search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drm/i915: Avoid NULL dereference with component_only tv_modes
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / drivers / staging / rt2860 / sta / assoc.c
blob1a587153c75ea5055eed4cf55eb0811f9983c892
1 /*
2 *************************************************************************
3 * Ralink Tech Inc.
4 * 5F., No.36, Taiyuan St., Jhubei City,
5 * Hsinchu County 302,
6 * Taiwan, R.O.C.
7 *
8 * (c) Copyright 2002-2007, Ralink Technology, Inc.
9 *
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
14 * *
15 * This program is distributed in the hope that it will be useful, *
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
18 * GNU General Public License for more details. *
19 * *
20 * You should have received a copy of the GNU General Public License *
21 * along with this program; if not, write to the *
22 * Free Software Foundation, Inc., *
23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
24 * *
25 *************************************************************************
26
27 Module Name:
28 assoc.c
29
30 Abstract:
31
32 Revision History:
33 Who When What
34 -------- ---------- ----------------------------------------------
35 John 2004-9-3 porting from RT2500
36 */
37 #include "../rt_config.h"
38
39 UCHAR CipherWpaTemplate[] = {
40 0xdd, // WPA IE
41 0x16, // Length
42 0x00, 0x50, 0xf2, 0x01, // oui
43 0x01, 0x00, // Version
44 0x00, 0x50, 0xf2, 0x02, // Multicast
45 0x01, 0x00, // Number of unicast
46 0x00, 0x50, 0xf2, 0x02, // unicast
47 0x01, 0x00, // number of authentication method
48 0x00, 0x50, 0xf2, 0x01 // authentication
49 };
50
51 UCHAR CipherWpa2Template[] = {
52 0x30, // RSN IE
53 0x14, // Length
54 0x01, 0x00, // Version
55 0x00, 0x0f, 0xac, 0x02, // group cipher, TKIP
56 0x01, 0x00, // number of pairwise
57 0x00, 0x0f, 0xac, 0x02, // unicast
58 0x01, 0x00, // number of authentication method
59 0x00, 0x0f, 0xac, 0x02, // authentication
60 0x00, 0x00, // RSN capability
61 };
62
63 UCHAR Ccx2IeInfo[] = { 0x00, 0x40, 0x96, 0x03, 0x02};
64
65 /*
66 ==========================================================================
67 Description:
68 association state machine init, including state transition and timer init
69 Parameters:
70 S - pointer to the association state machine
71
72 IRQL = PASSIVE_LEVEL
73
74 ==========================================================================
75 */
76 VOID AssocStateMachineInit(
77 IN PRTMP_ADAPTER pAd,
78 IN STATE_MACHINE *S,
79 OUT STATE_MACHINE_FUNC Trans[])
80 {
81 StateMachineInit(S, Trans, MAX_ASSOC_STATE, MAX_ASSOC_MSG, (STATE_MACHINE_FUNC)Drop, ASSOC_IDLE, ASSOC_MACHINE_BASE);
82
83 // first column
84 StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)MlmeAssocReqAction);
85 StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)MlmeReassocReqAction);
86 StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)MlmeDisassocReqAction);
87 StateMachineSetAction(S, ASSOC_IDLE, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
88
89 // second column
90 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc);
91 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc);
92 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate);
93 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
94 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_ASSOC_RSP, (STATE_MACHINE_FUNC)PeerAssocRspAction);
95 //
96 // Patch 3Com AP MOde:3CRWE454G72
97 // We send Assoc request frame to this AP, it always send Reassoc Rsp not Associate Rsp.
98 //
99 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_REASSOC_RSP, (STATE_MACHINE_FUNC)PeerAssocRspAction);
100 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_ASSOC_TIMEOUT, (STATE_MACHINE_FUNC)AssocTimeoutAction);
101
102 // third column
103 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc);
104 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc);
105 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate);
106 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
107 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_REASSOC_RSP, (STATE_MACHINE_FUNC)PeerReassocRspAction);
108 //
109 // Patch, AP doesn't send Reassociate Rsp frame to Station.
110 //
111 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_ASSOC_RSP, (STATE_MACHINE_FUNC)PeerReassocRspAction);
112 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_REASSOC_TIMEOUT, (STATE_MACHINE_FUNC)ReassocTimeoutAction);
113
114 // fourth column
115 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc);
116 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc);
117 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate);
118 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
119 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_DISASSOC_TIMEOUT, (STATE_MACHINE_FUNC)DisassocTimeoutAction);
120
121 // initialize the timer
122 RTMPInitTimer(pAd, &pAd->MlmeAux.AssocTimer, GET_TIMER_FUNCTION(AssocTimeout), pAd, FALSE);
123 RTMPInitTimer(pAd, &pAd->MlmeAux.ReassocTimer, GET_TIMER_FUNCTION(ReassocTimeout), pAd, FALSE);
124 RTMPInitTimer(pAd, &pAd->MlmeAux.DisassocTimer, GET_TIMER_FUNCTION(DisassocTimeout), pAd, FALSE);
125 }
126
127 /*
128 ==========================================================================
129 Description:
130 Association timeout procedure. After association timeout, this function
131 will be called and it will put a message into the MLME queue
132 Parameters:
133 Standard timer parameters
134
135 IRQL = DISPATCH_LEVEL
136
137 ==========================================================================
138 */
139 VOID AssocTimeout(IN PVOID SystemSpecific1,
140 IN PVOID FunctionContext,
141 IN PVOID SystemSpecific2,
142 IN PVOID SystemSpecific3)
143 {
144 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
145
146 // Do nothing if the driver is starting halt state.
147 // This might happen when timer already been fired before cancel timer with mlmehalt
148 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
149 return;
150
151 MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_ASSOC_TIMEOUT, 0, NULL);
152 RT28XX_MLME_HANDLER(pAd);
153 }
154
155 /*
156 ==========================================================================
157 Description:
158 Reassociation timeout procedure. After reassociation timeout, this
159 function will be called and put a message into the MLME queue
160 Parameters:
161 Standard timer parameters
162
163 IRQL = DISPATCH_LEVEL
164
165 ==========================================================================
166 */
167 VOID ReassocTimeout(IN PVOID SystemSpecific1,
168 IN PVOID FunctionContext,
169 IN PVOID SystemSpecific2,
170 IN PVOID SystemSpecific3)
171 {
172 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
173
174 // Do nothing if the driver is starting halt state.
175 // This might happen when timer already been fired before cancel timer with mlmehalt
176 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
177 return;
178
179 MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_REASSOC_TIMEOUT, 0, NULL);
180 RT28XX_MLME_HANDLER(pAd);
181 }
182
183 /*
184 ==========================================================================
185 Description:
186 Disassociation timeout procedure. After disassociation timeout, this
187 function will be called and put a message into the MLME queue
188 Parameters:
189 Standard timer parameters
190
191 IRQL = DISPATCH_LEVEL
192
193 ==========================================================================
194 */
195 VOID DisassocTimeout(IN PVOID SystemSpecific1,
196 IN PVOID FunctionContext,
197 IN PVOID SystemSpecific2,
198 IN PVOID SystemSpecific3)
199 {
200 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
201
202 // Do nothing if the driver is starting halt state.
