]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add flag indicating which global configuration parameters have changed
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
dff0f701 3 * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
6fc6879b
JM		 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19#include "includes.h"
20
21#include "common.h"
22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
3ec97afe 24#include "eap_server/eap_methods.h"
3acb5005 25#include "rsn_supp/wpa.h"
6fc6879b 26#include "eloop.h"
6fc6879b
JM		 27#include "config.h"
28#include "l2_packet/l2_packet.h"
29#include "wpa_supplicant_i.h"
2d5b792d 30#include "driver_i.h"
6fc6879b 31#include "ctrl_iface.h"
6fc6879b 32#include "pcsc_funcs.h"
90973fb2 33#include "common/version.h"
3acb5005
JM		 34#include "rsn_supp/preauth.h"
35#include "rsn_supp/pmksa_cache.h"
90973fb2 36#include "common/wpa_ctrl.h"
6fc6879b 37#include "mlme.h"
90973fb2 38#include "common/ieee802_11_defs.h"
6fc6879b
JM		 39#include "blacklist.h"
40#include "wpas_glue.h"
116654ce 41#include "wps_supplicant.h"
11ef8d35 42#include "ibss_rsn.h"
c2a04078 43#include "sme.h"
1f1b62a0 44#include "ap.h"
8bac466b 45#include "notify.h"
60b94c98 46#include "bgscan.h"
83922c2d 47#include "bss.h"
9ba9fa07 48#include "scan.h"
6fc6879b
JM		 49
50const char *wpa_supplicant_version =
51"wpa_supplicant v" VERSION_STR "\n"
dff0f701 52"Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 53
54const char *wpa_supplicant_license =
55"This program is free software. You can distribute it and/or modify it\n"
56"under the terms of the GNU General Public License version 2.\n"
57"\n"
58"Alternatively, this software may be distributed under the terms of the\n"
59"BSD license. See README and COPYING for more details.\n"
60#ifdef EAP_TLS_OPENSSL
61"\nThis product includes software developed by the OpenSSL Project\n"
62"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63#endif /* EAP_TLS_OPENSSL */
64;
65
66#ifndef CONFIG_NO_STDOUT_DEBUG
67/* Long text divided into parts in order to fit in C89 strings size limits. */
68const char *wpa_supplicant_full_license1 =
69"This program is free software; you can redistribute it and/or modify\n"
70"it under the terms of the GNU General Public License version 2 as\n"
71"published by the Free Software Foundation.\n"
72"\n"
73"This program is distributed in the hope that it will be useful,\n"
74"but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
75"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
76"GNU General Public License for more details.\n"
77"\n";
78const char *wpa_supplicant_full_license2 =
79"You should have received a copy of the GNU General Public License\n"
80"along with this program; if not, write to the Free Software\n"
81"Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
82"\n"
83"Alternatively, this software may be distributed under the terms of the\n"
84"BSD license.\n"
85"\n"
86"Redistribution and use in source and binary forms, with or without\n"
87"modification, are permitted provided that the following conditions are\n"
88"met:\n"
89"\n";
90const char *wpa_supplicant_full_license3 =
91"1. Redistributions of source code must retain the above copyright\n"
92" notice, this list of conditions and the following disclaimer.\n"
93"\n"
94"2. Redistributions in binary form must reproduce the above copyright\n"
95" notice, this list of conditions and the following disclaimer in the\n"
96" documentation and/or other materials provided with the distribution.\n"
97"\n";
98const char *wpa_supplicant_full_license4 =
99"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
100" names of its contributors may be used to endorse or promote products\n"
101" derived from this software without specific prior written permission.\n"
102"\n"
103"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
104"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
105"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
106"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
107const char *wpa_supplicant_full_license5 =
108"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
109"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
110"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
111"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
112"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
113"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
114"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
115"\n";
116#endif /* CONFIG_NO_STDOUT_DEBUG */
117
6fc6879b
JM		 118extern int wpa_debug_level;
119extern int wpa_debug_show_keys;
120extern int wpa_debug_timestamp;
c5121837 121extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 122
123/* Configure default/group WEP keys for static WEP */
0194fedb 124int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 125{
126 int i, set = 0;
127
128 for (i = 0; i < NUM_WEP_KEYS; i++) {
129 if (ssid->wep_key_len[i] == 0)
130 continue;
131
132 set = 1;
133 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
134 (u8 *) "\xff\xff\xff\xff\xff\xff",
135 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
136 ssid->wep_key[i], ssid->wep_key_len[i]);
137 }
138
139 return set;
140}
141
142
143static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
144 struct wpa_ssid *ssid)
145{
146 u8 key[32];
147 size_t keylen;
71934751 148 enum wpa_alg alg;
6fc6879b
JM		 149 u8 seq[6] = { 0 };
150
151 /* IBSS/WPA-None uses only one key (Group) for both receiving and
152 * sending unicast and multicast packets. */
153
d7dcba70 154 if (ssid->mode != WPAS_MODE_IBSS) {
6fc6879b
JM		 155 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
156 "for WPA-None", ssid->mode);
157 return -1;
158 }
159
160 if (!ssid->psk_set) {
161 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
162 return -1;
163 }
164
165 switch (wpa_s->group_cipher) {
166 case WPA_CIPHER_CCMP:
167 os_memcpy(key, ssid->psk, 16);
168 keylen = 16;
169 alg = WPA_ALG_CCMP;
170 break;
171 case WPA_CIPHER_TKIP:
172 /* WPA-None uses the same Michael MIC key for both TX and RX */
173 os_memcpy(key, ssid->psk, 16 + 8);
174 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
175 keylen = 32;
176 alg = WPA_ALG_TKIP;
177 break;
178 default:
179 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
180 "WPA-None", wpa_s->group_cipher);
181 return -1;
182 }
183
184 /* TODO: should actually remember the previously used seq#, both for TX
185 * and RX from each STA.. */
186
187 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
188 0, 1, seq, 6, key, keylen);
189}
190
191
192static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
193{
194 struct wpa_supplicant *wpa_s = eloop_ctx;
195 const u8 *bssid = wpa_s->bssid;
a8e16edc 196 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 197 bssid = wpa_s->pending_bssid;
198 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
199 MAC2STR(bssid));
200 wpa_blacklist_add(wpa_s, bssid);
201 wpa_sm_notify_disassoc(wpa_s->wpa);
202 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
203 wpa_s->reassociate = 1;
204 wpa_supplicant_req_scan(wpa_s, 0, 0);
205}
206
207
208/**
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
213 *
214 * This function is used to schedule a timeout for the current authentication
215 * attempt.
216 */
217void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
218 int sec, int usec)
219{
c2a04078
JM		 220 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 222 return;
223
224 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
228}
229
230
231/**
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
234 *
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
237 * been completed.
238 */
239void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
240{
241 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
244}
245
246
247/**
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
250 *
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
253 */
254void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
255{
256#ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
259
53895c3b 260#ifdef CONFIG_IBSS_RSN
d7dcba70 261 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
264 /*
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
267 */
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 return;
272 }
273#endif /* CONFIG_IBSS_RSN */
274
0a40ec6a
JM		 275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277
6fc6879b
JM		 278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
281 else
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
283
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
290 }
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
294 }
295
c2a04078 296 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b 297 eapol_conf.required_keys = 0;
6fc6879b
JM		 298 }
299 if (wpa_s->conf)
300 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
301 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 302 eapol_conf.eap_disabled =
303 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 304 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
305 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
6fc6879b
JM		 306 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
307#endif /* IEEE8021X_EAPOL */
308}
309
310
311/**
312 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
313 * @wpa_s: Pointer to wpa_supplicant data
314 * @ssid: Configuration data for the network
315 *
316 * This function is used to configure WPA state machine and related parameters
317 * to a mode where WPA is not enabled. This is called as part of the
318 * authentication configuration when the selected network does not use WPA.
