2 * Copyright (c) 1996, 2003 VIA Networking Technologies, Inc.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 * Purpose: Handles the 802.11 management functions
29 * nsMgrObjectInitial - Initialize Management Objet data structure
30 * vMgrObjectReset - Reset Management Objet data structure
31 * vMgrAssocBeginSta - Start associate function
32 * vMgrReAssocBeginSta - Start reassociate function
33 * vMgrDisassocBeginSta - Start disassociate function
34 * s_vMgrRxAssocRequest - Handle Rcv associate_request
35 * s_vMgrRxAssocResponse - Handle Rcv associate_response
36 * vMrgAuthenBeginSta - Start authentication function
37 * vMgrDeAuthenDeginSta - Start deauthentication function
38 * s_vMgrRxAuthentication - Handle Rcv authentication
39 * s_vMgrRxAuthenSequence_1 - Handle Rcv authentication sequence 1
40 * s_vMgrRxAuthenSequence_2 - Handle Rcv authentication sequence 2
41 * s_vMgrRxAuthenSequence_3 - Handle Rcv authentication sequence 3
42 * s_vMgrRxAuthenSequence_4 - Handle Rcv authentication sequence 4
43 * s_vMgrRxDisassociation - Handle Rcv disassociation
44 * s_vMgrRxBeacon - Handle Rcv Beacon
45 * vMgrCreateOwnIBSS - Create ad_hoc IBSS or AP BSS
46 * vMgrJoinBSSBegin - Join BSS function
47 * s_vMgrSynchBSS - Synch & adopt BSS parameters
48 * s_MgrMakeBeacon - Create Baecon frame
49 * s_MgrMakeProbeResponse - Create Probe Response frame
50 * s_MgrMakeAssocRequest - Create Associate Request frame
51 * s_MgrMakeReAssocRequest - Create ReAssociate Request frame
52 * s_vMgrRxProbeResponse - Handle Rcv probe_response
53 * s_vMrgRxProbeRequest - Handle Rcv probe_request
54 * bMgrPrepareBeaconToSend - Prepare Beacon frame
55 * s_vMgrLogStatus - Log 802.11 Status
56 * vMgrRxManagePacket - Rcv management frame dispatch function
57 * s_vMgrFormatTIM- Assember TIM field of beacon
58 * vMgrTimerInit- Initial 1-sec and command call back funtions
84 /*--------------------- Static Definitions -------------------------*/
88 /*--------------------- Static Classes ----------------------------*/
90 /*--------------------- Static Variables --------------------------*/
91 static int msglevel =MSG_LEVEL_INFO;
92 //static int msglevel =MSG_LEVEL_DEBUG;
94 /*--------------------- Static Functions --------------------------*/
95 //2008-8-4 <add> by chester
96 static BOOL ChannelExceedZoneType(
101 // Association/diassociation functions
104 s_MgrMakeAssocRequest(
106 IN PSMgmtObject pMgmt,
108 IN WORD wCurrCapInfo,
109 IN WORD wListenInterval,
110 IN PWLAN_IE_SSID pCurrSSID,
111 IN PWLAN_IE_SUPP_RATES pCurrRates,
112 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
117 s_vMgrRxAssocRequest(
119 IN PSMgmtObject pMgmt,
120 IN PSRxMgmtPacket pRxPacket,
126 s_MgrMakeReAssocRequest(
128 IN PSMgmtObject pMgmt,
130 IN WORD wCurrCapInfo,
131 IN WORD wListenInterval,
132 IN PWLAN_IE_SSID pCurrSSID,
133 IN PWLAN_IE_SUPP_RATES pCurrRates,
134 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
139 s_vMgrRxAssocResponse(
141 IN PSMgmtObject pMgmt,
142 IN PSRxMgmtPacket pRxPacket,
148 s_vMgrRxDisassociation(
150 IN PSMgmtObject pMgmt,
151 IN PSRxMgmtPacket pRxPacket
154 // Authentication/deauthen functions
157 s_vMgrRxAuthenSequence_1(
159 IN PSMgmtObject pMgmt,
160 IN PWLAN_FR_AUTHEN pFrame
165 s_vMgrRxAuthenSequence_2(
167 IN PSMgmtObject pMgmt,
168 IN PWLAN_FR_AUTHEN pFrame
173 s_vMgrRxAuthenSequence_3(
175 IN PSMgmtObject pMgmt,
176 IN PWLAN_FR_AUTHEN pFrame
181 s_vMgrRxAuthenSequence_4(
183 IN PSMgmtObject pMgmt,
184 IN PWLAN_FR_AUTHEN pFrame
189 s_vMgrRxAuthentication(
191 IN PSMgmtObject pMgmt,
192 IN PSRxMgmtPacket pRxPacket
197 s_vMgrRxDeauthentication(
199 IN PSMgmtObject pMgmt,
200 IN PSRxMgmtPacket pRxPacket
204 // probe request/response functions
207 s_vMgrRxProbeRequest(
209 IN PSMgmtObject pMgmt,
210 IN PSRxMgmtPacket pRxPacket
215 s_vMgrRxProbeResponse(
217 IN PSMgmtObject pMgmt,
218 IN PSRxMgmtPacket pRxPacket
226 IN PSMgmtObject pMgmt,
227 IN PSRxMgmtPacket pRxPacket,
234 IN PSMgmtObject pMgmt,
242 IN PSMgmtObject pMgmt,
243 IN WORD wCurrCapInfo,
244 IN WORD wCurrBeaconPeriod,
245 IN UINT uCurrChannel,
246 IN WORD wCurrATIMWinodw,
247 IN PWLAN_IE_SSID pCurrSSID,
249 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
250 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
254 // Association response
257 s_MgrMakeAssocResponse(
259 IN PSMgmtObject pMgmt,
260 IN WORD wCurrCapInfo,
261 IN WORD wAssocStatus,
264 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
265 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
268 // ReAssociation response
271 s_MgrMakeReAssocResponse(
273 IN PSMgmtObject pMgmt,
274 IN WORD wCurrCapInfo,
275 IN WORD wAssocStatus,
278 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
279 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
285 s_MgrMakeProbeResponse(
287 IN PSMgmtObject pMgmt,
288 IN WORD wCurrCapInfo,
289 IN WORD wCurrBeaconPeriod,
290 IN UINT uCurrChannel,
291 IN WORD wCurrATIMWinodw,
293 IN PWLAN_IE_SSID pCurrSSID,
295 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
296 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
304 IN PSMgmtObject pMgmt,
315 OUT PCMD_STATUS pStatus
321 IN PKnownBSS pBSSNode,
322 IN NDIS_802_11_ENCRYPTION_STATUS EncStatus,
327 static VOID Encyption_Rebuild(
334 /*--------------------- Export Variables --------------------------*/
337 /*--------------------- Export Functions --------------------------*/
342 * Routine Description:
343 * Allocates and initializes the Management object.
352 IN HANDLE hDeviceContext
355 PSDevice pDevice = (PSDevice)hDeviceContext;
356 PSMgmtObject pMgmt = pDevice->pMgmt;
360 pMgmt->pbyPSPacketPool = &pMgmt->byPSPacketPool[0];
361 pMgmt->pbyMgmtPacketPool = &pMgmt->byMgmtPacketPool[0];
362 pMgmt->uCurrChannel = pDevice->uChannel;
363 for(ii=0;ii<WLAN_BSSID_LEN;ii++) {
364 pMgmt->abyDesireBSSID[ii] = 0xFF;
366 pMgmt->sAssocInfo.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
367 //memset(pMgmt->abyDesireSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN +1);
368 pMgmt->byCSSPK = KEY_CTL_NONE;
369 pMgmt->byCSSGK = KEY_CTL_NONE;
370 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
371 BSSvClearBSSList((HANDLE)pDevice, FALSE);
378 * Routine Description:
379 * Initializes timer object
388 IN HANDLE hDeviceContext
391 PSDevice pDevice = (PSDevice)hDeviceContext;
392 PSMgmtObject pMgmt = pDevice->pMgmt;
395 init_timer(&pMgmt->sTimerSecondCallback);
396 pMgmt->sTimerSecondCallback.data = (ULONG)pDevice;
397 pMgmt->sTimerSecondCallback.function = (TimerFunction)BSSvSecondCallBack;
398 pMgmt->sTimerSecondCallback.expires = RUN_AT(HZ);
400 init_timer(&pDevice->sTimerCommand);
401 pDevice->sTimerCommand.data = (ULONG)pDevice;
402 pDevice->sTimerCommand.function = (TimerFunction)vCommandTimer;
403 pDevice->sTimerCommand.expires = RUN_AT(HZ);
406 init_timer(&pDevice->sTimerTxData);
407 pDevice->sTimerTxData.data = (ULONG)pDevice;
408 pDevice->sTimerTxData.function = (TimerFunction)BSSvSecondTxData;
409 pDevice->sTimerTxData.expires = RUN_AT(10*HZ); //10s callback
410 pDevice->fTxDataInSleep = FALSE;
411 pDevice->IsTxDataTrigger = FALSE;
412 pDevice->nTxDataTimeCout = 0;
415 pDevice->cbFreeCmdQueue = CMD_Q_SIZE;
416 pDevice->uCmdDequeueIdx = 0;
417 pDevice->uCmdEnqueueIdx = 0;
426 * Routine Description:
427 * Reset the management object structure.
436 IN HANDLE hDeviceContext
439 PSDevice pDevice = (PSDevice)hDeviceContext;
440 PSMgmtObject pMgmt = pDevice->pMgmt;
442 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
443 pMgmt->eCurrState = WMAC_STATE_IDLE;
444 pDevice->bEnablePSMode = FALSE;
453 * Routine Description:
454 * Start the station association procedure. Namely, send an
455 * association request frame to the AP.
465 IN HANDLE hDeviceContext,
466 IN PSMgmtObject pMgmt,
467 OUT PCMD_STATUS pStatus
470 PSDevice pDevice = (PSDevice)hDeviceContext;
471 PSTxMgmtPacket pTxPacket;
474 pMgmt->wCurrCapInfo = 0;
475 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
476 if (pDevice->bEncryptionEnable) {
477 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
479 // always allow receive short preamble
480 //if (pDevice->byPreambleType == 1) {
481 // pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
483 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
484 if (pMgmt->wListenInterval == 0)
485 pMgmt->wListenInterval = 1; // at least one.
487 // ERP Phy (802.11g) should support short preamble.
488 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
489 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
490 if (CARDbIsShorSlotTime(pMgmt->pAdapter) == TRUE) {
491 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
493 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
494 if (CARDbIsShortPreamble(pMgmt->pAdapter) == TRUE) {
495 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
498 if (pMgmt->b11hEnable == TRUE)
499 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
501 /* build an assocreq frame and send it */
502 pTxPacket = s_MgrMakeAssocRequest
508 pMgmt->wListenInterval,
509 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
510 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
511 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
514 if (pTxPacket != NULL ){
516 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
517 if (*pStatus == CMD_STATUS_PENDING) {
518 pMgmt->eCurrState = WMAC_STATE_ASSOCPENDING;
519 *pStatus = CMD_STATUS_SUCCESS;
523 *pStatus = CMD_STATUS_RESOURCES;
531 * Routine Description:
532 * Start the station re-association procedure.
541 IN HANDLE hDeviceContext,
542 IN PSMgmtObject pMgmt,
543 OUT PCMD_STATUS pStatus
546 PSDevice pDevice = (PSDevice)hDeviceContext;
547 PSTxMgmtPacket pTxPacket;
551 pMgmt->wCurrCapInfo = 0;
552 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
553 if (pDevice->bEncryptionEnable) {
554 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
557 //if (pDevice->byPreambleType == 1) {
558 // pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
560 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
562 if (pMgmt->wListenInterval == 0)
563 pMgmt->wListenInterval = 1; // at least one.
566 // ERP Phy (802.11g) should support short preamble.
567 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
568 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
569 if (CARDbIsShorSlotTime(pMgmt->pAdapter) == TRUE) {
570 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTSLOTTIME(1);
572 } else if (pMgmt->eCurrentPHYMode == PHY_TYPE_11B) {
573 if (CARDbIsShortPreamble(pMgmt->pAdapter) == TRUE) {
574 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
577 if (pMgmt->b11hEnable == TRUE)
578 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
581 pTxPacket = s_MgrMakeReAssocRequest
587 pMgmt->wListenInterval,
588 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
589 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
590 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
593 if (pTxPacket != NULL ){
595 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
596 if (*pStatus != CMD_STATUS_PENDING) {
597 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx failed.\n");
600 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Reassociation tx sending.\n");
610 * Routine Description:
611 * Send an dis-association request frame to the AP.
619 vMgrDisassocBeginSta(
620 IN HANDLE hDeviceContext,
621 IN PSMgmtObject pMgmt,
622 IN PBYTE abyDestAddress,
624 OUT PCMD_STATUS pStatus
627 PSDevice pDevice = (PSDevice)hDeviceContext;
628 PSTxMgmtPacket pTxPacket = NULL;
629 WLAN_FR_DISASSOC sFrame;
631 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
632 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DISASSOC_FR_MAXLEN);
633 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
635 // Setup the sFrame structure
636 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
637 sFrame.len = WLAN_DISASSOC_FR_MAXLEN;
639 // format fixed field frame structure
640 vMgrEncodeDisassociation(&sFrame);
643 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
645 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
646 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DISASSOC)
649 memcpy( sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
650 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
651 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
654 *(sFrame.pwReason) = cpu_to_le16(wReason);
655 pTxPacket->cbMPDULen = sFrame.len;
656 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
659 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
660 if (*pStatus == CMD_STATUS_PENDING) {
661 pMgmt->eCurrState = WMAC_STATE_IDLE;
662 *pStatus = CMD_STATUS_SUCCESS;
672 * Routine Description:(AP function)
673 * Handle incoming station association request frames.
682 s_vMgrRxAssocRequest(
684 IN PSMgmtObject pMgmt,
685 IN PSRxMgmtPacket pRxPacket,
689 WLAN_FR_ASSOCREQ sFrame;
691 PSTxMgmtPacket pTxPacket;
692 WORD wAssocStatus = 0;
694 UINT uRateLen = WLAN_RATES_MAXLEN;
695 BYTE abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
696 BYTE abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
699 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
701 // node index not found
705 //check if node is authenticated
707 memset(&sFrame, 0, sizeof(WLAN_FR_ASSOCREQ));
708 memset(abyCurrSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
709 memset(abyCurrExtSuppRates, 0, WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
710 sFrame.len = pRxPacket->cbMPDULen;
711 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
713 vMgrDecodeAssocRequest(&sFrame);
715 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
716 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
717 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
718 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
719 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
720 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? TRUE : FALSE;
721 // Todo: check sta basic rate, if ap can't support, set status code
722 if (pDevice->eCurrentPHYType == PHY_TYPE_11B) {
723 uRateLen = WLAN_RATES_MAXLEN_11B;
725 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
726 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
727 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
729 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
730 if (pDevice->eCurrentPHYType == PHY_TYPE_11G) {
731 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
732 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
735 abyCurrExtSuppRates[1] = 0;
739 RATEvParseMaxRate((PVOID)pDevice,
740 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
741 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
742 FALSE, // do not change our basic rate
743 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
744 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
745 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
746 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
747 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
751 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
752 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
754 printk("RxAssocRequest:wTxDataRate is %d\n",pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate);
756 // Todo: check sta preamble, if ap can't support, set status code
757 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
758 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
759 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
760 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
761 pMgmt->sNodeDBTable[uNodeIndex].wAID = (WORD)uNodeIndex;
762 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
763 wAssocAID = (WORD)uNodeIndex;
764 // check if ERP support
765 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
766 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
768 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
770 pDevice->bProtectMode = TRUE;
771 pDevice->bNonERPPresent = TRUE;
773 if (pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble == FALSE) {
774 pDevice->bBarkerPreambleMd = TRUE;
777 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Associate AID= %d \n", wAssocAID);
778 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
779 sFrame.pHdr->sA3.abyAddr2[0],
780 sFrame.pHdr->sA3.abyAddr2[1],
781 sFrame.pHdr->sA3.abyAddr2[2],
782 sFrame.pHdr->sA3.abyAddr2[3],
783 sFrame.pHdr->sA3.abyAddr2[4],
784 sFrame.pHdr->sA3.abyAddr2[5]
786 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
787 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
788 }//else { TODO: received STA under state1 handle }
794 // assoc response reply..
795 pTxPacket = s_MgrMakeAssocResponse
802 sFrame.pHdr->sA3.abyAddr2,
803 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
804 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
806 if (pTxPacket != NULL ){
808 if (pDevice->bEnableHostapd) {
812 Status = csMgmt_xmit(pDevice, pTxPacket);
813 if (Status != CMD_STATUS_PENDING) {
814 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx failed\n");
817 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Assoc response tx sending..\n");
828 * Description:(AP function)
829 * Handle incoming station re-association request frames.
833 * pMgmt - Management Object structure
834 * pRxPacket - Received Packet
838 * Return Value: None.
844 s_vMgrRxReAssocRequest(
846 IN PSMgmtObject pMgmt,
847 IN PSRxMgmtPacket pRxPacket,
851 WLAN_FR_REASSOCREQ sFrame;
853 PSTxMgmtPacket pTxPacket;
854 WORD wAssocStatus = 0;
856 UINT uRateLen = WLAN_RATES_MAXLEN;
857 BYTE abyCurrSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
858 BYTE abyCurrExtSuppRates[WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1];
860 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP)
862 // node index not found
865 //check if node is authenticated
867 memset(&sFrame, 0, sizeof(WLAN_FR_REASSOCREQ));
868 sFrame.len = pRxPacket->cbMPDULen;
869 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
870 vMgrDecodeReassocRequest(&sFrame);
872 if (pMgmt->sNodeDBTable[uNodeIndex].eNodeState >= NODE_AUTH) {
873 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_ASSOC;
874 pMgmt->sNodeDBTable[uNodeIndex].wCapInfo = cpu_to_le16(*sFrame.pwCapInfo);
875 pMgmt->sNodeDBTable[uNodeIndex].wListenInterval = cpu_to_le16(*sFrame.pwListenInterval);
876 pMgmt->sNodeDBTable[uNodeIndex].bPSEnable =
877 WLAN_GET_FC_PWRMGT(sFrame.pHdr->sA3.wFrameCtl) ? TRUE : FALSE;
878 // Todo: check sta basic rate, if ap can't support, set status code
880 if (pDevice->eCurrentPHYType == PHY_TYPE_11B) {
881 uRateLen = WLAN_RATES_MAXLEN_11B;
884 abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
885 abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
886 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
888 abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
889 if (pDevice->eCurrentPHYType == PHY_TYPE_11G) {
890 abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pExtSuppRates,
891 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
894 abyCurrExtSuppRates[1] = 0;
898 RATEvParseMaxRate((PVOID)pDevice,
899 (PWLAN_IE_SUPP_RATES)abyCurrSuppRates,
900 (PWLAN_IE_SUPP_RATES)abyCurrExtSuppRates,
901 FALSE, // do not change our basic rate
902 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
903 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
904 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
905 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
906 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
910 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate =
911 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
913 printk("RxReAssocRequest:TxDataRate is %d\n",pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate);
915 // Todo: check sta preamble, if ap can't support, set status code
916 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble =
917 WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
918 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime =
919 WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
920 pMgmt->sNodeDBTable[uNodeIndex].wAID = (WORD)uNodeIndex;
921 wAssocStatus = WLAN_MGMT_STATUS_SUCCESS;
922 wAssocAID = (WORD)uNodeIndex;
925 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
926 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
928 if (pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate <= RATE_11M) {
930 pDevice->bProtectMode = TRUE;
931 pDevice->bNonERPPresent = TRUE;
933 if (pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble == FALSE) {
934 pDevice->bBarkerPreambleMd = TRUE;
937 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Rx ReAssociate AID= %d \n", wAssocAID);
938 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "MAC=%2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X \n",
939 sFrame.pHdr->sA3.abyAddr2[0],
940 sFrame.pHdr->sA3.abyAddr2[1],
941 sFrame.pHdr->sA3.abyAddr2[2],
942 sFrame.pHdr->sA3.abyAddr2[3],
943 sFrame.pHdr->sA3.abyAddr2[4],
944 sFrame.pHdr->sA3.abyAddr2[5]
946 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Max Support rate = %d \n",
947 pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate);
952 // assoc response reply..
