/*************************************************************************** * RT2x00 SourceForge Project - http://rt2x00.serialmonkey.com             * *                                                                         * *   This program is free software; you can redistribute it and/or modify  * *   it under the terms of the GNU General Public License as published by  * *   the Free Software Foundation; either version 2 of the License, or     * *   (at your option) any later version.                                   * *                                                                         * *   This program is distributed in the hope that it will be useful,       * *   but WITHOUT ANY WARRANTY; without even the implied warranty of        * *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         * *   GNU General Public License for more details.                          * *                                                                         * *   You should have received a copy of the GNU General Public License     * *   along with this program; if not, write to the                         * *   Free Software Foundation, Inc.,                                       * *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             * *                                                                         * *   Licensed under the GNU GPL                                            * *   Original code supplied under license from RaLink Inc, 2004.           * ***************************************************************************//*************************************************************************** *	Module Name:	auth.c * *	Abstract: * *	Revision History: *	Who		When		What *	--------	----------	----------------------------- *	Name		Date		Modification logs *	John		2004-9-3	porting from RT2500 ***************************************************************************/#include "rt_config.h"/*    ==========================================================================    Description:        authenticate state machine init, including state transition and timer init    Parameters:        Sm - pointer to the auth state machine    Note:        The state machine looks like this                        AUTH_REQ_IDLE           AUTH_WAIT_SEQ2                   AUTH_WAIT_SEQ4    MT2_MLME_AUTH_REQ   mlme_auth_req_action    invalid_state_when_auth          invalid_state_when_auth    MT2_MLME_DEAUTH_REQ mlme_deauth_req_action  mlme_deauth_req_action           mlme_deauth_req_action    MT2_CLS2ERR         cls2err_action          cls2err_action                   cls2err_action    MT2_PEER_AUTH_EVEN  drop                    peer_auth_even_at_seq2_action    peer_auth_even_at_seq4_action    MT2_AUTH_TIMEOUT    Drop                    auth_timeout_action              auth_timeout_action    ========================================================================== */VOID AuthStateMachineInit(    IN PRTMP_ADAPTER pAd,    IN PSTATE_MACHINE Sm,    OUT STATE_MACHINE_FUNC Trans[]){    StateMachineInit(Sm, (STATE_MACHINE_FUNC*)Trans, MAX_AUTH_STATE, MAX_AUTH_MSG, (STATE_MACHINE_FUNC)Drop, AUTH_REQ_IDLE, AUTH_MACHINE_BASE);    // the first column    StateMachineSetAction(Sm, AUTH_REQ_IDLE, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)MlmeAuthReqAction);    // the second column    StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);    StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq2Action);    StateMachineSetAction(Sm, AUTH_WAIT_SEQ2, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);    // the third column    StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_MLME_AUTH_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAuth);    StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_PEER_AUTH_EVEN, (STATE_MACHINE_FUNC)PeerAuthRspAtSeq4Action);    StateMachineSetAction(Sm, AUTH_WAIT_SEQ4, MT2_AUTH_TIMEOUT, (STATE_MACHINE_FUNC)AuthTimeoutAction);    // timer init    RTMPInitTimer(pAd, &pAd->MlmeAux.AuthTimer, &AuthTimeout);}/*    ==========================================================================    Description:        function to be executed at timer thread when auth timer expires    ========================================================================== */VOID AuthTimeout(    IN	unsigned long data){    RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)data;    DBGPRINT(RT_DEBUG_TRACE,"AUTH - AuthTimeout\n");    MlmeEnqueue(pAd, AUTH_STATE_MACHINE, MT2_AUTH_TIMEOUT, 0, NULL);    