2 * This file contains the softmac's authentication logic.
4 * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net>
5 * Joseph Jezak <josejx@gentoo.org>
6 * Larry Finger <Larry.Finger@lwfinger.net>
7 * Danny van Dyk <kugelfang@gentoo.org>
8 * Michael Buesch <mbuesch@freenet.de>
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of version 2 of the GNU General Public License as
12 * published by the Free Software Foundation.
14 * This program is distributed in the hope that it will be useful, but WITHOUT
15 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
16 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
23 * The full GNU General Public License is included in this distribution in the
24 * file called COPYING.
27 #include "ieee80211softmac_priv.h"
29 static void ieee80211softmac_auth_queue(struct work_struct
*work
);
31 /* Queues an auth request to the desired AP */
33 ieee80211softmac_auth_req(struct ieee80211softmac_device
*mac
,
34 struct ieee80211softmac_network
*net
)
36 struct ieee80211softmac_auth_queue_item
*auth
;
39 if (net
->authenticating
|| net
->authenticated
)
41 net
->authenticating
= 1;
43 /* Add the network if it's not already added */
44 ieee80211softmac_add_network(mac
, net
);
46 dprintk(KERN_NOTICE PFX
"Queueing Authentication Request to "MAC_FMT
"\n", MAC_ARG(net
->bssid
));
47 /* Queue the auth request */
48 auth
= (struct ieee80211softmac_auth_queue_item
*)
49 kmalloc(sizeof(struct ieee80211softmac_auth_queue_item
), GFP_KERNEL
);
55 auth
->retry
= IEEE80211SOFTMAC_AUTH_RETRY_LIMIT
;
56 auth
->state
= IEEE80211SOFTMAC_AUTH_OPEN_REQUEST
;
57 INIT_DELAYED_WORK(&auth
->work
, ieee80211softmac_auth_queue
);
60 spin_lock_irqsave(&mac
->lock
, flags
);
63 list_add_tail(&auth
->list
, &mac
->auth_queue
);
64 schedule_delayed_work(&auth
->work
, 0);
65 spin_unlock_irqrestore(&mac
->lock
, flags
);
71 /* Sends an auth request to the desired AP and handles timeouts */
73 ieee80211softmac_auth_queue(struct work_struct
*work
)
75 struct ieee80211softmac_device
*mac
;
76 struct ieee80211softmac_auth_queue_item
*auth
;
77 struct ieee80211softmac_network
*net
;
80 auth
= container_of(work
, struct ieee80211softmac_auth_queue_item
,
86 /* Switch to correct channel for this network */
87 mac
->set_channel(mac
->dev
, net
->channel
);
89 /* Lock and set flags */
90 spin_lock_irqsave(&mac
->lock
, flags
);
91 if (unlikely(!mac
->running
)) {
92 /* Prevent reschedule on workqueue flush */
93 spin_unlock_irqrestore(&mac
->lock
, flags
);
96 net
->authenticated
= 0;
97 /* add a timeout call so we eventually give up waiting for an auth reply */
98 schedule_delayed_work(&auth
->work
, IEEE80211SOFTMAC_AUTH_TIMEOUT
);
100 spin_unlock_irqrestore(&mac
->lock
, flags
);
101 if (ieee80211softmac_send_mgt_frame(mac
, auth
->net
, IEEE80211_STYPE_AUTH
, auth
->state
))
102 dprintk(KERN_NOTICE PFX
"Sending Authentication Request to "MAC_FMT
" failed (this shouldn't happen, wait for the timeout).\n", MAC_ARG(net
->bssid
));
104 dprintk(KERN_NOTICE PFX
"Sent Authentication Request to "MAC_FMT
".\n", MAC_ARG(net
->bssid
));
108 printkl(KERN_WARNING PFX
"Authentication timed out with "MAC_FMT
"\n", MAC_ARG(net
->bssid
));
109 /* Remove this item from the queue */
110 spin_lock_irqsave(&mac
->lock
, flags
);
111 net
->authenticating
= 0;
112 ieee80211softmac_call_events_locked(mac
, IEEE80211SOFTMAC_EVENT_AUTH_TIMEOUT
, net
);
113 cancel_delayed_work(&auth
->work
); /* just to make sure... */
114 list_del(&auth