319 */
320void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
321 struct wpa_ssid *ssid)
322{
323 int i;
324
ad08c363
JM		 325 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
326 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
327 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 328 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
329 else
330 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
331 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
334 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
335 wpa_s->group_cipher = WPA_CIPHER_NONE;
336 wpa_s->mgmt_group_cipher = 0;
337
338 for (i = 0; i < NUM_WEP_KEYS; i++) {
339 if (ssid->wep_key_len[i] > 5) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
341 wpa_s->group_cipher = WPA_CIPHER_WEP104;
342 break;
343 } else if (ssid->wep_key_len[i] > 0) {
344 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
345 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 break;
347 }
348 }
349
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
353 wpa_s->pairwise_cipher);
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
355#ifdef CONFIG_IEEE80211W
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
357 wpa_s->mgmt_group_cipher);
358#endif /* CONFIG_IEEE80211W */
359
360 pmksa_cache_clear_current(wpa_s->wpa);
361}
362
363
364static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
365{
60b94c98 366 bgscan_deinit(wpa_s);
6fc6879b
JM		 367 scard_deinit(wpa_s->scard);
368 wpa_s->scard = NULL;
369 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
370 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
371 l2_packet_deinit(wpa_s->l2);
372 wpa_s->l2 = NULL;
373 if (wpa_s->l2_br) {
374 l2_packet_deinit(wpa_s->l2_br);
375 wpa_s->l2_br = NULL;
376 }
377
378 if (wpa_s->ctrl_iface) {
379 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
380 wpa_s->ctrl_iface = NULL;
381 }
382 if (wpa_s->conf != NULL) {
8e56d189
JM		 383 struct wpa_ssid *ssid;
384 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
385 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 386 wpa_config_free(wpa_s->conf);
387 wpa_s->conf = NULL;
388 }
389
390 os_free(wpa_s->confname);
391 wpa_s->confname = NULL;
392
393 wpa_sm_set_eapol(wpa_s->wpa, NULL);
394 eapol_sm_deinit(wpa_s->eapol);
395 wpa_s->eapol = NULL;
396
397 rsn_preauth_deinit(wpa_s->wpa);
398
399 pmksa_candidate_free(wpa_s->wpa);
400 wpa_sm_deinit(wpa_s->wpa);
401 wpa_s->wpa = NULL;
402 wpa_blacklist_clear(wpa_s);
403
83922c2d 404 wpa_bss_deinit(wpa_s);
6fc6879b
JM		 405
406 wpa_supplicant_cancel_scan(wpa_s);
407 wpa_supplicant_cancel_auth_timeout(wpa_s);
408
409 ieee80211_sta_deinit(wpa_s);
116654ce
JM		 410
411 wpas_wps_deinit(wpa_s);
11ef8d35 412
1ff73338
JM		 413 wpabuf_free(wpa_s->pending_eapol_rx);
414 wpa_s->pending_eapol_rx = NULL;
415
11ef8d35
JM		 416#ifdef CONFIG_IBSS_RSN
417 ibss_rsn_deinit(wpa_s->ibss_rsn);
418 wpa_s->ibss_rsn = NULL;
419#endif /* CONFIG_IBSS_RSN */
c2a04078
JM		 420
421#ifdef CONFIG_SME
422 os_free(wpa_s->sme.ft_ies);
423 wpa_s->sme.ft_ies = NULL;
424 wpa_s->sme.ft_ies_len = 0;
425#endif /* CONFIG_SME */
2d5b792d
JM		 426
427#ifdef CONFIG_AP
428 wpa_supplicant_ap_deinit(wpa_s);
429#endif /* CONFIG_AP */
6fc6879b
JM		 430}
431
432
433/**
434 * wpa_clear_keys - Clear keys configured for the driver
435 * @wpa_s: Pointer to wpa_supplicant data
436 * @addr: Previously used BSSID or %NULL if not available
437 *
438 * This function clears the encryption keys that has been previously configured
439 * for the driver.
440 */
441void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
442{
443 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
444
445 if (wpa_s->keys_cleared) {
446 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
447 * timing issues with keys being cleared just before new keys
448 * are set or just after association or something similar. This
449 * shows up in group key handshake failing often because of the
450 * client not receiving the first encrypted packets correctly.
451 * Skipping some of the extra key clearing steps seems to help
452 * in completing group key handshake more reliably. */
453 wpa_printf(MSG_DEBUG, "No keys have been configured - "
454 "skip key clearing");
455 return;
456 }
457
458 /* MLME-DELETEKEYS.request */
459 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
460 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
461 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
462 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
0e27f655
MH		 463#ifdef CONFIG_IEEE80211W
464 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
465 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
466#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 467 if (addr) {
468 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
469 0);
470 /* MLME-SETPROTECTION.request(None) */
471 wpa_drv_mlme_setprotection(
472 wpa_s, addr,
473 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
474 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
475 }
476 wpa_s->keys_cleared = 1;
477}
478
479
480/**
481 * wpa_supplicant_state_txt - Get the connection state name as a text string
482 * @state: State (wpa_state; WPA_*)
483 * Returns: The state name as a printable text string
484 */
71934751 485const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 486{
487 switch (state) {
488 case WPA_DISCONNECTED:
489 return "DISCONNECTED";
490 case WPA_INACTIVE:
491 return "INACTIVE";
8401a6b0
JM		 492 case WPA_INTERFACE_DISABLED:
493 return "INTERFACE_DISABLED";
6fc6879b
JM		 494 case WPA_SCANNING:
495 return "SCANNING";
c2a04078
JM		 496 case WPA_AUTHENTICATING:
497 return "AUTHENTICATING";
6fc6879b
JM		 498 case WPA_ASSOCIATING:
499 return "ASSOCIATING";
500 case WPA_ASSOCIATED:
501 return "ASSOCIATED";
502 case WPA_4WAY_HANDSHAKE:
503 return "4WAY_HANDSHAKE";
504 case WPA_GROUP_HANDSHAKE:
505 return "GROUP_HANDSHAKE";
506 case WPA_COMPLETED:
507 return "COMPLETED";
508 default:
509 return "UNKNOWN";
510 }
511}
512
513
514/**
515 * wpa_supplicant_set_state - Set current connection state
516 * @wpa_s: Pointer to wpa_supplicant data
517 * @state: The new connection state
518 *
519 * This function is called whenever the connection state changes, e.g.,
520 * association is completed for WPA/WPA2 4-Way Handshake is started.
521 */
71934751
JM		 522void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
523 enum wpa_states state)
6fc6879b 524{
27f43d8d
MH		 525 enum wpa_states old_state = wpa_s->wpa_state;
526
6fc6879b
JM		 527 wpa_printf(MSG_DEBUG, "State: %s -> %s",
528 wpa_supplicant_state_txt(wpa_s->wpa_state),
529 wpa_supplicant_state_txt(state));
530
cb8564b1
DW		 531 if (state != WPA_SCANNING)
532 wpa_supplicant_notify_scanning(wpa_s, 0);
533
6fc6879b
JM		 534 if (state == WPA_COMPLETED && wpa_s->new_connection) {
535#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
536 struct wpa_ssid *ssid = wpa_s->current_ssid;
537 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
538 MACSTR " completed %s [id=%d id_str=%s]",
539 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
540 "(reauth)" : "(auth)",
541 ssid ? ssid->id : -1,
542 ssid && ssid->id_str ? ssid->id_str : "");
543#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
544 wpa_s->new_connection = 0;
545 wpa_s->reassociated_connection = 1;
546 wpa_drv_set_operstate(wpa_s, 1);
17a4734d 547 wpa_s->after_wps = 0;
6fc6879b
JM		 548 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
549 state == WPA_ASSOCIATED) {
550 wpa_s->new_connection = 1;
551 wpa_drv_set_operstate(wpa_s, 0);
552 }
553 wpa_s->wpa_state = state;
27f43d8d
MH		 554
555 if (wpa_s->wpa_state != old_state)
556 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 557}
558
559
1a1bf008
JM		 560void wpa_supplicant_terminate_proc(struct wpa_global *global)
561{
562 int pending = 0;
563#ifdef CONFIG_WPS
564 struct wpa_supplicant *wpa_s = global->ifaces;
565 while (wpa_s) {
566 if (wpas_wps_terminate_pending(wpa_s) == 1)
567 pending = 1;
568 wpa_s = wpa_s->next;
569 }
570#endif /* CONFIG_WPS */
571 if (pending)
572 return;
573 eloop_terminate();
574}
575
576
0456ea16 577static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 578{
0456ea16 579 struct wpa_global *global = signal_ctx;
6fc6879b
JM		 580 struct wpa_supplicant *wpa_s;
581 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
582 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
583 "received", sig);
584 }
1a1bf008 585 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 586}
587
588
589static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
590{
71934751 591 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 592
6fc6879b
JM		 593 wpa_s->pairwise_cipher = 0;
594 wpa_s->group_cipher = 0;
595 wpa_s->mgmt_group_cipher = 0;
596 wpa_s->key_mgmt = 0;
8401a6b0
JM		 597 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
598 wpa_s->wpa_state = WPA_DISCONNECTED;
27f43d8d
MH		 599
600 if (wpa_s->wpa_state != old_state)
601 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 602}
603
604
605/**
606 * wpa_supplicant_reload_configuration - Reload configuration data
607 * @wpa_s: Pointer to wpa_supplicant data
608 * Returns: 0 on success or -1 if configuration parsing failed
609 *
610 * This function can be used to request that the configuration data is reloaded
611 * (e.g., after configuration file change). This function is reloading
612 * configuration only for one interface, so this may need to be called multiple
613 * times if %wpa_supplicant is controlling multiple interfaces and all
614 * interfaces need reconfiguration.
615 */
616int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
617{
618 struct wpa_config *conf;
8bac466b 619 struct wpa_ssid *old_ssid;
6fc6879b 620 int reconf_ctrl;
8bac466b
JM		 621 int old_ap_scan;
622
6fc6879b
JM		 623 if (wpa_s->confname == NULL)
624 return -1;
625 conf = wpa_config_read(wpa_s->confname);
626 if (conf == NULL) {
627 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
628 "file '%s' - exiting", wpa_s->confname);
629 return -1;
630 }
631
632 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
633 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
634 os_strcmp(conf->ctrl_interface,
635 wpa_s->conf->ctrl_interface) != 0);
636
637 if (reconf_ctrl && wpa_s->ctrl_iface) {
638 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
639 wpa_s->ctrl_iface = NULL;
640 }
641
642 eapol_sm_invalidate_cached_session(wpa_s->eapol);
8bac466b 643 old_ssid = wpa_s->current_ssid;
6fc6879b 644 wpa_s->current_ssid = NULL;
8bac466b
JM		 645 if (old_ssid != wpa_s->current_ssid)
646 wpas_notify_network_changed(wpa_s);
647
6fc6879b
JM		 648 /*
649 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
650 * pkcs11_engine_path, pkcs11_module_path.