RTUSBMlmeUp(pAd);}/*    ==========================================================================    Description:    ========================================================================== */VOID MlmeAuthReqAction(    IN PRTMP_ADAPTER pAd,    IN MLME_QUEUE_ELEM *Elem){    UCHAR               Addr[MAC_ADDR_LEN];    USHORT              Alg, Seq, Status;    ULONG               Timeout;    HEADER_802_11       AuthHdr;    PUCHAR              pOutBuffer = NULL;    ULONG               FrameLen = 0;    USHORT              NStatus;    // Block all authentication request durning WPA block period    if (pAd->PortCfg.bBlockAssoc == TRUE)    {        DBGPRINT(RT_DEBUG_TRACE, "AUTH - Block Auth request durning WPA block period!\n");        pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;        Status = MLME_STATE_MACHINE_REJECT;        MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);    }    else if(MlmeAuthReqSanity(pAd, Elem->Msg, Elem->MsgLen, Addr, &Timeout, &Alg))    {	RTMPCancelTimer(&pAd->MlmeAux.AuthTimer);        COPY_MAC_ADDR(pAd->MlmeAux.Bssid, Addr);        pAd->MlmeAux.Alg  = Alg;        Seq = 1;        Status = MLME_SUCCESS;        // allocate and send out AuthReq frame        NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer);  //Get an unused nonpaged memory        if (NStatus != NDIS_STATUS_SUCCESS)        {            DBGPRINT(RT_DEBUG_TRACE, "AUTH - MlmeAuthReqAction() allocate memory failed\n");            pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;            Status = MLME_FAIL_NO_RESOURCE;            MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);	        return;        }        DBGPRINT(RT_DEBUG_TRACE, "AUTH - Send AUTH request seq#1 (Alg=%d)  %d...\n", Alg, pAd->LatchRfRegs.Channel);        MgtMacHeaderInit(pAd, &AuthHdr, SUBTYPE_AUTH, 0, Addr, pAd->MlmeAux.Bssid);        MakeOutgoingFrame(pOutBuffer,           &FrameLen,                          sizeof(HEADER_802_11),&AuthHdr,                          2,                    &Alg,                          2,                    &Seq,                          2,                    &Status,                          END_OF_ARGS);        MiniportMMRequest(pAd, pOutBuffer, FrameLen);        RTMPSetTimer(pAd, &pAd->MlmeAux.AuthTimer, AUTH_TIMEOUT);        pAd->Mlme.AuthMachine.CurrState = AUTH_WAIT_SEQ2;    }    else    {        DBGPRINT(RT_DEBUG_ERROR, "AUTH - MlmeAuthReqAction() sanity check failed. BUG!!!!!\n");        pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;        Status = MLME_INVALID_FORMAT;        MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);    }}/*    ==========================================================================    Description:    ========================================================================== */VOID PeerAuthRspAtSeq2Action(    IN PRTMP_ADAPTER pAd,    IN MLME_QUEUE_ELEM *Elem){    UCHAR           Addr2[MAC_ADDR_LEN];    USHORT          Seq, Status, RemoteStatus, Alg;    UCHAR           ChlgText[CIPHER_TEXT_LEN];    UCHAR           CyperChlgText[CIPHER_TEXT_LEN + 8 + 8];    UCHAR           Element[2];    HEADER_802_11   AuthHdr;    PUCHAR          pOutBuffer = NULL;    ULONG           FrameLen = 0;    USHORT          Status2;    USHORT          NStatus;    if (PeerAuthSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Alg, &Seq, &Status, ChlgText))    {        if (MAC_ADDR_EQUAL(&pAd->MlmeAux.Bssid, Addr2) && Seq == 2)        {            DBGPRINT(RT_DEBUG_TRACE, "AUTH - Receive AUTH_RSP seq#2 to me (Alg=%d, Status=%d)\n", Alg, Status);		    RTMPCancelTimer(&pAd->MlmeAux.AuthTimer);            if (Status == MLME_SUCCESS)            {                if (pAd->MlmeAux.Alg == Ndis802_11AuthModeOpen)                {                    pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;                    MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_AUTH_CONF, 2, &Status);                }                else                {                    // 2. shared key, need to be challenged                    Seq++;                    RemoteStatus = MLME_SUCCESS;                    // allocate and send out AuthRsp frame                    NStatus = MlmeAllocateMemory(pAd, (PVOID)&pOutBuffer);  //Get an unused nonpaged memory                    if (NStatus != NDIS_STATUS_SUCCESS)                    {                        DBGPRINT(RT_DEBUG_TRACE, "AUTH - PeerAuthRspAtSeq2Action() allocate memory fail\n");                        pAd->Mlme.AuthMachine.CurrState = AUTH_REQ_IDLE;