203 // This might happen when timer already been fired before cancel timer with mlmehalt
204 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
205 return;
206
207 MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_DISASSOC_TIMEOUT, 0, NULL);
208 RT28XX_MLME_HANDLER(pAd);
209 }
210
211 /*
212 ==========================================================================
213 Description:
214 mlme assoc req handling procedure
215 Parameters:
216 Adapter - Adapter pointer
217 Elem - MLME Queue Element
218 Pre:
219 the station has been authenticated and the following information is stored in the config
220 -# SSID
221 -# supported rates and their length
222 -# listen interval (Adapter->StaCfg.default_listen_count)
223 -# Transmit power (Adapter->StaCfg.tx_power)
224 Post :
225 -# An association request frame is generated and sent to the air
226 -# Association timer starts
227 -# Association state -> ASSOC_WAIT_RSP
228
229 IRQL = DISPATCH_LEVEL
230
231 ==========================================================================
232 */
233 VOID MlmeAssocReqAction(
234 IN PRTMP_ADAPTER pAd,
235 IN MLME_QUEUE_ELEM *Elem)
236 {
237 UCHAR ApAddr[6];
238 HEADER_802_11 AssocHdr;
239 UCHAR Ccx2Len = 5;
240 UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00};
241 USHORT ListenIntv;
242 ULONG Timeout;
243 USHORT CapabilityInfo;
244 BOOLEAN TimerCancelled;
245 PUCHAR pOutBuffer = NULL;
246 NDIS_STATUS NStatus;
247 ULONG FrameLen = 0;
248 ULONG tmp;
249 USHORT VarIesOffset;
250 UCHAR CkipFlag;
251 UCHAR CkipNegotiationBuffer[CKIP_NEGOTIATION_LENGTH];
252 UCHAR AironetCkipIe = IE_AIRONET_CKIP;
253 UCHAR AironetCkipLen = CKIP_NEGOTIATION_LENGTH;
254 UCHAR AironetIPAddressIE = IE_AIRONET_IPADDRESS;
255 UCHAR AironetIPAddressLen = AIRONET_IPADDRESS_LENGTH;
256 UCHAR AironetIPAddressBuffer[AIRONET_IPADDRESS_LENGTH] = {0x00, 0x40, 0x96, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00};
257 USHORT Status;
258
259 // Block all authentication request durning WPA block period
260 if (pAd->StaCfg.bBlockAssoc == TRUE)
261 {
262 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Block Assoc request durning WPA block period!\n"));
263 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
264 Status = MLME_STATE_MACHINE_REJECT;
265 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
266 }
267 // check sanity first
268 else if (MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv))
269 {
270 RTMPCancelTimer(&pAd->MlmeAux.AssocTimer, &TimerCancelled);
271 COPY_MAC_ADDR(pAd->MlmeAux.Bssid, ApAddr);
272
273 // Get an unused nonpaged memory
274 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
275 if (NStatus != NDIS_STATUS_SUCCESS)
276 {
277 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeAssocReqAction() allocate memory failed \n"));
278 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
279 Status = MLME_FAIL_NO_RESOURCE;
280 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
281 return;
282 }
283
284 // Add by James 03/06/27
285 pAd->StaCfg.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
286 // Association don't need to report MAC address
287 pAd->StaCfg.AssocInfo.AvailableRequestFixedIEs =
288 NDIS_802_11_AI_REQFI_CAPABILITIES | NDIS_802_11_AI_REQFI_LISTENINTERVAL;
289 pAd->StaCfg.AssocInfo.RequestFixedIEs.Capabilities = CapabilityInfo;
290 pAd->StaCfg.AssocInfo.RequestFixedIEs.ListenInterval = ListenIntv;
291 // Only reassociate need this
292 //COPY_MAC_ADDR(pAd->StaCfg.AssocInfo.RequestFixedIEs.CurrentAPAddress, ApAddr);
293 pAd->StaCfg.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
294
295 NdisZeroMemory(pAd->StaCfg.ReqVarIEs, MAX_VIE_LEN);
296 // First add SSID
297 VarIesOffset = 0;
298 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &SsidIe, 1);
299 VarIesOffset += 1;
300 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SsidLen, 1);
301 VarIesOffset += 1;
302 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen);
303 VarIesOffset += pAd->MlmeAux.SsidLen;
304
305 // Second add Supported rates
306 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &SupRateIe, 1);
307 VarIesOffset += 1;
308 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SupRateLen, 1);
309 VarIesOffset += 1;
310 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->MlmeAux.SupRate, pAd->MlmeAux.SupRateLen);
311 VarIesOffset += pAd->MlmeAux.SupRateLen;
312 // End Add by James
313
314 if ((pAd->CommonCfg.Channel > 14) &&
315 (pAd->CommonCfg.bIEEE80211H == TRUE))
316 CapabilityInfo |= 0x0100;
317
318 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send ASSOC request...\n"));
319 MgtMacHeaderInit(pAd, &AssocHdr, SUBTYPE_ASSOC_REQ, 0, ApAddr, ApAddr);
320
321 // Build basic frame first
322 MakeOutgoingFrame(pOutBuffer, &FrameLen,
323 sizeof(HEADER_802_11), &AssocHdr,
324 2, &CapabilityInfo,
325 2, &ListenIntv,
326 1, &SsidIe,
327 1, &pAd->MlmeAux.SsidLen,
328 pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid,
329 1, &SupRateIe,
330 1, &pAd->MlmeAux.SupRateLen,
331 pAd->MlmeAux.SupRateLen, pAd->MlmeAux.SupRate,
332 END_OF_ARGS);
333
334 if (pAd->MlmeAux.ExtRateLen != 0)
335 {
336 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
337 1, &ExtRateIe,
338 1, &pAd->MlmeAux.ExtRateLen,
339 pAd->MlmeAux.ExtRateLen, pAd->MlmeAux.ExtRate,
340 END_OF_ARGS);
341 FrameLen += tmp;
342 }
343
344 // HT
345 if ((pAd->MlmeAux.HtCapabilityLen > 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED))
346 {
347 ULONG TmpLen;
348 UCHAR HtLen;
349 UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33};
350 if (pAd->StaActive.SupportedPhyInfo.bPreNHt == TRUE)
351 {
352 HtLen = SIZE_HT_CAP_IE + 4;
353 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
354 1, &WpaIe,
355 1, &HtLen,
356 4, &BROADCOM[0],
357 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
358 END_OF_ARGS);
359 }
360 else
361 {
362 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
363 1, &HtCapIe,
364 1, &pAd->MlmeAux.HtCapabilityLen,
365 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
366 END_OF_ARGS);
367 }
368 FrameLen += TmpLen;
369 }
370
371 // add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION
372 // Case I: (Aggregation + Piggy-Back)
373 // 1. user enable aggregation, AND
374 // 2. Mac support piggy-back
375 // 3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON
376 // Case II: (Aggregation)
377 // 1. user enable aggregation, AND
378 // 2. AP annouces it's AGGREGATION-capable in BEACON
379 if (pAd->CommonCfg.bAggregationCapable)
380 {
381 if ((pAd->CommonCfg.bPiggyBackCapable) && ((pAd->MlmeAux.APRalinkIe & 0x00000003) == 3))
382 {
383 ULONG TmpLen;
384 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00};
385 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
386 9, RalinkIe,
387 END_OF_ARGS);
388 FrameLen += TmpLen;
389 }
390 else if (pAd->MlmeAux.APRalinkIe & 0x00000001)
391 {
392 ULONG TmpLen;
393 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00};
394 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
395 9, RalinkIe,
396 END_OF_ARGS);
397 FrameLen += TmpLen;
398 }
399 }
400 else
401 {
402 ULONG TmpLen;
403 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x06, 0x00, 0x00, 0x00};
404 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
405 9, RalinkIe,
406 END_OF_ARGS);
407 FrameLen += TmpLen;
408 }
409
410 if (pAd->MlmeAux.APEdcaParm.bValid)
411 {
412 if (pAd->CommonCfg.bAPSDCapable && pAd->MlmeAux.APEdcaParm.bAPSDCapable)
413 {
414 QBSS_STA_INFO_PARM QosInfo;
415
416 NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM));
417 QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE;
418 QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK;
419 QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI;
420 QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO;
421 QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength;
422 WmeIe[8] |= *(PUCHAR)&QosInfo;
423 }
424 else
425 {
426 // The Parameter Set Count is set to ¡§0¡¨ in the association request frames
427 // WmeIe[8] |= (pAd->MlmeAux.APEdcaParm.EdcaUpdateCount & 0x0f);
428 }
429
430 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
431 9, &WmeIe[0],
432 END_OF_ARGS);
433 FrameLen += tmp;
434 }
435
436 //
437 // Let WPA(#221) Element ID on the end of this association frame.
438 // Otherwise some AP will fail on parsing Element ID and set status fail on Assoc Rsp.
439 // For example: Put Vendor Specific IE on the front of WPA IE.
