2 *************************************************************************
4 * 5F., No.36, Taiyuan St., Jhubei City,
8 * (c) Copyright 2002-2007, Ralink Technology, Inc.
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
15 * This program is distributed in the hope that it will be useful, *
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
18 * GNU General Public License for more details. *
20 * You should have received a copy of the GNU General Public License *
21 * along with this program; if not, write to the *
22 * Free Software Foundation, Inc., *
23 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 *************************************************************************
34 -------- ---------- ----------------------------------------------
35 John 2004-9-3 porting from RT2500
37 #include "../rt_config.h"
39 UCHAR CipherWpaTemplate[] = {
42 0x00, 0x50, 0xf2, 0x01, // oui
43 0x01, 0x00, // Version
44 0x00, 0x50, 0xf2, 0x02, // Multicast
45 0x01, 0x00, // Number of unicast
46 0x00, 0x50, 0xf2, 0x02, // unicast
47 0x01, 0x00, // number of authentication method
48 0x00, 0x50, 0xf2, 0x01 // authentication
51 UCHAR CipherWpa2Template[] = {
54 0x01, 0x00, // Version
55 0x00, 0x0f, 0xac, 0x02, // group cipher, TKIP
56 0x01, 0x00, // number of pairwise
57 0x00, 0x0f, 0xac, 0x02, // unicast
58 0x01, 0x00, // number of authentication method
59 0x00, 0x0f, 0xac, 0x02, // authentication
60 0x00, 0x00, // RSN capability
63 UCHAR Ccx2IeInfo[] = { 0x00, 0x40, 0x96, 0x03, 0x02};
66 ==========================================================================
68 association state machine init, including state transition and timer init
70 S - pointer to the association state machine
74 ==========================================================================
76 VOID AssocStateMachineInit(
79 OUT STATE_MACHINE_FUNC Trans[])
81 StateMachineInit(S, Trans, MAX_ASSOC_STATE, MAX_ASSOC_MSG, (STATE_MACHINE_FUNC)Drop, ASSOC_IDLE, ASSOC_MACHINE_BASE);
84 StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)MlmeAssocReqAction);
85 StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)MlmeReassocReqAction);
86 StateMachineSetAction(S, ASSOC_IDLE, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)MlmeDisassocReqAction);
87 StateMachineSetAction(S, ASSOC_IDLE, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
90 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc);
91 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc);
92 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate);
93 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
94 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_ASSOC_RSP, (STATE_MACHINE_FUNC)PeerAssocRspAction);
96 // Patch 3Com AP MOde:3CRWE454G72
97 // We send Assoc request frame to this AP, it always send Reassoc Rsp not Associate Rsp.
99 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_PEER_REASSOC_RSP, (STATE_MACHINE_FUNC)PeerAssocRspAction);
100 StateMachineSetAction(S, ASSOC_WAIT_RSP, MT2_ASSOC_TIMEOUT, (STATE_MACHINE_FUNC)AssocTimeoutAction);
103 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc);
104 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc);
105 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate);
106 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
107 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_REASSOC_RSP, (STATE_MACHINE_FUNC)PeerReassocRspAction);
109 // Patch, AP doesn't send Reassociate Rsp frame to Station.
111 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_PEER_ASSOC_RSP, (STATE_MACHINE_FUNC)PeerReassocRspAction);
112 StateMachineSetAction(S, REASSOC_WAIT_RSP, MT2_REASSOC_TIMEOUT, (STATE_MACHINE_FUNC)ReassocTimeoutAction);
115 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_ASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenAssoc);
116 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_REASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenReassoc);
117 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_MLME_DISASSOC_REQ, (STATE_MACHINE_FUNC)InvalidStateWhenDisassociate);
118 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_PEER_DISASSOC_REQ, (STATE_MACHINE_FUNC)PeerDisassocAction);
119 StateMachineSetAction(S, DISASSOC_WAIT_RSP, MT2_DISASSOC_TIMEOUT, (STATE_MACHINE_FUNC)DisassocTimeoutAction);
121 // initialize the timer
122 RTMPInitTimer(pAd, &pAd->MlmeAux.AssocTimer, GET_TIMER_FUNCTION(AssocTimeout), pAd, FALSE);
123 RTMPInitTimer(pAd, &pAd->MlmeAux.ReassocTimer, GET_TIMER_FUNCTION(ReassocTimeout), pAd, FALSE);
124 RTMPInitTimer(pAd, &pAd->MlmeAux.DisassocTimer, GET_TIMER_FUNCTION(DisassocTimeout), pAd, FALSE);
128 ==========================================================================
130 Association timeout procedure. After association timeout, this function
131 will be called and it will put a message into the MLME queue
133 Standard timer parameters
135 IRQL = DISPATCH_LEVEL
137 ==========================================================================
139 VOID AssocTimeout(IN PVOID SystemSpecific1,
140 IN PVOID FunctionContext,
141 IN PVOID SystemSpecific2,
142 IN PVOID SystemSpecific3)
144 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
146 // Do nothing if the driver is starting halt state.
147 // This might happen when timer already been fired before cancel timer with mlmehalt
148 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
151 MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_ASSOC_TIMEOUT, 0, NULL);
152 RTMP_MLME_HANDLER(pAd);
156 ==========================================================================
158 Reassociation timeout procedure. After reassociation timeout, this
159 function will be called and put a message into the MLME queue
161 Standard timer parameters
163 IRQL = DISPATCH_LEVEL
165 ==========================================================================
167 VOID ReassocTimeout(IN PVOID SystemSpecific1,
168 IN PVOID FunctionContext,
169 IN PVOID SystemSpecific2,
170 IN PVOID SystemSpecific3)
172 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
174 // Do nothing if the driver is starting halt state.
175 // This might happen when timer already been fired before cancel timer with mlmehalt
176 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
179 MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_REASSOC_TIMEOUT, 0, NULL);
180 RTMP_MLME_HANDLER(pAd);
184 ==========================================================================
186 Disassociation timeout procedure. After disassociation timeout, this
187 function will be called and put a message into the MLME queue
189 Standard timer parameters
191 IRQL = DISPATCH_LEVEL
193 ==========================================================================
195 VOID DisassocTimeout(IN PVOID SystemSpecific1,
196 IN PVOID FunctionContext,
197 IN PVOID SystemSpecific2,
198 IN PVOID SystemSpecific3)
200 RTMP_ADAPTER *pAd = (RTMP_ADAPTER *)FunctionContext;
202 // Do nothing if the driver is starting halt state.