651 */
56586197 652 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 653 /*
654 * Clear forced success to clear EAP state for next
655 * authentication.
656 */
657 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
658 }
659 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
660 wpa_sm_set_config(wpa_s->wpa, NULL);
661 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
662 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 663
664 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 665 wpa_config_free(wpa_s->conf);
666 wpa_s->conf = conf;
8bac466b
JM		 667 if (old_ap_scan != wpa_s->conf->ap_scan)
668 wpas_notify_ap_scan_changed(wpa_s);
669
6fc6879b
JM		 670 if (reconf_ctrl)
671 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
672
673 wpa_supplicant_clear_status(wpa_s);
674 wpa_s->reassociate = 1;
675 wpa_supplicant_req_scan(wpa_s, 0, 0);
676 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
677 return 0;
678}
679
680
0456ea16 681static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 682{
0456ea16 683 struct wpa_global *global = signal_ctx;
6fc6879b
JM		 684 struct wpa_supplicant *wpa_s;
685 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
686 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
687 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 688 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 689 }
690 }
691}
692
693
508545f3 694enum wpa_cipher cipher_suite2driver(int cipher)
6fc6879b
JM		 695{
696 switch (cipher) {
697 case WPA_CIPHER_NONE:
698 return CIPHER_NONE;
699 case WPA_CIPHER_WEP40:
700 return CIPHER_WEP40;
701 case WPA_CIPHER_WEP104:
702 return CIPHER_WEP104;
703 case WPA_CIPHER_CCMP:
704 return CIPHER_CCMP;
705 case WPA_CIPHER_TKIP:
706 default:
707 return CIPHER_TKIP;
708 }
709}
710
711
508545f3 712enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
6fc6879b
JM		 713{
714 switch (key_mgmt) {
715 case WPA_KEY_MGMT_NONE:
716 return KEY_MGMT_NONE;
717 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
718 return KEY_MGMT_802_1X_NO_WPA;
719 case WPA_KEY_MGMT_IEEE8021X:
720 return KEY_MGMT_802_1X;
721 case WPA_KEY_MGMT_WPA_NONE:
722 return KEY_MGMT_WPA_NONE;
723 case WPA_KEY_MGMT_FT_IEEE8021X:
724 return KEY_MGMT_FT_802_1X;
725 case WPA_KEY_MGMT_FT_PSK:
726 return KEY_MGMT_FT_PSK;
56586197
JM		 727 case WPA_KEY_MGMT_IEEE8021X_SHA256:
728 return KEY_MGMT_802_1X_SHA256;
729 case WPA_KEY_MGMT_PSK_SHA256:
730 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 731 case WPA_KEY_MGMT_WPS:
732 return KEY_MGMT_WPS;
6fc6879b
JM		 733 case WPA_KEY_MGMT_PSK:
734 default:
735 return KEY_MGMT_PSK;
736 }
737}
738
739
740static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
741 struct wpa_ssid *ssid,
742 struct wpa_ie_data *ie)
743{
744 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
745 if (ret) {
746 if (ret == -2) {
747 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
748 "from association info");
749 }
750 return -1;
751 }
752
753 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
754 "suites");
755 if (!(ie->group_cipher & ssid->group_cipher)) {
756 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
757 "cipher 0x%x (mask 0x%x) - reject",
758 ie->group_cipher, ssid->group_cipher);
759 return -1;
760 }
761 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
762 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
763 "cipher 0x%x (mask 0x%x) - reject",
764 ie->pairwise_cipher, ssid->pairwise_cipher);
765 return -1;
766 }
767 if (!(ie->key_mgmt & ssid->key_mgmt)) {
768 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
769 "management 0x%x (mask 0x%x) - reject",
770 ie->key_mgmt, ssid->key_mgmt);
771 return -1;
772 }
773
774#ifdef CONFIG_IEEE80211W
0b60b0aa 775 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
70f8cc8e 776 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 777 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
778 "that does not support management frame protection - "
779 "reject");
780 return -1;
781 }
782#endif /* CONFIG_IEEE80211W */
783
784 return 0;
785}
786
787
788/**
789 * wpa_supplicant_set_suites - Set authentication and encryption parameters
790 * @wpa_s: Pointer to wpa_supplicant data
791 * @bss: Scan results for the selected BSS, or %NULL if not available
792 * @ssid: Configuration data for the selected network
793 * @wpa_ie: Buffer for the WPA/RSN IE
794 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
795 * used buffer length in case the functions returns success.
796 * Returns: 0 on success or -1 on failure
797 *
798 * This function is used to configure authentication and encryption parameters
799 * based on the network configuration and scan result for the selected BSS (if
800 * available).
801 */
802int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 803 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 804 u8 *wpa_ie, size_t *wpa_ie_len)
805{
806 struct wpa_ie_data ie;
807 int sel, proto;
808 const u8 *bss_wpa, *bss_rsn;
809
810 if (bss) {
6fa81a3b
JM		 811 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
812 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6fc6879b
JM		 813 } else
814 bss_wpa = bss_rsn = NULL;
815
816 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
817 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
818 (ie.group_cipher & ssid->group_cipher) &&
819 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
820 (ie.key_mgmt & ssid->key_mgmt)) {
821 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
822 proto = WPA_PROTO_RSN;
823 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
824 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
825 (ie.group_cipher & ssid->group_cipher) &&
826 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
827 (ie.key_mgmt & ssid->key_mgmt)) {
828 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
829 proto = WPA_PROTO_WPA;
830 } else if (bss) {
831 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
832 return -1;
833 } else {
834 if (ssid->proto & WPA_PROTO_RSN)
835 proto = WPA_PROTO_RSN;
836 else
837 proto = WPA_PROTO_WPA;
838 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
839 os_memset(&ie, 0, sizeof(ie));
840 ie.group_cipher = ssid->group_cipher;
841 ie.pairwise_cipher = ssid->pairwise_cipher;
842 ie.key_mgmt = ssid->key_mgmt;
843#ifdef CONFIG_IEEE80211W
844 ie.mgmt_group_cipher =
70f8cc8e 845 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
6fc6879b
JM		 846 WPA_CIPHER_AES_128_CMAC : 0;
847#endif /* CONFIG_IEEE80211W */
848 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
849 "on configuration");
850 } else
851 proto = ie.proto;
852 }
853
854 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
855 "pairwise %d key_mgmt %d proto %d",
856 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
857#ifdef CONFIG_IEEE80211W
858 if (ssid->ieee80211w) {
859 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
860 ie.mgmt_group_cipher);
861 }
862#endif /* CONFIG_IEEE80211W */
863
864 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
865 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
866 !!(ssid->proto & WPA_PROTO_RSN));
867
868 if (bss || !wpa_s->ap_ies_from_associnfo) {
869 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
870 bss_wpa ? 2 + bss_wpa[1] : 0) ||
871 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
872 bss_rsn ? 2 + bss_rsn[1] : 0))
873 return -1;
874 }
875
876 sel = ie.group_cipher & ssid->group_cipher;
877 if (sel & WPA_CIPHER_CCMP) {
878 wpa_s->group_cipher = WPA_CIPHER_CCMP;
879 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
880 } else if (sel & WPA_CIPHER_TKIP) {
881 wpa_s->group_cipher = WPA_CIPHER_TKIP;
882 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
883 } else if (sel & WPA_CIPHER_WEP104) {
884 wpa_s->group_cipher = WPA_CIPHER_WEP104;
885 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
886 } else if (sel & WPA_CIPHER_WEP40) {
887 wpa_s->group_cipher = WPA_CIPHER_WEP40;
888 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
889 } else {
890 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
891 return -1;
892 }
893
894 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
895 if (sel & WPA_CIPHER_CCMP) {
896 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
897 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
898 } else if (sel & WPA_CIPHER_TKIP) {
899 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
900 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
901 } else if (sel & WPA_CIPHER_NONE) {
902 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
903 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
904 } else {
905 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
906 "cipher.");
907 return -1;
908 }
909
910 sel = ie.key_mgmt & ssid->key_mgmt;
911 if (0) {
912#ifdef CONFIG_IEEE80211R
913 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
914 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
915 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
916 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
917 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
918 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
919#endif /* CONFIG_IEEE80211R */
56586197
JM		 920#ifdef CONFIG_IEEE80211W
921 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
922 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
923 wpa_msg(wpa_s, MSG_DEBUG,
924 "WPA: using KEY_MGMT 802.1X with SHA256");
925 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
926 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
927 wpa_msg(wpa_s, MSG_DEBUG,
928 "WPA: using KEY_MGMT PSK with SHA256");
929#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 930 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
931 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
932 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
933 } else if (sel & WPA_KEY_MGMT_PSK) {
934 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
935 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
936 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
937 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
938 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
939 } else {
940 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
941 "key management type.");
942 return -1;
943 }
944
945 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
946 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
947 wpa_s->pairwise_cipher);
948 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
949
950#ifdef CONFIG_IEEE80211W
951 sel = ie.mgmt_group_cipher;
70f8cc8e 952 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 953 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 954 sel = 0;
955 if (sel & WPA_CIPHER_AES_128_CMAC) {
956 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
957 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
958 "AES-128-CMAC");
959 } else {
960 wpa_s->mgmt_group_cipher = 0;
961 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
962 }
963 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
964 wpa_s->mgmt_group_cipher);
e820cf95 965 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
6fc6879b
JM		 966#endif /* CONFIG_IEEE80211W */
967
968 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
969 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
970 return -1;
971 }
972
56586197
JM		 973 if (ssid->key_mgmt &
974 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
6fc6879b
JM		 975 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
976 else
977 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
978
979 return 0;
980}
981
982
983/**
984 * wpa_supplicant_associate - Request association
985 * @wpa_s: Pointer to wpa_supplicant data
986 * @bss: Scan results for the selected BSS, or %NULL if not available
987 * @ssid: Configuration data for the selected network
988 *
989 * This function is used to request %wpa_supplicant to associate with a BSS.
