2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Purpose: Handles the 802.11 management functions
29 * nsMgrObjectInitial - Initialize Management Object data structure
30 * vMgrObjectReset - Reset Management Object data structure
31 * vMgrAssocBeginSta - Start associate function
32 * vMgrReAssocBeginSta - Start reassociate function
33 * vMgrDisassocBeginSta - Start disassociate function
34 * s_vMgrRxAssocRequest - Handle Rcv associate_request
35 * s_vMgrRxAssocResponse - Handle Rcv associate_response
36 * vMrgAuthenBeginSta - Start authentication function
37 * vMgrDeAuthenDeginSta - Start deauthentication function
38 * s_vMgrRxAuthentication - Handle Rcv authentication
39 * s_vMgrRxAuthenSequence_1 - Handle Rcv authentication sequence 1
40 * s_vMgrRxAuthenSequence_2 - Handle Rcv authentication sequence 2
41 * s_vMgrRxAuthenSequence_3 - Handle Rcv authentication sequence 3
42 * s_vMgrRxAuthenSequence_4 - Handle Rcv authentication sequence 4
43 * s_vMgrRxDisassociation - Handle Rcv disassociation
44 * s_vMgrRxBeacon - Handle Rcv Beacon
45 * vMgrCreateOwnIBSS - Create ad_hoc IBSS or AP BSS
46 * vMgrJoinBSSBegin - Join BSS function
47 * s_vMgrSynchBSS - Synch & adopt BSS parameters
48 * s_MgrMakeBeacon - Create Baecon frame
49 * s_MgrMakeProbeResponse - Create Probe Response frame
50 * s_MgrMakeAssocRequest - Create Associate Request frame
51 * s_MgrMakeReAssocRequest - Create ReAssociate Request frame
52 * s_vMgrRxProbeResponse - Handle Rcv probe_response
53 * s_vMrgRxProbeRequest - Handle Rcv probe_request
54 * bMgrPrepareBeaconToSend - Prepare Beacon frame
55 * s_vMgrLogStatus - Log 802.11 Status
56 * vMgrRxManagePacket - Rcv management frame dispatch function
57 * s_vMgrFormatTIM- Assembler TIM field of beacon
58 * vMgrTimerInit- Initial 1-sec and command call back funtions
83 /*--------------------- Static Definitions -------------------------*/
85 /*--------------------- Static Classes ----------------------------*/
87 /*--------------------- Static Functions --------------------------*/
88 //2008-8-4 <add> by chester
89 static bool ChannelExceedZoneType(
90 struct vnt_private *pDevice,
91 unsigned char byCurrChannel
94 // Association/diassociation functions
97 s_MgrMakeAssocRequest(
98 struct vnt_private *pDevice,
100 unsigned char *pDAddr,
101 unsigned short wCurrCapInfo,
102 unsigned short wListenInterval,
103 PWLAN_IE_SSID pCurrSSID,
104 PWLAN_IE_SUPP_RATES pCurrRates,
105 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
110 s_vMgrRxAssocRequest(
111 struct vnt_private *pDevice,
113 PSRxMgmtPacket pRxPacket,
114 unsigned int uNodeIndex
119 s_MgrMakeReAssocRequest(
120 struct vnt_private *pDevice,
122 unsigned char *pDAddr,
123 unsigned short wCurrCapInfo,
124 unsigned short wListenInterval,
125 PWLAN_IE_SSID pCurrSSID,
126 PWLAN_IE_SUPP_RATES pCurrRates,
127 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
132 s_vMgrRxAssocResponse(
133 struct vnt_private *pDevice,
135 PSRxMgmtPacket pRxPacket,
141 s_vMgrRxDisassociation(
142 struct vnt_private *pDevice,
144 PSRxMgmtPacket pRxPacket
147 // Authentication/deauthen functions
150 s_vMgrRxAuthenSequence_1(
151 struct vnt_private *pDevice,
153 PWLAN_FR_AUTHEN pFrame
158 s_vMgrRxAuthenSequence_2(
159 struct vnt_private *pDevice,
161 PWLAN_FR_AUTHEN pFrame
166 s_vMgrRxAuthenSequence_3(
167 struct vnt_private *pDevice,
169 PWLAN_FR_AUTHEN pFrame
174 s_vMgrRxAuthenSequence_4(
175 struct vnt_private *pDevice,
177 PWLAN_FR_AUTHEN pFrame
182 s_vMgrRxAuthentication(
183 struct vnt_private *pDevice,
185 PSRxMgmtPacket pRxPacket
190 s_vMgrRxDeauthentication(
191 struct vnt_private *pDevice,
193 PSRxMgmtPacket pRxPacket
197 // probe request/response functions
200 s_vMgrRxProbeRequest(
201 struct vnt_private *pDevice,
203 PSRxMgmtPacket pRxPacket
208 s_vMgrRxProbeResponse(
209 struct vnt_private *pDevice,
211 PSRxMgmtPacket pRxPacket
218 struct vnt_private *pDevice,
220 PSRxMgmtPacket pRxPacket,
234 struct vnt_private *pDevice,
236 unsigned short wCurrCapInfo,
237 unsigned short wCurrBeaconPeriod,
238 unsigned int uCurrChannel,
239 unsigned short wCurrATIMWinodw,
240 PWLAN_IE_SSID pCurrSSID,
241 unsigned char *pCurrBSSID,
242 PWLAN_IE_SUPP_RATES pCurrSuppRates,
243 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
246 // Association response
249 s_MgrMakeAssocResponse(
250 struct vnt_private *pDevice,
252 unsigned short wCurrCapInfo,
253 unsigned short wAssocStatus,
254 unsigned short wAssocAID,
255 unsigned char *pDstAddr,
256 PWLAN_IE_SUPP_RATES pCurrSuppRates,
257 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
260 // ReAssociation response
263 s_MgrMakeReAssocResponse(
264 struct vnt_private *pDevice,
266 unsigned short wCurrCapInfo,
267 unsigned short wAssocStatus,
268 unsigned short wAssocAID,
269 unsigned char *pDstAddr,
270 PWLAN_IE_SUPP_RATES pCurrSuppRates,
271 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
277 s_MgrMakeProbeResponse(
278 struct vnt_private *pDevice,
280 unsigned short wCurrCapInfo,
281 unsigned short wCurrBeaconPeriod,
282 unsigned int uCurrChannel,
283 unsigned short wCurrATIMWinodw,
284 unsigned char *pDstAddr,
285 PWLAN_IE_SSID pCurrSSID,
286 unsigned char *pCurrBSSID,
287 PWLAN_IE_SUPP_RATES pCurrSuppRates,
288 PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
289 unsigned char byPHYType
297 unsigned short wStatus
303 struct vnt_private *pDevice,
304 unsigned int uBSSMode,
312 NDIS_802_11_ENCRYPTION_STATUS EncStatus,
313 unsigned char *pbyCCSPK,
314 unsigned char *pbyCCSGK
317 static void Encyption_Rebuild(
318 struct vnt_private *pDevice,
322 /*--------------------- Export Variables --------------------------*/
324 /*--------------------- Export Functions --------------------------*/
328 * Routine Description:
329 * Allocates and initializes the Management object.
341 struct vnt_private *pDevice = hDeviceContext;
342 PSMgmtObject pMgmt = pDevice->pMgmt;
345 pMgmt->pbyPSPacketPool = &pMgmt->byPSPacketPool[0];
346 pMgmt->pbyMgmtPacketPool = &pMgmt->byMgmtPacketPool[0];
347 pMgmt->uCurrChannel = pDevice->uChannel;
348 for (ii = 0; ii < WLAN_BSSID_LEN; ii++)
349 pMgmt->abyDesireBSSID[ii] = 0xFF;
351 pMgmt->sAssocInfo.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
352 pMgmt->byCSSPK = KEY_CTL_NONE;
353 pMgmt->byCSSGK = KEY_CTL_NONE;
354 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
355 BSSvClearBSSList((void *)pDevice, false);
360 * Routine Description:
361 * Initializes timer object
373 struct vnt_private *pDevice = hDeviceContext;
374 PSMgmtObject pMgmt = pDevice->pMgmt;
376 init_timer(&pMgmt->sTimerSecondCallback);
377 pMgmt->sTimerSecondCallback.data = (unsigned long) pDevice;
378 pMgmt->sTimerSecondCallback.function = (TimerFunction)BSSvSecondCallBack;
379 pMgmt->sTimerSecondCallback.expires = RUN_AT(HZ);
381 init_timer(&pDevice->sTimerCommand);
382 pDevice->sTimerCommand.data = (unsigned long) pDevice;
383 pDevice->sTimerCommand.function = (TimerFunction)vCommandTimer;
384 pDevice->sTimerCommand.expires = RUN_AT(HZ);
386 init_timer(&pDevice->sTimerTxData);
387 pDevice->sTimerTxData.data = (unsigned long) pDevice;
388 pDevice->sTimerTxData.function = (TimerFunction)BSSvSecondTxData;
389 pDevice->sTimerTxData.expires = RUN_AT(10*HZ); //10s callback
390 pDevice->fTxDataInSleep = false;
391 pDevice->IsTxDataTrigger = false;
392 pDevice->nTxDataTimeCout = 0;
394 pDevice->cbFreeCmdQueue = CMD_Q_SIZE;
395 pDevice->uCmdDequeueIdx = 0;
396 pDevice->uCmdEnqueueIdx = 0;
401 * Routine Description:
402 * Reset the management object structure.
414 struct vnt_private *pDevice = hDeviceContext;
415 PSMgmtObject pMgmt = pDevice->pMgmt;
417 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
418 pMgmt->eCurrState = WMAC_STATE_IDLE;
419 pDevice->bEnablePSMode = false;
425 * Routine Description:
426 * Start the station association procedure. Namely, send an
427 * association request frame to the AP.
436 void *hDeviceContext,
441 struct vnt_private *pDevice = hDeviceContext;
442 PSTxMgmtPacket pTxPacket;
444 pMgmt->wCurrCapInfo = 0;
445 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
446 if (pDevice->bEncryptionEnable)
447 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
449 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
450 if (pMgmt->wListenInterval == 0)
451 pMgmt->wListenInterval = 1; // at least one.
453 // ERP Phy (802.11g) should support short preamble.
454 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
455 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
456 if (CARDbIsShorSlotTime(pMgmt->pAdapter))
457 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
458 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
459 if (CARDbIsShortPreamble(pMgmt->pAdapter))
460 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
462 if (pMgmt->b11hEnable)
463 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
465 /* build an assocreq frame and send it */
466 pTxPacket = s_MgrMakeAssocRequest
472 pMgmt->wListenInterval,
473 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
474 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
475 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
478 if (pTxPacket != NULL) {
480 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
481 if (*pStatus == CMD_STATUS_PENDING) {
482 pMgmt->eCurrState = WMAC_STATE_ASSOCPENDING;
483 *pStatus = CMD_STATUS_SUCCESS;
486 *pStatus = CMD_STATUS_RESOURCES;
492 * Routine Description:
493 * Start the station re-association procedure.
502 void *hDeviceContext,
507 struct vnt_private *pDevice = hDeviceContext;
508 PSTxMgmtPacket pTxPacket;
510 pMgmt->wCurrCapInfo = 0;
511 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
512 if (pDevice->bEncryptionEnable)
513 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
515 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
517 if (pMgmt->wListenInterval == 0)
518 pMgmt->wListenInterval = 1; // at least one.
520 // ERP Phy (802.11g) should support short preamble.
521 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
522 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
523 if (CARDbIsShorSlotTime(pMgmt->pAdapter))
524 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
525 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
526 if (CARDbIsShortPreamble(pMgmt->pAdapter))
527 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
530 if (pMgmt->b11hEnable)
531 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
533 pTxPacket = s_MgrMakeReAssocRequest
539 pMgmt->wListenInterval,
540 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
541 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
542 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
545 if (pTxPacket != NULL) {
547 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
548 if (*pStatus != CMD_STATUS_PENDING)
549 pr_debug("Mgt:Reassociation tx failed\n");
551 pr_debug("Mgt:Reassociation tx sending\n");
557 * Routine Description:
558 * Send an dis-association request frame to the AP.
566 vMgrDisassocBeginSta(
567 void *hDeviceContext,
569 unsigned char *abyDestAddress,
570 unsigned short wReason,
574 struct vnt_private *pDevice = hDeviceContext;
575 PSTxMgmtPacket pTxPacket = NULL;
576 WLAN_FR_DISASSOC sFrame;
578 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
579 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DISASSOC_FR_MAXLEN);
580 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
582 // Setup the sFrame structure
583 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
584 sFrame.len = WLAN_DISASSOC_FR_MAXLEN;
586 // format fixed field frame structure
587 vMgrEncodeDisassociation(&sFrame);
590 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
592 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
593 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DISASSOC)
596 memcpy(sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
597 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
598 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
601 *(sFrame.pwReason) = cpu_to_le16(wReason);
602 pTxPacket->cbMPDULen = sFrame.len;
603 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
606 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
607 if (*pStatus == CMD_STATUS_PENDING) {
608 pMgmt->eCurrState = WMAC_STATE_IDLE;
609 *pStatus = CMD_STATUS_SUCCESS;
615 * Routine Description:(AP function)
616 * Handle incoming station association request frames.
625 s_vMgrRxAssocRequest(
626 struct vnt_private *pDevice,
628 PSRxMgmtPacket pRxPacket,
629 unsigned int uNodeIndex
632 WLAN_FR_ASSOCREQ sFrame;
634 PSTxMgmtPacket pTxPacket;
635 unsigned short wAssocStatus = 0;
636 unsigned short wAssocAID = 0;
637 unsigned int uRateLen = WLAN_RATES_MAXLEN;
638 unsigned char abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
639 unsigned char abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
641 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
643 // node index not found
647 //check if node is authenticated
649 memset(&sFrame, 0, sizeof(WLAN_FR_ASSOCREQ));
650 memset(abyCurrSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
651 memset(abyCurrExtSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
652 sFrame.len = pRxPacket->cbMPDULen;
653 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
655 vMgrDecodeAssocRequest(&sFrame);
657 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
658 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
659 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
660 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
661 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
662 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? true : false;
663 // Todo: check sta basic rate, if ap can't support, set status code
664 if (pDevice->eCurrentPHYType == PHY_TYPE_11B)
665 uRateLen = WLAN_RATES_MAXLEN_11B;
667 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
668 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
669 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
671 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
672 if (pDevice->eCurrentPHYType == PHY_TYPE_11G)
673 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
674 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
677 abyCurrExtSuppRates[1] = 0;
679 RATEvParseMaxRate((void *)pDevice,
680 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
681 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
682 false, // do not change our basic rate
683 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
684 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
685 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
686 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
687 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
691 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
692 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
694 pr_debug("RxAssocRequest:wTxDataRate is %d\n", pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate);
696 // Todo: check sta preamble, if ap can't support, set status code
697 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
698 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
699 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
700 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
701 pMgmt->sNodeDBTable[uNodeIndex].wAID = (unsigned short)uNodeIndex;
702 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
703 wAssocAID = (unsigned short)uNodeIndex;
704 // check if ERP support
705 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
706 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = true;
708 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
710 pDevice->bProtectMode = true;
711 pDevice->bNonERPPresent = true;
713 if (!pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble)
714 pDevice->bBarkerPreambleMd = true;
716 pr_info("Associate AID= %d\n", wAssocAID);
717 pr_info("MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X\n",
718 sFrame.pHdr->sA3.abyAddr2[0],
719 sFrame.pHdr->sA3.abyAddr2[1],
720 sFrame.pHdr->sA3.abyAddr2[2],
721 sFrame.pHdr->sA3.abyAddr2[3],
722 sFrame.pHdr->sA3.abyAddr2[4],
723 sFrame.pHdr->sA3.abyAddr2[5]
725 pr_info("Max Support rate = %d\n",
726 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
728 /* TODO: received STA under state1 handle */
732 // assoc response reply..
