2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Purpose: Handles the 802.11 management functions
29 * nsMgrObjectInitial - Initialize Management Objet data structure
30 * vMgrObjectReset - Reset Management Objet data structure
31 * vMgrAssocBeginSta - Start associate function
32 * vMgrReAssocBeginSta - Start reassociate function
33 * vMgrDisassocBeginSta - Start disassociate function
34 * s_vMgrRxAssocRequest - Handle Rcv associate_request
35 * s_vMgrRxAssocResponse - Handle Rcv associate_response
36 * vMrgAuthenBeginSta - Start authentication function
37 * vMgrDeAuthenDeginSta - Start deauthentication function
38 * s_vMgrRxAuthentication - Handle Rcv authentication
39 * s_vMgrRxAuthenSequence_1 - Handle Rcv authentication sequence 1
40 * s_vMgrRxAuthenSequence_2 - Handle Rcv authentication sequence 2
41 * s_vMgrRxAuthenSequence_3 - Handle Rcv authentication sequence 3
42 * s_vMgrRxAuthenSequence_4 - Handle Rcv authentication sequence 4
43 * s_vMgrRxDisassociation - Handle Rcv disassociation
44 * s_vMgrRxBeacon - Handle Rcv Beacon
45 * vMgrCreateOwnIBSS - Create ad_hoc IBSS or AP BSS
46 * vMgrJoinBSSBegin - Join BSS function
47 * s_vMgrSynchBSS - Synch & adopt BSS parameters
48 * s_MgrMakeBeacon - Create Baecon frame
49 * s_MgrMakeProbeResponse - Create Probe Response frame
50 * s_MgrMakeAssocRequest - Create Associate Request frame
51 * s_MgrMakeReAssocRequest - Create ReAssociate Request frame
52 * s_vMgrRxProbeResponse - Handle Rcv probe_response
53 * s_vMrgRxProbeRequest - Handle Rcv probe_request
54 * bMgrPrepareBeaconToSend - Prepare Beacon frame
55 * s_vMgrLogStatus - Log 802.11 Status
56 * vMgrRxManagePacket - Rcv management frame dispatch function
57 * s_vMgrFormatTIM- Assember TIM field of beacon
58 * vMgrTimerInit- Initial 1-sec and command call back funtions
65 #if !defined(__TMACRO_H__)
68 #if !defined(__TBIT_H__)
71 #if !defined(__DESC_H__)
74 #if !defined(__DEVICE_H__)
77 #if !defined(__CARD_H__)
80 #if !defined(__80211HDR_H__)
83 #if !defined(__80211MGR_H__)
86 #if !defined(__WMGR_H__)
89 #if !defined(__WCMD_H__)
92 #if !defined(__MAC_H__)
95 #if !defined(__BSSDB_H__)
98 #if !defined(__POWER_H__)
101 #if !defined(__DATARATE_H__)
102 #include "datarate.h"
104 #if !defined(__BASEBAND_H__)
105 #include "baseband.h"
107 #if !defined(__RXTX_H__)
110 #if !defined(__WPA_H__)
113 #if !defined(__RF_H__)
116 #if !defined(__UMEM_H__)
119 #if !defined(__IOWPA_H__)
122 #if !defined(__CONTROL_H__)
125 #if !defined(__RNDIS_H__)
128 /*--------------------- Static Definitions -------------------------*/
132 /*--------------------- Static Classes ----------------------------*/
134 /*--------------------- Static Variables --------------------------*/
135 static int msglevel =MSG_LEVEL_INFO;
136 //static int msglevel =MSG_LEVEL_DEBUG;
138 /*--------------------- Static Functions --------------------------*/
139 //2008-0730-01<Add>by MikeLiu
140 static BOOL ChannelExceedZoneType(
142 IN BYTE byCurrChannel
145 // Association/diassociation functions
148 s_MgrMakeAssocRequest(
150 IN PSMgmtObject pMgmt,
152 IN WORD wCurrCapInfo,
153 IN WORD wListenInterval,
154 IN PWLAN_IE_SSID pCurrSSID,
155 IN PWLAN_IE_SUPP_RATES pCurrRates,
156 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
161 s_vMgrRxAssocRequest(
163 IN PSMgmtObject pMgmt,
164 IN PSRxMgmtPacket pRxPacket,
170 s_MgrMakeReAssocRequest(
172 IN PSMgmtObject pMgmt,
174 IN WORD wCurrCapInfo,
175 IN WORD wListenInterval,
176 IN PWLAN_IE_SSID pCurrSSID,
177 IN PWLAN_IE_SUPP_RATES pCurrRates,
178 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
183 s_vMgrRxAssocResponse(
185 IN PSMgmtObject pMgmt,
186 IN PSRxMgmtPacket pRxPacket,
192 s_vMgrRxDisassociation(
194 IN PSMgmtObject pMgmt,
195 IN PSRxMgmtPacket pRxPacket
198 // Authentication/deauthen functions
201 s_vMgrRxAuthenSequence_1(
203 IN PSMgmtObject pMgmt,
204 IN PWLAN_FR_AUTHEN pFrame
209 s_vMgrRxAuthenSequence_2(
211 IN PSMgmtObject pMgmt,
212 IN PWLAN_FR_AUTHEN pFrame
217 s_vMgrRxAuthenSequence_3(
219 IN PSMgmtObject pMgmt,
220 IN PWLAN_FR_AUTHEN pFrame
225 s_vMgrRxAuthenSequence_4(
227 IN PSMgmtObject pMgmt,
228 IN PWLAN_FR_AUTHEN pFrame
233 s_vMgrRxAuthentication(
235 IN PSMgmtObject pMgmt,
236 IN PSRxMgmtPacket pRxPacket
241 s_vMgrRxDeauthentication(
243 IN PSMgmtObject pMgmt,
244 IN PSRxMgmtPacket pRxPacket
248 // probe request/response functions
251 s_vMgrRxProbeRequest(
253 IN PSMgmtObject pMgmt,
254 IN PSRxMgmtPacket pRxPacket
259 s_vMgrRxProbeResponse(
261 IN PSMgmtObject pMgmt,
262 IN PSRxMgmtPacket pRxPacket
270 IN PSMgmtObject pMgmt,
271 IN PSRxMgmtPacket pRxPacket,
278 IN PSMgmtObject pMgmt,
286 IN PSMgmtObject pMgmt,
287 IN WORD wCurrCapInfo,
288 IN WORD wCurrBeaconPeriod,
289 IN UINT uCurrChannel,
290 IN WORD wCurrATIMWinodw,
291 IN PWLAN_IE_SSID pCurrSSID,
293 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
294 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
298 // Association response
301 s_MgrMakeAssocResponse(
303 IN PSMgmtObject pMgmt,
304 IN WORD wCurrCapInfo,
305 IN WORD wAssocStatus,
308 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
309 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
312 // ReAssociation response
315 s_MgrMakeReAssocResponse(
317 IN PSMgmtObject pMgmt,
318 IN WORD wCurrCapInfo,
319 IN WORD wAssocStatus,
322 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
323 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
329 s_MgrMakeProbeResponse(
331 IN PSMgmtObject pMgmt,
332 IN WORD wCurrCapInfo,
333 IN WORD wCurrBeaconPeriod,
334 IN UINT uCurrChannel,
335 IN WORD wCurrATIMWinodw,
337 IN PWLAN_IE_SSID pCurrSSID,
339 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
340 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
348 IN PSMgmtObject pMgmt,
359 OUT PCMD_STATUS pStatus
365 IN PKnownBSS pBSSNode,
366 IN NDIS_802_11_ENCRYPTION_STATUS EncStatus,
371 static VOID Encyption_Rebuild(
378 /*--------------------- Export Variables --------------------------*/
381 /*--------------------- Export Functions --------------------------*/
386 * Routine Description:
387 * Allocates and initializes the Management object.
396 IN HANDLE hDeviceContext
399 PSDevice pDevice = (PSDevice)hDeviceContext;
400 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
404 pMgmt->pbyPSPacketPool = &pMgmt->byPSPacketPool[0];
405 pMgmt->pbyMgmtPacketPool = &pMgmt->byMgmtPacketPool[0];
406 pMgmt->uCurrChannel = pDevice->uChannel;
407 for(ii=0;ii<WLAN_BSSID_LEN;ii++) {
408 pMgmt->abyDesireBSSID[ii] = 0xFF;
410 pMgmt->sAssocInfo.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
411 //memset(pMgmt->abyDesireSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN +1);
412 pMgmt->byCSSPK = KEY_CTL_NONE;
413 pMgmt->byCSSGK = KEY_CTL_NONE;
414 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
415 BSSvClearBSSList((HANDLE)pDevice, FALSE);
417 init_timer(&pMgmt->sTimerSecondCallback);
418 pMgmt->sTimerSecondCallback.data = (ULONG)pDevice;
419 pMgmt->sTimerSecondCallback.function = (TimerFunction)BSSvSecondCallBack;
420 pMgmt->sTimerSecondCallback.expires = RUN_AT(HZ);
422 init_timer(&pDevice->sTimerCommand);
423 pDevice->sTimerCommand.data = (ULONG)pDevice;
424 pDevice->sTimerCommand.function = (TimerFunction)vRunCommand;
425 pDevice->sTimerCommand.expires = RUN_AT(HZ);
427 //2007-0115-10<Add>by MikeLiu
429 init_timer(&pDevice->sTimerTxData);
430 pDevice->sTimerTxData.data = (ULONG)pDevice;
431 pDevice->sTimerTxData.function = (TimerFunction)BSSvSecondTxData;
432 pDevice->sTimerTxData.expires = RUN_AT(10*HZ); //10s callback
433 pDevice->fTxDataInSleep = FALSE;
434 pDevice->IsTxDataTrigger = FALSE;
435 pDevice->nTxDataTimeCout = 0;
438 pDevice->cbFreeCmdQueue = CMD_Q_SIZE;
439 pDevice->uCmdDequeueIdx = 0;
440 pDevice->uCmdEnqueueIdx = 0;
441 pDevice->eCommandState = WLAN_CMD_IDLE;
442 pDevice->bCmdRunning = FALSE;
443 pDevice->bCmdClear = FALSE;
452 * Routine Description:
453 * Start the station association procedure. Namely, send an
454 * association request frame to the AP.
464 IN HANDLE hDeviceContext,
465 IN PSMgmtObject pMgmt,
466 OUT PCMD_STATUS pStatus
469 PSDevice pDevice = (PSDevice)hDeviceContext;
470 PSTxMgmtPacket pTxPacket;
473 pMgmt->wCurrCapInfo = 0;
474 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
475 if (pDevice->bEncryptionEnable) {
476 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
478 // always allow receive short preamble
479 //if (pDevice->byPreambleType == 1) {
480 // pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
482 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
483 if (pMgmt->wListenInterval == 0)
484 pMgmt->wListenInterval = 1; // at least one.
486 // ERP Phy (802.11g) should support short preamble.
487 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
488 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
489 if (pDevice->bShortSlotTime == TRUE)
490 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
492 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
493 if (pDevice->byPreambleType == 1) {
494 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
497 if (pMgmt->b11hEnable == TRUE)
498 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
500 // build an assocreq frame and send it
501 pTxPacket = s_MgrMakeAssocRequest
507 pMgmt->wListenInterval,
508 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
509 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
510 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
513 if (pTxPacket != NULL ){
515 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
516 if (*pStatus == CMD_STATUS_PENDING) {
517 pMgmt->eCurrState = WMAC_STATE_ASSOCPENDING;
518 *pStatus = CMD_STATUS_SUCCESS;
522 *pStatus = CMD_STATUS_RESOURCES;
530 * Routine Description:
531 * Start the station re-association procedure.
540 IN HANDLE hDeviceContext,
541 IN PSMgmtObject pMgmt,
542 OUT PCMD_STATUS pStatus
545 PSDevice pDevice = (PSDevice)hDeviceContext;
546 PSTxMgmtPacket pTxPacket;
550 pMgmt->wCurrCapInfo = 0;
551 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
552 if (pDevice->bEncryptionEnable) {
553 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
556 //if (pDevice->byPreambleType == 1) {
557 // pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
559 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
561 if (pMgmt->wListenInterval == 0)
562 pMgmt->wListenInterval = 1; // at least one.
565 // ERP Phy (802.11g) should support short preamble.
566 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
567 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
568 if (pDevice->bShortSlotTime == TRUE)
569 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
571 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
572 if (pDevice->byPreambleType == 1) {
573 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
576 if (pMgmt->b11hEnable == TRUE)
577 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
580 pTxPacket = s_MgrMakeReAssocRequest
586 pMgmt->wListenInterval,
587 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
588 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
589 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
592 if (pTxPacket != NULL ){
594 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
595 if (*pStatus != CMD_STATUS_PENDING) {
596 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx failed.\n");
599 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx sending.\n");
609 * Routine Description:
610 * Send an dis-association request frame to the AP.
618 vMgrDisassocBeginSta(
619 IN HANDLE hDeviceContext,
620 IN PSMgmtObject pMgmt,
621 IN PBYTE abyDestAddress,
623 OUT PCMD_STATUS pStatus
626 PSDevice pDevice = (PSDevice)hDeviceContext;
627 PSTxMgmtPacket pTxPacket = NULL;
628 WLAN_FR_DISASSOC sFrame;
630 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
631 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DISASSOC_FR_MAXLEN);
632 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
634 // Setup the sFrame structure
635 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
636 sFrame.len = WLAN_DISASSOC_FR_MAXLEN;
638 // format fixed field frame structure
639 vMgrEncodeDisassociation(&sFrame);
642 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
644 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
645 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DISASSOC)
648 memcpy( sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
649 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
650 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
653 *(sFrame.pwReason) = cpu_to_le16(wReason);
654 pTxPacket->cbMPDULen = sFrame.len;
655 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
658 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
659 if (*pStatus == CMD_STATUS_PENDING) {
660 pMgmt->eCurrState = WMAC_STATE_IDLE;
661 *pStatus = CMD_STATUS_SUCCESS;
671 * Routine Description:(AP function)
672 * Handle incoming station association request frames.
681 s_vMgrRxAssocRequest(
683 IN PSMgmtObject pMgmt,
684 IN PSRxMgmtPacket pRxPacket,
688 WLAN_FR_ASSOCREQ sFrame;
690 PSTxMgmtPacket pTxPacket;
691 WORD wAssocStatus = 0;
693 UINT uRateLen = WLAN_RATES_MAXLEN;
694 BYTE abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
695 BYTE abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
698 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
700 // node index not found
704 //check if node is authenticated
706 memset(&sFrame, 0, sizeof(WLAN_FR_ASSOCREQ));
707 memset(abyCurrSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
708 memset(abyCurrExtSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
709 sFrame.len = pRxPacket->cbMPDULen;
710 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
712 vMgrDecodeAssocRequest(&sFrame);
714 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
715 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
716 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
717 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
718 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
719 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? TRUE : FALSE;
720 // Todo: check sta basic rate, if ap can't support, set status code
721 if (pDevice->byBBType == BB_TYPE_11B) {
722 uRateLen = WLAN_RATES_MAXLEN_11B;
724 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
725 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
726 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
728 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
729 if (pDevice->byBBType == BB_TYPE_11G) {
730 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
731 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
734 abyCurrExtSuppRates[1] = 0;
738 RATEvParseMaxRate((PVOID)pDevice,
739 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
740 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
741 FALSE, // do not change our basic rate
742 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
743 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
744 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
745 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
746 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
750 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
751 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
752 // Todo: check sta preamble, if ap can't support, set status code
753 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
754 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
755 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
756 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
757 pMgmt->sNodeDBTable[uNodeIndex].wAID = (WORD)uNodeIndex;
758 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
759 wAssocAID = (WORD)uNodeIndex;
760 // check if ERP support
761 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
762 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
764 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
766 pDevice->bProtectMode = TRUE;
767 pDevice->bNonERPPresent = TRUE;
769 if (pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble == FALSE) {
770 pDevice->bBarkerPreambleMd = TRUE;
773 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Associate AID= %d \n", wAssocAID);
774 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
775 sFrame.pHdr->sA3.abyAddr2[0],
776 sFrame.pHdr->sA3.abyAddr2[1],
777 sFrame.pHdr->sA3.abyAddr2[2],
778 sFrame.pHdr->sA3.abyAddr2[3],
779 sFrame.pHdr->sA3.abyAddr2[4],
780 sFrame.pHdr->sA3.abyAddr2[5]
782 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
783 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
787 // assoc response reply..
