2 * hostapd / Driver interaction with Prism54 PIMFOR interface
3 * Copyright (c) 2004, Bell Kin <bell_kin@pek.com.tw>
4 * based on hostap driver.c, ieee802_11.c
5 * Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * Alternatively, this software may be distributed under the terms of BSD
14 * See README and COPYING for more details.
18 #include <sys/ioctl.h>
19 #include <sys/select.h>
21 #ifdef USE_KERNEL_HEADERS
22 /* compat-wireless does not include linux/compiler.h to define __user, so
27 #include <asm/types.h>
28 #include <linux/if_packet.h>
29 #include <linux/if_ether.h> /* The L2 protocols */
30 #include <linux/if_arp.h>
31 #include <linux/wireless.h>
32 #else /* USE_KERNEL_HEADERS */
33 #include <net/if_arp.h>
34 #include <netpacket/packet.h>
35 #include "wireless_copy.h"
36 #endif /* USE_KERNEL_HEADERS */
41 #include "ieee802_1x.h"
43 #include "ieee802_11.h"
46 #include "radius/radius.h"
48 #include "accounting.h"
50 const int PIM_BUF_SIZE = 4096;
52 struct prism54_driver_data {
53 struct hostapd_data *hapd;
54 char iface[IFNAMSIZ + 1];
55 int sock; /* raw packet socket for 802.3 access */
56 int pim_sock; /* socket for pimfor packet */
61 static int mac_id_refresh(struct prism54_driver_data *data, int id, char *mac)
63 if (id < 0 || id > 2006) {
66 memcpy(&data->macs[id][0], mac, ETH_ALEN);
71 static char * mac_id_get(struct prism54_driver_data *data, int id)
73 if (id < 0 || id > 2006) {
76 return &data->macs[id][0];
80 /* wait for a specific pimfor, timeout in 10ms resolution */
81 /* pim_sock must be non-block to prevent dead lock from no response */
82 /* or same response type in series */
83 static int prism54_waitpim(void *priv, unsigned long oid, void *buf, int len,
86 struct prism54_driver_data *drv = priv;
87 struct timeval tv, stv, ctv;
97 gettimeofday(&stv, NULL);
99 FD_SET(drv->pim_sock, &pfd);
102 if (select(drv->pim_sock + 1, &pfd, NULL, NULL, &tv)) {
103 rlen = recv(drv->pim_sock, pkt, 8192, 0);
105 if (pkt->oid == htonl(oid)) {
108 memcpy(buf, pkt, rlen);
113 printf("buffer too small\n");
118 gettimeofday(&ctv, NULL);
123 gettimeofday(&ctv, NULL);
124 } while (((ctv.tv_sec - stv.tv_sec) * 100 +
125 (ctv.tv_usec - stv.tv_usec) / 10000) > timeout);
131 /* send an eapol packet */
132 static int prism54_send_eapol(void *priv, const u8 *addr,
133 const u8 *data, size_t data_len, int encrypt,
136 struct prism54_driver_data *drv = priv;
142 len = sizeof(*hdr) + data_len;
143 hdr = os_zalloc(len);
145 printf("malloc() failed for prism54_send_data(len=%lu)\n",
146 (unsigned long) len);
150 memcpy(&hdr->da[0], addr, ETH_ALEN);
151 memcpy(&hdr->sa[0], own_addr, ETH_ALEN);
152 hdr->type = htons(ETH_P_PAE);
153 pos = (u8 *) (hdr + 1);
154 memcpy(pos, data, data_len);
156 res = send(drv->sock, hdr, len, 0);
160 perror("hostapd_send_eapol: send");
161 printf("hostapd_send_eapol - packet len: %lu - failed\n",
162 (unsigned long) len);