733 pTxPacket = s_MgrMakeAssocResponse
740 sFrame.pHdr->sA3.abyAddr2,
741 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
742 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
744 if (pTxPacket != NULL) {
745 if (pDevice->bEnableHostapd)
749 Status = csMgmt_xmit(pDevice, pTxPacket);
750 if (Status != CMD_STATUS_PENDING)
751 pr_debug("Mgt:Assoc response tx failed\n");
753 pr_debug("Mgt:Assoc response tx sending..\n");
759 * Description:(AP function)
760 * Handle incoming station re-association request frames.
764 * pMgmt - Management Object structure
765 * pRxPacket - Received Packet
769 * Return Value: None.
775 s_vMgrRxReAssocRequest(
776 struct vnt_private *pDevice,
778 PSRxMgmtPacket pRxPacket,
779 unsigned int uNodeIndex
782 WLAN_FR_REASSOCREQ sFrame;
784 PSTxMgmtPacket pTxPacket;
785 unsigned short wAssocStatus = 0;
786 unsigned short wAssocAID = 0;
787 unsigned int uRateLen = WLAN_RATES_MAXLEN;
788 unsigned char abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
789 unsigned char abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
791 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
793 // node index not found
796 //check if node is authenticated
798 memset(&sFrame, 0, sizeof(WLAN_FR_REASSOCREQ));
799 sFrame.len = pRxPacket->cbMPDULen;
800 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
801 vMgrDecodeReassocRequest(&sFrame);
803 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
804 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
805 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
806 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
807 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
808 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? true : false;
809 // Todo: check sta basic rate, if ap can't support, set status code
811 if (pDevice->eCurrentPHYType == PHY_TYPE_11B)
812 uRateLen = WLAN_RATES_MAXLEN_11B;
814 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
815 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
816 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
818 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
819 if (pDevice->eCurrentPHYType == PHY_TYPE_11G) {
820 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
821 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
824 abyCurrExtSuppRates[1] = 0;
827 RATEvParseMaxRate((void *)pDevice,
828 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
829 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
830 false, // do not change our basic rate
831 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
832 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
833 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
834 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
835 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
839 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
840 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
842 pr_debug("RxReAssocRequest:TxDataRate is %d\n", pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate);
844 // Todo: check sta preamble, if ap can't support, set status code
845 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
846 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
847 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
848 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
849 pMgmt->sNodeDBTable[uNodeIndex].wAID = (unsigned short)uNodeIndex;
850 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
851 wAssocAID = (unsigned short)uNodeIndex;
854 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
855 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = true;
857 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
859 pDevice->bProtectMode = true;
860 pDevice->bNonERPPresent = true;
862 if (!pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble)
863 pDevice->bBarkerPreambleMd = true;
865 pr_info("Rx ReAssociate AID= %d\n", wAssocAID);
866 pr_info("MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X\n",
867 sFrame.pHdr->sA3.abyAddr2[0],
868 sFrame.pHdr->sA3.abyAddr2[1],
869 sFrame.pHdr->sA3.abyAddr2[2],
870 sFrame.pHdr->sA3.abyAddr2[3],
871 sFrame.pHdr->sA3.abyAddr2[4],
872 sFrame.pHdr->sA3.abyAddr2[5]
874 pr_info("Max Support rate = %d\n",
875 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
879 // assoc response reply..
880 pTxPacket = s_MgrMakeReAssocResponse
887 sFrame.pHdr->sA3.abyAddr2,
888 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
889 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
892 if (pTxPacket != NULL) {
894 if (pDevice->bEnableHostapd)
897 Status = csMgmt_xmit(pDevice, pTxPacket);
898 if (Status != CMD_STATUS_PENDING)
899 pr_debug("Mgt:ReAssoc response tx failed\n");
901 pr_debug("Mgt:ReAssoc response tx sending..\n");
907 * Routine Description:
908 * Handle incoming association response frames.
917 s_vMgrRxAssocResponse(
918 struct vnt_private *pDevice,
920 PSRxMgmtPacket pRxPacket,
924 WLAN_FR_ASSOCRESP sFrame;
925 PWLAN_IE_SSID pItemSSID;
926 unsigned char *pbyIEs;
927 viawget_wpa_header *wpahdr;
929 if (pMgmt->eCurrState == WMAC_STATE_ASSOCPENDING ||
930 pMgmt->eCurrState == WMAC_STATE_ASSOC) {
931 sFrame.len = pRxPacket->cbMPDULen;
932 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
934 vMgrDecodeAssocResponse(&sFrame);
935 if ((sFrame.pwCapInfo == NULL) ||
936 (sFrame.pwStatus == NULL) ||
937 (sFrame.pwAid == NULL) ||
938 (sFrame.pSuppRates == NULL)) {
943 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.Capabilities = *(sFrame.pwCapInfo);
944 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.StatusCode = *(sFrame.pwStatus);
945 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.AssociationId = *(sFrame.pwAid);
946 pMgmt->sAssocInfo.AssocInfo.AvailableResponseFixedIEs |= 0x07;
948 pMgmt->sAssocInfo.AssocInfo.ResponseIELength = sFrame.len - 24 - 6;
949 pMgmt->sAssocInfo.AssocInfo.OffsetResponseIEs = pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs + pMgmt->sAssocInfo.AssocInfo.RequestIELength;
950 pbyIEs = pMgmt->sAssocInfo.abyIEs;
951 pbyIEs += pMgmt->sAssocInfo.AssocInfo.RequestIELength;
952 memcpy(pbyIEs, (sFrame.pBuf + 24 + 6), pMgmt->sAssocInfo.AssocInfo.ResponseIELength);
954 // save values and set current BSS state
955 if (cpu_to_le16((*(sFrame.pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
957 pMgmt->wCurrAID = cpu_to_le16((*(sFrame.pwAid)));
958 if ((pMgmt->wCurrAID >> 14) != (BIT0 | BIT1))
959 pr_debug("AID from AP, has two msb clear\n");
961 pr_info("Association Successful, AID=%d\n",
962 pMgmt->wCurrAID & ~(BIT14 | BIT15));
963 pMgmt->eCurrState = WMAC_STATE_ASSOC;
964 BSSvUpdateAPNode((void *)pDevice, sFrame.pwCapInfo, sFrame.pSuppRates, sFrame.pExtSuppRates);
965 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyCurrSSID;
966 pr_info("Link with AP(SSID): %s\n", pItemSSID->abySSID);
967 pDevice->bLinkPass = true;
968 pDevice->uBBVGADiffCount = 0;
969 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
970 if (skb_tailroom(pDevice->skb) < (sizeof(viawget_wpa_header) + pMgmt->sAssocInfo.AssocInfo.ResponseIELength +
971 pMgmt->sAssocInfo.AssocInfo.RequestIELength)) { //data room not enough
972 dev_kfree_skb(pDevice->skb);
973 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
975 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
976 wpahdr->type = VIAWGET_ASSOC_MSG;
977 wpahdr->resp_ie_len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
978 wpahdr->req_ie_len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
979 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header), pMgmt->sAssocInfo.abyIEs, wpahdr->req_ie_len);
980 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header) + wpahdr->req_ie_len,
984 skb_put(pDevice->skb, sizeof(viawget_wpa_header) + wpahdr->resp_ie_len + wpahdr->req_ie_len);
985 pDevice->skb->dev = pDevice->wpadev;
986 skb_reset_mac_header(pDevice->skb);
987 pDevice->skb->pkt_type = PACKET_HOST;
988 pDevice->skb->protocol = htons(ETH_P_802_2);
989 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
990 netif_rx(pDevice->skb);
991 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
994 //2008-0409-07, <Add> by Einsn Liu
995 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
997 unsigned char buf[512];
999 union iwreq_data wrqu;
1002 memset(buf, 0, 512);
1004 len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1006 memcpy(buf, pMgmt->sAssocInfo.abyIEs, len);
1007 memset(&wrqu, 0, sizeof(wrqu));
1008 wrqu.data.length = len;
1009 we_event = IWEVASSOCREQIE;
1010 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1013 memset(buf, 0, 512);
1014 len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
1017 memcpy(buf, pbyIEs, len);
1018 memset(&wrqu, 0, sizeof(wrqu));
1019 wrqu.data.length = len;
1020 we_event = IWEVASSOCRESPIE;
1021 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1024 memset(&wrqu, 0, sizeof(wrqu));
1025 memcpy(wrqu.ap_addr.sa_data, &pMgmt->abyCurrBSSID[0], ETH_ALEN);
1026 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1027 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1029 #endif //#ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1030 //End Add -- //2008-0409-07, <Add> by Einsn Liu
1033 pMgmt->eCurrState = WMAC_STATE_IDLE;
1035 // jump back to the auth state and indicate the error
1036 pMgmt->eCurrState = WMAC_STATE_AUTH;
1038 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(sFrame.pwStatus))));
1043 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1044 //need clear flags related to Networkmanager
1046 pDevice->bwextcount = 0;
1047 pDevice->bWPASuppWextEnabled = false;
1050 if (pMgmt->eCurrState == WMAC_STATE_ASSOC)
1051 timer_expire(pDevice->sTimerCommand, 0);
1056 * Routine Description:
1057 * Start the station authentication procedure. Namely, send an
1058 * authentication frame to the AP.
1067 void *hDeviceContext,
1072 struct vnt_private *pDevice = hDeviceContext;
1073 WLAN_FR_AUTHEN sFrame;
1074 PSTxMgmtPacket pTxPacket = NULL;
1076 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1077 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1078 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1079 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1080 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1081 vMgrEncodeAuthen(&sFrame);
1083 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1085 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1086 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)
1088 memcpy(sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_ADDR_LEN);
1089 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1090 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1091 if (pMgmt->bShareKeyAlgorithm)
1092 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_SHAREDKEY);
1094 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_OPENSYSTEM);
1096 *(sFrame.pwAuthSequence) = cpu_to_le16(1);
1097 /* Adjust the length fields */
1098 pTxPacket->cbMPDULen = sFrame.len;
1099 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1101 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1102 if (*pStatus == CMD_STATUS_PENDING) {
1103 pMgmt->eCurrState = WMAC_STATE_AUTHPENDING;
1104 *pStatus = CMD_STATUS_SUCCESS;
1110 * Routine Description:
1111 * Start the station(AP) deauthentication procedure. Namely, send an
1112 * deauthentication frame to the AP or Sta.
1120 vMgrDeAuthenBeginSta(
1121 void *hDeviceContext,
1123 unsigned char *abyDestAddress,
1124 unsigned short wReason,
1128 struct vnt_private *pDevice = hDeviceContext;
1129 WLAN_FR_DEAUTHEN sFrame;
1130 PSTxMgmtPacket pTxPacket = NULL;
1132 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1133 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DEAUTHEN_FR_MAXLEN);
1134 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1135 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1136 sFrame.len = WLAN_DEAUTHEN_FR_MAXLEN;
1137 vMgrEncodeDeauthen(&sFrame);
1139 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1141 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1142 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DEAUTHEN)
1145 memcpy(sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
1146 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1147 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1149 *(sFrame.pwReason) = cpu_to_le16(wReason); // deauthen. bcs left BSS
1150 /* Adjust the length fields */
1151 pTxPacket->cbMPDULen = sFrame.len;
1152 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1154 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1155 if (*pStatus == CMD_STATUS_PENDING)
1156 *pStatus = CMD_STATUS_SUCCESS;
1161 * Routine Description:
1162 * Handle incoming authentication frames.
1171 s_vMgrRxAuthentication(
1172 struct vnt_private *pDevice,
1174 PSRxMgmtPacket pRxPacket
1177 WLAN_FR_AUTHEN sFrame;
1179 // we better be an AP or a STA in AUTHPENDING otherwise ignore
1180 if (!(pMgmt->eCurrMode == WMAC_MODE_ESS_AP ||
1181 pMgmt->eCurrState == WMAC_STATE_AUTHPENDING)) {
1186 sFrame.len = pRxPacket->cbMPDULen;
1187 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1188 vMgrDecodeAuthen(&sFrame);
1189 switch (cpu_to_le16((*(sFrame.pwAuthSequence)))) {
1192 s_vMgrRxAuthenSequence_1(pDevice, pMgmt, &sFrame);
1195 s_vMgrRxAuthenSequence_2(pDevice, pMgmt, &sFrame);
1199 s_vMgrRxAuthenSequence_3(pDevice, pMgmt, &sFrame);
1202 s_vMgrRxAuthenSequence_4(pDevice, pMgmt, &sFrame);
1205 pr_debug("Auth Sequence error, seq = %d\n",
1206 cpu_to_le16((*(sFrame.pwAuthSequence))));
1213 * Routine Description:
1214 * Handles incoming authen frames with sequence 1. Currently
1215 * assumes we're an AP. So far, no one appears to use authentication
1225 s_vMgrRxAuthenSequence_1(
1226 struct vnt_private *pDevice,
1228 PWLAN_FR_AUTHEN pFrame
1231 PSTxMgmtPacket pTxPacket = NULL;
1232 unsigned int uNodeIndex;
1233 WLAN_FR_AUTHEN sFrame;
1234 PSKeyItem pTransmitKey;
1236 // Insert a Node entry
1237 if (!BSSDBbIsSTAInNodeDB(pMgmt, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1238 BSSvCreateOneNode(pDevice, &uNodeIndex);
1239 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, pFrame->pHdr->sA3.abyAddr2,
1243 if (pMgmt->bShareKeyAlgorithm) {
1244 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_KNOWN;
1245 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 1;
1247 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1251 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1252 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1253 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1254 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1255 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1256 // format buffer structure
1257 vMgrEncodeAuthen(&sFrame);
1259 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1261 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1262 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1263 WLAN_SET_FC_ISWEP(0)
1265 memcpy(sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1266 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1267 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1268 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1269 *(sFrame.pwAuthSequence) = cpu_to_le16(2);
1271 if (cpu_to_le16(*(pFrame->pwAuthAlgorithm)) == WLAN_AUTH_ALG_SHAREDKEY) {
1272 if (pMgmt->bShareKeyAlgorithm)
1273 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1275 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1277 if (pMgmt->bShareKeyAlgorithm)
1278 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1280 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1283 if (pMgmt->bShareKeyAlgorithm &&
1284 (cpu_to_le16(*(sFrame.pwStatus)) == WLAN_MGMT_STATUS_SUCCESS)) {
1285 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1286 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1287 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1288 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1289 memset(pMgmt->abyChallenge, 0, WLAN_CHALLENGE_LEN);
1291 if (KeybGetTransmitKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, GROUP_KEY, &pTransmitKey) == true) {
1292 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pTransmitKey->uKeyLength+3);
1293 rc4_encrypt(&pDevice->SBox, pMgmt->abyChallenge, pMgmt->abyChallenge, WLAN_CHALLENGE_LEN);
1295 memcpy(sFrame.pChallenge->abyChallenge, pMgmt->abyChallenge , WLAN_CHALLENGE_LEN);
1298 /* Adjust the length fields */
1299 pTxPacket->cbMPDULen = sFrame.len;
1300 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1302 if (pDevice->bEnableHostapd)
1305 pr_debug("Mgt:Authreq_reply sequence_1 tx..\n");
1306 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING)
1307 pr_debug("Mgt:Authreq_reply sequence_1 tx failed\n");
1312 * Routine Description:
1313 * Handles incoming auth frames with sequence number 2. Currently
1314 * assumes we're a station.
1324 s_vMgrRxAuthenSequence_2(
1325 struct vnt_private *pDevice,
1327 PWLAN_FR_AUTHEN pFrame
1330 WLAN_FR_AUTHEN sFrame;
1331 PSTxMgmtPacket pTxPacket = NULL;
1333 switch (cpu_to_le16((*(pFrame->pwAuthAlgorithm)))) {
1334 case WLAN_AUTH_ALG_OPENSYSTEM:
1335 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1336 pr_info("802.11 Authen (OPEN) Successful\n");
1337 pMgmt->eCurrState = WMAC_STATE_AUTH;
1338 timer_expire(pDevice->sTimerCommand, 0);
1340 pr_info("802.11 Authen (OPEN) Failed\n");
1341 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1342 pMgmt->eCurrState = WMAC_STATE_IDLE;
1347 case WLAN_AUTH_ALG_SHAREDKEY:
1349 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1350 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1351 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1352 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1353 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1354 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1355 // format buffer structure
1356 vMgrEncodeAuthen(&sFrame);
1358 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1360 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1361 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1362 WLAN_SET_FC_ISWEP(1)
1364 memcpy(sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1365 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1366 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1367 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1368 *(sFrame.pwAuthSequence) = cpu_to_le16(3);
1369 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1370 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1371 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1372 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1373 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1374 memcpy(sFrame.pChallenge->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN);
1375 // Adjust the length fields
1376 pTxPacket->cbMPDULen = sFrame.len;
1377 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1379 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING)
1380 pr_debug("Mgt:Auth_reply sequence_2 tx failed\n");
1382 pr_debug("Mgt:Auth_reply sequence_2 tx ...\n");
1384 pr_debug("Mgt:rx Auth_reply sequence_2 status error ...\n");
1385 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1389 pr_debug("Mgt: rx auth.seq = 2 unknown AuthAlgorithm=%d\n",
1390 cpu_to_le16((*(pFrame->pwAuthAlgorithm))));
1397 * Routine Description:
1398 * Handles incoming authen frames with sequence 3. Currently
1399 * assumes we're an AP. This function assumes the frame has
1400 * already been successfully decrypted.