788 pTxPacket = s_MgrMakeAssocResponse
795 sFrame.pHdr->sA3.abyAddr2,
796 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
797 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
799 if (pTxPacket != NULL ){
801 if (pDevice->bEnableHostapd) {
805 Status = csMgmt_xmit(pDevice, pTxPacket);
806 if (Status != CMD_STATUS_PENDING) {
807 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx failed\n");
810 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx sending..\n");
821 * Description:(AP function)
822 * Handle incoming station re-association request frames.
826 * pMgmt - Management Object structure
827 * pRxPacket - Received Packet
831 * Return Value: None.
837 s_vMgrRxReAssocRequest(
839 IN PSMgmtObject pMgmt,
840 IN PSRxMgmtPacket pRxPacket,
844 WLAN_FR_REASSOCREQ sFrame;
846 PSTxMgmtPacket pTxPacket;
847 WORD wAssocStatus = 0;
849 UINT uRateLen = WLAN_RATES_MAXLEN;
850 BYTE abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
851 BYTE abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
853 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
855 // node index not found
858 //check if node is authenticated
860 memset(&sFrame, 0, sizeof(WLAN_FR_REASSOCREQ));
861 sFrame.len = pRxPacket->cbMPDULen;
862 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
863 vMgrDecodeReassocRequest(&sFrame);
865 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
866 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
867 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
868 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
869 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
870 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? TRUE : FALSE;
871 // Todo: check sta basic rate, if ap can't support, set status code
873 if (pDevice->byBBType == BB_TYPE_11B) {
874 uRateLen = WLAN_RATES_MAXLEN_11B;
877 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
878 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
879 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
881 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
882 if (pDevice->byBBType == BB_TYPE_11G) {
883 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
884 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
887 abyCurrExtSuppRates[1] = 0;
891 RATEvParseMaxRate((PVOID)pDevice,
892 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
893 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
894 FALSE, // do not change our basic rate
895 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
896 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
897 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
898 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
899 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
903 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
904 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
905 // Todo: check sta preamble, if ap can't support, set status code
906 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
907 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
908 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
909 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
910 pMgmt->sNodeDBTable[uNodeIndex].wAID = (WORD)uNodeIndex;
911 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
912 wAssocAID = (WORD)uNodeIndex;
915 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
916 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
918 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
920 pDevice->bProtectMode = TRUE;
921 pDevice->bNonERPPresent = TRUE;
923 if (pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble == FALSE) {
924 pDevice->bBarkerPreambleMd = TRUE;
927 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Rx ReAssociate AID= %d \n", wAssocAID);
928 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
929 sFrame.pHdr->sA3.abyAddr2[0],
930 sFrame.pHdr->sA3.abyAddr2[1],
931 sFrame.pHdr->sA3.abyAddr2[2],
932 sFrame.pHdr->sA3.abyAddr2[3],
933 sFrame.pHdr->sA3.abyAddr2[4],
934 sFrame.pHdr->sA3.abyAddr2[5]
936 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
937 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
942 // assoc response reply..
943 pTxPacket = s_MgrMakeReAssocResponse
950 sFrame.pHdr->sA3.abyAddr2,
951 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
952 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
955 if (pTxPacket != NULL ){
957 if (pDevice->bEnableHostapd) {
960 Status = csMgmt_xmit(pDevice, pTxPacket);
961 if (Status != CMD_STATUS_PENDING) {
962 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx failed\n");
965 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx sending..\n");
974 * Routine Description:
975 * Handle incoming association response frames.
984 s_vMgrRxAssocResponse(
986 IN PSMgmtObject pMgmt,
987 IN PSRxMgmtPacket pRxPacket,
991 WLAN_FR_ASSOCRESP sFrame;
992 PWLAN_IE_SSID pItemSSID;
994 viawget_wpa_header *wpahdr;
998 if (pMgmt->eCurrState == WMAC_STATE_ASSOCPENDING ||
999 pMgmt->eCurrState == WMAC_STATE_ASSOC) {
1001 sFrame.len = pRxPacket->cbMPDULen;
1002 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1004 vMgrDecodeAssocResponse(&sFrame);
1005 if ((sFrame.pwCapInfo == 0) ||
1006 (sFrame.pwStatus == 0) ||
1007 (sFrame.pwAid == 0) ||
1008 (sFrame.pSuppRates == 0)){
1013 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.Capabilities = *(sFrame.pwCapInfo);
1014 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.StatusCode = *(sFrame.pwStatus);
1015 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.AssociationId = *(sFrame.pwAid);
1016 pMgmt->sAssocInfo.AssocInfo.AvailableResponseFixedIEs |= 0x07;
1018 pMgmt->sAssocInfo.AssocInfo.ResponseIELength = sFrame.len - 24 - 6;
1019 pMgmt->sAssocInfo.AssocInfo.OffsetResponseIEs = pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs + pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1020 pbyIEs = pMgmt->sAssocInfo.abyIEs;
1021 pbyIEs += pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1022 memcpy(pbyIEs, (sFrame.pBuf + 24 +6), pMgmt->sAssocInfo.AssocInfo.ResponseIELength);
1024 // save values and set current BSS state
1025 if (cpu_to_le16((*(sFrame.pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1027 pMgmt->wCurrAID = cpu_to_le16((*(sFrame.pwAid)));
1028 if ( (pMgmt->wCurrAID >> 14) != (BIT0 | BIT1) )
1030 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "AID from AP, has two msb clear.\n");
1032 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Association Successful, AID=%d.\n", pMgmt->wCurrAID & ~(BIT14|BIT15));
1033 pMgmt->eCurrState = WMAC_STATE_ASSOC;
1034 BSSvUpdateAPNode((HANDLE)pDevice, sFrame.pwCapInfo, sFrame.pSuppRates, sFrame.pExtSuppRates);
1035 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyCurrSSID;
1036 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Link with AP(SSID): %s\n", pItemSSID->abySSID);
1037 pDevice->bLinkPass = TRUE;
1038 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_INTER);
1039 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1040 if(skb_tailroom(pDevice->skb) <(sizeof(viawget_wpa_header)+pMgmt->sAssocInfo.AssocInfo.ResponseIELength+
1041 pMgmt->sAssocInfo.AssocInfo.RequestIELength)) { //data room not enough
1042 dev_kfree_skb(pDevice->skb);
1043 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1045 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1046 wpahdr->type = VIAWGET_ASSOC_MSG;
1047 wpahdr->resp_ie_len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
1048 wpahdr->req_ie_len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1049 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header), pMgmt->sAssocInfo.abyIEs, wpahdr->req_ie_len);
1050 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header) + wpahdr->req_ie_len,
1054 skb_put(pDevice->skb, sizeof(viawget_wpa_header) + wpahdr->resp_ie_len + wpahdr->req_ie_len);
1055 pDevice->skb->dev = pDevice->wpadev;
1056 skb_reset_mac_header(pDevice->skb);
1057 pDevice->skb->pkt_type = PACKET_HOST;
1058 pDevice->skb->protocol = htons(ETH_P_802_2);
1059 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1060 netif_rx(pDevice->skb);
1061 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1063 //2008-0409-07, <Add> by Einsn Liu
1064 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1065 //if(pDevice->bWPASuppWextEnabled == TRUE)
1069 union iwreq_data wrqu;
1072 memset(buf, 0, 512);
1074 len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1076 memcpy(buf, pMgmt->sAssocInfo.abyIEs, len);
1077 memset(&wrqu, 0, sizeof (wrqu));
1078 wrqu.data.length = len;
1079 we_event = IWEVASSOCREQIE;
1080 PRINT_K("wireless_send_event--->IWEVASSOCREQIE\n");
1081 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1084 memset(buf, 0, 512);
1085 len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
1088 memcpy(buf, pbyIEs, len);
1089 memset(&wrqu, 0, sizeof (wrqu));
1090 wrqu.data.length = len;
1091 we_event = IWEVASSOCRESPIE;
1092 PRINT_K("wireless_send_event--->IWEVASSOCRESPIE\n");
1093 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1096 memset(&wrqu, 0, sizeof (wrqu));
1097 memcpy(wrqu.ap_addr.sa_data, &pMgmt->abyCurrBSSID[0], ETH_ALEN);
1098 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1099 PRINT_K("wireless_send_event--->SIOCGIWAP(associated)\n");
1100 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1103 #endif //#ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1104 //End Add -- //2008-0409-07, <Add> by Einsn Liu
1108 pMgmt->eCurrState = WMAC_STATE_IDLE;
1111 // jump back to the auth state and indicate the error
1112 pMgmt->eCurrState = WMAC_STATE_AUTH;
1114 s_vMgrLogStatus(pMgmt,cpu_to_le16((*(sFrame.pwStatus))));
1120 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1121 //need clear flags related to Networkmanager
1122 pDevice->bwextstep0 = FALSE;
1123 pDevice->bwextstep1 = FALSE;
1124 pDevice->bwextstep2 = FALSE;
1125 pDevice->bwextstep3 = FALSE;
1126 pDevice->bWPASuppWextEnabled = FALSE;
1130 if(pMgmt->eCurrState == WMAC_STATE_ASSOC)
1131 timer_expire(pDevice->sTimerCommand, 0);
1140 * Routine Description:
1141 * Start the station authentication procedure. Namely, send an
1142 * authentication frame to the AP.
1151 IN HANDLE hDeviceContext,
1152 IN PSMgmtObject pMgmt,
1153 OUT PCMD_STATUS pStatus
1156 PSDevice pDevice = (PSDevice)hDeviceContext;
1157 WLAN_FR_AUTHEN sFrame;
1158 PSTxMgmtPacket pTxPacket = NULL;
1160 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1161 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1162 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1163 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1164 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1165 vMgrEncodeAuthen(&sFrame);
1167 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1169 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1170 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)
1172 memcpy( sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_ADDR_LEN);
1173 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1174 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1175 if (pMgmt->bShareKeyAlgorithm)
1176 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_SHAREDKEY);
1178 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_OPENSYSTEM);
1180 *(sFrame.pwAuthSequence) = cpu_to_le16(1);
1181 /* Adjust the length fields */
1182 pTxPacket->cbMPDULen = sFrame.len;
1183 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1185 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1186 if (*pStatus == CMD_STATUS_PENDING){
1187 pMgmt->eCurrState = WMAC_STATE_AUTHPENDING;
1188 *pStatus = CMD_STATUS_SUCCESS;
1198 * Routine Description:
1199 * Start the station(AP) deauthentication procedure. Namely, send an
1200 * deauthentication frame to the AP or Sta.
1208 vMgrDeAuthenBeginSta(
1209 IN HANDLE hDeviceContext,
1210 IN PSMgmtObject pMgmt,
1211 IN PBYTE abyDestAddress,
1213 OUT PCMD_STATUS pStatus
1216 PSDevice pDevice = (PSDevice)hDeviceContext;
1217 WLAN_FR_DEAUTHEN sFrame;
1218 PSTxMgmtPacket pTxPacket = NULL;
1221 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1222 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DEAUTHEN_FR_MAXLEN);
1223 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1224 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1225 sFrame.len = WLAN_DEAUTHEN_FR_MAXLEN;
1226 vMgrEncodeDeauthen(&sFrame);
1228 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1230 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1231 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DEAUTHEN)
1234 memcpy( sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
1235 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1236 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1238 *(sFrame.pwReason) = cpu_to_le16(wReason); // deauthen. bcs left BSS
1239 /* Adjust the length fields */
1240 pTxPacket->cbMPDULen = sFrame.len;
1241 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1243 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1244 if (*pStatus == CMD_STATUS_PENDING){
1245 *pStatus = CMD_STATUS_SUCCESS;
1255 * Routine Description:
1256 * Handle incoming authentication frames.
1265 s_vMgrRxAuthentication(
1266 IN PSDevice pDevice,
1267 IN PSMgmtObject pMgmt,
1268 IN PSRxMgmtPacket pRxPacket
1271 WLAN_FR_AUTHEN sFrame;
1273 // we better be an AP or a STA in AUTHPENDING otherwise ignore
1274 if (!(pMgmt->eCurrMode == WMAC_MODE_ESS_AP ||
1275 pMgmt->eCurrState == WMAC_STATE_AUTHPENDING)) {
1280 sFrame.len = pRxPacket->cbMPDULen;
1281 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1282 vMgrDecodeAuthen(&sFrame);
1283 switch (cpu_to_le16((*(sFrame.pwAuthSequence )))){
1286 s_vMgrRxAuthenSequence_1(pDevice,pMgmt, &sFrame);
1289 s_vMgrRxAuthenSequence_2(pDevice, pMgmt, &sFrame);
1293 s_vMgrRxAuthenSequence_3(pDevice, pMgmt, &sFrame);
1296 s_vMgrRxAuthenSequence_4(pDevice, pMgmt, &sFrame);
1299 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Auth Sequence error, seq = %d\n",
1300 cpu_to_le16((*(sFrame.pwAuthSequence))));
1310 * Routine Description:
1311 * Handles incoming authen frames with sequence 1. Currently
1312 * assumes we're an AP. So far, no one appears to use authentication
1323 s_vMgrRxAuthenSequence_1(
1324 IN PSDevice pDevice,
1325 IN PSMgmtObject pMgmt,
1326 IN PWLAN_FR_AUTHEN pFrame
1329 PSTxMgmtPacket pTxPacket = NULL;
1331 WLAN_FR_AUTHEN sFrame;
1332 PSKeyItem pTransmitKey;
1334 // Insert a Node entry
1335 if (!BSSbIsSTAInNodeDB(pDevice, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1336 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
1337 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, pFrame->pHdr->sA3.abyAddr2,
1341 if (pMgmt->bShareKeyAlgorithm) {
1342 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_KNOWN;
1343 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 1;
1346 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1350 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1351 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1352 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1353 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1354 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1355 // format buffer structure
1356 vMgrEncodeAuthen(&sFrame);
1358 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1360 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1361 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1362 WLAN_SET_FC_ISWEP(0)
1364 memcpy( sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1365 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1366 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1367 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1368 *(sFrame.pwAuthSequence) = cpu_to_le16(2);
1370 if (cpu_to_le16(*(pFrame->pwAuthAlgorithm)) == WLAN_AUTH_ALG_SHAREDKEY) {
1371 if (pMgmt->bShareKeyAlgorithm)
1372 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1374 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1377 if (pMgmt->bShareKeyAlgorithm)
1378 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1380 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1383 if (pMgmt->bShareKeyAlgorithm &&
1384 (cpu_to_le16(*(sFrame.pwStatus)) == WLAN_MGMT_STATUS_SUCCESS)) {
1386 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1387 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1388 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1389 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1390 memset(pMgmt->abyChallenge, 0, WLAN_CHALLENGE_LEN);
1392 if(KeybGetTransmitKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, GROUP_KEY, &pTransmitKey) == TRUE) {
1393 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pTransmitKey->uKeyLength+3);
1394 rc4_encrypt(&pDevice->SBox, pMgmt->abyChallenge, pMgmt->abyChallenge, WLAN_CHALLENGE_LEN);
1396 memcpy(sFrame.pChallenge->abyChallenge, pMgmt->abyChallenge , WLAN_CHALLENGE_LEN);
1399 /* Adjust the length fields */
1400 pTxPacket->cbMPDULen = sFrame.len;
1401 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1403 if (pDevice->bEnableHostapd) {
1406 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx.. \n");
1407 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1408 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx failed.\n");
1417 * Routine Description:
1418 * Handles incoming auth frames with sequence number 2. Currently
1419 * assumes we're a station.
1429 s_vMgrRxAuthenSequence_2(
1430 IN PSDevice pDevice,
1431 IN PSMgmtObject pMgmt,
1432 IN PWLAN_FR_AUTHEN pFrame
1435 WLAN_FR_AUTHEN sFrame;
1436 PSTxMgmtPacket pTxPacket = NULL;
1439 switch (cpu_to_le16((*(pFrame->pwAuthAlgorithm))))
1441 case WLAN_AUTH_ALG_OPENSYSTEM:
1442 if ( cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1443 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Successful.\n");
1444 pMgmt->eCurrState = WMAC_STATE_AUTH;
1445 timer_expire(pDevice->sTimerCommand, 0);
1448 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Failed.\n");
1449 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1450 pMgmt->eCurrState = WMAC_STATE_IDLE;
1452 if (pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1453 // spin_unlock_irq(&pDevice->lock);
1454 // vCommandTimerWait((HANDLE)pDevice, 0);
1455 // spin_lock_irq(&pDevice->lock);
1460 case WLAN_AUTH_ALG_SHAREDKEY:
1462 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1463 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1464 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1465 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1466 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1467 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1468 // format buffer structure
1469 vMgrEncodeAuthen(&sFrame);
1471 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1473 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1474 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1475 WLAN_SET_FC_ISWEP(1)
1477 memcpy( sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1478 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1479 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1480 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1481 *(sFrame.pwAuthSequence) = cpu_to_le16(3);
1482 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1483 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1484 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1485 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1486 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1487 memcpy( sFrame.pChallenge->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN);
1488 // Adjust the length fields
1489 pTxPacket->cbMPDULen = sFrame.len;
1490 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1492 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1493 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx failed.\n");
1495 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx ...\n");
1498 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:rx Auth_reply sequence_2 status error ...\n");
1499 if ( pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1500 // spin_unlock_irq(&pDevice->lock);
1501 // vCommandTimerWait((HANDLE)pDevice, 0);
1502 // spin_lock_irq(&pDevice->lock);
1504 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1508 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt: rx auth.seq = 2 unknown AuthAlgorithm=%d\n", cpu_to_le16((*(pFrame->pwAuthAlgorithm))));
1518 * Routine Description:
1519 * Handles incoming authen frames with sequence 3. Currently
1520 * assumes we're an AP. This function assumes the frame has
1521 * already been successfully decrypted.
