]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Clean up wpa_supplicant_event() with deauth/disassoc helper functions
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
d93dfbd5 3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
14
15#include "common.h"
d47fa330 16#include "crypto/random.h"
7d232e23 17#include "crypto/sha1.h"
6fc6879b
JM		 18#include "eapol_supp/eapol_supp_sm.h"
19#include "eap_peer/eap.h"
ec7b97ab 20#include "eap_peer/eap_proxy.h"
3ec97afe 21#include "eap_server/eap_methods.h"
3acb5005 22#include "rsn_supp/wpa.h"
6fc6879b 23#include "eloop.h"
6fc6879b 24#include "config.h"
306ae225 25#include "utils/ext_password.h"
6fc6879b
JM		 26#include "l2_packet/l2_packet.h"
27#include "wpa_supplicant_i.h"
2d5b792d 28#include "driver_i.h"
6fc6879b 29#include "ctrl_iface.h"
6fc6879b 30#include "pcsc_funcs.h"
90973fb2 31#include "common/version.h"
3acb5005
JM		 32#include "rsn_supp/preauth.h"
33#include "rsn_supp/pmksa_cache.h"
90973fb2 34#include "common/wpa_ctrl.h"
90973fb2 35#include "common/ieee802_11_defs.h"
72044390 36#include "p2p/p2p.h"
6fc6879b
JM		 37#include "blacklist.h"
38#include "wpas_glue.h"
116654ce 39#include "wps_supplicant.h"
11ef8d35 40#include "ibss_rsn.h"
c2a04078 41#include "sme.h"
04ea7b79 42#include "gas_query.h"
1f1b62a0 43#include "ap.h"
b22128ef 44#include "p2p_supplicant.h"
9675ce35 45#include "wifi_display.h"
8bac466b 46#include "notify.h"
60b94c98 47#include "bgscan.h"
7c865c68 48#include "autoscan.h"
83922c2d 49#include "bss.h"
9ba9fa07 50#include "scan.h"
24f6497c 51#include "offchannel.h"
cb418324 52#include "hs20_supplicant.h"
e27d20bb 53#include "wnm_sta.h"
6fc6879b
JM		 54
55const char *wpa_supplicant_version =
56"wpa_supplicant v" VERSION_STR "\n"
e056f93e 57"Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 58
59const char *wpa_supplicant_license =
331f89ff
JM		 60"This software may be distributed under the terms of the BSD license.\n"
61"See README for more details.\n"
6fc6879b
JM		 62#ifdef EAP_TLS_OPENSSL
63"\nThis product includes software developed by the OpenSSL Project\n"
64"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65#endif /* EAP_TLS_OPENSSL */
66;
67
68#ifndef CONFIG_NO_STDOUT_DEBUG
69/* Long text divided into parts in order to fit in C89 strings size limits. */
70const char *wpa_supplicant_full_license1 =
331f89ff 71"";
6fc6879b 72const char *wpa_supplicant_full_license2 =
331f89ff 73"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 74"\n"
75"Redistribution and use in source and binary forms, with or without\n"
76"modification, are permitted provided that the following conditions are\n"
77"met:\n"
78"\n";
79const char *wpa_supplicant_full_license3 =
80"1. Redistributions of source code must retain the above copyright\n"
81" notice, this list of conditions and the following disclaimer.\n"
82"\n"
83"2. Redistributions in binary form must reproduce the above copyright\n"
84" notice, this list of conditions and the following disclaimer in the\n"
85" documentation and/or other materials provided with the distribution.\n"
86"\n";
87const char *wpa_supplicant_full_license4 =
88"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89" names of its contributors may be used to endorse or promote products\n"
90" derived from this software without specific prior written permission.\n"
91"\n"
92"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96const char *wpa_supplicant_full_license5 =
97"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
104"\n";
105#endif /* CONFIG_NO_STDOUT_DEBUG */
106
6fc6879b
JM		 107extern int wpa_debug_level;
108extern int wpa_debug_show_keys;
109extern int wpa_debug_timestamp;
c5121837 110extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 111
112/* Configure default/group WEP keys for static WEP */
0194fedb 113int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 114{
115 int i, set = 0;
116
117 for (i = 0; i < NUM_WEP_KEYS; i++) {
118 if (ssid->wep_key_len[i] == 0)
119 continue;
120
121 set = 1;
0382097e 122 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 123 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 124 ssid->wep_key[i], ssid->wep_key_len[i]);
125 }
126
127 return set;
128}
129
130
6ea1f413
JM		 131int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
132 struct wpa_ssid *ssid)
6fc6879b
JM		 133{
134 u8 key[32];
135 size_t keylen;
71934751 136 enum wpa_alg alg;
6fc6879b
JM		 137 u8 seq[6] = { 0 };
138
