xref: /dragonfly/contrib/wpa_supplicant/src/common/ieee802_11_common.c (revision 3a84a4273475ed07d0ab1c2dfeffdfedef35d9cd) 
1 /*
2  * IEEE 802.11 Common routines
3  * Copyright (c) 2002-2019, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #include "includes.h"
10 
11 #include "common.h"
12 #include "defs.h"
13 #include "wpa_common.h"
14 #include "drivers/driver.h"
15 #include "qca-vendor.h"
16 #include "ieee802_11_defs.h"
17 #include "ieee802_11_common.h"
18 
19 
ieee802_11_parse_vendor_specific(const u8 * pos,size_t elen,struct ieee802_11_elems * elems,int show_errors)20 static int ieee802_11_parse_vendor_specific(const u8 *pos, size_t elen,
21                                                       struct ieee802_11_elems *elems,
22                                                       int show_errors)
23 {
24           unsigned int oui;
25 
26           /* first 3 bytes in vendor specific information element are the IEEE
27            * OUI of the vendor. The following byte is used a vendor specific
28            * sub-type. */
29           if (elen < 4) {
30                     if (show_errors) {
31                               wpa_printf(MSG_MSGDUMP, "short vendor specific "
32                                            "information element ignored (len=%lu)",
33                                            (unsigned long) elen);
34                     }
35                     return -1;
36           }
37 
38           oui = WPA_GET_BE24(pos);
39           switch (oui) {
40           case OUI_MICROSOFT:
41                     /* Microsoft/Wi-Fi information elements are further typed and
42                      * subtyped */
43                     switch (pos[3]) {
44                     case 1:
45                               /* Microsoft OUI (00:50:F2) with OUI Type 1:
46                                * real WPA information element */
47                               elems->wpa_ie = pos;
48                               elems->wpa_ie_len = elen;
49                               break;
50                     case WMM_OUI_TYPE:
51                               /* WMM information element */
52                               if (elen < 5) {
53                                         wpa_printf(MSG_MSGDUMP, "short WMM "
54                                                      "information element ignored "
55                                                      "(len=%lu)",
56                                                      (unsigned long) elen);
57                                         return -1;
58                               }
59                               switch (pos[4]) {
60                               case WMM_OUI_SUBTYPE_INFORMATION_ELEMENT:
61                               case WMM_OUI_SUBTYPE_PARAMETER_ELEMENT:
62                                         /*
63                                          * Share same pointer since only one of these
64                                          * is used and they start with same data.
65                                          * Length field can be used to distinguish the
66                                          * IEs.
67                                          */
68                                         elems->wmm = pos;
69                                         elems->wmm_len = elen;
70                                         break;
71                               case WMM_OUI_SUBTYPE_TSPEC_ELEMENT:
72                                         elems->wmm_tspec = pos;
73                                         elems->wmm_tspec_len = elen;
74                                         break;
75                               default:
76                                         wpa_printf(MSG_EXCESSIVE, "unknown WMM "
77                                                      "information element ignored "
78                                                      "(subtype=%d len=%lu)",
79                                                      pos[4], (unsigned long) elen);
80                                         return -1;
81                               }
82                               break;
83                     case 4:
84                               /* Wi-Fi Protected Setup (WPS) IE */
85                               elems->wps_ie = pos;
86                               elems->wps_ie_len = elen;
87                               break;
88                     default:
89                               wpa_printf(MSG_EXCESSIVE, "Unknown Microsoft "
90                                            "information element ignored "
91                                            "(type=%d len=%lu)",
92                                            pos[3], (unsigned long) elen);
93                               return -1;
94                     }
95                     break;
96 
97           case OUI_WFA:
98                     switch (pos[3]) {
99                     case P2P_OUI_TYPE:
100                               /* Wi-Fi Alliance - P2P IE */
101                               elems->p2p = pos;
102                               elems->p2p_len = elen;
103                               break;
104                     case WFD_OUI_TYPE:
105                               /* Wi-Fi Alliance - WFD IE */
106                               elems->wfd = pos;
107                               elems->wfd_len = elen;
108                               break;
109                     case HS20_INDICATION_OUI_TYPE:
110                               /* Hotspot 2.0 */
111                               elems->hs20 = pos;
112                               elems->hs20_len = elen;
113                               break;
114                     case HS20_OSEN_OUI_TYPE:
115                               /* Hotspot 2.0 OSEN */
116                               elems->osen = pos;
117                               elems->osen_len = elen;
118                               break;
119                     case MBO_OUI_TYPE:
120                               /* MBO-OCE */
121                               elems->mbo = pos;
122                               elems->mbo_len = elen;
123                               break;
124                     case HS20_ROAMING_CONS_SEL_OUI_TYPE:
125                               /* Hotspot 2.0 Roaming Consortium Selection */
126                               elems->roaming_cons_sel = pos;
127                               elems->roaming_cons_sel_len = elen;
128                               break;
129                     case MULTI_AP_OUI_TYPE:
130                               elems->multi_ap = pos;
131                               elems->multi_ap_len = elen;
132                               break;
133                     default:
134                               wpa_printf(MSG_MSGDUMP, "Unknown WFA "
135                                            "information element ignored "
136                                            "(type=%d len=%lu)",
137                                            pos[3], (unsigned long) elen);
138                               return -1;
139                     }
140                     break;
141 
142           case OUI_BROADCOM:
143                     switch (pos[3]) {
144                     case VENDOR_HT_CAPAB_OUI_TYPE:
145                               elems->vendor_ht_cap = pos;
146                               elems->vendor_ht_cap_len = elen;
147                               break;
148                     case VENDOR_VHT_TYPE:
149                               if (elen > 4 &&
150                                   (pos[4] == VENDOR_VHT_SUBTYPE ||
151                                    pos[4] == VENDOR_VHT_SUBTYPE2)) {
152                                         elems->vendor_vht = pos;
153                                         elems->vendor_vht_len = elen;
154                               } else
155                                         return -1;
156                               break;
157                     default:
158                               wpa_printf(MSG_EXCESSIVE, "Unknown Broadcom "
159                                            "information element ignored "
160                                            "(type=%d len=%lu)",
161                                            pos[3], (unsigned long) elen);
162                               return -1;
163                     }
164                     break;
165 
166           case OUI_QCA:
167                     switch (pos[3]) {
168                     case QCA_VENDOR_ELEM_P2P_PREF_CHAN_LIST:
169                               elems->pref_freq_list = pos;
170                               elems->pref_freq_list_len = elen;
171                               break;
172                     default:
173                               wpa_printf(MSG_EXCESSIVE,
174                                            "Unknown QCA information element ignored (type=%d len=%lu)",
175                                            pos[3], (unsigned long) elen);
176                               return -1;
177                     }
178                     break;
179 
180           default:
181                     wpa_printf(MSG_EXCESSIVE, "unknown vendor specific "
182                                  "information element ignored (vendor OUI "
183                                  "%02x:%02x:%02x len=%lu)",
184                                  pos[0], pos[1], pos[2], (unsigned long) elen);
185                     return -1;
186           }
187 
188           return 0;
189 }
190 
191 
ieee802_11_parse_extension(const u8 * pos,size_t elen,struct ieee802_11_elems * elems,int show_errors)192 static int ieee802_11_parse_extension(const u8 *pos, size_t elen,
193                                               struct ieee802_11_elems *elems,
194                                               int show_errors)
195 {
196           u8 ext_id;
197 
198           if (elen < 1) {
199                     if (show_errors) {
200                               wpa_printf(MSG_MSGDUMP,
201                                            "short information element (Ext)");
202                     }
203                     return -1;
204           }
205 
206           ext_id = *pos++;
207           elen--;
208 
209           switch (ext_id) {
210           case WLAN_EID_EXT_ASSOC_DELAY_INFO:
211                     if (elen != 1)
212                               break;
213                     elems->assoc_delay_info = pos;
214                     break;
215           case WLAN_EID_EXT_FILS_REQ_PARAMS:
216                     if (elen < 3)
217                               break;
218                     elems->fils_req_params = pos;
219                     elems->fils_req_params_len = elen;
220                     break;
221           case WLAN_EID_EXT_FILS_KEY_CONFIRM:
222                     elems->fils_key_confirm = pos;
223                     elems->fils_key_confirm_len = elen;
224                     break;
225           case WLAN_EID_EXT_FILS_SESSION:
226                     if (elen != FILS_SESSION_LEN)
227                               break;
228                     elems->fils_session = pos;
229                     break;
230           case WLAN_EID_EXT_FILS_HLP_CONTAINER:
231                     if (elen < 2 * ETH_ALEN)
232                               break;
233                     elems->fils_hlp = pos;
234                     elems->fils_hlp_len = elen;
235                     break;
236           case WLAN_EID_EXT_FILS_IP_ADDR_ASSIGN:
237                     if (elen < 1)
238                               break;
239                     elems->fils_ip_addr_assign = pos;
240                     elems->fils_ip_addr_assign_len = elen;
241                     break;
242           case WLAN_EID_EXT_KEY_DELIVERY:
243                     if (elen < WPA_KEY_RSC_LEN)
244                               break;
245                     elems->key_delivery = pos;
246                     elems->key_delivery_len = elen;
247                     break;
248           case WLAN_EID_EXT_FILS_WRAPPED_DATA:
249                     elems->fils_wrapped_data = pos;
250                     elems->fils_wrapped_data_len = elen;
251                     break;
252           case WLAN_EID_EXT_FILS_PUBLIC_KEY:
253                     if (elen < 1)
254                               break;
255                     elems->fils_pk = pos;
256                     elems->fils_pk_len = elen;
257                     break;
258           case WLAN_EID_EXT_FILS_NONCE:
259                     if (elen != FILS_NONCE_LEN)
260                               break;
261                     elems->fils_nonce = pos;
262                     break;
263           case WLAN_EID_EXT_OWE_DH_PARAM:
264                     if (elen < 2)
265                               break;
266                     elems->owe_dh = pos;
267                     elems->owe_dh_len = elen;
268                     break;
269           case WLAN_EID_EXT_PASSWORD_IDENTIFIER:
270                     elems->password_id = pos;
271                     elems->password_id_len = elen;
272                     break;
273           case WLAN_EID_EXT_HE_CAPABILITIES:
274                     elems->he_capabilities = pos;
275                     elems->he_capabilities_len = elen;
276                     break;
277           case WLAN_EID_EXT_HE_OPERATION:
278                     elems->he_operation = pos;
279                     elems->he_operation_len = elen;
280                     break;
281           case WLAN_EID_EXT_OCV_OCI:
282                     elems->oci = pos;
283                     elems->oci_len = elen;
284                     break;
285           default:
286                     if (show_errors) {
287                               wpa_printf(MSG_MSGDUMP,
288                                            "IEEE 802.11 element parsing ignored unknown element extension (ext_id=%u elen=%u)",
289                                            ext_id, (unsigned int) elen);
290                     }
291                     return -1;
292           }
293 
294           return 0;
295 }
296 
297 
298 /**
299  * ieee802_11_parse_elems - Parse information elements in management frames