1531 s_vMgrRxAuthenSequence_3(
1532 IN PSDevice pDevice,
1533 IN PSMgmtObject pMgmt,
1534 IN PWLAN_FR_AUTHEN pFrame
1537 PSTxMgmtPacket pTxPacket = NULL;
1538 UINT uStatusCode = 0 ;
1539 UINT uNodeIndex = 0;
1540 WLAN_FR_AUTHEN sFrame;
1542 if (!WLAN_GET_FC_ISWEP(pFrame->pHdr->sA3.wFrameCtl)) {
1543 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1546 if (BSSbIsSTAInNodeDB(pDevice, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1547 if (pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence != 1) {
1548 uStatusCode = WLAN_MGMT_STATUS_RX_AUTH_NOSEQ;
1551 if (memcmp(pMgmt->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN) != 0) {
1552 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1557 uStatusCode = WLAN_MGMT_STATUS_UNSPEC_FAILURE;
1562 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1563 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 0;
1565 uStatusCode = WLAN_MGMT_STATUS_SUCCESS;
1566 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Challenge text check ok..\n");
1570 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1571 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1572 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1573 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1574 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1575 // format buffer structure
1576 vMgrEncodeAuthen(&sFrame);
1578 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1580 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1581 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1582 WLAN_SET_FC_ISWEP(0)
1584 memcpy( sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1585 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1586 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1587 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1588 *(sFrame.pwAuthSequence) = cpu_to_le16(4);
1589 *(sFrame.pwStatus) = cpu_to_le16(uStatusCode);
1591 /* Adjust the length fields */
1592 pTxPacket->cbMPDULen = sFrame.len;
1593 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1595 if (pDevice->bEnableHostapd) {
1598 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1599 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_4 tx failed.\n");
1609 * Routine Description:
1610 * Handles incoming authen frames with sequence 4
1619 s_vMgrRxAuthenSequence_4(
1620 IN PSDevice pDevice,
1621 IN PSMgmtObject pMgmt,
1622 IN PWLAN_FR_AUTHEN pFrame
1626 if ( cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1627 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Successful.\n");
1628 pMgmt->eCurrState = WMAC_STATE_AUTH;
1629 timer_expire(pDevice->sTimerCommand, 0);
1632 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Failed.\n");
1633 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))) );
1634 pMgmt->eCurrState = WMAC_STATE_IDLE;
1637 if ( pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1638 // spin_unlock_irq(&pDevice->lock);
1639 // vCommandTimerWait((HANDLE)pDevice, 0);
1640 // spin_lock_irq(&pDevice->lock);
1647 * Routine Description:
1648 * Handles incoming disassociation frames
1658 s_vMgrRxDisassociation(
1659 IN PSDevice pDevice,
1660 IN PSMgmtObject pMgmt,
1661 IN PSRxMgmtPacket pRxPacket
1664 WLAN_FR_DISASSOC sFrame;
1665 UINT uNodeIndex = 0;
1666 CMD_STATUS CmdStatus;
1667 viawget_wpa_header *wpahdr;
1669 if ( pMgmt->eCurrMode == WMAC_MODE_ESS_AP ){
1670 // if is acting an AP..
1671 // a STA is leaving this BSS..
1672 sFrame.len = pRxPacket->cbMPDULen;
1673 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1674 if (BSSbIsSTAInNodeDB(pDevice, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex)) {
1675 BSSvRemoveOneNode(pDevice, uNodeIndex);
1678 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx disassoc, sta not found\n");
1681 else if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA ){
1682 sFrame.len = pRxPacket->cbMPDULen;
1683 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1684 vMgrDecodeDisassociation(&sFrame);
1685 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP disassociated me, reason=%d.\n", cpu_to_le16(*(sFrame.pwReason)));
1687 pDevice->fWPA_Authened = FALSE;
1688 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1689 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1690 wpahdr->type = VIAWGET_DISASSOC_MSG;
1691 wpahdr->resp_ie_len = 0;
1692 wpahdr->req_ie_len = 0;
1693 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1694 pDevice->skb->dev = pDevice->wpadev;
1695 skb_reset_mac_header(pDevice->skb);
1696 pDevice->skb->pkt_type = PACKET_HOST;
1697 pDevice->skb->protocol = htons(ETH_P_802_2);
1698 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1699 netif_rx(pDevice->skb);
1700 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1703 //TODO: do something let upper layer know or
1704 //try to send associate packet again because of inactivity timeout
1705 if (pMgmt->eCurrState == WMAC_STATE_ASSOC) {
1706 pDevice->bLinkPass = FALSE;
1707 pMgmt->sNodeDBTable[0].bActive = FALSE;
1708 pDevice->byReAssocCount = 0;
1709 pMgmt->eCurrState = WMAC_STATE_AUTH; // jump back to the auth state!
1710 pDevice->eCommandState = WLAN_ASSOCIATE_WAIT;
1711 vMgrReAssocBeginSta((PSDevice)pDevice, pMgmt, &CmdStatus);
1712 if(CmdStatus == CMD_STATUS_PENDING) {
1713 pDevice->byReAssocCount ++;
1714 return; //mike add: you'll retry for many times, so it cann't be regarded as disconnected!
1718 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1719 // if(pDevice->bWPASuppWextEnabled == TRUE)
1721 union iwreq_data wrqu;
1722 memset(&wrqu, 0, sizeof (wrqu));
1723 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1724 PRINT_K("wireless_send_event--->SIOCGIWAP(disassociated)\n");
1725 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1729 /* else, ignore it */
1737 * Routine Description:
1738 * Handles incoming deauthentication frames
1748 s_vMgrRxDeauthentication(
1749 IN PSDevice pDevice,
1750 IN PSMgmtObject pMgmt,
1751 IN PSRxMgmtPacket pRxPacket
1754 WLAN_FR_DEAUTHEN sFrame;
1755 UINT uNodeIndex = 0;
1756 viawget_wpa_header *wpahdr;
1759 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP ){
1761 // if is acting an AP..
1762 // a STA is leaving this BSS..
1763 sFrame.len = pRxPacket->cbMPDULen;
1764 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1765 if (BSSbIsSTAInNodeDB(pDevice, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex)) {
1766 BSSvRemoveOneNode(pDevice, uNodeIndex);
1769 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Rx deauth, sta not found\n");
1773 if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA ) {
1774 sFrame.len = pRxPacket->cbMPDULen;
1775 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1776 vMgrDecodeDeauthen(&sFrame);
1777 pDevice->fWPA_Authened = FALSE;
1778 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP deauthed me, reason=%d.\n", cpu_to_le16((*(sFrame.pwReason))));
1779 // TODO: update BSS list for specific BSSID if pre-authentication case
1780 if (IS_ETH_ADDRESS_EQUAL(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID)) {
1781 if (pMgmt->eCurrState >= WMAC_STATE_AUTHPENDING) {
1782 pMgmt->sNodeDBTable[0].bActive = FALSE;
1783 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
1784 pMgmt->eCurrState = WMAC_STATE_IDLE;
1785 netif_stop_queue(pDevice->dev);
1786 pDevice->bLinkPass = FALSE;
1787 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_SLOW);
1791 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1792 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1793 wpahdr->type = VIAWGET_DISASSOC_MSG;
1794 wpahdr->resp_ie_len = 0;
1795 wpahdr->req_ie_len = 0;
1796 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1797 pDevice->skb->dev = pDevice->wpadev;
1798 skb_reset_mac_header(pDevice->skb);
1799 pDevice->skb->pkt_type = PACKET_HOST;
1800 pDevice->skb->protocol = htons(ETH_P_802_2);
1801 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1802 netif_rx(pDevice->skb);
1803 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1806 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1807 // if(pDevice->bWPASuppWextEnabled == TRUE)
1809 union iwreq_data wrqu;
1810 memset(&wrqu, 0, sizeof (wrqu));
1811 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1812 PRINT_K("wireless_send_event--->SIOCGIWAP(disauthen)\n");
1813 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1818 /* else, ignore it. TODO: IBSS authentication service
1819 would be implemented here */
1824 //2008-0730-01<Add>by MikeLiu
1827 * Routine Description:
1828 * check if current channel is match ZoneType.
1837 ChannelExceedZoneType(
1838 IN PSDevice pDevice,
1839 IN BYTE byCurrChannel
1844 switch(pDevice->byZoneType) {
1845 case 0x00: //USA:1~11
1846 if((byCurrChannel<1) ||(byCurrChannel>11))
1849 case 0x01: //Japan:1~13
1850 case 0x02: //Europe:1~13
1851 if((byCurrChannel<1) ||(byCurrChannel>13))
1854 default: //reserve for other zonetype
1863 * Routine Description:
1864 * Handles and analysis incoming beacon frames.
1875 IN PSDevice pDevice,
1876 IN PSMgmtObject pMgmt,
1877 IN PSRxMgmtPacket pRxPacket,
1883 WLAN_FR_BEACON sFrame;
1885 BOOL bIsBSSIDEqual = FALSE;
1886 BOOL bIsSSIDEqual = FALSE;
1887 BOOL bTSFLargeDiff = FALSE;
1888 BOOL bTSFOffsetPostive = FALSE;
1889 BOOL bUpdateTSF = FALSE;
1890 BOOL bIsAPBeacon = FALSE;
1891 BOOL bIsChannelEqual = FALSE;
1892 UINT uLocateByteIndex;
1893 BYTE byTIMBitOn = 0;
1894 WORD wAIDNumber = 0;
1896 QWORD qwTimestamp, qwLocalTSF;
1898 WORD wStartIndex = 0;
1900 BYTE byCurrChannel = pRxPacket->byRxChannel;
1902 UINT uRateLen = WLAN_RATES_MAXLEN;
1903 BOOL bChannelHit = FALSE;
1904 BYTE byOldPreambleType;
1908 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)
1911 memset(&sFrame, 0, sizeof(WLAN_FR_BEACON));
1912 sFrame.len = pRxPacket->cbMPDULen;
1913 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1915 // decode the beacon frame
1916 vMgrDecodeBeacon(&sFrame);
1918 if ((sFrame.pwBeaconInterval == 0) ||
1919 (sFrame.pwCapInfo == 0) ||
1920 (sFrame.pSSID == 0) ||
1921 (sFrame.pSuppRates == 0) ) {
1922 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx beacon frame error\n");
1927 if( byCurrChannel > CB_MAX_CHANNEL_24G )
1929 if (sFrame.pDSParms != NULL) {
1930 if (byCurrChannel == RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1])
1932 byCurrChannel = RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1];
1938 if (sFrame.pDSParms != NULL) {
1939 if (byCurrChannel == sFrame.pDSParms->byCurrChannel)
1941 byCurrChannel = sFrame.pDSParms->byCurrChannel;
1947 //2008-0730-01<Add>by MikeLiu
1948 if(ChannelExceedZoneType(pDevice,byCurrChannel)==TRUE)
1951 if (sFrame.pERP != NULL) {
1952 sERP.byERP = sFrame.pERP->byContext;
1953 sERP.bERPExist = TRUE;
1956 sERP.bERPExist = FALSE;
1960 pBSSList = BSSpAddrIsInBSSList((HANDLE)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
1961 if (pBSSList == NULL) {
1962 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Beacon/insert: RxChannel = : %d\n", byCurrChannel);
1963 BSSbInsertToBSSList((HANDLE)pDevice,
1964 sFrame.pHdr->sA3.abyAddr3,
1965 *sFrame.pqwTimestamp,
1966 *sFrame.pwBeaconInterval,
1971 sFrame.pExtSuppRates,
1977 sFrame.len - WLAN_HDR_ADDR3_LEN,
1978 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
1983 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"update bcn: RxChannel = : %d\n", byCurrChannel);
1984 BSSbUpdateToBSSList((HANDLE)pDevice,
1985 *sFrame.pqwTimestamp,
1986 *sFrame.pwBeaconInterval,
1992 sFrame.pExtSuppRates,
1999 sFrame.len - WLAN_HDR_ADDR3_LEN,
2000 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
2010 if(byCurrChannel == (BYTE)pMgmt->uCurrChannel)
2011 bIsChannelEqual = TRUE;
2013 if (bIsChannelEqual && (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)) {
2015 // if rx beacon without ERP field
2016 if (sERP.bERPExist) {
2017 if (WLAN_GET_ERP_USE_PROTECTION(sERP.byERP)){
2018 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
2019 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
2023 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
2024 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
2027 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2028 if(!WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo))
2029 pDevice->byERPFlag |= WLAN_SET_ERP_BARKER_MODE(1);
2031 pDevice->byERPFlag |= WLAN_SET_ERP_NONERP_PRESENT(1);
2035 // check if BSSID the same
2036 if (memcmp(sFrame.pHdr->sA3.abyAddr3,
2037 pMgmt->abyCurrBSSID,
2038 WLAN_BSSID_LEN) == 0) {
2040 bIsBSSIDEqual = TRUE;
2041 pDevice->uCurrRSSI = pRxPacket->uRSSI;
2042 pDevice->byCurrSQ = pRxPacket->bySQ;
2043 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0) {
2044 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2045 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"BCN:Wake Count= [%d]\n", pMgmt->wCountToWakeUp);
2048 // check if SSID the same
2049 if (sFrame.pSSID->len == ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) {
2050 if (memcmp(sFrame.pSSID->abySSID,
2051 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
2054 bIsSSIDEqual = TRUE;
2058 if ((WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)== TRUE) &&
2059 (bIsBSSIDEqual == TRUE) &&
2060 (bIsSSIDEqual == TRUE) &&
2061 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
2062 (pMgmt->eCurrState == WMAC_STATE_ASSOC)) {
2063 // add state check to prevent reconnect fail since we'll receive Beacon
2066 if (pBSSList != NULL) {
2069 if ((pBSSList->sERP.bERPExist == TRUE) && (pDevice->byBBType == BB_TYPE_11G)) {
2070 if ((pBSSList->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION) != pDevice->bProtectMode) {//0000 0010
2071 pDevice->bProtectMode = (pBSSList->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
2072 if (pDevice->bProtectMode) {
2073 MACvEnableProtectMD(pDevice);
2075 MACvDisableProtectMD(pDevice);
2077 vUpdateIFS(pDevice);
2079 if ((pBSSList->sERP.byERP & WLAN_EID_ERP_NONERP_PRESENT) != pDevice->bNonERPPresent) {//0000 0001
2080 pDevice->bNonERPPresent = (pBSSList->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
2082 if ((pBSSList->sERP.byERP & WLAN_EID_ERP_BARKER_MODE) != pDevice->bBarkerPreambleMd) {//0000 0100
2083 pDevice->bBarkerPreambleMd = (pBSSList->sERP.byERP & WLAN_EID_ERP_BARKER_MODE);
2084 //BarkerPreambleMd has higher priority than shortPreamble bit in Cap
2085 if (pDevice->bBarkerPreambleMd) {
2086 MACvEnableBarkerPreambleMd(pDevice);
2088 MACvDisableBarkerPreambleMd(pDevice);
2092 // Sync Short Slot Time
2093 if (WLAN_GET_CAP_INFO_SHORTSLOTTIME(pBSSList->wCapInfo) != pDevice->bShortSlotTime) {
2094 BOOL bShortSlotTime;
2096 bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(pBSSList->wCapInfo);
2097 //DBG_PRN_WLAN05(("Set Short Slot Time: %d\n", pDevice->bShortSlotTime));
2098 //Kyle check if it is OK to set G.