139 /* IBSS/WPA-None uses only one key (Group) for both receiving and
140 * sending unicast and multicast packets. */
141
d7dcba70 142 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 143 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 145 return -1;
146 }
147
148 if (!ssid->psk_set) {
f049052b
BG		 149 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
150 "WPA-None");
6fc6879b
JM		 151 return -1;
152 }
153
154 switch (wpa_s->group_cipher) {
155 case WPA_CIPHER_CCMP:
156 os_memcpy(key, ssid->psk, 16);
157 keylen = 16;
158 alg = WPA_ALG_CCMP;
159 break;
eb7719ff
JM		 160 case WPA_CIPHER_GCMP:
161 os_memcpy(key, ssid->psk, 16);
162 keylen = 16;
163 alg = WPA_ALG_GCMP;
164 break;
6fc6879b
JM		 165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
169 keylen = 32;
170 alg = WPA_ALG_TKIP;
171 break;
172 default:
f049052b
BG		 173 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 175 return -1;
176 }
177
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
180
0382097e 181 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
6fc6879b
JM		 182}
183
184
185static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
186{
187 struct wpa_supplicant *wpa_s = eloop_ctx;
188 const u8 *bssid = wpa_s->bssid;
a8e16edc 189 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 190 bssid = wpa_s->pending_bssid;
191 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
192 MAC2STR(bssid));
193 wpa_blacklist_add(wpa_s, bssid);
194 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 195 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 196 wpa_s->reassociate = 1;
48b84f18
BG		 197
198 /*
199 * If we timed out, the AP or the local radio may be busy.
200 * So, wait a second until scanning again.
201 */
202 wpa_supplicant_req_scan(wpa_s, 1, 0);
99fcd404 203
f85f545e 204 wpas_p2p_continue_after_scan(wpa_s);
6fc6879b
JM		 205}
206
207
208/**
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
213 *
214 * This function is used to schedule a timeout for the current authentication
215 * attempt.
216 */
217void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
218 int sec, int usec)
219{
c2a04078
JM		 220 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 222 return;
223
f049052b 224 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
228}
229
230
231/**
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
234 *
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
237 * been completed.
238 */
239void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
240{
f049052b 241 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
244}
245
246
247/**
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
250 *
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
253 */
254void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
255{
256#ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
259
53895c3b 260#ifdef CONFIG_IBSS_RSN
d7dcba70 261 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
264 /*
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
267 */
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 return;
272 }
273#endif /* CONFIG_IBSS_RSN */
274
0a40ec6a
JM		 275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277
6fc6879b
JM		 278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
281 else
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
283
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
290 }
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
294 }
295
c2a04078 296 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b 297 eapol_conf.required_keys = 0;
6fc6879b
JM		 298 }
299 if (wpa_s->conf)
300 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
301 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 302 eapol_conf.eap_disabled =
303 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 304 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
305 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
6fc6879b
JM		 306 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
307#endif /* IEEE8021X_EAPOL */
308}
309
310
311/**
312 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
313 * @wpa_s: Pointer to wpa_supplicant data
314 * @ssid: Configuration data for the network
315 *
316 * This function is used to configure WPA state machine and related parameters
317 * to a mode where WPA is not enabled. This is called as part of the
318 * authentication configuration when the selected network does not use WPA.