300  * @start: Pointer to the start of IEs
301  * @len: Length of IE buffer in octets
302  * @elems: Data structure for parsed elements
303  * @show_errors: Whether to show parsing errors in debug log
304  * Returns: Parsing result
305  */
ieee802_11_parse_elems(const u8 * start,size_t len,struct ieee802_11_elems * elems,int show_errors)306 ParseRes ieee802_11_parse_elems(const u8 *start, size_t len,
307                                         struct ieee802_11_elems *elems,
308                                         int show_errors)
309 {
310           const struct element *elem;
311           int unknown = 0;
312 
313           os_memset(elems, 0, sizeof(*elems));
314 
315           if (!start)
316                     return ParseOK;
317 
318           for_each_element(elem, start, len) {
319                     u8 id = elem->id, elen = elem->datalen;
320                     const u8 *pos = elem->data;
321 
322                     switch (id) {
323                     case WLAN_EID_SSID:
324                               if (elen > SSID_MAX_LEN) {
325                                         wpa_printf(MSG_DEBUG,
326                                                      "Ignored too long SSID element (elen=%u)",
327                                                      elen);
328                                         break;
329                               }
330                               elems->ssid = pos;
331                               elems->ssid_len = elen;
332                               break;
333                     case WLAN_EID_SUPP_RATES:
334                               elems->supp_rates = pos;
335                               elems->supp_rates_len = elen;
336                               break;
337                     case WLAN_EID_DS_PARAMS:
338                               if (elen < 1)
339                                         break;
340                               elems->ds_params = pos;
341                               break;
342                     case WLAN_EID_CF_PARAMS:
343                     case WLAN_EID_TIM:
344                               break;
345                     case WLAN_EID_CHALLENGE:
346                               elems->challenge = pos;
347                               elems->challenge_len = elen;
348                               break;
349                     case WLAN_EID_ERP_INFO:
350                               if (elen < 1)
351                                         break;
352                               elems->erp_info = pos;
353                               break;
354                     case WLAN_EID_EXT_SUPP_RATES:
355                               elems->ext_supp_rates = pos;
356                               elems->ext_supp_rates_len = elen;
357                               break;
358                     case WLAN_EID_VENDOR_SPECIFIC:
359                               if (ieee802_11_parse_vendor_specific(pos, elen,
360                                                                            elems,
361                                                                            show_errors))
362                                         unknown++;
363                               break;
364                     case WLAN_EID_RSN:
365                               elems->rsn_ie = pos;
366                               elems->rsn_ie_len = elen;
367                               break;
368                     case WLAN_EID_PWR_CAPABILITY:
369                               if (elen < 2)
370                                         break;
371                               elems->power_capab = pos;
372                               elems->power_capab_len = elen;
373                               break;
374                     case WLAN_EID_SUPPORTED_CHANNELS:
375                               elems->supp_channels = pos;
376                               elems->supp_channels_len = elen;
377                               break;
378                     case WLAN_EID_MOBILITY_DOMAIN:
379                               if (elen < sizeof(struct rsn_mdie))
380                                         break;
381                               elems->mdie = pos;
382                               elems->mdie_len = elen;
383                               break;
384                     case WLAN_EID_FAST_BSS_TRANSITION:
385                               if (elen < sizeof(struct rsn_ftie))
386                                         break;
387                               elems->ftie = pos;
388                               elems->ftie_len = elen;
389                               break;
390                     case WLAN_EID_TIMEOUT_INTERVAL:
391                               if (elen != 5)
392                                         break;
393                               elems->timeout_int = pos;
394                               break;
395                     case WLAN_EID_HT_CAP:
396                               if (elen < sizeof(struct ieee80211_ht_capabilities))
397                                         break;
398                               elems->ht_capabilities = pos;
399                               break;
400                     case WLAN_EID_HT_OPERATION:
401                               if (elen < sizeof(struct ieee80211_ht_operation))
402                                         break;
403                               elems->ht_operation = pos;
404                               break;
405                     case WLAN_EID_MESH_CONFIG:
406                               elems->mesh_config = pos;
407                               elems->mesh_config_len = elen;
408                               break;
409                     case WLAN_EID_MESH_ID:
410                               elems->mesh_id = pos;
411                               elems->mesh_id_len = elen;
412                               break;
413                     case WLAN_EID_PEER_MGMT:
414                               elems->peer_mgmt = pos;
415                               elems->peer_mgmt_len = elen;
416                               break;
417                     case WLAN_EID_VHT_CAP:
418                               if (elen < sizeof(struct ieee80211_vht_capabilities))
419                                         break;
420                               elems->vht_capabilities = pos;
421                               break;
422                     case WLAN_EID_VHT_OPERATION:
423                               if (elen < sizeof(struct ieee80211_vht_operation))
424                                         break;
425                               elems->vht_operation = pos;
426                               break;
427                     case WLAN_EID_VHT_OPERATING_MODE_NOTIFICATION:
428                               if (elen != 1)
429                                         break;
430                               elems->vht_opmode_notif = pos;
431                               break;
432                     case WLAN_EID_LINK_ID:
433                               if (elen < 18)
434                                         break;
435                               elems->link_id = pos;
436                               break;
437                     case WLAN_EID_INTERWORKING:
438                               elems->interworking = pos;
439                               elems->interworking_len = elen;
440                               break;
441                     case WLAN_EID_QOS_MAP_SET:
442                               if (elen < 16)
443                                         break;
444                               elems->qos_map_set = pos;
445                               elems->qos_map_set_len = elen;
446                               break;
447                     case WLAN_EID_EXT_CAPAB:
448                               elems->ext_capab = pos;
449                               elems->ext_capab_len = elen;
450                               break;
451                     case WLAN_EID_BSS_MAX_IDLE_PERIOD:
452                               if (elen < 3)
453                                         break;
454                               elems->bss_max_idle_period = pos;
455                               break;
456                     case WLAN_EID_SSID_LIST:
457                               elems->ssid_list = pos;
458                               elems->ssid_list_len = elen;
459                               break;
460                     case WLAN_EID_AMPE:
461                               elems->ampe = pos;
462                               elems->ampe_len = elen;
463                               break;
464                     case WLAN_EID_MIC:
465                               elems->mic = pos;
466                               elems->mic_len = elen;
467                               /* after mic everything is encrypted, so stop. */
468                               goto done;
469                     case WLAN_EID_MULTI_BAND:
470                               if (elems->mb_ies.nof_ies >= MAX_NOF_MB_IES_SUPPORTED) {
471                                         wpa_printf(MSG_MSGDUMP,
472                                                      "IEEE 802.11 element parse ignored MB IE (id=%d elen=%d)",
473                                                      id, elen);
474                                         break;
475                               }
476 
477                               elems->mb_ies.ies[elems->mb_ies.nof_ies].ie = pos;
478                               elems->mb_ies.ies[elems->mb_ies.nof_ies].ie_len = elen;
479                               elems->mb_ies.nof_ies++;
480                               break;
481                     case WLAN_EID_SUPPORTED_OPERATING_CLASSES:
482                               elems->supp_op_classes = pos;
483                               elems->supp_op_classes_len = elen;
484                               break;
485                     case WLAN_EID_RRM_ENABLED_CAPABILITIES:
486                               elems->rrm_enabled = pos;
487                               elems->rrm_enabled_len = elen;
488                               break;
489                     case WLAN_EID_CAG_NUMBER:
490                               elems->cag_number = pos;
491                               elems->cag_number_len = elen;
492                               break;
493                     case WLAN_EID_AP_CSN:
494                               if (elen < 1)
495                                         break;
496                               elems->ap_csn = pos;
497                               break;
498                     case WLAN_EID_FILS_INDICATION:
499                               if (elen < 2)
500                                         break;
501                               elems->fils_indic = pos;
502                               elems->fils_indic_len = elen;
503                               break;
504                     case WLAN_EID_DILS:
505                               if (elen < 2)
506                                         break;
507                               elems->dils = pos;
508                               elems->dils_len = elen;
509                               break;
510                     case WLAN_EID_FRAGMENT:
511                               /* TODO */
512                               break;
513                     case WLAN_EID_EXTENSION:
514                               if (ieee802_11_parse_extension(pos, elen, elems,
515                                                                    show_errors))
516                                         unknown++;
517                               break;
518                     default:
519                               unknown++;
520                               if (!show_errors)
521                                         break;
522                               wpa_printf(MSG_MSGDUMP, "IEEE 802.11 element parse "
523                                            "ignored unknown element (id=%d elen=%d)",
524                                            id, elen);
525                               break;
526                     }
527           }
528 
529           if (!for_each_element_completed(elem, start, len)) {
530                     if (show_errors) {
531                               wpa_printf(MSG_DEBUG,
532                                            "IEEE 802.11 element parse failed @%d",
533                                            (int) (start + len - (const u8 *) elem));
534                               wpa_hexdump(MSG_MSGDUMP, "IEs", start, len);
535                     }
536                     return ParseFailed;
537           }
538 
539 done:
540           return unknown ? ParseUnknown : ParseOK;
541 }
542 
543 
ieee802_11_ie_count(const u8 * ies,size_t ies_len)544 int ieee802_11_ie_count(const u8 *ies, size_t ies_len)
545 {
546           const struct element *elem;
547           int count = 0;
548 
549           if (ies == NULL)
550                     return 0;
551 
552           for_each_element(elem, ies, ies_len)
553                     count++;
554 
555           return count;
556 }
557 
558 
ieee802_11_vendor_ie_concat(const u8 * ies,size_t ies_len,u32 oui_type)559 struct wpabuf * ieee802_11_vendor_ie_concat(const u8 *ies, size_t ies_len,
560                                                       u32 oui_type)
561 {
562           struct wpabuf *buf;
563           const struct element *elem, *found = NULL;
564 
565           for_each_element_id(elem, WLAN_EID_VENDOR_SPECIFIC, ies, ies_len) {
566                     if (elem->datalen >= 4 &&
567                         WPA_GET_BE32(elem->data) == oui_type) {
568                               found = elem;
569                               break;
570                     }
571           }
572 
573           if (!found)
574                     return NULL; /* No specified vendor IE found */
575 
576           buf = wpabuf_alloc(ies_len);
577           if (buf == NULL)
578                     return NULL;
579 
580           /*
581            * There may be multiple vendor IEs in the message, so need to
582            * concatenate their data fields.
