Lines Matching refs:sm
30 #define STATE_MACHINE_ADDR sm->addr
34 static int wpa_sm_step(struct wpa_state_machine *sm);
39 static void wpa_request_new_ptk(struct wpa_state_machine *sm);
134 int (*cb)(struct wpa_state_machine *sm, void *ctx),
198 static int wpa_use_aes_cmac(struct wpa_state_machine *sm)
202 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
206 if (wpa_key_mgmt_sha256(sm->wpa_key_mgmt))
257 struct wpa_state_machine *sm = timeout_ctx;
259 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
260 wpa_request_new_ptk(sm);
261 wpa_sm_step(sm);
265 static int wpa_auth_pmksa_clear_cb(struct wpa_state_machine *sm, void *ctx)
267 if (sm->pmksa == ctx)
268 sm->pmksa = NULL;
510 struct wpa_state_machine *sm;
512 sm = os_zalloc(sizeof(struct wpa_state_machine));
513 if (sm == NULL)
515 os_memcpy(sm->addr, addr, ETH_ALEN);
517 sm->wpa_auth = wpa_auth;
518 sm->group = wpa_auth->group;
520 return sm;
525 struct wpa_state_machine *sm)
527 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
531 if (sm->ft_completed) {
532 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
539 if (sm->started) {
540 os_memset(&sm->key_replay, 0, sizeof(sm->key_replay));
541 sm->ReAuthenticationRequest = TRUE;
542 return wpa_sm_step(sm);
545 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
547 sm->started = 1;
549 sm->Init = TRUE;
550 if (wpa_sm_step(sm) == 1)
552 sm->Init = FALSE;
553 sm->AuthenticationRequest = TRUE;
554 return wpa_sm_step(sm);
558 void wpa_auth_sta_no_wpa(struct wpa_state_machine *sm)
563 if (sm == NULL)
566 sm->wpa_key_mgmt = 0;
570 static void wpa_free_sta_sm(struct wpa_state_machine *sm)
572 if (sm->GUpdateStationKeys) {
573 sm->group->GKeyDoneStations--;
574 sm->GUpdateStationKeys = FALSE;
577 os_free(sm->assoc_resp_ftie);
579 os_free(sm->last_rx_eapol_key);
580 os_free(sm->wpa_ie);
581 os_free(sm);
585 void wpa_auth_sta_deinit(struct wpa_state_machine *sm)
587 if (sm == NULL)
590 if (sm->wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) {
591 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
594 eloop_cancel_timeout(wpa_rekey_gtk, sm->wpa_auth, NULL);
595 eloop_register_timeout(0, 500000, wpa_rekey_gtk, sm->wpa_auth,
599 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
600 sm->pending_1_of_4_timeout = 0;
601 eloop_cancel_timeout(wpa_sm_call_step, sm, NULL);
602 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
603 if (sm->in_step_loop) {
607 "machine deinit for " MACSTR, MAC2STR(sm->addr));
608 sm->pending_deinit = 1;
610 wpa_free_sta_sm(sm);
614 static void wpa_request_new_ptk(struct wpa_state_machine *sm)
616 if (sm == NULL)
619 sm->PTKRequest = TRUE;
620 sm->PTK_valid = 0;
655 struct wpa_state_machine *sm,
668 os_memcpy(sm->sup_pmk_r1_name, ie.pmkid, PMKID_LEN);
670 sm->sup_pmk_r1_name, PMKID_LEN);
686 if (sm->assoc_resp_ftie &&
687 (kde->ftie[1] != sm->assoc_resp_ftie[1] ||
688 os_memcmp(kde->ftie, sm->assoc_resp_ftie,
689 2 + sm->assoc_resp_ftie[1]) != 0)) {
694 sm->assoc_resp_ftie, 2 + sm->assoc_resp_ftie[1]);
704 struct wpa_state_machine *sm, int group)
707 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
713 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
716 } else if (!group && sm->pairwise != WPA_CIPHER_TKIP) {
717 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
