Lines Matching refs:wpa_auth
54 static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth,
57 static int wpa_gtk_update(struct wpa_authenticator *wpa_auth,
59 static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth,
66 static void wpa_group_free(struct wpa_authenticator *wpa_auth,
68 static void wpa_group_get(struct wpa_authenticator *wpa_auth,
70 static void wpa_group_put(struct wpa_authenticator *wpa_auth,
74 static void wpa_group_update_gtk(struct wpa_authenticator *wpa_auth,
93 return sm->wpa_auth->mld_addr; in wpa_auth_get_aa()
95 return sm->wpa_auth->addr; in wpa_auth_get_aa()
115 if (!sm->wpa_auth) in wpa_gkeydone_sta()
118 sm->wpa_auth->group->GKeyDoneStations--; in wpa_gkeydone_sta()
123 sm->mld_links[link_id].wpa_auth->group->GKeyDoneStations--; in wpa_gkeydone_sta()
140 wpa_group_put(sm->mld_links[link_id].wpa_auth, in wpa_release_link_auth_ref()
141 sm->mld_links[link_id].wpa_auth->group); in wpa_release_link_auth_ref()
142 sm->mld_links[link_id].wpa_auth = NULL; in wpa_release_link_auth_ref()
152 struct wpa_authenticator *wpa_auth; member
155 static int wpa_get_link_sta_auth(struct wpa_authenticator *wpa_auth, void *data) in wpa_get_link_sta_auth() argument
159 if (!wpa_auth->is_ml) in wpa_get_link_sta_auth()
163 !ether_addr_equal(wpa_auth->mld_addr, ctx->mld_addr)) in wpa_get_link_sta_auth()
166 if ((ctx->addr && ether_addr_equal(wpa_auth->addr, ctx->addr)) || in wpa_get_link_sta_auth()
167 (ctx->link_id > -1 && wpa_auth->is_ml && in wpa_get_link_sta_auth()
168 wpa_auth->link_id == ctx->link_id)) { in wpa_get_link_sta_auth()
169 ctx->wpa_auth = wpa_auth; in wpa_get_link_sta_auth()
178 wpa_get_link_auth(struct wpa_authenticator *wpa_auth, int link_id) in wpa_get_link_auth() argument
183 ctx.mld_addr = wpa_auth->mld_addr; in wpa_get_link_auth()
185 ctx.wpa_auth = NULL; in wpa_get_link_auth()
186 wpa_auth_for_each_auth(wpa_auth, wpa_get_link_sta_auth, &ctx); in wpa_get_link_auth()
187 return ctx.wpa_auth; in wpa_get_link_auth()
191 static int wpa_get_primary_auth_cb(struct wpa_authenticator *wpa_auth, in wpa_get_primary_auth_cb() argument
196 if (!wpa_auth->is_ml || in wpa_get_primary_auth_cb()
197 !ether_addr_equal(wpa_auth->mld_addr, ctx->addr) || in wpa_get_primary_auth_cb()
198 !wpa_auth->primary_auth) in wpa_get_primary_auth_cb()
201 ctx->wpa_auth = wpa_auth; in wpa_get_primary_auth_cb()
209 wpa_get_primary_auth(struct wpa_authenticator *wpa_auth) in wpa_get_primary_auth() argument
214 if (!wpa_auth || !wpa_auth->is_ml || wpa_auth->primary_auth) in wpa_get_primary_auth()
215 return wpa_auth; in wpa_get_primary_auth()
217 ctx.addr = wpa_auth->mld_addr; in wpa_get_primary_auth()
218 ctx.wpa_auth = NULL; in wpa_get_primary_auth()
219 wpa_auth_for_each_auth(wpa_auth, wpa_get_primary_auth_cb, &ctx); in wpa_get_primary_auth()
221 return ctx.wpa_auth; in wpa_get_primary_auth()
223 return wpa_auth; in wpa_get_primary_auth()
229 struct wpa_authenticator *wpa_auth, const u8 *addr) in wpa_auth_mic_failure_report() argument
231 if (wpa_auth->cb->mic_failure_report) in wpa_auth_mic_failure_report()
232 return wpa_auth->cb->mic_failure_report(wpa_auth->cb_ctx, addr); in wpa_auth_mic_failure_report()
238 struct wpa_authenticator *wpa_auth, const u8 *addr) in wpa_auth_psk_failure_report() argument
240 if (wpa_auth->cb->psk_failure_report) in wpa_auth_psk_failure_report()
241 wpa_auth->cb->psk_failure_report(wpa_auth->cb_ctx, addr); in wpa_auth_psk_failure_report()
245 static inline void wpa_auth_set_eapol(struct wpa_authenticator *wpa_auth, in wpa_auth_set_eapol() argument
249 if (wpa_auth->cb->set_eapol) in wpa_auth_set_eapol()
250 wpa_auth->cb->set_eapol(wpa_auth->cb_ctx, addr, var, value); in wpa_auth_set_eapol()
254 static inline int wpa_auth_get_eapol(struct wpa_authenticator *wpa_auth, in wpa_auth_get_eapol() argument
257 if (!wpa_auth->cb->get_eapol) in wpa_auth_get_eapol()
259 return wpa_auth->cb->get_eapol(wpa_auth->cb_ctx, addr, var); in wpa_auth_get_eapol()
263 static inline const u8 * wpa_auth_get_psk(struct wpa_authenticator *wpa_auth, in wpa_auth_get_psk() argument
269 if (!wpa_auth->cb->get_psk) in wpa_auth_get_psk()
271 return wpa_auth->cb->get_psk(wpa_auth->cb_ctx, addr, p2p_dev_addr, in wpa_auth_get_psk()
276 static inline int wpa_auth_get_msk(struct wpa_authenticator *wpa_auth, in wpa_auth_get_msk() argument
279 if (!wpa_auth->cb->get_msk) in wpa_auth_get_msk()
281 return wpa_auth->cb->get_msk(wpa_auth->cb_ctx, addr, msk, len); in wpa_auth_get_msk()
285 static inline int wpa_auth_set_key(struct wpa_authenticator *wpa_auth, in wpa_auth_set_key() argument
291 if (!wpa_auth->cb->set_key) in wpa_auth_set_key()
293 return wpa_auth->cb->set_key(wpa_auth->cb_ctx, vlan_id, alg, addr, idx, in wpa_auth_set_key()
299 static inline int wpa_auth_set_ltf_keyseed(struct wpa_authenticator *wpa_auth, in wpa_auth_set_ltf_keyseed() argument
304 if (!wpa_auth->cb->set_ltf_keyseed) in wpa_auth_set_ltf_keyseed()
306 return wpa_auth->cb->set_ltf_keyseed(wpa_auth->cb_ctx, peer_addr, in wpa_auth_set_ltf_keyseed()
312 static inline int wpa_auth_get_seqnum(struct wpa_authenticator *wpa_auth, in wpa_auth_get_seqnum() argument
317 if (!wpa_auth->cb->get_seqnum) in wpa_auth_get_seqnum()
322 res = wpa_auth->cb->get_seqnum(wpa_auth->cb_ctx, addr, idx, seq); in wpa_auth_get_seqnum()
