2 * WPA Supplicant - driver interaction with Ralink Wireless Client
3 * Copyright (c) 2003-2006, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2007, Snowpin Lee <snowpin_lee@ralinktech.com.tw>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * Alternatively, this software may be distributed under the terms of BSD
13 * See README and COPYING for more details.
18 #include <sys/ioctl.h>
20 #include "wireless_copy.h"
23 #include "l2_packet/l2_packet.h"
25 #include "ieee802_11_defs.h"
26 #include "priv_netlink.h"
27 #include "driver_ralink.h"
29 static void wpa_driver_ralink_scan_timeout(void *eloop_ctx, void *timeout_ctx);
31 #define MAX_SSID_LEN 32
33 struct wpa_driver_ralink_data {
37 char ifname[IFNAMSIZ + 1];
39 size_t assoc_req_ies_len;
41 size_t assoc_resp_ies_len;
43 struct ndis_pmkid_entry *pmkid;
44 int we_version_compiled;
50 static int ralink_set_oid(struct wpa_driver_ralink_data *drv,
51 unsigned short oid, char *data, int len)
59 os_memset(&iwr, 0, sizeof(iwr));
60 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
61 iwr.u.data.flags = oid;
62 iwr.u.data.flags |= OID_GET_SET_TOGGLE;
65 os_memcpy(buf, data, len);
67 iwr.u.data.pointer = (caddr_t) buf;
68 iwr.u.data.length = len;
70 if (ioctl(drv->ioctl_sock, RT_PRIV_IOCTL, &iwr) < 0) {
71 wpa_printf(MSG_DEBUG, "%s: oid=0x%x len (%d) failed",
81 ralink_get_new_driver_flag(struct wpa_driver_ralink_data *drv)
86 os_memset(&iwr, 0, sizeof(iwr));
87 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
88 iwr.u.data.pointer = (UCHAR*) &enabled;
89 iwr.u.data.flags = RT_OID_NEW_DRIVER;
91 if (ioctl(drv->ioctl_sock, RT_PRIV_IOCTL, &iwr) < 0) {
92 wpa_printf(MSG_DEBUG, "%s: failed", __func__);
96 return (enabled == 1) ? 1 : 0;
99 static int wpa_driver_ralink_get_bssid(void *priv, u8 *bssid)
101 struct wpa_driver_ralink_data *drv = priv;
105 if (drv->g_driver_down == 1)
108 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
110 os_memset(&iwr, 0, sizeof(iwr));
111 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
113 if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
114 perror("ioctl[SIOCGIWAP]");
117 os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
122 static int wpa_driver_ralink_get_ssid(void *priv, u8 *ssid)
124 struct wpa_driver_ralink_data *drv = priv;
126 struct wpa_supplicant *wpa_s = drv->ctx;
127 struct wpa_ssid *entry;
131 u8 ssid_str[MAX_SSID_LEN];
138 BOOLEAN ieee8021x_mode = FALSE;
139 BOOLEAN ieee8021x_required_key = FALSE;
142 if (drv->g_driver_down == 1)
145 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
147 os_memset(&iwr, 0, sizeof(iwr));
148 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
149 iwr.u.essid.pointer = (caddr_t) ssid;
150 iwr.u.essid.length = 32;
152 if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
153 perror("ioctl[SIOCGIWESSID]");
156 ret = iwr.u.essid.length;
162 os_memset(ssid_str, 0, MAX_SSID_LEN);
163 os_memcpy(ssid_str, ssid, ssid_len);
165 if (drv->ap_scan == 0) {
166 /* Read BSSID form driver */
167 if (wpa_driver_ralink_get_bssid(priv, bssid) < 0) {
168 wpa_printf(MSG_WARNING, "Could not read BSSID from "
174 entry = wpa_s->conf->ssid;
176 if (!entry->disabled && ssid_len == entry->ssid_len &&
177 os_memcmp(ssid_str, entry->ssid, ssid_len) == 0 &&
178 (!entry->bssid_set ||
179 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) {
180 /* match the config of driver */
188 wpa_printf(MSG_DEBUG, "Ready to set 802.1x mode and "
189 "ieee_required_keys parameters to driver");
191 /* set 802.1x mode and ieee_required_keys parameter */
192 if (entry->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
193 if ((entry->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST | EAPOL_FLAG_REQUIRE_KEY_BROADCAST)))
194 ieee8021x_required_key = TRUE;
195 ieee8021x_mode = TRUE;
198 if (ralink_set_oid(drv, OID_802_11_SET_IEEE8021X, (char *) &ieee8021x_mode, sizeof(BOOLEAN)) < 0)
200 wpa_printf(MSG_DEBUG, "RALINK: Failed to set OID_802_11_SET_IEEE8021X(%d)", (int) ieee8021x_mode);
204 wpa_printf(MSG_DEBUG, "ieee8021x_mode is %s", ieee8021x_mode ? "TRUE" : "FALSE");
207 if (ralink_set_oid(drv, OID_802_11_SET_IEEE8021X_REQUIRE_KEY, (char *) &ieee8021x_required_key, sizeof(BOOLEAN)) < 0)
209 wpa_printf(MSG_DEBUG, "ERROR: Failed to set OID_802_11_SET_IEEE8021X_REQUIRE_KEY(%d)", (int) ieee8021x_required_key);
