Line data Source code
1 : /*
2 : * Internal WPA/RSN supplicant state machine definitions
3 : * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
4 : *
5 : * This software may be distributed under the terms of the BSD license.
6 : * See README for more details.
7 : */
8 :
9 : #ifndef WPA_I_H
10 : #define WPA_I_H
11 :
12 : #include "utils/list.h"
13 :
14 : struct wpa_peerkey;
15 : struct wpa_tdls_peer;
16 : struct wpa_eapol_key;
17 :
18 : /**
19 : * struct wpa_sm - Internal WPA state machine data
20 : */
21 : struct wpa_sm {
22 : u8 pmk[PMK_LEN_MAX];
23 : size_t pmk_len;
24 : struct wpa_ptk ptk, tptk;
25 : int ptk_set, tptk_set;
26 : unsigned int msg_3_of_4_ok:1;
27 : unsigned int tk_to_set:1;
28 : u8 snonce[WPA_NONCE_LEN];
29 : u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
30 : int renew_snonce;
31 : u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
32 : int rx_replay_counter_set;
33 : u8 request_counter[WPA_REPLAY_COUNTER_LEN];
34 :
35 : struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
36 :
37 : struct rsn_pmksa_cache *pmksa; /* PMKSA cache */
38 : struct rsn_pmksa_cache_entry *cur_pmksa; /* current PMKSA entry */
39 : struct dl_list pmksa_candidates;
40 :
41 : struct l2_packet_data *l2_preauth;
42 : struct l2_packet_data *l2_preauth_br;
43 : struct l2_packet_data *l2_tdls;
44 : u8 preauth_bssid[ETH_ALEN]; /* current RSN pre-auth peer or
45 : * 00:00:00:00:00:00 if no pre-auth is
46 : * in progress */
47 : struct eapol_sm *preauth_eapol;
48 :
49 : struct wpa_sm_ctx *ctx;
50 :
51 : void *scard_ctx; /* context for smartcard callbacks */
52 : int fast_reauth; /* whether EAP fast re-authentication is enabled */
53 :
54 : void *network_ctx;
55 : int peerkey_enabled;
56 : int allowed_pairwise_cipher; /* bitfield of WPA_CIPHER_* */
57 : int proactive_key_caching;
58 : int eap_workaround;
59 : void *eap_conf_ctx;
60 : u8 ssid[32];
61 : size_t ssid_len;
62 : int wpa_ptk_rekey;
63 : int p2p;
64 : int wpa_rsc_relaxation;
65 :
66 : u8 own_addr[ETH_ALEN];
67 : const char *ifname;
68 : const char *bridge_ifname;
69 : u8 bssid[ETH_ALEN];
70 :
71 : unsigned int dot11RSNAConfigPMKLifetime;
72 : unsigned int dot11RSNAConfigPMKReauthThreshold;
73 : unsigned int dot11RSNAConfigSATimeout;
74 :
75 : unsigned int dot11RSNA4WayHandshakeFailures;
76 :
77 : /* Selected configuration (based on Beacon/ProbeResp WPA IE) */
78 : unsigned int proto;
79 : unsigned int pairwise_cipher;
80 : unsigned int group_cipher;
81 : unsigned int key_mgmt;
82 : unsigned int mgmt_group_cipher;
83 :
84 : int rsn_enabled; /* Whether RSN is enabled in configuration */
85 : int mfp; /* 0 = disabled, 1 = optional, 2 = mandatory */
86 :
87 : u8 *assoc_wpa_ie; /* Own WPA/RSN IE from (Re)AssocReq */
88 : size_t assoc_wpa_ie_len;
89 : u8 *ap_wpa_ie, *ap_rsn_ie;
90 : size_t ap_wpa_ie_len, ap_rsn_ie_len;
91 :
92 : #ifdef CONFIG_PEERKEY
93 : struct wpa_peerkey *peerkey;
94 : #endif /* CONFIG_PEERKEY */
95 : #ifdef CONFIG_TDLS
96 : struct wpa_tdls_peer *tdls;
97 : int tdls_prohibited;
98 : int tdls_chan_switch_prohibited;
99 : int tdls_disabled;
100 :
101 : /* The driver supports TDLS */
102 : int tdls_supported;
103 :
104 : /*
105 : * The driver requires explicit discovery/setup/teardown frames sent
106 : * to it via tdls_mgmt.