953 pTxPacket = s_MgrMakeReAssocResponse
960 sFrame.pHdr->sA3.abyAddr2,
961 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
962 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
965 if (pTxPacket != NULL ){
967 if (pDevice->bEnableHostapd) {
970 Status = csMgmt_xmit(pDevice, pTxPacket);
971 if (Status != CMD_STATUS_PENDING) {
972 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx failed\n");
975 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:ReAssoc response tx sending..\n");
984 * Routine Description:
985 * Handle incoming association response frames.
994 s_vMgrRxAssocResponse(
996 IN PSMgmtObject pMgmt,
997 IN PSRxMgmtPacket pRxPacket,
1001 WLAN_FR_ASSOCRESP sFrame;
1002 PWLAN_IE_SSID pItemSSID;
1004 viawget_wpa_header *wpahdr;
1008 if (pMgmt->eCurrState == WMAC_STATE_ASSOCPENDING ||
1009 pMgmt->eCurrState == WMAC_STATE_ASSOC) {
1011 sFrame.len = pRxPacket->cbMPDULen;
1012 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1014 vMgrDecodeAssocResponse(&sFrame);
1015 if ((sFrame.pwCapInfo == 0) ||
1016 (sFrame.pwStatus == 0) ||
1017 (sFrame.pwAid == 0) ||
1018 (sFrame.pSuppRates == 0)){
1023 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.Capabilities = *(sFrame.pwCapInfo);
1024 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.StatusCode = *(sFrame.pwStatus);
1025 pMgmt->sAssocInfo.AssocInfo.ResponseFixedIEs.AssociationId = *(sFrame.pwAid);
1026 pMgmt->sAssocInfo.AssocInfo.AvailableResponseFixedIEs |= 0x07;
1028 pMgmt->sAssocInfo.AssocInfo.ResponseIELength = sFrame.len - 24 - 6;
1029 pMgmt->sAssocInfo.AssocInfo.OffsetResponseIEs = pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs + pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1030 pbyIEs = pMgmt->sAssocInfo.abyIEs;
1031 pbyIEs += pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1032 memcpy(pbyIEs, (sFrame.pBuf + 24 +6), pMgmt->sAssocInfo.AssocInfo.ResponseIELength);
1034 // save values and set current BSS state
1035 if (cpu_to_le16((*(sFrame.pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1037 pMgmt->wCurrAID = cpu_to_le16((*(sFrame.pwAid)));
1038 if ( (pMgmt->wCurrAID >> 14) != (BIT0 | BIT1) )
1040 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "AID from AP, has two msb clear.\n");
1042 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Association Successful, AID=%d.\n", pMgmt->wCurrAID & ~(BIT14|BIT15));
1043 pMgmt->eCurrState = WMAC_STATE_ASSOC;
1044 BSSvUpdateAPNode((HANDLE)pDevice, sFrame.pwCapInfo, sFrame.pSuppRates, sFrame.pExtSuppRates);
1045 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyCurrSSID;
1046 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "Link with AP(SSID): %s\n", pItemSSID->abySSID);
1047 pDevice->bLinkPass = TRUE;
1048 pDevice->uBBVGADiffCount = 0;
1049 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1050 if(skb_tailroom(pDevice->skb) <(sizeof(viawget_wpa_header)+pMgmt->sAssocInfo.AssocInfo.ResponseIELength+
1051 pMgmt->sAssocInfo.AssocInfo.RequestIELength)) { //data room not enough
1052 dev_kfree_skb(pDevice->skb);
1053 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1055 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1056 wpahdr->type = VIAWGET_ASSOC_MSG;
1057 wpahdr->resp_ie_len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
1058 wpahdr->req_ie_len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1059 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header), pMgmt->sAssocInfo.abyIEs, wpahdr->req_ie_len);
1060 memcpy(pDevice->skb->data + sizeof(viawget_wpa_header) + wpahdr->req_ie_len,
1064 skb_put(pDevice->skb, sizeof(viawget_wpa_header) + wpahdr->resp_ie_len + wpahdr->req_ie_len);
1065 pDevice->skb->dev = pDevice->wpadev;
1066 skb_reset_mac_header(pDevice->skb);
1067 pDevice->skb->pkt_type = PACKET_HOST;
1068 pDevice->skb->protocol = htons(ETH_P_802_2);
1069 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1070 netif_rx(pDevice->skb);
1071 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1074 //2008-0409-07, <Add> by Einsn Liu
1075 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1076 //if(pDevice->bWPADevEnable == TRUE)
1080 union iwreq_data wrqu;
1083 memset(buf, 0, 512);
1085 len = pMgmt->sAssocInfo.AssocInfo.RequestIELength;
1087 memcpy(buf, pMgmt->sAssocInfo.abyIEs, len);
1088 memset(&wrqu, 0, sizeof (wrqu));
1089 wrqu.data.length = len;
1090 we_event = IWEVASSOCREQIE;
1091 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1094 memset(buf, 0, 512);
1095 len = pMgmt->sAssocInfo.AssocInfo.ResponseIELength;
1098 memcpy(buf, pbyIEs, len);
1099 memset(&wrqu, 0, sizeof (wrqu));
1100 wrqu.data.length = len;
1101 we_event = IWEVASSOCRESPIE;
1102 wireless_send_event(pDevice->dev, we_event, &wrqu, buf);
1106 memset(&wrqu, 0, sizeof (wrqu));
1107 memcpy(wrqu.ap_addr.sa_data, &pMgmt->abyCurrBSSID[0], ETH_ALEN);
1108 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1109 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1111 #endif //#ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1112 //End Add -- //2008-0409-07, <Add> by Einsn Liu
1116 pMgmt->eCurrState = WMAC_STATE_IDLE;
1119 // jump back to the auth state and indicate the error
1120 pMgmt->eCurrState = WMAC_STATE_AUTH;
1122 s_vMgrLogStatus(pMgmt,cpu_to_le16((*(sFrame.pwStatus))));
1127 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1128 //need clear flags related to Networkmanager
1130 pDevice->bwextcount = 0;
1131 pDevice->bWPASuppWextEnabled = FALSE;
1135 if(pMgmt->eCurrState == WMAC_STATE_ASSOC)
1136 timer_expire(pDevice->sTimerCommand, 0);
1144 * Routine Description:
1145 * Start the station authentication procedure. Namely, send an
1146 * authentication frame to the AP.
1155 IN HANDLE hDeviceContext,
1156 IN PSMgmtObject pMgmt,
1157 OUT PCMD_STATUS pStatus
1160 PSDevice pDevice = (PSDevice)hDeviceContext;
1161 WLAN_FR_AUTHEN sFrame;
1162 PSTxMgmtPacket pTxPacket = NULL;
1164 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1165 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1166 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1167 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1168 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1169 vMgrEncodeAuthen(&sFrame);
1171 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1173 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1174 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)
1176 memcpy( sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_ADDR_LEN);
1177 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1178 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1179 if (pMgmt->bShareKeyAlgorithm)
1180 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_SHAREDKEY);
1182 *(sFrame.pwAuthAlgorithm) = cpu_to_le16(WLAN_AUTH_ALG_OPENSYSTEM);
1184 *(sFrame.pwAuthSequence) = cpu_to_le16(1);
1185 /* Adjust the length fields */
1186 pTxPacket->cbMPDULen = sFrame.len;
1187 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1189 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1190 if (*pStatus == CMD_STATUS_PENDING){
1191 pMgmt->eCurrState = WMAC_STATE_AUTHPENDING;
1192 *pStatus = CMD_STATUS_SUCCESS;
1202 * Routine Description:
1203 * Start the station(AP) deauthentication procedure. Namely, send an
1204 * deauthentication frame to the AP or Sta.
1212 vMgrDeAuthenBeginSta(
1213 IN HANDLE hDeviceContext,
1214 IN PSMgmtObject pMgmt,
1215 IN PBYTE abyDestAddress,
1217 OUT PCMD_STATUS pStatus
1220 PSDevice pDevice = (PSDevice)hDeviceContext;
1221 WLAN_FR_DEAUTHEN sFrame;
1222 PSTxMgmtPacket pTxPacket = NULL;
1225 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1226 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_DEAUTHEN_FR_MAXLEN);
1227 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1228 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1229 sFrame.len = WLAN_DEAUTHEN_FR_MAXLEN;
1230 vMgrEncodeDeauthen(&sFrame);
1232 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1234 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1235 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_DEAUTHEN)
1238 memcpy( sFrame.pHdr->sA3.abyAddr1, abyDestAddress, WLAN_ADDR_LEN);
1239 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1240 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1242 *(sFrame.pwReason) = cpu_to_le16(wReason); // deauthen. bcs left BSS
1243 /* Adjust the length fields */
1244 pTxPacket->cbMPDULen = sFrame.len;
1245 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1247 *pStatus = csMgmt_xmit(pDevice, pTxPacket);
1248 if (*pStatus == CMD_STATUS_PENDING){
1249 *pStatus = CMD_STATUS_SUCCESS;
1259 * Routine Description:
1260 * Handle incoming authentication frames.
1269 s_vMgrRxAuthentication(
1270 IN PSDevice pDevice,
1271 IN PSMgmtObject pMgmt,
1272 IN PSRxMgmtPacket pRxPacket
1275 WLAN_FR_AUTHEN sFrame;
1277 // we better be an AP or a STA in AUTHPENDING otherwise ignore
1278 if (!(pMgmt->eCurrMode == WMAC_MODE_ESS_AP ||
1279 pMgmt->eCurrState == WMAC_STATE_AUTHPENDING)) {
1284 sFrame.len = pRxPacket->cbMPDULen;
1285 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1286 vMgrDecodeAuthen(&sFrame);
1287 switch (cpu_to_le16((*(sFrame.pwAuthSequence )))){
1290 s_vMgrRxAuthenSequence_1(pDevice,pMgmt, &sFrame);
1293 s_vMgrRxAuthenSequence_2(pDevice, pMgmt, &sFrame);
1297 s_vMgrRxAuthenSequence_3(pDevice, pMgmt, &sFrame);
1300 s_vMgrRxAuthenSequence_4(pDevice, pMgmt, &sFrame);
1303 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Auth Sequence error, seq = %d\n",
1304 cpu_to_le16((*(sFrame.pwAuthSequence))));
1314 * Routine Description:
1315 * Handles incoming authen frames with sequence 1. Currently
1316 * assumes we're an AP. So far, no one appears to use authentication
1327 s_vMgrRxAuthenSequence_1(
1328 IN PSDevice pDevice,
1329 IN PSMgmtObject pMgmt,
1330 IN PWLAN_FR_AUTHEN pFrame
1333 PSTxMgmtPacket pTxPacket = NULL;
1335 WLAN_FR_AUTHEN sFrame;
1336 PSKeyItem pTransmitKey;
1338 // Insert a Node entry
1339 if (!BSSDBbIsSTAInNodeDB(pMgmt, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1340 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
1341 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, pFrame->pHdr->sA3.abyAddr2,
1345 if (pMgmt->bShareKeyAlgorithm) {
1346 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_KNOWN;
1347 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 1;
1350 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1354 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1355 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1356 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1357 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1358 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1359 // format buffer structure
1360 vMgrEncodeAuthen(&sFrame);
1362 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1364 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1365 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1366 WLAN_SET_FC_ISWEP(0)
1368 memcpy( sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1369 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1370 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1371 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1372 *(sFrame.pwAuthSequence) = cpu_to_le16(2);
1374 if (cpu_to_le16(*(pFrame->pwAuthAlgorithm)) == WLAN_AUTH_ALG_SHAREDKEY) {
1375 if (pMgmt->bShareKeyAlgorithm)
1376 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1378 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1381 if (pMgmt->bShareKeyAlgorithm)
1382 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG);
1384 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1387 if (pMgmt->bShareKeyAlgorithm &&
1388 (cpu_to_le16(*(sFrame.pwStatus)) == WLAN_MGMT_STATUS_SUCCESS)) {
1390 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1391 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1392 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1393 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1394 memset(pMgmt->abyChallenge, 0, WLAN_CHALLENGE_LEN);
1396 if(KeybGetTransmitKey(&(pDevice->sKey), pDevice->abyBroadcastAddr, GROUP_KEY, &pTransmitKey) == TRUE) {
1397 rc4_init(&pDevice->SBox, pDevice->abyPRNG, pTransmitKey->uKeyLength+3);
1398 rc4_encrypt(&pDevice->SBox, pMgmt->abyChallenge, pMgmt->abyChallenge, WLAN_CHALLENGE_LEN);
1400 memcpy(sFrame.pChallenge->abyChallenge, pMgmt->abyChallenge , WLAN_CHALLENGE_LEN);
1403 /* Adjust the length fields */
1404 pTxPacket->cbMPDULen = sFrame.len;
1405 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1407 if (pDevice->bEnableHostapd) {
1410 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx.. \n");
1411 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1412 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_1 tx failed.\n");
1421 * Routine Description:
1422 * Handles incoming auth frames with sequence number 2. Currently
1423 * assumes we're a station.
1433 s_vMgrRxAuthenSequence_2(
1434 IN PSDevice pDevice,
1435 IN PSMgmtObject pMgmt,
1436 IN PWLAN_FR_AUTHEN pFrame
1439 WLAN_FR_AUTHEN sFrame;
1440 PSTxMgmtPacket pTxPacket = NULL;
1443 switch (cpu_to_le16((*(pFrame->pwAuthAlgorithm))))
1445 case WLAN_AUTH_ALG_OPENSYSTEM:
1446 if ( cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1447 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Successful.\n");
1448 pMgmt->eCurrState = WMAC_STATE_AUTH;
1449 timer_expire(pDevice->sTimerCommand, 0);
1452 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (OPEN) Failed.\n");
1453 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1454 pMgmt->eCurrState = WMAC_STATE_IDLE;
1456 if (pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1457 // spin_unlock_irq(&pDevice->lock);
1458 // vCommandTimerWait((HANDLE)pDevice, 0);
1459 // spin_lock_irq(&pDevice->lock);
1464 case WLAN_AUTH_ALG_SHAREDKEY:
1466 if (cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS) {
1467 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1468 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1469 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1470 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1471 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1472 // format buffer structure
1473 vMgrEncodeAuthen(&sFrame);
1475 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1477 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1478 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1479 WLAN_SET_FC_ISWEP(1)
1481 memcpy( sFrame.pHdr->sA3.abyAddr1, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1482 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1483 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1484 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1485 *(sFrame.pwAuthSequence) = cpu_to_le16(3);
1486 *(sFrame.pwStatus) = cpu_to_le16(WLAN_MGMT_STATUS_SUCCESS);
1487 sFrame.pChallenge = (PWLAN_IE_CHALLENGE)(sFrame.pBuf + sFrame.len);
1488 sFrame.len += WLAN_CHALLENGE_IE_LEN;
1489 sFrame.pChallenge->byElementID = WLAN_EID_CHALLENGE;
1490 sFrame.pChallenge->len = WLAN_CHALLENGE_LEN;
1491 memcpy( sFrame.pChallenge->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN);
1492 // Adjust the length fields
1493 pTxPacket->cbMPDULen = sFrame.len;
1494 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1496 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1497 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx failed.\n");
1499 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Auth_reply sequence_2 tx ...\n");
1502 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:rx Auth_reply sequence_2 status error ...\n");
1503 if ( pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1504 // spin_unlock_irq(&pDevice->lock);
1505 // vCommandTimerWait((HANDLE)pDevice, 0);
1506 // spin_lock_irq(&pDevice->lock);
1508 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))));
1512 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt: rx auth.seq = 2 unknown AuthAlgorithm=%d\n", cpu_to_le16((*(pFrame->pwAuthAlgorithm))));
1522 * Routine Description:
1523 * Handles incoming authen frames with sequence 3. Currently
1524 * assumes we're an AP. This function assumes the frame has
1525 * already been successfully decrypted.
1535 s_vMgrRxAuthenSequence_3(
1536 IN PSDevice pDevice,
1537 IN PSMgmtObject pMgmt,
1538 IN PWLAN_FR_AUTHEN pFrame
1541 PSTxMgmtPacket pTxPacket = NULL;
1542 UINT uStatusCode = 0 ;
1543 UINT uNodeIndex = 0;
1544 WLAN_FR_AUTHEN sFrame;
1546 if (!WLAN_GET_FC_ISWEP(pFrame->pHdr->sA3.wFrameCtl)) {
1547 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1550 if (BSSDBbIsSTAInNodeDB(pMgmt, pFrame->pHdr->sA3.abyAddr2, &uNodeIndex)) {
1551 if (pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence != 1) {
1552 uStatusCode = WLAN_MGMT_STATUS_RX_AUTH_NOSEQ;
1555 if (memcmp(pMgmt->abyChallenge, pFrame->pChallenge->abyChallenge, WLAN_CHALLENGE_LEN) != 0) {
1556 uStatusCode = WLAN_MGMT_STATUS_CHALLENGE_FAIL;
1561 uStatusCode = WLAN_MGMT_STATUS_UNSPEC_FAILURE;
1566 pMgmt->sNodeDBTable[uNodeIndex].eNodeState = NODE_AUTH;
1567 pMgmt->sNodeDBTable[uNodeIndex].byAuthSequence = 0;
1569 uStatusCode = WLAN_MGMT_STATUS_SUCCESS;
1570 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Challenge text check ok..\n");
1574 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
1575 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_AUTHEN_FR_MAXLEN);
1576 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
1577 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
1578 sFrame.len = WLAN_AUTHEN_FR_MAXLEN;
1579 // format buffer structure
1580 vMgrEncodeAuthen(&sFrame);
1582 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
1584 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
1585 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_AUTHEN)|
1586 WLAN_SET_FC_ISWEP(0)
1588 memcpy( sFrame.pHdr->sA3.abyAddr1, pFrame->pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
1589 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
1590 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
1591 *(sFrame.pwAuthAlgorithm) = *(pFrame->pwAuthAlgorithm);
1592 *(sFrame.pwAuthSequence) = cpu_to_le16(4);
1593 *(sFrame.pwStatus) = cpu_to_le16(uStatusCode);
1595 /* Adjust the length fields */
1596 pTxPacket->cbMPDULen = sFrame.len;
1597 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
1599 if (pDevice->bEnableHostapd) {
1602 if (csMgmt_xmit(pDevice, pTxPacket) != CMD_STATUS_PENDING) {
1603 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Authreq_reply sequence_4 tx failed.\n");
1613 * Routine Description:
1614 * Handles incoming authen frames with sequence 4
1623 s_vMgrRxAuthenSequence_4(
1624 IN PSDevice pDevice,
1625 IN PSMgmtObject pMgmt,
1626 IN PWLAN_FR_AUTHEN pFrame
1630 if ( cpu_to_le16((*(pFrame->pwStatus))) == WLAN_MGMT_STATUS_SUCCESS ){
1631 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Successful.\n");
1632 pMgmt->eCurrState = WMAC_STATE_AUTH;
1633 timer_expire(pDevice->sTimerCommand, 0);
1636 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO "802.11 Authen (SHAREDKEY) Failed.\n");
1637 s_vMgrLogStatus(pMgmt, cpu_to_le16((*(pFrame->pwStatus))) );
1638 pMgmt->eCurrState = WMAC_STATE_IDLE;
1641 if ( pDevice->eCommandState == WLAN_AUTHENTICATE_WAIT ) {
1642 // spin_unlock_irq(&pDevice->lock);
1643 // vCommandTimerWait((HANDLE)pDevice, 0);
1644 // spin_lock_irq(&pDevice->lock);
1651 * Routine Description:
1652 * Handles incoming disassociation frames
1662 s_vMgrRxDisassociation(
1663 IN PSDevice pDevice,
1664 IN PSMgmtObject pMgmt,
1665 IN PSRxMgmtPacket pRxPacket
1668 WLAN_FR_DISASSOC sFrame;
1669 UINT uNodeIndex = 0;
1670 // CMD_STATUS CmdStatus;
1671 viawget_wpa_header *wpahdr;
1673 if ( pMgmt->eCurrMode == WMAC_MODE_ESS_AP ){
1674 // if is acting an AP..