203 // This might happen when timer already been fired before cancel timer with mlmehalt
204 if (RTMP_TEST_FLAG(pAd, fRTMP_ADAPTER_HALT_IN_PROGRESS | fRTMP_ADAPTER_NIC_NOT_EXIST))
207 MlmeEnqueue(pAd, ASSOC_STATE_MACHINE, MT2_DISASSOC_TIMEOUT, 0, NULL);
208 RTMP_MLME_HANDLER(pAd);
212 ==========================================================================
214 mlme assoc req handling procedure
216 Adapter - Adapter pointer
217 Elem - MLME Queue Element
219 the station has been authenticated and the following information is stored in the config
221 -# supported rates and their length
222 -# listen interval (Adapter->StaCfg.default_listen_count)
223 -# Transmit power (Adapter->StaCfg.tx_power)
225 -# An association request frame is generated and sent to the air
226 -# Association timer starts
227 -# Association state -> ASSOC_WAIT_RSP
229 IRQL = DISPATCH_LEVEL
231 ==========================================================================
233 VOID MlmeAssocReqAction(
234 IN PRTMP_ADAPTER pAd,
235 IN MLME_QUEUE_ELEM *Elem)
238 HEADER_802_11 AssocHdr;
239 UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00};
242 USHORT CapabilityInfo;
243 BOOLEAN TimerCancelled;
244 PUCHAR pOutBuffer = NULL;
251 // Block all authentication request durning WPA block period
252 if (pAd->StaCfg.bBlockAssoc == TRUE)
254 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Block Assoc request durning WPA block period!\n"));
255 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
256 Status = MLME_STATE_MACHINE_REJECT;
257 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
259 // check sanity first
260 else if (MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv))
262 RTMPCancelTimer(&pAd->MlmeAux.AssocTimer, &TimerCancelled);
263 COPY_MAC_ADDR(pAd->MlmeAux.Bssid, ApAddr);
265 // Get an unused nonpaged memory
266 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer);
267 if (NStatus != NDIS_STATUS_SUCCESS)
269 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeAssocReqAction() allocate memory failed \n"));
270 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
271 Status = MLME_FAIL_NO_RESOURCE;
272 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
276 // Add by James 03/06/27
277 pAd->StaCfg.AssocInfo.Length = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
278 // Association don't need to report MAC address
279 pAd->StaCfg.AssocInfo.AvailableRequestFixedIEs =
280 NDIS_802_11_AI_REQFI_CAPABILITIES | NDIS_802_11_AI_REQFI_LISTENINTERVAL;
281 pAd->StaCfg.AssocInfo.RequestFixedIEs.Capabilities = CapabilityInfo;
282 pAd->StaCfg.AssocInfo.RequestFixedIEs.ListenInterval = ListenIntv;
283 // Only reassociate need this
284 //COPY_MAC_ADDR(pAd->StaCfg.AssocInfo.RequestFixedIEs.CurrentAPAddress, ApAddr);
285 pAd->StaCfg.AssocInfo.OffsetRequestIEs = sizeof(NDIS_802_11_ASSOCIATION_INFORMATION);
287 NdisZeroMemory(pAd->StaCfg.ReqVarIEs, MAX_VIE_LEN);
290 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &SsidIe, 1);
292 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SsidLen, 1);
294 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->MlmeAux.Ssid, pAd->MlmeAux.SsidLen);
295 VarIesOffset += pAd->MlmeAux.SsidLen;
297 // Second add Supported rates
298 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &SupRateIe, 1);
300 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->MlmeAux.SupRateLen, 1);
302 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->MlmeAux.SupRate, pAd->MlmeAux.SupRateLen);
303 VarIesOffset += pAd->MlmeAux.SupRateLen;
306 if ((pAd->CommonCfg.Channel > 14) &&
307 (pAd->CommonCfg.bIEEE80211H == TRUE))
308 CapabilityInfo |= 0x0100;
310 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send ASSOC request...\n"));
311 MgtMacHeaderInit(pAd, &AssocHdr, SUBTYPE_ASSOC_REQ, 0, ApAddr, ApAddr);
313 // Build basic frame first
314 MakeOutgoingFrame(pOutBuffer, &FrameLen,
315 sizeof(HEADER_802_11), &AssocHdr,
319 1, &pAd->MlmeAux.SsidLen,
320 pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid,
322 1, &pAd->MlmeAux.SupRateLen,
323 pAd->MlmeAux.SupRateLen, pAd->MlmeAux.SupRate,
326 if (pAd->MlmeAux.ExtRateLen != 0)
328 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
330 1, &pAd->MlmeAux.ExtRateLen,
331 pAd->MlmeAux.ExtRateLen, pAd->MlmeAux.ExtRate,
337 if ((pAd->MlmeAux.HtCapabilityLen > 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED))
341 UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33};
342 if (pAd->StaActive.SupportedPhyInfo.bPreNHt == TRUE)
344 HtLen = SIZE_HT_CAP_IE + 4;
345 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
349 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
354 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
356 1, &pAd->MlmeAux.HtCapabilityLen,
357 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
363 // add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION
364 // Case I: (Aggregation + Piggy-Back)
365 // 1. user enable aggregation, AND
366 // 2. Mac support piggy-back
367 // 3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON
368 // Case II: (Aggregation)
369 // 1. user enable aggregation, AND
370 // 2. AP annouces it's AGGREGATION-capable in BEACON
371 if (pAd->CommonCfg.bAggregationCapable)
373 if ((pAd->CommonCfg.bPiggyBackCapable) && ((pAd->MlmeAux.APRalinkIe & 0x00000003) == 3))
376 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00};
377 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
382 else if (pAd->MlmeAux.APRalinkIe & 0x00000001)
385 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00};
386 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
395 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x06, 0x00, 0x00, 0x00};
396 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
402 if (pAd->MlmeAux.APEdcaParm.bValid)
404 if (pAd->CommonCfg.bAPSDCapable && pAd->MlmeAux.APEdcaParm.bAPSDCapable)
406 QBSS_STA_INFO_PARM QosInfo;
408 NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM));
409 QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE;
410 QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK;
411 QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI;
412 QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO;
413 QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength;
414 WmeIe[8] |= *(PUCHAR)&QosInfo;
418 // The Parameter Set Count is set to ¡§0¡¨ in the association request frames
419 // WmeIe[8] |= (pAd->MlmeAux.APEdcaParm.EdcaUpdateCount & 0x0f);
422 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
429 // Let WPA(#221) Element ID on the end of this association frame.
430 // Otherwise some AP will fail on parsing Element ID and set status fail on Assoc Rsp.
431 // For example: Put Vendor Specific IE on the front of WPA IE.
