt->abyCurrBSSID[2] = (u8)((qwCurrTSF & 0x00000ff0) >> 4);
2410 pMgmt->abyCurrBSSID[1] = (u8)((qwCurrTSF & 0x000ff000) >> 12);
2411 pMgmt->abyCurrBSSID[0] = (u8)((qwCurrTSF & 0x0ff00000) >> 20);
2412 pMgmt->abyCurrBSSID[5] ^= pMgmt->abyMACAddr[0];
2413 pMgmt->abyCurrBSSID[4] ^= pMgmt->abyMACAddr[1];
2414 pMgmt->abyCurrBSSID[3] ^= pMgmt->abyMACAddr[2];
2415 pMgmt->abyCurrBSSID[2] ^= pMgmt->abyMACAddr[3];
2416 pMgmt->abyCurrBSSID[1] ^= pMgmt->abyMACAddr[4];
2417 pMgmt->abyCurrBSSID[0] ^= pMgmt->abyMACAddr[5];
2418 pMgmt->abyCurrBSSID[0] &= ~IEEE_ADDR_GROUP;
2419 pMgmt->abyCurrBSSID[0] |= IEEE_ADDR_UNIVERSAL;
2422 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO"Adhoc beacon created bssid:"
2423 "%pM\n", pMgmt->abyCurrBSSID);
2427 MACvWriteBSSIDAddress(pDevice, pMgmt->abyCurrBSSID);
2428 memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_ADDR_LEN);
2430 MACvRegBitsOn(pDevice, MAC_REG_RCR, RCR_BSSID);
2431 pDevice->byRxMode |= RCR_BSSID;
2432 pMgmt->bCurrBSSIDFilterOn = TRUE;
2434 // Set Capability Info
2435 pMgmt->wCurrCapInfo = 0;
2437 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2438 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
2439 pMgmt->byDTIMPeriod = DEFAULT_DTIM_PERIOD;
2440 pMgmt->byDTIMCount = pMgmt->byDTIMPeriod - 1;
2441 pDevice->eOPMode = OP_MODE_AP;
2444 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2445 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_IBSS(1);
2446 pDevice->eOPMode = OP_MODE_ADHOC;
2449 if (pDevice->bEncryptionEnable) {
2450 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
2451 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2452 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2453 pMgmt->byCSSPK = KEY_CTL_CCMP;
2454 pMgmt->byCSSGK = KEY_CTL_CCMP;
2455 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2456 pMgmt->byCSSPK = KEY_CTL_TKIP;
2457 pMgmt->byCSSGK = KEY_CTL_TKIP;
2459 pMgmt->byCSSPK = KEY_CTL_NONE;
2460 pMgmt->byCSSGK = KEY_CTL_WEP;
2463 pMgmt->byCSSPK = KEY_CTL_WEP;
2464 pMgmt->byCSSGK = KEY_CTL_WEP;
2468 pMgmt->byERPContext = 0;
2470 if (pDevice->byPreambleType == 1) {
2471 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
2473 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SHORTPREAMBLE(1));
2476 pMgmt->eCurrState = WMAC_STATE_STARTED;
2477 // Prepare beacon to send
2478 if (bMgrPrepareBeaconToSend((void *) pDevice, pMgmt))
2479 *pStatus = CMD_STATUS_SUCCESS;
2486 * Routine Description:
2487 * Instructs wmac to join a bss using the supplied attributes.
2488 * The arguments may the BSSID or SSID and the rest of the
2489 * attributes are obtained from the scan result of known bss list.
2497 void vMgrJoinBSSBegin(void *hDeviceContext, PCMD_STATUS pStatus)
2499 PSDevice pDevice = (PSDevice)hDeviceContext;
2500 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2501 PKnownBSS pCurr = NULL;
2502 unsigned int ii, uu;
2503 PWLAN_IE_SUPP_RATES pItemRates = NULL;
2504 PWLAN_IE_SUPP_RATES pItemExtRates = NULL;
2505 PWLAN_IE_SSID pItemSSID;
2506 unsigned int uRateLen = WLAN_RATES_MAXLEN;
2507 WORD wMaxBasicRate = RATE_1M;
2508 WORD wMaxSuppRate = RATE_1M;
2510 BYTE byTopCCKBasicRate = RATE_1M;
2511 BYTE byTopOFDMBasicRate = RATE_1M;
2512 BOOL bShortSlotTime = FALSE;
2515 for (ii = 0; ii < MAX_BSS_NUM; ii++) {
2516 if (pMgmt->sBSSList[ii].bActive == TRUE)
2520 if (ii == MAX_BSS_NUM) {
2521 *pStatus = CMD_STATUS_RESOURCES;
2522 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "BSS finding:BSS list is empty.\n");
2526 // memset(pMgmt->abyDesireBSSID, 0, WLAN_BSSID_LEN);
2527 // Search known BSS list for prefer BSSID or SSID
2529 pCurr = BSSpSearchBSSList(pDevice,
2530 pMgmt->abyDesireBSSID,
2531 pMgmt->abyDesireSSID,
2532 pDevice->eConfigPHYMode
2536 *pStatus = CMD_STATUS_RESOURCES;
2537 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyDesireSSID;
2538 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Scanning [%s] not found, disconnected !\n", pItemSSID->abySSID);
2542 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP(BSS) finding:Found a AP(BSS)..\n");
2544 if (WLAN_GET_CAP_INFO_ESS(cpu_to_le16(pCurr->wCapInfo))){
2546 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
2547 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)) {
2549 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2550 if (WPA_SearchRSN(0, WPA_TKIP, pCurr) == FALSE) {
2551 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"No match RSN info. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
2552 // encryption mode error
2553 pMgmt->eCurrState = WMAC_STATE_IDLE;
2556 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2557 if (WPA_SearchRSN(0, WPA_AESCCMP, pCurr) == FALSE) {
2558 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"No match RSN info. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
2559 // encryption mode error
2560 pMgmt->eCurrState = WMAC_STATE_IDLE;
2567 //if(pDevice->bWPASuppWextEnabled == TRUE)
2568 Encyption_Rebuild(pDevice, pCurr);
2570 // Infrastructure BSS
2571 s_vMgrSynchBSS(pDevice,
2577 if (*pStatus == CMD_STATUS_SUCCESS){
2579 // Adopt this BSS state vars in Mgmt Object
2580 pMgmt->uCurrChannel = pCurr->uChannel;
2582 memset(pMgmt->abyCurrSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2583 memset(pMgmt->abyCurrExtSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2585 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
2586 uRateLen = WLAN_RATES_MAXLEN_11B;
2589 pItemRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates;
2590 pItemExtRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates;
2592 // Parse Support Rate IE
2593 pItemRates->byElementID = WLAN_EID_SUPP_RATES;
2594 pItemRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2598 // Parse Extension Support Rate IE
2599 pItemExtRates->byElementID = WLAN_EID_EXTSUPP_RATES;
2600 pItemExtRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abyExtSuppRates,
2604 if ((pItemExtRates->len > 0) && (pItemRates->len < 8)) {
2605 for (ii = 0; ii < (unsigned int) (8 - pItemRates->len); ) {
2606 pItemRates->abyRates[pItemRates->len + ii] =
2607 pItemExtRates->abyRates[ii];
2609 if (pItemExtRates->len <= ii)
2612 pItemRates->len += (BYTE)ii;
2613 if (pItemExtRates->len - ii > 0) {
2614 pItemExtRates->len -= (BYTE)ii;
2615 for (uu = 0; uu < pItemExtRates->len; uu ++) {
2616 pItemExtRates->abyRates[uu] = pItemExtRates->abyRates[uu + ii];
2619 pItemExtRates->len = 0;
2623 RATEvParseMaxRate((void *)pDevice, pItemRates, pItemExtRates, TRUE,
2624 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2625 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2626 vUpdateIFS(pDevice);
2627 // TODO: deal with if wCapInfo the privacy is on, but station WEP is off
2628 // TODO: deal with if wCapInfo the PS-Pollable is on.