2099 if (pDevice->byBBType == BB_TYPE_11A) {
2100 bShortSlotTime = TRUE;
2102 else if (pDevice->byBBType == BB_TYPE_11B) {
2103 bShortSlotTime = FALSE;
2105 if (bShortSlotTime != pDevice->bShortSlotTime) {
2106 pDevice->bShortSlotTime = bShortSlotTime;
2107 BBvSetShortSlotTime(pDevice);
2108 vUpdateIFS(pDevice);
2113 // Preamble may change dynamiclly
2115 byOldPreambleType = pDevice->byPreambleType;
2116 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(pBSSList->wCapInfo)) {
2117 pDevice->byPreambleType = pDevice->byShortPreamble;
2120 pDevice->byPreambleType = 0;
2122 if (pDevice->byPreambleType != byOldPreambleType)
2123 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
2125 // Basic Rate Set may change dynamiclly
2127 if (pBSSList->eNetworkTypeInUse == PHY_TYPE_11B) {
2128 uRateLen = WLAN_RATES_MAXLEN_11B;
2130 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abySuppRates,
2131 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2133 pMgmt->abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abyExtSuppRates,
2134 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
2136 RATEvParseMaxRate( (PVOID)pDevice,
2137 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2138 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
2140 &(pMgmt->sNodeDBTable[0].wMaxBasicRate),
2141 &(pMgmt->sNodeDBTable[0].wMaxSuppRate),
2142 &(pMgmt->sNodeDBTable[0].wSuppRate),
2143 &(pMgmt->sNodeDBTable[0].byTopCCKBasicRate),
2144 &(pMgmt->sNodeDBTable[0].byTopOFDMBasicRate)
2150 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Beacon 2 \n");
2151 // check if CF field exisit
2152 if (WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)) {
2153 if (sFrame.pCFParms->wCFPDurRemaining > 0) {
2154 // TODO: deal with CFP period to set NAV
2158 HIDWORD(qwTimestamp) = cpu_to_le32(HIDWORD(*sFrame.pqwTimestamp));
2159 LODWORD(qwTimestamp) = cpu_to_le32(LODWORD(*sFrame.pqwTimestamp));
2160 HIDWORD(qwLocalTSF) = HIDWORD(pRxPacket->qwLocalTSF);
2161 LODWORD(qwLocalTSF) = LODWORD(pRxPacket->qwLocalTSF);
2163 // check if beacon TSF larger or small than our local TSF
2164 if (HIDWORD(qwTimestamp) == HIDWORD(qwLocalTSF)) {
2165 if (LODWORD(qwTimestamp) >= LODWORD(qwLocalTSF)) {
2166 bTSFOffsetPostive = TRUE;
2169 bTSFOffsetPostive = FALSE;
2172 else if (HIDWORD(qwTimestamp) > HIDWORD(qwLocalTSF)) {
2173 bTSFOffsetPostive = TRUE;
2175 else if (HIDWORD(qwTimestamp) < HIDWORD(qwLocalTSF)) {
2176 bTSFOffsetPostive = FALSE;
2179 if (bTSFOffsetPostive) {
2180 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwTimestamp), (qwLocalTSF));
2183 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwLocalTSF), (qwTimestamp));
2186 if (HIDWORD(qwTSFOffset) != 0 ||
2187 (LODWORD(qwTSFOffset) > TRIVIAL_SYNC_DIFFERENCE )) {
2188 bTSFLargeDiff = TRUE;
2193 if (bIsAPBeacon == TRUE) {
2195 // Infra mode: Local TSF always follow AP's TSF if Difference huge.
2199 if ((pDevice->bEnablePSMode == TRUE) &&(sFrame.pTIM != 0)) {
2201 // deal with DTIM, analysis TIM
2202 pMgmt->bMulticastTIM = WLAN_MGMT_IS_MULTICAST_TIM(sFrame.pTIM->byBitMapCtl) ? TRUE : FALSE ;
2203 pMgmt->byDTIMCount = sFrame.pTIM->byDTIMCount;
2204 pMgmt->byDTIMPeriod = sFrame.pTIM->byDTIMPeriod;
2205 wAIDNumber = pMgmt->wCurrAID & ~(BIT14|BIT15);
2207 // check if AID in TIM field bit on
2209 wStartIndex = WLAN_MGMT_GET_TIM_OFFSET(sFrame.pTIM->byBitMapCtl) << 1;
2211 wAIDIndex = (wAIDNumber >> 3);
2212 if ((wAIDNumber > 0) && (wAIDIndex >= wStartIndex)) {
2213 uLocateByteIndex = wAIDIndex - wStartIndex;
2214 // len = byDTIMCount + byDTIMPeriod + byDTIMPeriod + byVirtBitMap[0~250]
2215 if (sFrame.pTIM->len >= (uLocateByteIndex + 4)) {
2216 byTIMBitOn = (0x01) << ((wAIDNumber) % 8);
2217 pMgmt->bInTIM = sFrame.pTIM->byVirtBitMap[uLocateByteIndex] & byTIMBitOn ? TRUE : FALSE;
2220 pMgmt->bInTIM = FALSE;
2224 pMgmt->bInTIM = FALSE;
2227 if (pMgmt->bInTIM ||
2228 (pMgmt->bMulticastTIM && (pMgmt->byDTIMCount == 0))) {
2229 pMgmt->bInTIMWake = TRUE;
2230 // send out ps-poll packet
2231 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN:In TIM\n");
2232 if (pMgmt->bInTIM) {
2233 PSvSendPSPOLL((PSDevice)pDevice);
2234 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN:PS-POLL sent..\n");
2239 pMgmt->bInTIMWake = FALSE;
2240 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Not In TIM..\n");
2241 if (pDevice->bPWBitOn == FALSE) {
2242 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Send Null Packet\n");
2243 if (PSbSendNullPacket(pDevice))
2244 pDevice->bPWBitOn = TRUE;
2246 if(PSbConsiderPowerDown(pDevice, FALSE, FALSE)) {
2247 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Power down now...\n");
2255 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && !bIsAPBeacon && bIsChannelEqual) {
2256 if (bIsBSSIDEqual) {
2257 // Use sNodeDBTable[0].uInActiveCount as IBSS beacons received count.
2258 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
2259 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2261 // adhoc mode:TSF updated only when beacon larger then local TSF
2262 if (bTSFLargeDiff && bTSFOffsetPostive &&
2263 (pMgmt->eCurrState == WMAC_STATE_JOINTED))
2266 // During dpc, already in spinlocked.
2267 if (BSSbIsSTAInNodeDB(pDevice, sFrame.pHdr->sA3.abyAddr2, &uNodeIndex)) {
2269 // Update the STA, (Techically the Beacons of all the IBSS nodes
2270 // should be identical, but that's not happening in practice.
2271 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2272 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2273 WLAN_RATES_MAXLEN_11B);
2274 RATEvParseMaxRate( (PVOID)pDevice,
2275 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2278 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2279 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2280 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2281 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2282 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2284 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2285 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2286 pMgmt->sNodeDBTable[uNodeIndex].uInActiveCount = 0;
2289 // Todo, initial Node content
2290 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
2292 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2293 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2294 WLAN_RATES_MAXLEN_11B);
2295 RATEvParseMaxRate( (PVOID)pDevice,
2296 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2299 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2300 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2301 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2302 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2303 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2306 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, sFrame.pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
2307 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2308 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate = pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
2310 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2311 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
2312 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
2316 // if other stations jointed, indicate connect to upper layer..
2317 if (pMgmt->eCurrState == WMAC_STATE_STARTED) {
2318 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Current IBSS State: [Started]........to: [Jointed] \n");
2319 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2320 pDevice->bLinkPass = TRUE;
2321 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_INTER);
2322 if (netif_queue_stopped(pDevice->dev)){
2323 netif_wake_queue(pDevice->dev);
2325 pMgmt->sNodeDBTable[0].bActive = TRUE;
2326 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2330 else if (bIsSSIDEqual) {
2332 // See other adhoc sta with the same SSID but BSSID is different.
2333 // adpot this vars only when TSF larger then us.
2334 if (bTSFLargeDiff && bTSFOffsetPostive) {
2335 // we don't support ATIM under adhoc mode
2336 // if ( sFrame.pIBSSParms->wATIMWindow == 0) {
2338 // TODO: check sFrame cap if privacy on, and support rate syn
2339 memcpy(pMgmt->abyCurrBSSID, sFrame.pHdr->sA3.abyAddr3, WLAN_BSSID_LEN);
2340 memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
2341 pMgmt->wCurrATIMWindow = cpu_to_le16(sFrame.pIBSSParms->wATIMWindow);
2342 pMgmt->wCurrBeaconPeriod = cpu_to_le16(*sFrame.pwBeaconInterval);
2343 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2344 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2345 WLAN_RATES_MAXLEN_11B);
2346 // set HW beacon interval and re-synchronizing....
2347 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rejoining to Other Adhoc group with same SSID........\n");
2349 MACvWriteBeaconInterval(pDevice, pMgmt->wCurrBeaconPeriod);
2350 CARDvAdjustTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, pRxPacket->qwLocalTSF);
2351 CARDvUpdateNextTBTT(pDevice, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2353 // Turn off bssid filter to avoid filter others adhoc station which bssid is different.
2354 MACvWriteBSSIDAddress(pDevice, pMgmt->abyCurrBSSID);
2356 byOldPreambleType = pDevice->byPreambleType;
2357 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo)) {
2358 pDevice->byPreambleType = pDevice->byShortPreamble;
2361 pDevice->byPreambleType = 0;
2363 if (pDevice->byPreambleType != byOldPreambleType)
2364 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
2367 // MACvRegBitsOff(pDevice->PortOffset, MAC_REG_RCR, RCR_BSSID);
2368 // set highest basic rate
2369 // s_vSetHighestBasicRate(pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates);
2370 // Prepare beacon frame
2371 bMgrPrepareBeaconToSend((HANDLE)pDevice, pMgmt);
2379 CARDbGetCurrentTSF(pDevice, &qwCurrTSF);
2380 CARDvAdjustTSF(pDevice, pRxPacket->byRxRate, qwTimestamp , pRxPacket->qwLocalTSF);
2381 CARDbGetCurrentTSF(pDevice, &qwCurrTSF);
2382 CARDvUpdateNextTBTT(pDevice, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2392 * Routine Description:
2393 * Instructs the hw to create a bss using the supplied
2394 * attributes. Note that this implementation only supports Ad-Hoc
2404 IN HANDLE hDeviceContext,
2405 OUT PCMD_STATUS pStatus
2408 PSDevice pDevice = (PSDevice)hDeviceContext;
2409 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2412 BYTE byTopCCKBasicRate;
2413 BYTE byTopOFDMBasicRate;
2416 BYTE abyRATE[] = {0x82, 0x84, 0x8B, 0x96, 0x24, 0x30, 0x48, 0x6C, 0x0C, 0x12, 0x18, 0x60};
2417 BYTE abyCCK_RATE[] = {0x82, 0x84, 0x8B, 0x96};
2418 BYTE abyOFDM_RATE[] = {0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2423 HIDWORD(qwCurrTSF) = 0;
2424 LODWORD(qwCurrTSF) = 0;
2426 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Create Basic Service Set .......\n");
2428 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2429 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) &&
2430 (pDevice->eEncryptionStatus != Ndis802_11Encryption2Enabled) &&
2431 (pDevice->eEncryptionStatus != Ndis802_11Encryption3Enabled)) {
2432 // encryption mode error
2433 *pStatus = CMD_STATUS_FAILURE;
2438 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2439 pMgmt->abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
2441 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2442 pMgmt->eCurrentPHYMode = pMgmt->byAPBBType;
2444 if (pDevice->byBBType == BB_TYPE_11G)
2445 pMgmt->eCurrentPHYMode = PHY_TYPE_11G;
2446 if (pDevice->byBBType == BB_TYPE_11B)
2447 pMgmt->eCurrentPHYMode = PHY_TYPE_11B;
2448 if (pDevice->byBBType == BB_TYPE_11A)
2449 pMgmt->eCurrentPHYMode = PHY_TYPE_11A;
2452 if (pMgmt->eCurrentPHYMode != PHY_TYPE_11A) {
2453 pMgmt->abyCurrSuppRates[1] = WLAN_RATES_MAXLEN_11B;
2454 pMgmt->abyCurrExtSuppRates[1] = 0;
2455 for (ii = 0; ii < 4; ii++)
2456 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2458 pMgmt->abyCurrSuppRates[1] = 8;
2459 pMgmt->abyCurrExtSuppRates[1] = 0;
2460 for (ii = 0; ii < 8; ii++)
2461 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2465 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
2466 pMgmt->abyCurrSuppRates[1] = 8;
2467 pMgmt->abyCurrExtSuppRates[1] = 4;
2468 for (ii = 0; ii < 4; ii++)
2469 pMgmt->abyCurrSuppRates[2+ii] = abyCCK_RATE[ii];
2470 for (ii = 4; ii < 8; ii++)
2471 pMgmt->abyCurrSuppRates[2+ii] = abyOFDM_RATE[ii-4];
2472 for (ii = 0; ii < 4; ii++)
2473 pMgmt->abyCurrExtSuppRates[2+ii] = abyOFDM_RATE[ii+4];
2477 // Disable Protect Mode
2478 pDevice->bProtectMode = 0;
2479 MACvDisableProtectMD(pDevice);
2481 pDevice->bBarkerPreambleMd = 0;
2482 MACvDisableBarkerPreambleMd(pDevice);
2484 // Kyle Test 2003.11.04
2486 // set HW beacon interval
2487 if (pMgmt->wIBSSBeaconPeriod == 0)
2488 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
2489 MACvWriteBeaconInterval(pDevice, pMgmt->wIBSSBeaconPeriod);
2491 CARDbGetCurrentTSF(pDevice, &qwCurrTSF);
2492 // clear TSF counter
2493 CARDbClearCurrentTSF(pDevice);
2495 // enable TSF counter
2496 MACvRegBitsOn(pDevice,MAC_REG_TFTCTL,TFTCTL_TSFCNTREN);
2498 CARDvSetFirstNextTBTT(pDevice, pMgmt->wIBSSBeaconPeriod);
2500 pMgmt->uIBSSChannel = pDevice->uChannel;
2502 if (pMgmt->uIBSSChannel == 0)
2503 pMgmt->uIBSSChannel = DEFAULT_IBSS_CHANNEL;
2505 // set channel and clear NAV
2506 CARDbSetMediaChannel(pDevice, pMgmt->uIBSSChannel);
2507 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2509 pDevice->byPreambleType = pDevice->byShortPreamble;
2513 RATEvParseMaxRate((PVOID)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2514 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates, TRUE,
2515 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2516 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2520 if (pDevice->byBBType == BB_TYPE_11A) {
2521 pDevice->bShortSlotTime = TRUE;
2523 pDevice->bShortSlotTime = FALSE;
2525 BBvSetShortSlotTime(pDevice);
2526 // vUpdateIFS() use pDevice->bShortSlotTime as parameter so it must be called
2527 // after setting ShortSlotTime.
