]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
wpa_supplicant: Add option -I for additional config file
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
d93dfbd5 3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
14
15#include "common.h"
d47fa330 16#include "crypto/random.h"
7d232e23 17#include "crypto/sha1.h"
6fc6879b
JM		 18#include "eapol_supp/eapol_supp_sm.h"
19#include "eap_peer/eap.h"
3ec97afe 20#include "eap_server/eap_methods.h"
3acb5005 21#include "rsn_supp/wpa.h"
6fc6879b 22#include "eloop.h"
6fc6879b 23#include "config.h"
306ae225 24#include "utils/ext_password.h"
6fc6879b
JM		 25#include "l2_packet/l2_packet.h"
26#include "wpa_supplicant_i.h"
2d5b792d 27#include "driver_i.h"
6fc6879b 28#include "ctrl_iface.h"
6fc6879b 29#include "pcsc_funcs.h"
90973fb2 30#include "common/version.h"
3acb5005
JM		 31#include "rsn_supp/preauth.h"
32#include "rsn_supp/pmksa_cache.h"
90973fb2 33#include "common/wpa_ctrl.h"
90973fb2 34#include "common/ieee802_11_defs.h"
72044390 35#include "p2p/p2p.h"
6fc6879b
JM		 36#include "blacklist.h"
37#include "wpas_glue.h"
116654ce 38#include "wps_supplicant.h"
11ef8d35 39#include "ibss_rsn.h"
c2a04078 40#include "sme.h"
04ea7b79 41#include "gas_query.h"
1f1b62a0 42#include "ap.h"
b22128ef 43#include "p2p_supplicant.h"
9675ce35 44#include "wifi_display.h"
8bac466b 45#include "notify.h"
60b94c98 46#include "bgscan.h"
7c865c68 47#include "autoscan.h"
83922c2d 48#include "bss.h"
9ba9fa07 49#include "scan.h"
24f6497c 50#include "offchannel.h"
cb418324 51#include "hs20_supplicant.h"
6fc6879b
JM		 52
53const char *wpa_supplicant_version =
54"wpa_supplicant v" VERSION_STR "\n"
e056f93e 55"Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 56
57const char *wpa_supplicant_license =
331f89ff
JM		 58"This software may be distributed under the terms of the BSD license.\n"
59"See README for more details.\n"
6fc6879b
JM		 60#ifdef EAP_TLS_OPENSSL
61"\nThis product includes software developed by the OpenSSL Project\n"
62"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63#endif /* EAP_TLS_OPENSSL */
64;
65
66#ifndef CONFIG_NO_STDOUT_DEBUG
67/* Long text divided into parts in order to fit in C89 strings size limits. */
68const char *wpa_supplicant_full_license1 =
331f89ff 69"";
6fc6879b 70const char *wpa_supplicant_full_license2 =
331f89ff 71"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 72"\n"
73"Redistribution and use in source and binary forms, with or without\n"
74"modification, are permitted provided that the following conditions are\n"
75"met:\n"
76"\n";
77const char *wpa_supplicant_full_license3 =
78"1. Redistributions of source code must retain the above copyright\n"
79" notice, this list of conditions and the following disclaimer.\n"
80"\n"
81"2. Redistributions in binary form must reproduce the above copyright\n"
82" notice, this list of conditions and the following disclaimer in the\n"
83" documentation and/or other materials provided with the distribution.\n"
84"\n";
85const char *wpa_supplicant_full_license4 =
86"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
87" names of its contributors may be used to endorse or promote products\n"
88" derived from this software without specific prior written permission.\n"
89"\n"
90"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
91"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
92"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
93"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
94const char *wpa_supplicant_full_license5 =
95"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
96"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
97"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
98"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
99"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
100"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
101"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
102"\n";
103#endif /* CONFIG_NO_STDOUT_DEBUG */
104
6fc6879b
JM		 105extern int wpa_debug_level;
106extern int wpa_debug_show_keys;
107extern int wpa_debug_timestamp;
c5121837 108extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 109
110/* Configure default/group WEP keys for static WEP */
0194fedb 111int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 112{
113 int i, set = 0;
114
115 for (i = 0; i < NUM_WEP_KEYS; i++) {
116 if (ssid->wep_key_len[i] == 0)
117 continue;
118
119 set = 1;
0382097e 120 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 121 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 122 ssid->wep_key[i], ssid->wep_key_len[i]);
123 }
124
125 return set;
126}
127
128
129static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
130 struct wpa_ssid *ssid)
131{
132 u8 key[32];
133 size_t keylen;
71934751 134 enum wpa_alg alg;
6fc6879b
JM		 135 u8 seq[6] = { 0 };
136
137 /* IBSS/WPA-None uses only one key (Group) for both receiving and
138 * sending unicast and multicast packets. */
139
d7dcba70 140 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 141 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
142 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 143 return -1;
144 }
145
146 if (!ssid->psk_set) {
f049052b
BG		 147 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
148 "WPA-None");
6fc6879b
JM		 149 return -1;
150 }
151
152 switch (wpa_s->group_cipher) {
153 case WPA_CIPHER_CCMP:
154 os_memcpy(key, ssid->psk, 16);
155 keylen = 16;
156 alg = WPA_ALG_CCMP;
157 break;
eb7719ff
JM		 158 case WPA_CIPHER_GCMP:
159 os_memcpy(key, ssid->psk, 16);
160 keylen = 16;
161 alg = WPA_ALG_GCMP;
162 break;
6fc6879b
JM		 163 case WPA_CIPHER_TKIP:
164 /* WPA-None uses the same Michael MIC key for both TX and RX */
165 os_memcpy(key, ssid->psk, 16 + 8);
166 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
167 keylen = 32;
168 alg = WPA_ALG_TKIP;
169 break;
170 default:
f049052b
BG		 171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
172 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 173 return -1;
174 }
175
176 /* TODO: should actually remember the previously used seq#, both for TX
177 * and RX from each STA.. */
178
0382097e 179 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
6fc6879b
JM		 180}
181
182
183static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
184{
185 struct wpa_supplicant *wpa_s = eloop_ctx;
186 const u8 *bssid = wpa_s->bssid;
a8e16edc 187 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 188 bssid = wpa_s->pending_bssid;
189 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
190 MAC2STR(bssid));
191 wpa_blacklist_add(wpa_s, bssid);
192 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 193 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 194 wpa_s->reassociate = 1;
48b84f18
BG		 195
196 /*
197 * If we timed out, the AP or the local radio may be busy.
198 * So, wait a second until scanning again.
199 */
200 wpa_supplicant_req_scan(wpa_s, 1, 0);
99fcd404 201
f85f545e 202 wpas_p2p_continue_after_scan(wpa_s);
6fc6879b
JM		 203}
204
205
206/**
207 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
208 * @wpa_s: Pointer to wpa_supplicant data
209 * @sec: Number of seconds after which to time out authentication
210 * @usec: Number of microseconds after which to time out authentication
211 *
212 * This function is used to schedule a timeout for the current authentication
213 * attempt.
214 */
215void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
216 int sec, int usec)
217{
c2a04078
JM		 218 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
219 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 220 return;
221
f049052b 222 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 223 "%d usec", sec, usec);
224 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
225 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
226}
227
228
229/**
230 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
231 * @wpa_s: Pointer to wpa_supplicant data
232 *
233 * This function is used to cancel authentication timeout scheduled with
234 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
235 * been completed.
236 */
237void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
238{
f049052b 239 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 240 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
241 wpa_blacklist_del(wpa_s, wpa_s->bssid);
242}
243
244
245/**
246 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
247 * @wpa_s: Pointer to wpa_supplicant data
248 *
249 * This function is used to configure EAPOL state machine based on the selected
250 * authentication mode.
251 */
252void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
253{
254#ifdef IEEE8021X_EAPOL
255 struct eapol_config eapol_conf;
256 struct wpa_ssid *ssid = wpa_s->current_ssid;
257
53895c3b 258#ifdef CONFIG_IBSS_RSN
d7dcba70 259 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 260 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
261 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
262 /*
263 * RSN IBSS authentication is per-STA and we can disable the
264 * per-BSSID EAPOL authentication.
265 */
266 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
267 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
268 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
269 return;
270 }
271#endif /* CONFIG_IBSS_RSN */
272
0a40ec6a
JM		 273 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
274 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
275
6fc6879b
JM		 276 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
277 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
278 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
279 else
280 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
281
282 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
283 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
284 eapol_conf.accept_802_1x_keys = 1;
285 eapol_conf.required_keys = 0;
286 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
287 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
288 }
289 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
290 eapol_conf.required_keys |=
291 EAPOL_REQUIRE_KEY_BROADCAST;
292 }
293
c2a04078 294 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b 295 eapol_conf.required_keys = 0;
6fc6879b
JM		 296 }
297 if (wpa_s->conf)
298 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
299 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 300 eapol_conf.eap_disabled =
301 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 302 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
6fc6879b
JM		 304 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
305#endif /* IEEE8021X_EAPOL */
306}
307
308
309/**
310 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
311 * @wpa_s: Pointer to wpa_supplicant data
312 * @ssid: Configuration data for the network
313 *
314 * This function is used to configure WPA state machine and related parameters
315 * to a mode where WPA is not enabled. This is called as part of the
316 * authentication configuration when the selected network does not use WPA.
317 */
318void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
319 struct wpa_ssid *ssid)
320{
321 int i;
322
ad08c363
JM		 323 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
324 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
325 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 326 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
327 else
328 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
329 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
330 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
331 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
333 wpa_s->group_cipher = WPA_CIPHER_NONE;
334 wpa_s->mgmt_group_cipher = 0;
335
336 for (i = 0; i < NUM_WEP_KEYS; i++) {
337 if (ssid->wep_key_len[i] > 5) {
338 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
339 wpa_s->group_cipher = WPA_CIPHER_WEP104;
340 break;
341 } else if (ssid->wep_key_len[i] > 0) {
342 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
343 wpa_s->group_cipher = WPA_CIPHER_WEP40;
344 break;
345 }
346 }
347
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
351 wpa_s->pairwise_cipher);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
353#ifdef CONFIG_IEEE80211W
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
355 wpa_s->mgmt_group_cipher);
356#endif /* CONFIG_IEEE80211W */
357
358 pmksa_cache_clear_current(wpa_s->wpa);
359}
360
361
6979582c 362void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 363{
364 int i;
365 if (wpa_s->hw.modes == NULL)
366 return;
367
368 for (i = 0; i < wpa_s->hw.num_modes; i++) {
369 os_free(wpa_s->hw.modes[i].channels);
370 os_free(wpa_s->hw.modes[i].rates);
371 }
372
373 os_free(wpa_s->hw.modes);
374 wpa_s->hw.modes = NULL;
375}
376
377
6fc6879b
JM		 378static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
379{
60b94c98 380 bgscan_deinit(wpa_s);
7c865c68 381 autoscan_deinit(wpa_s);
6fc6879b
JM		 382 scard_deinit(wpa_s->scard);
383 wpa_s->scard = NULL;
384 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
385 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
386 l2_packet_deinit(wpa_s->l2);
387 wpa_s->l2 = NULL;
388 if (wpa_s->l2_br) {
389 l2_packet_deinit(wpa_s->l2_br);
390 wpa_s->l2_br = NULL;
391 }
392
6fc6879b 393 if (wpa_s->conf != NULL) {
8e56d189
JM		 394 struct wpa_ssid *ssid;
395 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
396 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 397 }
398
399 os_free(wpa_s->confname);
400 wpa_s->confname = NULL;
401
e6304cad
DS		 402 os_free(wpa_s->confanother);
403 wpa_s->confanother = NULL;
404
6fc6879b
JM		 405 wpa_sm_set_eapol(wpa_s->wpa, NULL);
406 eapol_sm_deinit(wpa_s->eapol);
407 wpa_s->eapol = NULL;
408
409 rsn_preauth_deinit(wpa_s->wpa);
410
281ff0aa
GP		 411#ifdef CONFIG_TDLS
412 wpa_tdls_deinit(wpa_s->wpa);
413#endif /* CONFIG_TDLS */
414
6fc6879b
JM		 415 pmksa_candidate_free(wpa_s->wpa);
416 wpa_sm_deinit(wpa_s->wpa);
417 wpa_s->wpa = NULL;
418 wpa_blacklist_clear(wpa_s);
419
83922c2d 420 wpa_bss_deinit(wpa_s);
6fc6879b
JM		 421
422 wpa_supplicant_cancel_scan(wpa_s);
423 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 424 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
425#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
426 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
427 wpa_s, NULL);
428#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 429
116654ce 430 wpas_wps_deinit(wpa_s);
11ef8d35 431
1ff73338
JM		 432 wpabuf_free(wpa_s->pending_eapol_rx);
433 wpa_s->pending_eapol_rx = NULL;
434
11ef8d35
JM		 435#ifdef CONFIG_IBSS_RSN
436 ibss_rsn_deinit(wpa_s->ibss_rsn);
437 wpa_s->ibss_rsn = NULL;
438#endif /* CONFIG_IBSS_RSN */
c2a04078 439
e29853bb 440 sme_deinit(wpa_s);
2d5b792d
JM		 441
442#ifdef CONFIG_AP
443 wpa_supplicant_ap_deinit(wpa_s);
444#endif /* CONFIG_AP */
b22128ef
JM		 445
446#ifdef CONFIG_P2P
447 wpas_p2p_deinit(wpa_s);
448#endif /* CONFIG_P2P */
f47d639d 449
24f6497c
JM		 450#ifdef CONFIG_OFFCHANNEL
451 offchannel_deinit(wpa_s);
452#endif /* CONFIG_OFFCHANNEL */
453
a4cba8f1
LC		 454 wpa_supplicant_cancel_sched_scan(wpa_s);
455
f47d639d
JM		 456 os_free(wpa_s->next_scan_freqs);
457 wpa_s->next_scan_freqs = NULL;
04ea7b79
JM		 458
459 gas_query_deinit(wpa_s->gas);
460 wpa_s->gas = NULL;
6bf731e8
CL		 461
462 free_hw_features(wpa_s);
d445a5cd
JM		 463
464 os_free(wpa_s->bssid_filter);
465 wpa_s->bssid_filter = NULL;
b6668734 466
6407f413
JM		 467 os_free(wpa_s->disallow_aps_bssid);
468 wpa_s->disallow_aps_bssid = NULL;
469 os_free(wpa_s->disallow_aps_ssid);
470 wpa_s->disallow_aps_ssid = NULL;
471
b6668734 472 wnm_bss_keep_alive_deinit(wpa_s);
306ae225
JM		 473
474 ext_password_deinit(wpa_s->ext_pw);
475 wpa_s->ext_pw = NULL;
b1f12296
JM		 476
477 wpabuf_free(wpa_s->last_gas_resp);
a297201d
JM		 478
479 os_free(wpa_s->last_scan_res);
480 wpa_s->last_scan_res = NULL;
6fc6879b
JM		 481}
482
483
484/**
485 * wpa_clear_keys - Clear keys configured for the driver
486 * @wpa_s: Pointer to wpa_supplicant data
487 * @addr: Previously used BSSID or %NULL if not available
488 *
489 * This function clears the encryption keys that has been previously configured
490 * for the driver.