2629 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2630 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2631 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2632 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2634 pMgmt->eCurrMode = WMAC_MODE_ESS_STA;
2636 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2637 // Adopt BSS state in Adapter Device Object
2638 pDevice->eOPMode = OP_MODE_INFRASTRUCTURE;
2639 memcpy(pDevice->abyBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2641 // Add current BSS to Candidate list
2642 // This should only work for WPA2 BSS, and WPA2 BSS check must be done before.
2643 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
2644 BOOL bResult = bAdd_PMKID_Candidate((void *) pDevice,
2645 pMgmt->abyCurrBSSID,
2646 &pCurr->sRSNCapObj);
2647 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"bAdd_PMKID_Candidate: 1(%d)\n", bResult);
2648 if (bResult == FALSE) {
2649 vFlush_PMKID_Candidate((void *) pDevice);
2650 DBG_PRT(MSG_LEVEL_DEBUG,
2651 KERN_INFO "vFlush_PMKID_Candidate: 4\n");
2652 bAdd_PMKID_Candidate((void *) pDevice,
2653 pMgmt->abyCurrBSSID,
2654 &pCurr->sRSNCapObj);
2658 // Preamble type auto-switch: if AP can receive short-preamble cap,
2659 // we can turn on too.
2660 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(pCurr->wCapInfo)) {
2661 pDevice->byPreambleType = pDevice->byShortPreamble;
2664 pDevice->byPreambleType = 0;
2666 // Change PreambleType must set RSPINF again
2667 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
2669 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Join ESS\n");
2671 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11G) {
2673 if ((pCurr->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION) != pDevice->bProtectMode) {//0000 0010
2674 pDevice->bProtectMode = (pCurr->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
2675 if (pDevice->bProtectMode) {
2676 MACvEnableProtectMD(pDevice);
2678 MACvDisableProtectMD(pDevice);
2680 vUpdateIFS(pDevice);
2682 if ((pCurr->sERP.byERP & WLAN_EID_ERP_NONERP_PRESENT) != pDevice->bNonERPPresent) {//0000 0001
2683 pDevice->bNonERPPresent = (pCurr->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
2685 if ((pCurr->sERP.byERP & WLAN_EID_ERP_BARKER_MODE) != pDevice->bBarkerPreambleMd) {//0000 0100
2686 pDevice->bBarkerPreambleMd = (pCurr->sERP.byERP & WLAN_EID_ERP_BARKER_MODE);
2687 //BarkerPreambleMd has higher priority than shortPreamble bit in Cap
2688 if (pDevice->bBarkerPreambleMd) {
2689 MACvEnableBarkerPreambleMd(pDevice);
2691 MACvDisableBarkerPreambleMd(pDevice);
2695 //DBG_PRN_WLAN05(("wCapInfo: %X\n", pCurr->wCapInfo));
2696 if (WLAN_GET_CAP_INFO_SHORTSLOTTIME(pCurr->wCapInfo) != pDevice->bShortSlotTime) {
2697 if (pDevice->byBBType == BB_TYPE_11A) {
2698 bShortSlotTime = TRUE;
2700 else if (pDevice->byBBType == BB_TYPE_11B) {
2701 bShortSlotTime = FALSE;
2704 bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(pCurr->wCapInfo);
2706 //DBG_PRN_WLAN05(("Set Short Slot Time: %d\n", pDevice->bShortSlotTime));
2707 if (bShortSlotTime != pDevice->bShortSlotTime) {
2708 pDevice->bShortSlotTime = bShortSlotTime;
2709 BBvSetShortSlotTime(pDevice);
2710 vUpdateIFS(pDevice);
2714 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"End of Join AP -- A/B/G Action\n");
2717 pMgmt->eCurrState = WMAC_STATE_IDLE;
2724 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2726 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2728 if (WPA_SearchRSN(0, WPA_TKIP, pCurr) == FALSE) {
2729 // encryption mode error
2730 pMgmt->eCurrState = WMAC_STATE_IDLE;
2734 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2736 if (WPA_SearchRSN(0, WPA_AESCCMP, pCurr) == FALSE) {
2737 // encryption mode error
2738 pMgmt->eCurrState = WMAC_STATE_IDLE;
2743 // encryption mode error
2744 pMgmt->eCurrState = WMAC_STATE_IDLE;
2749 s_vMgrSynchBSS(pDevice,
2755 if (*pStatus == CMD_STATUS_SUCCESS){
2756 // Adopt this BSS state vars in Mgmt Object
2757 // TODO: check if CapInfo privacy on, but we don't..
2758 pMgmt->uCurrChannel = pCurr->uChannel;
2761 // Parse Support Rate IE
2762 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2763 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2764 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2765 WLAN_RATES_MAXLEN_11B);
2767 RATEvParseMaxRate((void *)pDevice,
2768 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2769 NULL, TRUE, &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2770 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2771 vUpdateIFS(pDevice);
2772 pMgmt->wCurrCapInfo = pCurr->wCapInfo;
2773 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2774 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2775 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2776 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2777 // pMgmt->wCurrATIMWindow = pCurr->wATIMWindow;
2778 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2779 pMgmt->eCurrState = WMAC_STATE_STARTED;
2780 // Adopt BSS state in Adapter Device Object
2781 pDevice->eOPMode = OP_MODE_ADHOC;
2782 pDevice->bLinkPass = TRUE;
2783 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_INTER);
2784 memcpy(pDevice->abyBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2786 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Join IBSS ok:%pM\n",
2787 pMgmt->abyCurrBSSID);
2788 // Preamble type auto-switch: if AP can receive short-preamble cap,
2789 // and if registry setting is short preamble we can turn on too.
2791 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(pCurr->wCapInfo)) {
2792 pDevice->byPreambleType = pDevice->byShortPreamble;
2795 pDevice->byPreambleType = 0;
2797 // Change PreambleType must set RSPINF again
2798 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
2801 bMgrPrepareBeaconToSend((void *) pDevice, pMgmt);
2804 pMgmt->eCurrState = WMAC_STATE_IDLE;
2814 * Routine Description:
2815 * Set HW to synchronize a specific BSS from known BSS list.
2826 unsigned int uBSSMode,
2831 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2832 //1M, 2M, 5M, 11M, 18M, 24M, 36M, 54M
2833 BYTE abyCurrSuppRatesG[] = {WLAN_EID_SUPP_RATES, 8, 0x02, 0x04, 0x0B, 0x16, 0x24, 0x30, 0x48, 0x6C};
2834 BYTE abyCurrExtSuppRatesG[] = {WLAN_EID_EXTSUPP_RATES, 4, 0x0C, 0x12, 0x18, 0x60};
2836 BYTE abyCurrSuppRatesA[] = {WLAN_EID_SUPP_RATES, 8, 0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2837 BYTE abyCurrSuppRatesB[] = {WLAN_EID_SUPP_RATES, 4, 0x02, 0x04, 0x0B, 0x16};
2840 *pStatus = CMD_STATUS_FAILURE;
2842 if (s_bCipherMatch(pCurr,
2843 pDevice->eEncryptionStatus,
2845 &(pMgmt->byCSSGK)) == FALSE) {
2846 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "s_bCipherMatch Fail .......\n");
2850 pMgmt->pCurrBSS = pCurr;
2852 // if previous mode is IBSS.