1675 // a STA is leaving this BSS..
1676 sFrame.len = pRxPacket->cbMPDULen;
1677 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1678 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex)) {
1679 BSSvRemoveOneNode(pDevice, uNodeIndex);
1682 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx disassoc, sta not found\n");
1685 else if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA ){
1686 sFrame.len = pRxPacket->cbMPDULen;
1687 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1688 vMgrDecodeDisassociation(&sFrame);
1689 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP disassociated me, reason=%d.\n", cpu_to_le16(*(sFrame.pwReason)));
1690 //TODO: do something let upper layer know or
1691 //try to send associate packet again because of inactivity timeout
1692 // if (pMgmt->eCurrState == WMAC_STATE_ASSOC) {
1693 // vMgrReAssocBeginSta((PSDevice)pDevice, pMgmt, &CmdStatus);
1695 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1696 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1697 wpahdr->type = VIAWGET_DISASSOC_MSG;
1698 wpahdr->resp_ie_len = 0;
1699 wpahdr->req_ie_len = 0;
1700 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1701 pDevice->skb->dev = pDevice->wpadev;
1702 skb_reset_mac_header(pDevice->skb);
1704 pDevice->skb->pkt_type = PACKET_HOST;
1705 pDevice->skb->protocol = htons(ETH_P_802_2);
1706 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1707 netif_rx(pDevice->skb);
1708 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1711 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1712 // if(pDevice->bWPASuppWextEnabled == TRUE)
1714 union iwreq_data wrqu;
1715 memset(&wrqu, 0, sizeof (wrqu));
1716 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1717 printk("wireless_send_event--->SIOCGIWAP(disassociated)\n");
1718 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1722 /* else, ignore it */
1730 * Routine Description:
1731 * Handles incoming deauthentication frames
1741 s_vMgrRxDeauthentication(
1742 IN PSDevice pDevice,
1743 IN PSMgmtObject pMgmt,
1744 IN PSRxMgmtPacket pRxPacket
1747 WLAN_FR_DEAUTHEN sFrame;
1748 UINT uNodeIndex = 0;
1749 viawget_wpa_header *wpahdr;
1752 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP ){
1754 // if is acting an AP..
1755 // a STA is leaving this BSS..
1756 sFrame.len = pRxPacket->cbMPDULen;
1757 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1758 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex)) {
1759 BSSvRemoveOneNode(pDevice, uNodeIndex);
1762 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Rx deauth, sta not found\n");
1766 if (pMgmt->eCurrMode == WMAC_MODE_ESS_STA ) {
1767 sFrame.len = pRxPacket->cbMPDULen;
1768 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1769 vMgrDecodeDeauthen(&sFrame);
1770 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP deauthed me, reason=%d.\n", cpu_to_le16((*(sFrame.pwReason))));
1771 // TODO: update BSS list for specific BSSID if pre-authentication case
1772 if (IS_ETH_ADDRESS_EQUAL(sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID)) {
1773 if (pMgmt->eCurrState >= WMAC_STATE_AUTHPENDING) {
1774 pMgmt->sNodeDBTable[0].bActive = FALSE;
1775 pMgmt->eCurrMode = WMAC_MODE_STANDBY;
1776 pMgmt->eCurrState = WMAC_STATE_IDLE;
1777 netif_stop_queue(pDevice->dev);
1778 pDevice->bLinkPass = FALSE;
1782 if ((pDevice->bWPADEVUp) && (pDevice->skb != NULL)) {
1783 wpahdr = (viawget_wpa_header *)pDevice->skb->data;
1784 wpahdr->type = VIAWGET_DISASSOC_MSG;
1785 wpahdr->resp_ie_len = 0;
1786 wpahdr->req_ie_len = 0;
1787 skb_put(pDevice->skb, sizeof(viawget_wpa_header));
1788 pDevice->skb->dev = pDevice->wpadev;
1789 skb_reset_mac_header(pDevice->skb);
1790 pDevice->skb->pkt_type = PACKET_HOST;
1791 pDevice->skb->protocol = htons(ETH_P_802_2);
1792 memset(pDevice->skb->cb, 0, sizeof(pDevice->skb->cb));
1793 netif_rx(pDevice->skb);
1794 pDevice->skb = dev_alloc_skb((int)pDevice->rx_buf_sz);
1797 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
1798 // if(pDevice->bWPASuppWextEnabled == TRUE)
1800 union iwreq_data wrqu;
1801 memset(&wrqu, 0, sizeof (wrqu));
1802 wrqu.ap_addr.sa_family = ARPHRD_ETHER;
1803 PRINT_K("wireless_send_event--->SIOCGIWAP(disauthen)\n");
1804 wireless_send_event(pDevice->dev, SIOCGIWAP, &wrqu, NULL);
1809 /* else, ignore it. TODO: IBSS authentication service
1810 would be implemented here */
1816 //2008-8-4 <add> by chester
1819 * Routine Description:
1820 * check if current channel is match ZoneType.
1829 ChannelExceedZoneType(
1830 IN PSDevice pDevice,
1831 IN BYTE byCurrChannel
1836 switch(pDevice->byZoneType) {
1837 case 0x00: //USA:1~11
1838 if((byCurrChannel<1) ||(byCurrChannel>11))
1841 case 0x01: //Japan:1~13
1842 case 0x02: //Europe:1~13
1843 if((byCurrChannel<1) ||(byCurrChannel>13))
1846 default: //reserve for other zonetype
1856 * Routine Description:
1857 * Handles and analysis incoming beacon frames.
1868 IN PSDevice pDevice,
1869 IN PSMgmtObject pMgmt,
1870 IN PSRxMgmtPacket pRxPacket,
1876 WLAN_FR_BEACON sFrame;
1878 BOOL bIsBSSIDEqual = FALSE;
1879 BOOL bIsSSIDEqual = FALSE;
1880 BOOL bTSFLargeDiff = FALSE;
1881 BOOL bTSFOffsetPostive = FALSE;
1882 BOOL bUpdateTSF = FALSE;
1883 BOOL bIsAPBeacon = FALSE;
1884 BOOL bIsChannelEqual = FALSE;
1885 UINT uLocateByteIndex;
1886 BYTE byTIMBitOn = 0;
1887 WORD wAIDNumber = 0;
1889 QWORD qwTimestamp, qwLocalTSF;
1891 WORD wStartIndex = 0;
1893 BYTE byCurrChannel = pRxPacket->byRxChannel;
1895 UINT uRateLen = WLAN_RATES_MAXLEN;
1896 BOOL bChannelHit = FALSE;
1897 BOOL bUpdatePhyParameter = FALSE;
1898 BYTE byIEChannel = 0;
1901 memset(&sFrame, 0, sizeof(WLAN_FR_BEACON));
1902 sFrame.len = pRxPacket->cbMPDULen;
1903 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
1905 // decode the beacon frame
1906 vMgrDecodeBeacon(&sFrame);
1908 if ((sFrame.pwBeaconInterval == 0) ||
1909 (sFrame.pwCapInfo == 0) ||
1910 (sFrame.pSSID == 0) ||
1911 (sFrame.pSuppRates == 0) ) {
1912 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx beacon frame error\n");
1917 if (sFrame.pDSParms != NULL) {
1918 if (byCurrChannel > CB_MAX_CHANNEL_24G) {
1919 // channel remapping to
1920 byIEChannel = CARDbyGetChannelMapping(pDevice, sFrame.pDSParms->byCurrChannel, PHY_TYPE_11A);
1922 byIEChannel = sFrame.pDSParms->byCurrChannel;
1924 if (byCurrChannel != byIEChannel) {
1925 // adjust channel info. bcs we rcv adjcent channel pakckets
1926 bChannelHit = FALSE;
1927 byCurrChannel = byIEChannel;
1930 // no DS channel info
1933 //2008-0730-01<Add>by MikeLiu
1934 if(ChannelExceedZoneType(pDevice,byCurrChannel)==TRUE)
1937 if (sFrame.pERP != NULL) {
1938 sERP.byERP = sFrame.pERP->byContext;
1939 sERP.bERPExist = TRUE;
1942 sERP.bERPExist = FALSE;
1946 pBSSList = BSSpAddrIsInBSSList((HANDLE)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
1947 if (pBSSList == NULL) {
1948 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Beacon/insert: RxChannel = : %d\n", byCurrChannel);
1949 BSSbInsertToBSSList((HANDLE)pDevice,
1950 sFrame.pHdr->sA3.abyAddr3,
1951 *sFrame.pqwTimestamp,
1952 *sFrame.pwBeaconInterval,
1957 sFrame.pExtSuppRates,
1963 sFrame.len - WLAN_HDR_ADDR3_LEN,
1964 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
1969 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"update bcn: RxChannel = : %d\n", byCurrChannel);
1970 BSSbUpdateToBSSList((HANDLE)pDevice,
1971 *sFrame.pqwTimestamp,
1972 *sFrame.pwBeaconInterval,
1978 sFrame.pExtSuppRates,
1985 sFrame.len - WLAN_HDR_ADDR3_LEN,
1986 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
1996 if(byCurrChannel == (BYTE)pMgmt->uCurrChannel)
1997 bIsChannelEqual = TRUE;
1999 if (bIsChannelEqual && (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)) {
2001 // if rx beacon without ERP field
2002 if (sERP.bERPExist) {
2003 if (WLAN_GET_ERP_USE_PROTECTION(sERP.byERP)){
2004 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
2005 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
2009 pDevice->byERPFlag |= WLAN_SET_ERP_USE_PROTECTION(1);
2010 pDevice->wUseProtectCntDown = USE_PROTECT_PERIOD;
2013 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2014 if(!WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo))
2015 pDevice->byERPFlag |= WLAN_SET_ERP_BARKER_MODE(1);
2017 pDevice->byERPFlag |= WLAN_SET_ERP_NONERP_PRESENT(1);
2021 if (WLAN_GET_ERP_USE_PROTECTION(pDevice->byERPFlag)){
2022 if (!pDevice->bProtectMode) {
2023 MACvEnableProtectMD(pDevice->PortOffset);
2024 pDevice->bProtectMode = TRUE;
2030 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP)
2033 // check if BSSID the same
2034 if (memcmp(sFrame.pHdr->sA3.abyAddr3,
2035 pMgmt->abyCurrBSSID,
2036 WLAN_BSSID_LEN) == 0) {
2038 bIsBSSIDEqual = TRUE;
2040 // 2008-05-21 <add> by Richardtai
2041 pDevice->uCurrRSSI = pRxPacket->uRSSI;
2042 pDevice->byCurrSQ = pRxPacket->bySQ;
2044 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0) {
2045 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2046 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"BCN:Wake Count= [%d]\n", pMgmt->wCountToWakeUp);
2049 // check if SSID the same
2050 if (sFrame.pSSID->len == ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) {
2051 if (memcmp(sFrame.pSSID->abySSID,
2052 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
2055 bIsSSIDEqual = TRUE;
2059 if ((WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)== TRUE) &&
2060 (bIsBSSIDEqual == TRUE) &&
2061 (bIsSSIDEqual == TRUE) &&
2062 (pMgmt->eCurrMode == WMAC_MODE_ESS_STA) &&
2063 (pMgmt->eCurrState == WMAC_STATE_ASSOC)) {
2064 // add state check to prevent reconnect fail since we'll receive Beacon
2068 if (pBSSList != NULL) {
2070 // Compare PHY paramater setting
2071 if (pMgmt->wCurrCapInfo != pBSSList->wCapInfo) {
2072 bUpdatePhyParameter = TRUE;
2073 pMgmt->wCurrCapInfo = pBSSList->wCapInfo;
2075 if (sFrame.pERP != NULL) {
2076 if ((sFrame.pERP->byElementID == WLAN_EID_ERP) &&
2077 (pMgmt->byERPContext != sFrame.pERP->byContext)) {
2078 bUpdatePhyParameter = TRUE;
2079 pMgmt->byERPContext = sFrame.pERP->byContext;
2083 // Basic Rate Set may change dynamiclly
2085 if (pBSSList->eNetworkTypeInUse == PHY_TYPE_11B) {
2086 uRateLen = WLAN_RATES_MAXLEN_11B;
2088 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abySuppRates,
2089 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2091 pMgmt->abyCurrExtSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pBSSList->abyExtSuppRates,
2092 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
2094 RATEvParseMaxRate( (PVOID)pDevice,
2095 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2096 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
2098 &(pMgmt->sNodeDBTable[0].wMaxBasicRate),
2099 &(pMgmt->sNodeDBTable[0].wMaxSuppRate),
2100 &(pMgmt->sNodeDBTable[0].wSuppRate),
2101 &(pMgmt->sNodeDBTable[0].byTopCCKBasicRate),
2102 &(pMgmt->sNodeDBTable[0].byTopOFDMBasicRate)
2105 //printk("RxBeacon:MaxSuppRate is %d\n",pMgmt->sNodeDBTable[0].wMaxSuppRate);
2107 if (bUpdatePhyParameter == TRUE) {
2108 CARDbSetPhyParameter( pMgmt->pAdapter,
2109 pMgmt->eCurrentPHYMode,
2110 pMgmt->wCurrCapInfo,
2111 pMgmt->byERPContext,
2112 pMgmt->abyCurrSuppRates,
2113 pMgmt->abyCurrExtSuppRates
2116 if (sFrame.pIE_PowerConstraint != NULL) {
2117 CARDvSetPowerConstraint(pMgmt->pAdapter,
2118 (BYTE) pBSSList->uChannel,
2119 sFrame.pIE_PowerConstraint->byPower
2122 if (sFrame.pIE_CHSW != NULL) {
2123 CARDbChannelSwitch( pMgmt->pAdapter,
2124 sFrame.pIE_CHSW->byMode,
2125 CARDbyGetChannelMapping(pMgmt->pAdapter, sFrame.pIE_CHSW->byMode, pMgmt->eCurrentPHYMode),
2126 sFrame.pIE_CHSW->byCount
2129 } else if (bIsChannelEqual == FALSE) {
2130 CARDbSetChannel(pMgmt->pAdapter, pBSSList->uChannel);
2135 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Beacon 2 \n");
2136 // check if CF field exisit
2137 if (WLAN_GET_CAP_INFO_ESS(*sFrame.pwCapInfo)) {
2138 if (sFrame.pCFParms->wCFPDurRemaining > 0) {
2139 // TODO: deal with CFP period to set NAV
2143 HIDWORD(qwTimestamp) = cpu_to_le32(HIDWORD(*sFrame.pqwTimestamp));
2144 LODWORD(qwTimestamp) = cpu_to_le32(LODWORD(*sFrame.pqwTimestamp));
2145 HIDWORD(qwLocalTSF) = HIDWORD(pRxPacket->qwLocalTSF);
2146 LODWORD(qwLocalTSF) = LODWORD(pRxPacket->qwLocalTSF);
2148 // check if beacon TSF larger or small than our local TSF
2149 if (HIDWORD(qwTimestamp) == HIDWORD(qwLocalTSF)) {
2150 if (LODWORD(qwTimestamp) >= LODWORD(qwLocalTSF)) {
2151 bTSFOffsetPostive = TRUE;
2154 bTSFOffsetPostive = FALSE;
2157 else if (HIDWORD(qwTimestamp) > HIDWORD(qwLocalTSF)) {
2158 bTSFOffsetPostive = TRUE;
2160 else if (HIDWORD(qwTimestamp) < HIDWORD(qwLocalTSF)) {
2161 bTSFOffsetPostive = FALSE;
2164 if (bTSFOffsetPostive) {
2165 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwTimestamp), (qwLocalTSF));
2168 qwTSFOffset = CARDqGetTSFOffset(pRxPacket->byRxRate, (qwLocalTSF), (qwTimestamp));
2171 if (HIDWORD(qwTSFOffset) != 0 ||
2172 (LODWORD(qwTSFOffset) > TRIVIAL_SYNC_DIFFERENCE )) {
2173 bTSFLargeDiff = TRUE;
2178 if (bIsAPBeacon == TRUE) {
2180 // Infra mode: Local TSF always follow AP's TSF if Difference huge.
2184 if ((pDevice->bEnablePSMode == TRUE) &&(sFrame.pTIM != 0)) {
2186 // deal with DTIM, analysis TIM
2187 pMgmt->bMulticastTIM = WLAN_MGMT_IS_MULTICAST_TIM(sFrame.pTIM->byBitMapCtl) ? TRUE : FALSE ;
2188 pMgmt->byDTIMCount = sFrame.pTIM->byDTIMCount;
2189 pMgmt->byDTIMPeriod = sFrame.pTIM->byDTIMPeriod;
2190 wAIDNumber = pMgmt->wCurrAID & ~(BIT14|BIT15);
2192 // check if AID in TIM field bit on
2194 wStartIndex = WLAN_MGMT_GET_TIM_OFFSET(sFrame.pTIM->byBitMapCtl) << 1;
2196 wAIDIndex = (wAIDNumber >> 3);
2197 if ((wAIDNumber > 0) && (wAIDIndex >= wStartIndex)) {
2198 uLocateByteIndex = wAIDIndex - wStartIndex;
2199 // len = byDTIMCount + byDTIMPeriod + byDTIMPeriod + byVirtBitMap[0~250]
2200 if (sFrame.pTIM->len >= (uLocateByteIndex + 4)) {
2201 byTIMBitOn = (0x01) << ((wAIDNumber) % 8);
2202 pMgmt->bInTIM = sFrame.pTIM->byVirtBitMap[uLocateByteIndex] & byTIMBitOn ? TRUE : FALSE;
2205 pMgmt->bInTIM = FALSE;
2209 pMgmt->bInTIM = FALSE;
2212 if (pMgmt->bInTIM ||
2213 (pMgmt->bMulticastTIM && (pMgmt->byDTIMCount == 0))) {
2214 pMgmt->bInTIMWake = TRUE;
2215 // send out ps-poll packet
2216 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN:In TIM\n");
2217 if (pMgmt->bInTIM) {
2218 PSvSendPSPOLL((PSDevice)pDevice);
2219 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN:PS-POLL sent..\n");
2224 pMgmt->bInTIMWake = FALSE;
2225 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Not In TIM..\n");
2226 if (pDevice->bPWBitOn == FALSE) {
2227 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Send Null Packet\n");
2228 if (PSbSendNullPacket(pDevice))
2229 pDevice->bPWBitOn = TRUE;
2231 if(PSbConsiderPowerDown(pDevice, FALSE, FALSE)) {
2232 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "BCN: Power down now...\n");
2240 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && !bIsAPBeacon && bIsChannelEqual) {
2241 if (bIsBSSIDEqual) {
2242 // Use sNodeDBTable[0].uInActiveCount as IBSS beacons received count.