721 wpa_auth_mic_failure_report(wpa_auth, sm->addr);
722 sm->dot11RSNAStatsTKIPRemoteMICFailures++;
730 wpa_request_new_ptk(sm);
735 struct wpa_state_machine *sm,
749 if (wpa_auth == NULL || !wpa_auth->conf.wpa || sm == NULL)
761 MAC2STR(sm->addr), key_info, key->type, key_data_length);
771 if (sm->wpa == WPA_VERSION_WPA2) {
832 if (sm->pairwise == WPA_CIPHER_CCMP ||
833 sm->pairwise == WPA_CIPHER_GCMP) {
834 if (wpa_use_aes_cmac(sm) &&
836 wpa_auth_logger(wpa_auth, sm->addr,
844 if (!wpa_use_aes_cmac(sm) &&
846 wpa_auth_logger(wpa_auth, sm->addr,
856 if (sm->req_replay_counter_used &&
857 os_memcmp(key->replay_counter, sm->req_replay_counter,
859 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_WARNING,
867 !wpa_replay_counter_valid(sm->key_replay, key->replay_counter)) {
871 wpa_replay_counter_valid(sm->prev_key_replay,
873 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING &&
874 os_memcmp(sm->SNonce, key->key_nonce, WPA_NONCE_LEN) != 0)
883 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
887 sm->update_snonce = 1;
888 wpa_replay_counter_mark_invalid(sm->prev_key_replay,
894 wpa_replay_counter_valid(sm->prev_key_replay,
896 sm->wpa_ptk_state == WPA_PTK_PTKINITNEGOTIATING) {
897 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
901 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
906 if (!sm->key_replay[i].valid)
909 sm->key_replay[i].counter,
920 if (sm->wpa_ptk_state != WPA_PTK_PTKSTART &&
921 sm->wpa_ptk_state != WPA_PTK_PTKCALCNEGOTIATING &&
922 (!sm->update_snonce ||
923 sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING)) {
924 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
927 sm->wpa_ptk_state);
931 if (sm->group->reject_4way_hs_for_entropy) {
945 wpa_sta_disconnect(wpa_auth, sm->addr);
950 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
962 ft = sm->wpa == WPA_VERSION_WPA2 &&
963 wpa_key_mgmt_ft(sm->wpa_key_mgmt);
964 if (sm->wpa_ie == NULL ||
966 sm->wpa_ie, sm->wpa_ie_len,
968 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
971 if (sm->wpa_ie) {
973 sm->wpa_ie, sm->wpa_ie_len);
978 wpa_sta_disconnect(wpa_auth, sm->addr);
982 if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) {
983 wpa_sta_disconnect(wpa_auth, sm->addr);
989 if (sm->wpa_ptk_state != WPA_PTK_PTKINITNEGOTIATING ||
990 !sm->PTK_valid) {
991 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
994 sm->wpa_ptk_state);
999 if (sm->wpa_ptk_group_state != WPA_PTK_GROUP_REKEYNEGOTIATING
1000 || !sm->PTK_valid) {
1001 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_INFO,
1004 sm->wpa_ptk_group_state);
1017 if (!sm->PTK_valid) {
1018 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1034 wpa_auth_vlogger(wpa_auth, sm->addr, LOGGER_DEBUG,
1038 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1044 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1049 sm->MICVerified = FALSE;
1050 if (sm->PTK_valid && !sm->update_snonce) {
1051 if (wpa_verify_key_mic(&sm->PTK, data, data_len)) {
1052 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1056 sm->MICVerified = TRUE;
1057 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
1058 sm->pending_1_of_4_timeout = 0;
1062 if (sm->MICVerified) {
1063 sm->req_replay_counter_used = 1;
1064 os_memcpy(sm->req_replay_counter, key->replay_counter,