583            */
584           for_each_element_id(elem, WLAN_EID_VENDOR_SPECIFIC, ies, ies_len) {
585                     if (elem->datalen >= 4 && WPA_GET_BE32(elem->data) == oui_type)
586                               wpabuf_put_data(buf, elem->data + 4, elem->datalen - 4);
587           }
588 
589           return buf;
590 }
591 
592 
get_hdr_bssid(const struct ieee80211_hdr * hdr,size_t len)593 const u8 * get_hdr_bssid(const struct ieee80211_hdr *hdr, size_t len)
594 {
595           u16 fc, type, stype;
596 
597           /*
598            * PS-Poll frames are 16 bytes. All other frames are
599            * 24 bytes or longer.
600            */
601           if (len < 16)
602                     return NULL;
603 
604           fc = le_to_host16(hdr->frame_control);
605           type = WLAN_FC_GET_TYPE(fc);
606           stype = WLAN_FC_GET_STYPE(fc);
607 
608           switch (type) {
609           case WLAN_FC_TYPE_DATA:
610                     if (len < 24)
611                               return NULL;
612                     switch (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) {
613                     case WLAN_FC_FROMDS | WLAN_FC_TODS:
614                     case WLAN_FC_TODS:
615                               return hdr->addr1;
616                     case WLAN_FC_FROMDS:
617                               return hdr->addr2;
618                     default:
619                               return NULL;
620                     }
621           case WLAN_FC_TYPE_CTRL:
622                     if (stype != WLAN_FC_STYPE_PSPOLL)
623                               return NULL;
624                     return hdr->addr1;
625           case WLAN_FC_TYPE_MGMT:
626                     return hdr->addr3;
627           default:
628                     return NULL;
629           }
630 }
631 
632 
hostapd_config_wmm_ac(struct hostapd_wmm_ac_params wmm_ac_params[],const char * name,const char * val)633 int hostapd_config_wmm_ac(struct hostapd_wmm_ac_params wmm_ac_params[],
634                                 const char *name, const char *val)
635 {
636           int num, v;
637           const char *pos;
638           struct hostapd_wmm_ac_params *ac;
639 
640           /* skip 'wme_ac_' or 'wmm_ac_' prefix */
641           pos = name + 7;
642           if (os_strncmp(pos, "be_", 3) == 0) {
643                     num = 0;
644                     pos += 3;
645           } else if (os_strncmp(pos, "bk_", 3) == 0) {
646                     num = 1;
647                     pos += 3;
648           } else if (os_strncmp(pos, "vi_", 3) == 0) {
649                     num = 2;
650                     pos += 3;
651           } else if (os_strncmp(pos, "vo_", 3) == 0) {
652                     num = 3;
653                     pos += 3;
654           } else {
655                     wpa_printf(MSG_ERROR, "Unknown WMM name '%s'", pos);
656                     return -1;
657           }
658 
659           ac = &wmm_ac_params[num];
660 
661           if (os_strcmp(pos, "aifs") == 0) {
662                     v = atoi(val);
663                     if (v < 1 || v > 255) {
664                               wpa_printf(MSG_ERROR, "Invalid AIFS value %d", v);
665                               return -1;
666                     }
667                     ac->aifs = v;
668           } else if (os_strcmp(pos, "cwmin") == 0) {
669                     v = atoi(val);
670                     if (v < 0 || v > 15) {
671                               wpa_printf(MSG_ERROR, "Invalid cwMin value %d", v);
672                               return -1;
673                     }
674                     ac->cwmin = v;
675           } else if (os_strcmp(pos, "cwmax") == 0) {
676                     v = atoi(val);
677                     if (v < 0 || v > 15) {
678                               wpa_printf(MSG_ERROR, "Invalid cwMax value %d", v);
679                               return -1;
680                     }
681                     ac->cwmax = v;
682           } else if (os_strcmp(pos, "txop_limit") == 0) {
683                     v = atoi(val);
684                     if (v < 0 || v > 0xffff) {
685                               wpa_printf(MSG_ERROR, "Invalid txop value %d", v);
686                               return -1;
687                     }
688                     ac->txop_limit = v;
689           } else if (os_strcmp(pos, "acm") == 0) {
690                     v = atoi(val);
691                     if (v < 0 || v > 1) {
692                               wpa_printf(MSG_ERROR, "Invalid acm value %d", v);
693                               return -1;
694                     }
695                     ac->admission_control_mandatory = v;
696           } else {
697                     wpa_printf(MSG_ERROR, "Unknown wmm_ac_ field '%s'", pos);
698                     return -1;
699           }
700 
701           return 0;
702 }
703 
704 
ieee80211_freq_to_chan(int freq,u8 * channel)705 enum hostapd_hw_mode ieee80211_freq_to_chan(int freq, u8 *channel)
706 {
707           u8 op_class;
708 
709           return ieee80211_freq_to_channel_ext(freq, 0, CHANWIDTH_USE_HT,
710                                                        &op_class, channel);
711 }
712 
713 
714 /**
715  * ieee80211_freq_to_channel_ext - Convert frequency into channel info
716  * for HT40 and VHT. DFS channels are not covered.
717  * @freq: Frequency (MHz) to convert
718  * @sec_channel: 0 = non-HT40, 1 = sec. channel above, -1 = sec. channel below
719  * @vht: VHT channel width (CHANWIDTH_*)
720  * @op_class: Buffer for returning operating class
721  * @channel: Buffer for returning channel number
722  * Returns: hw_mode on success, NUM_HOSTAPD_MODES on failure
723  */
ieee80211_freq_to_channel_ext(unsigned int freq,int sec_channel,int vht,u8 * op_class,u8 * channel)724 enum hostapd_hw_mode ieee80211_freq_to_channel_ext(unsigned int freq,
725                                                                int sec_channel, int vht,
726                                                                u8 *op_class, u8 *channel)
727 {
728           u8 vht_opclass;
729 
730           /* TODO: more operating classes */
731 
732           if (sec_channel > 1 || sec_channel < -1)
733                     return NUM_HOSTAPD_MODES;
734 
735           if (freq >= 2412 && freq <= 2472) {
736                     if ((freq - 2407) % 5)
737                               return NUM_HOSTAPD_MODES;
738 
739                     if (vht)
740                               return NUM_HOSTAPD_MODES;
741 
742                     /* 2.407 GHz, channels 1..13 */
743                     if (sec_channel == 1)
744                               *op_class = 83;
745                     else if (sec_channel == -1)
746                               *op_class = 84;
747                     else
748                               *op_class = 81;
749 
750                     *channel = (freq - 2407) / 5;
751 
752                     return HOSTAPD_MODE_IEEE80211G;
753           }
754 
755           if (freq == 2484) {
756                     if (sec_channel || vht)
757                               return NUM_HOSTAPD_MODES;
758 
759                     *op_class = 82; /* channel 14 */
760                     *channel = 14;
761 
762                     return HOSTAPD_MODE_IEEE80211B;
763           }
764 
765           if (freq >= 4900 && freq < 5000) {
766                     if ((freq - 4000) % 5)
767                               return NUM_HOSTAPD_MODES;
768                     *channel = (freq - 4000) / 5;
769                     *op_class = 0; /* TODO */
770                     return HOSTAPD_MODE_IEEE80211A;
771           }
772 
773           switch (vht) {
774           case CHANWIDTH_80MHZ:
775                     vht_opclass = 128;
776                     break;
777           case CHANWIDTH_160MHZ:
778                     vht_opclass = 129;
779                     break;
780           case CHANWIDTH_80P80MHZ:
781                     vht_opclass = 130;
782                     break;
783           default:
784                     vht_opclass = 0;
785                     break;
786           }
787 
788           /* 5 GHz, channels 36..48 */
789           if (freq >= 5180 && freq <= 5240) {
790                     if ((freq - 5000) % 5)
791                               return NUM_HOSTAPD_MODES;
792 
793                     if (vht_opclass)
794                               *op_class = vht_opclass;
795                     else if (sec_channel == 1)
796                               *op_class = 116;
797                     else if (sec_channel == -1)
798                               *op_class = 117;
799                     else
800                               *op_class = 115;
801 
802                     *channel = (freq - 5000) / 5;
803 
804                     return HOSTAPD_MODE_IEEE80211A;
805           }
806 
807           /* 5 GHz, channels 52..64 */
808           if (freq >= 5260 && freq <= 5320) {
809                     if ((freq - 5000) % 5)
810                               return NUM_HOSTAPD_MODES;
811 
812                     if (vht_opclass)
813                               *op_class = vht_opclass;
814                     else if (sec_channel == 1)
815                               *op_class = 119;