440 // This happens on AP (Model No:Linksys WRK54G)
441 //
442 if (((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) ||
443 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) ||
444 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) ||
445 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2)
446 )
447 )
448 {
449 UCHAR RSNIe = IE_WPA;
450
451 if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) ||
452 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2))
453 {
454 RSNIe = IE_WPA2;
455 }
456
457 if (pAd->StaCfg.WpaSupplicantUP != 1)
458 RTMPMakeRSNIE(pAd, pAd->StaCfg.AuthMode, pAd->StaCfg.WepStatus, BSS0);
459
460 // Check for WPA PMK cache list
461 if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2)
462 {
463 INT idx;
464 BOOLEAN FoundPMK = FALSE;
465 // Search chched PMKID, append it if existed
466 for (idx = 0; idx < PMKID_NO; idx++)
467 {
468 if (NdisEqualMemory(ApAddr, &pAd->StaCfg.SavedPMK[idx].BSSID, 6))
469 {
470 FoundPMK = TRUE;
471 break;
472 }
473 }
474
475 if (FoundPMK)
476 {
477 // Set PMK number
478 *(PUSHORT) &pAd->StaCfg.RSN_IE[pAd->StaCfg.RSNIE_Len] = 1;
479 NdisMoveMemory(&pAd->StaCfg.RSN_IE[pAd->StaCfg.RSNIE_Len + 2], &pAd->StaCfg.SavedPMK[idx].PMKID, 16);
480 pAd->StaCfg.RSNIE_Len += 18;
481 }
482 }
483
484 if (pAd->StaCfg.WpaSupplicantUP == 1)
485 {
486 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
487 pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE,
488 END_OF_ARGS);
489 }
490 else
491 {
492 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
493 1, &RSNIe,
494 1, &pAd->StaCfg.RSNIE_Len,
495 pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE,
496 END_OF_ARGS);
497 }
498
499 FrameLen += tmp;
500
501 if (pAd->StaCfg.WpaSupplicantUP != 1)
502 {
503 // Append Variable IE
504 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &RSNIe, 1);
505 VarIesOffset += 1;
506 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->StaCfg.RSNIE_Len, 1);
507 VarIesOffset += 1;
508 }
509 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->StaCfg.RSN_IE, pAd->StaCfg.RSNIE_Len);
510 VarIesOffset += pAd->StaCfg.RSNIE_Len;
511
512 // Set Variable IEs Length
513 pAd->StaCfg.ReqVarIELen = VarIesOffset;
514 }
515
516 // We have update that at PeerBeaconAtJoinRequest()
517 CkipFlag = pAd->StaCfg.CkipFlag;
518 if (CkipFlag != 0)
519 {
520 NdisZeroMemory(CkipNegotiationBuffer, CKIP_NEGOTIATION_LENGTH);
521 CkipNegotiationBuffer[2] = 0x66;
522 // Make it try KP & MIC, since we have to follow the result from AssocRsp
523 CkipNegotiationBuffer[8] = 0x18;
524 CkipNegotiationBuffer[CKIP_NEGOTIATION_LENGTH - 1] = 0x22;
525 CkipFlag = 0x18;
526
527 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
528 1, &AironetCkipIe,
529 1, &AironetCkipLen,
530 AironetCkipLen, CkipNegotiationBuffer,
531 END_OF_ARGS);
532 FrameLen += tmp;
533 }
534
535 // Add CCX v2 request if CCX2 admin state is on
536 if (pAd->StaCfg.CCXControl.field.Enable == 1)
537 {
538
539 //
540 // Add AironetIPAddressIE for Cisco CCX 2.X
541 // Add CCX Version
542 //
543 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
544 1, &AironetIPAddressIE,
545 1, &AironetIPAddressLen,
546 AironetIPAddressLen, AironetIPAddressBuffer,
547 1, &Ccx2Ie,
548 1, &Ccx2Len,
549 Ccx2Len, Ccx2IeInfo,
550 END_OF_ARGS);
551 FrameLen += tmp;
552
553 // Add by James 03/06/27
554 // Set Variable IEs Length
555 pAd->StaCfg.ReqVarIELen = VarIesOffset;
556 pAd->StaCfg.AssocInfo.RequestIELength = VarIesOffset;
557
558 // OffsetResponseIEs follow ReqVarIE
559 pAd->StaCfg.AssocInfo.OffsetResponseIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION) + pAd->StaCfg.ReqVarIELen;
560 // End Add by James
561 }
562
563
564 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
565 MlmeFreeMemory(pAd, pOutBuffer);
566
567 RTMPSetTimer(&pAd->MlmeAux.AssocTimer, Timeout);
568 pAd->Mlme.AssocMachine.CurrState = ASSOC_WAIT_RSP;
569 }
570 else
571 {
572 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeAssocReqAction() sanity check failed. BUG!!!!!! \n"));
573 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
574 Status = MLME_INVALID_FORMAT;
575 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
576 }
577
578 }
579
580 /*
581 ==========================================================================
582 Description:
583 mlme reassoc req handling procedure
584 Parameters:
585 Elem -
586 Pre:
587 -# SSID (Adapter->StaCfg.ssid[])
588 -# BSSID (AP address, Adapter->StaCfg.bssid)
589 -# Supported rates (Adapter->StaCfg.supported_rates[])
590 -# Supported rates length (Adapter->StaCfg.supported_rates_len)
591 -# Tx power (Adapter->StaCfg.tx_power)
592
593 IRQL = DISPATCH_LEVEL
594
595 ==========================================================================
596 */
597 VOID MlmeReassocReqAction(
598 IN PRTMP_ADAPTER pAd,
599 IN MLME_QUEUE_ELEM *Elem)
600 {
601 UCHAR ApAddr[6];
602 HEADER_802_11 ReassocHdr;
603 UCHAR Ccx2Len = 5;
604 UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00};
605 USHORT CapabilityInfo, ListenIntv;
606 ULONG Timeout;
607 ULONG FrameLen = 0;
608 BOOLEAN TimerCancelled;
609 NDIS_STATUS NStatus;
610 ULONG tmp;
611 PUCHAR pOutBuffer = NULL;
612 USHORT Status;
613
614 // Block all authentication request durning WPA block period
615 if (pAd->StaCfg.bBlockAssoc == TRUE)
616 {
617 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Block ReAssoc request durning WPA block period!\n"));
618 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
619 Status = MLME_STATE_MACHINE_REJECT;
620 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
621 }
622 // the parameters are the same as the association
623 else if(MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv))
624 {
625 RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer, &TimerCancelled);
626
627 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
628 if(NStatus != NDIS_STATUS_SUCCESS)
629 {
630 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeReassocReqAction() allocate memory failed \n"));
631 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
632 Status = MLME_FAIL_NO_RESOURCE;
633 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
634 return;
635 }
636
637 COPY_MAC_ADDR(pAd->MlmeAux.Bssid, ApAddr);
638
639 // make frame, use bssid as the AP address??
640 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send RE-ASSOC request...\n"));
641 MgtMacHeaderInit(pAd, &ReassocHdr, SUBTYPE_REASSOC_REQ, 0, ApAddr, ApAddr);
642 MakeOutgoingFrame(pOutBuffer, &FrameLen,
643 sizeof(HEADER_802_11), &ReassocHdr,
644 2, &CapabilityInfo,
645 2, &ListenIntv,
646 MAC_ADDR_LEN, ApAddr,
647 1, &SsidIe,
648 1, &pAd->MlmeAux.SsidLen,
649 pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid,
650 1, &SupRateIe,
651 1, &pAd->MlmeAux.SupRateLen,
652 pAd->MlmeAux.SupRateLen, pAd->MlmeAux.SupRate,
653 END_OF_ARGS);
654
655 if (pAd->MlmeAux.ExtRateLen != 0)
656 {
657 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
658 1, &ExtRateIe,
659 1, &pAd->MlmeAux.ExtRateLen,
660 pAd->MlmeAux.ExtRateLen, pAd->MlmeAux.ExtRate,
661 END_OF_ARGS);
662 FrameLen += tmp;
663 }
664
665 if (pAd->MlmeAux.APEdcaParm.bValid)
666 {
667 if (pAd->CommonCfg.bAPSDCapable && pAd->MlmeAux.APEdcaParm.bAPSDCapable)
668 {
669 QBSS_STA_INFO_PARM QosInfo;
670
671 NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM));
672 QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE;
673 QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK;
674 QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI;
675 QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO;
676 QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength;
677 WmeIe[8] |= *(PUCHAR)&QosInfo;
678 }
679
680 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
681 9, &WmeIe[0],
682 END_OF_ARGS);
683 FrameLen += tmp;
684 }
685
686 // HT
687 if ((pAd->MlmeAux.HtCapabilityLen > 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED))
688 {
689 ULONG TmpLen;
690 UCHAR HtLen;
691 UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33};
692 if (pAd->StaActive.SupportedPhyInfo.bPreNHt == TRUE)
693 {
694 HtLen = SIZE_HT_CAP_IE + 4;
695 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
696 1, &WpaIe,
697 1, &HtLen,
698 4, &BROADCOM[0],
699 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
700 END_OF_ARGS);
701 }
702 else
703 {
704 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
705 1, &HtCapIe,
706 1, &pAd->MlmeAux.HtCapabilityLen,
707 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
708 END_OF_ARGS);
709 }
710 FrameLen += TmpLen;
711 }
712
713 // add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION
714 // Case I: (Aggregation + Piggy-Back)
715 // 1. user enable aggregation, AND
716 // 2. Mac support piggy-back
717 // 3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON
718 // Case II: (Aggregation)
719 // 1. user enable aggregation, AND
720 // 2. AP annouces it's AGGREGATION-capable in BEACON
721 if (pAd->CommonCfg.bAggregationCapable)
722 {
723 if ((pAd->CommonCfg.bPiggyBackCapable) && ((pAd->MlmeAux.APRalinkIe & 0x00000003) == 3))
724 {
725 ULONG TmpLen;
726 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00};
727 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