319 */
320void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
321 struct wpa_ssid *ssid)
322{
323 int i;
324
ad08c363
JM		 325 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
326 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
327 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 328 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
329 else
330 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
331 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
334 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
335 wpa_s->group_cipher = WPA_CIPHER_NONE;
336 wpa_s->mgmt_group_cipher = 0;
337
338 for (i = 0; i < NUM_WEP_KEYS; i++) {
339 if (ssid->wep_key_len[i] > 5) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
341 wpa_s->group_cipher = WPA_CIPHER_WEP104;
342 break;
343 } else if (ssid->wep_key_len[i] > 0) {
344 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
345 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 break;
347 }
348 }
349
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
353 wpa_s->pairwise_cipher);
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
355#ifdef CONFIG_IEEE80211W
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
357 wpa_s->mgmt_group_cipher);
358#endif /* CONFIG_IEEE80211W */
359
360 pmksa_cache_clear_current(wpa_s->wpa);
361}
362
363
6979582c 364void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 365{
366 int i;
367 if (wpa_s->hw.modes == NULL)
368 return;
369
370 for (i = 0; i < wpa_s->hw.num_modes; i++) {
371 os_free(wpa_s->hw.modes[i].channels);
372 os_free(wpa_s->hw.modes[i].rates);
373 }
374
375 os_free(wpa_s->hw.modes);
376 wpa_s->hw.modes = NULL;
377}
378
379
6fc6879b
JM		 380static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
381{
60b94c98 382 bgscan_deinit(wpa_s);
7c865c68 383 autoscan_deinit(wpa_s);
6fc6879b
JM		 384 scard_deinit(wpa_s->scard);
385 wpa_s->scard = NULL;
386 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
387 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
388 l2_packet_deinit(wpa_s->l2);
389 wpa_s->l2 = NULL;
390 if (wpa_s->l2_br) {
391 l2_packet_deinit(wpa_s->l2_br);
392 wpa_s->l2_br = NULL;
393 }
394
6fc6879b 395 if (wpa_s->conf != NULL) {
8e56d189
JM		 396 struct wpa_ssid *ssid;
397 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
398 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 399 }
400
401 os_free(wpa_s->confname);
402 wpa_s->confname = NULL;
403
e6304cad
DS		 404 os_free(wpa_s->confanother);
405 wpa_s->confanother = NULL;
406
6fc6879b
JM		 407 wpa_sm_set_eapol(wpa_s->wpa, NULL);
408 eapol_sm_deinit(wpa_s->eapol);
409 wpa_s->eapol = NULL;
410
411 rsn_preauth_deinit(wpa_s->wpa);
412
281ff0aa
GP		 413#ifdef CONFIG_TDLS
414 wpa_tdls_deinit(wpa_s->wpa);
415#endif /* CONFIG_TDLS */
416
6fc6879b
JM		 417 pmksa_candidate_free(wpa_s->wpa);
418 wpa_sm_deinit(wpa_s->wpa);
419 wpa_s->wpa = NULL;
420 wpa_blacklist_clear(wpa_s);
421
83922c2d 422 wpa_bss_deinit(wpa_s);
6fc6879b 423
831770bf 424 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 425 wpa_supplicant_cancel_scan(wpa_s);
426 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 427 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
428#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
429 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
430 wpa_s, NULL);
431#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 432
116654ce 433 wpas_wps_deinit(wpa_s);
11ef8d35 434
1ff73338
JM		 435 wpabuf_free(wpa_s->pending_eapol_rx);
436 wpa_s->pending_eapol_rx = NULL;
437
11ef8d35
JM		 438#ifdef CONFIG_IBSS_RSN
439 ibss_rsn_deinit(wpa_s->ibss_rsn);
440 wpa_s->ibss_rsn = NULL;
441#endif /* CONFIG_IBSS_RSN */
c2a04078 442
e29853bb 443 sme_deinit(wpa_s);
2d5b792d
JM		 444
445#ifdef CONFIG_AP
446 wpa_supplicant_ap_deinit(wpa_s);
447#endif /* CONFIG_AP */
b22128ef
JM		 448
449#ifdef CONFIG_P2P
450 wpas_p2p_deinit(wpa_s);
451#endif /* CONFIG_P2P */
f47d639d 452
24f6497c
JM		 453#ifdef CONFIG_OFFCHANNEL
454 offchannel_deinit(wpa_s);
455#endif /* CONFIG_OFFCHANNEL */
456
a4cba8f1
LC		 457 wpa_supplicant_cancel_sched_scan(wpa_s);