2243 if (pMgmt->sNodeDBTable[0].uInActiveCount != 0)
2244 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2246 // adhoc mode:TSF updated only when beacon larger then local TSF
2247 if (bTSFLargeDiff && bTSFOffsetPostive &&
2248 (pMgmt->eCurrState == WMAC_STATE_JOINTED))
2251 // During dpc, already in spinlocked.
2252 if (BSSDBbIsSTAInNodeDB(pMgmt, sFrame.pHdr->sA3.abyAddr2, &uNodeIndex)) {
2254 // Update the STA, (Techically the Beacons of all the IBSS nodes
2255 // should be identical, but that's not happening in practice.
2256 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2257 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2258 WLAN_RATES_MAXLEN_11B);
2259 RATEvParseMaxRate( (PVOID)pDevice,
2260 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2263 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2264 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2265 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2266 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2267 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2269 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2270 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2271 pMgmt->sNodeDBTable[uNodeIndex].uInActiveCount = 0;
2274 // Todo, initial Node content
2275 BSSvCreateOneNode((PSDevice)pDevice, &uNodeIndex);
2277 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2278 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2279 WLAN_RATES_MAXLEN_11B);
2280 RATEvParseMaxRate( (PVOID)pDevice,
2281 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2284 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxBasicRate),
2285 &(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate),
2286 &(pMgmt->sNodeDBTable[uNodeIndex].wSuppRate),
2287 &(pMgmt->sNodeDBTable[uNodeIndex].byTopCCKBasicRate),
2288 &(pMgmt->sNodeDBTable[uNodeIndex].byTopOFDMBasicRate)
2291 memcpy(pMgmt->sNodeDBTable[uNodeIndex].abyMACAddr, sFrame.pHdr->sA3.abyAddr2, WLAN_ADDR_LEN);
2292 pMgmt->sNodeDBTable[uNodeIndex].bShortPreamble = WLAN_GET_CAP_INFO_SHORTPREAMBLE(*sFrame.pwCapInfo);
2293 pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate = pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate;
2295 //if (uNodeIndex == 0)
2297 printk("s_vMgrRxBeacon:TxDataRate is %d,Index is %d\n",pMgmt->sNodeDBTable[uNodeIndex].wTxDataRate,uNodeIndex);
2301 pMgmt->sNodeDBTable[uNodeIndex].bShortSlotTime = WLAN_GET_CAP_INFO_SHORTSLOTTIME(*sFrame.pwCapInfo);
2302 if(pMgmt->sNodeDBTable[uNodeIndex].wMaxSuppRate > RATE_11M)
2303 pMgmt->sNodeDBTable[uNodeIndex].bERPExist = TRUE;
2307 // if other stations jointed, indicate connect to upper layer..
2308 if (pMgmt->eCurrState == WMAC_STATE_STARTED) {
2309 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Current IBSS State: [Started]........to: [Jointed] \n");
2310 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2311 pDevice->bLinkPass = TRUE;
2312 if (netif_queue_stopped(pDevice->dev)){
2313 netif_wake_queue(pDevice->dev);
2315 pMgmt->sNodeDBTable[0].bActive = TRUE;
2316 pMgmt->sNodeDBTable[0].uInActiveCount = 0;
2320 else if (bIsSSIDEqual) {
2322 // See other adhoc sta with the same SSID but BSSID is different.
2323 // adpot this vars only when TSF larger then us.
2324 if (bTSFLargeDiff && bTSFOffsetPostive) {
2325 // we don't support ATIM under adhoc mode
2326 // if ( sFrame.pIBSSParms->wATIMWindow == 0) {
2328 // TODO: check sFrame cap if privacy on, and support rate syn
2329 memcpy(pMgmt->abyCurrBSSID, sFrame.pHdr->sA3.abyAddr3, WLAN_BSSID_LEN);
2330 memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
2331 pMgmt->wCurrATIMWindow = cpu_to_le16(sFrame.pIBSSParms->wATIMWindow);
2332 pMgmt->wCurrBeaconPeriod = cpu_to_le16(*sFrame.pwBeaconInterval);
2333 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)sFrame.pSuppRates,
2334 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2335 WLAN_RATES_MAXLEN_11B);
2336 // set HW beacon interval and re-synchronizing....
2337 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rejoining to Other Adhoc group with same SSID........\n");
2338 VNSvOutPortW(pDevice->PortOffset + MAC_REG_BI, pMgmt->wCurrBeaconPeriod);
2339 CARDbUpdateTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, qwLocalTSF);
2340 CARDvUpdateNextTBTT(pDevice->PortOffset, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2341 // Turn off bssid filter to avoid filter others adhoc station which bssid is different.
2342 MACvWriteBSSIDAddress(pDevice->PortOffset, pMgmt->abyCurrBSSID);
2344 CARDbSetPhyParameter ( pMgmt->pAdapter,
2345 pMgmt->eCurrentPHYMode,
2346 pMgmt->wCurrCapInfo,
2347 pMgmt->byERPContext,
2348 pMgmt->abyCurrSuppRates,
2349 pMgmt->abyCurrExtSuppRates);
2352 // MACvRegBitsOff(pDevice->PortOffset, MAC_REG_RCR, RCR_BSSID);
2353 // set highest basic rate
2354 // s_vSetHighestBasicRate(pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates);
2355 // Prepare beacon frame
2356 bMgrPrepareBeaconToSend((HANDLE)pDevice, pMgmt);
2364 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2365 CARDbUpdateTSF(pDevice, pRxPacket->byRxRate, qwTimestamp, pRxPacket->qwLocalTSF);
2366 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2367 CARDvUpdateNextTBTT(pDevice->PortOffset, qwTimestamp, pMgmt->wCurrBeaconPeriod);
2377 * Routine Description:
2378 * Instructs the hw to create a bss using the supplied
2379 * attributes. Note that this implementation only supports Ad-Hoc
2389 IN HANDLE hDeviceContext,
2390 OUT PCMD_STATUS pStatus
2393 PSDevice pDevice = (PSDevice)hDeviceContext;
2394 PSMgmtObject pMgmt = pDevice->pMgmt;
2397 BYTE byTopCCKBasicRate;
2398 BYTE byTopOFDMBasicRate;
2401 BYTE abyRATE[] = {0x82, 0x84, 0x8B, 0x96, 0x24, 0x30, 0x48, 0x6C, 0x0C, 0x12, 0x18, 0x60};
2402 BYTE abyCCK_RATE[] = {0x82, 0x84, 0x8B, 0x96};
2403 BYTE abyOFDM_RATE[] = {0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2406 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Create Basic Service Set .......\n");
2408 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2409 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) &&
2410 (pDevice->eEncryptionStatus != Ndis802_11Encryption2Enabled) &&
2411 (pDevice->eEncryptionStatus != Ndis802_11Encryption3Enabled)) {
2412 // encryption mode error
2413 *pStatus = CMD_STATUS_FAILURE;
2418 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2419 pMgmt->abyCurrExtSuppRates[0] = WLAN_EID_EXTSUPP_RATES;
2421 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2422 pMgmt->eCurrentPHYMode = pMgmt->byAPBBType;
2424 if (pDevice->byBBType == BB_TYPE_11G)
2425 pMgmt->eCurrentPHYMode = PHY_TYPE_11G;
2426 if (pDevice->byBBType == BB_TYPE_11B)
2427 pMgmt->eCurrentPHYMode = PHY_TYPE_11B;
2428 if (pDevice->byBBType == BB_TYPE_11A)
2429 pMgmt->eCurrentPHYMode = PHY_TYPE_11A;
2432 if (pMgmt->eCurrentPHYMode != PHY_TYPE_11A) {
2433 pMgmt->abyCurrSuppRates[1] = WLAN_RATES_MAXLEN_11B;
2434 pMgmt->abyCurrExtSuppRates[1] = 0;
2435 for (ii = 0; ii < 4; ii++)
2436 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2438 pMgmt->abyCurrSuppRates[1] = 8;
2439 pMgmt->abyCurrExtSuppRates[1] = 0;
2440 for (ii = 0; ii < 8; ii++)
2441 pMgmt->abyCurrSuppRates[2+ii] = abyRATE[ii];
2445 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
2446 pMgmt->abyCurrSuppRates[1] = 8;
2447 pMgmt->abyCurrExtSuppRates[1] = 4;
2448 for (ii = 0; ii < 4; ii++)
2449 pMgmt->abyCurrSuppRates[2+ii] = abyCCK_RATE[ii];
2450 for (ii = 4; ii < 8; ii++)
2451 pMgmt->abyCurrSuppRates[2+ii] = abyOFDM_RATE[ii-4];
2452 for (ii = 0; ii < 4; ii++)
2453 pMgmt->abyCurrExtSuppRates[2+ii] = abyOFDM_RATE[ii+4];
2457 // Disable Protect Mode
2458 pDevice->bProtectMode = 0;
2459 MACvDisableProtectMD(pDevice->PortOffset);
2461 pDevice->bBarkerPreambleMd = 0;
2462 MACvDisableBarkerPreambleMd(pDevice->PortOffset);
2464 // Kyle Test 2003.11.04
2466 // set HW beacon interval
2467 if (pMgmt->wIBSSBeaconPeriod == 0)
2468 pMgmt->wIBSSBeaconPeriod = DEFAULT_IBSS_BI;
2471 CARDbGetCurrentTSF(pDevice->PortOffset, &qwCurrTSF);
2472 // clear TSF counter
2473 VNSvOutPortB(pDevice->PortOffset + MAC_REG_TFTCTL, TFTCTL_TSFCNTRST);
2474 // enable TSF counter
2475 VNSvOutPortB(pDevice->PortOffset + MAC_REG_TFTCTL, TFTCTL_TSFCNTREN);
2478 CARDvSetFirstNextTBTT(pDevice->PortOffset, pMgmt->wIBSSBeaconPeriod);
2480 pMgmt->uIBSSChannel = pDevice->uChannel;
2482 if (pMgmt->uIBSSChannel == 0)
2483 pMgmt->uIBSSChannel = DEFAULT_IBSS_CHANNEL;
2488 RATEvParseMaxRate((PVOID)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2489 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates, TRUE,
2490 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2491 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2494 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2495 pMgmt->eCurrMode = WMAC_MODE_ESS_AP;
2498 if (pMgmt->eConfigMode == WMAC_CONFIG_IBSS_STA) {
2499 memcpy(pMgmt->abyIBSSDFSOwner, pDevice->abyCurrentNetAddr, 6);
2500 pMgmt->byIBSSDFSRecovery = 10;
2501 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2504 // Adopt pre-configured IBSS vars to current vars
2505 pMgmt->eCurrState = WMAC_STATE_STARTED;
2506 pMgmt->wCurrBeaconPeriod = pMgmt->wIBSSBeaconPeriod;
2507 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2508 pMgmt->wCurrATIMWindow = pMgmt->wIBSSATIMWindow;
2509 MACvWriteATIMW(pDevice->PortOffset, pMgmt->wCurrATIMWindow);
2510 pDevice->uCurrRSSI = 0;
2511 pDevice->byCurrSQ = 0;
2512 //memcpy(pMgmt->abyDesireSSID,pMgmt->abyAdHocSSID,
2513 // ((PWLAN_IE_SSID)pMgmt->abyAdHocSSID)->len + WLAN_IEHDR_LEN);
2514 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2515 memcpy(pMgmt->abyCurrSSID,
2516 pMgmt->abyDesireSSID,
2517 ((PWLAN_IE_SSID)pMgmt->abyDesireSSID)->len + WLAN_IEHDR_LEN
2520 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2521 // AP mode BSSID = MAC addr
2522 memcpy(pMgmt->abyCurrBSSID, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
2523 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO"AP beacon created BSSID:%02x-%02x-%02x-%02x-%02x-%02x \n",
2524 pMgmt->abyCurrBSSID[0],
2525 pMgmt->abyCurrBSSID[1],
2526 pMgmt->abyCurrBSSID[2],
2527 pMgmt->abyCurrBSSID[3],
2528 pMgmt->abyCurrBSSID[4],
2529 pMgmt->abyCurrBSSID[5]
2533 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2535 // BSSID selected must be randomized as spec 11.1.3
2536 pMgmt->abyCurrBSSID[5] = (BYTE) (LODWORD(qwCurrTSF)& 0x000000ff);
2537 pMgmt->abyCurrBSSID[4] = (BYTE)((LODWORD(qwCurrTSF)& 0x0000ff00) >> 8);
2538 pMgmt->abyCurrBSSID[3] = (BYTE)((LODWORD(qwCurrTSF)& 0x00ff0000) >> 16);
2539 pMgmt->abyCurrBSSID[2] = (BYTE)((LODWORD(qwCurrTSF)& 0x00000ff0) >> 4);
2540 pMgmt->abyCurrBSSID[1] = (BYTE)((LODWORD(qwCurrTSF)& 0x000ff000) >> 12);
2541 pMgmt->abyCurrBSSID[0] = (BYTE)((LODWORD(qwCurrTSF)& 0x0ff00000) >> 20);
2542 pMgmt->abyCurrBSSID[5] ^= pMgmt->abyMACAddr[0];
2543 pMgmt->abyCurrBSSID[4] ^= pMgmt->abyMACAddr[1];
2544 pMgmt->abyCurrBSSID[3] ^= pMgmt->abyMACAddr[2];
2545 pMgmt->abyCurrBSSID[2] ^= pMgmt->abyMACAddr[3];
2546 pMgmt->abyCurrBSSID[1] ^= pMgmt->abyMACAddr[4];
2547 pMgmt->abyCurrBSSID[0] ^= pMgmt->abyMACAddr[5];
2548 pMgmt->abyCurrBSSID[0] &= ~IEEE_ADDR_GROUP;
2549 pMgmt->abyCurrBSSID[0] |= IEEE_ADDR_UNIVERSAL;
2552 DBG_PRT(MSG_LEVEL_INFO, KERN_INFO"Adhoc beacon created bssid:%02x-%02x-%02x-%02x-%02x-%02x \n",
2553 pMgmt->abyCurrBSSID[0],
2554 pMgmt->abyCurrBSSID[1],
2555 pMgmt->abyCurrBSSID[2],
2556 pMgmt->abyCurrBSSID[3],
2557 pMgmt->abyCurrBSSID[4],
2558 pMgmt->abyCurrBSSID[5]
2562 // Set Capability Info
2563 pMgmt->wCurrCapInfo = 0;
2565 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
2566 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_ESS(1);
2567 pMgmt->byDTIMPeriod = DEFAULT_DTIM_PERIOD;
2568 pMgmt->byDTIMCount = pMgmt->byDTIMPeriod - 1;
2571 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2572 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_IBSS(1);
2575 if (pDevice->bEncryptionEnable) {
2576 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
2577 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2578 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2579 pMgmt->byCSSPK = KEY_CTL_CCMP;
2580 pMgmt->byCSSGK = KEY_CTL_CCMP;
2581 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2582 pMgmt->byCSSPK = KEY_CTL_TKIP;
2583 pMgmt->byCSSGK = KEY_CTL_TKIP;
2585 pMgmt->byCSSPK = KEY_CTL_NONE;
2586 pMgmt->byCSSGK = KEY_CTL_WEP;
2589 pMgmt->byCSSPK = KEY_CTL_WEP;
2590 pMgmt->byCSSGK = KEY_CTL_WEP;
2594 pMgmt->byERPContext = 0;
2596 // memcpy(pDevice->abyBSSID, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
2598 if (pMgmt->eConfigMode == WMAC_CONFIG_AP) {
2599 CARDbSetBSSID(pMgmt->pAdapter, pMgmt->abyCurrBSSID, OP_MODE_AP);
2601 CARDbSetBSSID(pMgmt->pAdapter, pMgmt->abyCurrBSSID, OP_MODE_ADHOC);
2604 CARDbSetPhyParameter( pMgmt->pAdapter,
2605 pMgmt->eCurrentPHYMode,
2606 pMgmt->wCurrCapInfo,
2607 pMgmt->byERPContext,
2608 pMgmt->abyCurrSuppRates,
2609 pMgmt->abyCurrExtSuppRates
2612 CARDbSetBeaconPeriod(pMgmt->pAdapter, pMgmt->wIBSSBeaconPeriod);
2613 // set channel and clear NAV
2614 CARDbSetChannel(pMgmt->pAdapter, pMgmt->uIBSSChannel);
2615 pMgmt->uCurrChannel = pMgmt->uIBSSChannel;
2617 if (CARDbIsShortPreamble(pMgmt->pAdapter)) {
2618 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SHORTPREAMBLE(1);
2620 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SHORTPREAMBLE(1));
2623 if ((pMgmt->b11hEnable == TRUE) &&
2624 (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
2625 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_SPECTRUMMNG(1);
2627 pMgmt->wCurrCapInfo &= (~WLAN_SET_CAP_INFO_SPECTRUMMNG(1));
2630 pMgmt->eCurrState = WMAC_STATE_STARTED;
2631 // Prepare beacon to send
2632 if (bMgrPrepareBeaconToSend((HANDLE)pDevice, pMgmt)) {
2633 *pStatus = CMD_STATUS_SUCCESS;
2643 * Routine Description:
2644 * Instructs wmac to join a bss using the supplied attributes.
2645 * The arguments may the BSSID or SSID and the rest of the
2646 * attributes are obtained from the scan result of known bss list.