169 /* open data channel(auth-1) or eapol only(unauth-0) */
170 static int prism54_set_sta_authorized(void *priv, const u8 *addr,
173 struct prism54_driver_data *drv = priv;
177 hdr = malloc(sizeof(*hdr) + ETH_ALEN);
180 hdr->op = htonl(PIMOP_SET);
182 hdr->oid = htonl(DOT11_OID_EAPAUTHSTA);
184 hdr->oid = htonl(DOT11_OID_EAPUNAUTHSTA);
186 pos = (char *) (hdr + 1);
187 memcpy(pos, addr, ETH_ALEN);
188 send(drv->pim_sock, hdr, sizeof(*hdr) + ETH_ALEN, 0);
189 prism54_waitpim(priv, hdr->oid, hdr, sizeof(*hdr) + ETH_ALEN, 10);
196 prism54_sta_set_flags(void *priv, const u8 *addr, int total_flags,
197 int flags_or, int flags_and)
199 /* For now, only support setting Authorized flag */
200 if (flags_or & WLAN_STA_AUTHORIZED)
201 return prism54_set_sta_authorized(priv, addr, 1);
202 if (flags_and & WLAN_STA_AUTHORIZED)
203 return prism54_set_sta_authorized(priv, addr, 0);
208 static int prism54_set_key(const char *ifname, void *priv, wpa_alg alg,
209 const u8 *addr, int key_idx, int set_tx,
210 const u8 *seq, size_t seq_len,
211 const u8 *key, size_t key_len)
213 struct prism54_driver_data *drv = priv;
215 struct obj_stakey *keys;
220 blen = sizeof(struct obj_stakey) + sizeof(pimdev_hdr);
223 printf("memory low\n");
226 keys = (struct obj_stakey *) &hdr[1];
228 memset(&keys->address[0], 0xff, ETH_ALEN);
230 memcpy(&keys->address[0], addr, ETH_ALEN);
234 keys->type = DOT11_PRIV_WEP;
237 keys->type = DOT11_PRIV_TKIP;
240 /* the only way to clear the key is to deauth it */
241 /* and prism54 is capable to receive unencrypted packet */
242 /* so we do nothing here */
246 printf("bad auth type: %d\n", alg);
250 buf = (u8 *) &keys->key[0];
251 keys->length = key_len;
252 keys->keyid = key_idx;
253 keys->options = htons(DOT11_STAKEY_OPTION_DEFAULTKEY);
256 hdr->op = htonl(PIMOP_SET);
257 hdr->oid = htonl(DOT11_OID_STAKEY);
259 memcpy(buf, key, key_len);
261 ret = send(drv->pim_sock, hdr, blen, 0);
266 prism54_waitpim(priv, hdr->oid, hdr, blen, 10);
274 /* get TKIP station sequence counter, prism54 is only 6 bytes */
275 static int prism54_get_seqnum(const char *ifname, void *priv, const u8 *addr,
278 struct prism54_driver_data *drv = priv;
279 struct obj_stasc *stasc;
284 blen = sizeof(*stasc) + sizeof(*hdr);
289 stasc = (struct obj_stasc *) &hdr[1];
292 memset(&stasc->address[0], 0xff, ETH_ALEN);
294 memcpy(&stasc->address[0], addr, ETH_ALEN);
296 hdr->oid = htonl(DOT11_OID_STASC);
297 hdr->op = htonl(PIMOP_GET);
299 if (send(drv->pim_sock,hdr,blen,0) <= 0) {
303 if (prism54_waitpim(priv, DOT11_OID_STASC, hdr, blen, 10) <= 0) {
306 if (hdr->op == (int) htonl(PIMOP_RESPONSE)) {
307 memcpy(seq + 2, &stasc->sc_high, ETH_ALEN);
319 /* include unencrypted, set mlme autolevel to extended */
320 static int prism54_init_1x(void *priv)
322 struct prism54_driver_data *drv = priv;
325 int blen = sizeof(*hdr) + sizeof(*ul);
331 ul = (unsigned long *) &hdr[1];
332 hdr->op = htonl(PIMOP_SET);
333 hdr->oid = htonl(DOT11_OID_EXUNENCRYPTED);
