|
|
|
/*
|
|
|
|
* IEEE 802.11 defines
|
|
|
|
*
|
|
|
|
* Copyright (c) 2001-2002, SSH Communications Security Corp and Jouni Malinen
|
|
|
|
* <jkmaline@cc.hut.fi>
|
|
|
|
* Copyright (c) 2002-2003, Jouni Malinen <jkmaline@cc.hut.fi>
|
|
|
|
* Copyright (c) 2005, Devicescape Software, Inc.
|
|
|
|
* Copyright (c) 2006, Michael Wu <flamingice@sourmilk.net>
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef IEEE80211_H
|
|
|
|
#define IEEE80211_H
|
|
|
|
|
|
|
|
#include <linux/types.h>
|
|
|
|
#include <asm/byteorder.h>
|
|
|
|
|
|
|
|
#define FCS_LEN 4
|
|
|
|
|
|
|
|
#define IEEE80211_FCTL_VERS 0x0003
|
|
|
|
#define IEEE80211_FCTL_FTYPE 0x000c
|
|
|
|
#define IEEE80211_FCTL_STYPE 0x00f0
|
|
|
|
#define IEEE80211_FCTL_TODS 0x0100
|
|
|
|
#define IEEE80211_FCTL_FROMDS 0x0200
|
|
|
|
#define IEEE80211_FCTL_MOREFRAGS 0x0400
|
|
|
|
#define IEEE80211_FCTL_RETRY 0x0800
|
|
|
|
#define IEEE80211_FCTL_PM 0x1000
|
|
|
|
#define IEEE80211_FCTL_MOREDATA 0x2000
|
|
|
|
#define IEEE80211_FCTL_PROTECTED 0x4000
|
|
|
|
#define IEEE80211_FCTL_ORDER 0x8000
|
|
|
|
|
|
|
|
#define IEEE80211_SCTL_FRAG 0x000F
|
|
|
|
#define IEEE80211_SCTL_SEQ 0xFFF0
|
|
|
|
|
|
|
|
#define IEEE80211_FTYPE_MGMT 0x0000
|
|
|
|
#define IEEE80211_FTYPE_CTL 0x0004
|
|
|
|
#define IEEE80211_FTYPE_DATA 0x0008
|
|
|
|
|
|
|
|
/* management */
|
|
|
|
#define IEEE80211_STYPE_ASSOC_REQ 0x0000
|
|
|
|
#define IEEE80211_STYPE_ASSOC_RESP 0x0010
|
|
|
|
#define IEEE80211_STYPE_REASSOC_REQ 0x0020
|
|
|
|
#define IEEE80211_STYPE_REASSOC_RESP 0x0030
|
|
|
|
#define IEEE80211_STYPE_PROBE_REQ 0x0040
|
|
|
|
#define IEEE80211_STYPE_PROBE_RESP 0x0050
|
|
|
|
#define IEEE80211_STYPE_BEACON 0x0080
|
|
|
|
#define IEEE80211_STYPE_ATIM 0x0090
|
|
|
|
#define IEEE80211_STYPE_DISASSOC 0x00A0
|
|
|
|
#define IEEE80211_STYPE_AUTH 0x00B0
|
|
|
|
#define IEEE80211_STYPE_DEAUTH 0x00C0
|
|
|
|
#define IEEE80211_STYPE_ACTION 0x00D0
|
|
|
|
|
|
|
|
/* control */
|
|
|
|
#define IEEE80211_STYPE_PSPOLL 0x00A0
|
|
|
|
#define IEEE80211_STYPE_RTS 0x00B0
|
|
|
|
#define IEEE80211_STYPE_CTS 0x00C0
|
|
|
|
#define IEEE80211_STYPE_ACK 0x00D0
|
|
|
|
#define IEEE80211_STYPE_CFEND 0x00E0
|
|
|
|
#define IEEE80211_STYPE_CFENDACK 0x00F0
|
|
|
|
|
|
|
|
/* data */
|
|
|
|
#define IEEE80211_STYPE_DATA 0x0000
|
|
|
|
#define IEEE80211_STYPE_DATA_CFACK 0x0010
|
|
|
|
#define IEEE80211_STYPE_DATA_CFPOLL 0x0020
|
|
|
|