816                     else if (sec_channel == -1)
817                               *op_class = 120;
818                     else
819                               *op_class = 118;
820 
821                     *channel = (freq - 5000) / 5;
822 
823                     return HOSTAPD_MODE_IEEE80211A;
824           }
825 
826           /* 5 GHz, channels 149..169 */
827           if (freq >= 5745 && freq <= 5845) {
828                     if ((freq - 5000) % 5)
829                               return NUM_HOSTAPD_MODES;
830 
831                     if (vht_opclass)
832                               *op_class = vht_opclass;
833                     else if (sec_channel == 1)
834                               *op_class = 126;
835                     else if (sec_channel == -1)
836                               *op_class = 127;
837                     else if (freq <= 5805)
838                               *op_class = 124;
839                     else
840                               *op_class = 125;
841 
842                     *channel = (freq - 5000) / 5;
843 
844                     return HOSTAPD_MODE_IEEE80211A;
845           }
846 
847           /* 5 GHz, channels 100..140 */
848           if (freq >= 5000 && freq <= 5700) {
849                     if ((freq - 5000) % 5)
850                               return NUM_HOSTAPD_MODES;
851 
852                     if (vht_opclass)
853                               *op_class = vht_opclass;
854                     else if (sec_channel == 1)
855                               *op_class = 122;
856                     else if (sec_channel == -1)
857                               *op_class = 123;
858                     else
859                               *op_class = 121;
860 
861                     *channel = (freq - 5000) / 5;
862 
863                     return HOSTAPD_MODE_IEEE80211A;
864           }
865 
866           if (freq >= 5000 && freq < 5900) {
867                     if ((freq - 5000) % 5)
868                               return NUM_HOSTAPD_MODES;
869                     *channel = (freq - 5000) / 5;
870                     *op_class = 0; /* TODO */
871                     return HOSTAPD_MODE_IEEE80211A;
872           }
873 
874           /* 56.16 GHz, channel 1..4 */
875           if (freq >= 56160 + 2160 * 1 && freq <= 56160 + 2160 * 4) {
876                     if (sec_channel || vht)
877                               return NUM_HOSTAPD_MODES;
878 
879                     *channel = (freq - 56160) / 2160;
880                     *op_class = 180;
881 
882                     return HOSTAPD_MODE_IEEE80211AD;
883           }
884 
885           return NUM_HOSTAPD_MODES;
886 }
887 
888 
ieee80211_chaninfo_to_channel(unsigned int freq,enum chan_width chanwidth,int sec_channel,u8 * op_class,u8 * channel)889 int ieee80211_chaninfo_to_channel(unsigned int freq, enum chan_width chanwidth,
890                                           int sec_channel, u8 *op_class, u8 *channel)
891 {
892           int vht = CHAN_WIDTH_UNKNOWN;
893 
894           switch (chanwidth) {
895           case CHAN_WIDTH_UNKNOWN:
896           case CHAN_WIDTH_20_NOHT:
897           case CHAN_WIDTH_20:
898           case CHAN_WIDTH_40:
899                     vht = CHANWIDTH_USE_HT;
900                     break;
901           case CHAN_WIDTH_80:
902                     vht = CHANWIDTH_80MHZ;
903                     break;
904           case CHAN_WIDTH_80P80:
905                     vht = CHANWIDTH_80P80MHZ;
906                     break;
907           case CHAN_WIDTH_160:
908                     vht = CHANWIDTH_160MHZ;
909                     break;
910           }
911 
912           if (ieee80211_freq_to_channel_ext(freq, sec_channel, vht, op_class,
913                                                     channel) == NUM_HOSTAPD_MODES) {
914                     wpa_printf(MSG_WARNING,
915                                  "Cannot determine operating class and channel (freq=%u chanwidth=%d sec_channel=%d)",
916                                  freq, chanwidth, sec_channel);
917                     return -1;
918           }
919 
920           return 0;
921 }
922 
923 
924 static const char *const us_op_class_cc[] = {
925           "US", "CA", NULL
926 };
927 
928 static const char *const eu_op_class_cc[] = {
929           "AL", "AM", "AT", "AZ", "BA", "BE", "BG", "BY", "CH", "CY", "CZ", "DE",
930           "DK", "EE", "EL", "ES", "FI", "FR", "GE", "HR", "HU", "IE", "IS", "IT",
931           "LI", "LT", "LU", "LV", "MD", "ME", "MK", "MT", "NL", "NO", "PL", "PT",
932           "RO", "RS", "RU", "SE", "SI", "SK", "TR", "UA", "UK", NULL
933 };
934 
935 static const char *const jp_op_class_cc[] = {
936           "JP", NULL
937 };
938 
939 static const char *const cn_op_class_cc[] = {
940           "CN", NULL
941 };
942 
943 
country_match(const char * const cc[],const char * const country)944 static int country_match(const char *const cc[], const char *const country)
945 {
946           int i;
947 
948           if (country == NULL)
949                     return 0;
950           for (i = 0; cc[i]; i++) {
951                     if (cc[i][0] == country[0] && cc[i][1] == country[1])
952                               return 1;
953           }
954 
955           return 0;
956 }
957 
958 
ieee80211_chan_to_freq_us(u8 op_class,u8 chan)959 static int ieee80211_chan_to_freq_us(u8 op_class, u8 chan)
960 {
961           switch (op_class) {
962           case 12: /* channels 1..11 */
963           case 32: /* channels 1..7; 40 MHz */
964           case 33: /* channels 5..11; 40 MHz */
965                     if (chan < 1 || chan > 11)
966                               return -1;
967                     return 2407 + 5 * chan;
968           case 1: /* channels 36,40,44,48 */
969           case 2: /* channels 52,56,60,64; dfs */
970           case 22: /* channels 36,44; 40 MHz */
971           case 23: /* channels 52,60; 40 MHz */
972           case 27: /* channels 40,48; 40 MHz */
973           case 28: /* channels 56,64; 40 MHz */
974                     if (chan < 36 || chan > 64)
975                               return -1;
976                     return 5000 + 5 * chan;
977           case 4: /* channels 100-144 */
978           case 24: /* channels 100-140; 40 MHz */
979                     if (chan < 100 || chan > 144)
980                               return -1;
981                     return 5000 + 5 * chan;
982           case 3: /* channels 149,153,157,161 */
983           case 25: /* channels 149,157; 40 MHz */
984           case 26: /* channels 149,157; 40 MHz */
985           case 30: /* channels 153,161; 40 MHz */
986           case 31: /* channels 153,161; 40 MHz */
987                     if (chan < 149 || chan > 161)
988                               return -1;
989                     return 5000 + 5 * chan;
990           case 5: /* channels 149,153,157,161,165 */
991                     if (chan < 149 || chan > 165)
992                               return -1;
993                     return 5000 + 5 * chan;
994           case 34: /* 60 GHz band, channels 1..3 */
995                     if (chan < 1 || chan > 3)
996                               return -1;
997                     return 56160 + 2160 * chan;
998           }
999           return -1;
1000 }
1001 
1002 
ieee80211_chan_to_freq_eu(u8 op_class,u8 chan)1003 static int ieee80211_chan_to_freq_eu(u8 op_class, u8 chan)
1004 {
1005           switch (op_class) {
1006           case 4: /* channels 1..13 */
1007           case 11: /* channels 1..9; 40 MHz */
1008           case 12: /* channels 5..13; 40 MHz */
1009                     if (chan < 1 || chan > 13)
1010                               return -1;
1011                     return 2407 + 5 * chan;
1012           case 1: /* channels 36,40,44,48 */
1013           case 2: /* channels 52,56,60,64; dfs */
1014           case 5: /* channels 36,44; 40 MHz */
1015           case 6: /* channels 52,60; 40 MHz */
1016           case 8: /* channels 40,48; 40 MHz */
1017           case 9: /* channels 56,64; 40 MHz */
1018                     if (chan < 36 || chan > 64)
1019                               return -1;
1020                     return 5000 + 5 * chan;
1021           case 3: /* channels 100-140 */
1022           case 7: /* channels 100-132; 40 MHz */
1023           case 10: /* channels 104-136; 40 MHz */
1024           case 16: /* channels 100-140 */
1025                     if (chan < 100 || chan > 140)
1026                               return -1;
1027                     return 5000 + 5 * chan;
1028           case 17: /* channels 149,153,157,161,165,169 */
1029                     if (chan < 149 || chan > 169)
1030                               return -1;
1031                     return 5000 + 5 * chan;
1032           case 18: /* 60 GHz band, channels 1..4 */
1033                     if (chan < 1 || chan > 4)
1034                               return -1;
1035                     return 56160 + 2160 * chan;
1036           }
1037           return -1;
1038 }
1039 
1040 
ieee80211_chan_to_freq_jp(u8 op_class,u8 chan)1041 static int ieee80211_chan_to_freq_jp(u8 op_class, u8 chan)
1042 {
1043           switch (op_class) {
1044           case 30: /* channels 1..13 */
1045           case 56: /* channels 1..9; 40 MHz */