334 *ul = htonl(DOT11_BOOL_TRUE); /* not accept */
335 send(drv->pim_sock, hdr, blen, 0);
336 prism54_waitpim(priv, DOT11_OID_EXUNENCRYPTED, hdr, blen, 10);
337 hdr->op = htonl(PIMOP_SET);
338 hdr->oid = htonl(DOT11_OID_MLMEAUTOLEVEL);
339 *ul = htonl(DOT11_MLME_EXTENDED);
340 send(drv->pim_sock, hdr, blen, 0);
341 prism54_waitpim(priv, DOT11_OID_MLMEAUTOLEVEL, hdr, blen, 10);
342 hdr->op = htonl(PIMOP_SET);
343 hdr->oid = htonl(DOT11_OID_DOT1XENABLE);
344 *ul = htonl(DOT11_BOOL_TRUE);
345 send(drv->pim_sock, hdr, blen, 0);
346 prism54_waitpim(priv, DOT11_OID_DOT1XENABLE, hdr, blen, 10);
347 hdr->op = htonl(PIMOP_SET);
348 hdr->oid = htonl(DOT11_OID_AUTHENABLE);
349 *ul = htonl(DOT11_AUTH_OS); /* OS */
350 send(drv->pim_sock, hdr, blen, 0);
351 prism54_waitpim(priv, DOT11_OID_AUTHENABLE, hdr, blen, 10);
357 static int prism54_set_privacy_invoked(const char *ifname, void *priv,
360 struct prism54_driver_data *drv = priv;
364 int blen = sizeof(*hdr) + sizeof(*ul);
368 ul = (unsigned long *) &hdr[1];
369 hdr->op = htonl(PIMOP_SET);
370 hdr->oid = htonl(DOT11_OID_PRIVACYINVOKED);
372 *ul = htonl(DOT11_BOOL_TRUE); /* has privacy */
376 ret = send(drv->pim_sock, hdr, blen, 0);
378 ret = prism54_waitpim(priv, DOT11_OID_PRIVACYINVOKED, hdr,
386 static int prism54_ioctl_setiwessid(const char *ifname, void *priv,
387 const u8 *buf, int len)
390 struct prism54_driver_data *drv = priv;
393 memset(&iwr, 0, sizeof(iwr));
394 os_strlcpy(iwr.ifr_name, drv->iface, IFNAMSIZ);
395 iwr.u.essid.flags = 1; /* SSID active */
396 iwr.u.essid.pointer = (caddr_t) buf;
397 iwr.u.essid.length = len + 1;
399 if (ioctl(drv->pim_sock, SIOCSIWESSID, &iwr) < 0) {
400 perror("ioctl[SIOCSIWESSID]");
401 printf("len=%d\n", len);
409 /* kick all stations */
410 /* does not work during init, but at least it won't crash firmware */
411 static int prism54_flush(void *priv)
413 struct prism54_driver_data *drv = priv;
414 struct obj_mlmeex *mlme;
419 int blen = sizeof(*hdr) + sizeof(*mlme);
422 hdr = os_zalloc(blen);
426 mlme = (struct obj_mlmeex *) &hdr[1];
427 nsta = (long *) &hdr[1];
428 hdr->op = htonl(PIMOP_GET);
429 hdr->oid = htonl(DOT11_OID_CLIENTS);
430 ret = send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(long), 0);
431 ret = prism54_waitpim(priv, DOT11_OID_CLIENTS, hdr, blen, 10);
432 if ((ret < 0) || (hdr->op != (int) htonl(PIMOP_RESPONSE)) ||
433 (le_to_host32(*nsta) > 2007)) {
437 for (i = 0; i < le_to_host32(*nsta); i++) {
439 mac_id = mac_id_get(drv, i);
441 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
442 mlme->code = host_to_le16(WLAN_REASON_UNSPECIFIED);
443 mlme->state = htons(DOT11_STATE_NONE);
445 hdr->op = htonl(PIMOP_SET);
446 hdr->oid = htonl(DOT11_OID_DISASSOCIATEEX);
447 ret = send(drv->pim_sock, hdr, blen, 0);
448 prism54_waitpim(priv, DOT11_OID_DISASSOCIATEEX, hdr, blen,
451 for (i = 0; i < le_to_host32(*nsta); i++) {
453 mac_id = mac_id_get(drv, i);