990 */
991void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 992 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b
JM		 993{
994 u8 wpa_ie[80];
995 size_t wpa_ie_len;
8bac466b 996 int use_crypt, ret, i, bssid_changed;
abd9fafa 997 int algs = WPA_AUTH_ALG_OPEN;
71934751 998 enum wpa_cipher cipher_pairwise, cipher_group;
6fc6879b
JM		 999 struct wpa_driver_associate_params params;
1000 int wep_keys_set = 0;
1001 struct wpa_driver_capa capa;
1002 int assoc_failed = 0;
8bac466b 1003 struct wpa_ssid *old_ssid;
6fc6879b 1004
d7dcba70 1005 if (ssid->mode == WPAS_MODE_AP) {
1581b38b
JM		 1006#ifdef CONFIG_AP
1007 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1008 wpa_printf(MSG_INFO, "Driver does not support AP "
1009 "mode");
1010 return;
1011 }
1012 wpa_supplicant_create_ap(wpa_s, ssid);
8f770587 1013 wpa_s->current_bss = bss;
1581b38b
JM		 1014#else /* CONFIG_AP */
1015 wpa_printf(MSG_ERROR, "AP mode support not included in the "
1016 "build");
1017#endif /* CONFIG_AP */
1018 return;
1019 }
1020
5cc4d64b
JM		 1021 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1022 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1023 sme_authenticate(wpa_s, bss, ssid);
1024 return;
1025 }
1026
0c80427d 1027 os_memset(&params, 0, sizeof(params));
6fc6879b
JM		 1028 wpa_s->reassociate = 0;
1029 if (bss) {
1030#ifdef CONFIG_IEEE80211R
6fa81a3b 1031 const u8 *ie, *md = NULL;
6fc6879b 1032#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1033 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1034 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
6fa81a3b 1035 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
8bac466b 1036 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1037 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1038 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1039 if (bssid_changed)
1040 wpas_notify_bssid_changed(wpa_s);
6fc6879b 1041#ifdef CONFIG_IEEE80211R
6fa81a3b 1042 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
6fc6879b
JM		 1043 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1044 md = ie + 2;
e7846b68 1045 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
91a05482
JM		 1046 if (md) {
1047 /* Prepare for the next transition */
76b7981d 1048 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
91a05482 1049 }
6fc6879b 1050#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1051#ifdef CONFIG_WPS
1052 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1053 wpa_s->conf->ap_scan == 2 &&
1054 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1055 /* Use ap_scan==1 style network selection to find the network
1056 */
1057 wpa_s->scan_req = 2;
1058 wpa_s->reassociate = 1;
1059 wpa_supplicant_req_scan(wpa_s, 0, 0);
1060 return;
1061#endif /* CONFIG_WPS */
6fc6879b
JM		 1062 } else {
1063 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1064 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1065 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1066 }
1067 wpa_supplicant_cancel_scan(wpa_s);
1068
1069 /* Starting new association, so clear the possibly used WPA IE from the
1070 * previous association. */
1071 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1072
1073#ifdef IEEE8021X_EAPOL
1074 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1075 if (ssid->leap) {
1076 if (ssid->non_leap == 0)
abd9fafa 1077 algs = WPA_AUTH_ALG_LEAP;
6fc6879b 1078 else
abd9fafa 1079 algs |= WPA_AUTH_ALG_LEAP;
6fc6879b
JM		 1080 }
1081 }
1082#endif /* IEEE8021X_EAPOL */
1083 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1084 if (ssid->auth_alg) {
abd9fafa 1085 algs = ssid->auth_alg;
6fc6879b
JM		 1086 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1087 algs);
1088 }
6fc6879b 1089
6fa81a3b
JM		 1090 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1091 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
6fc6879b
JM		 1092 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1093 WPA_KEY_MGMT_FT_IEEE8021X |
56586197
JM		 1094 WPA_KEY_MGMT_FT_PSK |
1095 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1096 WPA_KEY_MGMT_PSK_SHA256))) {
6fc6879b
JM		 1097 int try_opportunistic;
1098 try_opportunistic = ssid->proactive_key_caching &&
1099 (ssid->proto & WPA_PROTO_RSN);
1100 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1101 wpa_s->current_ssid,
1102 try_opportunistic) == 0)
1103 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1104 wpa_ie_len = sizeof(wpa_ie);
1105 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1106 wpa_ie, &wpa_ie_len)) {
1107 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1108 "management and encryption suites");
1109 return;
1110 }
1111 } else if (ssid->key_mgmt &
1112 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1113 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
56586197
JM		 1114 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1115 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
6fc6879b
JM		 1116 wpa_ie_len = sizeof(wpa_ie);
1117 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1118 wpa_ie, &wpa_ie_len)) {
1119 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1120 "management and encryption suites (no scan "
1121 "results)");
1122 return;
1123 }
ad08c363
JM		 1124#ifdef CONFIG_WPS
1125 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1126 struct wpabuf *wps_ie;
1127 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1128 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1129 wpa_ie_len = wpabuf_len(wps_ie);
1130 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1131 } else
1132 wpa_ie_len = 0;
ad08c363
JM		 1133 wpabuf_free(wps_ie);
1134 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d
JM		 1135 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1136 params.wps = WPS_MODE_PRIVACY;
1137 else
1138 params.wps = WPS_MODE_OPEN;
ad08c363 1139#endif /* CONFIG_WPS */
6fc6879b
JM		 1140 } else {
1141 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1142 wpa_ie_len = 0;
1143 }
1144
1145 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1146 use_crypt = 1;
1147 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1148 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1149 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1150 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1151 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1152 use_crypt = 0;
1153 if (wpa_set_wep_keys(wpa_s, ssid)) {
1154 use_crypt = 1;
1155 wep_keys_set = 1;
1156 }
1157 }
ad08c363
JM		 1158 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1159 use_crypt = 0;
6fc6879b
JM		 1160
1161#ifdef IEEE8021X_EAPOL
1162 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1163 if ((ssid->eapol_flags &
1164 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1165 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1166 !wep_keys_set) {
1167 use_crypt = 0;
1168 } else {
1169 /* Assume that dynamic WEP-104 keys will be used and
1170 * set cipher suites in order for drivers to expect
1171 * encryption. */
1172 cipher_pairwise = cipher_group = CIPHER_WEP104;
1173 }
1174 }
1175#endif /* IEEE8021X_EAPOL */
1176
1177 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1178 /* Set the key before (and later after) association */
1179 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1180 }
1181
6fc6879b 1182 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 1183 if (bss) {
6fc6879b 1184 params.bssid = bss->bssid;
6fa81a3b
JM		 1185 params.ssid = bss->ssid;
1186 params.ssid_len = bss->ssid_len;
6fc6879b
JM		 1187 params.freq = bss->freq;
1188 } else {
1189 params.ssid = ssid->ssid;
1190 params.ssid_len = ssid->ssid_len;
1191 }
d7dcba70
JM		 1192 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1193 params.freq == 0)
6fc6879b
JM		 1194 params.freq = ssid->frequency; /* Initial channel for IBSS */
1195 params.wpa_ie = wpa_ie;
1196 params.wpa_ie_len = wpa_ie_len;
1197 params.pairwise_suite = cipher_pairwise;
1198 params.group_suite = cipher_group;
1199 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1200 params.auth_alg = algs;
1201 params.mode = ssid->mode;
1202 for (i = 0; i < NUM_WEP_KEYS; i++) {
1203 if (ssid->wep_key_len[i])
1204 params.wep_key[i] = ssid->wep_key[i];
1205 params.wep_key_len[i] = ssid->wep_key_len[i];
1206 }
1207 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1208
c2a04078 1209 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1210 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1211 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1212 params.passphrase = ssid->passphrase;
1213 if (ssid->psk_set)
1214 params.psk = ssid->psk;
1215 }
1216
36b15723
JM		 1217 params.drop_unencrypted = use_crypt;
1218
6fc6879b 1219#ifdef CONFIG_IEEE80211W
70f8cc8e
JM		 1220 params.mgmt_frame_protection = ssid->ieee80211w;
1221 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 1222 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 1223 struct wpa_ie_data ie;
1224 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1225 ie.capabilities &
1226 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1227 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: "
1228 "require MFP");
1229 params.mgmt_frame_protection =
1230 MGMT_FRAME_PROTECTION_REQUIRED;
1231 }
1232 }
6fc6879b
JM		 1233#endif /* CONFIG_IEEE80211W */
1234
c2a04078 1235 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1236 ret = ieee80211_sta_associate(wpa_s, &params);
1237 else
1238 ret = wpa_drv_associate(wpa_s, &params);
1239 if (ret < 0) {
1240 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1241 "failed");
1242 /* try to continue anyway; new association will be tried again
1243 * after timeout */
1244 assoc_failed = 1;
1245 }
1246
1247 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1248 /* Set the key after the association just in case association
1249 * cleared the previously configured key. */
1250 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1251 /* No need to timeout authentication since there is no key
1252 * management. */
1253 wpa_supplicant_cancel_auth_timeout(wpa_s);
1254 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 1255#ifdef CONFIG_IBSS_RSN
d7dcba70 1256 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 1257 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1258 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
b9a2e577 1259 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
53895c3b
JM		 1260 /*
1261 * RSN IBSS authentication is per-STA and we can disable the
1262 * per-BSSID authentication.