2656 IN HANDLE hDeviceContext,
2657 OUT PCMD_STATUS pStatus
2661 PSDevice pDevice = (PSDevice)hDeviceContext;
2662 PSMgmtObject pMgmt = pDevice->pMgmt;
2663 PKnownBSS pCurr = NULL;
2665 PWLAN_IE_SUPP_RATES pItemRates = NULL;
2666 PWLAN_IE_SUPP_RATES pItemExtRates = NULL;
2667 PWLAN_IE_SSID pItemSSID;
2668 UINT uRateLen = WLAN_RATES_MAXLEN;
2669 WORD wMaxBasicRate = RATE_1M;
2670 WORD wMaxSuppRate = RATE_1M;
2672 BYTE byTopCCKBasicRate = RATE_1M;
2673 BYTE byTopOFDMBasicRate = RATE_1M;
2676 for (ii = 0; ii < MAX_BSS_NUM; ii++) {
2677 if (pMgmt->sBSSList[ii].bActive == TRUE)
2681 if (ii == MAX_BSS_NUM) {
2682 *pStatus = CMD_STATUS_RESOURCES;
2683 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "BSS finding:BSS list is empty.\n");
2687 // memset(pMgmt->abyDesireBSSID, 0, WLAN_BSSID_LEN);
2688 // Search known BSS list for prefer BSSID or SSID
2690 pCurr = BSSpSearchBSSList(pDevice,
2691 pMgmt->abyDesireBSSID,
2692 pMgmt->abyDesireSSID,
2693 pMgmt->eConfigPHYMode
2697 *pStatus = CMD_STATUS_RESOURCES;
2698 pItemSSID = (PWLAN_IE_SSID)pMgmt->abyDesireSSID;
2699 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Scanning [%s] not found, disconnected !\n", pItemSSID->abySSID);
2703 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "AP(BSS) finding:Found a AP(BSS)..\n");
2704 if (WLAN_GET_CAP_INFO_ESS(cpu_to_le16(pCurr->wCapInfo))){
2706 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPA)||(pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK)) {
2708 // patch for CISCO migration mode
2710 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2711 if (WPA_SearchRSN(0, WPA_TKIP, pCurr) == FALSE) {
2712 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"No match RSN info. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
2713 // encryption mode error
2714 pMgmt->eCurrState = WMAC_STATE_IDLE;
2717 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2718 if (WPA_SearchRSN(0, WPA_AESCCMP, pCurr) == FALSE) {
2719 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"No match RSN info. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n");
2720 // encryption mode error
2721 pMgmt->eCurrState = WMAC_STATE_IDLE;
2728 #ifdef WPA_SUPPLICANT_DRIVER_WEXT_SUPPORT
2729 //if(pDevice->bWPASuppWextEnabled == TRUE)
2730 Encyption_Rebuild(pDevice, pCurr);
2732 // Infrastructure BSS
2733 s_vMgrSynchBSS(pDevice,
2739 if (*pStatus == CMD_STATUS_SUCCESS){
2741 // Adopt this BSS state vars in Mgmt Object
2742 pMgmt->uCurrChannel = pCurr->uChannel;
2744 memset(pMgmt->abyCurrSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2745 memset(pMgmt->abyCurrExtSuppRates, 0 , WLAN_IEHDR_LEN + WLAN_RATES_MAXLEN + 1);
2747 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
2748 uRateLen = WLAN_RATES_MAXLEN_11B;
2751 pItemRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates;
2752 pItemExtRates = (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates;
2754 // Parse Support Rate IE
2755 pItemRates->byElementID = WLAN_EID_SUPP_RATES;
2756 pItemRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2760 // Parse Extension Support Rate IE
2761 pItemExtRates->byElementID = WLAN_EID_EXTSUPP_RATES;
2762 pItemExtRates->len = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abyExtSuppRates,
2766 if ((pItemExtRates->len > 0) && (pItemRates->len < 8)) {
2767 for (ii = 0; ii < (UINT)(8 - pItemRates->len); ) {
2768 pItemRates->abyRates[pItemRates->len + ii] = pItemExtRates->abyRates[ii];
2770 if (pItemExtRates->len <= ii)
2773 pItemRates->len += (BYTE)ii;
2774 if (pItemExtRates->len - ii > 0) {
2775 pItemExtRates->len -= (BYTE)ii;
2776 for (uu = 0; uu < pItemExtRates->len; uu ++) {
2777 pItemExtRates->abyRates[uu] = pItemExtRates->abyRates[uu + ii];
2780 pItemExtRates->len = 0;
2784 RATEvParseMaxRate((PVOID)pDevice, pItemRates, pItemExtRates, TRUE,
2785 &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2786 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2788 // TODO: deal with if wCapInfo the privacy is on, but station WEP is off
2789 // TODO: deal with if wCapInfo the PS-Pollable is on.
2790 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2791 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2792 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2793 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN + 1);
2795 pMgmt->eCurrMode = WMAC_MODE_ESS_STA;
2797 pMgmt->eCurrState = WMAC_STATE_JOINTED;
2798 // Adopt BSS state in Adapter Device Object
2799 //pDevice->byOpMode = OP_MODE_INFRASTRUCTURE;
2800 // memcpy(pDevice->abyBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2802 // Add current BSS to Candidate list
2803 // This should only works for WPA2 BSS, and WPA2 BSS check must be done before.
2804 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
2805 BOOL bResult = bAdd_PMKID_Candidate((HANDLE)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2806 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"bAdd_PMKID_Candidate: 1(%d)\n", bResult);
2807 if (bResult == FALSE) {
2808 vFlush_PMKID_Candidate((HANDLE)pDevice);
2809 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"vFlush_PMKID_Candidate: 4\n");
2810 bAdd_PMKID_Candidate((HANDLE)pDevice, pMgmt->abyCurrBSSID, &pCurr->sRSNCapObj);
2814 // Preamble type auto-switch: if AP can receive short-preamble cap,
2815 // we can turn on too.
2817 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Join ESS\n");
2821 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"End of Join AP -- A/B/G Action\n");
2824 pMgmt->eCurrState = WMAC_STATE_IDLE;
2831 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
2833 if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled) {
2834 if (WPA_SearchRSN(0, WPA_TKIP, pCurr) == FALSE) {
2835 // encryption mode error
2836 pMgmt->eCurrState = WMAC_STATE_IDLE;
2839 } else if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled) {
2840 if (WPA_SearchRSN(0, WPA_AESCCMP, pCurr) == FALSE) {
2841 // encryption mode error
2842 pMgmt->eCurrState = WMAC_STATE_IDLE;
2846 // encryption mode error
2847 pMgmt->eCurrState = WMAC_STATE_IDLE;
2852 s_vMgrSynchBSS(pDevice,
2858 if (*pStatus == CMD_STATUS_SUCCESS){
2859 // Adopt this BSS state vars in Mgmt Object
2860 // TODO: check if CapInfo privacy on, but we don't..
2861 pMgmt->uCurrChannel = pCurr->uChannel;
2864 // Parse Support Rate IE
2865 pMgmt->abyCurrSuppRates[0] = WLAN_EID_SUPP_RATES;
2866 pMgmt->abyCurrSuppRates[1] = RATEuSetIE((PWLAN_IE_SUPP_RATES)pCurr->abySuppRates,
2867 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2868 WLAN_RATES_MAXLEN_11B);
2870 RATEvParseMaxRate((PVOID)pDevice, (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
2871 NULL, TRUE, &wMaxBasicRate, &wMaxSuppRate, &wSuppRate,
2872 &byTopCCKBasicRate, &byTopOFDMBasicRate);
2874 pMgmt->wCurrCapInfo = pCurr->wCapInfo;
2875 pMgmt->wCurrBeaconPeriod = pCurr->wBeaconInterval;
2876 memset(pMgmt->abyCurrSSID, 0, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2877 memcpy(pMgmt->abyCurrBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2878 memcpy(pMgmt->abyCurrSSID, pCurr->abySSID, WLAN_IEHDR_LEN + WLAN_SSID_MAXLEN);
2879 // pMgmt->wCurrATIMWindow = pCurr->wATIMWindow;
2880 MACvWriteATIMW(pDevice->PortOffset, pMgmt->wCurrATIMWindow);
2881 pMgmt->eCurrMode = WMAC_MODE_IBSS_STA;
2883 pMgmt->eCurrState = WMAC_STATE_STARTED;
2884 // Adopt BSS state in Adapter Device Object
2885 //pDevice->byOpMode = OP_MODE_ADHOC;
2886 // pDevice->bLinkPass = TRUE;
2887 // memcpy(pDevice->abyBSSID, pCurr->abyBSSID, WLAN_BSSID_LEN);
2889 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Join IBSS ok:%02x-%02x-%02x-%02x-%02x-%02x \n",
2890 pMgmt->abyCurrBSSID[0],
2891 pMgmt->abyCurrBSSID[1],
2892 pMgmt->abyCurrBSSID[2],
2893 pMgmt->abyCurrBSSID[3],
2894 pMgmt->abyCurrBSSID[4],
2895 pMgmt->abyCurrBSSID[5]
2897 // Preamble type auto-switch: if AP can receive short-preamble cap,
2898 // and if registry setting is short preamble we can turn on too.
2901 bMgrPrepareBeaconToSend((HANDLE)pDevice, pMgmt);
2904 pMgmt->eCurrState = WMAC_STATE_IDLE;
2914 * Routine Description:
2915 * Set HW to synchronize a specific BSS from known BSS list.
2925 IN PSDevice pDevice,
2928 OUT PCMD_STATUS pStatus
2931 CARD_PHY_TYPE ePhyType = PHY_TYPE_11B;
2932 PSMgmtObject pMgmt = pDevice->pMgmt;
2934 //1M, 2M, 5M, 11M, 18M, 24M, 36M, 54M
2935 BYTE abyCurrSuppRatesG[] = {WLAN_EID_SUPP_RATES, 8, 0x02, 0x04, 0x0B, 0x16, 0x24, 0x30, 0x48, 0x6C};
2936 BYTE abyCurrExtSuppRatesG[] = {WLAN_EID_EXTSUPP_RATES, 4, 0x0C, 0x12, 0x18, 0x60};
2938 BYTE abyCurrSuppRatesA[] = {WLAN_EID_SUPP_RATES, 8, 0x0C, 0x12, 0x18, 0x24, 0x30, 0x48, 0x60, 0x6C};
2939 BYTE abyCurrSuppRatesB[] = {WLAN_EID_SUPP_RATES, 4, 0x02, 0x04, 0x0B, 0x16};
2942 *pStatus = CMD_STATUS_FAILURE;
2944 if (s_bCipherMatch(pCurr,
2945 pDevice->eEncryptionStatus,
2947 &(pMgmt->byCSSGK)) == FALSE) {
2948 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "s_bCipherMatch Fail .......\n");
2952 pMgmt->pCurrBSS = pCurr;
2954 // if previous mode is IBSS.
2955 if(pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
2956 MACvRegBitsOff(pDevice->PortOffset, MAC_REG_BCNDMACTL, BEACON_READY);
2957 MACvRegBitsOff(pDevice->PortOffset, MAC_REG_TCR, TCR_AUTOBCNTX);
2960 // Init the BSS informations
2961 pDevice->bCCK = TRUE;
2962 pDevice->bProtectMode = FALSE;
2963 MACvDisableProtectMD(pDevice->PortOffset);
2964 pDevice->bBarkerPreambleMd = FALSE;
2965 MACvDisableBarkerPreambleMd(pDevice->PortOffset);
2966 pDevice->bNonERPPresent = FALSE;
2967 pDevice->byPreambleType = 0;
2968 pDevice->wBasicRate = 0;
2970 CARDbAddBasicRate((PVOID)pDevice, RATE_1M);
2971 // calculate TSF offset
2972 // TSF Offset = Received Timestamp TSF - Marked Local's TSF
2973 CARDbUpdateTSF(pDevice, pCurr->byRxRate, pCurr->qwBSSTimestamp, pCurr->qwLocalTSF);
2975 CARDbSetBeaconPeriod(pDevice, pCurr->wBeaconInterval);
2978 // Next TBTT = ((local_current_TSF / beacon_interval) + 1 ) * beacon_interval
2979 CARDvSetFirstNextTBTT(pDevice->PortOffset, pCurr->wBeaconInterval);
2982 MACvWriteBSSIDAddress(pDevice->PortOffset, pCurr->abyBSSID);
2984 MACvReadBSSIDAddress(pDevice->PortOffset, pMgmt->abyCurrBSSID);
2986 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Sync:set CurrBSSID address = %02x-%02x-%02x=%02x-%02x-%02x\n",
2987 pMgmt->abyCurrBSSID[0],
2988 pMgmt->abyCurrBSSID[1],
2989 pMgmt->abyCurrBSSID[2],
2990 pMgmt->abyCurrBSSID[3],
2991 pMgmt->abyCurrBSSID[4],
2992 pMgmt->abyCurrBSSID[5]);
2994 if (pCurr->eNetworkTypeInUse == PHY_TYPE_11A) {
2995 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11A) ||
2996 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
2997 ePhyType = PHY_TYPE_11A;
3001 } else if (pCurr->eNetworkTypeInUse == PHY_TYPE_11B) {
3002 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11B) ||
3003 (pMgmt->eConfigPHYMode == PHY_TYPE_11G) ||
3004 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
3005 ePhyType = PHY_TYPE_11B;
3010 if ((pMgmt->eConfigPHYMode == PHY_TYPE_11G) ||
3011 (pMgmt->eConfigPHYMode == PHY_TYPE_AUTO)) {
3012 ePhyType = PHY_TYPE_11G;
3013 } else if (pMgmt->eConfigPHYMode == PHY_TYPE_11B) {
3014 ePhyType = PHY_TYPE_11B;
3020 if (ePhyType == PHY_TYPE_11A) {
3021 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesA[0], sizeof(abyCurrSuppRatesA));
3022 pMgmt->abyCurrExtSuppRates[1] = 0;
3023 } else if (ePhyType == PHY_TYPE_11B) {
3024 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesB[0], sizeof(abyCurrSuppRatesB));
3025 pMgmt->abyCurrExtSuppRates[1] = 0;
3027 memcpy(pMgmt->abyCurrSuppRates, &abyCurrSuppRatesG[0], sizeof(abyCurrSuppRatesG));
3028 memcpy(pMgmt->abyCurrExtSuppRates, &abyCurrExtSuppRatesG[0], sizeof(abyCurrExtSuppRatesG));
3032 if (WLAN_GET_CAP_INFO_ESS(pCurr->wCapInfo)) {
3033 CARDbSetBSSID(pMgmt->pAdapter, pCurr->abyBSSID, OP_MODE_INFRASTRUCTURE);
3034 // Add current BSS to Candidate list
3035 // This should only works for WPA2 BSS, and WPA2 BSS check must be done before.
3036 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
3037 CARDbAdd_PMKID_Candidate(pMgmt->pAdapter, pMgmt->abyCurrBSSID, pCurr->sRSNCapObj.bRSNCapExist, pCurr->sRSNCapObj.wRSNCap);
3040 CARDbSetBSSID(pMgmt->pAdapter, pCurr->abyBSSID, OP_MODE_ADHOC);
3043 if (CARDbSetPhyParameter( pMgmt->pAdapter,
3047 pMgmt->abyCurrSuppRates,
3048 pMgmt->abyCurrExtSuppRates
3050 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "<----s_bSynchBSS Set Phy Mode Fail [%d]\n", ePhyType);
3053 // set channel and clear NAV
3054 if (CARDbSetChannel(pMgmt->pAdapter, pCurr->uChannel) == FALSE) {
3055 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "<----s_bSynchBSS Set Channel [%d]\n", pCurr->uChannel);
3060 for (ii=0;ii<BB_VGA_LEVEL;ii++) {
3061 if (pCurr->ldBmMAX< pDevice->ldBmThreshold[ii]) {
3062 pDevice->byBBVGANew = pDevice->abyBBVGA[ii];
3067 if (pDevice->byBBVGANew != pDevice->byBBVGACurrent) {
3068 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"RSSI[%d] NewGain[%d] OldGain[%d] \n",
3069 (int)pCurr->ldBmMAX, pDevice->byBBVGANew, pDevice->byBBVGACurrent);
3070 printk("RSSI[%d] NewGain[%d] OldGain[%d] \n",
3071 (int)pCurr->ldBmMAX, pDevice->byBBVGANew, pDevice->byBBVGACurrent);
3072 BBvSetVGAGainOffset(pDevice, pDevice->byBBVGANew);
3074 printk("ldBmMAX[%d] NewGain[%d] OldGain[%d] \n",
3075 (int)pCurr->ldBmMAX, pDevice->byBBVGANew, pDevice->byBBVGACurrent);
3077 pMgmt->uCurrChannel = pCurr->uChannel;
3078 pMgmt->eCurrentPHYMode = ePhyType;
3079 pMgmt->byERPContext = pCurr->sERP.byERP;
3080 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Sync:Set to channel = [%d]\n", (INT)pCurr->uChannel);
3083 *pStatus = CMD_STATUS_SUCCESS;
3089 //mike add: fix NetworkManager 0.7.0 hidden ssid mode in WPA encryption
3090 // ,need reset eAuthenMode and eEncryptionStatus
3091 static VOID Encyption_Rebuild(
3092 IN PSDevice pDevice,
3096 PSMgmtObject pMgmt = &(pDevice->sMgmtObj);
3097 // UINT ii , uSameBssidNum=0;
3099 // for (ii = 0; ii < MAX_BSS_NUM; ii++) {
3100 // if (pMgmt->sBSSList[ii].bActive &&
3101 // IS_ETH_ADDRESS_EQUAL(pMgmt->sBSSList[ii].abyBSSID, pCurr->abyBSSID)) {
3105 // if( uSameBssidNum>=2) { //we only check AP in hidden sssid mode
3106 if ((pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) || //networkmanager 0.7.0 does not give the pairwise-key selsection,
3107 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) { // so we need re-selsect it according to real pairwise-key info.
3108 if(pCurr->bWPAValid == TRUE) { //WPA-PSK
3109 pMgmt->eAuthenMode = WMAC_AUTH_WPAPSK;
3110 if(pCurr->abyPKType[0] == WPA_TKIP) {
3111 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
3112 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-TKIP]\n");
3114 else if(pCurr->abyPKType[0] == WPA_AESCCMP) {
3115 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
3116 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPAPSK-AES]\n");
3119 else if(pCurr->bWPA2Valid == TRUE) { //WPA2-PSK
3120 pMgmt->eAuthenMode = WMAC_AUTH_WPA2PSK;
3121 if(pCurr->abyCSSPK[0] == WLAN_11i_CSS_TKIP) {
3122 pDevice->eEncryptionStatus = Ndis802_11Encryption2Enabled; //TKIP
3123 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-TKIP]\n");
3125 else if(pCurr->abyCSSPK[0] == WLAN_11i_CSS_CCMP) {
3126 pDevice->eEncryptionStatus = Ndis802_11Encryption3Enabled; //AES
3127 PRINT_K("Encyption_Rebuild--->ssid reset config to [WPA2PSK-AES]\n");
3138 * Routine Description:
3150 IN PSMgmtObject pMgmt,
3151 IN PWLAN_IE_TIM pTIM
3154 BYTE byMask[8] = {1, 2, 4, 8, 0x10, 0x20, 0x40, 0x80};
3157 BOOL bStartFound = FALSE;
3158 BOOL bMulticast = FALSE;
3159 WORD wStartIndex = 0;
3163 // Find size of partial virtual bitmap
3164 for (ii = 0; ii < (MAX_NODE_NUM + 1); ii++) {
3165 byMap = pMgmt->abyPSTxMap[ii];
3167 // Mask out the broadcast bit which is indicated separately.
3168 bMulticast = (byMap & byMask[0]) != 0;
3170 pMgmt->sNodeDBTable[0].bRxPSPoll = TRUE;
3184 // Round start index down to nearest even number
3185 wStartIndex &= ~BIT0;
3187 // Round end index up to nearest even number
3188 wEndIndex = ((wEndIndex + 1) & ~BIT0);
3190 // Size of element payload
3192 pTIM->len = 3 + (wEndIndex - wStartIndex) + 1;
3194 // Fill in the Fixed parts of the TIM
3195 pTIM->byDTIMCount = pMgmt->byDTIMCount;
3196 pTIM->byDTIMPeriod = pMgmt->byDTIMPeriod;
3197 pTIM->byBitMapCtl = (bMulticast ? TIM_MULTICAST_MASK : 0) |
3198 (((wStartIndex >> 1) << 1) & TIM_BITMAPOFFSET_MASK);
3200 // Append variable part of TIM
3202 for (ii = wStartIndex, jj =0 ; ii <= wEndIndex; ii++, jj++) {
3203 pTIM->byVirtBitMap[jj] = pMgmt->abyPSTxMap[ii];
3206 // Aid = 0 don't used.
3207 pTIM->byVirtBitMap[0] &= ~BIT0;
3213 * Routine Description:
3214 * Constructs an Beacon frame( Ad-hoc mode)
3218 * PTR to frame; or NULL on allocation failue
3225 IN PSDevice pDevice,
3226 IN PSMgmtObject pMgmt,
3227 IN WORD wCurrCapInfo,
3228 IN WORD wCurrBeaconPeriod,
3229 IN UINT uCurrChannel,
3230 IN WORD wCurrATIMWinodw,
3231 IN PWLAN_IE_SSID pCurrSSID,
3232 IN PBYTE pCurrBSSID,
3233 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
3234 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3237 PSTxMgmtPacket pTxPacket = NULL;
3238 WLAN_FR_BEACON sFrame;
3239 BYTE abyBroadcastAddr[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
3242 PWLAN_IE_IBSS_DFS pIBSSDFS = NULL;
3245 // prepare beacon frame
3246 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3247 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_BEACON_FR_MAXLEN);
3248 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3249 // Setup the sFrame structure.
