/*

 * wpa_supplicant - TDLS

 * Copyright (c) 2010-2011, Atheros Communications

 *

 * This software may be distributed under the terms of the BSD license.

 * See README for more details.

 */

#include "utils/includes.h"

#include "utils/common.h"

#include "utils/eloop.h"

#include "utils/os.h"

#include "common/ieee802_11_defs.h"

#include "common/ieee802_11_common.h"

#include "crypto/sha256.h"

#include "crypto/crypto.h"

#include "crypto/aes_wrap.h"

#include "rsn_supp/wpa.h"

#include "rsn_supp/wpa_ie.h"

#include "rsn_supp/wpa_i.h"

#include "drivers/driver.h"

#include "l2_packet/l2_packet.h"

#ifdef CONFIG_TDLS_TESTING

#define TDLS_TESTING_LONG_FRAME BIT(0)

#define TDLS_TESTING_ALT_RSN_IE BIT(1)

#define TDLS_TESTING_DIFF_BSSID BIT(2)

#define TDLS_TESTING_SHORT_LIFETIME BIT(3)

#define TDLS_TESTING_WRONG_LIFETIME_RESP BIT(4)

#define TDLS_TESTING_WRONG_LIFETIME_CONF BIT(5)

#define TDLS_TESTING_LONG_LIFETIME BIT(6)

#define TDLS_TESTING_CONCURRENT_INIT BIT(7)

#define TDLS_TESTING_NO_TPK_EXPIRATION BIT(8)

#define TDLS_TESTING_DECLINE_RESP BIT(9)

#define TDLS_TESTING_IGNORE_AP_PROHIBIT BIT(10)

#define TDLS_TESTING_WRONG_MIC BIT(11)

#define TDLS_TESTING_DOUBLE_TPK_M2 BIT(12)

unsigned int tdls_testing = 0;

#endif /* CONFIG_TDLS_TESTING */

#define TPK_LIFETIME 43200 /* 12 hours */

#define TPK_M1_RETRY_COUNT 3

#define TPK_M1_TIMEOUT 5000 /* in milliseconds */

#define TPK_M2_RETRY_COUNT 10

#define TPK_M2_TIMEOUT 500 /* in milliseconds */

#define TDLS_MIC_LEN    16

#define TDLS_TIMEOUT_LEN  4

struct wpa_tdls_ftie {

  u8 ie_type; /* FTIE */

  u8 ie_len;

  u8 mic_ctrl[2];

  u8 mic[TDLS_MIC_LEN];

  u8 Anonce[WPA_NONCE_LEN]; /* Responder Nonce in TDLS */

  u8 Snonce[WPA_NONCE_LEN]; /* Initiator Nonce in TDLS */

  /* followed by optional elements */

} STRUCT_PACKED;

struct wpa_tdls_timeoutie {

  u8 ie_type; /* Timeout IE */

  u8 ie_len;

  u8 interval_type;

  u8 value[TDLS_TIMEOUT_LEN];

} STRUCT_PACKED;

struct wpa_tdls_lnkid {

  u8 ie_type; /* Link Identifier IE */

  u8 ie_len;

  u8 bssid[ETH_ALEN];

  u8 init_sta[ETH_ALEN];

  u8 resp_sta[ETH_ALEN];

} STRUCT_PACKED;

/* TDLS frame headers as per IEEE Std 802.11z-2010 */

struct wpa_tdls_frame {

  u8 payloadtype; /* IEEE80211_TDLS_RFTYPE */

  u8 category; /* Category */

  u8 action; /* Action (enum tdls_frame_type) */

} STRUCT_PACKED;

static u8 * wpa_add_tdls_timeoutie(u8 *pos, u8 *ie, size_t ie_len, u32 tsecs);

static void wpa_tdls_tpk_retry_timeout(void *eloop_ctx, void *timeout_ctx);

static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer);

static void wpa_tdls_disable_peer_link(struct wpa_sm *sm,

               struct wpa_tdls_peer *peer);

static int wpa_tdls_send_teardown(struct wpa_sm *sm, const u8 *addr,

          u16 reason_code);