1067 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1080 wpa_smk_error(wpa_auth, sm, key);
1085 wpa_auth, sm,
1088 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1091 wpa_request_new_ptk(sm);
1094 wpa_smk_m1(wpa_auth, sm, key);
1101 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
1109 wpa_replay_counter_mark_invalid(sm->key_replay,
1120 os_memcpy(sm->prev_key_replay, sm->key_replay,
1121 sizeof(sm->key_replay));
1123 os_memset(sm->prev_key_replay, 0,
1124 sizeof(sm->prev_key_replay));
1131 wpa_replay_counter_mark_invalid(sm->key_replay, NULL);
1136 wpa_smk_m3(wpa_auth, sm, key);
1141 os_free(sm->last_rx_eapol_key);
1142 sm->last_rx_eapol_key = os_malloc(data_len);
1143 if (sm->last_rx_eapol_key == NULL)
1145 os_memcpy(sm->last_rx_eapol_key, data, data_len);
1146 sm->last_rx_eapol_key_len = data_len;
1148 sm->rx_eapol_key_secure = !!(key_info & WPA_KEY_INFO_SECURE);
1149 sm->EAPOLKeyReceived = TRUE;
1150 sm->EAPOLKeyPairwise = !!(key_info & WPA_KEY_INFO_KEY_TYPE);
1151 sm->EAPOLKeyRequest = !!(key_info & WPA_KEY_INFO_REQUEST);
1152 os_memcpy(sm->SNonce, key->key_nonce, WPA_NONCE_LEN);
1153 wpa_sm_step(sm);
1194 struct wpa_state_machine *sm = timeout_ctx;
1196 sm->pending_1_of_4_timeout = 0;
1197 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "EAPOL-Key timeout");
1198 sm->TimeoutEvt = TRUE;
1199 wpa_sm_step(sm);
1204 struct wpa_state_machine *sm, int key_info,
1222 else if (wpa_use_aes_cmac(sm))
1224 else if (sm->pairwise != WPA_CIPHER_TKIP)
1261 key->type = sm->wpa == WPA_VERSION_WPA2 ?
1264 if (encr && sm->wpa == WPA_VERSION_WPA2)
1266 if (sm->wpa != WPA_VERSION_WPA2)
1270 alg = pairwise ? sm->pairwise : wpa_auth->conf.wpa_group;
1277 sm->key_replay[i].valid = sm->key_replay[i - 1].valid;
1278 os_memcpy(sm->key_replay[i].counter,
1279 sm->key_replay[i - 1].counter,
1282 inc_byte_array(sm->key_replay[0].counter, WPA_REPLAY_COUNTER_LEN);
1283 os_memcpy(key->replay_counter, sm->key_replay[0].counter,
1285 sm->key_replay[0].valid = TRUE;
1313 if (aes_wrap(sm->PTK.kek, (key_data_len - 8) / 8, buf,
1323 sm->group->Counter + WPA_NONCE_LEN - 16, 16);
1324 inc_byte_array(sm->group->Counter, WPA_NONCE_LEN);
1326 os_memcpy(ek + 16, sm->PTK.kek, 16);
1335 if (!sm->PTK_valid) {
1336 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
1342 wpa_eapol_key_mic(sm->PTK.kck, version, (u8 *) hdr, len,
1346 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx,
1348 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len,
1349 sm->pairwise_set);
1355 struct wpa_state_machine *sm, int key_info,
1364 if (sm == NULL)
1367 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len,
1370 ctr = pairwise ? sm->TimeoutCtr : sm->GTimeoutCtr;
1377 sm->pending_1_of_4_timeout = 1;
1381 wpa_send_eapol_timeout, wpa_auth, sm);
1410 void wpa_remove_ptk(struct wpa_state_machine *sm)
1412 sm->PTK_valid = FALSE;
1413 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1414 wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL, 0);
1415 sm->pairwise_set = FALSE;
1416 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
1420 int wpa_auth_sm_event(struct wpa_state_machine *sm, wpa_event event)
1424 if (sm == NULL)
1427 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1436 sm->DeauthenticationRequest = TRUE;