#define IEEE80211_STYPE_DATA_CFACKPOLL 0x0030
|
|
|
|
#define IEEE80211_STYPE_NULLFUNC 0x0040
|
|
|
|
#define IEEE80211_STYPE_CFACK 0x0050
|
|
|
|
#define IEEE80211_STYPE_CFPOLL 0x0060
|
|
|
|
#define IEEE80211_STYPE_CFACKPOLL 0x0070
|
|
|
|
#define IEEE80211_STYPE_QOS_DATA 0x0080
|
|
|
|
#define IEEE80211_STYPE_QOS_DATA_CFACK 0x0090
|
|
|
|
#define IEEE80211_STYPE_QOS_DATA_CFPOLL 0x00A0
|
|
|
|
#define IEEE80211_STYPE_QOS_DATA_CFACKPOLL 0x00B0
|
|
|
|
#define IEEE80211_STYPE_QOS_NULLFUNC 0x00C0
|
|
|
|
#define IEEE80211_STYPE_QOS_CFACK 0x00D0
|
|
|
|
#define IEEE80211_STYPE_QOS_CFPOLL 0x00E0
|
|
|
|
#define IEEE80211_STYPE_QOS_CFACKPOLL 0x00F0
|
|
|
|
|
|
|
|
|
|
|
|
/* miscellaneous IEEE 802.11 constants */
|
|
|
|
#define IEEE80211_MAX_FRAG_THRESHOLD 2346
|
|
|
|
#define IEEE80211_MAX_RTS_THRESHOLD 2347
|
|
|
|
#define IEEE80211_MAX_AID 2007
|
|
|
|
#define IEEE80211_MAX_TIM_LEN 251
|
|
|
|
#define IEEE80211_MAX_DATA_LEN 2304
|
|
|
|
/* Maximum size for the MA-UNITDATA primitive, 802.11 standard section
|
|
|
|
6.2.1.1.2.
|
|
|
|
|
|
|
|
The figure in section 7.1.2 suggests a body size of up to 2312
|
|
|
|
bytes is allowed, which is a bit confusing, I suspect this
|
|
|
|
represents the 2304 bytes of real data, plus a possible 8 bytes of
|
|
|
|
WEP IV and ICV. (this interpretation suggested by Ramiro Barreiro) */
|
|
|
|
|
|
|
|
#define IEEE80211_MAX_SSID_LEN 32
|
|
|
|
|
|
|
|
struct ieee80211_hdr {
|
|
|
|
__le16 frame_control;
|
|
|
|
__le16 duration_id;
|
|
|
|
u8 addr1[6];
|
|
|
|
u8 addr2[6];
|
|
|
|
u8 addr3[6];
|
|
|
|
__le16 seq_ctrl;
|
|
|
|
u8 addr4[6];
|
|
|
|
} __attribute__ ((packed));
|
|
|
|
|
|
|
|
|
|
|
|
struct ieee80211_mgmt {
|
|
|
|
__le16 frame_control;
|
|
|
|
__le16 duration;
|
|
|
|
u8 da[6];
|
|
|
|
u8 sa[6];
|
|
|
|
u8 bssid[6];
|
|
|
|
__le16 seq_ctrl;
|
|
|
|
union {
|
|
|
|
struct {
|
|
|
|
__le16 auth_alg;
|
|
|
|
__le16 auth_transaction;
|
|
|
|
__le16 status_code;
|
|
|
|
/* possibly followed by Challenge text */
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) auth;
|
|
|
|
struct {
|
|
|
|
__le16 reason_code;
|
|
|
|
} __attribute__ ((packed)) deauth;
|
|
|
|
struct {
|
|
|
|
__le16 capab_info;
|
|
|
|
__le16 listen_interval;
|
|
|
|
/* followed by SSID and Supported rates */
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) assoc_req;
|
|
|
|
struct {
|
|
|
|
__le16 capab_info;
|
|
|
|
__le16 status_code;
|
|
|
|
__le16 aid;
|