491 */
492void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
493{
6fc6879b
JM		 494 if (wpa_s->keys_cleared) {
495 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
496 * timing issues with keys being cleared just before new keys
497 * are set or just after association or something similar. This
498 * shows up in group key handshake failing often because of the
499 * client not receiving the first encrypted packets correctly.
500 * Skipping some of the extra key clearing steps seems to help
501 * in completing group key handshake more reliably. */
f049052b
BG		 502 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
503 "skip key clearing");
6fc6879b
JM		 504 return;
505 }
506
507 /* MLME-DELETEKEYS.request */
0382097e
JM		 508 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
509 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
510 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
511 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
0e27f655 512#ifdef CONFIG_IEEE80211W
0382097e
JM		 513 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
514 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
0e27f655 515#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 516 if (addr) {
517 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
518 0);
519 /* MLME-SETPROTECTION.request(None) */
520 wpa_drv_mlme_setprotection(
521 wpa_s, addr,
522 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
523 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
524 }
525 wpa_s->keys_cleared = 1;
526}
527
528
529/**
530 * wpa_supplicant_state_txt - Get the connection state name as a text string
531 * @state: State (wpa_state; WPA_*)
532 * Returns: The state name as a printable text string
533 */
71934751 534const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 535{
536 switch (state) {
537 case WPA_DISCONNECTED:
538 return "DISCONNECTED";
539 case WPA_INACTIVE:
540 return "INACTIVE";
8401a6b0
JM		 541 case WPA_INTERFACE_DISABLED:
542 return "INTERFACE_DISABLED";
6fc6879b
JM		 543 case WPA_SCANNING:
544 return "SCANNING";
c2a04078
JM		 545 case WPA_AUTHENTICATING:
546 return "AUTHENTICATING";
6fc6879b
JM		 547 case WPA_ASSOCIATING:
548 return "ASSOCIATING";
549 case WPA_ASSOCIATED:
550 return "ASSOCIATED";
551 case WPA_4WAY_HANDSHAKE:
552 return "4WAY_HANDSHAKE";
553 case WPA_GROUP_HANDSHAKE:
554 return "GROUP_HANDSHAKE";
555 case WPA_COMPLETED:
556 return "COMPLETED";
557 default:
558 return "UNKNOWN";
559 }
560}
561
562
cfe53c9a
PS		 563#ifdef CONFIG_BGSCAN
564
565static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
566{
0096c427
JM		 567 if (wpas_driver_bss_selection(wpa_s))
568 return;
cfe53c9a
PS		 569 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
570 return;
571
572 bgscan_deinit(wpa_s);
573 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
574 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
575 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
576 "bgscan");
577 /*
578 * Live without bgscan; it is only used as a roaming
579 * optimization, so the initial connection is not
580 * affected.
581 */
6409b7a7
YD		 582 } else {
583 struct wpa_scan_results *scan_res;
cfe53c9a 584 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 585 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
586 0);
587 if (scan_res) {
588 bgscan_notify_scan(wpa_s, scan_res);
589 wpa_scan_results_free(scan_res);
590 }
591 }
cfe53c9a
PS		 592 } else
593 wpa_s->bgscan_ssid = NULL;
594}
595
596
597static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
598{
599 if (wpa_s->bgscan_ssid != NULL) {
600 bgscan_deinit(wpa_s);
601 wpa_s->bgscan_ssid = NULL;
602 }
603}
604
605#endif /* CONFIG_BGSCAN */
606
607
7c865c68
TB		 608static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
609{
99218999 610 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 611 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
612}
613
614
615static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
616{
617 autoscan_deinit(wpa_s);
618}
619
620
c3d12238
JM		 621void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
622{
623 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
624 wpa_s->wpa_state == WPA_SCANNING) {
625 autoscan_deinit(wpa_s);
626 wpa_supplicant_start_autoscan(wpa_s);
627 }
628}
629
630
6fc6879b
JM		 631/**
632 * wpa_supplicant_set_state - Set current connection state
633 * @wpa_s: Pointer to wpa_supplicant data
634 * @state: The new connection state
635 *
636 * This function is called whenever the connection state changes, e.g.,
637 * association is completed for WPA/WPA2 4-Way Handshake is started.
638 */
71934751
JM		 639void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
640 enum wpa_states state)
6fc6879b 641{
27f43d8d
MH		 642 enum wpa_states old_state = wpa_s->wpa_state;
643
f049052b
BG		 644 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
645 wpa_supplicant_state_txt(wpa_s->wpa_state),
646 wpa_supplicant_state_txt(state));
6fc6879b 647
cb8564b1
DW		 648 if (state != WPA_SCANNING)
649 wpa_supplicant_notify_scanning(wpa_s, 0);
650
6fc6879b 651 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 652 struct wpa_ssid *ssid = wpa_s->current_ssid;
7d37a357 653#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 654 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1cfc6787
JM		 655 MACSTR " completed [id=%d id_str=%s]",
656 MAC2STR(wpa_s->bssid),
6fc6879b
JM		 657 ssid ? ssid->id : -1,
658 ssid && ssid->id_str ? ssid->id_str : "");
659#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 660 wpas_clear_temp_disabled(wpa_s, ssid, 1);
f1a52633 661 wpa_s->extra_blacklist_count = 0;
6fc6879b 662 wpa_s->new_connection = 0;
6fc6879b 663 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 664#ifndef IEEE8021X_EAPOL
665 wpa_drv_set_supp_port(wpa_s, 1);
666#endif /* IEEE8021X_EAPOL */
17a4734d 667 wpa_s->after_wps = 0;
b22128ef
JM		 668#ifdef CONFIG_P2P
669 wpas_p2p_completed(wpa_s);
670#endif /* CONFIG_P2P */
c3701c66
RM		 671
672 sme_sched_obss_scan(wpa_s, 1);
6fc6879b
JM		 673 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
674 state == WPA_ASSOCIATED) {
675 wpa_s->new_connection = 1;
676 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 677#ifndef IEEE8021X_EAPOL
678 wpa_drv_set_supp_port(wpa_s, 0);
679#endif /* IEEE8021X_EAPOL */
c3701c66 680 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 681 }
682 wpa_s->wpa_state = state;
27f43d8d 683
cfe53c9a
PS		 684#ifdef CONFIG_BGSCAN
685 if (state == WPA_COMPLETED)
686 wpa_supplicant_start_bgscan(wpa_s);
687 else
688 wpa_supplicant_stop_bgscan(wpa_s);
689#endif /* CONFIG_BGSCAN */
690
7c865c68
TB		 691 if (state == WPA_AUTHENTICATING)
692 wpa_supplicant_stop_autoscan(wpa_s);
693
694 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
695 wpa_supplicant_start_autoscan(wpa_s);
696
5bbf9f10 697 if (wpa_s->wpa_state != old_state) {
27f43d8d 698 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10
PS		 699
700 if (wpa_s->wpa_state == WPA_COMPLETED ||
701 old_state == WPA_COMPLETED)
702 wpas_notify_auth_changed(wpa_s);
703 }
6fc6879b
JM		 704}
705
706
1a1bf008
JM		 707void wpa_supplicant_terminate_proc(struct wpa_global *global)
708{
709 int pending = 0;
710#ifdef CONFIG_WPS
711 struct wpa_supplicant *wpa_s = global->ifaces;
712 while (wpa_s) {
713 if (wpas_wps_terminate_pending(wpa_s) == 1)
714 pending = 1;
715 wpa_s = wpa_s->next;
716 }
717#endif /* CONFIG_WPS */
718 if (pending)
719 return;
720 eloop_terminate();
721}
722
723
0456ea16 724static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 725{
0456ea16 726 struct wpa_global *global = signal_ctx;
1a1bf008 727 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 728}
729
730
b22128ef 731void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 732{
71934751 733 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 734
6fc6879b
JM		 735 wpa_s->pairwise_cipher = 0;
736 wpa_s->group_cipher = 0;
737 wpa_s->mgmt_group_cipher = 0;
738 wpa_s->key_mgmt = 0;
8401a6b0 739 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 740 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 741
742 if (wpa_s->wpa_state != old_state)
743 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 744}
745
746
747/**
748 * wpa_supplicant_reload_configuration - Reload configuration data
749 * @wpa_s: Pointer to wpa_supplicant data
750 * Returns: 0 on success or -1 if configuration parsing failed
751 *
752 * This function can be used to request that the configuration data is reloaded
753 * (e.g., after configuration file change). This function is reloading
754 * configuration only for one interface, so this may need to be called multiple
755 * times if %wpa_supplicant is controlling multiple interfaces and all
756 * interfaces need reconfiguration.
757 */
758int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
759{
760 struct wpa_config *conf;
761 int reconf_ctrl;
8bac466b
JM		 762 int old_ap_scan;
763
6fc6879b
JM		 764 if (wpa_s->confname == NULL)
765 return -1;
e6304cad 766 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 767 if (conf == NULL) {
768 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
769 "file '%s' - exiting", wpa_s->confname);
770 return -1;
771 }
e6304cad
DS		 772 wpa_config_read(wpa_s->confanother, conf);
773
611aea7d 774 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 775
776 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
777 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
778 os_strcmp(conf->ctrl_interface,
779 wpa_s->conf->ctrl_interface) != 0);
780
781 if (reconf_ctrl && wpa_s->ctrl_iface) {
782 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
783 wpa_s->ctrl_iface = NULL;
784 }
785
786 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa
JM		 787 if (wpa_s->current_ssid) {
788 wpa_supplicant_deauthenticate(wpa_s,
789 WLAN_REASON_DEAUTH_LEAVING);
790 }
8bac466b 791
6fc6879b
JM		 792 /*
793 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
794 * pkcs11_engine_path, pkcs11_module_path.
795 */
56586197 796 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 797 /*
798 * Clear forced success to clear EAP state for next
799 * authentication.
800 */
801 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
802 }
803 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
804 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 805 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 806 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
807 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 808
809 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 810 wpa_config_free(wpa_s->conf);
811 wpa_s->conf = conf;
8bac466b
JM		 812 if (old_ap_scan != wpa_s->conf->ap_scan)
813 wpas_notify_ap_scan_changed(wpa_s);
814
6fc6879b
JM		 815 if (reconf_ctrl)
816 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
817
611aea7d
JM		 818 wpa_supplicant_update_config(wpa_s);
819
6fc6879b 820 wpa_supplicant_clear_status(wpa_s);
349493bd 821 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 822 wpa_s->reassociate = 1;
823 wpa_supplicant_req_scan(wpa_s, 0, 0);
824 }
f049052b 825 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 826 return 0;
827}
828
829
0456ea16 830static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 831{
0456ea16 832 struct wpa_global *global = signal_ctx;
6fc6879b 833 struct wpa_supplicant *wpa_s;
6fc6879b 834 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 835 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
836 sig);
6fc6879b 837 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 838 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 839 }
840 }
841}
842
843
508545f3 844enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
6fc6879b
JM		 845{
846 switch (key_mgmt) {
847 case WPA_KEY_MGMT_NONE:
848 return KEY_MGMT_NONE;
849 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
850 return KEY_MGMT_802_1X_NO_WPA;
851 case WPA_KEY_MGMT_IEEE8021X:
852 return KEY_MGMT_802_1X;
853 case WPA_KEY_MGMT_WPA_NONE:
854 return KEY_MGMT_WPA_NONE;
855 case WPA_KEY_MGMT_FT_IEEE8021X:
856 return KEY_MGMT_FT_802_1X;
857 case WPA_KEY_MGMT_FT_PSK:
858 return KEY_MGMT_FT_PSK;
56586197
JM		 859 case WPA_KEY_MGMT_IEEE8021X_SHA256:
860 return KEY_MGMT_802_1X_SHA256;
861 case WPA_KEY_MGMT_PSK_SHA256:
862 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 863 case WPA_KEY_MGMT_WPS:
864 return KEY_MGMT_WPS;
6fc6879b
JM		 865 case WPA_KEY_MGMT_PSK:
866 default:
867 return KEY_MGMT_PSK;
868 }
869}
870
871
872static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
873 struct wpa_ssid *ssid,
874 struct wpa_ie_data *ie)
875{
876 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
877 if (ret) {
878 if (ret == -2) {
879 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
880 "from association info");
881 }
882 return -1;
883 }
884
f049052b
BG		 885 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
886 "cipher suites");
6fc6879b
JM		 887 if (!(ie->group_cipher & ssid->group_cipher)) {
888 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
889 "cipher 0x%x (mask 0x%x) - reject",
890 ie->group_cipher, ssid->group_cipher);
891 return -1;
892 }
893 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
894 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
895 "cipher 0x%x (mask 0x%x) - reject",
896 ie->pairwise_cipher, ssid->pairwise_cipher);
897 return -1;
898 }
899 if (!(ie->key_mgmt & ssid->key_mgmt)) {
900 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
901 "management 0x%x (mask 0x%x) - reject",
902 ie->key_mgmt, ssid->key_mgmt);
903 return -1;
904 }
905
906#ifdef CONFIG_IEEE80211W
0b60b0aa 907 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
62d49803
JM		 908 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
909 wpa_s->conf->pmf : ssid->ieee80211w) ==
910 MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 911 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
912 "that does not support management frame protection - "
913 "reject");
914 return -1;
915 }
916#endif /* CONFIG_IEEE80211W */
917
918 return 0;
919}
920
921
922/**
923 * wpa_supplicant_set_suites - Set authentication and encryption parameters
924 * @wpa_s: Pointer to wpa_supplicant data
925 * @bss: Scan results for the selected BSS, or %NULL if not available
926 * @ssid: Configuration data for the selected network
927 * @wpa_ie: Buffer for the WPA/RSN IE
928 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
929 * used buffer length in case the functions returns success.
930 * Returns: 0 on success or -1 on failure
931 *
932 * This function is used to configure authentication and encryption parameters
933 * based on the network configuration and scan result for the selected BSS (if
934 * available).
