]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Maintain BSS entries for 5 seconds after interface is disabled
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
cc58a357 3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
cfde99a8 39#include "common/ieee802_11_common.h"
90973fb2 40#include "common/ieee802_11_defs.h"
6b8b0774 41#include "common/hw_features_common.h"
461d39af 42#include "common/gas_server.h"
10ec6a5f 43#include "common/dpp.h"
72044390 44#include "p2p/p2p.h"
b36a3a65 45#include "fst/fst.h"
6fc6879b
JM		 46#include "blacklist.h"
47#include "wpas_glue.h"
116654ce 48#include "wps_supplicant.h"
11ef8d35 49#include "ibss_rsn.h"
c2a04078 50#include "sme.h"
04ea7b79 51#include "gas_query.h"
1f1b62a0 52#include "ap.h"
b22128ef 53#include "p2p_supplicant.h"
9675ce35 54#include "wifi_display.h"
8bac466b 55#include "notify.h"
60b94c98 56#include "bgscan.h"
7c865c68 57#include "autoscan.h"
83922c2d 58#include "bss.h"
9ba9fa07 59#include "scan.h"
24f6497c 60#include "offchannel.h"
cb418324 61#include "hs20_supplicant.h"
e27d20bb 62#include "wnm_sta.h"
dd10abcc 63#include "wpas_kay.h"
603a3f34 64#include "mesh.h"
be27e185 65#include "dpp_supplicant.h"
a39b040b
SB		 66#ifdef CONFIG_MESH
67#include "ap/ap_config.h"
68#include "ap/hostapd.h"
69#endif /* CONFIG_MESH */
6fc6879b 70
8b423edb 71const char *const wpa_supplicant_version =
6fc6879b 72"wpa_supplicant v" VERSION_STR "\n"
cc58a357 73"Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 74
8b423edb 75const char *const wpa_supplicant_license =
331f89ff
JM		 76"This software may be distributed under the terms of the BSD license.\n"
77"See README for more details.\n"
6fc6879b
JM		 78#ifdef EAP_TLS_OPENSSL
79"\nThis product includes software developed by the OpenSSL Project\n"
80"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81#endif /* EAP_TLS_OPENSSL */
82;
83
84#ifndef CONFIG_NO_STDOUT_DEBUG
85/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 86const char *const wpa_supplicant_full_license1 =
331f89ff 87"";
8b423edb 88const char *const wpa_supplicant_full_license2 =
331f89ff 89"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 90"\n"
91"Redistribution and use in source and binary forms, with or without\n"
92"modification, are permitted provided that the following conditions are\n"
93"met:\n"
94"\n";
8b423edb 95const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 96"1. Redistributions of source code must retain the above copyright\n"
97" notice, this list of conditions and the following disclaimer.\n"
98"\n"
99"2. Redistributions in binary form must reproduce the above copyright\n"
100" notice, this list of conditions and the following disclaimer in the\n"
101" documentation and/or other materials provided with the distribution.\n"
102"\n";
8b423edb 103const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 104"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105" names of its contributors may be used to endorse or promote products\n"
106" derived from this software without specific prior written permission.\n"
107"\n"
108"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 112const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 113"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
120"\n";
121#endif /* CONFIG_NO_STDOUT_DEBUG */
122
b04854ce
AP		 123
124static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 125#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
127#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 128#ifdef CONFIG_OWE
129static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
130#endif /* CONFIG_OWE */
b04854ce
AP		 131
132
6fc6879b 133/* Configure default/group WEP keys for static WEP */
0194fedb 134int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 135{
136 int i, set = 0;
137
138 for (i = 0; i < NUM_WEP_KEYS; i++) {
139 if (ssid->wep_key_len[i] == 0)
140 continue;
141
142 set = 1;
0382097e 143 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 144 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 145 ssid->wep_key[i], ssid->wep_key_len[i]);
146 }
147
148 return set;
149}
150
151
6ea1f413
JM		 152int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
153 struct wpa_ssid *ssid)
6fc6879b
JM		 154{
155 u8 key[32];
156 size_t keylen;
71934751 157 enum wpa_alg alg;
6fc6879b 158 u8 seq[6] = { 0 };
658da804 159 int ret;
6fc6879b
JM		 160
161 /* IBSS/WPA-None uses only one key (Group) for both receiving and
162 * sending unicast and multicast packets. */
163
d7dcba70 164 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 165 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
166 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 167 return -1;
168 }
169
170 if (!ssid->psk_set) {
f049052b
BG		 171 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
172 "WPA-None");
6fc6879b
JM		 173 return -1;
174 }
175
176 switch (wpa_s->group_cipher) {
177 case WPA_CIPHER_CCMP:
178 os_memcpy(key, ssid->psk, 16);
179 keylen = 16;
180 alg = WPA_ALG_CCMP;
181 break;
eb7719ff
JM		 182 case WPA_CIPHER_GCMP:
183 os_memcpy(key, ssid->psk, 16);
184 keylen = 16;
185 alg = WPA_ALG_GCMP;
186 break;
6fc6879b
JM		 187 case WPA_CIPHER_TKIP:
188 /* WPA-None uses the same Michael MIC key for both TX and RX */
189 os_memcpy(key, ssid->psk, 16 + 8);
190 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
191 keylen = 32;
192 alg = WPA_ALG_TKIP;
193 break;
194 default:
f049052b
BG		 195 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
196 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 197 return -1;
198 }
199
200 /* TODO: should actually remember the previously used seq#, both for TX
201 * and RX from each STA.. */
202
658da804
JM		 203 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
204 os_memset(key, 0, sizeof(key));
205 return ret;
6fc6879b
JM		 206}
207
208
209static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
210{
211 struct wpa_supplicant *wpa_s = eloop_ctx;
212 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 213 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
214 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
215 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 216 bssid = wpa_s->pending_bssid;
217 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
218 MAC2STR(bssid));
219 wpa_blacklist_add(wpa_s, bssid);
220 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 221 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 222 wpa_s->reassociate = 1;
48b84f18
BG		 223
224 /*
225 * If we timed out, the AP or the local radio may be busy.
226 * So, wait a second until scanning again.
227 */
228 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 229}
230
231
232/**
233 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
234 * @wpa_s: Pointer to wpa_supplicant data
235 * @sec: Number of seconds after which to time out authentication
236 * @usec: Number of microseconds after which to time out authentication
237 *
238 * This function is used to schedule a timeout for the current authentication
239 * attempt.
240 */
241void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
242 int sec, int usec)
243{
a2a535f8 244 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 245 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 246 return;
247
f049052b 248 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 249 "%d usec", sec, usec);
250 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 251 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 252 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
253}
254
255
37547ad6
DL		 256/*
257 * wpas_auth_timeout_restart - Restart and change timeout for authentication
258 * @wpa_s: Pointer to wpa_supplicant data
259 * @sec_diff: difference in seconds applied to original timeout value
260 */
261void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
262{
263 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
264
265 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
266 wpa_dbg(wpa_s, MSG_DEBUG,
267 "Authentication timeout restart: %d sec", new_sec);
268 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
269 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
270 wpa_s, NULL);
271 }
272}
273
274
6fc6879b
JM		 275/**
276 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
277 * @wpa_s: Pointer to wpa_supplicant data
278 *
279 * This function is used to cancel authentication timeout scheduled with
280 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
281 * been completed.
282 */
283void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
284{
f049052b 285 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 286 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
287 wpa_blacklist_del(wpa_s, wpa_s->bssid);
af835d75
AB		 288 os_free(wpa_s->last_con_fail_realm);
289 wpa_s->last_con_fail_realm = NULL;
290 wpa_s->last_con_fail_realm_len = 0;
6fc6879b
JM		 291}
292
293
294/**
295 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
296 * @wpa_s: Pointer to wpa_supplicant data
297 *
298 * This function is used to configure EAPOL state machine based on the selected
299 * authentication mode.
300 */
301void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
302{
303#ifdef IEEE8021X_EAPOL
304 struct eapol_config eapol_conf;
305 struct wpa_ssid *ssid = wpa_s->current_ssid;
306
53895c3b 307#ifdef CONFIG_IBSS_RSN
d7dcba70 308 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 309 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
311 /*
312 * RSN IBSS authentication is per-STA and we can disable the
313 * per-BSSID EAPOL authentication.
314 */
315 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
316 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
317 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
318 return;
319 }
320#endif /* CONFIG_IBSS_RSN */
321
0a40ec6a
JM		 322 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
323 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
324
6fc6879b
JM		 325 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
326 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
327 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
328 else
329 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
330
331 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
332 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
333 eapol_conf.accept_802_1x_keys = 1;
334 eapol_conf.required_keys = 0;
335 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
336 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
337 }
338 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
339 eapol_conf.required_keys |=
340 EAPOL_REQUIRE_KEY_BROADCAST;
341 }
342
a2a535f8 343 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 344 eapol_conf.required_keys = 0;
6fc6879b 345 }
a2a535f8 346 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 347 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 348 eapol_conf.eap_disabled =
349 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 350 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
351 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 352 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 353
354#ifdef CONFIG_WPS
355 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
356 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
357 if (wpa_s->current_bss) {
358 struct wpabuf *ie;
359 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
360 WPS_IE_VENDOR_TYPE);
361 if (ie) {
362 if (wps_is_20(ie))
363 eapol_conf.wps |=
364 EAPOL_PEER_IS_WPS20_AP;
365 wpabuf_free(ie);
366 }
367 }
368 }
369#endif /* CONFIG_WPS */
370
6fc6879b 371 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 372
ad51731a
SD		 373#ifdef CONFIG_MACSEC
374 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
375 ieee802_1x_create_preshared_mka(wpa_s, ssid);
376 else
377 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
378#endif /* CONFIG_MACSEC */
cd3153a9 379#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 380}
381
382
383/**
384 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
385 * @wpa_s: Pointer to wpa_supplicant data
386 * @ssid: Configuration data for the network
387 *
388 * This function is used to configure WPA state machine and related parameters
389 * to a mode where WPA is not enabled. This is called as part of the
390 * authentication configuration when the selected network does not use WPA.
391 */
392void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
393 struct wpa_ssid *ssid)
394{
395 int i;
396
ad08c363
JM		 397 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
398 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
399 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 400 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
401 else
402 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
403 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
404 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
146889e3 405 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
6fc6879b 406 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 407 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
408 wpa_s->rsnxe_len = 0;
6fc6879b
JM		 409 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
410 wpa_s->group_cipher = WPA_CIPHER_NONE;
411 wpa_s->mgmt_group_cipher = 0;
412
413 for (i = 0; i < NUM_WEP_KEYS; i++) {
414 if (ssid->wep_key_len[i] > 5) {
415 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
416 wpa_s->group_cipher = WPA_CIPHER_WEP104;
417 break;
418 } else if (ssid->wep_key_len[i] > 0) {
419 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
420 wpa_s->group_cipher = WPA_CIPHER_WEP40;
421 break;
422 }
423 }
424
425 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
426 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
427 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
428 wpa_s->pairwise_cipher);
429 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
6fc6879b
JM		 430 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
431 wpa_s->mgmt_group_cipher);
6fc6879b
JM		 432
433 pmksa_cache_clear_current(wpa_s->wpa);
434}
435
436
6979582c 437void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 438{
439 int i;
440 if (wpa_s->hw.modes == NULL)
441 return;
442
443 for (i = 0; i < wpa_s->hw.num_modes; i++) {
444 os_free(wpa_s->hw.modes[i].channels);
445 os_free(wpa_s->hw.modes[i].rates);
446 }
447
448 os_free(wpa_s->hw.modes);
449 wpa_s->hw.modes = NULL;
450}
451
452
19677b77 453void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
dd599908
AS		 454{
455 struct wpa_bss_tmp_disallowed *bss, *prev;
456
457 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
458 struct wpa_bss_tmp_disallowed, list) {
b04854ce 459 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 460 dl_list_del(&bss->list);
461 os_free(bss);
462 }
463}
464
465
5732b770
JM		 466void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
467{
468 struct fils_hlp_req *req;
469
470 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
471 list)) != NULL) {
472 dl_list_del(&req->list);
473 wpabuf_free(req->pkt);
474 os_free(req);
475 }
476}
477
478
ad2f0966
JM		 479void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
480{
481 struct wpa_supplicant *wpa_s = eloop_ctx;
482
483 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
484 return;
485 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
486 wpa_bss_flush(wpa_s);
487}
488
489
6fc6879b
JM		 490static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
491{
86bd36f0
JM		 492 int i;
493
60b94c98 494 bgscan_deinit(wpa_s);
7c865c68 495 autoscan_deinit(wpa_s);
6fc6879b
JM		 496 scard_deinit(wpa_s->scard);
497 wpa_s->scard = NULL;
498 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
499 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
500 l2_packet_deinit(wpa_s->l2);
501 wpa_s->l2 = NULL;
502 if (wpa_s->l2_br) {
503 l2_packet_deinit(wpa_s->l2_br);
504 wpa_s->l2_br = NULL;
505 }
4a6cc862
JM		 506#ifdef CONFIG_TESTING_OPTIONS
507 l2_packet_deinit(wpa_s->l2_test);
508 wpa_s->l2_test = NULL;
c06fca04
JM		 509 os_free(wpa_s->get_pref_freq_list_override);
510 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 511 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
512 wpa_s->last_assoc_req_wpa_ie = NULL;
b834e970
JM		 513 os_free(wpa_s->extra_sae_rejected_groups);
514 wpa_s->extra_sae_rejected_groups = NULL;
13256553
JM		 515 wpabuf_free(wpa_s->rsnxe_override_assoc);
516 wpa_s->rsnxe_override_assoc = NULL;
517 wpabuf_free(wpa_s->rsnxe_override_eapol);
518 wpa_s->rsnxe_override_eapol = NULL;
4a6cc862 519#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 520
6fc6879b 521 if (wpa_s->conf != NULL) {
8e56d189
JM		 522 struct wpa_ssid *ssid;
523 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
524 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 525 }
526
527 os_free(wpa_s->confname);
528 wpa_s->confname = NULL;
529
e6304cad
DS		 530 os_free(wpa_s->confanother);
531 wpa_s->confanother = NULL;
532
af835d75
AB		 533 os_free(wpa_s->last_con_fail_realm);
534 wpa_s->last_con_fail_realm = NULL;
535 wpa_s->last_con_fail_realm_len = 0;
536
6fc6879b
JM		 537 wpa_sm_set_eapol(wpa_s->wpa, NULL);
538 eapol_sm_deinit(wpa_s->eapol);
539 wpa_s->eapol = NULL;
540
541 rsn_preauth_deinit(wpa_s->wpa);
542
281ff0aa
GP		 543#ifdef CONFIG_TDLS
544 wpa_tdls_deinit(wpa_s->wpa);
545#endif /* CONFIG_TDLS */
546
8c42b369 547 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 548 pmksa_candidate_free(wpa_s->wpa);
549 wpa_sm_deinit(wpa_s->wpa);
550 wpa_s->wpa = NULL;
551 wpa_blacklist_clear(wpa_s);
552
83922c2d 553 wpa_bss_deinit(wpa_s);
6fc6879b 554
831770bf 555 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 556 wpa_supplicant_cancel_scan(wpa_s);
557 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 558 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
559#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
560 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
561 wpa_s, NULL);
562#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 563
9bd566a3 564 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
ad2f0966 565 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
9bd566a3 566
116654ce 567 wpas_wps_deinit(wpa_s);
11ef8d35 568
1ff73338
JM		 569 wpabuf_free(wpa_s->pending_eapol_rx);
570 wpa_s->pending_eapol_rx = NULL;
571
11ef8d35
JM		 572#ifdef CONFIG_IBSS_RSN
573 ibss_rsn_deinit(wpa_s->ibss_rsn);
574 wpa_s->ibss_rsn = NULL;
575#endif /* CONFIG_IBSS_RSN */
c2a04078 576
e29853bb 577 sme_deinit(wpa_s);
2d5b792d
JM		 578
579#ifdef CONFIG_AP
580 wpa_supplicant_ap_deinit(wpa_s);
581#endif /* CONFIG_AP */
b22128ef 582
b22128ef 583 wpas_p2p_deinit(wpa_s);
f47d639d 584
24f6497c
JM		 585#ifdef CONFIG_OFFCHANNEL
586 offchannel_deinit(wpa_s);
587#endif /* CONFIG_OFFCHANNEL */
588
a4cba8f1
LC		 589 wpa_supplicant_cancel_sched_scan(wpa_s);
590
f47d639d
JM		 591 os_free(wpa_s->next_scan_freqs);
592 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 593
594 os_free(wpa_s->manual_scan_freqs);
595 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 596 os_free(wpa_s->select_network_scan_freqs);
597 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 598
d3c9c35f
DS		 599 os_free(wpa_s->manual_sched_scan_freqs);
600 wpa_s->manual_sched_scan_freqs = NULL;
601
56c76fa5
IP		 602 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
603
57e832de
IP		 604 /*
605 * Need to remove any pending gas-query radio work before the
606 * gas_query_deinit() call because gas_query::work has not yet been set
607 * for works that have not been started. gas_query_free() will be unable
608 * to cancel such pending radio works and once the pending gas-query
609 * radio work eventually gets removed, the deinit notification call to
610 * gas_query_start_cb() would result in dereferencing freed memory.
611 */
612 if (wpa_s->radio)
613 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 614 gas_query_deinit(wpa_s->gas);
615 wpa_s->gas = NULL;
461d39af
JM		 616 gas_server_deinit(wpa_s->gas_server);
617 wpa_s->gas_server = NULL;
6bf731e8
CL		 618
619 free_hw_features(wpa_s);
d445a5cd 620
dd10abcc
HW		 621 ieee802_1x_dealloc_kay_sm(wpa_s);
622
d445a5cd
JM		 623 os_free(wpa_s->bssid_filter);
624 wpa_s->bssid_filter = NULL;
b6668734 625
6407f413
JM		 626 os_free(wpa_s->disallow_aps_bssid);
627 wpa_s->disallow_aps_bssid = NULL;
628 os_free(wpa_s->disallow_aps_ssid);
629 wpa_s->disallow_aps_ssid = NULL;
630
b6668734 631 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 632#ifdef CONFIG_WNM
633 wnm_deallocate_memory(wpa_s);
634#endif /* CONFIG_WNM */
306ae225
JM		 635
636 ext_password_deinit(wpa_s->ext_pw);
637 wpa_s->ext_pw = NULL;
b1f12296
JM		 638
639 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 640 wpa_s->last_gas_resp = NULL;
641 wpabuf_free(wpa_s->prev_gas_resp);
642 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 643
644 os_free(wpa_s->last_scan_res);
645 wpa_s->last_scan_res = NULL;
b572df86
JM		 646
647#ifdef CONFIG_HS20
ece4ac5f
MG		 648 if (wpa_s->drv_priv)
649 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 650 hs20_deinit(wpa_s);
b572df86 651#endif /* CONFIG_HS20 */
86bd36f0
JM		 652
653 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
654 wpabuf_free(wpa_s->vendor_elem[i]);
655 wpa_s->vendor_elem[i] = NULL;
656 }
3882a708
JM		 657
658 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 659
660 wpa_s->sched_scan_plans_num = 0;
661 os_free(wpa_s->sched_scan_plans);
662 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 663
664#ifdef CONFIG_MBO
665 wpa_s->non_pref_chan_num = 0;
666 os_free(wpa_s->non_pref_chan);
667 wpa_s->non_pref_chan = NULL;
668#endif /* CONFIG_MBO */
dd599908
AS		 669
670 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 671
672 wpabuf_free(wpa_s->lci);
673 wpa_s->lci = NULL;
76196ddb 674 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 675
676#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
677#ifdef CONFIG_MESH
678 {
679 struct external_pmksa_cache *entry;
680
681 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
682 struct external_pmksa_cache,
683 list)) != NULL) {
684 dl_list_del(&entry->list);
685 os_free(entry->pmksa_cache);
686 os_free(entry);
687 }
688 }
689#endif /* CONFIG_MESH */
690#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 691
692 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 693
694 wpabuf_free(wpa_s->ric_ies);
695 wpa_s->ric_ies = NULL;
be27e185
JM		 696
697#ifdef CONFIG_DPP
698 wpas_dpp_deinit(wpa_s);
87d8435c
JM		 699 dpp_global_deinit(wpa_s->dpp);
700 wpa_s->dpp = NULL;
be27e185 701#endif /* CONFIG_DPP */
6fc6879b
JM		 702}
703
704
705/**
706 * wpa_clear_keys - Clear keys configured for the driver
707 * @wpa_s: Pointer to wpa_supplicant data
708 * @addr: Previously used BSSID or %NULL if not available
709 *
710 * This function clears the encryption keys that has been previously configured
711 * for the driver.
712 */
713void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
714{
7d2ed8ba 715 int i, max = 6;
2f30cac3
JM		 716
717 /* MLME-DELETEKEYS.request */
718 for (i = 0; i < max; i++) {
719 if (wpa_s->keys_cleared & BIT(i))
720 continue;
721 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
722 NULL, 0);
723 }
724 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
725 !is_zero_ether_addr(addr)) {
6fc6879b
JM		 726 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
727 0);
728 /* MLME-SETPROTECTION.request(None) */
729 wpa_drv_mlme_setprotection(
730 wpa_s, addr,
731 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
732 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
733 }
2f30cac3 734 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 735}
736
737
738/**
739 * wpa_supplicant_state_txt - Get the connection state name as a text string
740 * @state: State (wpa_state; WPA_*)
741 * Returns: The state name as a printable text string
742 */
71934751 743const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 744{
745 switch (state) {
746 case WPA_DISCONNECTED:
747 return "DISCONNECTED";
748 case WPA_INACTIVE:
749 return "INACTIVE";
8401a6b0
JM		 750 case WPA_INTERFACE_DISABLED:
751 return "INTERFACE_DISABLED";
6fc6879b
JM		 752 case WPA_SCANNING:
753 return "SCANNING";
c2a04078
JM		 754 case WPA_AUTHENTICATING:
755 return "AUTHENTICATING";
6fc6879b
JM		 756 case WPA_ASSOCIATING:
757 return "ASSOCIATING";
758 case WPA_ASSOCIATED:
759 return "ASSOCIATED";
760 case WPA_4WAY_HANDSHAKE:
761 return "4WAY_HANDSHAKE";
762 case WPA_GROUP_HANDSHAKE:
763 return "GROUP_HANDSHAKE";
764 case WPA_COMPLETED:
765 return "COMPLETED";
766 default:
767 return "UNKNOWN";
768 }
769}
770
771
cfe53c9a
PS		 772#ifdef CONFIG_BGSCAN
773
774static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
775{
31392709
HD		 776 const char *name;
777
778 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
779 name = wpa_s->current_ssid->bgscan;
780 else
781 name = wpa_s->conf->bgscan;
268043d5 782 if (name == NULL || name[0] == '\0')
31392709 783 return;
0096c427
JM		 784 if (wpas_driver_bss_selection(wpa_s))
785 return;
cfe53c9a
PS		 786 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
787 return;
aa109830
DS		 788#ifdef CONFIG_P2P
789 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
790 return;
791#endif /* CONFIG_P2P */
cfe53c9a
PS		 792
793 bgscan_deinit(wpa_s);
31392709
HD		 794 if (wpa_s->current_ssid) {
795 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 796 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
797 "bgscan");
798 /*
799 * Live without bgscan; it is only used as a roaming
800 * optimization, so the initial connection is not
801 * affected.
802 */
6409b7a7
YD		 803 } else {
804 struct wpa_scan_results *scan_res;
cfe53c9a 805 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 806 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
807 0);
808 if (scan_res) {
809 bgscan_notify_scan(wpa_s, scan_res);
810 wpa_scan_results_free(scan_res);
811 }
812 }
cfe53c9a
PS		 813 } else
814 wpa_s->bgscan_ssid = NULL;
815}
816
817
818static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
819{
820 if (wpa_s->bgscan_ssid != NULL) {
821 bgscan_deinit(wpa_s);
822 wpa_s->bgscan_ssid = NULL;
823 }
824}
825
826#endif /* CONFIG_BGSCAN */
827
828
7c865c68
TB		 829static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
830{
99218999 831 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 832 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
833}
834
835
836static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
837{
838 autoscan_deinit(wpa_s);
839}
840
841
c3d12238
JM		 842void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
843{
844 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
845 wpa_s->wpa_state == WPA_SCANNING) {
846 autoscan_deinit(wpa_s);
847 wpa_supplicant_start_autoscan(wpa_s);
848 }
849}
850
851
6fc6879b
JM		 852/**
853 * wpa_supplicant_set_state - Set current connection state
854 * @wpa_s: Pointer to wpa_supplicant data
855 * @state: The new connection state
856 *
857 * This function is called whenever the connection state changes, e.g.,
858 * association is completed for WPA/WPA2 4-Way Handshake is started.
859 */
71934751
JM		 860void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
861 enum wpa_states state)
6fc6879b 862{
27f43d8d 863 enum wpa_states old_state = wpa_s->wpa_state;
a8bfc6ff
AB		 864#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
865 Boolean update_fils_connect_params = FALSE;
866#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
27f43d8d 867
f049052b
BG		 868 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
869 wpa_supplicant_state_txt(wpa_s->wpa_state),
870 wpa_supplicant_state_txt(state));
6fc6879b 871
2bbad1c7
MW		 872 if (state == WPA_COMPLETED &&
873 os_reltime_initialized(&wpa_s->roam_start)) {
874 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
875 wpa_s->roam_start.sec = 0;
876 wpa_s->roam_start.usec = 0;
877 wpas_notify_auth_changed(wpa_s);
878 wpas_notify_roam_time(wpa_s);
879 wpas_notify_roam_complete(wpa_s);
880 } else if (state == WPA_DISCONNECTED &&
881 os_reltime_initialized(&wpa_s->roam_start)) {
882 wpa_s->roam_start.sec = 0;
883 wpa_s->roam_start.usec = 0;
884 wpa_s->roam_time.sec = 0;
885 wpa_s->roam_time.usec = 0;
886 wpas_notify_roam_complete(wpa_s);
887 }
888
5ddd07cb
AS		 889 if (state == WPA_INTERFACE_DISABLED) {
890 /* Assure normal scan when interface is restored */
891 wpa_s->normal_scans = 0;
892 }
893
0cf24fda 894 if (state == WPA_COMPLETED) {
6ac4b15e 895 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 896 /* Reinitialize normal_scan counter */
897 wpa_s->normal_scans = 0;
898 }
6ac4b15e 899
07c1e987
MS		 900#ifdef CONFIG_P2P
901 /*
902 * P2PS client has to reply to Probe Request frames received on the
903 * group operating channel. Enable Probe Request frame reporting for
904 * P2P connected client in case p2p_cli_probe configuration property is
905 * set to 1.
906 */
907 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
908 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
909 wpa_s->current_ssid->p2p_group) {
910 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
911 wpa_dbg(wpa_s, MSG_DEBUG,
912 "P2P: Enable CLI Probe Request RX reporting");
913 wpa_s->p2p_cli_probe =
914 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
915 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
916 wpa_dbg(wpa_s, MSG_DEBUG,
917 "P2P: Disable CLI Probe Request RX reporting");
918 wpa_s->p2p_cli_probe = 0;
919 wpa_drv_probe_req_report(wpa_s, 0);
920 }
921 }
922#endif /* CONFIG_P2P */
923
cb8564b1
DW		 924 if (state != WPA_SCANNING)
925 wpa_supplicant_notify_scanning(wpa_s, 0);
926
6fc6879b 927 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 928 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 929 int fils_hlp_sent = 0;
930
931#ifdef CONFIG_SME
932 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
933 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
934 fils_hlp_sent = 1;
935#endif /* CONFIG_SME */
936 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
937 wpa_auth_alg_fils(wpa_s->auth_alg))
938 fils_hlp_sent = 1;
939
7d37a357 940#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 941 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 942 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 943 MAC2STR(wpa_s->bssid),
6fc6879b 944 ssid ? ssid->id : -1,
da6a28ba
VK		 945 ssid && ssid->id_str ? ssid->id_str : "",
946 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 947#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 948 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 949 wpa_blacklist_clear(wpa_s);
f1a52633 950 wpa_s->extra_blacklist_count = 0;
6fc6879b 951 wpa_s->new_connection = 0;
6fc6879b 952 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 953#ifndef IEEE8021X_EAPOL
954 wpa_drv_set_supp_port(wpa_s, 1);
955#endif /* IEEE8021X_EAPOL */
17a4734d 956 wpa_s->after_wps = 0;
4d9fb08d 957 wpa_s->known_wps_freq = 0;
b22128ef 958 wpas_p2p_completed(wpa_s);
c3701c66
RM		 959
960 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 961
962#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
963 if (!fils_hlp_sent && ssid && ssid->eap.erp)
a8bfc6ff 964 update_fils_connect_params = TRUE;
6338c99e 965#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 966#ifdef CONFIG_OWE
967 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
968 wpas_update_owe_connect_params(wpa_s);
969#endif /* CONFIG_OWE */
6fc6879b
JM		 970 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
971 state == WPA_ASSOCIATED) {
972 wpa_s->new_connection = 1;
973 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 974#ifndef IEEE8021X_EAPOL
975 wpa_drv_set_supp_port(wpa_s, 0);
976#endif /* IEEE8021X_EAPOL */
c3701c66 977 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 978 }
979 wpa_s->wpa_state = state;
27f43d8d 980
cfe53c9a
PS		 981#ifdef CONFIG_BGSCAN
982 if (state == WPA_COMPLETED)
983 wpa_supplicant_start_bgscan(wpa_s);
37271232 984 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 985 wpa_supplicant_stop_bgscan(wpa_s);
986#endif /* CONFIG_BGSCAN */
987
bce3d4f7 988 if (state > WPA_SCANNING)
7c865c68
TB		 989 wpa_supplicant_stop_autoscan(wpa_s);
990
991 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
992 wpa_supplicant_start_autoscan(wpa_s);
993
fecc2bb5
EP		 994 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
995 wmm_ac_notify_disassoc(wpa_s);
996
5bbf9f10 997 if (wpa_s->wpa_state != old_state) {
27f43d8d 998 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 999
e3bd6e9d
IP		 1000 /*
1001 * Notify the P2P Device interface about a state change in one
1002 * of the interfaces.