432 // This happens on AP (Model No:Linksys WRK54G)
434 if (((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK) ||
435 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) ||
436 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA) ||
437 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2)
441 UCHAR RSNIe = IE_WPA;
443 if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK) ||
444 (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2))
449 if ((pAd->StaCfg.WpaSupplicantUP != WPA_SUPPLICANT_ENABLE) &&
450 (pAd->StaCfg.bRSN_IE_FromWpaSupplicant == FALSE))
451 RTMPMakeRSNIE(pAd, pAd->StaCfg.AuthMode, pAd->StaCfg.WepStatus, BSS0);
453 // Check for WPA PMK cache list
454 if (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2)
457 BOOLEAN FoundPMK = FALSE;
458 // Search chched PMKID, append it if existed
459 for (idx = 0; idx < PMKID_NO; idx++)
461 if (NdisEqualMemory(ApAddr, &pAd->StaCfg.SavedPMK[idx].BSSID, 6))
469 When AuthMode is WPA2-Enterprise and AP reboot or STA lost AP,
470 AP would not do PMK cache with STA after STA re-connect to AP again.
471 In this case, driver doesn't need to send PMKID to AP and WpaSupplicant.
473 if ((pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2) &&
474 (NdisEqualMemory(pAd->MlmeAux.Bssid, pAd->CommonCfg.LastBssid, MAC_ADDR_LEN)))
482 *(PUSHORT) &pAd->StaCfg.RSN_IE[pAd->StaCfg.RSNIE_Len] = 1;
483 NdisMoveMemory(&pAd->StaCfg.RSN_IE[pAd->StaCfg.RSNIE_Len + 2], &pAd->StaCfg.SavedPMK[idx].PMKID, 16);
484 pAd->StaCfg.RSNIE_Len += 18;
488 if ((pAd->StaCfg.WpaSupplicantUP == WPA_SUPPLICANT_ENABLE) &&
489 (pAd->StaCfg.bRSN_IE_FromWpaSupplicant == TRUE))
491 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
492 pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE,
497 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
499 1, &pAd->StaCfg.RSNIE_Len,
500 pAd->StaCfg.RSNIE_Len, pAd->StaCfg.RSN_IE,
506 if ((pAd->StaCfg.WpaSupplicantUP != WPA_SUPPLICANT_ENABLE) ||
507 (pAd->StaCfg.bRSN_IE_FromWpaSupplicant == FALSE))
509 // Append Variable IE
510 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &RSNIe, 1);
512 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, &pAd->StaCfg.RSNIE_Len, 1);
515 NdisMoveMemory(pAd->StaCfg.ReqVarIEs + VarIesOffset, pAd->StaCfg.RSN_IE, pAd->StaCfg.RSNIE_Len);
516 VarIesOffset += pAd->StaCfg.RSNIE_Len;
518 // Set Variable IEs Length
519 pAd->StaCfg.ReqVarIELen = VarIesOffset;
523 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
524 MlmeFreeMemory(pAd, pOutBuffer);
526 RTMPSetTimer(&pAd->MlmeAux.AssocTimer, Timeout);
527 pAd->Mlme.AssocMachine.CurrState = ASSOC_WAIT_RSP;
531 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeAssocReqAction() sanity check failed. BUG!!!!!! \n"));
532 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
533 Status = MLME_INVALID_FORMAT;
534 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
540 ==========================================================================
542 mlme reassoc req handling procedure
546 -# SSID (Adapter->StaCfg.ssid[])
547 -# BSSID (AP address, Adapter->StaCfg.bssid)
548 -# Supported rates (Adapter->StaCfg.supported_rates[])
549 -# Supported rates length (Adapter->StaCfg.supported_rates_len)
550 -# Tx power (Adapter->StaCfg.tx_power)
552 IRQL = DISPATCH_LEVEL
554 ==========================================================================
556 VOID MlmeReassocReqAction(
557 IN PRTMP_ADAPTER pAd,
558 IN MLME_QUEUE_ELEM *Elem)
561 HEADER_802_11 ReassocHdr;
562 UCHAR WmeIe[9] = {IE_VENDOR_SPECIFIC, 0x07, 0x00, 0x50, 0xf2, 0x02, 0x00, 0x01, 0x00};
563 USHORT CapabilityInfo, ListenIntv;
566 BOOLEAN TimerCancelled;
569 PUCHAR pOutBuffer = NULL;
572 // Block all authentication request durning WPA block period
573 if (pAd->StaCfg.bBlockAssoc == TRUE)
575 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Block ReAssoc request durning WPA block period!\n"));
576 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
577 Status = MLME_STATE_MACHINE_REJECT;
578 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
580 // the parameters are the same as the association
581 else if(MlmeAssocReqSanity(pAd, Elem->Msg, Elem->MsgLen, ApAddr, &CapabilityInfo, &Timeout, &ListenIntv))
583 RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer, &TimerCancelled);
585 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
586 if(NStatus != NDIS_STATUS_SUCCESS)
588 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeReassocReqAction() allocate memory failed \n"));
589 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
590 Status = MLME_FAIL_NO_RESOURCE;
591 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
595 COPY_MAC_ADDR(pAd->MlmeAux.Bssid, ApAddr);
597 // make frame, use bssid as the AP address??
598 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send RE-ASSOC request...\n"));
599 MgtMacHeaderInit(pAd, &ReassocHdr, SUBTYPE_REASSOC_REQ, 0, ApAddr, ApAddr);
600 MakeOutgoingFrame(pOutBuffer, &FrameLen,
601 sizeof(HEADER_802_11), &ReassocHdr,
604 MAC_ADDR_LEN, ApAddr,
606 1, &pAd->MlmeAux.SsidLen,
607 pAd->MlmeAux.SsidLen, pAd->MlmeAux.Ssid,
609 1, &pAd->MlmeAux.SupRateLen,
610 pAd->MlmeAux.SupRateLen, pAd->MlmeAux.SupRate,
613 if (pAd->MlmeAux.ExtRateLen != 0)
615 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
617 1, &pAd->MlmeAux.ExtRateLen,
618 pAd->MlmeAux.ExtRateLen, pAd->MlmeAux.ExtRate,
623 if (pAd->MlmeAux.APEdcaParm.bValid)
625 if (pAd->CommonCfg.bAPSDCapable && pAd->MlmeAux.APEdcaParm.bAPSDCapable)
627 QBSS_STA_INFO_PARM QosInfo;
629 NdisZeroMemory(&QosInfo, sizeof(QBSS_STA_INFO_PARM));
630 QosInfo.UAPSD_AC_BE = pAd->CommonCfg.bAPSDAC_BE;