458
f47d639d
JM		 459 os_free(wpa_s->next_scan_freqs);
460 wpa_s->next_scan_freqs = NULL;
04ea7b79
JM		 461
462 gas_query_deinit(wpa_s->gas);
463 wpa_s->gas = NULL;
6bf731e8
CL		 464
465 free_hw_features(wpa_s);
d445a5cd
JM		 466
467 os_free(wpa_s->bssid_filter);
468 wpa_s->bssid_filter = NULL;
b6668734 469
6407f413
JM		 470 os_free(wpa_s->disallow_aps_bssid);
471 wpa_s->disallow_aps_bssid = NULL;
472 os_free(wpa_s->disallow_aps_ssid);
473 wpa_s->disallow_aps_ssid = NULL;
474
b6668734 475 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 476#ifdef CONFIG_WNM
477 wnm_deallocate_memory(wpa_s);
478#endif /* CONFIG_WNM */
306ae225
JM		 479
480 ext_password_deinit(wpa_s->ext_pw);
481 wpa_s->ext_pw = NULL;
b1f12296
JM		 482
483 wpabuf_free(wpa_s->last_gas_resp);
a297201d
JM		 484
485 os_free(wpa_s->last_scan_res);
486 wpa_s->last_scan_res = NULL;
6fc6879b
JM		 487}
488
489
490/**
491 * wpa_clear_keys - Clear keys configured for the driver
492 * @wpa_s: Pointer to wpa_supplicant data
493 * @addr: Previously used BSSID or %NULL if not available
494 *
495 * This function clears the encryption keys that has been previously configured
496 * for the driver.
497 */
498void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
499{
6fc6879b
JM		 500 if (wpa_s->keys_cleared) {
501 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
502 * timing issues with keys being cleared just before new keys
503 * are set or just after association or something similar. This
504 * shows up in group key handshake failing often because of the
505 * client not receiving the first encrypted packets correctly.
506 * Skipping some of the extra key clearing steps seems to help
507 * in completing group key handshake more reliably. */
f049052b
BG		 508 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
509 "skip key clearing");
6fc6879b
JM		 510 return;
511 }
512
513 /* MLME-DELETEKEYS.request */
0382097e
JM		 514 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
517 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
0e27f655 518#ifdef CONFIG_IEEE80211W
0382097e
JM		 519 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
0e27f655 521#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 522 if (addr) {
523 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
524 0);
525 /* MLME-SETPROTECTION.request(None) */
526 wpa_drv_mlme_setprotection(
527 wpa_s, addr,
528 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
529 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
530 }
531 wpa_s->keys_cleared = 1;
532}
533
534
535/**
536 * wpa_supplicant_state_txt - Get the connection state name as a text string
537 * @state: State (wpa_state; WPA_*)
538 * Returns: The state name as a printable text string
539 */
71934751 540const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 541{
542 switch (state) {
543 case WPA_DISCONNECTED:
544 return "DISCONNECTED";
545 case WPA_INACTIVE:
546 return "INACTIVE";
8401a6b0
JM		 547 case WPA_INTERFACE_DISABLED:
548 return "INTERFACE_DISABLED";
6fc6879b
JM		 549 case WPA_SCANNING:
550 return "SCANNING";
c2a04078
JM		 551 case WPA_AUTHENTICATING:
552 return "AUTHENTICATING";
6fc6879b
JM		 553 case WPA_ASSOCIATING:
554 return "ASSOCIATING";
555 case WPA_ASSOCIATED:
556 return "ASSOCIATED";
557 case WPA_4WAY_HANDSHAKE:
558 return "4WAY_HANDSHAKE";
559 case WPA_GROUP_HANDSHAKE:
560 return "GROUP_HANDSHAKE";
561 case WPA_COMPLETED:
562 return "COMPLETED";
563 default:
564 return "UNKNOWN";
565 }
566}
567
568
cfe53c9a
PS		 569#ifdef CONFIG_BGSCAN
570
571static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
572{
0096c427
JM		 573 if (wpas_driver_bss_selection(wpa_s))
574 return;
cfe53c9a
PS		 575 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
576 return;
577
578 bgscan_deinit(wpa_s);
579 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
580 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
581 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
582 "bgscan");
583 /*
584 * Live without bgscan; it is only used as a roaming
585 * optimization, so the initial connection is not
586 * affected.
