Lines Matching refs:wpa_auth
54 static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
57 static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
59 static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth,
66 static void wpa_group_free(struct wpa_authenticator *wpa_auth,
68 static void wpa_group_get(struct wpa_authenticator *wpa_auth,
70 static void wpa_group_put(struct wpa_authenticator *wpa_auth,
74 static void wpa_group_update_gtk(struct wpa_authenticator *wpa_auth,
93 return sm->wpa_auth->mld_addr; in wpa_auth_get_aa()
95 return sm->wpa_auth->addr; in wpa_auth_get_aa()
115 if (!sm->wpa_auth) in wpa_gkeydone_sta()
118 sm->wpa_auth->group->GKeyDoneStations--; in wpa_gkeydone_sta()
123 sm->mld_links[link_id].wpa_auth->group->GKeyDoneStations--; in wpa_gkeydone_sta()
140 wpa_group_put(sm->mld_links[link_id].wpa_auth, in wpa_release_link_auth_ref()
141 sm->mld_links[link_id].wpa_auth->group); in wpa_release_link_auth_ref()
142 sm->mld_links[link_id].wpa_auth = NULL; in wpa_release_link_auth_ref()
152 struct wpa_authenticator *wpa_auth; member
155 static int wpa_get_link_sta_auth(struct wpa_authenticator *wpa_auth, void *data) in wpa_get_link_sta_auth() argument
159 if (!wpa_auth->is_ml) in wpa_get_link_sta_auth()
163 !ether_addr_equal(wpa_auth->mld_addr, ctx->mld_addr)) in wpa_get_link_sta_auth()
166 if ((ctx->addr && ether_addr_equal(wpa_auth->addr, ctx->addr)) || in wpa_get_link_sta_auth()
167 (ctx->link_id > -1 && wpa_auth->is_ml && in wpa_get_link_sta_auth()
168 wpa_auth->link_id == ctx->link_id)) { in wpa_get_link_sta_auth()
169 ctx->wpa_auth = wpa_auth; in wpa_get_link_sta_auth()
178 wpa_get_link_auth(struct wpa_authenticator *wpa_auth, int link_id) in wpa_get_link_auth() argument
183 ctx.mld_addr = wpa_auth->mld_addr; in wpa_get_link_auth()
185 ctx.wpa_auth = NULL; in wpa_get_link_auth()
186 wpa_auth_for_each_auth(wpa_auth, wpa_get_link_sta_auth, &ctx); in wpa_get_link_auth()
187 return ctx.wpa_auth; in wpa_get_link_auth()
191 static int wpa_get_primary_auth_cb(struct wpa_authenticator *wpa_auth, in wpa_get_primary_auth_cb() argument
196 if (!wpa_auth->is_ml || in wpa_get_primary_auth_cb()
197 !ether_addr_equal(wpa_auth->mld_addr, ctx->addr) || in wpa_get_primary_auth_cb()
198 !wpa_auth->primary_auth) in wpa_get_primary_auth_cb()
201 ctx->wpa_auth = wpa_auth; in wpa_get_primary_auth_cb()
209 wpa_get_primary_auth(struct wpa_authenticator *wpa_auth) in wpa_get_primary_auth() argument
214 if (!wpa_auth || !wpa_auth->is_ml || wpa_auth->primary_auth) in wpa_get_primary_auth()
215 return wpa_auth; in wpa_get_primary_auth()
217 ctx.addr = wpa_auth->mld_addr; in wpa_get_primary_auth()
218 ctx.wpa_auth = NULL; in wpa_get_primary_auth()
219 wpa_auth_for_each_auth(wpa_auth, wpa_get_primary_auth_cb, &ctx); in wpa_get_primary_auth()
221 return ctx.wpa_auth; in wpa_get_primary_auth()
223 return wpa_auth; in wpa_get_primary_auth()
229 struct wpa_authenticator *wpa_auth, const u8 *addr) in wpa_auth_mic_failure_report() argument
231 if (wpa_auth->cb->mic_failure_report) in wpa_auth_mic_failure_report()
232 return wpa_auth->cb->mic_failure_report(wpa_auth->cb_ctx, addr); in wpa_auth_mic_failure_report()
238 struct wpa_authenticator *wpa_auth, const u8 *addr) in wpa_auth_psk_failure_report() argument
240 if (wpa_auth->cb->psk_failure_report) in wpa_auth_psk_failure_report()
241 wpa_auth->cb->psk_failure_report(wpa_auth->cb_ctx, addr); in wpa_auth_psk_failure_report()
245 static inline void wpa_auth_set_eapol(struct wpa_authenticator *wpa_auth, in wpa_auth_set_eapol() argument
249 if (wpa_auth->cb->set_eapol) in wpa_auth_set_eapol()
250 wpa_auth->cb->set_eapol(wpa_auth->cb_ctx, addr, var, value); in wpa_auth_set_eapol()
254 static inline int wpa_auth_get_eapol(struct wpa_authenticator *wpa_auth, in wpa_auth_get_eapol() argument
257 if (!wpa_auth->cb->get_eapol) in wpa_auth_get_eapol()
259 return wpa_auth->cb->get_eapol(wpa_auth->cb_ctx, addr, var); in wpa_auth_get_eapol()
263 static inline const u8 * wpa_auth_get_psk(struct wpa_authenticator *wpa_auth, in wpa_auth_get_psk() argument
269 if (!wpa_auth->cb->get_psk) in wpa_auth_get_psk()
271 return wpa_auth->cb->get_psk(wpa_auth->cb_ctx, addr, p2p_dev_addr, in wpa_auth_get_psk()
276 static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth, in wpa_auth_get_msk() argument
279 if (!wpa_auth->cb->get_msk) in wpa_auth_get_msk()
281 return wpa_auth->cb->get_msk(wpa_auth->cb_ctx, addr, msk, len); in wpa_auth_get_msk()
285 static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, in wpa_auth_set_key() argument
291 if (!wpa_auth->cb->set_key) in wpa_auth_set_key()
293 return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx, in wpa_auth_set_key()
299 static inline int wpa_auth_set_ltf_keyseed(struct wpa_authenticator *wpa_auth, in wpa_auth_set_ltf_keyseed() argument
304 if (!wpa_auth->cb->set_ltf_keyseed) in wpa_auth_set_ltf_keyseed()
306 return wpa_auth->cb->set_ltf_keyseed(wpa_auth->cb_ctx, peer_addr, in wpa_auth_set_ltf_keyseed()
312 static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth, in wpa_auth_get_seqnum() argument
317 if (!wpa_auth->cb->get_seqnum) in wpa_auth_get_seqnum()
322 res = wpa_auth->cb->get_seqnum(wpa_auth->cb_ctx, addr, idx, seq); in wpa_auth_get_seqnum()
324 if (!addr && idx < 4 && wpa_auth->conf.gtk_rsc_override_set) { in wpa_auth_get_seqnum()