324 if (!addr && idx < 4 && wpa_auth->conf.gtk_rsc_override_set) { in wpa_auth_get_seqnum()
329 WPA_GET_LE64(wpa_auth->conf.gtk_rsc_override)); in wpa_auth_get_seqnum()
330 os_memcpy(seq, wpa_auth->conf.gtk_rsc_override, in wpa_auth_get_seqnum()
334 wpa_auth->conf.igtk_rsc_override_set) { in wpa_auth_get_seqnum()
339 WPA_GET_LE64(wpa_auth->conf.igtk_rsc_override)); in wpa_auth_get_seqnum()
340 os_memcpy(seq, wpa_auth->conf.igtk_rsc_override, in wpa_auth_get_seqnum()
349 wpa_auth_send_eapol(struct wpa_authenticator *wpa_auth, const u8 *addr, in wpa_auth_send_eapol() argument
352 if (!wpa_auth->cb->send_eapol) in wpa_auth_send_eapol()
354 return wpa_auth->cb->send_eapol(wpa_auth->cb_ctx, addr, data, data_len, in wpa_auth_send_eapol()
360 static inline int wpa_auth_start_ampe(struct wpa_authenticator *wpa_auth, in wpa_auth_start_ampe() argument
363 if (!wpa_auth->cb->start_ampe) in wpa_auth_start_ampe()
365 return wpa_auth->cb->start_ampe(wpa_auth->cb_ctx, addr); in wpa_auth_start_ampe()
370 int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth, in wpa_auth_for_each_sta() argument
374 if (!wpa_auth->cb->for_each_sta) in wpa_auth_for_each_sta()
376 return wpa_auth->cb->for_each_sta(wpa_auth->cb_ctx, cb, cb_ctx); in wpa_auth_for_each_sta()
380 int wpa_auth_for_each_auth(struct wpa_authenticator *wpa_auth, in wpa_auth_for_each_auth() argument
384 if (!wpa_auth->cb->for_each_auth) in wpa_auth_for_each_auth()
386 return wpa_auth->cb->for_each_auth(wpa_auth->cb_ctx, cb, cb_ctx); in wpa_auth_for_each_auth()
390 void wpa_auth_store_ptksa(struct wpa_authenticator *wpa_auth, in wpa_auth_store_ptksa() argument
394 if (wpa_auth->cb->store_ptksa) in wpa_auth_store_ptksa()
395 wpa_auth->cb->store_ptksa(wpa_auth->cb_ctx, addr, cipher, in wpa_auth_store_ptksa()
400 static void wpa_auth_remove_ptksa(struct wpa_authenticator *wpa_auth, in wpa_auth_remove_ptksa() argument
403 if (wpa_auth->cb->clear_ptksa) in wpa_auth_remove_ptksa()
404 wpa_auth->cb->clear_ptksa(wpa_auth->cb_ctx, addr, cipher); in wpa_auth_remove_ptksa()
408 void wpa_auth_logger(struct wpa_authenticator *wpa_auth, const u8 *addr, in wpa_auth_logger() argument
411 if (!wpa_auth->cb->logger) in wpa_auth_logger()
413 wpa_auth->cb->logger(wpa_auth->cb_ctx, addr, level, txt); in wpa_auth_logger()
417 void wpa_auth_vlogger(struct wpa_authenticator *wpa_auth, const u8 *addr, in wpa_auth_vlogger() argument
424 if (!wpa_auth->cb->logger) in wpa_auth_vlogger()
436 wpa_auth_logger(wpa_auth, addr, level, format); in wpa_auth_vlogger()
442 static void wpa_sta_disconnect(struct wpa_authenticator *wpa_auth, in wpa_sta_disconnect() argument
445 if (!wpa_auth->cb->disconnect) in wpa_sta_disconnect()
449 wpa_auth->cb->disconnect(wpa_auth->cb_ctx, addr, reason); in wpa_sta_disconnect()
454 static int wpa_channel_info(struct wpa_authenticator *wpa_auth, in wpa_channel_info() argument
457 if (!wpa_auth->cb->channel_info) in wpa_channel_info()
459 return wpa_auth->cb->channel_info(wpa_auth->cb_ctx, ci); in wpa_channel_info()
464 static int wpa_auth_update_vlan(struct wpa_authenticator *wpa_auth, in wpa_auth_update_vlan() argument
467 if (!wpa_auth->cb->update_vlan) in wpa_auth_update_vlan()
469 return wpa_auth->cb->update_vlan(wpa_auth->cb_ctx, addr, vlan_id); in wpa_auth_update_vlan()
475 struct wpa_authenticator *wpa_auth = eloop_ctx; in wpa_rekey_gmk() local
477 if (random_get_bytes(wpa_auth->group->GMK, WPA_GMK_LEN)) { in wpa_rekey_gmk()
481 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "GMK rekeyd"); in wpa_rekey_gmk()
483 wpa_auth->group->GMK, WPA_GMK_LEN); in wpa_rekey_gmk()
486 if (wpa_auth->conf.wpa_gmk_rekey) { in wpa_rekey_gmk()
487 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0, in wpa_rekey_gmk()
488 wpa_rekey_gmk, wpa_auth, NULL); in wpa_rekey_gmk()
493 static void wpa_rekey_all_groups(struct wpa_authenticator *wpa_auth) in wpa_rekey_all_groups() argument
497 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG, "rekeying GTK"); in wpa_rekey_all_groups()
498 group = wpa_auth->group; in wpa_rekey_all_groups()
502 MAC2STR(wpa_auth->addr), group->vlan_id); in wpa_rekey_all_groups()
503 wpa_group_get(wpa_auth, group); in wpa_rekey_all_groups()
508 wpa_group_sm_step(wpa_auth, group); in wpa_rekey_all_groups()
512 wpa_group_put(wpa_auth, group); in wpa_rekey_all_groups()
520 static void wpa_update_all_gtks(struct wpa_authenticator *wpa_auth) in wpa_update_all_gtks() argument
524 group = wpa_auth->group; in wpa_update_all_gtks()
526 wpa_group_get(wpa_auth, group); in wpa_update_all_gtks()
528 wpa_group_update_gtk(wpa_auth, group); in wpa_update_all_gtks()
530 wpa_group_put(wpa_auth, group); in wpa_update_all_gtks()
536 static int wpa_update_all_gtks_cb(struct wpa_authenticator *wpa_auth, void *ctx) in wpa_update_all_gtks_cb() argument
540 if (!ether_addr_equal(wpa_auth->mld_addr, mld_addr)) in wpa_update_all_gtks_cb()
543 wpa_update_all_gtks(wpa_auth); in wpa_update_all_gtks_cb()
548 static int wpa_rekey_all_groups_cb(struct wpa_authenticator *wpa_auth, in wpa_rekey_all_groups_cb() argument
553 if (!ether_addr_equal(wpa_auth->mld_addr, mld_addr)) in wpa_rekey_all_groups_cb()
556 wpa_rekey_all_groups(wpa_auth); in wpa_rekey_all_groups_cb()
565 struct wpa_authenticator *wpa_auth = eloop_ctx; in wpa_rekey_gtk() local