1410 s_vMgrRxAuthenSequence_3(
1411 struct vnt_private *pDevice,
1413 PWLAN_FR_AUTHEN pFrame
1416 PSTxMgmtPacket pTxPacket = NULL;
1417 unsigned int uStatusCode = 0;
1418 unsigned int uNodeIndex = 0;
1419 WLAN_FR_AUTHEN sFrame;
1421 if (!WLAN_GET_FC_ISWEP(pFrame->pHdr->sA3.wFrameCtl)) {
1422 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1425 if (BSSDBbIsSTAInNodeDB(pMgmt, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1426 if (pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence != 1) {
1427 uStatusCode = WLAN_MGMT_STATUS_RX_AUTH_NOSEQ;
1430 if (memcmp(pMgmt->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN) != 0) {
1431 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1435 uStatusCode = WLAN_MGMT_STATUS_UNSPEC_FAILURE;
1440 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1441 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 0;
1443 uStatusCode = WLAN_MGMT_STATUS_SUCCESS;
1444 pr_debug("Challenge text check ok..\n");
1448 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1449 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1450 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
1451 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
1452 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1453 // format buffer structure
1454 vMgrEncodeAuthen(&sFrame);
1456 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1458 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1459 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1460 WLAN_SET_FC_ISWEP(0)
1462 memcpy(sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1463 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1464 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1465 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1466 *(sFrame.pwAuthSequence) = cpu_to_le16(4);
1467 *(sFrame.pwStatus) = cpu_to_le16(uStatusCode);
1469 /* Adjust the length fields */
1470 pTxPacket->cbMPDULen = sFrame.len;
1471 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1473 if (pDevice->bEnableHostapd)
1476 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING)
1477 pr_debug("Mgt:Authreq_reply sequence_4 tx failed\n");
1482 * Routine Description:
1483 * Handles incoming authen frames with sequence 4
1492 s_vMgrRxAuthenSequence_4(
1493 struct vnt_private *pDevice,
1495 PWLAN_FR_AUTHEN pFrame
1498 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1499 pr_info("802.11 Authen (SHAREDKEY) Successful\n");
1500 pMgmt->eCurrState = WMAC_STATE_AUTH;
1501 timer_expire(pDevice->sTimerCommand, 0);
1503 pr_info("802.11 Authen (SHAREDKEY) Failed\n");
1504 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1505 pMgmt->eCurrState = WMAC_STATE_IDLE;
1511 * Routine Description:
1512 * Handles incoming disassociation frames
1522 s_vMgrRxDisassociation(
1523 struct vnt_private *pDevice,
1525 PSRxMgmtPacket pRxPacket
1528 WLAN_FR_DISASSOC sFrame;
1529 unsigned int uNodeIndex = 0;
1530 viawget_wpa_header *wpahdr;
1532 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1533 // if is acting an AP..
1534 // a STA is leaving this BSS..
1535 sFrame.len = pRxPacket->cbMPDULen;
1536 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1537 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
1538 BSSvRemoveOneNode(pDevice, uNodeIndex);
1540 pr_debug("Rx disassoc, sta not found\n");
1542 } else if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) {
1543 sFrame.len = pRxPacket->cbMPDULen;
1544 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1545 vMgrDecodeDisassociation(&sFrame);
1546 pr_info("AP disassociated me, reason=%d\n",
1547 cpu_to_le16(*(sFrame.pwReason)));
1548 //TODO: do something let upper layer know or
1549 //try to send associate packet again because of inactivity timeout
1550 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1551 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1552 wpahdr->type = VIAWGET_DISASSOC_MSG;
1553 wpahdr->resp_ie_len = 0;
1554 wpahdr->req_ie_len = 0;
1555 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1556 pDevice->skb->dev = pDevice->wpadev;
1557 skb_reset_mac_header(pDevice->skb);
1559 pDevice->skb->pkt_type = PACKET_HOST;
1560 pDevice->skb->protocol = htons(ETH_P_802_2);
1561 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1562 netif_rx(pDevice->skb);
1563 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1566 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1568 union iwreq_data wrqu;
1570 memset(&wrqu, 0, sizeof(wrqu));
1571 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1572 pr_debug("wireless_send_event--->SIOCGIWAP(disassociated)\n");
1573 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1577 /* else, ignore it */
1582 * Routine Description:
1583 * Handles incoming deauthentication frames
1593 s_vMgrRxDeauthentication(
1594 struct vnt_private *pDevice,
1596 PSRxMgmtPacket pRxPacket
1599 WLAN_FR_DEAUTHEN sFrame;
1600 unsigned int uNodeIndex = 0;
1601 viawget_wpa_header *wpahdr;
1603 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
1605 // if is acting an AP..
1606 // a STA is leaving this BSS..
1607 sFrame.len = pRxPacket->cbMPDULen;
1608 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1609 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
1610 BSSvRemoveOneNode(pDevice, uNodeIndex);
1612 pr_info("Rx deauth, sta not found\n");
1614 if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) {
1615 sFrame.len = pRxPacket->cbMPDULen;
1616 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1617 vMgrDecodeDeauthen(&sFrame);
1618 pr_info("AP deauthed me, reason=%d\n",
1619 cpu_to_le16((*(sFrame.pwReason))));
1620 // TODO: update BSS list for specific BSSID if pre-authentication case
1621 if (ether_addr_equal(sFrame.pHdr->sA3.abyAddr3,
1622 pMgmt->abyCurrBSSID)) {
1623 if (pMgmt->eCurrState >= WMAC_STATE_AUTHPENDING) {
1624 pMgmt->sNodeDBTable[0].bActive = false;
1625 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
1626 pMgmt->eCurrState = WMAC_STATE_IDLE;
1627 netif_stop_queue(pDevice->dev);
1628 pDevice->bLinkPass = false;
1632 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1633 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1634 wpahdr->type = VIAWGET_DISASSOC_MSG;
1635 wpahdr->resp_ie_len = 0;
1636 wpahdr->req_ie_len = 0;
1637 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1638 pDevice->skb->dev = pDevice->wpadev;
1639 skb_reset_mac_header(pDevice->skb);
1640 pDevice->skb->pkt_type = PACKET_HOST;
1641 pDevice->skb->protocol = htons(ETH_P_802_2);
1642 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1643 netif_rx(pDevice->skb);
1644 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1647 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1649 union iwreq_data wrqu;
1651 memset(&wrqu, 0, sizeof(wrqu));
1652 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1653 PRINT_K("wireless_send_event--->SIOCGIWAP(disauthen)\n");
1654 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1659 /* else, ignore it. TODO: IBSS authentication service
1660 would be implemented here */
1664 //2008-8-4 <add> by chester
1667 * Routine Description:
1668 * check if current channel is match ZoneType.
1677 ChannelExceedZoneType(
1678 struct vnt_private *pDevice,
1679 unsigned char byCurrChannel
1682 bool exceed = false;
1684 switch (pDevice->byZoneType) {
1685 case 0x00: //USA:1~11
1686 if ((byCurrChannel < 1) || (byCurrChannel > 11))
1689 case 0x01: //Japan:1~13
1690 case 0x02: //Europe:1~13
1691 if ((byCurrChannel < 1) || (byCurrChannel > 13))
1694 default: //reserve for other zonetype
1703 * Routine Description:
1704 * Handles and analysis incoming beacon frames.
1715 struct vnt_private *pDevice,
1717 PSRxMgmtPacket pRxPacket,
1722 WLAN_FR_BEACON sFrame;
1724 bool bIsBSSIDEqual = false;
1725 bool bIsSSIDEqual = false;
1726 bool bTSFLargeDiff = false;
1727 bool bTSFOffsetPostive = false;
1728 bool bUpdateTSF = false;
1729 bool bIsAPBeacon = false;
1730 bool bIsChannelEqual = false;
1731 unsigned int uLocateByteIndex;
1732 unsigned char byTIMBitOn = 0;
1733 unsigned short wAIDNumber = 0;
1734 unsigned int uNodeIndex;
1735 u64 qwTimestamp, qwLocalTSF;
1737 unsigned short wStartIndex = 0;
1738 unsigned short wAIDIndex = 0;
1739 unsigned char byCurrChannel = pRxPacket->byRxChannel;
1741 unsigned int uRateLen = WLAN_RATES_MAXLEN;
1742 bool bChannelHit = false;
1743 bool bUpdatePhyParameter = false;
1744 unsigned char byIEChannel = 0;
1746 memset(&sFrame, 0, sizeof(WLAN_FR_BEACON));
1747 sFrame.len = pRxPacket->cbMPDULen;
1748 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
1750 // decode the beacon frame
1751 vMgrDecodeBeacon(&sFrame);
1753 if ((sFrame.pwBeaconInterval == NULL) ||
1754 (sFrame.pwCapInfo == NULL) ||
1755 (sFrame.pSSID == NULL) ||
1756 (sFrame.pSuppRates == NULL)) {
1757 pr_debug("Rx beacon frame error\n");
1761 if (sFrame.pDSParms != NULL) {
1762 if (byCurrChannel > CB_MAX_CHANNEL_24G) {
1763 // channel remapping to
1764 byIEChannel = get_channel_mapping(pDevice, sFrame.pDSParms->byCurrChannel, PHY_TYPE_11A);
1766 byIEChannel = sFrame.pDSParms->byCurrChannel;
1768 if (byCurrChannel != byIEChannel) {
1769 // adjust channel info. bcs we rcv adjacent channel packets
1770 bChannelHit = false;
1771 byCurrChannel = byIEChannel;
1774 // no DS channel info
1777 //2008-0730-01<Add>by MikeLiu
1778 if (ChannelExceedZoneType(pDevice, byCurrChannel))
1781 if (sFrame.pERP != NULL) {
1782 sERP.byERP = sFrame.pERP->byContext;
1783 sERP.bERPExist = true;
1786 sERP.bERPExist = false;
1790 pBSSList = BSSpAddrIsInBSSList((void *)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
1791 if (pBSSList == NULL) {
1792 pr_debug("Beacon/insert: RxChannel = : %d\n", byCurrChannel);
1793 BSSbInsertToBSSList((void *)pDevice,
1794 sFrame.pHdr->sA3.abyAddr3,
1795 *sFrame.pqwTimestamp,
1796 *sFrame.pwBeaconInterval,
1801 sFrame.pExtSuppRates,
1807 sFrame.len - WLAN_HDR_ADDR3_LEN,
1808 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
1812 BSSbUpdateToBSSList((void *)pDevice,
1813 *sFrame.pqwTimestamp,
1814 *sFrame.pwBeaconInterval,
1820 sFrame.pExtSuppRates,
1827 sFrame.len - WLAN_HDR_ADDR3_LEN,
1828 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
1837 if (byCurrChannel == (unsigned char)pMgmt->uCurrChannel)
1838 bIsChannelEqual = true;
1840 if (bIsChannelEqual && (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)) {
1841 // if rx beacon without ERP field
1842 if (sERP.bERPExist) {
1843 if (WLAN_GET_ERP_USE_PROTECTION(sERP.byERP)) {
1844 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
1845 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
1848 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
1849 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
1852 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
1853 if (!WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo))
1854 pDevice->byERPFlag |= WLAN_SET_ERP_BARKER_MODE(1);
1855 if (!sERP.bERPExist)
1856 pDevice->byERPFlag |= WLAN_SET_ERP_NONERP_PRESENT(1);
1860 if (WLAN_GET_ERP_USE_PROTECTION(pDevice->byERPFlag)) {
1861 if (!pDevice->bProtectMode) {
1862 MACvEnableProtectMD(pDevice->PortOffset);
1863 pDevice->bProtectMode = true;
1868 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)
1871 // check if BSSID the same
1872 if (memcmp(sFrame.pHdr->sA3.abyAddr3,
1873 pMgmt->abyCurrBSSID,
1874 WLAN_BSSID_LEN) == 0) {
1875 bIsBSSIDEqual = true;
1877 // 2008-05-21 <add> by Richardtai
1878 pDevice->uCurrRSSI = pRxPacket->uRSSI;
1879 pDevice->byCurrSQ = pRxPacket->bySQ;
1881 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
1882 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
1884 // check if SSID the same
1885 if (sFrame.pSSID->len == ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) {
1886 if (memcmp(sFrame.pSSID->abySSID,
1887 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
1890 bIsSSIDEqual = true;
1894 if (WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo) &&
1897 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
1898 (pMgmt->eCurrState == WMAC_STATE_ASSOC)) {
1899 // add state check to prevent reconnect fail since we'll receive Beacon
1903 if (pBSSList != NULL) {
1904 // Compare PHY parameter setting
1905 if (pMgmt->wCurrCapInfo != pBSSList->wCapInfo) {
1906 bUpdatePhyParameter = true;
1907 pMgmt->wCurrCapInfo = pBSSList->wCapInfo;
1909 if (sFrame.pERP != NULL) {
1910 if ((sFrame.pERP->byElementID == WLAN_EID_ERP) &&
1911 (pMgmt->byERPContext != sFrame.pERP->byContext)) {
1912 bUpdatePhyParameter = true;
1913 pMgmt->byERPContext = sFrame.pERP->byContext;
1917 // Basic Rate Set may change dynamically
1919 if (pBSSList->eNetworkTypeInUse == PHY_TYPE_11B)
1920 uRateLen = WLAN_RATES_MAXLEN_11B;
1922 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abySuppRates,
1923 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
1925 pMgmt->abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abyExtSuppRates,
1926 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
1928 RATEvParseMaxRate((void *)pDevice,
1929 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
1930 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
1932 &(pMgmt->sNodeDBTable[0].wMaxBasicRate),
1933 &(pMgmt->sNodeDBTable[0].wMaxSuppRate),
1934 &(pMgmt->sNodeDBTable[0].wSuppRate),
1935 &(pMgmt->sNodeDBTable[0].byTopCCKBasicRate),
1936 &(pMgmt->sNodeDBTable[0].byTopOFDMBasicRate)
1938 if (bUpdatePhyParameter) {
1939 CARDbSetPhyParameter(pMgmt->pAdapter,
1940 pMgmt->eCurrentPHYMode,
1941 pMgmt->wCurrCapInfo,
1942 pMgmt->byERPContext,
1943 pMgmt->abyCurrSuppRates,
1944 pMgmt->abyCurrExtSuppRates
1947 if (sFrame.pIE_PowerConstraint != NULL) {
1948 CARDvSetPowerConstraint(pMgmt->pAdapter,
1949 (unsigned char) pBSSList->uChannel,
1950 sFrame.pIE_PowerConstraint->byPower
1953 if (sFrame.pIE_CHSW != NULL) {
1954 CARDbChannelSwitch(pMgmt->pAdapter,
1955 sFrame.pIE_CHSW->byMode,
1956 get_channel_mapping(pMgmt->pAdapter, sFrame.pIE_CHSW->byMode, pMgmt->eCurrentPHYMode),
1957 sFrame.pIE_CHSW->byCount
1960 } else if (!bIsChannelEqual) {
1961 set_channel(pMgmt->pAdapter, pBSSList->uChannel);
1966 // pr_debug("Beacon 2\n");
1967 // check if CF field exists
1968 if (WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)) {
1969 if (sFrame.pCFParms->wCFPDurRemaining > 0) {
1970 // TODO: deal with CFP period to set NAV
1974 qwTimestamp = le64_to_cpu(*sFrame.pqwTimestamp);
1975 qwLocalTSF = pRxPacket->qwLocalTSF;
1977 // check if beacon TSF larger or small than our local TSF
1978 if (qwTimestamp >= qwLocalTSF)
1979 bTSFOffsetPostive = true;
1981 bTSFOffsetPostive = false;
1983 if (bTSFOffsetPostive)
1984 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwTimestamp), (qwLocalTSF));
1986 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwLocalTSF), (qwTimestamp));
1988 if (qwTSFOffset > TRIVIAL_SYNC_DIFFERENCE)
1989 bTSFLargeDiff = true;
1993 // Infra mode: Local TSF always follow AP's TSF if Difference huge.