329 WPA_GET_LE64(wpa_auth->conf.gtk_rsc_override)); in wpa_auth_get_seqnum()
330 os_memcpy(seq, wpa_auth->conf.gtk_rsc_override, in wpa_auth_get_seqnum()
334 wpa_auth->conf.igtk_rsc_override_set) { in wpa_auth_get_seqnum()
339 WPA_GET_LE64(wpa_auth->conf.igtk_rsc_override)); in wpa_auth_get_seqnum()
340 os_memcpy(seq, wpa_auth->conf.igtk_rsc_override, in wpa_auth_get_seqnum()
349 wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr, in wpa_auth_send_eapol() argument
352 if (!wpa_auth->cb->send_eapol) in wpa_auth_send_eapol()
354 return wpa_auth->cb->send_eapol(wpa_auth->cb_ctx, addr, data, data_len, in wpa_auth_send_eapol()
360 static inline int wpa_auth_start_ampe(struct wpa_authenticator *wpa_auth, in wpa_auth_start_ampe() argument
363 if (!wpa_auth->cb->start_ampe) in wpa_auth_start_ampe()
365 return wpa_auth->cb->start_ampe(wpa_auth->cb_ctx, addr); in wpa_auth_start_ampe()
370 int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth, in wpa_auth_for_each_sta() argument
374 if (!wpa_auth->cb->for_each_sta) in wpa_auth_for_each_sta()
376 return wpa_auth->cb->for_each_sta(wpa_auth->cb_ctx, cb, cb_ctx); in wpa_auth_for_each_sta()
380 int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth, in wpa_auth_for_each_auth() argument
384 if (!wpa_auth->cb->for_each_auth) in wpa_auth_for_each_auth()
386 return wpa_auth->cb->for_each_auth(wpa_auth->cb_ctx, cb, cb_ctx); in wpa_auth_for_each_auth()
390 void wpa_auth_store_ptksa(struct wpa_authenticator *wpa_auth, in wpa_auth_store_ptksa() argument
394 if (wpa_auth->cb->store_ptksa) in wpa_auth_store_ptksa()
395 wpa_auth->cb->store_ptksa(wpa_auth->cb_ctx, addr, cipher, in wpa_auth_store_ptksa()
400 static void wpa_auth_remove_ptksa(struct wpa_authenticator *wpa_auth, in wpa_auth_remove_ptksa() argument
403 if (wpa_auth->cb->clear_ptksa) in wpa_auth_remove_ptksa()
404 wpa_auth->cb->clear_ptksa(wpa_auth->cb_ctx, addr, cipher); in wpa_auth_remove_ptksa()
408 void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr, in wpa_auth_logger() argument
411 if (!wpa_auth->cb->logger) in wpa_auth_logger()
413 wpa_auth->cb->logger(wpa_auth->cb_ctx, addr, level, txt); in wpa_auth_logger()
417 void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr, in wpa_auth_vlogger() argument
424 if (!wpa_auth->cb->logger) in wpa_auth_vlogger()
436 wpa_auth_logger(wpa_auth, addr, level, format); in wpa_auth_vlogger()
442 static void wpa_sta_disconnect(struct wpa_authenticator *wpa_auth, in wpa_sta_disconnect() argument
445 if (!wpa_auth->cb->disconnect) in wpa_sta_disconnect()
449 wpa_auth->cb->disconnect(wpa_auth->cb_ctx, addr, reason); in wpa_sta_disconnect()
454 static int wpa_channel_info(struct wpa_authenticator *wpa_auth, in wpa_channel_info() argument
457 if (!wpa_auth->cb->channel_info) in wpa_channel_info()
459 return wpa_auth->cb->channel_info(wpa_auth->cb_ctx, ci); in wpa_channel_info()
464 static int wpa_auth_update_vlan(struct wpa_authenticator *wpa_auth, in wpa_auth_update_vlan() argument
467 if (!wpa_auth->cb->update_vlan) in wpa_auth_update_vlan()
469 return wpa_auth->cb->update_vlan(wpa_auth->cb_ctx, addr, vlan_id); in wpa_auth_update_vlan()
475 struct wpa_authenticator *wpa_auth = eloop_ctx; in wpa_rekey_gmk() local
477 if (random_get_bytes(wpa_auth->group->GMK, WPA_GMK_LEN)) { in wpa_rekey_gmk()
481 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "GMK rekeyd"); in wpa_rekey_gmk()
483 wpa_auth->group->GMK, WPA_GMK_LEN); in wpa_rekey_gmk()
486 if (wpa_auth->conf.wpa_gmk_rekey) { in wpa_rekey_gmk()
487 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0, in wpa_rekey_gmk()
488 wpa_rekey_gmk, wpa_auth, NULL); in wpa_rekey_gmk()
493 static void wpa_rekey_all_groups(struct wpa_authenticator *wpa_auth) in wpa_rekey_all_groups() argument
497 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "rekeying GTK"); in wpa_rekey_all_groups()
498 group = wpa_auth->group; in wpa_rekey_all_groups()
502 MAC2STR(wpa_auth->addr), group->vlan_id); in wpa_rekey_all_groups()
503 wpa_group_get(wpa_auth, group); in wpa_rekey_all_groups()
508 wpa_group_sm_step(wpa_auth, group); in wpa_rekey_all_groups()
512 wpa_group_put(wpa_auth, group); in wpa_rekey_all_groups()
520 static void wpa_update_all_gtks(struct wpa_authenticator *wpa_auth) in wpa_update_all_gtks() argument
524 group = wpa_auth->group; in wpa_update_all_gtks()
526 wpa_group_get(wpa_auth, group); in wpa_update_all_gtks()
528 wpa_group_update_gtk(wpa_auth, group); in wpa_update_all_gtks()
530 wpa_group_put(wpa_auth, group); in wpa_update_all_gtks()
536 static int wpa_update_all_gtks_cb(struct wpa_authenticator *wpa_auth, void *ctx) in wpa_update_all_gtks_cb() argument
540 if (!ether_addr_equal(wpa_auth->mld_addr, mld_addr)) in wpa_update_all_gtks_cb()
543 wpa_update_all_gtks(wpa_auth); in wpa_update_all_gtks_cb()
548 static int wpa_rekey_all_groups_cb(struct wpa_authenticator *wpa_auth, in wpa_rekey_all_groups_cb() argument
553 if (!ether_addr_equal(wpa_auth->mld_addr, mld_addr)) in wpa_rekey_all_groups_cb()
556 wpa_rekey_all_groups(wpa_auth); in wpa_rekey_all_groups_cb()
565 struct wpa_authenticator *wpa_auth = eloop_ctx; in wpa_rekey_gtk() local
568 if (wpa_auth->is_ml) { in wpa_rekey_gtk()
572 if (!wpa_auth->primary_auth) { in wpa_rekey_gtk()
579 wpa_auth_for_each_auth(wpa_auth, wpa_update_all_gtks_cb, in wpa_rekey_gtk()