568 if (wpa_auth->is_ml) { in wpa_rekey_gtk()
572 if (!wpa_auth->primary_auth) { in wpa_rekey_gtk()
579 wpa_auth_for_each_auth(wpa_auth, wpa_update_all_gtks_cb, in wpa_rekey_gtk()
580 wpa_auth->mld_addr); in wpa_rekey_gtk()
584 wpa_auth_for_each_auth(wpa_auth, wpa_rekey_all_groups_cb, in wpa_rekey_gtk()
585 wpa_auth->mld_addr); in wpa_rekey_gtk()
587 wpa_rekey_all_groups(wpa_auth); in wpa_rekey_gtk()
590 wpa_rekey_all_groups(wpa_auth); in wpa_rekey_gtk()
593 if (wpa_auth->conf.wpa_group_rekey) { in wpa_rekey_gtk()
594 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey, in wpa_rekey_gtk()
595 0, wpa_rekey_gtk, wpa_auth, NULL); in wpa_rekey_gtk()
602 struct wpa_authenticator *wpa_auth = eloop_ctx; in wpa_rekey_ptk() local
605 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG, in wpa_rekey_ptk()
614 if (sm && sm->wpa_auth->conf.wpa_ptk_rekey) { in wpa_auth_set_ptk_rekey_timer()
618 sm->wpa_auth->conf.wpa_ptk_rekey); in wpa_auth_set_ptk_rekey_timer()
619 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
620 eloop_register_timeout(sm->wpa_auth->conf.wpa_ptk_rekey, 0, in wpa_auth_set_ptk_rekey_timer()
621 wpa_rekey_ptk, sm->wpa_auth, sm); in wpa_auth_set_ptk_rekey_timer()
637 struct wpa_authenticator *wpa_auth = ctx; in wpa_auth_pmksa_free_cb() local
638 wpa_auth_for_each_sta(wpa_auth, wpa_auth_pmksa_clear_cb, entry); in wpa_auth_pmksa_free_cb()
642 static int wpa_group_init_gmk_and_counter(struct wpa_authenticator *wpa_auth, in wpa_group_init_gmk_and_counter() argument
657 os_memcpy(buf, wpa_auth->addr, ETH_ALEN); in wpa_group_init_gmk_and_counter()
678 static struct wpa_group * wpa_group_init(struct wpa_authenticator *wpa_auth, in wpa_group_init() argument
689 group->GTK_len = wpa_cipher_key_len(wpa_auth->conf.wpa_group); in wpa_group_init()
702 if (wpa_group_init_gmk_and_counter(wpa_auth, group) < 0) { in wpa_group_init()
715 wpa_group_sm_step(wpa_auth, group); in wpa_group_init()
717 wpa_group_sm_step(wpa_auth, group); in wpa_group_init()
736 struct wpa_authenticator *wpa_auth; local
738 wpa_auth = os_zalloc(sizeof(struct wpa_authenticator));
739 if (!wpa_auth)
742 os_memcpy(wpa_auth->addr, addr, ETH_ALEN);
743 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
747 wpa_auth->is_ml = true;
748 wpa_auth->link_id = conf->link_id;
749 wpa_auth->primary_auth = !conf->first_link_auth;
750 os_memcpy(wpa_auth->mld_addr, conf->mld_addr, ETH_ALEN);
754 wpa_auth->cb = cb;
755 wpa_auth->cb_ctx = cb_ctx;
757 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
759 os_free(wpa_auth);
763 wpa_auth->group = wpa_group_init(wpa_auth, 0, 1);
764 if (!wpa_auth->group) {
765 os_free(wpa_auth->wpa_ie);
766 os_free(wpa_auth);
770 wpa_auth->pmksa = pmksa_cache_auth_init(wpa_auth_pmksa_free_cb,
771 wpa_auth);
772 if (!wpa_auth->pmksa) {
774 os_free(wpa_auth->group);
775 os_free(wpa_auth->wpa_ie);
776 os_free(wpa_auth);
781 wpa_auth->ft_pmk_cache = wpa_ft_pmk_cache_init();
782 if (!wpa_auth->ft_pmk_cache) {
784 os_free(wpa_auth->group);
785 os_free(wpa_auth->wpa_ie);
786 pmksa_cache_auth_deinit(wpa_auth->pmksa);
787 os_free(wpa_auth);
792 if (wpa_auth->conf.wpa_gmk_rekey) {
793 eloop_register_timeout(wpa_auth->conf.wpa_gmk_rekey, 0,
794 wpa_rekey_gmk, wpa_auth, NULL);
801 if ((!wpa_auth->is_ml || !conf->first_link_auth) &&
802 wpa_auth->conf.wpa_group_rekey) {
804 if (wpa_auth->conf.wpa_group_rekey) {
806 eloop_register_timeout(wpa_auth->conf.wpa_group_rekey, 0,
807 wpa_rekey_gtk, wpa_auth, NULL);
817 wpa_auth->ip_pool = bitfield_alloc(count);
830 return wpa_auth;
834 int wpa_init_keys(struct wpa_authenticator *wpa_auth) argument
836 struct wpa_group *group = wpa_auth->group;
840 wpa_group_sm_step(wpa_auth, group);
842 wpa_group_sm_step(wpa_auth, group);
864 void wpa_deinit(struct wpa_authenticator *wpa_auth) argument
868 eloop_cancel_timeout(wpa_rekey_gmk, wpa_auth, NULL);
872 eloop_cancel_timeout(wpa_rekey_gtk, wpa_auth, NULL);
874 pmksa_cache_auth_deinit(wpa_auth->pmksa);
877 wpa_ft_pmk_cache_deinit(wpa_auth->ft_pmk_cache);
878 wpa_auth->ft_pmk_cache = NULL;
879 wpa_ft_deinit(wpa_auth);
883 bitfield_free(wpa_auth->ip_pool);
887 os_free(wpa_auth->wpa_ie);
889 group = wpa_auth->group;
896 wpa_auth_free_conf(&wpa_auth->conf);
897 os_free(wpa_auth);
906 int wpa_reconfig(struct wpa_authenticator *wpa_auth, argument
911 if (!wpa_auth)
914 wpa_auth_free_conf(&wpa_auth->conf);
915 os_memcpy(&wpa_auth->conf, conf, sizeof(*conf));
916 if (wpa_auth_gen_wpa_ie(wpa_auth)) {
925 group = wpa_auth->group;
926 group->GTK_len = wpa_cipher_key_len(wpa_auth->conf.wpa_group);
928 wpa_group_sm_step(wpa_auth, group);
930 wpa_group_sm_step(wpa_auth, group);
937 wpa_auth_sta_init(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
942 if (wpa_auth->group->wpa_group_state == WPA_GROUP_FATAL_FAILURE)
952 sm->wpa_auth = wpa_auth;
953 sm->group = wpa_auth->group;
954 wpa_group_get(sm->wpa_auth, sm->group);
963 int wpa_auth_sta_associated(struct wpa_authenticator *wpa_auth, argument
966 if (!wpa_auth || !wpa_auth->conf.wpa || !sm)
971 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
982 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
997 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1037 bitfield_clear(sm->wpa_auth->ip_pool, sm->ip_addr_bit);