->list
);
115 spin_unlock_irqrestore(&mac
->lock
, flags
);
120 /* Sends a response to an auth challenge (for shared key auth). */
122 ieee80211softmac_auth_challenge_response(struct work_struct
*work
)
124 struct ieee80211softmac_auth_queue_item
*aq
=
125 container_of(work
, struct ieee80211softmac_auth_queue_item
,
128 /* Send our response */
129 ieee80211softmac_send_mgt_frame(aq
->mac
, aq
->net
, IEEE80211_STYPE_AUTH
, aq
->state
);
132 /* Handle the auth response from the AP
133 * This should be registered with ieee80211 as handle_auth
136 ieee80211softmac_auth_resp(struct net_device
*dev
, struct ieee80211_auth
*auth
)
139 struct list_head
*list_ptr
;
140 struct ieee80211softmac_device
*mac
= ieee80211_priv(dev
);
141 struct ieee80211softmac_auth_queue_item
*aq
= NULL
;
142 struct ieee80211softmac_network
*net
= NULL
;
146 if (unlikely(!mac
->running
))
149 /* Find correct auth queue item */
150 spin_lock_irqsave(&mac
->lock
, flags
);
151 list_for_each(list_ptr
, &mac
->auth_queue
) {
152 aq
= list_entry(list_ptr
, struct ieee80211softmac_auth_queue_item
, list
);
154 if (!memcmp(net
->bssid
, auth
->header
.addr2
, ETH_ALEN
))
159 spin_unlock_irqrestore(&mac
->lock
, flags
);
161 /* Make sure that we've got an auth queue item for this request */
164 printkl(KERN_DEBUG PFX
"Authentication response received from "MAC_FMT
" but no queue item exists.\n", MAC_ARG(auth
->header
.addr2
));
169 /* Check for out of order authentication */
170 if(!net
->authenticating
)
172 printkl(KERN_DEBUG PFX
"Authentication response received from "MAC_FMT
" but did not request authentication.\n",MAC_ARG(auth
->header
.addr2
));
176 /* Parse the auth packet */
177 switch(auth
->algorithm
) {
179 /* Check the status code of the response */
181 switch(auth
->status
) {
182 case WLAN_STATUS_SUCCESS
:
183 /* Update the status to Authenticated */
184 spin_lock_irqsave(&mac
->lock
, flags
);
185 net
->authenticating
= 0;
186 net
->authenticated
= 1;
187 spin_unlock_irqrestore(&mac
->lock
, flags
);
190 printkl(KERN_NOTICE PFX
"Open Authentication completed with "MAC_FMT
"\n", MAC_ARG(net
->bssid
));
191 ieee80211softmac_call_events(mac
, IEEE80211SOFTMAC_EVENT_AUTHENTICATED
, net
);
194 /* Lock and reset flags */
195 spin_lock_irqsave(&mac
->lock
, flags
);
196 net
->authenticated
= 0;
197 net
->authenticating
= 0;
198 spin_unlock_irqrestore(&mac
->lock
, flags
);
200 printkl(KERN_NOTICE PFX
"Open Authentication with "MAC_FMT
" failed, error code: %i\n",
201 MAC_ARG(net
->bssid
), le16_to_cpup(&auth
->status
));
202 /* Count the error? */
207 case WLAN_AUTH_SHARED_KEY
:
208 /* Figure out where we are in the process */
209 switch(auth
->transaction
) {
210 case IEEE80211SOFTMAC_AUTH_SHARED_CHALLENGE
:
211 /* Check to make sure we have a challenge IE */
212 data
= (u8
*)auth
->info_element
;
213 if (*data
++ != MFIE_TYPE_CHALLENGE
) {
214 printkl(KERN_NOTICE PFX
"Shared Key Authentication failed due to a missing challenge.\n");
217 /* Save the challenge */
218 spin_lock_irqsave(&mac
->lock
, flags
);
219 net
->challenge_len
= *data
++;
220 if (net
->challenge_len
> WLAN_AUTH_CHALLENGE_LEN
)
221 net
->challenge_len
= WLAN_AUTH_CHALLENGE_LEN
;
222 if (net
->challenge
!= NULL
)
223 kfree(net
->challenge
);
224 net
->challenge
= kmalloc(net
->challenge_len
, GFP_ATOMIC
);
225 memcpy(net
->challenge
, data
, net
->challenge_len
);
226 aq
->state
= IEEE80211SOFTMAC_AUTH_SHARED_RESPONSE
;
228 /* We reuse the work struct from the auth request here.