580 wpa_auth->mld_addr); in wpa_rekey_gtk()
584 wpa_auth_for_each_auth(wpa_auth, wpa_rekey_all_groups_cb, in wpa_rekey_gtk()
585 wpa_auth->mld_addr); in wpa_rekey_gtk()
587 wpa_rekey_all_groups(wpa_auth); in wpa_rekey_gtk()
590 wpa_rekey_all_groups(wpa_auth); in wpa_rekey_gtk()
593 if (wpa_auth->conf.wpa_group_rekey) { in wpa_rekey_gtk()
594 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey, in wpa_rekey_gtk()
595 0, wpa_rekey_gtk, wpa_auth, NULL); in wpa_rekey_gtk()
602 struct wpa_authenticator *wpa_auth = eloop_ctx; in wpa_rekey_ptk() local
605 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, in wpa_rekey_ptk()
614 if (sm && sm->wpa_auth->conf.wpa_ptk_rekey) { in wpa_auth_set_ptk_rekey_timer()
618 sm->wpa_auth->conf.wpa_ptk_rekey); in wpa_auth_set_ptk_rekey_timer()
619 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
620 eloop_register_timeout(sm->wpa_auth->conf.wpa_ptk_rekey, 0, in wpa_auth_set_ptk_rekey_timer()
621 wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
637 struct wpa_authenticator *wpa_auth = ctx; in wpa_auth_pmksa_free_cb() local
638 wpa_auth_for_each_sta(wpa_auth, wpa_auth_pmksa_clear_cb, entry); in wpa_auth_pmksa_free_cb()
642 static int wpa_group_init_gmk_and_counter(struct wpa_authenticator *wpa_auth, in wpa_group_init_gmk_and_counter() argument
657 os_memcpy(buf, wpa_auth->addr, ETH_ALEN); in wpa_group_init_gmk_and_counter()
678 static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth, in wpa_group_init() argument
689 group->GTK_len = wpa_cipher_key_len(wpa_auth->conf.wpa_group); in wpa_group_init()
702 if (wpa_group_init_gmk_and_counter(wpa_auth, group) < 0) { in wpa_group_init()
715 wpa_group_sm_step(wpa_auth, group); in wpa_group_init()
717 wpa_group_sm_step(wpa_auth, group); in wpa_group_init()
736 struct wpa_authenticator *wpa_auth; local
738 wpa_auth = os_zalloc(sizeof(struct wpa_authenticator));
739 if (!wpa_auth)
742 os_memcpy(wpa_auth->addr, addr, ETH_ALEN);
743 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
747 wpa_auth->is_ml = true;
748 wpa_auth->link_id = conf->link_id;
749 wpa_auth->primary_auth = !conf->first_link_auth;
750 os_memcpy(wpa_auth->mld_addr, conf->mld_addr, ETH_ALEN);
754 wpa_auth->cb = cb;
755 wpa_auth->cb_ctx = cb_ctx;
757 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
759 os_free(wpa_auth);
763 wpa_auth->group = wpa_group_init(wpa_auth, 0, 1);
764 if (!wpa_auth->group) {
765 os_free(wpa_auth->wpa_ie);
766 os_free(wpa_auth);
770 wpa_auth->pmksa = pmksa_cache_auth_init(wpa_auth_pmksa_free_cb,
771 wpa_auth);
772 if (!wpa_auth->pmksa) {
774 os_free(wpa_auth->group);
775 os_free(wpa_auth->wpa_ie);
776 os_free(wpa_auth);
781 wpa_auth->ft_pmk_cache = wpa_ft_pmk_cache_init();
782 if (!wpa_auth->ft_pmk_cache) {
784 os_free(wpa_auth->group);
785 os_free(wpa_auth->wpa_ie);
786 pmksa_cache_auth_deinit(wpa_auth->pmksa);
787 os_free(wpa_auth);
792 if (wpa_auth->conf.wpa_gmk_rekey) {
793 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
794 wpa_rekey_gmk, wpa_auth, NULL);
801 if ((!wpa_auth->is_ml || !conf->first_link_auth) &&
802 wpa_auth->conf.wpa_group_rekey) {
804 if (wpa_auth->conf.wpa_group_rekey) {
806 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey, 0,
807 wpa_rekey_gtk, wpa_auth, NULL);
817 wpa_auth->ip_pool = bitfield_alloc(count);
830 return wpa_auth;
834 int wpa_init_keys(struct wpa_authenticator *wpa_auth) argument
836 struct wpa_group *group = wpa_auth->group;
840 wpa_group_sm_step(wpa_auth, group);
842 wpa_group_sm_step(wpa_auth, group);
864 void wpa_deinit(struct wpa_authenticator *wpa_auth) argument
868 eloop_cancel_timeout(wpa_rekey_gmk, wpa_auth, NULL);
872 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
874 pmksa_cache_auth_deinit(wpa_auth->pmksa);
877 wpa_ft_pmk_cache_deinit(wpa_auth->ft_pmk_cache);
878 wpa_auth->ft_pmk_cache = NULL;
879 wpa_ft_deinit(wpa_auth);
883 bitfield_free(wpa_auth->ip_pool);
887 os_free(wpa_auth->wpa_ie);
889 group = wpa_auth->group;
896 wpa_auth_free_conf(&wpa_auth->conf);
897 os_free(wpa_auth);
906 int wpa_reconfig(struct wpa_authenticator *wpa_auth, argument
911 if (!wpa_auth)
914 wpa_auth_free_conf(&wpa_auth->conf);
915 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
916 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
925 group = wpa_auth->group;
926 group->GTK_len = wpa_cipher_key_len(wpa_auth->conf.wpa_group);
928 wpa_group_sm_step(wpa_auth, group);
930 wpa_group_sm_step(wpa_auth, group);
937 wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
942 if (wpa_auth->group->wpa_group_state == WPA_GROUP_FATAL_FAILURE)
952 sm->wpa_auth = wpa_auth;
953 sm->group = wpa_auth->group;
954 wpa_group_get(sm->wpa_auth, sm->group);
963 int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth, argument
966 if (!wpa_auth || !wpa_auth->conf.wpa || !sm)
971 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
982 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
997 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1037 bitfield_clear(sm->wpa_auth->ip_pool, sm->ip_addr_bit);
1052 wpa_group_put(sm->mld_links[link_id].wpa_auth,
1053 sm->mld_links[link_id].wpa_auth->group);
1054 sm->mld_links[link_id].wpa_auth = NULL;
1057 wpa_group_put(sm->wpa_auth, sm->group);
1067 struct wpa_authenticator *wpa_auth; local
1072 wpa_auth = sm->wpa_auth;