107 : */
108 : int tdls_external_setup;
109 :
110 : /* The driver supports TDLS channel switching */
111 : int tdls_chan_switch;
112 : #endif /* CONFIG_TDLS */
113 :
114 : #ifdef CONFIG_IEEE80211R
115 : u8 xxkey[PMK_LEN]; /* PSK or the second 256 bits of MSK */
116 : size_t xxkey_len;
117 : u8 pmk_r0[PMK_LEN];
118 : u8 pmk_r0_name[WPA_PMK_NAME_LEN];
119 : u8 pmk_r1[PMK_LEN];
120 : u8 pmk_r1_name[WPA_PMK_NAME_LEN];
121 : u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN];
122 : u8 r0kh_id[FT_R0KH_ID_MAX_LEN];
123 : size_t r0kh_id_len;
124 : u8 r1kh_id[FT_R1KH_ID_LEN];
125 : int ft_completed;
126 : int over_the_ds_in_progress;
127 : u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
128 : int set_ptk_after_assoc;
129 : u8 mdie_ft_capab; /* FT Capability and Policy from target AP MDIE */
130 : u8 *assoc_resp_ies; /* MDIE and FTIE from (Re)Association Response */
131 : size_t assoc_resp_ies_len;
132 : #endif /* CONFIG_IEEE80211R */
133 :
134 : #ifdef CONFIG_P2P
135 : u8 p2p_ip_addr[3 * 4];
136 : #endif /* CONFIG_P2P */
137 :
138 : #ifdef CONFIG_TESTING_OPTIONS
139 : struct wpabuf *test_assoc_ie;
140 : #endif /* CONFIG_TESTING_OPTIONS */
141 : };
142 :
143 :
144 9014 : static inline void wpa_sm_set_state(struct wpa_sm *sm, enum wpa_states state)
145 : {
146 : WPA_ASSERT(sm->ctx->set_state);
147 9014 : sm->ctx->set_state(sm->ctx->ctx, state);
148 9014 : }
149 :
150 4991 : static inline enum wpa_states wpa_sm_get_state(struct wpa_sm *sm)
151 : {
152 : WPA_ASSERT(sm->ctx->get_state);
153 4991 : return sm->ctx->get_state(sm->ctx->ctx);
154 : }
155 :
156 62 : static inline void wpa_sm_deauthenticate(struct wpa_sm *sm, int reason_code)
157 : {
158 : WPA_ASSERT(sm->ctx->deauthenticate);
159 62 : sm->ctx->deauthenticate(sm->ctx->ctx, reason_code);
160 62 : }
161 :
162 5163 : static inline int wpa_sm_set_key(struct wpa_sm *sm, enum wpa_alg alg,
163 : const u8 *addr, int key_idx, int set_tx,
164 : const u8 *seq, size_t seq_len,
165 : const u8 *key, size_t key_len)
166 : {
167 : WPA_ASSERT(sm->ctx->set_key);
168 5163 : return sm->ctx->set_key(sm->ctx->ctx, alg, addr, key_idx, set_tx,
169 : seq, seq_len, key, key_len);
170 : }
171 :
172 2241 : static inline void * wpa_sm_get_network_ctx(struct wpa_sm *sm)
173 : {
174 : WPA_ASSERT(sm->ctx->get_network_ctx);
175 2241 : return sm->ctx->get_network_ctx(sm->ctx->ctx);
176 : }
177 :
178 12 : static inline int wpa_sm_get_bssid(struct wpa_sm *sm, u8 *bssid)
179 : {
180 : WPA_ASSERT(sm->ctx->get_bssid);
181 12 : return sm->ctx->get_bssid(sm->ctx->ctx, bssid);
182 : }
183 :
184 4454 : static inline int wpa_sm_ether_send(struct wpa_sm *sm, const u8 *dest,
185 : u16 proto, const u8 *buf, size_t len)
186 : {
187 : WPA_ASSERT(sm->ctx->ether_send);
188 4454 : return sm->ctx->ether_send(sm->ctx->ctx, dest, proto, buf, len);
189 : }
190 :
191 22 : static inline int wpa_sm_get_beacon_ie(struct wpa_sm *sm)
192 : {
193 : WPA_ASSERT(sm->ctx->get_beacon_ie);
194 22 : return sm->ctx->get_beacon_ie(sm->ctx->ctx);
195 : }
196 :
197 2398 : static inline void wpa_sm_cancel_auth_timeout(struct wpa_sm *sm)