213 wpa_printf(MSG_DEBUG, "ieee8021x_required_key is %s and eapol_flag(%d)", ieee8021x_required_key ? "TRUE" : "FALSE",
223 static int wpa_driver_ralink_set_ssid(struct wpa_driver_ralink_data *drv,
224 const u8 *ssid, size_t ssid_len)
226 NDIS_802_11_SSID *buf;
230 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
232 buf = os_zalloc(sizeof(NDIS_802_11_SSID));
235 os_memset(buf, 0, sizeof(*buf));
236 buf->SsidLength = ssid_len;
237 os_memcpy(buf->Ssid, ssid, ssid_len);
238 os_memset(&iwr, 0, sizeof(iwr));
239 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
241 iwr.u.data.flags = OID_802_11_SSID;
242 iwr.u.data.flags |= OID_GET_SET_TOGGLE;
243 iwr.u.data.pointer = (caddr_t) buf;
244 iwr.u.data.length = sizeof(NDIS_802_11_SSID);
246 if (ioctl(drv->ioctl_sock, RT_PRIV_IOCTL, &iwr) < 0) {
247 perror("ioctl[RT_PRIV_IOCTL] -- OID_802_11_SSID");
254 static void wpa_driver_ralink_event_pmkid(struct wpa_driver_ralink_data *drv,
255 const u8 *data, size_t data_len)
257 NDIS_802_11_PMKID_CANDIDATE_LIST *pmkid;
259 union wpa_event_data event;
261 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
264 wpa_printf(MSG_DEBUG, "RALINK: Too short PMKID Candidate List "
265 "Event (len=%lu)", (unsigned long) data_len);
268 pmkid = (NDIS_802_11_PMKID_CANDIDATE_LIST *) data;
269 wpa_printf(MSG_DEBUG, "RALINK: PMKID Candidate List Event - Version %d"
271 (int) pmkid->Version, (int) pmkid->NumCandidates);
273 if (pmkid->Version != 1) {
274 wpa_printf(MSG_DEBUG, "RALINK: Unsupported PMKID Candidate "
275 "List Version %d", (int) pmkid->Version);
279 if (data_len < 8 + pmkid->NumCandidates * sizeof(PMKID_CANDIDATE)) {
280 wpa_printf(MSG_DEBUG, "RALINK: PMKID Candidate List "
288 os_memset(&event, 0, sizeof(event));
289 for (i = 0; i < pmkid->NumCandidates; i++) {
290 PMKID_CANDIDATE *p = &pmkid->CandidateList[i];
291 wpa_printf(MSG_DEBUG, "RALINK: %lu: " MACSTR " Flags 0x%x",
292 (unsigned long) i, MAC2STR(p->BSSID),
294 os_memcpy(event.pmkid_candidate.bssid, p->BSSID, ETH_ALEN);
295 event.pmkid_candidate.index = i;
296 event.pmkid_candidate.preauth =
297 p->Flags & NDIS_802_11_PMKID_CANDIDATE_PREAUTH_ENABLED;
298 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE,
303 static int wpa_driver_ralink_set_pmkid(struct wpa_driver_ralink_data *drv)
305 int len, count, i, ret;
306 struct ndis_pmkid_entry *entry;
307 NDIS_802_11_PMKID *p;
309 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
315 if (count >= drv->no_of_pmkid)
319 len = 8 + count * sizeof(BSSID_INFO);
324 p->BSSIDInfoCount = count;
326 for (i = 0; i < count; i++) {
327 os_memcpy(&p->BSSIDInfo[i].BSSID, entry->bssid, ETH_ALEN);
328 os_memcpy(&p->BSSIDInfo[i].PMKID, entry->pmkid, 16);
331 wpa_hexdump(MSG_MSGDUMP, "NDIS: OID_802_11_PMKID",
332 (const u8 *) p, len);
333 ret = ralink_set_oid(drv, OID_802_11_PMKID, (char *) p, len);
338 static int wpa_driver_ralink_add_pmkid(void *priv, const u8 *bssid,
341 struct wpa_driver_ralink_data *drv = priv;
342 struct ndis_pmkid_entry *entry, *prev;
344 if (drv->g_driver_down == 1)
347 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
349 if (drv->no_of_pmkid == 0)
355 if (os_memcmp(entry->bssid, bssid, ETH_ALEN) == 0)
362 /* Replace existing entry for this BSSID and move it into the
363 * beginning of the list. */
364 os_memcpy(entry->pmkid, pmkid, 16);
366 prev->next = entry->next;
367 entry->next = drv->pmkid;
371 entry = os_malloc(sizeof(*entry));
373 os_memcpy(entry->bssid, bssid, ETH_ALEN);
374 os_memcpy(entry->pmkid, pmkid, 16);
375 entry->next = drv->pmkid;
380 return wpa_driver_ralink_set_pmkid(drv);
384 static int wpa_driver_ralink_remove_pmkid(void *priv, const u8 *bssid,
387 struct wpa_driver_ralink_data *drv = priv;
388 struct ndis_pmkid_entry *entry, *prev;
390 if (drv->g_driver_down == 1)
393 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
395 if (drv->no_of_pmkid == 0)
402 if (os_memcmp(entry->bssid, bssid, ETH_ALEN) == 0 &&
403 os_memcmp(entry->pmkid, pmkid, 16) == 0) {
405 prev->next = entry->next;
407 drv->pmkid = entry->next;
414 return wpa_driver_ralink_set_pmkid(drv);
418 static int wpa_driver_ralink_flush_pmkid(void *priv)
420 struct wpa_driver_ralink_data *drv = priv;
422 struct ndis_pmkid_entry *pmkid, *prev;