1073 if (wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) {
1074 struct wpa_authenticator *primary_auth = wpa_auth;
1076 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1080 if (wpa_auth->is_ml && !wpa_auth->primary_auth)
1081 primary_auth = wpa_get_primary_auth(wpa_auth);
1090 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
1093 eloop_cancel_timeout(wpa_rekey_ptk, wpa_auth, sm);
1114 if (!sm->use_ext_key_id && sm->wpa_auth->conf.wpa_deny_ptk0_rekey) {
1161 static int ft_check_msg_2_of_4(struct wpa_authenticator *wpa_auth, argument
1219 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
1239 os_memcmp(wpa_auth->conf.mobility_domain, mdie->mobility_domain,
1262 static int wpa_receive_error_report(struct wpa_authenticator *wpa_auth, argument
1266 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1270 if (group && wpa_auth->conf.wpa_group != WPA_CIPHER_TKIP) {
1271 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1274 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1277 if (wpa_auth_mic_failure_report(wpa_auth,
1281 wpa_auth->dot11RSNAStatsTKIPRemoteMICFailures++;
1310 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
1357 wpa_auth_update_vlan(sm->wpa_auth, sm->addr, vlan_id) < 0)
1381 static bool wpa_auth_gtk_rekey_in_process(struct wpa_authenticator *wpa_auth) argument
1385 for (group = wpa_auth->group; group; group = group->next) {
1395 static bool wpa_auth_valid_key_desc_ver(struct wpa_authenticator *wpa_auth, argument
1408 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1418 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1426 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1436 static bool wpa_auth_valid_request_counter(struct wpa_authenticator *wpa_auth, argument
1444 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1454 static bool wpa_auth_valid_counter(struct wpa_authenticator *wpa_auth, argument
1463 return wpa_auth_valid_request_counter(wpa_auth, sm,
1481 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1502 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1512 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1517 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1535 void wpa_receive(struct wpa_authenticator *wpa_auth, argument
1550 if (!wpa_auth || !wpa_auth->conf.wpa || !sm)
1623 if (!wpa_auth_valid_key_desc_ver(wpa_auth, sm, ver))
1668 if (!wpa_auth_valid_counter(wpa_auth, sm, key, msg, msgtxt))
1674 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1686 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1706 wpa_sta_disconnect(wpa_auth, sm->addr,
1714 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1724 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1736 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1745 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1749 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1756 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1764 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1777 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1791 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1806 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
1812 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1822 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1830 wpa_auth, sm,
1834 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1839 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1844 wpa_get_primary_auth(wpa_auth),
1846 if (wpa_auth_gtk_rekey_in_process(wpa_auth))
1847 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG,
1850 wpa_rekey_gtk(wpa_get_primary_auth(wpa_auth),
1949 struct wpa_authenticator *wpa_auth = eloop_ctx; local
1953 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
1959 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1966 void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, argument
1972 struct wpa_auth_config *conf = &wpa_auth->conf;
2152 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
2169 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
2177 wpa_auth_set_eapol(wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx, 1);
2179 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len,
2185 static int wpa_auth_get_sta_count(struct wpa_authenticator *wpa_auth) argument
2187 if (!wpa_auth->cb->get_sta_count)
2190 return wpa_auth->cb->get_sta_count(wpa_auth->cb_ctx);
2194 static void wpa_send_eapol(struct wpa_authenticator *wpa_auth, argument
2213 if (wpa_auth->conf.delay_eapol_tx &&
2214 ctr != wpa_auth->conf.wpa_pairwise_update_count) {
2215 wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO,
2220 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len,
2226 if (ctr == 1 && wpa_auth->conf.tx_status) {
2229 else if (wpa_auth_get_sta_count(wpa_auth) > 100)
2236 if (wpa_auth->conf.wpa_disable_eapol_key_retries &&
2248 wpa_send_eapol_timeout, wpa_auth, sm);
2286 wpa_auth_remove_ptksa(sm->wpa_auth, sm->addr, sm->pairwise);
2288 if (wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL,
2293 wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 1, NULL,
2298 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
2309 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
2316 if (wpa_auth_start_ampe(sm->wpa_auth, sm->addr)) {
2366 sm->wpa_auth->conf.wpa_deny_ptk0_rekey) {