198 : {
199 : WPA_ASSERT(sm->ctx->cancel_auth_timeout);
200 2398 : sm->ctx->cancel_auth_timeout(sm->ctx->ctx);
201 2398 : }
202 :
203 4487 : static inline u8 * wpa_sm_alloc_eapol(struct wpa_sm *sm, u8 type,
204 : const void *data, u16 data_len,
205 : size_t *msg_len, void **data_pos)
206 : {
207 : WPA_ASSERT(sm->ctx->alloc_eapol);
208 4487 : return sm->ctx->alloc_eapol(sm->ctx->ctx, type, data, data_len,
209 : msg_len, data_pos);
210 : }
211 :
212 1276 : static inline int wpa_sm_add_pmkid(struct wpa_sm *sm, const u8 *bssid,
213 : const u8 *pmkid)
214 : {
215 : WPA_ASSERT(sm->ctx->add_pmkid);
216 1276 : return sm->ctx->add_pmkid(sm->ctx->ctx, bssid, pmkid);
217 : }
218 :
219 1276 : static inline int wpa_sm_remove_pmkid(struct wpa_sm *sm, const u8 *bssid,
220 : const u8 *pmkid)
221 : {
222 : WPA_ASSERT(sm->ctx->remove_pmkid);
223 1276 : return sm->ctx->remove_pmkid(sm->ctx->ctx, bssid, pmkid);
224 : }
225 :
226 4522 : static inline int wpa_sm_mlme_setprotection(struct wpa_sm *sm, const u8 *addr,
227 : int protect_type, int key_type)
228 : {
229 : WPA_ASSERT(sm->ctx->mlme_setprotection);
230 4522 : return sm->ctx->mlme_setprotection(sm->ctx->ctx, addr, protect_type,
231 : key_type);
232 : }
233 :
234 917 : static inline int wpa_sm_update_ft_ies(struct wpa_sm *sm, const u8 *md,
235 : const u8 *ies, size_t ies_len)
236 : {
237 917 : if (sm->ctx->update_ft_ies)
238 917 : return sm->ctx->update_ft_ies(sm->ctx->ctx, md, ies, ies_len);
239 0 : return -1;
240 : }
241 :
242 117 : static inline int wpa_sm_send_ft_action(struct wpa_sm *sm, u8 action,
243 : const u8 *target_ap,
244 : const u8 *ies, size_t ies_len)
245 : {
246 117 : if (sm->ctx->send_ft_action)
247 117 : return sm->ctx->send_ft_action(sm->ctx->ctx, action, target_ap,
248 : ies, ies_len);
249 0 : return -1;
250 : }
251 :
252 230 : static inline int wpa_sm_mark_authenticated(struct wpa_sm *sm,
253 : const u8 *target_ap)
254 : {
255 230 : if (sm->ctx->mark_authenticated)
256 230 : return sm->ctx->mark_authenticated(sm->ctx->ctx, target_ap);
257 0 : return -1;
258 : }
259 :
260 2171 : static inline void wpa_sm_set_rekey_offload(struct wpa_sm *sm)
261 : {
262 2171 : if (!sm->ctx->set_rekey_offload)
263 2186 : return;
264 6468 : sm->ctx->set_rekey_offload(sm->ctx->ctx, sm->ptk.kek, sm->ptk.kek_len,
265 2156 : sm->ptk.kck, sm->ptk.kck_len,
266 2156 : sm->rx_replay_counter);
267 : }
268 :
269 : #ifdef CONFIG_TDLS
270 677 : static inline int wpa_sm_tdls_get_capa(struct wpa_sm *sm,
271 : int *tdls_supported,
272 : int *tdls_ext_setup,
273 : int *tdls_chan_switch)
274 : {
275 677 : if (sm->ctx->tdls_get_capa)
276 677 : return sm->ctx->tdls_get_capa(sm->ctx->ctx, tdls_supported,
277 : tdls_ext_setup, tdls_chan_switch);
278 0 : return -1;
279 : }
280 :
281 143 : static inline int wpa_sm_send_tdls_mgmt(struct wpa_sm *sm, const u8 *dst,
282 : u8 action_code, u8 dialog_token,
283 : u16 status_code, u32 peer_capab,
284 : int initiator, const u8 *buf,
285 : size_t len)
286 : {
287 143 : if (sm->ctx->send_tdls_mgmt)