728 9, RalinkIe,
729 END_OF_ARGS);
730 FrameLen += TmpLen;
731 }
732 else if (pAd->MlmeAux.APRalinkIe & 0x00000001)
733 {
734 ULONG TmpLen;
735 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00};
736 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
737 9, RalinkIe,
738 END_OF_ARGS);
739 FrameLen += TmpLen;
740 }
741 }
742 else
743 {
744 ULONG TmpLen;
745 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x04, 0x00, 0x00, 0x00};
746 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
747 9, RalinkIe,
748 END_OF_ARGS);
749 FrameLen += TmpLen;
750 }
751
752 // Add CCX v2 request if CCX2 admin state is on
753 if (pAd->StaCfg.CCXControl.field.Enable == 1)
754 {
755 //
756 // Add CCX Version
757 //
758 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
759 1, &Ccx2Ie,
760 1, &Ccx2Len,
761 Ccx2Len, Ccx2IeInfo,
762 END_OF_ARGS);
763 FrameLen += tmp;
764 }
765
766 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
767 MlmeFreeMemory(pAd, pOutBuffer);
768
769 RTMPSetTimer(&pAd->MlmeAux.ReassocTimer, Timeout); /* in mSec */
770 pAd->Mlme.AssocMachine.CurrState = REASSOC_WAIT_RSP;
771 }
772 else
773 {
774 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeReassocReqAction() sanity check failed. BUG!!!! \n"));
775 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
776 Status = MLME_INVALID_FORMAT;
777 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
778 }
779 }
780
781 /*
782 ==========================================================================
783 Description:
784 Upper layer issues disassoc request
785 Parameters:
786 Elem -
787
788 IRQL = PASSIVE_LEVEL
789
790 ==========================================================================
791 */
792 VOID MlmeDisassocReqAction(
793 IN PRTMP_ADAPTER pAd,
794 IN MLME_QUEUE_ELEM *Elem)
795 {
796 PMLME_DISASSOC_REQ_STRUCT pDisassocReq;
797 HEADER_802_11 DisassocHdr;
798 PHEADER_802_11 pDisassocHdr;
799 PUCHAR pOutBuffer = NULL;
800 ULONG FrameLen = 0;
801 NDIS_STATUS NStatus;
802 BOOLEAN TimerCancelled;
803 ULONG Timeout = 0;
804 USHORT Status;
805
806 // skip sanity check
807 pDisassocReq = (PMLME_DISASSOC_REQ_STRUCT)(Elem->Msg);
808
809 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
810 if (NStatus != NDIS_STATUS_SUCCESS)
811 {
812 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - MlmeDisassocReqAction() allocate memory failed\n"));
813 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
814 Status = MLME_FAIL_NO_RESOURCE;
815 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status);
816 return;
817 }
818
819
820
821 RTMPCancelTimer(&pAd->MlmeAux.DisassocTimer, &TimerCancelled);
822
823 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send DISASSOC request[BSSID::%02x:%02x:%02x:%02x:%02x:%02x (Reason=%d)\n",
824 pDisassocReq->Addr[0], pDisassocReq->Addr[1], pDisassocReq->Addr[2],
825 pDisassocReq->Addr[3], pDisassocReq->Addr[4], pDisassocReq->Addr[5], pDisassocReq->Reason));
826 MgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pDisassocReq->Addr, pDisassocReq->Addr); // patch peap ttls switching issue
827 MakeOutgoingFrame(pOutBuffer, &FrameLen,
828 sizeof(HEADER_802_11),&DisassocHdr,
829 2, &pDisassocReq->Reason,
830 END_OF_ARGS);
831 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
832
833 // To patch Instance and Buffalo(N) AP
834 // Driver has to send deauth to Instance AP, but Buffalo(N) needs to send disassoc to reset Authenticator's state machine
835 // Therefore, we send both of them.
836 pDisassocHdr = (PHEADER_802_11)pOutBuffer;
837 pDisassocHdr->FC.SubType = SUBTYPE_DEAUTH;
838 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
839
840 MlmeFreeMemory(pAd, pOutBuffer);
841
842 pAd->StaCfg.DisassocReason = REASON_DISASSOC_STA_LEAVING;
843 COPY_MAC_ADDR(pAd->StaCfg.DisassocSta, pDisassocReq->Addr);
844
845 RTMPSetTimer(&pAd->MlmeAux.DisassocTimer, Timeout); /* in mSec */
846 pAd->Mlme.AssocMachine.CurrState = DISASSOC_WAIT_RSP;
847
848 {
849 union iwreq_data wrqu;
850 memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN);
851 wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL);
852 }
853 }
854
855 /*
856 ==========================================================================
857 Description:
858 peer sends assoc rsp back
859 Parameters:
860 Elme - MLME message containing the received frame
861
862 IRQL = DISPATCH_LEVEL
863
864 ==========================================================================
865 */
866 VOID PeerAssocRspAction(
867 IN PRTMP_ADAPTER pAd,
868 IN MLME_QUEUE_ELEM *Elem)
869 {
870 USHORT CapabilityInfo, Status, Aid;
871 UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], SupRateLen;
872 UCHAR ExtRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRateLen;
873 UCHAR Addr2[MAC_ADDR_LEN];
874 BOOLEAN TimerCancelled;
875 UCHAR CkipFlag;
876 EDCA_PARM EdcaParm;
877 HT_CAPABILITY_IE HtCapability;
878 ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE
879 UCHAR HtCapabilityLen;
880 UCHAR AddHtInfoLen;
881 UCHAR NewExtChannelOffset = 0xff;
882
883 if (PeerAssocRspSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &CapabilityInfo, &Status, &Aid, SupRate, &SupRateLen, ExtRate, &ExtRateLen,
884 &HtCapability,&AddHtInfo, &HtCapabilityLen,&AddHtInfoLen,&NewExtChannelOffset, &EdcaParm, &CkipFlag))
885 {
886 // The frame is for me ?
887 if(MAC_ADDR_EQUAL(Addr2, pAd->MlmeAux.Bssid))
888 {
889 DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspAction():ASSOC - receive ASSOC_RSP to me (status=%d)\n", Status));
890 DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspAction():MacTable [%d].AMsduSize = %d. ClientStatusFlags = 0x%lx \n",Elem->Wcid, pAd->MacTab.Content[BSSID_WCID].AMsduSize, pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags));
891 RTMPCancelTimer(&pAd->MlmeAux.AssocTimer, &TimerCancelled);
892 if(Status == MLME_SUCCESS)
893 {
894 #ifdef RT2860
895 // go to procedure listed on page 376
896 AssocPostProc(pAd, Addr2, CapabilityInfo, Aid, SupRate, SupRateLen, ExtRate, ExtRateLen,
897 &EdcaParm, &HtCapability, HtCapabilityLen, &AddHtInfo);
898
899 {
900 union iwreq_data wrqu;
901 wext_notify_event_assoc(pAd);
902
903 memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN);
904 memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN);
905 wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL);
906
907 }
908 #endif
909 #ifdef RT2870
910 UCHAR MaxSupportedRateIn500Kbps = 0;
911 UCHAR idx;
912
913 // supported rates array may not be sorted. sort it and find the maximum rate
914 for (idx=0; idx<SupRateLen; idx++)
915 {
916 if (MaxSupportedRateIn500Kbps < (SupRate[idx] & 0x7f))
917 MaxSupportedRateIn500Kbps = SupRate[idx] & 0x7f;
918 }
919
920 for (idx=0; idx<ExtRateLen; idx++)
921 {
922 if (MaxSupportedRateIn500Kbps < (ExtRate[idx] & 0x7f))
923 MaxSupportedRateIn500Kbps = ExtRate[idx] & 0x7f;
924 }
925 // go to procedure listed on page 376
926 AssocPostProc(pAd, Addr2, CapabilityInfo, Aid, SupRate, SupRateLen, ExtRate, ExtRateLen,
927 &EdcaParm, &HtCapability, HtCapabilityLen, &AddHtInfo);
928
929 StaAddMacTableEntry(pAd, &pAd->MacTab.Content[BSSID_WCID], MaxSupportedRateIn500Kbps, &HtCapability, HtCapabilityLen, CapabilityInfo);
930 #endif
931 pAd->StaCfg.CkipFlag = CkipFlag;
932 if (CkipFlag & 0x18)
933 {
934 NdisZeroMemory(pAd->StaCfg.TxSEQ, 4);
935 NdisZeroMemory(pAd->StaCfg.RxSEQ, 4);
936 NdisZeroMemory(pAd->StaCfg.CKIPMIC, 4);
937 pAd->StaCfg.GIV[0] = RandomByte(pAd);
938 pAd->StaCfg.GIV[1] = RandomByte(pAd);
939 pAd->StaCfg.GIV[2] = RandomByte(pAd);
940 pAd->StaCfg.bCkipOn = TRUE;
941 DBGPRINT(RT_DEBUG_TRACE, ("<CCX> pAd->StaCfg.CkipFlag = 0x%02x\n", pAd->StaCfg.CkipFlag));
942 }
943 }
944 else
945 {
946 }
947 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
948 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
949 }
950 }
951 else
952 {
953 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerAssocRspAction() sanity check fail\n"));
954 }
955 }
956
957 /*
958 ==========================================================================
959 Description:
960 peer sends reassoc rsp
961 Parametrs:
962 Elem - MLME message cntaining the received frame
963
964 IRQL = DISPATCH_LEVEL
965
966 ==========================================================================
967 */
968 VOID PeerReassocRspAction(
969 IN PRTMP_ADAPTER pAd,
970 IN MLME_QUEUE_ELEM *Elem)
971 {
972 USHORT CapabilityInfo;
973 USHORT Status;
974 USHORT Aid;
975 UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], SupRateLen;
976 UCHAR ExtRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRateLen;
977 UCHAR Addr2[MAC_ADDR_LEN];
978 UCHAR CkipFlag;
979 BOOLEAN TimerCancelled;
980 EDCA_PARM EdcaParm;
981 HT_CAPABILITY_IE HtCapability;
982 ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE
983 UCHAR HtCapabilityLen;
984 UCHAR AddHtInfoLen;
985 UCHAR NewExtChannelOffset = 0xff;
986
987 if(PeerAssocRspSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &CapabilityInfo, &Status, &Aid, SupRate, &SupRateLen, ExtRate, &ExtRateLen,
988 &HtCapability, &AddHtInfo, &HtCapabilityLen, &AddHtInfoLen,&NewExtChannelOffset, &EdcaParm, &CkipFlag))
989 {
990 if(MAC_ADDR_EQUAL(Addr2, pAd->MlmeAux.Bssid)) // The frame is for me ?