455 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
456 mlme->code = host_to_le16(WLAN_REASON_UNSPECIFIED);
457 mlme->state = htons(DOT11_STATE_NONE);
459 hdr->op = htonl(PIMOP_SET);
460 hdr->oid = htonl(DOT11_OID_DEAUTHENTICATEEX);
461 ret = send(drv->pim_sock, hdr, blen, 0);
462 prism54_waitpim(priv, DOT11_OID_DEAUTHENTICATEEX, hdr, blen,
470 static int prism54_sta_deauth(void *priv, const u8 *addr, int reason)
472 struct prism54_driver_data *drv = priv;
474 struct obj_mlmeex *mlme;
476 int blen = sizeof(*hdr) + sizeof(*mlme);
480 mlme = (struct obj_mlmeex *) &hdr[1];
481 hdr->op = htonl(PIMOP_SET);
482 hdr->oid = htonl(DOT11_OID_DEAUTHENTICATEEX);
483 memcpy(&mlme->address[0], addr, ETH_ALEN);
485 mlme->state = htons(DOT11_STATE_NONE);
486 mlme->code = host_to_le16(reason);
488 ret = send(drv->pim_sock, hdr, blen, 0);
489 prism54_waitpim(priv, DOT11_OID_DEAUTHENTICATEEX, hdr, blen, 10);
495 static int prism54_sta_disassoc(void *priv, const u8 *addr, int reason)
497 struct prism54_driver_data *drv = priv;
499 struct obj_mlmeex *mlme;
501 int blen = sizeof(*hdr) + sizeof(*mlme);
505 mlme = (struct obj_mlmeex *) &hdr[1];
506 hdr->op = htonl(PIMOP_SET);
507 hdr->oid = htonl(DOT11_OID_DISASSOCIATEEX);
508 memcpy(&mlme->address[0], addr, ETH_ALEN);
510 mlme->state = htons(DOT11_STATE_NONE);
511 mlme->code = host_to_le16(reason);
513 ret = send(drv->pim_sock, hdr, blen, 0);
514 prism54_waitpim(priv, DOT11_OID_DISASSOCIATEEX, hdr, blen, 10);
520 static int prism54_get_inact_sec(void *priv, const u8 *addr)
522 struct prism54_driver_data *drv = priv;
525 int blen = sizeof(*hdr) + sizeof(*sta);
531 hdr->op = htonl(PIMOP_GET);
532 hdr->oid = htonl(DOT11_OID_CLIENTFIND);
533 sta = (struct obj_sta *) &hdr[1];
534 memcpy(&sta->address[0], addr, ETH_ALEN);
535 ret = send(drv->pim_sock, hdr, blen, 0);
536 ret = prism54_waitpim(priv, DOT11_OID_CLIENTFIND, hdr, blen, 10);
538 printf("get_inact_sec: bad return %d\n", ret);
542 if (hdr->op != (int) htonl(PIMOP_RESPONSE)) {
543 printf("get_inact_sec: bad resp\n");
548 return le_to_host16(sta->age);
552 /* set attachments */
553 static int prism54_set_generic_elem(const char *ifname, void *priv,
554 const u8 *elem, size_t elem_len)
556 struct prism54_driver_data *drv = priv;
559 struct obj_attachment_hdr *attach;
560 size_t blen = sizeof(*hdr) + sizeof(*attach) + elem_len;
561 hdr = os_zalloc(blen);
563 printf("%s: memory low\n", __func__);
566 hdr->op = htonl(PIMOP_SET);
567 hdr->oid = htonl(DOT11_OID_ATTACHMENT);
568 attach = (struct obj_attachment_hdr *)&hdr[1];
569 attach->type = DOT11_PKT_BEACON;
571 attach->size = host_to_le16((short)elem_len);
572 pos = ((char*) attach) + sizeof(*attach);
574 memcpy(pos, elem, elem_len);
575 send(drv->pim_sock, hdr, blen, 0);
576 attach->type = DOT11_PKT_PROBE_RESP;
577 send(drv->pim_sock, hdr, blen, 0);
583 /* tell the card to auth the sta */
584 static void prism54_handle_probe(struct prism54_driver_data *drv,