1997 if (pDevice->bEnablePSMode && (sFrame.pTIM != NULL)) {
1998 // deal with DTIM, analysis TIM
1999 pMgmt->bMulticastTIM = WLAN_MGMT_IS_MULTICAST_TIM(sFrame.pTIM->byBitMapCtl) ? true : false;
2000 pMgmt->byDTIMCount = sFrame.pTIM->byDTIMCount;
2001 pMgmt->byDTIMPeriod = sFrame.pTIM->byDTIMPeriod;
2002 wAIDNumber = pMgmt->wCurrAID & ~(BIT14|BIT15);
2004 // check if AID in TIM field bit on
2006 wStartIndex = WLAN_MGMT_GET_TIM_OFFSET(sFrame.pTIM->byBitMapCtl) << 1;
2008 wAIDIndex = (wAIDNumber >> 3);
2009 if ((wAIDNumber > 0) && (wAIDIndex >= wStartIndex)) {
2010 uLocateByteIndex = wAIDIndex - wStartIndex;
2011 // len = byDTIMCount + byDTIMPeriod + byDTIMPeriod + byVirtBitMap[0~250]
2012 if (sFrame.pTIM->len >= (uLocateByteIndex + 4)) {
2013 byTIMBitOn = (0x01) << ((wAIDNumber) % 8);
2014 pMgmt->bInTIM = sFrame.pTIM->byVirtBitMap[uLocateByteIndex] & byTIMBitOn ? true : false;
2016 pMgmt->bInTIM = false;
2019 pMgmt->bInTIM = false;
2022 if (pMgmt->bInTIM ||
2023 (pMgmt->bMulticastTIM && (pMgmt->byDTIMCount == 0))) {
2024 pMgmt->bInTIMWake = true;
2025 // send out ps-poll packet
2028 PSvSendPSPOLL(pDevice);
2031 pMgmt->bInTIMWake = false;
2032 pr_debug("BCN: Not In TIM..\n");
2033 if (!pDevice->bPWBitOn) {
2034 pr_debug("BCN: Send Null Packet\n");
2035 if (PSbSendNullPacket(pDevice))
2036 pDevice->bPWBitOn = true;
2038 if (PSbConsiderPowerDown(pDevice, false, false))
2039 pr_debug("BCN: Power down now...\n");
2046 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && !bIsAPBeacon && bIsChannelEqual) {
2047 if (bIsBSSIDEqual) {
2048 // Use sNodeDBTable[0].uInActiveCount as IBSS beacons received count.
2049 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
2050 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2052 // adhoc mode:TSF updated only when beacon larger than local TSF
2053 if (bTSFLargeDiff && bTSFOffsetPostive &&
2054 (pMgmt->eCurrState == WMAC_STATE_JOINTED))
2057 // During dpc, already in spinlocked.
2058 if (BSSDBbIsSTAInNodeDB(pMgmt, sFrame.pHdr->sA3.abyAddr2, &uNodeIndex)) {
2059 // Update the STA, (Technically the Beacons of all the IBSS nodes
2060 // should be identical, but that's not happening in practice.
2061 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2062 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2063 WLAN_RATES_MAXLEN_11B);
2064 RATEvParseMaxRate((void *)pDevice,
2065 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2068 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2069 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2070 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2071 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2072 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2074 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2075 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2076 pMgmt->sNodeDBTable[uNodeIndex].uInActiveCount = 0;
2078 // Todo, initial Node content
2079 BSSvCreateOneNode(pDevice, &uNodeIndex);
2081 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2082 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2083 WLAN_RATES_MAXLEN_11B);
2084 RATEvParseMaxRate((void *)pDevice,
2085 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2088 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2089 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2090 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2091 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2092 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2095 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, sFrame.pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
2096 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2097 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate = pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
2099 pr_debug("s_vMgrRxBeacon:TxDataRate is %d,Index is %d\n", pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate, uNodeIndex);
2103 // if other stations joined, indicate connection to upper layer..
2104 if (pMgmt->eCurrState == WMAC_STATE_STARTED) {
2105 pr_debug("Current IBSS State: [Started]........to: [Jointed]\n");
2106 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2107 pDevice->bLinkPass = true;
2108 if (netif_queue_stopped(pDevice->dev))
2109 netif_wake_queue(pDevice->dev);
2111 pMgmt->sNodeDBTable[0].bActive = true;
2112 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2115 } else if (bIsSSIDEqual) {
2116 // See other adhoc sta with the same SSID but BSSID is different.
2117 // adpot this vars only when TSF larger then us.
2118 if (bTSFLargeDiff && bTSFOffsetPostive) {
2119 // we don't support ATIM under adhoc mode
2120 // if (sFrame.pIBSSParms->wATIMWindow == 0) {
2122 // TODO: check sFrame cap if privacy on, and support rate syn
2123 memcpy(pMgmt->abyCurrBSSID, sFrame.pHdr->sA3.abyAddr3, WLAN_BSSID_LEN);
2124 memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
2125 pMgmt->wCurrATIMWindow = cpu_to_le16(sFrame.pIBSSParms->wATIMWindow);
2126 pMgmt->wCurrBeaconPeriod = cpu_to_le16(*sFrame.pwBeaconInterval);
2127 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2128 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2129 WLAN_RATES_MAXLEN_11B);
2130 // set HW beacon interval and re-synchronizing....
2131 pr_debug("Rejoining to Other Adhoc group with same SSID........\n");
2132 VNSvOutPortW(pDevice->PortOffset + MAC_REG_BI, pMgmt->wCurrBeaconPeriod);
2133 CARDbUpdateTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, qwLocalTSF);
2134 CARDvUpdateNextTBTT(pDevice->PortOffset, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2135 // Turn off bssid filter to avoid filter others adhoc station which bssid is different.
2136 MACvWriteBSSIDAddress(pDevice->PortOffset, pMgmt->abyCurrBSSID);
2138 CARDbSetPhyParameter(pMgmt->pAdapter,
2139 pMgmt->eCurrentPHYMode,
2140 pMgmt->wCurrCapInfo,
2141 pMgmt->byERPContext,
2142 pMgmt->abyCurrSuppRates,
2143 pMgmt->abyCurrExtSuppRates);
2145 // Prepare beacon frame
2146 bMgrPrepareBeaconToSend((void *)pDevice, pMgmt);
2153 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2154 CARDbUpdateTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, pRxPacket->qwLocalTSF);
2155 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2156 CARDvUpdateNextTBTT(pDevice->PortOffset, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2162 * Routine Description:
2163 * Instructs the hw to create a bss using the supplied
2164 * attributes. Note that this implementation only supports Ad-Hoc
2174 void *hDeviceContext,
2178 struct vnt_private *pDevice = hDeviceContext;
2179 PSMgmtObject pMgmt = pDevice->pMgmt;
2180 unsigned short wMaxBasicRate;
2181 unsigned short wMaxSuppRate;
2182 unsigned char byTopCCKBasicRate;
2183 unsigned char byTopOFDMBasicRate;
2186 unsigned char abyRATE[] = {0x82, 0x84, 0x8B, 0x96, 0x24, 0x30, 0x48, 0x6C, 0x0C, 0x12, 0x18, 0x60};
2187 unsigned char abyCCK_RATE[] = {0x82, 0x84, 0x8B, 0x96};
2188 unsigned char abyOFDM_RATE[] = {0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2189 unsigned short wSuppRate;
2191 pr_debug("Create Basic Service Set .......\n");
2193 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2194 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) &&
2195 (pDevice->eEncryptionStatus != Ndis802_11Encryption2Enabled) &&
2196 (pDevice->eEncryptionStatus != Ndis802_11Encryption3Enabled)) {
2197 // encryption mode error
2198 *pStatus = CMD_STATUS_FAILURE;
2203 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2204 pMgmt->abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
2206 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2207 pMgmt->eCurrentPHYMode = pMgmt->byAPBBType;
2209 if (pDevice->byBBType == BB_TYPE_11G)
2210 pMgmt->eCurrentPHYMode = PHY_TYPE_11G;
2211 if (pDevice->byBBType == BB_TYPE_11B)
2212 pMgmt->eCurrentPHYMode = PHY_TYPE_11B;
2213 if (pDevice->byBBType == BB_TYPE_11A)
2214 pMgmt->eCurrentPHYMode = PHY_TYPE_11A;
2217 if (pMgmt->eCurrentPHYMode != PHY_TYPE_11A) {
2218 pMgmt->abyCurrSuppRates[1] = WLAN_RATES_MAXLEN_11B;
2219 pMgmt->abyCurrExtSuppRates[1] = 0;
2220 for (ii = 0; ii < 4; ii++)
2221 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2223 pMgmt->abyCurrSuppRates[1] = 8;
2224 pMgmt->abyCurrExtSuppRates[1] = 0;
2225 for (ii = 0; ii < 8; ii++)
2226 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2229 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
2230 pMgmt->abyCurrSuppRates[1] = 8;
2231 pMgmt->abyCurrExtSuppRates[1] = 4;
2232 for (ii = 0; ii < 4; ii++)
2233 pMgmt->abyCurrSuppRates[2+ii] = abyCCK_RATE[ii];
2234 for (ii = 4; ii < 8; ii++)
2235 pMgmt->abyCurrSuppRates[2+ii] = abyOFDM_RATE[ii-4];
2236 for (ii = 0; ii < 4; ii++)
2237 pMgmt->abyCurrExtSuppRates[2+ii] = abyOFDM_RATE[ii+4];
2240 // Disable Protect Mode
2241 pDevice->bProtectMode = false;
2242 MACvDisableProtectMD(pDevice->PortOffset);
2244 pDevice->bBarkerPreambleMd = false;
2245 MACvDisableBarkerPreambleMd(pDevice->PortOffset);
2247 // Kyle Test 2003.11.04
2249 // set HW beacon interval
2250 if (pMgmt->wIBSSBeaconPeriod == 0)
2251 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
2253 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2254 // clear TSF counter
2255 VNSvOutPortB(pDevice->PortOffset + MAC_REG_TFTCTL, TFTCTL_TSFCNTRST);
2256 // enable TSF counter
2257 VNSvOutPortB(pDevice->PortOffset + MAC_REG_TFTCTL, TFTCTL_TSFCNTREN);
2260 CARDvSetFirstNextTBTT(pDevice->PortOffset, pMgmt->wIBSSBeaconPeriod);
2262 pMgmt->uIBSSChannel = pDevice->uChannel;
2264 if (pMgmt->uIBSSChannel == 0)
2265 pMgmt->uIBSSChannel = DEFAULT_IBSS_CHANNEL;
2269 RATEvParseMaxRate((void *)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2270 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates, true,
2271 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2272 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2274 if (pMgmt->eConfigMode == WMAC_CONFIG_AP)
2275 pMgmt->eCurrMode = WMAC_MODE_ESS_AP;
2277 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2278 memcpy(pMgmt->abyIBSSDFSOwner, pDevice->abyCurrentNetAddr, 6);
2279 pMgmt->byIBSSDFSRecovery = 10;
2280 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2283 // Adopt pre-configured IBSS vars to current vars
2284 pMgmt->eCurrState = WMAC_STATE_STARTED;
2285 pMgmt->wCurrBeaconPeriod = pMgmt->wIBSSBeaconPeriod;
2286 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2287 pMgmt->wCurrATIMWindow = pMgmt->wIBSSATIMWindow;
2288 MACvWriteATIMW(pDevice->PortOffset, pMgmt->wCurrATIMWindow);
2289 pDevice->uCurrRSSI = 0;
2290 pDevice->byCurrSQ = 0;
2291 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2292 memcpy(pMgmt->abyCurrSSID,
2293 pMgmt->abyDesireSSID,
2294 ((PWLAN_IE_SSID)pMgmt->abyDesireSSID)->len + WLAN_IEHDR_LEN
2297 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2298 // AP mode BSSID = MAC addr
2299 memcpy(pMgmt->abyCurrBSSID, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
2300 pr_info("AP beacon created BSSID:%pM\n",
2301 pMgmt->abyCurrBSSID);
2304 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2305 // BSSID selected must be randomized as spec 11.1.3
2306 pMgmt->abyCurrBSSID[5] = (u8) (qwCurrTSF & 0x000000ff);
2307 pMgmt->abyCurrBSSID[4] = (u8) ((qwCurrTSF & 0x0000ff00) >> 8);
2308 pMgmt->abyCurrBSSID[3] = (u8) ((qwCurrTSF & 0x00ff0000) >> 16);
2309 pMgmt->abyCurrBSSID[2] = (u8) ((qwCurrTSF & 0x00000ff0) >> 4);
2310 pMgmt->abyCurrBSSID[1] = (u8) ((qwCurrTSF & 0x000ff000) >> 12);
2311 pMgmt->abyCurrBSSID[0] = (u8) ((qwCurrTSF & 0x0ff00000) >> 20);
2312 pMgmt->abyCurrBSSID[5] ^= pMgmt->abyMACAddr[0];
2313 pMgmt->abyCurrBSSID[4] ^= pMgmt->abyMACAddr[1];
2314 pMgmt->abyCurrBSSID[3] ^= pMgmt->abyMACAddr[2];
2315 pMgmt->abyCurrBSSID[2] ^= pMgmt->abyMACAddr[3];
2316 pMgmt->abyCurrBSSID[1] ^= pMgmt->abyMACAddr[4];
2317 pMgmt->abyCurrBSSID[0] ^= pMgmt->abyMACAddr[5];
2318 pMgmt->abyCurrBSSID[0] &= ~IEEE_ADDR_GROUP;
2319 pMgmt->abyCurrBSSID[0] |= IEEE_ADDR_UNIVERSAL;
2321 pr_info("Adhoc beacon created bssid:%pM\n",
2322 pMgmt->abyCurrBSSID);
2325 // Set Capability Info
2326 pMgmt->wCurrCapInfo = 0;
2328 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2329 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
2330 pMgmt->byDTIMPeriod = DEFAULT_DTIM_PERIOD;
2331 pMgmt->byDTIMCount = pMgmt->byDTIMPeriod - 1;
2334 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA)
2335 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_IBSS(1);
2337 if (pDevice->bEncryptionEnable) {
2338 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
2339 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2340 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2341 pMgmt->byCSSPK = KEY_CTL_CCMP;
2342 pMgmt->byCSSGK = KEY_CTL_CCMP;
2343 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2344 pMgmt->byCSSPK = KEY_CTL_TKIP;
2345 pMgmt->byCSSGK = KEY_CTL_TKIP;
2347 pMgmt->byCSSPK = KEY_CTL_NONE;
2348 pMgmt->byCSSGK = KEY_CTL_WEP;
2351 pMgmt->byCSSPK = KEY_CTL_WEP;
2352 pMgmt->byCSSGK = KEY_CTL_WEP;
2356 pMgmt->byERPContext = 0;
2358 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2359 CARDbSetBSSID(pMgmt->pAdapter, pMgmt->abyCurrBSSID, NL80211_IFTYPE_AP);
2361 CARDbSetBSSID(pMgmt->pAdapter, pMgmt->abyCurrBSSID, NL80211_IFTYPE_ADHOC);
2364 CARDbSetPhyParameter(pMgmt->pAdapter,
2365 pMgmt->eCurrentPHYMode,
2366 pMgmt->wCurrCapInfo,
2367 pMgmt->byERPContext,
2368 pMgmt->abyCurrSuppRates,
2369 pMgmt->abyCurrExtSuppRates
2372 CARDbSetBeaconPeriod(pMgmt->pAdapter, pMgmt->wIBSSBeaconPeriod);
2373 // set channel and clear NAV
2374 set_channel(pMgmt->pAdapter, pMgmt->uIBSSChannel);
2375 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2377 if (CARDbIsShortPreamble(pMgmt->pAdapter))
2378 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
2380 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SHORTPREAMBLE(1));
2382 if (pMgmt->b11hEnable &&
2383 (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
2384 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
2386 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SPECTRUMMNG(1));
2389 pMgmt->eCurrState = WMAC_STATE_STARTED;
2390 // Prepare beacon to send
2391 if (bMgrPrepareBeaconToSend((void *)pDevice, pMgmt))
2392 *pStatus = CMD_STATUS_SUCCESS;
2397 * Routine Description:
2398 * Instructs wmac to join a bss using the supplied attributes.