2853 if(pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2854 MACvRegBitsOff(pDevice, MAC_REG_TCR, TCR_AUTOBCNTX);
2857 // Init the BSS informations
2858 pDevice->bCCK = TRUE;
2859 pDevice->bProtectMode = FALSE;
2860 MACvDisableProtectMD(pDevice);
2861 pDevice->bBarkerPreambleMd = FALSE;
2862 MACvDisableBarkerPreambleMd(pDevice);
2863 pDevice->bNonERPPresent = FALSE;
2864 pDevice->byPreambleType = 0;
2865 pDevice->wBasicRate = 0;
2867 CARDbAddBasicRate((void *)pDevice, RATE_1M);
2869 // calculate TSF offset
2870 // TSF Offset = Received Timestamp TSF - Marked Local's TSF
2871 CARDvAdjustTSF(pDevice, pCurr->byRxRate, pCurr->qwBSSTimestamp, pCurr->qwLocalTSF);
2873 // set HW beacon interval
2874 MACvWriteBeaconInterval(pDevice, pCurr->wBeaconInterval);
2877 // Next TBTT = ((local_current_TSF / beacon_interval) + 1 ) * beacon_interval
2878 CARDvSetFirstNextTBTT(pDevice, pCurr->wBeaconInterval);
2881 MACvWriteBSSIDAddress(pDevice, pCurr->abyBSSID);
2883 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, 6);
2885 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Sync:set CurrBSSID address = "
2886 "%pM\n", pMgmt->abyCurrBSSID);
2888 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11A) {
2889 if ((pDevice->eConfigPHYMode == PHY_TYPE_11A) ||
2890 (pDevice->eConfigPHYMode == PHY_TYPE_AUTO)) {
2891 pDevice->byBBType = BB_TYPE_11A;
2892 pMgmt->eCurrentPHYMode = PHY_TYPE_11A;
2893 pDevice->bShortSlotTime = TRUE;
2894 BBvSetShortSlotTime(pDevice);
2895 CARDvSetBSSMode(pDevice);
2899 } else if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
2900 if ((pDevice->eConfigPHYMode == PHY_TYPE_11B) ||
2901 (pDevice->eConfigPHYMode == PHY_TYPE_11G) ||
2902 (pDevice->eConfigPHYMode == PHY_TYPE_AUTO)) {
2903 pDevice->byBBType = BB_TYPE_11B;
2904 pMgmt->eCurrentPHYMode = PHY_TYPE_11B;
2905 pDevice->bShortSlotTime = FALSE;
2906 BBvSetShortSlotTime(pDevice);
2907 CARDvSetBSSMode(pDevice);
2912 if ((pDevice->eConfigPHYMode == PHY_TYPE_11G) ||
2913 (pDevice->eConfigPHYMode == PHY_TYPE_AUTO)) {
2914 pDevice->byBBType = BB_TYPE_11G;
2915 pMgmt->eCurrentPHYMode = PHY_TYPE_11G;
2916 pDevice->bShortSlotTime = TRUE;
2917 BBvSetShortSlotTime(pDevice);
2918 CARDvSetBSSMode(pDevice);
2919 } else if (pDevice->eConfigPHYMode == PHY_TYPE_11B) {
2920 pDevice->byBBType = BB_TYPE_11B;
2921 pDevice->bShortSlotTime = FALSE;
2922 BBvSetShortSlotTime(pDevice);
2923 CARDvSetBSSMode(pDevice);
2929 if (uBSSMode == WMAC_MODE_ESS_STA) {
2930 MACvRegBitsOff(pDevice, MAC_REG_HOSTCR, HOSTCR_ADHOC);
2931 MACvRegBitsOn(pDevice, MAC_REG_RCR, RCR_BSSID);
2932 pDevice->byRxMode |= RCR_BSSID;
2933 pMgmt->bCurrBSSIDFilterOn = TRUE;
2936 // set channel and clear NAV
2937 CARDbSetMediaChannel(pDevice, pCurr->uChannel);
2938 pMgmt->uCurrChannel = pCurr->uChannel;
2939 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "<----s_bSynchBSS Set Channel [%d]\n", pCurr->uChannel);
2941 if ((pDevice->bUpdateBBVGA) &&
2942 (pDevice->byBBVGACurrent != pDevice->abyBBVGA[0])) {
2943 pDevice->byBBVGACurrent = pDevice->abyBBVGA[0];
2944 BBvSetVGAGainOffset(pDevice, pDevice->byBBVGACurrent);
2945 BBvSetShortSlotTime(pDevice);
2949 // 1. In Ad-hoc mode : check if received others beacon as jointed indication,
2950 // otherwise we will start own IBSS.
2951 // 2. In Infra mode : Supposed we already synchronized with AP right now.
2953 if (uBSSMode == WMAC_MODE_IBSS_STA) {
2954 MACvRegBitsOn(pDevice, MAC_REG_HOSTCR, HOSTCR_ADHOC);
2955 MACvRegBitsOn(pDevice, MAC_REG_RCR, RCR_BSSID);
2956 pDevice->byRxMode |= RCR_BSSID;
2957 pMgmt->bCurrBSSIDFilterOn = TRUE;
2960 if (pDevice->byBBType == BB_TYPE_11A) {
2961 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesA[0], sizeof(abyCurrSuppRatesA));
2962 pMgmt->abyCurrExtSuppRates[1] = 0;
2963 } else if (pDevice->byBBType == BB_TYPE_11B) {
2964 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesB[0], sizeof(abyCurrSuppRatesB));
2965 pMgmt->abyCurrExtSuppRates[1] = 0;
2967 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesG[0], sizeof(abyCurrSuppRatesG));
2968 memcpy(pMgmt->abyCurrExtSuppRates, &abyCurrExtSuppRatesG[0], sizeof(abyCurrExtSuppRatesG));
2970 pMgmt->byERPContext = pCurr->sERP.byERP;
2972 *pStatus = CMD_STATUS_SUCCESS;
2978 //mike add: fix NetworkManager 0.7.0 hidden ssid mode in WPA encryption
2979 // ,need reset eAuthenMode and eEncryptionStatus
2980 static void Encyption_Rebuild(
2985 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2986 /* unsigned int ii, uSameBssidNum=0; */
2988 // if( uSameBssidNum>=2) { //we only check AP in hidden sssid mode
2989 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) || //networkmanager 0.7.0 does not give the pairwise-key selsection,
2990 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) { // so we need re-selsect it according to real pairwise-key info.
2991 if(pCurr->bWPAValid == TRUE) { //WPA-PSK
2992 pMgmt->eAuthenMode = WMAC_AUTH_WPAPSK;
2993 if(pCurr->abyPKType[0] == WPA_TKIP) {
2994 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
2995 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-TKIP]\n");
2997 else if(pCurr->abyPKType[0] == WPA_AESCCMP) {
2998 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
2999 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-AES]\n");
3002 else if(pCurr->bWPA2Valid == TRUE) { //WPA2-PSK
3003 pMgmt->eAuthenMode = WMAC_AUTH_WPA2PSK;
3004 if(pCurr->abyCSSPK[0] == WLAN_11i_CSS_TKIP) {
3005 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
3006 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-TKIP]\n");
3008 else if(pCurr->abyCSSPK[0] == WLAN_11i_CSS_CCMP) {
3009 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
3010 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-AES]\n");
3021 * Routine Description:
3037 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
3039 unsigned int ii, jj;
3040 BOOL bStartFound = FALSE;
3041 BOOL bMulticast = FALSE;
3042 WORD wStartIndex = 0;
3046 // Find size of partial virtual bitmap
3047 for (ii = 0; ii < (MAX_NODE_NUM + 1); ii++) {
3048 byMap = pMgmt->abyPSTxMap[ii];
3050 // Mask out the broadcast bit which is indicated separately.