|
|
|
/* followed by Supported rates */
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) assoc_resp, reassoc_resp;
|
|
|
|
struct {
|
|
|
|
__le16 capab_info;
|
|
|
|
__le16 listen_interval;
|
|
|
|
u8 current_ap[6];
|
|
|
|
/* followed by SSID and Supported rates */
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) reassoc_req;
|
|
|
|
struct {
|
|
|
|
__le16 reason_code;
|
|
|
|
} __attribute__ ((packed)) disassoc;
|
|
|
|
struct {
|
|
|
|
__le64 timestamp;
|
|
|
|
__le16 beacon_int;
|
|
|
|
__le16 capab_info;
|
|
|
|
/* followed by some of SSID, Supported rates,
|
|
|
|
* FH Params, DS Params, CF Params, IBSS Params, TIM */
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) beacon;
|
|
|
|
struct {
|
|
|
|
/* only variable items: SSID, Supported rates */
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) probe_req;
|
|
|
|
struct {
|
|
|
|
__le64 timestamp;
|
|
|
|
__le16 beacon_int;
|
|
|
|
__le16 capab_info;
|
|
|
|
/* followed by some of SSID, Supported rates,
|
|
|
|
* FH Params, DS Params, CF Params, IBSS Params */
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) probe_resp;
|
|
|
|
struct {
|
|
|
|
u8 category;
|
|
|
|
union {
|
|
|
|
struct {
|
|
|
|
u8 action_code;
|
|
|
|
u8 dialog_token;
|
|
|
|
u8 status_code;
|
|
|
|
u8 variable[0];
|
|
|
|
} __attribute__ ((packed)) wme_action;
|
|
|
|
struct{
|
|
|
|
u8 action_code;
|
|
|
|
u8 element_id;
|
|
|
|
u8 length;
|
|
|
|
u8 switch_mode;
|
|
|
|
u8 new_chan;
|
|
|
|
u8 switch_count;
|
|
|
|
} __attribute__((packed)) chan_switch;
|
|
|
|
} u;
|
|
|
|
} __attribute__ ((packed)) action;
|
|
|
|
} u;
|
|
|
|
} __attribute__ ((packed));
|
|
|
|
|
|
|
|
|
|
|
|
/* Control frames */
|
|
|
|
struct ieee80211_rts {
|
|
|
|
__le16 frame_control;
|
|
|
|
__le16 duration;
|
|
|
|
u8 ra[6];
|
|
|
|
u8 ta[6];
|
|
|
|
} __attribute__ ((packed));
|
|
|
|
|
|
|
|
struct ieee80211_cts {
|
|
|
|
__le16 frame_control;
|
|
|
|
__le16 duration;
|
|
|
|
u8 ra[6];
|
|
|
|
} __attribute__ ((packed));
|
|
|
|
|
|
|
|
|
|
|
|
/* Authentication algorithms */
|
|
|
|
#define WLAN_AUTH_OPEN 0
|
|
|
|
#define WLAN_AUTH_SHARED_KEY 1
|
|
|
|
#define WLAN_AUTH_FAST_BSS_TRANSITION 2
|
|
|
|
#define WLAN_AUTH_LEAP 128
|
|
|
|
|
|
|
|
#define WLAN_AUTH_CHALLENGE_LEN 128
|
|
|
|
|
|
|
|
#define WLAN_CAPABILITY_ESS (1<<0)
|
|
|
|
#define WLAN_CAPABILITY_IBSS (1<<1)
|
|
|
|
#define WLAN_CAPABILITY_CF_POLLABLE (1<<2)