631 QosInfo.UAPSD_AC_BK = pAd->CommonCfg.bAPSDAC_BK;
632 QosInfo.UAPSD_AC_VI = pAd->CommonCfg.bAPSDAC_VI;
633 QosInfo.UAPSD_AC_VO = pAd->CommonCfg.bAPSDAC_VO;
634 QosInfo.MaxSPLength = pAd->CommonCfg.MaxSPLength;
635 WmeIe[8] |= *(PUCHAR)&QosInfo;
638 MakeOutgoingFrame(pOutBuffer + FrameLen, &tmp,
645 if ((pAd->MlmeAux.HtCapabilityLen > 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED))
649 UCHAR BROADCOM[4] = {0x0, 0x90, 0x4c, 0x33};
650 if (pAd->StaActive.SupportedPhyInfo.bPreNHt == TRUE)
652 HtLen = SIZE_HT_CAP_IE + 4;
653 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
657 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
662 MakeOutgoingFrame(pOutBuffer + FrameLen, &TmpLen,
664 1, &pAd->MlmeAux.HtCapabilityLen,
665 pAd->MlmeAux.HtCapabilityLen, &pAd->MlmeAux.HtCapability,
671 // add Ralink proprietary IE to inform AP this STA is going to use AGGREGATION or PIGGY-BACK+AGGREGATION
672 // Case I: (Aggregation + Piggy-Back)
673 // 1. user enable aggregation, AND
674 // 2. Mac support piggy-back
675 // 3. AP annouces it's PIGGY-BACK+AGGREGATION-capable in BEACON
676 // Case II: (Aggregation)
677 // 1. user enable aggregation, AND
678 // 2. AP annouces it's AGGREGATION-capable in BEACON
679 if (pAd->CommonCfg.bAggregationCapable)
681 if ((pAd->CommonCfg.bPiggyBackCapable) && ((pAd->MlmeAux.APRalinkIe & 0x00000003) == 3))
684 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x03, 0x00, 0x00, 0x00};
685 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
690 else if (pAd->MlmeAux.APRalinkIe & 0x00000001)
693 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x01, 0x00, 0x00, 0x00};
694 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
703 UCHAR RalinkIe[9] = {IE_VENDOR_SPECIFIC, 7, 0x00, 0x0c, 0x43, 0x04, 0x00, 0x00, 0x00};
704 MakeOutgoingFrame(pOutBuffer+FrameLen, &TmpLen,
710 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
711 MlmeFreeMemory(pAd, pOutBuffer);
713 RTMPSetTimer(&pAd->MlmeAux.ReassocTimer, Timeout); /* in mSec */
714 pAd->Mlme.AssocMachine.CurrState = REASSOC_WAIT_RSP;
718 DBGPRINT(RT_DEBUG_TRACE,("ASSOC - MlmeReassocReqAction() sanity check failed. BUG!!!! \n"));
719 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
720 Status = MLME_INVALID_FORMAT;
721 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
726 ==========================================================================
728 Upper layer issues disassoc request
734 ==========================================================================
736 VOID MlmeDisassocReqAction(
737 IN PRTMP_ADAPTER pAd,
738 IN MLME_QUEUE_ELEM *Elem)
740 PMLME_DISASSOC_REQ_STRUCT pDisassocReq;
741 HEADER_802_11 DisassocHdr;
742 PHEADER_802_11 pDisassocHdr;
743 PUCHAR pOutBuffer = NULL;
746 BOOLEAN TimerCancelled;
752 pDisassocReq = (PMLME_DISASSOC_REQ_STRUCT)(Elem->Msg);
754 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
755 if (NStatus != NDIS_STATUS_SUCCESS)
757 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - MlmeDisassocReqAction() allocate memory failed\n"));
758 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
759 Status = MLME_FAIL_NO_RESOURCE;
760 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status);
766 RTMPCancelTimer(&pAd->MlmeAux.DisassocTimer, &TimerCancelled);
768 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Send DISASSOC request[BSSID::%02x:%02x:%02x:%02x:%02x:%02x (Reason=%d)\n",
769 pDisassocReq->Addr[0], pDisassocReq->Addr[1], pDisassocReq->Addr[2],
770 pDisassocReq->Addr[3], pDisassocReq->Addr[4], pDisassocReq->Addr[5], pDisassocReq->Reason));
771 MgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pDisassocReq->Addr, pDisassocReq->Addr); // patch peap ttls switching issue
772 MakeOutgoingFrame(pOutBuffer, &FrameLen,
773 sizeof(HEADER_802_11),&DisassocHdr,
774 2, &pDisassocReq->Reason,
776 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
778 // To patch Instance and Buffalo(N) AP
779 // Driver has to send deauth to Instance AP, but Buffalo(N) needs to send disassoc to reset Authenticator's state machine
780 // Therefore, we send both of them.
781 pDisassocHdr = (PHEADER_802_11)pOutBuffer;
782 pDisassocHdr->FC.SubType = SUBTYPE_DEAUTH;
783 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
785 MlmeFreeMemory(pAd, pOutBuffer);
787 pAd->StaCfg.DisassocReason = REASON_DISASSOC_STA_LEAVING;
788 COPY_MAC_ADDR(pAd->StaCfg.DisassocSta, pDisassocReq->Addr);
790 RTMPSetTimer(&pAd->MlmeAux.DisassocTimer, Timeout); /* in mSec */
791 pAd->Mlme.AssocMachine.CurrState = DISASSOC_WAIT_RSP;
794 RtmpOSWrielessEventSend(pAd, SIOCGIWAP, -1, NULL, NULL, 0);
799 ==========================================================================
801 peer sends assoc rsp back
803 Elme - MLME message containing the received frame
805 IRQL = DISPATCH_LEVEL
807 ==========================================================================
809 VOID PeerAssocRspAction(
810 IN PRTMP_ADAPTER pAd,
811 IN MLME_QUEUE_ELEM *Elem)
813 USHORT CapabilityInfo, Status, Aid;
814 UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], SupRateLen;
815 UCHAR ExtRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRateLen;
816 UCHAR Addr2[MAC_ADDR_LEN];
817 BOOLEAN TimerCancelled;
820 HT_CAPABILITY_IE HtCapability;
821 ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE
822 UCHAR HtCapabilityLen = 0;
824 UCHAR NewExtChannelOffset = 0xff;
826 if (PeerAssocRspSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &CapabilityInfo, &Status, &Aid, SupRate, &SupRateLen, ExtRate, &ExtRateLen,
827 &HtCapability,&AddHtInfo, &HtCapabilityLen,&AddHtInfoLen,&NewExtChannelOffset, &EdcaParm, &CkipFlag))
829 // The frame is for me ?