424 if (drv->g_driver_down == 1)
427 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
429 if (drv->no_of_pmkid == 0)
440 os_memset(&p, 0, sizeof(p));
442 p.BSSIDInfoCount = 0;
443 wpa_hexdump(MSG_MSGDUMP, "NDIS: OID_802_11_PMKID (flush)",
445 return ralink_set_oid(drv, OID_802_11_PMKID, (char *) &p, 8);
449 wpa_driver_ralink_event_wireless_custom(struct wpa_driver_ralink_data *drv,
450 void *ctx, char *custom)
452 union wpa_event_data data;
454 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
456 wpa_printf(MSG_DEBUG, "Custom wireless event: '%s'", custom);
458 os_memset(&data, 0, sizeof(data));
460 if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
461 /* receive a MICFAILURE report */
462 data.michael_mic_failure.unicast =
463 os_strstr(custom, " unicast") != NULL;
464 /* TODO: parse parameters(?) */
465 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
466 } else if (os_strncmp(custom, "ASSOCINFO_ReqIEs=", 17) == 0) {
467 /* receive assoc. req. IEs */
474 * bytes = strlen(spos); ==> bug, bytes may less than original
475 * size by using this way to get size. snowpin 20070312
479 bytes = drv->assoc_req_ies_len;
481 data.assoc_info.req_ies = os_malloc(bytes);
482 if (data.assoc_info.req_ies == NULL)
485 data.assoc_info.req_ies_len = bytes;
486 os_memcpy(data.assoc_info.req_ies, spos, bytes);
488 /* skip the '\0' byte */
491 data.assoc_info.resp_ies = NULL;
492 data.assoc_info.resp_ies_len = 0;
494 if (os_strncmp(spos, " RespIEs=", 9) == 0) {
495 /* receive assoc. resp. IEs */
497 /* get IE's length */
498 bytes = os_strlen(spos);
503 data.assoc_info.resp_ies = os_malloc(bytes);
504 if (data.assoc_info.resp_ies == NULL)
507 data.assoc_info.resp_ies_len = bytes;
508 os_memcpy(data.assoc_info.resp_ies, spos, bytes);
511 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
513 /* free allocated memory */
515 os_free(data.assoc_info.resp_ies);
516 os_free(data.assoc_info.req_ies);
521 wpa_driver_ralink_event_wireless(struct wpa_driver_ralink_data *drv,
522 void *ctx, char *data, int len)
524 struct iw_event iwe_buf, *iwe = &iwe_buf;
525 char *pos, *end, *custom, *buf, *assoc_info_buf, *info_pos;
527 BOOLEAN ieee8021x_required_key = FALSE;
530 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
532 assoc_info_buf = info_pos = NULL;
536 while (pos + IW_EV_LCP_LEN <= end) {
537 /* Event data may be unaligned, so make a local, aligned copy
538 * before processing. */
539 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
540 wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
542 if (iwe->len <= IW_EV_LCP_LEN)
545 custom = pos + IW_EV_POINT_LEN;
547 if (drv->we_version_compiled > 18 && iwe->cmd == IWEVCUSTOM) {
548 /* WE-19 removed the pointer from struct iw_point */
549 char *dpos = (char *) &iwe_buf.u.data.length;
550 int dlen = dpos - (char *) &iwe_buf;
551 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
552 sizeof(struct iw_event) - dlen);
554 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
555 custom += IW_EV_POINT_OFF;
560 if (custom + iwe->u.data.length > end)
562 buf = os_malloc(iwe->u.data.length + 1);
565 os_memcpy(buf, custom, iwe->u.data.length);
566 buf[iwe->u.data.length] = '\0';
568 if (drv->ap_scan == 1) {
569 if ((iwe->u.data.flags == RT_ASSOC_EVENT_FLAG)
570 || (iwe->u.data.flags ==
571 RT_REQIE_EVENT_FLAG) ||
572 (iwe->u.data.flags == RT_RESPIE_EVENT_FLAG)
573 || (iwe->u.data.flags ==
574 RT_ASSOCINFO_EVENT_FLAG)) {
575 if (drv->scanning_done == 0) {
582 if (iwe->u.data.flags == RT_ASSOC_EVENT_FLAG) {
583 wpa_printf(MSG_DEBUG, "Custom wireless event: "
584 "receive ASSOCIATED_EVENT !!!");
585 /* determine whether the dynamic-WEP is used or
588 if (wpa_s && wpa_s->current_ssid &&
589 wpa_s->current_ssid->key_mgmt ==
590 WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
591 if ((wpa_s->current_ssid->eapol_flags &
592 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) {
593 //wpa_printf(MSG_DEBUG, "The current ssid - (%s), eapol_flag = %d.\n",
594 // wpa_ssid_txt(wpa_s->current_ssid->ssid, wpa_s->current_ssid->ssid_len),wpa_s->current_ssid->eapol_flags);
595 ieee8021x_required_key = TRUE;
598 if (ralink_set_oid(drv, OID_802_11_SET_IEEE8021X_REQUIRE_KEY, (char *) &ieee8021x_required_key, sizeof(BOOLEAN)) < 0)