|
|
|
|
#define WLAN_CAPABILITY_CF_POLL_REQUEST (1<<3)
|
|
|
|
#define WLAN_CAPABILITY_PRIVACY (1<<4)
|
|
|
|
#define WLAN_CAPABILITY_SHORT_PREAMBLE (1<<5)
|
|
|
|
#define WLAN_CAPABILITY_PBCC (1<<6)
|
|
|
|
#define WLAN_CAPABILITY_CHANNEL_AGILITY (1<<7)
|
|
|
|
/* 802.11h */
|
|
|
|
#define WLAN_CAPABILITY_SPECTRUM_MGMT (1<<8)
|
|
|
|
#define WLAN_CAPABILITY_QOS (1<<9)
|
|
|
|
#define WLAN_CAPABILITY_SHORT_SLOT_TIME (1<<10)
|
|
|
|
#define WLAN_CAPABILITY_DSSS_OFDM (1<<13)
|
|
|
|
|
|
|
|
/* 802.11g ERP information element */
|
|
|
|
#define WLAN_ERP_NON_ERP_PRESENT (1<<0)
|
|
|
|
#define WLAN_ERP_USE_PROTECTION (1<<1)
|
|
|
|
#define WLAN_ERP_BARKER_PREAMBLE (1<<2)
|
|
|
|
|
|
|
|
/* WLAN_ERP_BARKER_PREAMBLE values */
|
|
|
|
enum {
|
|
|
|
WLAN_ERP_PREAMBLE_SHORT = 0,
|
|
|
|
WLAN_ERP_PREAMBLE_LONG = 1,
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Status codes */
|
|
|
|
enum ieee80211_statuscode {
|
|
|
|
WLAN_STATUS_SUCCESS = 0,
|
|
|
|
WLAN_STATUS_UNSPECIFIED_FAILURE = 1,
|
|
|
|
WLAN_STATUS_CAPS_UNSUPPORTED = 10,
|
|
|
|
WLAN_STATUS_REASSOC_NO_ASSOC = 11,
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_UNSPEC = 12,
|
|
|
|
WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG = 13,
|
|
|
|
WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION = 14,
|
|
|
|
WLAN_STATUS_CHALLENGE_FAIL = 15,
|
|
|
|
WLAN_STATUS_AUTH_TIMEOUT = 16,
|
|
|
|
WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA = 17,
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_RATES = 18,
|
|
|
|
/* 802.11b */
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_NOSHORTPREAMBLE = 19,
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_NOPBCC = 20,
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_NOAGILITY = 21,
|
|
|
|
/* 802.11h */
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_NOSPECTRUM = 22,
|
|
|
|
WLAN_STATUS_ASSOC_REJECTED_BAD_POWER = 23,
|
|
|
|
WLAN_STATUS_ASSOC_REJECTED_BAD_SUPP_CHAN = 24,
|
|
|
|
/* 802.11g */
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_NOSHORTTIME = 25,
|
|
|
|
WLAN_STATUS_ASSOC_DENIED_NODSSSOFDM = 26,
|
|
|
|
/* 802.11i */
|
|
|
|
WLAN_STATUS_INVALID_IE = 40,
|
|
|
|
WLAN_STATUS_INVALID_GROUP_CIPHER = 41,
|
|
|
|
WLAN_STATUS_INVALID_PAIRWISE_CIPHER = 42,
|
|
|
|
WLAN_STATUS_INVALID_AKMP = 43,
|
|
|
|
WLAN_STATUS_UNSUPP_RSN_VERSION = 44,
|
|
|
|
WLAN_STATUS_INVALID_RSN_IE_CAP = 45,
|
|
|
|