830 if(MAC_ADDR_EQUAL(Addr2, pAd->MlmeAux.Bssid))
832 DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspAction():ASSOC - receive ASSOC_RSP to me (status=%d)\n", Status));
833 DBGPRINT(RT_DEBUG_TRACE, ("PeerAssocRspAction():MacTable [%d].AMsduSize = %d. ClientStatusFlags = 0x%lx \n",Elem->Wcid, pAd->MacTab.Content[BSSID_WCID].AMsduSize, pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags));
834 RTMPCancelTimer(&pAd->MlmeAux.AssocTimer, &TimerCancelled);
837 if(Status == MLME_SUCCESS)
839 UCHAR MaxSupportedRateIn500Kbps = 0;
842 // supported rates array may not be sorted. sort it and find the maximum rate
843 for (idx=0; idx<SupRateLen; idx++)
845 if (MaxSupportedRateIn500Kbps < (SupRate[idx] & 0x7f))
846 MaxSupportedRateIn500Kbps = SupRate[idx] & 0x7f;
849 for (idx=0; idx<ExtRateLen; idx++)
851 if (MaxSupportedRateIn500Kbps < (ExtRate[idx] & 0x7f))
852 MaxSupportedRateIn500Kbps = ExtRate[idx] & 0x7f;
854 // go to procedure listed on page 376
855 AssocPostProc(pAd, Addr2, CapabilityInfo, Aid, SupRate, SupRateLen, ExtRate, ExtRateLen,
856 &EdcaParm, &HtCapability, HtCapabilityLen, &AddHtInfo);
858 StaAddMacTableEntry(pAd,
859 &pAd->MacTab.Content[BSSID_WCID],
860 MaxSupportedRateIn500Kbps,
867 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
868 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
873 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerAssocRspAction() sanity check fail\n"));
878 ==========================================================================
880 peer sends reassoc rsp
882 Elem - MLME message cntaining the received frame
884 IRQL = DISPATCH_LEVEL
886 ==========================================================================
888 VOID PeerReassocRspAction(
889 IN PRTMP_ADAPTER pAd,
890 IN MLME_QUEUE_ELEM *Elem)
892 USHORT CapabilityInfo;
895 UCHAR SupRate[MAX_LEN_OF_SUPPORTED_RATES], SupRateLen;
896 UCHAR ExtRate[MAX_LEN_OF_SUPPORTED_RATES], ExtRateLen;
897 UCHAR Addr2[MAC_ADDR_LEN];
899 BOOLEAN TimerCancelled;
901 HT_CAPABILITY_IE HtCapability;
902 ADD_HT_INFO_IE AddHtInfo; // AP might use this additional ht info IE
903 UCHAR HtCapabilityLen;
905 UCHAR NewExtChannelOffset = 0xff;
907 if(PeerAssocRspSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &CapabilityInfo, &Status, &Aid, SupRate, &SupRateLen, ExtRate, &ExtRateLen,
908 &HtCapability, &AddHtInfo, &HtCapabilityLen, &AddHtInfoLen,&NewExtChannelOffset, &EdcaParm, &CkipFlag))
910 if(MAC_ADDR_EQUAL(Addr2, pAd->MlmeAux.Bssid)) // The frame is for me ?
912 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - receive REASSOC_RSP to me (status=%d)\n", Status));
913 RTMPCancelTimer(&pAd->MlmeAux.ReassocTimer, &TimerCancelled);
915 if(Status == MLME_SUCCESS)
917 // go to procedure listed on page 376
918 AssocPostProc(pAd, Addr2, CapabilityInfo, Aid, SupRate, SupRateLen, ExtRate, ExtRateLen,
919 &EdcaParm, &HtCapability, HtCapabilityLen, &AddHtInfo);
923 wext_notify_event_assoc(pAd);
924 RtmpOSWrielessEventSend(pAd, SIOCGIWAP, -1, &pAd->MlmeAux.Bssid[0], NULL, 0);
929 // CkipFlag is no use for reassociate
930 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
931 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
936 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerReassocRspAction() sanity check fail\n"));
942 ==========================================================================
944 procedures on IEEE 802.11/1999 p.376
947 IRQL = DISPATCH_LEVEL
949 ==========================================================================
952 IN PRTMP_ADAPTER pAd,
954 IN USHORT CapabilityInfo,
960 IN PEDCA_PARM pEdcaParm,
961 IN HT_CAPABILITY_IE *pHtCapability,
962 IN UCHAR HtCapabilityLen,
963 IN ADD_HT_INFO_IE *pAddHtInfo) // AP might use this additional ht info IE
967 pAd->MlmeAux.BssType = BSS_INFRA;
968 COPY_MAC_ADDR(pAd->MlmeAux.Bssid, pAddr2);
969 pAd->MlmeAux.Aid = Aid;
970 pAd->MlmeAux.CapabilityInfo = CapabilityInfo & SUPPORTED_CAPABILITY_INFO;
972 // Some HT AP might lost WMM IE. We add WMM ourselves. beacuase HT requires QoS on.
973 if ((HtCapabilityLen > 0) && (pEdcaParm->bValid == FALSE))
975 pEdcaParm->bValid = TRUE;
976 pEdcaParm->Aifsn[0] = 3;
977 pEdcaParm->Aifsn[1] = 7;
978 pEdcaParm->Aifsn[2] = 2;
979 pEdcaParm->Aifsn[3] = 2;
981 pEdcaParm->Cwmin[0] = 4;
982 pEdcaParm->Cwmin[1] = 4;
983 pEdcaParm->Cwmin[2] = 3;
984 pEdcaParm->Cwmin[3] = 2;
986 pEdcaParm->Cwmax[0] = 10;
987 pEdcaParm->Cwmax[1] = 10;
988 pEdcaParm->Cwmax[2] = 4;
989 pEdcaParm->Cwmax[3] = 3;
991 pEdcaParm->Txop[0] = 0;
992 pEdcaParm->Txop[1] = 0;
993 pEdcaParm->Txop[2] = 96;
994 pEdcaParm->Txop[3] = 48;
998 NdisMoveMemory(&pAd->MlmeAux.APEdcaParm, pEdcaParm, sizeof(EDCA_PARM));
1000 // filter out un-supported rates
1001 pAd->MlmeAux.SupRateLen = SupRateLen;
1002 NdisMoveMemory(pAd->MlmeAux.SupRate, SupRate, SupRateLen);
1003 RTMPCheckRates(pAd, pAd->MlmeAux.SupRate, &pAd->MlmeAux.SupRateLen);
1005 // filter out un-supported rates
1006 pAd->MlmeAux.ExtRateLen = ExtRateLen;
1007 NdisMoveMemory(pAd->MlmeAux.ExtRate, ExtRate, ExtRateLen);
1008 RTMPCheckRates(pAd, pAd->MlmeAux.ExtRate, &pAd->MlmeAux.ExtRateLen);
1010 if (HtCapabilityLen > 0)
1012 RTMPCheckHt(pAd, BSSID_WCID, pHtCapability, pAddHtInfo);
1014 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> AP.AMsduSize = %d. ClientStatusFlags = 0x%lx \n", pAd->MacTab.Content[BSSID_WCID].AMsduSize, pAd->MacTab.Content[BSSID_WCID].ClientStatusFlags));
1016 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> (Mmps=%d, AmsduSize=%d, )\n",
1017 pAd->MacTab.Content[BSSID_WCID].MmpsMode, pAd->MacTab.Content[BSSID_WCID].AMsduSize));
1019 // Set New WPA information
1020 Idx = BssTableSearch(&pAd->ScanTab, pAddr2, pAd->MlmeAux.Channel);
1021 if (Idx == BSS_NOT_FOUND)
1023 DBGPRINT_ERR(("ASSOC - Can't find BSS after receiving Assoc response\n"));
1028 pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = 0;
1029 NdisZeroMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, MAX_LEN_OF_RSNIE);
1031 // Store appropriate RSN_IE for WPA SM negotiation later
1032 if ((pAd->StaCfg.AuthMode >= Ndis802_11AuthModeWPA) && (pAd->ScanTab.BssEntry[Idx].VarIELen != 0))
1038 pVIE = pAd->ScanTab.BssEntry[Idx].VarIEs;
1039 len = pAd->ScanTab.BssEntry[Idx].VarIELen;
1040 //KH need to check again
1041 // Don't allow to go to sleep mode if authmode is WPA-related.