1440 if (!sm->started) {
1450 sm->started = 1;
1451 sm->Init = TRUE;
1452 if (wpa_sm_step(sm) == 1)
1454 sm->Init = FALSE;
1455 sm->AuthenticationRequest = TRUE;
1458 if (sm->GUpdateStationKeys) {
1463 sm->group->GKeyDoneStations--;
1464 sm->GUpdateStationKeys = FALSE;
1465 sm->PtkGroupInit = TRUE;
1467 sm->ReAuthenticationRequest = TRUE;
1473 wpa_ft_install_ptk(sm);
1476 sm->ft_completed = 1;
1484 sm->ft_completed = 0;
1488 if (sm->mgmt_frame_prot && event == WPA_AUTH)
1493 sm->PTK_valid = FALSE;
1494 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1497 wpa_remove_ptk(sm);
1500 return wpa_sm_step(sm);
1507 if (sm->Init) {
1510 sm->changed = FALSE;
1513 sm->keycount = 0;
1514 if (sm->GUpdateStationKeys)
1515 sm->group->GKeyDoneStations--;
1516 sm->GUpdateStationKeys = FALSE;
1517 if (sm->wpa == WPA_VERSION_WPA)
1518 sm->PInitAKeys = FALSE;
1521 sm->Pair = TRUE;
1523 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0);
1524 wpa_remove_ptk(sm);
1525 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0);
1526 sm->TimeoutCtr = 0;
1527 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
1528 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
1537 sm->Disconnect = FALSE;
1538 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1545 sm->DeauthenticationRequest = FALSE;
1552 os_memset(&sm->PTK, 0, sizeof(sm->PTK));
1553 sm->PTK_valid = FALSE;
1554 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
1556 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1);
1557 sm->AuthenticationRequest = FALSE;
1594 wpa_group_ensure_init(sm->wpa_auth, sm->group);
1605 if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
1608 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
1611 wpa_hexdump(MSG_DEBUG, "WPA: Assign ANonce", sm->ANonce,
1613 sm->ReAuthenticationRequest = FALSE;
1618 sm->TimeoutCtr = 0;
1629 sm->xxkey_len = 0;
1631 if (sm->pmksa) {
1633 os_memcpy(sm->PMK, sm->pmksa->pmk, PMK_LEN);
1634 } else if (wpa_auth_get_msk(sm->wpa_auth, sm->addr, msk, &len) == 0) {
1637 os_memcpy(sm->PMK, msk, PMK_LEN);
1640 os_memcpy(sm->xxkey, msk + PMK_LEN, PMK_LEN);
1641 sm->xxkey_len = PMK_LEN;
1648 sm->req_replay_counter_used = 0;
1657 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, 0);
1665 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL);
1667 os_memcpy(sm->PMK, psk, PMK_LEN);
1669 os_memcpy(sm->xxkey, psk, PMK_LEN);
1670 sm->xxkey_len = PMK_LEN;
1673 sm->req_replay_counter_used = 0;
1683 sm->PTKRequest = FALSE;
1684 sm->TimeoutEvt = FALSE;
1686 sm->TimeoutCtr++;
1687 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1693 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1699 if (sm->wpa == WPA_VERSION_WPA2 &&
1700 wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt)) {
1706 if (sm->pmksa)
1708 sm->pmksa->pmkid, PMKID_LEN);
1714 rsn_pmkid(sm->PMK, PMK_LEN, sm->wpa_auth->addr,
1715 sm->addr, &pmkid[2 + RSN_SELECTOR_LEN],
1716 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
1719 wpa_send_eapol(sm->wpa_auth, sm,
1721 sm->ANonce, pmkid, pmkid_len, 0, 0);
1725 static int wpa_derive_ptk(struct wpa_state_machine *sm, const u8 *pmk,
1728 size_t ptk_len = sm->pairwise != WPA_CIPHER_TKIP ? 48 : 64;
1730 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt))
1731 return wpa_auth_derive_ptk_ft(sm, pmk, ptk, ptk_len);