2468 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0);
2470 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0);
2475 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
2490 wpa_sta_disconnect(sm->wpa_auth, sm->addr, reason);
2506 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
2508 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1);
2513 static void wpa_group_ensure_init(struct wpa_authenticator *wpa_auth, argument
2536 if (wpa_group_init_gmk_and_counter(wpa_auth, group) < 0 ||
2537 wpa_gtk_update(wpa_auth, group) < 0 ||
2538 wpa_group_config_group_keys(wpa_auth, group) < 0) {
2550 wpa_group_ensure_init(sm->wpa_auth, sm->group);
2614 } else if (wpa_auth_get_msk(sm->wpa_auth, wpa_auth_get_spa(sm),
2647 sm->wpa_auth->cb->get_msk);
2662 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, false);
2672 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, NULL,
2712 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
2722 if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) {
2741 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
2839 sm->wpa_auth->mld_addr, ETH_ALEN, NULL, 0);
2855 wpa_send_eapol(sm->wpa_auth, sm, key_info, NULL,
2872 if (sm->wpa_auth->conf.force_kdk_derivation ||
2873 (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2902 if (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2938 if (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2964 if (sm->wpa_auth->conf.force_kdk_derivation ||
2965 (sm->wpa_auth->conf.secure_ltf &&
2981 if (sm->wpa_auth->conf.secure_ltf &&
2997 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
2998 struct wpa_auth_config *conf = &wpa_auth->conf;
3063 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3079 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3374 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
3403 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN,
3445 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {
3491 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
3498 if (sm->wpa_auth->conf.secure_ltf &&
3500 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
3512 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,
3555 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
3557 if (!wpa_auth->cb->get_sta_tx_params)
3559 return wpa_auth->cb->get_sta_tx_params(wpa_auth->cb_ctx, sm->addr,
3630 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
3643 int owe_ptk_workaround = !!wpa_auth->conf.owe_ptk_workaround;
3658 derive_kdk = sm->wpa_auth->conf.secure_ltf &&
3667 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
3732 if (!sm->wpa_auth->conf.force_kdk_derivation &&
3754 wpa_auth->conf.radius_psk && wpa_auth->cb->request_radius_psk &&
3757 wpa_auth->cb->request_radius_psk(wpa_auth->cb_ctx, sm->addr,
3767 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
3771 wpa_auth_psk_failure_report(sm->wpa_auth, sm->addr);
3823 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3841 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3850 wpa_sta_disconnect(wpa_auth, sm->addr,
3859 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3866 wpa_sta_disconnect(wpa_auth, sm->addr,
3877 if (wpa_channel_info(wpa_auth, &ci) != 0) {
3878 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
3894 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
3899 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
3902 if (wpa_auth->conf.msg_ctx)
3903 wpa_msg(wpa_auth->conf.msg_ctx, MSG_INFO,
3913 if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) {
3914 wpa_sta_disconnect(wpa_auth, sm->addr,
3921 if ((wpa_auth->conf.rsn_override_key_mgmt ||
3922 wpa_auth->conf.rsn_override_key_mgmt_2) &&
3931 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3941 wpa_sta_disconnect(wpa_auth, sm->addr,
3949 wpa_auth->ip_pool && WPA_GET_BE32(sm->ip_addr) == 0) {
3953 idx = bitfield_get_first_zero(wpa_auth->ip_pool);
3955 u32 start = WPA_GET_BE32(wpa_auth->conf.ip_addr_start);
3956 bitfield_set(wpa_auth->ip_pool, idx);
3976 wpa_auth->conf.dpp_pfs != 2 &&
3981 wpa_sta_disconnect(wpa_auth, sm->addr,
3989 wpa_sta_disconnect(wpa_auth, sm->addr,
3995 wpa_auth_update_vlan(wpa_auth, sm->addr, vlan_id) < 0) {
3996 wpa_sta_disconnect(wpa_auth, sm->addr,
4002 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
4042 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
4046 len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4049 if (wpa_auth->conf.tx_bss_auth)
4050 wpa_auth = wpa_auth->conf.tx_bss_auth;
4051 if (sm->mgmt_frame_prot && sm->wpa_auth->conf.beacon_prot) {
4053 len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4066 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
4067 struct wpa_auth_config *conf = &wpa_auth->conf;
4081 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, rsc) < 0)
4099 if (wpa_auth->conf.tx_bss_auth) {
4100 wpa_auth = wpa_auth->conf.tx_bss_auth;
4101 conf = &wpa_auth->conf;
4103 gsm = wpa_auth->group;
4106 if (!sm->wpa_auth->conf.beacon_prot)
4112 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, rsc) < 0)
4153 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {
4258 static void wpa_auth_get_ml_key_info(struct wpa_authenticator *wpa_auth, argument
4261 if (!wpa_auth->cb->get_ml_key_info)
4264 wpa_auth->cb->get_ml_key_info(wpa_auth->cb_ctx, info);
4270 struct wpa_authenticator *wpa_auth; local