3250 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3251 sFrame.len = WLAN_BEACON_FR_MAXLEN;
3252 vMgrEncodeBeacon(&sFrame);
3254 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3256 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3257 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_BEACON)
3260 if (pDevice->bEnablePSMode) {
3261 sFrame.pHdr->sA3.wFrameCtl |= cpu_to_le16((WORD)WLAN_SET_FC_PWRMGT(1));
3264 memcpy( sFrame.pHdr->sA3.abyAddr1, abyBroadcastAddr, WLAN_ADDR_LEN);
3265 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3266 memcpy( sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3267 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3268 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3270 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3271 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3272 memcpy(sFrame.pSSID,
3274 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3276 // Copy the rate set
3277 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3278 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3279 memcpy(sFrame.pSuppRates,
3281 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3284 if (pDevice->eCurrentPHYType != PHY_TYPE_11A) {
3285 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3286 sFrame.len += (1) + WLAN_IEHDR_LEN;
3287 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3288 sFrame.pDSParms->len = 1;
3289 sFrame.pDSParms->byCurrChannel = (BYTE)uCurrChannel;
3292 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
3293 sFrame.pTIM = (PWLAN_IE_TIM)(sFrame.pBuf + sFrame.len);
3294 sFrame.pTIM->byElementID = WLAN_EID_TIM;
3295 s_vMgrFormatTIM(pMgmt, sFrame.pTIM);
3296 sFrame.len += (WLAN_IEHDR_LEN + sFrame.pTIM->len);
3299 if (pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) {
3302 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3303 sFrame.len += (2) + WLAN_IEHDR_LEN;
3304 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3305 sFrame.pIBSSParms->len = 2;
3306 sFrame.pIBSSParms->wATIMWindow = wCurrATIMWinodw;
3307 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3309 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3310 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3311 sFrame.pRSNWPA->len = 12;
3312 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3313 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3314 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3315 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3316 sFrame.pRSNWPA->wVersion = 1;
3317 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3318 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3319 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3320 if (pDevice->eEncryptionStatus == Ndis802_11Encryption3Enabled)
3321 sFrame.pRSNWPA->abyMulticast[3] = 0x04;//AES
3322 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption2Enabled)
3323 sFrame.pRSNWPA->abyMulticast[3] = 0x02;//TKIP
3324 else if (pDevice->eEncryptionStatus == Ndis802_11Encryption1Enabled)
3325 sFrame.pRSNWPA->abyMulticast[3] = 0x01;//WEP40
3327 sFrame.pRSNWPA->abyMulticast[3] = 0x00;//NONE
3329 // Pairwise Key Cipher Suite
3330 sFrame.pRSNWPA->wPKCount = 0;
3331 // Auth Key Management Suite
3332 *((PWORD)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len))=0;
3333 sFrame.pRSNWPA->len +=2;
3336 *((PWORD)(sFrame.pBuf + sFrame.len + sFrame.pRSNWPA->len))=0;
3337 sFrame.pRSNWPA->len +=2;
3338 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3342 if ((pMgmt->b11hEnable == TRUE) &&
3343 (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
3345 pbyBuffer = (PBYTE)(sFrame.pBuf + sFrame.len);
3346 CARDvSetCountryIE(pMgmt->pAdapter, pbyBuffer);
3347 CARDvSetCountryInfo(pMgmt->pAdapter, PHY_TYPE_11A, pbyBuffer);
3348 uLength += ((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN;
3349 pbyBuffer += (((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN);
3350 // Power Constrain IE
3351 ((PWLAN_IE_PW_CONST) pbyBuffer)->byElementID = WLAN_EID_PWR_CONSTRAINT;
3352 ((PWLAN_IE_PW_CONST) pbyBuffer)->len = 1;
3353 ((PWLAN_IE_PW_CONST) pbyBuffer)->byPower = 0;
3354 pbyBuffer += (1) + WLAN_IEHDR_LEN;
3355 uLength += (1) + WLAN_IEHDR_LEN;
3356 if (pMgmt->bSwitchChannel == TRUE) {
3357 // Channel Switch IE
3358 ((PWLAN_IE_CH_SW) pbyBuffer)->byElementID = WLAN_EID_CH_SWITCH;
3359 ((PWLAN_IE_CH_SW) pbyBuffer)->len = 3;
3360 ((PWLAN_IE_CH_SW) pbyBuffer)->byMode = 1;
3361 ((PWLAN_IE_CH_SW) pbyBuffer)->byChannel = CARDbyGetChannelNumber(pMgmt->pAdapter, pMgmt->byNewChannel);
3362 ((PWLAN_IE_CH_SW) pbyBuffer)->byCount = 0;
3363 pbyBuffer += (3) + WLAN_IEHDR_LEN;
3364 uLength += (3) + WLAN_IEHDR_LEN;
3367 ((PWLAN_IE_TPC_REP) pbyBuffer)->byElementID = WLAN_EID_TPC_REP;
3368 ((PWLAN_IE_TPC_REP) pbyBuffer)->len = 2;
3369 ((PWLAN_IE_TPC_REP) pbyBuffer)->byTxPower = CARDbyGetTransmitPower(pMgmt->pAdapter);
3370 ((PWLAN_IE_TPC_REP) pbyBuffer)->byLinkMargin = 0;
3371 pbyBuffer += (2) + WLAN_IEHDR_LEN;
3372 uLength += (2) + WLAN_IEHDR_LEN;
3374 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3375 pIBSSDFS = (PWLAN_IE_IBSS_DFS) pbyBuffer;
3376 pIBSSDFS->byElementID = WLAN_EID_IBSS_DFS;
3378 memcpy( pIBSSDFS->abyDFSOwner,
3379 pMgmt->abyIBSSDFSOwner,
3381 pIBSSDFS->byDFSRecovery = pMgmt->byIBSSDFSRecovery;
3382 pbyBuffer += (7) + WLAN_IEHDR_LEN;
3383 uLength += (7) + WLAN_IEHDR_LEN;
3384 for(ii=CB_MAX_CHANNEL_24G+1; ii<=CB_MAX_CHANNEL; ii++ ) {
3385 if (CARDbGetChannelMapInfo(pMgmt->pAdapter, ii, pbyBuffer, pbyBuffer+1) == TRUE) {
3392 sFrame.len += uLength;
3395 if (pMgmt->eCurrentPHYMode == PHY_TYPE_11G) {
3396 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3397 sFrame.len += 1 + WLAN_IEHDR_LEN;
3398 sFrame.pERP->byElementID = WLAN_EID_ERP;
3399 sFrame.pERP->len = 1;
3400 sFrame.pERP->byContext = 0;
3401 if (pDevice->bProtectMode == TRUE)
3402 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3403 if (pDevice->bNonERPPresent == TRUE)
3404 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3405 if (pDevice->bBarkerPreambleMd == TRUE)
3406 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3408 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3409 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3410 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3411 memcpy(sFrame.pExtSuppRates,
3413 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3416 // hostapd wpa/wpa2 IE
3417 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnableHostapd == TRUE)) {
3418 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3419 if (pMgmt->wWPAIELen != 0) {
3420 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3421 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3422 sFrame.len += pMgmt->wWPAIELen;
3427 /* Adjust the length fields */
3428 pTxPacket->cbMPDULen = sFrame.len;
3429 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3440 * Routine Description:
3441 * Constructs an Prob-response frame
3445 * PTR to frame; or NULL on allocation failue
3453 s_MgrMakeProbeResponse(
3454 IN PSDevice pDevice,
3455 IN PSMgmtObject pMgmt,
3456 IN WORD wCurrCapInfo,
3457 IN WORD wCurrBeaconPeriod,
3458 IN UINT uCurrChannel,
3459 IN WORD wCurrATIMWinodw,
3461 IN PWLAN_IE_SSID pCurrSSID,
3462 IN PBYTE pCurrBSSID,
3463 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
3464 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates,
3468 PSTxMgmtPacket pTxPacket = NULL;
3469 WLAN_FR_PROBERESP sFrame;
3472 PWLAN_IE_IBSS_DFS pIBSSDFS = NULL;
3476 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3477 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_PROBERESP_FR_MAXLEN);
3478 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3479 // Setup the sFrame structure.
3480 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3481 sFrame.len = WLAN_PROBERESP_FR_MAXLEN;
3482 vMgrEncodeProbeResponse(&sFrame);
3484 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3486 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3487 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_PROBERESP)
3489 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
3490 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3491 memcpy( sFrame.pHdr->sA3.abyAddr3, pCurrBSSID, WLAN_BSSID_LEN);
3492 *sFrame.pwBeaconInterval = cpu_to_le16(wCurrBeaconPeriod);
3493 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
3495 if (byPHYType == BB_TYPE_11B) {
3496 *sFrame.pwCapInfo &= cpu_to_le16((WORD)~(WLAN_SET_CAP_INFO_SHORTSLOTTIME(1)));
3500 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3501 sFrame.len += ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len + WLAN_IEHDR_LEN;
3502 memcpy(sFrame.pSSID,
3504 ((PWLAN_IE_SSID)pCurrSSID)->len + WLAN_IEHDR_LEN
3506 // Copy the rate set
3507 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3509 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
3510 memcpy(sFrame.pSuppRates,
3512 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
3516 if (pDevice->eCurrentPHYType != PHY_TYPE_11A) {
3517 sFrame.pDSParms = (PWLAN_IE_DS_PARMS)(sFrame.pBuf + sFrame.len);
3518 sFrame.len += (1) + WLAN_IEHDR_LEN;
3519 sFrame.pDSParms->byElementID = WLAN_EID_DS_PARMS;
3520 sFrame.pDSParms->len = 1;
3521 sFrame.pDSParms->byCurrChannel = (BYTE)uCurrChannel;
3524 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3526 sFrame.pIBSSParms = (PWLAN_IE_IBSS_PARMS)(sFrame.pBuf + sFrame.len);
3527 sFrame.len += (2) + WLAN_IEHDR_LEN;
3528 sFrame.pIBSSParms->byElementID = WLAN_EID_IBSS_PARMS;
3529 sFrame.pIBSSParms->len = 2;
3530 sFrame.pIBSSParms->wATIMWindow = 0;
3532 if (pDevice->eCurrentPHYType == PHY_TYPE_11G) {
3533 sFrame.pERP = (PWLAN_IE_ERP)(sFrame.pBuf + sFrame.len);
3534 sFrame.len += 1 + WLAN_IEHDR_LEN;
3535 sFrame.pERP->byElementID = WLAN_EID_ERP;
3536 sFrame.pERP->len = 1;
3537 sFrame.pERP->byContext = 0;
3538 if (pDevice->bProtectMode == TRUE)
3539 sFrame.pERP->byContext |= WLAN_EID_ERP_USE_PROTECTION;
3540 if (pDevice->bNonERPPresent == TRUE)
3541 sFrame.pERP->byContext |= WLAN_EID_ERP_NONERP_PRESENT;
3542 if (pDevice->bBarkerPreambleMd == TRUE)
3543 sFrame.pERP->byContext |= WLAN_EID_ERP_BARKER_MODE;
3546 if ((pMgmt->b11hEnable == TRUE) &&
3547 (pMgmt->eCurrentPHYMode == PHY_TYPE_11A)) {
3549 pbyBuffer = (PBYTE)(sFrame.pBuf + sFrame.len);
3550 CARDvSetCountryIE(pMgmt->pAdapter, pbyBuffer);
3551 CARDvSetCountryInfo(pMgmt->pAdapter, PHY_TYPE_11A, pbyBuffer);
3552 uLength += ((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN;
3553 pbyBuffer += (((PWLAN_IE_COUNTRY) pbyBuffer)->len + WLAN_IEHDR_LEN);
3554 // Power Constrain IE
3555 ((PWLAN_IE_PW_CONST) pbyBuffer)->byElementID = WLAN_EID_PWR_CONSTRAINT;
3556 ((PWLAN_IE_PW_CONST) pbyBuffer)->len = 1;
3557 ((PWLAN_IE_PW_CONST) pbyBuffer)->byPower = 0;
3558 pbyBuffer += (1) + WLAN_IEHDR_LEN;
3559 uLength += (1) + WLAN_IEHDR_LEN;
3560 if (pMgmt->bSwitchChannel == TRUE) {
3561 // Channel Switch IE
3562 ((PWLAN_IE_CH_SW) pbyBuffer)->byElementID = WLAN_EID_CH_SWITCH;
3563 ((PWLAN_IE_CH_SW) pbyBuffer)->len = 3;
3564 ((PWLAN_IE_CH_SW) pbyBuffer)->byMode = 1;
3565 ((PWLAN_IE_CH_SW) pbyBuffer)->byChannel = CARDbyGetChannelNumber(pMgmt->pAdapter, pMgmt->byNewChannel);
3566 ((PWLAN_IE_CH_SW) pbyBuffer)->byCount = 0;
3567 pbyBuffer += (3) + WLAN_IEHDR_LEN;
3568 uLength += (3) + WLAN_IEHDR_LEN;
3571 ((PWLAN_IE_TPC_REP) pbyBuffer)->byElementID = WLAN_EID_TPC_REP;
3572 ((PWLAN_IE_TPC_REP) pbyBuffer)->len = 2;
3573 ((PWLAN_IE_TPC_REP) pbyBuffer)->byTxPower = CARDbyGetTransmitPower(pMgmt->pAdapter);
3574 ((PWLAN_IE_TPC_REP) pbyBuffer)->byLinkMargin = 0;
3575 pbyBuffer += (2) + WLAN_IEHDR_LEN;
3576 uLength += (2) + WLAN_IEHDR_LEN;
3578 if (pMgmt->eCurrMode != WMAC_MODE_ESS_AP) {
3579 pIBSSDFS = (PWLAN_IE_IBSS_DFS) pbyBuffer;
3580 pIBSSDFS->byElementID = WLAN_EID_IBSS_DFS;
3582 memcpy( pIBSSDFS->abyDFSOwner,
3583 pMgmt->abyIBSSDFSOwner,
3585 pIBSSDFS->byDFSRecovery = pMgmt->byIBSSDFSRecovery;
3586 pbyBuffer += (7) + WLAN_IEHDR_LEN;
3587 uLength += (7) + WLAN_IEHDR_LEN;
3588 for(ii=CB_MAX_CHANNEL_24G+1; ii<=CB_MAX_CHANNEL; ii++ ) {
3589 if (CARDbGetChannelMapInfo(pMgmt->pAdapter, ii, pbyBuffer, pbyBuffer+1) == TRUE) {
3596 sFrame.len += uLength;
3600 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
3601 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3602 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
3603 memcpy(sFrame.pExtSuppRates,
3605 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
3609 // hostapd wpa/wpa2 IE
3610 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) && (pDevice->bEnableHostapd == TRUE)) {
3611 if (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE) {
3612 if (pMgmt->wWPAIELen != 0) {
3613 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3614 memcpy(sFrame.pRSN, pMgmt->abyWPAIE, pMgmt->wWPAIELen);
3615 sFrame.len += pMgmt->wWPAIELen;
3620 // Adjust the length fields
3621 pTxPacket->cbMPDULen = sFrame.len;
3622 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3631 * Routine Description:
3632 * Constructs an association request frame
3636 * A ptr to frame or NULL on allocation failue
3642 s_MgrMakeAssocRequest(
3643 IN PSDevice pDevice,
3644 IN PSMgmtObject pMgmt,
3646 IN WORD wCurrCapInfo,
3647 IN WORD wListenInterval,
3648 IN PWLAN_IE_SSID pCurrSSID,
3649 IN PWLAN_IE_SUPP_RATES pCurrRates,
3650 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3653 PSTxMgmtPacket pTxPacket = NULL;
3654 WLAN_FR_ASSOCREQ sFrame;
3659 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3660 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
3661 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3662 // Setup the sFrame structure.