935 */
936int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 937 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 938 u8 *wpa_ie, size_t *wpa_ie_len)
939{
940 struct wpa_ie_data ie;
941 int sel, proto;
942 const u8 *bss_wpa, *bss_rsn;
943
944 if (bss) {
6fa81a3b
JM		 945 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
946 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6fc6879b
JM		 947 } else
948 bss_wpa = bss_rsn = NULL;
949
950 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
951 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
952 (ie.group_cipher & ssid->group_cipher) &&
953 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
954 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 955 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 956 proto = WPA_PROTO_RSN;
957 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
958 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
959 (ie.group_cipher & ssid->group_cipher) &&
960 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
961 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 962 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b
JM		 963 proto = WPA_PROTO_WPA;
964 } else if (bss) {
965 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
966 return -1;
967 } else {
968 if (ssid->proto & WPA_PROTO_RSN)
969 proto = WPA_PROTO_RSN;
970 else
971 proto = WPA_PROTO_WPA;
972 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
973 os_memset(&ie, 0, sizeof(ie));
974 ie.group_cipher = ssid->group_cipher;
975 ie.pairwise_cipher = ssid->pairwise_cipher;
976 ie.key_mgmt = ssid->key_mgmt;
977#ifdef CONFIG_IEEE80211W
978 ie.mgmt_group_cipher =
70f8cc8e 979 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
6fc6879b
JM		 980 WPA_CIPHER_AES_128_CMAC : 0;
981#endif /* CONFIG_IEEE80211W */
f049052b
BG		 982 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
983 "based on configuration");
6fc6879b
JM		 984 } else
985 proto = ie.proto;
986 }
987
f049052b
BG		 988 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
989 "pairwise %d key_mgmt %d proto %d",
990 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 991#ifdef CONFIG_IEEE80211W
992 if (ssid->ieee80211w) {
f049052b
BG		 993 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
994 ie.mgmt_group_cipher);
6fc6879b
JM		 995 }
996#endif /* CONFIG_IEEE80211W */
997
64fa840a 998 wpa_s->wpa_proto = proto;
6fc6879b
JM		 999 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1000 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1001 !!(ssid->proto & WPA_PROTO_RSN));
1002
1003 if (bss || !wpa_s->ap_ies_from_associnfo) {
1004 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1005 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1006 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1007 bss_rsn ? 2 + bss_rsn[1] : 0))
1008 return -1;
1009 }
1010
1011 sel = ie.group_cipher & ssid->group_cipher;
edbd2a19
JM		 1012 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1013 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1014 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1015 "cipher");
6fc6879b
JM		 1016 return -1;
1017 }
edbd2a19
JM		 1018 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1019 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1020
1021 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
edbd2a19
JM		 1022 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1023 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1024 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1025 "cipher");
6fc6879b
JM		 1026 return -1;
1027 }
edbd2a19
JM		 1028 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1029 wpa_cipher_txt(wpa_s->pairwise_cipher));
6fc6879b
JM		 1030
1031 sel = ie.key_mgmt & ssid->key_mgmt;
c10347f2
JM		 1032#ifdef CONFIG_SAE
1033 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1034 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1035#endif /* CONFIG_SAE */
6fc6879b
JM		 1036 if (0) {
1037#ifdef CONFIG_IEEE80211R
1038 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1039 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1040 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
6fc6879b
JM		 1041 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1042 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1043 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1044#endif /* CONFIG_IEEE80211R */
c10347f2
JM		 1045#ifdef CONFIG_SAE
1046 } else if (sel & WPA_KEY_MGMT_SAE) {
1047 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1048 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1049 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1050 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1051 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1052#endif /* CONFIG_SAE */
56586197
JM		 1053#ifdef CONFIG_IEEE80211W
1054 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1055 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1056 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1057 "WPA: using KEY_MGMT 802.1X with SHA256");
1058 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1059 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1060 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1061 "WPA: using KEY_MGMT PSK with SHA256");
1062#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1063 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1064 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1065 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1066 } else if (sel & WPA_KEY_MGMT_PSK) {
1067 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1068 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1069 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1070 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1071 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
6fc6879b 1072 } else {
f049052b
BG		 1073 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1074 "authenticated key management type");
6fc6879b
JM		 1075 return -1;
1076 }
1077
1078 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1079 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1080 wpa_s->pairwise_cipher);
1081 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1082
1083#ifdef CONFIG_IEEE80211W
1084 sel = ie.mgmt_group_cipher;
62d49803
JM		 1085 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1086 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1087 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1088 sel = 0;
1089 if (sel & WPA_CIPHER_AES_128_CMAC) {
1090 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1091 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b
JM		 1092 "AES-128-CMAC");
1093 } else {
1094 wpa_s->mgmt_group_cipher = 0;
f049052b 1095 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1096 }
1097 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1098 wpa_s->mgmt_group_cipher);
62d49803
JM		 1099 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1100 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1101 wpa_s->conf->pmf : ssid->ieee80211w));
6fc6879b
JM		 1102#endif /* CONFIG_IEEE80211W */
1103
1104 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1105 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1106 return -1;
1107 }
1108
0bf927a0 1109 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
6fc6879b 1110 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
7d232e23
ZC		 1111#ifndef CONFIG_NO_PBKDF2
1112 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1113 ssid->passphrase) {
1114 u8 psk[PMK_LEN];
986de33d
JM		 1115 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1116 4096, psk, PMK_LEN);
7d232e23
ZC		 1117 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1118 psk, PMK_LEN);
1119 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1120 }
1121#endif /* CONFIG_NO_PBKDF2 */
9173b16f
JM		 1122#ifdef CONFIG_EXT_PASSWORD
1123 if (ssid->ext_psk) {
1124 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1125 ssid->ext_psk);
1126 char pw_str[64 + 1];
1127 u8 psk[PMK_LEN];
1128
1129 if (pw == NULL) {
1130 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1131 "found from external storage");
1132 return -1;
1133 }
1134
1135 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1136 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1137 "PSK length %d in external storage",
1138 (int) wpabuf_len(pw));
1139 ext_password_free(pw);
1140 return -1;
1141 }
1142
1143 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1144 pw_str[wpabuf_len(pw)] = '\0';
1145
1146#ifndef CONFIG_NO_PBKDF2
1147 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1148 {
986de33d
JM		 1149 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1150 4096, psk, PMK_LEN);
9173b16f
JM		 1151 os_memset(pw_str, 0, sizeof(pw_str));
1152 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1153 "external passphrase)",
1154 psk, PMK_LEN);
1155 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1156 } else
1157#endif /* CONFIG_NO_PBKDF2 */
1158 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1159 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1160 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1161 "Invalid PSK hex string");
1162 os_memset(pw_str, 0, sizeof(pw_str));
1163 ext_password_free(pw);
1164 return -1;
1165 }
1166 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1167 } else {
1168 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1169 "PSK available");
1170 os_memset(pw_str, 0, sizeof(pw_str));
1171 ext_password_free(pw);
1172 return -1;
1173 }
1174
1175 os_memset(pw_str, 0, sizeof(pw_str));
1176 ext_password_free(pw);
1177 }
1178#endif /* CONFIG_EXT_PASSWORD */
7d232e23 1179 } else
6fc6879b
JM		 1180 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1181
1182 return 0;
1183}
1184
1185
8cd6b7bc 1186static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1187{
8cd6b7bc 1188 *pos = 0x00;
03e47c9c 1189
8cd6b7bc
JB		 1190 switch (idx) {
1191 case 0: /* Bits 0-7 */
1192 break;
1193 case 1: /* Bits 8-15 */
1194 break;
1195 case 2: /* Bits 16-23 */
1196#ifdef CONFIG_WNM
1197 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1198 *pos |= 0x08; /* Bit 19 - BSS Transition */
1199#endif /* CONFIG_WNM */
1200 break;
1201 case 3: /* Bits 24-31 */
1202#ifdef CONFIG_WNM
1203 *pos |= 0x02; /* Bit 25 - SSID List */
1204#endif /* CONFIG_WNM */
03e47c9c 1205#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1206 if (wpa_s->conf->interworking)
1207 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1208#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1209 break;
1210 case 4: /* Bits 32-39 */
1211 break;
1212 case 5: /* Bits 40-47 */
1213 break;
1214 case 6: /* Bits 48-55 */
1215 break;
1216 }
1217}
03e47c9c 1218
03e47c9c 1219
8cd6b7bc
JB		 1220int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1221{
1222 u8 *pos = buf;
1223 u8 len = 4, i;
1224
1225 if (len < wpa_s->extended_capa_len)
1226 len = wpa_s->extended_capa_len;
03e47c9c
JM		 1227
1228 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1229 *pos++ = len;
1230 for (i = 0; i < len; i++, pos++) {
1231 wpas_ext_capab_byte(wpa_s, pos, i);
1232
1233 if (i < wpa_s->extended_capa_len) {
1234 *pos &= ~wpa_s->extended_capa_mask[i];
1235 *pos |= wpa_s->extended_capa[i];
1236 }
1237 }
03e47c9c 1238
3db5439a
JM		 1239 while (len > 0 && buf[1 + len] == 0) {
1240 len--;
1241 buf[1] = len;
1242 }
1243 if (len == 0)
1244 return 0;
1245
1246 return 2 + len;
03e47c9c
JM		 1247}
1248
1249
6fc6879b
JM		 1250/**
1251 * wpa_supplicant_associate - Request association
1252 * @wpa_s: Pointer to wpa_supplicant data
1253 * @bss: Scan results for the selected BSS, or %NULL if not available
1254 * @ssid: Configuration data for the selected network
1255 *
1256 * This function is used to request %wpa_supplicant to associate with a BSS.
1257 */
1258void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1259 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1260{
5f3a6aa0 1261 u8 wpa_ie[200];
6fc6879b 1262 size_t wpa_ie_len;
8bac466b 1263 int use_crypt, ret, i, bssid_changed;
abd9fafa 1264 int algs = WPA_AUTH_ALG_OPEN;
71934751 1265 enum wpa_cipher cipher_pairwise, cipher_group;
6fc6879b
JM		 1266 struct wpa_driver_associate_params params;
1267 int wep_keys_set = 0;
1268 struct wpa_driver_capa capa;
1269 int assoc_failed = 0;
8bac466b 1270 struct wpa_ssid *old_ssid;
03e47c9c
JM		 1271 u8 ext_capab[10];
1272 int ext_capab_len;
80e8a5ee
BG		 1273#ifdef CONFIG_HT_OVERRIDES
1274 struct ieee80211_ht_capabilities htcaps;
1275 struct ieee80211_ht_capabilities htcaps_mask;
1276#endif /* CONFIG_HT_OVERRIDES */
6fc6879b 1277
78177a00
JM		 1278#ifdef CONFIG_IBSS_RSN
1279 ibss_rsn_deinit(wpa_s->ibss_rsn);
1280 wpa_s->ibss_rsn = NULL;
1281#endif /* CONFIG_IBSS_RSN */
1282
2c5d725c
JM		 1283 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1284 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1285#ifdef CONFIG_AP
1286 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1287 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1288 "mode");
1581b38b
JM		 1289 return;
1290 }
8c981d17
DW		 1291 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1292 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1293 return;
1294 }
8f770587 1295 wpa_s->current_bss = bss;
1581b38b 1296#else /* CONFIG_AP */
f049052b
BG		 1297 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1298 "the build");
1581b38b
JM		 1299#endif /* CONFIG_AP */
1300 return;
1301 }
1302
52c9e6f3 1303#ifdef CONFIG_TDLS
95cb2d88
JM		 1304 if (bss)
1305 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1306 bss->ie_len);
52c9e6f3
JM		 1307#endif /* CONFIG_TDLS */
1308
5cc4d64b
JM		 1309 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1310 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1311 sme_authenticate(wpa_s, bss, ssid);
1312 return;
1313 }
1314
0c80427d 1315 os_memset(&params, 0, sizeof(params));
6fc6879b 1316 wpa_s->reassociate = 0;
22628eca 1317 if (bss && !wpas_driver_bss_selection(wpa_s)) {
6fc6879b 1318#ifdef CONFIG_IEEE80211R
6fa81a3b 1319 const u8 *ie, *md = NULL;
6fc6879b 1320#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1321 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1322 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
6fa81a3b 1323 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
8bac466b 1324 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1325 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1326 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1327 if (bssid_changed)
1328 wpas_notify_bssid_changed(wpa_s);
6fc6879b 1329#ifdef CONFIG_IEEE80211R
6fa81a3b 1330 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
6fc6879b
JM		 1331 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1332 md = ie + 2;
e7846b68 1333 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
91a05482
JM		 1334 if (md) {
1335 /* Prepare for the next transition */
76b7981d 1336 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
91a05482 1337 }
6fc6879b 1338#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1339#ifdef CONFIG_WPS
1340 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1341 wpa_s->conf->ap_scan == 2 &&
1342 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1343 /* Use ap_scan==1 style network selection to find the network
1344 */
4115303b 1345 wpa_s->scan_req = MANUAL_SCAN_REQ;
24c23d1b
JM		 1346 wpa_s->reassociate = 1;
1347 wpa_supplicant_req_scan(wpa_s, 0, 0);
1348 return;
1349#endif /* CONFIG_WPS */
6fc6879b
JM		 1350 } else {
1351 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1352 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1353 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1354 }
a4cba8f1 1355 wpa_supplicant_cancel_sched_scan(wpa_s);
6fc6879b
JM		 1356 wpa_supplicant_cancel_scan(wpa_s);
1357
1358 /* Starting new association, so clear the possibly used WPA IE from the
1359 * previous association. */
1360 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1361
1362#ifdef IEEE8021X_EAPOL
1363 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1364 if (ssid->leap) {
1365 if (ssid->non_leap == 0)
abd9fafa 1366 algs = WPA_AUTH_ALG_LEAP;
6fc6879b 1367 else
abd9fafa 1368 algs |= WPA_AUTH_ALG_LEAP;
6fc6879b
JM		 1369 }
1370 }
1371#endif /* IEEE8021X_EAPOL */
f049052b 1372 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
6fc6879b 1373 if (ssid->auth_alg) {
abd9fafa 1374 algs = ssid->auth_alg;
f049052b
BG		 1375 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1376 "0x%x", algs);
6fc6879b 1377 }
6fc6879b 1378
6fa81a3b
JM		 1379 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1380 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 1381 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 1382 int try_opportunistic;
6e202021
JM		 1383 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1384 wpa_s->conf->okc :
1385 ssid->proactive_key_caching) &&
6fc6879b
JM		 1386 (ssid->proto & WPA_PROTO_RSN);
1387 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
b2a12c4f 1388 ssid, try_opportunistic) == 0)
6fc6879b
JM		 1389 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1390 wpa_ie_len = sizeof(wpa_ie);
1391 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1392 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1393 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1394 "key management and encryption suites");
6fc6879b
JM		 1395 return;
1396 }
a3f7e518
JM		 1397 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1398 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1399 /*
1400 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1401 * use non-WPA since the scan results did not indicate that the
1402 * AP is using WPA or WPA2.