1735 sm->wpa_auth->addr, sm->addr, sm->ANonce, sm->SNonce,
1737 wpa_key_mgmt_sha256(sm->wpa_key_mgmt));
1750 sm->EAPOLKeyReceived = FALSE;
1751 sm->update_snonce = FALSE;
1757 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
1758 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, pmk);
1762 pmk = sm->PMK;
1764 wpa_derive_ptk(sm, pmk, &PTK);
1766 if (wpa_verify_key_mic(&PTK, sm->last_rx_eapol_key,
1767 sm->last_rx_eapol_key_len) == 0) {
1772 if (!wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt))
1777 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1783 if (sm->wpa == WPA_VERSION_WPA2 && wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1788 if (os_memcmp(sm->sup_pmk_r1_name, sm->pmk_r1_name,
1790 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1795 sm->sup_pmk_r1_name, WPA_PMK_NAME_LEN);
1797 sm->pmk_r1_name, WPA_PMK_NAME_LEN);
1803 sm->pending_1_of_4_timeout = 0;
1804 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
1806 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
1810 os_memcpy(sm->PMK, pmk, PMK_LEN);
1813 sm->MICVerified = TRUE;
1815 os_memcpy(&sm->PTK, &PTK, sizeof(PTK));
1816 sm->PTK_valid = TRUE;
1823 sm->TimeoutCtr = 0;
1829 static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1831 if (sm->mgmt_frame_prot) {
1839 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1842 struct wpa_group *gsm = sm->group;
1844 if (!sm->mgmt_frame_prot)
1850 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, igtk.pn) < 0)
1853 if (sm->wpa_auth->conf.disable_gtk) {
1869 static int ieee80211w_kde_len(struct wpa_state_machine *sm)
1875 static u8 * ieee80211w_kde_add(struct wpa_state_machine *sm, u8 *pos)
1887 struct wpa_group *gsm = sm->group;
1892 sm->TimeoutEvt = FALSE;
1894 sm->TimeoutCtr++;
1895 if (sm->TimeoutCtr > (int) dot11RSNAConfigPairwiseUpdateCount) {
1905 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
1907 wpa_ie = sm->wpa_auth->wpa_ie;
1908 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
1909 if (sm->wpa == WPA_VERSION_WPA &&
1910 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
1916 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1918 if (sm->wpa == WPA_VERSION_WPA2) {
1923 if (sm->wpa_auth->conf.disable_gtk) {
1942 if (sm->rx_eapol_key_secure) {
1951 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
1958 kde_len = wpa_ie_len + ieee80211w_kde_len(sm);
1962 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1975 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
1976 int res = wpa_insert_pmkid(kde, pos - kde, sm->pmk_r1_name);
1993 pos = ieee80211w_kde_add(sm, pos);
1996 if (wpa_key_mgmt_ft(sm->wpa_key_mgmt)) {
2000 conf = &sm->wpa_auth->conf;
2029 wpa_send_eapol(sm->wpa_auth, sm,
2033 _rsc, sm->ANonce, kde, pos - kde, keyidx, encr);
2041 sm->EAPOLKeyReceived = FALSE;
2042 if (sm->Pair) {
2043 enum wpa_alg alg = wpa_cipher_to_alg(sm->pairwise);
2044 int klen = wpa_cipher_key_len(sm->pairwise);
2045 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
2046 sm->PTK.tk1, klen)) {
2047 wpa_sta_disconnect(sm->wpa_auth, sm->addr);
2051 sm->pairwise_set = TRUE;
2053 if (sm->wpa_auth->conf.wpa_ptk_rekey) {
2054 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
2055 eloop_register_timeout(sm->wpa_auth->conf.