3051 bMulticast = (byMap & byMask[0]) != 0;
3053 pMgmt->sNodeDBTable[0].bRxPSPoll = TRUE;
3060 wStartIndex = (WORD)ii;
3062 wEndIndex = (WORD)ii;
3067 // Round start index down to nearest even number
3068 wStartIndex &= ~BIT0;
3070 // Round end index up to nearest even number
3071 wEndIndex = ((wEndIndex + 1) & ~BIT0);
3073 // Size of element payload
3075 pTIM->len = 3 + (wEndIndex - wStartIndex) + 1;
3077 // Fill in the Fixed parts of the TIM
3078 pTIM->byDTIMCount = pMgmt->byDTIMCount;
3079 pTIM->byDTIMPeriod = pMgmt->byDTIMPeriod;
3080 pTIM->byBitMapCtl = (bMulticast ? TIM_MULTICAST_MASK : 0) |
3081 (((wStartIndex >> 1) << 1) & TIM_BITMAPOFFSET_MASK);
3083 // Append variable part of TIM
3085 for (ii = wStartIndex, jj =0 ; ii <= wEndIndex; ii++, jj++) {
3086 pTIM->byVirtBitMap[jj] = pMgmt->abyPSTxMap[ii];
3089 // Aid = 0 don't used.
3090 pTIM->byVirtBitMap[0] &= ~BIT0;
3096 * Routine Description:
3097 * Constructs an Beacon frame( Ad-hoc mode)
3101 * PTR to frame; or NULL on allocation failure
3111 WORD wCurrBeaconPeriod,
3112 unsigned int uCurrChannel,
3113 WORD wCurrATIMWinodw,
3114 PWLAN_IE_SSID pCurrSSID,
3116 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3117 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3120 PSTxMgmtPacket pTxPacket = NULL;
3121 WLAN_FR_BEACON sFrame;
3122 BYTE abyBroadcastAddr[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
3125 // prepare beacon frame
3126 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3127 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_BEACON_FR_MAXLEN);
3128 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3129 // Setup the sFrame structure.
3130 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3131 sFrame.len = WLAN_BEACON_FR_MAXLEN;
3132 vMgrEncodeBeacon(&sFrame);
3134 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3136 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3137 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_BEACON)
3140 if (pDevice->bEnablePSMode) {
3141 sFrame.pHdr->sA3.wFrameCtl |= cpu_to_le16((WORD)WLAN_SET_FC_PWRMGT(1));
3144 memcpy( sFrame.pHdr->sA3.abyAddr1, abyBroadcastAddr, WLAN_ADDR_LEN);
3145 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3146 memcpy( sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3147 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3148 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3150 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3151 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3152 memcpy(sFrame.pSSID,
3154 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3156 // Copy the rate set
3157 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3158 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3159 memcpy(sFrame.pSuppRates,
3161 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3164 if (pDevice->byBBType != BB_TYPE_11A) {
3165 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3166 sFrame.len += (1) + WLAN_IEHDR_LEN;
3167 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3168 sFrame.pDSParms->len = 1;
3169 sFrame.pDSParms->byCurrChannel = (BYTE)uCurrChannel;
3172 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
3173 sFrame.pTIM = (PWLAN_IE_TIM)(sFrame.pBuf + sFrame.len);
3174 sFrame.pTIM->byElementID = WLAN_EID_TIM;
3175 s_vMgrFormatTIM(pMgmt, sFrame.pTIM);
3176 sFrame.len += (WLAN_IEHDR_LEN + sFrame.pTIM->len);
3179 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
3182 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3183 sFrame.len += (2) + WLAN_IEHDR_LEN;
3184 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3185 sFrame.pIBSSParms->len = 2;
3186 sFrame.pIBSSParms->wATIMWindow = wCurrATIMWinodw;
3187 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3189 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3190 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3191 sFrame.pRSNWPA->len = 12;
3192 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3193 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3194 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3195 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3196 sFrame.pRSNWPA->wVersion = 1;
3197 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3198 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3199 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3200 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled)
3201 sFrame.pRSNWPA->abyMulticast[3] = 0x04;//AES
3202 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled)
3203 sFrame.pRSNWPA->abyMulticast[3] = 0x02;//TKIP
3204 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption1Enabled)
3205 sFrame.pRSNWPA->abyMulticast[3] = 0x01;//WEP40
3207 sFrame.pRSNWPA->abyMulticast[3] = 0x00;//NONE
3209 // Pairwise Key Cipher Suite
3210 sFrame.pRSNWPA->wPKCount = 0;
3211 // Auth Key Management Suite
3212 *((PWORD)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len))=0;
3213 sFrame.pRSNWPA->len +=2;
3216 *((PWORD)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len))=0;
3217 sFrame.pRSNWPA->len +=2;
3218 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3223 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
3224 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3225 sFrame.len += 1 + WLAN_IEHDR_LEN;
3226 sFrame.pERP->byElementID = WLAN_EID_ERP;
3227 sFrame.pERP->len = 1;
3228 sFrame.pERP->byContext = 0;
3229 if (pDevice->bProtectMode == TRUE)
3230 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3231 if (pDevice->bNonERPPresent == TRUE)
3232 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3233 if (pDevice->bBarkerPreambleMd == TRUE)
3234 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3236 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3237 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3238 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3239 memcpy(sFrame.pExtSuppRates,
3241 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3244 // hostapd wpa/wpa2 IE
3245 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnableHostapd == TRUE)) {
3246 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3247 if (pMgmt->wWPAIELen != 0) {
3248 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3249 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3250 sFrame.len += pMgmt->wWPAIELen;
3255 /* Adjust the length fields */
3256 pTxPacket->cbMPDULen = sFrame.len;
3257 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3268 * Routine Description:
3269 * Constructs an Prob-response frame
3273 * PTR to frame; or NULL on allocation failure
3281 s_MgrMakeProbeResponse(
3285 WORD wCurrBeaconPeriod,
3286 unsigned int uCurrChannel,
3287 WORD wCurrATIMWinodw,
3289 PWLAN_IE_SSID pCurrSSID,
3291 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3292 PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
3296 PSTxMgmtPacket pTxPacket = NULL;
3297 WLAN_FR_PROBERESP sFrame;
3301 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3302 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_PROBERESP_FR_MAXLEN);
3303 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3304 // Setup the sFrame structure.
3305 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3306 sFrame.len = WLAN_PROBERESP_FR_MAXLEN;
3307 vMgrEncodeProbeResponse(&sFrame);
3309 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3311 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3312 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_PROBERESP)
3314 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3315 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3316 memcpy( sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3317 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3318 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3320 if (byPHYType == BB_TYPE_11B) {
3321 *sFrame.pwCapInfo &= cpu_to_le16((WORD)~(WLAN_SET_CAP_INFO_SHORTSLOTTIME(1)));
3325 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3326 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3327 memcpy(sFrame.pSSID,
3329 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3331 // Copy the rate set
3332 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3334 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3335 memcpy(sFrame.pSuppRates,
3337 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3341 if (pDevice->byBBType != BB_TYPE_11A) {
3342 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3343 sFrame.len += (1) + WLAN_IEHDR_LEN;
3344 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3345 sFrame.pDSParms->len = 1;
3346 sFrame.pDSParms->byCurrChannel = (BYTE)uCurrChannel;
3349 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3351 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3352 sFrame.len += (2) + WLAN_IEHDR_LEN;
3353 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3354 sFrame.pIBSSParms->len = 2;
3355 sFrame.pIBSSParms->wATIMWindow = 0;
3357 if (pDevice->byBBType == BB_TYPE_11G) {
3358 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3359 sFrame.len += 1 + WLAN_IEHDR_LEN;
3360 sFrame.pERP->byElementID = WLAN_EID_ERP;
3361 sFrame.pERP->len = 1;
3362 sFrame.pERP->byContext = 0;
3363 if (pDevice->bProtectMode == TRUE)
3364 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3365 if (pDevice->bNonERPPresent == TRUE)
3366 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3367 if (pDevice->bBarkerPreambleMd == TRUE)
3368 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3371 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3372 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3373 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3374 memcpy(sFrame.pExtSuppRates,
3376 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3380 // hostapd wpa/wpa2 IE
3381 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnableHostapd == TRUE)) {
3382 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3383 if (pMgmt->wWPAIELen != 0) {
3384 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3385 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3386 sFrame.len += pMgmt->wWPAIELen;
3391 // Adjust the length fields
3392 pTxPacket->cbMPDULen = sFrame.len;
3393 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3402 * Routine Description:
3403 * Constructs an association request frame
3407 * A ptr to frame or NULL on allocation failue
3413 s_MgrMakeAssocRequest(
3418 WORD wListenInterval,
3419 PWLAN_IE_SSID pCurrSSID,
3420 PWLAN_IE_SUPP_RATES pCurrRates,
3421 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3424 PSTxMgmtPacket pTxPacket = NULL;
3425 WLAN_FR_ASSOCREQ sFrame;
3430 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3431 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3432 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3433 // Setup the sFrame structure.
