Manual merge with Linus.
[linux-2.6] / net / ieee80211 / softmac / ieee80211softmac_auth.c
1 /*
2  * This file contains the softmac's authentication logic.
3  *
4  * Copyright (c) 2005, 2006 Johannes Berg <johannes@sipsolutions.net>
5  *                          Joseph Jezak <josejx@gentoo.org>
6  *                          Larry Finger <Larry.Finger@lwfinger.net>
7  *                          Danny van Dyk <kugelfang@gentoo.org>
8  *                          Michael Buesch <mbuesch@freenet.de>
9  *
10  * This program is free software; you can redistribute it and/or modify it
11  * under the terms of version 2 of the GNU General Public License as
12  * published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful, but WITHOUT
15  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
16  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
17  * more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program; if not, write to the Free Software
21  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
22  *
23  * The full GNU General Public License is included in this distribution in the
24  * file called COPYING.
25  */
26
27 #include "ieee80211softmac_priv.h"
28
29 static void ieee80211softmac_auth_queue(void *data);
30
31 /* Queues an auth request to the desired AP */
32 int
33 ieee80211softmac_auth_req(struct ieee80211softmac_device *mac, 
34         struct ieee80211softmac_network *net)
35 {
36         struct ieee80211softmac_auth_queue_item *auth;
37         unsigned long flags;
38         
39         if (net->authenticating)
40                 return 0;
41
42         /* Add the network if it's not already added */
43         ieee80211softmac_add_network(mac, net);
44
45         dprintk(KERN_NOTICE PFX "Queueing Authentication Request to "MAC_FMT"\n", MAC_ARG(net->bssid));
46         /* Queue the auth request */
47         auth = (struct ieee80211softmac_auth_queue_item *)
48                 kmalloc(sizeof(struct ieee80211softmac_auth_queue_item), GFP_KERNEL);
49         if(auth == NULL)
50                 return -ENOMEM;
51
52         auth->net = net;
53         auth->mac = mac;
54         auth->retry = IEEE80211SOFTMAC_AUTH_RETRY_LIMIT;
55         auth->state = IEEE80211SOFTMAC_AUTH_OPEN_REQUEST;
56         INIT_WORK(&auth->work, &ieee80211softmac_auth_queue, (void *)auth);
57         
58         /* Lock (for list) */
59         spin_lock_irqsave(&mac->lock, flags);
60
61         /* add to list */
62         list_add_tail(&auth->list, &mac->auth_queue);
63         schedule_work(&auth->work);
64         spin_unlock_irqrestore(&mac->lock, flags);
65         
66         return 0;
67 }
68
69
70 /* Sends an auth request to the desired AP and handles timeouts */
71 static void
72 ieee80211softmac_auth_queue(void *data)
73 {
74         struct ieee80211softmac_device *mac;
75         struct ieee80211softmac_auth_queue_item *auth;
76         struct ieee80211softmac_network *net;
77         unsigned long flags;
78
79         auth = (struct ieee80211softmac_auth_queue_item *)data;
80         net = auth->net;
81         mac = auth->mac;
82
83         if(auth->retry > 0) {
84                 /* Switch to correct channel for this network */
85                 mac->set_channel(mac->dev, net->channel);
86                 
87                 /* Lock and set flags */
88                 spin_lock_irqsave(&mac->lock, flags);
89                 net->authenticated = 0;
90                 net->authenticating = 1;
91                 /* add a timeout call so we eventually give up waiting for an auth reply */
92                 schedule_delayed_work(&auth->work, IEEE80211SOFTMAC_AUTH_TIMEOUT);
93                 auth->retry--;
94                 spin_unlock_irqrestore(&mac->lock, flags);
95                 if (ieee80211softmac_send_mgt_frame(mac, auth->net, IEEE80211_STYPE_AUTH, auth->state))
96                         dprintk(KERN_NOTICE PFX "Sending Authentication Request to "MAC_FMT" failed (this shouldn't happen, wait for the timeout).\n", MAC_ARG(net->bssid));
97                 else
98                         dprintk(KERN_NOTICE PFX "Sent Authentication Request to "MAC_FMT".\n", MAC_ARG(net->bssid));
99                 return;
100         }
101
102         printkl(KERN_WARNING PFX "Authentication timed out with "MAC_FMT"\n", MAC_ARG(net->bssid));
103         /* Remove this item from the queue */
104         spin_lock_irqsave(&mac->lock, flags);
105         ieee80211softmac_call_events_locked(mac, IEEE80211SOFTMAC_EVENT_AUTH_TIMEOUT, net);
106         cancel_delayed_work(&auth->work); /* just to make sure... */
107         list_del(&auth->list);
108         spin_unlock_irqrestore(&mac->lock, flags);
109         /* Free it */
110         kfree(auth);
111 }
112
113 /* Handle the auth response from the AP
114  * This should be registered with ieee80211 as handle_auth 
115  */
116 int 
117 ieee80211softmac_auth_resp(struct net_device *dev, struct ieee80211_auth *auth)
118 {       
119
120         struct list_head *list_ptr;
121         struct ieee80211softmac_device *mac = ieee80211_priv(dev);
122         struct ieee80211softmac_auth_queue_item *aq = NULL;
123         struct ieee80211softmac_network *net = NULL;
124         unsigned long flags;
125         u8 * data;
126         
127         /* Find correct auth queue item */