1003 */
1004 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 1005
5bbf9f10
PS		 1006 if (wpa_s->wpa_state == WPA_COMPLETED ||
1007 old_state == WPA_COMPLETED)
1008 wpas_notify_auth_changed(wpa_s);
16ef233b
JM		 1009#ifdef CONFIG_DPP2
1010 if (wpa_s->wpa_state == WPA_COMPLETED)
1011 wpas_dpp_connected(wpa_s);
1012#endif /* CONFIG_DPP2 */
5bbf9f10 1013 }
a8bfc6ff
AB		 1014#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1015 if (update_fils_connect_params)
1016 wpas_update_fils_connect_params(wpa_s);
1017#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
6fc6879b
JM		 1018}
1019
1020
1a1bf008
JM		 1021void wpa_supplicant_terminate_proc(struct wpa_global *global)
1022{
1023 int pending = 0;
1024#ifdef CONFIG_WPS
1025 struct wpa_supplicant *wpa_s = global->ifaces;
1026 while (wpa_s) {
ab41595f 1027 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 1028 if (wpas_wps_terminate_pending(wpa_s) == 1)
1029 pending = 1;
20625e97
JM		 1030#ifdef CONFIG_P2P
1031 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1032 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1033 wpas_p2p_disconnect(wpa_s);
1034#endif /* CONFIG_P2P */
ab41595f 1035 wpa_s = next;
1a1bf008
JM		 1036 }
1037#endif /* CONFIG_WPS */
1038 if (pending)
1039 return;
1040 eloop_terminate();
1041}
1042
1043
0456ea16 1044static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 1045{
0456ea16 1046 struct wpa_global *global = signal_ctx;
1a1bf008 1047 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1048}
1049
1050
b22128ef 1051void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 1052{
71934751 1053 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 1054
6fc6879b
JM		 1055 wpa_s->pairwise_cipher = 0;
1056 wpa_s->group_cipher = 0;
1057 wpa_s->mgmt_group_cipher = 0;
1058 wpa_s->key_mgmt = 0;
8401a6b0 1059 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1060 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1061
1062 if (wpa_s->wpa_state != old_state)
1063 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1064}
1065
1066
1067/**
1068 * wpa_supplicant_reload_configuration - Reload configuration data
1069 * @wpa_s: Pointer to wpa_supplicant data
1070 * Returns: 0 on success or -1 if configuration parsing failed
1071 *
1072 * This function can be used to request that the configuration data is reloaded
1073 * (e.g., after configuration file change). This function is reloading
1074 * configuration only for one interface, so this may need to be called multiple
1075 * times if %wpa_supplicant is controlling multiple interfaces and all
1076 * interfaces need reconfiguration.
1077 */
1078int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1079{
1080 struct wpa_config *conf;
1081 int reconf_ctrl;
8bac466b
JM		 1082 int old_ap_scan;
1083
6fc6879b
JM		 1084 if (wpa_s->confname == NULL)
1085 return -1;
e6304cad 1086 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1087 if (conf == NULL) {
1088 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1089 "file '%s' - exiting", wpa_s->confname);
1090 return -1;
1091 }
3bd35b68
JM		 1092 if (wpa_s->confanother &&
1093 !wpa_config_read(wpa_s->confanother, conf)) {
1094 wpa_msg(wpa_s, MSG_ERROR,
1095 "Failed to parse the configuration file '%s' - exiting",
1096 wpa_s->confanother);
1097 return -1;
1098 }
e6304cad 1099
611aea7d 1100 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1101
1102 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1103 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1104 os_strcmp(conf->ctrl_interface,
1105 wpa_s->conf->ctrl_interface) != 0);
1106
1107 if (reconf_ctrl && wpa_s->ctrl_iface) {
1108 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1109 wpa_s->ctrl_iface = NULL;
1110 }
1111
1112 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1113 if (wpa_s->current_ssid) {
e66bcedd
JM		 1114 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1115 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1116 wpa_supplicant_deauthenticate(wpa_s,
1117 WLAN_REASON_DEAUTH_LEAVING);
1118 }
8bac466b 1119
6fc6879b
JM		 1120 /*
1121 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1122 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1123 */
a1ea1b45 1124 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1125 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1126 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1127 /*
1128 * Clear forced success to clear EAP state for next
1129 * authentication.
1130 */
1131 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1132 }
1133 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1134 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1135 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1136 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1137 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1138
1139 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1140 wpa_config_free(wpa_s->conf);
1141 wpa_s->conf = conf;
8bac466b
JM		 1142 if (old_ap_scan != wpa_s->conf->ap_scan)
1143 wpas_notify_ap_scan_changed(wpa_s);
1144
6fc6879b
JM		 1145 if (reconf_ctrl)
1146 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1147
611aea7d
JM		 1148 wpa_supplicant_update_config(wpa_s);
1149
6fc6879b 1150 wpa_supplicant_clear_status(wpa_s);
349493bd 1151 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1152 wpa_s->reassociate = 1;
1153 wpa_supplicant_req_scan(wpa_s, 0, 0);
1154 }
f049052b 1155 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1156 return 0;
1157}
1158
1159
0456ea16 1160static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1161{
0456ea16 1162 struct wpa_global *global = signal_ctx;
6fc6879b 1163 struct wpa_supplicant *wpa_s;
6fc6879b 1164 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1165 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1166 sig);
6fc6879b 1167 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1168 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1169 }
1170 }
1248e584
LR		 1171
1172 if (wpa_debug_reopen_file() < 0) {
1173 /* Ignore errors since we cannot really do much to fix this */
1174 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1175 }
6fc6879b
JM		 1176}
1177
1178
6fc6879b
JM		 1179static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1180 struct wpa_ssid *ssid,
1181 struct wpa_ie_data *ie)
1182{
1183 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1184 if (ret) {
1185 if (ret == -2) {
1186 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1187 "from association info");
1188 }
1189 return -1;
1190 }
1191
f049052b
BG		 1192 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1193 "cipher suites");
6fc6879b
JM		 1194 if (!(ie->group_cipher & ssid->group_cipher)) {
1195 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1196 "cipher 0x%x (mask 0x%x) - reject",
1197 ie->group_cipher, ssid->group_cipher);
1198 return -1;
1199 }
1200 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1201 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1202 "cipher 0x%x (mask 0x%x) - reject",
1203 ie->pairwise_cipher, ssid->pairwise_cipher);
1204 return -1;
1205 }
1206 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1207 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1208 "management 0x%x (mask 0x%x) - reject",
1209 ie->key_mgmt, ssid->key_mgmt);
1210 return -1;
1211 }
1212
0b60b0aa 1213 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1214 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1215 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1216 "that does not support management frame protection - "
1217 "reject");
1218 return -1;
1219 }
6fc6879b
JM		 1220
1221 return 0;
1222}
1223
1224
2c129a1b
LD		 1225static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1226 int freq)
1227{
1228 if (!ie->has_group)
1229 ie->group_cipher = wpa_default_rsn_cipher(freq);
1230 if (!ie->has_pairwise)
1231 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1232 return (ie->group_cipher & ssid->group_cipher) &&
1233 (ie->pairwise_cipher & ssid->pairwise_cipher);
1234}
1235
1236
6fc6879b
JM		 1237/**
1238 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1239 * @wpa_s: Pointer to wpa_supplicant data
1240 * @bss: Scan results for the selected BSS, or %NULL if not available
1241 * @ssid: Configuration data for the selected network
1242 * @wpa_ie: Buffer for the WPA/RSN IE
1243 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1244 * used buffer length in case the functions returns success.
1245 * Returns: 0 on success or -1 on failure
1246 *
1247 * This function is used to configure authentication and encryption parameters
1248 * based on the network configuration and scan result for the selected BSS (if
1249 * available).
1250 */
1251int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1252 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1253 u8 *wpa_ie, size_t *wpa_ie_len)
1254{
1255 struct wpa_ie_data ie;
1256 int sel, proto;
146889e3 1257 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
6fc6879b
JM		 1258
1259 if (bss) {
6fa81a3b
JM		 1260 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1261 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
146889e3 1262 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
df0f01d9 1263 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
146889e3
JM		 1264 } else {
1265 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1266 }
6fc6879b
JM		 1267
1268 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1269 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
2c129a1b 1270 matching_ciphers(ssid, &ie, bss->freq) &&
6fc6879b 1271 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1272 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1273 proto = WPA_PROTO_RSN;
1274 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1275 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1276 (ie.group_cipher & ssid->group_cipher) &&
1277 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1278 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1279 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1280 proto = WPA_PROTO_WPA;
df0f01d9 1281#ifdef CONFIG_HS20
dc673aec
JM		 1282 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1283 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1284 (ie.group_cipher & ssid->group_cipher) &&
1285 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1286 (ie.key_mgmt & ssid->key_mgmt)) {
df0f01d9 1287 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
df0f01d9 1288 proto = WPA_PROTO_OSEN;
f5a60216
JM		 1289 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1290 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1291 (ie.group_cipher & ssid->group_cipher) &&
1292 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1293 (ie.key_mgmt & ssid->key_mgmt)) {
1294 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1295 proto = WPA_PROTO_RSN;
df0f01d9 1296#endif /* CONFIG_HS20 */
6fc6879b
JM		 1297 } else if (bss) {
1298 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1299 wpa_dbg(wpa_s, MSG_DEBUG,
1300 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1301 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1302 ssid->key_mgmt);
1303 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1304 MAC2STR(bss->bssid),
1305 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1306 bss_wpa ? " WPA" : "",
1307 bss_rsn ? " RSN" : "",
1308 bss_osen ? " OSEN" : "");
1309 if (bss_rsn) {
1310 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1311 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1312 wpa_dbg(wpa_s, MSG_DEBUG,
1313 "Could not parse RSN element");
1314 } else {
1315 wpa_dbg(wpa_s, MSG_DEBUG,
1316 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1317 ie.pairwise_cipher, ie.group_cipher,
1318 ie.key_mgmt);
1319 }
1320 }
1321 if (bss_wpa) {
1322 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1323 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1324 wpa_dbg(wpa_s, MSG_DEBUG,
1325 "Could not parse WPA element");
1326 } else {
1327 wpa_dbg(wpa_s, MSG_DEBUG,
1328 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1329 ie.pairwise_cipher, ie.group_cipher,
1330 ie.key_mgmt);
1331 }
1332 }
6fc6879b
JM		 1333 return -1;
1334 } else {
df0f01d9
JM		 1335 if (ssid->proto & WPA_PROTO_OSEN)
1336 proto = WPA_PROTO_OSEN;
1337 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1338 proto = WPA_PROTO_RSN;
1339 else
1340 proto = WPA_PROTO_WPA;
1341 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1342 os_memset(&ie, 0, sizeof(ie));
1343 ie.group_cipher = ssid->group_cipher;
1344 ie.pairwise_cipher = ssid->pairwise_cipher;
1345 ie.key_mgmt = ssid->key_mgmt;
61a56c14
JM		 1346 ie.mgmt_group_cipher = 0;
1347 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1348 if (ssid->group_mgmt_cipher &
1349 WPA_CIPHER_BIP_GMAC_256)
1350 ie.mgmt_group_cipher =
1351 WPA_CIPHER_BIP_GMAC_256;
1352 else if (ssid->group_mgmt_cipher &
1353 WPA_CIPHER_BIP_CMAC_256)
1354 ie.mgmt_group_cipher =
1355 WPA_CIPHER_BIP_CMAC_256;
1356 else if (ssid->group_mgmt_cipher &
1357 WPA_CIPHER_BIP_GMAC_128)
1358 ie.mgmt_group_cipher =
1359 WPA_CIPHER_BIP_GMAC_128;
1360 else
1361 ie.mgmt_group_cipher =
1362 WPA_CIPHER_AES_128_CMAC;
1363 }
c1790a5f
JM		 1364#ifdef CONFIG_OWE
1365 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1366 !ssid->owe_only &&
1367 !bss_wpa && !bss_rsn && !bss_osen) {
1368 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1369 wpa_s->wpa_proto = 0;
9f8d459d 1370 *wpa_ie_len = 0;
c1790a5f
JM		 1371 return 0;
1372 }
1373#endif /* CONFIG_OWE */
f049052b
BG		 1374 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1375 "based on configuration");
6fc6879b
JM		 1376 } else
1377 proto = ie.proto;
1378 }
1379
f049052b
BG		 1380 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1381 "pairwise %d key_mgmt %d proto %d",
1382 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b 1383 if (ssid->ieee80211w) {
f049052b
BG		 1384 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1385 ie.mgmt_group_cipher);
6fc6879b 1386 }
6fc6879b 1387
64fa840a 1388 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1389 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1390 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1391 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1392
1393 if (bss || !wpa_s->ap_ies_from_associnfo) {
1394 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1395 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1396 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
146889e3
JM		 1397 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1398 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1399 bss_rsnx ? 2 + bss_rsnx[1] : 0))
6fc6879b
JM		 1400 return -1;
1401 }
1402
9e68742e
JM		 1403#ifdef CONFIG_NO_WPA
1404 wpa_s->group_cipher = WPA_CIPHER_NONE;
1405 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1406#else /* CONFIG_NO_WPA */
6fc6879b 1407 sel = ie.group_cipher & ssid->group_cipher;
853bd19f
JM		 1408 wpa_dbg(wpa_s, MSG_DEBUG,
1409 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1410 ie.group_cipher, ssid->group_cipher, sel);
edbd2a19
JM		 1411 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1412 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1413 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1414 "cipher");
6fc6879b
JM		 1415 return -1;
1416 }
edbd2a19
JM		 1417 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1418 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1419
1420 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
853bd19f
JM		 1421 wpa_dbg(wpa_s, MSG_DEBUG,
1422 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1423 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
edbd2a19
JM		 1424 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1425 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1426 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1427 "cipher");
6fc6879b
JM		 1428 return -1;
1429 }
edbd2a19
JM		 1430 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1431 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1432#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1433
1434 sel = ie.key_mgmt & ssid->key_mgmt;
853bd19f
JM		 1435 wpa_dbg(wpa_s, MSG_DEBUG,
1436 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1437 ie.key_mgmt, ssid->key_mgmt, sel);
c10347f2
JM		 1438#ifdef CONFIG_SAE
1439 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1440 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1441#endif /* CONFIG_SAE */
6fc6879b 1442 if (0) {
6d77014e
JM		 1443#ifdef CONFIG_IEEE80211R
1444#ifdef CONFIG_SHA384
dd0153fc
MW		 1445 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1446 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6d77014e
JM		 1447 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1448 wpa_dbg(wpa_s, MSG_DEBUG,
1449 "WPA: using KEY_MGMT FT/802.1X-SHA384");
9083ef13
JM		 1450 if (!ssid->ft_eap_pmksa_caching &&
1451 pmksa_cache_get_current(wpa_s->wpa)) {
1452 /* PMKSA caching with FT may have interoperability
1453 * issues, so disable that case by default for now. */
6d77014e
JM		 1454 wpa_dbg(wpa_s, MSG_DEBUG,
1455 "WPA: Disable PMKSA caching for FT/802.1X connection");
1456 pmksa_cache_clear_current(wpa_s->wpa);
1457 }
1458#endif /* CONFIG_SHA384 */
1459#endif /* CONFIG_IEEE80211R */
5e3b5197
JM		 1460#ifdef CONFIG_SUITEB192
1461 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1462 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1463 wpa_dbg(wpa_s, MSG_DEBUG,
1464 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1465#endif /* CONFIG_SUITEB192 */
1466#ifdef CONFIG_SUITEB
666497c8
JM		 1467 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1468 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1469 wpa_dbg(wpa_s, MSG_DEBUG,
1470 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1471#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1472#ifdef CONFIG_FILS
1473#ifdef CONFIG_IEEE80211R
1474 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1475 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1476 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1477 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1478 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1479 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1480#endif /* CONFIG_IEEE80211R */
1481 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1482 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1483 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1484 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1485 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1486 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1487#endif /* CONFIG_FILS */
6fc6879b 1488#ifdef CONFIG_IEEE80211R
dd0153fc
MW		 1489 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1490 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6fc6879b 1491 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1492 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
9083ef13
JM		 1493 if (!ssid->ft_eap_pmksa_caching &&
1494 pmksa_cache_get_current(wpa_s->wpa)) {
1495 /* PMKSA caching with FT may have interoperability
1496 * issues, so disable that case by default for now. */
833bb2ab
JM		 1497 wpa_dbg(wpa_s, MSG_DEBUG,
1498 "WPA: Disable PMKSA caching for FT/802.1X connection");
1499 pmksa_cache_clear_current(wpa_s->wpa);
1500 }
6fc6879b 1501#endif /* CONFIG_IEEE80211R */
dd6c5980
JM		 1502#ifdef CONFIG_DPP
1503 } else if (sel & WPA_KEY_MGMT_DPP) {
1504 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1505 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1506#endif /* CONFIG_DPP */
c10347f2 1507#ifdef CONFIG_SAE
c10347f2
JM		 1508 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1509 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1510 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
76fd782a
JM		 1511 } else if (sel & WPA_KEY_MGMT_SAE) {
1512 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1513 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
c10347f2 1514#endif /* CONFIG_SAE */
9af1eea3
JM		 1515#ifdef CONFIG_IEEE80211R
1516 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1517 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1518 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1519#endif /* CONFIG_IEEE80211R */
56586197
JM		 1520 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1521 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1522 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1523 "WPA: using KEY_MGMT 802.1X with SHA256");
1524 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1525 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1526 wpa_dbg(wpa_s, MSG_DEBUG,
56586197 1527 "WPA: using KEY_MGMT PSK with SHA256");
6fc6879b
JM		 1528 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1529 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1530 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1531 } else if (sel & WPA_KEY_MGMT_PSK) {
1532 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1533 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1534 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1535 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1536 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1537#ifdef CONFIG_HS20
1538 } else if (sel & WPA_KEY_MGMT_OSEN) {
1539 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1540 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1541#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1542#ifdef CONFIG_OWE
1543 } else if (sel & WPA_KEY_MGMT_OWE) {
1544 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1545 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1546#endif /* CONFIG_OWE */
6fc6879b 1547 } else {
f049052b
BG		 1548 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1549 "authenticated key management type");
6fc6879b
JM		 1550 return -1;
1551 }
1552
1553 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1554 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1555 wpa_s->pairwise_cipher);
1556 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1557
ae05b6a2
JM		 1558 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1559 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1560 wpa_msg(wpa_s, MSG_INFO,
1561 "RSN: Management frame protection required but the selected AP does not enable it");
1562 return -1;
1563 }
1564
6fc6879b 1565 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1566 if (ssid->group_mgmt_cipher)
1567 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1568 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1569 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b 1570 sel = 0;
853bd19f
JM		 1571 wpa_dbg(wpa_s, MSG_DEBUG,
1572 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1573 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
6fc6879b
JM		 1574 if (sel & WPA_CIPHER_AES_128_CMAC) {
1575 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1576 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1577 "AES-128-CMAC");
8dd9f9cd
JM		 1578 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1579 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1580 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1581 "BIP-GMAC-128");
1582 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1583 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1584 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1585 "BIP-GMAC-256");
1586 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1587 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1588 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1589 "BIP-CMAC-256");
6fc6879b
JM		 1590 } else {
1591 wpa_s->mgmt_group_cipher = 0;
f049052b 1592 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1593 }
1594 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1595 wpa_s->mgmt_group_cipher);
62d49803 1596 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1597 wpas_get_ssid_pmf(wpa_s, ssid));
55c12f5d
MV		 1598#ifdef CONFIG_OCV
1599 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1600#endif /* CONFIG_OCV */
6d6c8877 1601 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, wpa_s->conf->sae_pwe);
6fc6879b
JM		 1602
1603 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1604 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1605 return -1;
1606 }
1607
6d6c8877
JM		 1608 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1609 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1610 &wpa_s->rsnxe_len)) {
1611 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1612 return -1;
1613 }
1614
dd6c5980
JM		 1615 if (0) {
1616#ifdef CONFIG_DPP
1617 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1618 /* Use PMK from DPP network introduction (PMKSA entry) */
1619 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1620#endif /* CONFIG_DPP */
1621 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1622 int psk_set = 0;
06b1a104 1623 int sae_only;
a52410c2 1624
06b1a104
JM		 1625 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1626 WPA_KEY_MGMT_FT_PSK |
1627 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1628
1629 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1630 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1631 ssid->psk, PMK_LEN);
70c93963
MH		 1632 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1633 NULL);
a52410c2
JM		 1634 psk_set = 1;
1635 }
a34ca59e 1636
06b1a104
JM		 1637 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1638 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1639 psk_set = 1;
1640
7d232e23
ZC		 1641#ifndef CONFIG_NO_PBKDF2
1642 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1643 ssid->passphrase && !sae_only) {
7d232e23 1644 u8 psk[PMK_LEN];
986de33d
JM		 1645 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1646 4096, psk, PMK_LEN);
7d232e23
ZC		 1647 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1648 psk, PMK_LEN);
70c93963 1649 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1650 psk_set = 1;
e886c88e 1651 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1652 }
1653#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1654#ifdef CONFIG_EXT_PASSWORD
06b1a104 1655 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1656 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1657 ssid->ext_psk);
1658 char pw_str[64 + 1];
1659 u8 psk[PMK_LEN];
1660
1661 if (pw == NULL) {
1662 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1663 "found from external storage");
1664 return -1;
1665 }
1666
1667 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1668 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1669 "PSK length %d in external storage",
1670 (int) wpabuf_len(pw));
1671 ext_password_free(pw);
1672 return -1;
1673 }
1674
1675 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1676 pw_str[wpabuf_len(pw)] = '\0';
1677
1678#ifndef CONFIG_NO_PBKDF2
1679 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1680 {
986de33d
JM		 1681 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1682 4096, psk, PMK_LEN);
9173b16f
JM		 1683 os_memset(pw_str, 0, sizeof(pw_str));
1684 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1685 "external passphrase)",
1686 psk, PMK_LEN);
70c93963
MH		 1687 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1688 NULL);
a52410c2 1689 psk_set = 1;
e886c88e 1690 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1691 } else
1692#endif /* CONFIG_NO_PBKDF2 */
1693 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1694 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1695 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1696 "Invalid PSK hex string");
1697 os_memset(pw_str, 0, sizeof(pw_str));
1698 ext_password_free(pw);
1699 return -1;
1700 }
66dbc8d9
JM		 1701 wpa_hexdump_key(MSG_MSGDUMP,
1702 "PSK (from external PSK)",
1703 psk, PMK_LEN);
70c93963
MH		 1704 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1705 NULL);
a52410c2 1706 psk_set = 1;
e886c88e 1707 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1708 } else {
1709 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1710 "PSK available");
1711 os_memset(pw_str, 0, sizeof(pw_str));
1712 ext_password_free(pw);
1713 return -1;
1714 }
1715
1716 os_memset(pw_str, 0, sizeof(pw_str));
1717 ext_password_free(pw);
1718 }
1719#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1720
1721 if (!psk_set) {
1722 wpa_msg(wpa_s, MSG_INFO,
1723 "No PSK available for association");
06b1a104 1724 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1725 return -1;
1726 }
675112df
JM		 1727#ifdef CONFIG_OWE
1728 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1729 /* OWE Diffie-Hellman exchange in (Re)Association
1730 * Request/Response frames set the PMK, so do not override it
1731 * here. */
1732#endif /* CONFIG_OWE */
7d232e23 1733 } else
6fc6879b
JM		 1734 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1735
1736 return 0;
1737}
1738
1739
8cd6b7bc 1740static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1741{
8cd6b7bc 1742 *pos = 0x00;
03e47c9c 1743
8cd6b7bc
JB		 1744 switch (idx) {
1745 case 0: /* Bits 0-7 */
1746 break;
1747 case 1: /* Bits 8-15 */
d514b502
JM		 1748 if (wpa_s->conf->coloc_intf_reporting) {
1749 /* Bit 13 - Collocated Interference Reporting */
1750 *pos |= 0x20;
1751 }
8cd6b7bc
JB		 1752 break;
1753 case 2: /* Bits 16-23 */
1754#ifdef CONFIG_WNM
1755 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2e06cef8 1756 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
ef59f987 1757 *pos |= 0x08; /* Bit 19 - BSS Transition */
8cd6b7bc
JB		 1758#endif /* CONFIG_WNM */
1759 break;
1760 case 3: /* Bits 24-31 */
1761#ifdef CONFIG_WNM
1762 *pos |= 0x02; /* Bit 25 - SSID List */
1763#endif /* CONFIG_WNM */
03e47c9c 1764#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1765 if (wpa_s->conf->interworking)
1766 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1767#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1768 break;
1769 case 4: /* Bits 32-39 */
56f5af48 1770#ifdef CONFIG_INTERWORKING
1e1245bc 1771 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
429dd9af 1772 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1773#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1774 break;
1775 case 5: /* Bits 40-47 */
95a3ea94
JM		 1776#ifdef CONFIG_HS20
1777 if (wpa_s->conf->hs20)
1778 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1779#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1780#ifdef CONFIG_MBO
1781 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1782#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1783 break;
1784 case 6: /* Bits 48-55 */
1785 break;
d1723c55
LD		 1786 case 7: /* Bits 56-63 */
1787 break;
1788 case 8: /* Bits 64-71 */
1789 if (wpa_s->conf->ftm_responder)
1790 *pos |= 0x40; /* Bit 70 - FTM responder */
1791 if (wpa_s->conf->ftm_initiator)
1792 *pos |= 0x80; /* Bit 71 - FTM initiator */
1793 break;
e4d2ce1b
JM		 1794 case 9: /* Bits 72-79 */
1795#ifdef CONFIG_FILS
d98038bb 1796 if (!wpa_s->disable_fils)
1797 *pos |= 0x01;
e4d2ce1b
JM		 1798#endif /* CONFIG_FILS */
1799 break;
8cd6b7bc
JB		 1800 }
1801}
03e47c9c 1802
03e47c9c 1803
0bbaa9b9 1804int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1805{
1806 u8 *pos = buf;
e4d2ce1b 1807 u8 len = 10, i;
8cd6b7bc
JB		 1808
1809 if (len < wpa_s->extended_capa_len)
1810 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1811 if (buflen < (size_t) len + 2) {
1812 wpa_printf(MSG_INFO,
1813 "Not enough room for building extended capabilities element");
1814 return -1;
1815 }
03e47c9c
JM		 1816
1817 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1818 *pos++ = len;
1819 for (i = 0; i < len; i++, pos++) {
1820 wpas_ext_capab_byte(wpa_s, pos, i);
1821
1822 if (i < wpa_s->extended_capa_len) {
1823 *pos &= ~wpa_s->extended_capa_mask[i];
1824 *pos |= wpa_s->extended_capa[i];
1825 }
1826 }
03e47c9c 1827
3db5439a
JM		 1828 while (len > 0 && buf[1 + len] == 0) {
1829 len--;
1830 buf[1] = len;
1831 }
1832 if (len == 0)
1833 return 0;
1834
1835 return 2 + len;
03e47c9c
JM		 1836}
1837
1838
6ac4b15e
JM		 1839static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1840 struct wpa_bss *test_bss)
1841{
1842 struct wpa_bss *bss;
1843
1844 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1845 if (bss == test_bss)
1846 return 1;
1847 }
1848
1849 return 0;
1850}
1851
1852
1853static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1854 struct wpa_ssid *test_ssid)
1855{
1856 struct wpa_ssid *ssid;
1857
1858 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1859 if (ssid == test_ssid)
1860 return 1;
1861 }
1862
1863 return 0;
1864}
1865
1866
1867int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1868 struct wpa_ssid *test_ssid)
1869{
1870 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1871 return 0;
1872
1873 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1874}
1875
1876
1877void wpas_connect_work_free(struct wpa_connect_work *cwork)
1878{
1879 if (cwork == NULL)
1880 return;
1881 os_free(cwork);
1882}
1883
1884
1885void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1886{
1887 struct wpa_connect_work *cwork;
1888 struct wpa_radio_work *work = wpa_s->connect_work;
1889
1890 if (!work)
1891 return;
1892
1893 wpa_s->connect_work = NULL;
1894 cwork = work->ctx;
1895 work->ctx = NULL;
1896 wpas_connect_work_free(cwork);
1897 radio_work_done(work);
1898}
1899
1900
a313d17d 1901int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1902{
1903 struct os_reltime now;
1904 u8 addr[ETH_ALEN];
1905
1906 os_get_reltime(&now);
a313d17d
JM		 1907 if (wpa_s->last_mac_addr_style == style &&
1908 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1909 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1910 wpa_s->conf->rand_addr_lifetime)) {
1911 wpa_msg(wpa_s, MSG_DEBUG,
1912 "Previously selected random MAC address has not yet expired");
1913 return 0;
1914 }
1915
a313d17d
JM		 1916 switch (style) {
1917 case 1:
1918 if (random_mac_addr(addr) < 0)
1919 return -1;
1920 break;
1921 case 2:
1922 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1923 if (random_mac_addr_keep_oui(addr) < 0)
1924 return -1;
1925 break;
1926 default:
c267753b 1927 return -1;
a313d17d 1928 }
c267753b
JM		 1929
1930 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1931 wpa_msg(wpa_s, MSG_INFO,
1932 "Failed to set random MAC address");
1933 return -1;
1934 }
1935
1936 os_get_reltime(&wpa_s->last_mac_addr_change);
1937 wpa_s->mac_addr_changed = 1;
a313d17d 1938 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1939
1940 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1941 wpa_msg(wpa_s, MSG_INFO,
1942 "Could not update MAC address information");
1943 return -1;
1944 }
1945
1946 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1947 MAC2STR(addr));
1948
1949 return 0;
1950}
1951
1952
1953int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1954{
1955 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1956 !wpa_s->conf->preassoc_mac_addr)
1957 return 0;
1958
a313d17d 1959 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 1960}
1961
1962
05a2fb0d
JM		 1963static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
1964{
1965#ifdef CONFIG_SAE
1966 int *groups = conf->sae_groups;
1967 int default_groups[] = { 19, 20, 21, 0 };
1968 const char *password;
1969
1970 if (!groups || groups[0] <= 0)
1971 groups = default_groups;
1972
1973 password = ssid->sae_password;
1974 if (!password)
1975 password = ssid->passphrase;
1976
1977 if (conf->sae_pwe == 0 || !password) {
1978 /* PT derivation not needed */
1979 sae_deinit_pt(ssid->pt);
1980 ssid->pt = NULL;
1981 return;
1982 }
1983
1984 if (ssid->pt)
1985 return; /* PT already derived */
1986 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
1987 (const u8 *) password, os_strlen(password),
1988 ssid->sae_password_id);
1989#endif /* CONFIG_SAE */
1990}
1991
1992
b834e970
JM		 1993static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
1994{
1995#if defined(CONFIG_SAE) && defined(CONFIG_SME)
1996 os_free(wpa_s->sme.sae_rejected_groups);
1997 wpa_s->sme.sae_rejected_groups = NULL;
1998#ifdef CONFIG_TESTING_OPTIONS
1999 if (wpa_s->extra_sae_rejected_groups) {
2000 int i, *groups = wpa_s->extra_sae_rejected_groups;
2001
2002 for (i = 0; groups[i]; i++) {
2003 wpa_printf(MSG_DEBUG,
2004 "TESTING: Indicate rejection of an extra SAE group %d",
2005 groups[i]);
2006 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2007 groups[i]);
2008 }
2009 }
2010#endif /* CONFIG_TESTING_OPTIONS */
2011#endif /* CONFIG_SAE && CONFIG_SME */
2012}
2013
2014
6ac4b15e
JM		 2015static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2016
6fc6879b
JM		 2017/**
2018 * wpa_supplicant_associate - Request association
2019 * @wpa_s: Pointer to wpa_supplicant data
2020 * @bss: Scan results for the selected BSS, or %NULL if not available
2021 * @ssid: Configuration data for the selected network
2022 *
2023 * This function is used to request %wpa_supplicant to associate with a BSS.