2057 sm->wpa_auth, sm);
2060 if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)) {
2061 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
2067 sm->keycount++;
2068 if (sm->keycount == 2) {
2069 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
2073 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid,
2076 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable, 0);
2077 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, 1);
2078 if (sm->wpa == WPA_VERSION_WPA)
2079 sm->PInitAKeys = TRUE;
2081 sm->has_GTK = TRUE;
2082 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
2084 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
2087 wpa_ft_push_pmk_r1(sm->wpa_auth, sm->addr);
2094 struct wpa_authenticator *wpa_auth = sm->wpa_auth;
2096 if (sm->Init)
2098 else if (sm->Disconnect
2100 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
2101 "WPA_PTK: sm->Disconnect");
2104 else if (sm->DeauthenticationRequest)
2106 else if (sm->AuthenticationRequest)
2108 else if (sm->ReAuthenticationRequest)
2110 else if (sm->PTKRequest)
2112 else switch (sm->wpa_ptk_state) {
2125 if (wpa_key_mgmt_wpa_ieee8021x(sm->wpa_key_mgmt) &&
2126 wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
2129 else if (wpa_key_mgmt_wpa_psk(sm->wpa_key_mgmt)
2134 if (wpa_auth_get_eapol(sm->wpa_auth, sm->addr,
2139 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO,
2145 if (wpa_auth_get_psk(sm->wpa_auth, sm->addr, NULL))
2148 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_INFO,
2155 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2156 sm->EAPOLKeyPairwise)
2158 else if (sm->TimeoutCtr >
2161 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2165 } else if (sm->TimeoutEvt)
2169 if (sm->MICVerified)
2171 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2172 sm->EAPOLKeyPairwise)
2174 else if (sm->TimeoutEvt)
2181 if (sm->update_snonce)
2183 else if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2184 sm->EAPOLKeyPairwise && sm->MICVerified)
2186 else if (sm->TimeoutCtr >
2189 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2194 } else if (sm->TimeoutEvt)
2206 if (sm->Init) {
2209 sm->changed = FALSE;
2211 sm->GTimeoutCtr = 0;
2218 struct wpa_group *gsm = sm->group;
2225 sm->GTimeoutCtr++;
2226 if (sm->GTimeoutCtr > (int) dot11RSNAConfigGroupUpdateCount) {
2232 if (sm->wpa == WPA_VERSION_WPA)
2233 sm->PInitAKeys = FALSE;
2234 sm->TimeoutEvt = FALSE;
2238 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
2239 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2243 if (sm->wpa_auth->conf.disable_gtk) {
2252 if (sm->wpa == WPA_VERSION_WPA2) {
2254 ieee80211w_kde_len(sm);
2264 pos = ieee80211w_kde_add(sm, pos);
2270 wpa_send_eapol(sm->wpa_auth, sm,
2273 (!sm->Pair ? WPA_KEY_INFO_INSTALL : 0),
2275 if (sm->wpa == WPA_VERSION_WPA2)
2283 sm->EAPOLKeyReceived = FALSE;
2284 if (sm->GUpdateStationKeys)
2285 sm->group->GKeyDoneStations--;
2286 sm->GUpdateStationKeys = FALSE;
2287 sm->GTimeoutCtr = 0;
2289 wpa_auth_vlogger(sm->wpa_auth, sm->addr, LOGGER_INFO,
2291 sm->wpa == WPA_VERSION_WPA ? "WPA" : "RSN");
2292 sm->has_GTK = TRUE;
2299 if (sm->GUpdateStationKeys)
2300 sm->group->GKeyDoneStations--;
2301 sm->GUpdateStationKeys = FALSE;
2302 sm->Disconnect = TRUE;
2308 if (sm->Init || sm->PtkGroupInit) {
2310 sm->PtkGroupInit = FALSE;
2311 } else switch (sm->wpa_ptk_group_state) {
2313 if (sm->GUpdateStationKeys ||
2314 (sm->wpa == WPA_VERSION_WPA && sm->PInitAKeys))
2318 if (sm->EAPOLKeyReceived && !sm->EAPOLKeyRequest &&
2319 !sm->EAPOLKeyPairwise && sm->MICVerified)
2321 else if (sm->GTimeoutCtr >
2324 else if (sm->TimeoutEvt)
2390 static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
2392 if (ctx != NULL && ctx != sm->group)
2395 if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