WLAN_STATUS_CIPHER_SUITE_REJECTED = 46,
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
/* Reason codes */
|
|
|
|
enum ieee80211_reasoncode {
|
|
|
|
WLAN_REASON_UNSPECIFIED = 1,
|
|
|
|
WLAN_REASON_PREV_AUTH_NOT_VALID = 2,
|
|
|
|
WLAN_REASON_DEAUTH_LEAVING = 3,
|
|
|
|
WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY = 4,
|
|
|
|
WLAN_REASON_DISASSOC_AP_BUSY = 5,
|
|
|
|
WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA = 6,
|
|
|
|
WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA = 7,
|
|
|
|
WLAN_REASON_DISASSOC_STA_HAS_LEFT = 8,
|
|
|
|
WLAN_REASON_STA_REQ_ASSOC_WITHOUT_AUTH = 9,
|
|
|
|
/* 802.11h */
|
|
|
|
WLAN_REASON_DISASSOC_BAD_POWER = 10,
|
|
|
|
WLAN_REASON_DISASSOC_BAD_SUPP_CHAN = 11,
|
|
|
|
/* 802.11i */
|
|
|
|
WLAN_REASON_INVALID_IE = 13,
|
|
|
|
WLAN_REASON_MIC_FAILURE = 14,
|
|
|
|
WLAN_REASON_4WAY_HANDSHAKE_TIMEOUT = 15,
|
|
|
|
WLAN_REASON_GROUP_KEY_HANDSHAKE_TIMEOUT = 16,
|
|
|
|
WLAN_REASON_IE_DIFFERENT = 17,
|
|
|
|
WLAN_REASON_INVALID_GROUP_CIPHER = 18,
|
|
|
|
WLAN_REASON_INVALID_PAIRWISE_CIPHER = 19,
|
|
|
|
WLAN_REASON_INVALID_AKMP = 20,
|
|
|
|
WLAN_REASON_UNSUPP_RSN_VERSION = 21,
|
|
|
|
WLAN_REASON_INVALID_RSN_IE_CAP = 22,
|
|
|
|
WLAN_REASON_IEEE8021X_FAILED = 23,
|
|
|
|
WLAN_REASON_CIPHER_SUITE_REJECTED = 24,
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
/* Information Element IDs */
|
|
|
|
enum ieee80211_eid {
|
|
|
|
WLAN_EID_SSID = 0,
|
|
|
|
WLAN_EID_SUPP_RATES = 1,
|
|
|
|
WLAN_EID_FH_PARAMS = 2,
|
|
|
|
WLAN_EID_DS_PARAMS = 3,
|
|
|
|
WLAN_EID_CF_PARAMS = 4,
|
|
|
|
WLAN_EID_TIM = 5,
|
|
|
|
WLAN_EID_IBSS_PARAMS = 6,
|
|
|
|
WLAN_EID_CHALLENGE = 16,
|
|
|
|
/* 802.11d */
|
|
|
|
WLAN_EID_COUNTRY = 7,
|
|
|
|
WLAN_EID_HP_PARAMS = 8,
|
|
|
|
WLAN_EID_HP_TABLE = 9,
|
|
|
|
WLAN_EID_REQUEST = 10,
|
|
|
|
/* 802.11h */
|
|
|
|
WLAN_EID_PWR_CONSTRAINT = 32,
|
|
|
|
WLAN_EID_PWR_CAPABILITY = 33,
|
|
|
|
WLAN_EID_TPC_REQUEST = 34,
|
|
|
|
WLAN_EID_TPC_REPORT = 35,
|
|
|
|
WLAN_EID_SUPPORTED_CHANNELS = 36,
|
|
|
|
WLAN_EID_CHANNEL_SWITCH = 37,
|
|
|
|
WLAN_EID_MEASURE_REQUEST = 38,
|
|
|
|
WLAN_EID_MEASURE_REPORT = 39,
|
|
|
|
WLAN_EID_QUIET = 40,
|
|
|
|
WLAN_EID_IBSS_DFS = 41,
|
|
|
|
/* 802.11g */
|
|
|
|
WLAN_EID_ERP_INFO = 42,
|
|
|
|
WLAN_EID_EXT_SUPP_RATES = 50,
|
|
|
|
/* 802.11i */
|
|
|
|
WLAN_EID_RSN = 48,
|
|
|
|
WLAN_EID_WPA = 221,
|
|
|
|
WLAN_EID_GENERIC = 221,
|
|
|
|
WLAN_EID_VENDOR_SPECIFIC = 221,