991 {
992 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - receive REASSOC_RSP to me (status=%d)\n", Status));
993 RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer, &TimerCancelled);
994
995 if(Status == MLME_SUCCESS)
996 {
997 // go to procedure listed on page 376
998 AssocPostProc(pAd, Addr2, CapabilityInfo, Aid, SupRate, SupRateLen, ExtRate, ExtRateLen,
999 &EdcaParm, &HtCapability, HtCapabilityLen, &AddHtInfo);
1000
1001 {
1002 union iwreq_data wrqu;
1003 wext_notify_event_assoc(pAd);
1004
1005 memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN);
1006 memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN);
1007 wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL);
1008
1009 }
1010
1011 }
1012
1013 {
1014 // CkipFlag is no use for reassociate
1015 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1016 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
1017 }
1018 }
1019 }
1020 else
1021 {
1022 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerReassocRspAction() sanity check fail\n"));
1023 }
1024
1025 }
1026
1027 /*
1028 ==========================================================================
1029 Description:
1030 procedures on IEEE 802.11/1999 p.376
1031 Parametrs:
1032
1033 IRQL = DISPATCH_LEVEL
1034
1035 ==========================================================================
1036 */
1037 VOID AssocPostProc(
1038 IN PRTMP_ADAPTER pAd,
1039 IN PUCHAR pAddr2,
1040 IN USHORT CapabilityInfo,
1041 IN USHORT Aid,
1042 IN UCHAR SupRate[],
1043 IN UCHAR SupRateLen,
1044 IN UCHAR ExtRate[],
1045 IN UCHAR ExtRateLen,
1046 IN PEDCA_PARM pEdcaParm,
1047 IN HT_CAPABILITY_IE *pHtCapability,
1048 IN UCHAR HtCapabilityLen,
1049 IN ADD_HT_INFO_IE *pAddHtInfo) // AP might use this additional ht info IE
1050 {
1051 ULONG Idx;
1052
1053 pAd->MlmeAux.BssType = BSS_INFRA;
1054 COPY_MAC_ADDR(pAd->MlmeAux.Bssid, pAddr2);
1055 pAd->MlmeAux.Aid = Aid;
1056 pAd->MlmeAux.CapabilityInfo = CapabilityInfo & SUPPORTED_CAPABILITY_INFO;
1057
1058 // Some HT AP might lost WMM IE. We add WMM ourselves. beacuase HT requires QoS on.
1059 if ((HtCapabilityLen > 0) && (pEdcaParm->bValid == FALSE))
1060 {
1061 pEdcaParm->bValid = TRUE;
1062 pEdcaParm->Aifsn[0] = 3;
1063 pEdcaParm->Aifsn[1] = 7;
1064 pEdcaParm->Aifsn[2] = 2;
1065 pEdcaParm->Aifsn[3] = 2;
1066
1067 pEdcaParm->Cwmin[0] = 4;
1068 pEdcaParm->Cwmin[1] = 4;
1069 pEdcaParm->Cwmin[2] = 3;
1070 pEdcaParm->Cwmin[3] = 2;
1071
1072 pEdcaParm->Cwmax[0] = 10;
1073 pEdcaParm->Cwmax[1] = 10;
1074 pEdcaParm->Cwmax[2] = 4;
1075 pEdcaParm->Cwmax[3] = 3;
1076
1077 pEdcaParm->Txop[0] = 0;
1078 pEdcaParm->Txop[1] = 0;
1079 pEdcaParm->Txop[2] = 96;
1080 pEdcaParm->Txop[3] = 48;
1081
1082 }
1083
1084 NdisMoveMemory(&pAd->MlmeAux.APEdcaParm, pEdcaParm, sizeof(EDCA_PARM));
1085
1086 // filter out un-supported rates
1087 pAd->MlmeAux.SupRateLen = SupRateLen;
1088 NdisMoveMemory(pAd->MlmeAux.SupRate, SupRate, SupRateLen);
1089 RTMPCheckRates(pAd, pAd->MlmeAux.SupRate, &pAd->MlmeAux.SupRateLen);
1090
1091 // filter out un-supported rates
1092 pAd->MlmeAux.ExtRateLen = ExtRateLen;
1093 NdisMoveMemory(pAd->MlmeAux.ExtRate, ExtRate, ExtRateLen);
1094 RTMPCheckRates(pAd, pAd->MlmeAux.ExtRate, &pAd->MlmeAux.ExtRateLen);
1095
1096 if (HtCapabilityLen > 0)
1097 {
1098 RTMPCheckHt(pAd, BSSID_WCID, pHtCapability, pAddHtInfo);
1099 }
1100 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> AP.AMsduSize = %d. ClientStatusFlags = 0x%lx \n", pAd->MacTab.Content[BSSID_WCID].AMsduSize, pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags));
1101
1102 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> (Mmps=%d, AmsduSize=%d, )\n",
1103 pAd->MacTab.Content[BSSID_WCID].MmpsMode, pAd->MacTab.Content[BSSID_WCID].AMsduSize));
1104
1105 // Set New WPA information
1106 Idx = BssTableSearch(&pAd->ScanTab, pAddr2, pAd->MlmeAux.Channel);
1107 if (Idx == BSS_NOT_FOUND)
1108 {
1109 DBGPRINT_ERR(("ASSOC - Can't find BSS after receiving Assoc response\n"));
1110 }
1111 else
1112 {
1113 // Init variable
1114 pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = 0;
1115 NdisZeroMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, MAX_LEN_OF_RSNIE);
1116
1117 // Store appropriate RSN_IE for WPA SM negotiation later
1118 if ((pAd->StaCfg.AuthMode >= Ndis802_11AuthModeWPA) && (pAd->ScanTab.BssEntry[Idx].VarIELen != 0))
1119 {
1120 PUCHAR pVIE;
1121 USHORT len;
1122 PEID_STRUCT pEid;
1123
1124 pVIE = pAd->ScanTab.BssEntry[Idx].VarIEs;
1125 len = pAd->ScanTab.BssEntry[Idx].VarIELen;
1126
1127 while (len > 0)
1128 {
1129 pEid = (PEID_STRUCT) pVIE;
1130 // For WPA/WPAPSK
1131 if ((pEid->Eid == IE_WPA) && (NdisEqualMemory(pEid->Octet, WPA_OUI, 4))
1132 && (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK))
1133 {
1134 NdisMoveMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, pVIE, (pEid->Len + 2));
1135 pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = (pEid->Len + 2);
1136 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> Store RSN_IE for WPA SM negotiation \n"));
1137 }
1138 // For WPA2/WPA2PSK
1139 else if ((pEid->Eid == IE_RSN) && (NdisEqualMemory(pEid->Octet + 2, RSN_OUI, 3))
1140 && (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2 || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK))
1141 {
1142 NdisMoveMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, pVIE, (pEid->Len + 2));
1143 pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = (pEid->Len + 2);
1144 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> Store RSN_IE for WPA2 SM negotiation \n"));
1145 }
1146
1147 pVIE += (pEid->Len + 2);
1148 len -= (pEid->Len + 2);
1149 }
1150 }
1151
1152 if (pAd->MacTab.Content[BSSID_WCID].RSNIE_Len == 0)
1153 {
1154 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> no RSN_IE \n"));
1155 }
1156 else
1157 {
1158 hex_dump("RSN_IE", pAd->MacTab.Content[BSSID_WCID].RSN_IE, pAd->MacTab.Content[BSSID_WCID].RSNIE_Len);
1159 }
1160 }
1161 }
1162
1163 /*
1164 ==========================================================================
1165 Description:
1166 left part of IEEE 802.11/1999 p.374
1167 Parameters:
1168 Elem - MLME message containing the received frame
1169
1170 IRQL = DISPATCH_LEVEL
1171
1172 ==========================================================================
1173 */
1174 VOID PeerDisassocAction(
1175 IN PRTMP_ADAPTER pAd,
1176 IN MLME_QUEUE_ELEM *Elem)
1177 {
1178 UCHAR Addr2[MAC_ADDR_LEN];
1179 USHORT Reason;
1180
1181 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction()\n"));
1182 if(PeerDisassocSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Reason))
1183 {
1184 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction() Reason = %d\n", Reason));
1185 if (INFRA_ON(pAd) && MAC_ADDR_EQUAL(pAd->CommonCfg.Bssid, Addr2))
1186 {
1187
1188 if (pAd->CommonCfg.bWirelessEvent)
1189 {
1190 RTMPSendWirelessEvent(pAd, IW_DISASSOC_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0);
1191 }
1192
1193 //
1194 // Get Current System time and Turn on AdjacentAPReport
1195 //
1196 NdisGetSystemUpTime(&pAd->StaCfg.CCXAdjacentAPLinkDownTime);
1197 pAd->StaCfg.CCXAdjacentAPReportFlag = TRUE;
1198 LinkDown(pAd, TRUE);
1199 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1200
1201 {
1202 union iwreq_data wrqu;
1203 memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN);
1204 wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL);
1205 }
1206 }
1207 }
1208 else
1209 {
1210 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction() sanity check fail\n"));
1211 }
1212
1213 }
1214
1215 /*