2528 // CARDvSetBSSMode call vUpdateIFS()
2529 CARDvSetBSSMode(pDevice);
2531 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2532 MACvRegBitsOn(pDevice, MAC_REG_HOSTCR, HOSTCR_AP);
2533 pMgmt->eCurrMode = WMAC_MODE_ESS_AP;
2536 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2537 MACvRegBitsOn(pDevice, MAC_REG_HOSTCR, HOSTCR_ADHOC);
2538 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2541 // Adopt pre-configured IBSS vars to current vars
2542 pMgmt->eCurrState = WMAC_STATE_STARTED;
2543 pMgmt->wCurrBeaconPeriod = pMgmt->wIBSSBeaconPeriod;
2544 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2545 pMgmt->wCurrATIMWindow = pMgmt->wIBSSATIMWindow;
2546 pDevice->uCurrRSSI = 0;
2547 pDevice->byCurrSQ = 0;
2549 //20080131-04,<Add> by Mike Liu
2551 memcpy(pMgmt->abyDesireSSID,pMgmt->abyAdHocSSID,
2552 ((PWLAN_IE_SSID)pMgmt->abyAdHocSSID)->len + WLAN_IEHDR_LEN);
2555 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2556 memcpy(pMgmt->abyCurrSSID,
2557 pMgmt->abyDesireSSID,
2558 ((PWLAN_IE_SSID)pMgmt->abyDesireSSID)->len + WLAN_IEHDR_LEN
2561 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2562 // AP mode BSSID = MAC addr
2563 memcpy(pMgmt->abyCurrBSSID, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
2564 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO"AP beacon created BSSID:%02x-%02x-%02x-%02x-%02x-%02x \n",
2565 pMgmt->abyCurrBSSID[0],
2566 pMgmt->abyCurrBSSID[1],
2567 pMgmt->abyCurrBSSID[2],
2568 pMgmt->abyCurrBSSID[3],
2569 pMgmt->abyCurrBSSID[4],
2570 pMgmt->abyCurrBSSID[5]
2574 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2576 // BSSID selected must be randomized as spec 11.1.3
2577 pMgmt->abyCurrBSSID[5] = (BYTE) (LODWORD(qwCurrTSF)& 0x000000ff);
2578 pMgmt->abyCurrBSSID[4] = (BYTE)((LODWORD(qwCurrTSF)& 0x0000ff00) >> 8);
2579 pMgmt->abyCurrBSSID[3] = (BYTE)((LODWORD(qwCurrTSF)& 0x00ff0000) >> 16);
2580 pMgmt->abyCurrBSSID[2] = (BYTE)((LODWORD(qwCurrTSF)& 0x00000ff0) >> 4);
2581 pMgmt->abyCurrBSSID[1] = (BYTE)((LODWORD(qwCurrTSF)& 0x000ff000) >> 12);
2582 pMgmt->abyCurrBSSID[0] = (BYTE)((LODWORD(qwCurrTSF)& 0x0ff00000) >> 20);
2583 pMgmt->abyCurrBSSID[5] ^= pMgmt->abyMACAddr[0];
2584 pMgmt->abyCurrBSSID[4] ^= pMgmt->abyMACAddr[1];
2585 pMgmt->abyCurrBSSID[3] ^= pMgmt->abyMACAddr[2];
2586 pMgmt->abyCurrBSSID[2] ^= pMgmt->abyMACAddr[3];
2587 pMgmt->abyCurrBSSID[1] ^= pMgmt->abyMACAddr[4];
2588 pMgmt->abyCurrBSSID[0] ^= pMgmt->abyMACAddr[5];
2589 pMgmt->abyCurrBSSID[0] &= ~IEEE_ADDR_GROUP;
2590 pMgmt->abyCurrBSSID[0] |= IEEE_ADDR_UNIVERSAL;
2593 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO"Adhoc beacon created bssid:%02x-%02x-%02x-%02x-%02x-%02x \n",
2594 pMgmt->abyCurrBSSID[0],
2595 pMgmt->abyCurrBSSID[1],
2596 pMgmt->abyCurrBSSID[2],
2597 pMgmt->abyCurrBSSID[3],
2598 pMgmt->abyCurrBSSID[4],
2599 pMgmt->abyCurrBSSID[5]
2604 MACvWriteBSSIDAddress(pDevice, pMgmt->abyCurrBSSID);
2605 memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_ADDR_LEN);
2607 MACvRegBitsOn(pDevice, MAC_REG_RCR, RCR_BSSID);
2608 pDevice->byRxMode |= RCR_BSSID;
2609 pMgmt->bCurrBSSIDFilterOn = TRUE;
2611 // Set Capability Info
2612 pMgmt->wCurrCapInfo = 0;
2614 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2615 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
2616 pMgmt->byDTIMPeriod = DEFAULT_DTIM_PERIOD;
2617 pMgmt->byDTIMCount = pMgmt->byDTIMPeriod - 1;
2618 pDevice->eOPMode = OP_MODE_AP;
2621 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2622 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_IBSS(1);
2623 pDevice->eOPMode = OP_MODE_ADHOC;
2626 if (pDevice->bEncryptionEnable) {
2627 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
2628 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2629 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2630 pMgmt->byCSSPK = KEY_CTL_CCMP;
2631 pMgmt->byCSSGK = KEY_CTL_CCMP;
2632 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2633 pMgmt->byCSSPK = KEY_CTL_TKIP;
2634 pMgmt->byCSSGK = KEY_CTL_TKIP;
2636 pMgmt->byCSSPK = KEY_CTL_NONE;
2637 pMgmt->byCSSGK = KEY_CTL_WEP;
2640 pMgmt->byCSSPK = KEY_CTL_WEP;
2641 pMgmt->byCSSGK = KEY_CTL_WEP;
2645 pMgmt->byERPContext = 0;
2647 if (pDevice->byPreambleType == 1) {
2648 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
2650 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SHORTPREAMBLE(1));
2653 pMgmt->eCurrState = WMAC_STATE_STARTED;
2654 // Prepare beacon to send
2655 if (bMgrPrepareBeaconToSend((HANDLE)pDevice, pMgmt)) {
2656 *pStatus = CMD_STATUS_SUCCESS;
2665 * Routine Description:
2666 * Instructs wmac to join a bss using the supplied attributes.
2667 * The arguments may the BSSID or SSID and the rest of the
2668 * attributes are obtained from the scan result of known bss list.
2678 IN HANDLE hDeviceContext,
2679 OUT PCMD_STATUS pStatus
2683 PSDevice pDevice = (PSDevice)hDeviceContext;
2684 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
2685 PKnownBSS pCurr = NULL;
2687 PWLAN_IE_SUPP_RATES pItemRates = NULL;
2688 PWLAN_IE_SUPP_RATES pItemExtRates = NULL;
2689 PWLAN_IE_SSID pItemSSID;
2690 UINT uRateLen = WLAN_RATES_MAXLEN;
2691 WORD wMaxBasicRate = RATE_1M;
2692 WORD wMaxSuppRate = RATE_1M;
2694 BYTE byTopCCKBasicRate = RATE_1M;
2695 BYTE byTopOFDMBasicRate = RATE_1M;
2696 BOOL bShortSlotTime = FALSE;
2699 for (ii = 0; ii < MAX_BSS_NUM; ii++) {
2700 if (pMgmt->sBSSList[ii].bActive == TRUE)
2704 if (ii == MAX_BSS_NUM) {
2705 *pStatus = CMD_STATUS_RESOURCES;
2706 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "BSS finding:BSS list is empty.\n");
2710 // memset(pMgmt->abyDesireBSSID, 0, WLAN_BSSID_LEN);
2711 // Search known BSS list for prefer BSSID or SSID
2713 pCurr = BSSpSearchBSSList(pDevice,
2714 pMgmt->abyDesireBSSID,
2715 pMgmt->abyDesireSSID,
2716 pDevice->eConfigPHYMode
2720 *pStatus = CMD_STATUS_RESOURCES;
2721 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyDesireSSID;
2722 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Scanning [%s] not found, disconnected !\n", pItemSSID->abySSID);
2726 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP(BSS) finding:Found a AP(BSS)..\n");
2728 if (WLAN_GET_CAP_INFO_ESS(cpu_to_le16(pCurr->wCapInfo))){
2730 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA)||(pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)) {
2732 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2733 if (WPA_SearchRSN(0, WPA_TKIP, pCurr) == FALSE) {
2734 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"No match RSN info. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
2735 // encryption mode error
2736 pMgmt->eCurrState = WMAC_STATE_IDLE;
2739 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2740 if (WPA_SearchRSN(0, WPA_AESCCMP, pCurr) == FALSE) {
2741 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"No match RSN info. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
2742 // encryption mode error
2743 pMgmt->eCurrState = WMAC_STATE_IDLE;
2750 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
2751 //if(pDevice->bWPASuppWextEnabled == TRUE)
2752 Encyption_Rebuild(pDevice, pCurr);
2755 // Infrastructure BSS
2756 s_vMgrSynchBSS(pDevice,
2762 if (*pStatus == CMD_STATUS_SUCCESS){
2764 // Adopt this BSS state vars in Mgmt Object
2765 pMgmt->uCurrChannel = pCurr->uChannel;
2767 memset(pMgmt->abyCurrSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2768 memset(pMgmt->abyCurrExtSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2770 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
2771 uRateLen = WLAN_RATES_MAXLEN_11B;
2774 pItemRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates;
2775 pItemExtRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates;
2777 // Parse Support Rate IE
2778 pItemRates->byElementID = WLAN_EID_SUPP_RATES;
2779 pItemRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2783 // Parse Extension Support Rate IE
2784 pItemExtRates->byElementID = WLAN_EID_EXTSUPP_RATES;
2785 pItemExtRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abyExtSuppRates,
2789 if ((pItemExtRates->len > 0) && (pItemRates->len < 8)) {
2790 for (ii = 0; ii < (UINT)(8 - pItemRates->len); ) {
2791 pItemRates->abyRates[pItemRates->len + ii] = pItemExtRates->abyRates[ii];
2793 if (pItemExtRates->len <= ii)
2796 pItemRates->len += (BYTE)ii;
2797 if (pItemExtRates->len - ii > 0) {
2798 pItemExtRates->len -= (BYTE)ii;
2799 for (uu = 0; uu < pItemExtRates->len; uu ++) {
2800 pItemExtRates->abyRates[uu] = pItemExtRates->abyRates[uu + ii];
2803 pItemExtRates->len = 0;
2807 RATEvParseMaxRate((PVOID)pDevice, pItemRates, pItemExtRates, TRUE,
2808 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2809 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2810 vUpdateIFS(pDevice);
2811 // TODO: deal with if wCapInfo the privacy is on, but station WEP is off
2812 // TODO: deal with if wCapInfo the PS-Pollable is on.
2813 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2814 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2815 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2816 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2818 pMgmt->eCurrMode = WMAC_MODE_ESS_STA;
2820 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2821 // Adopt BSS state in Adapter Device Object
2822 pDevice->eOPMode = OP_MODE_INFRASTRUCTURE;
2823 memcpy(pDevice->abyBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2825 // Add current BSS to Candidate list
2826 // This should only works for WPA2 BSS, and WPA2 BSS check must be done before.
2827 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
2828 BOOL bResult = bAdd_PMKID_Candidate((HANDLE)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2829 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"bAdd_PMKID_Candidate: 1(%d)\n", bResult);
2830 if (bResult == FALSE) {
2831 vFlush_PMKID_Candidate((HANDLE)pDevice);
2832 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"vFlush_PMKID_Candidate: 4\n");
2833 bAdd_PMKID_Candidate((HANDLE)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2837 // Preamble type auto-switch: if AP can receive short-preamble cap,
2838 // we can turn on too.
2839 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(pCurr->wCapInfo)) {
2840 pDevice->byPreambleType = pDevice->byShortPreamble;
2843 pDevice->byPreambleType = 0;
2845 // Change PreambleType must set RSPINF again
2846 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
2848 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Join ESS\n");
2850 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11G) {
2852 if ((pCurr->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION) != pDevice->bProtectMode) {//0000 0010
2853 pDevice->bProtectMode = (pCurr->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
2854 if (pDevice->bProtectMode) {
2855 MACvEnableProtectMD(pDevice);
2857 MACvDisableProtectMD(pDevice);
2859 vUpdateIFS(pDevice);
2861 if ((pCurr->sERP.byERP & WLAN_EID_ERP_NONERP_PRESENT) != pDevice->bNonERPPresent) {//0000 0001
2862 pDevice->bNonERPPresent = (pCurr->sERP.byERP & WLAN_EID_ERP_USE_PROTECTION);
2864 if ((pCurr->sERP.byERP & WLAN_EID_ERP_BARKER_MODE) != pDevice->bBarkerPreambleMd) {//0000 0100
2865 pDevice->bBarkerPreambleMd = (pCurr->sERP.byERP & WLAN_EID_ERP_BARKER_MODE);
2866 //BarkerPreambleMd has higher priority than shortPreamble bit in Cap
2867 if (pDevice->bBarkerPreambleMd) {
2868 MACvEnableBarkerPreambleMd(pDevice);
2870 MACvDisableBarkerPreambleMd(pDevice);
2874 //DBG_PRN_WLAN05(("wCapInfo: %X\n", pCurr->wCapInfo));
2875 if (WLAN_GET_CAP_INFO_SHORTSLOTTIME(pCurr->wCapInfo) != pDevice->bShortSlotTime) {
2876 if (pDevice->byBBType == BB_TYPE_11A) {
2877 bShortSlotTime = TRUE;
2879 else if (pDevice->byBBType == BB_TYPE_11B) {
2880 bShortSlotTime = FALSE;
2883 bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(pCurr->wCapInfo);
2885 //DBG_PRN_WLAN05(("Set Short Slot Time: %d\n", pDevice->bShortSlotTime));
2886 if (bShortSlotTime != pDevice->bShortSlotTime) {
2887 pDevice->bShortSlotTime = bShortSlotTime;
2888 BBvSetShortSlotTime(pDevice);
2889 vUpdateIFS(pDevice);
2893 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"End of Join AP -- A/B/G Action\n");
2896 pMgmt->eCurrState = WMAC_STATE_IDLE;
2903 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2905 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2907 if (WPA_SearchRSN(0, WPA_TKIP, pCurr) == FALSE) {
2908 // encryption mode error
2909 pMgmt->eCurrState = WMAC_STATE_IDLE;
2913 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2915 if (WPA_SearchRSN(0, WPA_AESCCMP, pCurr) == FALSE) {
2916 // encryption mode error
2917 pMgmt->eCurrState = WMAC_STATE_IDLE;
2922 // encryption mode error
2923 pMgmt->eCurrState = WMAC_STATE_IDLE;
2928 s_vMgrSynchBSS(pDevice,
2934 if (*pStatus == CMD_STATUS_SUCCESS){
2935 // Adopt this BSS state vars in Mgmt Object
2936 // TODO: check if CapInfo privacy on, but we don't..
2937 pMgmt->uCurrChannel = pCurr->uChannel;
2940 // Parse Support Rate IE
2941 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2942 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2943 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2944 WLAN_RATES_MAXLEN_11B);
2946 RATEvParseMaxRate((PVOID)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2947 NULL, TRUE, &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2948 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2949 vUpdateIFS(pDevice);
2950 pMgmt->wCurrCapInfo = pCurr->wCapInfo;
2951 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2952 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2953 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2954 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2955 // pMgmt->wCurrATIMWindow = pCurr->wATIMWindow;
2956 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2957 pMgmt->eCurrState = WMAC_STATE_STARTED;
2958 // Adopt BSS state in Adapter Device Object
2959 pDevice->eOPMode = OP_MODE_ADHOC;
2960 pDevice->bLinkPass = TRUE;
2961 ControlvMaskByte(pDevice,MESSAGE_REQUEST_MACREG,MAC_REG_PAPEDELAY,LEDSTS_STS,LEDSTS_INTER);
2962 memcpy(pDevice->abyBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2964 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Join IBSS ok:%02x-%02x-%02x-%02x-%02x-%02x \n",
2965 pMgmt->abyCurrBSSID[0],
2966 pMgmt->abyCurrBSSID[1],
2967 pMgmt->abyCurrBSSID[2],
2968 pMgmt->abyCurrBSSID[3],
2969 pMgmt->abyCurrBSSID[4],
2970 pMgmt->abyCurrBSSID[5]
2972 // Preamble type auto-switch: if AP can receive short-preamble cap,
2973 // and if registry setting is short preamble we can turn on too.
2975 if (WLAN_GET_CAP_INFO_SHORTPREAMBLE(pCurr->wCapInfo)) {
2976 pDevice->byPreambleType = pDevice->byShortPreamble;
2979 pDevice->byPreambleType = 0;
2981 // Change PreambleType must set RSPINF again
2982 CARDvSetRSPINF(pDevice, (BYTE)pDevice->byBBType);
2985 bMgrPrepareBeaconToSend((HANDLE)pDevice, pMgmt);
2988 pMgmt->eCurrState = WMAC_STATE_IDLE;
2998 * Routine Description:
2999 * Set HW to synchronize a specific BSS from known BSS list.
3009 IN PSDevice pDevice,
3012 OUT PCMD_STATUS pStatus
3015 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
3016 //1M, 2M, 5M, 11M, 18M, 24M, 36M, 54M
3017 BYTE abyCurrSuppRatesG[] = {WLAN_EID_SUPP_RATES, 8, 0x02, 0x04, 0x0B, 0x16, 0x24, 0x30, 0x48, 0x6C};
3018 BYTE abyCurrExtSuppRatesG[] = {WLAN_EID_EXTSUPP_RATES, 4, 0x0C, 0x12, 0x18, 0x60};
3020 BYTE abyCurrSuppRatesA[] = {WLAN_EID_SUPP_RATES, 8, 0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
3021 BYTE abyCurrSuppRatesB[] = {WLAN_EID_SUPP_RATES, 4, 0x02, 0x04, 0x0B, 0x16};
3024 *pStatus = CMD_STATUS_FAILURE;
3026 if (s_bCipherMatch(pCurr,
3027 pDevice->eEncryptionStatus,
3029 &(pMgmt->byCSSGK)) == FALSE) {
3030 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "s_bCipherMatch Fail .......\n");
3034 pMgmt->pCurrBSS = pCurr;
3036 // if previous mode is IBSS.