|
|
|
|
WLAN_EID_QOS_PARAMETER = 222
|
|
|
|
};
|
|
|
|
|
|
|
|
/* cipher suite selectors */
|
|
|
|
#define WLAN_CIPHER_SUITE_USE_GROUP 0x000FAC00
|
|
|
|
#define WLAN_CIPHER_SUITE_WEP40 0x000FAC01
|
|
|
|
#define WLAN_CIPHER_SUITE_TKIP 0x000FAC02
|
|
|
|
/* reserved: 0x000FAC03 */
|
|
|
|
#define WLAN_CIPHER_SUITE_CCMP 0x000FAC04
|
|
|
|
#define WLAN_CIPHER_SUITE_WEP104 0x000FAC05
|
|
|
|
|
|
|
|
#define WLAN_MAX_KEY_LEN 32
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ieee80211_get_SA - get pointer to SA
|
|
|
|
*
|
|
|
|
* Given an 802.11 frame, this function returns the offset
|
|
|
|
* to the source address (SA). It does not verify that the
|
|
|
|
* header is long enough to contain the address, and the
|
|
|
|
* header must be long enough to contain the frame control
|
|
|
|
* field.
|
|
|
|
*
|
|
|
|
* @hdr: the frame
|
|
|
|
*/
|
|
|
|
static inline u8 *ieee80211_get_SA(struct ieee80211_hdr *hdr)
|
|
|
|
{
|
|
|
|
u8 *raw = (u8 *) hdr;
|
|
|
|
u8 tofrom = (*(raw+1)) & 3; /* get the TODS and FROMDS bits */
|
|
|
|
|
|
|
|
switch (tofrom) {
|
|
|
|
case 2:
|
|
|
|
return hdr->addr3;
|
|
|
|
case 3:
|
|
|
|
return hdr->addr4;
|
|
|
|
}
|
|
|
|
return hdr->addr2;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ieee80211_get_DA - get pointer to DA
|
|
|
|
*
|
|
|
|
* Given an 802.11 frame, this function returns the offset
|
|
|
|
* to the destination address (DA). It does not verify that
|
|
|
|
* the header is long enough to contain the address, and the
|
|
|
|
* header must be long enough to contain the frame control
|
|
|
|
* field.
|
|
|
|
*
|
|
|
|
* @hdr: the frame
|
|
|
|
*/
|
|
|
|
static inline u8 *ieee80211_get_DA(struct ieee80211_hdr *hdr)
|
|
|
|
{
|
|
|
|
u8 *raw = (u8 *) hdr;
|
|
|
|
u8 to_ds = (*(raw+1)) & 1; /* get the TODS bit */
|
|
|
|
|
|
|
|
if (to_ds)
|
|
|
|
return hdr->addr3;
|
|
|
|
return hdr->addr1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ieee80211_get_morefrag - determine whether the MOREFRAGS bit is set
|
|
|
|
*
|
|
|
|
* This function determines whether the "more fragments" bit is set
|
|
|
|
* in the frame.
|
|
|
|
*
|
|
|
|
* @hdr: the frame
|
|
|
|
*/
|
|
|
|
static inline int ieee80211_get_morefrag(struct ieee80211_hdr *hdr)
|
|
|
|
{
|
|
|
|
return (le16_to_cpu(hdr->frame_control) &
|
|
|
|
IEEE80211_FCTL_MOREFRAGS) != 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif /* IEEE80211_H */
|