1046           case 57: /* channels 5..13; 40 MHz */
1047                     if (chan < 1 || chan > 13)
1048                               return -1;
1049                     return 2407 + 5 * chan;
1050           case 31: /* channel 14 */
1051                     if (chan != 14)
1052                               return -1;
1053                     return 2414 + 5 * chan;
1054           case 1: /* channels 34,38,42,46(old) or 36,40,44,48 */
1055           case 32: /* channels 52,56,60,64 */
1056           case 33: /* channels 52,56,60,64 */
1057           case 36: /* channels 36,44; 40 MHz */
1058           case 37: /* channels 52,60; 40 MHz */
1059           case 38: /* channels 52,60; 40 MHz */
1060           case 41: /* channels 40,48; 40 MHz */
1061           case 42: /* channels 56,64; 40 MHz */
1062           case 43: /* channels 56,64; 40 MHz */
1063                     if (chan < 34 || chan > 64)
1064                               return -1;
1065                     return 5000 + 5 * chan;
1066           case 34: /* channels 100-140 */
1067           case 35: /* channels 100-140 */
1068           case 39: /* channels 100-132; 40 MHz */
1069           case 40: /* channels 100-132; 40 MHz */
1070           case 44: /* channels 104-136; 40 MHz */
1071           case 45: /* channels 104-136; 40 MHz */
1072           case 58: /* channels 100-140 */
1073                     if (chan < 100 || chan > 140)
1074                               return -1;
1075                     return 5000 + 5 * chan;
1076           case 59: /* 60 GHz band, channels 1..4 */
1077                     if (chan < 1 || chan > 3)
1078                               return -1;
1079                     return 56160 + 2160 * chan;
1080           }
1081           return -1;
1082 }
1083 
1084 
ieee80211_chan_to_freq_cn(u8 op_class,u8 chan)1085 static int ieee80211_chan_to_freq_cn(u8 op_class, u8 chan)
1086 {
1087           switch (op_class) {
1088           case 7: /* channels 1..13 */
1089           case 8: /* channels 1..9; 40 MHz */
1090           case 9: /* channels 5..13; 40 MHz */
1091                     if (chan < 1 || chan > 13)
1092                               return -1;
1093                     return 2407 + 5 * chan;
1094           case 1: /* channels 36,40,44,48 */
1095           case 2: /* channels 52,56,60,64; dfs */
1096           case 4: /* channels 36,44; 40 MHz */
1097           case 5: /* channels 52,60; 40 MHz */
1098                     if (chan < 36 || chan > 64)
1099                               return -1;
1100                     return 5000 + 5 * chan;
1101           case 3: /* channels 149,153,157,161,165 */
1102           case 6: /* channels 149,157; 40 MHz */
1103                     if (chan < 149 || chan > 165)
1104                               return -1;
1105                     return 5000 + 5 * chan;
1106           }
1107           return -1;
1108 }
1109 
1110 
ieee80211_chan_to_freq_global(u8 op_class,u8 chan)1111 static int ieee80211_chan_to_freq_global(u8 op_class, u8 chan)
1112 {
1113           /* Table E-4 in IEEE Std 802.11-2012 - Global operating classes */
1114           switch (op_class) {
1115           case 81:
1116                     /* channels 1..13 */
1117                     if (chan < 1 || chan > 13)
1118                               return -1;
1119                     return 2407 + 5 * chan;
1120           case 82:
1121                     /* channel 14 */
1122                     if (chan != 14)
1123                               return -1;
1124                     return 2414 + 5 * chan;
1125           case 83: /* channels 1..9; 40 MHz */
1126           case 84: /* channels 5..13; 40 MHz */
1127                     if (chan < 1 || chan > 13)
1128                               return -1;
1129                     return 2407 + 5 * chan;
1130           case 115: /* channels 36,40,44,48; indoor only */
1131           case 116: /* channels 36,44; 40 MHz; indoor only */
1132           case 117: /* channels 40,48; 40 MHz; indoor only */
1133           case 118: /* channels 52,56,60,64; dfs */
1134           case 119: /* channels 52,60; 40 MHz; dfs */
1135           case 120: /* channels 56,64; 40 MHz; dfs */
1136                     if (chan < 36 || chan > 64)
1137                               return -1;
1138                     return 5000 + 5 * chan;
1139           case 121: /* channels 100-140 */
1140           case 122: /* channels 100-142; 40 MHz */
1141           case 123: /* channels 104-136; 40 MHz */
1142                     if (chan < 100 || chan > 140)
1143                               return -1;
1144                     return 5000 + 5 * chan;
1145           case 124: /* channels 149,153,157,161 */
1146           case 126: /* channels 149,157; 40 MHz */
1147           case 127: /* channels 153,161; 40 MHz */
1148                     if (chan < 149 || chan > 161)
1149                               return -1;
1150                     return 5000 + 5 * chan;
1151           case 125: /* channels 149,153,157,161,165,169 */
1152                     if (chan < 149 || chan > 169)
1153                               return -1;
1154                     return 5000 + 5 * chan;
1155           case 128: /* center freqs 42, 58, 106, 122, 138, 155; 80 MHz */
1156           case 130: /* center freqs 42, 58, 106, 122, 138, 155; 80 MHz */
1157                     if (chan < 36 || chan > 161)
1158                               return -1;
1159                     return 5000 + 5 * chan;
1160           case 129: /* center freqs 50, 114; 160 MHz */
1161                     if (chan < 36 || chan > 128)
1162                               return -1;
1163                     return 5000 + 5 * chan;
1164           case 180: /* 60 GHz band, channels 1..4 */
1165                     if (chan < 1 || chan > 4)
1166                               return -1;
1167                     return 56160 + 2160 * chan;
1168           }
1169           return -1;
1170 }
1171 
1172 /**
1173  * ieee80211_chan_to_freq - Convert channel info to frequency
1174  * @country: Country code, if known; otherwise, global operating class is used
1175  * @op_class: Operating class
1176  * @chan: Channel number
1177  * Returns: Frequency in MHz or -1 if the specified channel is unknown
1178  */
ieee80211_chan_to_freq(const char * country,u8 op_class,u8 chan)1179 int ieee80211_chan_to_freq(const char *country, u8 op_class, u8 chan)
1180 {
1181           int freq;
1182 
1183           if (country_match(us_op_class_cc, country)) {
1184                     freq = ieee80211_chan_to_freq_us(op_class, chan);
1185                     if (freq > 0)
1186                               return freq;
1187           }
1188 
1189           if (country_match(eu_op_class_cc, country)) {
1190                     freq = ieee80211_chan_to_freq_eu(op_class, chan);
1191                     if (freq > 0)
1192                               return freq;
1193           }
1194 
1195           if (country_match(jp_op_class_cc, country)) {
1196                     freq = ieee80211_chan_to_freq_jp(op_class, chan);
1197                     if (freq > 0)
1198                               return freq;
1199           }
1200 
1201           if (country_match(cn_op_class_cc, country)) {
1202                     freq = ieee80211_chan_to_freq_cn(op_class, chan);
1203                     if (freq > 0)
1204                               return freq;
1205           }
1206 
1207           return ieee80211_chan_to_freq_global(op_class, chan);
1208 }
1209 
1210 
ieee80211_is_dfs(int freq,const struct hostapd_hw_modes * modes,u16 num_modes)1211 int ieee80211_is_dfs(int freq, const struct hostapd_hw_modes *modes,
1212                          u16 num_modes)
1213 {
1214           int i, j;
1215 
1216           if (!modes || !num_modes)
1217                     return (freq >= 5260 && freq <= 5320) ||
1218                               (freq >= 5500 && freq <= 5700);
1219 
1220           for (i = 0; i < num_modes; i++) {
1221                     for (j = 0; j < modes[i].num_channels; j++) {
1222                               if (modes[i].channels[j].freq == freq &&
1223                                   (modes[i].channels[j].flag & HOSTAPD_CHAN_RADAR))
1224                                         return 1;
1225                     }
1226           }
1227 
1228           return 0;
1229 }
1230 
1231 
is_11b(u8 rate)1232 static int is_11b(u8 rate)
1233 {
1234           return rate == 0x02 || rate == 0x04 || rate == 0x0b || rate == 0x16;
1235 }
1236 
1237 
supp_rates_11b_only(struct ieee802_11_elems * elems)1238 int supp_rates_11b_only(struct ieee802_11_elems *elems)
1239 {
1240           int num_11b = 0, num_others = 0;
1241           int i;
1242 
1243           if (elems->supp_rates == NULL && elems->ext_supp_rates == NULL)
1244                     return 0;
1245 
1246           for (i = 0; elems->supp_rates && i < elems->supp_rates_len; i++) {
1247                     if (is_11b(elems->supp_rates[i]))
1248                               num_11b++;
1249                     else
1250                               num_others++;
1251           }
1252 
1253           for (i = 0; elems->ext_supp_rates && i < elems->ext_supp_rates_len;
1254                i++) {
1255                     if (is_11b(elems->ext_supp_rates[i]))