3434 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3435 sFrame.len = WLAN_ASSOCREQ_FR_MAXLEN;
3436 // format fixed field frame structure
3437 vMgrEncodeAssocRequest(&sFrame);
3439 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3441 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3442 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCREQ)
3444 memcpy( sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3445 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3446 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3448 // Set the capability and listen interval
3449 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3450 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3452 // sFrame.len point to end of fixed field
3453 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3454 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3455 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3457 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3458 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3459 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3460 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3461 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3463 // Copy the rate set
3464 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3465 if ((pDevice->byBBType == BB_TYPE_11B) && (pCurrRates->len > 4))
3466 sFrame.len += 4 + WLAN_IEHDR_LEN;
3468 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3469 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3471 // Copy the extension rate set
3472 if ((pDevice->byBBType == BB_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3473 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3474 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3475 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3478 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3479 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3480 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3483 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3484 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3485 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3486 (pMgmt->pCurrBSS != NULL)) {
3488 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3489 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3490 sFrame.pRSNWPA->len = 16;
3491 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3492 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3493 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3494 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3495 sFrame.pRSNWPA->wVersion = 1;
3496 //Group Key Cipher Suite
3497 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3498 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3499 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3500 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3501 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3502 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3503 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3504 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3505 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3507 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3509 // Pairwise Key Cipher Suite
3510 sFrame.pRSNWPA->wPKCount = 1;
3511 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3512 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3513 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3514 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3515 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3516 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3517 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3519 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3521 // Auth Key Management Suite
3522 pbyRSN = (PBYTE)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3529 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) {
3530 *pbyRSN++=WPA_AUTH_PSK;
3532 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA) {
3533 *pbyRSN++=WPA_AUTH_IEEE802_1X;
3539 sFrame.pRSNWPA->len +=6;
3545 sFrame.pRSNWPA->len +=2;
3547 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3548 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3549 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3550 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3551 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3553 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3554 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3555 (pMgmt->pCurrBSS != NULL)) {
3560 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3561 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3562 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3563 sFrame.pRSN->wVersion = 1;
3564 //Group Key Cipher Suite
3565 sFrame.pRSN->abyRSN[0] = 0x00;
3566 sFrame.pRSN->abyRSN[1] = 0x0F;
3567 sFrame.pRSN->abyRSN[2] = 0xAC;
3568 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3569 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3570 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3571 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3572 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3573 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3575 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3578 // Pairwise Key Cipher Suite
3579 sFrame.pRSN->abyRSN[4] = 1;
3580 sFrame.pRSN->abyRSN[5] = 0;
3581 sFrame.pRSN->abyRSN[6] = 0x00;
3582 sFrame.pRSN->abyRSN[7] = 0x0F;
3583 sFrame.pRSN->abyRSN[8] = 0xAC;
3584 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3585 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3586 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3587 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3588 } else if (pMgmt->byCSSPK == KEY_CTL_NONE) {
3589 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3591 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3593 sFrame.pRSN->len += 6;
3595 // Auth Key Management Suite
3596 sFrame.pRSN->abyRSN[10] = 1;
3597 sFrame.pRSN->abyRSN[11] = 0;
3598 sFrame.pRSN->abyRSN[12] = 0x00;
3599 sFrame.pRSN->abyRSN[13] = 0x0F;
3600 sFrame.pRSN->abyRSN[14] = 0xAC;
3601 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK) {
3602 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3603 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
3604 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3606 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3608 sFrame.pRSN->len +=6;
3611 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist == TRUE) {
3612 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3614 sFrame.pRSN->abyRSN[16] = 0;
3615 sFrame.pRSN->abyRSN[17] = 0;
3617 sFrame.pRSN->len +=2;
3619 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && (pDevice->bRoaming == TRUE) && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3621 pbyRSN = &sFrame.pRSN->abyRSN[18];
3622 pwPMKID = (PWORD)pbyRSN; // Point to PMKID count
3623 *pwPMKID = 0; // Initialize PMKID count
3624 pbyRSN += 2; // Point to PMKID list
3625 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3626 if (!memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0],
3627 pMgmt->abyCurrBSSID,
3631 pDevice->gsPMKID.BSSIDInfo[ii].PMKID,
3636 if (*pwPMKID != 0) {
3637 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
3641 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3642 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3643 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3644 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3645 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3649 // Adjust the length fields
3650 pTxPacket->cbMPDULen = sFrame.len;
3651 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3664 * Routine Description:
3665 * Constructs an re-association request frame
3669 * A ptr to frame or NULL on allocation failure
3675 s_MgrMakeReAssocRequest(
3680 WORD wListenInterval,
3681 PWLAN_IE_SSID pCurrSSID,
3682 PWLAN_IE_SUPP_RATES pCurrRates,
3683 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3686 PSTxMgmtPacket pTxPacket = NULL;
3687 WLAN_FR_REASSOCREQ sFrame;
3692 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3693 memset( pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_REASSOCREQ_FR_MAXLEN);
3694 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3695 /* Setup the sFrame structure. */
3696 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3697 sFrame.len = WLAN_REASSOCREQ_FR_MAXLEN;
3699 // format fixed field frame structure
3700 vMgrEncodeReassocRequest(&sFrame);
3702 /* Setup the header */
3703 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3705 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3706 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCREQ)
3708 memcpy( sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3709 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3710 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3712 /* Set the capability and listen interval */
3713 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3714 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3716 memcpy(sFrame.pAddrCurrAP, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3718 /* sFrame.len point to end of fixed field */
3719 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3720 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3721 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3723 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3724 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3725 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3726 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3727 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3729 /* Copy the rate set */
3730 /* sFrame.len point to end of SSID */
3731 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3732 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3733 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3735 // Copy the extension rate set
3736 if ((pMgmt->eCurrentPHYMode == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3737 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3738 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3739 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3742 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3743 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3744 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3746 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3747 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3748 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3749 (pMgmt->pCurrBSS != NULL)) {
3751 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3752 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3753 sFrame.pRSNWPA->len = 16;
3754 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3755 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3756 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3757 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3758 sFrame.pRSNWPA->wVersion = 1;
3759 //Group Key Cipher Suite