2024 */
2025void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 2026 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 2027{
6ac4b15e 2028 struct wpa_connect_work *cwork;
a313d17d
JM		 2029 int rand_style;
2030
a8412ec9
JM		 2031 wpa_s->own_disconnect_req = 0;
2032
e7160bd8
JM		 2033 /*
2034 * If we are starting a new connection, any previously pending EAPOL
2035 * RX cannot be valid anymore.
2036 */
2037 wpabuf_free(wpa_s->pending_eapol_rx);
2038 wpa_s->pending_eapol_rx = NULL;
2039
a313d17d
JM		 2040 if (ssid->mac_addr == -1)
2041 rand_style = wpa_s->conf->mac_addr;
2042 else
2043 rand_style = ssid->mac_addr;
6fc6879b 2044
8c42b369
EP		 2045 wmm_ac_clear_saved_tspecs(wpa_s);
2046 wpa_s->reassoc_same_bss = 0;
6a5ee810 2047 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 2048#ifdef CONFIG_TESTING_OPTIONS
2049 wpa_s->testing_resend_assoc = 0;
2050#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 2051
c267753b
JM		 2052 if (wpa_s->last_ssid == ssid) {
2053 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 2054 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 2055 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2056 wmm_ac_save_tspecs(wpa_s);
2057 wpa_s->reassoc_same_bss = 1;
2bbad1c7
MW		 2058 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2059 os_get_reltime(&wpa_s->roam_start);
8c42b369 2060 }
05a2fb0d
JM		 2061 } else {
2062#ifdef CONFIG_SAE
b834e970 2063 wpa_s_clear_sae_rejected(wpa_s);
05a2fb0d
JM		 2064 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2065#endif /* CONFIG_SAE */
5d30f927
BR		 2066 }
2067
2068 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 2069 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 2070 return;
2071 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 2072 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 2073 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2074 wpa_msg(wpa_s, MSG_INFO,
2075 "Could not restore permanent MAC address");
2076 return;
2077 }
2078 wpa_s->mac_addr_changed = 0;
2079 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2080 wpa_msg(wpa_s, MSG_INFO,
2081 "Could not update MAC address information");
2082 return;
2083 }
2084 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2085 }
2086 wpa_s->last_ssid = ssid;
2087
78177a00
JM		 2088#ifdef CONFIG_IBSS_RSN
2089 ibss_rsn_deinit(wpa_s->ibss_rsn);
2090 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 2091#else /* CONFIG_IBSS_RSN */
2092 if (ssid->mode == WPAS_MODE_IBSS &&
2093 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2094 wpa_msg(wpa_s, MSG_INFO,
2095 "IBSS RSN not supported in the build");
2096 return;
2097 }
78177a00
JM		 2098#endif /* CONFIG_IBSS_RSN */
2099
2c5d725c
JM		 2100 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2101 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 2102#ifdef CONFIG_AP
2103 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 2104 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2105 "mode");
1581b38b
JM		 2106 return;
2107 }
8c981d17
DW		 2108 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2109 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 2110 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2111 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 2112 return;
2113 }
8f770587 2114 wpa_s->current_bss = bss;
1581b38b 2115#else /* CONFIG_AP */
f049052b
BG		 2116 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2117 "the build");
1581b38b
JM		 2118#endif /* CONFIG_AP */
2119 return;
2120 }
2121
603a3f34
JL		 2122 if (ssid->mode == WPAS_MODE_MESH) {
2123#ifdef CONFIG_MESH
2124 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2125 wpa_msg(wpa_s, MSG_INFO,
2126 "Driver does not support mesh mode");
2127 return;
2128 }
2129 if (bss)
2130 ssid->frequency = bss->freq;
2131 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2132 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2133 return;
2134 }
2135 wpa_s->current_bss = bss;
6174de66
JM		 2136 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
2137 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
2138 ssid->id);
89e9cd25 2139 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 2140#else /* CONFIG_MESH */
2141 wpa_msg(wpa_s, MSG_ERROR,
2142 "mesh mode support not included in the build");
2143#endif /* CONFIG_MESH */
2144 return;
2145 }
2146
2efc6720
JM		 2147 /*
2148 * Set WPA state machine configuration to match the selected network now
2149 * so that the information is available before wpas_start_assoc_cb()
2150 * gets called. This is needed at least for RSN pre-authentication where
2151 * candidate APs are added to a list based on scan result processing
2152 * before completion of the first association.
2153 */
2154 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2155
a0d5c56f
JM		 2156#ifdef CONFIG_DPP
2157 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2158 return;
2159#endif /* CONFIG_DPP */
2160
52c9e6f3 2161#ifdef CONFIG_TDLS
95cb2d88
JM		 2162 if (bss)
2163 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2164 bss->ie_len);
52c9e6f3
JM		 2165#endif /* CONFIG_TDLS */
2166
2e06cef8
VK		 2167#ifdef CONFIG_MBO
2168 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2169#endif /* CONFIG_MBO */
2170
5cc4d64b 2171 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
f74618cb 2172 ssid->mode == WPAS_MODE_INFRA) {
c2a04078
JM		 2173 sme_authenticate(wpa_s, bss, ssid);
2174 return;
2175 }
2176
6ac4b15e
JM		 2177 if (wpa_s->connect_work) {
2178 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2179 return;
2180 }
2181
f0e30c84
JM		 2182 if (radio_work_pending(wpa_s, "connect")) {
2183 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2184 return;
2185 }
2186
a1836de6
JM		 2187#ifdef CONFIG_SME
2188 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2189 /* Clear possibly set auth_alg, if any, from last attempt. */
2190 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2191 }
2192#endif /* CONFIG_SME */
2193
4ead7cfd
KV		 2194 wpas_abort_ongoing_scan(wpa_s);
2195
6ac4b15e
JM		 2196 cwork = os_zalloc(sizeof(*cwork));
2197 if (cwork == NULL)
2198 return;
2199
2200 cwork->bss = bss;
2201 cwork->ssid = ssid;
2202
2203 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2204 wpas_start_assoc_cb, cwork) < 0) {
2205 os_free(cwork);
2206 }
2207}
2208
2209
98479dc9
JD		 2210static int bss_is_ibss(struct wpa_bss *bss)
2211{
2212 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2213 IEEE80211_CAP_IBSS;
2214}
2215
2216
a65efbfb
PO		 2217static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2218 const struct wpa_ssid *ssid)
2219{
2220 enum hostapd_hw_mode hw_mode;
2221 struct hostapd_hw_modes *mode = NULL;
2222 u8 channel;
2223 int i;
2224
a65efbfb
PO		 2225 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2226 if (hw_mode == NUM_HOSTAPD_MODES)
2227 return 0;
2228 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2229 if (wpa_s->hw.modes[i].mode == hw_mode) {
2230 mode = &wpa_s->hw.modes[i];
2231 break;
2232 }
2233 }
2234
2235 if (!mode)
2236 return 0;
2237
2238 return mode->vht_capab != 0;
2239}
2240
2241
54fe48b9
JM		 2242void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2243 const struct wpa_ssid *ssid,
2244 struct hostapd_freq_params *freq)
1830817e 2245{
3459c54a 2246 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
1830817e
JD		 2247 enum hostapd_hw_mode hw_mode;
2248 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2249 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2250 184, 192 };
563ee183 2251 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2252 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2253 u8 channel;
98479dc9 2254 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2255 unsigned int j, k;
563ee183 2256 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2257 int chwidth, seg0, seg1;
2258 u32 vht_caps = 0;
6e711e7a 2259 int is_24ghz;
1830817e
JD		 2260
2261 freq->freq = ssid->frequency;
2262
98479dc9
JD		 2263 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2264 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2265
2266 if (ssid->mode != WPAS_MODE_IBSS)
2267 break;
2268
2269 /* Don't adjust control freq in case of fixed_freq */
2270 if (ssid->fixed_freq)
2271 break;
2272
2273 if (!bss_is_ibss(bss))
2274 continue;
2275
2276 if (ssid->ssid_len == bss->ssid_len &&
2277 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2278 wpa_printf(MSG_DEBUG,
2279 "IBSS already found in scan results, adjust control freq: %d",
2280 bss->freq);
2281 freq->freq = bss->freq;
2282 obss_scan = 0;
2283 break;
2284 }
2285 }
2286
1830817e
JD		 2287 /* For IBSS check HT_IBSS flag */
2288 if (ssid->mode == WPAS_MODE_IBSS &&
2289 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2290 return;
2291
d9a9bc04
JD		 2292 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2293 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2294 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2295 wpa_printf(MSG_DEBUG,
2296 "IBSS: WEP/TKIP detected, do not try to enable HT");
2297 return;
2298 }
2299
98479dc9 2300 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2301 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2302 if (wpa_s->hw.modes[i].mode == hw_mode) {
2303 mode = &wpa_s->hw.modes[i];
2304 break;
2305 }
2306 }
2307
2308 if (!mode)
2309 return;
2310
6e711e7a
SE		 2311 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2312 hw_mode == HOSTAPD_MODE_IEEE80211B;
3459c54a 2313
3388e7b9
MH		 2314#ifdef CONFIG_HT_OVERRIDES
2315 if (ssid->disable_ht) {
2316 freq->ht_enabled = 0;
2317 return;
2318 }
2319#endif /* CONFIG_HT_OVERRIDES */
2320
1830817e 2321 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2322 if (!freq->ht_enabled)
2323 return;
2324
6e711e7a
SE		 2325 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2326 if (is_24ghz)
2327 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2328
6b8b0774
JD		 2329 /* Setup higher BW only for 5 GHz */
2330 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2331 return;
2332
2333 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2334 pri_chan = &mode->channels[chan_idx];
2335 if (pri_chan->chan == channel)
2336 break;
2337 pri_chan = NULL;
2338 }
2339 if (!pri_chan)
2340 return;
2341
2342 /* Check primary channel flags */
2343 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2344 return;
2345
e5a9b1e8
PO		 2346 freq->channel = pri_chan->chan;
2347
05aed438 2348#ifdef CONFIG_HT_OVERRIDES
e5a9b1e8
PO		 2349 if (ssid->disable_ht40) {
2350 if (ssid->disable_vht)
2351 return;
2352 goto skip_ht40;
2353 }
05aed438
MH		 2354#endif /* CONFIG_HT_OVERRIDES */
2355
6b8b0774
JD		 2356 /* Check/setup HT40+/HT40- */
2357 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2358 if (ht40plus[j] == channel) {
2359 ht40 = 1;
2360 break;
2361 }
2362 }
2363
2364 /* Find secondary channel */
2365 for (i = 0; i < mode->num_channels; i++) {
2366 sec_chan = &mode->channels[i];
2367 if (sec_chan->chan == channel + ht40 * 4)
2368 break;
2369 sec_chan = NULL;
2370 }
2371 if (!sec_chan)
2372 return;
2373
2374 /* Check secondary channel flags */
2375 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2376 return;
2377
ecba4509 2378 if (ht40 == -1) {
6b8b0774
JD		 2379 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2380 return;
ecba4509 2381 } else {
6b8b0774
JD		 2382 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2383 return;
6b8b0774 2384 }
ecba4509 2385 freq->sec_channel_offset = ht40;
6b8b0774 2386
ecba4509 2387 if (obss_scan) {
6b8b0774
JD		 2388 struct wpa_scan_results *scan_res;
2389
2390 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2391 if (scan_res == NULL) {
2392 /* Back to HT20 */
2393 freq->sec_channel_offset = 0;
2394 return;
2395 }
2396
5f9b4afd 2397 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
6b8b0774
JD		 2398 switch (res) {
2399 case 0:
2400 /* Back to HT20 */
2401 freq->sec_channel_offset = 0;
2402 break;
2403 case 1:
2404 /* Configuration allowed */
2405 break;
2406 case 2:
2407 /* Switch pri/sec channels */
2408 freq->freq = hw_get_freq(mode, sec_chan->chan);
2409 freq->sec_channel_offset = -freq->sec_channel_offset;
2410 freq->channel = sec_chan->chan;
2411 break;
2412 default:
2413 freq->sec_channel_offset = 0;
2414 break;
2415 }
2416
2417 wpa_scan_results_free(scan_res);
2418 }
2419
e5a9b1e8
PO		 2420#ifdef CONFIG_HT_OVERRIDES
2421skip_ht40:
2422#endif /* CONFIG_HT_OVERRIDES */
6b8b0774
JD		 2423 wpa_printf(MSG_DEBUG,
2424 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2425 freq->channel, freq->sec_channel_offset);
563ee183 2426
a65efbfb 2427 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2428 return;
2429
2430 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2431 if (ssid->mode == WPAS_MODE_IBSS &&
2432 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2433 return;
2434
2435 vht_freq = *freq;
2436
b301f54e
JM		 2437#ifdef CONFIG_VHT_OVERRIDES
2438 if (ssid->disable_vht) {
2439 freq->vht_enabled = 0;
2440 return;
2441 }
2442#endif /* CONFIG_VHT_OVERRIDES */
2443
563ee183
JD		 2444 vht_freq.vht_enabled = vht_supported(mode);
2445 if (!vht_freq.vht_enabled)
2446 return;
2447
6e711e7a
SE		 2448 /* Enable HE for VHT */
2449 vht_freq.he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2450
563ee183
JD		 2451 /* setup center_freq1, bandwidth */
2452 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2453 if (freq->channel >= vht80[j] &&
2454 freq->channel < vht80[j] + 16)
2455 break;
2456 }
2457
2458 if (j == ARRAY_SIZE(vht80))
2459 return;
2460
2461 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2462 struct hostapd_channel_data *chan;
2463
2464 chan = hw_get_channel_chan(mode, i, NULL);
2465 if (!chan)
2466 return;
2467
2468 /* Back to HT configuration if channel not usable */
2469 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2470 return;
2471 }
2472
464dcfd0 2473 chwidth = CHANWIDTH_80MHZ;
0f29bc68
AK		 2474 seg0 = vht80[j] + 6;
2475 seg1 = 0;
2476
464dcfd0 2477 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
0f29bc68
AK		 2478 /* setup center_freq2, bandwidth */
2479 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2480 /* Only accept 80 MHz segments separated by a gap */
2481 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2482 continue;
2483 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2484 struct hostapd_channel_data *chan;
2485
2486 chan = hw_get_channel_chan(mode, i, NULL);
2487 if (!chan)
2488 continue;
2489
2490 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2491 HOSTAPD_CHAN_NO_IR |
2492 HOSTAPD_CHAN_RADAR))
2493 continue;
2494
2495 /* Found a suitable second segment for 80+80 */
464dcfd0 2496 chwidth = CHANWIDTH_80P80MHZ;
0f29bc68
AK		 2497 vht_caps |=
2498 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2499 seg1 = vht80[k] + 6;
2500 }
2501
464dcfd0 2502 if (chwidth == CHANWIDTH_80P80MHZ)
0f29bc68
AK		 2503 break;
2504 }
464dcfd0 2505 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
331f0774 2506 if (freq->freq == 5180) {
464dcfd0 2507 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2508 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2509 seg0 = 50;
2510 } else if (freq->freq == 5520) {
464dcfd0 2511 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2512 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2513 seg0 = 114;
2514 }
464dcfd0
JC		 2515 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2516 chwidth = CHANWIDTH_USE_HT;
806db174 2517 seg0 = vht80[j] + 2;
e5a9b1e8
PO		 2518#ifdef CONFIG_HT_OVERRIDES
2519 if (ssid->disable_ht40)
2520 seg0 = 0;
2521#endif /* CONFIG_HT_OVERRIDES */
0f29bc68
AK		 2522 }
2523
563ee183 2524 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
bebd91e9
AAL		 2525 freq->channel, ssid->enable_edmg,
2526 ssid->edmg_channel, freq->ht_enabled,
3459c54a 2527 vht_freq.vht_enabled, freq->he_enabled,
563ee183 2528 freq->sec_channel_offset,
3459c54a
SE		 2529 chwidth, seg0, seg1, vht_caps,
2530 &mode->he_capab[ieee80211_mode]) != 0)
563ee183
JD		 2531 return;
2532
2533 *freq = vht_freq;
2534
2535 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2536 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2537}
2538
2539
a38090b1
VK		 2540#ifdef CONFIG_FILS
2541static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2542 size_t ie_buf_len)
2543{
2544 struct fils_hlp_req *req;
2545 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2546 const u8 *pos;
2547 u8 *buf = ie_buf;
2548
2549 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2550 list) {
2551 rem_len = ie_buf_len - ie_len;
2552 pos = wpabuf_head(req->pkt);
2553 hdr_len = 1 + 2 * ETH_ALEN + 6;
2554 hlp_len = wpabuf_len(req->pkt);
2555
2556 if (rem_len < 2 + hdr_len + hlp_len) {
2557 wpa_printf(MSG_ERROR,
2558 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2559 (unsigned long) rem_len,
2560 (unsigned long) (2 + hdr_len + hlp_len));
2561 break;
2562 }
2563
2564 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2565 /* Element ID */
2566 *buf++ = WLAN_EID_EXTENSION;
2567 /* Length */
2568 *buf++ = len;
2569 /* Element ID Extension */
2570 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2571 /* Destination MAC address */
2572 os_memcpy(buf, req->dst, ETH_ALEN);
2573 buf += ETH_ALEN;
2574 /* Source MAC address */
2575 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2576 buf += ETH_ALEN;
2577 /* LLC/SNAP Header */
2578 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2579 buf += 6;
2580 /* HLP Packet */
2581 os_memcpy(buf, pos, len - hdr_len);
2582 buf += len - hdr_len;
2583 pos += len - hdr_len;
2584
2585 hlp_len -= len - hdr_len;
2586 ie_len += 2 + len;
2587 rem_len -= 2 + len;
2588
2589 while (hlp_len) {
2590 len = (hlp_len > 255) ? 255 : hlp_len;
2591 if (rem_len < 2 + len)
2592 break;
2593 *buf++ = WLAN_EID_FRAGMENT;
2594 *buf++ = len;
2595 os_memcpy(buf, pos, len);
2596 buf += len;
2597 pos += len;
2598
2599 hlp_len -= len;
2600 ie_len += 2 + len;
2601 rem_len -= 2 + len;
2602 }
2603 }
2604
2605 return ie_len;
2606}
e4802127
MH		 2607
2608
2609int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2610{
2611 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2612 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2613 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2614 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2615}
2616
2617
2618int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2619{
2620#ifdef CONFIG_FILS_SK_PFS
2621 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2622 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2623#else /* CONFIG_FILS_SK_PFS */
2624 return 0;
2625#endif /* CONFIG_FILS_SK_PFS */
2626}
2627
a38090b1
VK		 2628#endif /* CONFIG_FILS */
2629
2630
d2ba0d71
VK		 2631static u8 * wpas_populate_assoc_ies(
2632 struct wpa_supplicant *wpa_s,
2633 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2634 struct wpa_driver_associate_params *params,
2635 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2636{
1e6780bd 2637 u8 *wpa_ie;
10970465 2638 size_t max_wpa_ie_len = 500;
6ac4b15e 2639 size_t wpa_ie_len;
6ac4b15e 2640 int algs = WPA_AUTH_ALG_OPEN;
077232f6
BL		 2641#ifdef CONFIG_MBO
2642 const u8 *mbo_ie;
2643#endif
eb3234c0
SM		 2644#ifdef CONFIG_SAE
2645 int sae_pmksa_cached = 0;
2646#endif /* CONFIG_SAE */
8b0a6dba
VK		 2647#ifdef CONFIG_FILS
2648 const u8 *realm, *username, *rrk;
2649 size_t realm_len, username_len, rrk_len;
2650 u16 next_seq_num;
b377ec25 2651 struct fils_hlp_req *req;
6fc6879b 2652
b377ec25
VK		 2653 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2654 list) {
2655 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2656 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2657 }
2658#endif /* CONFIG_FILS */
8b0a6dba 2659
1e6780bd
VK		 2660 wpa_ie = os_malloc(max_wpa_ie_len);
2661 if (!wpa_ie) {
2662 wpa_printf(MSG_ERROR,
2663 "Failed to allocate connect IE buffer for %lu bytes",
2664 (unsigned long) max_wpa_ie_len);
d2ba0d71 2665 return NULL;
1e6780bd
VK		 2666 }
2667
6fa81a3b
JM		 2668 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2669 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2670 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2671 int try_opportunistic;
79f3121b
VK		 2672 const u8 *cache_id = NULL;
2673
6e202021
JM		 2674 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2675 wpa_s->conf->okc :
2676 ssid->proactive_key_caching) &&
6fc6879b 2677 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2678#ifdef CONFIG_FILS
2679 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2680 cache_id = wpa_bss_get_fils_cache_id(bss);
2681#endif /* CONFIG_FILS */
6fc6879b 2682 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2683 ssid, try_opportunistic,
eb3234c0 2684 cache_id, 0) == 0) {
ba422613 2685 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
eb3234c0
SM		 2686#ifdef CONFIG_SAE
2687 sae_pmksa_cached = 1;
2688#endif /* CONFIG_SAE */
2689 }
1e6780bd 2690 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2691 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2692 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2693 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2694 "key management and encryption suites");
1e6780bd 2695 os_free(wpa_ie);
d2ba0d71 2696 return NULL;
6fc6879b 2697 }
dc673aec
JM		 2698#ifdef CONFIG_HS20
2699 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2700 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2701 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2702 wpa_ie_len = max_wpa_ie_len;
2703 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2704 wpa_ie, &wpa_ie_len)) {
2705 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2706 "key management and encryption suites");
2707 os_free(wpa_ie);
2708 return NULL;
2709 }
2710#endif /* CONFIG_HS20 */
a3f7e518
JM		 2711 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2712 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2713 /*
2714 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2715 * use non-WPA since the scan results did not indicate that the
2716 * AP is using WPA or WPA2.
2717 */
2718 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2719 wpa_ie_len = 0;
2720 wpa_s->wpa_proto = 0;
0bf927a0 2721 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2722 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2723 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2724 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2725 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2726 "key management and encryption suites (no "
2727 "scan results)");
1e6780bd 2728 os_free(wpa_ie);
d2ba0d71 2729 return NULL;
6fc6879b 2730 }
ad08c363
JM		 2731#ifdef CONFIG_WPS
2732 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2733 struct wpabuf *wps_ie;
2734 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2735 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2736 wpa_ie_len = wpabuf_len(wps_ie);
2737 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2738 } else
2739 wpa_ie_len = 0;
ad08c363
JM		 2740 wpabuf_free(wps_ie);
2741 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2742 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2743 params->wps = WPS_MODE_PRIVACY;
0c80427d 2744 else
d2ba0d71 2745 params->wps = WPS_MODE_OPEN;
cf546f1a 2746 wpa_s->wpa_proto = 0;
ad08c363 2747#endif /* CONFIG_WPS */
6fc6879b
JM		 2748 } else {
2749 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2750 wpa_ie_len = 0;
cf546f1a 2751 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2752 }
2753
b377ec25
VK		 2754#ifdef IEEE8021X_EAPOL
2755 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2756 if (ssid->leap) {
2757 if (ssid->non_leap == 0)
2758 algs = WPA_AUTH_ALG_LEAP;
2759 else
2760 algs |= WPA_AUTH_ALG_LEAP;
2761 }
2762 }
2763
2764#ifdef CONFIG_FILS
2765 /* Clear FILS association */
2766 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2767
2768 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2769 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2770 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2771 &username_len, &realm, &realm_len,
af835d75
AB		 2772 &next_seq_num, &rrk, &rrk_len) == 0 &&
2773 (!wpa_s->last_con_fail_realm ||
2774 wpa_s->last_con_fail_realm_len != realm_len ||
2775 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
b377ec25 2776 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2777 params->fils_erp_username = username;
2778 params->fils_erp_username_len = username_len;
2779 params->fils_erp_realm = realm;
2780 params->fils_erp_realm_len = realm_len;
2781 params->fils_erp_next_seq_num = next_seq_num;
2782 params->fils_erp_rrk = rrk;
2783 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2784
2785 if (mask)
2786 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2787 }
2788#endif /* CONFIG_FILS */
2789#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2790#ifdef CONFIG_SAE
2791 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2792 algs = WPA_AUTH_ALG_SAE;
2793#endif /* CONFIG_SAE */
b377ec25
VK		 2794
2795 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2796 if (ssid->auth_alg) {
2797 algs = ssid->auth_alg;
2798 wpa_dbg(wpa_s, MSG_DEBUG,
2799 "Overriding auth_alg selection: 0x%x", algs);
2800 }
2801
eb3234c0
SM		 2802#ifdef CONFIG_SAE
2803 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2804 wpa_dbg(wpa_s, MSG_DEBUG,
2805 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2806 algs = WPA_AUTH_ALG_OPEN;
2807 }
2808#endif /* CONFIG_SAE */
2809
5f3a6aa0
JM		 2810#ifdef CONFIG_P2P
2811 if (wpa_s->global->p2p) {
2812 u8 *pos;
2813 size_t len;
2814 int res;
5f3a6aa0 2815 pos = wpa_ie + wpa_ie_len;
1e6780bd 2816 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2817 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2818 ssid->p2p_group);
5f3a6aa0
JM		 2819 if (res >= 0)
2820 wpa_ie_len += res;
2821 }
72044390
JM		 2822
2823 wpa_s->cross_connect_disallowed = 0;
2824 if (bss) {
2825 struct wpabuf *p2p;
2826 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2827 if (p2p) {
2828 wpa_s->cross_connect_disallowed =
2829 p2p_get_cross_connect_disallowed(p2p);
2830 wpabuf_free(p2p);
f049052b
BG		 2831 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2832 "connection",
2833 wpa_s->cross_connect_disallowed ?
2834 "disallows" : "allows");
72044390
JM		 2835 }
2836 }
25ef8529
JM		 2837
2838 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2839#endif /* CONFIG_P2P */
2840
5e57ba25 2841 if (bss) {
cb828507 2842 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
065c029a 2843 wpa_ie + wpa_ie_len,
1e6780bd 2844 max_wpa_ie_len -
065c029a 2845 wpa_ie_len);
5e57ba25 2846 }
5e57ba25 2847
8b3b803a
AH		 2848 /*
2849 * Workaround: Add Extended Capabilities element only if the AP
2850 * included this element in Beacon/Probe Response frames. Some older
2851 * APs seem to have interoperability issues if this element is
2852 * included, so while the standard may require us to include the
2853 * element in all cases, it is justifiable to skip it to avoid
2854 * interoperability issues.