587 */
6409b7a7
YD		 588 } else {
589 struct wpa_scan_results *scan_res;
cfe53c9a 590 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 591 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
592 0);
593 if (scan_res) {
594 bgscan_notify_scan(wpa_s, scan_res);
595 wpa_scan_results_free(scan_res);
596 }
597 }
cfe53c9a
PS		 598 } else
599 wpa_s->bgscan_ssid = NULL;
600}
601
602
603static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
604{
605 if (wpa_s->bgscan_ssid != NULL) {
606 bgscan_deinit(wpa_s);
607 wpa_s->bgscan_ssid = NULL;
608 }
609}
610
611#endif /* CONFIG_BGSCAN */
612
613
7c865c68
TB		 614static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
615{
99218999 616 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 617 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
618}
619
620
621static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
622{
623 autoscan_deinit(wpa_s);
624}
625
626
c3d12238
JM		 627void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
628{
629 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
630 wpa_s->wpa_state == WPA_SCANNING) {
631 autoscan_deinit(wpa_s);
632 wpa_supplicant_start_autoscan(wpa_s);
633 }
634}
635
636
6fc6879b
JM		 637/**
638 * wpa_supplicant_set_state - Set current connection state
639 * @wpa_s: Pointer to wpa_supplicant data
640 * @state: The new connection state
641 *
642 * This function is called whenever the connection state changes, e.g.,
643 * association is completed for WPA/WPA2 4-Way Handshake is started.
644 */
71934751
JM		 645void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
646 enum wpa_states state)
6fc6879b 647{
27f43d8d
MH		 648 enum wpa_states old_state = wpa_s->wpa_state;
649
f049052b
BG		 650 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
651 wpa_supplicant_state_txt(wpa_s->wpa_state),
652 wpa_supplicant_state_txt(state));
6fc6879b 653
cb8564b1
DW		 654 if (state != WPA_SCANNING)
655 wpa_supplicant_notify_scanning(wpa_s, 0);
656
6fc6879b 657 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 658 struct wpa_ssid *ssid = wpa_s->current_ssid;
7d37a357 659#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 660 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1cfc6787
JM		 661 MACSTR " completed [id=%d id_str=%s]",
662 MAC2STR(wpa_s->bssid),
6fc6879b
JM		 663 ssid ? ssid->id : -1,
664 ssid && ssid->id_str ? ssid->id_str : "");
665#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 666 wpas_clear_temp_disabled(wpa_s, ssid, 1);
f1a52633 667 wpa_s->extra_blacklist_count = 0;
6fc6879b 668 wpa_s->new_connection = 0;
6fc6879b 669 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 670#ifndef IEEE8021X_EAPOL
671 wpa_drv_set_supp_port(wpa_s, 1);
672#endif /* IEEE8021X_EAPOL */
17a4734d 673 wpa_s->after_wps = 0;
b22128ef
JM		 674#ifdef CONFIG_P2P
675 wpas_p2p_completed(wpa_s);
676#endif /* CONFIG_P2P */
c3701c66
RM		 677
678 sme_sched_obss_scan(wpa_s, 1);
6fc6879b
JM		 679 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
680 state == WPA_ASSOCIATED) {
681 wpa_s->new_connection = 1;
682 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 683#ifndef IEEE8021X_EAPOL
684 wpa_drv_set_supp_port(wpa_s, 0);
685#endif /* IEEE8021X_EAPOL */
c3701c66 686 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 687 }
688 wpa_s->wpa_state = state;
27f43d8d 689
cfe53c9a
PS		 690#ifdef CONFIG_BGSCAN
691 if (state == WPA_COMPLETED)
692 wpa_supplicant_start_bgscan(wpa_s);
693 else
694 wpa_supplicant_stop_bgscan(wpa_s);
695#endif /* CONFIG_BGSCAN */
696