4281 wpa_auth = sm->mld_links[link_id].wpa_auth;
4282 if (!wpa_auth || !wpa_auth->group)
4288 kde_len += wpa_auth->group->GTK_len;
4293 if (wpa_auth->conf.tx_bss_auth)
4294 wpa_auth = wpa_auth->conf.tx_bss_auth;
4299 kde_len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4301 if (!wpa_auth->conf.beacon_prot)
4307 kde_len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4331 ml_key_info.beacon_prot = sm->wpa_auth->conf.beacon_prot;
4340 wpa_auth_get_ml_key_info(sm->wpa_auth, &ml_key_info);
4415 if (!sm->wpa_auth->conf.beacon_prot) {
4481 struct wpa_authenticator *wpa_auth; local
4484 wpa_auth = wpa_get_link_auth(sm->wpa_auth, link_id);
4485 if (!wpa_auth)
4491 ie = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4496 ie = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4507 ie = get_vendor_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4512 ie = get_vendor_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4517 ie = get_vendor_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4541 sm->wpa_auth->mld_addr, ETH_ALEN, NULL, 0);
4544 struct wpa_authenticator *wpa_auth; local
4549 wpa_auth = wpa_get_link_auth(sm->wpa_auth, link_id);
4550 if (!wpa_auth)
4553 rsne = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4557 rsnxe = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4582 os_memcpy(pos, wpa_auth->addr, ETH_ALEN);
4598 rsnoe = get_vendor_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4602 rsno2e = get_vendor_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4606 rsnxoe = get_vendor_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4667 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
4692 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
4694 wpa_ie = sm->wpa_auth->wpa_ie;
4695 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
4759 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
4763 wpa_auth_set_key(sm->wpa_auth, 0,
4769 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4775 if (sm->wpa_auth->conf.secure_ltf &&
4778 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
4783 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4822 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
5001 wpa_send_eapol(sm->wpa_auth, sm,
5045 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm),
5073 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
5084 res = wpa_auth_set_key(sm->wpa_auth, 0, 0, sm->addr,
5088 res = wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr,
5092 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
5098 if (sm->wpa_auth->conf.secure_ltf &&
5101 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
5106 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
5116 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,
5122 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
5130 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
5134 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid,
5137 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable,
5139 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, true);
5144 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5147 wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO, "EAPOL-4WAY-HS-COMPLETED "
5151 wpa_ft_push_pmk_r1(sm->wpa_auth, wpa_auth_get_spa(sm));
5160 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
5161 struct wpa_auth_config *conf = &wpa_auth->conf;
5167 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
5196 wpa_auth_get_eapol(wpa_auth, sm->addr,
5207 if (wpa_auth_get_eapol(wpa_auth, sm->addr,
5215 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5216 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5223 if (wpa_auth_get_psk(wpa_auth, sm->addr, sm->p2p_dev_addr,
5231 wpa_auth->conf.radius_psk) {
5236 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5239 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5248 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5249 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5281 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5282 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5318 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5344 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
5345 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
5396 wpa_send_eapol(sm->wpa_auth, sm,
5410 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
5440 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5450 if (wpa_channel_info(wpa_auth, &ci) != 0) {
5451 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5466 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5469 if (wpa_auth->conf.msg_ctx)
5470 wpa_msg(wpa_auth->conf.msg_ctx, MSG_INFO,
5484 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5496 if (sm->wpa_auth->conf.no_disconnect_on_group_keyerror &&
5498 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm),
5501 sm->wpa_auth->conf.wpa_group_update_count);
5506 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5509 sm->wpa_auth->conf.wpa_group_update_count);
5529 sm->wpa_auth->conf.wpa_group_update_count ||
5530 (sm->wpa_auth->conf.wpa_disable_eapol_key_retries &&
5546 static int wpa_gtk_update(struct wpa_authenticator *wpa_auth, argument
5549 struct wpa_auth_config *conf = &wpa_auth->conf;
5556 wpa_auth->addr, group->GNonce,