585 void *buf, size_t len)
587 struct obj_mlmeex *mlme;
589 struct sta_info *sta;
590 hdr = (pimdev_hdr *)buf;
591 mlme = (struct obj_mlmeex *) &hdr[1];
592 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
594 if (sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC))
597 if (len < sizeof(*mlme)) {
598 printf("bad probe packet\n");
601 mlme->state = htons(DOT11_STATE_AUTHING);
603 hdr->op = htonl(PIMOP_SET);
604 hdr->oid = htonl(DOT11_OID_AUTHENTICATEEX);
606 send(drv->pim_sock, hdr, sizeof(*hdr)+sizeof(*mlme), 0);
610 static void prism54_handle_deauth(struct prism54_driver_data *drv,
611 void *buf, size_t len)
613 struct obj_mlme *mlme;
615 struct sta_info *sta;
618 hdr = (pimdev_hdr *) buf;
619 mlme = (struct obj_mlme *) &hdr[1];
620 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
621 mac_id = mac_id_get(drv, mlme->id);
622 if (sta == NULL || mac_id == NULL)
624 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
625 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
626 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
627 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
628 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
629 ap_free_sta(drv->hapd, sta);
633 static void prism54_handle_disassoc(struct prism54_driver_data *drv,
634 void *buf, size_t len)
636 struct obj_mlme *mlme;
638 struct sta_info *sta;
641 hdr = (pimdev_hdr *) buf;
642 mlme = (struct obj_mlme *) &hdr[1];
643 mac_id = mac_id_get(drv, mlme->id);
646 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
647 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
651 sta->flags &= ~WLAN_STA_ASSOC;
652 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
653 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
654 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
655 accounting_sta_stop(drv->hapd, sta);
656 ieee802_1x_free_station(sta);
660 /* to auth it, just allow it now, later for os/sk */
661 static void prism54_handle_auth(struct prism54_driver_data *drv,
662 void *buf, size_t len)
664 struct obj_mlmeex *mlme;
666 struct sta_info *sta;
669 hdr = (pimdev_hdr *) buf;
670 mlme = (struct obj_mlmeex *) &hdr[1];
671 if (len < sizeof(*mlme)) {
672 printf("bad auth packet\n");
676 if (mlme->state == htons(DOT11_STATE_AUTHING)) {
677 sta = ap_sta_add(drv->hapd, (u8 *) &mlme->address[0]);
678 if (drv->hapd->tkip_countermeasures) {
679 resp = WLAN_REASON_MICHAEL_MIC_FAILURE;
682 mac_id_refresh(drv, mlme->id, &mlme->address[0]);
684 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
687 sta->flags &= ~WLAN_STA_PREAUTH;
689 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0);
690 sta->flags |= WLAN_STA_AUTH;
691 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
693 mlme->state=htons(DOT11_STATE_AUTH);
694 hdr->op = htonl(PIMOP_SET);
695 hdr->oid = htonl(DOT11_OID_AUTHENTICATEEX);
697 sta->timeout_next = STA_NULLFUNC;