1256                               num_11b++;
1257                     else
1258                               num_others++;
1259           }
1260 
1261           return num_11b > 0 && num_others == 0;
1262 }
1263 
1264 
fc2str(u16 fc)1265 const char * fc2str(u16 fc)
1266 {
1267           u16 stype = WLAN_FC_GET_STYPE(fc);
1268 #define C2S(x) case x: return #x;
1269 
1270           switch (WLAN_FC_GET_TYPE(fc)) {
1271           case WLAN_FC_TYPE_MGMT:
1272                     switch (stype) {
1273                     C2S(WLAN_FC_STYPE_ASSOC_REQ)
1274                     C2S(WLAN_FC_STYPE_ASSOC_RESP)
1275                     C2S(WLAN_FC_STYPE_REASSOC_REQ)
1276                     C2S(WLAN_FC_STYPE_REASSOC_RESP)
1277                     C2S(WLAN_FC_STYPE_PROBE_REQ)
1278                     C2S(WLAN_FC_STYPE_PROBE_RESP)
1279                     C2S(WLAN_FC_STYPE_BEACON)
1280                     C2S(WLAN_FC_STYPE_ATIM)
1281                     C2S(WLAN_FC_STYPE_DISASSOC)
1282                     C2S(WLAN_FC_STYPE_AUTH)
1283                     C2S(WLAN_FC_STYPE_DEAUTH)
1284                     C2S(WLAN_FC_STYPE_ACTION)
1285                     }
1286                     break;
1287           case WLAN_FC_TYPE_CTRL:
1288                     switch (stype) {
1289                     C2S(WLAN_FC_STYPE_PSPOLL)
1290                     C2S(WLAN_FC_STYPE_RTS)
1291                     C2S(WLAN_FC_STYPE_CTS)
1292                     C2S(WLAN_FC_STYPE_ACK)
1293                     C2S(WLAN_FC_STYPE_CFEND)
1294                     C2S(WLAN_FC_STYPE_CFENDACK)
1295                     }
1296                     break;
1297           case WLAN_FC_TYPE_DATA:
1298                     switch (stype) {
1299                     C2S(WLAN_FC_STYPE_DATA)
1300                     C2S(WLAN_FC_STYPE_DATA_CFACK)
1301                     C2S(WLAN_FC_STYPE_DATA_CFPOLL)
1302                     C2S(WLAN_FC_STYPE_DATA_CFACKPOLL)
1303                     C2S(WLAN_FC_STYPE_NULLFUNC)
1304                     C2S(WLAN_FC_STYPE_CFACK)
1305                     C2S(WLAN_FC_STYPE_CFPOLL)
1306                     C2S(WLAN_FC_STYPE_CFACKPOLL)
1307                     C2S(WLAN_FC_STYPE_QOS_DATA)
1308                     C2S(WLAN_FC_STYPE_QOS_DATA_CFACK)
1309                     C2S(WLAN_FC_STYPE_QOS_DATA_CFPOLL)
1310                     C2S(WLAN_FC_STYPE_QOS_DATA_CFACKPOLL)
1311                     C2S(WLAN_FC_STYPE_QOS_NULL)
1312                     C2S(WLAN_FC_STYPE_QOS_CFPOLL)
1313                     C2S(WLAN_FC_STYPE_QOS_CFACKPOLL)
1314                     }
1315                     break;
1316           }
1317           return "WLAN_FC_TYPE_UNKNOWN";
1318 #undef C2S
1319 }
1320 
1321 
reason2str(u16 reason)1322 const char * reason2str(u16 reason)
1323 {
1324 #define R2S(r) case WLAN_REASON_ ## r: return #r;
1325           switch (reason) {
1326           R2S(UNSPECIFIED)
1327           R2S(PREV_AUTH_NOT_VALID)
1328           R2S(DEAUTH_LEAVING)
1329           R2S(DISASSOC_DUE_TO_INACTIVITY)
1330           R2S(DISASSOC_AP_BUSY)
1331           R2S(CLASS2_FRAME_FROM_NONAUTH_STA)
1332           R2S(CLASS3_FRAME_FROM_NONASSOC_STA)
1333           R2S(DISASSOC_STA_HAS_LEFT)
1334           R2S(STA_REQ_ASSOC_WITHOUT_AUTH)
1335           R2S(PWR_CAPABILITY_NOT_VALID)
1336           R2S(SUPPORTED_CHANNEL_NOT_VALID)
1337           R2S(BSS_TRANSITION_DISASSOC)
1338           R2S(INVALID_IE)
1339           R2S(MICHAEL_MIC_FAILURE)
1340           R2S(4WAY_HANDSHAKE_TIMEOUT)
1341           R2S(GROUP_KEY_UPDATE_TIMEOUT)
1342           R2S(IE_IN_4WAY_DIFFERS)
1343           R2S(GROUP_CIPHER_NOT_VALID)
1344           R2S(PAIRWISE_CIPHER_NOT_VALID)
1345           R2S(AKMP_NOT_VALID)
1346           R2S(UNSUPPORTED_RSN_IE_VERSION)
1347           R2S(INVALID_RSN_IE_CAPAB)
1348           R2S(IEEE_802_1X_AUTH_FAILED)
1349           R2S(CIPHER_SUITE_REJECTED)
1350           R2S(TDLS_TEARDOWN_UNREACHABLE)
1351           R2S(TDLS_TEARDOWN_UNSPECIFIED)
1352           R2S(SSP_REQUESTED_DISASSOC)
1353           R2S(NO_SSP_ROAMING_AGREEMENT)
1354           R2S(BAD_CIPHER_OR_AKM)
1355           R2S(NOT_AUTHORIZED_THIS_LOCATION)
1356           R2S(SERVICE_CHANGE_PRECLUDES_TS)
1357           R2S(UNSPECIFIED_QOS_REASON)
1358           R2S(NOT_ENOUGH_BANDWIDTH)
1359           R2S(DISASSOC_LOW_ACK)
1360           R2S(EXCEEDED_TXOP)
1361           R2S(STA_LEAVING)
1362           R2S(END_TS_BA_DLS)
1363           R2S(UNKNOWN_TS_BA)
1364           R2S(TIMEOUT)
1365           R2S(PEERKEY_MISMATCH)
1366           R2S(AUTHORIZED_ACCESS_LIMIT_REACHED)
1367           R2S(EXTERNAL_SERVICE_REQUIREMENTS)
1368           R2S(INVALID_FT_ACTION_FRAME_COUNT)
1369           R2S(INVALID_PMKID)
1370           R2S(INVALID_MDE)
1371           R2S(INVALID_FTE)
1372           R2S(MESH_PEERING_CANCELLED)
1373           R2S(MESH_MAX_PEERS)
1374           R2S(MESH_CONFIG_POLICY_VIOLATION)
1375           R2S(MESH_CLOSE_RCVD)
1376           R2S(MESH_MAX_RETRIES)
1377           R2S(MESH_CONFIRM_TIMEOUT)
1378           R2S(MESH_INVALID_GTK)
1379           R2S(MESH_INCONSISTENT_PARAMS)
1380           R2S(MESH_INVALID_SECURITY_CAP)
1381           R2S(MESH_PATH_ERROR_NO_PROXY_INFO)
1382           R2S(MESH_PATH_ERROR_NO_FORWARDING_INFO)
1383           R2S(MESH_PATH_ERROR_DEST_UNREACHABLE)
1384           R2S(MAC_ADDRESS_ALREADY_EXISTS_IN_MBSS)
1385           R2S(MESH_CHANNEL_SWITCH_REGULATORY_REQ)
1386           R2S(MESH_CHANNEL_SWITCH_UNSPECIFIED)
1387           }
1388           return "UNKNOWN";
1389 #undef R2S
1390 }
1391 
1392 
status2str(u16 status)1393 const char * status2str(u16 status)
1394 {
1395 #define S2S(s) case WLAN_STATUS_ ## s: return #s;
1396           switch (status) {
1397           S2S(SUCCESS)
1398           S2S(UNSPECIFIED_FAILURE)
1399           S2S(TDLS_WAKEUP_ALTERNATE)
1400           S2S(TDLS_WAKEUP_REJECT)
1401           S2S(SECURITY_DISABLED)
1402           S2S(UNACCEPTABLE_LIFETIME)
1403           S2S(NOT_IN_SAME_BSS)
1404           S2S(CAPS_UNSUPPORTED)
1405           S2S(REASSOC_NO_ASSOC)
1406           S2S(ASSOC_DENIED_UNSPEC)
1407           S2S(NOT_SUPPORTED_AUTH_ALG)
1408           S2S(UNKNOWN_AUTH_TRANSACTION)
1409           S2S(CHALLENGE_FAIL)
1410           S2S(AUTH_TIMEOUT)
1411           S2S(AP_UNABLE_TO_HANDLE_NEW_STA)
1412           S2S(ASSOC_DENIED_RATES)
1413           S2S(ASSOC_DENIED_NOSHORT)
1414           S2S(SPEC_MGMT_REQUIRED)
1415           S2S(PWR_CAPABILITY_NOT_VALID)
1416           S2S(SUPPORTED_CHANNEL_NOT_VALID)
1417           S2S(ASSOC_DENIED_NO_SHORT_SLOT_TIME)
1418           S2S(ASSOC_DENIED_NO_HT)
1419           S2S(R0KH_UNREACHABLE)
1420           S2S(ASSOC_DENIED_NO_PCO)
1421           S2S(ASSOC_REJECTED_TEMPORARILY)
1422           S2S(ROBUST_MGMT_FRAME_POLICY_VIOLATION)
1423           S2S(UNSPECIFIED_QOS_FAILURE)
1424           S2S(DENIED_INSUFFICIENT_BANDWIDTH)
1425           S2S(DENIED_POOR_CHANNEL_CONDITIONS)
1426           S2S(DENIED_QOS_NOT_SUPPORTED)
1427           S2S(REQUEST_DECLINED)
1428           S2S(INVALID_PARAMETERS)
1429           S2S(REJECTED_WITH_SUGGESTED_CHANGES)
1430           S2S(INVALID_IE)
1431           S2S(GROUP_CIPHER_NOT_VALID)
1432           S2S(PAIRWISE_CIPHER_NOT_VALID)
1433           S2S(AKMP_NOT_VALID)
1434           S2S(UNSUPPORTED_RSN_IE_VERSION)
1435           S2S(INVALID_RSN_IE_CAPAB)
1436           S2S(CIPHER_REJECTED_PER_POLICY)
1437           S2S(TS_NOT_CREATED)
1438           S2S(DIRECT_LINK_NOT_ALLOWED)
1439           S2S(DEST_STA_NOT_PRESENT)
1440           S2S(DEST_STA_NOT_QOS_STA)
1441           S2S(ASSOC_DENIED_LISTEN_INT_TOO_LARGE)
1442           S2S(INVALID_FT_ACTION_FRAME_COUNT)
1443           S2S(INVALID_PMKID)
1444           S2S(INVALID_MDIE)
1445           S2S(INVALID_FTIE)
1446           S2S(REQUESTED_TCLAS_NOT_SUPPORTED)
1447           S2S(INSUFFICIENT_TCLAS_PROCESSING_RESOURCES)
1448           S2S(TRY_ANOTHER_BSS)
1449           S2S(GAS_ADV_PROTO_NOT_SUPPORTED)
1450           S2S(NO_OUTSTANDING_GAS_REQ)
1451           S2S(GAS_RESP_NOT_RECEIVED)
1452           S2S(STA_TIMED_OUT_WAITING_FOR_GAS_RESP)
1453           S2S(GAS_RESP_LARGER_THAN_LIMIT)
1454           S2S(REQ_REFUSED_HOME)
1455           S2S(ADV_SRV_UNREACHABLE)
1456           S2S(REQ_REFUSED_SSPN)
1457           S2S(REQ_REFUSED_UNAUTH_ACCESS)
1458           S2S(INVALID_RSNIE)
1459           S2S(U_APSD_COEX_NOT_SUPPORTED)
1460           S2S(U_APSD_COEX_MODE_NOT_SUPPORTED)
1461           S2S(BAD_INTERVAL_WITH_U_APSD_COEX)
1462           S2S(ANTI_CLOGGING_TOKEN_REQ)
1463           S2S(FINITE_CYCLIC_GROUP_NOT_SUPPORTED)
1464           S2S(CANNOT_FIND_ALT_TBTT)
1465           S2S(TRANSMISSION_FAILURE)
1466           S2S(REQ_TCLAS_NOT_SUPPORTED)
1467           S2S(TCLAS_RESOURCES_EXCHAUSTED)
1468           S2S(REJECTED_WITH_SUGGESTED_BSS_TRANSITION)
1469           S2S(REJECT_WITH_SCHEDULE)
1470           S2S(REJECT_NO_WAKEUP_SPECIFIED)
1471           S2S(SUCCESS_POWER_SAVE_MODE)
1472           S2S(PENDING_ADMITTING_FST_SESSION)
1473           S2S(PERFORMING_FST_NOW)
1474           S2S(PENDING_GAP_IN_BA_WINDOW)
1475           S2S(REJECT_U_PID_SETTING)
1476           S2S(REFUSED_EXTERNAL_REASON)
1477           S2S(REFUSED_AP_OUT_OF_MEMORY)
1478           S2S(REJECTED_EMERGENCY_SERVICE_NOT_SUPPORTED)
1479           S2S(QUERY_RESP_OUTSTANDING)
1480           S2S(REJECT_DSE_BAND)