229 * It is safe to do so as each one is per-request, and
230 * at this point (dealing with authentication response)
231 * we have obviously already sent the initial auth
233 cancel_delayed_work(&aq
->work
);
234 INIT_DELAYED_WORK(&aq
->work
, &ieee80211softmac_auth_challenge_response
);
235 schedule_delayed_work(&aq
->work
, 0);
236 spin_unlock_irqrestore(&mac
->lock
, flags
);
238 case IEEE80211SOFTMAC_AUTH_SHARED_PASS
:
239 kfree(net
->challenge
);
240 net
->challenge
= NULL
;
241 net
->challenge_len
= 0;
242 /* Check the status code of the response */
243 switch(auth
->status
) {
244 case WLAN_STATUS_SUCCESS
:
245 /* Update the status to Authenticated */
246 spin_lock_irqsave(&mac
->lock
, flags
);
247 net
->authenticating
= 0;
248 net
->authenticated
= 1;
249 spin_unlock_irqrestore(&mac
->lock
, flags
);
250 printkl(KERN_NOTICE PFX
"Shared Key Authentication completed with "MAC_FMT
"\n",
251 MAC_ARG(net
->bssid
));
252 ieee80211softmac_call_events(mac
, IEEE80211SOFTMAC_EVENT_AUTHENTICATED
, net
);
255 printkl(KERN_NOTICE PFX
"Shared Key Authentication with "MAC_FMT
" failed, error code: %i\n",
256 MAC_ARG(net
->bssid
), le16_to_cpup(&auth
->status
));
257 /* Lock and reset flags */
258 spin_lock_irqsave(&mac
->lock
, flags
);
259 net
->authenticating
= 0;
260 net
->authenticated
= 0;
261 spin_unlock_irqrestore(&mac
->lock
, flags
);
262 /* Count the error? */
268 printkl(KERN_WARNING PFX
"Unhandled Authentication Step: %i\n", auth
->transaction
);
280 /* Cancel the timeout */
281 spin_lock_irqsave(&mac
->lock
, flags
);
282 cancel_delayed_work(&aq
->work
);
283 /* Remove this item from the queue */
285 spin_unlock_irqrestore(&mac
->lock
, flags
);
293 * Handle deauthorization
296 ieee80211softmac_deauth_from_net(struct ieee80211softmac_device
*mac
,
297 struct ieee80211softmac_network
*net
)
299 struct ieee80211softmac_auth_queue_item
*aq
= NULL
;
300 struct list_head
*list_ptr
;
303 /* deauthentication implies disassociation */
304 ieee80211softmac_disassoc(mac
);
306 /* Lock and reset status flags */
307 spin_lock_irqsave(&mac
->lock
, flags
);
308 net
->authenticating
= 0;
309 net
->authenticated
= 0;
311 /* Find correct auth queue item, if it exists */
312 list_for_each(list_ptr
, &mac
->auth_queue
) {
313 aq
= list_entry(list_ptr
, struct ieee80211softmac_auth_queue_item
, list
);
314 if (!memcmp(net
->bssid
, aq
->net
->bssid
, ETH_ALEN
))
320 /* Cancel pending work */
322 /* Not entirely safe? What about running work? */
323 cancel_delayed_work(&aq
->work
);
325 /* Free our network ref */
326 ieee80211softmac_del_network_locked(mac
, net
);
327 if(net
->challenge
!= NULL
)
328 kfree(net
->challenge
);
331 /* can't transmit data right now... */
332 netif_carrier_off(mac
->dev
);
333 spin_unlock_irqrestore(&mac
->lock
, flags
);
337 * Sends a deauth request to the desired AP
340 ieee80211softmac_deauth_req(struct ieee80211softmac_device
*mac
,
341 struct ieee80211softmac_network
*net
, int reason
)
345 /* Make sure the network is authenticated */
346 if (!net
->authenticated
)
348 printkl(KERN_DEBUG PFX
"Can't send deauthentication packet, network is not authenticated.\n");
353 /* Send the de-auth packet */
354 if((ret
= ieee80211softmac_send_mgt_frame(mac
, net
, IEEE80211_STYPE_DEAUTH
, reason
)))
357 ieee80211softmac_deauth_from_net(mac
, net
);
362 * This should be registered with ieee80211 as handle_deauth
365 ieee80211softmac_deauth_resp(struct net_device
*dev
, struct ieee80211_deauth
*deauth
)
368 struct ieee80211softmac_network
*net
= NULL
;
369 struct ieee80211softmac_device
*mac
= ieee80211_priv(dev
);
371 if (unlikely(!mac
->running
))
375 dprintk("deauth without deauth packet. eek!\n");
379 net
= ieee80211softmac_get_network_by_bssid(mac
, deauth
->header
.addr2
);
382 printkl(KERN_DEBUG PFX
"Received deauthentication packet from "MAC_FMT
", but that network is unknown.\n",
383 MAC_ARG(deauth
->header
.addr2
));
387 /* Make sure the network is authenticated */
388 if(!net
->authenticated
)
390 printkl(KERN_DEBUG PFX
"Can't perform deauthentication, network is not authenticated.\n");
395 ieee80211softmac_deauth_from_net(mac
, net
);
397 /* let's try to re-associate */
398 schedule_delayed_work(&mac
->associnfo
.work
, 0);