1216 ==========================================================================
1217 Description:
1218 what the state machine will do after assoc timeout
1219 Parameters:
1220 Elme -
1221
1222 IRQL = DISPATCH_LEVEL
1223
1224 ==========================================================================
1225 */
1226 VOID AssocTimeoutAction(
1227 IN PRTMP_ADAPTER pAd,
1228 IN MLME_QUEUE_ELEM *Elem)
1229 {
1230 USHORT Status;
1231 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - AssocTimeoutAction\n"));
1232 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1233 Status = MLME_REJ_TIMEOUT;
1234 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
1235 }
1236
1237 /*
1238 ==========================================================================
1239 Description:
1240 what the state machine will do after reassoc timeout
1241
1242 IRQL = DISPATCH_LEVEL
1243
1244 ==========================================================================
1245 */
1246 VOID ReassocTimeoutAction(
1247 IN PRTMP_ADAPTER pAd,
1248 IN MLME_QUEUE_ELEM *Elem)
1249 {
1250 USHORT Status;
1251 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - ReassocTimeoutAction\n"));
1252 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1253 Status = MLME_REJ_TIMEOUT;
1254 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
1255 }
1256
1257 /*
1258 ==========================================================================
1259 Description:
1260 what the state machine will do after disassoc timeout
1261
1262 IRQL = DISPATCH_LEVEL
1263
1264 ==========================================================================
1265 */
1266 VOID DisassocTimeoutAction(
1267 IN PRTMP_ADAPTER pAd,
1268 IN MLME_QUEUE_ELEM *Elem)
1269 {
1270 USHORT Status;
1271 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - DisassocTimeoutAction\n"));
1272 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1273 Status = MLME_SUCCESS;
1274 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status);
1275 }
1276
1277 VOID InvalidStateWhenAssoc(
1278 IN PRTMP_ADAPTER pAd,
1279 IN MLME_QUEUE_ELEM *Elem)
1280 {
1281 USHORT Status;
1282 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenAssoc(state=%ld), reset ASSOC state machine\n",
1283 pAd->Mlme.AssocMachine.CurrState));
1284 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1285 Status = MLME_STATE_MACHINE_REJECT;
1286 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
1287 }
1288
1289 VOID InvalidStateWhenReassoc(
1290 IN PRTMP_ADAPTER pAd,
1291 IN MLME_QUEUE_ELEM *Elem)
1292 {
1293 USHORT Status;
1294 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenReassoc(state=%ld), reset ASSOC state machine\n",
1295 pAd->Mlme.AssocMachine.CurrState));
1296 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1297 Status = MLME_STATE_MACHINE_REJECT;
1298 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
1299 }
1300
1301 VOID InvalidStateWhenDisassociate(
1302 IN PRTMP_ADAPTER pAd,
1303 IN MLME_QUEUE_ELEM *Elem)
1304 {
1305 USHORT Status;
1306 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenDisassoc(state=%ld), reset ASSOC state machine\n",
1307 pAd->Mlme.AssocMachine.CurrState));
1308 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1309 Status = MLME_STATE_MACHINE_REJECT;
1310 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status);
1311 }
1312
1313 /*
1314 ==========================================================================
1315 Description:
1316 right part of IEEE 802.11/1999 page 374
1317 Note:
1318 This event should never cause ASSOC state machine perform state
1319 transition, and has no relationship with CNTL machine. So we separate
1320 this routine as a service outside of ASSOC state transition table.
1321
1322 IRQL = DISPATCH_LEVEL
1323
1324 ==========================================================================
1325 */
1326 VOID Cls3errAction(
1327 IN PRTMP_ADAPTER pAd,
1328 IN PUCHAR pAddr)
1329 {
1330 HEADER_802_11 DisassocHdr;
1331 PHEADER_802_11 pDisassocHdr;
1332 PUCHAR pOutBuffer = NULL;
1333 ULONG FrameLen = 0;
1334 NDIS_STATUS NStatus;
1335 USHORT Reason = REASON_CLS3ERR;
1336
1337 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
1338 if (NStatus != NDIS_STATUS_SUCCESS)
1339 return;
1340
1341 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Class 3 Error, Send DISASSOC frame\n"));
1342 MgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pAddr, pAd->CommonCfg.Bssid); // patch peap ttls switching issue
1343 MakeOutgoingFrame(pOutBuffer, &FrameLen,
1344 sizeof(HEADER_802_11),&DisassocHdr,
1345 2, &Reason,
1346 END_OF_ARGS);
1347 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
1348
1349 // To patch Instance and Buffalo(N) AP
1350 // Driver has to send deauth to Instance AP, but Buffalo(N) needs to send disassoc to reset Authenticator's state machine
1351 // Therefore, we send both of them.
1352 pDisassocHdr = (PHEADER_802_11)pOutBuffer;
1353 pDisassocHdr->FC.SubType = SUBTYPE_DEAUTH;
1354 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
1355
1356 MlmeFreeMemory(pAd, pOutBuffer);
1357
1358 pAd->StaCfg.DisassocReason = REASON_CLS3ERR;
1359 COPY_MAC_ADDR(pAd->StaCfg.DisassocSta, pAddr);
1360 }
1361
1362 /*
1363 ==========================================================================
1364 Description:
1365 Switch between WEP and CKIP upon new association up.
1366 Parameters:
1367
1368 IRQL = DISPATCH_LEVEL
1369
1370 ==========================================================================
1371 */
1372 VOID SwitchBetweenWepAndCkip(
1373 IN PRTMP_ADAPTER pAd)
1374 {
1375 int i;
1376 SHAREDKEY_MODE_STRUC csr1;
1377
1378 // if KP is required. change the CipherAlg in hardware shard key table from WEP
1379 // to CKIP. else remain as WEP
1380 if (pAd->StaCfg.bCkipOn && (pAd->StaCfg.CkipFlag & 0x10))
1381 {
1382 // modify hardware key table so that MAC use correct algorithm to decrypt RX
1383 RTMP_IO_READ32(pAd, SHARED_KEY_MODE_BASE, &csr1.word);
1384 if (csr1.field.Bss0Key0CipherAlg == CIPHER_WEP64)
1385 csr1.field.Bss0Key0CipherAlg = CIPHER_CKIP64;
1386 else if (csr1.field.Bss0Key0CipherAlg == CIPHER_WEP128)
1387 csr1.field.Bss0Key0CipherAlg = CIPHER_CKIP128;
1388
1389 if (csr1.field.Bss0Key1CipherAlg == CIPHER_WEP64)
1390 csr1.field.Bss0Key1CipherAlg = CIPHER_CKIP64;
1391 else if (csr1.field.Bss0Key1CipherAlg == CIPHER_WEP128)
1392 csr1.field.Bss0Key1CipherAlg = CIPHER_CKIP128;
1393
1394 if (csr1.field.Bss0Key2CipherAlg == CIPHER_WEP64)
1395 csr1.field.Bss0Key2CipherAlg = CIPHER_CKIP64;
1396 else if (csr1.field.Bss0Key2CipherAlg == CIPHER_WEP128)
1397 csr1.field.Bss0Key2CipherAlg = CIPHER_CKIP128;
1398
1399 if (csr1.field.Bss0Key3CipherAlg == CIPHER_WEP64)
1400 csr1.field.Bss0Key3CipherAlg = CIPHER_CKIP64;
1401 else if (csr1.field.Bss0Key3CipherAlg == CIPHER_WEP128)
1402 csr1.field.Bss0Key3CipherAlg = CIPHER_CKIP128;
1403 RTMP_IO_WRITE32(pAd, SHARED_KEY_MODE_BASE, csr1.word);
1404 DBGPRINT(RT_DEBUG_TRACE, ("SwitchBetweenWepAndCkip: modify BSS0 cipher to %s\n", CipherName[csr1.field.Bss0Key0CipherAlg]));
1405
1406 // modify software key table so that driver can specify correct algorithm in TXD upon TX
1407 for (i=0; i<SHARE_KEY_NUM; i++)
1408 {
1409 if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_WEP64)
1410 pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_CKIP64;
1411 else if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_WEP128)
1412 pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_CKIP128;
1413 }
1414 }
1415
1416 // else if KP NOT inused. change the CipherAlg in hardware shard key table from CKIP
1417 // to WEP.