5567 wpa_auth->addr, group->GNonce,
5574 if (!wpa_auth->non_tx_beacon_prot &&
5580 if (wpa_auth->conf.tx_bss_auth) {
5581 group = wpa_auth->conf.tx_bss_auth->group;
5591 wpa_auth->addr, group->GNonce,
5602 static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth, argument
5620 wpa_gtk_update(wpa_auth, group);
5630 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
5642 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
5679 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5694 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, pos) != 0)
5719 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5722 size_t len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher);
5732 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos) != 0)
5758 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
5759 struct wpa_group *gsm = wpa_auth->group;
5761 size_t len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
5771 if (wpa_auth_get_seqnum(wpa_auth, NULL, gsm->GN_bigtk, pos) != 0)
5797 static void wpa_group_update_gtk(struct wpa_authenticator *wpa_auth, argument
5814 wpa_gtk_update(wpa_auth, group);
5818 static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth, argument
5829 if (wpa_auth->is_ml)
5833 wpa_group_update_gtk(wpa_auth, group);
5845 wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, group);
5851 static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, argument
5854 struct wpa_auth_config *conf = &wpa_auth->conf;
5857 if (wpa_auth_set_key(wpa_auth, group->vlan_id,
5872 wpa_auth_set_key(wpa_auth, group->vlan_id, alg,
5880 if (wpa_auth->conf.tx_bss_auth) {
5881 wpa_auth = wpa_auth->conf.tx_bss_auth;
5882 group = wpa_auth->group;
5886 if (wpa_auth_set_key(wpa_auth, group->vlan_id, alg,
5912 static void wpa_group_fatal_failure(struct wpa_authenticator *wpa_auth, argument
5919 wpa_auth_for_each_sta(wpa_auth, wpa_group_disconnect_cb, group);
5923 static int wpa_group_setkeysdone(struct wpa_authenticator *wpa_auth, argument
5932 if (wpa_group_config_group_keys(wpa_auth, group) < 0) {
5933 wpa_group_fatal_failure(wpa_auth, group);
5941 static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth, argument
5945 wpa_group_gtk_init(wpa_auth, group);
5950 wpa_group_setkeysdone(wpa_auth, group);
5953 wpa_group_setkeys(wpa_auth, group);
5956 wpa_group_setkeysdone(wpa_auth, group);
5958 wpa_group_setkeys(wpa_auth, group);
5970 sm->wpa_auth->group->changed = false;
5974 sm->mld_links[link_id].wpa_auth->group->changed = false;
5985 if (!sm || !sm->wpa_auth)
5987 wpa_group_sm_step(sm->wpa_auth, sm->wpa_auth->group);
5991 wpa_group_sm_step(sm->mld_links[link_id].wpa_auth,
5992 sm->mld_links[link_id].wpa_auth->group);
6005 if (!sm || !sm->wpa_auth)
6007 changed = sm->wpa_auth->group->changed;
6011 changed |= sm->mld_links[link_id].wpa_auth->group->changed;
6074 void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth) argument
6079 if (!wpa_auth)
6082 group = wpa_auth->group;
6091 if (!wpa_auth->conf.tx_bss_auth) {
6096 wpa_gtk_update(wpa_auth, group);
6097 wpa_group_config_group_keys(wpa_auth, group);
6112 int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen) argument
6123 if (!wpa_auth)
6125 conf = &wpa_auth->conf;
6140 wpa_auth->dot11RSNAPMKIDUsed, PMKID_LEN);
6176 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteSelected),
6177 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherSelected),
6178 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherSelected),
6180 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteRequested),
6181 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherRequested),
6182 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherRequested),
6183 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked,
6184 wpa_auth->dot11RSNA4WayHandshakeFailures);
6194 wpa_auth->group->wpa_group_state);
6261 void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth) argument
6263 if (wpa_auth)
6264 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked++;
6353 const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth, size_t *len) argument
6355 if (!wpa_auth)
6357 *len = wpa_auth->wpa_ie_len;
6358 return wpa_auth->wpa_ie;
6367 sm->wpa_auth->conf.disable_pmksa_caching)
6387 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, pmk_len, NULL,
6398 int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth, argument
6403 if (!wpa_auth)
6407 if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, len, NULL,
6409 wpa_auth->addr,
6418 int wpa_auth_pmksa_add_sae(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
6422 if (wpa_auth->conf.disable_pmksa_caching)
6428 if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, pmk_len, pmkid,
6429 NULL, 0, wpa_auth->addr, addr, 0, NULL, akmp))
6443 int wpa_auth_pmksa_add2(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
6449 if (!wpa_auth || wpa_auth->conf.disable_pmksa_caching)
6453 entry = pmksa_cache_auth_add(wpa_auth->pmksa, pmk, pmk_len, pmkid,
6454 NULL, 0, wpa_auth->addr, addr, session_timeout,
6466 void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth, argument
6471 if (!wpa_auth || !wpa_auth->pmksa)
6473 pmksa = pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, NULL);
6477 pmksa_cache_free_entry(wpa_auth->pmksa, pmksa);
6482 int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf, argument