2855 */
cc9a2575
KV		 2856 if (ssid->p2p_group)
2857 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2858 else
2859 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2860
8b3b803a 2861 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2862 u8 ext_capab[18];
8b3b803a 2863 int ext_capab_len;
0bbaa9b9
JM		 2864 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2865 sizeof(ext_capab));
2c66c7d1
AA		 2866 if (ext_capab_len > 0 &&
2867 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2868 u8 *pos = wpa_ie;
2869 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2870 pos += 2 + pos[1];
2871 os_memmove(pos + ext_capab_len, pos,
2872 wpa_ie_len - (pos - wpa_ie));
2873 wpa_ie_len += ext_capab_len;
2874 os_memcpy(pos, ext_capab, ext_capab_len);
2875 }
92cbcf91 2876 }
92cbcf91 2877
c484b198
AS		 2878#ifdef CONFIG_HS20
2879 if (is_hs20_network(wpa_s, ssid, bss)) {
2880 struct wpabuf *hs20;
2881
4204669c 2882 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
c484b198
AS		 2883 if (hs20) {
2884 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2885 size_t len;
2886
ec2cf403
JM		 2887 wpas_hs20_add_indication(hs20, pps_mo_id,
2888 get_hs20_version(bss));
4204669c 2889 wpas_hs20_add_roam_cons_sel(hs20, ssid);
1e6780bd 2890 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2891 if (wpabuf_len(hs20) <= len) {
2892 os_memcpy(wpa_ie + wpa_ie_len,
2893 wpabuf_head(hs20), wpabuf_len(hs20));
2894 wpa_ie_len += wpabuf_len(hs20);
2895 }
2896 wpabuf_free(hs20);
ece4ac5f
MG		 2897
2898 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2899 }
2900 }
2901#endif /* CONFIG_HS20 */
2902
d29fa3a7
JM		 2903 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2904 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2905 size_t len;
2906
1e6780bd 2907 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2908 if (wpabuf_len(buf) <= len) {
2909 os_memcpy(wpa_ie + wpa_ie_len,
2910 wpabuf_head(buf), wpabuf_len(buf));
2911 wpa_ie_len += wpabuf_len(buf);
2912 }
2913 }
2914
b36a3a65
AN		 2915#ifdef CONFIG_FST
2916 if (wpa_s->fst_ies) {
2917 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2918
1e6780bd 2919 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2920 os_memcpy(wpa_ie + wpa_ie_len,
2921 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2922 wpa_ie_len += fst_ies_len;
2923 }
2924 }
2925#endif /* CONFIG_FST */
2926
92c6e2e3 2927#ifdef CONFIG_MBO
077232f6 2928 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2e06cef8 2929 if (!wpa_s->disable_mbo_oce && mbo_ie) {
5e57ba25 2930 int len;
92c6e2e3 2931
5e57ba25 2932 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
077232f6
BL		 2933 max_wpa_ie_len - wpa_ie_len,
2934 !!mbo_attr_from_mbo_ie(mbo_ie,
2935 OCE_ATTR_ID_CAPA_IND));
5e57ba25
AS		 2936 if (len >= 0)
2937 wpa_ie_len += len;
92c6e2e3
DS		 2938 }
2939#endif /* CONFIG_MBO */
2940
a38090b1
VK		 2941#ifdef CONFIG_FILS
2942 if (algs == WPA_AUTH_ALG_FILS) {
2943 size_t len;
2944
2945 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2946 max_wpa_ie_len - wpa_ie_len);
2947 wpa_ie_len += len;
2948 }
2949#endif /* CONFIG_FILS */
2950
10970465 2951#ifdef CONFIG_OWE
5f30b69c
JM		 2952#ifdef CONFIG_TESTING_OPTIONS
2953 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2954 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2955 } else
2956#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 2957 if (algs == WPA_AUTH_ALG_OPEN &&
2958 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2959 struct wpabuf *owe_ie;
2cb40e9f 2960 u16 group;
10970465 2961
2cb40e9f 2962 if (ssid->owe_group) {
10970465 2963 group = ssid->owe_group;
698c9e20
AK		 2964 } else if (wpa_s->assoc_status_code ==
2965 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2cb40e9f
JM		 2966 if (wpa_s->last_owe_group == 19)
2967 group = 20;
2968 else if (wpa_s->last_owe_group == 20)
2969 group = 21;
2970 else
2971 group = OWE_DH_GROUP;
698c9e20
AK		 2972 } else {
2973 group = OWE_DH_GROUP;
2cb40e9f 2974 }
698c9e20 2975
2cb40e9f
JM		 2976 wpa_s->last_owe_group = group;
2977 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 2978 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2979 if (owe_ie &&
2980 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2981 os_memcpy(wpa_ie + wpa_ie_len,
2982 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2983 wpa_ie_len += wpabuf_len(owe_ie);
10970465 2984 }
04879671 2985 wpabuf_free(owe_ie);
10970465
JM		 2986 }
2987#endif /* CONFIG_OWE */
2988
10ec6a5f
JM		 2989#ifdef CONFIG_DPP2
2990 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
2991 ssid->dpp_netaccesskey) {
2992 dpp_pfs_free(wpa_s->dpp_pfs);
2993 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
2994 ssid->dpp_netaccesskey_len);
2995 if (!wpa_s->dpp_pfs) {
2996 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
2997 /* Try to continue without PFS */
2998 goto pfs_fail;
2999 }
3000 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3001 max_wpa_ie_len - wpa_ie_len) {
3002 os_memcpy(wpa_ie + wpa_ie_len,
3003 wpabuf_head(wpa_s->dpp_pfs->ie),
3004 wpabuf_len(wpa_s->dpp_pfs->ie));
3005 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3006 }
3007 }
3008pfs_fail:
3009#endif /* CONFIG_DPP2 */
3010
3dc3afe2
AM		 3011#ifdef CONFIG_IEEE80211R
3012 /*
3013 * Add MDIE under these conditions: the network profile allows FT,
3014 * the AP supports FT, and the mobility domain ID matches.
3015 */
88bf44be 3016 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3dc3afe2
AM		 3017 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3018
3019 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
86c998d3 3020 size_t len = 0;
3dc3afe2
AM		 3021 const u8 *md = mdie + 2;
3022 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3023
3024 if (os_memcmp(md, wpa_md,
3025 MOBILITY_DOMAIN_ID_LEN) == 0) {
3026 /* Add mobility domain IE */
86c998d3 3027 len = wpa_ft_add_mdie(
3dc3afe2
AM		 3028 wpa_s->wpa, wpa_ie + wpa_ie_len,
3029 max_wpa_ie_len - wpa_ie_len, mdie);
86c998d3 3030 wpa_ie_len += len;
3dc3afe2 3031 }
86c998d3
AM		 3032#ifdef CONFIG_SME
3033 if (len > 0 && wpa_s->sme.ft_used &&
3034 wpa_sm_has_ptk(wpa_s->wpa)) {
3035 wpa_dbg(wpa_s, MSG_DEBUG,
3036 "SME: Trying to use FT over-the-air");
3037 algs |= WPA_AUTH_ALG_FT;
3038 }
3039#endif /* CONFIG_SME */
3dc3afe2
AM		 3040 }
3041 }
3042#endif /* CONFIG_IEEE80211R */
3043
13256553
JM		 3044#ifdef CONFIG_TESTING_OPTIONS
3045 if (wpa_s->rsnxe_override_assoc &&
3046 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3047 max_wpa_ie_len - wpa_ie_len) {
3048 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3049 os_memcpy(wpa_ie + wpa_ie_len,
3050 wpabuf_head(wpa_s->rsnxe_override_assoc),
3051 wpabuf_len(wpa_s->rsnxe_override_assoc));
3052 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3053 } else
3054#endif /* CONFIG_TESTING_OPTIONS */
6d6c8877
JM		 3055 if (wpa_s->rsnxe_len > 0 &&
3056 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3057 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3058 wpa_ie_len += wpa_s->rsnxe_len;
3059 }
3060
5abc7823
VN		 3061 if (ssid->multi_ap_backhaul_sta) {
3062 size_t multi_ap_ie_len;
3063
3064 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3065 max_wpa_ie_len - wpa_ie_len,
3066 MULTI_AP_BACKHAUL_STA);
3067 if (multi_ap_ie_len == 0) {
3068 wpa_printf(MSG_ERROR,
3069 "Multi-AP: Failed to build Multi-AP IE");
3070 os_free(wpa_ie);
3071 return NULL;
3072 }
3073 wpa_ie_len += multi_ap_ie_len;
3074 }
3075
d2ba0d71
VK		 3076 params->wpa_ie = wpa_ie;
3077 params->wpa_ie_len = wpa_ie_len;
3078 params->auth_alg = algs;
6338c99e
VK		 3079 if (mask)
3080 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 3081
3082 return wpa_ie;
3083}
3084
3085
e0b331d8
SD		 3086#ifdef CONFIG_OWE
3087static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3088{
3089 struct wpa_driver_associate_params params;
3090 u8 *wpa_ie;
3091
3092 os_memset(&params, 0, sizeof(params));
3093 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3094 wpa_s->current_ssid, &params, NULL);
3095 if (!wpa_ie)
3096 return;
3097
3098 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3099 os_free(wpa_ie);
3100}
3101#endif /* CONFIG_OWE */
3102
3103
6338c99e
VK		 3104#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3105static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3106{
3107 struct wpa_driver_associate_params params;
3108 enum wpa_drv_update_connect_params_mask mask = 0;
3109 u8 *wpa_ie;
3110
3111 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3112 return; /* nothing to do */
3113
3114 os_memset(&params, 0, sizeof(params));
3115 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3116 wpa_s->current_ssid, &params, &mask);
3117 if (!wpa_ie)
3118 return;
3119
3120 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3121 os_free(wpa_ie);
3122 return;
3123 }
3124
3125 wpa_s->auth_alg = params.auth_alg;
3126 wpa_drv_update_connect_params(wpa_s, &params, mask);
3127 os_free(wpa_ie);
3128}
3129#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3130
3131
a82aee1f
AAL		 3132static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3133{
3134 if (!edmg_ie || edmg_ie[1] < 6)
3135 return 0;
3136 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3137}
3138
3139
3140static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3141{
3142 if (!edmg_ie || edmg_ie[1] < 6)
3143 return 0;
3144 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3145}
3146
3147
3148/* Returns the intersection of two EDMG configurations.
3149 * Note: The current implementation is limited to CB2 only (CB1 included),
3150 * i.e., the implementation supports up to 2 contiguous channels.
3151 * For supporting non-contiguous (aggregated) channels and for supporting
3152 * CB3 and above, this function will need to be extended.
3153 */
3154static struct ieee80211_edmg_config
3155get_edmg_intersection(struct ieee80211_edmg_config a,
3156 struct ieee80211_edmg_config b,
3157 u8 primary_channel)
3158{
3159 struct ieee80211_edmg_config result;
3160 int i, contiguous = 0;
3161 int max_contiguous = 0;
3162
3163 result.channels = b.channels & a.channels;
3164 if (!result.channels) {
3165 wpa_printf(MSG_DEBUG,
3166 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3167 a.channels, b.channels);
3168 goto fail;
3169 }
3170
3171 if (!(result.channels & BIT(primary_channel - 1))) {
3172 wpa_printf(MSG_DEBUG,
3173 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3174 primary_channel, result.channels);
3175 goto fail;
3176 }
3177
3178 /* Find max contiguous channels */
3179 for (i = 0; i < 6; i++) {
3180 if (result.channels & BIT(i))
3181 contiguous++;
3182 else
3183 contiguous = 0;
3184
3185 if (contiguous > max_contiguous)
3186 max_contiguous = contiguous;
3187 }
3188
3189 /* Assuming AP and STA supports ONLY contiguous channels,
3190 * bw configuration can have value between 4-7.
3191 */
3192 if ((b.bw_config < a.bw_config))
3193 result.bw_config = b.bw_config;
3194 else
3195 result.bw_config = a.bw_config;
3196
3197 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3198 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3199 wpa_printf(MSG_DEBUG,
3200 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3201 max_contiguous);
3202 goto fail;
3203 }
3204
3205 return result;
3206
3207fail:
3208 result.channels = 0;
3209 result.bw_config = 0;
3210 return result;
3211}
3212
3213
3214static struct ieee80211_edmg_config
3215get_supported_edmg(struct wpa_supplicant *wpa_s,
3216 struct hostapd_freq_params *freq,
3217 struct ieee80211_edmg_config request_edmg)
3218{
3219 enum hostapd_hw_mode hw_mode;
3220 struct hostapd_hw_modes *mode = NULL;
3221 u8 primary_channel;
3222
3223 if (!wpa_s->hw.modes)
3224 goto fail;
3225
3226 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3227 if (hw_mode == NUM_HOSTAPD_MODES)
3228 goto fail;
3229
3230 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode);
3231 if (!mode)
3232 goto fail;
3233
3234 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3235
3236fail:
3237 request_edmg.channels = 0;
3238 request_edmg.bw_config = 0;
3239 return request_edmg;
3240}
3241
3242
822c756e
AB		 3243#ifdef CONFIG_MBO
3244void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3245{
3246 struct wpa_driver_associate_params params;
3247 u8 *wpa_ie;
3248
3249 /*
3250 * Update MBO connect params only in case of change of MBO attributes
3251 * when connected, if the AP support MBO.
3252 */
3253
3254 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3255 !wpa_s->current_bss ||
3256 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3257 return;
3258
3259 os_memset(&params, 0, sizeof(params));
3260 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3261 wpa_s->current_ssid, &params, NULL);
3262 if (!wpa_ie)
3263 return;
3264
3265 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3266 os_free(wpa_ie);
3267}
3268#endif /* CONFIG_MBO */
3269
3270
d2ba0d71
VK		 3271static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3272{
3273 struct wpa_connect_work *cwork = work->ctx;
3274 struct wpa_bss *bss = cwork->bss;
3275 struct wpa_ssid *ssid = cwork->ssid;
3276 struct wpa_supplicant *wpa_s = work->wpa_s;
3277 u8 *wpa_ie;
a82aee1f 3278 const u8 *edmg_ie_oper;
d2ba0d71
VK		 3279 int use_crypt, ret, i, bssid_changed;
3280 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3281 struct wpa_driver_associate_params params;
3282 int wep_keys_set = 0;
3283 int assoc_failed = 0;
3284 struct wpa_ssid *old_ssid;
3285 u8 prev_bssid[ETH_ALEN];
3286#ifdef CONFIG_HT_OVERRIDES
3287 struct ieee80211_ht_capabilities htcaps;
3288 struct ieee80211_ht_capabilities htcaps_mask;
3289#endif /* CONFIG_HT_OVERRIDES */
3290#ifdef CONFIG_VHT_OVERRIDES
3291 struct ieee80211_vht_capabilities vhtcaps;
3292 struct ieee80211_vht_capabilities vhtcaps_mask;
3293#endif /* CONFIG_VHT_OVERRIDES */
3294
3295 if (deinit) {
3296 if (work->started) {
3297 wpa_s->connect_work = NULL;
3298
3299 /* cancel possible auth. timeout */
3300 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3301 NULL);
3302 }
3303 wpas_connect_work_free(cwork);
3304 return;
3305 }
3306
3307 wpa_s->connect_work = work;
3308
3309 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3310 wpas_network_disabled(wpa_s, ssid)) {
3311 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3312 wpas_connect_work_done(wpa_s);
3313 return;
3314 }
3315
3316 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3317 os_memset(&params, 0, sizeof(params));
3318 wpa_s->reassociate = 0;
3319 wpa_s->eap_expected_failure = 0;
3320 if (bss &&
3321 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3322#ifdef CONFIG_IEEE80211R
3323 const u8 *ie, *md = NULL;
3324#endif /* CONFIG_IEEE80211R */
3325 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3326 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3327 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3328 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3329 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3330 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3331 if (bssid_changed)
3332 wpas_notify_bssid_changed(wpa_s);
3333#ifdef CONFIG_IEEE80211R
3334 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3335 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3336 md = ie + 2;
3337 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3338 if (md) {
3339 /* Prepare for the next transition */
3340 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3341 }
3342#endif /* CONFIG_IEEE80211R */
3343#ifdef CONFIG_WPS
3344 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3345 wpa_s->conf->ap_scan == 2 &&
3346 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3347 /* Use ap_scan==1 style network selection to find the network
3348 */
3349 wpas_connect_work_done(wpa_s);
3350 wpa_s->scan_req = MANUAL_SCAN_REQ;
3351 wpa_s->reassociate = 1;
3352 wpa_supplicant_req_scan(wpa_s, 0, 0);
3353 return;
3354#endif /* CONFIG_WPS */
3355 } else {
3356 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3357 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3358 if (bss)
3359 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3360 else
3361 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3362 }
3363 if (!wpa_s->pno)
3364 wpa_supplicant_cancel_sched_scan(wpa_s);
3365
3366 wpa_supplicant_cancel_scan(wpa_s);
3367
3368 /* Starting new association, so clear the possibly used WPA IE from the
3369 * previous association. */
3370 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 3371 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3372 wpa_s->rsnxe_len = 0;
d2ba0d71 3373
6338c99e 3374 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 3375 if (!wpa_ie) {
3376 wpas_connect_work_done(wpa_s);
3377 return;
3378 }
3379
6fc6879b
JM		 3380 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3381 use_crypt = 1;
4848a38d
JM		 3382 cipher_pairwise = wpa_s->pairwise_cipher;
3383 cipher_group = wpa_s->group_cipher;
61a56c14 3384 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 3385 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3386 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3387 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3388 use_crypt = 0;
3389 if (wpa_set_wep_keys(wpa_s, ssid)) {
3390 use_crypt = 1;
3391 wep_keys_set = 1;
3392 }
3393 }
ad08c363
JM		 3394 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3395 use_crypt = 0;
6fc6879b
JM		 3396
3397#ifdef IEEE8021X_EAPOL
3398 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3399 if ((ssid->eapol_flags &
3400 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3401 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3402 !wep_keys_set) {
3403 use_crypt = 0;
3404 } else {
3405 /* Assume that dynamic WEP-104 keys will be used and
3406 * set cipher suites in order for drivers to expect
3407 * encryption. */
4848a38d 3408 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 3409 }
3410 }
3411#endif /* IEEE8021X_EAPOL */
3412
3413 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3414 /* Set the key before (and later after) association */
3415 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3416 }
3417
6fc6879b 3418 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 3419 if (bss) {
6fa81a3b
JM		 3420 params.ssid = bss->ssid;
3421 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 3422 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3423 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 3424 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3425 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 3426 "(bssid_set=%d wps=%d)",
f15854d1 3427 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 3428 ssid->bssid_set,
3429 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 3430 params.bssid = bss->bssid;
4ec68377 3431 params.freq.freq = bss->freq;
22628eca 3432 }
7ac7fd43
DS		 3433 params.bssid_hint = bss->bssid;
3434 params.freq_hint = bss->freq;
b9074912 3435 params.pbss = bss_is_pbss(bss);
6fc6879b 3436 } else {
43a356b2
PK		 3437 if (ssid->bssid_hint_set)
3438 params.bssid_hint = ssid->bssid_hint;
3439
6fc6879b
JM		 3440 params.ssid = ssid->ssid;
3441 params.ssid_len = ssid->ssid_len;
90f14962 3442 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 3443 }
9e2af29f
NC		 3444
3445 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3446 wpa_s->conf->ap_scan == 2) {
3447 params.bssid = ssid->bssid;
3448 params.fixed_bssid = 1;
3449 }
3450
603a3f34
JL		 3451 /* Initial frequency for IBSS/mesh */
3452 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 3453 ssid->frequency > 0 && params.freq.freq == 0)
3454 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 3455
8f05577d 3456 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 3457 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 3458 if (ssid->beacon_int)
3459 params.beacon_int = ssid->beacon_int;
3460 else
3461 params.beacon_int = wpa_s->conf->beacon_int;
3462 }
3463
a82aee1f
AAL		 3464 if (bss && ssid->enable_edmg)
3465 edmg_ie_oper = get_ie_ext((const u8 *) (bss + 1), bss->ie_len,
3466 WLAN_EID_EXT_EDMG_OPERATION);
3467 else
3468 edmg_ie_oper = NULL;
3469
3470 if (edmg_ie_oper) {
3471 params.freq.edmg.channels =
3472 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3473 params.freq.edmg.bw_config =
3474 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3475 wpa_printf(MSG_DEBUG,
3476 "AP supports EDMG channels 0x%x, bw_config %d",
3477 params.freq.edmg.channels,
3478 params.freq.edmg.bw_config);
3479
3480 /* User may ask for specific EDMG channel for EDMG connection
3481 * (must be supported by AP)
3482 */
3483 if (ssid->edmg_channel) {
3484 struct ieee80211_edmg_config configured_edmg;
3485 enum hostapd_hw_mode hw_mode;
3486 u8 primary_channel;
3487
3488 hw_mode = ieee80211_freq_to_chan(bss->freq,
3489 &primary_channel);
3490 if (hw_mode == NUM_HOSTAPD_MODES)
3491 goto edmg_fail;
3492
3493 hostapd_encode_edmg_chan(ssid->enable_edmg,
3494 ssid->edmg_channel,
3495 primary_channel,
3496 &configured_edmg);
3497
3498 if (ieee802_edmg_is_allowed(params.freq.edmg,
3499 configured_edmg)) {
3500 params.freq.edmg = configured_edmg;
3501 wpa_printf(MSG_DEBUG,
3502 "Use EDMG channel %d for connection",
3503 ssid->edmg_channel);
3504 } else {
3505 edmg_fail:
3506 params.freq.edmg.channels = 0;
3507 params.freq.edmg.bw_config = 0;
3508 wpa_printf(MSG_WARNING,
3509 "EDMG channel %d not supported by AP, fallback to DMG",
3510 ssid->edmg_channel);
3511 }
3512 }
3513
3514 if (params.freq.edmg.channels) {
3515 wpa_printf(MSG_DEBUG,
3516 "EDMG before: channels 0x%x, bw_config %d",
3517 params.freq.edmg.channels,
3518 params.freq.edmg.bw_config);
3519 params.freq.edmg = get_supported_edmg(wpa_s,
3520 &params.freq,
3521 params.freq.edmg);
3522 wpa_printf(MSG_DEBUG,
3523 "EDMG after: channels 0x%x, bw_config %d",
3524 params.freq.edmg.channels,
3525 params.freq.edmg.bw_config);
3526 }
3527 }
3528
6fc6879b
JM		 3529 params.pairwise_suite = cipher_pairwise;
3530 params.group_suite = cipher_group;
61a56c14 3531 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 3532 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 3533 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 3534 wpa_s->auth_alg = params.auth_alg;
6fc6879b 3535 params.mode = ssid->mode;
1f6c0ab8 3536 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 3537 for (i = 0; i < NUM_WEP_KEYS; i++) {
3538 if (ssid->wep_key_len[i])
3539 params.wep_key[i] = ssid->wep_key[i];
3540 params.wep_key_len[i] = ssid->wep_key_len[i];
3541 }
3542 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3543
436ee2fd 3544 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4848a38d
JM		 3545 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3546 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 3547 params.passphrase = ssid->passphrase;
3548 if (ssid->psk_set)
3549 params.psk = ssid->psk;
b41f2684
CL		 3550 }
3551
d896874f
AS		 3552 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3553 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3554 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3555 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3556 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
cb28bd52 3557 params.req_handshake_offload = 1;
d896874f 3558
b41f2684
CL		 3559 if (wpa_s->conf->key_mgmt_offload) {
3560 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 3561 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 3562 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3563 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 3564 params.req_key_mgmt_offload =
3565 ssid->proactive_key_caching < 0 ?
3566 wpa_s->conf->okc : ssid->proactive_key_caching;
3567 else
3568 params.req_key_mgmt_offload = 1;
3569
3570 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3571 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3572 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3573 ssid->psk_set)
3574 params.psk = ssid->psk;
6fc6879b
JM		 3575 }
3576
36b15723
JM		 3577 params.drop_unencrypted = use_crypt;
3578
3f56a2b7 3579 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 3580 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 3581 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 3582 struct wpa_ie_data ie;
3583 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3584 ie.capabilities &
3585 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 3586 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3587 "MFP: require MFP");
97d3497e
JM		 3588 params.mgmt_frame_protection =
3589 MGMT_FRAME_PROTECTION_REQUIRED;
cf94626c
PK		 3590#ifdef CONFIG_OWE
3591 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3592 !ssid->owe_only) {
3593 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3594#endif /* CONFIG_OWE */
97d3497e
JM		 3595 }
3596 }
6fc6879b 3597
ffad8858 3598 params.p2p = ssid->p2p_group;
6e3f4b89 3599
ba307f85
LD		 3600 if (wpa_s->p2pdev->set_sta_uapsd)
3601 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3602 else
3603 params.uapsd = -1;
3604
80e8a5ee
BG		 3605#ifdef CONFIG_HT_OVERRIDES
3606 os_memset(&htcaps, 0, sizeof(htcaps));
3607 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3608 params.htcaps = (u8 *) &htcaps;
3609 params.htcaps_mask = (u8 *) &htcaps_mask;
3610 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3611#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3612#ifdef CONFIG_VHT_OVERRIDES
3613 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3614 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3615 params.vhtcaps = &vhtcaps;
3616 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3617 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3618#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3619
8567866d
JJ		 3620#ifdef CONFIG_P2P
3621 /*
3622 * If multi-channel concurrency is not supported, check for any
3623 * frequency conflict. In case of any frequency conflict, remove the
3624 * least prioritized connection.
3625 */
3626 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3627 int freq, num;
3628 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3629 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3630 wpa_printf(MSG_DEBUG,
3631 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3632 freq, params.freq.freq);
3633 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3634 wpa_s, params.freq.freq, ssid) < 0) {
3635 wpas_connect_work_done(wpa_s);
1e6780bd 3636 os_free(wpa_ie);
8567866d 3637 return;
74656400 3638 }
8567866d
JJ		 3639 }
3640 }
3641#endif /* CONFIG_P2P */
3642
6a5ee810
JM		 3643 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3644 wpa_s->current_ssid)
3645 params.prev_bssid = prev_bssid;
3646
17fbb751 3647 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3648 os_free(wpa_ie);
6fc6879b
JM		 3649 if (ret < 0) {
3650 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3651 "failed");
871f4dd0
JM		 3652 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3653 /*
3654 * The driver is known to mean what is saying, so we
3655 * can stop right here; the association will not
3656 * succeed.
3657 */
3658 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3659 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3660 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3661 return;
3662 }
6fc6879b
JM		 3663 /* try to continue anyway; new association will be tried again
3664 * after timeout */
3665 assoc_failed = 1;
3666 }
3667
3668 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3669 /* Set the key after the association just in case association
3670 * cleared the previously configured key. */
3671 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3672 /* No need to timeout authentication since there is no key
3673 * management. */
3674 wpa_supplicant_cancel_auth_timeout(wpa_s);
3675 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3676#ifdef CONFIG_IBSS_RSN
d7dcba70 3677 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3678 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3679 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3680 /*
3681 * RSN IBSS authentication is per-STA and we can disable the
3682 * per-BSSID authentication.
3683 */
3684 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3685#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3686 } else {
3687 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3688 int timeout = 60;
3689
3690 if (assoc_failed) {
3691 /* give IBSS a bit more time */
d7dcba70 3692 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3693 } else if (wpa_s->conf->ap_scan == 1) {
3694 /* give IBSS a bit more time */
d7dcba70 3695 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3696 }
6fc6879b
JM		 3697 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3698 }
3699
66562e9c
JM		 3700 if (wep_keys_set &&
3701 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3702 /* Set static WEP keys again */
3703 wpa_set_wep_keys(wpa_s, ssid);
3704 }
3705
3706 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3707 /*
3708 * Do not allow EAP session resumption between different
3709 * network configurations.
3710 */
3711 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3712 }
8bac466b 3713 old_ssid = wpa_s->current_ssid;
6fc6879b 3714 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3715
3716 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3717 wpa_s->current_bss = bss;
ece4ac5f
MG		 3718#ifdef CONFIG_HS20
3719 hs20_configure_frame_filters(wpa_s);
3720#endif /* CONFIG_HS20 */
3721 }
3722
6fc6879b
JM		 3723 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3724 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3725 if (old_ssid != wpa_s->current_ssid)
3726 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3727}
3728
3729
09f58c09
JM		 3730static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3731 const u8 *addr)
3732{
3733 struct wpa_ssid *old_ssid;
3734
c155305f 3735 wpas_connect_work_done(wpa_s);
09f58c09 3736 wpa_clear_keys(wpa_s, addr);
09f58c09 3737 old_ssid = wpa_s->current_ssid;
0d30cc24 3738 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3739 wpa_sm_set_config(wpa_s->wpa, NULL);
3740 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3741 if (old_ssid != wpa_s->current_ssid)
3742 wpas_notify_network_changed(wpa_s);
3743 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3744}
3745
3746
6fc6879b
JM		 3747/**
3748 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3749 * @wpa_s: Pointer to wpa_supplicant data
3750 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3751 *
073ab58f 3752 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3753 * current AP.
3754 */
3755void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4be17ffb 3756 u16 reason_code)
6fc6879b
JM		 3757{
3758 u8 *addr = NULL;
ef48ff94 3759 union wpa_event_data event;
42d23547 3760 int zero_addr = 0;
8bac466b 3761
42d23547 3762 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
cfde99a8 3763 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
42d23547 3764 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
cfde99a8
AK		 3765 reason_code, reason2str(reason_code),
3766 wpa_supplicant_state_txt(wpa_s->wpa_state));
42d23547 3767
04e3d815
MK		 3768 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3769 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3770 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3771 addr = wpa_s->pending_bssid;
04e3d815
MK		 3772 else if (!is_zero_ether_addr(wpa_s->bssid))
3773 addr = wpa_s->bssid;
42d23547
JM		 3774 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3775 /*
3776 * When using driver-based BSS selection, we may not know the
3777 * BSSID with which we are currently trying to associate. We
3778 * need to notify the driver of this disconnection even in such
3779 * a case, so use the all zeros address here.
3780 */
6fc6879b 3781 addr = wpa_s->bssid;
42d23547
JM		 3782 zero_addr = 1;
3783 }
3784
5abc7823
VN		 3785 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3786 wpa_s->enabled_4addr_mode = 0;
3787
7b44ff2c
SD		 3788#ifdef CONFIG_TDLS
3789 wpa_tdls_teardown_peers(wpa_s->wpa);
3790#endif /* CONFIG_TDLS */
3791
603a3f34
JL		 3792#ifdef CONFIG_MESH
3793 if (wpa_s->ifmsh) {
a39b040b
SB		 3794 struct mesh_conf *mconf;
3795
3796 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3797 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3798 wpa_s->ifname);
a39b040b
SB		 3799 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3800 mconf->meshid_len, reason_code);
603a3f34
JL		 3801 wpa_supplicant_leave_mesh(wpa_s);
3802 }
3803#endif /* CONFIG_MESH */
3804
42d23547
JM		 3805 if (addr) {
3806 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94 3807 os_memset(&event, 0, sizeof(event));
4be17ffb 3808 event.deauth_info.reason_code = reason_code;
ef48ff94
JM		 3809 event.deauth_info.locally_generated = 1;
3810 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3811 if (zero_addr)
3812 addr = NULL;
6fc6879b 3813 }
09f58c09
JM		 3814
3815 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3816}
3817
dca1a511
DS		 3818static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3819 struct wpa_ssid *ssid)
3820{
3821 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3822 return;
3823
3824 ssid->disabled = 0;
91073cca 3825 ssid->owe_transition_bss_select_count = 0;
dca1a511
DS		 3826 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3827 wpas_notify_network_enabled_changed(wpa_s, ssid);
3828
3829 /*
3830 * Try to reassociate since there is no current configuration and a new
3831 * network was made available.
3832 */
d2592497 3833 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3834 wpa_s->reassociate = 1;
3835}
3836
6fc6879b 3837
d015bb05
RP		 3838/**
3839 * wpa_supplicant_add_network - Add a new network
3840 * @wpa_s: wpa_supplicant structure for a network interface
3841 * Returns: The new network configuration or %NULL if operation failed
3842 *
3843 * This function performs the following operations:
3844 * 1. Adds a new network.
3845 * 2. Send network addition notification.
3846 * 3. Marks the network disabled.
3847 * 4. Set network default parameters.