600 wpa_printf(MSG_DEBUG, "ERROR: Failed to set OID_802_11_SET_IEEE8021X_REQUIRE_KEY(%d)",
601 (int) ieee8021x_required_key);
604 wpa_printf(MSG_DEBUG, "ieee8021x_required_key is %s and eapol_flag(%d).\n", ieee8021x_required_key ? "TRUE" : "FALSE",
605 wpa_s->current_ssid->eapol_flags);
609 wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
610 } else if (iwe->u.data.flags == RT_REQIE_EVENT_FLAG) {
611 wpa_printf(MSG_DEBUG, "Custom wireless event: "
612 "receive ReqIEs !!!");
614 os_malloc(iwe->u.data.length);
615 if (drv->assoc_req_ies == NULL) {
620 drv->assoc_req_ies_len = iwe->u.data.length;
621 os_memcpy(drv->assoc_req_ies, custom,
623 } else if (iwe->u.data.flags == RT_RESPIE_EVENT_FLAG) {
624 wpa_printf(MSG_DEBUG, "Custom wireless event: "
625 "receive RespIEs !!!");
626 drv->assoc_resp_ies =
627 os_malloc(iwe->u.data.length);
628 if (drv->assoc_resp_ies == NULL) {
629 os_free(drv->assoc_req_ies);
630 drv->assoc_req_ies = NULL;
635 drv->assoc_resp_ies_len = iwe->u.data.length;
636 os_memcpy(drv->assoc_resp_ies, custom,
638 } else if (iwe->u.data.flags ==
639 RT_ASSOCINFO_EVENT_FLAG) {
640 wpa_printf(MSG_DEBUG, "Custom wireless event: "
641 "receive ASSOCINFO_EVENT !!!");
644 os_zalloc(drv->assoc_req_ies_len +
645 drv->assoc_resp_ies_len + 1);
647 if (assoc_info_buf == NULL) {
648 os_free(drv->assoc_req_ies);
649 drv->assoc_req_ies = NULL;
650 os_free(drv->assoc_resp_ies);
651 drv->assoc_resp_ies = NULL;
656 if (drv->assoc_req_ies) {
657 os_memcpy(assoc_info_buf,
659 drv->assoc_req_ies_len);
661 info_pos = assoc_info_buf +
662 drv->assoc_req_ies_len;
663 if (drv->assoc_resp_ies) {
666 drv->assoc_resp_ies_len);
668 assoc_info_buf[drv->assoc_req_ies_len +
669 drv->assoc_resp_ies_len] = '\0';
670 wpa_driver_ralink_event_wireless_custom(
671 drv, ctx, assoc_info_buf);
672 os_free(drv->assoc_req_ies);
673 drv->assoc_req_ies = NULL;
674 os_free(drv->assoc_resp_ies);
675 drv->assoc_resp_ies = NULL;
676 os_free(assoc_info_buf);
677 } else if (iwe->u.data.flags == RT_DISASSOC_EVENT_FLAG)
679 wpa_printf(MSG_DEBUG, "Custom wireless event: "
680 "receive DISASSOCIATED_EVENT !!!");
681 wpa_supplicant_event(ctx, EVENT_DISASSOC,
683 } else if (iwe->u.data.flags == RT_PMKIDCAND_FLAG) {
684 wpa_printf(MSG_DEBUG, "Custom wireless event: "
685 "receive PMKIDCAND_EVENT !!!");
686 wpa_driver_ralink_event_pmkid(
687 drv, (const u8 *) custom,
689 } else if (iwe->u.data.flags == RT_INTERFACE_DOWN) {
690 drv->g_driver_down = 1;
692 } else if (iwe->u.data.flags == RT_REPORT_AP_INFO) {
693 if (drv->ap_scan != 1) {
694 typedef struct PACKED {
695 UCHAR bssid[MAC_ADDR_LEN];
696 UCHAR ssid[MAX_LEN_OF_SSID];
706 wpa_printf(MSG_DEBUG, "Custom wireless"
708 "RT_REPORT_AP_INFO !!!");
709 //printf("iwe->u.data.length = %d\n", iwe->u.data.length);
710 //wpa_hexdump(MSG_DEBUG, "AP_Info: ", buf, iwe->u.data.length);
712 wpa_s->num_scan_results = 1;
713 if (wpa_s->scan_results)
714 os_free(wpa_s->scan_results);
715 wpa_s->scan_results = os_malloc(sizeof(struct wpa_scan_result) + 1);
716 if (wpa_s->scan_results) {
717 PAPINFO pApInfo = (PAPINFO)buf;
718 os_memcpy(wpa_s->scan_results[0].bssid, pApInfo->bssid, ETH_ALEN);
719 os_memcpy(wpa_s->scan_results[0].ssid, pApInfo->ssid, pApInfo->ssid_len);
720 wpa_s->scan_results[0].ssid_len = pApInfo->ssid_len;
721 if (pApInfo->wpa_ie_len > 0) {
722 os_memcpy(wpa_s->scan_results[0].wpa_ie, pApInfo->wpa_ie, pApInfo->wpa_ie_len);
723 wpa_s->scan_results[0].wpa_ie_len = pApInfo->wpa_ie_len;
724 } else if (pApInfo->rsn_ie_len > 0) {
725 os_memcpy(wpa_s->scan_results[0].rsn_ie, pApInfo->rsn_ie, pApInfo->rsn_ie_len);
726 wpa_s->scan_results[0].rsn_ie_len = pApInfo->rsn_ie_len;
728 wpa_s->scan_results[0].caps = pApInfo->caps;
729 wpa_s->scan_results[0].freq = pApInfo->freq;
731 wpa_printf("wpa_s->scan_"
738 wpa_driver_ralink_event_wireless_custom(
750 wpa_driver_ralink_event_rtm_newlink(struct wpa_driver_ralink_data *drv,
751 void *ctx, struct nlmsghdr *h, int len)
753 struct ifinfomsg *ifi;
754 int attrlen, nlmsg_len, rta_len;
755 struct rtattr * attr;
757 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
759 if (len < (int) sizeof(*ifi))
763 wpa_hexdump(MSG_DEBUG, "ifi: ", (u8 *) ifi, sizeof(struct ifinfomsg));
765 nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
767 attrlen = h->nlmsg_len - nlmsg_len;