1418 else
1419 {
1420 // modify hardware key table so that MAC use correct algorithm to decrypt RX
1421 RTMP_IO_READ32(pAd, SHARED_KEY_MODE_BASE, &csr1.word);
1422 if (csr1.field.Bss0Key0CipherAlg == CIPHER_CKIP64)
1423 csr1.field.Bss0Key0CipherAlg = CIPHER_WEP64;
1424 else if (csr1.field.Bss0Key0CipherAlg == CIPHER_CKIP128)
1425 csr1.field.Bss0Key0CipherAlg = CIPHER_WEP128;
1426
1427 if (csr1.field.Bss0Key1CipherAlg == CIPHER_CKIP64)
1428 csr1.field.Bss0Key1CipherAlg = CIPHER_WEP64;
1429 else if (csr1.field.Bss0Key1CipherAlg == CIPHER_CKIP128)
1430 csr1.field.Bss0Key1CipherAlg = CIPHER_WEP128;
1431
1432 if (csr1.field.Bss0Key2CipherAlg == CIPHER_CKIP64)
1433 csr1.field.Bss0Key2CipherAlg = CIPHER_WEP64;
1434 else if (csr1.field.Bss0Key2CipherAlg == CIPHER_CKIP128)
1435 csr1.field.Bss0Key2CipherAlg = CIPHER_WEP128;
1436
1437 if (csr1.field.Bss0Key3CipherAlg == CIPHER_CKIP64)
1438 csr1.field.Bss0Key3CipherAlg = CIPHER_WEP64;
1439 else if (csr1.field.Bss0Key3CipherAlg == CIPHER_CKIP128)
1440 csr1.field.Bss0Key3CipherAlg = CIPHER_WEP128;
1441
1442 // modify software key table so that driver can specify correct algorithm in TXD upon TX
1443 for (i=0; i<SHARE_KEY_NUM; i++)
1444 {
1445 if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_CKIP64)
1446 pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_WEP64;
1447 else if (pAd->SharedKey[BSS0][i].CipherAlg == CIPHER_CKIP128)
1448 pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_WEP128;
1449 }
1450
1451 //
1452 // On WPA-NONE, must update CipherAlg.
1453 // Because the OID_802_11_WEP_STATUS was been set after OID_802_11_ADD_KEY
1454 // and CipherAlg will be CIPHER_NONE by Windows ZeroConfig.
1455 // So we need to update CipherAlg after connect.
1456 //
1457 if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPANone)
1458 {
1459 for (i = 0; i < SHARE_KEY_NUM; i++)
1460 {
1461 if (pAd->SharedKey[BSS0][i].KeyLen != 0)
1462 {
1463 if (pAd->StaCfg.WepStatus == Ndis802_11Encryption2Enabled)
1464 {
1465 pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_TKIP;
1466 }
1467 else if (pAd->StaCfg.WepStatus == Ndis802_11Encryption3Enabled)
1468 {
1469 pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_AES;
1470 }
1471 }
1472 else
1473 {
1474 pAd->SharedKey[BSS0][i].CipherAlg = CIPHER_NONE;
1475 }
1476 }
1477
1478 csr1.field.Bss0Key0CipherAlg = pAd->SharedKey[BSS0][0].CipherAlg;
1479 csr1.field.Bss0Key1CipherAlg = pAd->SharedKey[BSS0][1].CipherAlg;
1480 csr1.field.Bss0Key2CipherAlg = pAd->SharedKey[BSS0][2].CipherAlg;
1481 csr1.field.Bss0Key3CipherAlg = pAd->SharedKey[BSS0][3].CipherAlg;
1482 }
1483 RTMP_IO_WRITE32(pAd, SHARED_KEY_MODE_BASE, csr1.word);
1484 DBGPRINT(RT_DEBUG_TRACE, ("SwitchBetweenWepAndCkip: modify BSS0 cipher to %s\n", CipherName[csr1.field.Bss0Key0CipherAlg]));
1485 }
1486 }
1487
1488 int wext_notify_event_assoc(
1489 IN RTMP_ADAPTER *pAd)
1490 {
1491 union iwreq_data wrqu;
1492 char custom[IW_CUSTOM_MAX] = {0};
1493
1494 if (pAd->StaCfg.ReqVarIELen <= IW_CUSTOM_MAX)
1495 {
1496 wrqu.data.length = pAd->StaCfg.ReqVarIELen;
1497 memcpy(custom, pAd->StaCfg.ReqVarIEs, pAd->StaCfg.ReqVarIELen);
1498 wireless_send_event(pAd->net_dev, IWEVASSOCREQIE, &wrqu, custom);
1499 }
1500 else
1501 DBGPRINT(RT_DEBUG_TRACE, ("pAd->StaCfg.ReqVarIELen > MAX_CUSTOM_LEN\n"));
1502
1503 return 0;
1504
1505 }
1506
1507 #ifdef RT2870
1508 BOOLEAN StaAddMacTableEntry(
1509 IN PRTMP_ADAPTER pAd,
1510 IN PMAC_TABLE_ENTRY pEntry,
1511 IN UCHAR MaxSupportedRateIn500Kbps,
1512 IN HT_CAPABILITY_IE *pHtCapability,
1513 IN UCHAR HtCapabilityLen,
1514 IN USHORT CapabilityInfo)
1515 {
1516 UCHAR MaxSupportedRate = RATE_11;
1517
1518 if (ADHOC_ON(pAd))
1519 CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE);
1520
1521 switch (MaxSupportedRateIn500Kbps)
1522 {
1523 case 108: MaxSupportedRate = RATE_54; break;
1524 case 96: MaxSupportedRate = RATE_48; break;
1525 case 72: MaxSupportedRate = RATE_36; break;
1526 case 48: MaxSupportedRate = RATE_24; break;
1527 case 36: MaxSupportedRate = RATE_18; break;
1528 case 24: MaxSupportedRate = RATE_12; break;
1529 case 18: MaxSupportedRate = RATE_9; break;
1530 case 12: MaxSupportedRate = RATE_6; break;
1531 case 22: MaxSupportedRate = RATE_11; break;
1532 case 11: MaxSupportedRate = RATE_5_5; break;
1533 case 4: MaxSupportedRate = RATE_2; break;
1534 case 2: MaxSupportedRate = RATE_1; break;
1535 default: MaxSupportedRate = RATE_11; break;
1536 }
1537
1538 if ((pAd->CommonCfg.PhyMode == PHY_11G) && (MaxSupportedRate < RATE_FIRST_OFDM_RATE))
1539 return FALSE;
1540
1541 // 11n only
1542 if (((pAd->CommonCfg.PhyMode == PHY_11N_2_4G) || (pAd->CommonCfg.PhyMode == PHY_11N_5G))&& (HtCapabilityLen == 0))
1543 return FALSE;
1544
1545 if (!pEntry)
1546 return FALSE;
1547
1548 NdisAcquireSpinLock(&pAd->MacTabLock);
1549 if (pEntry)
1550 {
1551 pEntry->PortSecured = WPA_802_1X_PORT_SECURED;
1552 if ((MaxSupportedRate < RATE_FIRST_OFDM_RATE) ||
1553 (pAd->CommonCfg.PhyMode == PHY_11B))
1554 {
1555 pEntry->RateLen = 4;
1556 if (MaxSupportedRate >= RATE_FIRST_OFDM_RATE)
1557 MaxSupportedRate = RATE_11;
1558 }
1559 else
1560 pEntry->RateLen = 12;
1561
1562 pEntry->MaxHTPhyMode.word = 0;
1563 pEntry->MinHTPhyMode.word = 0;
1564 pEntry->HTPhyMode.word = 0;
1565 pEntry->MaxSupportedRate = MaxSupportedRate;
1566 if (pEntry->MaxSupportedRate < RATE_FIRST_OFDM_RATE)
1567 {
1568 pEntry->MaxHTPhyMode.field.MODE = MODE_CCK;
1569 pEntry->MaxHTPhyMode.field.MCS = pEntry->MaxSupportedRate;
1570 pEntry->MinHTPhyMode.field.MODE = MODE_CCK;
1571 pEntry->MinHTPhyMode.field.MCS = pEntry->MaxSupportedRate;
1572 pEntry->HTPhyMode.field.MODE = MODE_CCK;
1573 pEntry->HTPhyMode.field.MCS = pEntry->MaxSupportedRate;
1574 }
1575 else
1576 {
1577 pEntry->MaxHTPhyMode.field.MODE = MODE_OFDM;
1578 pEntry->MaxHTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate];
1579 pEntry->MinHTPhyMode.field.MODE = MODE_OFDM;
1580 pEntry->MinHTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate];
1581 pEntry->HTPhyMode.field.MODE = MODE_OFDM;
1582 pEntry->HTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate];
1583 }
1584 pEntry->CapabilityInfo = CapabilityInfo;
1585 CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_AGGREGATION_CAPABLE);
1586 CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_PIGGYBACK_CAPABLE);
1587 }
1588
1589 // If this Entry supports 802.11n, upgrade to HT rate.