3848 */
3849struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3850{
3851 struct wpa_ssid *ssid;
3852
3853 ssid = wpa_config_add_network(wpa_s->conf);
3854 if (!ssid)
3855 return NULL;
3856 wpas_notify_network_added(wpa_s, ssid);
3857 ssid->disabled = 1;
3858 wpa_config_set_network_defaults(ssid);
3859
3860 return ssid;
3861}
3862
3863
3864/**
3865 * wpa_supplicant_remove_network - Remove a configured network based on id
3866 * @wpa_s: wpa_supplicant structure for a network interface
3867 * @id: Unique network id to search for
3868 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3869 * could not be removed
3870 *
3871 * This function performs the following operations:
3872 * 1. Removes the network.
3873 * 2. Send network removal notification.
3874 * 3. Update internal state machines.
3875 * 4. Stop any running sched scans.
3876 */
3877int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3878{
3879 struct wpa_ssid *ssid;
3880 int was_disabled;
3881
3882 ssid = wpa_config_get_network(wpa_s->conf, id);
3883 if (!ssid)
3884 return -1;
3885 wpas_notify_network_removed(wpa_s, ssid);
3886
3887 if (wpa_s->last_ssid == ssid)
3888 wpa_s->last_ssid = NULL;
3889
3890 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3891#ifdef CONFIG_SME
3892 wpa_s->sme.prev_bssid_set = 0;
3893#endif /* CONFIG_SME */
3894 /*
3895 * Invalidate the EAP session cache if the current or
3896 * previously used network is removed.
3897 */
3898 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3899 }
3900
3901 if (ssid == wpa_s->current_ssid) {
3902 wpa_sm_set_config(wpa_s->wpa, NULL);
3903 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3904
3905 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3906 wpa_s->own_disconnect_req = 1;
3907 wpa_supplicant_deauthenticate(wpa_s,
3908 WLAN_REASON_DEAUTH_LEAVING);
3909 }
3910
3911 was_disabled = ssid->disabled;
3912
3913 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3914 return -2;
3915
3916 if (!was_disabled && wpa_s->sched_scanning) {
3917 wpa_printf(MSG_DEBUG,
3918 "Stop ongoing sched_scan to remove network from filters");
3919 wpa_supplicant_cancel_sched_scan(wpa_s);
3920 wpa_supplicant_req_scan(wpa_s, 0, 0);
3921 }
3922
3923 return 0;
3924}
3925
3926
86b89452
WS		 3927/**
3928 * wpa_supplicant_enable_network - Mark a configured network as enabled
3929 * @wpa_s: wpa_supplicant structure for a network interface
3930 * @ssid: wpa_ssid structure for a configured network or %NULL
3931 *
3932 * Enables the specified network or all networks if no network specified.
3933 */
3934void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3935 struct wpa_ssid *ssid)
3936{
86b89452 3937 if (ssid == NULL) {
14f79078
JM		 3938 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3939 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3940 } else
3941 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3942
5a1d9d1a
JM		 3943 if (wpa_s->reassociate && !wpa_s->disconnected &&
3944 (!wpa_s->current_ssid ||
3945 wpa_s->wpa_state == WPA_DISCONNECTED ||
3946 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3947 if (wpa_s->sched_scanning) {
3948 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3949 "new network to scan filters");
3950 wpa_supplicant_cancel_sched_scan(wpa_s);
3951 }
86b89452 3952
35d40309
JM		 3953 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3954 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 3955 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 3956 }
86b89452
WS		 3957 }
3958}
3959
3960
3961/**
3962 * wpa_supplicant_disable_network - Mark a configured network as disabled
3963 * @wpa_s: wpa_supplicant structure for a network interface
3964 * @ssid: wpa_ssid structure for a configured network or %NULL
3965 *
3966 * Disables the specified network or all networks if no network specified.
3967 */
3968void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3969 struct wpa_ssid *ssid)
3970{
3971 struct wpa_ssid *other_ssid;
3972 int was_disabled;
3973
3974 if (ssid == NULL) {
725fc39e
DS		 3975 if (wpa_s->sched_scanning)
3976 wpa_supplicant_cancel_sched_scan(wpa_s);
3977
4dac0245
JM		 3978 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3979 other_ssid = other_ssid->next) {
86b89452 3980 was_disabled = other_ssid->disabled;
4dac0245
JM		 3981 if (was_disabled == 2)
3982 continue; /* do not change persistent P2P group
3983 * data */
86b89452
WS		 3984
3985 other_ssid->disabled = 1;
3986
3987 if (was_disabled != other_ssid->disabled)
3988 wpas_notify_network_enabled_changed(
3989 wpa_s, other_ssid);
86b89452 3990 }
0661163e
SD		 3991 if (wpa_s->current_ssid) {
3992 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3993 wpa_s->own_disconnect_req = 1;
07783eaa 3994 wpa_supplicant_deauthenticate(
86b89452 3995 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3996 }
4dac0245 3997 } else if (ssid->disabled != 2) {
0661163e
SD		 3998 if (ssid == wpa_s->current_ssid) {
3999 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4000 wpa_s->own_disconnect_req = 1;
07783eaa 4001 wpa_supplicant_deauthenticate(
86b89452 4002 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 4003 }
86b89452
WS		 4004
4005 was_disabled = ssid->disabled;
4006
4007 ssid->disabled = 1;
4008
725fc39e 4009 if (was_disabled != ssid->disabled) {
86b89452 4010 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 4011 if (wpa_s->sched_scanning) {
4012 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4013 "to remove network from filters");
4014 wpa_supplicant_cancel_sched_scan(wpa_s);
4015 wpa_supplicant_req_scan(wpa_s, 0, 0);
4016 }
4017 }
86b89452
WS		 4018 }
4019}
4020
4021
4022/**
4023 * wpa_supplicant_select_network - Attempt association with a network
4024 * @wpa_s: wpa_supplicant structure for a network interface
4025 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4026 */
4027void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4028 struct wpa_ssid *ssid)
4029{
4030
4031 struct wpa_ssid *other_ssid;
d93dfbd5 4032 int disconnected = 0;
86b89452 4033
d93dfbd5 4034 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 4035 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4036 wpa_s->own_disconnect_req = 1;
07783eaa 4037 wpa_supplicant_deauthenticate(
86b89452 4038 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 4039 disconnected = 1;
4040 }
86b89452 4041
00e5e3d5
JM		 4042 if (ssid)
4043 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4044
86b89452
WS		 4045 /*
4046 * Mark all other networks disabled or mark all networks enabled if no
4047 * network specified.
4048 */
4dac0245
JM		 4049 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4050 other_ssid = other_ssid->next) {
86b89452 4051 int was_disabled = other_ssid->disabled;
4dac0245
JM		 4052 if (was_disabled == 2)
4053 continue; /* do not change persistent P2P group data */
86b89452
WS		 4054
4055 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 4056 if (was_disabled && !other_ssid->disabled)
4057 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 4058
4059 if (was_disabled != other_ssid->disabled)
4060 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 4061 }
2a6f78fb 4062
d38c7be0
JM		 4063 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4064 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 4065 /* We are already associated with the selected network */
4066 wpa_printf(MSG_DEBUG, "Already associated with the "
4067 "selected network - do nothing");
4068 return;
4069 }
4070
25a8f9e3 4071 if (ssid) {
96efeeb6 4072 wpa_s->current_ssid = ssid;
25a8f9e3 4073 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 4074 wpa_s->connect_without_scan =
4075 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 4076
4077 /*
4078 * Don't optimize next scan freqs since a new ESS has been
4079 * selected.
4080 */
4081 os_free(wpa_s->next_scan_freqs);
4082 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 4083 } else {
4084 wpa_s->connect_without_scan = NULL;
25a8f9e3 4085 }
603a3f34 4086
86b89452
WS		 4087 wpa_s->disconnected = 0;
4088 wpa_s->reassociate = 1;
b834e970 4089 wpa_s_clear_sae_rejected(wpa_s);
2cb40e9f 4090 wpa_s->last_owe_group = 0;
05a2fb0d 4091 if (ssid) {
91073cca 4092 ssid->owe_transition_bss_select_count = 0;
05a2fb0d
JM		 4093 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4094 }
cecdddc1 4095
e4a35f07 4096 if (wpa_s->connect_without_scan ||
35d40309
JM		 4097 wpa_supplicant_fast_associate(wpa_s) != 1) {
4098 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 4099 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 4100 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 4101 }
86b89452 4102
a1641d26
JM		 4103 if (ssid)
4104 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 4105}
4106
4107
bdec7ee5
MS		 4108/**
4109 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4110 * @wpa_s: wpa_supplicant structure for a network interface
4111 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4112 * @pkcs11_module_path: PKCS #11 module path or NULL
4113 * Returns: 0 on success; -1 on failure
4114 *
4115 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4116 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4117 * module path fails the paths will be reset to the default value (NULL).
4118 */
4119int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4120 const char *pkcs11_engine_path,
4121 const char *pkcs11_module_path)
4122{
4123 char *pkcs11_engine_path_copy = NULL;
4124 char *pkcs11_module_path_copy = NULL;
4125
4126 if (pkcs11_engine_path != NULL) {
4127 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4128 if (pkcs11_engine_path_copy == NULL)
4129 return -1;
4130 }
4131 if (pkcs11_module_path != NULL) {
4132 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 4133 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 4134 os_free(pkcs11_engine_path_copy);
4135 return -1;
4136 }
4137 }
4138
4139 os_free(wpa_s->conf->pkcs11_engine_path);
4140 os_free(wpa_s->conf->pkcs11_module_path);
4141 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4142 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4143
4144 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4145 eapol_sm_deinit(wpa_s->eapol);
4146 wpa_s->eapol = NULL;
4147 if (wpa_supplicant_init_eapol(wpa_s)) {
4148 /* Error -> Reset paths to the default value (NULL) once. */
4149 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4150 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4151 NULL);
4152
4153 return -1;
4154 }
4155 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4156
4157 return 0;
4158}
4159
4160
86b89452
WS		 4161/**
4162 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4163 * @wpa_s: wpa_supplicant structure for a network interface
4164 * @ap_scan: AP scan mode
4165 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4166 *
4167 */
4168int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4169{
4170
4171 int old_ap_scan;
4172
4173 if (ap_scan < 0 || ap_scan > 2)
4174 return -1;
4175
8406cd35
JM		 4176 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4177 wpa_printf(MSG_INFO,
4178 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4179 }
4180
48f8e036
DS		 4181#ifdef ANDROID
4182 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4183 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4184 wpa_s->wpa_state < WPA_COMPLETED) {
4185 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4186 "associating", wpa_s->conf->ap_scan, ap_scan);
4187 return 0;
4188 }
4189#endif /* ANDROID */
4190
86b89452
WS		 4191 old_ap_scan = wpa_s->conf->ap_scan;
4192 wpa_s->conf->ap_scan = ap_scan;
4193
4194 if (old_ap_scan != wpa_s->conf->ap_scan)
4195 wpas_notify_ap_scan_changed(wpa_s);
4196
4197 return 0;
4198}
4199
4200
78633c37
SL		 4201/**
4202 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4203 * @wpa_s: wpa_supplicant structure for a network interface
4204 * @expire_age: Expiration age in seconds
4205 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4206 *
4207 */
4208int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4209 unsigned int bss_expire_age)
4210{
4211 if (bss_expire_age < 10) {
4212 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4213 bss_expire_age);
4214 return -1;
4215 }
4216 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4217 bss_expire_age);
4218 wpa_s->conf->bss_expiration_age = bss_expire_age;
4219
4220 return 0;
4221}
4222
4223
4224/**
4225 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4226 * @wpa_s: wpa_supplicant structure for a network interface
4227 * @expire_count: number of scans after which an unseen BSS is reclaimed
4228 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4229 *
4230 */
4231int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4232 unsigned int bss_expire_count)
4233{
4234 if (bss_expire_count < 1) {
4235 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4236 bss_expire_count);
4237 return -1;
4238 }
4239 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4240 bss_expire_count);
4241 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4242
4243 return 0;
4244}
4245
4246
c6e86b63
MA		 4247/**
4248 * wpa_supplicant_set_scan_interval - Set scan interval
4249 * @wpa_s: wpa_supplicant structure for a network interface
4250 * @scan_interval: scan interval in seconds
4251 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4252 *
4253 */
4254int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4255 int scan_interval)
4256{
4257 if (scan_interval < 0) {
4258 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4259 scan_interval);
4260 return -1;
4261 }
4262 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4263 scan_interval);
9e737f08 4264 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 4265
4266 return 0;
4267}
4268
4269
86b89452
WS		 4270/**
4271 * wpa_supplicant_set_debug_params - Set global debug params
4272 * @global: wpa_global structure
4273 * @debug_level: debug level
4274 * @debug_timestamp: determines if show timestamp in debug data
4275 * @debug_show_keys: determines if show keys in debug data
4276 * Returns: 0 if succeed or -1 if debug_level has wrong value
4277 */
4278int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4279 int debug_timestamp, int debug_show_keys)
4280{
4281
4282 int old_level, old_timestamp, old_show_keys;
4283
4284 /* check for allowed debuglevels */
14dc0011
PS		 4285 if (debug_level != MSG_EXCESSIVE &&
4286 debug_level != MSG_MSGDUMP &&
86b89452
WS		 4287 debug_level != MSG_DEBUG &&
4288 debug_level != MSG_INFO &&
4289 debug_level != MSG_WARNING &&
4290 debug_level != MSG_ERROR)
4291 return -1;
4292
4293 old_level = wpa_debug_level;
4294 old_timestamp = wpa_debug_timestamp;
4295 old_show_keys = wpa_debug_show_keys;
4296
4297 wpa_debug_level = debug_level;
4298 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4299 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4300
db9133ac
WS		 4301 if (wpa_debug_level != old_level)
4302 wpas_notify_debug_level_changed(global);
4303 if (wpa_debug_timestamp != old_timestamp)
4304 wpas_notify_debug_timestamp_changed(global);
4305 if (wpa_debug_show_keys != old_show_keys)
4306 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 4307
4308 return 0;
4309}
4310
4311
e8b96490
JM		 4312#ifdef CONFIG_OWE
4313static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4314 const u8 *entry_ssid, size_t entry_ssid_len)
4315{
4316 const u8 *owe, *pos, *end;
4317 u8 ssid_len;
4318 struct wpa_bss *bss;
4319
4320 /* Check network profile SSID aganst the SSID in the
4321 * OWE Transition Mode element. */
4322
4323 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4324 if (!bss)
4325 return 0;
4326
4327 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4328 if (!owe)
4329 return 0;
4330
4331 pos = owe + 6;
4332 end = owe + 2 + owe[1];
4333
4334 if (end - pos < ETH_ALEN + 1)
4335 return 0;
4336 pos += ETH_ALEN;
4337 ssid_len = *pos++;
4338 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4339 return 0;
4340
4341 return entry_ssid_len == ssid_len &&
4342 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4343}
4344#endif /* CONFIG_OWE */
4345
4346
6fc6879b
JM		 4347/**
4348 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4349 * @wpa_s: Pointer to wpa_supplicant data
4350 * Returns: A pointer to the current network structure or %NULL on failure
4351 */
4352struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4353{
4354 struct wpa_ssid *entry;
eaa8eefe 4355 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 4356 int res;
4357 size_t ssid_len;
4358 u8 bssid[ETH_ALEN];
4359 int wired;
4360
17fbb751
JM		 4361 res = wpa_drv_get_ssid(wpa_s, ssid);
4362 if (res < 0) {
4363 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4364 "driver");
4365 return NULL;
6fc6879b 4366 }
17fbb751 4367 ssid_len = res;
6fc6879b 4368
17fbb751 4369 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 4370 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4371 "driver");
6fc6879b
JM		 4372 return NULL;
4373 }
4374
c2a04078
JM		 4375 wired = wpa_s->conf->ap_scan == 0 &&
4376 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 4377
4378 entry = wpa_s->conf->ssid;
4379 while (entry) {
349493bd 4380 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b 4381 ((ssid_len == entry->ssid_len &&
c4fccfc7
JM		 4382 (!entry->ssid ||
4383 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4384 wired) &&
6fc6879b
JM		 4385 (!entry->bssid_set ||
4386 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4387 return entry;
24c23d1b 4388#ifdef CONFIG_WPS
349493bd 4389 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 4390 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4391 (entry->ssid == NULL || entry->ssid_len == 0) &&
4392 (!entry->bssid_set ||
4393 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4394 return entry;
4395#endif /* CONFIG_WPS */
7d232e23 4396
e8b96490
JM		 4397#ifdef CONFIG_OWE
4398 if (!wpas_network_disabled(wpa_s, entry) &&
4399 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4400 entry->ssid_len) &&
4401 (!entry->bssid_set ||
4402 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4403 return entry;
4404#endif /* CONFIG_OWE */
4405
349493bd 4406 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 4407 entry->ssid_len == 0 &&
4408 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4409 return entry;
4410
6fc6879b
JM		 4411 entry = entry->next;
4412 }
4413
4414 return NULL;
4415}
4416
4417
7756114f
JM		 4418static int select_driver(struct wpa_supplicant *wpa_s, int i)
4419{
4420 struct wpa_global *global = wpa_s->global;
4421
4422 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 4423 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 4424 if (global->drv_priv[i] == NULL) {
4425 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4426 "'%s'", wpa_drivers[i]->name);
4427 return -1;
4428 }
4429 }
4430
4431 wpa_s->driver = wpa_drivers[i];
4432 wpa_s->global_drv_priv = global->drv_priv[i];
4433
4434 return 0;
4435}
4436
4437
6fc6879b
JM		 4438static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4439 const char *name)
4440{
4441 int i;
362f781e 4442 size_t len;
74b1c84a 4443 const char *pos, *driver = name;
6fc6879b
JM		 4444
4445 if (wpa_s == NULL)
4446 return -1;
4447
c5121837 4448 if (wpa_drivers[0] == NULL) {
f049052b
BG		 4449 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4450 "wpa_supplicant");
6fc6879b
JM		 4451 return -1;
4452 }
4453
4454 if (name == NULL) {
4455 /* default to first driver in the list */
7756114f 4456 return select_driver(wpa_s, 0);
6fc6879b
JM		 4457 }
4458
74b1c84a
SO		 4459 do {
4460 pos = os_strchr(driver, ',');
4461 if (pos)
4462 len = pos - driver;
4463 else
4464 len = os_strlen(driver);
4465
4466 for (i = 0; wpa_drivers[i]; i++) {
4467 if (os_strlen(wpa_drivers[i]->name) == len &&
4468 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 4469 0) {
4470 /* First driver that succeeds wins */
4471 if (select_driver(wpa_s, i) == 0)
4472 return 0;
4473 }
6fc6879b 4474 }
74b1c84a
SO		 4475
4476 driver = pos + 1;
4477 } while (pos);
6fc6879b 4478
f049052b 4479 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 4480 return -1;
4481}
4482
4483
a8e0505b
JM		 4484/**
4485 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4486 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4487 * with struct wpa_driver_ops::init()
4488 * @src_addr: Source address of the EAPOL frame
4489 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4490 * @len: Length of the EAPOL data
4491 *
4492 * This function is called for each received EAPOL frame. Most driver
4493 * interfaces rely on more generic OS mechanism for receiving frames through
4494 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4495 * take care of received EAPOL frames and deliver them to the core supplicant
4496 * code by calling this function.
4497 */
6fc6879b
JM		 4498void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4499 const u8 *buf, size_t len)
4500{
4501 struct wpa_supplicant *wpa_s = ctx;
4502
f049052b 4503 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 4504 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4505
02adead5
MK		 4506#ifdef CONFIG_TESTING_OPTIONS
4507 if (wpa_s->ignore_auth_resp) {
4508 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4509 return;
4510 }
4511#endif /* CONFIG_TESTING_OPTIONS */
4512
3ab35a66
JM		 4513 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4514 (wpa_s->last_eapol_matches_bssid &&
4515#ifdef CONFIG_AP
4516 !wpa_s->ap_iface &&
4517#endif /* CONFIG_AP */
4518 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 4519 /*
4520 * There is possible race condition between receiving the
4521 * association event and the EAPOL frame since they are coming
4522 * through different paths from the driver. In order to avoid
4523 * issues in trying to process the EAPOL frame before receiving
4524 * association information, lets queue it for processing until
3ab35a66
JM		 4525 * the association event is received. This may also be needed in
4526 * driver-based roaming case, so also use src_addr != BSSID as a
4527 * trigger if we have previously confirmed that the
4528 * Authenticator uses BSSID as the src_addr (which is not the
4529 * case with wired IEEE 802.1X).
1ff73338 4530 */
f049052b 4531 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 4532 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4533 wpa_supplicant_state_txt(wpa_s->wpa_state),
4534 MAC2STR(wpa_s->bssid));
1ff73338
JM		 4535 wpabuf_free(wpa_s->pending_eapol_rx);
4536 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4537 if (wpa_s->pending_eapol_rx) {
c2be937c 4538 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 4539 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4540 ETH_ALEN);
4541 }
4542 return;
4543 }
4544
3ab35a66
JM		 4545 wpa_s->last_eapol_matches_bssid =
4546 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4547
db149ac9
JM		 4548#ifdef CONFIG_AP
4549 if (wpa_s->ap_iface) {
4550 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4551 return;
4552 }
4553#endif /* CONFIG_AP */
4554
6fc6879b 4555 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 4556 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4557 "no key management is configured");
6fc6879b
JM		 4558 return;
4559 }
4560
4561 if (wpa_s->eapol_received == 0 &&
436ee2fd 4562 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
56586197 4563 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 4564 wpa_s->wpa_state != WPA_COMPLETED) &&
4565 (wpa_s->current_ssid == NULL ||
f74618cb 4566 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
6fc6879b 4567 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 4568 int timeout = 10;
4569
4570 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4571 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4572 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4573 /* Use longer timeout for IEEE 802.1X/EAP */
4574 timeout = 70;
4575 }
4576
c7dafdf9 4577#ifdef CONFIG_WPS
5add4101
JM		 4578 if (wpa_s->current_ssid && wpa_s->current_bss &&
4579 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4580 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4581 /*
4582 * Use shorter timeout if going through WPS AP iteration
4583 * for PIN config method with an AP that does not
4584 * advertise Selected Registrar.
4585 */
4586 struct wpabuf *wps_ie;
4587
4588 wps_ie = wpa_bss_get_vendor_ie_multi(
4589 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 4590 if (wps_ie &&
4591 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 4592 timeout = 10;
4593 wpabuf_free(wps_ie);
4594 }
c7dafdf9 4595#endif /* CONFIG_WPS */
5add4101
JM		 4596
4597 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 4598 }
4599 wpa_s->eapol_received++;
4600
4601 if (wpa_s->countermeasures) {
f049052b
BG		 4602 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4603 "EAPOL packet");
6fc6879b
JM		 4604 return;
4605 }
4606
8be18440
JM		 4607#ifdef CONFIG_IBSS_RSN
4608 if (wpa_s->current_ssid &&
d7dcba70 4609 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4610 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4611 return;
4612 }
4613#endif /* CONFIG_IBSS_RSN */
4614
6fc6879b
JM		 4615 /* Source address of the incoming EAPOL frame could be compared to the
4616 * current BSSID. However, it is possible that a centralized
4617 * Authenticator could be using another MAC address than the BSSID of
4618 * an AP, so just allow any address to be used for now. The replies are
4619 * still sent to the current BSSID (if available), though. */
4620
4621 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4622 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4623 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4624 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4625 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4626 return;
4627 wpa_drv_poll(wpa_s);
436ee2fd 4628 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
6fc6879b 4629 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4630 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4631 /*
4632 * Set portValid = TRUE here since we are going to skip 4-way
4633 * handshake processing which would normally set portValid. We
4634 * need this to allow the EAPOL state machines to be completed
4635 * without going through EAPOL-Key handshake.
4636 */
4637 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4638 }
4639}
4640
4641
bfba8deb 4642int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4643{
2961bfa8
JM		 4644 if ((!wpa_s->p2p_mgmt ||
4645 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4646 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4647 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4648 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4649 wpa_drv_get_mac_addr(wpa_s),
4650 ETH_P_EAPOL,
4651 wpa_supplicant_rx_eapol, wpa_s, 0);
4652 if (wpa_s->l2 == NULL)
4653 return -1;
d89edb61
DC		 4654
4655 if (l2_packet_set_packet_filter(wpa_s->l2,
4656 L2_PACKET_FILTER_PKTTYPE))
4657 wpa_dbg(wpa_s, MSG_DEBUG,
4658 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4659 } else {
4660 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4661 if (addr)
4662 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4663 }
4664
4665 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4666 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4667 return -1;
4668 }
4669
c267753b 4670 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
8788a314 4671 wpas_wps_update_mac_addr(wpa_s);
c267753b 4672
cdb5774f
DL		 4673#ifdef CONFIG_FST
4674 if (wpa_s->fst)
4675 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
4676#endif /* CONFIG_FST */
4677
bfba8deb
JM		 4678 return 0;
4679}
4680
4681
25f839c6
JM		 4682static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4683 const u8 *buf, size_t len)
4684{
4685 struct wpa_supplicant *wpa_s = ctx;
4686 const struct l2_ethhdr *eth;
4687
4688 if (len < sizeof(*eth))
4689 return;
4690 eth = (const struct l2_ethhdr *) buf;
4691
4692 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4693 !(eth->h_dest[0] & 0x01)) {
4694 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4695 " (bridge - not for this interface - ignore)",
4696 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4697 return;
4698 }
4699
4700 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4701 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4702 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4703 len - sizeof(*eth));
4704}
4705
4706
bfba8deb
JM		 4707/**
4708 * wpa_supplicant_driver_init - Initialize driver interface parameters
4709 * @wpa_s: Pointer to wpa_supplicant data
4710 * Returns: 0 on success, -1 on failure
4711 *
4712 * This function is called to initialize driver interface parameters.
4713 * wpa_drv_init() must have been called before this function to initialize the
4714 * driver interface.
4715 */
4716int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4717{
4718 static int interface_count = 0;
4719
4720 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4721 return -1;
4722
c68f6200
AS		 4723 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4724 MAC2STR(wpa_s->own_addr));
a313d17d 4725 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4726 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4727
6fc6879b 4728 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4729 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4730 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4731 wpa_s->l2_br = l2_packet_init_bridge(
4732 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4733 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4734 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4735 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4736 "connection for the bridge interface '%s'",
4737 wpa_s->bridge_ifname);
6fc6879b
JM		 4738 return -1;
4739 }
4740 }
4741
8406cd35
JM		 4742 if (wpa_s->conf->ap_scan == 2 &&
4743 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4744 wpa_printf(MSG_INFO,
4745 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4746 }
4747
6fc6879b
JM		 4748 wpa_clear_keys(wpa_s, NULL);
4749
4750 /* Make sure that TKIP countermeasures are not left enabled (could
4751 * happen if wpa_supplicant is killed during countermeasures. */
4752 wpa_drv_set_countermeasures(wpa_s, 0);
4753
f049052b 4754 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4755 wpa_drv_flush_pmkid(wpa_s);
4756
ba2a573c 4757 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4758 wpa_s->prev_scan_wildcard = 0;
4759
349493bd 4760 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4761 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4762 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4763 interface_count = 0;
4764 }
ee82e33d 4765#ifndef ANDROID
3a94adbf 4766 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4767 wpa_supplicant_delayed_sched_scan(wpa_s,
4768 interface_count % 3,
6a90053c 4769 100000))
5d0d72a3 4770 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4771 100000);
ee82e33d 4772#endif /* ANDROID */
74e259ec
JM		 4773 interface_count++;
4774 } else
4775 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4776
4777 return 0;
4778}
4779
4780
4781static int wpa_supplicant_daemon(const char *pid_file)
4782{
4783 wpa_printf(MSG_DEBUG, "Daemonize..");
4784 return os_daemonize(pid_file);
4785}
4786
4787
1772d348
JM		 4788static struct wpa_supplicant *
4789wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4790{
4791 struct wpa_supplicant *wpa_s;
4792
4793 wpa_s = os_zalloc(sizeof(*wpa_s));
4794 if (wpa_s == NULL)
4795 return NULL;
4115303b 4796 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4797 wpa_s->scan_interval = 5;
c302f207 4798 wpa_s->new_connection = 1;
1772d348 4799 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4800 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4801 wpa_s->sched_scanning = 0;
6fc6879b 4802
dd599908 4803 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4804 dl_list_init(&wpa_s->fils_hlp_req);
dd599908 4805
6fc6879b
JM		 4806 return wpa_s;
4807}
4808
4809
80e8a5ee
BG		 4810#ifdef CONFIG_HT_OVERRIDES
4811
4812static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4813 struct ieee80211_ht_capabilities *htcaps,
4814 struct ieee80211_ht_capabilities *htcaps_mask,
4815 const char *ht_mcs)
4816{
4817 /* parse ht_mcs into hex array */
4818 int i;
4819 const char *tmp = ht_mcs;
4820 char *end = NULL;
4821
4822 /* If ht_mcs is null, do not set anything */
4823 if (!ht_mcs)
4824 return 0;
4825
4826 /* This is what we are setting in the kernel */
4827 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4828
4829 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4830
4831 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4832 long v;
4833
80e8a5ee 4834 errno = 0;
30eddf35
JB		 4835 v = strtol(tmp, &end, 16);
4836
80e8a5ee
BG		 4837 if (errno == 0) {
4838 wpa_msg(wpa_s, MSG_DEBUG,
4839 "htcap value[%i]: %ld end: %p tmp: %p",
4840 i, v, end, tmp);
4841 if (end == tmp)
4842 break;
4843
4844 htcaps->supported_mcs_set[i] = v;
4845 tmp = end;
4846 } else {
4847 wpa_msg(wpa_s, MSG_ERROR,
4848 "Failed to parse ht-mcs: %s, error: %s\n",
4849 ht_mcs, strerror(errno));
4850 return -1;
4851 }
4852 }
4853
4854 /*
4855 * If we were able to parse any values, then set mask for the MCS set.