7c865c68
TB		 697 if (state == WPA_AUTHENTICATING)
698 wpa_supplicant_stop_autoscan(wpa_s);
699
700 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
701 wpa_supplicant_start_autoscan(wpa_s);
702
5bbf9f10 703 if (wpa_s->wpa_state != old_state) {
27f43d8d 704 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10
PS		 705
706 if (wpa_s->wpa_state == WPA_COMPLETED ||
707 old_state == WPA_COMPLETED)
708 wpas_notify_auth_changed(wpa_s);
709 }
6fc6879b
JM		 710}
711
712
1a1bf008
JM		 713void wpa_supplicant_terminate_proc(struct wpa_global *global)
714{
715 int pending = 0;
716#ifdef CONFIG_WPS
717 struct wpa_supplicant *wpa_s = global->ifaces;
718 while (wpa_s) {
719 if (wpas_wps_terminate_pending(wpa_s) == 1)
720 pending = 1;
721 wpa_s = wpa_s->next;
722 }
723#endif /* CONFIG_WPS */
724 if (pending)
725 return;
726 eloop_terminate();
727}
728
729
0456ea16 730static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 731{
0456ea16 732 struct wpa_global *global = signal_ctx;
1a1bf008 733 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 734}
735
736
b22128ef 737void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 738{
71934751 739 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 740
6fc6879b
JM		 741 wpa_s->pairwise_cipher = 0;
742 wpa_s->group_cipher = 0;
743 wpa_s->mgmt_group_cipher = 0;
744 wpa_s->key_mgmt = 0;
8401a6b0 745 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 746 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 747
748 if (wpa_s->wpa_state != old_state)
749 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 750}
751
752
753/**
754 * wpa_supplicant_reload_configuration - Reload configuration data
755 * @wpa_s: Pointer to wpa_supplicant data
756 * Returns: 0 on success or -1 if configuration parsing failed
757 *
758 * This function can be used to request that the configuration data is reloaded
759 * (e.g., after configuration file change). This function is reloading
760 * configuration only for one interface, so this may need to be called multiple
761 * times if %wpa_supplicant is controlling multiple interfaces and all
762 * interfaces need reconfiguration.
763 */
764int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
765{
766 struct wpa_config *conf;
767 int reconf_ctrl;
8bac466b
JM		 768 int old_ap_scan;
769
6fc6879b
JM		 770 if (wpa_s->confname == NULL)
771 return -1;
e6304cad 772 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 773 if (conf == NULL) {
774 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
775 "file '%s' - exiting", wpa_s->confname);
776 return -1;
777 }
e6304cad
DS		 778 wpa_config_read(wpa_s->confanother, conf);
779
611aea7d 780 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 781
782 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
783 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
784 os_strcmp(conf->ctrl_interface,
785 wpa_s->conf->ctrl_interface) != 0);
786
787 if (reconf_ctrl && wpa_s->ctrl_iface) {
788 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
789 wpa_s->ctrl_iface = NULL;
790 }
791
792 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa
JM		 793 if (wpa_s->current_ssid) {
794 wpa_supplicant_deauthenticate(wpa_s,
795 WLAN_REASON_DEAUTH_LEAVING);
796 }
8bac466b 797
6fc6879b
JM		 798 /*
799 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
800 * pkcs11_engine_path, pkcs11_module_path.
801 */
56586197 802 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 803 /*
804 * Clear forced success to clear EAP state for next
805 * authentication.