1042 //This can make Authentication process more smoothly.
1043 RTMP_CLEAR_PSFLAG(pAd, fRTMP_PS_CAN_GO_SLEEP);
1047 pEid = (PEID_STRUCT) pVIE;
1049 if ((pEid->Eid == IE_WPA) && (NdisEqualMemory(pEid->Octet, WPA_OUI, 4))
1050 && (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPAPSK))
1052 NdisMoveMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, pVIE, (pEid->Len + 2));
1053 pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = (pEid->Len + 2);
1054 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> Store RSN_IE for WPA SM negotiation \n"));
1057 else if ((pEid->Eid == IE_RSN) && (NdisEqualMemory(pEid->Octet + 2, RSN_OUI, 3))
1058 && (pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2 || pAd->StaCfg.AuthMode == Ndis802_11AuthModeWPA2PSK))
1060 NdisMoveMemory(pAd->MacTab.Content[BSSID_WCID].RSN_IE, pVIE, (pEid->Len + 2));
1061 pAd->MacTab.Content[BSSID_WCID].RSNIE_Len = (pEid->Len + 2);
1062 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> Store RSN_IE for WPA2 SM negotiation \n"));
1065 pVIE += (pEid->Len + 2);
1066 len -= (pEid->Len + 2);
1072 if (pAd->MacTab.Content[BSSID_WCID].RSNIE_Len == 0)
1074 DBGPRINT(RT_DEBUG_TRACE, ("AssocPostProc===> no RSN_IE \n"));
1078 hex_dump("RSN_IE", pAd->MacTab.Content[BSSID_WCID].RSN_IE, pAd->MacTab.Content[BSSID_WCID].RSNIE_Len);
1084 ==========================================================================
1086 left part of IEEE 802.11/1999 p.374
1088 Elem - MLME message containing the received frame
1090 IRQL = DISPATCH_LEVEL
1092 ==========================================================================
1094 VOID PeerDisassocAction(
1095 IN PRTMP_ADAPTER pAd,
1096 IN MLME_QUEUE_ELEM *Elem)
1098 UCHAR Addr2[MAC_ADDR_LEN];
1101 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction()\n"));
1102 if(PeerDisassocSanity(pAd, Elem->Msg, Elem->MsgLen, Addr2, &Reason))
1104 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction() Reason = %d\n", Reason));
1105 if (INFRA_ON(pAd) && MAC_ADDR_EQUAL(pAd->CommonCfg.Bssid, Addr2))
1108 if (pAd->CommonCfg.bWirelessEvent)
1110 RTMPSendWirelessEvent(pAd, IW_DISASSOC_EVENT_FLAG, pAd->MacTab.Content[BSSID_WCID].Addr, BSS0, 0);
1114 LinkDown(pAd, TRUE);
1115 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1118 RtmpOSWrielessEventSend(pAd, SIOCGIWAP, -1, NULL, NULL, 0);
1123 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - PeerDisassocAction() sanity check fail\n"));
1129 ==========================================================================
1131 what the state machine will do after assoc timeout
1135 IRQL = DISPATCH_LEVEL
1137 ==========================================================================
1139 VOID AssocTimeoutAction(
1140 IN PRTMP_ADAPTER pAd,
1141 IN MLME_QUEUE_ELEM *Elem)
1144 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - AssocTimeoutAction\n"));
1145 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1146 Status = MLME_REJ_TIMEOUT;
1147 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
1151 ==========================================================================
1153 what the state machine will do after reassoc timeout
1155 IRQL = DISPATCH_LEVEL
1157 ==========================================================================
1159 VOID ReassocTimeoutAction(
1160 IN PRTMP_ADAPTER pAd,
1161 IN MLME_QUEUE_ELEM *Elem)
1164 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - ReassocTimeoutAction\n"));
1165 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1166 Status = MLME_REJ_TIMEOUT;
1167 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
1171 ==========================================================================
1173 what the state machine will do after disassoc timeout
1175 IRQL = DISPATCH_LEVEL
1177 ==========================================================================
1179 VOID DisassocTimeoutAction(
1180 IN PRTMP_ADAPTER pAd,
1181 IN MLME_QUEUE_ELEM *Elem)
1184 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - DisassocTimeoutAction\n"));
1185 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1186 Status = MLME_SUCCESS;
1187 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status);
1190 VOID InvalidStateWhenAssoc(
1191 IN PRTMP_ADAPTER pAd,
1192 IN MLME_QUEUE_ELEM *Elem)
1195 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenAssoc(state=%ld), reset ASSOC state machine\n",
1196 pAd->Mlme.AssocMachine.CurrState));
1197 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1198 Status = MLME_STATE_MACHINE_REJECT;
1199 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_ASSOC_CONF, 2, &Status);
1202 VOID InvalidStateWhenReassoc(
1203 IN PRTMP_ADAPTER pAd,
1204 IN MLME_QUEUE_ELEM *Elem)
1207 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenReassoc(state=%ld), reset ASSOC state machine\n",
1208 pAd->Mlme.AssocMachine.CurrState));
1209 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1210 Status = MLME_STATE_MACHINE_REJECT;
1211 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_REASSOC_CONF, 2, &Status);
1214 VOID InvalidStateWhenDisassociate(
1215 IN PRTMP_ADAPTER pAd,
1216 IN MLME_QUEUE_ELEM *Elem)
1219 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - InvalidStateWhenDisassoc(state=%ld), reset ASSOC state machine\n",
1220 pAd->Mlme.AssocMachine.CurrState));
1221 pAd->Mlme.AssocMachine.CurrState = ASSOC_IDLE;
1222 Status = MLME_STATE_MACHINE_REJECT;
1223 MlmeEnqueue(pAd, MLME_CNTL_STATE_MACHINE, MT2_DISASSOC_CONF, 2, &Status);
1227 ==========================================================================
1229 right part of IEEE 802.11/1999 page 374
1231 This event should never cause ASSOC state machine perform state
1232 transition, and has no relationship with CNTL machine. So we separate
1233 this routine as a service outside of ASSOC state transition table.