3760 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3761 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3762 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3763 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3764 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3765 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3766 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3767 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3768 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3770 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3772 // Pairwise Key Cipher Suite
3773 sFrame.pRSNWPA->wPKCount = 1;
3774 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3775 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3776 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3777 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3778 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3779 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3780 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3782 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3784 // Auth Key Management Suite
3785 pbyRSN = (PBYTE)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3792 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) {
3793 *pbyRSN++=WPA_AUTH_PSK;
3794 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA) {
3795 *pbyRSN++=WPA_AUTH_IEEE802_1X;
3800 sFrame.pRSNWPA->len +=6;
3805 sFrame.pRSNWPA->len +=2;
3807 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3808 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3809 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3810 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3811 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3813 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3814 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3815 (pMgmt->pCurrBSS != NULL)) {
3820 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3821 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3822 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3823 sFrame.pRSN->wVersion = 1;
3824 //Group Key Cipher Suite
3825 sFrame.pRSN->abyRSN[0] = 0x00;
3826 sFrame.pRSN->abyRSN[1] = 0x0F;
3827 sFrame.pRSN->abyRSN[2] = 0xAC;
3828 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3829 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3830 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3831 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3832 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3833 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3835 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3838 // Pairwise Key Cipher Suite
3839 sFrame.pRSN->abyRSN[4] = 1;
3840 sFrame.pRSN->abyRSN[5] = 0;
3841 sFrame.pRSN->abyRSN[6] = 0x00;
3842 sFrame.pRSN->abyRSN[7] = 0x0F;
3843 sFrame.pRSN->abyRSN[8] = 0xAC;
3844 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3845 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3846 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3847 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3848 } else if (pMgmt->byCSSPK == KEY_CTL_NONE) {
3849 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3851 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3853 sFrame.pRSN->len += 6;
3855 // Auth Key Management Suite
3856 sFrame.pRSN->abyRSN[10] = 1;
3857 sFrame.pRSN->abyRSN[11] = 0;
3858 sFrame.pRSN->abyRSN[12] = 0x00;
3859 sFrame.pRSN->abyRSN[13] = 0x0F;
3860 sFrame.pRSN->abyRSN[14] = 0xAC;
3861 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK) {
3862 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3863 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
3864 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3866 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3868 sFrame.pRSN->len +=6;
3871 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist == TRUE) {
3872 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3874 sFrame.pRSN->abyRSN[16] = 0;
3875 sFrame.pRSN->abyRSN[17] = 0;
3877 sFrame.pRSN->len +=2;
3879 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && (pDevice->bRoaming == TRUE) && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3881 pbyRSN = &sFrame.pRSN->abyRSN[18];
3882 pwPMKID = (PWORD)pbyRSN; // Point to PMKID count
3883 *pwPMKID = 0; // Initialize PMKID count
3884 pbyRSN += 2; // Point to PMKID list
3885 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3886 if (!memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0],
3887 pMgmt->abyCurrBSSID,
3891 pDevice->gsPMKID.BSSIDInfo[ii].PMKID,
3896 if (*pwPMKID != 0) {
3897 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
3901 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3902 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3903 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3904 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3905 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3910 /* Adjust the length fields */
3911 pTxPacket->cbMPDULen = sFrame.len;
3912 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3919 * Routine Description:
3920 * Constructs an assoc-response frame
3924 * PTR to frame; or NULL on allocation failure
3929 s_MgrMakeAssocResponse(
3936 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3937 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3940 PSTxMgmtPacket pTxPacket = NULL;
3941 WLAN_FR_ASSOCRESP sFrame;
3944 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3945 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3946 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3947 // Setup the sFrame structure
3948 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3949 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
3950 vMgrEncodeAssocResponse(&sFrame);
3952 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3954 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3955 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCRESP)
3957 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3958 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3959 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3961 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3962 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
3963 *sFrame.pwAid = cpu_to_le16((WORD)(wAssocAID | BIT14 | BIT15));
3965 // Copy the rate set
3966 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3967 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3968 memcpy(sFrame.pSuppRates,
3970 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3973 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3974 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3975 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3976 memcpy(sFrame.pExtSuppRates,
3978 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3982 // Adjust the length fields
3983 pTxPacket->cbMPDULen = sFrame.len;
3984 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3992 * Routine Description:
3993 * Constructs an reassoc-response frame
3997 * PTR to frame; or NULL on allocation failure
4003 s_MgrMakeReAssocResponse(
4010 PWLAN_IE_SUPP_RATES pCurrSuppRates,
4011 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
4014 PSTxMgmtPacket pTxPacket = NULL;
4015 WLAN_FR_REASSOCRESP sFrame;
4018 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
4019 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
4020 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
4021 // Setup the sFrame structure
4022 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
4023 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
4024 vMgrEncodeReassocResponse(&sFrame);
4026 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
4028 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
4029 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCRESP)
4031 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
4032 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
4033 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
4035 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
4036 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
4037 *sFrame.pwAid = cpu_to_le16((WORD)(wAssocAID | BIT14 | BIT15));
4039 // Copy the rate set
4040 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4041 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
4042 memcpy(sFrame.pSuppRates,
4044 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
4047 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
4048 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4049 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
4050 memcpy(sFrame.pExtSuppRates,
4052 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
4056 // Adjust the length fields
4057 pTxPacket->cbMPDULen = sFrame.len;
4058 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
4066 * Routine Description:
4067 * Handles probe response management frames.
4077 s_vMgrRxProbeResponse(
4080 PSRxMgmtPacket pRxPacket
4083 PKnownBSS pBSSList = NULL;
4084 WLAN_FR_PROBERESP sFrame;
4085 BYTE byCurrChannel = pRxPacket->byRxChannel;
4087 BOOL bChannelHit = TRUE;
4090 memset(&sFrame, 0, sizeof(WLAN_FR_PROBERESP));
4092 sFrame.len = pRxPacket->cbMPDULen;
4093 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
4094 vMgrDecodeProbeResponse(&sFrame);
4096 if ((sFrame.pqwTimestamp == NULL)
4097 || (sFrame.pwBeaconInterval == NULL)
4098 || (sFrame.pwCapInfo == NULL)
4099 || (sFrame.pSSID == NULL)
4100 || (sFrame.pSuppRates == NULL)) {
4102 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe resp:Fail addr:[%p]\n",
4103 pRxPacket->p80211Header);
4108 if(sFrame.pSSID->len == 0)
4109 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx Probe resp: SSID len = 0 \n");
4112 //{{ RobertYu:20050201, 11a byCurrChannel != sFrame.pDSParms->byCurrChannel mapping
4113 if( byCurrChannel > CB_MAX_CHANNEL_24G )
4115 if (sFrame.pDSParms) {
4116 if (byCurrChannel ==
4117 RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1])
4120 RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1];
4125 if (sFrame.pDSParms) {
4126 if (byCurrChannel == sFrame.pDSParms->byCurrChannel)
4128 byCurrChannel = sFrame.pDSParms->byCurrChannel;
4135 if(ChannelExceedZoneType(pDevice,byCurrChannel)==TRUE)
4139 sERP.byERP = sFrame.pERP->byContext;
4140 sERP.bERPExist = TRUE;
4142 sERP.bERPExist = FALSE;
4147 // update or insert the bss
4148 pBSSList = BSSpAddrIsInBSSList((void *) pDevice,
4149 sFrame.pHdr->sA3.abyAddr3,
4152 BSSbUpdateToBSSList((void *) pDevice,
4153 *sFrame.pqwTimestamp,
4154 *sFrame.pwBeaconInterval,
4160 sFrame.pExtSuppRates,
4167 sFrame.len - WLAN_HDR_ADDR3_LEN,
4168 /* payload of probresponse */
4169 sFrame.pHdr->sA4.abyAddr4,
4170 (void *) pRxPacket);
4172 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Probe resp/insert: RxChannel = : %d\n", byCurrChannel);
4173 BSSbInsertToBSSList((void *) pDevice,
4174 sFrame.pHdr->sA3.abyAddr3,
4175 *sFrame.pqwTimestamp,
4176 *sFrame.pwBeaconInterval,
4181 sFrame.pExtSuppRates,
4187 sFrame.len - WLAN_HDR_ADDR3_LEN,
4188 sFrame.pHdr->sA4.abyAddr4, /* payload of beacon */
4189 (void *) pRxPacket);
4197 * Routine Description:(AP)or(Ad-hoc STA)
4198 * Handles probe request management frames.
4209 s_vMgrRxProbeRequest(
4212 PSRxMgmtPacket pRxPacket
4215 WLAN_FR_PROBEREQ sFrame;
4217 PSTxMgmtPacket pTxPacket;
4218 BYTE byPHYType = BB_TYPE_11B;
4220 // STA in Ad-hoc mode: when latest TBTT beacon transmit success,
4221 // STA have to response this request.