2399 * The arguments may the BSSID or SSID and the rest of the
2400 * attributes are obtained from the scan result of known bss list.
2410 void *hDeviceContext,
2414 struct vnt_private *pDevice = hDeviceContext;
2415 PSMgmtObject pMgmt = pDevice->pMgmt;
2416 PKnownBSS pCurr = NULL;
2417 unsigned int ii, uu;
2418 PWLAN_IE_SUPP_RATES pItemRates = NULL;
2419 PWLAN_IE_SUPP_RATES pItemExtRates = NULL;
2420 PWLAN_IE_SSID pItemSSID;
2421 unsigned int uRateLen = WLAN_RATES_MAXLEN;
2422 unsigned short wMaxBasicRate = RATE_1M;
2423 unsigned short wMaxSuppRate = RATE_1M;
2424 unsigned short wSuppRate;
2425 unsigned char byTopCCKBasicRate = RATE_1M;
2426 unsigned char byTopOFDMBasicRate = RATE_1M;
2428 for (ii = 0; ii < MAX_BSS_NUM; ii++) {
2429 if (pMgmt->sBSSList[ii].bActive)
2433 if (ii == MAX_BSS_NUM) {
2434 *pStatus = CMD_STATUS_RESOURCES;
2435 pr_info("BSS finding:BSS list is empty\n");
2439 // Search known BSS list for prefer BSSID or SSID
2441 pCurr = BSSpSearchBSSList(pDevice,
2442 pMgmt->abyDesireBSSID,
2443 pMgmt->abyDesireSSID,
2444 pMgmt->eConfigPHYMode
2447 if (pCurr == NULL) {
2448 *pStatus = CMD_STATUS_RESOURCES;
2449 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyDesireSSID;
2450 pr_info("Scanning [%s] not found, disconnected !\n",
2451 pItemSSID->abySSID);
2455 pr_info("AP(BSS) finding:Found a AP(BSS)..\n");
2456 if (WLAN_GET_CAP_INFO_ESS(cpu_to_le16(pCurr->wCapInfo))) {
2457 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA) || (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)) {
2458 // patch for CISCO migration mode
2461 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
2462 Encyption_Rebuild(pDevice, pCurr);
2464 // Infrastructure BSS
2465 s_vMgrSynchBSS(pDevice,
2471 if (*pStatus == CMD_STATUS_SUCCESS) {
2472 // Adopt this BSS state vars in Mgmt Object
2473 pMgmt->uCurrChannel = pCurr->uChannel;
2475 memset(pMgmt->abyCurrSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2476 memset(pMgmt->abyCurrExtSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2478 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B)
2479 uRateLen = WLAN_RATES_MAXLEN_11B;
2481 pItemRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates;
2482 pItemExtRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates;
2484 // Parse Support Rate IE
2485 pItemRates->byElementID = WLAN_EID_SUPP_RATES;
2486 pItemRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2490 // Parse Extension Support Rate IE
2491 pItemExtRates->byElementID = WLAN_EID_EXTSUPP_RATES;
2492 pItemExtRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abyExtSuppRates,
2496 if ((pItemExtRates->len > 0) && (pItemRates->len < 8)) {
2497 for (ii = 0; ii < (unsigned int)(8 - pItemRates->len);) {
2498 pItemRates->abyRates[pItemRates->len + ii] = pItemExtRates->abyRates[ii];
2500 if (pItemExtRates->len <= ii)
2503 pItemRates->len += (unsigned char)ii;
2504 if (pItemExtRates->len - ii > 0) {
2505 pItemExtRates->len -= (unsigned char)ii;
2506 for (uu = 0; uu < pItemExtRates->len; uu++)
2507 pItemExtRates->abyRates[uu] = pItemExtRates->abyRates[uu + ii];
2509 pItemExtRates->len = 0;
2513 RATEvParseMaxRate((void *)pDevice, pItemRates, pItemExtRates, true,
2514 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2515 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2517 // TODO: deal with if wCapInfo the privacy is on, but station WEP is off
2518 // TODO: deal with if wCapInfo the PS-Pollable is on.
2519 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2520 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2521 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2522 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2524 pMgmt->eCurrMode = WMAC_MODE_ESS_STA;
2526 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2528 // Add current BSS to Candidate list
2529 // This should only works for WPA2 BSS, and WPA2 BSS check must be done before.
2530 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
2531 bool bResult = bAdd_PMKID_Candidate((void *)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2533 pr_debug("bAdd_PMKID_Candidate: 1(%d)\n",
2536 vFlush_PMKID_Candidate((void *)pDevice);
2537 pr_debug("vFlush_PMKID_Candidate: 4\n");
2538 bAdd_PMKID_Candidate((void *)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2542 // Preamble type auto-switch: if AP can receive short-preamble cap,
2543 // we can turn on too.
2545 pr_debug("Join ESS\n");
2547 pr_debug("End of Join AP -- A/B/G Action\n");
2549 pMgmt->eCurrState = WMAC_STATE_IDLE;
2554 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2555 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2556 if (!WPA_SearchRSN(0, WPA_TKIP, pCurr)) {
2557 // encryption mode error
2558 pMgmt->eCurrState = WMAC_STATE_IDLE;
2561 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2562 if (!WPA_SearchRSN(0, WPA_AESCCMP, pCurr)) {
2563 // encryption mode error
2564 pMgmt->eCurrState = WMAC_STATE_IDLE;
2568 // encryption mode error
2569 pMgmt->eCurrState = WMAC_STATE_IDLE;
2574 s_vMgrSynchBSS(pDevice,
2580 if (*pStatus == CMD_STATUS_SUCCESS) {
2581 // Adopt this BSS state vars in Mgmt Object
2582 // TODO: check if CapInfo privacy on, but we don't..
2583 pMgmt->uCurrChannel = pCurr->uChannel;
2585 // Parse Support Rate IE
2586 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2587 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2588 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2589 WLAN_RATES_MAXLEN_11B);
2591 RATEvParseMaxRate((void *)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2592 NULL, true, &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2593 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2595 pMgmt->wCurrCapInfo = pCurr->wCapInfo;
2596 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2597 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2598 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2599 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2600 MACvWriteATIMW(pDevice->PortOffset, pMgmt->wCurrATIMWindow);
2601 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2603 pMgmt->eCurrState = WMAC_STATE_STARTED;
2605 pr_debug("Join IBSS ok:%pM\n",
2606 pMgmt->abyCurrBSSID);
2607 // Preamble type auto-switch: if AP can receive short-preamble cap,
2608 // and if registry setting is short preamble we can turn on too.
2611 bMgrPrepareBeaconToSend((void *)pDevice, pMgmt);
2613 pMgmt->eCurrState = WMAC_STATE_IDLE;
2620 * Routine Description:
2621 * Set HW to synchronize a specific BSS from known BSS list.
2631 struct vnt_private *pDevice,
2632 unsigned int uBSSMode,
2637 CARD_PHY_TYPE ePhyType = PHY_TYPE_11B;
2638 PSMgmtObject pMgmt = pDevice->pMgmt;
2640 //1M, 2M, 5M, 11M, 18M, 24M, 36M, 54M
2641 unsigned char abyCurrSuppRatesG[] = {WLAN_EID_SUPP_RATES, 8, 0x02, 0x04, 0x0B, 0x16, 0x24, 0x30, 0x48, 0x6C};
2642 unsigned char abyCurrExtSuppRatesG[] = {WLAN_EID_EXTSUPP_RATES, 4, 0x0C, 0x12, 0x18, 0x60};
2644 unsigned char abyCurrSuppRatesA[] = {WLAN_EID_SUPP_RATES, 8, 0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2645 unsigned char abyCurrSuppRatesB[] = {WLAN_EID_SUPP_RATES, 4, 0x02, 0x04, 0x0B, 0x16};
2647 *pStatus = CMD_STATUS_FAILURE;
2649 if (!s_bCipherMatch(pCurr,
2650 pDevice->eEncryptionStatus,
2652 &(pMgmt->byCSSGK))) {
2653 pr_debug("s_bCipherMatch Fail .......\n");
2657 pMgmt->pCurrBSS = pCurr;
2659 // if previous mode is IBSS.
2660 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2661 MACvRegBitsOff(pDevice->PortOffset, MAC_REG_BCNDMACTL, BEACON_READY);
2662 MACvRegBitsOff(pDevice->PortOffset, MAC_REG_TCR, TCR_AUTOBCNTX);
2665 // Init the BSS informations
2666 pDevice->bProtectMode = false;
2667 MACvDisableProtectMD(pDevice->PortOffset);
2668 pDevice->bBarkerPreambleMd = false;
2669 MACvDisableBarkerPreambleMd(pDevice->PortOffset);
2670 pDevice->bNonERPPresent = false;
2671 pDevice->byPreambleType = 0;
2672 pDevice->wBasicRate = 0;
2674 CARDbAddBasicRate((void *)pDevice, RATE_1M);
2675 // calculate TSF offset
2676 // TSF Offset = Received Timestamp TSF - Marked Local's TSF
2677 CARDbUpdateTSF(pDevice, pCurr->byRxRate, pCurr->qwBSSTimestamp, pCurr->qwLocalTSF);
2679 CARDbSetBeaconPeriod(pDevice, pCurr->wBeaconInterval);
2682 // Next TBTT = ((local_current_TSF / beacon_interval) + 1) * beacon_interval
2683 CARDvSetFirstNextTBTT(pDevice->PortOffset, pCurr->wBeaconInterval);
2686 MACvWriteBSSIDAddress(pDevice->PortOffset, pCurr->abyBSSID);
2688 MACvReadBSSIDAddress(pDevice->PortOffset, pMgmt->abyCurrBSSID);
2690 pr_debug("Sync:set CurrBSSID address = %pM\n", pMgmt->abyCurrBSSID);
2692 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11A) {
2693 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11A) ||
2694 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
2695 ePhyType = PHY_TYPE_11A;
2699 } else if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
2700 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11B) ||
2701 (pMgmt->eConfigPHYMode == PHY_TYPE_11G) ||
2702 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
2703 ePhyType = PHY_TYPE_11B;
2708 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11G) ||
2709 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
2710 ePhyType = PHY_TYPE_11G;
2711 } else if (pMgmt->eConfigPHYMode == PHY_TYPE_11B) {
2712 ePhyType = PHY_TYPE_11B;
2718 if (ePhyType == PHY_TYPE_11A) {
2719 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesA[0], sizeof(abyCurrSuppRatesA));
2720 pMgmt->abyCurrExtSuppRates[1] = 0;
2721 } else if (ePhyType == PHY_TYPE_11B) {
2722 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesB[0], sizeof(abyCurrSuppRatesB));
2723 pMgmt->abyCurrExtSuppRates[1] = 0;
2725 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesG[0], sizeof(abyCurrSuppRatesG));
2726 memcpy(pMgmt->abyCurrExtSuppRates, &abyCurrExtSuppRatesG[0], sizeof(abyCurrExtSuppRatesG));
2729 if (WLAN_GET_CAP_INFO_ESS(pCurr->wCapInfo)) {
2730 CARDbSetBSSID(pMgmt->pAdapter, pCurr->abyBSSID, NL80211_IFTYPE_STATION);
2731 // Add current BSS to Candidate list
2732 // This should only works for WPA2 BSS, and WPA2 BSS check must be done before.
2733 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)
2734 CARDbAdd_PMKID_Candidate(pMgmt->pAdapter, pMgmt->abyCurrBSSID, pCurr->sRSNCapObj.bRSNCapExist, pCurr->sRSNCapObj.wRSNCap);
2736 CARDbSetBSSID(pMgmt->pAdapter, pCurr->abyBSSID, NL80211_IFTYPE_ADHOC);
2739 if (!CARDbSetPhyParameter(pMgmt->pAdapter,
2743 pMgmt->abyCurrSuppRates,
2744 pMgmt->abyCurrExtSuppRates)) {
2745 pr_debug("<----s_bSynchBSS Set Phy Mode Fail [%d]\n", ePhyType);
2748 // set channel and clear NAV
2749 if (!set_channel(pMgmt->pAdapter, pCurr->uChannel)) {
2750 pr_debug("<----s_bSynchBSS Set Channel [%d]\n",
2755 pMgmt->uCurrChannel = pCurr->uChannel;
2756 pMgmt->eCurrentPHYMode = ePhyType;
2757 pMgmt->byERPContext = pCurr->sERP.byERP;
2758 pr_debug("Sync:Set to channel = [%d]\n", (int)pCurr->uChannel);
2760 *pStatus = CMD_STATUS_SUCCESS;
2765 //mike add: fix NetworkManager 0.7.0 hidden ssid mode in WPA encryption
2766 // ,need reset eAuthenMode and eEncryptionStatus
2767 static void Encyption_Rebuild(
2768 struct vnt_private *pDevice,
2772 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2774 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) || //networkmanager 0.7.0 does not give the pairwise-key selection,
2775 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) { // so we need re-select it according to real pairwise-key info.
2776 if (pCurr->bWPAValid) { //WPA-PSK
2777 pMgmt->eAuthenMode = WMAC_AUTH_WPAPSK;
2778 if (pCurr->abyPKType[0] == WPA_TKIP) {
2779 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
2780 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-TKIP]\n");
2781 } else if (pCurr->abyPKType[0] == WPA_AESCCMP) {
2782 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
2783 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-AES]\n");
2785 } else if (pCurr->bWPA2Valid) { //WPA2-PSK
2786 pMgmt->eAuthenMode = WMAC_AUTH_WPA2PSK;
2787 if (pCurr->abyCSSPK[0] == WLAN_11i_CSS_TKIP) {
2788 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
2789 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-TKIP]\n");
2790 } else if (pCurr->abyCSSPK[0] == WLAN_11i_CSS_CCMP) {
2791 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
2792 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-AES]\n");
2800 * Routine Description:
2816 unsigned char byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
2817 unsigned char byMap;
2818 unsigned int ii, jj;
2819 bool bStartFound = false;
2820 bool bMulticast = false;
2821 unsigned short wStartIndex = 0;
2822 unsigned short wEndIndex = 0;
2824 // Find size of partial virtual bitmap
2825 for (ii = 0; ii < (MAX_NODE_NUM + 1); ii++) {
2826 byMap = pMgmt->abyPSTxMap[ii];
2828 // Mask out the broadcast bit which is indicated separately.
2829 bMulticast = (byMap & byMask[0]) != 0;
2831 pMgmt->sNodeDBTable[0].bRxPSPoll = true;
2844 // Round start index down to nearest even number
2845 wStartIndex &= ~BIT0;
2847 // Round end index up to nearest even number
2848 wEndIndex = ((wEndIndex + 1) & ~BIT0);
2850 // Size of element payload
2852 pTIM->len = 3 + (wEndIndex - wStartIndex) + 1;
2854 // Fill in the Fixed parts of the TIM
2855 pTIM->byDTIMCount = pMgmt->byDTIMCount;
2856 pTIM->byDTIMPeriod = pMgmt->byDTIMPeriod;
2857 pTIM->byBitMapCtl = (bMulticast ? TIM_MULTICAST_MASK : 0) |
2858 (((wStartIndex >> 1) << 1) & TIM_BITMAPOFFSET_MASK);
2860 // Append variable part of TIM
2862 for (ii = wStartIndex, jj = 0; ii <= wEndIndex; ii++, jj++)
2863 pTIM->byVirtBitMap[jj] = pMgmt->abyPSTxMap[ii];
2865 // Aid = 0 don't used.