1403 */
1404 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1405 wpa_ie_len = 0;
1406 wpa_s->wpa_proto = 0;
0bf927a0 1407 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
6fc6879b
JM		 1408 wpa_ie_len = sizeof(wpa_ie);
1409 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1410 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1411 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1412 "key management and encryption suites (no "
1413 "scan results)");
6fc6879b
JM		 1414 return;
1415 }
ad08c363
JM		 1416#ifdef CONFIG_WPS
1417 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1418 struct wpabuf *wps_ie;
1419 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1420 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1421 wpa_ie_len = wpabuf_len(wps_ie);
1422 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1423 } else
1424 wpa_ie_len = 0;
ad08c363
JM		 1425 wpabuf_free(wps_ie);
1426 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d
JM		 1427 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1428 params.wps = WPS_MODE_PRIVACY;
1429 else
1430 params.wps = WPS_MODE_OPEN;
cf546f1a 1431 wpa_s->wpa_proto = 0;
ad08c363 1432#endif /* CONFIG_WPS */
6fc6879b
JM		 1433 } else {
1434 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1435 wpa_ie_len = 0;
cf546f1a 1436 wpa_s->wpa_proto = 0;
6fc6879b
JM		 1437 }
1438
5f3a6aa0
JM		 1439#ifdef CONFIG_P2P
1440 if (wpa_s->global->p2p) {
1441 u8 *pos;
1442 size_t len;
1443 int res;
5f3a6aa0
JM		 1444 pos = wpa_ie + wpa_ie_len;
1445 len = sizeof(wpa_ie) - wpa_ie_len;
b8a8d677
JM		 1446 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1447 ssid->p2p_group);
5f3a6aa0
JM		 1448 if (res >= 0)
1449 wpa_ie_len += res;
1450 }
72044390
JM		 1451
1452 wpa_s->cross_connect_disallowed = 0;
1453 if (bss) {
1454 struct wpabuf *p2p;
1455 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1456 if (p2p) {
1457 wpa_s->cross_connect_disallowed =
1458 p2p_get_cross_connect_disallowed(p2p);
1459 wpabuf_free(p2p);
f049052b
BG		 1460 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1461 "connection",
1462 wpa_s->cross_connect_disallowed ?
1463 "disallows" : "allows");
72044390
JM		 1464 }
1465 }
5f3a6aa0
JM		 1466#endif /* CONFIG_P2P */
1467
cb418324
JM		 1468#ifdef CONFIG_HS20
1469 if (wpa_s->conf->hs20) {
1470 struct wpabuf *hs20;
1471 hs20 = wpabuf_alloc(20);
1472 if (hs20) {
1473 wpas_hs20_add_indication(hs20);
1474 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1475 wpabuf_len(hs20));
1476 wpa_ie_len += wpabuf_len(hs20);
1477 wpabuf_free(hs20);
1478 }
1479 }
1480#endif /* CONFIG_HS20 */
1481
03e47c9c
JM		 1482 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1483 if (ext_capab_len > 0) {
92cbcf91
JM		 1484 u8 *pos = wpa_ie;
1485 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1486 pos += 2 + pos[1];
03e47c9c
JM		 1487 os_memmove(pos + ext_capab_len, pos,
1488 wpa_ie_len - (pos - wpa_ie));
1489 wpa_ie_len += ext_capab_len;
1490 os_memcpy(pos, ext_capab, ext_capab_len);
92cbcf91 1491 }
92cbcf91 1492
6fc6879b
JM		 1493 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1494 use_crypt = 1;
62769a88
JM		 1495 cipher_pairwise = wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher);
1496 cipher_group = wpa_cipher_to_suite_driver(wpa_s->group_cipher);
6fc6879b
JM		 1497 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1498 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1499 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1500 use_crypt = 0;
1501 if (wpa_set_wep_keys(wpa_s, ssid)) {
1502 use_crypt = 1;
1503 wep_keys_set = 1;
1504 }
1505 }
ad08c363
JM		 1506 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1507 use_crypt = 0;
6fc6879b
JM		 1508
1509#ifdef IEEE8021X_EAPOL
1510 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1511 if ((ssid->eapol_flags &
1512 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1513 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1514 !wep_keys_set) {
1515 use_crypt = 0;
1516 } else {
1517 /* Assume that dynamic WEP-104 keys will be used and
1518 * set cipher suites in order for drivers to expect
1519 * encryption. */
1520 cipher_pairwise = cipher_group = CIPHER_WEP104;
1521 }
1522 }
1523#endif /* IEEE8021X_EAPOL */
1524
1525 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1526 /* Set the key before (and later after) association */
1527 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1528 }
1529
6fc6879b 1530 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 1531 if (bss) {
6fa81a3b
JM		 1532 params.ssid = bss->ssid;
1533 params.ssid_len = bss->ssid_len;
f15854d1
JM		 1534 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1535 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1536 MACSTR " freq=%u MHz based on scan results "
1537 "(bssid_set=%d)",
1538 MAC2STR(bss->bssid), bss->freq,
1539 ssid->bssid_set);
22628eca
JM		 1540 params.bssid = bss->bssid;
1541 params.freq = bss->freq;
1542 }
6fc6879b
JM		 1543 } else {
1544 params.ssid = ssid->ssid;
1545 params.ssid_len = ssid->ssid_len;
1546 }
9e2af29f
NC		 1547
1548 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1549 wpa_s->conf->ap_scan == 2) {
1550 params.bssid = ssid->bssid;
1551 params.fixed_bssid = 1;
1552 }
1553
d7dcba70
JM		 1554 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1555 params.freq == 0)
6fc6879b
JM		 1556 params.freq = ssid->frequency; /* Initial channel for IBSS */
1557 params.wpa_ie = wpa_ie;
1558 params.wpa_ie_len = wpa_ie_len;
1559 params.pairwise_suite = cipher_pairwise;
1560 params.group_suite = cipher_group;
1561 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
64fa840a 1562 params.wpa_proto = wpa_s->wpa_proto;
6fc6879b
JM		 1563 params.auth_alg = algs;
1564 params.mode = ssid->mode;
1f6c0ab8 1565 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 1566 for (i = 0; i < NUM_WEP_KEYS; i++) {
1567 if (ssid->wep_key_len[i])
1568 params.wep_key[i] = ssid->wep_key[i];
1569 params.wep_key_len[i] = ssid->wep_key_len[i];
1570 }
1571 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1572
c2a04078 1573 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1574 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1575 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1576 params.passphrase = ssid->passphrase;
1577 if (ssid->psk_set)
1578 params.psk = ssid->psk;
1579 }
1580
36b15723
JM		 1581 params.drop_unencrypted = use_crypt;
1582
6fc6879b 1583#ifdef CONFIG_IEEE80211W
62d49803
JM		 1584 params.mgmt_frame_protection =
1585 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1586 wpa_s->conf->pmf : ssid->ieee80211w;
1587 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 1588 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 1589 struct wpa_ie_data ie;
1590 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1591 ie.capabilities &
1592 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 1593 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1594 "MFP: require MFP");
97d3497e
JM		 1595 params.mgmt_frame_protection =
1596 MGMT_FRAME_PROTECTION_REQUIRED;
1597 }
1598 }
6fc6879b
JM		 1599#endif /* CONFIG_IEEE80211W */
1600
ffad8858 1601 params.p2p = ssid->p2p_group;
6e3f4b89 1602
eea2fd9e
JM		 1603 if (wpa_s->parent->set_sta_uapsd)
1604 params.uapsd = wpa_s->parent->sta_uapsd;
1605 else
1606 params.uapsd = -1;
1607
80e8a5ee
BG		 1608#ifdef CONFIG_HT_OVERRIDES
1609 os_memset(&htcaps, 0, sizeof(htcaps));
1610 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1611 params.htcaps = (u8 *) &htcaps;
1612 params.htcaps_mask = (u8 *) &htcaps_mask;
1613 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1614#endif /* CONFIG_HT_OVERRIDES */
1615
17fbb751 1616 ret = wpa_drv_associate(wpa_s, &params);
6fc6879b
JM		 1617 if (ret < 0) {
1618 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1619 "failed");
871f4dd0
JM		 1620 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1621 /*
1622 * The driver is known to mean what is saying, so we
1623 * can stop right here; the association will not
1624 * succeed.
1625 */
1626 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 1627 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 1628 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1629 return;
1630 }
6fc6879b
JM		 1631 /* try to continue anyway; new association will be tried again
1632 * after timeout */
1633 assoc_failed = 1;
1634 }
1635
1636 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1637 /* Set the key after the association just in case association
1638 * cleared the previously configured key. */
1639 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1640 /* No need to timeout authentication since there is no key
1641 * management. */
1642 wpa_supplicant_cancel_auth_timeout(wpa_s);
1643 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 1644#ifdef CONFIG_IBSS_RSN
d7dcba70 1645 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 1646 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1647 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1648 /*
1649 * RSN IBSS authentication is per-STA and we can disable the
1650 * per-BSSID authentication.
1651 */
1652 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 1653#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1654 } else {
1655 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1656 int timeout = 60;
1657
1658 if (assoc_failed) {
1659 /* give IBSS a bit more time */
d7dcba70 1660 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 1661 } else if (wpa_s->conf->ap_scan == 1) {
1662 /* give IBSS a bit more time */
d7dcba70 1663 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 1664 }
6fc6879b
JM		 1665 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1666 }
1667
1668 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1669 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1670 /* Set static WEP keys again */
1671 wpa_set_wep_keys(wpa_s, ssid);
1672 }
1673
1674 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1675 /*
1676 * Do not allow EAP session resumption between different
1677 * network configurations.
1678 */
1679 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1680 }
8bac466b 1681 old_ssid = wpa_s->current_ssid;
6fc6879b 1682 wpa_s->current_ssid = ssid;
8f770587 1683 wpa_s->current_bss = bss;
6fc6879b
JM		 1684 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1685 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1686 if (old_ssid != wpa_s->current_ssid)
1687 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1688}
1689
1690
09f58c09
JM		 1691static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1692 const u8 *addr)
1693{
1694 struct wpa_ssid *old_ssid;
1695
1696 wpa_clear_keys(wpa_s, addr);
09f58c09 1697 old_ssid = wpa_s->current_ssid;
0d30cc24 1698 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 1699 wpa_sm_set_config(wpa_s->wpa, NULL);
1700 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1701 if (old_ssid != wpa_s->current_ssid)
1702 wpas_notify_network_changed(wpa_s);
1703 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1704}
1705
1706
6fc6879b
JM		 1707/**
1708 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1709 * @wpa_s: Pointer to wpa_supplicant data
1710 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1711 *
073ab58f 1712 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1713 * current AP.
1714 */
1715void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1716 int reason_code)
1717{
1718 u8 *addr = NULL;
ef48ff94 1719 union wpa_event_data event;
42d23547 1720 int zero_addr = 0;
8bac466b 1721
42d23547
JM		 1722 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1723 " pending_bssid=" MACSTR " reason=%d state=%s",
1724 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1725 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1726
1727 if (!is_zero_ether_addr(wpa_s->bssid))
1728 addr = wpa_s->bssid;
1729 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1730 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1731 wpa_s->wpa_state == WPA_ASSOCIATING))
1732 addr = wpa_s->pending_bssid;
1733 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1734 /*
1735 * When using driver-based BSS selection, we may not know the
1736 * BSSID with which we are currently trying to associate. We
1737 * need to notify the driver of this disconnection even in such
1738 * a case, so use the all zeros address here.
1739 */
6fc6879b 1740 addr = wpa_s->bssid;
42d23547
JM		 1741 zero_addr = 1;
1742 }
1743
7b44ff2c
SD		 1744#ifdef CONFIG_TDLS
1745 wpa_tdls_teardown_peers(wpa_s->wpa);
1746#endif /* CONFIG_TDLS */
1747
42d23547
JM		 1748 if (addr) {
1749 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94
JM		 1750 os_memset(&event, 0, sizeof(event));
1751 event.deauth_info.reason_code = (u16) reason_code;
1752 event.deauth_info.locally_generated = 1;
1753 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 1754 if (zero_addr)
1755 addr = NULL;
6fc6879b 1756 }
09f58c09
JM		 1757
1758 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1759}
1760
dca1a511
DS		 1761static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1762 struct wpa_ssid *ssid)
1763{
1764 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1765 return;
1766
1767 ssid->disabled = 0;
1768 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1769 wpas_notify_network_enabled_changed(wpa_s, ssid);
1770
1771 /*
1772 * Try to reassociate since there is no current configuration and a new
1773 * network was made available.
1774 */
1775 if (!wpa_s->current_ssid)
1776 wpa_s->reassociate = 1;
1777}
1778
6fc6879b 1779
86b89452
WS		 1780/**
1781 * wpa_supplicant_enable_network - Mark a configured network as enabled
1782 * @wpa_s: wpa_supplicant structure for a network interface
1783 * @ssid: wpa_ssid structure for a configured network or %NULL
1784 *
1785 * Enables the specified network or all networks if no network specified.
1786 */
1787void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1788 struct wpa_ssid *ssid)
1789{
86b89452 1790 if (ssid == NULL) {
14f79078
JM		 1791 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1792 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 1793 } else
1794 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 1795
dca1a511
DS		 1796 if (wpa_s->reassociate) {
1797 if (wpa_s->sched_scanning) {
1798 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1799 "new network to scan filters");
1800 wpa_supplicant_cancel_sched_scan(wpa_s);
1801 }
86b89452 1802
dca1a511 1803 wpa_supplicant_req_scan(wpa_s, 0, 0);
86b89452
WS		 1804 }
1805}
1806
1807
1808/**
1809 * wpa_supplicant_disable_network - Mark a configured network as disabled
1810 * @wpa_s: wpa_supplicant structure for a network interface
1811 * @ssid: wpa_ssid structure for a configured network or %NULL
1812 *
1813 * Disables the specified network or all networks if no network specified.
1814 */
1815void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1816 struct wpa_ssid *ssid)
1817{
1818 struct wpa_ssid *other_ssid;
1819 int was_disabled;
1820
1821 if (ssid == NULL) {
725fc39e
DS		 1822 if (wpa_s->sched_scanning)
1823 wpa_supplicant_cancel_sched_scan(wpa_s);
1824
4dac0245
JM		 1825 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1826 other_ssid = other_ssid->next) {
86b89452 1827 was_disabled = other_ssid->disabled;
4dac0245
JM		 1828 if (was_disabled == 2)
1829 continue; /* do not change persistent P2P group
1830 * data */
86b89452
WS		 1831
1832 other_ssid->disabled = 1;
1833
1834 if (was_disabled != other_ssid->disabled)
1835 wpas_notify_network_enabled_changed(
1836 wpa_s, other_ssid);
86b89452
WS		 1837 }
1838 if (wpa_s->current_ssid)
07783eaa 1839 wpa_supplicant_deauthenticate(
86b89452 1840 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4dac0245 1841 } else if (ssid->disabled != 2) {
86b89452 1842 if (ssid == wpa_s->current_ssid)
07783eaa 1843 wpa_supplicant_deauthenticate(
86b89452
WS		 1844 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1845
1846 was_disabled = ssid->disabled;
1847
1848 ssid->disabled = 1;
1849
725fc39e 1850 if (was_disabled != ssid->disabled) {
86b89452 1851 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 1852 if (wpa_s->sched_scanning) {
1853 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1854 "to remove network from filters");
1855 wpa_supplicant_cancel_sched_scan(wpa_s);
1856 wpa_supplicant_req_scan(wpa_s, 0, 0);
1857 }
1858 }
86b89452
WS		 1859 }
1860}
1861
1862
1863/**
1864 * wpa_supplicant_select_network - Attempt association with a network
1865 * @wpa_s: wpa_supplicant structure for a network interface
1866 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1867 */
1868void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1869 struct wpa_ssid *ssid)
1870{
1871
1872 struct wpa_ssid *other_ssid;
d93dfbd5 1873 int disconnected = 0;
86b89452 1874
d93dfbd5 1875 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
07783eaa 1876 wpa_supplicant_deauthenticate(
86b89452 1877 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 1878 disconnected = 1;
1879 }
86b89452 1880
00e5e3d5
JM		 1881 if (ssid)
1882 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1883
86b89452
WS		 1884 /*
1885 * Mark all other networks disabled or mark all networks enabled if no
1886 * network specified.