1235 IRQL = DISPATCH_LEVEL
1237 ==========================================================================
1240 IN PRTMP_ADAPTER pAd,
1243 HEADER_802_11 DisassocHdr;
1244 PHEADER_802_11 pDisassocHdr;
1245 PUCHAR pOutBuffer = NULL;
1247 NDIS_STATUS NStatus;
1248 USHORT Reason = REASON_CLS3ERR;
1250 NStatus = MlmeAllocateMemory(pAd, &pOutBuffer); //Get an unused nonpaged memory
1251 if (NStatus != NDIS_STATUS_SUCCESS)
1254 DBGPRINT(RT_DEBUG_TRACE, ("ASSOC - Class 3 Error, Send DISASSOC frame\n"));
1255 MgtMacHeaderInit(pAd, &DisassocHdr, SUBTYPE_DISASSOC, 0, pAddr, pAd->CommonCfg.Bssid); // patch peap ttls switching issue
1256 MakeOutgoingFrame(pOutBuffer, &FrameLen,
1257 sizeof(HEADER_802_11),&DisassocHdr,
1260 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
1262 // To patch Instance and Buffalo(N) AP
1263 // Driver has to send deauth to Instance AP, but Buffalo(N) needs to send disassoc to reset Authenticator's state machine
1264 // Therefore, we send both of them.
1265 pDisassocHdr = (PHEADER_802_11)pOutBuffer;
1266 pDisassocHdr->FC.SubType = SUBTYPE_DEAUTH;
1267 MiniportMMRequest(pAd, 0, pOutBuffer, FrameLen);
1269 MlmeFreeMemory(pAd, pOutBuffer);
1271 pAd->StaCfg.DisassocReason = REASON_CLS3ERR;
1272 COPY_MAC_ADDR(pAd->StaCfg.DisassocSta, pAddr);
1276 int wext_notify_event_assoc(
1277 IN RTMP_ADAPTER *pAd)
1279 char custom[IW_CUSTOM_MAX] = {0};
1281 if (pAd->StaCfg.ReqVarIELen <= IW_CUSTOM_MAX)
1283 NdisMoveMemory(custom, pAd->StaCfg.ReqVarIEs, pAd->StaCfg.ReqVarIELen);
1284 RtmpOSWrielessEventSend(pAd, IWEVASSOCREQIE, -1, NULL, custom, pAd->StaCfg.ReqVarIELen);
1287 DBGPRINT(RT_DEBUG_TRACE, ("pAd->StaCfg.ReqVarIELen > MAX_CUSTOM_LEN\n"));
1294 BOOLEAN StaAddMacTableEntry(
1295 IN PRTMP_ADAPTER pAd,
1296 IN PMAC_TABLE_ENTRY pEntry,
1297 IN UCHAR MaxSupportedRateIn500Kbps,
1298 IN HT_CAPABILITY_IE *pHtCapability,
1299 IN UCHAR HtCapabilityLen,
1300 IN ADD_HT_INFO_IE *pAddHtInfo,
1301 IN UCHAR AddHtInfoLen,
1302 IN USHORT CapabilityInfo)
1304 UCHAR MaxSupportedRate = RATE_11;
1307 CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE);
1309 switch (MaxSupportedRateIn500Kbps)
1311 case 108: MaxSupportedRate = RATE_54; break;
1312 case 96: MaxSupportedRate = RATE_48; break;
1313 case 72: MaxSupportedRate = RATE_36; break;
1314 case 48: MaxSupportedRate = RATE_24; break;
1315 case 36: MaxSupportedRate = RATE_18; break;
1316 case 24: MaxSupportedRate = RATE_12; break;
1317 case 18: MaxSupportedRate = RATE_9; break;
1318 case 12: MaxSupportedRate = RATE_6; break;
1319 case 22: MaxSupportedRate = RATE_11; break;
1320 case 11: MaxSupportedRate = RATE_5_5; break;
1321 case 4: MaxSupportedRate = RATE_2; break;
1322 case 2: MaxSupportedRate = RATE_1; break;
1323 default: MaxSupportedRate = RATE_11; break;
1326 if ((pAd->CommonCfg.PhyMode == PHY_11G) && (MaxSupportedRate < RATE_FIRST_OFDM_RATE))
1330 if (((pAd->CommonCfg.PhyMode == PHY_11N_2_4G) || (pAd->CommonCfg.PhyMode == PHY_11N_5G))&& (HtCapabilityLen == 0))
1336 NdisAcquireSpinLock(&pAd->MacTabLock);
1339 pEntry->PortSecured = WPA_802_1X_PORT_SECURED;
1340 if ((MaxSupportedRate < RATE_FIRST_OFDM_RATE) ||
1341 (pAd->CommonCfg.PhyMode == PHY_11B))
1343 pEntry->RateLen = 4;
1344 if (MaxSupportedRate >= RATE_FIRST_OFDM_RATE)
1345 MaxSupportedRate = RATE_11;
1348 pEntry->RateLen = 12;
1350 pEntry->MaxHTPhyMode.word = 0;
1351 pEntry->MinHTPhyMode.word = 0;
1352 pEntry->HTPhyMode.word = 0;
1353 pEntry->MaxSupportedRate = MaxSupportedRate;
1354 if (pEntry->MaxSupportedRate < RATE_FIRST_OFDM_RATE)
1356 pEntry->MaxHTPhyMode.field.MODE = MODE_CCK;
1357 pEntry->MaxHTPhyMode.field.MCS = pEntry->MaxSupportedRate;
1358 pEntry->MinHTPhyMode.field.MODE = MODE_CCK;
1359 pEntry->MinHTPhyMode.field.MCS = pEntry->MaxSupportedRate;
1360 pEntry->HTPhyMode.field.MODE = MODE_CCK;
1361 pEntry->HTPhyMode.field.MCS = pEntry->MaxSupportedRate;
1365 pEntry->MaxHTPhyMode.field.MODE = MODE_OFDM;
1366 pEntry->MaxHTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate];
1367 pEntry->MinHTPhyMode.field.MODE = MODE_OFDM;
1368 pEntry->MinHTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate];
1369 pEntry->HTPhyMode.field.MODE = MODE_OFDM;
1370 pEntry->HTPhyMode.field.MCS = OfdmRateToRxwiMCS[pEntry->MaxSupportedRate];
1372 pEntry->CapabilityInfo = CapabilityInfo;
1373 CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_AGGREGATION_CAPABLE);
1374 CLIENT_STATUS_CLEAR_FLAG(pEntry, fCLIENT_STATUS_PIGGYBACK_CAPABLE);
1377 NdisZeroMemory(&pEntry->HTCapability, sizeof(pEntry->HTCapability));
1378 // If this Entry supports 802.11n, upgrade to HT rate.