3037 if(pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
3038 MACvRegBitsOff(pDevice, MAC_REG_TCR, TCR_AUTOBCNTX);
3041 // Init the BSS informations
3042 pDevice->bCCK = TRUE;
3043 pDevice->bProtectMode = FALSE;
3044 MACvDisableProtectMD(pDevice);
3045 pDevice->bBarkerPreambleMd = FALSE;
3046 MACvDisableBarkerPreambleMd(pDevice);
3047 pDevice->bNonERPPresent = FALSE;
3048 pDevice->byPreambleType = 0;
3049 pDevice->wBasicRate = 0;
3051 CARDbAddBasicRate((PVOID)pDevice, RATE_1M);
3053 // calculate TSF offset
3054 // TSF Offset = Received Timestamp TSF - Marked Local's TSF
3055 CARDvAdjustTSF(pDevice, pCurr->byRxRate, pCurr->qwBSSTimestamp, pCurr->qwLocalTSF);
3057 // set HW beacon interval
3058 MACvWriteBeaconInterval(pDevice, pCurr->wBeaconInterval);
3061 // Next TBTT = ((local_current_TSF / beacon_interval) + 1 ) * beacon_interval
3062 CARDvSetFirstNextTBTT(pDevice, pCurr->wBeaconInterval);
3065 MACvWriteBSSIDAddress(pDevice, pCurr->abyBSSID);
3067 MEMvCopy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, 6);
3069 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Sync:set CurrBSSID address = %02x-%02x-%02x=%02x-%02x-%02x\n",
3070 pMgmt->abyCurrBSSID[0],
3071 pMgmt->abyCurrBSSID[1],
3072 pMgmt->abyCurrBSSID[2],
3073 pMgmt->abyCurrBSSID[3],
3074 pMgmt->abyCurrBSSID[4],
3075 pMgmt->abyCurrBSSID[5]);
3077 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11A) {
3078 if ((pDevice->eConfigPHYMode == PHY_TYPE_11A) ||
3079 (pDevice->eConfigPHYMode == PHY_TYPE_AUTO)) {
3080 pDevice->byBBType = BB_TYPE_11A;
3081 pMgmt->eCurrentPHYMode = PHY_TYPE_11A;
3082 pDevice->bShortSlotTime = TRUE;
3083 BBvSetShortSlotTime(pDevice);
3084 CARDvSetBSSMode(pDevice);
3088 } else if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
3089 if ((pDevice->eConfigPHYMode == PHY_TYPE_11B) ||
3090 (pDevice->eConfigPHYMode == PHY_TYPE_11G) ||
3091 (pDevice->eConfigPHYMode == PHY_TYPE_AUTO)) {
3092 pDevice->byBBType = BB_TYPE_11B;
3093 pMgmt->eCurrentPHYMode = PHY_TYPE_11B;
3094 pDevice->bShortSlotTime = FALSE;
3095 BBvSetShortSlotTime(pDevice);
3096 CARDvSetBSSMode(pDevice);
3101 if ((pDevice->eConfigPHYMode == PHY_TYPE_11G) ||
3102 (pDevice->eConfigPHYMode == PHY_TYPE_AUTO)) {
3103 pDevice->byBBType = BB_TYPE_11G;
3104 pMgmt->eCurrentPHYMode = PHY_TYPE_11G;
3105 pDevice->bShortSlotTime = TRUE;
3106 BBvSetShortSlotTime(pDevice);
3107 CARDvSetBSSMode(pDevice);
3108 } else if (pDevice->eConfigPHYMode == PHY_TYPE_11B) {
3109 pDevice->byBBType = BB_TYPE_11B;
3110 pDevice->bShortSlotTime = FALSE;
3111 BBvSetShortSlotTime(pDevice);
3112 CARDvSetBSSMode(pDevice);
3118 if (uBSSMode == WMAC_MODE_ESS_STA) {
3119 MACvRegBitsOff(pDevice, MAC_REG_HOSTCR, HOSTCR_ADHOC);
3120 MACvRegBitsOn(pDevice, MAC_REG_RCR, RCR_BSSID);
3121 pDevice->byRxMode |= RCR_BSSID;
3122 pMgmt->bCurrBSSIDFilterOn = TRUE;
3125 // set channel and clear NAV
3126 CARDbSetMediaChannel(pDevice, pCurr->uChannel);
3127 pMgmt->uCurrChannel = pCurr->uChannel;
3128 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "<----s_bSynchBSS Set Channel [%d]\n", pCurr->uChannel);
3130 if ((pDevice->bUpdateBBVGA) &&
3131 (pDevice->byBBVGACurrent != pDevice->abyBBVGA[0])) {
3132 pDevice->byBBVGACurrent = pDevice->abyBBVGA[0];
3133 BBvSetVGAGainOffset(pDevice, pDevice->byBBVGACurrent);
3134 BBvSetShortSlotTime(pDevice);
3138 // 1. In Ad-hoc mode : check if received others beacon as jointed indication,
3139 // otherwise we will start own IBSS.
3140 // 2. In Infra mode : Supposed we already synchronized with AP right now.
3142 if (uBSSMode == WMAC_MODE_IBSS_STA) {
3143 MACvRegBitsOn(pDevice, MAC_REG_HOSTCR, HOSTCR_ADHOC);
3144 MACvRegBitsOn(pDevice, MAC_REG_RCR, RCR_BSSID);
3145 pDevice->byRxMode |= RCR_BSSID;
3146 pMgmt->bCurrBSSIDFilterOn = TRUE;
3149 if (pDevice->byBBType == BB_TYPE_11A) {
3150 MEMvCopy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesA[0], sizeof(abyCurrSuppRatesA));
3151 pMgmt->abyCurrExtSuppRates[1] = 0;
3152 } else if (pDevice->byBBType == BB_TYPE_11B) {
3153 MEMvCopy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesB[0], sizeof(abyCurrSuppRatesB));
3154 pMgmt->abyCurrExtSuppRates[1] = 0;
3156 MEMvCopy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesG[0], sizeof(abyCurrSuppRatesG));
3157 MEMvCopy(pMgmt->abyCurrExtSuppRates, &abyCurrExtSuppRatesG[0], sizeof(abyCurrExtSuppRatesG));
3159 pMgmt->byERPContext = pCurr->sERP.byERP;
3161 *pStatus = CMD_STATUS_SUCCESS;
3167 //mike add: fix NetworkManager 0.7.0 hidden ssid mode in WPA encryption
3168 // ,need reset eAuthenMode and eEncryptionStatus
3169 static VOID Encyption_Rebuild(
3170 IN PSDevice pDevice,
3174 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
3175 // UINT ii , uSameBssidNum=0;
3177 // for (ii = 0; ii < MAX_BSS_NUM; ii++) {
3178 // if (pMgmt->sBSSList[ii].bActive &&
3179 // IS_ETH_ADDRESS_EQUAL(pMgmt->sBSSList[ii].abyBSSID, pCurr->abyBSSID)) {
3183 // if( uSameBssidNum>=2) { //we only check AP in hidden sssid mode
3184 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) || //networkmanager 0.7.0 does not give the pairwise-key selsection,
3185 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) { // so we need re-selsect it according to real pairwise-key info.
3186 if(pCurr->bWPAValid == TRUE) { //WPA-PSK
3187 pMgmt->eAuthenMode = WMAC_AUTH_WPAPSK;
3188 if(pCurr->abyPKType[0] == WPA_TKIP) {
3189 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
3190 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-TKIP]\n");
3192 else if(pCurr->abyPKType[0] == WPA_AESCCMP) {
3193 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
3194 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-AES]\n");
3197 else if(pCurr->bWPA2Valid == TRUE) { //WPA2-PSK
3198 pMgmt->eAuthenMode = WMAC_AUTH_WPA2PSK;
3199 if(pCurr->abyCSSPK[0] == WLAN_11i_CSS_TKIP) {
3200 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
3201 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-TKIP]\n");
3203 else if(pCurr->abyCSSPK[0] == WLAN_11i_CSS_CCMP) {
3204 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
3205 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-AES]\n");
3216 * Routine Description:
3228 IN PSMgmtObject pMgmt,
3229 IN PWLAN_IE_TIM pTIM
3232 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
3235 BOOL bStartFound = FALSE;
3236 BOOL bMulticast = FALSE;
3237 WORD wStartIndex = 0;
3241 // Find size of partial virtual bitmap
3242 for (ii = 0; ii < (MAX_NODE_NUM + 1); ii++) {
3243 byMap = pMgmt->abyPSTxMap[ii];
3245 // Mask out the broadcast bit which is indicated separately.
3246 bMulticast = (byMap & byMask[0]) != 0;
3248 pMgmt->sNodeDBTable[0].bRxPSPoll = TRUE;
3255 wStartIndex = (WORD)ii;
3257 wEndIndex = (WORD)ii;
3262 // Round start index down to nearest even number
3263 wStartIndex &= ~BIT0;
3265 // Round end index up to nearest even number
3266 wEndIndex = ((wEndIndex + 1) & ~BIT0);
3268 // Size of element payload
3270 pTIM->len = 3 + (wEndIndex - wStartIndex) + 1;
3272 // Fill in the Fixed parts of the TIM
3273 pTIM->byDTIMCount = pMgmt->byDTIMCount;
3274 pTIM->byDTIMPeriod = pMgmt->byDTIMPeriod;
3275 pTIM->byBitMapCtl = (bMulticast ? TIM_MULTICAST_MASK : 0) |
3276 (((wStartIndex >> 1) << 1) & TIM_BITMAPOFFSET_MASK);
3278 // Append variable part of TIM
3280 for (ii = wStartIndex, jj =0 ; ii <= wEndIndex; ii++, jj++) {
3281 pTIM->byVirtBitMap[jj] = pMgmt->abyPSTxMap[ii];
3284 // Aid = 0 don't used.
3285 pTIM->byVirtBitMap[0] &= ~BIT0;
3291 * Routine Description:
3292 * Constructs an Beacon frame( Ad-hoc mode)
3296 * PTR to frame; or NULL on allocation failue
3303 IN PSDevice pDevice,
3304 IN PSMgmtObject pMgmt,
3305 IN WORD wCurrCapInfo,
3306 IN WORD wCurrBeaconPeriod,
3307 IN UINT uCurrChannel,
3308 IN WORD wCurrATIMWinodw,
3309 IN PWLAN_IE_SSID pCurrSSID,
3310 IN PBYTE pCurrBSSID,
3311 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
3312 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3315 PSTxMgmtPacket pTxPacket = NULL;
3316 WLAN_FR_BEACON sFrame;
3317 BYTE abyBroadcastAddr[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
3320 // prepare beacon frame
3321 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3322 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_BEACON_FR_MAXLEN);
3323 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3324 // Setup the sFrame structure.
3325 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3326 sFrame.len = WLAN_BEACON_FR_MAXLEN;
3327 vMgrEncodeBeacon(&sFrame);
3329 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3331 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3332 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_BEACON)
3335 if (pDevice->bEnablePSMode) {
3336 sFrame.pHdr->sA3.wFrameCtl |= cpu_to_le16((WORD)WLAN_SET_FC_PWRMGT(1));
3339 memcpy( sFrame.pHdr->sA3.abyAddr1, abyBroadcastAddr, WLAN_ADDR_LEN);
3340 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3341 memcpy( sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3342 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3343 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3345 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3346 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3347 memcpy(sFrame.pSSID,
3349 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3351 // Copy the rate set
3352 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3353 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3354 memcpy(sFrame.pSuppRates,
3356 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3359 if (pDevice->byBBType != BB_TYPE_11A) {
3360 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3361 sFrame.len += (1) + WLAN_IEHDR_LEN;
3362 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3363 sFrame.pDSParms->len = 1;
3364 sFrame.pDSParms->byCurrChannel = (BYTE)uCurrChannel;
3367 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
3368 sFrame.pTIM = (PWLAN_IE_TIM)(sFrame.pBuf + sFrame.len);
3369 sFrame.pTIM->byElementID = WLAN_EID_TIM;
3370 s_vMgrFormatTIM(pMgmt, sFrame.pTIM);
3371 sFrame.len += (WLAN_IEHDR_LEN + sFrame.pTIM->len);
3374 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
3377 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3378 sFrame.len += (2) + WLAN_IEHDR_LEN;
3379 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3380 sFrame.pIBSSParms->len = 2;
3381 sFrame.pIBSSParms->wATIMWindow = wCurrATIMWinodw;
3382 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3384 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3385 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3386 sFrame.pRSNWPA->len = 12;
3387 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3388 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3389 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3390 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3391 sFrame.pRSNWPA->wVersion = 1;
3392 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3393 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3394 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3395 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled)
3396 sFrame.pRSNWPA->abyMulticast[3] = 0x04;//AES
3397 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled)
3398 sFrame.pRSNWPA->abyMulticast[3] = 0x02;//TKIP
3399 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption1Enabled)
3400 sFrame.pRSNWPA->abyMulticast[3] = 0x01;//WEP40
3402 sFrame.pRSNWPA->abyMulticast[3] = 0x00;//NONE
3404 // Pairwise Key Cipher Suite
3405 sFrame.pRSNWPA->wPKCount = 0;
3406 // Auth Key Management Suite
3407 *((PWORD)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len))=0;
3408 sFrame.pRSNWPA->len +=2;
3411 *((PWORD)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len))=0;
3412 sFrame.pRSNWPA->len +=2;
3413 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3418 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
3419 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3420 sFrame.len += 1 + WLAN_IEHDR_LEN;
3421 sFrame.pERP->byElementID = WLAN_EID_ERP;
3422 sFrame.pERP->len = 1;
3423 sFrame.pERP->byContext = 0;
3424 if (pDevice->bProtectMode == TRUE)
3425 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3426 if (pDevice->bNonERPPresent == TRUE)
3427 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3428 if (pDevice->bBarkerPreambleMd == TRUE)
3429 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3431 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3432 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3433 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3434 MEMvCopy(sFrame.pExtSuppRates,
3436 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3439 // hostapd wpa/wpa2 IE
3440 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnableHostapd == TRUE)) {
3441 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3442 if (pMgmt->wWPAIELen != 0) {
3443 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3444 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3445 sFrame.len += pMgmt->wWPAIELen;
3450 /* Adjust the length fields */
3451 pTxPacket->cbMPDULen = sFrame.len;
3452 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3463 * Routine Description:
3464 * Constructs an Prob-response frame
3468 * PTR to frame; or NULL on allocation failue
3476 s_MgrMakeProbeResponse(
3477 IN PSDevice pDevice,
3478 IN PSMgmtObject pMgmt,
3479 IN WORD wCurrCapInfo,
3480 IN WORD wCurrBeaconPeriod,
3481 IN UINT uCurrChannel,
3482 IN WORD wCurrATIMWinodw,
3484 IN PWLAN_IE_SSID pCurrSSID,
3485 IN PBYTE pCurrBSSID,
3486 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
3487 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
3491 PSTxMgmtPacket pTxPacket = NULL;
3492 WLAN_FR_PROBERESP sFrame;
3496 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3497 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_PROBERESP_FR_MAXLEN);
3498 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3499 // Setup the sFrame structure.
3500 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3501 sFrame.len = WLAN_PROBERESP_FR_MAXLEN;
3502 vMgrEncodeProbeResponse(&sFrame);
3504 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3506 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3507 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_PROBERESP)
3509 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3510 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3511 memcpy( sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3512 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3513 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3515 if (byPHYType == BB_TYPE_11B) {
3516 *sFrame.pwCapInfo &= cpu_to_le16((WORD)~(WLAN_SET_CAP_INFO_SHORTSLOTTIME(1)));
3520 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3521 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3522 memcpy(sFrame.pSSID,
3524 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3526 // Copy the rate set
3527 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3529 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3530 memcpy(sFrame.pSuppRates,
3532 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3536 if (pDevice->byBBType != BB_TYPE_11A) {
3537 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3538 sFrame.len += (1) + WLAN_IEHDR_LEN;
3539 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3540 sFrame.pDSParms->len = 1;
3541 sFrame.pDSParms->byCurrChannel = (BYTE)uCurrChannel;
3544 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3546 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3547 sFrame.len += (2) + WLAN_IEHDR_LEN;
3548 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3549 sFrame.pIBSSParms->len = 2;
3550 sFrame.pIBSSParms->wATIMWindow = 0;
3552 if (pDevice->byBBType == BB_TYPE_11G) {
3553 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3554 sFrame.len += 1 + WLAN_IEHDR_LEN;
3555 sFrame.pERP->byElementID = WLAN_EID_ERP;
3556 sFrame.pERP->len = 1;
3557 sFrame.pERP->byContext = 0;
3558 if (pDevice->bProtectMode == TRUE)
3559 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3560 if (pDevice->bNonERPPresent == TRUE)
3561 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3562 if (pDevice->bBarkerPreambleMd == TRUE)
3563 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3566 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3567 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3568 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3569 MEMvCopy(sFrame.pExtSuppRates,
3571 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3575 // hostapd wpa/wpa2 IE
3576 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnableHostapd == TRUE)) {
3577 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3578 if (pMgmt->wWPAIELen != 0) {
3579 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3580 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3581 sFrame.len += pMgmt->wWPAIELen;
3586 // Adjust the length fields
3587 pTxPacket->cbMPDULen = sFrame.len;
3588 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3597 * Routine Description:
3598 * Constructs an association request frame
3602 * A ptr to frame or NULL on allocation failue
3608 s_MgrMakeAssocRequest(
3609 IN PSDevice pDevice,
3610 IN PSMgmtObject pMgmt,
3612 IN WORD wCurrCapInfo,
3613 IN WORD wListenInterval,
3614 IN PWLAN_IE_SSID pCurrSSID,
3615 IN PWLAN_IE_SUPP_RATES pCurrRates,
3616 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3619 PSTxMgmtPacket pTxPacket = NULL;
3620 WLAN_FR_ASSOCREQ sFrame;
3625 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3626 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3627 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3628 // Setup the sFrame structure.