1263 */
1264 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 1265#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1266 } else {
1267 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1268 int timeout = 60;
1269
1270 if (assoc_failed) {
1271 /* give IBSS a bit more time */
d7dcba70 1272 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 1273 } else if (wpa_s->conf->ap_scan == 1) {
1274 /* give IBSS a bit more time */
d7dcba70 1275 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 1276 }
6fc6879b
JM		 1277 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1278 }
1279
1280 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1281 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1282 /* Set static WEP keys again */
1283 wpa_set_wep_keys(wpa_s, ssid);
1284 }
1285
1286 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1287 /*
1288 * Do not allow EAP session resumption between different
1289 * network configurations.
1290 */
1291 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1292 }
8bac466b 1293 old_ssid = wpa_s->current_ssid;
6fc6879b 1294 wpa_s->current_ssid = ssid;
8f770587 1295 wpa_s->current_bss = bss;
6fc6879b
JM		 1296 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1297 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1298 if (old_ssid != wpa_s->current_ssid)
1299 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1300}
1301
1302
09f58c09
JM		 1303static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1304 const u8 *addr)
1305{
1306 struct wpa_ssid *old_ssid;
1307
1308 wpa_clear_keys(wpa_s, addr);
1309 wpa_supplicant_mark_disassoc(wpa_s);
1310 old_ssid = wpa_s->current_ssid;
1311 wpa_s->current_ssid = NULL;
1312 wpa_s->current_bss = NULL;
1313 wpa_sm_set_config(wpa_s->wpa, NULL);
1314 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1315 if (old_ssid != wpa_s->current_ssid)
1316 wpas_notify_network_changed(wpa_s);
1317 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1318}
1319
1320
6fc6879b
JM		 1321/**
1322 * wpa_supplicant_disassociate - Disassociate the current connection
1323 * @wpa_s: Pointer to wpa_supplicant data
1324 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1325 *
1326 * This function is used to request %wpa_supplicant to disassociate with the
1327 * current AP.
1328 */
1329void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1330 int reason_code)
1331{
1332 u8 *addr = NULL;
8bac466b 1333
a8e16edc 1334 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1335 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1336 ieee80211_sta_disassociate(wpa_s, reason_code);
1337 else
1338 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1339 addr = wpa_s->bssid;
1340 }
09f58c09
JM		 1341
1342 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1343}
1344
1345
1346/**
1347 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1348 * @wpa_s: Pointer to wpa_supplicant data
1349 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1350 *
073ab58f 1351 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1352 * current AP.
1353 */
1354void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1355 int reason_code)
1356{
1357 u8 *addr = NULL;
8bac466b 1358
a8e16edc 1359 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1360 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1361 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1362 else
1363 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1364 reason_code);
1365 addr = wpa_s->bssid;
1366 }
09f58c09
JM		 1367
1368 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1369}
1370
1371
86b89452
WS		 1372/**
1373 * wpa_supplicant_enable_network - Mark a configured network as enabled
1374 * @wpa_s: wpa_supplicant structure for a network interface
1375 * @ssid: wpa_ssid structure for a configured network or %NULL
1376 *
1377 * Enables the specified network or all networks if no network specified.
1378 */
1379void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1380 struct wpa_ssid *ssid)
1381{
1382 struct wpa_ssid *other_ssid;
1383 int was_disabled;
1384
1385 if (ssid == NULL) {
1386 other_ssid = wpa_s->conf->ssid;
1387 while (other_ssid) {
1388 if (other_ssid == wpa_s->current_ssid &&
1389 other_ssid->disabled)
1390 wpa_s->reassociate = 1;
1391
1392 was_disabled = other_ssid->disabled;
1393
1394 other_ssid->disabled = 0;
1395
1396 if (was_disabled != other_ssid->disabled)
1397 wpas_notify_network_enabled_changed(
1398 wpa_s, other_ssid);
1399
1400 other_ssid = other_ssid->next;
1401 }
1402 if (wpa_s->reassociate)
1403 wpa_supplicant_req_scan(wpa_s, 0, 0);
adc8d4a7
KM		 1404 } else if (ssid->disabled) {
1405 if (wpa_s->current_ssid == NULL) {
1406 /*
1407 * Try to reassociate since there is no current
1408 * configuration and a new network was made available.
1409 */
1410 wpa_s->reassociate = 1;
1411 wpa_supplicant_req_scan(wpa_s, 0, 0);
1412 }
86b89452
WS		 1413
1414 was_disabled = ssid->disabled;
1415
1416 ssid->disabled = 0;
1417
1418 if (was_disabled != ssid->disabled)
1419 wpas_notify_network_enabled_changed(wpa_s, ssid);
1420 }
1421}
1422
1423
1424/**
1425 * wpa_supplicant_disable_network - Mark a configured network as disabled
1426 * @wpa_s: wpa_supplicant structure for a network interface
1427 * @ssid: wpa_ssid structure for a configured network or %NULL
1428 *
1429 * Disables the specified network or all networks if no network specified.
1430 */
1431void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1432 struct wpa_ssid *ssid)
1433{
1434 struct wpa_ssid *other_ssid;
1435 int was_disabled;
1436
1437 if (ssid == NULL) {
1438 other_ssid = wpa_s->conf->ssid;
1439 while (other_ssid) {
1440 was_disabled = other_ssid->disabled;
1441
1442 other_ssid->disabled = 1;
1443
1444 if (was_disabled != other_ssid->disabled)
1445 wpas_notify_network_enabled_changed(
1446 wpa_s, other_ssid);
1447
1448 other_ssid = other_ssid->next;
1449 }
1450 if (wpa_s->current_ssid)
1451 wpa_supplicant_disassociate(
1452 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1453 } else {
1454 if (ssid == wpa_s->current_ssid)
1455 wpa_supplicant_disassociate(
1456 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1457
1458 was_disabled = ssid->disabled;
1459
1460 ssid->disabled = 1;
1461
1462 if (was_disabled != ssid->disabled)
1463 wpas_notify_network_enabled_changed(wpa_s, ssid);
1464 }
1465}
1466
1467
1468/**
1469 * wpa_supplicant_select_network - Attempt association with a network
1470 * @wpa_s: wpa_supplicant structure for a network interface
1471 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1472 */
1473void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1474 struct wpa_ssid *ssid)
1475{
1476
1477 struct wpa_ssid *other_ssid;
1478
1479 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1480 wpa_supplicant_disassociate(
1481 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1482
1483 /*
1484 * Mark all other networks disabled or mark all networks enabled if no
1485 * network specified.