128         spin_lock_irqsave(&mac->lock, flags);
129         list_for_each(list_ptr, &mac->auth_queue) {
130                 aq = list_entry(list_ptr, struct ieee80211softmac_auth_queue_item, list);
131                 net = aq->net;
132                 if (!memcmp(net->bssid, auth->header.addr2, ETH_ALEN))
133                         break;
134                 else
135                         aq = NULL;
136         }
137         spin_unlock_irqrestore(&mac->lock, flags);
138         
139         /* Make sure that we've got an auth queue item for this request */
140         if(aq == NULL)
141         {
142                 printkl(KERN_DEBUG PFX "Authentication response received from "MAC_FMT" but no queue item exists.\n", MAC_ARG(auth->header.addr2));
143                 /* Error #? */
144                 return -1;
145         }                       
146         
147         /* Check for out of order authentication */
148         if(!net->authenticating)
149         {
150                 printkl(KERN_DEBUG PFX "Authentication response received from "MAC_FMT" but did not request authentication.\n",MAC_ARG(auth->header.addr2));
151                 return -1;
152         }
153
154         /* Parse the auth packet */
155         switch(auth->algorithm) {
156         case WLAN_AUTH_OPEN:
157                 /* Check the status code of the response */
158
159                 switch(auth->status) {
160                 case WLAN_STATUS_SUCCESS:
161                         /* Update the status to Authenticated */
162                         spin_lock_irqsave(&mac->lock, flags);
163                         net->authenticating = 0;
164                         net->authenticated = 1;
165                         spin_unlock_irqrestore(&mac->lock, flags);
166                         
167                         /* Send event */
168                         printkl(KERN_NOTICE PFX "Open Authentication completed with "MAC_FMT"\n", MAC_ARG(net->bssid));
169                         ieee80211softmac_call_events(mac, IEEE80211SOFTMAC_EVENT_AUTHENTICATED, net);
170                         break;
171                 default:
172                         /* Lock and reset flags */
173                         spin_lock_irqsave(&mac->lock, flags);
174                         net->authenticated = 0;
175                         net->authenticating = 0;
176                         spin_unlock_irqrestore(&mac->lock, flags);
177                         
178                         printkl(KERN_NOTICE PFX "Open Authentication with "MAC_FMT" failed, error code: %i\n", 
179                                 MAC_ARG(net->bssid), le16_to_cpup(&auth->status));
180                         /* Count the error? */
181                         break;
182                 }
183                 goto free_aq;
184                 break;
185         case WLAN_AUTH_SHARED_KEY:
186                 /* Figure out where we are in the process */
187                 switch(auth->transaction) {
188                 case IEEE80211SOFTMAC_AUTH_SHARED_CHALLENGE:
189                         /* Check to make sure we have a challenge IE */
190                         data = (u8 *)auth->info_element;
191                         if(*data++ != MFIE_TYPE_CHALLENGE){
192                                 printkl(KERN_NOTICE PFX "Shared Key Authentication failed due to a missing challenge.\n");
193                                 break;  
194                         }
195                         /* Save the challenge */
196                         spin_lock_irqsave(&mac->lock, flags);
197                         net->challenge_len = *data++;   
198                         if(net->challenge_len > WLAN_AUTH_CHALLENGE_LEN)
199                                 net->challenge_len = WLAN_AUTH_CHALLENGE_LEN;
200                         if(net->challenge != NULL)
201                                 kfree(net->challenge);
202                         net->challenge = kmalloc(net->challenge_len, GFP_ATOMIC);
203                         memcpy(net->challenge, data, net->challenge_len);
204                         aq->state = IEEE80211SOFTMAC_AUTH_SHARED_RESPONSE; 
205                         spin_unlock_irqrestore(&mac->lock, flags);
206
207                         /* Switch to correct channel for this network */
208                         mac->set_channel(mac->dev, net->channel);
209                         
210                         /* Send our response (How to encrypt?) */
211                         ieee80211softmac_send_mgt_frame(mac, aq->net, IEEE80211_STYPE_AUTH, aq->state);
212                         break;
213                 case IEEE80211SOFTMAC_AUTH_SHARED_PASS:
214                         /* Check the status code of the response */
215                         switch(auth->status) {
216                         case WLAN_STATUS_SUCCESS:
217                                 /* Update the status to Authenticated */        
218                                 spin_lock_irqsave(&mac->lock, flags);
219                                 net->authenticating = 0;
220                                 net->authenticated = 1;
221                                 spin_unlock_irqrestore(&mac->lock, flags);
222                                 printkl(KERN_NOTICE PFX "Shared Key Authentication completed with "MAC_FMT"\n", 