1481           S2S(TCLAS_PROCESSING_TERMINATED)
1482           S2S(TS_SCHEDULE_CONFLICT)
1483           S2S(DENIED_WITH_SUGGESTED_BAND_AND_CHANNEL)
1484           S2S(MCCAOP_RESERVATION_CONFLICT)
1485           S2S(MAF_LIMIT_EXCEEDED)
1486           S2S(MCCA_TRACK_LIMIT_EXCEEDED)
1487           S2S(DENIED_DUE_TO_SPECTRUM_MANAGEMENT)
1488           S2S(ASSOC_DENIED_NO_VHT)
1489           S2S(ENABLEMENT_DENIED)
1490           S2S(RESTRICTION_FROM_AUTHORIZED_GDB)
1491           S2S(AUTHORIZATION_DEENABLED)
1492           S2S(FILS_AUTHENTICATION_FAILURE)
1493           S2S(UNKNOWN_AUTHENTICATION_SERVER)
1494           S2S(UNKNOWN_PASSWORD_IDENTIFIER)
1495           }
1496           return "UNKNOWN";
1497 #undef S2S
1498 }
1499 
1500 
mb_ies_info_by_ies(struct mb_ies_info * info,const u8 * ies_buf,size_t ies_len)1501 int mb_ies_info_by_ies(struct mb_ies_info *info, const u8 *ies_buf,
1502                            size_t ies_len)
1503 {
1504           const struct element *elem;
1505 
1506           os_memset(info, 0, sizeof(*info));
1507 
1508           if (!ies_buf)
1509                     return 0;
1510 
1511           for_each_element_id(elem, WLAN_EID_MULTI_BAND, ies_buf, ies_len) {
1512                     if (info->nof_ies >= MAX_NOF_MB_IES_SUPPORTED)
1513                               return 0;
1514 
1515                     wpa_printf(MSG_DEBUG, "MB IE of %u bytes found",
1516                                  elem->datalen + 2);
1517                     info->ies[info->nof_ies].ie = elem->data;
1518                     info->ies[info->nof_ies].ie_len = elem->datalen;
1519                     info->nof_ies++;
1520           }
1521 
1522           if (!for_each_element_completed(elem, ies_buf, ies_len)) {
1523                     wpa_hexdump(MSG_DEBUG, "Truncated IEs", ies_buf, ies_len);
1524                     return -1;
1525           }
1526 
1527           return 0;
1528 }
1529 
1530 
mb_ies_by_info(struct mb_ies_info * info)1531 struct wpabuf * mb_ies_by_info(struct mb_ies_info *info)
1532 {
1533           struct wpabuf *mb_ies = NULL;
1534 
1535           WPA_ASSERT(info != NULL);
1536 
1537           if (info->nof_ies) {
1538                     u8 i;
1539                     size_t mb_ies_size = 0;
1540 
1541                     for (i = 0; i < info->nof_ies; i++)
1542                               mb_ies_size += 2 + info->ies[i].ie_len;
1543 
1544                     mb_ies = wpabuf_alloc(mb_ies_size);
1545                     if (mb_ies) {
1546                               for (i = 0; i < info->nof_ies; i++) {
1547                                         wpabuf_put_u8(mb_ies, WLAN_EID_MULTI_BAND);
1548                                         wpabuf_put_u8(mb_ies, info->ies[i].ie_len);
1549                                         wpabuf_put_data(mb_ies,
1550                                                             info->ies[i].ie,
1551                                                             info->ies[i].ie_len);
1552                               }
1553                     }
1554           }
1555 
1556           return mb_ies;
1557 }
1558 
1559 
1560 const struct oper_class_map global_op_class[] = {
1561           { HOSTAPD_MODE_IEEE80211G, 81, 1, 13, 1, BW20, P2P_SUPP },
1562           { HOSTAPD_MODE_IEEE80211G, 82, 14, 14, 1, BW20, NO_P2P_SUPP },
1563 
1564           /* Do not enable HT40 on 2.4 GHz for P2P use for now */
1565           { HOSTAPD_MODE_IEEE80211G, 83, 1, 9, 1, BW40PLUS, NO_P2P_SUPP },
1566           { HOSTAPD_MODE_IEEE80211G, 84, 5, 13, 1, BW40MINUS, NO_P2P_SUPP },
1567 
1568           { HOSTAPD_MODE_IEEE80211A, 115, 36, 48, 4, BW20, P2P_SUPP },
1569           { HOSTAPD_MODE_IEEE80211A, 116, 36, 44, 8, BW40PLUS, P2P_SUPP },
1570           { HOSTAPD_MODE_IEEE80211A, 117, 40, 48, 8, BW40MINUS, P2P_SUPP },
1571           { HOSTAPD_MODE_IEEE80211A, 118, 52, 64, 4, BW20, NO_P2P_SUPP },
1572           { HOSTAPD_MODE_IEEE80211A, 119, 52, 60, 8, BW40PLUS, NO_P2P_SUPP },
1573           { HOSTAPD_MODE_IEEE80211A, 120, 56, 64, 8, BW40MINUS, NO_P2P_SUPP },
1574           { HOSTAPD_MODE_IEEE80211A, 121, 100, 140, 4, BW20, NO_P2P_SUPP },
1575           { HOSTAPD_MODE_IEEE80211A, 122, 100, 132, 8, BW40PLUS, NO_P2P_SUPP },
1576           { HOSTAPD_MODE_IEEE80211A, 123, 104, 136, 8, BW40MINUS, NO_P2P_SUPP },
1577           { HOSTAPD_MODE_IEEE80211A, 124, 149, 161, 4, BW20, P2P_SUPP },
1578           { HOSTAPD_MODE_IEEE80211A, 125, 149, 169, 4, BW20, P2P_SUPP },
1579           { HOSTAPD_MODE_IEEE80211A, 126, 149, 157, 8, BW40PLUS, P2P_SUPP },
1580           { HOSTAPD_MODE_IEEE80211A, 127, 153, 161, 8, BW40MINUS, P2P_SUPP },
1581 
1582           /*
1583            * IEEE P802.11ac/D7.0 Table E-4 actually talks about channel center
1584            * frequency index 42, 58, 106, 122, 138, 155 with channel spacing of
1585            * 80 MHz, but currently use the following definition for simplicity
1586            * (these center frequencies are not actual channels, which makes
1587            * wpas_p2p_allow_channel() fail). wpas_p2p_verify_80mhz() should take
1588            * care of removing invalid channels.
1589            */
1590           { HOSTAPD_MODE_IEEE80211A, 128, 36, 161, 4, BW80, P2P_SUPP },
1591           { HOSTAPD_MODE_IEEE80211A, 129, 50, 114, 16, BW160, P2P_SUPP },
1592           { HOSTAPD_MODE_IEEE80211A, 130, 36, 161, 4, BW80P80, P2P_SUPP },
1593           { HOSTAPD_MODE_IEEE80211AD, 180, 1, 4, 1, BW2160, P2P_SUPP },
1594           { -1, 0, 0, 0, 0, BW20, NO_P2P_SUPP }
1595 };
1596 
1597 
ieee80211_phy_type_by_freq(int freq)1598 static enum phy_type ieee80211_phy_type_by_freq(int freq)
1599 {
1600           enum hostapd_hw_mode hw_mode;
1601           u8 channel;
1602 
1603           hw_mode = ieee80211_freq_to_chan(freq, &channel);
1604 
1605           switch (hw_mode) {
1606           case HOSTAPD_MODE_IEEE80211A:
1607                     return PHY_TYPE_OFDM;
1608           case HOSTAPD_MODE_IEEE80211B:
1609                     return PHY_TYPE_HRDSSS;
1610           case HOSTAPD_MODE_IEEE80211G:
1611                     return PHY_TYPE_ERP;
1612           case HOSTAPD_MODE_IEEE80211AD:
1613                     return PHY_TYPE_DMG;
1614           default:
1615                     return PHY_TYPE_UNSPECIFIED;
1616           };
1617 }
1618 
1619 
1620 /* ieee80211_get_phy_type - Derive the phy type by freq and bandwidth */
ieee80211_get_phy_type(int freq,int ht,int vht)1621 enum phy_type ieee80211_get_phy_type(int freq, int ht, int vht)
1622 {
1623           if (vht)
1624                     return PHY_TYPE_VHT;
1625           if (ht)
1626                     return PHY_TYPE_HT;
1627 
1628           return ieee80211_phy_type_by_freq(freq);
1629 }
1630 
1631 
1632 size_t global_op_class_size = ARRAY_SIZE(global_op_class);
1633 
1634 
1635 /**
1636  * get_ie - Fetch a specified information element from IEs buffer
1637  * @ies: Information elements buffer
1638  * @len: Information elements buffer length
1639  * @eid: Information element identifier (WLAN_EID_*)
1640  * Returns: Pointer to the information element (id field) or %NULL if not found
1641  *
1642  * This function returns the first matching information element in the IEs
1643  * buffer or %NULL in case the element is not found.
1644  */
get_ie(const u8 * ies,size_t len,u8 eid)1645 const u8 * get_ie(const u8 *ies, size_t len, u8 eid)
1646 {
1647           const struct element *elem;
1648 
1649           if (!ies)
1650                     return NULL;
1651 
1652           for_each_element_id(elem, eid, ies, len)
1653                     return &elem->id;
1654 
1655           return NULL;
1656 }
1657 
1658 
1659 /**
1660  * get_ie_ext - Fetch a specified extended information element from IEs buffer
1661  * @ies: Information elements buffer
1662  * @len: Information elements buffer length
1663  * @ext: Information element extension identifier (WLAN_EID_EXT_*)
1664  * Returns: Pointer to the information element (id field) or %NULL if not found
1665  *
1666  * This function returns the first matching information element in the IEs
1667  * buffer or %NULL in case the element is not found.
1668  */
get_ie_ext(const u8 * ies,size_t len,u8 ext)1669 const u8 * get_ie_ext(const u8 *ies, size_t len, u8 ext)
1670 {
1671           const struct element *elem;
1672 
1673           if (!ies)
1674                     return NULL;
1675 
1676           for_each_element_extid(elem, ext, ies, len)
1677                     return &elem->id;
1678 
1679           return NULL;
1680 }
1681 
1682 
get_vendor_ie(const u8 * ies,size_t len,u32 vendor_type)1683 const u8 * get_vendor_ie(const u8 *ies, size_t len, u32 vendor_type)
1684 {
1685           const struct element *elem;
1686 
1687           for_each_element_id(elem, WLAN_EID_VENDOR_SPECIFIC, ies, len) {
1688                     if (elem->datalen >= 4 &&
1689                         vendor_type == WPA_GET_BE32(elem->data))
1690                               return &elem->id;
1691           }
1692 
1693           return NULL;
1694 }
1695 
1696 
mbo_add_ie(u8 * buf,size_t len,const u8 * attr,size_t attr_len)1697 size_t mbo_add_ie(u8 *buf, size_t len, const u8 *attr, size_t attr_len)
1698 {
1699           /*
1700            * MBO IE requires 6 bytes without the attributes: EID (1), length (1),
1701            * OUI (3), OUI type (1).