1887 */
4dac0245
JM		 1888 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1889 other_ssid = other_ssid->next) {
86b89452 1890 int was_disabled = other_ssid->disabled;
4dac0245
JM		 1891 if (was_disabled == 2)
1892 continue; /* do not change persistent P2P group data */
86b89452
WS		 1893
1894 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 1895 if (was_disabled && !other_ssid->disabled)
1896 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 1897
1898 if (was_disabled != other_ssid->disabled)
1899 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 1900 }
2a6f78fb
JJ		 1901
1902 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1903 /* We are already associated with the selected network */
1904 wpa_printf(MSG_DEBUG, "Already associated with the "
1905 "selected network - do nothing");
1906 return;
1907 }
1908
96efeeb6
JM		 1909 if (ssid)
1910 wpa_s->current_ssid = ssid;
7dcdcfd6 1911 wpa_s->connect_without_scan = NULL;
86b89452
WS		 1912 wpa_s->disconnected = 0;
1913 wpa_s->reassociate = 1;
cecdddc1
PS		 1914
1915 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1916 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
86b89452 1917
a1641d26
JM		 1918 if (ssid)
1919 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 1920}
1921
1922
1923/**
1924 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1925 * @wpa_s: wpa_supplicant structure for a network interface
1926 * @ap_scan: AP scan mode
1927 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1928 *
1929 */
1930int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1931{
1932
1933 int old_ap_scan;
1934
1935 if (ap_scan < 0 || ap_scan > 2)
1936 return -1;
1937
48f8e036
DS		 1938#ifdef ANDROID
1939 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1940 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1941 wpa_s->wpa_state < WPA_COMPLETED) {
1942 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1943 "associating", wpa_s->conf->ap_scan, ap_scan);
1944 return 0;
1945 }
1946#endif /* ANDROID */
1947
86b89452
WS		 1948 old_ap_scan = wpa_s->conf->ap_scan;
1949 wpa_s->conf->ap_scan = ap_scan;
1950
1951 if (old_ap_scan != wpa_s->conf->ap_scan)
1952 wpas_notify_ap_scan_changed(wpa_s);
1953
1954 return 0;
1955}
1956
1957
78633c37
SL		 1958/**
1959 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1960 * @wpa_s: wpa_supplicant structure for a network interface
1961 * @expire_age: Expiration age in seconds
1962 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1963 *
1964 */
1965int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1966 unsigned int bss_expire_age)
1967{
1968 if (bss_expire_age < 10) {
1969 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1970 bss_expire_age);
1971 return -1;
1972 }
1973 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1974 bss_expire_age);
1975 wpa_s->conf->bss_expiration_age = bss_expire_age;
1976
1977 return 0;
1978}
1979
1980
1981/**
1982 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1983 * @wpa_s: wpa_supplicant structure for a network interface
1984 * @expire_count: number of scans after which an unseen BSS is reclaimed
1985 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1986 *
1987 */
1988int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1989 unsigned int bss_expire_count)
1990{
1991 if (bss_expire_count < 1) {
1992 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1993 bss_expire_count);
1994 return -1;
1995 }
1996 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1997 bss_expire_count);
1998 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1999
2000 return 0;
2001}
2002
2003
c6e86b63
MA		 2004/**
2005 * wpa_supplicant_set_scan_interval - Set scan interval
2006 * @wpa_s: wpa_supplicant structure for a network interface
2007 * @scan_interval: scan interval in seconds
2008 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2009 *
2010 */
2011int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2012 int scan_interval)
2013{
2014 if (scan_interval < 0) {
2015 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2016 scan_interval);
2017 return -1;
2018 }
2019 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2020 scan_interval);
9e737f08 2021 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 2022
2023 return 0;
2024}
2025
2026
86b89452
WS		 2027/**
2028 * wpa_supplicant_set_debug_params - Set global debug params
2029 * @global: wpa_global structure
2030 * @debug_level: debug level
2031 * @debug_timestamp: determines if show timestamp in debug data
2032 * @debug_show_keys: determines if show keys in debug data
2033 * Returns: 0 if succeed or -1 if debug_level has wrong value
2034 */
2035int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2036 int debug_timestamp, int debug_show_keys)
2037{
2038
2039 int old_level, old_timestamp, old_show_keys;
2040
2041 /* check for allowed debuglevels */
14dc0011
PS		 2042 if (debug_level != MSG_EXCESSIVE &&
2043 debug_level != MSG_MSGDUMP &&
86b89452
WS		 2044 debug_level != MSG_DEBUG &&
2045 debug_level != MSG_INFO &&
2046 debug_level != MSG_WARNING &&
2047 debug_level != MSG_ERROR)
2048 return -1;
2049
2050 old_level = wpa_debug_level;
2051 old_timestamp = wpa_debug_timestamp;
2052 old_show_keys = wpa_debug_show_keys;
2053
2054 wpa_debug_level = debug_level;
2055 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2056 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2057
db9133ac
WS		 2058 if (wpa_debug_level != old_level)
2059 wpas_notify_debug_level_changed(global);
2060 if (wpa_debug_timestamp != old_timestamp)
2061 wpas_notify_debug_timestamp_changed(global);
2062 if (wpa_debug_show_keys != old_show_keys)
2063 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 2064
2065 return 0;
2066}
2067
2068
6fc6879b
JM		 2069/**
2070 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2071 * @wpa_s: Pointer to wpa_supplicant data
2072 * Returns: A pointer to the current network structure or %NULL on failure
2073 */
2074struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2075{
2076 struct wpa_ssid *entry;
2077 u8 ssid[MAX_SSID_LEN];
2078 int res;
2079 size_t ssid_len;
2080 u8 bssid[ETH_ALEN];
2081 int wired;
2082
17fbb751
JM		 2083 res = wpa_drv_get_ssid(wpa_s, ssid);
2084 if (res < 0) {
2085 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2086 "driver");
2087 return NULL;
6fc6879b 2088 }
17fbb751 2089 ssid_len = res;
6fc6879b 2090
17fbb751 2091 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 2092 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2093 "driver");
6fc6879b
JM		 2094 return NULL;
2095 }
2096
c2a04078
JM		 2097 wired = wpa_s->conf->ap_scan == 0 &&
2098 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 2099
2100 entry = wpa_s->conf->ssid;
2101 while (entry) {
349493bd 2102 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 2103 ((ssid_len == entry->ssid_len &&
2104 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2105 (!entry->bssid_set ||
2106 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2107 return entry;
24c23d1b 2108#ifdef CONFIG_WPS
349493bd 2109 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 2110 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2111 (entry->ssid == NULL || entry->ssid_len == 0) &&
2112 (!entry->bssid_set ||
2113 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2114 return entry;
2115#endif /* CONFIG_WPS */
7d232e23 2116
349493bd 2117 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 2118 entry->ssid_len == 0 &&
2119 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2120 return entry;
2121
6fc6879b
JM		 2122 entry = entry->next;
2123 }
2124
2125 return NULL;
2126}
2127
2128
7756114f
JM		 2129static int select_driver(struct wpa_supplicant *wpa_s, int i)
2130{
2131 struct wpa_global *global = wpa_s->global;
2132
2133 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2134 global->drv_priv[i] = wpa_drivers[i]->global_init();
2135 if (global->drv_priv[i] == NULL) {
2136 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2137 "'%s'", wpa_drivers[i]->name);
2138 return -1;
2139 }
2140 }
2141
2142 wpa_s->driver = wpa_drivers[i];
2143 wpa_s->global_drv_priv = global->drv_priv[i];
2144
2145 return 0;
2146}
2147
2148
6fc6879b
JM		 2149static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2150 const char *name)
2151{
2152 int i;
362f781e 2153 size_t len;
74b1c84a 2154 const char *pos, *driver = name;
6fc6879b
JM		 2155
2156 if (wpa_s == NULL)
2157 return -1;
2158
c5121837 2159 if (wpa_drivers[0] == NULL) {
f049052b
BG		 2160 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2161 "wpa_supplicant");
6fc6879b
JM		 2162 return -1;
2163 }
2164
2165 if (name == NULL) {
2166 /* default to first driver in the list */
7756114f 2167 return select_driver(wpa_s, 0);
6fc6879b
JM		 2168 }
2169
74b1c84a
SO		 2170 do {
2171 pos = os_strchr(driver, ',');
2172 if (pos)
2173 len = pos - driver;
2174 else
2175 len = os_strlen(driver);
2176
2177 for (i = 0; wpa_drivers[i]; i++) {
2178 if (os_strlen(wpa_drivers[i]->name) == len &&
2179 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 2180 0) {
2181 /* First driver that succeeds wins */
2182 if (select_driver(wpa_s, i) == 0)
2183 return 0;
2184 }
6fc6879b 2185 }
74b1c84a
SO		 2186
2187 driver = pos + 1;
2188 } while (pos);
6fc6879b 2189
f049052b 2190 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 2191 return -1;
2192}
2193
2194
a8e0505b
JM		 2195/**
2196 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2197 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2198 * with struct wpa_driver_ops::init()
2199 * @src_addr: Source address of the EAPOL frame
2200 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2201 * @len: Length of the EAPOL data
2202 *
2203 * This function is called for each received EAPOL frame. Most driver
2204 * interfaces rely on more generic OS mechanism for receiving frames through
2205 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2206 * take care of received EAPOL frames and deliver them to the core supplicant
2207 * code by calling this function.
2208 */
6fc6879b
JM		 2209void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2210 const u8 *buf, size_t len)
2211{
2212 struct wpa_supplicant *wpa_s = ctx;
2213
f049052b 2214 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 2215 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2216
3ab35a66
JM		 2217 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2218 (wpa_s->last_eapol_matches_bssid &&
2219#ifdef CONFIG_AP
2220 !wpa_s->ap_iface &&
2221#endif /* CONFIG_AP */
2222 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 2223 /*
2224 * There is possible race condition between receiving the
2225 * association event and the EAPOL frame since they are coming
2226 * through different paths from the driver. In order to avoid
2227 * issues in trying to process the EAPOL frame before receiving
2228 * association information, lets queue it for processing until
3ab35a66
JM		 2229 * the association event is received. This may also be needed in
2230 * driver-based roaming case, so also use src_addr != BSSID as a
2231 * trigger if we have previously confirmed that the
2232 * Authenticator uses BSSID as the src_addr (which is not the
2233 * case with wired IEEE 802.1X).
1ff73338 2234 */
f049052b 2235 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 2236 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2237 wpa_supplicant_state_txt(wpa_s->wpa_state),
2238 MAC2STR(wpa_s->bssid));
1ff73338
JM		 2239 wpabuf_free(wpa_s->pending_eapol_rx);
2240 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2241 if (wpa_s->pending_eapol_rx) {
2242 os_get_time(&wpa_s->pending_eapol_rx_time);
2243 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2244 ETH_ALEN);
2245 }
2246 return;
2247 }
2248
3ab35a66
JM		 2249 wpa_s->last_eapol_matches_bssid =
2250 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2251
db149ac9
JM		 2252#ifdef CONFIG_AP
2253 if (wpa_s->ap_iface) {
2254 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2255 return;
2256 }
2257#endif /* CONFIG_AP */
2258
6fc6879b 2259 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 2260 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2261 "no key management is configured");
6fc6879b
JM		 2262 return;
2263 }
2264
2265 if (wpa_s->eapol_received == 0 &&
c2a04078 2266 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 2267 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 2268 wpa_s->wpa_state != WPA_COMPLETED) &&
2269 (wpa_s->current_ssid == NULL ||
2270 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 2271 /* Timeout for completing IEEE 802.1X and WPA authentication */
2272 wpa_supplicant_req_auth_timeout(
2273 wpa_s,
56586197 2274 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 2275 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2276 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 2277 70 : 10, 0);
2278 }
2279 wpa_s->eapol_received++;
2280
2281 if (wpa_s->countermeasures) {
f049052b
BG		 2282 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2283 "EAPOL packet");
6fc6879b
JM		 2284 return;
2285 }
2286
8be18440
JM		 2287#ifdef CONFIG_IBSS_RSN
2288 if (wpa_s->current_ssid &&
d7dcba70 2289 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 2290 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2291 return;
2292 }
2293#endif /* CONFIG_IBSS_RSN */
2294
6fc6879b
JM		 2295 /* Source address of the incoming EAPOL frame could be compared to the
2296 * current BSSID. However, it is possible that a centralized
2297 * Authenticator could be using another MAC address than the BSSID of
2298 * an AP, so just allow any address to be used for now. The replies are
2299 * still sent to the current BSSID (if available), though. */
2300
2301 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 2302 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 2303 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2304 return;
2305 wpa_drv_poll(wpa_s);
c2a04078 2306 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 2307 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 2308 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 2309 /*
2310 * Set portValid = TRUE here since we are going to skip 4-way
2311 * handshake processing which would normally set portValid. We
2312 * need this to allow the EAPOL state machines to be completed
2313 * without going through EAPOL-Key handshake.