768 wpa_printf(MSG_DEBUG, "attrlen=%d", attrlen);
772 attr = (struct rtattr *) (((char *) ifi) + nlmsg_len);
773 wpa_hexdump(MSG_DEBUG, "attr1: ", (u8 *) attr, sizeof(struct rtattr));
774 rta_len = RTA_ALIGN(sizeof(struct rtattr));
775 wpa_hexdump(MSG_DEBUG, "attr2: ", (u8 *)attr,rta_len);
776 while (RTA_OK(attr, attrlen)) {
777 wpa_printf(MSG_DEBUG, "rta_type=%02x\n", attr->rta_type);
778 if (attr->rta_type == IFLA_WIRELESS) {
779 wpa_driver_ralink_event_wireless(
781 ((char *) attr) + rta_len,
782 attr->rta_len - rta_len);
784 attr = RTA_NEXT(attr, attrlen);
785 wpa_hexdump(MSG_DEBUG, "attr3: ",
786 (u8 *) attr, sizeof(struct rtattr));
790 static void wpa_driver_ralink_event_receive(int sock, void *ctx,
795 struct sockaddr_nl from;
799 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
801 fromlen = sizeof(from);
802 left = recvfrom(sock, buf, sizeof(buf), MSG_DONTWAIT,
803 (struct sockaddr *) &from, &fromlen);
806 if (errno != EINTR && errno != EAGAIN)
807 perror("recvfrom(netlink)");
811 h = (struct nlmsghdr *) buf;
812 wpa_hexdump(MSG_DEBUG, "h: ", (u8 *)h, h->nlmsg_len);
814 while (left >= (int) sizeof(*h)) {
818 plen = len - sizeof(*h);
819 if (len > left || plen < 0) {
820 wpa_printf(MSG_DEBUG, "Malformed netlink message: "
821 "len=%d left=%d plen=%d", len, left, plen);
825 switch (h->nlmsg_type) {
827 wpa_driver_ralink_event_rtm_newlink(ctx, sock_ctx, h,
832 len = NLMSG_ALIGN(len);
834 h = (struct nlmsghdr *) ((char *) h + len);
838 wpa_printf(MSG_DEBUG, "%d extra bytes in the end of netlink "
845 ralink_get_we_version_compiled(struct wpa_driver_ralink_data *drv)
848 UINT we_version_compiled = 0;
850 os_memset(&iwr, 0, sizeof(iwr));
851 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
852 iwr.u.data.pointer = (caddr_t) &we_version_compiled;
853 iwr.u.data.flags = RT_OID_WE_VERSION_COMPILED;
855 if (ioctl(drv->ioctl_sock, RT_PRIV_IOCTL, &iwr) < 0) {
856 wpa_printf(MSG_DEBUG, "%s: failed", __func__);
860 drv->we_version_compiled = we_version_compiled;
866 ralink_set_iface_flags(void *priv, int dev_up)
868 struct wpa_driver_ralink_data *drv = priv;
871 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
873 if (drv->ioctl_sock < 0)
876 os_memset(&ifr, 0, sizeof(ifr));
877 os_snprintf(ifr.ifr_name, IFNAMSIZ, "%s", drv->ifname);
879 if (ioctl(drv->ioctl_sock, SIOCGIFFLAGS, &ifr) != 0) {
880 perror("ioctl[SIOCGIFFLAGS]");
885 ifr.ifr_flags |= IFF_UP;
887 ifr.ifr_flags &= ~IFF_UP;
889 if (ioctl(drv->ioctl_sock, SIOCSIFFLAGS, &ifr) != 0) {
890 perror("ioctl[SIOCSIFFLAGS]");
897 static void * wpa_driver_ralink_init(void *ctx, const char *ifname)
900 struct wpa_driver_ralink_data *drv;
902 struct sockaddr_nl local;
903 UCHAR enable_wpa_supplicant = 0;
905 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
907 /* open socket to kernel */
908 if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
913 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
915 if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) {
916 perror(ifr.ifr_name);
920 drv = os_zalloc(sizeof(*drv));
924 drv->scanning_done = 1;
925 drv->ap_scan = 1; /* for now - let's assume ap_scan=1 is used */
927 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
929 drv->g_driver_down = 0;
931 s = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
933 perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)");
934 close(drv->ioctl_sock);
939 os_memset(&local, 0, sizeof(local));
940 local.nl_family = AF_NETLINK;
941 local.nl_groups = RTMGRP_LINK;
943 if (bind(s, (struct sockaddr *) &local, sizeof(local)) < 0) {
944 perror("bind(netlink)");
946 close(drv->ioctl_sock);
951 eloop_register_read_sock(s, wpa_driver_ralink_event_receive, drv, ctx);
953 drv->no_of_pmkid = 4; /* Number of PMKID saved supported */
955 ralink_set_iface_flags(drv, 1); /* mark up during setup */
956 ralink_get_we_version_compiled(drv);
957 wpa_driver_ralink_flush_pmkid(drv);
959 if (drv->ap_scan == 1)
960 enable_wpa_supplicant = 1;
962 enable_wpa_supplicant = 2;
963 /* trigger driver support wpa_supplicant */
964 if (ralink_set_oid(drv, RT_OID_WPA_SUPPLICANT_SUPPORT,
965 (PCHAR) &enable_wpa_supplicant, sizeof(UCHAR)) < 0)
967 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
968 "RT_OID_WPA_SUPPLICANT_SUPPORT(%d)",
969 (int) enable_wpa_supplicant);