1702            */
1703           if (len < 6 + attr_len) {
1704                     wpa_printf(MSG_DEBUG,
1705                                  "MBO: Not enough room in buffer for MBO IE: buf len = %zu, attr_len = %zu",
1706                                  len, attr_len);
1707                     return 0;
1708           }
1709 
1710           *buf++ = WLAN_EID_VENDOR_SPECIFIC;
1711           *buf++ = attr_len + 4;
1712           WPA_PUT_BE24(buf, OUI_WFA);
1713           buf += 3;
1714           *buf++ = MBO_OUI_TYPE;
1715           os_memcpy(buf, attr, attr_len);
1716 
1717           return 6 + attr_len;
1718 }
1719 
1720 
add_multi_ap_ie(u8 * buf,size_t len,u8 value)1721 size_t add_multi_ap_ie(u8 *buf, size_t len, u8 value)
1722 {
1723           u8 *pos = buf;
1724 
1725           if (len < 9)
1726                     return 0;
1727 
1728           *pos++ = WLAN_EID_VENDOR_SPECIFIC;
1729           *pos++ = 7; /* len */
1730           WPA_PUT_BE24(pos, OUI_WFA);
1731           pos += 3;
1732           *pos++ = MULTI_AP_OUI_TYPE;
1733           *pos++ = MULTI_AP_SUB_ELEM_TYPE;
1734           *pos++ = 1; /* len */
1735           *pos++ = value;
1736 
1737           return pos - buf;
1738 }
1739 
1740 
1741 static const struct country_op_class us_op_class[] = {
1742           { 1, 115 },
1743           { 2, 118 },
1744           { 3, 124 },
1745           { 4, 121 },
1746           { 5, 125 },
1747           { 12, 81 },
1748           { 22, 116 },
1749           { 23, 119 },
1750           { 24, 122 },
1751           { 25, 126 },
1752           { 26, 126 },
1753           { 27, 117 },
1754           { 28, 120 },
1755           { 29, 123 },
1756           { 30, 127 },
1757           { 31, 127 },
1758           { 32, 83 },
1759           { 33, 84 },
1760           { 34, 180 },
1761 };
1762 
1763 static const struct country_op_class eu_op_class[] = {
1764           { 1, 115 },
1765           { 2, 118 },
1766           { 3, 121 },
1767           { 4, 81 },
1768           { 5, 116 },
1769           { 6, 119 },
1770           { 7, 122 },
1771           { 8, 117 },
1772           { 9, 120 },
1773           { 10, 123 },
1774           { 11, 83 },
1775           { 12, 84 },
1776           { 17, 125 },
1777           { 18, 180 },
1778 };
1779 
1780 static const struct country_op_class jp_op_class[] = {
1781           { 1, 115 },
1782           { 30, 81 },
1783           { 31, 82 },
1784           { 32, 118 },
1785           { 33, 118 },
1786           { 34, 121 },
1787           { 35, 121 },
1788           { 36, 116 },
1789           { 37, 119 },
1790           { 38, 119 },
1791           { 39, 122 },
1792           { 40, 122 },
1793           { 41, 117 },
1794           { 42, 120 },
1795           { 43, 120 },
1796           { 44, 123 },
1797           { 45, 123 },
1798           { 56, 83 },
1799           { 57, 84 },
1800           { 58, 121 },
1801           { 59, 180 },
1802 };
1803 
1804 static const struct country_op_class cn_op_class[] = {
1805           { 1, 115 },
1806           { 2, 118 },
1807           { 3, 125 },
1808           { 4, 116 },
1809           { 5, 119 },
1810           { 6, 126 },
1811           { 7, 81 },
1812           { 8, 83 },
1813           { 9, 84 },
1814 };
1815 
1816 static u8
global_op_class_from_country_array(u8 op_class,size_t array_size,const struct country_op_class * country_array)1817 global_op_class_from_country_array(u8 op_class, size_t array_size,
1818                                            const struct country_op_class *country_array)
1819 {
1820           size_t i;
1821 
1822           for (i = 0; i < array_size; i++) {
1823                     if (country_array[i].country_op_class == op_class)
1824                               return country_array[i].global_op_class;
1825           }
1826 
1827           return 0;
1828 }
1829 
1830 
country_to_global_op_class(const char * country,u8 op_class)1831 u8 country_to_global_op_class(const char *country, u8 op_class)
1832 {
1833           const struct country_op_class *country_array;
1834           size_t size;
1835           u8 g_op_class;
1836 
1837           if (country_match(us_op_class_cc, country)) {
1838                     country_array = us_op_class;
1839                     size = ARRAY_SIZE(us_op_class);
1840           } else if (country_match(eu_op_class_cc, country)) {
1841                     country_array = eu_op_class;
1842                     size = ARRAY_SIZE(eu_op_class);
1843           } else if (country_match(jp_op_class_cc, country)) {
1844                     country_array = jp_op_class;
1845                     size = ARRAY_SIZE(jp_op_class);
1846           } else if (country_match(cn_op_class_cc, country)) {
1847                     country_array = cn_op_class;
1848                     size = ARRAY_SIZE(cn_op_class);
1849           } else {
1850                     /*
1851                      * Countries that do not match any of the above countries use
1852                      * global operating classes
1853                      */
1854                     return op_class;
1855           }
1856 
1857           g_op_class = global_op_class_from_country_array(op_class, size,
1858                                                                       country_array);
1859 
1860           /*
1861            * If the given operating class did not match any of the country's
1862            * operating classes, assume that global operating class is used.
1863            */
1864           return g_op_class ? g_op_class : op_class;
1865 }
1866 
1867 
get_oper_class(const char * country,u8 op_class)1868 const struct oper_class_map * get_oper_class(const char *country, u8 op_class)
1869 {
1870           const struct oper_class_map *op;
1871 
1872           if (country)
1873                     op_class = country_to_global_op_class(country, op_class);
1874 
1875           op = &global_op_class[0];
1876           while (op->op_class && op->op_class != op_class)
1877                     op++;
1878 
1879           if (!op->op_class)
1880                     return NULL;
1881 
1882           return op;
1883 }
1884 
1885 
oper_class_bw_to_int(const struct oper_class_map * map)1886 int oper_class_bw_to_int(const struct oper_class_map *map)
1887 {
1888           switch (map->bw) {
1889           case BW20:
1890                     return 20;
1891           case BW40PLUS:
1892           case BW40MINUS:
1893                     return 40;
1894           case BW80:
1895                     return 80;
1896           case BW80P80:
1897           case BW160:
1898                     return 160;
1899           case BW2160:
1900                     return 2160;
1901           default:
1902                     return 0;
1903           }
1904 }
1905 
1906 
ieee802_11_parse_candidate_list(const char * pos,u8 * nei_rep,size_t nei_rep_len)1907 int ieee802_11_parse_candidate_list(const char *pos, u8 *nei_rep,
1908                                             size_t nei_rep_len)
1909 {
1910           u8 *nei_pos = nei_rep;
1911           const char *end;
1912 
1913           /*
1914            * BSS Transition Candidate List Entries - Neighbor Report elements
1915            * neighbor=<BSSID>,<BSSID Information>,<Operating Class>,
1916            * <Channel Number>,<PHY Type>[,<hexdump of Optional Subelements>]
1917            */
1918           while (pos) {
1919                     u8 *nei_start;
1920                     long int val;
1921                     char *endptr, *tmp;
1922 
1923                     pos = os_strstr(pos, " neighbor=");
1924                     if (!pos)
1925                               break;
1926                     if (nei_pos + 15 > nei_rep + nei_rep_len) {
1927                               wpa_printf(MSG_DEBUG,
1928                                            "Not enough room for additional neighbor");
1929                               return -1;
1930                     }
1931                     pos += 10;
1932 
1933                     nei_start = nei_pos;
1934                     *nei_pos++ = WLAN_EID_NEIGHBOR_REPORT;
1935                     nei_pos++; /* length to be filled in */
1936 
1937                     if (hwaddr_aton(pos, nei_pos)) {
1938                               wpa_printf(MSG_DEBUG, "Invalid BSSID");
1939                               return -1;
1940                     }
1941                     nei_pos += ETH_ALEN;
1942                     pos += 17;
1943                     if (*pos != ',') {
1944                               wpa_printf(MSG_DEBUG, "Missing BSSID Information");
1945                               return -1;
1946                     }
1947                     pos++;
1948 
1949                     val = strtol(pos, &endptr, 0);
1950                     WPA_PUT_LE32(nei_pos, val);
1951                     nei_pos += 4;
1952                     if (*endptr != ',') {
1953                               wpa_printf(MSG_DEBUG, "Missing Operating Class");
1954                               return -1;
1955                     }
1956                     pos = endptr + 1;
1957 
1958                     *nei_pos++ = atoi(pos); /* Operating Class */
1959                     pos = os_strchr(pos, ',');
1960                     if (pos == NULL) {
1961                               wpa_printf(MSG_DEBUG, "Missing Channel Number");
1962                               return -1;
1963                     }
1964                     pos++;
1965 
1966                     *nei_pos++ = atoi(pos); /* Channel Number */
1967                     pos = os_strchr(pos, ',');
1968                     if (pos == NULL) {
1969                               wpa_printf(MSG_DEBUG, "Missing PHY Type");
1970                               return -1;
1971                     }
1972                     pos++;
1973 
1974                     *nei_pos++ = atoi(pos); /* PHY Type */
1975                     end = os_strchr(pos, ' ');
1976                     tmp = os_strchr(pos, ',');
1977                     if (tmp && (!end || tmp < end)) {
1978                               /* Optional Subelements (hexdump) */
1979                               size_t len;
1980 
1981                               pos = tmp + 1;
1982                               end = os_strchr(pos, ' ');
1983                               if (end)
1984                                         len = end - pos;
1985                               else
1986                                         len = os_strlen(pos);
1987                               if (nei_pos + len / 2 > nei_rep + nei_rep_len) {
1988                                         wpa_printf(MSG_DEBUG,
1989                                                      "Not enough room for neighbor subelements");
1990                                         return -1;
1991                               }
1992                               if (len & 0x01 ||
1993                                   hexstr2bin(pos, nei_pos, len / 2) < 0) {
1994                                         wpa_printf(MSG_DEBUG,
1995                                                      "Invalid neighbor subelement info");
1996                                         return -1;
1997                               }
1998                               nei_pos += len / 2;
1999                               pos = end;
2000                     }
2001 
2002                     nei_start[1] = nei_pos - nei_start - 2;
2003           }
2004 
2005           return nei_pos - nei_rep;
2006 }
2007 
2008 
ieee802_11_ext_capab(const u8 * ie,unsigned int capab)2009 int ieee802_11_ext_capab(const u8 *ie, unsigned int capab)
2010 {
2011           if (!ie || ie[1] <= capab / 8)
2012                     return 0;
2013           return !!(ie[2 + capab / 8] & BIT(capab % 8));
2014 }
2015