3663 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3664 sFrame.len = WLAN_ASSOCREQ_FR_MAXLEN;
3665 // format fixed field frame structure
3666 vMgrEncodeAssocRequest(&sFrame);
3668 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3670 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3671 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCREQ)
3673 memcpy( sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3674 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3675 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3677 // Set the capibility and listen interval
3678 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3679 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3681 // sFrame.len point to end of fixed field
3682 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3683 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3684 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3686 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3687 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3688 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3689 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3690 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3692 // Copy the rate set
3693 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3694 if ((pDevice->eCurrentPHYType == PHY_TYPE_11B) && (pCurrRates->len > 4))
3695 sFrame.len += 4 + WLAN_IEHDR_LEN;
3697 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3698 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3700 // Copy the extension rate set
3701 if ((pDevice->eCurrentPHYType == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3702 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3703 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3704 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3707 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3708 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3709 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3712 if (pMgmt->b11hEnable == TRUE) {
3713 if (sFrame.pCurrPowerCap == NULL) {
3714 sFrame.pCurrPowerCap = (PWLAN_IE_PW_CAP)(sFrame.pBuf + sFrame.len);
3715 sFrame.len += (2 + WLAN_IEHDR_LEN);
3716 sFrame.pCurrPowerCap->byElementID = WLAN_EID_PWR_CAPABILITY;
3717 sFrame.pCurrPowerCap->len = 2;
3718 CARDvGetPowerCapability(pMgmt->pAdapter,
3719 &(sFrame.pCurrPowerCap->byMinPower),
3720 &(sFrame.pCurrPowerCap->byMaxPower)
3723 if (sFrame.pCurrSuppCh == NULL) {
3724 sFrame.pCurrSuppCh = (PWLAN_IE_SUPP_CH)(sFrame.pBuf + sFrame.len);
3725 sFrame.len += CARDbySetSupportChannels(pMgmt->pAdapter,(PBYTE)sFrame.pCurrSuppCh);
3729 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3730 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3731 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3732 (pMgmt->pCurrBSS != NULL)) {
3734 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3735 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3736 sFrame.pRSNWPA->len = 16;
3737 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3738 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3739 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3740 sFrame.pRSNWPA->abyOUI[3] = 0x01;
3741 sFrame.pRSNWPA->wVersion = 1;
3742 //Group Key Cipher Suite
3743 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
3744 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
3745 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
3746 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3747 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
3748 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3749 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
3750 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3751 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
3753 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
3755 // Pairwise Key Cipher Suite
3756 sFrame.pRSNWPA->wPKCount = 1;
3757 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
3758 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
3759 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
3760 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3761 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
3762 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3763 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
3765 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
3767 // Auth Key Management Suite
3768 pbyRSN = (PBYTE)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
3775 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) {
3776 *pbyRSN++=WPA_AUTH_PSK;
3778 else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA) {
3779 *pbyRSN++=WPA_AUTH_IEEE802_1X;
3785 sFrame.pRSNWPA->len +=6;
3791 sFrame.pRSNWPA->len +=2;
3793 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3794 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3795 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3796 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
3797 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
3799 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
3800 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
3801 (pMgmt->pCurrBSS != NULL)) {
3806 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
3807 sFrame.pRSN->byElementID = WLAN_EID_RSN;
3808 sFrame.pRSN->len = 6; //Version(2)+GK(4)
3809 sFrame.pRSN->wVersion = 1;
3810 //Group Key Cipher Suite
3811 sFrame.pRSN->abyRSN[0] = 0x00;
3812 sFrame.pRSN->abyRSN[1] = 0x0F;
3813 sFrame.pRSN->abyRSN[2] = 0xAC;
3814 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
3815 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
3816 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
3817 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
3818 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
3819 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
3821 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
3824 // Pairwise Key Cipher Suite
3825 sFrame.pRSN->abyRSN[4] = 1;
3826 sFrame.pRSN->abyRSN[5] = 0;
3827 sFrame.pRSN->abyRSN[6] = 0x00;
3828 sFrame.pRSN->abyRSN[7] = 0x0F;
3829 sFrame.pRSN->abyRSN[8] = 0xAC;
3830 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
3831 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
3832 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
3833 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
3834 } else if (pMgmt->byCSSPK == KEY_CTL_NONE) {
3835 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
3837 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
3839 sFrame.pRSN->len += 6;
3841 // Auth Key Management Suite
3842 sFrame.pRSN->abyRSN[10] = 1;
3843 sFrame.pRSN->abyRSN[11] = 0;
3844 sFrame.pRSN->abyRSN[12] = 0x00;
3845 sFrame.pRSN->abyRSN[13] = 0x0F;
3846 sFrame.pRSN->abyRSN[14] = 0xAC;
3847 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK) {
3848 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
3849 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
3850 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
3852 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
3854 sFrame.pRSN->len +=6;
3857 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist == TRUE) {
3858 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
3860 sFrame.pRSN->abyRSN[16] = 0;
3861 sFrame.pRSN->abyRSN[17] = 0;
3863 sFrame.pRSN->len +=2;
3865 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && (pDevice->bRoaming == TRUE) && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
3867 pbyRSN = &sFrame.pRSN->abyRSN[18];
3868 pwPMKID = (PWORD)pbyRSN; // Point to PMKID count
3869 *pwPMKID = 0; // Initialize PMKID count
3870 pbyRSN += 2; // Point to PMKID list
3871 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
3872 if ( !memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, U_ETHER_ADDR_LEN)) {
3874 memcpy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
3878 if (*pwPMKID != 0) {
3879 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
3883 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3884 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
3885 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3886 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
3887 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
3891 // Adjust the length fields
3892 pTxPacket->cbMPDULen = sFrame.len;
3893 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
3906 * Routine Description:
3907 * Constructs an re-association request frame
3911 * A ptr to frame or NULL on allocation failue
3917 s_MgrMakeReAssocRequest(
3918 IN PSDevice pDevice,
3919 IN PSMgmtObject pMgmt,
3921 IN WORD wCurrCapInfo,
3922 IN WORD wListenInterval,
3923 IN PWLAN_IE_SSID pCurrSSID,
3924 IN PWLAN_IE_SUPP_RATES pCurrRates,
3925 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
3928 PSTxMgmtPacket pTxPacket = NULL;
3929 WLAN_FR_REASSOCREQ sFrame;
3934 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
3935 memset( pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_REASSOCREQ_FR_MAXLEN);
3936 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
3937 /* Setup the sFrame structure. */
3938 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
3939 sFrame.len = WLAN_REASSOCREQ_FR_MAXLEN;
3941 // format fixed field frame structure
3942 vMgrEncodeReassocRequest(&sFrame);
3944 /* Setup the header */
3945 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
3947 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
3948 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCREQ)
3950 memcpy( sFrame.pHdr->sA3.abyAddr1, pDAddr, WLAN_ADDR_LEN);
3951 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
3952 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3954 /* Set the capibility and listen interval */
3955 *(sFrame.pwCapInfo) = cpu_to_le16(wCurrCapInfo);
3956 *(sFrame.pwListenInterval) = cpu_to_le16(wListenInterval);
3958 memcpy(sFrame.pAddrCurrAP, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
3960 /* sFrame.len point to end of fixed field */
3961 sFrame.pSSID = (PWLAN_IE_SSID)(sFrame.pBuf + sFrame.len);
3962 sFrame.len += pCurrSSID->len + WLAN_IEHDR_LEN;
3963 memcpy(sFrame.pSSID, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3965 pMgmt->sAssocInfo.AssocInfo.RequestIELength = pCurrSSID->len + WLAN_IEHDR_LEN;
3966 pMgmt->sAssocInfo.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
3967 pbyIEs = pMgmt->sAssocInfo.abyIEs;
3968 memcpy(pbyIEs, pCurrSSID, pCurrSSID->len + WLAN_IEHDR_LEN);
3969 pbyIEs += pCurrSSID->len + WLAN_IEHDR_LEN;
3971 /* Copy the rate set */
3972 /* sFrame.len point to end of SSID */
3973 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3974 sFrame.len += pCurrRates->len + WLAN_IEHDR_LEN;
3975 memcpy(sFrame.pSuppRates, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3977 // Copy the extension rate set
3978 if ((pMgmt->eCurrentPHYMode == PHY_TYPE_11G) && (pCurrExtSuppRates->len > 0)) {
3979 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
3980 sFrame.len += pCurrExtSuppRates->len + WLAN_IEHDR_LEN;
3981 memcpy(sFrame.pExtSuppRates, pCurrExtSuppRates, pCurrExtSuppRates->len + WLAN_IEHDR_LEN);
3984 pMgmt->sAssocInfo.AssocInfo.RequestIELength += pCurrRates->len + WLAN_IEHDR_LEN;
3985 memcpy(pbyIEs, pCurrRates, pCurrRates->len + WLAN_IEHDR_LEN);
3986 pbyIEs += pCurrRates->len + WLAN_IEHDR_LEN;
3988 if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA) ||
3989 (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) ||
3990 (pMgmt->eAuthenMode == WMAC_AUTH_WPANONE)) &&
3991 (pMgmt->pCurrBSS != NULL)) {
3993 sFrame.pRSNWPA = (PWLAN_IE_RSN_EXT)(sFrame.pBuf + sFrame.len);
3994 sFrame.pRSNWPA->byElementID = WLAN_EID_RSN_WPA;
3995 sFrame.pRSNWPA->len = 16;
3996 sFrame.pRSNWPA->abyOUI[0] = 0x00;
3997 sFrame.pRSNWPA->abyOUI[1] = 0x50;
3998 sFrame.pRSNWPA->abyOUI[2] = 0xf2;
3999 sFrame.pRSNWPA->abyOUI[3] = 0x01;
4000 sFrame.pRSNWPA->wVersion = 1;
4001 //Group Key Cipher Suite
4002 sFrame.pRSNWPA->abyMulticast[0] = 0x00;
4003 sFrame.pRSNWPA->abyMulticast[1] = 0x50;
4004 sFrame.pRSNWPA->abyMulticast[2] = 0xf2;
4005 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
4006 sFrame.pRSNWPA->abyMulticast[3] = pMgmt->pCurrBSS->byGKType;
4007 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
4008 sFrame.pRSNWPA->abyMulticast[3] = WPA_TKIP;
4009 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
4010 sFrame.pRSNWPA->abyMulticast[3] = WPA_AESCCMP;
4012 sFrame.pRSNWPA->abyMulticast[3] = WPA_NONE;
4014 // Pairwise Key Cipher Suite
4015 sFrame.pRSNWPA->wPKCount = 1;
4016 sFrame.pRSNWPA->PKSList[0].abyOUI[0] = 0x00;
4017 sFrame.pRSNWPA->PKSList[0].abyOUI[1] = 0x50;
4018 sFrame.pRSNWPA->PKSList[0].abyOUI[2] = 0xf2;
4019 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
4020 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_TKIP;
4021 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
4022 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_AESCCMP;
4024 sFrame.pRSNWPA->PKSList[0].abyOUI[3] = WPA_NONE;
4026 // Auth Key Management Suite
4027 pbyRSN = (PBYTE)(sFrame.pBuf + sFrame.len + 2 + sFrame.pRSNWPA->len);
4034 if (pMgmt->eAuthenMode == WMAC_AUTH_WPAPSK) {
4035 *pbyRSN++=WPA_AUTH_PSK;
4036 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA) {
4037 *pbyRSN++=WPA_AUTH_IEEE802_1X;
4042 sFrame.pRSNWPA->len +=6;
4047 sFrame.pRSNWPA->len +=2;
4049 sFrame.len += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
4050 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
4051 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
4052 memcpy(pbyIEs, sFrame.pRSNWPA, sFrame.pRSNWPA->len + WLAN_IEHDR_LEN);
4053 pbyIEs += sFrame.pRSNWPA->len + WLAN_IEHDR_LEN;
4055 } else if (((pMgmt->eAuthenMode == WMAC_AUTH_WPA2) ||
4056 (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK)) &&
4057 (pMgmt->pCurrBSS != NULL)) {
4062 sFrame.pRSN = (PWLAN_IE_RSN)(sFrame.pBuf + sFrame.len);
4063 sFrame.pRSN->byElementID = WLAN_EID_RSN;
4064 sFrame.pRSN->len = 6; //Version(2)+GK(4)
4065 sFrame.pRSN->wVersion = 1;
4066 //Group Key Cipher Suite
4067 sFrame.pRSN->abyRSN[0] = 0x00;
4068 sFrame.pRSN->abyRSN[1] = 0x0F;
4069 sFrame.pRSN->abyRSN[2] = 0xAC;
4070 if (pMgmt->byCSSGK == KEY_CTL_WEP) {
4071 sFrame.pRSN->abyRSN[3] = pMgmt->pCurrBSS->byCSSGK;
4072 } else if (pMgmt->byCSSGK == KEY_CTL_TKIP) {
4073 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_TKIP;
4074 } else if (pMgmt->byCSSGK == KEY_CTL_CCMP) {
4075 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_CCMP;
4077 sFrame.pRSN->abyRSN[3] = WLAN_11i_CSS_UNKNOWN;
4080 // Pairwise Key Cipher Suite
4081 sFrame.pRSN->abyRSN[4] = 1;
4082 sFrame.pRSN->abyRSN[5] = 0;
4083 sFrame.pRSN->abyRSN[6] = 0x00;
4084 sFrame.pRSN->abyRSN[7] = 0x0F;
4085 sFrame.pRSN->abyRSN[8] = 0xAC;
4086 if (pMgmt->byCSSPK == KEY_CTL_TKIP) {
4087 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_TKIP;
4088 } else if (pMgmt->byCSSPK == KEY_CTL_CCMP) {
4089 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_CCMP;
4090 } else if (pMgmt->byCSSPK == KEY_CTL_NONE) {
4091 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_USE_GROUP;
4093 sFrame.pRSN->abyRSN[9] = WLAN_11i_CSS_UNKNOWN;
4095 sFrame.pRSN->len += 6;
4097 // Auth Key Management Suite
4098 sFrame.pRSN->abyRSN[10] = 1;
4099 sFrame.pRSN->abyRSN[11] = 0;
4100 sFrame.pRSN->abyRSN[12] = 0x00;
4101 sFrame.pRSN->abyRSN[13] = 0x0F;
4102 sFrame.pRSN->abyRSN[14] = 0xAC;
4103 if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2PSK) {
4104 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_PSK;
4105 } else if (pMgmt->eAuthenMode == WMAC_AUTH_WPA2) {
4106 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_802_1X;
4108 sFrame.pRSN->abyRSN[15] = WLAN_11i_AKMSS_UNKNOWN;
4110 sFrame.pRSN->len +=6;
4113 if (pMgmt->pCurrBSS->sRSNCapObj.bRSNCapExist == TRUE) {
4114 memcpy(&sFrame.pRSN->abyRSN[16], &pMgmt->pCurrBSS->sRSNCapObj.wRSNCap, 2);
4116 sFrame.pRSN->abyRSN[16] = 0;
4117 sFrame.pRSN->abyRSN[17] = 0;
4119 sFrame.pRSN->len +=2;
4121 if ((pDevice->gsPMKID.BSSIDInfoCount > 0) && (pDevice->bRoaming == TRUE) && (pMgmt->eAuthenMode == WMAC_AUTH_WPA2)) {
4123 pbyRSN = &sFrame.pRSN->abyRSN[18];
4124 pwPMKID = (PWORD)pbyRSN; // Point to PMKID count
4125 *pwPMKID = 0; // Initialize PMKID count
4126 pbyRSN += 2; // Point to PMKID list
4127 for (ii = 0; ii < pDevice->gsPMKID.BSSIDInfoCount; ii++) {
4128 if ( !memcmp(&pDevice->gsPMKID.BSSIDInfo[ii].BSSID[0], pMgmt->abyCurrBSSID, U_ETHER_ADDR_LEN)) {
4130 memcpy(pbyRSN, pDevice->gsPMKID.BSSIDInfo[ii].PMKID, 16);
4134 if (*pwPMKID != 0) {
4135 sFrame.pRSN->len += (2 + (*pwPMKID)*16);
4139 sFrame.len += sFrame.pRSN->len + WLAN_IEHDR_LEN;
4140 // copy to AssocInfo. for OID_802_11_ASSOCIATION_INFORMATION
4141 pMgmt->sAssocInfo.AssocInfo.RequestIELength += sFrame.pRSN->len + WLAN_IEHDR_LEN;
4142 memcpy(pbyIEs, sFrame.pRSN, sFrame.pRSN->len + WLAN_IEHDR_LEN);
4143 pbyIEs += sFrame.pRSN->len + WLAN_IEHDR_LEN;
4147 /* Adjust the length fields */
4148 pTxPacket->cbMPDULen = sFrame.len;
4149 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
4158 * Routine Description:
4159 * Constructs an assoc-response frame
4163 * PTR to frame; or NULL on allocation failue
4169 s_MgrMakeAssocResponse(
4170 IN PSDevice pDevice,
4171 IN PSMgmtObject pMgmt,
4172 IN WORD wCurrCapInfo,
4173 IN WORD wAssocStatus,
4176 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
4177 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
4180 PSTxMgmtPacket pTxPacket = NULL;
4181 WLAN_FR_ASSOCRESP sFrame;
4184 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
4185 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
4186 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
4187 // Setup the sFrame structure
4188 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
4189 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
4190 vMgrEncodeAssocResponse(&sFrame);
4192 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
4194 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
4195 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_ASSOCRESP)
4197 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
4198 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
4199 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
4201 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
4202 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
4203 *sFrame.pwAid = cpu_to_le16((WORD)(wAssocAID | BIT14 | BIT15));
4205 // Copy the rate set
4206 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4207 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
4208 memcpy(sFrame.pSuppRates,
4210 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
4213 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
4214 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4215 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
4216 memcpy(sFrame.pExtSuppRates,
4218 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
4222 // Adjust the length fields
4223 pTxPacket->cbMPDULen = sFrame.len;
4224 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
4232 * Routine Description:
4233 * Constructs an reassoc-response frame
4237 * PTR to frame; or NULL on allocation failue
4243 s_MgrMakeReAssocResponse(
4244 IN PSDevice pDevice,
4245 IN PSMgmtObject pMgmt,
4246 IN WORD wCurrCapInfo,
4247 IN WORD wAssocStatus,
4250 IN PWLAN_IE_SUPP_RATES pCurrSuppRates,
4251 IN PWLAN_IE_SUPP_RATES pCurrExtSuppRates
4254 PSTxMgmtPacket pTxPacket = NULL;
4255 WLAN_FR_REASSOCRESP sFrame;
4258 pTxPacket = (PSTxMgmtPacket)pMgmt->pbyMgmtPacketPool;
4259 memset(pTxPacket, 0, sizeof(STxMgmtPacket) + WLAN_ASSOCREQ_FR_MAXLEN);
4260 pTxPacket->p80211Header = (PUWLAN_80211HDR)((PBYTE)pTxPacket + sizeof(STxMgmtPacket));
4261 // Setup the sFrame structure
4262 sFrame.pBuf = (PBYTE)pTxPacket->p80211Header;
4263 sFrame.len = WLAN_REASSOCRESP_FR_MAXLEN;
4264 vMgrEncodeReassocResponse(&sFrame);
4266 sFrame.pHdr->sA3.wFrameCtl = cpu_to_le16(
4268 WLAN_SET_FC_FTYPE(WLAN_TYPE_MGR) |
4269 WLAN_SET_FC_FSTYPE(WLAN_FSTYPE_REASSOCRESP)
4271 memcpy( sFrame.pHdr->sA3.abyAddr1, pDstAddr, WLAN_ADDR_LEN);
4272 memcpy( sFrame.pHdr->sA3.abyAddr2, pMgmt->abyMACAddr, WLAN_ADDR_LEN);
4273 memcpy( sFrame.pHdr->sA3.abyAddr3, pMgmt->abyCurrBSSID, WLAN_BSSID_LEN);
4275 *sFrame.pwCapInfo = cpu_to_le16(wCurrCapInfo);
4276 *sFrame.pwStatus = cpu_to_le16(wAssocStatus);
4277 *sFrame.pwAid = cpu_to_le16((WORD)(wAssocAID | BIT14 | BIT15));
4279 // Copy the rate set
4280 sFrame.pSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4281 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN;
4282 memcpy(sFrame.pSuppRates,
4284 ((PWLAN_IE_SUPP_RATES)pCurrSuppRates)->len + WLAN_IEHDR_LEN
4287 if (((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len != 0) {
4288 sFrame.pExtSuppRates = (PWLAN_IE_SUPP_RATES)(sFrame.pBuf + sFrame.len);
4289 sFrame.len += ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN;
4290 memcpy(sFrame.pExtSuppRates,
4292 ((PWLAN_IE_SUPP_RATES)pCurrExtSuppRates)->len + WLAN_IEHDR_LEN
4296 // Adjust the length fields
4297 pTxPacket->cbMPDULen = sFrame.len;
4298 pTxPacket->cbPayloadLen = sFrame.len - WLAN_HDR_ADDR3_LEN;
4306 * Routine Description:
4307 * Handles probe response management frames.
4317 s_vMgrRxProbeResponse(
4318 IN PSDevice pDevice,
4319 IN PSMgmtObject pMgmt,
4320 IN PSRxMgmtPacket pRxPacket
4323 PKnownBSS pBSSList = NULL;
4324 WLAN_FR_PROBERESP sFrame;
4325 BYTE byCurrChannel = pRxPacket->byRxChannel;
4327 BYTE byIEChannel = 0;
4328 BOOL bChannelHit = TRUE;
4331 memset(&sFrame, 0, sizeof(WLAN_FR_PROBERESP));
4333 sFrame.len = pRxPacket->cbMPDULen;
4334 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
4335 vMgrDecodeProbeResponse(&sFrame);
4337 if ((sFrame.pqwTimestamp == 0) ||
4338 (sFrame.pwBeaconInterval == 0) ||
4339 (sFrame.pwCapInfo == 0) ||
4340 (sFrame.pSSID == 0) ||
4341 (sFrame.pSuppRates == 0)) {
4342 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe resp:Fail addr:[%p] \n", pRxPacket->p80211Header);
4347 if(sFrame.pSSID->len == 0)
4348 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Rx Probe resp: SSID len = 0 \n");
4350 if (sFrame.pDSParms != 0) {
4351 if (byCurrChannel > CB_MAX_CHANNEL_24G) {
4352 // channel remapping to
4353 byIEChannel = CARDbyGetChannelMapping(pMgmt->pAdapter, sFrame.pDSParms->byCurrChannel, PHY_TYPE_11A);
4355 byIEChannel = sFrame.pDSParms->byCurrChannel;
4357 if (byCurrChannel != byIEChannel) {
4358 // adjust channel info. bcs we rcv adjcent channel pakckets
4359 bChannelHit = FALSE;
4360 byCurrChannel = byIEChannel;
4363 // no DS channel info
4367 //2008-0730-01<Add>by MikeLiu
4368 if(ChannelExceedZoneType(pDevice,byCurrChannel)==TRUE)
4371 if (sFrame.pERP != NULL) {
4372 sERP.byERP = sFrame.pERP->byContext;
4373 sERP.bERPExist = TRUE;
4375 sERP.bERPExist = FALSE;
4380 // update or insert the bss
4381 pBSSList = BSSpAddrIsInBSSList((HANDLE)pDevice, sFrame.pHdr->sA3.abyAddr3, sFrame.pSSID);
4383 BSSbUpdateToBSSList((HANDLE)pDevice,
4384 *sFrame.pqwTimestamp,
4385 *sFrame.pwBeaconInterval,
4391 sFrame.pExtSuppRates,
4398 sFrame.len - WLAN_HDR_ADDR3_LEN,
4399 sFrame.pHdr->sA4.abyAddr4, // payload of probresponse
4404 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"Probe resp/insert: RxChannel = : %d\n", byCurrChannel);
4405 BSSbInsertToBSSList((HANDLE)pDevice,
4406 sFrame.pHdr->sA3.abyAddr3,
4407 *sFrame.pqwTimestamp,
4408 *sFrame.pwBeaconInterval,
4413 sFrame.pExtSuppRates,
4419 sFrame.len - WLAN_HDR_ADDR3_LEN,
4420 sFrame.pHdr->sA4.abyAddr4, // payload of beacon
4430 * Routine Description:(AP)or(Ad-hoc STA)
4431 * Handles probe request management frames.