698 send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(*mlme), 0);
703 printf("auth fail: %x\n", resp);
704 mlme->code = host_to_le16(resp);
707 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
708 hdr->oid = htonl(DOT11_OID_DEAUTHENTICATEEX);
709 hdr->op = htonl(PIMOP_SET);
710 send(drv->pim_sock, hdr, sizeof(*hdr)+sizeof(*mlme), 0);
714 /* do the wpa thing */
715 static void prism54_handle_assoc(struct prism54_driver_data *drv,
716 void *buf, size_t len)
719 struct obj_mlmeex *mlme;
720 struct ieee802_11_elems elems;
721 struct sta_info *sta;
730 hdr = (pimdev_hdr *) buf;
731 mlme = (struct obj_mlmeex *) &hdr[1];
732 switch (ntohl(hdr->oid)) {
733 case DOT11_OID_ASSOCIATE:
734 case DOT11_OID_REASSOCIATE:
739 if ((mlme->state == (int) htonl(DOT11_STATE_ASSOCING)) ||
740 (mlme->state == (int) htonl(DOT11_STATE_REASSOCING))) {
741 if (len < sizeof(pimdev_hdr) + sizeof(struct obj_mlme)) {
742 printf("bad assoc packet\n");
745 mac_id = mac_id_get(drv, mlme->id);
748 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
749 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
751 printf("cannot get sta\n");
754 cb = (u8 *) &mlme->data[0];
755 if (hdr->oid == htonl(DOT11_OID_ASSOCIATEEX)) {
757 } else if (hdr->oid == htonl(DOT11_OID_REASSOCIATEEX)) {
760 if (le_to_host16(mlme->size) <= ieofs) {
761 printf("attach too small\n");
762 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
765 if (ieee802_11_parse_elems(cb + ieofs,
766 le_to_host16(mlme->size) - ieofs,
767 &elems, 1) == ParseFailed) {
768 printf("STA " MACSTR " sent invalid association "
769 "request\n", MAC2STR(sta->addr));
770 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
773 if ((drv->hapd->conf->wpa & WPA_PROTO_RSN) &&
775 wpa_ie = elems.rsn_ie;
776 wpa_ie_len = elems.rsn_ie_len;
777 } else if ((drv->hapd->conf->wpa & WPA_PROTO_WPA) &&
779 wpa_ie = elems.wpa_ie;
780 wpa_ie_len = elems.wpa_ie_len;
785 if (drv->hapd->conf->wpa && wpa_ie == NULL) {
786 printf("STA " MACSTR ": No WPA/RSN IE in association "
787 "request\n", MAC2STR(sta->addr));
788 resp = WLAN_STATUS_INVALID_IE;
791 if (drv->hapd->conf->wpa) {
795 if (sta->wpa_sm == NULL)
796 sta->wpa_sm = wpa_auth_sta_init(
797 drv->hapd->wpa_auth, sta->addr);
798 if (sta->wpa_sm == NULL) {
799 printf("Failed to initialize WPA state "
801 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
804 res = wpa_validate_wpa_ie(drv->hapd->wpa_auth,
808 if (res == WPA_INVALID_GROUP)
809 resp = WLAN_STATUS_GROUP_CIPHER_NOT_VALID;
810 else if (res == WPA_INVALID_PAIRWISE)
811 resp = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID;
812 else if (res == WPA_INVALID_AKMP)
813 resp = WLAN_STATUS_AKMP_NOT_VALID;
814 else if (res == WPA_ALLOC_FAIL)
815 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
816 else if (res != WPA_IE_OK)
817 resp = WLAN_STATUS_INVALID_IE;
818 if (resp != WLAN_STATUS_SUCCESS)
821 hdr->oid = (hdr->oid == htonl(DOT11_OID_ASSOCIATEEX)) ?