#define TDLS_MAX_IE_LEN 80

#define IEEE80211_MAX_SUPP_RATES 32

struct wpa_tdls_peer {

  struct wpa_tdls_peer *next;

  unsigned int reconfig_key:1;

  int initiator; /* whether this end was initiator for TDLS setup */

  u8 addr[ETH_ALEN]; /* other end MAC address */

  u8 inonce[WPA_NONCE_LEN]; /* Initiator Nonce */

  u8 rnonce[WPA_NONCE_LEN]; /* Responder Nonce */

  u8 rsnie_i[TDLS_MAX_IE_LEN]; /* Initiator RSN IE */

  size_t rsnie_i_len;

  u8 rsnie_p[TDLS_MAX_IE_LEN]; /* Peer RSN IE */

  size_t rsnie_p_len;

  u32 lifetime;

  int cipher; /* Selected cipher (WPA_CIPHER_*) */

  u8 dtoken;

  struct tpk {

    u8 kck[16]; /* TPK-KCK */

    u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */

  } tpk;

  int tpk_set;

  int tk_set; /* TPK-TK configured to the driver */

  int tpk_success;

  int tpk_in_progress;

  struct tpk_timer {

    u8 dest[ETH_ALEN];

    int count;      /* Retry Count */

    int timer;      /* Timeout in milliseconds */

    u8 action_code; /* TDLS frame type */

    u8 dialog_token;

    u16 status_code;

    u32 peer_capab;

    int buf_len;    /* length of TPK message for retransmission */

    u8 *buf;        /* buffer for TPK message */

  } sm_tmr;

  u16 capability;

  u8 supp_rates[IEEE80211_MAX_SUPP_RATES];

  size_t supp_rates_len;

  struct ieee80211_ht_capabilities *ht_capabilities;

  struct ieee80211_vht_capabilities *vht_capabilities;

  struct ieee80211_he_capabilities *he_capabilities;

  size_t he_capab_len;

  struct ieee80211_he_6ghz_band_cap *he_6ghz_band_capabilities;

  struct ieee80211_eht_capabilities *eht_capabilities;

  size_t eht_capab_len;

  u8 qos_info;

  u16 aid;

  u8 *ext_capab;

  size_t ext_capab_len;

  u8 *supp_channels;

  size_t supp_channels_len;

  u8 *supp_oper_classes;

  size_t supp_oper_classes_len;

  u8 wmm_capable;

  /* channel switch currently enabled */

  int chan_switch_enabled;

  int mld_link_id;

  bool disc_resp_rcvd;

  bool setup_req_rcvd;

};

static const u8 * wpa_tdls_get_link_bssid(struct wpa_sm *sm, int link_id)

{

  if (link_id >= 0)

    return sm->mlo.links[link_id].bssid;

  return sm->bssid;

}

static int wpa_tdls_get_privacy(struct wpa_sm *sm)

{

  /*

   * Get info needed from supplicant to check if the current BSS supports

   * security. Other than OPEN mode, rest are considered secured

   * WEP/WPA/WPA2 hence TDLS frames are processed for TPK handshake.

   */

  return sm->pairwise_cipher != WPA_CIPHER_NONE;

}

static u8 * wpa_add_ie(u8 *pos, const u8 *ie, size_t ie_len)

{

  os_memcpy(pos, ie, ie_len);

  return pos + ie_len;

}

static int wpa_tdls_del_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)

{

  if (wpa_sm_set_key(sm, -1, WPA_ALG_NONE, peer->addr,

         0, 0, NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE) < 0) {

    wpa_printf(MSG_WARNING, "TDLS: Failed to delete TPK-TK from "

         "the driver");

    return -1;

  }

  return 0;

}

static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)

{

  u8 key_len;

  u8 rsc[6];

  enum wpa_alg alg;

  if (peer->tk_set) {

    /*

     * This same TPK-TK has already been configured to the driver

     * and this new configuration attempt (likely due to an

     * unexpected retransmitted frame) would result in clearing

     * the TX/RX sequence number which can break security, so must

     * not allow that to happen.

     */

    wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR

         " has already been configured to the driver - do not reconfigure",

         MAC2STR(peer->addr));

    return -1;

  }

  os_memset(rsc, 0, 6);

  switch (peer->cipher) {

  case WPA_CIPHER_CCMP:

    alg = WPA_ALG_CCMP;

    key_len = 16;

    break;

  case WPA_CIPHER_NONE:

    wpa_printf(MSG_DEBUG, "TDLS: Pairwise Cipher Suite: "

         "NONE - do not use pairwise keys");

    return -1;

  default:

    wpa_printf(MSG_WARNING, "TDLS: Unsupported pairwise cipher %d",

         sm->pairwise_cipher);

    return -1;

  }

  wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,

       MAC2STR(peer->addr));

  if (wpa_sm_set_key(sm, -1, alg, peer->addr, 0, 1, rsc, sizeof(rsc),

         peer->tpk.tk, key_len,

         KEY_FLAG_PAIRWISE_RX_TX) < 0) {

    wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "

         "driver");

    return -1;

  }

  peer->tk_set = 1;

  return 0;

}

static int wpa_tdls_send_tpk_msg(struct wpa_sm *sm, const u8 *dst,

         u8 action_code, u8 dialog_token,

         u16 status_code, u32 peer_capab,

         int initiator, const u8 *buf, size_t len,

         int link_id)

{

  return wpa_sm_send_tdls_mgmt(sm, dst, action_code, dialog_token,

             status_code, peer_capab, initiator, buf,

             len, link_id);

}

static int wpa_tdls_tpk_send(struct wpa_sm *sm, const u8 *dest, u8 action_code,

           u8 dialog_token, u16 status_code, u32 peer_capab,

           int initiator, const u8 *msg, size_t msg_len,

           int link_id)

{

  struct wpa_tdls_peer *peer;

  wpa_printf(MSG_DEBUG, "TDLS: TPK send dest=" MACSTR " action_code=%u "

       "dialog_token=%u status_code=%u peer_capab=%u initiator=%d "

       "msg_len=%u",

       MAC2STR(dest), action_code, dialog_token, status_code,

       peer_capab, initiator, (unsigned int) msg_len);

  if (wpa_tdls_send_tpk_msg(sm, dest, action_code, dialog_token,

          status_code, peer_capab, initiator, msg,

          msg_len, link_id)) {

    wpa_printf(MSG_INFO, "TDLS: Failed to send message "

         "(action_code=%u)", action_code);

    return -1;

  }

  if (action_code == WLAN_TDLS_SETUP_CONFIRM ||

      action_code == WLAN_TDLS_TEARDOWN ||

      action_code == WLAN_TDLS_DISCOVERY_REQUEST ||

      action_code == WLAN_TDLS_DISCOVERY_RESPONSE)

    return 0; /* No retries */

  for (peer = sm->tdls; peer; peer = peer->next) {

    if (ether_addr_equal(peer->addr, dest))

      break;

  }

  if (peer == NULL) {

    wpa_printf(MSG_INFO, "TDLS: No matching entry found for "

         "retry " MACSTR, MAC2STR(dest));

    return 0;

  }

  eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);

  if (action_code == WLAN_TDLS_SETUP_RESPONSE) {

    peer->sm_tmr.count = TPK_M2_RETRY_COUNT;

    peer->sm_tmr.timer = TPK_M2_TIMEOUT;

  } else {

    peer->sm_tmr.count = TPK_M1_RETRY_COUNT;

    peer->sm_tmr.timer = TPK_M1_TIMEOUT;

  }

  /* Copy message to resend on timeout */

  os_memcpy(peer->sm_tmr.dest, dest, ETH_ALEN);

  peer->sm_tmr.action_code = action_code;

  peer->sm_tmr.dialog_token = dialog_token;

  peer->sm_tmr.status_code = status_code;

  peer->sm_tmr.peer_capab = peer_capab;

  peer->sm_tmr.buf_len = msg_len;

  os_free(peer->sm_tmr.buf);

  peer->sm_tmr.buf = os_memdup(msg, msg_len);

  if (peer->sm_tmr.buf == NULL)

    return -1;

  wpa_printf(MSG_DEBUG, "TDLS: Retry timeout registered "

       "(action_code=%u)", action_code);

  eloop_register_timeout(peer->sm_tmr.timer / 1000,

             (peer->sm_tmr.timer % 1000) * 1000,

             wpa_tdls_tpk_retry_timeout, sm, peer);

  return 0;

}

static int wpa_tdls_do_teardown(struct wpa_sm *sm, struct wpa_tdls_peer *peer,

        u16 reason_code)

{

  int ret;

  ret = wpa_tdls_send_teardown(sm, peer->addr, reason_code);

  /* disable the link after teardown was sent */

  wpa_tdls_disable_peer_link(sm, peer);

  return ret;

}

static void wpa_tdls_tpk_retry_timeout(void *eloop_ctx, void *timeout_ctx)

{

  struct wpa_sm *sm = eloop_ctx;

  struct wpa_tdls_peer *peer = timeout_ctx;

  if (peer->sm_tmr.count) {

    peer->sm_tmr.count--;

    wpa_printf(MSG_INFO, "TDLS: Retrying sending of message "

         "(action_code=%u)",

         peer->sm_tmr.action_code);

    if (peer->sm_tmr.buf == NULL) {

      wpa_printf(MSG_INFO, "TDLS: No retry buffer available "

           "for action_code=%u",

           peer->sm_tmr.action_code);

      eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm,

               peer);

      return;

    }

    /* resend TPK Handshake Message to Peer */

    if (wpa_tdls_send_tpk_msg(sm, peer->sm_tmr.dest,

            peer->sm_tmr.action_code,

            peer->sm_tmr.dialog_token,

            peer->sm_tmr.status_code,

            peer->sm_tmr.peer_capab,

            peer->initiator,

            peer->sm_tmr.buf,

            peer->sm_tmr.buf_len, -1)) {

      wpa_printf(MSG_INFO, "TDLS: Failed to retry "

           "transmission");

    }

    eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);

    eloop_register_timeout(peer->sm_tmr.timer / 1000,

               (peer->sm_tmr.timer % 1000) * 1000,

               wpa_tdls_tpk_retry_timeout, sm, peer);

  } else {

    eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);

    wpa_printf(MSG_DEBUG, "TDLS: Sending Teardown Request");

    wpa_tdls_do_teardown(sm, peer,

             WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED);

  }

}

static void wpa_tdls_tpk_retry_timeout_cancel(struct wpa_sm *sm,

                struct wpa_tdls_peer *peer,

                u8 action_code)

{

  if (action_code == peer->sm_tmr.action_code) {

    wpa_printf(MSG_DEBUG, "TDLS: Retry timeout cancelled for "

         "action_code=%u", action_code);

    /* Cancel Timeout registered */

    eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);

    /* free all resources meant for retry */

    os_free(peer->sm_tmr.buf);

    peer->sm_tmr.buf = NULL;

    peer->sm_tmr.count = 0;

    peer->sm_tmr.timer = 0;

    peer->sm_tmr.buf_len = 0;

    peer->sm_tmr.action_code = 0xff;

  } else {

    wpa_printf(MSG_INFO, "TDLS: Error in cancelling retry timeout "

         "(Unknown action_code=%u)", action_code);

  }

}

static void wpa_tdls_generate_tpk(struct wpa_tdls_peer *peer,

          const u8 *own_addr, const u8 *bssid)

{

  u8 key_input[SHA256_MAC_LEN];

  const u8 *nonce[2];

  size_t len[2];

  u8 data[3 * ETH_ALEN];

  /* IEEE Std 802.11-2016 12.7.9.2:

   * TPK-Key-Input = Hash(min(SNonce, ANonce) || max(SNonce, ANonce))

   * Hash = SHA-256 for TDLS

   */

  len[0] = WPA_NONCE_LEN;

  len[1] = WPA_NONCE_LEN;

  if (os_memcmp(peer->inonce, peer->rnonce, WPA_NONCE_LEN) < 0) {

    nonce[0] = peer->inonce;

    nonce[1] = peer->rnonce;

  } else {

    nonce[0] = peer->rnonce;

    nonce[1] = peer->inonce;

  }

  wpa_hexdump(MSG_DEBUG, "TDLS: min(Nonce)", nonce[0], WPA_NONCE_LEN);

  wpa_hexdump(MSG_DEBUG, "TDLS: max(Nonce)", nonce[1], WPA_NONCE_LEN);

  sha256_vector(2, nonce, len, key_input);

  wpa_hexdump_key(MSG_DEBUG, "TDLS: TPK-Key-Input",

      key_input, SHA256_MAC_LEN);

  /*

   * TPK = KDF-Hash-Length(TPK-Key-Input, "TDLS PMK",

   *  min(MAC_I, MAC_R) || max(MAC_I, MAC_R) || BSSID)

   */

  if (os_memcmp(own_addr, peer->addr, ETH_ALEN) < 0) {

    os_memcpy(data, own_addr, ETH_ALEN);

    os_memcpy(data + ETH_ALEN, peer->addr, ETH_ALEN);

  } else {

    os_memcpy(data, peer->addr, ETH_ALEN);

    os_memcpy(data + ETH_ALEN, own_addr, ETH_ALEN);

  }

  os_memcpy(data + 2 * ETH_ALEN, bssid, ETH_ALEN);

  wpa_hexdump(MSG_DEBUG, "TDLS: KDF Context", data, sizeof(data));

  sha256_prf(key_input, SHA256_MAC_LEN, "TDLS PMK", data, sizeof(data),

       (u8 *) &peer->tpk, sizeof(peer->tpk));

  wpa_hexdump_key(MSG_DEBUG, "TDLS: TPK-KCK",

      peer->tpk.kck, sizeof(peer->tpk.kck));

  wpa_hexdump_key(MSG_DEBUG, "TDLS: TPK-TK",

      peer->tpk.tk, sizeof(peer->tpk.tk));

  peer->tpk_set = 1;

}

/**

 * wpa_tdls_ftie_mic - Calculate TDLS FTIE MIC

 * @kck: TPK-KCK

 * @lnkid: Pointer to the beginning of Link Identifier IE

 * @rsne: Pointer to the beginning of RSNE used for handshake

 * @rsne_len: Length of RSNE in octets

 * @timeoutie: Pointer to the beginning of Timeout IE used for handshake

 * @fte: Pointer to the beginning of FTE

 * @fre_len: Length of FTE in octets

 * @mic: Pointer for writing MIC

 *

 * Calculate MIC for TDLS frame.

 */

static int wpa_tdls_ftie_mic(const u8 *kck, u8 trans_seq, const u8 *lnkid,

           const u8 *rsne, size_t rsne_len,

           const u8 *timeoutie,

           const u8 *fte, size_t fte_len, u8 *mic)

{

  u8 *buf, *pos;

  struct wpa_tdls_ftie *_ftie;

  const struct wpa_tdls_lnkid *_lnkid;

  int ret;

  int len = 2 * ETH_ALEN + 1 + 2 + lnkid[1] + rsne_len +

    2 + timeoutie[1] + fte_len;

  buf = os_zalloc(len);

  if (!buf) {

    wpa_printf(MSG_WARNING, "TDLS: No memory for MIC calculation");

    return -1;

  }

  pos = buf;

  _lnkid = (const struct wpa_tdls_lnkid *) lnkid;

  /* 1) TDLS initiator STA MAC address */

  os_memcpy(pos, _lnkid->init_sta, ETH_ALEN);

  pos += ETH_ALEN;

  /* 2) TDLS responder STA MAC address */

  os_memcpy(pos, _lnkid->resp_sta, ETH_ALEN);

  pos += ETH_ALEN;

  /* 3) Transaction Sequence number */

  *pos++ = trans_seq;

  /* 4) Link Identifier IE */

  os_memcpy(pos, lnkid, 2 + lnkid[1]);

  pos += 2 + lnkid[1];

  /* 5) RSN IE */

  os_memcpy(pos, rsne, rsne_len);

  pos += rsne_len;

  /* 6) Timeout Interval IE */

  os_memcpy(pos, timeoutie, 2 + timeoutie[1]);

  pos += 2 + timeoutie[1];

  /* 7) FTIE, with the MIC field of the FTIE set to 0 */

  os_memcpy(pos, fte, fte_len);

  _ftie = (struct wpa_tdls_ftie *) pos;

  os_memset(_ftie->mic, 0, TDLS_MIC_LEN);

  pos += fte_len;

  wpa_hexdump(MSG_DEBUG, "TDLS: Data for FTIE MIC", buf, pos - buf);

  wpa_hexdump_key(MSG_DEBUG, "TDLS: KCK", kck, 16);

  ret = omac1_aes_128(kck, buf, pos - buf, mic);

  os_free(buf);

  wpa_hexdump(MSG_DEBUG, "TDLS: FTIE MIC", mic, 16);

  return ret;

}

/**

 * wpa_tdls_key_mic_teardown - Calculate TDLS FTIE MIC for Teardown frame

 * @kck: TPK-KCK

 * @trans_seq: Transaction Sequence Number (4 - Teardown)

 * @rcode: Reason code for Teardown

 * @dtoken: Dialog Token used for that particular link

 * @lnkid: Pointer to the beginning of Link Identifier IE

 * @fte: Pointer to the beginning of FTE

 * @fre_len: Length of FTE in octets

 * @mic: Pointer for writing MIC

 *

 * Calculate MIC for TDLS frame.

 */

static int wpa_tdls_key_mic_teardown(const u8 *kck, u8 trans_seq, u16 rcode,

             u8 dtoken, const u8 *lnkid,

             const u8 *fte, size_t fte_len, u8 *mic)

{

  u8 *buf, *pos;

  struct wpa_tdls_ftie *_ftie;

  int ret;

  int len;

  if (lnkid == NULL)

    return -1;

  len = 2 + lnkid[1] + sizeof(rcode) + sizeof(dtoken) +

    sizeof(trans_seq) + fte_len;

  buf = os_zalloc(len);

  if (!buf) {

    wpa_printf(MSG_WARNING, "TDLS: No memory for MIC calculation");

    return -1;

  }

  pos = buf;

  /* 1) Link Identifier IE */

  os_memcpy(pos, lnkid, 2 + lnkid[1]);

  pos += 2 + lnkid[1];

  /* 2) Reason Code */

  WPA_PUT_LE16(pos, rcode);

  pos += sizeof(rcode);

  /* 3) Dialog token */

  *pos++ = dtoken;

  /* 4) Transaction Sequence number */

  *pos++ = trans_seq;

  /* 7) FTIE, with the MIC field of the FTIE set to 0 */

  os_memcpy(pos, fte, fte_len);

  _ftie = (struct wpa_tdls_ftie *) pos;

  os_memset(_ftie->mic, 0, TDLS_MIC_LEN);

  pos += fte_len;

  wpa_hexdump(MSG_DEBUG, "TDLS: Data for FTIE MIC", buf, pos - buf);

  wpa_hexdump_key(MSG_DEBUG, "TDLS: KCK", kck, 16);

  ret = omac1_aes_128(kck, buf, pos - buf, mic);

  os_free(buf);

  wpa_hexdump(MSG_DEBUG, "TDLS: FTIE MIC", mic, 16);

  return ret;

}

static int wpa_supplicant_verify_tdls_mic(u8 trans_seq,

            struct wpa_tdls_peer *peer,

            const u8 *lnkid, const u8 *timeoutie,

            const struct wpa_tdls_ftie *ftie,

            size_t fte_len)

{

  u8 mic[16];

  if (peer->tpk_set) {

    wpa_tdls_ftie_mic(peer->tpk.kck, trans_seq, lnkid,

          peer->rsnie_p, peer->rsnie_p_len, timeoutie,

          (const u8 *) ftie, fte_len, mic);

    if (os_memcmp_const(mic, ftie->mic, 16) != 0) {

      wpa_printf(MSG_INFO, "TDLS: Invalid MIC in FTIE - "

           "dropping packet");

      wpa_hexdump(MSG_DEBUG, "TDLS: Received MIC",

            ftie->mic, 16);

      wpa_hexdump(MSG_DEBUG, "TDLS: Calculated MIC",

            mic, 16);

      return -1;

    }

  } else {

    wpa_printf(MSG_WARNING, "TDLS: Could not verify TDLS MIC, "

         "TPK not set - dropping packet");

    return -1;

  }

  return 0;

}

static int wpa_supplicant_verify_tdls_mic_teardown(

  u8 trans_seq, u16 rcode, u8 dtoken, struct wpa_tdls_peer *peer,

  const u8 *lnkid, const struct wpa_tdls_ftie *ftie, size_t fte_len)

{

  u8 mic[16];

  if (peer->tpk_set) {

    wpa_tdls_key_mic_teardown(peer->tpk.kck, trans_seq, rcode,

            dtoken, lnkid, (const u8 *) ftie,

            fte_len, mic);

    if (os_memcmp_const(mic, ftie->mic, 16) != 0) {

      wpa_printf(MSG_INFO, "TDLS: Invalid MIC in Teardown - "

           "dropping packet");

      return -1;

    }

  } else {

    wpa_printf(MSG_INFO, "TDLS: Could not verify TDLS Teardown "

         "MIC, TPK not set - dropping packet");

    return -1;

  }

  return 0;

}

static void wpa_tdls_tpk_timeout(void *eloop_ctx, void *timeout_ctx)

{

  struct wpa_sm *sm = eloop_ctx;

  struct wpa_tdls_peer *peer = timeout_ctx;

  /*

   * On TPK lifetime expiration, we have an option of either tearing down

   * the direct link or trying to re-initiate it. The selection of what

   * to do is not strictly speaking controlled by our role in the expired

   * link, but for now, use that to select whether to renew or tear down

   * the link.

   */

  if (peer->initiator) {

    u8 addr[ETH_ALEN];

    wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime expired for " MACSTR

         " - try to renew", MAC2STR(peer->addr));

    /* cache the peer address before do_teardown */

    os_memcpy(addr, peer->addr, ETH_ALEN);

    wpa_tdls_do_teardown(sm, peer,

             WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED);

    wpa_tdls_start(sm, addr);

  } else {

    wpa_printf(MSG_DEBUG, "TDLS: TPK lifetime expired for " MACSTR

         " - tear down", MAC2STR(peer->addr));

    wpa_tdls_do_teardown(sm, peer,

             WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED);

  }

}

static void wpa_tdls_peer_remove_from_list(struct wpa_sm *sm,

             struct wpa_tdls_peer *peer)

{

  struct wpa_tdls_peer *cur, *prev;

  cur = sm->tdls;

  prev = NULL;

  while (cur && cur != peer) {

    prev = cur;

    cur = cur->next;

  }

  if (cur != peer) {

    wpa_printf(MSG_ERROR, "TDLS: Could not find peer " MACSTR

         " to remove it from the list",

         MAC2STR(peer->addr));

    return;

  }

  if (prev)

    prev->next = peer->next;

  else

    sm->tdls = peer->next;

}

static void wpa_tdls_peer_clear(struct wpa_sm *sm, struct wpa_tdls_peer *peer)

{

  wpa_printf(MSG_DEBUG, "TDLS: Clear state for peer " MACSTR,

       MAC2STR(peer->addr));

  eloop_cancel_timeout(wpa_tdls_tpk_timeout, sm, peer);

  eloop_cancel_timeout(wpa_tdls_tpk_retry_timeout, sm, peer);

  peer->reconfig_key = 0;

  peer->initiator = 0;

  peer->tpk_in_progress = 0;

  os_free(peer->sm_tmr.buf);

  peer->sm_tmr.buf = NULL;

  os_free(peer->ht_capabilities);

  peer->ht_capabilities = NULL;

  os_free(peer->vht_capabilities);

  peer->vht_capabilities = NULL;

  os_free(peer->he_capabilities);

  peer->he_capabilities = NULL;

  os_free(peer->he_6ghz_band_capabilities);

  peer->he_6ghz_band_capabilities = NULL;

  os_free(peer->eht_capabilities);

  peer->eht_capabilities = NULL;

  os_free(peer->ext_capab);

  peer->ext_capab = NULL;

  os_free(peer->supp_channels);

  peer->supp_channels = NULL;

  os_free(peer->supp_oper_classes);

  peer->supp_oper_classes = NULL;

  peer->rsnie_i_len = peer->rsnie_p_len = 0;

  peer->cipher = 0;

  peer->qos_info = 0;

  peer->wmm_capable = 0;

  peer->tk_set = peer->tpk_set = peer->tpk_success = 0;

  peer->chan_switch_enabled = 0;

  os_memset(&peer->tpk, 0, sizeof(peer->tpk));

  os_memset(peer->inonce, 0, WPA_NONCE_LEN);

  os_memset(peer->rnonce, 0, WPA_NONCE_LEN);

  peer->mld_link_id = -1;

}

static void wpa_tdls_peer_free(struct wpa_sm *sm, struct wpa_tdls_peer *peer)

{

  wpa_tdls_peer_clear(sm, peer);

  wpa_tdls_peer_remove_from_list(sm, peer);

  os_free(peer);

}

static void wpa_tdls_linkid(struct wpa_sm *sm, struct wpa_tdls_peer *peer,

          struct wpa_tdls_lnkid *lnkid)

{

  lnkid->ie_type = WLAN_EID_LINK_ID;

  lnkid->ie_len = 3 * ETH_ALEN;

  os_memcpy(lnkid->bssid, wpa_tdls_get_link_bssid(sm, peer->mld_link_id),

      ETH_ALEN);

  if (peer->initiator) {

    os_memcpy(lnkid->init_sta, sm->own_addr, ETH_ALEN);

    os_memcpy(lnkid->resp_sta, peer->addr, ETH_ALEN);

  } else {

    os_memcpy(lnkid->init_sta, peer->addr, ETH_ALEN);

    os_memcpy(lnkid->resp_sta, sm->own_addr, ETH_ALEN);

  }

}

static int wpa_tdls_send_teardown(struct wpa_sm *sm, const u8 *addr,

          u16 reason_code)

{

  struct wpa_tdls_peer *peer;

  struct wpa_tdls_ftie *ftie;

  struct wpa_tdls_lnkid lnkid;

  u8 dialog_token;

  u8 *rbuf, *pos;

  int ielen;

  if (sm->tdls_disabled || !sm->tdls_supported)

    return -1;

  /* Find the node and free from the list */

  for (peer = sm->tdls; peer; peer = peer->next) {

    if (ether_addr_equal(peer->addr, addr))

      break;

  }

  if (peer == NULL) {

    wpa_printf(MSG_INFO, "TDLS: No matching entry found for "

         "Teardown " MACSTR, MAC2STR(addr));

    return 0;

  }

  /* Cancel active channel switch before teardown */

  if (peer->chan_switch_enabled) {

    wpa_printf(MSG_DEBUG, "TDLS: First returning link with " MACSTR

         " to base channel", MAC2STR(addr));

    wpa_sm_tdls_disable_channel_switch(sm, peer->addr);

  }

  dialog_token = peer->dtoken;

  wpa_printf(MSG_DEBUG, "TDLS: TDLS Teardown for " MACSTR,

       MAC2STR(addr));

  ielen = 0;

  if (wpa_tdls_get_privacy(sm) && peer->tpk_set && peer->tpk_success) {

    /* To add FTIE for Teardown request and compute MIC */

    ielen += sizeof(*ftie);

#ifdef CONFIG_TDLS_TESTING

    if (tdls_testing & TDLS_TESTING_LONG_FRAME)

      ielen += 170;

#endif /* CONFIG_TDLS_TESTING */

  }

  rbuf = os_zalloc(ielen + 1);

  if (rbuf == NULL)

    return -1;

  pos = rbuf;

  if (!wpa_tdls_get_privacy(sm) || !peer->tpk_set || !peer->tpk_success)

    goto skip_ies;

  ftie = (struct wpa_tdls_ftie *) pos;

  ftie->ie_type = WLAN_EID_FAST_BSS_TRANSITION;

  /* Using the recent nonce which should be for CONFIRM frame */

  os_memcpy(ftie->Anonce, peer->rnonce, WPA_NONCE_LEN);

  os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);

  ftie->ie_len = sizeof(struct wpa_tdls_ftie) - 2;

  pos = (u8 *) (ftie + 1);

#ifdef CONFIG_TDLS_TESTING

  if (tdls_testing & TDLS_TESTING_LONG_FRAME) {

    wpa_printf(MSG_DEBUG, "TDLS: Testing - add extra subelem to "

         "FTIE");

    ftie->ie_len += 170;

    *pos++ = 255; /* FTIE subelem */

    *pos++ = 168; /* FTIE subelem length */

    pos += 168;

  }

#endif /* CONFIG_TDLS_TESTING */

  wpa_hexdump(MSG_DEBUG, "TDLS: FTIE for TDLS Teardown handshake",

        (u8 *) ftie, pos - (u8 *) ftie);

  /* compute MIC before sending */

  wpa_tdls_linkid(sm, peer, &lnkid);

  wpa_tdls_key_mic_teardown(peer->tpk.kck, 4, reason_code,

          dialog_token, (const u8 *) &lnkid,

          (const u8 *) ftie, 2 + ftie->ie_len,

          ftie->mic);

skip_ies:

  /* TODO: register for a Timeout handler, if Teardown is not received at

   * the other end, then try again another time */

  /* request driver to send Teardown using this FTIE */

  wpa_tdls_tpk_send(sm, addr, WLAN_TDLS_TEARDOWN, 0,

        reason_code, 0, peer->initiator, rbuf, pos - rbuf,

        -1);

  os_free(rbuf);

  return 0;

}

int wpa_tdls_teardown_link(struct wpa_sm *sm, const u8 *addr, u16 reason_code)

{

  struct wpa_tdls_peer *peer;

  if (sm->tdls_disabled || !sm->tdls_supported)

    return -1;

  for (peer = sm->tdls; peer; peer = peer->next) {

    if (ether_addr_equal(peer->addr, addr))

      break;

  }

  if (peer == NULL) {

    wpa_printf(MSG_DEBUG, "TDLS: Could not find peer " MACSTR

       " for link Teardown", MAC2STR(addr));

    return -1;

  }

  if (!peer->tpk_success) {

    wpa_printf(MSG_DEBUG, "TDLS: Peer " MACSTR

       " not connected - cannot Teardown link", MAC2STR(addr));

    return -1;

  }

  return wpa_tdls_do_teardown(sm, peer, reason_code);

}

static void wpa_tdls_disable_peer_link(struct wpa_sm *sm,

               struct wpa_tdls_peer *peer)

{

  wpa_sm_tdls_oper(sm, TDLS_DISABLE_LINK, peer->addr);

  wpa_tdls_peer_free(sm, peer);

}

void wpa_tdls_disable_unreachable_link(struct wpa_sm *sm, const u8 *addr)

{

  struct wpa_tdls_peer *peer;

  for (peer = sm->tdls; peer; peer = peer->next) {

    if (ether_addr_equal(peer->addr, addr))

      break;

  }

  if (!peer || !peer->tpk_success) {

    wpa_printf(MSG_DEBUG, "TDLS: Peer " MACSTR

         " not connected - cannot teardown unreachable link",

         MAC2STR(addr));

    return;

  }