3629 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3630 sFrame.len = WLAN_ASSOCREQ_FR_MAXLEN;
3631 // format fixed field frame structure
3632 vMgrEncodeAssocRequest(&sFrame);
3634 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3636 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3637 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCREQ)
3639 memcpy( sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3640 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3641 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3643 // Set the capibility and listen interval
3644 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3645 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3647 // sFrame.len point to end of fixed field
3648 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3649 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3650 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3652 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3653 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3654 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3655 MEMvCopy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3656 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3658 // Copy the rate set
3659 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3660 if ((pDevice->byBBType == BB_TYPE_11B) && (pCurrRates->len > 4))
3661 sFrame.len += 4 + WLAN_IEHDR_LEN;
3663 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3664 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3666 // Copy the extension rate set
3667 if ((pDevice->byBBType == BB_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3668 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3669 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3670 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3673 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3674 MEMvCopy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3675 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3678 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3679 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3680 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3681 (pMgmt->pCurrBSS != NULL)) {
3683 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3684 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3685 sFrame.pRSNWPA->len = 16;
3686 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3687 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3688 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3689 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3690 sFrame.pRSNWPA->wVersion = 1;
3691 //Group Key Cipher Suite
3692 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3693 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3694 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3695 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3696 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3697 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3698 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3699 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3700 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3702 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3704 // Pairwise Key Cipher Suite
3705 sFrame.pRSNWPA->wPKCount = 1;
3706 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3707 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3708 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3709 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3710 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3711 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3712 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3714 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3716 // Auth Key Management Suite
3717 pbyRSN = (PBYTE)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3724 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) {
3725 *pbyRSN++=WPA_AUTH_PSK;
3727 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA) {
3728 *pbyRSN++=WPA_AUTH_IEEE802_1X;
3734 sFrame.pRSNWPA->len +=6;
3740 sFrame.pRSNWPA->len +=2;
3742 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3743 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3744 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3745 MEMvCopy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3746 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3748 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3749 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3750 (pMgmt->pCurrBSS != NULL)) {
3755 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3756 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3757 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3758 sFrame.pRSN->wVersion = 1;
3759 //Group Key Cipher Suite
3760 sFrame.pRSN->abyRSN[0] = 0x00;
3761 sFrame.pRSN->abyRSN[1] = 0x0F;
3762 sFrame.pRSN->abyRSN[2] = 0xAC;
3763 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3764 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3765 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3766 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3767 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3768 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3770 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3773 // Pairwise Key Cipher Suite
3774 sFrame.pRSN->abyRSN[4] = 1;
3775 sFrame.pRSN->abyRSN[5] = 0;
3776 sFrame.pRSN->abyRSN[6] = 0x00;
3777 sFrame.pRSN->abyRSN[7] = 0x0F;
3778 sFrame.pRSN->abyRSN[8] = 0xAC;
3779 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3780 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3781 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3782 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3783 } else if (pMgmt->byCSSPK == KEY_CTL_NONE) {
3784 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3786 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3788 sFrame.pRSN->len += 6;
3790 // Auth Key Management Suite
3791 sFrame.pRSN->abyRSN[10] = 1;
3792 sFrame.pRSN->abyRSN[11] = 0;
3793 sFrame.pRSN->abyRSN[12] = 0x00;
3794 sFrame.pRSN->abyRSN[13] = 0x0F;
3795 sFrame.pRSN->abyRSN[14] = 0xAC;
3796 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK) {
3797 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3798 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
3799 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3801 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3803 sFrame.pRSN->len +=6;
3806 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist == TRUE) {
3807 MEMvCopy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3809 sFrame.pRSN->abyRSN[16] = 0;
3810 sFrame.pRSN->abyRSN[17] = 0;
3812 sFrame.pRSN->len +=2;
3814 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && (pDevice->bRoaming == TRUE) && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3816 pbyRSN = &sFrame.pRSN->abyRSN[18];
3817 pwPMKID = (PWORD)pbyRSN; // Point to PMKID count
3818 *pwPMKID = 0; // Initialize PMKID count
3819 pbyRSN += 2; // Point to PMKID list
3820 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3821 if (MEMEqualMemory(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, U_ETHER_ADDR_LEN)) {
3823 MEMvCopy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
3827 if (*pwPMKID != 0) {
3828 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
3832 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3833 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3834 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3835 MEMvCopy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3836 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3840 // Adjust the length fields
3841 pTxPacket->cbMPDULen = sFrame.len;
3842 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3855 * Routine Description:
3856 * Constructs an re-association request frame
3860 * A ptr to frame or NULL on allocation failue
3866 s_MgrMakeReAssocRequest(
3867 IN PSDevice pDevice,
3868 IN PSMgmtObject pMgmt,
3870 IN WORD wCurrCapInfo,
3871 IN WORD wListenInterval,
3872 IN PWLAN_IE_SSID pCurrSSID,
3873 IN PWLAN_IE_SUPP_RATES pCurrRates,
3874 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3877 PSTxMgmtPacket pTxPacket = NULL;
3878 WLAN_FR_REASSOCREQ sFrame;
3883 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3884 memset( pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_REASSOCREQ_FR_MAXLEN);
3885 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3886 /* Setup the sFrame structure. */
3887 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3888 sFrame.len = WLAN_REASSOCREQ_FR_MAXLEN;
3890 // format fixed field frame structure
3891 vMgrEncodeReassocRequest(&sFrame);
3893 /* Setup the header */
3894 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3896 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3897 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCREQ)
3899 memcpy( sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3900 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3901 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3903 /* Set the capibility and listen interval */
3904 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3905 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3907 memcpy(sFrame.pAddrCurrAP, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3909 /* sFrame.len point to end of fixed field */
3910 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3911 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3912 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3914 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3915 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3916 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3917 MEMvCopy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3918 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3920 /* Copy the rate set */
3921 /* sFrame.len point to end of SSID */
3922 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3923 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3924 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3926 // Copy the extension rate set
3927 if ((pMgmt->eCurrentPHYMode == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3928 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3929 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3930 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3933 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3934 MEMvCopy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3935 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3937 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3938 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3939 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3940 (pMgmt->pCurrBSS != NULL)) {
3942 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3943 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3944 sFrame.pRSNWPA->len = 16;
3945 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3946 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3947 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3948 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3949 sFrame.pRSNWPA->wVersion = 1;
3950 //Group Key Cipher Suite
3951 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3952 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3953 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3954 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3955 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3956 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3957 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3958 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3959 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3961 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3963 // Pairwise Key Cipher Suite
3964 sFrame.pRSNWPA->wPKCount = 1;
3965 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3966 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3967 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3968 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3969 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3970 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3971 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3973 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3975 // Auth Key Management Suite
3976 pbyRSN = (PBYTE)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3983 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) {
3984 *pbyRSN++=WPA_AUTH_PSK;
3985 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA) {
3986 *pbyRSN++=WPA_AUTH_IEEE802_1X;
3991 sFrame.pRSNWPA->len +=6;
3996 sFrame.pRSNWPA->len +=2;
3998 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3999 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
4000 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
4001 MEMvCopy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
4002 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
4004 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
4005 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
4006 (pMgmt->pCurrBSS != NULL)) {
4011 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
4012 sFrame.pRSN->byElementID = WLAN_EID_RSN;
4013 sFrame.pRSN->len = 6; //Version(2)+GK(4)
4014 sFrame.pRSN->wVersion = 1;
4015 //Group Key Cipher Suite
4016 sFrame.pRSN->abyRSN[0] = 0x00;
4017 sFrame.pRSN->abyRSN[1] = 0x0F;
4018 sFrame.pRSN->abyRSN[2] = 0xAC;
4019 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
4020 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
4021 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
4022 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
4023 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
4024 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
4026 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
4029 // Pairwise Key Cipher Suite
4030 sFrame.pRSN->abyRSN[4] = 1;
4031 sFrame.pRSN->abyRSN[5] = 0;
4032 sFrame.pRSN->abyRSN[6] = 0x00;
4033 sFrame.pRSN->abyRSN[7] = 0x0F;
4034 sFrame.pRSN->abyRSN[8] = 0xAC;
4035 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
4036 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
4037 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
4038 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
4039 } else if (pMgmt->byCSSPK == KEY_CTL_NONE) {
4040 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
4042 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
4044 sFrame.pRSN->len += 6;
4046 // Auth Key Management Suite
4047 sFrame.pRSN->abyRSN[10] = 1;
4048 sFrame.pRSN->abyRSN[11] = 0;
4049 sFrame.pRSN->abyRSN[12] = 0x00;
4050 sFrame.pRSN->abyRSN[13] = 0x0F;
4051 sFrame.pRSN->abyRSN[14] = 0xAC;
4052 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK) {
4053 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
4054 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
4055 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
4057 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
4059 sFrame.pRSN->len +=6;
4062 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist == TRUE) {
4063 MEMvCopy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
4065 sFrame.pRSN->abyRSN[16] = 0;
4066 sFrame.pRSN->abyRSN[17] = 0;
4068 sFrame.pRSN->len +=2;
4070 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && (pDevice->bRoaming == TRUE) && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
4072 pbyRSN = &sFrame.pRSN->abyRSN[18];
4073 pwPMKID = (PWORD)pbyRSN; // Point to PMKID count
4074 *pwPMKID = 0; // Initialize PMKID count
4075 pbyRSN += 2; // Point to PMKID list
4076 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
4077 if (MEMEqualMemory(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, U_ETHER_ADDR_LEN)) {
4079 MEMvCopy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
4083 if (*pwPMKID != 0) {
4084 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
4088 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
4089 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
4090 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
4091 MEMvCopy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
4092 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
4097 /* Adjust the length fields */
4098 pTxPacket->cbMPDULen = sFrame.len;
4099 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
4108 * Routine Description:
4109 * Constructs an assoc-response frame
4113 * PTR to frame; or NULL on allocation failue
4119 s_MgrMakeAssocResponse(
4120 IN PSDevice pDevice,
4121 IN PSMgmtObject pMgmt,
4122 IN WORD wCurrCapInfo,
4123 IN WORD wAssocStatus,
4126 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
4127 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
4130 PSTxMgmtPacket pTxPacket = NULL;
4131 WLAN_FR_ASSOCRESP sFrame;
4134 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
4135 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
4136 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
4137 // Setup the sFrame structure
4138 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
4139 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
4140 vMgrEncodeAssocResponse(&sFrame);
4142 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
4144 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
4145 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCRESP)
4147 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
4148 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
4149 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
4151 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
4152 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
4153 *sFrame.pwAid = cpu_to_le16((WORD)(wAssocAID | BIT14 | BIT15));
4155 // Copy the rate set
4156 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4157 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
4158 memcpy(sFrame.pSuppRates,
4160 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
4163 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
4164 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4165 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
4166 MEMvCopy(sFrame.pExtSuppRates,
4168 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
4172 // Adjust the length fields
4173 pTxPacket->cbMPDULen = sFrame.len;
4174 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
4182 * Routine Description:
4183 * Constructs an reassoc-response frame
4187 * PTR to frame; or NULL on allocation failue
4193 s_MgrMakeReAssocResponse(
4194 IN PSDevice pDevice,
4195 IN PSMgmtObject pMgmt,
4196 IN WORD wCurrCapInfo,
4197 IN WORD wAssocStatus,
4200 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
4201 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
4204 PSTxMgmtPacket pTxPacket = NULL;
4205 WLAN_FR_REASSOCRESP sFrame;
4208 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
4209 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
4210 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
4211 // Setup the sFrame structure
4212 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
4213 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
4214 vMgrEncodeReassocResponse(&sFrame);
4216 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
4218 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
4219 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCRESP)
4221 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
4222 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
4223 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
4225 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
4226 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
4227 *sFrame.pwAid = cpu_to_le16((WORD)(wAssocAID | BIT14 | BIT15));
4229 // Copy the rate set
4230 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4231 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
4232 memcpy(sFrame.pSuppRates,
4234 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
4237 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
4238 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4239 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
4240 MEMvCopy(sFrame.pExtSuppRates,
4242 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
4246 // Adjust the length fields
4247 pTxPacket->cbMPDULen = sFrame.len;
4248 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
4256 * Routine Description:
4257 * Handles probe response management frames.
4267 s_vMgrRxProbeResponse(
4268 IN PSDevice pDevice,
4269 IN PSMgmtObject pMgmt,
4270 IN PSRxMgmtPacket pRxPacket
4273 PKnownBSS pBSSList = NULL;
4274 WLAN_FR_PROBERESP sFrame;
4275 BYTE byCurrChannel = pRxPacket->byRxChannel;
4277 BOOL bChannelHit = TRUE;
4280 memset(&sFrame, 0, sizeof(WLAN_FR_PROBERESP));
4282 sFrame.len = pRxPacket->cbMPDULen;
4283 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
4284 vMgrDecodeProbeResponse(&sFrame);
4286 if ((sFrame.pqwTimestamp == 0) ||
4287 (sFrame.pwBeaconInterval == 0) ||
4288 (sFrame.pwCapInfo == 0) ||
4289 (sFrame.pSSID == 0) ||
4290 (sFrame.pSuppRates == 0)) {
4291 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe resp:Fail addr:[%p] \n", pRxPacket->p80211Header);
4296 if(sFrame.pSSID->len == 0)
4297 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx Probe resp: SSID len = 0 \n");
4300 //{{ RobertYu:20050201, 11a byCurrChannel != sFrame.pDSParms->byCurrChannel mapping
4301 if( byCurrChannel > CB_MAX_CHANNEL_24G )
4303 if (sFrame.pDSParms != 0) {
4304 if (byCurrChannel == RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1])
4306 byCurrChannel = RFaby11aChannelIndex[sFrame.pDSParms->byCurrChannel-1];
4312 if (sFrame.pDSParms != 0) {
4313 if (byCurrChannel == sFrame.pDSParms->byCurrChannel)
4315 byCurrChannel = sFrame.pDSParms->byCurrChannel;
4322 //2008-0730-01<Add>by MikeLiu
4323 if(ChannelExceedZoneType(pDevice,byCurrChannel)==TRUE)
4326 if (sFrame.pERP != NULL) {
4327 sERP.byERP = sFrame.pERP->byContext;
4328 sERP.bERPExist = TRUE;
4330 sERP.bERPExist = FALSE;
4335 // update or insert the bss
4336 pBSSList = BSSpAddrIsInBSSList((HANDLE)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
4338 BSSbUpdateToBSSList((HANDLE)pDevice,
4339 *sFrame.pqwTimestamp,
4340 *sFrame.pwBeaconInterval,
4346 sFrame.pExtSuppRates,
4353 sFrame.len - WLAN_HDR_ADDR3_LEN,
4354 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
4359 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Probe resp/insert: RxChannel = : %d\n", byCurrChannel);
4360 BSSbInsertToBSSList((HANDLE)pDevice,
4361 sFrame.pHdr->sA3.abyAddr3,
4362 *sFrame.pqwTimestamp,
4363 *sFrame.pwBeaconInterval,
4368 sFrame.pExtSuppRates,
4374 sFrame.len - WLAN_HDR_ADDR3_LEN,
4375 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
4385 * Routine Description:(AP)or(Ad-hoc STA)
4386 * Handles probe request management frames.