822 htonl(DOT11_OID_ASSOCIATEEX) :
823 htonl(DOT11_OID_REASSOCIATEEX);
824 hdr->op = htonl(PIMOP_SET);
826 mlme->state = htons(DOT11_STATE_ASSOC);
828 send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(*mlme), 0);
830 } else if (mlme->state==htons(DOT11_STATE_ASSOC)) {
831 if (len < sizeof(pimdev_hdr) + sizeof(struct obj_mlme)) {
832 printf("bad assoc packet\n");
835 mac_id = mac_id_get(drv, mlme->id);
838 memcpy(&mlme->address[0], mac_id, ETH_ALEN);
839 sta = ap_get_sta(drv->hapd, (u8 *) &mlme->address[0]);
841 printf("cannot get sta\n");
844 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0;
845 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
846 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);
847 hostapd_new_assoc_sta(drv->hapd, sta, !new_assoc);
848 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
849 sta->timeout_next = STA_NULLFUNC;
855 printf("Prism54: assoc fail: %x\n", resp);
856 mlme->code = host_to_le16(resp);
858 mlme->state = htons(DOT11_STATE_ASSOCING);
859 hdr->oid = htonl(DOT11_OID_DISASSOCIATEEX);
860 hdr->op = htonl(PIMOP_SET);
861 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
862 send(drv->pim_sock, hdr, sizeof(*hdr) + sizeof(*mlme), 0);
866 static void handle_pim(int sock, void *eloop_ctx, void *sock_ctx)
868 struct prism54_driver_data *drv = eloop_ctx;
872 hdr = malloc(PIM_BUF_SIZE);
875 len = recv(sock, hdr, PIM_BUF_SIZE, 0);
882 printf("handle_pim: too short (%d)\n", len);
887 if (hdr->op != (int) htonl(PIMOP_TRAP)) {
891 switch (ntohl(hdr->oid)) {
892 case DOT11_OID_PROBE:
893 prism54_handle_probe(drv, hdr, len);
895 case DOT11_OID_DEAUTHENTICATEEX:
896 case DOT11_OID_DEAUTHENTICATE:
897 prism54_handle_deauth(drv, hdr, len);
899 case DOT11_OID_DISASSOCIATEEX:
900 case DOT11_OID_DISASSOCIATE:
901 prism54_handle_disassoc(drv, hdr, len);
903 case DOT11_OID_AUTHENTICATEEX:
904 case DOT11_OID_AUTHENTICATE:
905 prism54_handle_auth(drv, hdr, len);
907 case DOT11_OID_ASSOCIATEEX:
908 case DOT11_OID_REASSOCIATEEX:
909 case DOT11_OID_ASSOCIATE:
910 case DOT11_OID_REASSOCIATE:
911 prism54_handle_assoc(drv, hdr, len);
920 static void handle_802_3(int sock, void *eloop_ctx, void *sock_ctx)
922 struct hostapd_data *hapd = (struct hostapd_data *) eloop_ctx;
926 hdr = malloc(PIM_BUF_SIZE);
929 len = recv(sock, hdr, PIM_BUF_SIZE, 0);
936 wpa_printf(MSG_MSGDUMP, "handle_802_3: too short (%d)", len);
940 if (hdr->type == htons(ETH_P_PAE)) {
941 hostapd_eapol_receive(hapd, (u8 *) &hdr->sa[0], (u8 *) &hdr[1],
948 static int prism54_init_sockets(struct prism54_driver_data *drv)
950 struct hostapd_data *hapd = drv->hapd;
952 struct sockaddr_ll addr;
954 drv->sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE));
956 perror("socket[PF_PACKET,SOCK_RAW]");
960 if (eloop_register_read_sock(drv->sock, handle_802_3, drv->hapd, NULL))
962 printf("Could not register read socket\n");
966 memset(&ifr, 0, sizeof(ifr));
967 if (hapd->conf->bridge[0] != '\0') {
968 printf("opening bridge: %s\n", hapd->conf->bridge);