223                                         MAC_ARG(net->bssid));
224                                 break;
225                         default:
226                                 printkl(KERN_NOTICE PFX "Shared Key Authentication with "MAC_FMT" failed, error code: %i\n", 
227                                         MAC_ARG(net->bssid), le16_to_cpup(&auth->status));
228                                 /* Lock and reset flags */
229                                 spin_lock_irqsave(&mac->lock, flags);
230                                 net->authenticating = 0;
231                                 net->authenticated = 0;
232                                 spin_unlock_irqrestore(&mac->lock, flags);
233                                 /* Count the error? */
234                                 break;
235                         }
236                         goto free_aq;
237                         break;
238                 default:
239                         printkl(KERN_WARNING PFX "Unhandled Authentication Step: %i\n", auth->transaction);
240                         break;
241                 }
242                 goto free_aq;
243                 break;
244         default:
245                 /* ERROR */     
246                 goto free_aq;
247                 break;
248         }
249         return 0;
250 free_aq:
251         /* Cancel the timeout */
252         spin_lock_irqsave(&mac->lock, flags);
253         cancel_delayed_work(&aq->work);
254         /* Remove this item from the queue */
255         list_del(&aq->list);
256         spin_unlock_irqrestore(&mac->lock, flags);
257
258         /* Free it */
259         kfree(aq);
260         return 0;
261 }
262
263 /*
264  * Handle deauthorization
265  */
266 static void
267 ieee80211softmac_deauth_from_net(struct ieee80211softmac_device *mac,
268         struct ieee80211softmac_network *net)
269 {
270         struct ieee80211softmac_auth_queue_item *aq = NULL;
271         struct list_head *list_ptr;
272         unsigned long flags;
273
274         /* Lock and reset status flags */
275         spin_lock_irqsave(&mac->lock, flags);
276         net->authenticating = 0;
277         net->authenticated = 0;
278         
279         /* Find correct auth queue item, if it exists */
280         list_for_each(list_ptr, &mac->auth_queue) {
281                 aq = list_entry(list_ptr, struct ieee80211softmac_auth_queue_item, list);
282                 if (!memcmp(net->bssid, aq->net->bssid, ETH_ALEN))
283                         break;
284                 else
285                         aq = NULL;
286         }
287         
288         /* Cancel pending work */
289         if(aq != NULL)
290                 /* Not entirely safe?  What about running work? */
291                 cancel_delayed_work(&aq->work);
292
293         /* Free our network ref */
294         ieee80211softmac_del_network_locked(mac, net);
295         if(net->challenge != NULL)
296                 kfree(net->challenge);
297         kfree(net);
298         
299         /* can't transmit data right now... */
300         netif_carrier_off(mac->dev);
301         /* let's try to re-associate */
302         schedule_work(&mac->associnfo.work);
303         spin_unlock_irqrestore(&mac->lock, flags);
304 }
305
306 /* 
307  * Sends a deauth request to the desired AP
308  */
309 int 
310 ieee80211softmac_deauth_req(struct ieee80211softmac_device *mac, 
311         struct ieee80211softmac_network *net, int reason)
312 {
313         int ret;
314         
315         /* Make sure the network is authenticated */
316         if (!net->authenticated)
317         {
318                 printkl(KERN_DEBUG PFX "Can't send deauthentication packet, network is not authenticated.\n");
319                 /* Error okay? */
320                 return -EPERM;
321         }
322         
323         /* Send the de-auth packet */
324         if((ret = ieee80211softmac_send_mgt_frame(mac, net, IEEE80211_STYPE_DEAUTH, reason)))
325                 return ret;
326         
327         ieee80211softmac_deauth_from_net(mac, net);
328         return 0;
329 }
330  
331 /*
332  * This should be registered with ieee80211 as handle_deauth
333  */
334 int 
335 ieee80211softmac_deauth_resp(struct net_device *dev, struct ieee80211_deauth *deauth)
336 {
337         
338         struct ieee80211softmac_network *net = NULL;
339         struct ieee80211softmac_device *mac = ieee80211_priv(dev);
340         
341         if (!deauth) {
342                 dprintk("deauth without deauth packet. eek!\n");
343                 return 0;
344         }
345
346         net = ieee80211softmac_get_network_by_bssid(mac, deauth->header.addr2);
347         
348         if (net == NULL) {
349                 printkl(KERN_DEBUG PFX "Received deauthentication packet from "MAC_FMT", but that network is unknown.\n",
350                         MAC_ARG(deauth->header.addr2));
351                 return 0;
352         }
353
354         /* Make sure the network is authenticated */
355         if(!net->authenticated)
356         {
357                 printkl(KERN_DEBUG PFX "Can't perform deauthentication, network is not authenticated.\n");
358                 /* Error okay? */
359                 return -EPERM;
360         }
361
362         ieee80211softmac_deauth_from_net(mac, net);
363         return 0;
364 }