806 */
807 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
808 }
809 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
810 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 811 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 812 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
813 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 814
815 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 816 wpa_config_free(wpa_s->conf);
817 wpa_s->conf = conf;
8bac466b
JM		 818 if (old_ap_scan != wpa_s->conf->ap_scan)
819 wpas_notify_ap_scan_changed(wpa_s);
820
6fc6879b
JM		 821 if (reconf_ctrl)
822 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
823
611aea7d
JM		 824 wpa_supplicant_update_config(wpa_s);
825
6fc6879b 826 wpa_supplicant_clear_status(wpa_s);
349493bd 827 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 828 wpa_s->reassociate = 1;
829 wpa_supplicant_req_scan(wpa_s, 0, 0);
830 }
f049052b 831 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 832 return 0;
833}
834
835
0456ea16 836static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 837{
0456ea16 838 struct wpa_global *global = signal_ctx;
6fc6879b 839 struct wpa_supplicant *wpa_s;
6fc6879b 840 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 841 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
842 sig);
6fc6879b 843 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 844 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 845 }
846 }
847}
848
849
508545f3 850enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
6fc6879b
JM		 851{
852 switch (key_mgmt) {
853 case WPA_KEY_MGMT_NONE:
854 return KEY_MGMT_NONE;
855 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
856 return KEY_MGMT_802_1X_NO_WPA;
857 case WPA_KEY_MGMT_IEEE8021X:
858 return KEY_MGMT_802_1X;
859 case WPA_KEY_MGMT_WPA_NONE:
860 return KEY_MGMT_WPA_NONE;
861 case WPA_KEY_MGMT_FT_IEEE8021X:
862 return KEY_MGMT_FT_802_1X;
863 case WPA_KEY_MGMT_FT_PSK:
864 return KEY_MGMT_FT_PSK;
56586197
JM		 865 case WPA_KEY_MGMT_IEEE8021X_SHA256:
866 return KEY_MGMT_802_1X_SHA256;
867 case WPA_KEY_MGMT_PSK_SHA256:
868 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 869 case WPA_KEY_MGMT_WPS:
870 return KEY_MGMT_WPS;
6fc6879b
JM		 871 case WPA_KEY_MGMT_PSK:
872 default:
873 return KEY_MGMT_PSK;
874 }
875}
876
877
878static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
879 struct wpa_ssid *ssid,
880 struct wpa_ie_data *ie)
881{
882 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
883 if (ret) {
884 if (ret == -2) {
885 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
886 "from association info");
887 }
888 return -1;
889 }
890
f049052b
BG		 891 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
892 "cipher suites");
6fc6879b
JM		 893 if (!(ie->group_cipher & ssid->group_cipher)) {
894 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
895 "cipher 0x%x (mask 0x%x) - reject",
896 ie->group_cipher, ssid->group_cipher);
897 return -1;
898 }
899 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
900 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
901 "cipher 0x%x (mask 0x%x) - reject",
902 ie->pairwise_cipher, ssid->pairwise_cipher);
903 return -1;
904 }
905 if (!(ie->key_mgmt & ssid->key_mgmt)) {
906 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
907 "management 0x%x (mask 0x%x) - reject",
908 ie->key_mgmt, ssid->key_mgmt);
909 return -1;
910 }
911
912#ifdef CONFIG_IEEE80211W
0b60b0aa 913 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
62d49803
JM		 914 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
915 wpa_s->conf->pmf : ssid->ieee80211w) ==
916 MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 917 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
918 "that does not support management frame protection - "
919 "reject");
920 return -1;
921 }
922#endif /* CONFIG_IEEE80211W */
923
924 return 0;
925}
926
927
928/**
929 * wpa_supplicant_set_suites - Set authentication and encryption parameters
930 * @wpa_s: Pointer to wpa_supplicant data
931 * @bss: Scan results for the selected BSS, or %NULL if not available
932 * @ssid: Configuration data for the selected network
933 * @wpa_ie: Buffer for the WPA/RSN IE
934 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
935 * used buffer length in case the functions returns success.
936 * Returns: 0 on success or -1 on failure
937 *
938 * This function is used to configure authentication and encryption parameters
939 * based on the network configuration and scan result for the selected BSS (if
940 * available).