4442 s_vMgrRxProbeRequest(
4443 IN PSDevice pDevice,
4444 IN PSMgmtObject pMgmt,
4445 IN PSRxMgmtPacket pRxPacket
4448 WLAN_FR_PROBEREQ sFrame;
4450 PSTxMgmtPacket pTxPacket;
4451 BYTE byPHYType = BB_TYPE_11B;
4453 // STA in Ad-hoc mode: when latest TBTT beacon transmit success,
4454 // STA have to response this request.
4455 if ((pMgmt->eCurrMode == WMAC_MODE_ESS_AP) ||
4456 ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) && pDevice->bBeaconSent)) {
4458 memset(&sFrame, 0, sizeof(WLAN_FR_PROBEREQ));
4460 sFrame.len = pRxPacket->cbMPDULen;
4461 sFrame.pBuf = (PBYTE)pRxPacket->p80211Header;
4462 vMgrDecodeProbeRequest(&sFrame);
4464 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Probe request rx:MAC addr:%02x-%02x-%02x=%02x-%02x-%02x \n",
4465 sFrame.pHdr->sA3.abyAddr2[0],
4466 sFrame.pHdr->sA3.abyAddr2[1],
4467 sFrame.pHdr->sA3.abyAddr2[2],
4468 sFrame.pHdr->sA3.abyAddr2[3],
4469 sFrame.pHdr->sA3.abyAddr2[4],
4470 sFrame.pHdr->sA3.abyAddr2[5]
4473 if (sFrame.pSSID->len != 0) {
4474 if (sFrame.pSSID->len != ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len)
4476 if (memcmp(sFrame.pSSID->abySSID,
4477 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->abySSID,
4478 ((PWLAN_IE_SSID)pMgmt->abyCurrSSID)->len) != 0) {
4483 if ((sFrame.pSuppRates->len > 4) || (sFrame.pExtSuppRates != NULL)) {
4484 byPHYType = BB_TYPE_11G;
4487 // Probe response reply..
4488 pTxPacket = s_MgrMakeProbeResponse
4492 pMgmt->wCurrCapInfo,
4493 pMgmt->wCurrBeaconPeriod,
4494 pMgmt->uCurrChannel,
4496 sFrame.pHdr->sA3.abyAddr2,
4497 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4498 (PBYTE)pMgmt->abyCurrBSSID,
4499 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4500 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates,
4503 if (pTxPacket != NULL ){
4504 /* send the frame */
4505 Status = csMgmt_xmit(pDevice, pTxPacket);
4506 if (Status != CMD_STATUS_PENDING) {
4507 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Probe response tx failed\n");
4510 // DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "Mgt:Probe response tx sending..\n");
4524 * Routine Description:
4526 * Entry point for the reception and handling of 802.11 management
4527 * frames. Makes a determination of the frame type and then calls
4528 * the appropriate function.
4539 IN HANDLE hDeviceContext,
4540 IN PSMgmtObject pMgmt,
4541 IN PSRxMgmtPacket pRxPacket
4544 PSDevice pDevice = (PSDevice)hDeviceContext;
4545 BOOL bInScan = FALSE;
4546 UINT uNodeIndex = 0;
4547 NODE_STATE eNodeState = 0;
4551 if (pMgmt->eCurrMode == WMAC_MODE_ESS_AP) {
4552 if (BSSDBbIsSTAInNodeDB(pMgmt, pRxPacket->p80211Header->sA3.abyAddr2, &uNodeIndex))
4553 eNodeState = pMgmt->sNodeDBTable[uNodeIndex].eNodeState;
4556 switch( WLAN_GET_FC_FSTYPE((pRxPacket->p80211Header->sA3.wFrameCtl)) ){
4558 case WLAN_FSTYPE_ASSOCREQ:
4560 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocreq\n");
4561 if (eNodeState < NODE_AUTH) {
4562 // send deauth notification
4563 // reason = (6) class 2 received from nonauth sta
4564 vMgrDeAuthenBeginSta(pDevice,
4566 pRxPacket->p80211Header->sA3.abyAddr2,
4570 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 1\n");
4573 s_vMgrRxAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4577 case WLAN_FSTYPE_ASSOCRESP:
4579 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp1\n");
4580 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, FALSE);
4581 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx assocresp2\n");
4584 case WLAN_FSTYPE_REASSOCREQ:
4586 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocreq\n");
4588 if (eNodeState < NODE_AUTH) {
4589 // send deauth notification
4590 // reason = (6) class 2 received from nonauth sta
4591 vMgrDeAuthenBeginSta(pDevice,
4593 pRxPacket->p80211Header->sA3.abyAddr2,
4597 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 2\n");
4600 s_vMgrRxReAssocRequest(pDevice, pMgmt, pRxPacket, uNodeIndex);
4603 case WLAN_FSTYPE_REASSOCRESP:
4605 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx reassocresp\n");
4606 s_vMgrRxAssocResponse(pDevice, pMgmt, pRxPacket, TRUE);
4609 case WLAN_FSTYPE_PROBEREQ:
4611 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx probereq\n");
4612 s_vMgrRxProbeRequest(pDevice, pMgmt, pRxPacket);
4615 case WLAN_FSTYPE_PROBERESP:
4617 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx proberesp\n");
4619 s_vMgrRxProbeResponse(pDevice, pMgmt, pRxPacket);
4622 case WLAN_FSTYPE_BEACON:
4624 //DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx beacon\n");
4625 if (pMgmt->eScanState != WMAC_NO_SCANNING) {
4628 s_vMgrRxBeacon(pDevice, pMgmt, pRxPacket, bInScan);
4631 case WLAN_FSTYPE_ATIM:
4633 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx atim\n");
4636 case WLAN_FSTYPE_DISASSOC:
4638 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx disassoc\n");
4639 if (eNodeState < NODE_AUTH) {
4640 // send deauth notification
4641 // reason = (6) class 2 received from nonauth sta
4642 vMgrDeAuthenBeginSta(pDevice,
4644 pRxPacket->p80211Header->sA3.abyAddr2,
4648 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "wmgr: send vMgrDeAuthenBeginSta 3\n");
4650 s_vMgrRxDisassociation(pDevice, pMgmt, pRxPacket);
4653 case WLAN_FSTYPE_AUTHEN:
4655 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx authen\n");
4656 s_vMgrRxAuthentication(pDevice, pMgmt, pRxPacket);
4659 case WLAN_FSTYPE_DEAUTHEN:
4661 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx deauthen\n");
4662 s_vMgrRxDeauthentication(pDevice, pMgmt, pRxPacket);
4666 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "rx unknown mgmt\n");
4677 * Routine Description:
4680 * Prepare beacon to send
4683 * TRUE if success; FALSE if failed.
4687 bMgrPrepareBeaconToSend(
4688 IN HANDLE hDeviceContext,
4689 IN PSMgmtObject pMgmt
4692 PSDevice pDevice = (PSDevice)hDeviceContext;
4693 PSTxMgmtPacket pTxPacket;
4695 // pDevice->bBeaconBufReady = FALSE;
4696 if (pDevice->bEncryptionEnable || pDevice->bEnable8021x){
4697 pMgmt->wCurrCapInfo |= WLAN_SET_CAP_INFO_PRIVACY(1);
4700 pMgmt->wCurrCapInfo &= ~WLAN_SET_CAP_INFO_PRIVACY(1);
4702 pTxPacket = s_MgrMakeBeacon
4706 pMgmt->wCurrCapInfo,
4707 pMgmt->wCurrBeaconPeriod,
4708 pMgmt->uCurrChannel,
4709 pMgmt->wCurrATIMWindow, //0,
4710 (PWLAN_IE_SSID)pMgmt->abyCurrSSID,
4711 (PBYTE)pMgmt->abyCurrBSSID,
4712 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrSuppRates,
4713 (PWLAN_IE_SUPP_RATES)pMgmt->abyCurrExtSuppRates
4716 if ((pMgmt->eCurrMode == WMAC_MODE_IBSS_STA) &&
4717 (pMgmt->abyCurrBSSID[0] == 0))
4720 csBeacon_xmit(pDevice, pTxPacket);
4730 * Routine Description:
4732 * Log a warning message based on the contents of the Status
4733 * Code field of an 802.11 management frame. Defines are
4734 * derived from 802.11-1997 SPEC.
4743 IN PSMgmtObject pMgmt,
4748 case WLAN_MGMT_STATUS_UNSPEC_FAILURE:
4749 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Unspecified error.\n");
4751 case WLAN_MGMT_STATUS_CAPS_UNSUPPORTED:
4752 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Can't support all requested capabilities.\n");
4754 case WLAN_MGMT_STATUS_REASSOC_NO_ASSOC:
4755 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Reassoc denied, can't confirm original Association.\n");
4757 case WLAN_MGMT_STATUS_ASSOC_DENIED_UNSPEC:
4758 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, undefine in spec\n");
4760 case WLAN_MGMT_STATUS_UNSUPPORTED_AUTHALG:
4761 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Peer doesn't support authen algorithm.\n");
4763 case WLAN_MGMT_STATUS_RX_AUTH_NOSEQ:
4764 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen frame received out of sequence.\n");
4766 case WLAN_MGMT_STATUS_CHALLENGE_FAIL:
4767 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, challenge failure.\n");
4769 case WLAN_MGMT_STATUS_AUTH_TIMEOUT:
4770 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Authen rejected, timeout waiting for next frame.\n");
4772 case WLAN_MGMT_STATUS_ASSOC_DENIED_BUSY:
4773 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, AP too busy.\n");
4775 case WLAN_MGMT_STATUS_ASSOC_DENIED_RATES:
4776 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we haven't enough basic rates.\n");
4778 case WLAN_MGMT_STATUS_ASSOC_DENIED_SHORTPREAMBLE:
4779 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support short preamble.\n");
4781 case WLAN_MGMT_STATUS_ASSOC_DENIED_PBCC:
4782 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support PBCC.\n");
4784 case WLAN_MGMT_STATUS_ASSOC_DENIED_AGILITY:
4785 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Status code == Assoc denied, we do not support channel agility.\n");
4788 DBG_PRT(MSG_LEVEL_NOTICE, KERN_INFO "Unknown status code %d.\n", wStatus);
4797 * Add BSSID in PMKID Candidate list.
4801 * hDeviceContext - device structure point
4802 * pbyBSSID - BSSID address for adding
4803 * wRSNCap - BSS's RSN capability
4807 * Return Value: none.
4811 bAdd_PMKID_Candidate (
4812 IN HANDLE hDeviceContext,
4814 IN PSRSNCapObject psRSNCapObj
4817 PSDevice pDevice = (PSDevice)hDeviceContext;
4818 PPMKID_CANDIDATE pCandidateList;
4821 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"bAdd_PMKID_Candidate START: (%d)\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4823 if ((pDevice == NULL) || (pbyBSSID == NULL) || (psRSNCapObj == NULL))
4826 if (pDevice->gsPMKIDCandidate.NumCandidates >= MAX_PMKIDLIST)
4831 // Update Old Candidate
4832 for (ii = 0; ii < pDevice->gsPMKIDCandidate.NumCandidates; ii++) {
4833 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[ii];
4834 if ( !memcmp(pCandidateList->BSSID, pbyBSSID, U_ETHER_ADDR_LEN)) {
4835 if ((psRSNCapObj->bRSNCapExist == TRUE) && (psRSNCapObj->wRSNCap & BIT0)) {
4836 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4838 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4845 pCandidateList = &pDevice->gsPMKIDCandidate.CandidateList[pDevice->gsPMKIDCandidate.NumCandidates];
4846 if ((psRSNCapObj->bRSNCapExist == TRUE) && (psRSNCapObj->wRSNCap & BIT0)) {
4847 pCandidateList->Flags |= NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
4849 pCandidateList->Flags &= ~(NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED);
4851 memcpy(pCandidateList->BSSID, pbyBSSID, U_ETHER_ADDR_LEN);
4852 pDevice->gsPMKIDCandidate.NumCandidates++;
4853 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"NumCandidates:%d\n", (int)pDevice->gsPMKIDCandidate.NumCandidates);
4860 * Flush PMKID Candidate list.
4864 * hDeviceContext - device structure point
4868 * Return Value: none.
4872 vFlush_PMKID_Candidate (
4873 IN HANDLE hDeviceContext
4876 PSDevice pDevice = (PSDevice)hDeviceContext;
4878 if (pDevice == NULL)
4881 memset(&pDevice->gsPMKIDCandidate, 0, sizeof(SPMKIDCandidateEvent));
4886 IN PKnownBSS pBSSNode,
4887 IN NDIS_802_11_ENCRYPTION_STATUS EncStatus,
4892 BYTE byMulticastCipher = KEY_CTL_INVALID;
4893 BYTE byCipherMask = 0x00;
4896 if (pBSSNode == NULL)
4899 // check cap. of BSS
4900 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4901 (EncStatus == Ndis802_11Encryption1Enabled)) {
4902 // default is WEP only
4903 byMulticastCipher = KEY_CTL_WEP;
4906 if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4907 (pBSSNode->bWPA2Valid == TRUE) &&
4908 //20080123-01,<Add> by Einsn Liu
4909 ((EncStatus == Ndis802_11Encryption3Enabled)||(EncStatus == Ndis802_11Encryption2Enabled))) {
4911 // check Group Key Cipher
4912 if ((pBSSNode->byCSSGK == WLAN_11i_CSS_WEP40) ||
4913 (pBSSNode->byCSSGK == WLAN_11i_CSS_WEP104)) {
4914 byMulticastCipher = KEY_CTL_WEP;
4915 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_TKIP) {
4916 byMulticastCipher = KEY_CTL_TKIP;
4917 } else if (pBSSNode->byCSSGK == WLAN_11i_CSS_CCMP) {
4918 byMulticastCipher = KEY_CTL_CCMP;
4920 byMulticastCipher = KEY_CTL_INVALID;
4923 // check Pairwise Key Cipher
4924 for(i=0;i<pBSSNode->wCSSPKCount;i++) {
4925 if ((pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP40) ||
4926 (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_WEP104)) {
4927 // this should not happen as defined 802.11i
4928 byCipherMask |= 0x01;
4929 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_TKIP) {
4930 byCipherMask |= 0x02;
4931 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_CCMP) {
4932 byCipherMask |= 0x04;
4933 } else if (pBSSNode->abyCSSPK[i] == WLAN_11i_CSS_USE_GROUP) {
4934 // use group key only ignore all others
4936 i = pBSSNode->wCSSPKCount;
4940 } else if ((WLAN_GET_CAP_INFO_PRIVACY(pBSSNode->wCapInfo) != 0) &&
4941 (pBSSNode->bWPAValid == TRUE) &&
4942 ((EncStatus == Ndis802_11Encryption3Enabled) || (EncStatus == Ndis802_11Encryption2Enabled))) {
4944 // check Group Key Cipher
4945 if ((pBSSNode->byGKType == WPA_WEP40) ||
4946 (pBSSNode->byGKType == WPA_WEP104)) {
4947 byMulticastCipher = KEY_CTL_WEP;
4948 } else if (pBSSNode->byGKType == WPA_TKIP) {
4949 byMulticastCipher = KEY_CTL_TKIP;
4950 } else if (pBSSNode->byGKType == WPA_AESCCMP) {
4951 byMulticastCipher = KEY_CTL_CCMP;
4953 byMulticastCipher = KEY_CTL_INVALID;
4956 // check Pairwise Key Cipher
4957 for(i=0;i<pBSSNode->wPKCount;i++) {
4958 if (pBSSNode->abyPKType[i] == WPA_TKIP) {
4959 byCipherMask |= 0x02;
4960 } else if (pBSSNode->abyPKType[i] == WPA_AESCCMP) {
4961 byCipherMask |= 0x04;
4962 } else if (pBSSNode->abyPKType[i] == WPA_NONE) {
4963 // use group key only ignore all others
4965 i = pBSSNode->wPKCount;
4970 DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO"%d, %d, %d, %d, EncStatus:%d\n",
4971 byMulticastCipher, byCipherMask, pBSSNode->bWPAValid, pBSSNode->bWPA2Valid, EncStatus);
4973 // mask our cap. with BSS
4974 if (EncStatus == Ndis802_11Encryption1Enabled) {
4976 // For supporting Cisco migration mode, don't care pairwise key cipher
4977 if ((byMulticastCipher == KEY_CTL_WEP) &&
4978 (byCipherMask == 0)) {
4979 *pbyCCSGK = KEY_CTL_WEP;
4980 *pbyCCSPK = KEY_CTL_NONE;
4986 } else if (EncStatus == Ndis802_11Encryption2Enabled) {
4987 if ((byMulticastCipher == KEY_CTL_TKIP) &&
4988 (byCipherMask == 0)) {
4989 *pbyCCSGK = KEY_CTL_TKIP;
4990 *pbyCCSPK = KEY_CTL_NONE;
4992 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
4993 ((byCipherMask & 0x02) != 0)) {
4994 *pbyCCSGK = KEY_CTL_WEP;
4995 *pbyCCSPK = KEY_CTL_TKIP;
4997 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
4998 ((byCipherMask & 0x02) != 0)) {
4999 *pbyCCSGK = KEY_CTL_TKIP;
5000 *pbyCCSPK = KEY_CTL_TKIP;
5005 } else if (EncStatus == Ndis802_11Encryption3Enabled) {
5006 if ((byMulticastCipher == KEY_CTL_CCMP) &&
5007 (byCipherMask == 0)) {
5008 // When CCMP is enable, "Use group cipher suite" shall not be a valid option.
5010 } else if ((byMulticastCipher == KEY_CTL_WEP) &&
5011 ((byCipherMask & 0x04) != 0)) {
5012 *pbyCCSGK = KEY_CTL_WEP;
5013 *pbyCCSPK = KEY_CTL_CCMP;
5015 } else if ((byMulticastCipher == KEY_CTL_TKIP) &&
5016 ((byCipherMask & 0x04) != 0)) {
5017 *pbyCCSGK = KEY_CTL_TKIP;
5018 *pbyCCSPK = KEY_CTL_CCMP;
5020 } else if ((byMulticastCipher == KEY_CTL_CCMP) &&
5021 ((byCipherMask & 0x04) != 0)) {
5022 *pbyCCSGK = KEY_CTL_CCMP;
5023 *pbyCCSPK = KEY_CTL_CCMP;