4856 */
4857 if (i) {
4858 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4859 IEEE80211_HT_MCS_MASK_LEN - 1);
4860 /* skip the 3 reserved bits */
4861 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4862 0x1f;
4863 }
4864
4865 return 0;
4866}
4867
4868
4869static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4870 struct ieee80211_ht_capabilities *htcaps,
4871 struct ieee80211_ht_capabilities *htcaps_mask,
4872 int disabled)
4873{
5bc28571 4874 le16 msk;
80e8a5ee 4875
80e8a5ee
BG		 4876 if (disabled == -1)
4877 return 0;
4878
bbdb5014
JM		 4879 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4880
80e8a5ee
BG		 4881 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4882 htcaps_mask->ht_capabilities_info |= msk;
4883 if (disabled)
4884 htcaps->ht_capabilities_info &= msk;
4885 else
4886 htcaps->ht_capabilities_info |= msk;
4887
4888 return 0;
4889}
4890
4891
4892static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4893 struct ieee80211_ht_capabilities *htcaps,
4894 struct ieee80211_ht_capabilities *htcaps_mask,
4895 int factor)
4896{
80e8a5ee
BG		 4897 if (factor == -1)
4898 return 0;
4899
bbdb5014
JM		 4900 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4901
80e8a5ee
BG		 4902 if (factor < 0 || factor > 3) {
4903 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4904 "Must be 0-3 or -1", factor);
4905 return -EINVAL;
4906 }
4907
4908 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4909 htcaps->a_mpdu_params &= ~0x3;
4910 htcaps->a_mpdu_params |= factor & 0x3;
4911
4912 return 0;
4913}
4914
4915
4916static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4917 struct ieee80211_ht_capabilities *htcaps,
4918 struct ieee80211_ht_capabilities *htcaps_mask,
4919 int density)
4920{
80e8a5ee
BG		 4921 if (density == -1)
4922 return 0;
4923
bbdb5014
JM		 4924 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4925
80e8a5ee
BG		 4926 if (density < 0 || density > 7) {
4927 wpa_msg(wpa_s, MSG_ERROR,
4928 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4929 density);
4930 return -EINVAL;
4931 }
4932
4933 htcaps_mask->a_mpdu_params |= 0x1C;
4934 htcaps->a_mpdu_params &= ~(0x1C);
4935 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4936
4937 return 0;
4938}
4939
4940
4941static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4942 struct ieee80211_ht_capabilities *htcaps,
4943 struct ieee80211_ht_capabilities *htcaps_mask,
4944 int disabled)
4945{
bbdb5014
JM		 4946 if (disabled)
4947 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
80e8a5ee 4948
9eb5757a
MH		 4949 set_disable_ht40(htcaps, disabled);
4950 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 4951
4952 return 0;
4953}
4954
4955
a90497f8
BG		 4956static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4957 struct ieee80211_ht_capabilities *htcaps,
4958 struct ieee80211_ht_capabilities *htcaps_mask,
4959 int disabled)
4960{
4961 /* Masking these out disables SGI */
5bc28571
JM		 4962 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4963 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8 4964
bbdb5014
JM		 4965 if (disabled)
4966 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
a90497f8
BG		 4967
4968 if (disabled)
4969 htcaps->ht_capabilities_info &= ~msk;
4970 else
4971 htcaps->ht_capabilities_info |= msk;
4972
4973 htcaps_mask->ht_capabilities_info |= msk;
4974
4975 return 0;
4976}
4977
4978
39a5800f
PK		 4979static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4980 struct ieee80211_ht_capabilities *htcaps,
4981 struct ieee80211_ht_capabilities *htcaps_mask,
4982 int disabled)
4983{
4984 /* Masking these out disables LDPC */
5bc28571 4985 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f 4986
bbdb5014
JM		 4987 if (disabled)
4988 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
39a5800f
PK		 4989
4990 if (disabled)
4991 htcaps->ht_capabilities_info &= ~msk;
4992 else
4993 htcaps->ht_capabilities_info |= msk;
4994
4995 htcaps_mask->ht_capabilities_info |= msk;
4996
4997 return 0;
4998}
4999
5000
cdeea70f
SM		 5001static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5002 struct ieee80211_ht_capabilities *htcaps,
5003 struct ieee80211_ht_capabilities *htcaps_mask,
5004 int tx_stbc)
5005{
5006 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5007
cdeea70f
SM		 5008 if (tx_stbc == -1)
5009 return 0;
5010
bbdb5014
JM		 5011 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5012
cdeea70f
SM		 5013 if (tx_stbc < 0 || tx_stbc > 1) {
5014 wpa_msg(wpa_s, MSG_ERROR,
5015 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5016 return -EINVAL;
5017 }
5018
5019 htcaps_mask->ht_capabilities_info |= msk;
5020 htcaps->ht_capabilities_info &= ~msk;
5021 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5022
5023 return 0;
5024}
5025
5026
5027static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5028 struct ieee80211_ht_capabilities *htcaps,
5029 struct ieee80211_ht_capabilities *htcaps_mask,
5030 int rx_stbc)
5031{
5032 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5033
cdeea70f
SM		 5034 if (rx_stbc == -1)
5035 return 0;
5036
bbdb5014
JM		 5037 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5038
cdeea70f
SM		 5039 if (rx_stbc < 0 || rx_stbc > 3) {
5040 wpa_msg(wpa_s, MSG_ERROR,
5041 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5042 return -EINVAL;
5043 }
5044
5045 htcaps_mask->ht_capabilities_info |= msk;
5046 htcaps->ht_capabilities_info &= ~msk;
5047 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5048
5049 return 0;
5050}
5051
5052
80e8a5ee
BG		 5053void wpa_supplicant_apply_ht_overrides(
5054 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5055 struct wpa_driver_associate_params *params)
5056{
5057 struct ieee80211_ht_capabilities *htcaps;
5058 struct ieee80211_ht_capabilities *htcaps_mask;
5059
5060 if (!ssid)
5061 return;
5062
5063 params->disable_ht = ssid->disable_ht;
5064 if (!params->htcaps || !params->htcaps_mask)
5065 return;
5066
5067 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5068 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5069 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5070 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5071 ssid->disable_max_amsdu);
5072 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5073 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5074 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 5075 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 5076 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
cdeea70f
SM		 5077 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5078 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
d41cc8cc
JM		 5079
5080 if (ssid->ht40_intolerant) {
5bc28571 5081 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 5082 htcaps->ht_capabilities_info |= bit;
5083 htcaps_mask->ht_capabilities_info |= bit;
5084 }
80e8a5ee
BG		 5085}
5086
5087#endif /* CONFIG_HT_OVERRIDES */
5088
5089
e9ee8dc3
JB		 5090#ifdef CONFIG_VHT_OVERRIDES
5091void wpa_supplicant_apply_vht_overrides(
5092 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5093 struct wpa_driver_associate_params *params)
5094{
5095 struct ieee80211_vht_capabilities *vhtcaps;
5096 struct ieee80211_vht_capabilities *vhtcaps_mask;
5097
5098 if (!ssid)
5099 return;
5100
5101 params->disable_vht = ssid->disable_vht;
5102
5103 vhtcaps = (void *) params->vhtcaps;
5104 vhtcaps_mask = (void *) params->vhtcaps_mask;
5105
5106 if (!vhtcaps || !vhtcaps_mask)
5107 return;
5108
4d8d710f
JM		 5109 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5110 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 5111
4f560cde 5112#ifdef CONFIG_HT_OVERRIDES
fd83a808
BG		 5113 if (ssid->disable_sgi) {
5114 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5115 VHT_CAP_SHORT_GI_160);
5116 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5117 VHT_CAP_SHORT_GI_160);
5118 wpa_msg(wpa_s, MSG_DEBUG,
5119 "disable-sgi override specified, vht-caps: 0x%x",
5120 vhtcaps->vht_capabilities_info);
5121 }
5122
4f560cde 5123 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 5124 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5125 int max_ampdu;
5126
5127 max_ampdu = (ssid->vht_capa &
5128 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5129 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 5130
5131 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5132 wpa_set_ampdu_factor(wpa_s,
5133 (void *) params->htcaps,
5134 (void *) params->htcaps_mask,
5135 max_ampdu);
5136 }
5137#endif /* CONFIG_HT_OVERRIDES */
5138
e9ee8dc3
JB		 5139#define OVERRIDE_MCS(i) \
5140 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5141 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 5142 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5143 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 5144 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5145 2 * (i - 1)); \
e9ee8dc3
JB		 5146 } \
5147 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5148 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 5149 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5150 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 5151 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5152 2 * (i - 1)); \
e9ee8dc3
JB		 5153 }
5154
5155 OVERRIDE_MCS(1);
5156 OVERRIDE_MCS(2);
5157 OVERRIDE_MCS(3);
5158 OVERRIDE_MCS(4);
5159 OVERRIDE_MCS(5);
5160 OVERRIDE_MCS(6);
5161 OVERRIDE_MCS(7);
5162 OVERRIDE_MCS(8);
5163}
5164#endif /* CONFIG_VHT_OVERRIDES */
5165
5166
f64adcd7
JM		 5167static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5168{
5169#ifdef PCSC_FUNCS
5170 size_t len;
5171
5172 if (!wpa_s->conf->pcsc_reader)
5173 return 0;
5174
22cf7d73 5175 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 5176 if (!wpa_s->scard)
5177 return 1;
5178
5179 if (wpa_s->conf->pcsc_pin &&
5180 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5181 scard_deinit(wpa_s->scard);
5182 wpa_s->scard = NULL;
5183 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5184 return -1;
5185 }
5186
5187 len = sizeof(wpa_s->imsi) - 1;
5188 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5189 scard_deinit(wpa_s->scard);
5190 wpa_s->scard = NULL;
5191 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5192 return -1;
5193 }
5194 wpa_s->imsi[len] = '\0';
5195
5196 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5197
5198 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5199 wpa_s->imsi, wpa_s->mnc_len);
5200
5201 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5202 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5203#endif /* PCSC_FUNCS */
5204
5205 return 0;
5206}
5207
5208
306ae225
JM		 5209int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5210{
5211 char *val, *pos;
5212
5213 ext_password_deinit(wpa_s->ext_pw);
5214 wpa_s->ext_pw = NULL;
5215 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5216
5217 if (!wpa_s->conf->ext_password_backend)
5218 return 0;
5219
5220 val = os_strdup(wpa_s->conf->ext_password_backend);
5221 if (val == NULL)
5222 return -1;
5223 pos = os_strchr(val, ':');
5224 if (pos)
5225 *pos++ = '\0';
5226
5227 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5228
5229 wpa_s->ext_pw = ext_password_init(val, pos);
5230 os_free(val);
5231 if (wpa_s->ext_pw == NULL) {
5232 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5233 return -1;
5234 }
5235 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5236
5237 return 0;
5238}
5239
5240
b36a3a65
AN		 5241#ifdef CONFIG_FST
5242
5243static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5244{
5245 struct wpa_supplicant *wpa_s = ctx;
5246
5247 return (is_zero_ether_addr(wpa_s->bssid) ||
5248 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5249}
5250
5251
5252static void wpas_fst_get_channel_info_cb(void *ctx,
5253 enum hostapd_hw_mode *hw_mode,
5254 u8 *channel)
5255{
5256 struct wpa_supplicant *wpa_s = ctx;
5257
5258 if (wpa_s->current_bss) {
5259 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5260 channel);
5261 } else if (wpa_s->hw.num_modes) {
5262 *hw_mode = wpa_s->hw.modes[0].mode;
5263 } else {
5264 WPA_ASSERT(0);
5265 *hw_mode = 0;
5266 }
5267}
5268
5269
5270static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5271{
5272 struct wpa_supplicant *wpa_s = ctx;
5273
5274 *modes = wpa_s->hw.modes;
5275 return wpa_s->hw.num_modes;
5276}
5277
5278
84bcb4e7 5279static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 5280{
5281 struct wpa_supplicant *wpa_s = ctx;
5282
b7a07937 5283 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 5284 wpa_s->fst_ies = fst_ies;
5285}
5286
5287
5288static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5289{
5290 struct wpa_supplicant *wpa_s = ctx;
5291
0da35523
JM		 5292 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5293 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5294 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5295 return -1;
5296 }
b36a3a65 5297 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 5298 wpa_s->own_addr, wpa_s->bssid,
5299 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 5300 0);
5301}
5302
5303
a0f04da5 5304static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 5305{
5306 struct wpa_supplicant *wpa_s = ctx;
5307
5308 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5309 return wpa_s->received_mb_ies;
5310}
5311
5312
5313static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5314 const u8 *buf, size_t size)
5315{
5316 struct wpa_supplicant *wpa_s = ctx;
5317 struct mb_ies_info info;
5318
5319 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5320
5321 if (!mb_ies_info_by_ies(&info, buf, size)) {
5322 wpabuf_free(wpa_s->received_mb_ies);
5323 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5324 }
5325}
5326
5327
39cdd3a0
JM		 5328static const u8 * wpas_fst_get_peer_first(void *ctx,
5329 struct fst_get_peer_ctx **get_ctx,
5330 Boolean mb_only)
b36a3a65
AN		 5331{
5332 struct wpa_supplicant *wpa_s = ctx;
5333
5334 *get_ctx = NULL;
5335 if (!is_zero_ether_addr(wpa_s->bssid))
5336 return (wpa_s->received_mb_ies || !mb_only) ?
5337 wpa_s->bssid : NULL;
5338 return NULL;
5339}
5340
5341
39cdd3a0
JM		 5342static const u8 * wpas_fst_get_peer_next(void *ctx,
5343 struct fst_get_peer_ctx **get_ctx,
5344 Boolean mb_only)
b36a3a65
AN		 5345{
5346 return NULL;
5347}
5348
5349void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5350 struct fst_wpa_obj *iface_obj)
5351{
5352 iface_obj->ctx = wpa_s;
5353 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5354 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5355 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5356 iface_obj->set_ies = wpas_fst_set_ies_cb;
5357 iface_obj->send_action = wpas_fst_send_action_cb;
5358 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5359 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5360 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5361 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5362}
5363#endif /* CONFIG_FST */
5364
a520bf4a 5365static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 5366 const struct wpa_driver_capa *capa)
e4fa8b12 5367{
88cb27c7
DS		 5368 struct wowlan_triggers *triggers;
5369 int ret = 0;
e4fa8b12
EP		 5370
5371 if (!wpa_s->conf->wowlan_triggers)
5372 return 0;
5373
88cb27c7
DS		 5374 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5375 if (triggers) {
5376 ret = wpa_drv_wowlan(wpa_s, triggers);
5377 os_free(triggers);
e4fa8b12 5378 }
e4fa8b12
EP		 5379 return ret;
5380}
5381
5382
2b6e9f91 5383enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 5384{
5385 if (freq < 3000)
5386 return BAND_2_4_GHZ;
5387 if (freq > 50000)
5388 return BAND_60_GHZ;
5389 return BAND_5_GHZ;
5390}
5391
5392
2b6e9f91 5393unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 5394{
5395 int i;
5396 unsigned int band = 0;
5397
5398 if (freqs) {
5399 /* freqs are specified for the radio work */
5400 for (i = 0; freqs[i]; i++)
5401 band |= wpas_freq_to_band(freqs[i]);
5402 } else {
5403 /*
5404 * freqs are not specified, implies all
5405 * the supported freqs by HW
5406 */
5407 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5408 if (wpa_s->hw.modes[i].num_channels != 0) {
5409 if (wpa_s->hw.modes[i].mode ==
5410 HOSTAPD_MODE_IEEE80211B ||
5411 wpa_s->hw.modes[i].mode ==
5412 HOSTAPD_MODE_IEEE80211G)
5413 band |= BAND_2_4_GHZ;
5414 else if (wpa_s->hw.modes[i].mode ==
5415 HOSTAPD_MODE_IEEE80211A)
5416 band |= BAND_5_GHZ;
5417 else if (wpa_s->hw.modes[i].mode ==
5418 HOSTAPD_MODE_IEEE80211AD)
5419 band |= BAND_60_GHZ;
5420 else if (wpa_s->hw.modes[i].mode ==
5421 HOSTAPD_MODE_IEEE80211ANY)
5422 band = BAND_2_4_GHZ | BAND_5_GHZ |
5423 BAND_60_GHZ;
5424 }
5425 }
5426 }
5427
5428 return band;
5429}
5430
5431
202dec2a
JM		 5432static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5433 const char *rn)
5434{
5435 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5436 struct wpa_radio *radio;
5437
5438 while (rn && iface) {
5439 radio = iface->radio;
5440 if (radio && os_strcmp(rn, radio->name) == 0) {
5441 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5442 wpa_s->ifname, rn);
5443 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5444 return radio;
5445 }
b154a24e
TB		 5446
5447 iface = iface->next;
202dec2a
JM		 5448 }
5449
5450 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5451 wpa_s->ifname, rn ? rn : "N/A");
5452 radio = os_zalloc(sizeof(*radio));
5453 if (radio == NULL)
5454 return NULL;
5455
5456 if (rn)
5457 os_strlcpy(radio->name, rn, sizeof(radio->name));
5458 dl_list_init(&radio->ifaces);
b1ae396f 5459 dl_list_init(&radio->work);
202dec2a
JM		 5460 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5461
5462 return radio;
5463}
5464
5465
b1ae396f
JM		 5466static void radio_work_free(struct wpa_radio_work *work)
5467{
d12a51b5
JM		 5468 if (work->wpa_s->scan_work == work) {
5469 /* This should not really happen. */
5470 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5471 work->type, work, work->started);
5472 work->wpa_s->scan_work = NULL;
5473 }
5474
1b5d4714
JM		 5475#ifdef CONFIG_P2P
5476 if (work->wpa_s->p2p_scan_work == work) {
5477 /* This should not really happen. */
5478 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5479 work->type, work, work->started);
5480 work->wpa_s->p2p_scan_work = NULL;
5481 }
5482#endif /* CONFIG_P2P */
5483
e903d32d
KV		 5484 if (work->started) {
5485 work->wpa_s->radio->num_active_works--;
5486 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 5487 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 5488 work->type, work,
5489 work->wpa_s->radio->num_active_works);
5490 }
5491
b1ae396f
JM		 5492 dl_list_del(&work->list);
5493 os_free(work);
5494}
5495
5496
4c6f450c
JM		 5497static int radio_work_is_connect(struct wpa_radio_work *work)
5498{
5499 return os_strcmp(work->type, "sme-connect") == 0 ||
5500 os_strcmp(work->type, "connect") == 0;
5501}
5502
5503
85b6b6b6
SD		 5504static int radio_work_is_scan(struct wpa_radio_work *work)
5505{
5506 return os_strcmp(work->type, "scan") == 0 ||
5507 os_strcmp(work->type, "p2p-scan") == 0;
5508}
5509
5510
e903d32d
KV		 5511static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5512{
5513 struct wpa_radio_work *active_work = NULL;
5514 struct wpa_radio_work *tmp;
5515
5516 /* Get the active work to know the type and band. */
5517 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5518 if (tmp->started) {
5519 active_work = tmp;
5520 break;
5521 }
5522 }
5523
5524 if (!active_work) {
5525 /* No active work, start one */
5526 radio->num_active_works = 0;
5527 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5528 list) {
5529 if (os_strcmp(tmp->type, "scan") == 0 &&
5530 radio->external_scan_running &&
5531 (((struct wpa_driver_scan_params *)
5532 tmp->ctx)->only_new_results ||
5533 tmp->wpa_s->clear_driver_scan_cache))
5534 continue;
5535 return tmp;
5536 }
5537 return NULL;
5538 }
5539
4c6f450c 5540 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 5541 /*
5542 * If the active work is either connect or sme-connect,
5543 * do not parallelize them with other radio works.
5544 */
5545 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5546 "Do not parallelize radio work with %s",
5547 active_work->type);
5548 return NULL;
5549 }
5550
5551 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5552 if (tmp->started)
5553 continue;
5554
5555 /*
5556 * If connect or sme-connect are enqueued, parallelize only
5557 * those operations ahead of them in the queue.
5558 */
4c6f450c 5559 if (radio_work_is_connect(tmp))
e903d32d
KV		 5560 break;
5561
85b6b6b6
SD		 5562 /* Serialize parallel scan and p2p_scan operations on the same
5563 * interface since the driver_nl80211 mechanism for tracking
5564 * scan cookies does not yet have support for this. */
5565 if (active_work->wpa_s == tmp->wpa_s &&
5566 radio_work_is_scan(active_work) &&
5567 radio_work_is_scan(tmp)) {
5568 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5569 "Do not start work '%s' when another work '%s' is already scheduled",
5570 tmp->type, active_work->type);
5571 continue;
5572 }
e903d32d
KV		 5573 /*
5574 * Check that the radio works are distinct and
5575 * on different bands.
5576 */
5577 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5578 (active_work->bands != tmp->bands)) {
5579 /*
5580 * If a scan has to be scheduled through nl80211 scan
5581 * interface and if an external scan is already running,
5582 * do not schedule the scan since it is likely to get
5583 * rejected by kernel.
5584 */
5585 if (os_strcmp(tmp->type, "scan") == 0 &&
5586 radio->external_scan_running &&
5587 (((struct wpa_driver_scan_params *)
5588 tmp->ctx)->only_new_results ||
5589 tmp->wpa_s->clear_driver_scan_cache))
5590 continue;
5591
5592 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5593 "active_work:%s new_work:%s",
5594 active_work->type, tmp->type);
5595 return tmp;
5596 }
5597 }
5598
5599 /* Did not find a radio work to schedule in parallel. */
5600 return NULL;
5601}
5602
5603
b1ae396f
JM		 5604static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5605{
5606 struct wpa_radio *radio = eloop_ctx;
5607 struct wpa_radio_work *work;
5608 struct os_reltime now, diff;
6428d0a7 5609 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 5610
5611 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 5612 if (work == NULL) {
5613 radio->num_active_works = 0;
b1ae396f 5614 return;
e903d32d 5615 }
b1ae396f 5616
6428d0a7
JM		 5617 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5618 radio_list);
e903d32d
KV		 5619
5620 if (!(wpa_s &&
5621 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5622 if (work->started)
5623 return; /* already started and still in progress */
5624
5625 if (wpa_s && wpa_s->radio->external_scan_running) {
5626 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5627 return;
5628 }
5629 } else {
5630 work = NULL;
5631 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5632 /* get the work to schedule next */
5633 work = radio_work_get_next_work(radio);
5634 }
5635 if (!work)
5636 return;
6428d0a7
JM		 5637 }
5638
e903d32d 5639 wpa_s = work->wpa_s;
b1ae396f
JM		 5640 os_get_reltime(&now);
5641 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 5642 wpa_dbg(wpa_s, MSG_DEBUG,
5643 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 5644 work->type, work, diff.sec, diff.usec);
5645 work->started = 1;
5646 work->time = now;
e903d32d
KV		 5647 radio->num_active_works++;
5648
b1ae396f 5649 work->cb(work, 0);
e903d32d
KV		 5650
5651 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5652 radio->num_active_works < MAX_ACTIVE_WORKS)
5653 radio_work_check_next(wpa_s);
b1ae396f
JM		 5654}
5655
5656
b3253ebb
AO		 5657/*
5658 * This function removes both started and pending radio works running on
5659 * the provided interface's radio.
5660 * Prior to the removal of the radio work, its callback (cb) is called with
5661 * deinit set to be 1. Each work's callback is responsible for clearing its
5662 * internal data and restoring to a correct state.
5663 * @wpa_s: wpa_supplicant data
5664 * @type: type of works to be removed
5665 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5666 * this interface's works.
5667 */
5668void radio_remove_works(struct wpa_supplicant *wpa_s,
5669 const char *type, int remove_all)
b1ae396f
JM		 5670{
5671 struct wpa_radio_work *work, *tmp;
5672 struct wpa_radio *radio = wpa_s->radio;
5673
5674 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5675 list) {
b3253ebb 5676 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 5677 continue;
b3253ebb
AO		 5678
5679 /* skip other ifaces' works */
5680 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5681 continue;
b3253ebb
AO		 5682
5683 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5684 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5685 work->cb(work, 1);
5686 radio_work_free(work);
5687 }
b3253ebb
AO		 5688
5689 /* in case we removed the started work */
5690 radio_work_check_next(wpa_s);
b1ae396f
JM		 5691}
5692
5693
6a252ece
JM		 5694void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5695{
5696 struct wpa_radio_work *work;
5697 struct wpa_radio *radio = wpa_s->radio;
5698
5699 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5700 if (work->ctx != ctx)
5701 continue;
5702 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5703 work->type, work, work->started ? " (started)" : "");
5704 radio_work_free(work);
5705 break;
5706 }
5707}
5708
5709
202dec2a
JM		 5710static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5711{
5712 struct wpa_radio *radio = wpa_s->radio;
5713
5714 if (!radio)
5715 return;
5716
5717 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5718 wpa_s->ifname, radio->name);
5719 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5720 radio_remove_works(wpa_s, NULL, 0);
5721 wpa_s->radio = NULL;
5722 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5723 return; /* Interfaces remain for this radio */
5724
5725 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5726 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5727 os_free(radio);
5728}
5729
5730
6428d0a7 5731void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5732{
5733 struct wpa_radio *radio = wpa_s->radio;
5734
5735 if (dl_list_empty(&radio->work))
5736 return;
e3745228
JM		 5737 if (wpa_s->ext_work_in_progress) {
5738 wpa_printf(MSG_DEBUG,
5739 "External radio work in progress - delay start of pending item");
5740 return;
5741 }
b1ae396f
JM		 5742 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5743 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5744}
5745
5746
5747/**
5748 * radio_add_work - Add a radio work item
5749 * @wpa_s: Pointer to wpa_supplicant data
5750 * @freq: Frequency of the offchannel operation in MHz or 0
5751 * @type: Unique identifier for each type of work
5752 * @next: Force as the next work to be executed
5753 * @cb: Callback function for indicating when radio is available
5754 * @ctx: Context pointer for the work (work->ctx in cb())
5755 * Returns: 0 on success, -1 on failure
5756 *
5757 * This function is used to request time for an operation that requires
5758 * exclusive radio control. Once the radio is available, the registered callback
5759 * function will be called. radio_work_done() must be called once the exclusive
5760 * radio operation has been completed, so that the radio is freed for other
5761 * operations. The special case of deinit=1 is used to free the context data
5762 * during interface removal. That does not allow the callback function to start
5763 * the radio operation, i.e., it must free any resources allocated for the radio
5764 * work and return.
5765 *
5766 * The @freq parameter can be used to indicate a single channel on which the
5767 * offchannel operation will occur. This may allow multiple radio work
5768 * operations to be performed in parallel if they apply for the same channel.
5769 * Setting this to 0 indicates that the work item may use multiple channels or
5770 * requires exclusive control of the radio.
5771 */
5772int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5773 const char *type, int next,
5774 void (*cb)(struct wpa_radio_work *work, int deinit),
5775 void *ctx)
5776{
e903d32d 5777 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5778 struct wpa_radio_work *work;
5779 int was_empty;
5780
5781 work = os_zalloc(sizeof(*work));
5782 if (work == NULL)
5783 return -1;
5784 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5785 os_get_reltime(&work->time);
5786 work->freq = freq;
5787 work->type = type;
5788 work->wpa_s = wpa_s;
5789 work->cb = cb;
5790 work->ctx = ctx;
5791
e903d32d
KV		 5792 if (freq)
5793 work->bands = wpas_freq_to_band(freq);
5794 else if (os_strcmp(type, "scan") == 0 ||
5795 os_strcmp(type, "p2p-scan") == 0)
5796 work->bands = wpas_get_bands(wpa_s,
5797 ((struct wpa_driver_scan_params *)
5798 ctx)->freqs);
5799 else
5800 work->bands = wpas_get_bands(wpa_s, NULL);
5801
b1ae396f
JM		 5802 was_empty = dl_list_empty(&wpa_s->radio->work);
5803 if (next)
5804 dl_list_add(&wpa_s->radio->work, &work->list);
5805 else
5806 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5807 if (was_empty) {
5808 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5809 radio_work_check_next(wpa_s);
e903d32d
KV		 5810 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5811 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5812 wpa_dbg(wpa_s, MSG_DEBUG,
5813 "Try to schedule a radio work (num_active_works=%u)",
5814 radio->num_active_works);
5815 radio_work_check_next(wpa_s);
b1ae396f
JM		 5816 }
5817
5818 return 0;
5819}
5820
5821
5822/**
5823 * radio_work_done - Indicate that a radio work item has been completed
5824 * @work: Completed work
5825 *
5826 * This function is called once the callback function registered with
5827 * radio_add_work() has completed its work.