970 wpa_printf(MSG_ERROR, "RALINK: Driver does not support "
973 close(drv->ioctl_sock);
978 if (drv->ap_scan == 1)
979 drv->scanning_done = 0;
984 static void wpa_driver_ralink_deinit(void *priv)
986 struct wpa_driver_ralink_data *drv = priv;
987 UCHAR enable_wpa_supplicant;
989 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
991 enable_wpa_supplicant = 0;
993 if (drv->g_driver_down == 0) {
994 /* trigger driver disable wpa_supplicant support */
995 if (ralink_set_oid(drv, RT_OID_WPA_SUPPLICANT_SUPPORT,
996 (char *) &enable_wpa_supplicant,
997 sizeof(BOOLEAN)) < 0) {
998 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
999 "RT_OID_WPA_SUPPLICANT_SUPPORT(%d)",
1000 (int) enable_wpa_supplicant);
1003 wpa_driver_ralink_flush_pmkid(drv);
1006 ralink_set_iface_flags(drv, 0);
1009 eloop_cancel_timeout(wpa_driver_ralink_scan_timeout, drv, drv->ctx);
1010 eloop_unregister_read_sock(drv->event_sock);
1011 close(drv->event_sock);
1012 close(drv->ioctl_sock);
1016 static void wpa_driver_ralink_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1018 struct wpa_driver_ralink_data *drv = eloop_ctx;
1020 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1022 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1023 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1025 drv->scanning_done = 1;
1029 static int wpa_driver_ralink_scan(void *priv, const u8 *ssid, size_t ssid_len)
1031 struct wpa_driver_ralink_data *drv = priv;
1035 if (drv->g_driver_down == 1)
1038 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1040 if (ssid_len > IW_ESSID_MAX_SIZE) {
1041 wpa_printf(MSG_DEBUG, "%s: too long SSID (%lu)",
1042 __FUNCTION__, (unsigned long) ssid_len);
1046 /* wpa_driver_ralink_set_ssid(drv, ssid, ssid_len); */
1048 os_memset(&iwr, 0, sizeof(iwr));
1049 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1051 if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) {
1052 perror("ioctl[SIOCSIWSCAN]");
1056 /* Not all drivers generate "scan completed" wireless event, so try to
1057 * read results after a timeout. */
1058 eloop_cancel_timeout(wpa_driver_ralink_scan_timeout, drv, drv->ctx);
1059 eloop_register_timeout(4, 0, wpa_driver_ralink_scan_timeout, drv,
1062 drv->scanning_done = 0;
1068 wpa_driver_ralink_get_scan_results(void *priv,
1069 struct wpa_scan_result *results,
1072 struct wpa_driver_ralink_data *drv = priv;
1074 NDIS_802_11_BSSID_LIST_EX *wsr;
1075 NDIS_WLAN_BSSID_EX *wbi;
1081 if (drv->g_driver_down == 1)
1083 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1085 if (drv->we_version_compiled >= 17) {
1086 buf = os_zalloc(8192);
1087 iwr.u.data.length = 8192;
1089 buf = os_zalloc(4096);
1090 iwr.u.data.length = 4096;
1095 wsr = (NDIS_802_11_BSSID_LIST_EX *) buf;
1097 wsr->NumberOfItems = 0;
1098 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1099 iwr.u.data.pointer = (void *) buf;
1100 iwr.u.data.flags = OID_802_11_BSSID_LIST;
1102 if ((rv = ioctl(drv->ioctl_sock, RT_PRIV_IOCTL, &iwr)) < 0) {
1103 wpa_printf(MSG_DEBUG, "ioctl fail: rv = %d", rv);
1108 os_memset(results, 0, max_size * sizeof(struct wpa_scan_result));
1110 for (ap_num = 0, wbi = wsr->Bssid; ap_num < wsr->NumberOfItems;
1112 os_memcpy(results[ap_num].bssid, &wbi->MacAddress, ETH_ALEN);
1113 os_memcpy(results[ap_num].ssid, wbi->Ssid.Ssid,
1114 wbi->Ssid.SsidLength);
1115 results[ap_num].ssid_len = wbi->Ssid.SsidLength;
1116 results[ap_num].freq = (wbi->Configuration.DSConfig / 1000);
1119 wpa_hexdump(MSG_DEBUG, "RALINK: AP IEs",
1120 (u8 *) wbi + sizeof(*wbi) - 1, wbi->IELength);
1122 pos = (u8 *) wbi + sizeof(*wbi) - 1;
1123 end = (u8 *) wbi + sizeof(*wbi) + wbi->IELength;
1125 if (wbi->IELength < sizeof(NDIS_802_11_FIXED_IEs))
1128 pos += sizeof(NDIS_802_11_FIXED_IEs) - 2;
1129 os_memcpy(&results[ap_num].caps, pos, 2);
1132 while (pos + 1 < end && pos + 2 + pos[1] <= end) {
1133 u8 ielen = 2 + pos[1];
1135 if (ielen > SSID_MAX_WPA_IE_LEN) {
1140 if (pos[0] == WLAN_EID_VENDOR_SPECIFIC &&
1142 os_memcmp(pos + 2, "\x00\x50\xf2\x01", 4) == 0) {
1143 os_memcpy(results[ap_num].wpa_ie, pos, ielen);
1144 results[ap_num].wpa_ie_len = ielen;
1145 } else if (pos[0] == WLAN_EID_RSN) {
1146 os_memcpy(results[ap_num].rsn_ie, pos, ielen);
1147 results[ap_num].rsn_ie_len = ielen;