4222 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) ||
4223 ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && pDevice->bBeaconSent)) {
4225 memset(&sFrame, 0, sizeof(WLAN_FR_PROBEREQ));
4227 sFrame.len = pRxPacket->cbMPDULen;
4228 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
4229 vMgrDecodeProbeRequest(&sFrame);
4231 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe request rx:MAC addr:%pM\n",
4232 sFrame.pHdr->sA3.abyAddr2);
4234 if (sFrame.pSSID->len != 0) {
4235 if (sFrame.pSSID->len != ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len)
4237 if (memcmp(sFrame.pSSID->abySSID,
4238 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
4239 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) != 0) {
4244 if ((sFrame.pSuppRates->len > 4) || (sFrame.pExtSuppRates != NULL)) {
4245 byPHYType = BB_TYPE_11G;
4248 // Probe response reply..
4249 pTxPacket = s_MgrMakeProbeResponse
4253 pMgmt->wCurrCapInfo,
4254 pMgmt->wCurrBeaconPeriod,
4255 pMgmt->uCurrChannel,
4257 sFrame.pHdr->sA3.abyAddr2,
4258 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4259 (PBYTE)pMgmt->abyCurrBSSID,
4260 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4261 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
4264 if (pTxPacket != NULL ){
4265 /* send the frame */
4266 Status = csMgmt_xmit(pDevice, pTxPacket);
4267 if (Status != CMD_STATUS_PENDING) {
4268 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Probe response tx failed\n");
4271 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Probe response tx sending..\n");
4281 * Routine Description:
4283 * Entry point for the reception and handling of 802.11 management
4284 * frames. Makes a determination of the frame type and then calls
4285 * the appropriate function.
4293 void vMgrRxManagePacket(void *hDeviceContext,
4295 PSRxMgmtPacket pRxPacket)
4297 PSDevice pDevice = (PSDevice)hDeviceContext;
4298 BOOL bInScan = FALSE;
4299 unsigned int uNodeIndex = 0;
4300 NODE_STATE eNodeState = 0;
4304 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
4305 if (BSSbIsSTAInNodeDB(pDevice, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
4306 eNodeState = pMgmt->sNodeDBTable[uNodeIndex].eNodeState;
4309 switch( WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) ){
4311 case WLAN_FSTYPE_ASSOCREQ:
4313 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocreq\n");
4314 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) &&
4315 (eNodeState < NODE_AUTH)) {
4316 // send deauth notification
4317 // reason = (6) class 2 received from nonauth sta
4318 vMgrDeAuthenBeginSta(pDevice,
4320 pRxPacket->p80211Header->sA3.abyAddr2,
4324 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 1\n");
4327 s_vMgrRxAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4331 case WLAN_FSTYPE_ASSOCRESP:
4333 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp1\n");
4334 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, FALSE);
4335 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp2\n");
4338 case WLAN_FSTYPE_REASSOCREQ:
4340 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocreq\n");
4342 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) &&
4343 (eNodeState < NODE_AUTH)) {
4344 // send deauth notification
4345 // reason = (6) class 2 received from nonauth sta
4346 vMgrDeAuthenBeginSta(pDevice,
4348 pRxPacket->p80211Header->sA3.abyAddr2,
4352 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 2\n");
4355 s_vMgrRxReAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4358 case WLAN_FSTYPE_REASSOCRESP:
4360 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocresp\n");
4361 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, TRUE);
4364 case WLAN_FSTYPE_PROBEREQ:
4366 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx probereq\n");
4367 s_vMgrRxProbeRequest(pDevice, pMgmt, pRxPacket);
4370 case WLAN_FSTYPE_PROBERESP:
4372 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx proberesp\n");
4374 s_vMgrRxProbeResponse(pDevice, pMgmt, pRxPacket);
4377 case WLAN_FSTYPE_BEACON:
4379 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx beacon\n");
4380 if (pMgmt->eScanState != WMAC_NO_SCANNING) {
4383 s_vMgrRxBeacon(pDevice, pMgmt, pRxPacket, bInScan);
4386 case WLAN_FSTYPE_ATIM:
4388 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx atim\n");
4391 case WLAN_FSTYPE_DISASSOC:
4393 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx disassoc\n");
4394 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) &&
4395 (eNodeState < NODE_AUTH)) {
4396 // send deauth notification
4397 // reason = (6) class 2 received from nonauth sta
4398 vMgrDeAuthenBeginSta(pDevice,
4400 pRxPacket->p80211Header->sA3.abyAddr2,
4404 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 3\n");
4406 s_vMgrRxDisassociation(pDevice, pMgmt, pRxPacket);
4409 case WLAN_FSTYPE_AUTHEN:
4411 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx authen\n");
4412 s_vMgrRxAuthentication(pDevice, pMgmt, pRxPacket);
4415 case WLAN_FSTYPE_DEAUTHEN:
4417 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx deauthen\n");
4418 s_vMgrRxDeauthentication(pDevice, pMgmt, pRxPacket);
4422 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx unknown mgmt\n");
4430 * Routine Description:
4433 * Prepare beacon to send
4436 * TRUE if success; FALSE if failed.
4439 BOOL bMgrPrepareBeaconToSend(void *hDeviceContext, PSMgmtObject pMgmt)
4441 PSDevice pDevice = (PSDevice)hDeviceContext;
4442 PSTxMgmtPacket pTxPacket;
4444 // pDevice->bBeaconBufReady = FALSE;
4445 if (pDevice->bEncryptionEnable || pDevice->bEnable8021x){
4446 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
4449 pMgmt->wCurrCapInfo &= ~WLAN_SET_CAP_INFO_PRIVACY(1);
4451 pTxPacket = s_MgrMakeBeacon
4455 pMgmt->wCurrCapInfo,
4456 pMgmt->wCurrBeaconPeriod,
4457 pMgmt->uCurrChannel,
4458 pMgmt->wCurrATIMWindow, //0,
4459 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4460 (PBYTE)pMgmt->abyCurrBSSID,
4461 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4462 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
4465 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) &&
4466 (pMgmt->abyCurrBSSID[0] == 0))
4469 csBeacon_xmit(pDevice, pTxPacket);
4470 MACvRegBitsOn(pDevice, MAC_REG_TCR, TCR_AUTOBCNTX);
4480 * Routine Description:
4482 * Log a warning message based on the contents of the Status
4483 * Code field of an 802.11 management frame. Defines are
4484 * derived from 802.11-1997 SPEC.
4498 case WLAN_MGMT_STATUS_UNSPEC_FAILURE:
4499 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Unspecified error.\n");
4501 case WLAN_MGMT_STATUS_CAPS_UNSUPPORTED:
4502 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Can't support all requested capabilities.\n");
4504 case WLAN_MGMT_STATUS_REASSOC_NO_ASSOC:
4505 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Reassoc denied, can't confirm original Association.\n");
4507 case WLAN_MGMT_STATUS_ASSOC_DENIED_UNSPEC:
4508 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, undefine in spec\n");
4510 case WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG:
4511 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Peer doesn't support authen algorithm.\n");
4513 case WLAN_MGMT_STATUS_RX_AUTH_NOSEQ:
4514 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen frame received out of sequence.\n");
4516 case WLAN_MGMT_STATUS_CHALLENGE_FAIL:
4517 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, challenge failure.\n");
4519 case WLAN_MGMT_STATUS_AUTH_TIMEOUT:
4520 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, timeout waiting for next frame.\n");
4522 case WLAN_MGMT_STATUS_ASSOC_DENIED_BUSY:
4523 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, AP too busy.\n");
4525 case WLAN_MGMT_STATUS_ASSOC_DENIED_RATES:
4526 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we haven't enough basic rates.\n");
4528 case WLAN_MGMT_STATUS_ASSOC_DENIED_SHORTPREAMBLE:
4529 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support short preamble.\n");
4531 case WLAN_MGMT_STATUS_ASSOC_DENIED_PBCC:
4532 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support PBCC.\n");
4534 case WLAN_MGMT_STATUS_ASSOC_DENIED_AGILITY:
4535 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support channel agility.\n");
4538 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Unknown status code %d.\n", wStatus);
4546 * Add BSSID in PMKID Candidate list.