5828 */
5829void radio_work_done(struct wpa_radio_work *work)
5830{
5831 struct wpa_supplicant *wpa_s = work->wpa_s;
5832 struct os_reltime now, diff;
1f965e62 5833 unsigned int started = work->started;
b1ae396f
JM		 5834
5835 os_get_reltime(&now);
5836 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5837 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5838 work->type, work, started ? "done" : "canceled",
5839 diff.sec, diff.usec);
b1ae396f 5840 radio_work_free(work);
1f965e62
JM		 5841 if (started)
5842 radio_work_check_next(wpa_s);
b1ae396f
JM		 5843}
5844
5845
a7f5271d
JM		 5846struct wpa_radio_work *
5847radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5848{
5849 struct wpa_radio_work *work;
5850 struct wpa_radio *radio = wpa_s->radio;
5851
5852 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5853 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5854 return work;
f0e30c84
JM		 5855 }
5856
a7f5271d 5857 return NULL;
f0e30c84
JM		 5858}
5859
5860
73c00fd7 5861static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5862 const struct wpa_interface *iface)
73c00fd7 5863{
202dec2a 5864 const char *ifname, *driver, *rn;
73c00fd7
JM		 5865
5866 driver = iface->driver;
5867next_driver:
5868 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5869 return -1;
5870
5871 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5872 if (wpa_s->drv_priv == NULL) {
5873 const char *pos;
5874 pos = driver ? os_strchr(driver, ',') : NULL;
5875 if (pos) {
5876 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5877 "driver interface - try next driver wrapper");
5878 driver = pos + 1;
5879 goto next_driver;
5880 }
5881 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5882 "interface");
5883 return -1;
5884 }
5885 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5886 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5887 "driver_param '%s'", wpa_s->conf->driver_param);
5888 return -1;
5889 }
5890
5891 ifname = wpa_drv_get_ifname(wpa_s);
5892 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5893 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5894 "interface name with '%s'", ifname);
5895 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5896 }
5897
95bf699f 5898 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5899 if (rn && rn[0] == '\0')
5900 rn = NULL;
5901
5902 wpa_s->radio = radio_add_interface(wpa_s, rn);
5903 if (wpa_s->radio == NULL)
5904 return -1;
5905
73c00fd7
JM		 5906 return 0;
5907}
5908
5909
461d39af
JM		 5910#ifdef CONFIG_GAS_SERVER
5911
5912static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5913 unsigned int freq, const u8 *dst,
5914 const u8 *src, const u8 *bssid,
5915 const u8 *data, size_t data_len,
5916 enum offchannel_send_action_result result)
5917{
5918 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5919 " result=%s",
5920 freq, MAC2STR(dst),
5921 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5922 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5923 "FAILED"));
5924 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5925 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5926}
5927
5928
5929static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5930 struct wpabuf *buf, unsigned int wait_time)
5931{
5932 struct wpa_supplicant *wpa_s = ctx;
5933 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5934
5935 if (wait_time > wpa_s->max_remain_on_chan)
5936 wait_time = wpa_s->max_remain_on_chan;
5937
5938 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5939 wpabuf_head(buf), wpabuf_len(buf),
5940 wait_time, wpas_gas_server_tx_status, 0);
5941}
5942
5943#endif /* CONFIG_GAS_SERVER */
5944
6fc6879b 5945static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 5946 const struct wpa_interface *iface)
6fc6879b 5947{
362f781e 5948 struct wpa_driver_capa capa;
6cbdb0c5 5949 int capa_res;
aa56e36d 5950 u8 dfs_domain;
362f781e 5951
6fc6879b
JM		 5952 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5953 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5954 iface->confname ? iface->confname : "N/A",
5955 iface->driver ? iface->driver : "default",
5956 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5957 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5958
6fc6879b
JM		 5959 if (iface->confname) {
5960#ifdef CONFIG_BACKEND_FILE
5961 wpa_s->confname = os_rel2abs_path(iface->confname);
5962 if (wpa_s->confname == NULL) {
5963 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5964 "for configuration file '%s'.",
5965 iface->confname);
5966 return -1;
5967 }
5968 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5969 iface->confname, wpa_s->confname);
5970#else /* CONFIG_BACKEND_FILE */
5971 wpa_s->confname = os_strdup(iface->confname);
5972#endif /* CONFIG_BACKEND_FILE */
e6304cad 5973 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 5974 if (wpa_s->conf == NULL) {
5975 wpa_printf(MSG_ERROR, "Failed to read or parse "
5976 "configuration '%s'.", wpa_s->confname);
5977 return -1;
5978 }
e6304cad 5979 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 5980 if (wpa_s->confanother &&
5981 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
5982 wpa_printf(MSG_ERROR,
5983 "Failed to read or parse configuration '%s'.",
5984 wpa_s->confanother);
5985 return -1;
5986 }
6fc6879b
JM		 5987
5988 /*
5989 * Override ctrl_interface and driver_param if set on command
5990 * line.
5991 */
5992 if (iface->ctrl_interface) {
5993 os_free(wpa_s->conf->ctrl_interface);
5994 wpa_s->conf->ctrl_interface =
5995 os_strdup(iface->ctrl_interface);
5996 }
5997
5998 if (iface->driver_param) {
5999 os_free(wpa_s->conf->driver_param);
6000 wpa_s->conf->driver_param =
6001 os_strdup(iface->driver_param);
6002 }
78f79fe5
JM		 6003
6004 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6005 os_free(wpa_s->conf->ctrl_interface);
6006 wpa_s->conf->ctrl_interface = NULL;
6007 }
6fc6879b
JM		 6008 } else
6009 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6010 iface->driver_param);
6011
6012 if (wpa_s->conf == NULL) {
6013 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6014 return -1;
6015 }
6016
6017 if (iface->ifname == NULL) {
6018 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6019 return -1;
6020 }
6021 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6022 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6023 iface->ifname);
6024 return -1;
6025 }
6026 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6027
6028 if (iface->bridge_ifname) {
6029 if (os_strlen(iface->bridge_ifname) >=
6030 sizeof(wpa_s->bridge_ifname)) {
6031 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6032 "name '%s'.", iface->bridge_ifname);
6033 return -1;
6034 }
6035 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6036 sizeof(wpa_s->bridge_ifname));
6037 }
6038
6fc6879b
JM		 6039 /* RSNA Supplicant Key Management - INITIALIZE */
6040 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
6041 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
6042
6043 /* Initialize driver interface and register driver event handler before
6044 * L2 receive handler so that association events are processed before
6045 * EAPOL-Key packets if both become available for the same select()
6046 * call. */
73c00fd7 6047 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 6048 return -1;
6049
6fc6879b
JM		 6050 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6051 return -1;
6052
6053 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6054 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6055 NULL);
6056 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6057
6058 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6059 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6060 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 6061 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6062 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 6063 return -1;
6064 }
6065
6066 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6067 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6068 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 6069 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 6070 "dot11RSNAConfigPMKReauthThreshold");
6071 return -1;
6072 }
6073
6074 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6075 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6076 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 6077 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6078 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 6079 return -1;
6080 }
6081
6bf731e8
CL		 6082 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6083 &wpa_s->hw.num_modes,
aa56e36d
VT		 6084 &wpa_s->hw.flags,
6085 &dfs_domain);
a1b790eb
JM		 6086 if (wpa_s->hw.modes) {
6087 u16 i;
6088
6089 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6090 if (wpa_s->hw.modes[i].vht_capab) {
6091 wpa_s->hw_capab = CAPAB_VHT;
6092 break;
6093 }
6094
6095 if (wpa_s->hw.modes[i].ht_capab &
6096 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6097 wpa_s->hw_capab = CAPAB_HT40;
6098 else if (wpa_s->hw.modes[i].ht_capab &&
6099 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6100 wpa_s->hw_capab = CAPAB_HT;
6101 }
6102 }
6bf731e8 6103
6cbdb0c5
JM		 6104 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6105 if (capa_res == 0) {
c58ab8f2 6106 wpa_s->drv_capa_known = 1;
814782b9 6107 wpa_s->drv_flags = capa.flags;
349493bd 6108 wpa_s->drv_enc = capa.enc;
04ee647d 6109 wpa_s->drv_smps_modes = capa.smps_modes;
f936b73c 6110 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 6111 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 6112 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 6113 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 6114 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6115 wpa_s->max_sched_scan_plan_interval =
6116 capa.max_sched_scan_plan_interval;
6117 wpa_s->max_sched_scan_plan_iterations =
6118 capa.max_sched_scan_plan_iterations;
cbdf3507 6119 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 6120 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 6121 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 6122 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 6123 wpa_s->extended_capa = capa.extended_capa;
6124 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6125 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 6126 wpa_s->num_multichan_concurrent =
6127 capa.num_multichan_concurrent;
471cd6e1 6128 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 6129
6130 if (capa.mac_addr_rand_scan_supported)
6131 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6132 if (wpa_s->sched_scan_supported &&
6133 capa.mac_addr_rand_sched_scan_supported)
6134 wpa_s->mac_addr_rand_supported |=
6135 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
2a93ecc8
JM		 6136
6137 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6138 if (wpa_s->extended_capa &&
6139 wpa_s->extended_capa_len >= 3 &&
6140 wpa_s->extended_capa[2] & 0x40)
6141 wpa_s->multi_bss_support = 1;
814782b9
JM		 6142 }
6143 if (wpa_s->max_remain_on_chan == 0)
6144 wpa_s->max_remain_on_chan = 1000;
6145
c68f6200
AS		 6146 /*
6147 * Only take p2p_mgmt parameters when P2P Device is supported.
6148 * Doing it here as it determines whether l2_packet_init() will be done
6149 * during wpa_supplicant_driver_init().
6150 */
6151 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6152 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 6153
4752147d
IP		 6154 if (wpa_s->num_multichan_concurrent == 0)
6155 wpa_s->num_multichan_concurrent = 1;
6156
6fc6879b
JM		 6157 if (wpa_supplicant_driver_init(wpa_s) < 0)
6158 return -1;
6159
281ff0aa 6160#ifdef CONFIG_TDLS
8fb2b357 6161 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 6162 return -1;
6163#endif /* CONFIG_TDLS */
6164
315ce40a
JM		 6165 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6166 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 6167 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 6168 return -1;
6169 }
6170
b36a3a65
AN		 6171#ifdef CONFIG_FST
6172 if (wpa_s->conf->fst_group_id) {
6173 struct fst_iface_cfg cfg;
6174 struct fst_wpa_obj iface_obj;
6175
6176 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6177 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6178 sizeof(cfg.group_id));
6179 cfg.priority = wpa_s->conf->fst_priority;
6180 cfg.llt = wpa_s->conf->fst_llt;
6181
6182 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6183 &iface_obj, &cfg);
6184 if (!wpa_s->fst) {
6185 wpa_msg(wpa_s, MSG_ERROR,
6186 "FST: Cannot attach iface %s to group %s",
6187 wpa_s->ifname, cfg.group_id);
6188 return -1;
6189 }
6190 }
6191#endif /* CONFIG_FST */
6192
116654ce
JM		 6193 if (wpas_wps_init(wpa_s))
6194 return -1;
6195
461d39af
JM		 6196#ifdef CONFIG_GAS_SERVER
6197 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6198 if (!wpa_s->gas_server) {
6199 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6200 return -1;
6201 }
6202#endif /* CONFIG_GAS_SERVER */
6203
be27e185
JM		 6204#ifdef CONFIG_DPP
6205 if (wpas_dpp_init(wpa_s) < 0)
6206 return -1;
6207#endif /* CONFIG_DPP */
6208
6fc6879b
JM		 6209 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6210 return -1;
6211 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6212
6213 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6214 if (wpa_s->ctrl_iface == NULL) {
6215 wpa_printf(MSG_ERROR,
6216 "Failed to initialize control interface '%s'.\n"
6217 "You may have another wpa_supplicant process "
6218 "already running or the file was\n"
6219 "left by an unclean termination of wpa_supplicant "
6220 "in which case you will need\n"
6221 "to manually remove this file before starting "
6222 "wpa_supplicant again.\n",
6223 wpa_s->conf->ctrl_interface);
6224 return -1;
6225 }
6226
04ea7b79
JM		 6227 wpa_s->gas = gas_query_init(wpa_s);
6228 if (wpa_s->gas == NULL) {
6229 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6230 return -1;
6231 }
6232
8fb2b357
VV		 6233 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6234 wpa_s->p2p_mgmt) &&
6235 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 6236 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 6237 return -1;
6238 }
b22128ef 6239
83922c2d
JM		 6240 if (wpa_bss_init(wpa_s) < 0)
6241 return -1;
83922c2d 6242
4d77d80e
MH		 6243#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6244#ifdef CONFIG_MESH
6245 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6246#endif /* CONFIG_MESH */
6247#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6248
e4fa8b12
EP		 6249 /*
6250 * Set Wake-on-WLAN triggers, if configured.
6251 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6252 * have effect anyway when the interface is down).
6253 */
6cbdb0c5 6254 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 6255 return -1;
6256
ec7b97ab
JM		 6257#ifdef CONFIG_EAP_PROXY
6258{
6259 size_t len;
b5db6e5d
VK		 6260 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6261 wpa_s->imsi, &len);
ec7b97ab
JM		 6262 if (wpa_s->mnc_len > 0) {
6263 wpa_s->imsi[len] = '\0';
6264 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6265 wpa_s->imsi, wpa_s->mnc_len);
6266 } else {
6267 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6268 }
6269}
6270#endif /* CONFIG_EAP_PROXY */
6271
f64adcd7
JM		 6272 if (pcsc_reader_init(wpa_s) < 0)
6273 return -1;
6274
306ae225
JM		 6275 if (wpas_init_ext_pw(wpa_s) < 0)
6276 return -1;
6277
b361d580
AK		 6278 wpas_rrm_reset(wpa_s);
6279
32c02261
AS		 6280 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6281
ca9968a0
JM		 6282#ifdef CONFIG_HS20
6283 hs20_init(wpa_s);
6284#endif /* CONFIG_HS20 */
92c6e2e3 6285#ifdef CONFIG_MBO
2e06cef8 6286 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
332aadb8
AP		 6287 if ((wpa_s->conf->oce & OCE_STA) &&
6288 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6289 wpa_s->enable_oce = OCE_STA;
6290 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6291 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6292 /* TODO: Need to add STA-CFON support */
6293 wpa_printf(MSG_ERROR,
6294 "OCE STA-CFON feature is not yet supported");
6295 }
6296 }
92c6e2e3
DS		 6297 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6298#endif /* CONFIG_MBO */
ca9968a0 6299
cc9985d1 6300 wpa_supplicant_set_default_scan_ies(wpa_s);
6301
6fc6879b
JM		 6302 return 0;
6303}
6304
6305
2ee055b3 6306static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 6307 int notify, int terminate)
6fc6879b 6308{
26fc96e8
JM		 6309 struct wpa_global *global = wpa_s->global;
6310 struct wpa_supplicant *iface, *prev;
6311
6312 if (wpa_s == wpa_s->parent)
6313 wpas_p2p_group_remove(wpa_s, "*");
6314
6315 iface = global->ifaces;
6316 while (iface) {
96a26ab7
LD		 6317 if (iface->p2pdev == wpa_s)
6318 iface->p2pdev = iface->parent;
26fc96e8
JM		 6319 if (iface == wpa_s || iface->parent != wpa_s) {
6320 iface = iface->next;
6321 continue;
6322 }
6323 wpa_printf(MSG_DEBUG,
6324 "Remove remaining child interface %s from parent %s",
6325 iface->ifname, wpa_s->ifname);
6326 prev = iface;
6327 iface = iface->next;
6328 wpa_supplicant_remove_iface(global, prev, terminate);
6329 }
6330
e679f140 6331 wpa_s->disconnected = 1;
6fc6879b 6332 if (wpa_s->drv_priv) {
02c21c02
ASB		 6333 /* Don't deauthenticate if WoWLAN is enabled */
6334 if (!wpa_drv_get_wowlan(wpa_s)) {
6335 wpa_supplicant_deauthenticate(
6336 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 6337
02c21c02
ASB		 6338 wpa_drv_set_countermeasures(wpa_s, 0);
6339 wpa_clear_keys(wpa_s, NULL);
6340 } else {
6341 wpa_msg(wpa_s, MSG_INFO,
6342 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6343 }
6fc6879b
JM		 6344 }
6345
8e56d189 6346 wpa_supplicant_cleanup(wpa_s);
bd10d938 6347 wpas_p2p_deinit_iface(wpa_s);
ab28911d 6348
1f965e62 6349 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 6350 radio_remove_interface(wpa_s);
6351
b36a3a65
AN		 6352#ifdef CONFIG_FST
6353 if (wpa_s->fst) {
6354 fst_detach(wpa_s->fst);
6355 wpa_s->fst = NULL;
6356 }
6357 if (wpa_s->received_mb_ies) {
6358 wpabuf_free(wpa_s->received_mb_ies);
6359 wpa_s->received_mb_ies = NULL;
6360 }
6361#endif /* CONFIG_FST */
6362
6fc6879b
JM		 6363 if (wpa_s->drv_priv)
6364 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 6365
6366 if (notify)
6367 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 6368
6369 if (terminate)
6370 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6371
6372 if (wpa_s->ctrl_iface) {
6373 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
6374 wpa_s->ctrl_iface = NULL;
6375 }
6376
603a3f34
JL		 6377#ifdef CONFIG_MESH
6378 if (wpa_s->ifmsh) {
6379 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
6380 wpa_s->ifmsh = NULL;
6381 }
6382#endif /* CONFIG_MESH */
6383
f0811516
DS		 6384 if (wpa_s->conf != NULL) {
6385 wpa_config_free(wpa_s->conf);
6386 wpa_s->conf = NULL;
6387 }
18e00b5e 6388
a80651d0 6389 os_free(wpa_s->ssids_from_scan_req);
16ef233b 6390 os_free(wpa_s->last_scan_freqs);
a80651d0 6391
18e00b5e 6392 os_free(wpa_s);
6fc6879b
JM		 6393}
6394
6395
2e997eec
RM		 6396#ifdef CONFIG_MATCH_IFACE
6397
6398/**
6399 * wpa_supplicant_match_iface - Match an interface description to a name
6400 * @global: Pointer to global data from wpa_supplicant_init()
6401 * @ifname: Name of the interface to match
6402 * Returns: Pointer to the created interface description or %NULL on failure
6403 */
6404struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6405 const char *ifname)
6406{
6407 int i;
6408 struct wpa_interface *iface, *miface;
6409
6410 for (i = 0; i < global->params.match_iface_count; i++) {
6411 miface = &global->params.match_ifaces[i];
6412 if (!miface->ifname ||
6413 fnmatch(miface->ifname, ifname, 0) == 0) {
6414 iface = os_zalloc(sizeof(*iface));
6415 if (!iface)
6416 return NULL;
6417 *iface = *miface;
6418 iface->ifname = ifname;
6419 return iface;
6420 }
6421 }
6422
6423 return NULL;
6424}
6425
6426
6427/**
6428 * wpa_supplicant_match_existing - Match existing interfaces
6429 * @global: Pointer to global data from wpa_supplicant_init()
6430 * Returns: 0 on success, -1 on failure
6431 */
6432static int wpa_supplicant_match_existing(struct wpa_global *global)
6433{
6434 struct if_nameindex *ifi, *ifp;
6435 struct wpa_supplicant *wpa_s;
6436 struct wpa_interface *iface;
6437
6438 ifp = if_nameindex();
6439 if (!ifp) {
6440 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6441 return -1;
6442 }
6443
6444 for (ifi = ifp; ifi->if_name; ifi++) {
6445 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6446 if (wpa_s)
6447 continue;
6448 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6449 if (iface) {
6450 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
6451 os_free(iface);
6452 if (wpa_s)
6453 wpa_s->matched = 1;
6454 }
6455 }
6456
6457 if_freenameindex(ifp);
6458 return 0;
6459}
6460
6461#endif /* CONFIG_MATCH_IFACE */
6462
6463
6fc6879b
JM		 6464/**
6465 * wpa_supplicant_add_iface - Add a new network interface
6466 * @global: Pointer to global data from wpa_supplicant_init()
6467 * @iface: Interface configuration options
1772d348 6468 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 6469 * Returns: Pointer to the created interface or %NULL on failure
6470 *
6471 * This function is used to add new network interfaces for %wpa_supplicant.
6472 * This can be called before wpa_supplicant_run() to add interfaces before the
6473 * main event loop has been started. In addition, new interfaces can be added
6474 * dynamically while %wpa_supplicant is already running. This could happen,
6475 * e.g., when a hotplug network adapter is inserted.
6476 */
6477struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 6478 struct wpa_interface *iface,
6479 struct wpa_supplicant *parent)
6fc6879b
JM		 6480{
6481 struct wpa_supplicant *wpa_s;
d27df100 6482 struct wpa_interface t_iface;
8e56d189 6483 struct wpa_ssid *ssid;
6fc6879b
JM		 6484
6485 if (global == NULL || iface == NULL)
6486 return NULL;
6487
1772d348 6488 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 6489 if (wpa_s == NULL)
6490 return NULL;
6491
d8222ae3
JM		 6492 wpa_s->global = global;
6493
d27df100
JM		 6494 t_iface = *iface;
6495 if (global->params.override_driver) {
6496 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6497 "('%s' -> '%s')",
6498 iface->driver, global->params.override_driver);
6499 t_iface.driver = global->params.override_driver;
6500 }
6501 if (global->params.override_ctrl_interface) {
6502 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6503 "ctrl_interface ('%s' -> '%s')",
6504 iface->ctrl_interface,
6505 global->params.override_ctrl_interface);
6506 t_iface.ctrl_interface =
6507 global->params.override_ctrl_interface;
6508 }
6509 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 6510 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6511 iface->ifname);
df509539 6512 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 6513 return NULL;
6514 }
6515
21efc940
TB		 6516 if (iface->p2p_mgmt == 0) {
6517 /* Notify the control interfaces about new iface */
6518 if (wpas_notify_iface_added(wpa_s)) {
6519 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6520 return NULL;
6521 }
1bd3f426 6522
21efc940
TB		 6523 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6524 wpas_notify_network_added(wpa_s, ssid);
6525 }
8e56d189 6526
6fc6879b
JM		 6527 wpa_s->next = global->ifaces;
6528 global->ifaces = wpa_s;
6529
f049052b 6530 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 6531 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 6532
c3c4b3ed
JM		 6533#ifdef CONFIG_P2P
6534 if (wpa_s->global->p2p == NULL &&
74802c09 6535 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 6536 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 6537 wpas_p2p_add_p2pdev_interface(
6538 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 6539 wpa_printf(MSG_INFO,
6540 "P2P: Failed to enable P2P Device interface");
6541 /* Try to continue without. P2P will be disabled. */
6542 }
6543#endif /* CONFIG_P2P */
6544
6fc6879b
JM		 6545 return wpa_s;
6546}
6547
6548
6549/**
6550 * wpa_supplicant_remove_iface - Remove a network interface
6551 * @global: Pointer to global data from wpa_supplicant_init()
6552 * @wpa_s: Pointer to the network interface to be removed
6553 * Returns: 0 if interface was removed, -1 if interface was not found
6554 *
6555 * This function can be used to dynamically remove network interfaces from
6556 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6557 * addition, this function is used to remove all remaining interfaces when
6558 * %wpa_supplicant is terminated.
6559 */
6560int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 6561 struct wpa_supplicant *wpa_s,
6562 int terminate)
6fc6879b
JM		 6563{
6564 struct wpa_supplicant *prev;
5b78493f
MH		 6565#ifdef CONFIG_MESH
6566 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6567 char *ifname = NULL;
9b170991 6568 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 6569#endif /* CONFIG_MESH */
6fc6879b
JM		 6570
6571 /* Remove interface from the global list of interfaces */
6572 prev = global->ifaces;
6573 if (prev == wpa_s) {
6574 global->ifaces = wpa_s->next;
6575 } else {
6576 while (prev && prev->next != wpa_s)
6577 prev = prev->next;
6578 if (prev == NULL)
6579 return -1;
6580 prev->next = wpa_s->next;
6581 }
6582
f049052b 6583 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 6584
5b78493f
MH		 6585#ifdef CONFIG_MESH
6586 if (mesh_if_created) {
6587 ifname = os_strdup(wpa_s->ifname);
6588 if (ifname == NULL) {
6589 wpa_dbg(wpa_s, MSG_ERROR,
6590 "mesh: Failed to malloc ifname");
6591 return -1;
6592 }
6593 }
6594#endif /* CONFIG_MESH */
6595
b22128ef
JM		 6596 if (global->p2p_group_formation == wpa_s)
6597 global->p2p_group_formation = NULL;
dbca75f8
JM		 6598 if (global->p2p_invite_group == wpa_s)
6599 global->p2p_invite_group = NULL;
df509539 6600 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 6601
5b78493f
MH		 6602#ifdef CONFIG_MESH
6603 if (mesh_if_created) {
9b170991 6604 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 6605 os_free(ifname);
6606 }
6607#endif /* CONFIG_MESH */
6608
6fc6879b
JM		 6609 return 0;
6610}
6611
6612
cf83fb0b
PS		 6613/**
6614 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6615 * @wpa_s: Pointer to the network interface
6616 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6617 */
6618const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6619{
6620 const char *eapol_method;
6621
6622 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6623 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6624 return "NO-EAP";
6625 }
6626
6627 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6628 if (eapol_method == NULL)
6629 return "UNKNOWN-EAP";
6630
6631 return eapol_method;
6632}
6633
6634
6fc6879b
JM		 6635/**
6636 * wpa_supplicant_get_iface - Get a new network interface
6637 * @global: Pointer to global data from wpa_supplicant_init()
6638 * @ifname: Interface name
6639 * Returns: Pointer to the interface or %NULL if not found
6640 */
6641struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6642 const char *ifname)
6643{
6644 struct wpa_supplicant *wpa_s;
6645
6646 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6647 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6648 return wpa_s;
6649 }
6650 return NULL;
6651}
6652
6653
50b16da1 6654#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 6655static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6656{
6657 struct wpa_supplicant *wpa_s = ctx;
6658 if (wpa_s == NULL)
6659 return NULL;
6660 return wpa_s->ifname;
6661}
50b16da1 6662#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 6663
6664
8c0d0ff2
JM		 6665#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6666#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6667#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6668
6669/* Periodic cleanup tasks */
6670static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6671{
6672 struct wpa_global *global = eloop_ctx;
6673 struct wpa_supplicant *wpa_s;
6674
6675 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6676 wpas_periodic, global, NULL);
6677
6678#ifdef CONFIG_P2P
6679 if (global->p2p)
6680 p2p_expire_peers(global->p2p);
6681#endif /* CONFIG_P2P */
6682
3188aaba 6683 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 6684 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 6685#ifdef CONFIG_AP
6686 ap_periodic(wpa_s);
6687#endif /* CONFIG_AP */
6688 }
8c0d0ff2
JM		 6689}
6690
6691
6fc6879b
JM		 6692/**
6693 * wpa_supplicant_init - Initialize %wpa_supplicant
6694 * @params: Parameters for %wpa_supplicant
6695 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6696 *
6697 * This function is used to initialize %wpa_supplicant. After successful
6698 * initialization, the returned data pointer can be used to add and remove
6699 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6700 */
6701struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6702{
6703 struct wpa_global *global;
ac305589 6704 int ret, i;
6fc6879b
JM		 6705
6706 if (params == NULL)
6707 return NULL;
6708
39e7d718
JM		 6709#ifdef CONFIG_DRIVER_NDIS
6710 {
6711 void driver_ndis_init_ops(void);
6712 driver_ndis_init_ops();
6713 }
6714#endif /* CONFIG_DRIVER_NDIS */
6715
50b16da1 6716#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6717 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6718#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6719
f4637fe0
JM		 6720 if (params->wpa_debug_file_path)
6721 wpa_debug_open_file(params->wpa_debug_file_path);
53661e3a 6722 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
f4637fe0 6723 wpa_debug_setup_stdout();
daa70d49
SL		 6724 if (params->wpa_debug_syslog)
6725 wpa_debug_open_syslog();
4f68895e
JB		 6726 if (params->wpa_debug_tracing) {
6727 ret = wpa_debug_open_linux_tracing();
6728 if (ret) {
6729 wpa_printf(MSG_ERROR,
6730 "Failed to enable trace logging");
6731 return NULL;
6732 }
6733 }
6fc6879b 6734
12760815 6735 ret = eap_register_methods();
6fc6879b
JM		 6736 if (ret) {
6737 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6738 if (ret == -2)
6739 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6740 "the same EAP type.");
6741 return NULL;
6742 }
6743
6744 global = os_zalloc(sizeof(*global));
6745 if (global == NULL)
6746 return NULL;
b22128ef
JM		 6747 dl_list_init(&global->p2p_srv_bonjour);
6748 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6749 global->params.daemonize = params->daemonize;
6750 global->params.wait_for_monitor = params->wait_for_monitor;
6751 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6752 if (params->pid_file)
6753 global->params.pid_file = os_strdup(params->pid_file);
6754 if (params->ctrl_interface)
6755 global->params.ctrl_interface =
6756 os_strdup(params->ctrl_interface);
29257565
JM		 6757 if (params->ctrl_interface_group)
6758 global->params.ctrl_interface_group =
6759 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6760 if (params->override_driver)
6761 global->params.override_driver =
6762 os_strdup(params->override_driver);
6763 if (params->override_ctrl_interface)
6764 global->params.override_ctrl_interface =
6765 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6766#ifdef CONFIG_MATCH_IFACE
6767 global->params.match_iface_count = params->match_iface_count;
6768 if (params->match_iface_count) {
6769 global->params.match_ifaces =
6770 os_calloc(params->match_iface_count,
6771 sizeof(struct wpa_interface));
6772 os_memcpy(global->params.match_ifaces,
6773 params->match_ifaces,
6774 params->match_iface_count *
6775 sizeof(struct wpa_interface));
6776 }
6777#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6778#ifdef CONFIG_P2P
6779 if (params->conf_p2p_dev)
6780 global->params.conf_p2p_dev =
6781 os_strdup(params->conf_p2p_dev);
6782#endif /* CONFIG_P2P */
6fc6879b
JM		 6783 wpa_debug_level = global->params.wpa_debug_level =
6784 params->wpa_debug_level;
6785 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6786 params->wpa_debug_show_keys;
6787 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6788 params->wpa_debug_timestamp;
6789
f19858f5
JM		 6790 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6791
0456ea16 6792 if (eloop_init()) {
6fc6879b
JM		 6793 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6794 wpa_supplicant_deinit(global);
6795 return NULL;
6796 }
6797
38e24575 6798 random_init(params->entropy_file);
d47fa330 6799
6fc6879b
JM		 6800 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6801 if (global->ctrl_iface == NULL) {
6802 wpa_supplicant_deinit(global);
6803 return NULL;
6804 }
6805
dc461de4
WS		 6806 if (wpas_notify_supplicant_initialized(global)) {
6807 wpa_supplicant_deinit(global);
6808 return NULL;
6fc6879b
JM		 6809 }
6810
c5121837 6811 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6812 global->drv_count++;
6813 if (global->drv_count == 0) {
6814 wpa_printf(MSG_ERROR, "No drivers enabled");
6815 wpa_supplicant_deinit(global);
6816 return NULL;
6817 }
faebdeaa 6818 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6819 if (global->drv_priv == NULL) {
6820 wpa_supplicant_deinit(global);
6821 return NULL;
6822 }
ac305589 6823
9675ce35
JM		 6824#ifdef CONFIG_WIFI_DISPLAY
6825 if (wifi_display_init(global) < 0) {
6826 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6827 wpa_supplicant_deinit(global);
6828 return NULL;
6829 }
6830#endif /* CONFIG_WIFI_DISPLAY */
6831
8c0d0ff2
JM		 6832 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6833 wpas_periodic, global, NULL);
6834
6fc6879b
JM		 6835 return global;
6836}
6837
6838
6839/**
6840 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6841 * @global: Pointer to global data from wpa_supplicant_init()
6842 * Returns: 0 after successful event loop run, -1 on failure
6843 *
6844 * This function starts the main event loop and continues running as long as
6845 * there are any remaining events. In most cases, this function is running as
6846 * long as the %wpa_supplicant process in still in use.