288 143 : return sm->ctx->send_tdls_mgmt(sm->ctx->ctx, dst, action_code,
289 : dialog_token, status_code,
290 : peer_capab, initiator, buf,
291 : len);
292 0 : return -1;
293 : }
294 :
295 124 : static inline int wpa_sm_tdls_oper(struct wpa_sm *sm, int oper,
296 : const u8 *peer)
297 : {
298 124 : if (sm->ctx->tdls_oper)
299 124 : return sm->ctx->tdls_oper(sm->ctx->ctx, oper, peer);
300 0 : return -1;
301 : }
302 :
303 : static inline int
304 123 : wpa_sm_tdls_peer_addset(struct wpa_sm *sm, const u8 *addr, int add,
305 : u16 aid, u16 capability, const u8 *supp_rates,
306 : size_t supp_rates_len,
307 : const struct ieee80211_ht_capabilities *ht_capab,
308 : const struct ieee80211_vht_capabilities *vht_capab,
309 : u8 qosinfo, int wmm, const u8 *ext_capab,
310 : size_t ext_capab_len, const u8 *supp_channels,
311 : size_t supp_channels_len, const u8 *supp_oper_classes,
312 : size_t supp_oper_classes_len)
313 : {
314 123 : if (sm->ctx->tdls_peer_addset)
315 123 : return sm->ctx->tdls_peer_addset(sm->ctx->ctx, addr, add,
316 : aid, capability, supp_rates,
317 : supp_rates_len, ht_capab,
318 : vht_capab, qosinfo, wmm,
319 : ext_capab, ext_capab_len,
320 : supp_channels,
321 : supp_channels_len,
322 : supp_oper_classes,
323 : supp_oper_classes_len);
324 0 : return -1;
325 : }
326 :
327 : static inline int
328 1 : wpa_sm_tdls_enable_channel_switch(struct wpa_sm *sm, const u8 *addr,
329 : u8 oper_class,
330 : const struct hostapd_freq_params *freq_params)
331 : {
332 1 : if (sm->ctx->tdls_enable_channel_switch)
333 1 : return sm->ctx->tdls_enable_channel_switch(sm->ctx->ctx, addr,
334 : oper_class,
335 : freq_params);
336 0 : return -1;
337 : }
338 :
339 : static inline int
340 1 : wpa_sm_tdls_disable_channel_switch(struct wpa_sm *sm, const u8 *addr)
341 : {
342 1 : if (sm->ctx->tdls_disable_channel_switch)
343 1 : return sm->ctx->tdls_disable_channel_switch(sm->ctx->ctx, addr);
344 0 : return -1;
345 : }
346 : #endif /* CONFIG_TDLS */
347 :
348 1208 : static inline int wpa_sm_key_mgmt_set_pmk(struct wpa_sm *sm,
349 : const u8 *pmk, size_t pmk_len)
350 : {
351 1208 : if (!sm->ctx->key_mgmt_set_pmk)
352 0 : return -1;
353 1208 : return sm->ctx->key_mgmt_set_pmk(sm->ctx->ctx, pmk, pmk_len);
354 : }
355 :
356 : int wpa_eapol_key_send(struct wpa_sm *sm, const u8 *kck, size_t kck_len,
357 : int ver, const u8 *dest, u16 proto,
358 : u8 *msg, size_t msg_len, u8 *key_mic);
359 : int wpa_supplicant_send_2_of_4(struct wpa_sm *sm, const unsigned char *dst,
360 : const struct wpa_eapol_key *key,
361 : int ver, const u8 *nonce,
362 : const u8 *wpa_ie, size_t wpa_ie_len,
363 : struct wpa_ptk *ptk);
364 : int wpa_supplicant_send_4_of_4(struct wpa_sm *sm, const unsigned char *dst,
365 : const struct wpa_eapol_key *key,
366 : u16 ver, u16 key_info,
367 : struct wpa_ptk *ptk);
368 :
369 : int wpa_derive_ptk_ft(struct wpa_sm *sm, const unsigned char *src_addr,
370 : const struct wpa_eapol_key *key, struct wpa_ptk *ptk);
371 :
372 : void wpa_tdls_assoc(struct wpa_sm *sm);
373 : void wpa_tdls_disassoc(struct wpa_sm *sm);
374 :
375 : #endif /* WPA_I_H */
|