1379 if ((HtCapabilityLen != 0) && (pAd->CommonCfg.PhyMode >= PHY_11ABGN_MIXED))
1381 UCHAR j, bitmask; //k,bitmask;
1385 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_WMM_CAPABLE);
1386 if ((pHtCapability->HtCapInfo.GF) && (pAd->CommonCfg.DesiredHtPhy.GF))
1388 pEntry->MaxHTPhyMode.field.MODE = MODE_HTGREENFIELD;
1392 pEntry->MaxHTPhyMode.field.MODE = MODE_HTMIX;
1393 pAd->MacTab.fAnyStationNonGF = TRUE;
1394 pAd->CommonCfg.AddHTInfo.AddHtInfo2.NonGfPresent = 1;
1397 if ((pHtCapability->HtCapInfo.ChannelWidth) &&
1398 (pAd->CommonCfg.DesiredHtPhy.ChannelWidth) &&
1399 ((pAd->StaCfg.BssType == BSS_INFRA) || ((pAd->StaCfg.BssType == BSS_ADHOC) && (pAddHtInfo->AddHtInfo.ExtChanOffset == pAd->CommonCfg.AddHTInfo.AddHtInfo.ExtChanOffset))))
1401 pEntry->MaxHTPhyMode.field.BW= BW_40;
1402 pEntry->MaxHTPhyMode.field.ShortGI = ((pAd->CommonCfg.DesiredHtPhy.ShortGIfor40)&(pHtCapability->HtCapInfo.ShortGIfor40));
1406 pEntry->MaxHTPhyMode.field.BW = BW_20;
1407 pEntry->MaxHTPhyMode.field.ShortGI = ((pAd->CommonCfg.DesiredHtPhy.ShortGIfor20)&(pHtCapability->HtCapInfo.ShortGIfor20));
1408 pAd->MacTab.fAnyStation20Only = TRUE;
1412 if (pAd->MACVersion >= RALINK_2883_VERSION && pAd->MACVersion < RALINK_3070_VERSION)
1413 pEntry->MaxHTPhyMode.field.TxBF = pAd->CommonCfg.RegTransmitSetting.field.TxBF;
1415 // find max fixed rate
1416 for (i=23; i>=0; i--) // 3*3
1419 bitmask = (1<<(i-(j*8)));
1420 if ((pAd->StaCfg.DesiredHtPhyInfo.MCSSet[j] & bitmask) && (pHtCapability->MCSSet[j] & bitmask))
1422 pEntry->MaxHTPhyMode.field.MCS = i;
1430 if (pAd->StaCfg.DesiredTransmitSetting.field.MCS != MCS_AUTO)
1432 if (pAd->StaCfg.DesiredTransmitSetting.field.MCS == 32)
1434 // Fix MCS as HT Duplicated Mode
1435 pEntry->MaxHTPhyMode.field.BW = 1;
1436 pEntry->MaxHTPhyMode.field.MODE = MODE_HTMIX;
1437 pEntry->MaxHTPhyMode.field.STBC = 0;
1438 pEntry->MaxHTPhyMode.field.ShortGI = 0;
1439 pEntry->MaxHTPhyMode.field.MCS = 32;
1441 else if (pEntry->MaxHTPhyMode.field.MCS > pAd->StaCfg.HTPhyMode.field.MCS)
1443 // STA supports fixed MCS
1444 pEntry->MaxHTPhyMode.field.MCS = pAd->StaCfg.HTPhyMode.field.MCS;
1448 pEntry->MaxHTPhyMode.field.STBC = (pHtCapability->HtCapInfo.RxSTBC & (pAd->CommonCfg.DesiredHtPhy.TxSTBC));
1449 pEntry->MpduDensity = pHtCapability->HtCapParm.MpduDensity;
1450 pEntry->MaxRAmpduFactor = pHtCapability->HtCapParm.MaxRAmpduFactor;
1451 pEntry->MmpsMode = (UCHAR)pHtCapability->HtCapInfo.MimoPs;
1452 pEntry->AMsduSize = (UCHAR)pHtCapability->HtCapInfo.AMsduSize;
1453 pEntry->HTPhyMode.word = pEntry->MaxHTPhyMode.word;
1455 if (pAd->CommonCfg.DesiredHtPhy.AmsduEnable && (pAd->CommonCfg.REGBACapability.field.AutoBA == FALSE))
1456 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_AMSDU_INUSED);
1457 if (pHtCapability->HtCapInfo.ShortGIfor20)
1458 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_SGI20_CAPABLE);
1459 if (pHtCapability->HtCapInfo.ShortGIfor40)
1460 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_SGI40_CAPABLE);
1461 if (pHtCapability->HtCapInfo.TxSTBC)
1462 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_TxSTBC_CAPABLE);
1463 if (pHtCapability->HtCapInfo.RxSTBC)
1464 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_RxSTBC_CAPABLE);
1465 if (pHtCapability->ExtHtCapInfo.PlusHTC)
1466 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_HTC_CAPABLE);
1467 if (pAd->CommonCfg.bRdg && pHtCapability->ExtHtCapInfo.RDGSupport)
1468 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_RDG_CAPABLE);
1469 if (pHtCapability->ExtHtCapInfo.MCSFeedback == 0x03)
1470 CLIENT_STATUS_SET_FLAG(pEntry, fCLIENT_STATUS_MCSFEEDBACK_CAPABLE);
1471 NdisMoveMemory(&pEntry->HTCapability, pHtCapability, HtCapabilityLen);
1475 pAd->MacTab.fAnyStationIsLegacy = TRUE;
1478 pEntry->HTPhyMode.word = pEntry->MaxHTPhyMode.word;
1479 pEntry->CurrTxRate = pEntry->MaxSupportedRate;
1481 // Set asic auto fall back
1482 if (pAd->StaCfg.bAutoTxRateSwitch == TRUE)
1485 UCHAR TableSize = 0;
1487 MlmeSelectTxRateTable(pAd, pEntry, &pTable, &TableSize, &pEntry->CurrTxRateIndex);
1488 pEntry->bAutoTxRateSwitch = TRUE;
1492 pEntry->HTPhyMode.field.MODE = pAd->StaCfg.HTPhyMode.field.MODE;
1493 pEntry->HTPhyMode.field.MCS = pAd->StaCfg.HTPhyMode.field.MCS;
1494 pEntry->bAutoTxRateSwitch = FALSE;
1496 // If the legacy mode is set, overwrite the transmit setting of this entry.
1497 RTMPUpdateLegacyTxSetting((UCHAR)pAd->StaCfg.DesiredTransmitSetting.field.FixedTxMode, pEntry);
1500 pEntry->PortSecured = WPA_802_1X_PORT_SECURED;
1501 pEntry->Sst = SST_ASSOC;
1502 pEntry->AuthState = AS_AUTH_OPEN;
1503 pEntry->AuthMode = pAd->StaCfg.AuthMode;
1504 pEntry->WepStatus = pAd->StaCfg.WepStatus;
1506 NdisReleaseSpinLock(&pAd->MacTabLock);
1509 union iwreq_data wrqu;
1510 wext_notify_event_assoc(pAd);
1512 memset(wrqu.ap_addr.sa_data, 0, MAC_ADDR_LEN);
1513 memcpy(wrqu.ap_addr.sa_data, pAd->MlmeAux.Bssid, MAC_ADDR_LEN);
1514 wireless_send_event(pAd->net_dev, SIOCGIWAP, &wrqu, NULL);