2314 */
2315 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2316 }
2317}
2318
2319
bfba8deb 2320int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 2321{
6fc6879b
JM		 2322 if (wpa_s->driver->send_eapol) {
2323 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2324 if (addr)
2325 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
fdadd5fe
JM		 2326 } else if (!(wpa_s->drv_flags &
2327 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 2328 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 2329 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2330 wpa_drv_get_mac_addr(wpa_s),
2331 ETH_P_EAPOL,
2332 wpa_supplicant_rx_eapol, wpa_s, 0);
2333 if (wpa_s->l2 == NULL)
2334 return -1;
fdadd5fe
JM		 2335 } else {
2336 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2337 if (addr)
2338 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 2339 }
2340
2341 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 2342 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 2343 return -1;
2344 }
2345
f049052b
BG		 2346 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2347 MAC2STR(wpa_s->own_addr));
f98eb880 2348 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
6fc6879b 2349
bfba8deb
JM		 2350 return 0;
2351}
2352
2353
25f839c6
JM		 2354static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2355 const u8 *buf, size_t len)
2356{
2357 struct wpa_supplicant *wpa_s = ctx;
2358 const struct l2_ethhdr *eth;
2359
2360 if (len < sizeof(*eth))
2361 return;
2362 eth = (const struct l2_ethhdr *) buf;
2363
2364 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2365 !(eth->h_dest[0] & 0x01)) {
2366 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2367 " (bridge - not for this interface - ignore)",
2368 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2369 return;
2370 }
2371
2372 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2373 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2374 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2375 len - sizeof(*eth));
2376}
2377
2378
bfba8deb
JM		 2379/**
2380 * wpa_supplicant_driver_init - Initialize driver interface parameters
2381 * @wpa_s: Pointer to wpa_supplicant data
2382 * Returns: 0 on success, -1 on failure
2383 *
2384 * This function is called to initialize driver interface parameters.
2385 * wpa_drv_init() must have been called before this function to initialize the
2386 * driver interface.
2387 */
2388int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2389{
2390 static int interface_count = 0;
2391
2392 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2393 return -1;
2394
6fc6879b 2395 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 2396 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2397 "interface '%s'", wpa_s->bridge_ifname);
6fc6879b
JM		 2398 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2399 wpa_s->own_addr,
2400 ETH_P_EAPOL,
25f839c6
JM		 2401 wpa_supplicant_rx_eapol_bridge,
2402 wpa_s, 1);
6fc6879b 2403 if (wpa_s->l2_br == NULL) {
f049052b
BG		 2404 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2405 "connection for the bridge interface '%s'",
2406 wpa_s->bridge_ifname);
6fc6879b
JM		 2407 return -1;
2408 }
2409 }
2410
6fc6879b
JM		 2411 wpa_clear_keys(wpa_s, NULL);
2412
2413 /* Make sure that TKIP countermeasures are not left enabled (could
2414 * happen if wpa_supplicant is killed during countermeasures. */
2415 wpa_drv_set_countermeasures(wpa_s, 0);
2416
f049052b 2417 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 2418 wpa_drv_flush_pmkid(wpa_s);
2419
ba2a573c 2420 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 2421 wpa_s->prev_scan_wildcard = 0;
2422
349493bd 2423 if (wpa_supplicant_enabled_networks(wpa_s)) {
6a90053c
LC		 2424 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2425 100000))
a4cba8f1
LC		 2426 wpa_supplicant_req_scan(wpa_s, interface_count,
2427 100000);
74e259ec
JM		 2428 interface_count++;
2429 } else
2430 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 2431
2432 return 0;
2433}
2434
2435
2436static int wpa_supplicant_daemon(const char *pid_file)
2437{
2438 wpa_printf(MSG_DEBUG, "Daemonize..");
2439 return os_daemonize(pid_file);
2440}
2441
2442
2443static struct wpa_supplicant * wpa_supplicant_alloc(void)
2444{
2445 struct wpa_supplicant *wpa_s;
2446
2447 wpa_s = os_zalloc(sizeof(*wpa_s));
2448 if (wpa_s == NULL)
2449 return NULL;
4115303b 2450 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 2451 wpa_s->scan_interval = 5;
c302f207 2452 wpa_s->new_connection = 1;
b22128ef 2453 wpa_s->parent = wpa_s;
cbdf3507 2454 wpa_s->sched_scanning = 0;
6fc6879b
JM		 2455
2456 return wpa_s;
2457}
2458
2459
80e8a5ee
BG		 2460#ifdef CONFIG_HT_OVERRIDES
2461
2462static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2463 struct ieee80211_ht_capabilities *htcaps,
2464 struct ieee80211_ht_capabilities *htcaps_mask,
2465 const char *ht_mcs)
2466{
2467 /* parse ht_mcs into hex array */
2468 int i;
2469 const char *tmp = ht_mcs;
2470 char *end = NULL;
2471
2472 /* If ht_mcs is null, do not set anything */
2473 if (!ht_mcs)
2474 return 0;
2475
2476 /* This is what we are setting in the kernel */
2477 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2478
2479 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2480
2481 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2482 errno = 0;
2483 long v = strtol(tmp, &end, 16);
2484 if (errno == 0) {
2485 wpa_msg(wpa_s, MSG_DEBUG,
2486 "htcap value[%i]: %ld end: %p tmp: %p",
2487 i, v, end, tmp);
2488 if (end == tmp)
2489 break;
2490
2491 htcaps->supported_mcs_set[i] = v;
2492 tmp = end;
2493 } else {
2494 wpa_msg(wpa_s, MSG_ERROR,
2495 "Failed to parse ht-mcs: %s, error: %s\n",
2496 ht_mcs, strerror(errno));
2497 return -1;
2498 }
2499 }
2500
2501 /*
2502 * If we were able to parse any values, then set mask for the MCS set.
2503 */
2504 if (i) {
2505 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2506 IEEE80211_HT_MCS_MASK_LEN - 1);
2507 /* skip the 3 reserved bits */
2508 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2509 0x1f;
2510 }
2511
2512 return 0;
2513}
2514
2515
2516static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2517 struct ieee80211_ht_capabilities *htcaps,
2518 struct ieee80211_ht_capabilities *htcaps_mask,
2519 int disabled)
2520{
2521 u16 msk;
2522
2523 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2524
2525 if (disabled == -1)
2526 return 0;
2527
2528 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2529 htcaps_mask->ht_capabilities_info |= msk;
2530 if (disabled)
2531 htcaps->ht_capabilities_info &= msk;
2532 else
2533 htcaps->ht_capabilities_info |= msk;
2534
2535 return 0;
2536}
2537
2538
2539static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2540 struct ieee80211_ht_capabilities *htcaps,
2541 struct ieee80211_ht_capabilities *htcaps_mask,
2542 int factor)
2543{
2544 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2545
2546 if (factor == -1)
2547 return 0;
2548
2549 if (factor < 0 || factor > 3) {
2550 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2551 "Must be 0-3 or -1", factor);
2552 return -EINVAL;
2553 }
2554
2555 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2556 htcaps->a_mpdu_params &= ~0x3;
2557 htcaps->a_mpdu_params |= factor & 0x3;
2558
2559 return 0;
2560}
2561
2562
2563static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2564 struct ieee80211_ht_capabilities *htcaps,
2565 struct ieee80211_ht_capabilities *htcaps_mask,
2566 int density)
2567{
2568 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2569
2570 if (density == -1)
2571 return 0;
2572
2573 if (density < 0 || density > 7) {
2574 wpa_msg(wpa_s, MSG_ERROR,
2575 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2576 density);
2577 return -EINVAL;
2578 }
2579
2580 htcaps_mask->a_mpdu_params |= 0x1C;
2581 htcaps->a_mpdu_params &= ~(0x1C);
2582 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2583
2584 return 0;
2585}
2586
2587
2588static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2589 struct ieee80211_ht_capabilities *htcaps,
2590 struct ieee80211_ht_capabilities *htcaps_mask,
2591 int disabled)
2592{
2593 /* Masking these out disables HT40 */
2594 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2595 HT_CAP_INFO_SHORT_GI40MHZ);
2596
2597 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2598
2599 if (disabled)
2600 htcaps->ht_capabilities_info &= ~msk;
2601 else
2602 htcaps->ht_capabilities_info |= msk;
2603
2604 htcaps_mask->ht_capabilities_info |= msk;
2605
2606 return 0;
2607}
2608
2609
a90497f8
BG		 2610static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2611 struct ieee80211_ht_capabilities *htcaps,
2612 struct ieee80211_ht_capabilities *htcaps_mask,
2613 int disabled)
2614{
2615 /* Masking these out disables SGI */
2616 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2617 HT_CAP_INFO_SHORT_GI40MHZ);
2618
2619 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2620
2621 if (disabled)
2622 htcaps->ht_capabilities_info &= ~msk;
2623 else
2624 htcaps->ht_capabilities_info |= msk;
2625
2626 htcaps_mask->ht_capabilities_info |= msk;
2627
2628 return 0;
2629}
2630
2631
80e8a5ee
BG		 2632void wpa_supplicant_apply_ht_overrides(
2633 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2634 struct wpa_driver_associate_params *params)
2635{
2636 struct ieee80211_ht_capabilities *htcaps;
2637 struct ieee80211_ht_capabilities *htcaps_mask;
2638
2639 if (!ssid)
2640 return;
2641
2642 params->disable_ht = ssid->disable_ht;
2643 if (!params->htcaps || !params->htcaps_mask)
2644 return;
2645
2646 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2647 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2648 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2649 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2650 ssid->disable_max_amsdu);
2651 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2652 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2653 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 2654 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
80e8a5ee
BG		 2655}
2656
2657#endif /* CONFIG_HT_OVERRIDES */
2658
2659
e9ee8dc3
JB		 2660#ifdef CONFIG_VHT_OVERRIDES
2661void wpa_supplicant_apply_vht_overrides(
2662 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2663 struct wpa_driver_associate_params *params)
2664{
2665 struct ieee80211_vht_capabilities *vhtcaps;
2666 struct ieee80211_vht_capabilities *vhtcaps_mask;
2667
2668 if (!ssid)
2669 return;
2670
2671 params->disable_vht = ssid->disable_vht;
2672
2673 vhtcaps = (void *) params->vhtcaps;
2674 vhtcaps_mask = (void *) params->vhtcaps_mask;
2675
2676 if (!vhtcaps || !vhtcaps_mask)
2677 return;
2678
2679 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2680 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2681
2682#define OVERRIDE_MCS(i) \
2683 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2684 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2685 3 << 2 * (i - 1); \
2686 vhtcaps->vht_supported_mcs_set.tx_map |= \
2687 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2688 } \
2689 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2690 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2691 3 << 2 * (i - 1); \
2692 vhtcaps->vht_supported_mcs_set.rx_map |= \
2693 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2694 }
2695
2696 OVERRIDE_MCS(1);
2697 OVERRIDE_MCS(2);
2698 OVERRIDE_MCS(3);
2699 OVERRIDE_MCS(4);
2700 OVERRIDE_MCS(5);
2701 OVERRIDE_MCS(6);
2702 OVERRIDE_MCS(7);
2703 OVERRIDE_MCS(8);
2704}
2705#endif /* CONFIG_VHT_OVERRIDES */
2706
2707
f64adcd7
JM		 2708static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2709{
2710#ifdef PCSC_FUNCS
2711 size_t len;
2712
2713 if (!wpa_s->conf->pcsc_reader)
2714 return 0;
2715
2716 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2717 if (!wpa_s->scard)
2718 return 1;
2719
2720 if (wpa_s->conf->pcsc_pin &&
2721 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2722 scard_deinit(wpa_s->scard);
2723 wpa_s->scard = NULL;
2724 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2725 return -1;
2726 }
2727
2728 len = sizeof(wpa_s->imsi) - 1;
2729 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2730 scard_deinit(wpa_s->scard);
2731 wpa_s->scard = NULL;
2732 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2733 return -1;
2734 }
2735 wpa_s->imsi[len] = '\0';
2736
2737 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2738
2739 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2740 wpa_s->imsi, wpa_s->mnc_len);
2741
2742 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2743 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2744#endif /* PCSC_FUNCS */
2745
2746 return 0;
2747}
2748
2749
306ae225
JM		 2750int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2751{
2752 char *val, *pos;
2753
2754 ext_password_deinit(wpa_s->ext_pw);
2755 wpa_s->ext_pw = NULL;
2756 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2757
2758 if (!wpa_s->conf->ext_password_backend)
2759 return 0;
2760
2761 val = os_strdup(wpa_s->conf->ext_password_backend);
2762 if (val == NULL)
2763 return -1;
2764 pos = os_strchr(val, ':');
2765 if (pos)
2766 *pos++ = '\0';
2767
2768 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2769
2770 wpa_s->ext_pw = ext_password_init(val, pos);
2771 os_free(val);
2772 if (wpa_s->ext_pw == NULL) {
2773 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2774 return -1;
2775 }
2776 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2777
2778 return 0;
2779}
2780
2781
6fc6879b
JM		 2782static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2783 struct wpa_interface *iface)
2784{
362f781e
JM		 2785 const char *ifname, *driver;
2786 struct wpa_driver_capa capa;
2787
6fc6879b
JM		 2788 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2789 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2790 iface->confname ? iface->confname : "N/A",
2791 iface->driver ? iface->driver : "default",
2792 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2793 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2794
6fc6879b
JM		 2795 if (iface->confname) {
2796#ifdef CONFIG_BACKEND_FILE
2797 wpa_s->confname = os_rel2abs_path(iface->confname);
2798 if (wpa_s->confname == NULL) {
2799 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2800 "for configuration file '%s'.",
2801 iface->confname);
2802 return -1;
2803 }
2804 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2805 iface->confname, wpa_s->confname);
2806#else /* CONFIG_BACKEND_FILE */
2807 wpa_s->confname = os_strdup(iface->confname);
2808#endif /* CONFIG_BACKEND_FILE */
e6304cad 2809 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 2810 if (wpa_s->conf == NULL) {
2811 wpa_printf(MSG_ERROR, "Failed to read or parse "
2812 "configuration '%s'.", wpa_s->confname);
2813 return -1;
2814 }
e6304cad
DS		 2815 wpa_s->confanother = os_rel2abs_path(iface->confanother);
2816 wpa_config_read(wpa_s->confanother, wpa_s->conf);
6fc6879b
JM		 2817
2818 /*
2819 * Override ctrl_interface and driver_param if set on command
2820 * line.