1051 wpa_group_put(sm->mld_links[link_id].wpa_auth,
1052 sm->mld_links[link_id].wpa_auth->group);
1053 sm->mld_links[link_id].wpa_auth = NULL;
1056 wpa_group_put(sm->wpa_auth, sm->group);
1066 struct wpa_authenticator *wpa_auth; local
1071 wpa_auth = sm->wpa_auth;
1072 if (wpa_auth->conf.wpa_strict_rekey && sm->has_GTK) {
1073 struct wpa_authenticator *primary_auth = wpa_auth;
1075 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1079 if (wpa_auth->is_ml && !wpa_auth->primary_auth)
1080 primary_auth = wpa_get_primary_auth(wpa_auth);
1089 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
1092 eloop_cancel_timeout(wpa_rekey_ptk, wpa_auth, sm);
1113 if (!sm->use_ext_key_id && sm->wpa_auth->conf.wpa_deny_ptk0_rekey) {
1160 static int ft_check_msg_2_of_4(struct wpa_authenticator *wpa_auth, argument
1218 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
1238 os_memcmp(wpa_auth->conf.mobility_domain, mdie->mobility_domain,
1261 static int wpa_receive_error_report(struct wpa_authenticator *wpa_auth, argument
1265 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1269 if (group && wpa_auth->conf.wpa_group != WPA_CIPHER_TKIP) {
1270 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1273 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1276 if (wpa_auth_mic_failure_report(wpa_auth,
1280 wpa_auth->dot11RSNAStatsTKIPRemoteMICFailures++;
1309 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
1356 wpa_auth_update_vlan(sm->wpa_auth, sm->addr, vlan_id) < 0)
1380 static bool wpa_auth_gtk_rekey_in_process(struct wpa_authenticator *wpa_auth) argument
1384 for (group = wpa_auth->group; group; group = group->next) {
1394 static bool wpa_auth_valid_key_desc_ver(struct wpa_authenticator *wpa_auth, argument
1407 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1417 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1425 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1435 static bool wpa_auth_valid_request_counter(struct wpa_authenticator *wpa_auth, argument
1443 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1453 static bool wpa_auth_valid_counter(struct wpa_authenticator *wpa_auth, argument
1462 return wpa_auth_valid_request_counter(wpa_auth, sm,
1480 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1501 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1511 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1516 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1534 void wpa_receive(struct wpa_authenticator *wpa_auth, argument
1549 if (!wpa_auth || !wpa_auth->conf.wpa || !sm)
1622 if (!wpa_auth_valid_key_desc_ver(wpa_auth, sm, ver))
1667 if (!wpa_auth_valid_counter(wpa_auth, sm, key, msg, msgtxt))
1673 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1685 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1705 wpa_sta_disconnect(wpa_auth, sm->addr,
1713 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1723 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1735 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
1744 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1748 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1755 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1763 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
1776 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1790 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1805 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
1811 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1821 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1829 wpa_auth, sm,
1833 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1838 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
1843 wpa_get_primary_auth(wpa_auth),
1845 if (wpa_auth_gtk_rekey_in_process(wpa_auth))
1846 wpa_auth_logger(wpa_auth, NULL, LOGGER_DEBUG,
1849 wpa_rekey_gtk(wpa_get_primary_auth(wpa_auth),
1947 struct wpa_authenticator *wpa_auth = eloop_ctx; local
1951 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG,
1957 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
1964 void __wpa_send_eapol(struct wpa_authenticator *wpa_auth, argument
1970 struct wpa_auth_config *conf = &wpa_auth->conf;
2150 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
2167 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
2175 wpa_auth_set_eapol(wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx, 1);
2177 wpa_auth_send_eapol(wpa_auth, sm->addr, (u8 *) hdr, len,
2183 static int wpa_auth_get_sta_count(struct wpa_authenticator *wpa_auth) argument
2185 if (!wpa_auth->cb->get_sta_count)
2188 return wpa_auth->cb->get_sta_count(wpa_auth->cb_ctx);
2192 static void wpa_send_eapol(struct wpa_authenticator *wpa_auth, argument
2211 if (wpa_auth->conf.delay_eapol_tx &&
2212 ctr != wpa_auth->conf.wpa_pairwise_update_count) {
2213 wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO,
2218 __wpa_send_eapol(wpa_auth, sm, key_info, key_rsc, nonce, kde, kde_len,
2224 if (ctr == 1 && wpa_auth->conf.tx_status) {
2227 else if (wpa_auth_get_sta_count(wpa_auth) > 100)
2234 if (wpa_auth->conf.wpa_disable_eapol_key_retries &&
2246 wpa_send_eapol_timeout, wpa_auth, sm);
2284 wpa_auth_remove_ptksa(sm->wpa_auth, sm->addr, sm->pairwise);
2286 if (wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 0, NULL,