4397 s_vMgrRxProbeRequest(
4398 IN PSDevice pDevice,
4399 IN PSMgmtObject pMgmt,
4400 IN PSRxMgmtPacket pRxPacket
4403 WLAN_FR_PROBEREQ sFrame;
4405 PSTxMgmtPacket pTxPacket;
4406 BYTE byPHYType = BB_TYPE_11B;
4408 // STA in Ad-hoc mode: when latest TBTT beacon transmit success,
4409 // STA have to response this request.
4410 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) ||
4411 ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && pDevice->bBeaconSent)) {
4413 memset(&sFrame, 0, sizeof(WLAN_FR_PROBEREQ));
4415 sFrame.len = pRxPacket->cbMPDULen;
4416 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
4417 vMgrDecodeProbeRequest(&sFrame);
4419 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe request rx:MAC addr:%02x-%02x-%02x=%02x-%02x-%02x \n",
4420 sFrame.pHdr->sA3.abyAddr2[0],
4421 sFrame.pHdr->sA3.abyAddr2[1],
4422 sFrame.pHdr->sA3.abyAddr2[2],
4423 sFrame.pHdr->sA3.abyAddr2[3],
4424 sFrame.pHdr->sA3.abyAddr2[4],
4425 sFrame.pHdr->sA3.abyAddr2[5]
4428 if (sFrame.pSSID->len != 0) {
4429 if (sFrame.pSSID->len != ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len)
4431 if (memcmp(sFrame.pSSID->abySSID,
4432 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
4433 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) != 0) {
4438 if ((sFrame.pSuppRates->len > 4) || (sFrame.pExtSuppRates != NULL)) {
4439 byPHYType = BB_TYPE_11G;
4442 // Probe response reply..
4443 pTxPacket = s_MgrMakeProbeResponse
4447 pMgmt->wCurrCapInfo,
4448 pMgmt->wCurrBeaconPeriod,
4449 pMgmt->uCurrChannel,
4451 sFrame.pHdr->sA3.abyAddr2,
4452 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4453 (PBYTE)pMgmt->abyCurrBSSID,
4454 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4455 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
4458 if (pTxPacket != NULL ){
4459 /* send the frame */
4460 Status = csMgmt_xmit(pDevice, pTxPacket);
4461 if (Status != CMD_STATUS_PENDING) {
4462 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Probe response tx failed\n");
4465 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Probe response tx sending..\n");
4479 * Routine Description:
4481 * Entry point for the reception and handling of 802.11 management
4482 * frames. Makes a determination of the frame type and then calls
4483 * the appropriate function.
4494 IN HANDLE hDeviceContext,
4495 IN PSMgmtObject pMgmt,
4496 IN PSRxMgmtPacket pRxPacket
4499 PSDevice pDevice = (PSDevice)hDeviceContext;
4500 BOOL bInScan = FALSE;
4501 UINT uNodeIndex = 0;
4502 NODE_STATE eNodeState = 0;
4506 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
4507 if (BSSbIsSTAInNodeDB(pDevice, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
4508 eNodeState = pMgmt->sNodeDBTable[uNodeIndex].eNodeState;
4511 switch( WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) ){
4513 case WLAN_FSTYPE_ASSOCREQ:
4515 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocreq\n");
4516 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) &&
4517 (eNodeState < NODE_AUTH)) {
4518 // send deauth notification
4519 // reason = (6) class 2 received from nonauth sta
4520 vMgrDeAuthenBeginSta(pDevice,
4522 pRxPacket->p80211Header->sA3.abyAddr2,
4526 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 1\n");
4529 s_vMgrRxAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4533 case WLAN_FSTYPE_ASSOCRESP:
4535 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp1\n");
4536 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, FALSE);
4537 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp2\n");
4540 case WLAN_FSTYPE_REASSOCREQ:
4542 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocreq\n");
4544 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) &&
4545 (eNodeState < NODE_AUTH)) {
4546 // send deauth notification
4547 // reason = (6) class 2 received from nonauth sta
4548 vMgrDeAuthenBeginSta(pDevice,
4550 pRxPacket->p80211Header->sA3.abyAddr2,
4554 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 2\n");
4557 s_vMgrRxReAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4560 case WLAN_FSTYPE_REASSOCRESP:
4562 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocresp\n");
4563 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, TRUE);
4566 case WLAN_FSTYPE_PROBEREQ:
4568 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx probereq\n");
4569 s_vMgrRxProbeRequest(pDevice, pMgmt, pRxPacket);
4572 case WLAN_FSTYPE_PROBERESP:
4574 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx proberesp\n");
4576 s_vMgrRxProbeResponse(pDevice, pMgmt, pRxPacket);
4579 case WLAN_FSTYPE_BEACON:
4581 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx beacon\n");
4582 if (pMgmt->eScanState != WMAC_NO_SCANNING) {
4585 s_vMgrRxBeacon(pDevice, pMgmt, pRxPacket, bInScan);
4588 case WLAN_FSTYPE_ATIM:
4590 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx atim\n");
4593 case WLAN_FSTYPE_DISASSOC:
4595 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx disassoc\n");
4596 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) &&
4597 (eNodeState < NODE_AUTH)) {
4598 // send deauth notification
4599 // reason = (6) class 2 received from nonauth sta
4600 vMgrDeAuthenBeginSta(pDevice,
4602 pRxPacket->p80211Header->sA3.abyAddr2,
4606 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 3\n");
4608 s_vMgrRxDisassociation(pDevice, pMgmt, pRxPacket);
4611 case WLAN_FSTYPE_AUTHEN:
4613 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx authen\n");
4614 s_vMgrRxAuthentication(pDevice, pMgmt, pRxPacket);
4617 case WLAN_FSTYPE_DEAUTHEN:
4619 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx deauthen\n");
4620 s_vMgrRxDeauthentication(pDevice, pMgmt, pRxPacket);
4624 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx unknown mgmt\n");
4635 * Routine Description:
4638 * Prepare beacon to send
4641 * TRUE if success; FALSE if failed.
4645 bMgrPrepareBeaconToSend(
4646 IN HANDLE hDeviceContext,
4647 IN PSMgmtObject pMgmt
4650 PSDevice pDevice = (PSDevice)hDeviceContext;
4651 PSTxMgmtPacket pTxPacket;
4653 // pDevice->bBeaconBufReady = FALSE;
4654 if (pDevice->bEncryptionEnable || pDevice->bEnable8021x){
4655 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
4658 pMgmt->wCurrCapInfo &= ~WLAN_SET_CAP_INFO_PRIVACY(1);
4660 pTxPacket = s_MgrMakeBeacon
4664 pMgmt->wCurrCapInfo,
4665 pMgmt->wCurrBeaconPeriod,
4666 pMgmt->uCurrChannel,
4667 pMgmt->wCurrATIMWindow, //0,
4668 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4669 (PBYTE)pMgmt->abyCurrBSSID,
4670 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4671 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
4674 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) &&
4675 (pMgmt->abyCurrBSSID[0] == 0))
4678 csBeacon_xmit(pDevice, pTxPacket);
4679 MACvRegBitsOn(pDevice, MAC_REG_TCR, TCR_AUTOBCNTX);
4689 * Routine Description:
4691 * Log a warning message based on the contents of the Status
4692 * Code field of an 802.11 management frame. Defines are
4693 * derived from 802.11-1997 SPEC.
4702 IN PSMgmtObject pMgmt,
4707 case WLAN_MGMT_STATUS_UNSPEC_FAILURE:
4708 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Unspecified error.\n");
4710 case WLAN_MGMT_STATUS_CAPS_UNSUPPORTED:
4711 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Can't support all requested capabilities.\n");
4713 case WLAN_MGMT_STATUS_REASSOC_NO_ASSOC:
4714 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Reassoc denied, can't confirm original Association.\n");
4716 case WLAN_MGMT_STATUS_ASSOC_DENIED_UNSPEC:
4717 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, undefine in spec\n");
4719 case WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG:
4720 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Peer doesn't support authen algorithm.\n");
4722 case WLAN_MGMT_STATUS_RX_AUTH_NOSEQ:
4723 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen frame received out of sequence.\n");
4725 case WLAN_MGMT_STATUS_CHALLENGE_FAIL:
4726 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, challenge failure.\n");
4728 case WLAN_MGMT_STATUS_AUTH_TIMEOUT:
4729 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, timeout waiting for next frame.\n");
4731 case WLAN_MGMT_STATUS_ASSOC_DENIED_BUSY:
4732 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, AP too busy.\n");
4734 case WLAN_MGMT_STATUS_ASSOC_DENIED_RATES:
4735 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we haven't enough basic rates.\n");
4737 case WLAN_MGMT_STATUS_ASSOC_DENIED_SHORTPREAMBLE:
4738 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support short preamble.\n");
4740 case WLAN_MGMT_STATUS_ASSOC_DENIED_PBCC:
4741 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support PBCC.\n");
4743 case WLAN_MGMT_STATUS_ASSOC_DENIED_AGILITY:
4744 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support channel agility.\n");
4747 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Unknown status code %d.\n", wStatus);
4756 * Add BSSID in PMKID Candidate list.
4760 * hDeviceContext - device structure point
4761 * pbyBSSID - BSSID address for adding
4762 * wRSNCap - BSS's RSN capability
4766 * Return Value: none.
4770 bAdd_PMKID_Candidate (
4771 IN HANDLE hDeviceContext,
4773 IN PSRSNCapObject psRSNCapObj
4776 PSDevice pDevice = (PSDevice)hDeviceContext;
4777 PPMKID_CANDIDATE pCandidateList;
4780 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"bAdd_PMKID_Candidate START: (%d)\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4782 if ((pDevice == NULL) || (pbyBSSID == NULL) || (psRSNCapObj == NULL))
4785 if (pDevice->gsPMKIDCandidate.NumCandidates >= MAX_PMKIDLIST)
4790 // Update Old Candidate
4791 for (ii = 0; ii < pDevice->gsPMKIDCandidate.NumCandidates; ii++) {
4792 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[ii];
4793 if (MEMEqualMemory(pCandidateList->BSSID, pbyBSSID, U_ETHER_ADDR_LEN)) {
4794 if ((psRSNCapObj->bRSNCapExist == TRUE) && (psRSNCapObj->wRSNCap & BIT0)) {
4795 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4797 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4804 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[pDevice->gsPMKIDCandidate.NumCandidates];
4805 if ((psRSNCapObj->bRSNCapExist == TRUE) && (psRSNCapObj->wRSNCap & BIT0)) {
4806 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4808 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4810 MEMvCopy(pCandidateList->BSSID, pbyBSSID, U_ETHER_ADDR_LEN);
4811 pDevice->gsPMKIDCandidate.NumCandidates++;
4812 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"NumCandidates:%d\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4819 * Flush PMKID Candidate list.
4823 * hDeviceContext - device structure point
4827 * Return Value: none.
4831 vFlush_PMKID_Candidate (
4832 IN HANDLE hDeviceContext
4835 PSDevice pDevice = (PSDevice)hDeviceContext;
4837 if (pDevice == NULL)
4840 ZERO_MEMORY(&pDevice->gsPMKIDCandidate, sizeof(SPMKIDCandidateEvent));
4845 IN PKnownBSS pBSSNode,
4846 IN NDIS_802_11_ENCRYPTION_STATUS EncStatus,
4851 BYTE byMulticastCipher = KEY_CTL_INVALID;
4852 BYTE byCipherMask = 0x00;
4855 if (pBSSNode == NULL)
4858 // check cap. of BSS
4859 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4860 (EncStatus == Ndis802_11Encryption1Enabled)) {
4861 // default is WEP only
4862 byMulticastCipher = KEY_CTL_WEP;
4865 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4866 (pBSSNode->bWPA2Valid == TRUE) &&
4867 //20080123-01,<Add> by Einsn Liu
4868 ((EncStatus == Ndis802_11Encryption3Enabled)||(EncStatus == Ndis802_11Encryption2Enabled))) {
4870 // check Group Key Cipher
4871 if ((pBSSNode->byCSSGK == WLAN_11i_CSS_WEP40) ||
4872 (pBSSNode->byCSSGK == WLAN_11i_CSS_WEP104)) {
4873 byMulticastCipher = KEY_CTL_WEP;
4874 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_TKIP) {
4875 byMulticastCipher = KEY_CTL_TKIP;
4876 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_CCMP) {
4877 byMulticastCipher = KEY_CTL_CCMP;
4879 byMulticastCipher = KEY_CTL_INVALID;
4882 // check Pairwise Key Cipher
4883 for(i=0;i<pBSSNode->wCSSPKCount;i++) {
4884 if ((pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP40) ||
4885 (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP104)) {
4886 // this should not happen as defined 802.11i
4887 byCipherMask |= 0x01;
4888 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_TKIP) {
4889 byCipherMask |= 0x02;
4890 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_CCMP) {
4891 byCipherMask |= 0x04;
4892 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_USE_GROUP) {
4893 // use group key only ignore all others
4895 i = pBSSNode->wCSSPKCount;
4899 } else if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4900 (pBSSNode->bWPAValid == TRUE) &&
4901 ((EncStatus == Ndis802_11Encryption2Enabled) || (EncStatus == Ndis802_11Encryption3Enabled))) {
4903 // check Group Key Cipher
4904 if ((pBSSNode->byGKType == WPA_WEP40) ||
4905 (pBSSNode->byGKType == WPA_WEP104)) {
4906 byMulticastCipher = KEY_CTL_WEP;
4907 } else if (pBSSNode->byGKType == WPA_TKIP) {
4908 byMulticastCipher = KEY_CTL_TKIP;
4909 } else if (pBSSNode->byGKType == WPA_AESCCMP) {
4910 byMulticastCipher = KEY_CTL_CCMP;
4912 byMulticastCipher = KEY_CTL_INVALID;
4915 // check Pairwise Key Cipher
4916 for(i=0;i<pBSSNode->wPKCount;i++) {
4917 if (pBSSNode->abyPKType[i] == WPA_TKIP) {
4918 byCipherMask |= 0x02;
4919 } else if (pBSSNode->abyPKType[i] == WPA_AESCCMP) {
4920 byCipherMask |= 0x04;
4921 } else if (pBSSNode->abyPKType[i] == WPA_NONE) {
4922 // use group key only ignore all others
4924 i = pBSSNode->wPKCount;
4929 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"%d, %d, %d, %d, EncStatus:%d\n",
4930 byMulticastCipher, byCipherMask, pBSSNode->bWPAValid, pBSSNode->bWPA2Valid, EncStatus);
4932 // mask our cap. with BSS
4933 if (EncStatus == Ndis802_11Encryption1Enabled) {
4935 // For supporting Cisco migration mode, don't care pairwise key cipher
4936 //if ((byMulticastCipher == KEY_CTL_WEP) &&
4937 // (byCipherMask == 0)) {
4938 if ((byMulticastCipher == KEY_CTL_WEP) &&
4939 (byCipherMask == 0)) {
4940 *pbyCCSGK = KEY_CTL_WEP;
4941 *pbyCCSPK = KEY_CTL_NONE;
4947 } else if (EncStatus == Ndis802_11Encryption2Enabled) {
4948 if ((byMulticastCipher == KEY_CTL_TKIP) &&
4949 (byCipherMask == 0)) {
4950 *pbyCCSGK = KEY_CTL_TKIP;
4951 *pbyCCSPK = KEY_CTL_NONE;
4953 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4954 ((byCipherMask & 0x02) != 0)) {
4955 *pbyCCSGK = KEY_CTL_WEP;
4956 *pbyCCSPK = KEY_CTL_TKIP;
4958 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4959 ((byCipherMask & 0x02) != 0)) {
4960 *pbyCCSGK = KEY_CTL_TKIP;
4961 *pbyCCSPK = KEY_CTL_TKIP;
4966 } else if (EncStatus == Ndis802_11Encryption3Enabled) {
4967 if ((byMulticastCipher == KEY_CTL_CCMP) &&
4968 (byCipherMask == 0)) {
4969 // When CCMP is enable, "Use group cipher suite" shall not be a valid option.
4971 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4972 ((byCipherMask & 0x04) != 0)) {
4973 *pbyCCSGK = KEY_CTL_WEP;
4974 *pbyCCSPK = KEY_CTL_CCMP;
4976 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4977 ((byCipherMask & 0x04) != 0)) {
4978 *pbyCCSGK = KEY_CTL_TKIP;
4979 *pbyCCSPK = KEY_CTL_CCMP;
4981 } else if ((byMulticastCipher == KEY_CTL_CCMP) &&
4982 ((byCipherMask & 0x04) != 0)) {
4983 *pbyCCSGK = KEY_CTL_CCMP;
4984 *pbyCCSPK = KEY_CTL_CCMP;