969 os_strlcpy(ifr.ifr_name, hapd->conf->bridge,
970 sizeof(ifr.ifr_name));
972 os_strlcpy(ifr.ifr_name, drv->iface, sizeof(ifr.ifr_name));
974 if (ioctl(drv->sock, SIOCGIFINDEX, &ifr) != 0) {
975 perror("ioctl(SIOCGIFINDEX)");
979 memset(&addr, 0, sizeof(addr));
980 addr.sll_family = AF_PACKET;
981 addr.sll_ifindex = ifr.ifr_ifindex;
982 addr.sll_protocol = htons(ETH_P_PAE);
983 wpa_printf(MSG_DEBUG, "Opening raw packet socket for ifindex %d",
986 if (bind(drv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
991 memset(&ifr, 0, sizeof(ifr));
992 os_strlcpy(ifr.ifr_name, drv->iface, sizeof(ifr.ifr_name));
993 if (ioctl(drv->sock, SIOCGIFHWADDR, &ifr) != 0) {
994 perror("ioctl(SIOCGIFHWADDR)");
998 if (ifr.ifr_hwaddr.sa_family != ARPHRD_ETHER) {
999 printf("Invalid HW-addr family 0x%04x\n",
1000 ifr.ifr_hwaddr.sa_family);
1003 memcpy(drv->hapd->own_addr, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
1005 drv->pim_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
1006 if (drv->pim_sock < 0) {
1007 perror("socket[PF_PACKET,SOCK_RAW]");
1011 if (eloop_register_read_sock(drv->pim_sock, handle_pim, drv, NULL)) {
1012 printf("Could not register read socket\n");
1016 memset(&ifr, 0, sizeof(ifr));
1017 snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%sap", drv->iface);
1018 if (ioctl(drv->pim_sock, SIOCGIFINDEX, &ifr) != 0) {
1019 perror("ioctl(SIOCGIFINDEX)");
1023 memset(&addr, 0, sizeof(addr));
1024 addr.sll_family = AF_PACKET;
1025 addr.sll_ifindex = ifr.ifr_ifindex;
1026 addr.sll_protocol = htons(ETH_P_ALL);
1027 wpa_printf(MSG_DEBUG, "Opening raw packet socket for ifindex %d",
1030 if (bind(drv->pim_sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
1039 static void * prism54_driver_init(struct hostapd_data *hapd)
1041 struct prism54_driver_data *drv;
1043 drv = os_zalloc(sizeof(struct prism54_driver_data));
1045 printf("Could not allocate memory for hostapd Prism54 driver "
1051 drv->pim_sock = drv->sock = -1;
1052 memcpy(drv->iface, hapd->conf->iface, sizeof(drv->iface));
1054 if (prism54_init_sockets(drv)) {
1058 prism54_init_1x(drv);
1059 /* must clean previous elems */
1060 prism54_set_generic_elem(drv->iface, drv, NULL, 0);
1066 static void prism54_driver_deinit(void *priv)
1068 struct prism54_driver_data *drv = priv;
1070 if (drv->pim_sock >= 0)
1071 close(drv->pim_sock);
1080 const struct hapd_driver_ops wpa_driver_prism54_ops = {
1082 .init = prism54_driver_init,
1083 .deinit = prism54_driver_deinit,
1084 /* .set_ieee8021x = prism54_init_1x, */
1085 .set_privacy = prism54_set_privacy_invoked,
1086 .set_key = prism54_set_key,
1087 .get_seqnum = prism54_get_seqnum,
1088 .flush = prism54_flush,
1089 .set_generic_elem = prism54_set_generic_elem,
1090 .send_eapol = prism54_send_eapol,
1091 .sta_set_flags = prism54_sta_set_flags,
1092 .sta_deauth = prism54_sta_deauth,
1093 .sta_disassoc = prism54_sta_disassoc,
1094 .set_ssid = prism54_ioctl_setiwessid,
1095 .get_inact_sec = prism54_get_inact_sec,