2291 wpa_auth_set_key(sm->wpa_auth, 0, WPA_ALG_NONE, sm->addr, 1, NULL,
2296 eloop_cancel_timeout(wpa_rekey_ptk, sm->wpa_auth, sm);
2307 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
2314 if (wpa_auth_start_ampe(sm->wpa_auth, sm->addr)) {
2364 sm->wpa_auth->conf.wpa_deny_ptk0_rekey) {
2466 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 0);
2468 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid, 0);
2473 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
2488 wpa_sta_disconnect(sm->wpa_auth, sm->addr, reason);
2504 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portControl_Auto,
2506 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portEnabled, 1);
2511 static void wpa_group_ensure_init(struct wpa_authenticator *wpa_auth, argument
2534 if (wpa_group_init_gmk_and_counter(wpa_auth, group) < 0 ||
2535 wpa_gtk_update(wpa_auth, group) < 0 ||
2536 wpa_group_config_group_keys(wpa_auth, group) < 0) {
2548 wpa_group_ensure_init(sm->wpa_auth, sm->group);
2612 } else if (wpa_auth_get_msk(sm->wpa_auth, wpa_auth_get_spa(sm),
2645 sm->wpa_auth->cb->get_msk);
2660 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyRun, false);
2670 psk = wpa_auth_get_psk(sm->wpa_auth, sm->addr, sm->p2p_dev_addr, NULL,
2710 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
2720 if (sm->TimeoutCtr > sm->wpa_auth->conf.wpa_pairwise_update_count) {
2739 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
2837 sm->wpa_auth->mld_addr, ETH_ALEN, NULL, 0);
2853 wpa_send_eapol(sm->wpa_auth, sm, key_info, NULL,
2870 if (sm->wpa_auth->conf.force_kdk_derivation ||
2871 (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2900 if (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2936 if (!no_kdk && sm->wpa_auth->conf.secure_ltf &&
2962 if (sm->wpa_auth->conf.force_kdk_derivation ||
2963 (sm->wpa_auth->conf.secure_ltf &&
2979 if (sm->wpa_auth->conf.secure_ltf &&
2995 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
2996 struct wpa_auth_config *conf = &wpa_auth->conf;
3061 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3077 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3372 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
3401 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN,
3443 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {
3489 if (wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr, 0,
3496 if (sm->wpa_auth->conf.secure_ltf &&
3498 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
3510 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,
3553 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
3555 if (!wpa_auth->cb->get_sta_tx_params)
3557 return wpa_auth->cb->get_sta_tx_params(wpa_auth->cb_ctx, sm->addr,
3628 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
3641 int owe_ptk_workaround = !!wpa_auth->conf.owe_ptk_workaround;
3656 derive_kdk = sm->wpa_auth->conf.secure_ltf &&
3665 pmk = wpa_auth_get_psk(sm->wpa_auth, sm->addr,
3730 if (!sm->wpa_auth->conf.force_kdk_derivation &&
3752 wpa_auth->conf.radius_psk && wpa_auth->cb->request_radius_psk &&
3755 wpa_auth->cb->request_radius_psk(wpa_auth->cb_ctx, sm->addr,
3765 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
3769 wpa_auth_psk_failure_report(sm->wpa_auth, sm->addr);
3821 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3839 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3848 wpa_sta_disconnect(wpa_auth, sm->addr,
3857 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
3864 wpa_sta_disconnect(wpa_auth, sm->addr,
3875 if (wpa_channel_info(wpa_auth, &ci) != 0) {
3876 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
3892 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
3897 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
3900 if (wpa_auth->conf.msg_ctx)
3901 wpa_msg(wpa_auth->conf.msg_ctx, MSG_INFO,
3911 if (ft && ft_check_msg_2_of_4(wpa_auth, sm, &kde) < 0) {
3912 wpa_sta_disconnect(wpa_auth, sm->addr,
3919 wpa_auth->ip_pool && WPA_GET_BE32(sm->ip_addr) == 0) {
3923 idx = bitfield_get_first_zero(wpa_auth->ip_pool);
3925 u32 start = WPA_GET_BE32(wpa_auth->conf.ip_addr_start);
3926 bitfield_set(wpa_auth->ip_pool, idx);
3946 wpa_auth->conf.dpp_pfs != 2 &&
3951 wpa_sta_disconnect(wpa_auth, sm->addr,
3959 wpa_sta_disconnect(wpa_auth, sm->addr,
3965 wpa_auth_update_vlan(wpa_auth, sm->addr, vlan_id) < 0) {
3966 wpa_sta_disconnect(wpa_auth, sm->addr,
3972 eloop_cancel_timeout(wpa_send_eapol_timeout, sm->wpa_auth, sm);
4012 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
4016 len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4019 if (wpa_auth->conf.tx_bss_auth)
4020 wpa_auth = wpa_auth->conf.tx_bss_auth;
4021 if (sm->mgmt_frame_prot && sm->wpa_auth->conf.beacon_prot) {
4023 len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4036 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
4037 struct wpa_auth_config *conf = &wpa_auth->conf;
4051 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, rsc) < 0)
4069 if (wpa_auth->conf.tx_bss_auth) {
4070 wpa_auth = wpa_auth->conf.tx_bss_auth;
4071 conf = &wpa_auth->conf;
4073 gsm = wpa_auth->group;
4076 if (!sm->wpa_auth->conf.beacon_prot)
4082 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_bigtk, rsc) < 0)
4123 if (wpa_channel_info(sm->wpa_auth, &ci) != 0) {