1152 wbi = (NDIS_WLAN_BSSID_EX *) ((u8 *) wbi + wbi->Length);
1159 static int ralink_set_auth_mode(struct wpa_driver_ralink_data *drv,
1160 NDIS_802_11_AUTHENTICATION_MODE mode)
1162 NDIS_802_11_AUTHENTICATION_MODE auth_mode = mode;
1164 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1166 if (ralink_set_oid(drv, OID_802_11_AUTHENTICATION_MODE,
1167 (char *) &auth_mode, sizeof(auth_mode)) < 0) {
1168 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
1169 "OID_802_11_AUTHENTICATION_MODE (%d)",
1176 static int wpa_driver_ralink_remove_key(struct wpa_driver_ralink_data *drv,
1177 int key_idx, const u8 *addr,
1178 const u8 *bssid, int pairwise)
1180 NDIS_802_11_REMOVE_KEY rkey;
1181 NDIS_802_11_KEY_INDEX _index;
1184 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1186 os_memset(&rkey, 0, sizeof(rkey));
1188 rkey.Length = sizeof(rkey);
1189 rkey.KeyIndex = key_idx;
1192 rkey.KeyIndex |= 1 << 30;
1194 os_memcpy(rkey.BSSID, bssid, ETH_ALEN);
1196 res = ralink_set_oid(drv, OID_802_11_REMOVE_KEY, (char *) &rkey,
1199 /* AlbertY@20060210 removed it */
1200 if (0 /* !pairwise */) {
1201 res2 = ralink_set_oid(drv, OID_802_11_REMOVE_WEP,
1202 (char *) &_index, sizeof(_index));
1206 if (res < 0 && res2 < 0)
1211 static int wpa_driver_ralink_add_wep(struct wpa_driver_ralink_data *drv,
1212 int pairwise, int key_idx, int set_tx,
1213 const u8 *key, size_t key_len)
1215 NDIS_802_11_WEP *wep;
1219 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1222 wep = os_zalloc(len);
1227 wep->KeyIndex = key_idx;
1230 wep->KeyIndex |= 0x80000000;
1232 wep->KeyLength = key_len;
1233 os_memcpy(wep->KeyMaterial, key, key_len);
1235 wpa_hexdump_key(MSG_MSGDUMP, "RALINK: OID_802_11_ADD_WEP",
1236 (const u8 *) wep, len);
1237 res = ralink_set_oid(drv, OID_802_11_ADD_WEP, (char *) wep, len);
1244 static int wpa_driver_ralink_set_key(void *priv, wpa_alg alg, const u8 *addr,
1245 int key_idx, int set_tx,
1246 const u8 *seq, size_t seq_len,
1247 const u8 *key, size_t key_len)
1249 struct wpa_driver_ralink_data *drv = priv;
1251 NDIS_802_11_KEY *nkey;
1255 if (drv->g_driver_down == 1)
1258 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1260 if (addr == NULL || os_memcmp(addr, "\xff\xff\xff\xff\xff\xff",
1264 wpa_driver_ralink_get_bssid(drv, bssid);
1268 os_memcpy(bssid, addr, ETH_ALEN);
1271 if (alg == WPA_ALG_NONE || key_len == 0) {
1272 return wpa_driver_ralink_remove_key(drv, key_idx, addr, bssid,
1276 if (alg == WPA_ALG_WEP) {
1277 return wpa_driver_ralink_add_wep(drv, pairwise, key_idx,
1278 set_tx, key, key_len);
1281 len = 12 + 6 + 6 + 8 + key_len;
1283 nkey = os_zalloc(len);
1288 nkey->KeyIndex = key_idx;
1291 nkey->KeyIndex |= 1 << 31;
1294 nkey->KeyIndex |= 1 << 30;
1297 nkey->KeyIndex |= 1 << 29;
1299 nkey->KeyLength = key_len;
1300 os_memcpy(nkey->BSSID, bssid, ETH_ALEN);
1302 if (seq && seq_len) {
1303 for (i = 0; i < seq_len; i++)
1304 nkey->KeyRSC |= seq[i] << (i * 8);
1306 if (alg == WPA_ALG_TKIP && key_len == 32) {
1307 os_memcpy(nkey->KeyMaterial, key, 16);
1308 os_memcpy(nkey->KeyMaterial + 16, key + 24, 8);
1309 os_memcpy(nkey->KeyMaterial + 24, key + 16, 8);
1311 os_memcpy(nkey->KeyMaterial, key, key_len);
1314 wpa_printf(MSG_DEBUG, "%s: alg=%d key_idx=%d set_tx=%d seq_len=%lu "
1315 "key_len=%lu", __FUNCTION__, alg, key_idx, set_tx,
1316 (unsigned long) seq_len, (unsigned long) key_len);
1318 wpa_hexdump_key(MSG_MSGDUMP, "RALINK: OID_802_11_ADD_KEY",
1319 (const u8 *) nkey, len);
1320 res = ralink_set_oid(drv, OID_802_11_ADD_KEY, (char *) nkey, len);
1326 static int wpa_driver_ralink_disassociate(void *priv, const u8 *addr,
1329 struct wpa_driver_ralink_data *drv = priv;
1331 if (drv->g_driver_down == 1)
1333 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1334 if (ralink_set_oid(drv, OID_802_11_DISASSOCIATE, " ", 4) < 0) {
1335 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
1336 "OID_802_11_DISASSOCIATE");
1342 static int wpa_driver_ralink_deauthenticate(void *priv, const u8 *addr,
1345 struct wpa_driver_ralink_data *drv = priv;
1347 wpa_printf(MSG_DEBUG, "g_driver_down = %d", drv->g_driver_down);
1349 if (drv->g_driver_down == 1)
1352 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1353 if (ralink_get_new_driver_flag(drv) == 0) {
1354 return wpa_driver_ralink_disassociate(priv, addr, reason_code);