1486 */
1487 other_ssid = wpa_s->conf->ssid;
1488 while (other_ssid) {
1489 int was_disabled = other_ssid->disabled;
1490
1491 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1492
1493 if (was_disabled != other_ssid->disabled)
1494 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1495
1496 other_ssid = other_ssid->next;
1497 }
1498 wpa_s->disconnected = 0;
1499 wpa_s->reassociate = 1;
1500 wpa_supplicant_req_scan(wpa_s, 0, 0);
1501
a1641d26
JM		 1502 if (ssid)
1503 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 1504}
1505
1506
1507/**
1508 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1509 * @wpa_s: wpa_supplicant structure for a network interface
1510 * @ap_scan: AP scan mode
1511 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1512 *
1513 */
1514int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1515{
1516
1517 int old_ap_scan;
1518
1519 if (ap_scan < 0 || ap_scan > 2)
1520 return -1;
1521
1522 old_ap_scan = wpa_s->conf->ap_scan;
1523 wpa_s->conf->ap_scan = ap_scan;
1524
1525 if (old_ap_scan != wpa_s->conf->ap_scan)
1526 wpas_notify_ap_scan_changed(wpa_s);
1527
1528 return 0;
1529}
1530
1531
1532/**
1533 * wpa_supplicant_set_debug_params - Set global debug params
1534 * @global: wpa_global structure
1535 * @debug_level: debug level
1536 * @debug_timestamp: determines if show timestamp in debug data
1537 * @debug_show_keys: determines if show keys in debug data
1538 * Returns: 0 if succeed or -1 if debug_level has wrong value
1539 */
1540int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1541 int debug_timestamp, int debug_show_keys)
1542{
1543
1544 int old_level, old_timestamp, old_show_keys;
1545
1546 /* check for allowed debuglevels */
1547 if (debug_level != MSG_MSGDUMP &&
1548 debug_level != MSG_DEBUG &&
1549 debug_level != MSG_INFO &&
1550 debug_level != MSG_WARNING &&
1551 debug_level != MSG_ERROR)
1552 return -1;
1553
1554 old_level = wpa_debug_level;
1555 old_timestamp = wpa_debug_timestamp;
1556 old_show_keys = wpa_debug_show_keys;
1557
1558 wpa_debug_level = debug_level;
1559 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1560 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1561
db9133ac
WS		 1562 if (wpa_debug_level != old_level)
1563 wpas_notify_debug_level_changed(global);
1564 if (wpa_debug_timestamp != old_timestamp)
1565 wpas_notify_debug_timestamp_changed(global);
1566 if (wpa_debug_show_keys != old_show_keys)
1567 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 1568
1569 return 0;
1570}
1571
1572
6fc6879b
JM		 1573/**
1574 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1575 * @wpa_s: Pointer to wpa_supplicant data
1576 * Returns: A pointer to the current network structure or %NULL on failure
1577 */
1578struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1579{
1580 struct wpa_ssid *entry;
1581 u8 ssid[MAX_SSID_LEN];
1582 int res;
1583 size_t ssid_len;
1584 u8 bssid[ETH_ALEN];
1585 int wired;
1586
c2a04078 1587 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
6fc6879b
JM		 1588 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1589 wpa_printf(MSG_WARNING, "Could not read SSID from "
1590 "MLME.");
1591 return NULL;
1592 }
1593 } else {
1594 res = wpa_drv_get_ssid(wpa_s, ssid);
1595 if (res < 0) {
1596 wpa_printf(MSG_WARNING, "Could not read SSID from "
1597 "driver.");
1598 return NULL;
1599 }
1600 ssid_len = res;
1601 }
1602
c2a04078 1603 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1604 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1605 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1606 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1607 return NULL;
1608 }
1609
c2a04078
JM		 1610 wired = wpa_s->conf->ap_scan == 0 &&
1611 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 1612
1613 entry = wpa_s->conf->ssid;
1614 while (entry) {
1615 if (!entry->disabled &&
1616 ((ssid_len == entry->ssid_len &&
1617 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1618 (!entry->bssid_set ||
1619 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1620 return entry;
24c23d1b
JM		 1621#ifdef CONFIG_WPS
1622 if (!entry->disabled &&
1623 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1624 (entry->ssid == NULL || entry->ssid_len == 0) &&
1625 (!entry->bssid_set ||
1626 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1627 return entry;
1628#endif /* CONFIG_WPS */
6fc6879b
JM		 1629 entry = entry->next;
1630 }
1631
1632 return NULL;
1633}
1634
1635
1636static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1637 const char *name)
1638{
1639 int i;
362f781e
JM		 1640 size_t len;
1641 const char *pos;
6fc6879b
JM		 1642
1643 if (wpa_s == NULL)
1644 return -1;
1645
c5121837 1646 if (wpa_drivers[0] == NULL) {
6fc6879b
JM		 1647 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1648 "wpa_supplicant.");
1649 return -1;
1650 }
1651
1652 if (name == NULL) {
1653 /* default to first driver in the list */
c5121837 1654 wpa_s->driver = wpa_drivers[0];
8a5ab9f5 1655 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
6fc6879b
JM		 1656 return 0;
1657 }
1658
362f781e
JM		 1659 pos = os_strchr(name, ',');
1660 if (pos)
1661 len = pos - name;
1662 else
1663 len = os_strlen(name);
c5121837
JM		 1664 for (i = 0; wpa_drivers[i]; i++) {
1665 if (os_strlen(wpa_drivers[i]->name) == len &&
1666 os_strncmp(name, wpa_drivers[i]->name, len) ==
362f781e 1667 0) {
c5121837 1668 wpa_s->driver = wpa_drivers[i];
8a5ab9f5 1669 wpa_s->global_drv_priv = wpa_s->global->drv_priv[i];
6fc6879b
JM		 1670 return 0;
1671 }
1672 }
1673
362f781e 1674 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.", name);
6fc6879b
JM		 1675 return -1;
1676}
1677
1678
a8e0505b
JM		 1679/**
1680 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1681 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1682 * with struct wpa_driver_ops::init()
1683 * @src_addr: Source address of the EAPOL frame
1684 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1685 * @len: Length of the EAPOL data
1686 *
1687 * This function is called for each received EAPOL frame. Most driver
1688 * interfaces rely on more generic OS mechanism for receiving frames through
1689 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1690 * take care of received EAPOL frames and deliver them to the core supplicant
1691 * code by calling this function.
1692 */
6fc6879b
JM		 1693void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1694 const u8 *buf, size_t len)
1695{
1696 struct wpa_supplicant *wpa_s = ctx;
1697
1698 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1699 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1700
1ff73338
JM		 1701 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1702 /*
1703 * There is possible race condition between receiving the
1704 * association event and the EAPOL frame since they are coming
1705 * through different paths from the driver. In order to avoid
1706 * issues in trying to process the EAPOL frame before receiving
1707 * association information, lets queue it for processing until
1708 * the association event is received.
1709 */
1710 wpa_printf(MSG_DEBUG, "Not associated - Delay processing of "
1711 "received EAPOL frame");
1712 wpabuf_free(wpa_s->pending_eapol_rx);
1713 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1714 if (wpa_s->pending_eapol_rx) {
1715 os_get_time(&wpa_s->pending_eapol_rx_time);
1716 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1717 ETH_ALEN);
1718 }
1719 return;
1720 }
1721
db149ac9
JM		 1722#ifdef CONFIG_AP
1723 if (wpa_s->ap_iface) {
1724 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1725 return;
1726 }
1727#endif /* CONFIG_AP */
1728
6fc6879b
JM		 1729 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1730 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1731 "no key management is configured");
1732 return;
1733 }
1734
1735 if (wpa_s->eapol_received == 0 &&
c2a04078 1736 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 1737 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 1738 wpa_s->wpa_state != WPA_COMPLETED) &&
1739 (wpa_s->current_ssid == NULL ||
1740 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 1741 /* Timeout for completing IEEE 802.1X and WPA authentication */
1742 wpa_supplicant_req_auth_timeout(
1743 wpa_s,
56586197 1744 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 1745 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1746 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 1747 70 : 10, 0);
1748 }
1749 wpa_s->eapol_received++;
1750
1751 if (wpa_s->countermeasures) {
1752 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1753 "packet");
1754 return;
1755 }
1756
8be18440
JM		 1757#ifdef CONFIG_IBSS_RSN
1758 if (wpa_s->current_ssid &&
d7dcba70 1759 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 1760 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1761 return;
1762 }
1763#endif /* CONFIG_IBSS_RSN */
1764
6fc6879b
JM		 1765 /* Source address of the incoming EAPOL frame could be compared to the
1766 * current BSSID. However, it is possible that a centralized
1767 * Authenticator could be using another MAC address than the BSSID of
1768 * an AP, so just allow any address to be used for now. The replies are
1769 * still sent to the current BSSID (if available), though. */
1770
1771 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 1772 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 1773 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1774 return;
1775 wpa_drv_poll(wpa_s);
c2a04078 1776 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 1777 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 1778 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 1779 /*
1780 * Set portValid = TRUE here since we are going to skip 4-way
1781 * handshake processing which would normally set portValid. We
1782 * need this to allow the EAPOL state machines to be completed
1783 * without going through EAPOL-Key handshake.
1784 */
1785 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1786 }
1787}
1788
1789
6fc6879b
JM		 1790/**
1791 * wpa_supplicant_driver_init - Initialize driver interface parameters
1792 * @wpa_s: Pointer to wpa_supplicant data
1793 * Returns: 0 on success, -1 on failure
1794 *
1795 * This function is called to initialize driver interface parameters.
1796 * wpa_drv_init() must have been called before this function to initialize the
1797 * driver interface.