4228 static void wpa_auth_get_ml_key_info(struct wpa_authenticator *wpa_auth, argument
4231 if (!wpa_auth->cb->get_ml_key_info)
4234 wpa_auth->cb->get_ml_key_info(wpa_auth->cb_ctx, info);
4240 struct wpa_authenticator *wpa_auth; local
4251 wpa_auth = sm->mld_links[link_id].wpa_auth;
4252 if (!wpa_auth || !wpa_auth->group)
4258 kde_len += wpa_auth->group->GTK_len;
4263 if (wpa_auth->conf.tx_bss_auth)
4264 wpa_auth = wpa_auth->conf.tx_bss_auth;
4269 kde_len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4271 if (!wpa_auth->conf.beacon_prot)
4277 kde_len += wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
4301 ml_key_info.beacon_prot = sm->wpa_auth->conf.beacon_prot;
4310 wpa_auth_get_ml_key_info(sm->wpa_auth, &ml_key_info);
4385 if (!sm->wpa_auth->conf.beacon_prot) {
4451 struct wpa_authenticator *wpa_auth; local
4454 wpa_auth = wpa_get_link_auth(sm->wpa_auth, link_id);
4455 if (!wpa_auth)
4459 ie = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4463 ie = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4487 sm->wpa_auth->mld_addr, ETH_ALEN, NULL, 0);
4490 struct wpa_authenticator *wpa_auth; local
4494 wpa_auth = wpa_get_link_auth(sm->wpa_auth, link_id);
4495 if (!wpa_auth)
4498 rsne = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4502 rsnxe = get_ie(wpa_auth->wpa_ie, wpa_auth->wpa_ie_len,
4526 os_memcpy(pos, wpa_auth->addr, ETH_ALEN);
4557 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
4582 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
4584 wpa_ie = sm->wpa_auth->wpa_ie;
4585 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
4616 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
4620 wpa_auth_set_key(sm->wpa_auth, 0,
4626 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4632 if (sm->wpa_auth->conf.secure_ltf &&
4635 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
4640 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4679 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
4854 wpa_send_eapol(sm->wpa_auth, sm,
4897 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm),
4925 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4936 res = wpa_auth_set_key(sm->wpa_auth, 0, 0, sm->addr,
4940 res = wpa_auth_set_key(sm->wpa_auth, 0, alg, sm->addr,
4944 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4950 if (sm->wpa_auth->conf.secure_ltf &&
4953 wpa_auth_set_ltf_keyseed(sm->wpa_auth, sm->addr,
4958 wpa_sta_disconnect(sm->wpa_auth, sm->addr,
4968 wpa_auth_store_ptksa(sm->wpa_auth, sm->addr, sm->pairwise,
4974 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
4982 wpa_auth_set_eapol(sm->wpa_auth, sm->addr,
4986 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_portValid,
4989 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyAvailable,
4991 wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_keyDone, true);
4996 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
4999 wpa_msg(sm->wpa_auth->conf.msg_ctx, MSG_INFO, "EAPOL-4WAY-HS-COMPLETED "
5003 wpa_ft_push_pmk_r1(sm->wpa_auth, wpa_auth_get_spa(sm));
5012 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
5013 struct wpa_auth_config *conf = &wpa_auth->conf;
5019 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
5048 wpa_auth_get_eapol(wpa_auth, sm->addr,
5059 if (wpa_auth_get_eapol(wpa_auth, sm->addr,
5067 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5068 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5075 if (wpa_auth_get_psk(wpa_auth, sm->addr, sm->p2p_dev_addr,
5083 wpa_auth->conf.radius_psk) {
5088 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5091 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5100 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5101 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5133 wpa_auth->dot11RSNA4WayHandshakeFailures++;
5134 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5170 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5196 wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, rsc);
5197 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
5248 wpa_send_eapol(sm->wpa_auth, sm,
5262 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
5292 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5302 if (wpa_channel_info(wpa_auth, &ci) != 0) {
5303 wpa_auth_logger(wpa_auth, wpa_auth_get_spa(sm),
5318 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm),
5321 if (wpa_auth->conf.msg_ctx)
5322 wpa_msg(wpa_auth->conf.msg_ctx, MSG_INFO,
5336 wpa_auth_vlogger(wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5348 if (sm->wpa_auth->conf.no_disconnect_on_group_keyerror &&
5350 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm),
5353 sm->wpa_auth->conf.wpa_group_update_count);
5358 wpa_auth_vlogger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_INFO,
5361 sm->wpa_auth->conf.wpa_group_update_count);
5381 sm->wpa_auth->conf.wpa_group_update_count ||
5382 (sm->wpa_auth->conf.wpa_disable_eapol_key_retries &&
5398 static int wpa_gtk_update(struct wpa_authenticator *wpa_auth, argument
5401 struct wpa_auth_config *conf = &wpa_auth->conf;
5408 wpa_auth->addr, group->GNonce,
5419 wpa_auth->addr, group->GNonce,
5426 if (!wpa_auth->non_tx_beacon_prot &&
5432 if (wpa_auth->conf.tx_bss_auth) {
5433 group = wpa_auth->conf.tx_bss_auth->group;