1356 MLME_DEAUTH_REQ_STRUCT mlme;
1357 os_memset(&mlme, 0, sizeof(MLME_DEAUTH_REQ_STRUCT));
1358 mlme.Reason = reason_code;
1359 os_memcpy(mlme.Addr, addr, MAC_ADDR_LEN);
1360 return ralink_set_oid(drv, OID_802_11_DEAUTHENTICATION,
1362 sizeof(MLME_DEAUTH_REQ_STRUCT));
1367 wpa_driver_ralink_associate(void *priv,
1368 struct wpa_driver_associate_params *params)
1370 struct wpa_driver_ralink_data *drv = priv;
1372 NDIS_802_11_NETWORK_INFRASTRUCTURE mode;
1373 NDIS_802_11_AUTHENTICATION_MODE auth_mode;
1374 NDIS_802_11_WEP_STATUS encr;
1375 BOOLEAN ieee8021xMode;
1377 if (drv->g_driver_down == 1)
1379 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1381 if (params->mode == IEEE80211_MODE_IBSS)
1382 mode = Ndis802_11IBSS;
1384 mode = Ndis802_11Infrastructure;
1386 if (ralink_set_oid(drv, OID_802_11_INFRASTRUCTURE_MODE,
1387 (char *) &mode, sizeof(mode)) < 0) {
1388 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
1389 "OID_802_11_INFRASTRUCTURE_MODE (%d)",
1391 /* Try to continue anyway */
1394 if (params->wpa_ie == NULL || params->wpa_ie_len == 0) {
1395 if (params->auth_alg & AUTH_ALG_SHARED_KEY) {
1396 if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM)
1397 auth_mode = Ndis802_11AuthModeAutoSwitch;
1399 auth_mode = Ndis802_11AuthModeShared;
1401 auth_mode = Ndis802_11AuthModeOpen;
1402 } else if (params->wpa_ie[0] == WLAN_EID_RSN) {
1403 if (params->key_mgmt_suite == KEY_MGMT_PSK)
1404 auth_mode = Ndis802_11AuthModeWPA2PSK;
1406 auth_mode = Ndis802_11AuthModeWPA2;
1408 if (params->key_mgmt_suite == KEY_MGMT_WPA_NONE)
1409 auth_mode = Ndis802_11AuthModeWPANone;
1410 else if (params->key_mgmt_suite == KEY_MGMT_PSK)
1411 auth_mode = Ndis802_11AuthModeWPAPSK;
1413 auth_mode = Ndis802_11AuthModeWPA;
1416 switch (params->pairwise_suite) {
1418 encr = Ndis802_11Encryption3Enabled;
1421 encr = Ndis802_11Encryption2Enabled;
1425 encr = Ndis802_11Encryption1Enabled;
1428 if (params->group_suite == CIPHER_CCMP)
1429 encr = Ndis802_11Encryption3Enabled;
1430 else if (params->group_suite == CIPHER_TKIP)
1431 encr = Ndis802_11Encryption2Enabled;
1433 encr = Ndis802_11EncryptionDisabled;
1436 encr = Ndis802_11EncryptionDisabled;
1440 ralink_set_auth_mode(drv, auth_mode);
1442 /* notify driver that IEEE8021x mode is enabled */
1443 if (params->key_mgmt_suite == KEY_MGMT_802_1X_NO_WPA)
1444 ieee8021xMode = TRUE;
1446 ieee8021xMode = FALSE;
1448 if (ralink_set_oid(drv, OID_802_11_SET_IEEE8021X,
1449 (char *) &ieee8021xMode, sizeof(BOOLEAN)) < 0) {
1450 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
1451 "OID_802_11_SET_IEEE8021X(%d)",
1452 (int) ieee8021xMode);
1455 if (ralink_set_oid(drv, OID_802_11_WEP_STATUS,
1456 (char *) &encr, sizeof(encr)) < 0) {
1457 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
1458 "OID_802_11_WEP_STATUS(%d)",
1462 if ((ieee8021xMode == FALSE) &&
1463 (encr == Ndis802_11Encryption1Enabled)) {
1466 if (ralink_set_oid(drv, OID_802_11_DROP_UNENCRYPTED,
1467 (char *) &enabled, sizeof(enabled)) < 0) {
1468 wpa_printf(MSG_DEBUG, "RALINK: Failed to set "
1469 "OID_802_11_DROP_UNENCRYPTED(%d)",
1474 return wpa_driver_ralink_set_ssid(drv, params->ssid, params->ssid_len);
1478 wpa_driver_ralink_set_countermeasures(void *priv, int enabled)
1480 struct wpa_driver_ralink_data *drv = priv;
1481 if (drv->g_driver_down == 1)
1483 wpa_printf(MSG_DEBUG, "%s: enabled=%d", __FUNCTION__, enabled);
1484 return ralink_set_oid(drv, OID_SET_COUNTERMEASURES, (char *) &enabled,
1488 const struct wpa_driver_ops wpa_driver_ralink_ops = {
1490 .desc = "Ralink Wireless Client driver",
1491 .get_bssid = wpa_driver_ralink_get_bssid,
1492 .get_ssid = wpa_driver_ralink_get_ssid,
1493 .set_key = wpa_driver_ralink_set_key,
1494 .init = wpa_driver_ralink_init,
1495 .deinit = wpa_driver_ralink_deinit,
1496 .set_countermeasures = wpa_driver_ralink_set_countermeasures,
1497 .scan = wpa_driver_ralink_scan,
1498 .get_scan_results = wpa_driver_ralink_get_scan_results,
1499 .deauthenticate = wpa_driver_ralink_deauthenticate,
1500 .disassociate = wpa_driver_ralink_disassociate,
1501 .associate = wpa_driver_ralink_associate,
1502 .add_pmkid = wpa_driver_ralink_add_pmkid,
1503 .remove_pmkid = wpa_driver_ralink_remove_pmkid,
1504 .flush_pmkid = wpa_driver_ralink_flush_pmkid,