1798 */
1799int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1800{
1801 static int interface_count = 0;
1802
1803 if (wpa_s->driver->send_eapol) {
1804 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1805 if (addr)
1806 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1807 } else {
1808 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1809 wpa_drv_get_mac_addr(wpa_s),
1810 ETH_P_EAPOL,
1811 wpa_supplicant_rx_eapol, wpa_s, 0);
1812 if (wpa_s->l2 == NULL)
1813 return -1;
1814 }
1815
1816 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1817 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1818 return -1;
1819 }
1820
1821 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1822 MAC2STR(wpa_s->own_addr));
1823
1824 if (wpa_s->bridge_ifname[0]) {
1825 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1826 " '%s'", wpa_s->bridge_ifname);
1827 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1828 wpa_s->own_addr,
1829 ETH_P_EAPOL,
1830 wpa_supplicant_rx_eapol, wpa_s,
1831 0);
1832 if (wpa_s->l2_br == NULL) {
1833 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1834 "connection for the bridge interface '%s'",
1835 wpa_s->bridge_ifname);
1836 return -1;
1837 }
1838 }
1839
6fc6879b
JM		 1840 wpa_clear_keys(wpa_s, NULL);
1841
1842 /* Make sure that TKIP countermeasures are not left enabled (could
1843 * happen if wpa_supplicant is killed during countermeasures. */
1844 wpa_drv_set_countermeasures(wpa_s, 0);
1845
6fc6879b
JM		 1846 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1847 wpa_drv_flush_pmkid(wpa_s);
1848
ba2a573c 1849 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
74e259ec
JM		 1850 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
1851 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1852 interface_count++;
1853 } else
1854 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 1855
1856 return 0;
1857}
1858
1859
1860static int wpa_supplicant_daemon(const char *pid_file)
1861{
1862 wpa_printf(MSG_DEBUG, "Daemonize..");
1863 return os_daemonize(pid_file);
1864}
1865
1866
1867static struct wpa_supplicant * wpa_supplicant_alloc(void)
1868{
1869 struct wpa_supplicant *wpa_s;
1870
1871 wpa_s = os_zalloc(sizeof(*wpa_s));
1872 if (wpa_s == NULL)
1873 return NULL;
1874 wpa_s->scan_req = 1;
c302f207 1875 wpa_s->new_connection = 1;
6fc6879b
JM		 1876
1877 return wpa_s;
1878}
1879
1880
1881static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1882 struct wpa_interface *iface)
1883{
362f781e
JM		 1884 const char *ifname, *driver;
1885 struct wpa_driver_capa capa;
1886
6fc6879b
JM		 1887 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1888 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1889 iface->confname ? iface->confname : "N/A",
1890 iface->driver ? iface->driver : "default",
1891 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1892 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1893
6fc6879b
JM		 1894 if (iface->confname) {
1895#ifdef CONFIG_BACKEND_FILE
1896 wpa_s->confname = os_rel2abs_path(iface->confname);
1897 if (wpa_s->confname == NULL) {
1898 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1899 "for configuration file '%s'.",
1900 iface->confname);
1901 return -1;
1902 }
1903 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1904 iface->confname, wpa_s->confname);
1905#else /* CONFIG_BACKEND_FILE */
1906 wpa_s->confname = os_strdup(iface->confname);
1907#endif /* CONFIG_BACKEND_FILE */
1908 wpa_s->conf = wpa_config_read(wpa_s->confname);
1909 if (wpa_s->conf == NULL) {
1910 wpa_printf(MSG_ERROR, "Failed to read or parse "
1911 "configuration '%s'.", wpa_s->confname);
1912 return -1;
1913 }
1914
1915 /*
1916 * Override ctrl_interface and driver_param if set on command
1917 * line.
1918 */
1919 if (iface->ctrl_interface) {
1920 os_free(wpa_s->conf->ctrl_interface);
1921 wpa_s->conf->ctrl_interface =
1922 os_strdup(iface->ctrl_interface);
1923 }
1924
1925 if (iface->driver_param) {
1926 os_free(wpa_s->conf->driver_param);
1927 wpa_s->conf->driver_param =
1928 os_strdup(iface->driver_param);
1929 }
1930 } else
1931 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
1932 iface->driver_param);
1933
1934 if (wpa_s->conf == NULL) {
1935 wpa_printf(MSG_ERROR, "\nNo configuration found.");
1936 return -1;
1937 }
1938
1939 if (iface->ifname == NULL) {
1940 wpa_printf(MSG_ERROR, "\nInterface name is required.");
1941 return -1;
1942 }
1943 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
1944 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
1945 iface->ifname);
1946 return -1;
1947 }
1948 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
1949
1950 if (iface->bridge_ifname) {
1951 if (os_strlen(iface->bridge_ifname) >=
1952 sizeof(wpa_s->bridge_ifname)) {
1953 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
1954 "name '%s'.", iface->bridge_ifname);
1955 return -1;
1956 }
1957 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
1958 sizeof(wpa_s->bridge_ifname));
1959 }
1960
6fc6879b
JM		 1961 /* RSNA Supplicant Key Management - INITIALIZE */
1962 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1963 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1964
1965 /* Initialize driver interface and register driver event handler before
1966 * L2 receive handler so that association events are processed before
1967 * EAPOL-Key packets if both become available for the same select()
1968 * call. */
362f781e
JM		 1969 driver = iface->driver;
1970next_driver:
1971 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
1972 return -1;
1973
6fc6879b
JM		 1974 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
1975 if (wpa_s->drv_priv == NULL) {
362f781e 1976 const char *pos;
a5b9337f 1977 pos = driver ? os_strchr(driver, ',') : NULL;
362f781e
JM		 1978 if (pos) {
1979 wpa_printf(MSG_DEBUG, "Failed to initialize driver "
1980 "interface - try next driver wrapper");
1981 driver = pos + 1;
1982 goto next_driver;
1983 }
6fc6879b
JM		 1984 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
1985 return -1;
1986 }
1987 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
1988 wpa_printf(MSG_ERROR, "Driver interface rejected "
1989 "driver_param '%s'", wpa_s->conf->driver_param);
1990 return -1;
1991 }
1992
1993 ifname = wpa_drv_get_ifname(wpa_s);
1994 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
1995 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
1996 "name with '%s'", ifname);
1997 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
1998 }
1999
2000 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2001 return -1;
2002
2003 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2004 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2005 NULL);
2006 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2007
2008 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2009 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2010 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2011 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2012 "dot11RSNAConfigPMKLifetime");
2013 return -1;
2014 }
2015
2016 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2017 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2018 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2019 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2020 "dot11RSNAConfigPMKReauthThreshold");
2021 return -1;
2022 }
2023
2024 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2025 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2026 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2027 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2028 "dot11RSNAConfigSATimeout");
2029 return -1;
2030 }
2031
814782b9
JM		 2032 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2033 wpa_s->drv_flags = capa.flags;
2034 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
2035 if (ieee80211_sta_init(wpa_s))
2036 return -1;
2037 }
2038 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2039 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2040 }
2041 if (wpa_s->max_remain_on_chan == 0)
2042 wpa_s->max_remain_on_chan = 1000;
2043
6fc6879b
JM		 2044 if (wpa_supplicant_driver_init(wpa_s) < 0)
2045 return -1;
2046
315ce40a
JM		 2047 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2048 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6d158490
LR		 2049 wpa_printf(MSG_DEBUG, "Failed to set country");
2050 return -1;
2051 }
2052
6fc6879b
JM		 2053 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2054
116654ce
JM		 2055 if (wpas_wps_init(wpa_s))
2056 return -1;
2057
6fc6879b
JM		 2058 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2059 return -1;
2060 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2061
2062 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2063 if (wpa_s->ctrl_iface == NULL) {
2064 wpa_printf(MSG_ERROR,
2065 "Failed to initialize control interface '%s'.\n"
2066 "You may have another wpa_supplicant process "
2067 "already running or the file was\n"
2068 "left by an unclean termination of wpa_supplicant "
2069 "in which case you will need\n"
2070 "to manually remove this file before starting "
2071 "wpa_supplicant again.\n",
2072 wpa_s->conf->ctrl_interface);
2073 return -1;
2074 }
2075
11ef8d35
JM		 2076#ifdef CONFIG_IBSS_RSN
2077 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2078 if (!wpa_s->ibss_rsn) {
2079 wpa_printf(MSG_DEBUG, "Failed to init IBSS RSN");
2080 return -1;
2081 }
2082#endif /* CONFIG_IBSS_RSN */
2083
83922c2d
JM		 2084 if (wpa_bss_init(wpa_s) < 0)
2085 return -1;
83922c2d 2086
6fc6879b
JM		 2087 return 0;
2088}
2089
2090
2ee055b3
JM		 2091static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2092 int notify)
6fc6879b
JM		 2093{
2094 if (wpa_s->drv_priv) {
2095 wpa_supplicant_deauthenticate(wpa_s,
2096 WLAN_REASON_DEAUTH_LEAVING);
2097
6fc6879b
JM		 2098 wpa_drv_set_countermeasures(wpa_s, 0);
2099 wpa_clear_keys(wpa_s, NULL);
2100 }
2101
8e56d189
JM		 2102 wpa_supplicant_cleanup(wpa_s);
2103
2ee055b3
JM		 2104 if (notify)
2105 wpas_notify_iface_removed(wpa_s);
6fc6879b 2106
6fc6879b
JM		 2107 if (wpa_s->drv_priv)
2108 wpa_drv_deinit(wpa_s);
2109}
2110
2111
2112/**
2113 * wpa_supplicant_add_iface - Add a new network interface
2114 * @global: Pointer to global data from wpa_supplicant_init()
2115 * @iface: Interface configuration options
2116 * Returns: Pointer to the created interface or %NULL on failure
2117 *
2118 * This function is used to add new network interfaces for %wpa_supplicant.
2119 * This can be called before wpa_supplicant_run() to add interfaces before the
2120 * main event loop has been started. In addition, new interfaces can be added
2121 * dynamically while %wpa_supplicant is already running. This could happen,
2122 * e.g., when a hotplug network adapter is inserted.