5443 wpa_auth->addr, group->GNonce,
5454 static void wpa_group_gtk_init(struct wpa_authenticator *wpa_auth, argument
5472 wpa_gtk_update(wpa_auth, group);
5482 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
5494 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
5531 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5546 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN, pos) != 0)
5571 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
5574 size_t len = wpa_cipher_key_len(sm->wpa_auth->conf.group_mgmt_cipher);
5584 if (wpa_auth_get_seqnum(sm->wpa_auth, NULL, gsm->GN_igtk, pos) != 0)
5610 struct wpa_authenticator *wpa_auth = sm->wpa_auth; local
5611 struct wpa_group *gsm = wpa_auth->group;
5613 size_t len = wpa_cipher_key_len(wpa_auth->conf.group_mgmt_cipher);
5623 if (wpa_auth_get_seqnum(wpa_auth, NULL, gsm->GN_bigtk, pos) != 0)
5649 static void wpa_group_update_gtk(struct wpa_authenticator *wpa_auth, argument
5666 wpa_gtk_update(wpa_auth, group);
5670 static void wpa_group_setkeys(struct wpa_authenticator *wpa_auth, argument
5681 if (wpa_auth->is_ml)
5685 wpa_group_update_gtk(wpa_auth, group);
5697 wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, group);
5703 static int wpa_group_config_group_keys(struct wpa_authenticator *wpa_auth, argument
5706 struct wpa_auth_config *conf = &wpa_auth->conf;
5709 if (wpa_auth_set_key(wpa_auth, group->vlan_id,
5724 wpa_auth_set_key(wpa_auth, group->vlan_id, alg,
5732 if (wpa_auth->conf.tx_bss_auth) {
5733 wpa_auth = wpa_auth->conf.tx_bss_auth;
5734 group = wpa_auth->group;
5738 if (wpa_auth_set_key(wpa_auth, group->vlan_id, alg,
5764 static void wpa_group_fatal_failure(struct wpa_authenticator *wpa_auth, argument
5771 wpa_auth_for_each_sta(wpa_auth, wpa_group_disconnect_cb, group);
5775 static int wpa_group_setkeysdone(struct wpa_authenticator *wpa_auth, argument
5784 if (wpa_group_config_group_keys(wpa_auth, group) < 0) {
5785 wpa_group_fatal_failure(wpa_auth, group);
5793 static void wpa_group_sm_step(struct wpa_authenticator *wpa_auth, argument
5797 wpa_group_gtk_init(wpa_auth, group);
5802 wpa_group_setkeysdone(wpa_auth, group);
5805 wpa_group_setkeys(wpa_auth, group);
5808 wpa_group_setkeysdone(wpa_auth, group);
5810 wpa_group_setkeys(wpa_auth, group);
5822 sm->wpa_auth->group->changed = false;
5826 sm->mld_links[link_id].wpa_auth->group->changed = false;
5837 if (!sm || !sm->wpa_auth)
5839 wpa_group_sm_step(sm->wpa_auth, sm->wpa_auth->group);
5843 wpa_group_sm_step(sm->mld_links[link_id].wpa_auth,
5844 sm->mld_links[link_id].wpa_auth->group);
5857 if (!sm || !sm->wpa_auth)
5859 changed = sm->wpa_auth->group->changed;
5863 changed |= sm->mld_links[link_id].wpa_auth->group->changed;
5926 void wpa_gtk_rekey(struct wpa_authenticator *wpa_auth) argument
5931 if (!wpa_auth)
5934 group = wpa_auth->group;
5943 if (!wpa_auth->conf.tx_bss_auth) {
5948 wpa_gtk_update(wpa_auth, group);
5949 wpa_group_config_group_keys(wpa_auth, group);
5964 int wpa_get_mib(struct wpa_authenticator *wpa_auth, char *buf, size_t buflen) argument
5975 if (!wpa_auth)
5977 conf = &wpa_auth->conf;
5992 wpa_auth->dot11RSNAPMKIDUsed, PMKID_LEN);
6028 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteSelected),
6029 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherSelected),
6030 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherSelected),
6032 RSN_SUITE_ARG(wpa_auth->dot11RSNAAuthenticationSuiteRequested),
6033 RSN_SUITE_ARG(wpa_auth->dot11RSNAPairwiseCipherRequested),
6034 RSN_SUITE_ARG(wpa_auth->dot11RSNAGroupCipherRequested),
6035 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked,
6036 wpa_auth->dot11RSNA4WayHandshakeFailures);
6046 wpa_auth->group->wpa_group_state);
6113 void wpa_auth_countermeasures_start(struct wpa_authenticator *wpa_auth) argument
6115 if (wpa_auth)
6116 wpa_auth->dot11RSNATKIPCounterMeasuresInvoked++;
6205 const u8 * wpa_auth_get_wpa_ie(struct wpa_authenticator *wpa_auth, size_t *len) argument
6207 if (!wpa_auth)
6209 *len = wpa_auth->wpa_ie_len;
6210 return wpa_auth->wpa_ie;
6219 sm->wpa_auth->conf.disable_pmksa_caching)
6239 if (pmksa_cache_auth_add(sm->wpa_auth->pmksa, pmk, pmk_len, NULL,
6250 int wpa_auth_pmksa_add_preauth(struct wpa_authenticator *wpa_auth, argument
6255 if (!wpa_auth)
6259 if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, len, NULL,
6261 wpa_auth->addr,
6270 int wpa_auth_pmksa_add_sae(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
6274 if (wpa_auth->conf.disable_pmksa_caching)
6280 if (pmksa_cache_auth_add(wpa_auth->pmksa, pmk, pmk_len, pmkid,
6281 NULL, 0, wpa_auth->addr, addr, 0, NULL, akmp))
6295 int wpa_auth_pmksa_add2(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
6301 if (!wpa_auth || wpa_auth->conf.disable_pmksa_caching)
6305 entry = pmksa_cache_auth_add(wpa_auth->pmksa, pmk, pmk_len, pmkid,
6306 NULL, 0, wpa_auth->addr, addr, session_timeout,
6318 void wpa_auth_pmksa_remove(struct wpa_authenticator *wpa_auth, argument
6323 if (!wpa_auth || !wpa_auth->pmksa)
6325 pmksa = pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, NULL);
6329 pmksa_cache_free_entry(wpa_auth->pmksa, pmksa);
6334 int wpa_auth_pmksa_list(struct wpa_authenticator *wpa_auth, char *buf, argument
6337 if (!wpa_auth || !wpa_auth->pmksa)