2866 pTIM->byVirtBitMap[0] &= ~BIT0;
2871 * Routine Description:
2872 * Constructs an Beacon frame(Ad-hoc mode)
2876 * PTR to frame; or NULL on allocation failure
2883 struct vnt_private *pDevice,
2885 unsigned short wCurrCapInfo,
2886 unsigned short wCurrBeaconPeriod,
2887 unsigned int uCurrChannel,
2888 unsigned short wCurrATIMWinodw,
2889 PWLAN_IE_SSID pCurrSSID,
2890 unsigned char *pCurrBSSID,
2891 PWLAN_IE_SUPP_RATES pCurrSuppRates,
2892 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
2895 PSTxMgmtPacket pTxPacket = NULL;
2896 WLAN_FR_BEACON sFrame;
2897 unsigned char abyBroadcastAddr[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
2898 unsigned char *pbyBuffer;
2899 unsigned int uLength = 0;
2900 PWLAN_IE_IBSS_DFS pIBSSDFS = NULL;
2903 // prepare beacon frame
2904 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
2905 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_BEACON_FR_MAXLEN);
2906 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
2907 // Setup the sFrame structure.
2908 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
2909 sFrame.len = WLAN_BEACON_FR_MAXLEN;
2910 vMgrEncodeBeacon(&sFrame);
2912 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
2914 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
2915 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_BEACON)
2918 if (pDevice->bEnablePSMode)
2919 sFrame.pHdr->sA3.wFrameCtl |= cpu_to_le16((unsigned short)WLAN_SET_FC_PWRMGT(1));
2921 memcpy(sFrame.pHdr->sA3.abyAddr1, abyBroadcastAddr, WLAN_ADDR_LEN);
2922 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
2923 memcpy(sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
2924 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
2925 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
2927 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
2928 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
2929 memcpy(sFrame.pSSID,
2931 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
2933 // Copy the rate set
2934 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
2935 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
2936 memcpy(sFrame.pSuppRates,
2938 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
2941 if (pDevice->eCurrentPHYType != PHY_TYPE_11A) {
2942 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
2943 sFrame.len += (1) + WLAN_IEHDR_LEN;
2944 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
2945 sFrame.pDSParms->len = 1;
2946 sFrame.pDSParms->byCurrChannel = (unsigned char)uCurrChannel;
2949 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2950 sFrame.pTIM = (PWLAN_IE_TIM)(sFrame.pBuf + sFrame.len);
2951 sFrame.pTIM->byElementID = WLAN_EID_TIM;
2952 s_vMgrFormatTIM(pMgmt, sFrame.pTIM);
2953 sFrame.len += (WLAN_IEHDR_LEN + sFrame.pTIM->len);
2956 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2958 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
2959 sFrame.len += (2) + WLAN_IEHDR_LEN;
2960 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
2961 sFrame.pIBSSParms->len = 2;
2962 sFrame.pIBSSParms->wATIMWindow = wCurrATIMWinodw;
2963 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2965 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
2966 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
2967 sFrame.pRSNWPA->len = 12;
2968 sFrame.pRSNWPA->abyOUI[0] = 0x00;
2969 sFrame.pRSNWPA->abyOUI[1] = 0x50;
2970 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
2971 sFrame.pRSNWPA->abyOUI[3] = 0x01;
2972 sFrame.pRSNWPA->wVersion = 1;
2973 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
2974 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
2975 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
2976 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled)
2977 sFrame.pRSNWPA->abyMulticast[3] = 0x04;//AES
2978 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled)
2979 sFrame.pRSNWPA->abyMulticast[3] = 0x02;//TKIP
2980 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption1Enabled)
2981 sFrame.pRSNWPA->abyMulticast[3] = 0x01;//WEP40
2983 sFrame.pRSNWPA->abyMulticast[3] = 0x00;//NONE
2985 // Pairwise Key Cipher Suite
2986 sFrame.pRSNWPA->wPKCount = 0;
2987 // Auth Key Management Suite
2988 *((unsigned short *)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len)) = 0;
2989 sFrame.pRSNWPA->len += 2;
2992 *((unsigned short *)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len)) = 0;
2993 sFrame.pRSNWPA->len += 2;
2994 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
2998 if (pMgmt->b11hEnable && (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
3000 pbyBuffer = (unsigned char *)(sFrame.pBuf + sFrame.len);
3001 set_country_IE(pMgmt->pAdapter, pbyBuffer);
3002 set_country_info(pMgmt->pAdapter, PHY_TYPE_11A, pbyBuffer);
3003 uLength += ((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN;
3004 pbyBuffer += (((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN);
3005 // Power Constrain IE
3006 ((PWLAN_IE_PW_CONST) pbyBuffer)->byElementID = WLAN_EID_PWR_CONSTRAINT;
3007 ((PWLAN_IE_PW_CONST) pbyBuffer)->len = 1;
3008 ((PWLAN_IE_PW_CONST) pbyBuffer)->byPower = 0;
3009 pbyBuffer += (1) + WLAN_IEHDR_LEN;
3010 uLength += (1) + WLAN_IEHDR_LEN;
3011 if (pMgmt->bSwitchChannel) {
3012 // Channel Switch IE
3013 ((PWLAN_IE_CH_SW) pbyBuffer)->byElementID = WLAN_EID_CH_SWITCH;
3014 ((PWLAN_IE_CH_SW) pbyBuffer)->len = 3;
3015 ((PWLAN_IE_CH_SW) pbyBuffer)->byMode = 1;
3016 ((PWLAN_IE_CH_SW) pbyBuffer)->byChannel = get_channel_number(pMgmt->pAdapter, pMgmt->byNewChannel);
3017 ((PWLAN_IE_CH_SW) pbyBuffer)->byCount = 0;
3018 pbyBuffer += (3) + WLAN_IEHDR_LEN;
3019 uLength += (3) + WLAN_IEHDR_LEN;
3022 ((PWLAN_IE_TPC_REP) pbyBuffer)->byElementID = WLAN_EID_TPC_REP;
3023 ((PWLAN_IE_TPC_REP) pbyBuffer)->len = 2;
3024 ((PWLAN_IE_TPC_REP) pbyBuffer)->byTxPower = CARDbyGetTransmitPower(pMgmt->pAdapter);
3025 ((PWLAN_IE_TPC_REP) pbyBuffer)->byLinkMargin = 0;
3026 pbyBuffer += (2) + WLAN_IEHDR_LEN;
3027 uLength += (2) + WLAN_IEHDR_LEN;
3029 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3030 pIBSSDFS = (PWLAN_IE_IBSS_DFS) pbyBuffer;
3031 pIBSSDFS->byElementID = WLAN_EID_IBSS_DFS;
3033 memcpy(pIBSSDFS->abyDFSOwner,
3034 pMgmt->abyIBSSDFSOwner,
3036 pIBSSDFS->byDFSRecovery = pMgmt->byIBSSDFSRecovery;
3037 pbyBuffer += (7) + WLAN_IEHDR_LEN;
3038 uLength += (7) + WLAN_IEHDR_LEN;
3039 for (ii = CB_MAX_CHANNEL_24G+1; ii <= CB_MAX_CHANNEL; ii++) {
3040 if (get_channel_map_info(pMgmt->pAdapter, ii, pbyBuffer, pbyBuffer+1)) {
3047 sFrame.len += uLength;
3050 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
3051 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3052 sFrame.len += 1 + WLAN_IEHDR_LEN;
3053 sFrame.pERP->byElementID = WLAN_EID_ERP;
3054 sFrame.pERP->len = 1;
3055 sFrame.pERP->byContext = 0;
3056 if (pDevice->bProtectMode)
3057 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3058 if (pDevice->bNonERPPresent)
3059 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3060 if (pDevice->bBarkerPreambleMd)
3061 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3063 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3064 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3065 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3066 memcpy(sFrame.pExtSuppRates,
3068 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3071 // hostapd wpa/wpa2 IE
3072 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && pDevice->bEnableHostapd) {
3073 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3074 if (pMgmt->wWPAIELen != 0) {
3075 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3076 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3077 sFrame.len += pMgmt->wWPAIELen;
3082 /* Adjust the length fields */
3083 pTxPacket->cbMPDULen = sFrame.len;
3084 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3091 * Routine Description:
3092 * Constructs an Prob-response frame
3096 * PTR to frame; or NULL on allocation failure
3100 static PSTxMgmtPacket
3101 s_MgrMakeProbeResponse(
3102 struct vnt_private *pDevice,
3104 unsigned short wCurrCapInfo,
3105 unsigned short wCurrBeaconPeriod,
3106 unsigned int uCurrChannel,
3107 unsigned short wCurrATIMWinodw,
3108 unsigned char *pDstAddr,
3109 PWLAN_IE_SSID pCurrSSID,
3110 unsigned char *pCurrBSSID,
3111 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3112 PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
3113 unsigned char byPHYType
3116 PSTxMgmtPacket pTxPacket = NULL;
3117 WLAN_FR_PROBERESP sFrame;
3118 unsigned char *pbyBuffer;
3119 unsigned int uLength = 0;
3120 PWLAN_IE_IBSS_DFS pIBSSDFS = NULL;
3123 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3124 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_PROBERESP_FR_MAXLEN);
3125 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3126 // Setup the sFrame structure.
3127 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3128 sFrame.len = WLAN_PROBERESP_FR_MAXLEN;
3129 vMgrEncodeProbeResponse(&sFrame);
3131 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3133 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3134 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_PROBERESP)
3136 memcpy(sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3137 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3138 memcpy(sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3139 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3140 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3142 if (byPHYType == BB_TYPE_11B)
3143 *sFrame.pwCapInfo &= cpu_to_le16((unsigned short)~(WLAN_SET_CAP_INFO_SHORTSLOTTIME(1)));
3146 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3147 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3148 memcpy(sFrame.pSSID,
3150 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3152 // Copy the rate set
3153 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3155 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3156 memcpy(sFrame.pSuppRates,
3158 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3162 if (pDevice->eCurrentPHYType != PHY_TYPE_11A) {
3163 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3164 sFrame.len += (1) + WLAN_IEHDR_LEN;
3165 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3166 sFrame.pDSParms->len = 1;
3167 sFrame.pDSParms->byCurrChannel = (unsigned char)uCurrChannel;
3170 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3172 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3173 sFrame.len += (2) + WLAN_IEHDR_LEN;
3174 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3175 sFrame.pIBSSParms->len = 2;
3176 sFrame.pIBSSParms->wATIMWindow = 0;
3178 if (pDevice->eCurrentPHYType == PHY_TYPE_11G) {
3179 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3180 sFrame.len += 1 + WLAN_IEHDR_LEN;
3181 sFrame.pERP->byElementID = WLAN_EID_ERP;
3182 sFrame.pERP->len = 1;
3183 sFrame.pERP->byContext = 0;
3184 if (pDevice->bProtectMode)
3185 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3186 if (pDevice->bNonERPPresent)
3187 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3188 if (pDevice->bBarkerPreambleMd)
3189 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3192 if (pMgmt->b11hEnable && (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
3194 pbyBuffer = (unsigned char *)(sFrame.pBuf + sFrame.len);
3195 set_country_IE(pMgmt->pAdapter, pbyBuffer);
3196 set_country_info(pMgmt->pAdapter, PHY_TYPE_11A, pbyBuffer);
3197 uLength += ((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN;
3198 pbyBuffer += (((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN);
3199 // Power Constrain IE
3200 ((PWLAN_IE_PW_CONST) pbyBuffer)->byElementID = WLAN_EID_PWR_CONSTRAINT;
3201 ((PWLAN_IE_PW_CONST) pbyBuffer)->len = 1;
3202 ((PWLAN_IE_PW_CONST) pbyBuffer)->byPower = 0;
3203 pbyBuffer += (1) + WLAN_IEHDR_LEN;
3204 uLength += (1) + WLAN_IEHDR_LEN;
3205 if (pMgmt->bSwitchChannel) {
3206 // Channel Switch IE
3207 ((PWLAN_IE_CH_SW) pbyBuffer)->byElementID = WLAN_EID_CH_SWITCH;
3208 ((PWLAN_IE_CH_SW) pbyBuffer)->len = 3;
3209 ((PWLAN_IE_CH_SW) pbyBuffer)->byMode = 1;
3210 ((PWLAN_IE_CH_SW) pbyBuffer)->byChannel = get_channel_number(pMgmt->pAdapter, pMgmt->byNewChannel);
3211 ((PWLAN_IE_CH_SW) pbyBuffer)->byCount = 0;
3212 pbyBuffer += (3) + WLAN_IEHDR_LEN;
3213 uLength += (3) + WLAN_IEHDR_LEN;
3216 ((PWLAN_IE_TPC_REP) pbyBuffer)->byElementID = WLAN_EID_TPC_REP;
3217 ((PWLAN_IE_TPC_REP) pbyBuffer)->len = 2;
3218 ((PWLAN_IE_TPC_REP) pbyBuffer)->byTxPower = CARDbyGetTransmitPower(pMgmt->pAdapter);
3219 ((PWLAN_IE_TPC_REP) pbyBuffer)->byLinkMargin = 0;
3220 pbyBuffer += (2) + WLAN_IEHDR_LEN;
3221 uLength += (2) + WLAN_IEHDR_LEN;
3223 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3224 pIBSSDFS = (PWLAN_IE_IBSS_DFS) pbyBuffer;
3225 pIBSSDFS->byElementID = WLAN_EID_IBSS_DFS;
3227 memcpy(pIBSSDFS->abyDFSOwner,
3228 pMgmt->abyIBSSDFSOwner,
3230 pIBSSDFS->byDFSRecovery = pMgmt->byIBSSDFSRecovery;
3231 pbyBuffer += (7) + WLAN_IEHDR_LEN;
3232 uLength += (7) + WLAN_IEHDR_LEN;
3233 for (ii = CB_MAX_CHANNEL_24G + 1; ii <= CB_MAX_CHANNEL; ii++) {
3234 if (get_channel_map_info(pMgmt->pAdapter, ii, pbyBuffer, pbyBuffer+1)) {
3241 sFrame.len += uLength;
3244 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3245 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3246 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3247 memcpy(sFrame.pExtSuppRates,
3249 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3253 // hostapd wpa/wpa2 IE
3254 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && pDevice->bEnableHostapd) {
3255 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3256 if (pMgmt->wWPAIELen != 0) {
3257 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3258 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3259 sFrame.len += pMgmt->wWPAIELen;
3264 // Adjust the length fields
3265 pTxPacket->cbMPDULen = sFrame.len;
3266 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3273 * Routine Description:
3274 * Constructs an association request frame
3278 * A ptr to frame or NULL on allocation failure
3282 static PSTxMgmtPacket
3283 s_MgrMakeAssocRequest(
3284 struct vnt_private *pDevice,
3286 unsigned char *pDAddr,
3287 unsigned short wCurrCapInfo,
3288 unsigned short wListenInterval,
3289 PWLAN_IE_SSID pCurrSSID,
3290 PWLAN_IE_SUPP_RATES pCurrRates,
3291 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3294 PSTxMgmtPacket pTxPacket = NULL;
3295 WLAN_FR_ASSOCREQ sFrame;
3296 unsigned char *pbyIEs;
3297 unsigned char *pbyRSN;
3299 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3300 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3301 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3302 // Setup the sFrame structure.