2821 */
2822 if (iface->ctrl_interface) {
2823 os_free(wpa_s->conf->ctrl_interface);
2824 wpa_s->conf->ctrl_interface =
2825 os_strdup(iface->ctrl_interface);
2826 }
2827
2828 if (iface->driver_param) {
2829 os_free(wpa_s->conf->driver_param);
2830 wpa_s->conf->driver_param =
2831 os_strdup(iface->driver_param);
2832 }
2833 } else
2834 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2835 iface->driver_param);
2836
2837 if (wpa_s->conf == NULL) {
2838 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2839 return -1;
2840 }
2841
2842 if (iface->ifname == NULL) {
2843 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2844 return -1;
2845 }
2846 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2847 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2848 iface->ifname);
2849 return -1;
2850 }
2851 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2852
2853 if (iface->bridge_ifname) {
2854 if (os_strlen(iface->bridge_ifname) >=
2855 sizeof(wpa_s->bridge_ifname)) {
2856 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2857 "name '%s'.", iface->bridge_ifname);
2858 return -1;
2859 }
2860 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2861 sizeof(wpa_s->bridge_ifname));
2862 }
2863
6fc6879b
JM		 2864 /* RSNA Supplicant Key Management - INITIALIZE */
2865 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2866 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2867
2868 /* Initialize driver interface and register driver event handler before
2869 * L2 receive handler so that association events are processed before
2870 * EAPOL-Key packets if both become available for the same select()
2871 * call. */
362f781e
JM		 2872 driver = iface->driver;
2873next_driver:
2874 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2875 return -1;
2876
6fc6879b
JM		 2877 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2878 if (wpa_s->drv_priv == NULL) {
362f781e 2879 const char *pos;
a5b9337f 2880 pos = driver ? os_strchr(driver, ',') : NULL;
362f781e 2881 if (pos) {
f049052b
BG		 2882 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2883 "driver interface - try next driver wrapper");
362f781e
JM		 2884 driver = pos + 1;
2885 goto next_driver;
2886 }
f049052b
BG		 2887 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2888 "interface");
6fc6879b
JM		 2889 return -1;
2890 }
2891 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
f049052b
BG		 2892 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2893 "driver_param '%s'", wpa_s->conf->driver_param);
6fc6879b
JM		 2894 return -1;
2895 }
2896
2897 ifname = wpa_drv_get_ifname(wpa_s);
2898 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
f049052b
BG		 2899 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2900 "interface name with '%s'", ifname);
6fc6879b
JM		 2901 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2902 }
2903
2904 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2905 return -1;
2906
2907 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2908 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2909 NULL);
2910 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2911
2912 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2913 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2914 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 2915 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2916 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 2917 return -1;
2918 }
2919
2920 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2921 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2922 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 2923 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 2924 "dot11RSNAConfigPMKReauthThreshold");
2925 return -1;
2926 }
2927
2928 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2929 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2930 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 2931 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2932 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 2933 return -1;
2934 }
2935
6bf731e8
CL		 2936 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2937 &wpa_s->hw.num_modes,
2938 &wpa_s->hw.flags);
2939
814782b9 2940 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c58ab8f2 2941 wpa_s->drv_capa_known = 1;
814782b9 2942 wpa_s->drv_flags = capa.flags;
349493bd 2943 wpa_s->drv_enc = capa.enc;
4f73d88a 2944 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 2945 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507
LC		 2946 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2947 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 2948 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 2949 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 2950 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 2951 wpa_s->extended_capa = capa.extended_capa;
2952 wpa_s->extended_capa_mask = capa.extended_capa_mask;
2953 wpa_s->extended_capa_len = capa.extended_capa_len;
814782b9
JM		 2954 }
2955 if (wpa_s->max_remain_on_chan == 0)
2956 wpa_s->max_remain_on_chan = 1000;
2957
6fc6879b
JM		 2958 if (wpa_supplicant_driver_init(wpa_s) < 0)
2959 return -1;
2960
281ff0aa
GP		 2961#ifdef CONFIG_TDLS
2962 if (wpa_tdls_init(wpa_s->wpa))
2963 return -1;
2964#endif /* CONFIG_TDLS */
2965
315ce40a
JM		 2966 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2967 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 2968 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 2969 return -1;
2970 }
2971
116654ce
JM		 2972 if (wpas_wps_init(wpa_s))
2973 return -1;
2974
6fc6879b
JM		 2975 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2976 return -1;
2977 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2978
2979 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2980 if (wpa_s->ctrl_iface == NULL) {
2981 wpa_printf(MSG_ERROR,
2982 "Failed to initialize control interface '%s'.\n"
2983 "You may have another wpa_supplicant process "
2984 "already running or the file was\n"
2985 "left by an unclean termination of wpa_supplicant "
2986 "in which case you will need\n"
2987 "to manually remove this file before starting "
2988 "wpa_supplicant again.\n",
2989 wpa_s->conf->ctrl_interface);
2990 return -1;
2991 }
2992
04ea7b79
JM		 2993 wpa_s->gas = gas_query_init(wpa_s);
2994 if (wpa_s->gas == NULL) {
2995 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2996 return -1;
2997 }
2998
b22128ef
JM		 2999#ifdef CONFIG_P2P
3000 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 3001 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 3002 return -1;
3003 }
3004#endif /* CONFIG_P2P */
3005
83922c2d
JM		 3006 if (wpa_bss_init(wpa_s) < 0)
3007 return -1;
83922c2d 3008
f64adcd7
JM		 3009 if (pcsc_reader_init(wpa_s) < 0)
3010 return -1;
3011
306ae225
JM		 3012 if (wpas_init_ext_pw(wpa_s) < 0)
3013 return -1;
3014
6fc6879b
JM		 3015 return 0;
3016}
3017
3018
2ee055b3 3019static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 3020 int notify, int terminate)
6fc6879b
JM		 3021{
3022 if (wpa_s->drv_priv) {
3023 wpa_supplicant_deauthenticate(wpa_s,
3024 WLAN_REASON_DEAUTH_LEAVING);
3025
6fc6879b
JM		 3026 wpa_drv_set_countermeasures(wpa_s, 0);
3027 wpa_clear_keys(wpa_s, NULL);
3028 }
3029
8e56d189
JM		 3030 wpa_supplicant_cleanup(wpa_s);
3031
ab28911d
JM		 3032#ifdef CONFIG_P2P
3033 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3034 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3035 "the management interface is being removed");
3036 wpas_p2p_deinit_global(wpa_s->global);
3037 }
3038#endif /* CONFIG_P2P */
3039
6fc6879b
JM		 3040 if (wpa_s->drv_priv)
3041 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 3042
3043 if (notify)
3044 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 3045
3046 if (terminate)
3047 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3048
3049 if (wpa_s->ctrl_iface) {
3050 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3051 wpa_s->ctrl_iface = NULL;
3052 }
3053
3054 if (wpa_s->conf != NULL) {
3055 wpa_config_free(wpa_s->conf);
3056 wpa_s->conf = NULL;
3057 }
6fc6879b
JM		 3058}
3059
3060
3061/**
3062 * wpa_supplicant_add_iface - Add a new network interface
3063 * @global: Pointer to global data from wpa_supplicant_init()
3064 * @iface: Interface configuration options
3065 * Returns: Pointer to the created interface or %NULL on failure
3066 *
3067 * This function is used to add new network interfaces for %wpa_supplicant.
3068 * This can be called before wpa_supplicant_run() to add interfaces before the
3069 * main event loop has been started. In addition, new interfaces can be added
3070 * dynamically while %wpa_supplicant is already running. This could happen,
3071 * e.g., when a hotplug network adapter is inserted.
3072 */
3073struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3074 struct wpa_interface *iface)
3075{
3076 struct wpa_supplicant *wpa_s;
d27df100 3077 struct wpa_interface t_iface;
8e56d189 3078 struct wpa_ssid *ssid;
6fc6879b
JM		 3079
3080 if (global == NULL || iface == NULL)
3081 return NULL;
3082
3083 wpa_s = wpa_supplicant_alloc();
3084 if (wpa_s == NULL)
3085 return NULL;
3086
d8222ae3
JM		 3087 wpa_s->global = global;
3088
d27df100
JM		 3089 t_iface = *iface;
3090 if (global->params.override_driver) {
3091 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3092 "('%s' -> '%s')",
3093 iface->driver, global->params.override_driver);
3094 t_iface.driver = global->params.override_driver;
3095 }
3096 if (global->params.override_ctrl_interface) {
3097 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3098 "ctrl_interface ('%s' -> '%s')",
3099 iface->ctrl_interface,
3100 global->params.override_ctrl_interface);
3101 t_iface.ctrl_interface =
3102 global->params.override_ctrl_interface;
3103 }
3104 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 3105 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3106 iface->ifname);
df509539 3107 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 3108 os_free(wpa_s);
3109 return NULL;
3110 }
3111
dc461de4
WS		 3112 /* Notify the control interfaces about new iface */
3113 if (wpas_notify_iface_added(wpa_s)) {
df509539 3114 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6fc6879b
JM		 3115 os_free(wpa_s);
3116 return NULL;
3117 }
1bd3f426 3118
8e56d189
JM		 3119 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3120 wpas_notify_network_added(wpa_s, ssid);
3121
6fc6879b
JM		 3122 wpa_s->next = global->ifaces;
3123 global->ifaces = wpa_s;
3124
f049052b 3125 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 3126 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b
JM		 3127
3128 return wpa_s;
3129}
3130
3131
3132/**
3133 * wpa_supplicant_remove_iface - Remove a network interface
3134 * @global: Pointer to global data from wpa_supplicant_init()
3135 * @wpa_s: Pointer to the network interface to be removed
3136 * Returns: 0 if interface was removed, -1 if interface was not found
3137 *
3138 * This function can be used to dynamically remove network interfaces from
3139 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3140 * addition, this function is used to remove all remaining interfaces when
3141 * %wpa_supplicant is terminated.
3142 */
3143int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 3144 struct wpa_supplicant *wpa_s,
3145 int terminate)
6fc6879b
JM		 3146{
3147 struct wpa_supplicant *prev;
3148
3149 /* Remove interface from the global list of interfaces */
3150 prev = global->ifaces;
3151 if (prev == wpa_s) {
3152 global->ifaces = wpa_s->next;
3153 } else {
3154 while (prev && prev->next != wpa_s)
3155 prev = prev->next;
3156 if (prev == NULL)
3157 return -1;
3158 prev->next = wpa_s->next;
3159 }
3160
f049052b 3161 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 3162
b22128ef
JM		 3163 if (global->p2p_group_formation == wpa_s)
3164 global->p2p_group_formation = NULL;
dbca75f8
JM		 3165 if (global->p2p_invite_group == wpa_s)
3166 global->p2p_invite_group = NULL;
df509539 3167 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b
JM		 3168 os_free(wpa_s);
3169
3170 return 0;
3171}
3172
3173
cf83fb0b
PS		 3174/**
3175 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3176 * @wpa_s: Pointer to the network interface
3177 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3178 */
3179const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3180{
3181 const char *eapol_method;
3182
3183 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3184 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3185 return "NO-EAP";
3186 }
3187
3188 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3189 if (eapol_method == NULL)
3190 return "UNKNOWN-EAP";
3191
3192 return eapol_method;
3193}
3194
3195
6fc6879b
JM		 3196/**
3197 * wpa_supplicant_get_iface - Get a new network interface
3198 * @global: Pointer to global data from wpa_supplicant_init()
3199 * @ifname: Interface name
3200 * Returns: Pointer to the interface or %NULL if not found
3201 */
3202struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3203 const char *ifname)
3204{
3205 struct wpa_supplicant *wpa_s;
3206
3207 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3208 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3209 return wpa_s;
3210 }
3211 return NULL;
3212}
3213
3214
50b16da1 3215#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 3216static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3217{
3218 struct wpa_supplicant *wpa_s = ctx;
3219 if (wpa_s == NULL)
3220 return NULL;
3221 return wpa_s->ifname;
3222}
50b16da1 3223#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 3224
3225
6fc6879b
JM		 3226/**
3227 * wpa_supplicant_init - Initialize %wpa_supplicant
3228 * @params: Parameters for %wpa_supplicant
3229 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3230 *
3231 * This function is used to initialize %wpa_supplicant. After successful
3232 * initialization, the returned data pointer can be used to add and remove
3233 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3234 */
3235struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3236{
3237 struct wpa_global *global;
ac305589 3238 int ret, i;
6fc6879b
JM		 3239
3240 if (params == NULL)
3241 return NULL;
3242
39e7d718
JM		 3243#ifdef CONFIG_DRIVER_NDIS
3244 {
3245 void driver_ndis_init_ops(void);
3246 driver_ndis_init_ops();
3247 }
3248#endif /* CONFIG_DRIVER_NDIS */
3249
50b16da1 3250#ifndef CONFIG_NO_WPA_MSG
4f1495ae 3251 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 3252#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 3253
6fc6879b 3254 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 3255 if (params->wpa_debug_syslog)
3256 wpa_debug_open_syslog();
4f68895e
JB		 3257 if (params->wpa_debug_tracing) {
3258 ret = wpa_debug_open_linux_tracing();
3259 if (ret) {
3260 wpa_printf(MSG_ERROR,
3261 "Failed to enable trace logging");
3262 return NULL;
3263 }
3264 }
6fc6879b 3265
12760815 3266 ret = eap_register_methods();
6fc6879b
JM		 3267 if (ret) {
3268 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3269 if (ret == -2)
3270 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3271 "the same EAP type.");
3272 return NULL;
3273 }
3274
3275 global = os_zalloc(sizeof(*global));
3276 if (global == NULL)
3277 return NULL;
b22128ef
JM		 3278 dl_list_init(&global->p2p_srv_bonjour);
3279 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 3280 global->params.daemonize = params->daemonize;
3281 global->params.wait_for_monitor = params->wait_for_monitor;
3282 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3283 if (params->pid_file)
3284 global->params.pid_file = os_strdup(params->pid_file);
3285 if (params->ctrl_interface)
3286 global->params.ctrl_interface =
3287 os_strdup(params->ctrl_interface);
d27df100
JM		 3288 if (params->override_driver)
3289 global->params.override_driver =
3290 os_strdup(params->override_driver);
3291 if (params->override_ctrl_interface)
3292 global->params.override_ctrl_interface =
3293 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 3294 wpa_debug_level = global->params.wpa_debug_level =
3295 params->wpa_debug_level;
3296 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3297 params->wpa_debug_show_keys;
3298 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3299 params->wpa_debug_timestamp;
3300
f19858f5
JM		 3301 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3302
0456ea16 3303 if (eloop_init()) {
6fc6879b
JM		 3304 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3305 wpa_supplicant_deinit(global);
3306 return NULL;
3307 }
3308
38e24575 3309 random_init(params->entropy_file);
d47fa330 3310
6fc6879b
JM		 3311 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3312 if (global->ctrl_iface == NULL) {
3313 wpa_supplicant_deinit(global);
3314 return NULL;
3315 }
3316
dc461de4
WS		 3317 if (wpas_notify_supplicant_initialized(global)) {
3318 wpa_supplicant_deinit(global);
3319 return NULL;
6fc6879b
JM		 3320 }
3321
c5121837 3322 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 3323 global->drv_count++;
3324 if (global->drv_count == 0) {
3325 wpa_printf(MSG_ERROR, "No drivers enabled");
3326 wpa_supplicant_deinit(global);
3327 return NULL;
3328 }
3329 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3330 if (global->drv_priv == NULL) {
3331 wpa_supplicant_deinit(global);
3332 return NULL;
3333 }
ac305589 3334
9675ce35
JM		 3335#ifdef CONFIG_WIFI_DISPLAY
3336 if (wifi_display_init(global) < 0) {
3337 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3338 wpa_supplicant_deinit(global);
3339 return NULL;
3340 }
3341#endif /* CONFIG_WIFI_DISPLAY */
3342
6fc6879b
JM		 3343 return global;
3344}
3345
3346
3347/**
3348 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3349 * @global: Pointer to global data from wpa_supplicant_init()
3350 * Returns: 0 after successful event loop run, -1 on failure
3351 *
3352 * This function starts the main event loop and continues running as long as
3353 * there are any remaining events. In most cases, this function is running as
3354 * long as the %wpa_supplicant process in still in use.