6339 return pmksa_cache_auth_list(wpa_auth->pmksa, buf, len);
6343 void wpa_auth_pmksa_flush(struct wpa_authenticator *wpa_auth) argument
6345 if (wpa_auth && wpa_auth->pmksa)
6346 pmksa_cache_auth_flush(wpa_auth->pmksa);
6353 int wpa_auth_pmksa_list_mesh(struct wpa_authenticator *wpa_auth, const u8 *addr, argument
6356 if (!wpa_auth || !wpa_auth->pmksa)
6359 return pmksa_cache_auth_list_mesh(wpa_auth->pmksa, addr, buf, len);
6382 int wpa_auth_pmksa_add_entry(struct wpa_authenticator *wpa_auth, argument
6387 if (!wpa_auth || !wpa_auth->pmksa)
6390 ret = pmksa_cache_auth_add_entry(wpa_auth->pmksa, entry);
6404 wpa_auth_get_pmksa_cache(struct wpa_authenticator *wpa_auth) argument
6406 if (!wpa_auth || !wpa_auth->pmksa)
6408 return wpa_auth->pmksa;
6413 wpa_auth_pmksa_get(struct wpa_authenticator *wpa_auth, const u8 *sta_addr, argument
6416 if (!wpa_auth || !wpa_auth->pmksa)
6418 return pmksa_cache_auth_get(wpa_auth->pmksa, sta_addr, pmkid);
6424 struct wpa_authenticator *wpa_auth, argument
6434 os_memcpy(wpa_auth->dot11RSNAPMKIDUsed, pmksa->pmkid, PMKID_LEN);
6443 static void wpa_group_free(struct wpa_authenticator *wpa_auth, argument
6446 struct wpa_group *prev = wpa_auth->group;
6465 static void wpa_group_get(struct wpa_authenticator *wpa_auth, argument
6469 if (wpa_auth->group == group)
6477 static void wpa_group_put(struct wpa_authenticator *wpa_auth, argument
6481 if (wpa_auth->group == group)
6487 wpa_group_free(wpa_auth, group);
6496 wpa_auth_add_group(struct wpa_authenticator *wpa_auth, int vlan_id) argument
6500 if (!wpa_auth || !wpa_auth->group)
6505 group = wpa_group_init(wpa_auth, vlan_id, 0);
6509 group->next = wpa_auth->group->next;
6510 wpa_auth->group->next = group;
6522 int wpa_auth_ensure_group(struct wpa_authenticator *wpa_auth, int vlan_id) argument
6526 if (!wpa_auth)
6529 group = wpa_auth->group;
6537 group = wpa_auth_add_group(wpa_auth, vlan_id);
6546 wpa_group_get(wpa_auth, group);
6562 int wpa_auth_release_group(struct wpa_authenticator *wpa_auth, int vlan_id) argument
6567 if (!wpa_auth)
6570 group = wpa_auth->group;
6602 wpa_group_put(wpa_auth, group);
6612 if (!sm || !sm->wpa_auth)
6615 group = sm->wpa_auth->group;
6623 group = wpa_auth_add_group(sm->wpa_auth, vlan_id);
6638 wpa_group_get(sm->wpa_auth, group);
6639 wpa_group_put(sm->wpa_auth, sm->group);
6646 void wpa_auth_eapol_key_tx_status(struct wpa_authenticator *wpa_auth, argument
6649 if (!wpa_auth || !sm)
6668 eloop_cancel_timeout(wpa_send_eapol_timeout, wpa_auth, sm);
6671 wpa_send_eapol_timeout, wpa_auth, sm);
6712 int wpa_auth_radius_das_disconnect_pmksa(struct wpa_authenticator *wpa_auth, argument
6715 return pmksa_cache_auth_radius_das_disconnect(wpa_auth->pmksa, attr);
6719 void wpa_auth_reconfig_group_keys(struct wpa_authenticator *wpa_auth) argument
6723 if (!wpa_auth)
6725 for (group = wpa_auth->group; group; group = group->next)
6726 wpa_group_config_group_keys(wpa_auth, group);
6755 wpa_auth_pmksa_get_fils_cache_id(struct wpa_authenticator *wpa_auth, argument
6760 if (!wpa_auth->conf.fils_cache_id_set)
6762 idata.auth = wpa_auth;
6763 idata.cache_id = wpa_auth->conf.fils_cache_id;
6767 wpa_auth_for_each_auth(wpa_auth, wpa_auth_fils_iter, &idata);
6773 int wpa_auth_write_fte(struct wpa_authenticator *wpa_auth, argument
6777 struct wpa_auth_config *conf = &wpa_auth->conf;
6834 void wpa_auth_set_transition_disable(struct wpa_authenticator *wpa_auth, argument
6837 if (wpa_auth)
6838 wpa_auth->conf.transition_disable = val;
6857 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
6859 wpa_send_eapol(sm->wpa_auth, sm,
6873 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
6886 wpa_ie = sm->wpa_auth->wpa_ie;
6887 wpa_ie_len = sm->wpa_auth->wpa_ie_len;
6889 (sm->wpa_auth->conf.wpa & WPA_PROTO_RSN) &&
6899 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
6924 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm),
7034 wpa_send_eapol(sm->wpa_auth, sm,
7051 struct wpa_auth_config *conf = &sm->wpa_auth->conf;
7062 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7101 wpa_send_eapol(sm->wpa_auth, sm,
7114 int wpa_auth_rekey_gtk(struct wpa_authenticator *wpa_auth) argument
7116 if (!wpa_auth)
7119 wpa_get_primary_auth(wpa_auth), NULL);
7121 wpa_get_primary_auth(wpa_auth), NULL);
7125 int wpa_auth_rekey_ptk(struct wpa_authenticator *wpa_auth, argument
7128 if (!wpa_auth || !sm)
7130 wpa_auth_logger(wpa_auth, sm->addr, LOGGER_DEBUG, "rekeying PTK");
7137 void wpa_auth_set_ft_rsnxe_used(struct wpa_authenticator *wpa_auth, int val) argument
7139 if (wpa_auth)
7140 wpa_auth->conf.ft_rsnxe_used = val;
7144 void wpa_auth_set_ocv_override_freq(struct wpa_authenticator *wpa_auth, argument
7148 if (!wpa_auth)
7152 wpa_auth->conf.oci_freq_override_eapol_m3 = freq;
7155 wpa_auth->conf.oci_freq_override_eapol_g1 = freq;
7158 wpa_auth->conf.oci_freq_override_ft_assoc = freq;
7161 wpa_auth->conf.oci_freq_override_fils_assoc = freq;
7206 wpa_auth_logger(sm->wpa_auth, wpa_auth_get_spa(sm), LOGGER_DEBUG,
7234 ctx.wpa_auth = NULL;
7235 wpa_auth_for_each_auth(sm->wpa_auth,
7237 if (ctx.wpa_auth) {
7238 sm_link->wpa_auth = ctx.wpa_auth;
7239 wpa_group_get(sm_link->wpa_auth,
7240 sm_link->wpa_auth->group);
7243 sm_link->wpa_auth = sm->wpa_auth;
7246 if (!sm_link->wpa_auth)
7250 MAC2STR(sm->wpa_auth->mld_addr),