3303 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3304 sFrame.len = WLAN_ASSOCREQ_FR_MAXLEN;
3305 // format fixed field frame structure
3306 vMgrEncodeAssocRequest(&sFrame);
3308 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3310 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3311 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCREQ)
3313 memcpy(sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3314 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3315 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3317 // Set the capability and listen interval
3318 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3319 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3321 // sFrame.len point to end of fixed field
3322 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3323 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3324 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3326 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3327 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3328 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3329 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3330 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3332 // Copy the rate set
3333 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3334 if ((pDevice->eCurrentPHYType == PHY_TYPE_11B) && (pCurrRates->len > 4))
3335 sFrame.len += 4 + WLAN_IEHDR_LEN;
3337 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3338 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3340 // Copy the extension rate set
3341 if ((pDevice->eCurrentPHYType == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3342 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3343 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3344 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3347 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3348 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3349 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3352 if (pMgmt->b11hEnable) {
3353 if (sFrame.pCurrPowerCap == NULL) {
3354 sFrame.pCurrPowerCap = (PWLAN_IE_PW_CAP)(sFrame.pBuf + sFrame.len);
3355 sFrame.len += (2 + WLAN_IEHDR_LEN);
3356 sFrame.pCurrPowerCap->byElementID = WLAN_EID_PWR_CAPABILITY;
3357 sFrame.pCurrPowerCap->len = 2;
3358 CARDvGetPowerCapability(pMgmt->pAdapter,
3359 &(sFrame.pCurrPowerCap->byMinPower),
3360 &(sFrame.pCurrPowerCap->byMaxPower)
3363 if (sFrame.pCurrSuppCh == NULL) {
3364 sFrame.pCurrSuppCh = (PWLAN_IE_SUPP_CH)(sFrame.pBuf + sFrame.len);
3365 sFrame.len += set_support_channels(pMgmt->pAdapter, (unsigned char *)sFrame.pCurrSuppCh);
3369 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3370 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3371 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3372 (pMgmt->pCurrBSS != NULL)) {
3374 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3375 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3376 sFrame.pRSNWPA->len = 16;
3377 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3378 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3379 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3380 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3381 sFrame.pRSNWPA->wVersion = 1;
3382 //Group Key Cipher Suite
3383 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3384 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3385 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3386 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3387 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3388 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3389 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3390 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3391 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3393 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3395 // Pairwise Key Cipher Suite
3396 sFrame.pRSNWPA->wPKCount = 1;
3397 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3398 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3399 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3400 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3401 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3402 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3403 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3405 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3407 // Auth Key Management Suite
3408 pbyRSN = (unsigned char *)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3415 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)
3416 *pbyRSN++ = WPA_AUTH_PSK;
3417 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA)
3418 *pbyRSN++ = WPA_AUTH_IEEE802_1X;
3420 *pbyRSN++ = WPA_NONE;
3422 sFrame.pRSNWPA->len += 6;
3428 sFrame.pRSNWPA->len += 2;
3430 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3431 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3432 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3433 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3434 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3436 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3437 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3438 (pMgmt->pCurrBSS != NULL)) {
3440 unsigned short *pwPMKID;
3443 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3444 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3445 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3446 sFrame.pRSN->wVersion = 1;
3447 //Group Key Cipher Suite
3448 sFrame.pRSN->abyRSN[0] = 0x00;
3449 sFrame.pRSN->abyRSN[1] = 0x0F;
3450 sFrame.pRSN->abyRSN[2] = 0xAC;
3451 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3452 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3453 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3454 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3455 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3456 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3458 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3460 // Pairwise Key Cipher Suite
3461 sFrame.pRSN->abyRSN[4] = 1;
3462 sFrame.pRSN->abyRSN[5] = 0;
3463 sFrame.pRSN->abyRSN[6] = 0x00;
3464 sFrame.pRSN->abyRSN[7] = 0x0F;
3465 sFrame.pRSN->abyRSN[8] = 0xAC;
3466 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3467 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3468 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3469 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3470 else if (pMgmt->byCSSPK == KEY_CTL_NONE)
3471 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3473 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3475 sFrame.pRSN->len += 6;
3477 // Auth Key Management Suite
3478 sFrame.pRSN->abyRSN[10] = 1;
3479 sFrame.pRSN->abyRSN[11] = 0;
3480 sFrame.pRSN->abyRSN[12] = 0x00;
3481 sFrame.pRSN->abyRSN[13] = 0x0F;
3482 sFrame.pRSN->abyRSN[14] = 0xAC;
3483 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)
3484 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3485 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)
3486 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3488 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3490 sFrame.pRSN->len += 6;
3493 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist) {
3494 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3496 sFrame.pRSN->abyRSN[16] = 0;
3497 sFrame.pRSN->abyRSN[17] = 0;
3499 sFrame.pRSN->len += 2;
3501 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && pDevice->bRoaming && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3503 pbyRSN = &sFrame.pRSN->abyRSN[18];
3504 pwPMKID = (unsigned short *)pbyRSN; // Point to PMKID count
3505 *pwPMKID = 0; // Initialize PMKID count
3506 pbyRSN += 2; // Point to PMKID list
3507 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3508 if (!memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, ETH_ALEN)) {
3510 memcpy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
3515 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
3518 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3519 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3520 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3521 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3522 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3525 // Adjust the length fields
3526 pTxPacket->cbMPDULen = sFrame.len;
3527 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3533 * Routine Description:
3534 * Constructs an re-association request frame
3538 * A ptr to frame or NULL on allocation failure
3542 static PSTxMgmtPacket
3543 s_MgrMakeReAssocRequest(
3544 struct vnt_private *pDevice,
3546 unsigned char *pDAddr,
3547 unsigned short wCurrCapInfo,
3548 unsigned short wListenInterval,
3549 PWLAN_IE_SSID pCurrSSID,
3550 PWLAN_IE_SUPP_RATES pCurrRates,
3551 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3554 PSTxMgmtPacket pTxPacket = NULL;
3555 WLAN_FR_REASSOCREQ sFrame;
3556 unsigned char *pbyIEs;
3557 unsigned char *pbyRSN;
3559 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3560 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_REASSOCREQ_FR_MAXLEN);
3561 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3562 /* Setup the sFrame structure. */
3563 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3564 sFrame.len = WLAN_REASSOCREQ_FR_MAXLEN;
3566 // format fixed field frame structure
3567 vMgrEncodeReassocRequest(&sFrame);
3569 /* Setup the header */
3570 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3572 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3573 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCREQ)
3575 memcpy(sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3576 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3577 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3579 /* Set the capability and listen interval */
3580 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3581 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3583 memcpy(sFrame.pAddrCurrAP, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3585 /* sFrame.len point to end of fixed field */
3586 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3587 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3588 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3590 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3591 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3592 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3593 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3594 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3596 /* Copy the rate set */
3597 /* sFrame.len point to end of SSID */
3598 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3599 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3600 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3602 // Copy the extension rate set
3603 if ((pMgmt->eCurrentPHYMode == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3604 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3605 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3606 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3609 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3610 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3611 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3613 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3614 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3615 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3616 (pMgmt->pCurrBSS != NULL)) {
3618 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3619 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3620 sFrame.pRSNWPA->len = 16;
3621 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3622 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3623 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3624 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3625 sFrame.pRSNWPA->wVersion = 1;
3626 //Group Key Cipher Suite
3627 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3628 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3629 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3630 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3631 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3632 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3633 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3634 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3635 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3637 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3639 // Pairwise Key Cipher Suite
3640 sFrame.pRSNWPA->wPKCount = 1;
3641 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3642 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3643 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3644 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3645 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3646 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3647 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3649 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3651 // Auth Key Management Suite
3652 pbyRSN = (unsigned char *)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3659 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)
3660 *pbyRSN++ = WPA_AUTH_PSK;
3661 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA)
3662 *pbyRSN++ = WPA_AUTH_IEEE802_1X;
3664 *pbyRSN++ = WPA_NONE;
3666 sFrame.pRSNWPA->len += 6;
3671 sFrame.pRSNWPA->len += 2;
3673 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3674 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3675 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3676 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3677 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3679 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3680 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3681 (pMgmt->pCurrBSS != NULL)) {
3683 unsigned short *pwPMKID;
3686 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3687 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3688 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3689 sFrame.pRSN->wVersion = 1;
3690 //Group Key Cipher Suite
3691 sFrame.pRSN->abyRSN[0] = 0x00;
3692 sFrame.pRSN->abyRSN[1] = 0x0F;
3693 sFrame.pRSN->abyRSN[2] = 0xAC;
3694 if (pMgmt->byCSSGK == KEY_CTL_WEP)
3695 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3696 else if (pMgmt->byCSSGK == KEY_CTL_TKIP)
3697 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3698 else if (pMgmt->byCSSGK == KEY_CTL_CCMP)
3699 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3701 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3703 // Pairwise Key Cipher Suite
3704 sFrame.pRSN->abyRSN[4] = 1;
3705 sFrame.pRSN->abyRSN[5] = 0;
3706 sFrame.pRSN->abyRSN[6] = 0x00;
3707 sFrame.pRSN->abyRSN[7] = 0x0F;
3708 sFrame.pRSN->abyRSN[8] = 0xAC;
3709 if (pMgmt->byCSSPK == KEY_CTL_TKIP)
3710 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3711 else if (pMgmt->byCSSPK == KEY_CTL_CCMP)
3712 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3713 else if (pMgmt->byCSSPK == KEY_CTL_NONE)
3714 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3716 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3718 sFrame.pRSN->len += 6;
3720 // Auth Key Management Suite
3721 sFrame.pRSN->abyRSN[10] = 1;
3722 sFrame.pRSN->abyRSN[11] = 0;
3723 sFrame.pRSN->abyRSN[12] = 0x00;
3724 sFrame.pRSN->abyRSN[13] = 0x0F;
3725 sFrame.pRSN->abyRSN[14] = 0xAC;
3726 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)
3727 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3728 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)
3729 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3731 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3733 sFrame.pRSN->len += 6;
3736 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist) {
3737 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3739 sFrame.pRSN->abyRSN[16] = 0;
3740 sFrame.pRSN->abyRSN[17] = 0;
3742 sFrame.pRSN->len += 2;
3744 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && pDevice->bRoaming && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3746 pbyRSN = &sFrame.pRSN->abyRSN[18];
3747 pwPMKID = (unsigned short *)pbyRSN; // Point to PMKID count
3748 *pwPMKID = 0; // Initialize PMKID count
3749 pbyRSN += 2; // Point to PMKID list
3750 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3751 if (!memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, ETH_ALEN)) {
3753 memcpy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
3759 sFrame.pRSN->len += (2 + (*pwPMKID) * 16);
3762 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3763 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3764 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3765 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3766 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3769 /* Adjust the length fields */
3770 pTxPacket->cbMPDULen = sFrame.len;
3771 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3778 * Routine Description:
3779 * Constructs an assoc-response frame
3783 * PTR to frame; or NULL on allocation failure
3787 static PSTxMgmtPacket
3788 s_MgrMakeAssocResponse(
3789 struct vnt_private *pDevice,
3791 unsigned short wCurrCapInfo,
3792 unsigned short wAssocStatus,
3793 unsigned short wAssocAID,
3794 unsigned char *pDstAddr,
3795 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3796 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3799 PSTxMgmtPacket pTxPacket = NULL;
3800 WLAN_FR_ASSOCRESP sFrame;
3802 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3803 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3804 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3805 // Setup the sFrame structure
3806 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3807 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
3808 vMgrEncodeAssocResponse(&sFrame);
3810 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3812 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3813 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCRESP)
3815 memcpy(sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3816 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3817 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3819 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3820 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
3821 *sFrame.pwAid = cpu_to_le16((unsigned short)(wAssocAID | BIT14 | BIT15));
3823 // Copy the rate set
3824 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3825 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3826 memcpy(sFrame.pSuppRates,
3828 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3831 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3832 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3833 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3834 memcpy(sFrame.pExtSuppRates,
3836 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3840 // Adjust the length fields
3841 pTxPacket->cbMPDULen = sFrame.len;
3842 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3849 * Routine Description:
3850 * Constructs an reassoc-response frame
3854 * PTR to frame; or NULL on allocation failure
3858 static PSTxMgmtPacket
3859 s_MgrMakeReAssocResponse(
3860 struct vnt_private *pDevice,
3862 unsigned short wCurrCapInfo,
3863 unsigned short wAssocStatus,
3864 unsigned short wAssocAID,
3865 unsigned char *pDstAddr,
3866 PWLAN_IE_SUPP_RATES pCurrSuppRates,
3867 PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3870 PSTxMgmtPacket pTxPacket = NULL;
3871 WLAN_FR_REASSOCRESP sFrame;
3873 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3874 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3875 pTxPacket->p80211Header = (PUWLAN_80211HDR)((unsigned char *)pTxPacket + sizeof(STxMgmtPacket));
3876 // Setup the sFrame structure
3877 sFrame.pBuf = (unsigned char *)pTxPacket->p80211Header;
3878 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
3879 vMgrEncodeReassocResponse(&sFrame);
3881 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3883 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3884 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCRESP)
3886 memcpy(sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3887 memcpy(sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3888 memcpy(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3890 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3891 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
3892 *sFrame.pwAid = cpu_to_le16((unsigned short)(wAssocAID | BIT14 | BIT15));
3894 // Copy the rate set
3895 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3896 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3897 memcpy(sFrame.pSuppRates,
3899 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3902 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3903 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3904 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3905 memcpy(sFrame.pExtSuppRates,
3907 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3911 // Adjust the length fields
3912 pTxPacket->cbMPDULen = sFrame.len;
3913 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3920 * Routine Description:
3921 * Handles probe response management frames.
3931 s_vMgrRxProbeResponse(
3932 struct vnt_private *pDevice,
3934 PSRxMgmtPacket pRxPacket
3937 PKnownBSS pBSSList = NULL;
3938 WLAN_FR_PROBERESP sFrame;
3939 unsigned char byCurrChannel = pRxPacket->byRxChannel;
3941 unsigned char byIEChannel = 0;
3942 bool bChannelHit = true;
3944 memset(&sFrame, 0, sizeof(WLAN_FR_PROBERESP));
3946 sFrame.len = pRxPacket->cbMPDULen;
3947 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
3948 vMgrDecodeProbeResponse(&sFrame);
3950 if ((sFrame.pqwTimestamp == NULL) ||
3951 (sFrame.pwBeaconInterval == NULL) ||
3952 (sFrame.pwCapInfo == NULL) ||
3953 (sFrame.pSSID == NULL) ||
3954 (sFrame.pSuppRates == NULL)) {
3955 pr_debug("Probe resp:Fail addr:[%p]\n",
3956 pRxPacket->p80211Header);
3961 if (sFrame.pSSID->len == 0)
3962 pr_debug("Rx Probe resp: SSID len = 0\n");
3964 if (sFrame.pDSParms != NULL) {
3965 if (byCurrChannel > CB_MAX_CHANNEL_24G) {
3966 // channel remapping to
3967 byIEChannel = get_channel_mapping(pMgmt->pAdapter, sFrame.pDSParms->byCurrChannel, PHY_TYPE_11A);
3969 byIEChannel = sFrame.pDSParms->byCurrChannel;
3971 if (byCurrChannel != byIEChannel) {
3972 // adjust channel info. bcs we rcv adjacent channel packets
3973 bChannelHit = false;
3974 byCurrChannel = byIEChannel;
3977 // no DS channel info
3981 //2008-0730-01<Add>by MikeLiu
3982 if (ChannelExceedZoneType(pDevice, byCurrChannel))
3985 if (sFrame.pERP != NULL) {
3986 sERP.byERP = sFrame.pERP->byContext;
3987 sERP.bERPExist = true;
3989 sERP.bERPExist = false;
3993 // update or insert the bss
3994 pBSSList = BSSpAddrIsInBSSList((void *)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
3996 BSSbUpdateToBSSList((void *)pDevice,
3997 *sFrame.pqwTimestamp,
3998 *sFrame.pwBeaconInterval,
4004 sFrame.pExtSuppRates,
4011 sFrame.len - WLAN_HDR_ADDR3_LEN,
4012 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
4016 pr_debug("Probe resp/insert: RxChannel = : %d\n",
4018 BSSbInsertToBSSList((void *)pDevice,
4019 sFrame.pHdr->sA3.abyAddr3,
4020 *sFrame.pqwTimestamp,
4021 *sFrame.pwBeaconInterval,
4026 sFrame.pExtSuppRates,
4032 sFrame.len - WLAN_HDR_ADDR3_LEN,
4033 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
4041 * Routine Description:(AP)or(Ad-hoc STA)
4042 * Handles probe request management frames.
4052 s_vMgrRxProbeRequest(
4053 struct vnt_private *pDevice,
4055 PSRxMgmtPacket pRxPacket
4058 WLAN_FR_PROBEREQ sFrame;
4060 PSTxMgmtPacket pTxPacket;
4061 unsigned char byPHYType = BB_TYPE_11B;
4063 // STA in Ad-hoc mode: when latest TBTT beacon transmit success,
4064 // STA have to response this request.