6847 */
6848int wpa_supplicant_run(struct wpa_global *global)
6849{
6850 struct wpa_supplicant *wpa_s;
6851
6852 if (global->params.daemonize &&
2e69bdd1
RM		 6853 (wpa_supplicant_daemon(global->params.pid_file) ||
6854 eloop_sock_requeue()))
6fc6879b
JM		 6855 return -1;
6856
2e997eec
RM		 6857#ifdef CONFIG_MATCH_IFACE
6858 if (wpa_supplicant_match_existing(global))
6859 return -1;
6860#endif
6861
6fc6879b
JM		 6862 if (global->params.wait_for_monitor) {
6863 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6864 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6865 wpa_supplicant_ctrl_iface_wait(
6866 wpa_s->ctrl_iface);
6867 }
6868
0456ea16
JM		 6869 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6870 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6871
6872 eloop_run();
6873
6874 return 0;
6875}
6876
6877
6878/**
6879 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6880 * @global: Pointer to global data from wpa_supplicant_init()
6881 *
6882 * This function is called to deinitialize %wpa_supplicant and to free all
6883 * allocated resources. Remaining network interfaces will also be removed.
6884 */
6885void wpa_supplicant_deinit(struct wpa_global *global)
6886{
ac305589
JM		 6887 int i;
6888
6fc6879b
JM		 6889 if (global == NULL)
6890 return;
6891
8c0d0ff2
JM		 6892 eloop_cancel_timeout(wpas_periodic, global, NULL);
6893
9675ce35
JM		 6894#ifdef CONFIG_WIFI_DISPLAY
6895 wifi_display_deinit(global);
6896#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6897
6fc6879b 6898 while (global->ifaces)
df509539 6899 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6900
6901 if (global->ctrl_iface)
6902 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6903
6904 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6905
6906 eap_peer_unregister_methods();
3ec97afe
JM		 6907#ifdef CONFIG_AP
6908 eap_server_unregister_methods();
6909#endif /* CONFIG_AP */
6fc6879b 6910
c5121837 6911 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6912 if (!global->drv_priv[i])
6913 continue;
c5121837 6914 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6915 }
6916 os_free(global->drv_priv);
6917
d47fa330
JM		 6918 random_deinit();
6919
6fc6879b
JM		 6920 eloop_destroy();
6921
6922 if (global->params.pid_file) {
6923 os_daemonize_terminate(global->params.pid_file);
6924 os_free(global->params.pid_file);
6925 }
6926 os_free(global->params.ctrl_interface);
29257565 6927 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6928 os_free(global->params.override_driver);
6929 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6930#ifdef CONFIG_MATCH_IFACE
6931 os_free(global->params.match_ifaces);
6932#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6933#ifdef CONFIG_P2P
6934 os_free(global->params.conf_p2p_dev);
6935#endif /* CONFIG_P2P */
6fc6879b 6936
af8a827b 6937 os_free(global->p2p_disallow_freq.range);
253f2e37 6938 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6939 os_free(global->add_psk);
6f3bc72b 6940
6fc6879b 6941 os_free(global);
daa70d49 6942 wpa_debug_close_syslog();
6fc6879b 6943 wpa_debug_close_file();
4f68895e 6944 wpa_debug_close_linux_tracing();
6fc6879b 6945}
611aea7d
JM		 6946
6947
6948void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6949{
849b5dc7
JM		 6950 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6951 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6952 char country[3];
6953 country[0] = wpa_s->conf->country[0];
6954 country[1] = wpa_s->conf->country[1];
6955 country[2] = '\0';
6956 if (wpa_drv_set_country(wpa_s, country) < 0) {
6957 wpa_printf(MSG_ERROR, "Failed to set country code "
6958 "'%s'", country);
6959 }
6960 }
6961
306ae225
JM		 6962 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6963 wpas_init_ext_pw(wpa_s);
6964
bea48f77
JM		 6965 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6966 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6967
3c7863f8
LD		 6968 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6969 struct wpa_driver_capa capa;
6970 int res = wpa_drv_get_capa(wpa_s, &capa);
6971
6972 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6973 wpa_printf(MSG_ERROR,
6974 "Failed to update wowlan_triggers to '%s'",
6975 wpa_s->conf->wowlan_triggers);
6976 }
6977
ef59f987
AB		 6978 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
6979 wpa_supplicant_set_default_scan_ies(wpa_s);
6980
611aea7d
JM		 6981#ifdef CONFIG_WPS
6982 wpas_wps_update_config(wpa_s);
6983#endif /* CONFIG_WPS */
b22128ef 6984 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 6985 wpa_s->conf->changed_parameters = 0;
6986}
2f9c6aa6
JM		 6987
6988
e1117c1c 6989void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 6990{
6991 int i;
6992
6993 for (i = 0; i < *num_freqs; i++) {
6994 if (freqs[i] == freq)
6995 return;
6996 }
6997
6998 freqs[*num_freqs] = freq;
6999 (*num_freqs)++;
7000}
7001
7002
7003static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7004{
7005 struct wpa_bss *bss, *cbss;
7006 const int max_freqs = 10;
7007 int *freqs;
7008 int num_freqs = 0;
7009
faebdeaa 7010 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 7011 if (freqs == NULL)
7012 return NULL;
7013
7014 cbss = wpa_s->current_bss;
7015
7016 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7017 if (bss == cbss)
7018 continue;
7019 if (bss->ssid_len == cbss->ssid_len &&
7020 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7021 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
7022 add_freq(freqs, &num_freqs, bss->freq);
7023 if (num_freqs == max_freqs)
7024 break;
7025 }
7026 }
7027
7028 if (num_freqs == 0) {
7029 os_free(freqs);
7030 freqs = NULL;
7031 }
7032
7033 return freqs;
7034}
7035
7036
7037void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7038{
7039 int timeout;
7040 int count;
7041 int *freqs = NULL;
7042
6ac4b15e
JM		 7043 wpas_connect_work_done(wpa_s);
7044
5fd9fb27
JM		 7045 /*
7046 * Remove possible authentication timeout since the connection failed.
7047 */
7048 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7049
c2805909
JM		 7050 /*
7051 * There is no point in blacklisting the AP if this event is
7052 * generated based on local request to disconnect.
7053 */
7054 if (wpa_s->own_disconnect_req) {
7055 wpa_s->own_disconnect_req = 0;
7056 wpa_dbg(wpa_s, MSG_DEBUG,
7057 "Ignore connection failure due to local request to disconnect");
7058 return;
7059 }
0cdb93fe 7060 if (wpa_s->disconnected) {
0cdb93fe
JM		 7061 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7062 "indication since interface has been put into "
7063 "disconnected state");
7064 return;
7065 }
7066
0fb337c1
JM		 7067 /*
7068 * Add the failed BSSID into the blacklist and speed up next scan
7069 * attempt if there could be other APs that could accept association.
7070 * The current blacklist count indicates how many times we have tried
7071 * connecting to this AP and multiple attempts mean that other APs are
7072 * either not available or has already been tried, so that we can start
7073 * increasing the delay here to avoid constant scanning.
7074 */
7075 count = wpa_blacklist_add(wpa_s, bssid);
7076 if (count == 1 && wpa_s->current_bss) {
7077 /*
7078 * This BSS was not in the blacklist before. If there is
7079 * another BSS available for the same ESS, we should try that
7080 * next. Otherwise, we may as well try this one once more
7081 * before allowing other, likely worse, ESSes to be considered.
7082 */
7083 freqs = get_bss_freqs_in_ess(wpa_s);
7084 if (freqs) {
f049052b
BG		 7085 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7086 "has been seen; try it next");
0fb337c1
JM		 7087 wpa_blacklist_add(wpa_s, bssid);
7088 /*
7089 * On the next scan, go through only the known channels
7090 * used in this ESS based on previous scans to speed up
7091 * common load balancing use case.
7092 */
7093 os_free(wpa_s->next_scan_freqs);
7094 wpa_s->next_scan_freqs = freqs;
7095 }
7096 }
7097
f1a52633
JM		 7098 /*
7099 * Add previous failure count in case the temporary blacklist was
7100 * cleared due to no other BSSes being available.
7101 */
7102 count += wpa_s->extra_blacklist_count;
7103
dd579704
JM		 7104 if (count > 3 && wpa_s->current_ssid) {
7105 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7106 "consider temporary network disabling");
b19c098e 7107 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 7108 }
7109
0fb337c1
JM		 7110 switch (count) {
7111 case 1:
7112 timeout = 100;
7113 break;
7114 case 2:
7115 timeout = 500;
7116 break;
7117 case 3:
7118 timeout = 1000;
7119 break;
f1a52633 7120 case 4:
0fb337c1 7121 timeout = 5000;
f1a52633
JM		 7122 break;
7123 default:
7124 timeout = 10000;
7125 break;
0fb337c1
JM		 7126 }
7127
f1a52633
JM		 7128 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
7129 "ms", count, timeout);
7130
0fb337c1
JM		 7131 /*
7132 * TODO: if more than one possible AP is available in scan results,
7133 * could try the other ones before requesting a new scan.
7134 */
0a42f1ed
IP		 7135
7136 /* speed up the connection attempt with normal scan */
7137 wpa_s->normal_scans = 0;
0fb337c1
JM		 7138 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7139 1000 * (timeout % 1000));
7140}
22628eca
JM		 7141
7142
af835d75
AB		 7143#ifdef CONFIG_FILS
7144void fils_connection_failure(struct wpa_supplicant *wpa_s)
7145{
7146 struct wpa_ssid *ssid = wpa_s->current_ssid;
7147 const u8 *realm, *username, *rrk;
7148 size_t realm_len, username_len, rrk_len;
7149 u16 next_seq_num;
7150
7151 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7152 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7153 &username, &username_len,
7154 &realm, &realm_len, &next_seq_num,
7155 &rrk, &rrk_len) != 0 ||
7156 !realm)
7157 return;
7158
7159 wpa_hexdump_ascii(MSG_DEBUG,
7160 "FILS: Store last connection failure realm",
7161 realm, realm_len);
7162 os_free(wpa_s->last_con_fail_realm);
7163 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7164 if (wpa_s->last_con_fail_realm) {
7165 wpa_s->last_con_fail_realm_len = realm_len;
7166 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7167 }
7168}
7169#endif /* CONFIG_FILS */
7170
7171
22628eca
JM		 7172int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7173{
7174 return wpa_s->conf->ap_scan == 2 ||
7175 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7176}
d2118814
JM		 7177
7178
7179#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
7180int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7181 struct wpa_ssid *ssid,
7182 const char *field,
7183 const char *value)
7184{
7185#ifdef IEEE8021X_EAPOL
7186 struct eap_peer_config *eap = &ssid->eap;
7187
7188 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7189 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7190 (const u8 *) value, os_strlen(value));
7191
7192 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7193 case WPA_CTRL_REQ_EAP_IDENTITY:
7194 os_free(eap->identity);
7195 eap->identity = (u8 *) os_strdup(value);
7196 eap->identity_len = os_strlen(value);
7197 eap->pending_req_identity = 0;
7198 if (ssid == wpa_s->current_ssid)
7199 wpa_s->reassociate = 1;
7200 break;
7201 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 7202 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 7203 eap->password = (u8 *) os_strdup(value);
7204 eap->password_len = os_strlen(value);
7205 eap->pending_req_password = 0;
7206 if (ssid == wpa_s->current_ssid)
7207 wpa_s->reassociate = 1;
7208 break;
7209 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 7210 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 7211 eap->new_password = (u8 *) os_strdup(value);
7212 eap->new_password_len = os_strlen(value);
7213 eap->pending_req_new_password = 0;
7214 if (ssid == wpa_s->current_ssid)
7215 wpa_s->reassociate = 1;
7216 break;
7217 case WPA_CTRL_REQ_EAP_PIN:
b99c4cad
JM		 7218 str_clear_free(eap->cert.pin);
7219 eap->cert.pin = os_strdup(value);
d2118814
JM		 7220 eap->pending_req_pin = 0;
7221 if (ssid == wpa_s->current_ssid)
7222 wpa_s->reassociate = 1;
7223 break;
7224 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 7225 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 7226 eap->otp = (u8 *) os_strdup(value);
7227 eap->otp_len = os_strlen(value);
7228 os_free(eap->pending_req_otp);
7229 eap->pending_req_otp = NULL;
7230 eap->pending_req_otp_len = 0;
7231 break;
7232 case WPA_CTRL_REQ_EAP_PASSPHRASE:
b99c4cad
JM		 7233 str_clear_free(eap->cert.private_key_passwd);
7234 eap->cert.private_key_passwd = os_strdup(value);
d2118814
JM		 7235 eap->pending_req_passphrase = 0;
7236 if (ssid == wpa_s->current_ssid)
7237 wpa_s->reassociate = 1;
7238 break;
a5d44ac0 7239 case WPA_CTRL_REQ_SIM:
19c48da0 7240 str_clear_free(eap->external_sim_resp);
a5d44ac0 7241 eap->external_sim_resp = os_strdup(value);
ed9b1c16 7242 eap->pending_req_sim = 0;
a5d44ac0 7243 break;
a52410c2
JM		 7244 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7245 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7246 return -1;
7247 ssid->mem_only_psk = 1;
7248 if (ssid->passphrase)
7249 wpa_config_update_psk(ssid);
7250 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7251 wpa_supplicant_req_scan(wpa_s, 0, 0);
7252 break;
3c108b75
JM		 7253 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7254 if (eap->pending_ext_cert_check != PENDING_CHECK)
7255 return -1;
7256 if (os_strcmp(value, "good") == 0)
7257 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7258 else if (os_strcmp(value, "bad") == 0)
7259 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7260 else
7261 return -1;
7262 break;
d2118814
JM		 7263 default:
7264 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7265 return -1;
7266 }
7267
7268 return 0;
7269#else /* IEEE8021X_EAPOL */
7270 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7271 return -1;
7272#endif /* IEEE8021X_EAPOL */
7273}
7274#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 7275
7276
7277int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7278{
7279 int i;
7280 unsigned int drv_enc;
7281
44b9ea5b
JM		 7282 if (wpa_s->p2p_mgmt)
7283 return 1; /* no normal network profiles on p2p_mgmt interface */
7284
349493bd
JM		 7285 if (ssid == NULL)
7286 return 1;
7287
7288 if (ssid->disabled)
7289 return 1;
7290
9feadba1 7291 if (wpa_s->drv_capa_known)
349493bd
JM		 7292 drv_enc = wpa_s->drv_enc;
7293 else
7294 drv_enc = (unsigned int) -1;
7295
7296 for (i = 0; i < NUM_WEP_KEYS; i++) {
7297 size_t len = ssid->wep_key_len[i];
7298 if (len == 0)
7299 continue;
7300 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7301 continue;
7302 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7303 continue;
7304 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7305 continue;
7306 return 1; /* invalid WEP key */
7307 }
7308
9173b16f 7309 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 7310 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 7311 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 7312 !ssid->mem_only_psk)
2518aad3
JM		 7313 return 1;
7314
349493bd
JM		 7315 return 0;
7316}
b9cfc09a
JJ		 7317
7318
3f56a2b7
JM		 7319int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7320{
3f56a2b7
JM		 7321 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7322 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7323 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7324 /*
7325 * Driver does not support BIP -- ignore pmf=1 default
7326 * since the connection with PMF would fail and the
7327 * configuration does not require PMF to be enabled.
7328 */
7329 return NO_MGMT_FRAME_PROTECTION;
7330 }
7331
22950049
JM		 7332 if (ssid &&
7333 (ssid->key_mgmt &
7334 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7335 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7336 /*
7337 * Do not use the default PMF value for non-RSN networks
7338 * since PMF is available only with RSN and pmf=2
7339 * configuration would otherwise prevent connections to
7340 * all open networks.
7341 */
7342 return NO_MGMT_FRAME_PROTECTION;
7343 }
7344
3f56a2b7
JM		 7345 return wpa_s->conf->pmf;
7346 }
7347
7348 return ssid->ieee80211w;
3f56a2b7
JM		 7349}
7350
7351
b9cfc09a
JJ		 7352int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7353{
7354 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7355 return 1;
7356 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7357 return 0;
7358 return -1;
7359}
00e5e3d5
JM		 7360
7361
b19c098e 7362void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 7363{
7364 struct wpa_ssid *ssid = wpa_s->current_ssid;
7365 int dur;
4e1eae1d 7366 struct os_reltime now;
00e5e3d5
JM		 7367
7368 if (ssid == NULL) {
7369 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7370 "SSID block");
7371 return;
7372 }
7373
7374 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7375 return;
7376
7377 ssid->auth_failures++;
cbf41ca7
SL		 7378
7379#ifdef CONFIG_P2P
7380 if (ssid->p2p_group &&
7381 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7382 /*
7383 * Skip the wait time since there is a short timeout on the
7384 * connection to a P2P group.
7385 */
7386 return;
7387 }
7388#endif /* CONFIG_P2P */
7389
00e5e3d5
JM		 7390 if (ssid->auth_failures > 50)
7391 dur = 300;
00e5e3d5 7392 else if (ssid->auth_failures > 10)
8a77f1be 7393 dur = 120;
00e5e3d5 7394 else if (ssid->auth_failures > 5)
8a77f1be
JM		 7395 dur = 90;
7396 else if (ssid->auth_failures > 3)
7397 dur = 60;
7398 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 7399 dur = 30;
7400 else if (ssid->auth_failures > 1)
7401 dur = 20;
7402 else
7403 dur = 10;
7404
8a77f1be
JM		 7405 if (ssid->auth_failures > 1 &&
7406 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7407 dur += os_random() % (ssid->auth_failures * 10);
7408
4e1eae1d 7409 os_get_reltime(&now);
00e5e3d5
JM		 7410 if (now.sec + dur <= ssid->disabled_until.sec)
7411 return;
7412
7413 ssid->disabled_until.sec = now.sec + dur;
7414
7415 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 7416 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 7417 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 7418 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 7419}
7420
7421
7422void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7423 struct wpa_ssid *ssid, int clear_failures)
7424{
7425 if (ssid == NULL)
7426 return;
7427
7428 if (ssid->disabled_until.sec) {
7429 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7430 "id=%d ssid=\"%s\"",
7431 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7432 }
7433 ssid->disabled_until.sec = 0;
7434 ssid->disabled_until.usec = 0;
7435 if (clear_failures)
7436 ssid->auth_failures = 0;
7437}
6407f413
JM		 7438
7439
7440int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7441{
7442 size_t i;
7443
7444 if (wpa_s->disallow_aps_bssid == NULL)
7445 return 0;
7446
7447 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7448 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7449 bssid, ETH_ALEN) == 0)
7450 return 1;
7451 }
7452
7453 return 0;
7454}
7455
7456
7457int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7458 size_t ssid_len)
7459{
7460 size_t i;
7461
7462 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7463 return 0;
7464
7465 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7466 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7467 if (ssid_len == s->ssid_len &&
7468 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7469 return 1;
7470 }
7471
7472 return 0;
7473}
9796a86c
JM		 7474
7475
7476/**
7477 * wpas_request_connection - Request a new connection
7478 * @wpa_s: Pointer to the network interface
7479 *
7480 * This function is used to request a new connection to be found. It will mark
7481 * the interface to allow reassociation and request a new scan to find a
7482 * suitable network to connect to.
7483 */
7484void wpas_request_connection(struct wpa_supplicant *wpa_s)
7485{
7486 wpa_s->normal_scans = 0;
5214f4fa 7487 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 7488 wpa_supplicant_reinit_autoscan(wpa_s);
7489 wpa_s->extra_blacklist_count = 0;
7490 wpa_s->disconnected = 0;
7491 wpa_s->reassociate = 1;
2cb40e9f 7492 wpa_s->last_owe_group = 0;
5e24beae
MH		 7493
7494 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7495 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 7496 else
7497 wpa_s->reattach = 0;
9796a86c 7498}
36b9883d
DG		 7499
7500
5f040be4
RP		 7501/**
7502 * wpas_request_disconnection - Request disconnection
7503 * @wpa_s: Pointer to the network interface
7504 *
7505 * This function is used to request disconnection from the currently connected
7506 * network. This will stop any ongoing scans and initiate deauthentication.
7507 */
7508void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7509{
7510#ifdef CONFIG_SME
7511 wpa_s->sme.prev_bssid_set = 0;
7512#endif /* CONFIG_SME */
7513 wpa_s->reassociate = 0;
7514 wpa_s->disconnected = 1;
7515 wpa_supplicant_cancel_sched_scan(wpa_s);
7516 wpa_supplicant_cancel_scan(wpa_s);
7517 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7518 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
f5db7750
JM		 7519 radio_remove_works(wpa_s, "connect", 0);
7520 radio_remove_works(wpa_s, "sme-connect", 0);
5f040be4
RP		 7521}
7522
7523
a0c90bb0
IP		 7524void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7525 struct wpa_used_freq_data *freqs_data,
7526 unsigned int len)
7527{
7528 unsigned int i;
7529
7530 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7531 len, title);
7532 for (i = 0; i < len; i++) {
7533 struct wpa_used_freq_data *cur = &freqs_data[i];
7534 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7535 i, cur->freq, cur->flags);
7536 }
7537}
7538
7539
53c5dfc2
IP		 7540/*
7541 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 7542 * are using the same radio as the current interface, and in addition, get
7543 * information about the interface types that are using the frequency.
53c5dfc2 7544 */
a0c90bb0
IP		 7545int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7546 struct wpa_used_freq_data *freqs_data,
7547 unsigned int len)
53c5dfc2 7548{
53c5dfc2
IP		 7549 struct wpa_supplicant *ifs;
7550 u8 bssid[ETH_ALEN];
7551 int freq;
7552 unsigned int idx = 0, i;
7553
217cf499
JM		 7554 wpa_dbg(wpa_s, MSG_DEBUG,
7555 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 7556 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 7557
0ad3b9c4
JM		 7558 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7559 radio_list) {
a0c90bb0
IP		 7560 if (idx == len)
7561 break;
7562
53c5dfc2
IP		 7563 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7564 continue;
7565
7566 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 7567 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7568 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 7569 freq = ifs->current_ssid->frequency;
7570 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7571 freq = ifs->assoc_freq;
7572 else
7573 continue;
7574
7575 /* Hold only distinct freqs */
7576 for (i = 0; i < idx; i++)
a0c90bb0 7577 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 7578 break;
7579
7580 if (i == idx)
a0c90bb0
IP		 7581 freqs_data[idx++].freq = freq;
7582
7583 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 7584 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 7585 WPA_FREQ_USED_BY_P2P_CLIENT :
7586 WPA_FREQ_USED_BY_INFRA_STATION;
7587 }
53c5dfc2 7588 }
217cf499 7589
a0c90bb0 7590 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 7591 return idx;
7592}
a0c90bb0
IP		 7593
7594
7595/*
7596 * Find the operating frequencies of any of the virtual interfaces that
7597 * are using the same radio as the current interface.
7598 */
7599int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7600 int *freq_array, unsigned int len)
7601{
7602 struct wpa_used_freq_data *freqs_data;
7603 int num, i;
7604
7605 os_memset(freq_array, 0, sizeof(int) * len);
7606
7607 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7608 if (!freqs_data)
7609 return -1;
7610
7611 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7612 for (i = 0; i < num; i++)
7613 freq_array[i] = freqs_data[i].freq;
7614
7615 os_free(freqs_data);
7616
7617 return num;
7618}
b361d580
AK		 7619
7620
af041f99
AA		 7621struct wpa_supplicant *
7622wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7623{
7624 switch (frame) {
7625#ifdef CONFIG_P2P
7626 case VENDOR_ELEM_PROBE_REQ_P2P:
7627 case VENDOR_ELEM_PROBE_RESP_P2P:
7628 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7629 case VENDOR_ELEM_BEACON_P2P_GO:
7630 case VENDOR_ELEM_P2P_PD_REQ:
7631 case VENDOR_ELEM_P2P_PD_RESP:
7632 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7633 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7634 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7635 case VENDOR_ELEM_P2P_INV_REQ:
7636 case VENDOR_ELEM_P2P_INV_RESP:
7637 case VENDOR_ELEM_P2P_ASSOC_REQ:
7638 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 7639 return wpa_s->p2pdev;
af041f99
AA		 7640#endif /* CONFIG_P2P */
7641 default:
7642 return wpa_s;
7643 }
7644}
7645
7646
7647void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7648{
7649 unsigned int i;
7650 char buf[30];
7651
7652 wpa_printf(MSG_DEBUG, "Update vendor elements");
7653
7654 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7655 if (wpa_s->vendor_elem[i]) {
7656 int res;
7657
7658 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7659 if (!os_snprintf_error(sizeof(buf), res)) {
7660 wpa_hexdump_buf(MSG_DEBUG, buf,
7661 wpa_s->vendor_elem[i]);
7662 }
7663 }
7664 }
7665
7666#ifdef CONFIG_P2P
7667 if (wpa_s->parent == wpa_s &&
7668 wpa_s->global->p2p &&
7669 !wpa_s->global->p2p_disabled)
7670 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7671#endif /* CONFIG_P2P */
7672}
7673
7674
7675int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7676 const u8 *elem, size_t len)
7677{
7678 u8 *ie, *end;
7679
7680 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7681 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7682
7683 for (; ie + 1 < end; ie += 2 + ie[1]) {
7684 if (ie + len > end)
7685 break;
7686 if (os_memcmp(ie, elem, len) != 0)
7687 continue;
7688
7689 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7690 wpabuf_free(wpa_s->vendor_elem[frame]);
7691 wpa_s->vendor_elem[frame] = NULL;
7692 } else {
7693 os_memmove(ie, ie + len, end - (ie + len));
7694 wpa_s->vendor_elem[frame]->used -= len;
7695 }
7696 wpas_vendor_elem_update(wpa_s);
7697 return 0;
7698 }
7699
7700 return -1;
7701}
ea69d973
AS		 7702
7703
7704struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7705 u16 num_modes, enum hostapd_hw_mode mode)
7706{
7707 u16 i;
7708
7709 for (i = 0; i < num_modes; i++) {
7710 if (modes[i].mode == mode)
7711 return &modes[i];
7712 }
7713
7714 return NULL;
7715}
dd599908
AS		 7716
7717
7718static struct
7719wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7720 const u8 *bssid)
7721{
7722 struct wpa_bss_tmp_disallowed *bss;
7723
7724 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7725 struct wpa_bss_tmp_disallowed, list) {
7726 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7727 return bss;
7728 }
7729
7730 return NULL;
7731}
7732
7733
b04854ce
AP		 7734static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7735{
7736 struct wpa_bss_tmp_disallowed *tmp;
7737 unsigned int num_bssid = 0;
7738 u8 *bssids;
7739 int ret;
7740
7741 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7742 if (!bssids)
7743 return -1;
7744 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7745 struct wpa_bss_tmp_disallowed, list) {
7746 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7747 ETH_ALEN);
7748 num_bssid++;
7749 }
7750 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7751 os_free(bssids);
7752 return ret;
7753}
7754
7755
7756static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7757{
7758 struct wpa_supplicant *wpa_s = eloop_ctx;
7759 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7760
7761 /* Make sure the bss is not already freed */
7762 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7763 struct wpa_bss_tmp_disallowed, list) {
7764 if (bss == tmp) {
7765 dl_list_del(&tmp->list);
7766 os_free(tmp);
7767 wpa_set_driver_tmp_disallow_list(wpa_s);
7768 break;
7769 }
7770 }
7771}
7772
7773
dd599908 7774void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
19677b77 7775 unsigned int sec, int rssi_threshold)
dd599908
AS		 7776{
7777 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7778
7779 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7780 if (bss) {
b04854ce 7781 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
19677b77 7782 goto finish;
dd599908
AS		 7783 }
7784
7785 bss = os_malloc(sizeof(*bss));
7786 if (!bss) {
7787 wpa_printf(MSG_DEBUG,
7788 "Failed to allocate memory for temp disallow BSS");
7789 return;
7790 }
7791
dd599908
AS		 7792 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7793 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce 7794 wpa_set_driver_tmp_disallow_list(wpa_s);
19677b77
BL		 7795
7796finish:
7797 bss->rssi_threshold = rssi_threshold;
b04854ce
AP		 7798 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7799 wpa_s, bss);
dd599908
AS		 7800}
7801
7802
19677b77
BL		 7803int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7804 struct wpa_bss *bss)
dd599908 7805{
19677b77 7806 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
dd599908 7807
d010048c
JM		 7808 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7809 struct wpa_bss_tmp_disallowed, list) {
19677b77
BL		 7810 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7811 disallowed = tmp;
d010048c
JM		 7812 break;
7813 }
7814 }
19677b77
BL		 7815 if (!disallowed)
7816 return 0;
7817
7818 if (disallowed->rssi_threshold != 0 &&
7819 bss->level > disallowed->rssi_threshold)
dd599908
AS		 7820 return 0;
7821
d010048c 7822 return 1;
dd599908 7823}
91b6eba7
EC		 7824
7825
7826int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7827 unsigned int type, const u8 *addr,
7828 const u8 *mask)
7829{
7830 if ((addr && !mask) || (!addr && mask)) {
7831 wpa_printf(MSG_INFO,
7832 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7833 return -1;
7834 }
7835
7836 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
7837 wpa_printf(MSG_INFO,
7838 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7839 return -1;
7840 }
7841
7842 if (type & MAC_ADDR_RAND_SCAN) {
7843 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
7844 addr, mask))
7845 return -1;
7846 }
7847
7848 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
7849 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
7850 addr, mask))
7851 return -1;
7852
7853 if (wpa_s->sched_scanning && !wpa_s->pno)
7854 wpas_scan_restart_sched_scan(wpa_s);
7855 }
7856
7857 if (type & MAC_ADDR_RAND_PNO) {
7858 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
7859 addr, mask))
7860 return -1;
7861
7862 if (wpa_s->pno) {
7863 wpas_stop_pno(wpa_s);
7864 wpas_start_pno(wpa_s);
7865 }
7866 }
7867
7868 return 0;
7869}
7870
7871
7872int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7873 unsigned int type)
7874{
7875 wpas_mac_addr_rand_scan_clear(wpa_s, type);
7876 if (wpa_s->pno) {
7877 if (type & MAC_ADDR_RAND_PNO) {
7878 wpas_stop_pno(wpa_s);
7879 wpas_start_pno(wpa_s);
7880 }
7881 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
7882 wpas_scan_restart_sched_scan(wpa_s);
7883 }
7884
7885 return 0;
7886}
Unnamed repository; edit this file 'description' to name the repository.