4550 * hDeviceContext - device structure point
4551 * pbyBSSID - BSSID address for adding
4552 * wRSNCap - BSS's RSN capability
4556 * Return Value: none.
4560 BOOL bAdd_PMKID_Candidate(void *hDeviceContext,
4562 PSRSNCapObject psRSNCapObj)
4564 PSDevice pDevice = (PSDevice)hDeviceContext;
4565 PPMKID_CANDIDATE pCandidateList;
4566 unsigned int ii = 0;
4568 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"bAdd_PMKID_Candidate START: (%d)\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4570 if ((pDevice == NULL) || (pbyBSSID == NULL) || (psRSNCapObj == NULL))
4573 if (pDevice->gsPMKIDCandidate.NumCandidates >= MAX_PMKIDLIST)
4578 // Update Old Candidate
4579 for (ii = 0; ii < pDevice->gsPMKIDCandidate.NumCandidates; ii++) {
4580 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[ii];
4581 if (!memcmp(pCandidateList->BSSID, pbyBSSID, ETH_ALEN)) {
4582 if ((psRSNCapObj->bRSNCapExist == TRUE)
4583 && (psRSNCapObj->wRSNCap & BIT0)) {
4584 pCandidateList->Flags |=
4585 NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4587 pCandidateList->Flags &=
4588 ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4595 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[pDevice->gsPMKIDCandidate.NumCandidates];
4596 if ((psRSNCapObj->bRSNCapExist == TRUE) && (psRSNCapObj->wRSNCap & BIT0)) {
4597 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4599 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4601 memcpy(pCandidateList->BSSID, pbyBSSID, ETH_ALEN);
4602 pDevice->gsPMKIDCandidate.NumCandidates++;
4603 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"NumCandidates:%d\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4610 * Flush PMKID Candidate list.
4614 * hDeviceContext - device structure point
4618 * Return Value: none.
4622 void vFlush_PMKID_Candidate(void *hDeviceContext)
4624 PSDevice pDevice = (PSDevice)hDeviceContext;
4626 if (pDevice == NULL)
4629 memset(&pDevice->gsPMKIDCandidate, 0, sizeof(SPMKIDCandidateEvent));
4635 NDIS_802_11_ENCRYPTION_STATUS EncStatus,
4640 BYTE byMulticastCipher = KEY_CTL_INVALID;
4641 BYTE byCipherMask = 0x00;
4644 if (pBSSNode == NULL)
4647 // check cap. of BSS
4648 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4649 (EncStatus == Ndis802_11Encryption1Enabled)) {
4650 // default is WEP only
4651 byMulticastCipher = KEY_CTL_WEP;
4654 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4655 (pBSSNode->bWPA2Valid == TRUE) &&
4657 ((EncStatus == Ndis802_11Encryption3Enabled) ||
4658 (EncStatus == Ndis802_11Encryption2Enabled))) {
4660 // check Group Key Cipher
4661 if ((pBSSNode->byCSSGK == WLAN_11i_CSS_WEP40) ||
4662 (pBSSNode->byCSSGK == WLAN_11i_CSS_WEP104)) {
4663 byMulticastCipher = KEY_CTL_WEP;
4664 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_TKIP) {
4665 byMulticastCipher = KEY_CTL_TKIP;
4666 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_CCMP) {
4667 byMulticastCipher = KEY_CTL_CCMP;
4669 byMulticastCipher = KEY_CTL_INVALID;
4672 /* check Pairwise Key Cipher */
4673 for (i = 0; i < pBSSNode->wCSSPKCount; i++) {
4674 if ((pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP40) ||
4675 (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP104)) {
4676 /* this should not happen as defined 802.11i */
4677 byCipherMask |= 0x01;
4678 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_TKIP) {
4679 byCipherMask |= 0x02;
4680 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_CCMP) {
4681 byCipherMask |= 0x04;
4682 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_USE_GROUP) {
4683 /* use group key only ignore all others */
4685 i = pBSSNode->wCSSPKCount;
4689 } else if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4690 (pBSSNode->bWPAValid == TRUE) &&
4691 ((EncStatus == Ndis802_11Encryption2Enabled) || (EncStatus == Ndis802_11Encryption3Enabled))) {
4693 // check Group Key Cipher
4694 if ((pBSSNode->byGKType == WPA_WEP40) ||
4695 (pBSSNode->byGKType == WPA_WEP104)) {
4696 byMulticastCipher = KEY_CTL_WEP;
4697 } else if (pBSSNode->byGKType == WPA_TKIP) {
4698 byMulticastCipher = KEY_CTL_TKIP;
4699 } else if (pBSSNode->byGKType == WPA_AESCCMP) {
4700 byMulticastCipher = KEY_CTL_CCMP;
4702 byMulticastCipher = KEY_CTL_INVALID;
4705 /* check Pairwise Key Cipher */
4706 for (i = 0; i < pBSSNode->wPKCount; i++) {
4707 if (pBSSNode->abyPKType[i] == WPA_TKIP) {
4708 byCipherMask |= 0x02;
4709 } else if (pBSSNode->abyPKType[i] == WPA_AESCCMP) {
4710 byCipherMask |= 0x04;
4711 } else if (pBSSNode->abyPKType[i] == WPA_NONE) {
4712 /* use group key only ignore all others */
4714 i = pBSSNode->wPKCount;
4719 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"%d, %d, %d, %d, EncStatus:%d\n",
4720 byMulticastCipher, byCipherMask, pBSSNode->bWPAValid, pBSSNode->bWPA2Valid, EncStatus);
4722 // mask our cap. with BSS
4723 if (EncStatus == Ndis802_11Encryption1Enabled) {
4725 // For supporting Cisco migration mode, don't care pairwise key cipher
4726 //if ((byMulticastCipher == KEY_CTL_WEP) &&
4727 // (byCipherMask == 0)) {
4728 if ((byMulticastCipher == KEY_CTL_WEP) &&
4729 (byCipherMask == 0)) {
4730 *pbyCCSGK = KEY_CTL_WEP;
4731 *pbyCCSPK = KEY_CTL_NONE;
4737 } else if (EncStatus == Ndis802_11Encryption2Enabled) {
4738 if ((byMulticastCipher == KEY_CTL_TKIP) &&
4739 (byCipherMask == 0)) {
4740 *pbyCCSGK = KEY_CTL_TKIP;
4741 *pbyCCSPK = KEY_CTL_NONE;
4743 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4744 ((byCipherMask & 0x02) != 0)) {
4745 *pbyCCSGK = KEY_CTL_WEP;
4746 *pbyCCSPK = KEY_CTL_TKIP;
4748 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4749 ((byCipherMask & 0x02) != 0)) {
4750 *pbyCCSGK = KEY_CTL_TKIP;
4751 *pbyCCSPK = KEY_CTL_TKIP;
4756 } else if (EncStatus == Ndis802_11Encryption3Enabled) {
4757 if ((byMulticastCipher == KEY_CTL_CCMP) &&
4758 (byCipherMask == 0)) {
4759 // When CCMP is enable, "Use group cipher suite" shall not be a valid option.
4761 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4762 ((byCipherMask & 0x04) != 0)) {
4763 *pbyCCSGK = KEY_CTL_WEP;
4764 *pbyCCSPK = KEY_CTL_CCMP;
4766 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4767 ((byCipherMask & 0x04) != 0)) {
4768 *pbyCCSGK = KEY_CTL_TKIP;
4769 *pbyCCSPK = KEY_CTL_CCMP;
4771 } else if ((byMulticastCipher == KEY_CTL_CCMP) &&
4772 ((byCipherMask & 0x04) != 0)) {
4773 *pbyCCSGK = KEY_CTL_CCMP;
4774 *pbyCCSPK = KEY_CTL_CCMP;