4065 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) ||
4066 ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && pDevice->bBeaconSent)) {
4067 memset(&sFrame, 0, sizeof(WLAN_FR_PROBEREQ));
4069 sFrame.len = pRxPacket->cbMPDULen;
4070 sFrame.pBuf = (unsigned char *)pRxPacket->p80211Header;
4071 vMgrDecodeProbeRequest(&sFrame);
4073 if (sFrame.pSSID->len != 0) {
4074 if (sFrame.pSSID->len != ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len)
4076 if (memcmp(sFrame.pSSID->abySSID,
4077 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
4078 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) != 0) {
4083 if ((sFrame.pSuppRates->len > 4) || (sFrame.pExtSuppRates != NULL))
4084 byPHYType = BB_TYPE_11G;
4086 // Probe response reply..
4087 pTxPacket = s_MgrMakeProbeResponse
4091 pMgmt->wCurrCapInfo,
4092 pMgmt->wCurrBeaconPeriod,
4093 pMgmt->uCurrChannel,
4095 sFrame.pHdr->sA3.abyAddr2,
4096 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4097 (unsigned char *)pMgmt->abyCurrBSSID,
4098 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4099 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
4102 if (pTxPacket != NULL) {
4103 /* send the frame */
4104 Status = csMgmt_xmit(pDevice, pTxPacket);
4105 if (Status != CMD_STATUS_PENDING)
4106 pr_debug("Mgt:Probe response tx failed\n");
4113 * Routine Description:
4115 * Entry point for the reception and handling of 802.11 management
4116 * frames. Makes a determination of the frame type and then calls
4117 * the appropriate function.
4127 void *hDeviceContext,
4129 PSRxMgmtPacket pRxPacket
4132 struct vnt_private *pDevice = hDeviceContext;
4133 bool bInScan = false;
4134 unsigned int uNodeIndex = 0;
4135 NODE_STATE eNodeState = 0;
4138 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
4139 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
4140 eNodeState = pMgmt->sNodeDBTable[uNodeIndex].eNodeState;
4143 switch (WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl))) {
4144 case WLAN_FSTYPE_ASSOCREQ:
4146 pr_debug("rx assocreq\n");
4147 if (eNodeState < NODE_AUTH) {
4148 // send deauth notification
4149 // reason = (6) class 2 received from nonauth sta
4150 vMgrDeAuthenBeginSta(pDevice,
4152 pRxPacket->p80211Header->sA3.abyAddr2,
4156 pr_debug("wmgr: send vMgrDeAuthenBeginSta 1\n");
4158 s_vMgrRxAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4162 case WLAN_FSTYPE_ASSOCRESP:
4164 pr_debug("rx assocresp1\n");
4165 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, false);
4166 pr_debug("rx assocresp2\n");
4169 case WLAN_FSTYPE_REASSOCREQ:
4171 pr_debug("rx reassocreq\n");
4173 if (eNodeState < NODE_AUTH) {
4174 // send deauth notification
4175 // reason = (6) class 2 received from nonauth sta
4176 vMgrDeAuthenBeginSta(pDevice,
4178 pRxPacket->p80211Header->sA3.abyAddr2,
4182 pr_debug("wmgr: send vMgrDeAuthenBeginSta 2\n");
4185 s_vMgrRxReAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4188 case WLAN_FSTYPE_REASSOCRESP:
4190 pr_debug("rx reassocresp\n");
4191 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, true);
4194 case WLAN_FSTYPE_PROBEREQ:
4196 s_vMgrRxProbeRequest(pDevice, pMgmt, pRxPacket);
4199 case WLAN_FSTYPE_PROBERESP:
4201 pr_debug("rx proberesp\n");
4203 s_vMgrRxProbeResponse(pDevice, pMgmt, pRxPacket);
4206 case WLAN_FSTYPE_BEACON:
4208 if (pMgmt->eScanState != WMAC_NO_SCANNING)
4211 s_vMgrRxBeacon(pDevice, pMgmt, pRxPacket, bInScan);
4214 case WLAN_FSTYPE_ATIM:
4216 pr_debug("rx atim\n");
4219 case WLAN_FSTYPE_DISASSOC:
4221 pr_debug("rx disassoc\n");
4222 if (eNodeState < NODE_AUTH) {
4223 // send deauth notification
4224 // reason = (6) class 2 received from nonauth sta
4225 vMgrDeAuthenBeginSta(pDevice,
4227 pRxPacket->p80211Header->sA3.abyAddr2,
4231 pr_debug("wmgr: send vMgrDeAuthenBeginSta 3\n");
4233 s_vMgrRxDisassociation(pDevice, pMgmt, pRxPacket);
4236 case WLAN_FSTYPE_AUTHEN:
4238 pr_debug("rx authen\n");
4239 s_vMgrRxAuthentication(pDevice, pMgmt, pRxPacket);
4242 case WLAN_FSTYPE_DEAUTHEN:
4244 pr_debug("rx deauthen\n");
4245 s_vMgrRxDeauthentication(pDevice, pMgmt, pRxPacket);
4249 pr_debug("rx unknown mgmt\n");
4255 * Routine Description:
4258 * Prepare beacon to send
4261 * true if success; false if failed.
4265 bMgrPrepareBeaconToSend(
4266 void *hDeviceContext,
4270 struct vnt_private *pDevice = hDeviceContext;
4271 PSTxMgmtPacket pTxPacket;
4273 if (pDevice->bEncryptionEnable || pDevice->bEnable8021x)
4274 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
4276 pMgmt->wCurrCapInfo &= ~WLAN_SET_CAP_INFO_PRIVACY(1);
4278 pTxPacket = s_MgrMakeBeacon
4282 pMgmt->wCurrCapInfo,
4283 pMgmt->wCurrBeaconPeriod,
4284 pMgmt->uCurrChannel,
4285 pMgmt->wCurrATIMWindow,
4286 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4287 (unsigned char *)pMgmt->abyCurrBSSID,
4288 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4289 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
4292 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) &&
4293 (pMgmt->abyCurrBSSID[0] == 0))
4296 csBeacon_xmit(pDevice, pTxPacket);
4303 * Routine Description:
4305 * Log a warning message based on the contents of the Status
4306 * Code field of an 802.11 management frame. Defines are
4307 * derived from 802.11-1997 SPEC.
4317 unsigned short wStatus
4321 case WLAN_MGMT_STATUS_UNSPEC_FAILURE:
4322 pr_info("Status code == Unspecified error\n");
4324 case WLAN_MGMT_STATUS_CAPS_UNSUPPORTED:
4325 pr_info("Status code == Can't support all requested capabilities\n");
4327 case WLAN_MGMT_STATUS_REASSOC_NO_ASSOC:
4328 pr_info("Status code == Reassoc denied, can't confirm original Association\n");
4330 case WLAN_MGMT_STATUS_ASSOC_DENIED_UNSPEC:
4331 pr_info("Status code == Assoc denied, undefine in spec\n");
4333 case WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG:
4334 pr_info("Status code == Peer doesn't support authen algorithm\n");
4336 case WLAN_MGMT_STATUS_RX_AUTH_NOSEQ:
4337 pr_info("Status code == Authen frame received out of sequence\n");
4339 case WLAN_MGMT_STATUS_CHALLENGE_FAIL:
4340 pr_info("Status code == Authen rejected, challenge failure\n");
4342 case WLAN_MGMT_STATUS_AUTH_TIMEOUT:
4343 pr_info("Status code == Authen rejected, timeout waiting for next frame\n");
4345 case WLAN_MGMT_STATUS_ASSOC_DENIED_BUSY:
4346 pr_info("Status code == Assoc denied, AP too busy\n");
4348 case WLAN_MGMT_STATUS_ASSOC_DENIED_RATES:
4349 pr_info("Status code == Assoc denied, we haven't enough basic rates\n");
4351 case WLAN_MGMT_STATUS_ASSOC_DENIED_SHORTPREAMBLE:
4352 pr_info("Status code == Assoc denied, we do not support short preamble\n");
4354 case WLAN_MGMT_STATUS_ASSOC_DENIED_PBCC:
4355 pr_info("Status code == Assoc denied, we do not support PBCC\n");
4357 case WLAN_MGMT_STATUS_ASSOC_DENIED_AGILITY:
4358 pr_info("Status code == Assoc denied, we do not support channel agility\n");
4361 pr_info("Unknown status code %d\n", wStatus);
4369 * Add BSSID in PMKID Candidate list.
4373 * hDeviceContext - device structure point
4374 * pbyBSSID - BSSID address for adding
4375 * wRSNCap - BSS's RSN capability
4379 * Return Value: none.
4383 bAdd_PMKID_Candidate(
4384 void *hDeviceContext,
4385 unsigned char *pbyBSSID,
4386 PSRSNCapObject psRSNCapObj
4389 struct vnt_private *pDevice = hDeviceContext;
4390 struct pmkid_candidate *pCandidateList;
4391 unsigned int ii = 0;
4393 pr_debug("bAdd_PMKID_Candidate START: (%d)\n",
4394 (int)pDevice->gsPMKIDCandidate.NumCandidates);
4396 if ((pDevice == NULL) || (pbyBSSID == NULL) || (psRSNCapObj == NULL))
4399 if (pDevice->gsPMKIDCandidate.NumCandidates >= MAX_PMKIDLIST)
4402 // Update Old Candidate
4403 for (ii = 0; ii < pDevice->gsPMKIDCandidate.NumCandidates; ii++) {
4404 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[ii];
4405 if (!memcmp(pCandidateList->BSSID, pbyBSSID, ETH_ALEN)) {
4406 if (psRSNCapObj->bRSNCapExist && (psRSNCapObj->wRSNCap & BIT0))
4407 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4409 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4416 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[pDevice->gsPMKIDCandidate.NumCandidates];
4417 if (psRSNCapObj->bRSNCapExist && (psRSNCapObj->wRSNCap & BIT0))
4418 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4420 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4422 memcpy(pCandidateList->BSSID, pbyBSSID, ETH_ALEN);
4423 pDevice->gsPMKIDCandidate.NumCandidates++;
4424 pr_debug("NumCandidates:%d\n",
4425 (int)pDevice->gsPMKIDCandidate.NumCandidates);
4432 * Flush PMKID Candidate list.
4436 * hDeviceContext - device structure point
4440 * Return Value: none.
4444 vFlush_PMKID_Candidate(
4445 void *hDeviceContext
4448 struct vnt_private *pDevice = hDeviceContext;
4450 if (pDevice == NULL)
4453 memset(&pDevice->gsPMKIDCandidate, 0, sizeof(SPMKIDCandidateEvent));
4459 NDIS_802_11_ENCRYPTION_STATUS EncStatus,
4460 unsigned char *pbyCCSPK,
4461 unsigned char *pbyCCSGK
4464 unsigned char byMulticastCipher = KEY_CTL_INVALID;
4465 unsigned char byCipherMask = 0x00;
4468 if (pBSSNode == NULL)
4471 // check cap. of BSS
4472 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4473 (EncStatus == Ndis802_11Encryption1Enabled)) {
4474 // default is WEP only
4475 byMulticastCipher = KEY_CTL_WEP;
4478 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4479 pBSSNode->bWPA2Valid &&
4480 //20080123-01,<Add> by Einsn Liu
4481 ((EncStatus == Ndis802_11Encryption3Enabled) || (EncStatus == Ndis802_11Encryption2Enabled))) {
4483 // check Group Key Cipher
4484 if ((pBSSNode->byCSSGK == WLAN_11i_CSS_WEP40) ||
4485 (pBSSNode->byCSSGK == WLAN_11i_CSS_WEP104)) {
4486 byMulticastCipher = KEY_CTL_WEP;
4487 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_TKIP) {
4488 byMulticastCipher = KEY_CTL_TKIP;
4489 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_CCMP) {
4490 byMulticastCipher = KEY_CTL_CCMP;
4492 byMulticastCipher = KEY_CTL_INVALID;
4495 // check Pairwise Key Cipher
4496 for (i = 0; i < pBSSNode->wCSSPKCount; i++) {
4497 if ((pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP40) ||
4498 (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP104)) {
4499 // this should not happen as defined 802.11i
4500 byCipherMask |= 0x01;
4501 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_TKIP) {
4502 byCipherMask |= 0x02;
4503 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_CCMP) {
4504 byCipherMask |= 0x04;
4505 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_USE_GROUP) {
4506 // use group key only ignore all others
4508 i = pBSSNode->wCSSPKCount;
4512 } else if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4513 pBSSNode->bWPAValid &&
4514 ((EncStatus == Ndis802_11Encryption3Enabled) || (EncStatus == Ndis802_11Encryption2Enabled))) {
4516 // check Group Key Cipher
4517 if ((pBSSNode->byGKType == WPA_WEP40) ||
4518 (pBSSNode->byGKType == WPA_WEP104)) {
4519 byMulticastCipher = KEY_CTL_WEP;
4520 } else if (pBSSNode->byGKType == WPA_TKIP) {
4521 byMulticastCipher = KEY_CTL_TKIP;
4522 } else if (pBSSNode->byGKType == WPA_AESCCMP) {
4523 byMulticastCipher = KEY_CTL_CCMP;
4525 byMulticastCipher = KEY_CTL_INVALID;
4528 // check Pairwise Key Cipher
4529 for (i = 0; i < pBSSNode->wPKCount; i++) {
4530 if (pBSSNode->abyPKType[i] == WPA_TKIP) {
4531 byCipherMask |= 0x02;
4532 } else if (pBSSNode->abyPKType[i] == WPA_AESCCMP) {
4533 byCipherMask |= 0x04;
4534 } else if (pBSSNode->abyPKType[i] == WPA_NONE) {
4535 // use group key only ignore all others
4537 i = pBSSNode->wPKCount;
4542 pr_debug("%d, %d, %d, %d, EncStatus:%d\n",
4543 byMulticastCipher, byCipherMask,
4544 pBSSNode->bWPAValid, pBSSNode->bWPA2Valid, EncStatus);
4546 // mask our cap. with BSS
4547 if (EncStatus == Ndis802_11Encryption1Enabled) {
4548 // For supporting Cisco migration mode, don't care pairwise key cipher
4549 if ((byMulticastCipher == KEY_CTL_WEP) &&
4550 (byCipherMask == 0)) {
4551 *pbyCCSGK = KEY_CTL_WEP;
4552 *pbyCCSPK = KEY_CTL_NONE;
4558 } else if (EncStatus == Ndis802_11Encryption2Enabled) {
4559 if ((byMulticastCipher == KEY_CTL_TKIP) &&
4560 (byCipherMask == 0)) {
4561 *pbyCCSGK = KEY_CTL_TKIP;
4562 *pbyCCSPK = KEY_CTL_NONE;
4564 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4565 ((byCipherMask & 0x02) != 0)) {
4566 *pbyCCSGK = KEY_CTL_WEP;
4567 *pbyCCSPK = KEY_CTL_TKIP;
4569 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4570 ((byCipherMask & 0x02) != 0)) {
4571 *pbyCCSGK = KEY_CTL_TKIP;
4572 *pbyCCSPK = KEY_CTL_TKIP;
4577 } else if (EncStatus == Ndis802_11Encryption3Enabled) {
4578 if ((byMulticastCipher == KEY_CTL_CCMP) &&
4579 (byCipherMask == 0)) {
4580 // When CCMP is enable, "Use group cipher suite" shall not be a valid option.
4582 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4583 ((byCipherMask & 0x04) != 0)) {
4584 *pbyCCSGK = KEY_CTL_WEP;
4585 *pbyCCSPK = KEY_CTL_CCMP;
4587 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4588 ((byCipherMask & 0x04) != 0)) {
4589 *pbyCCSGK = KEY_CTL_TKIP;
4590 *pbyCCSPK = KEY_CTL_CCMP;
4592 } else if ((byMulticastCipher == KEY_CTL_CCMP) &&
4593 ((byCipherMask & 0x04) != 0)) {
4594 *pbyCCSGK = KEY_CTL_CCMP;
4595 *pbyCCSPK = KEY_CTL_CCMP;