3355 */
3356int wpa_supplicant_run(struct wpa_global *global)
3357{
3358 struct wpa_supplicant *wpa_s;
3359
3360 if (global->params.daemonize &&
3361 wpa_supplicant_daemon(global->params.pid_file))
3362 return -1;
3363
3364 if (global->params.wait_for_monitor) {
3365 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3366 if (wpa_s->ctrl_iface)
3367 wpa_supplicant_ctrl_iface_wait(
3368 wpa_s->ctrl_iface);
3369 }
3370
0456ea16
JM		 3371 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3372 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 3373
3374 eloop_run();
3375
3376 return 0;
3377}
3378
3379
3380/**
3381 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3382 * @global: Pointer to global data from wpa_supplicant_init()
3383 *
3384 * This function is called to deinitialize %wpa_supplicant and to free all
3385 * allocated resources. Remaining network interfaces will also be removed.
3386 */
3387void wpa_supplicant_deinit(struct wpa_global *global)
3388{
ac305589
JM		 3389 int i;
3390
6fc6879b
JM		 3391 if (global == NULL)
3392 return;
3393
9675ce35
JM		 3394#ifdef CONFIG_WIFI_DISPLAY
3395 wifi_display_deinit(global);
3396#endif /* CONFIG_WIFI_DISPLAY */
b22128ef
JM		 3397#ifdef CONFIG_P2P
3398 wpas_p2p_deinit_global(global);
3399#endif /* CONFIG_P2P */
3400
6fc6879b 3401 while (global->ifaces)
df509539 3402 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 3403
3404 if (global->ctrl_iface)
3405 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 3406
3407 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 3408
3409 eap_peer_unregister_methods();
3ec97afe
JM		 3410#ifdef CONFIG_AP
3411 eap_server_unregister_methods();
3412#endif /* CONFIG_AP */
6fc6879b 3413
c5121837 3414 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 3415 if (!global->drv_priv[i])
3416 continue;
c5121837 3417 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 3418 }
3419 os_free(global->drv_priv);
3420
d47fa330
JM		 3421 random_deinit();
3422
6fc6879b
JM		 3423 eloop_destroy();
3424
3425 if (global->params.pid_file) {
3426 os_daemonize_terminate(global->params.pid_file);
3427 os_free(global->params.pid_file);
3428 }
3429 os_free(global->params.ctrl_interface);
d27df100
JM		 3430 os_free(global->params.override_driver);
3431 os_free(global->params.override_ctrl_interface);
6fc6879b 3432
6f3bc72b
JM		 3433 os_free(global->p2p_disallow_freq);
3434
6fc6879b 3435 os_free(global);
daa70d49 3436 wpa_debug_close_syslog();
6fc6879b 3437 wpa_debug_close_file();
4f68895e 3438 wpa_debug_close_linux_tracing();
6fc6879b 3439}
611aea7d
JM		 3440
3441
3442void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3443{
849b5dc7
JM		 3444 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3445 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3446 char country[3];
3447 country[0] = wpa_s->conf->country[0];
3448 country[1] = wpa_s->conf->country[1];
3449 country[2] = '\0';
3450 if (wpa_drv_set_country(wpa_s, country) < 0) {
3451 wpa_printf(MSG_ERROR, "Failed to set country code "
3452 "'%s'", country);
3453 }
3454 }
3455
306ae225
JM		 3456 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3457 wpas_init_ext_pw(wpa_s);
3458
611aea7d
JM		 3459#ifdef CONFIG_WPS
3460 wpas_wps_update_config(wpa_s);
3461#endif /* CONFIG_WPS */
3462
b22128ef
JM		 3463#ifdef CONFIG_P2P
3464 wpas_p2p_update_config(wpa_s);
3465#endif /* CONFIG_P2P */
3466
611aea7d
JM		 3467 wpa_s->conf->changed_parameters = 0;
3468}
2f9c6aa6
JM		 3469
3470
0fb337c1
JM		 3471static void add_freq(int *freqs, int *num_freqs, int freq)
3472{
3473 int i;
3474
3475 for (i = 0; i < *num_freqs; i++) {
3476 if (freqs[i] == freq)
3477 return;
3478 }
3479
3480 freqs[*num_freqs] = freq;
3481 (*num_freqs)++;
3482}
3483
3484
3485static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3486{
3487 struct wpa_bss *bss, *cbss;
3488 const int max_freqs = 10;
3489 int *freqs;
3490 int num_freqs = 0;
3491
3492 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3493 if (freqs == NULL)
3494 return NULL;
3495
3496 cbss = wpa_s->current_bss;
3497
3498 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3499 if (bss == cbss)
3500 continue;
3501 if (bss->ssid_len == cbss->ssid_len &&
3502 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3503 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3504 add_freq(freqs, &num_freqs, bss->freq);
3505 if (num_freqs == max_freqs)
3506 break;
3507 }
3508 }
3509
3510 if (num_freqs == 0) {
3511 os_free(freqs);
3512 freqs = NULL;
3513 }
3514
3515 return freqs;
3516}
3517
3518
3519void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3520{
3521 int timeout;
3522 int count;
3523 int *freqs = NULL;
3524
5fd9fb27
JM		 3525 /*
3526 * Remove possible authentication timeout since the connection failed.
3527 */
3528 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3529
0fb337c1
JM		 3530 /*
3531 * Add the failed BSSID into the blacklist and speed up next scan
3532 * attempt if there could be other APs that could accept association.
3533 * The current blacklist count indicates how many times we have tried
3534 * connecting to this AP and multiple attempts mean that other APs are
3535 * either not available or has already been tried, so that we can start
3536 * increasing the delay here to avoid constant scanning.
3537 */
3538 count = wpa_blacklist_add(wpa_s, bssid);
3539 if (count == 1 && wpa_s->current_bss) {
3540 /*
3541 * This BSS was not in the blacklist before. If there is
3542 * another BSS available for the same ESS, we should try that
3543 * next. Otherwise, we may as well try this one once more
3544 * before allowing other, likely worse, ESSes to be considered.
3545 */
3546 freqs = get_bss_freqs_in_ess(wpa_s);
3547 if (freqs) {
f049052b
BG		 3548 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3549 "has been seen; try it next");
0fb337c1
JM		 3550 wpa_blacklist_add(wpa_s, bssid);
3551 /*
3552 * On the next scan, go through only the known channels
3553 * used in this ESS based on previous scans to speed up
3554 * common load balancing use case.
3555 */
3556 os_free(wpa_s->next_scan_freqs);
3557 wpa_s->next_scan_freqs = freqs;
3558 }
3559 }
3560
f1a52633
JM		 3561 /*
3562 * Add previous failure count in case the temporary blacklist was
3563 * cleared due to no other BSSes being available.
3564 */
3565 count += wpa_s->extra_blacklist_count;
3566
0fb337c1
JM		 3567 switch (count) {
3568 case 1:
3569 timeout = 100;
3570 break;
3571 case 2:
3572 timeout = 500;
3573 break;
3574 case 3:
3575 timeout = 1000;
3576 break;
f1a52633 3577 case 4:
0fb337c1 3578 timeout = 5000;
f1a52633
JM		 3579 break;
3580 default:
3581 timeout = 10000;
3582 break;
0fb337c1
JM		 3583 }
3584
f1a52633
JM		 3585 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
3586 "ms", count, timeout);
3587
0fb337c1
JM		 3588 /*
3589 * TODO: if more than one possible AP is available in scan results,
3590 * could try the other ones before requesting a new scan.
3591 */
3592 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3593 1000 * (timeout % 1000));
99fcd404 3594
f85f545e 3595 wpas_p2p_continue_after_scan(wpa_s);
0fb337c1 3596}
22628eca
JM		 3597
3598
3599int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3600{
3601 return wpa_s->conf->ap_scan == 2 ||
3602 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3603}
d2118814
JM		 3604
3605
3606#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3607int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3608 struct wpa_ssid *ssid,
3609 const char *field,
3610 const char *value)
3611{
3612#ifdef IEEE8021X_EAPOL
3613 struct eap_peer_config *eap = &ssid->eap;
3614
3615 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3616 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3617 (const u8 *) value, os_strlen(value));
3618
3619 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3620 case WPA_CTRL_REQ_EAP_IDENTITY:
3621 os_free(eap->identity);
3622 eap->identity = (u8 *) os_strdup(value);
3623 eap->identity_len = os_strlen(value);
3624 eap->pending_req_identity = 0;
3625 if (ssid == wpa_s->current_ssid)
3626 wpa_s->reassociate = 1;
3627 break;
3628 case WPA_CTRL_REQ_EAP_PASSWORD:
3629 os_free(eap->password);
3630 eap->password = (u8 *) os_strdup(value);
3631 eap->password_len = os_strlen(value);
3632 eap->pending_req_password = 0;
3633 if (ssid == wpa_s->current_ssid)
3634 wpa_s->reassociate = 1;
3635 break;
3636 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3637 os_free(eap->new_password);
3638 eap->new_password = (u8 *) os_strdup(value);
3639 eap->new_password_len = os_strlen(value);
3640 eap->pending_req_new_password = 0;
3641 if (ssid == wpa_s->current_ssid)
3642 wpa_s->reassociate = 1;
3643 break;
3644 case WPA_CTRL_REQ_EAP_PIN:
3645 os_free(eap->pin);
3646 eap->pin = os_strdup(value);
3647 eap->pending_req_pin = 0;
3648 if (ssid == wpa_s->current_ssid)
3649 wpa_s->reassociate = 1;
3650 break;
3651 case WPA_CTRL_REQ_EAP_OTP:
3652 os_free(eap->otp);
3653 eap->otp = (u8 *) os_strdup(value);
3654 eap->otp_len = os_strlen(value);
3655 os_free(eap->pending_req_otp);
3656 eap->pending_req_otp = NULL;
3657 eap->pending_req_otp_len = 0;
3658 break;
3659 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3660 os_free(eap->private_key_passwd);
3661 eap->private_key_passwd = (u8 *) os_strdup(value);
3662 eap->pending_req_passphrase = 0;
3663 if (ssid == wpa_s->current_ssid)
3664 wpa_s->reassociate = 1;
3665 break;
3666 default:
3667 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3668 return -1;
3669 }
3670
3671 return 0;
3672#else /* IEEE8021X_EAPOL */
3673 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3674 return -1;
3675#endif /* IEEE8021X_EAPOL */
3676}
3677#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 3678
3679
3680int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3681{
3682 int i;
3683 unsigned int drv_enc;
3684
3685 if (ssid == NULL)
3686 return 1;
3687
3688 if (ssid->disabled)
3689 return 1;
3690
3691 if (wpa_s && wpa_s->drv_capa_known)
3692 drv_enc = wpa_s->drv_enc;
3693 else
3694 drv_enc = (unsigned int) -1;
3695
3696 for (i = 0; i < NUM_WEP_KEYS; i++) {
3697 size_t len = ssid->wep_key_len[i];
3698 if (len == 0)
3699 continue;
3700 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3701 continue;
3702 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3703 continue;
3704 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3705 continue;
3706 return 1; /* invalid WEP key */
3707 }
3708
9173b16f
JM		 3709 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3710 !ssid->ext_psk)
2518aad3
JM		 3711 return 1;
3712
349493bd
JM		 3713 return 0;
3714}
b9cfc09a
JJ		 3715
3716
3717int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3718{
3719 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3720 return 1;
3721 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3722 return 0;
3723 return -1;
3724}
00e5e3d5
JM		 3725
3726
3727void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3728{
3729 struct wpa_ssid *ssid = wpa_s->current_ssid;
3730 int dur;
3731 struct os_time now;
3732
3733 if (ssid == NULL) {
3734 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3735 "SSID block");
3736 return;
3737 }
3738
3739 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3740 return;
3741
3742 ssid->auth_failures++;
3743 if (ssid->auth_failures > 50)
3744 dur = 300;
3745 else if (ssid->auth_failures > 20)
3746 dur = 120;
3747 else if (ssid->auth_failures > 10)
3748 dur = 60;
3749 else if (ssid->auth_failures > 5)
3750 dur = 30;
3751 else if (ssid->auth_failures > 1)
3752 dur = 20;
3753 else
3754 dur = 10;
3755
3756 os_get_time(&now);
3757 if (now.sec + dur <= ssid->disabled_until.sec)
3758 return;
3759
3760 ssid->disabled_until.sec = now.sec + dur;
3761
3762 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3763 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3764 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3765 ssid->auth_failures, dur);
3766}
3767
3768
3769void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3770 struct wpa_ssid *ssid, int clear_failures)
3771{
3772 if (ssid == NULL)
3773 return;
3774
3775 if (ssid->disabled_until.sec) {
3776 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3777 "id=%d ssid=\"%s\"",
3778 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3779 }
3780 ssid->disabled_until.sec = 0;
3781 ssid->disabled_until.usec = 0;
3782 if (clear_failures)
3783 ssid->auth_failures = 0;
3784}
6407f413
JM		 3785
3786
3787int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
3788{
3789 size_t i;
3790
3791 if (wpa_s->disallow_aps_bssid == NULL)
3792 return 0;
3793
3794 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
3795 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
3796 bssid, ETH_ALEN) == 0)
3797 return 1;
3798 }
3799
3800 return 0;
3801}
3802
3803
3804int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
3805 size_t ssid_len)
3806{
3807 size_t i;
3808
3809 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
3810 return 0;
3811
3812 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
3813 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
3814 if (ssid_len == s->ssid_len &&
3815 os_memcmp(ssid, s->ssid, ssid_len) == 0)
3816 return 1;
3817 }
3818
3819 return 0;
3820}
9796a86c
JM		 3821
3822
3823/**
3824 * wpas_request_connection - Request a new connection
3825 * @wpa_s: Pointer to the network interface
3826 *
3827 * This function is used to request a new connection to be found. It will mark
3828 * the interface to allow reassociation and request a new scan to find a
3829 * suitable network to connect to.
3830 */
3831void wpas_request_connection(struct wpa_supplicant *wpa_s)
3832{
3833 wpa_s->normal_scans = 0;
3834 wpa_supplicant_reinit_autoscan(wpa_s);
3835 wpa_s->extra_blacklist_count = 0;
3836 wpa_s->disconnected = 0;
3837 wpa_s->reassociate = 1;
5e24beae
MH		 3838
3839 if (wpa_supplicant_fast_associate(wpa_s) != 1)
3840 wpa_supplicant_req_scan(wpa_s, 0, 0);
9796a86c 3841}
Unnamed repository; edit this file 'description' to name the repository.