6485 if (!wpa_auth || !wpa_auth->pmksa)
6487 return pmksa_cache_auth_list(wpa_auth->pmksa, buf, len);
6491 void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth) argument
6493 if (wpa_auth && wpa_auth->pmksa)
6494 pmksa_cache_auth_flush(wpa_auth->pmksa);
6501 int wpa_auth_pmksa_list_mesh(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
6504 if (!wpa_auth || !wpa_auth->pmksa)
6507 return pmksa_cache_auth_list_mesh(wpa_auth->pmksa, addr, buf, len);
6530 int wpa_auth_pmksa_add_entry(struct wpa_authenticator *wpa_auth, argument
6535 if (!wpa_auth || !wpa_auth->pmksa)
6538 ret = pmksa_cache_auth_add_entry(wpa_auth->pmksa, entry);
6552 wpa_auth_get_pmksa_cache(struct wpa_authenticator *wpa_auth) argument
6554 if (!wpa_auth || !wpa_auth->pmksa)
6556 return wpa_auth->pmksa;
6561 wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, argument
6564 if (!wpa_auth || !wpa_auth->pmksa)
6566 return pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, pmkid);
6572 struct wpa_authenticator *wpa_auth, argument
6582 os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmksa->pmkid, PMKID_LEN);
6591 static void wpa_group_free(struct wpa_authenticator *wpa_auth, argument
6594 struct wpa_group *prev = wpa_auth->group;
6613 static void wpa_group_get(struct wpa_authenticator *wpa_auth, argument
6617 if (wpa_auth->group == group)
6625 static void wpa_group_put(struct wpa_authenticator *wpa_auth, argument
6629 if (wpa_auth->group == group)
6635 wpa_group_free(wpa_auth, group);
6644 wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id) argument
6648 if (!wpa_auth || !wpa_auth->group)
6653 group = wpa_group_init(wpa_auth, vlan_id, 0);
6657 group->next = wpa_auth->group->next;
6658 wpa_auth->group->next = group;
6670 int wpa_auth_ensure_group(struct wpa_authenticator *wpa_auth, int vlan_id) argument
6674 if (!wpa_auth)
6677 group = wpa_auth->group;
6685 group = wpa_auth_add_group(wpa_auth, vlan_id);
6694 wpa_group_get(wpa_auth, group);
6710 int wpa_auth_release_group(struct wpa_authenticator *wpa_auth, int vlan_id) argument
6715 if (!wpa_auth)
6718 group = wpa_auth->group;
6750 wpa_group_put(wpa_auth, group);
6760 if (!sm || !sm->wpa_auth)
6763 group = sm->wpa_auth->group;
6771 group = wpa_auth_add_group(sm->wpa_auth, vlan_id);
6786 wpa_group_get(sm->wpa_auth, group);
6787 wpa_group_put(sm->wpa_auth, sm->group);
6794 void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth, argument
6797 if (!wpa_auth || !sm)
6816 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
6819 wpa_send_eapol_timeout, wpa_auth, sm);
6860 int wpa_auth_radius_das_disconnect_pmksa(struct wpa_authenticator *wpa_auth, argument
6863 return pmksa_cache_auth_radius_das_disconnect(wpa_auth->pmksa, attr);
6867 void wpa_auth_reconfig_group_keys(struct wpa_authenticator *wpa_auth) argument
6871 if (!wpa_auth)
6873 for (group = wpa_auth->group; group; group = group->next)
6874 wpa_group_config_group_keys(wpa_auth, group);
6903 wpa_auth_pmksa_get_fils_cache_id(struct wpa_authenticator *wpa_auth, argument
6908 if (!wpa_auth->conf.fils_cache_id_set)
6910 idata.auth = wpa_auth;
6911 idata.cache_id = wpa_auth->conf.fils_cache_id;
6915 wpa_auth_for_each_auth(wpa_auth, wpa_auth_fils_iter, &idata);
6921 int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, argument
6925 struct wpa_auth_config *conf = &wpa_auth->conf;
7006 void wpa_auth_set_transition_disable(struct wpa_authenticator *wpa_auth, argument
7009 if (wpa_auth)
7010 wpa_auth->conf.transition_disable = val;
7029 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7031 wpa_send_eapol(sm->wpa_auth, sm,
7045 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
7058 wpa_ie = sm->wpa_auth->wpa_ie;
7059 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
7061 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
7071 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7096 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
7206 wpa_send_eapol(sm->wpa_auth, sm,
7223 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
7234 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7273 wpa_send_eapol(sm->wpa_auth, sm,
7286 int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth) argument
7288 if (!wpa_auth)
7291 wpa_get_primary_auth(wpa_auth), NULL);
7293 wpa_get_primary_auth(wpa_auth), NULL);
7297 int wpa_auth_rekey_ptk(struct wpa_authenticator *wpa_auth, argument
7300 if (!wpa_auth || !sm)
7302 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
7309 void wpa_auth_set_ft_rsnxe_used(struct wpa_authenticator *wpa_auth, int val) argument
7311 if (wpa_auth)
7312 wpa_auth->conf.ft_rsnxe_used = val;
7316 void wpa_auth_set_ocv_override_freq(struct wpa_authenticator *wpa_auth, argument
7320 if (!wpa_auth)
7324 wpa_auth->conf.oci_freq_override_eapol_m3 = freq;
7327 wpa_auth->conf.oci_freq_override_eapol_g1 = freq;
7330 wpa_auth->conf.oci_freq_override_ft_assoc = freq;
7333 wpa_auth->conf.oci_freq_override_fils_assoc = freq;
7378 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7406 ctx.wpa_auth = NULL;
7407 wpa_auth_for_each_auth(sm->wpa_auth,
7409 if (ctx.wpa_auth) {
7410 sm_link->wpa_auth = ctx.wpa_auth;
7411 wpa_group_get(sm_link->wpa_auth,
7412 sm_link->wpa_auth->group);
7415 sm_link->wpa_auth = sm->wpa_auth;
7418 if (!sm_link->wpa_auth)
7422 MAC2STR(sm->wpa_auth->mld_addr),