2123 */
2124struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2125 struct wpa_interface *iface)
2126{
2127 struct wpa_supplicant *wpa_s;
d27df100 2128 struct wpa_interface t_iface;
8e56d189 2129 struct wpa_ssid *ssid;
6fc6879b
JM		 2130
2131 if (global == NULL || iface == NULL)
2132 return NULL;
2133
2134 wpa_s = wpa_supplicant_alloc();
2135 if (wpa_s == NULL)
2136 return NULL;
2137
d8222ae3
JM		 2138 wpa_s->global = global;
2139
d27df100
JM		 2140 t_iface = *iface;
2141 if (global->params.override_driver) {
2142 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2143 "('%s' -> '%s')",
2144 iface->driver, global->params.override_driver);
2145 t_iface.driver = global->params.override_driver;
2146 }
2147 if (global->params.override_ctrl_interface) {
2148 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2149 "ctrl_interface ('%s' -> '%s')",
2150 iface->ctrl_interface,
2151 global->params.override_ctrl_interface);
2152 t_iface.ctrl_interface =
2153 global->params.override_ctrl_interface;
2154 }
2155 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 2156 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2157 iface->ifname);
2ee055b3 2158 wpa_supplicant_deinit_iface(wpa_s, 0);
6fc6879b
JM		 2159 os_free(wpa_s);
2160 return NULL;
2161 }
2162
dc461de4
WS		 2163 /* Notify the control interfaces about new iface */
2164 if (wpas_notify_iface_added(wpa_s)) {
2ee055b3 2165 wpa_supplicant_deinit_iface(wpa_s, 1);
6fc6879b
JM		 2166 os_free(wpa_s);
2167 return NULL;
2168 }
1bd3f426 2169
8e56d189
JM		 2170 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2171 wpas_notify_network_added(wpa_s, ssid);
2172
6fc6879b
JM		 2173 wpa_s->next = global->ifaces;
2174 global->ifaces = wpa_s;
2175
2176 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2177
2178 return wpa_s;
2179}
2180
2181
2182/**
2183 * wpa_supplicant_remove_iface - Remove a network interface
2184 * @global: Pointer to global data from wpa_supplicant_init()
2185 * @wpa_s: Pointer to the network interface to be removed
2186 * Returns: 0 if interface was removed, -1 if interface was not found
2187 *
2188 * This function can be used to dynamically remove network interfaces from
2189 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2190 * addition, this function is used to remove all remaining interfaces when
2191 * %wpa_supplicant is terminated.
2192 */
2193int wpa_supplicant_remove_iface(struct wpa_global *global,
2194 struct wpa_supplicant *wpa_s)
2195{
2196 struct wpa_supplicant *prev;
2197
2198 /* Remove interface from the global list of interfaces */
2199 prev = global->ifaces;
2200 if (prev == wpa_s) {
2201 global->ifaces = wpa_s->next;
2202 } else {
2203 while (prev && prev->next != wpa_s)
2204 prev = prev->next;
2205 if (prev == NULL)
2206 return -1;
2207 prev->next = wpa_s->next;
2208 }
2209
2210 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2211
2ee055b3 2212 wpa_supplicant_deinit_iface(wpa_s, 1);
6fc6879b
JM		 2213 os_free(wpa_s);
2214
2215 return 0;
2216}
2217
2218
2219/**
2220 * wpa_supplicant_get_iface - Get a new network interface
2221 * @global: Pointer to global data from wpa_supplicant_init()
2222 * @ifname: Interface name
2223 * Returns: Pointer to the interface or %NULL if not found
2224 */
2225struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2226 const char *ifname)
2227{
2228 struct wpa_supplicant *wpa_s;
2229
2230 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2231 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2232 return wpa_s;
2233 }
2234 return NULL;
2235}
2236
2237
2238/**
2239 * wpa_supplicant_init - Initialize %wpa_supplicant
2240 * @params: Parameters for %wpa_supplicant
2241 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2242 *
2243 * This function is used to initialize %wpa_supplicant. After successful
2244 * initialization, the returned data pointer can be used to add and remove
2245 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2246 */
2247struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2248{
2249 struct wpa_global *global;
ac305589 2250 int ret, i;
6fc6879b
JM		 2251
2252 if (params == NULL)
2253 return NULL;
2254
2255 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 2256 if (params->wpa_debug_syslog)
2257 wpa_debug_open_syslog();
6fc6879b 2258
12760815 2259 ret = eap_register_methods();
6fc6879b
JM		 2260 if (ret) {
2261 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2262 if (ret == -2)
2263 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2264 "the same EAP type.");
2265 return NULL;
2266 }
2267
2268 global = os_zalloc(sizeof(*global));
2269 if (global == NULL)
2270 return NULL;
2271 global->params.daemonize = params->daemonize;
2272 global->params.wait_for_monitor = params->wait_for_monitor;
2273 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2274 if (params->pid_file)
2275 global->params.pid_file = os_strdup(params->pid_file);
2276 if (params->ctrl_interface)
2277 global->params.ctrl_interface =
2278 os_strdup(params->ctrl_interface);
d27df100
JM		 2279 if (params->override_driver)
2280 global->params.override_driver =
2281 os_strdup(params->override_driver);
2282 if (params->override_ctrl_interface)
2283 global->params.override_ctrl_interface =
2284 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 2285 wpa_debug_level = global->params.wpa_debug_level =
2286 params->wpa_debug_level;
2287 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2288 params->wpa_debug_show_keys;
2289 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2290 params->wpa_debug_timestamp;
2291
0456ea16 2292 if (eloop_init()) {
6fc6879b
JM		 2293 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2294 wpa_supplicant_deinit(global);
2295 return NULL;
2296 }
2297
2298 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2299 if (global->ctrl_iface == NULL) {
2300 wpa_supplicant_deinit(global);
2301 return NULL;
2302 }
2303
dc461de4
WS		 2304 if (wpas_notify_supplicant_initialized(global)) {
2305 wpa_supplicant_deinit(global);
2306 return NULL;
6fc6879b
JM		 2307 }
2308
c5121837 2309 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 2310 global->drv_count++;
2311 if (global->drv_count == 0) {
2312 wpa_printf(MSG_ERROR, "No drivers enabled");
2313 wpa_supplicant_deinit(global);
2314 return NULL;
2315 }
2316 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2317 if (global->drv_priv == NULL) {
2318 wpa_supplicant_deinit(global);
2319 return NULL;
2320 }
c5121837
JM		 2321 for (i = 0; wpa_drivers[i]; i++) {
2322 if (!wpa_drivers[i]->global_init)
ac305589 2323 continue;
c5121837 2324 global->drv_priv[i] = wpa_drivers[i]->global_init();
ac305589
JM		 2325 if (global->drv_priv[i] == NULL) {
2326 wpa_printf(MSG_ERROR, "Failed to initialize driver "
c5121837 2327 "'%s'", wpa_drivers[i]->name);
ac305589
JM		 2328 wpa_supplicant_deinit(global);
2329 return NULL;
2330 }
2331 }
2332
6fc6879b
JM		 2333 return global;
2334}
2335
2336
2337/**
2338 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2339 * @global: Pointer to global data from wpa_supplicant_init()
2340 * Returns: 0 after successful event loop run, -1 on failure
2341 *
2342 * This function starts the main event loop and continues running as long as
2343 * there are any remaining events. In most cases, this function is running as
2344 * long as the %wpa_supplicant process in still in use.
2345 */
2346int wpa_supplicant_run(struct wpa_global *global)
2347{
2348 struct wpa_supplicant *wpa_s;
2349
2350 if (global->params.daemonize &&
2351 wpa_supplicant_daemon(global->params.pid_file))
2352 return -1;
2353
2354 if (global->params.wait_for_monitor) {
2355 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2356 if (wpa_s->ctrl_iface)
2357 wpa_supplicant_ctrl_iface_wait(
2358 wpa_s->ctrl_iface);
2359 }
2360
0456ea16
JM		 2361 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2362 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 2363
2364 eloop_run();
2365
2366 return 0;
2367}
2368
2369
2370/**
2371 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2372 * @global: Pointer to global data from wpa_supplicant_init()
2373 *
2374 * This function is called to deinitialize %wpa_supplicant and to free all
2375 * allocated resources. Remaining network interfaces will also be removed.
2376 */
2377void wpa_supplicant_deinit(struct wpa_global *global)
2378{
ac305589
JM		 2379 int i;
2380
6fc6879b
JM		 2381 if (global == NULL)
2382 return;
2383
2384 while (global->ifaces)
2385 wpa_supplicant_remove_iface(global, global->ifaces);
2386
2387 if (global->ctrl_iface)
2388 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 2389
2390 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 2391
2392 eap_peer_unregister_methods();
3ec97afe
JM		 2393#ifdef CONFIG_AP
2394 eap_server_unregister_methods();
2395#endif /* CONFIG_AP */
6fc6879b 2396
c5121837 2397 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 2398 if (!global->drv_priv[i])
2399 continue;
c5121837 2400 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 2401 }
2402 os_free(global->drv_priv);
2403
6fc6879b
JM		 2404 eloop_destroy();
2405
2406 if (global->params.pid_file) {
2407 os_daemonize_terminate(global->params.pid_file);
2408 os_free(global->params.pid_file);
2409 }
2410 os_free(global->params.ctrl_interface);
d27df100
JM		 2411 os_free(global->params.override_driver);
2412 os_free(global->params.override_ctrl_interface);
6fc6879b
JM		 2413
2414 os_free(global);
daa70d49 2415 wpa_debug_close_syslog();
6fc6879b
JM		 2416 wpa_debug_close_file();
2417}
Unnamed repository; edit this file 'description' to name the repository.