2396 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2398 sm->GUpdateStationKeys = FALSE;
2401 if (sm->GUpdateStationKeys) {
2407 wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
2414 if (sm->is_wnmsleep)
2418 sm->group->GKeyDoneStations++;
2419 sm->GUpdateStationKeys = TRUE;
2421 wpa_sm_step(sm);
2428 void wpa_wnmsleep_rekey_gtk(struct wpa_state_machine *sm)
2430 if (sm->is_wnmsleep)
2433 wpa_group_update_sta(sm, NULL);
2437 void wpa_set_wnmsleep(struct wpa_state_machine *sm, int flag)
2439 sm->is_wnmsleep = !!flag;
2443 int wpa_wnmsleep_gtk_subelem(struct wpa_state_machine *sm, u8 *pos)
2446 struct wpa_group *gsm = sm->group;
2489 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, subelem + 5) != 0)
2494 if (aes_wrap(sm->PTK.kek, key_len / 8, key, subelem + 13)) {
2510 int wpa_wnmsleep_igtk_subelem(struct wpa_state_machine *sm, u8 *pos)
2513 struct wpa_group *gsm = sm->group;
2529 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, ptr) != 0) {
2534 if (aes_wrap(sm->PTK.kek, WPA_IGTK_LEN / 8,
2646 static int wpa_sm_step(struct wpa_state_machine *sm)
2648 if (sm == NULL)
2651 if (sm->in_step_loop) {
2659 sm->in_step_loop = 1;
2661 if (sm->pending_deinit)
2664 sm->changed = FALSE;
2665 sm->wpa_auth->group->changed = FALSE;
2668 if (sm->pending_deinit)
2671 if (sm->pending_deinit)
2673 wpa_group_sm_step(sm->wpa_auth, sm->group);
2674 } while (sm->changed || sm->wpa_auth->group->changed);
2675 sm->in_step_loop = 0;
2677 if (sm->pending_deinit) {
2679 "machine deinit for " MACSTR, MAC2STR(sm->addr));
2680 wpa_free_sta_sm(sm);
2689 struct wpa_state_machine *sm = eloop_ctx;
2690 wpa_sm_step(sm);
2694 void wpa_auth_sm_notify(struct wpa_state_machine *sm)
2696 if (sm == NULL)
2698 eloop_register_timeout(0, 0, wpa_sm_call_step, sm, NULL);
2826 int wpa_get_mib_sta(struct wpa_state_machine *sm, char *buf, size_t buflen)
2831 if (sm == NULL)
2838 pairwise = wpa_cipher_to_suite(sm->wpa == WPA_VERSION_WPA2 ?
2840 sm->pairwise);
2856 MAC2STR(sm->addr),
2858 sm->dot11RSNAStatsTKIPLocalMICFailures,
2859 sm->dot11RSNAStatsTKIPRemoteMICFailures);
2868 sm->wpa_ptk_state,
2869 sm->wpa_ptk_group_state);
2885 int wpa_auth_pairwise_set(struct wpa_state_machine *sm)
2887 return sm && sm->pairwise_set;
2891 int wpa_auth_get_pairwise(struct wpa_state_machine *sm)
2893 return sm->pairwise;
2897 int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm)
2899 if (sm == NULL)
2901 return sm->wpa_key_mgmt;
2905 int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
2907 if (sm == NULL)
2909 return sm->wpa;
2913 int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
2916 if (sm == NULL || sm->pmksa != entry)
2918 sm->pmksa = NULL;
2924 wpa_auth_sta_get_pmksa(struct wpa_state_machine *sm)
2926 return sm ? sm->pmksa : NULL;
2930 void wpa_auth_sta_local_mic_failure_report(struct wpa_state_machine *sm)
2932 if (sm)
2933 sm->dot11RSNAStatsTKIPLocalMICFailures++;
2946 int wpa_auth_pmksa_add(struct wpa_state_machine *sm, const u8 *pmk,
2949 if (sm == NULL || sm->wpa != WPA_VERSION_WPA2 ||
2950 sm->wpa_auth->conf.disable_pmksa_caching)
2953 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, PMK_LEN,
2954 sm->wpa_auth->addr, sm->addr, session_timeout,
2955 eapol, sm->wpa_key_mgmt))
3000 sm, int vlan_id)
3004 if (sm == NULL || sm->wpa_auth == NULL)
3007 group = sm->wpa_auth->group;
3015 group = wpa_auth_add_group(sm->wpa_auth, vlan_id);
3020 if (sm->group == group)
3024 "machine for VLAN ID %d", MAC2STR(sm->addr), vlan_id);
3026 sm->group = group;
3032 struct wpa_state_machine *sm, int ack)
3034 if (wpa_auth == NULL || sm == NULL)
3037 " ack=%d", MAC2STR(sm->addr), ack);
3038 if (sm->pending_1_of_4_timeout && ack) {
3053 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
3056 wpa_send_eapol_timeout, wpa_auth, sm);