1590 if ((HtCapabilityLen != 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED))
1591 {
1592 UCHAR j, bitmask; //k,bitmask;
1593 CHAR i;
1594
1595 if (ADHOC_ON(pAd))
1596 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE);
1597 if ((pHtCapability->HtCapInfo.GF) && (pAd->CommonCfg.DesiredHtPhy.GF))
1598 {
1599 pEntry->MaxHTPhyMode.field.MODE = MODE_HTGREENFIELD;
1600 }
1601 else
1602 {
1603 pEntry->MaxHTPhyMode.field.MODE = MODE_HTMIX;
1604 pAd->MacTab.fAnyStationNonGF = TRUE;
1605 pAd->CommonCfg.AddHTInfo.AddHtInfo2.NonGfPresent = 1;
1606 }
1607
1608 if ((pHtCapability->HtCapInfo.ChannelWidth) && (pAd->CommonCfg.DesiredHtPhy.ChannelWidth))
1609 {
1610 pEntry->MaxHTPhyMode.field.BW= BW_40;
1611 pEntry->MaxHTPhyMode.field.ShortGI = ((pAd->CommonCfg.DesiredHtPhy.ShortGIfor40)&(pHtCapability->HtCapInfo.ShortGIfor40));
1612 }
1613 else
1614 {
1615 pEntry->MaxHTPhyMode.field.BW = BW_20;
1616 pEntry->MaxHTPhyMode.field.ShortGI = ((pAd->CommonCfg.DesiredHtPhy.ShortGIfor20)&(pHtCapability->HtCapInfo.ShortGIfor20));
1617 pAd->MacTab.fAnyStation20Only = TRUE;
1618 }
1619
1620 // 3*3
1621 if (pAd->MACVersion >= RALINK_2883_VERSION && pAd->MACVersion < RALINK_3070_VERSION)
1622 pEntry->MaxHTPhyMode.field.TxBF = pAd->CommonCfg.RegTransmitSetting.field.TxBF;
1623
1624 // find max fixed rate
1625 for (i=23; i>=0; i--) // 3*3
1626 {
1627 j = i/8;
1628 bitmask = (1<<(i-(j*8)));
1629 if ((pAd->StaCfg.DesiredHtPhyInfo.MCSSet[j] & bitmask) && (pHtCapability->MCSSet[j] & bitmask))
1630 {
1631 pEntry->MaxHTPhyMode.field.MCS = i;
1632 break;
1633 }
1634 if (i==0)
1635 break;
1636 }
1637
1638
1639 if (pAd->StaCfg.DesiredTransmitSetting.field.MCS != MCS_AUTO)
1640 {
1641 if (pAd->StaCfg.DesiredTransmitSetting.field.MCS == 32)
1642 {
1643 // Fix MCS as HT Duplicated Mode
1644 pEntry->MaxHTPhyMode.field.BW = 1;
1645 pEntry->MaxHTPhyMode.field.MODE = MODE_HTMIX;
1646 pEntry->MaxHTPhyMode.field.STBC = 0;
1647 pEntry->MaxHTPhyMode.field.ShortGI = 0;
1648 pEntry->MaxHTPhyMode.field.MCS = 32;
1649 }
1650 else if (pEntry->MaxHTPhyMode.field.MCS > pAd->StaCfg.HTPhyMode.field.MCS)
1651 {
1652 // STA supports fixed MCS
1653 pEntry->MaxHTPhyMode.field.MCS = pAd->StaCfg.HTPhyMode.field.MCS;
1654 }
1655 }
1656
1657 pEntry->MaxHTPhyMode.field.STBC = (pHtCapability->HtCapInfo.RxSTBC & (pAd->CommonCfg.DesiredHtPhy.TxSTBC));
1658 pEntry->MpduDensity = pHtCapability->HtCapParm.MpduDensity;
1659 pEntry->MaxRAmpduFactor = pHtCapability->HtCapParm.MaxRAmpduFactor;
1660 pEntry->MmpsMode = (UCHAR)pHtCapability->HtCapInfo.MimoPs;
1661 pEntry->AMsduSize = (UCHAR)pHtCapability->HtCapInfo.AMsduSize;
1662 pEntry->HTPhyMode.word = pEntry->MaxHTPhyMode.word;
1663
1664 if (pAd->CommonCfg.DesiredHtPhy.AmsduEnable && (pAd->CommonCfg.REGBACapability.field.AutoBA == FALSE))
1665 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_AMSDU_INUSED);
1666 if (pHtCapability->HtCapInfo.ShortGIfor20)
1667 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_SGI20_CAPABLE);
1668 if (pHtCapability->HtCapInfo.ShortGIfor40)
1669 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_SGI40_CAPABLE);
1670 if (pHtCapability->HtCapInfo.TxSTBC)
1671 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_TxSTBC_CAPABLE);
1672 if (pHtCapability->HtCapInfo.RxSTBC)
1673 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_RxSTBC_CAPABLE);
1674 if (pHtCapability->ExtHtCapInfo.PlusHTC)
1675 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_HTC_CAPABLE);
1676 if (pAd->CommonCfg.bRdg && pHtCapability->ExtHtCapInfo.RDGSupport)
1677 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_RDG_CAPABLE);
1678 if (pHtCapability->ExtHtCapInfo.MCSFeedback == 0x03)
1679 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_MCSFEEDBACK_CAPABLE);
1680 }
1681 else
1682 {
1683 pAd->MacTab.fAnyStationIsLegacy = TRUE;
1684 }
1685
1686 NdisMoveMemory(&pEntry->HTCapability, pHtCapability, sizeof(HT_CAPABILITY_IE));
1687
1688 pEntry->HTPhyMode.word = pEntry->MaxHTPhyMode.word;
1689 pEntry->CurrTxRate = pEntry->MaxSupportedRate;
1690
1691 // Set asic auto fall back
1692 if (pAd->StaCfg.bAutoTxRateSwitch == TRUE)
1693 {
1694 PUCHAR pTable;
1695 UCHAR TableSize = 0;
1696
1697 MlmeSelectTxRateTable(pAd, pEntry, &pTable, &TableSize, &pEntry->CurrTxRateIndex);
1698 pEntry->bAutoTxRateSwitch = TRUE;
1699 }
1700 else
1701 {
1702 pEntry->HTPhyMode.field.MODE = pAd->StaCfg.HTPhyMode.field.MODE;
1703 pEntry->HTPhyMode.field.MCS = pAd->StaCfg.HTPhyMode.field.MCS;
1704 pEntry->bAutoTxRateSwitch = FALSE;
1705
1706 // If the legacy mode is set, overwrite the transmit setting of this entry.
1707 RTMPUpdateLegacyTxSetting((UCHAR)pAd->StaCfg.DesiredTransmitSetting.field.FixedTxMode, pEntry);
1708 }
1709
1710 pEntry->PortSecured = WPA_802_1X_PORT_SECURED;
1711 pEntry->Sst = SST_ASSOC;
1712 pEntry->AuthState = AS_AUTH_OPEN;
1713 pEntry->AuthMode = pAd->StaCfg.AuthMode;
1714 pEntry->WepStatus = pAd->StaCfg.WepStatus;
1715
1716 NdisReleaseSpinLock(&pAd->MacTabLock);
1717
1718 {
1719 union iwreq_data wrqu;
1720 wext_notify_event_assoc(pAd);
1721
1722 memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN);
1723 memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN);
1724 wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL);
1725
1726 }
1727 return TRUE;
1728 }
1729 #endif /* RT2870 */
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree