]>
Commit | Line | Data |
---|---|---|
6fc6879b JM |
1 | /* |
2 | * WPA Supplicant - Driver event processing | |
3 | * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License version 2 as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * Alternatively, this software may be distributed under the terms of BSD | |
10 | * license. | |
11 | * | |
12 | * See README and COPYING for more details. | |
13 | */ | |
14 | ||
15 | #include "includes.h" | |
16 | ||
17 | #include "common.h" | |
18 | #include "eapol_supp/eapol_supp_sm.h" | |
19 | #include "wpa.h" | |
20 | #include "eloop.h" | |
21 | #include "drivers/driver.h" | |
22 | #include "config.h" | |
23 | #include "l2_packet/l2_packet.h" | |
24 | #include "wpa_supplicant_i.h" | |
25 | #include "pcsc_funcs.h" | |
26 | #include "preauth.h" | |
27 | #include "pmksa_cache.h" | |
28 | #include "wpa_ctrl.h" | |
29 | #include "eap_peer/eap.h" | |
30 | #include "ctrl_iface_dbus.h" | |
31 | #include "ieee802_11_defs.h" | |
32 | #include "blacklist.h" | |
33 | #include "wpas_glue.h" | |
34 | ||
35 | ||
36 | static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s) | |
37 | { | |
38 | struct wpa_ssid *ssid; | |
39 | ||
40 | if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid) | |
41 | return 0; | |
42 | ||
43 | wpa_printf(MSG_DEBUG, "Select network based on association " | |
44 | "information"); | |
45 | ssid = wpa_supplicant_get_ssid(wpa_s); | |
46 | if (ssid == NULL) { | |
47 | wpa_printf(MSG_INFO, "No network configuration found for the " | |
48 | "current AP"); | |
49 | return -1; | |
50 | } | |
51 | ||
52 | if (ssid->disabled) { | |
53 | wpa_printf(MSG_DEBUG, "Selected network is disabled"); | |
54 | return -1; | |
55 | } | |
56 | ||
57 | wpa_printf(MSG_DEBUG, "Network configuration found for the current " | |
58 | "AP"); | |
59 | if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X | | |
60 | WPA_KEY_MGMT_WPA_NONE | | |
56586197 JM |
61 | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X | |
62 | WPA_KEY_MGMT_PSK_SHA256 | | |
63 | WPA_KEY_MGMT_IEEE8021X_SHA256)) { | |
6fc6879b JM |
64 | u8 wpa_ie[80]; |
65 | size_t wpa_ie_len = sizeof(wpa_ie); | |
66 | wpa_supplicant_set_suites(wpa_s, NULL, ssid, | |
67 | wpa_ie, &wpa_ie_len); | |
68 | } else { | |
69 | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); | |
70 | } | |
71 | ||
72 | if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) | |
73 | eapol_sm_invalidate_cached_session(wpa_s->eapol); | |
74 | wpa_s->current_ssid = ssid; | |
75 | wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); | |
76 | wpa_supplicant_initiate_eapol(wpa_s); | |
77 | ||
78 | return 0; | |
79 | } | |
80 | ||
81 | ||
82 | static void wpa_supplicant_stop_countermeasures(void *eloop_ctx, | |
83 | void *sock_ctx) | |
84 | { | |
85 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
86 | ||
87 | if (wpa_s->countermeasures) { | |
88 | wpa_s->countermeasures = 0; | |
89 | wpa_drv_set_countermeasures(wpa_s, 0); | |
90 | wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped"); | |
91 | wpa_supplicant_req_scan(wpa_s, 0, 0); | |
92 | } | |
93 | } | |
94 | ||
95 | ||
96 | void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) | |
97 | { | |
98 | wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); | |
99 | os_memset(wpa_s->bssid, 0, ETH_ALEN); | |
100 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); | |
101 | eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); | |
102 | eapol_sm_notify_portValid(wpa_s->eapol, FALSE); | |
56586197 | 103 | if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) |
6fc6879b JM |
104 | eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); |
105 | wpa_s->ap_ies_from_associnfo = 0; | |
106 | } | |
107 | ||
108 | ||
109 | static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) | |
110 | { | |
111 | struct wpa_ie_data ie; | |
112 | int pmksa_set = -1; | |
113 | size_t i; | |
114 | ||
115 | if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 || | |
116 | ie.pmkid == NULL) | |
117 | return; | |
118 | ||
119 | for (i = 0; i < ie.num_pmkid; i++) { | |
120 | pmksa_set = pmksa_cache_set_current(wpa_s->wpa, | |
121 | ie.pmkid + i * PMKID_LEN, | |
122 | NULL, NULL, 0); | |
123 | if (pmksa_set == 0) { | |
124 | eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); | |
125 | break; | |
126 | } | |
127 | } | |
128 | ||
129 | wpa_printf(MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from PMKSA " | |
130 | "cache", pmksa_set == 0 ? "" : "not "); | |
131 | } | |
132 | ||
133 | ||
134 | static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s, | |
135 | union wpa_event_data *data) | |
136 | { | |
137 | if (data == NULL) { | |
138 | wpa_printf(MSG_DEBUG, "RSN: No data in PMKID candidate event"); | |
139 | return; | |
140 | } | |
141 | wpa_printf(MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR | |
142 | " index=%d preauth=%d", | |
143 | MAC2STR(data->pmkid_candidate.bssid), | |
144 | data->pmkid_candidate.index, | |
145 | data->pmkid_candidate.preauth); | |
146 | ||
147 | pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid, | |
148 | data->pmkid_candidate.index, | |
149 | data->pmkid_candidate.preauth); | |
150 | } | |
151 | ||
152 | ||
153 | static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s) | |
154 | { | |
155 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || | |
156 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) | |
157 | return 0; | |
158 | ||
159 | #ifdef IEEE8021X_EAPOL | |
160 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA && | |
161 | wpa_s->current_ssid && | |
162 | !(wpa_s->current_ssid->eapol_flags & | |
163 | (EAPOL_FLAG_REQUIRE_KEY_UNICAST | | |
164 | EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) { | |
165 | /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either | |
166 | * plaintext or static WEP keys). */ | |
167 | return 0; | |
168 | } | |
169 | #endif /* IEEE8021X_EAPOL */ | |
170 | ||
171 | return 1; | |
172 | } | |
173 | ||
174 | ||
175 | /** | |
176 | * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC | |
177 | * @wpa_s: pointer to wpa_supplicant data | |
178 | * @ssid: Configuration data for the network | |
179 | * Returns: 0 on success, -1 on failure | |
180 | * | |
181 | * This function is called when starting authentication with a network that is | |
182 | * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA). | |
183 | */ | |
184 | int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s, | |
185 | struct wpa_ssid *ssid) | |
186 | { | |
187 | #ifdef IEEE8021X_EAPOL | |
188 | int aka = 0, sim = 0, type; | |
189 | ||
190 | if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL) | |
191 | return 0; | |
192 | ||
193 | if (ssid->eap.eap_methods == NULL) { | |
194 | sim = 1; | |
195 | aka = 1; | |
196 | } else { | |
197 | struct eap_method_type *eap = ssid->eap.eap_methods; | |
198 | while (eap->vendor != EAP_VENDOR_IETF || | |
199 | eap->method != EAP_TYPE_NONE) { | |
200 | if (eap->vendor == EAP_VENDOR_IETF) { | |
201 | if (eap->method == EAP_TYPE_SIM) | |
202 | sim = 1; | |
203 | else if (eap->method == EAP_TYPE_AKA) | |
204 | aka = 1; | |
205 | } | |
206 | eap++; | |
207 | } | |
208 | } | |
209 | ||
210 | if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL) | |
211 | sim = 0; | |
212 | if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL) | |
213 | aka = 0; | |
214 | ||
215 | if (!sim && !aka) { | |
216 | wpa_printf(MSG_DEBUG, "Selected network is configured to use " | |
217 | "SIM, but neither EAP-SIM nor EAP-AKA are enabled"); | |
218 | return 0; | |
219 | } | |
220 | ||
221 | wpa_printf(MSG_DEBUG, "Selected network is configured to use SIM " | |
222 | "(sim=%d aka=%d) - initialize PCSC", sim, aka); | |
223 | if (sim && aka) | |
224 | type = SCARD_TRY_BOTH; | |
225 | else if (aka) | |
226 | type = SCARD_USIM_ONLY; | |
227 | else | |
228 | type = SCARD_GSM_SIM_ONLY; | |
229 | ||
230 | wpa_s->scard = scard_init(type); | |
231 | if (wpa_s->scard == NULL) { | |
232 | wpa_printf(MSG_WARNING, "Failed to initialize SIM " | |
233 | "(pcsc-lite)"); | |
234 | return -1; | |
235 | } | |
236 | wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); | |
237 | eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); | |
238 | #endif /* IEEE8021X_EAPOL */ | |
239 | ||
240 | return 0; | |
241 | } | |
242 | ||
243 | ||
244 | #ifndef CONFIG_NO_SCAN_PROCESSING | |
245 | static int wpa_supplicant_match_privacy(struct wpa_scan_res *bss, | |
246 | struct wpa_ssid *ssid) | |
247 | { | |
248 | int i, privacy = 0; | |
249 | ||
250 | if (ssid->mixed_cell) | |
251 | return 1; | |
252 | ||
253 | for (i = 0; i < NUM_WEP_KEYS; i++) { | |
254 | if (ssid->wep_key_len[i]) { | |
255 | privacy = 1; | |
256 | break; | |
257 | } | |
258 | } | |
259 | #ifdef IEEE8021X_EAPOL | |
260 | if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && | |
261 | ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST | | |
262 | EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) | |
263 | privacy = 1; | |
264 | #endif /* IEEE8021X_EAPOL */ | |
265 | ||
266 | if (bss->caps & IEEE80211_CAP_PRIVACY) | |
267 | return privacy; | |
268 | return !privacy; | |
269 | } | |
270 | ||
271 | ||
272 | static int wpa_supplicant_ssid_bss_match(struct wpa_ssid *ssid, | |
273 | struct wpa_scan_res *bss) | |
274 | { | |
275 | struct wpa_ie_data ie; | |
276 | int proto_match = 0; | |
277 | const u8 *rsn_ie, *wpa_ie; | |
278 | ||
279 | rsn_ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
280 | while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { | |
281 | proto_match++; | |
282 | ||
283 | if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { | |
284 | wpa_printf(MSG_DEBUG, " skip RSN IE - parse failed"); | |
285 | break; | |
286 | } | |
287 | if (!(ie.proto & ssid->proto)) { | |
288 | wpa_printf(MSG_DEBUG, " skip RSN IE - proto " | |
289 | "mismatch"); | |
290 | break; | |
291 | } | |
292 | ||
293 | if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { | |
294 | wpa_printf(MSG_DEBUG, " skip RSN IE - PTK cipher " | |
295 | "mismatch"); | |
296 | break; | |
297 | } | |
298 | ||
299 | if (!(ie.group_cipher & ssid->group_cipher)) { | |
300 | wpa_printf(MSG_DEBUG, " skip RSN IE - GTK cipher " | |
301 | "mismatch"); | |
302 | break; | |
303 | } | |
304 | ||
305 | if (!(ie.key_mgmt & ssid->key_mgmt)) { | |
306 | wpa_printf(MSG_DEBUG, " skip RSN IE - key mgmt " | |
307 | "mismatch"); | |
308 | break; | |
309 | } | |
310 | ||
311 | #ifdef CONFIG_IEEE80211W | |
0b60b0aa JM |
312 | if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && |
313 | ssid->ieee80211w == IEEE80211W_REQUIRED) { | |
6fc6879b JM |
314 | wpa_printf(MSG_DEBUG, " skip RSN IE - no mgmt frame " |
315 | "protection"); | |
316 | break; | |
317 | } | |
318 | #endif /* CONFIG_IEEE80211W */ | |
319 | ||
320 | wpa_printf(MSG_DEBUG, " selected based on RSN IE"); | |
321 | return 1; | |
322 | } | |
323 | ||
324 | wpa_ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
325 | while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { | |
326 | proto_match++; | |
327 | ||
328 | if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) { | |
329 | wpa_printf(MSG_DEBUG, " skip WPA IE - parse failed"); | |
330 | break; | |
331 | } | |
332 | if (!(ie.proto & ssid->proto)) { | |
333 | wpa_printf(MSG_DEBUG, " skip WPA IE - proto " | |
334 | "mismatch"); | |
335 | break; | |
336 | } | |
337 | ||
338 | if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { | |
339 | wpa_printf(MSG_DEBUG, " skip WPA IE - PTK cipher " | |
340 | "mismatch"); | |
341 | break; | |
342 | } | |
343 | ||
344 | if (!(ie.group_cipher & ssid->group_cipher)) { | |
345 | wpa_printf(MSG_DEBUG, " skip WPA IE - GTK cipher " | |
346 | "mismatch"); | |
347 | break; | |
348 | } | |
349 | ||
350 | if (!(ie.key_mgmt & ssid->key_mgmt)) { | |
351 | wpa_printf(MSG_DEBUG, " skip WPA IE - key mgmt " | |
352 | "mismatch"); | |
353 | break; | |
354 | } | |
355 | ||
356 | wpa_printf(MSG_DEBUG, " selected based on WPA IE"); | |
357 | return 1; | |
358 | } | |
359 | ||
360 | if (proto_match == 0) | |
361 | wpa_printf(MSG_DEBUG, " skip - no WPA/RSN proto match"); | |
362 | ||
363 | return 0; | |
364 | } | |
365 | ||
366 | ||
367 | static struct wpa_scan_res * | |
9cf32261 JM |
368 | wpa_supplicant_select_bss_wpa(struct wpa_supplicant *wpa_s, |
369 | struct wpa_ssid *group, | |
370 | struct wpa_ssid **selected_ssid) | |
6fc6879b JM |
371 | { |
372 | struct wpa_ssid *ssid; | |
9cf32261 | 373 | struct wpa_scan_res *bss; |
6fc6879b JM |
374 | size_t i; |
375 | struct wpa_blacklist *e; | |
376 | const u8 *ie; | |
377 | ||
6fc6879b | 378 | wpa_printf(MSG_DEBUG, "Try to find WPA-enabled AP"); |
9cf32261 | 379 | for (i = 0; i < wpa_s->scan_res->num; i++) { |
6fc6879b JM |
380 | const u8 *ssid_; |
381 | u8 wpa_ie_len, rsn_ie_len, ssid_len; | |
382 | bss = wpa_s->scan_res->res[i]; | |
383 | ||
384 | ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); | |
385 | ssid_ = ie ? ie + 2 : (u8 *) ""; | |
386 | ssid_len = ie ? ie[1] : 0; | |
387 | ||
388 | ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
389 | wpa_ie_len = ie ? ie[1] : 0; | |
390 | ||
391 | ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
392 | rsn_ie_len = ie ? ie[1] : 0; | |
393 | ||
394 | wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' " | |
395 | "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x", | |
396 | (int) i, MAC2STR(bss->bssid), | |
397 | wpa_ssid_txt(ssid_, ssid_len), | |
398 | wpa_ie_len, rsn_ie_len, bss->caps); | |
9cf32261 | 399 | |
6fc6879b JM |
400 | e = wpa_blacklist_get(wpa_s, bss->bssid); |
401 | if (e && e->count > 1) { | |
402 | wpa_printf(MSG_DEBUG, " skip - blacklisted"); | |
403 | continue; | |
404 | } | |
405 | ||
406 | if (wpa_ie_len == 0 && rsn_ie_len == 0) { | |
407 | wpa_printf(MSG_DEBUG, " skip - no WPA/RSN IE"); | |
408 | continue; | |
409 | } | |
410 | ||
411 | for (ssid = group; ssid; ssid = ssid->pnext) { | |
412 | if (ssid->disabled) { | |
413 | wpa_printf(MSG_DEBUG, " skip - disabled"); | |
414 | continue; | |
415 | } | |
9cf32261 | 416 | |
6fc6879b JM |
417 | if (ssid_len != ssid->ssid_len || |
418 | os_memcmp(ssid_, ssid->ssid, ssid_len) != 0) { | |
419 | wpa_printf(MSG_DEBUG, " skip - " | |
420 | "SSID mismatch"); | |
421 | continue; | |
422 | } | |
9cf32261 | 423 | |
6fc6879b JM |
424 | if (ssid->bssid_set && |
425 | os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) | |
426 | { | |
427 | wpa_printf(MSG_DEBUG, " skip - " | |
428 | "BSSID mismatch"); | |
429 | continue; | |
430 | } | |
9cf32261 JM |
431 | |
432 | if (!wpa_supplicant_ssid_bss_match(ssid, bss)) | |
433 | continue; | |
434 | ||
435 | wpa_printf(MSG_DEBUG, " selected WPA AP " | |
436 | MACSTR " ssid='%s'", | |
437 | MAC2STR(bss->bssid), | |
438 | wpa_ssid_txt(ssid_, ssid_len)); | |
439 | *selected_ssid = ssid; | |
440 | return bss; | |
6fc6879b JM |
441 | } |
442 | } | |
443 | ||
9cf32261 JM |
444 | return NULL; |
445 | } | |
446 | ||
447 | ||
448 | static struct wpa_scan_res * | |
449 | wpa_supplicant_select_bss_non_wpa(struct wpa_supplicant *wpa_s, | |
450 | struct wpa_ssid *group, | |
451 | struct wpa_ssid **selected_ssid) | |
452 | { | |
453 | struct wpa_ssid *ssid; | |
454 | struct wpa_scan_res *bss; | |
455 | size_t i; | |
456 | struct wpa_blacklist *e; | |
457 | const u8 *ie; | |
458 | ||
6fc6879b | 459 | wpa_printf(MSG_DEBUG, "Try to find non-WPA AP"); |
9cf32261 | 460 | for (i = 0; i < wpa_s->scan_res->num; i++) { |
6fc6879b JM |
461 | const u8 *ssid_; |
462 | u8 wpa_ie_len, rsn_ie_len, ssid_len; | |
463 | bss = wpa_s->scan_res->res[i]; | |
464 | ||
465 | ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); | |
466 | ssid_ = ie ? ie + 2 : (u8 *) ""; | |
467 | ssid_len = ie ? ie[1] : 0; | |
468 | ||
469 | ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
470 | wpa_ie_len = ie ? ie[1] : 0; | |
471 | ||
472 | ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
473 | rsn_ie_len = ie ? ie[1] : 0; | |
474 | ||
475 | wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' " | |
476 | "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x", | |
477 | (int) i, MAC2STR(bss->bssid), | |
478 | wpa_ssid_txt(ssid_, ssid_len), | |
479 | wpa_ie_len, rsn_ie_len, bss->caps); | |
9cf32261 | 480 | |
6fc6879b JM |
481 | e = wpa_blacklist_get(wpa_s, bss->bssid); |
482 | if (e && e->count > 1) { | |
483 | wpa_printf(MSG_DEBUG, " skip - blacklisted"); | |
484 | continue; | |
485 | } | |
9cf32261 | 486 | |
6fc6879b JM |
487 | for (ssid = group; ssid; ssid = ssid->pnext) { |
488 | if (ssid->disabled) { | |
489 | wpa_printf(MSG_DEBUG, " skip - disabled"); | |
490 | continue; | |
491 | } | |
9cf32261 | 492 | |
6fc6879b JM |
493 | if (ssid->ssid_len != 0 && |
494 | (ssid_len != ssid->ssid_len || | |
495 | os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) { | |
496 | wpa_printf(MSG_DEBUG, " skip - " | |
497 | "SSID mismatch"); | |
498 | continue; | |
499 | } | |
500 | ||
501 | if (ssid->bssid_set && | |
502 | os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) | |
503 | { | |
504 | wpa_printf(MSG_DEBUG, " skip - " | |
505 | "BSSID mismatch"); | |
506 | continue; | |
507 | } | |
508 | ||
509 | if (!(ssid->key_mgmt & WPA_KEY_MGMT_NONE) && | |
510 | !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) | |
511 | { | |
512 | wpa_printf(MSG_DEBUG, " skip - " | |
513 | "non-WPA network not allowed"); | |
514 | continue; | |
515 | } | |
516 | ||
517 | if ((ssid->key_mgmt & | |
56586197 JM |
518 | (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK | |
519 | WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK | | |
520 | WPA_KEY_MGMT_IEEE8021X_SHA256 | | |
521 | WPA_KEY_MGMT_PSK_SHA256)) && | |
6fc6879b JM |
522 | (wpa_ie_len != 0 || rsn_ie_len != 0)) { |
523 | wpa_printf(MSG_DEBUG, " skip - " | |
524 | "WPA network"); | |
525 | continue; | |
526 | } | |
527 | ||
528 | if (!wpa_supplicant_match_privacy(bss, ssid)) { | |
529 | wpa_printf(MSG_DEBUG, " skip - " | |
530 | "privacy mismatch"); | |
531 | continue; | |
532 | } | |
533 | ||
534 | if (bss->caps & IEEE80211_CAP_IBSS) { | |
535 | wpa_printf(MSG_DEBUG, " skip - " | |
536 | "IBSS (adhoc) network"); | |
537 | continue; | |
538 | } | |
539 | ||
6fc6879b JM |
540 | wpa_printf(MSG_DEBUG, " selected non-WPA AP " |
541 | MACSTR " ssid='%s'", | |
542 | MAC2STR(bss->bssid), | |
543 | wpa_ssid_txt(ssid_, ssid_len)); | |
9cf32261 JM |
544 | *selected_ssid = ssid; |
545 | return bss; | |
6fc6879b JM |
546 | } |
547 | } | |
548 | ||
9cf32261 JM |
549 | return NULL; |
550 | } | |
551 | ||
552 | ||
553 | static struct wpa_scan_res * | |
554 | wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, struct wpa_ssid *group, | |
555 | struct wpa_ssid **selected_ssid) | |
556 | { | |
557 | struct wpa_scan_res *selected; | |
558 | ||
559 | wpa_printf(MSG_DEBUG, "Selecting BSS from priority group %d", | |
560 | group->priority); | |
561 | ||
562 | /* First, try to find WPA-enabled AP */ | |
563 | selected = wpa_supplicant_select_bss_wpa(wpa_s, group, selected_ssid); | |
564 | if (selected) | |
565 | return selected; | |
566 | ||
567 | /* If no WPA-enabled AP found, try to find non-WPA AP, if configuration | |
568 | * allows this. */ | |
569 | return wpa_supplicant_select_bss_non_wpa(wpa_s, group, selected_ssid); | |
6fc6879b JM |
570 | } |
571 | ||
572 | ||
573 | static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s) | |
574 | { | |
575 | int prio, timeout; | |
576 | struct wpa_scan_res *selected = NULL; | |
577 | struct wpa_ssid *ssid = NULL; | |
578 | ||
579 | if (wpa_supplicant_get_scan_results(wpa_s) < 0) { | |
580 | if (wpa_s->conf->ap_scan == 2) | |
581 | return; | |
582 | wpa_printf(MSG_DEBUG, "Failed to get scan results - try " | |
583 | "scanning again"); | |
584 | timeout = 1; | |
585 | goto req_scan; | |
586 | } | |
587 | ||
23e07237 DN |
588 | /* |
589 | * Don't post the results if this was the initial cached | |
590 | * and there were no results. | |
591 | */ | |
592 | if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1 && | |
593 | wpa_s->scan_res->num == 0) { | |
594 | wpa_msg(wpa_s, MSG_DEBUG, "Cached scan results are " | |
595 | "empty - not posting"); | |
596 | } else { | |
597 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); | |
598 | wpa_supplicant_dbus_notify_scan_results(wpa_s); | |
599 | } | |
6fc6879b JM |
600 | |
601 | if (wpa_s->conf->ap_scan == 2 || wpa_s->disconnected) | |
602 | return; | |
603 | ||
604 | while (selected == NULL) { | |
605 | for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { | |
606 | selected = wpa_supplicant_select_bss( | |
607 | wpa_s, wpa_s->conf->pssid[prio], &ssid); | |
608 | if (selected) | |
609 | break; | |
610 | } | |
611 | ||
612 | if (selected == NULL && wpa_s->blacklist) { | |
613 | wpa_printf(MSG_DEBUG, "No APs found - clear blacklist " | |
614 | "and try again"); | |
615 | wpa_blacklist_clear(wpa_s); | |
616 | } else if (selected == NULL) { | |
617 | break; | |
618 | } | |
619 | } | |
620 | ||
621 | if (selected) { | |
622 | /* Do not trigger new association unless the BSSID has changed | |
623 | * or if reassociation is requested. If we are in process of | |
624 | * associating with the selected BSSID, do not trigger new | |
625 | * attempt. */ | |
626 | if (wpa_s->reassociate || | |
627 | (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 && | |
628 | (wpa_s->wpa_state != WPA_ASSOCIATING || | |
629 | os_memcmp(selected->bssid, wpa_s->pending_bssid, | |
630 | ETH_ALEN) != 0))) { | |
631 | if (wpa_supplicant_scard_init(wpa_s, ssid)) { | |
632 | wpa_supplicant_req_scan(wpa_s, 10, 0); | |
633 | return; | |
634 | } | |
635 | wpa_supplicant_associate(wpa_s, selected, ssid); | |
636 | } else { | |
637 | wpa_printf(MSG_DEBUG, "Already associated with the " | |
638 | "selected AP."); | |
639 | } | |
640 | rsn_preauth_scan_results(wpa_s->wpa, wpa_s->scan_res); | |
641 | } else { | |
642 | wpa_printf(MSG_DEBUG, "No suitable AP found."); | |
643 | timeout = 5; | |
644 | goto req_scan; | |
645 | } | |
646 | ||
647 | return; | |
648 | ||
649 | req_scan: | |
650 | if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1) { | |
651 | /* | |
652 | * Quick recovery if the initial scan results were not | |
653 | * complete when fetched before the first scan request. | |
654 | */ | |
655 | wpa_s->scan_res_tried++; | |
656 | timeout = 0; | |
657 | } | |
658 | wpa_supplicant_req_scan(wpa_s, timeout, 0); | |
659 | } | |
660 | #endif /* CONFIG_NO_SCAN_PROCESSING */ | |
661 | ||
662 | ||
663 | static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, | |
664 | union wpa_event_data *data) | |
665 | { | |
666 | int l, len, found = 0, wpa_found, rsn_found; | |
667 | u8 *p; | |
668 | ||
669 | wpa_printf(MSG_DEBUG, "Association info event"); | |
670 | if (data->assoc_info.req_ies) | |
671 | wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies, | |
672 | data->assoc_info.req_ies_len); | |
673 | if (data->assoc_info.resp_ies) | |
674 | wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies, | |
675 | data->assoc_info.resp_ies_len); | |
676 | if (data->assoc_info.beacon_ies) | |
677 | wpa_hexdump(MSG_DEBUG, "beacon_ies", | |
678 | data->assoc_info.beacon_ies, | |
679 | data->assoc_info.beacon_ies_len); | |
680 | ||
681 | p = data->assoc_info.req_ies; | |
682 | l = data->assoc_info.req_ies_len; | |
683 | ||
684 | /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */ | |
685 | while (p && l >= 2) { | |
686 | len = p[1] + 2; | |
687 | if (len > l) { | |
688 | wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", | |
689 | p, l); | |
690 | break; | |
691 | } | |
692 | if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && | |
693 | (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) || | |
694 | (p[0] == WLAN_EID_RSN && p[1] >= 2)) { | |
695 | if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len)) | |
696 | break; | |
697 | found = 1; | |
698 | wpa_find_assoc_pmkid(wpa_s); | |
699 | break; | |
700 | } | |
701 | l -= len; | |
702 | p += len; | |
703 | } | |
704 | if (!found && data->assoc_info.req_ies) | |
705 | wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); | |
706 | ||
707 | /* WPA/RSN IE from Beacon/ProbeResp */ | |
708 | p = data->assoc_info.beacon_ies; | |
709 | l = data->assoc_info.beacon_ies_len; | |
710 | ||
711 | /* Go through the IEs and make a copy of the WPA/RSN IEs, if present. | |
712 | */ | |
713 | wpa_found = rsn_found = 0; | |
714 | while (p && l >= 2) { | |
715 | len = p[1] + 2; | |
716 | if (len > l) { | |
717 | wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies", | |
718 | p, l); | |
719 | break; | |
720 | } | |
721 | if (!wpa_found && | |
722 | p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && | |
723 | os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) { | |
724 | wpa_found = 1; | |
725 | wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len); | |
726 | } | |
727 | ||
728 | if (!rsn_found && | |
729 | p[0] == WLAN_EID_RSN && p[1] >= 2) { | |
730 | rsn_found = 1; | |
731 | wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len); | |
732 | } | |
733 | ||
734 | l -= len; | |
735 | p += len; | |
736 | } | |
737 | ||
738 | if (!wpa_found && data->assoc_info.beacon_ies) | |
739 | wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); | |
740 | if (!rsn_found && data->assoc_info.beacon_ies) | |
741 | wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); | |
742 | if (wpa_found || rsn_found) | |
743 | wpa_s->ap_ies_from_associnfo = 1; | |
744 | } | |
745 | ||
746 | ||
747 | static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, | |
748 | union wpa_event_data *data) | |
749 | { | |
750 | u8 bssid[ETH_ALEN]; | |
751 | int ft_completed = wpa_ft_is_completed(wpa_s->wpa); | |
752 | ||
753 | if (data) | |
754 | wpa_supplicant_event_associnfo(wpa_s, data); | |
755 | ||
756 | wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED); | |
757 | if (wpa_s->use_client_mlme) | |
758 | os_memcpy(bssid, wpa_s->bssid, ETH_ALEN); | |
759 | if (wpa_s->use_client_mlme || | |
760 | (wpa_drv_get_bssid(wpa_s, bssid) >= 0 && | |
761 | os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0)) { | |
762 | wpa_msg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID=" | |
763 | MACSTR, MAC2STR(bssid)); | |
764 | os_memcpy(wpa_s->bssid, bssid, ETH_ALEN); | |
765 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); | |
766 | if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) { | |
767 | wpa_clear_keys(wpa_s, bssid); | |
768 | } | |
769 | if (wpa_supplicant_select_config(wpa_s) < 0) { | |
770 | wpa_supplicant_disassociate( | |
771 | wpa_s, WLAN_REASON_DEAUTH_LEAVING); | |
772 | return; | |
773 | } | |
774 | } | |
775 | ||
776 | wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid)); | |
777 | if (wpa_s->current_ssid) { | |
778 | /* When using scanning (ap_scan=1), SIM PC/SC interface can be | |
779 | * initialized before association, but for other modes, | |
780 | * initialize PC/SC here, if the current configuration needs | |
781 | * smartcard or SIM/USIM. */ | |
782 | wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid); | |
783 | } | |
784 | wpa_sm_notify_assoc(wpa_s->wpa, bssid); | |
785 | l2_packet_notify_auth_start(wpa_s->l2); | |
786 | ||
787 | /* | |
788 | * Set portEnabled first to FALSE in order to get EAP state machine out | |
789 | * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE | |
790 | * state machine may transit to AUTHENTICATING state based on obsolete | |
791 | * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to | |
792 | * AUTHENTICATED without ever giving chance to EAP state machine to | |
793 | * reset the state. | |
794 | */ | |
795 | if (!ft_completed) { | |
796 | eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); | |
797 | eapol_sm_notify_portValid(wpa_s->eapol, FALSE); | |
798 | } | |
56586197 | 799 | if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed) |
6fc6879b JM |
800 | eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); |
801 | /* 802.1X::portControl = Auto */ | |
802 | eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE); | |
803 | wpa_s->eapol_received = 0; | |
804 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || | |
805 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { | |
806 | wpa_supplicant_cancel_auth_timeout(wpa_s); | |
807 | wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); | |
808 | } else if (!ft_completed) { | |
809 | /* Timeout for receiving the first EAPOL packet */ | |
810 | wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); | |
811 | } | |
812 | wpa_supplicant_cancel_scan(wpa_s); | |
813 | ||
814 | if (wpa_s->driver_4way_handshake && | |
56586197 | 815 | wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { |
6fc6879b JM |
816 | /* |
817 | * We are done; the driver will take care of RSN 4-way | |
818 | * handshake. | |
819 | */ | |
820 | wpa_supplicant_cancel_auth_timeout(wpa_s); | |
821 | wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); | |
822 | eapol_sm_notify_portValid(wpa_s->eapol, TRUE); | |
823 | eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); | |
824 | } | |
825 | } | |
826 | ||
827 | ||
828 | static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s) | |
829 | { | |
830 | const u8 *bssid; | |
831 | ||
832 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { | |
833 | /* | |
834 | * At least Host AP driver and a Prism3 card seemed to be | |
835 | * generating streams of disconnected events when configuring | |
836 | * IBSS for WPA-None. Ignore them for now. | |
837 | */ | |
838 | wpa_printf(MSG_DEBUG, "Disconnect event - ignore in " | |
839 | "IBSS/WPA-None mode"); | |
840 | return; | |
841 | } | |
842 | ||
843 | if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE && | |
56586197 | 844 | wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { |
6fc6879b JM |
845 | wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - " |
846 | "pre-shared key may be incorrect"); | |
847 | } | |
848 | if (wpa_s->wpa_state >= WPA_ASSOCIATED) | |
849 | wpa_supplicant_req_scan(wpa_s, 0, 100000); | |
850 | bssid = wpa_s->bssid; | |
a8e16edc | 851 | if (is_zero_ether_addr(bssid)) |
6fc6879b JM |
852 | bssid = wpa_s->pending_bssid; |
853 | wpa_blacklist_add(wpa_s, bssid); | |
854 | wpa_sm_notify_disassoc(wpa_s->wpa); | |
855 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "- Disconnect event - " | |
856 | "remove keys"); | |
857 | if (wpa_supplicant_dynamic_keys(wpa_s)) { | |
858 | wpa_s->keys_cleared = 0; | |
859 | wpa_clear_keys(wpa_s, wpa_s->bssid); | |
860 | } | |
861 | wpa_supplicant_mark_disassoc(wpa_s); | |
862 | } | |
863 | ||
864 | ||
46690a3b JM |
865 | #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT |
866 | static void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx, | |
867 | void *sock_ctx) | |
868 | { | |
869 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
870 | ||
871 | if (!wpa_s->pending_mic_error_report) | |
872 | return; | |
873 | ||
874 | wpa_printf(MSG_DEBUG, "WPA: Sending pending MIC error report"); | |
875 | wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise); | |
876 | wpa_s->pending_mic_error_report = 0; | |
877 | } | |
878 | #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ | |
879 | ||
880 | ||
6fc6879b JM |
881 | static void |
882 | wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s, | |
883 | union wpa_event_data *data) | |
884 | { | |
885 | int pairwise; | |
886 | struct os_time t; | |
887 | ||
888 | wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected"); | |
889 | pairwise = (data && data->michael_mic_failure.unicast); | |
6fc6879b | 890 | os_get_time(&t); |
46690a3b JM |
891 | if ((wpa_s->last_michael_mic_error && |
892 | t.sec - wpa_s->last_michael_mic_error <= 60) || | |
893 | wpa_s->pending_mic_error_report) { | |
894 | if (wpa_s->pending_mic_error_report) { | |
895 | /* | |
896 | * Send the pending MIC error report immediately since | |
897 | * we are going to start countermeasures and AP better | |
898 | * do the same. | |
899 | */ | |
900 | wpa_sm_key_request(wpa_s->wpa, 1, | |
901 | wpa_s->pending_mic_error_pairwise); | |
902 | } | |
903 | ||
904 | /* Send the new MIC error report immediately since we are going | |
905 | * to start countermeasures and AP better do the same. | |
906 | */ | |
907 | wpa_sm_key_request(wpa_s->wpa, 1, pairwise); | |
908 | ||
6fc6879b JM |
909 | /* initialize countermeasures */ |
910 | wpa_s->countermeasures = 1; | |
911 | wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started"); | |
912 | ||
913 | /* | |
914 | * Need to wait for completion of request frame. We do not get | |
915 | * any callback for the message completion, so just wait a | |
916 | * short while and hope for the best. */ | |
917 | os_sleep(0, 10000); | |
918 | ||
919 | wpa_drv_set_countermeasures(wpa_s, 1); | |
920 | wpa_supplicant_deauthenticate(wpa_s, | |
921 | WLAN_REASON_MICHAEL_MIC_FAILURE); | |
922 | eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, | |
923 | wpa_s, NULL); | |
924 | eloop_register_timeout(60, 0, | |
925 | wpa_supplicant_stop_countermeasures, | |
926 | wpa_s, NULL); | |
927 | /* TODO: mark the AP rejected for 60 second. STA is | |
928 | * allowed to associate with another AP.. */ | |
46690a3b JM |
929 | } else { |
930 | #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT | |
931 | if (wpa_s->mic_errors_seen) { | |
932 | /* | |
933 | * Reduce the effectiveness of Michael MIC error | |
934 | * reports as a means for attacking against TKIP if | |
935 | * more than one MIC failure is noticed with the same | |
936 | * PTK. We delay the transmission of the reports by a | |
937 | * random time between 0 and 60 seconds in order to | |
938 | * force the attacker wait 60 seconds before getting | |
939 | * the information on whether a frame resulted in a MIC | |
940 | * failure. | |
941 | */ | |
942 | u8 rval[4]; | |
943 | int sec; | |
944 | ||
945 | if (os_get_random(rval, sizeof(rval)) < 0) | |
946 | sec = os_random() % 60; | |
947 | else | |
948 | sec = WPA_GET_BE32(rval) % 60; | |
949 | wpa_printf(MSG_DEBUG, "WPA: Delay MIC error report %d " | |
950 | "seconds", sec); | |
951 | wpa_s->pending_mic_error_report = 1; | |
952 | wpa_s->pending_mic_error_pairwise = pairwise; | |
953 | eloop_cancel_timeout( | |
954 | wpa_supplicant_delayed_mic_error_report, | |
955 | wpa_s, NULL); | |
956 | eloop_register_timeout( | |
957 | sec, os_random() % 1000000, | |
958 | wpa_supplicant_delayed_mic_error_report, | |
959 | wpa_s, NULL); | |
960 | } else { | |
961 | wpa_sm_key_request(wpa_s->wpa, 1, pairwise); | |
962 | } | |
963 | #else /* CONFIG_DELAYED_MIC_ERROR_REPORT */ | |
964 | wpa_sm_key_request(wpa_s->wpa, 1, pairwise); | |
965 | #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ | |
6fc6879b JM |
966 | } |
967 | wpa_s->last_michael_mic_error = t.sec; | |
46690a3b | 968 | wpa_s->mic_errors_seen++; |
6fc6879b JM |
969 | } |
970 | ||
971 | ||
972 | static void | |
973 | wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, | |
974 | union wpa_event_data *data) | |
975 | { | |
976 | if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0) | |
977 | return; | |
978 | ||
979 | switch (data->interface_status.ievent) { | |
980 | case EVENT_INTERFACE_ADDED: | |
981 | if (!wpa_s->interface_removed) | |
982 | break; | |
983 | wpa_s->interface_removed = 0; | |
984 | wpa_printf(MSG_DEBUG, "Configured interface was added."); | |
985 | if (wpa_supplicant_driver_init(wpa_s) < 0) { | |
986 | wpa_printf(MSG_INFO, "Failed to initialize the driver " | |
987 | "after interface was added."); | |
988 | } | |
989 | break; | |
990 | case EVENT_INTERFACE_REMOVED: | |
991 | wpa_printf(MSG_DEBUG, "Configured interface was removed."); | |
992 | wpa_s->interface_removed = 1; | |
993 | wpa_supplicant_mark_disassoc(wpa_s); | |
994 | l2_packet_deinit(wpa_s->l2); | |
995 | wpa_s->l2 = NULL; | |
996 | break; | |
997 | } | |
998 | } | |
999 | ||
1000 | ||
1001 | #ifdef CONFIG_PEERKEY | |
1002 | static void | |
1003 | wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s, | |
1004 | union wpa_event_data *data) | |
1005 | { | |
1006 | if (data == NULL) | |
1007 | return; | |
1008 | wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer); | |
1009 | } | |
1010 | #endif /* CONFIG_PEERKEY */ | |
1011 | ||
1012 | ||
1013 | #ifdef CONFIG_IEEE80211R | |
1014 | static void | |
1015 | wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s, | |
1016 | union wpa_event_data *data) | |
1017 | { | |
1018 | if (data == NULL) | |
1019 | return; | |
1020 | ||
1021 | if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies, | |
1022 | data->ft_ies.ies_len, | |
1023 | data->ft_ies.ft_action, | |
1024 | data->ft_ies.target_ap) < 0) { | |
1025 | /* TODO: prevent MLME/driver from trying to associate? */ | |
1026 | } | |
1027 | } | |
1028 | #endif /* CONFIG_IEEE80211R */ | |
1029 | ||
1030 | ||
1031 | void wpa_supplicant_event(void *ctx, wpa_event_type event, | |
1032 | union wpa_event_data *data) | |
1033 | { | |
1034 | struct wpa_supplicant *wpa_s = ctx; | |
1035 | ||
1036 | switch (event) { | |
1037 | case EVENT_ASSOC: | |
1038 | wpa_supplicant_event_assoc(wpa_s, data); | |
1039 | break; | |
1040 | case EVENT_DISASSOC: | |
1041 | wpa_supplicant_event_disassoc(wpa_s); | |
1042 | break; | |
1043 | case EVENT_MICHAEL_MIC_FAILURE: | |
1044 | wpa_supplicant_event_michael_mic_failure(wpa_s, data); | |
1045 | break; | |
1046 | #ifndef CONFIG_NO_SCAN_PROCESSING | |
1047 | case EVENT_SCAN_RESULTS: | |
1048 | wpa_supplicant_event_scan_results(wpa_s); | |
1049 | break; | |
1050 | #endif /* CONFIG_NO_SCAN_PROCESSING */ | |
1051 | case EVENT_ASSOCINFO: | |
1052 | wpa_supplicant_event_associnfo(wpa_s, data); | |
1053 | break; | |
1054 | case EVENT_INTERFACE_STATUS: | |
1055 | wpa_supplicant_event_interface_status(wpa_s, data); | |
1056 | break; | |
1057 | case EVENT_PMKID_CANDIDATE: | |
1058 | wpa_supplicant_event_pmkid_candidate(wpa_s, data); | |
1059 | break; | |
1060 | #ifdef CONFIG_PEERKEY | |
1061 | case EVENT_STKSTART: | |
1062 | wpa_supplicant_event_stkstart(wpa_s, data); | |
1063 | break; | |
1064 | #endif /* CONFIG_PEERKEY */ | |
1065 | #ifdef CONFIG_IEEE80211R | |
1066 | case EVENT_FT_RESPONSE: | |
1067 | wpa_supplicant_event_ft_response(wpa_s, data); | |
1068 | break; | |
1069 | #endif /* CONFIG_IEEE80211R */ | |
1070 | default: | |
1071 | wpa_printf(MSG_INFO, "Unknown event %d", event); | |
1072 | break; | |
1073 | } | |
1074 | } |