941 */
942int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 943 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 944 u8 *wpa_ie, size_t *wpa_ie_len)
945{
946 struct wpa_ie_data ie;
947 int sel, proto;
948 const u8 *bss_wpa, *bss_rsn;
949
950 if (bss) {
6fa81a3b
JM		 951 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
952 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6fc6879b
JM		 953 } else
954 bss_wpa = bss_rsn = NULL;
955
956 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
957 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
958 (ie.group_cipher & ssid->group_cipher) &&
959 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
960 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 961 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 962 proto = WPA_PROTO_RSN;
963 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
964 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
965 (ie.group_cipher & ssid->group_cipher) &&
966 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
967 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 968 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b
JM		 969 proto = WPA_PROTO_WPA;
970 } else if (bss) {
971 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
972 return -1;
973 } else {
974 if (ssid->proto & WPA_PROTO_RSN)
975 proto = WPA_PROTO_RSN;
976 else
977 proto = WPA_PROTO_WPA;
978 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
979 os_memset(&ie, 0, sizeof(ie));
980 ie.group_cipher = ssid->group_cipher;
981 ie.pairwise_cipher = ssid->pairwise_cipher;
982 ie.key_mgmt = ssid->key_mgmt;
983#ifdef CONFIG_IEEE80211W
984 ie.mgmt_group_cipher =
70f8cc8e 985 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
6fc6879b
JM		 986 WPA_CIPHER_AES_128_CMAC : 0;
987#endif /* CONFIG_IEEE80211W */
f049052b
BG		 988 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
989 "based on configuration");
6fc6879b
JM		 990 } else
991 proto = ie.proto;
992 }
993
f049052b
BG		 994 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
995 "pairwise %d key_mgmt %d proto %d",
996 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 997#ifdef CONFIG_IEEE80211W
998 if (ssid->ieee80211w) {
f049052b
BG		 999 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1000 ie.mgmt_group_cipher);
6fc6879b
JM		 1001 }
1002#endif /* CONFIG_IEEE80211W */
1003
64fa840a 1004 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1005 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1006 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1007 !!(ssid->proto & WPA_PROTO_RSN));
1008
1009 if (bss || !wpa_s->ap_ies_from_associnfo) {
1010 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1011 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1012 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1013 bss_rsn ? 2 + bss_rsn[1] : 0))
1014 return -1;
1015 }
1016
1017 sel = ie.group_cipher & ssid->group_cipher;
edbd2a19
JM		 1018 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1019 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1020 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1021 "cipher");
6fc6879b
JM		 1022 return -1;
1023 }
edbd2a19
JM		 1024 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1025 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1026
1027 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
edbd2a19
JM		 1028 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1029 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1030 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1031 "cipher");
6fc6879b
JM		 1032 return -1;
1033 }
edbd2a19
JM		 1034 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1035 wpa_cipher_txt(wpa_s->pairwise_cipher));
6fc6879b
JM		 1036
1037 sel = ie.key_mgmt & ssid->key_mgmt;
c10347f2
JM		 1038#ifdef CONFIG_SAE
1039 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1040 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1041#endif /* CONFIG_SAE */
6fc6879b
JM		 1042 if (0) {
1043#ifdef CONFIG_IEEE80211R
1044 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1045 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1046 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
6fc6879b
JM		 1047 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1048 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1049 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1050#endif /* CONFIG_IEEE80211R */
c10347f2
JM		 1051#ifdef CONFIG_SAE
1052 } else if (sel & WPA_KEY_MGMT_SAE) {
1053 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1054 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1055 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1056 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1057 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1058#endif /* CONFIG_SAE */
56586197
JM		 1059#ifdef CONFIG_IEEE80211W
1060 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1061 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1062 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1063 "WPA: using KEY_MGMT 802.1X with SHA256");
1064 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1065 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1066 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1067 "WPA: using KEY_MGMT PSK with SHA256");
1068#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1069 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1070 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1071 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1072 } else if (sel & WPA_KEY_MGMT_PSK) {
1073 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1074 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1075 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1076 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1077 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
6fc6879b 1078 } else {
f049052b
BG		 1079 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1080 "authenticated key management type");
6fc6879b
JM		 1081 return -1;
1082 }
1083
1084 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1085 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1086 wpa_s->pairwise_cipher);
1087 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1088
1089#ifdef CONFIG_IEEE80211W
1090 sel = ie.mgmt_group_cipher;
62d49803
JM		 1091 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1092 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1093 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1094 sel = 0;
1095 if (sel & WPA_CIPHER_AES_128_CMAC) {
1096 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1097 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b
JM		 1098 "AES-128-CMAC");
1099 } else {
1100 wpa_s->mgmt_group_cipher = 0;
f049052b 1101 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1102 }
1103 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1104 wpa_s->mgmt_group_cipher);
62d49803
JM		 1105 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1106 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1107 wpa_s->conf->pmf : ssid->ieee80211w));
6fc6879b
JM		 1108#endif /* CONFIG_IEEE80211W */
1109
1110 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1111 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1112 return -1;
1113 }
1114
0bf927a0 1115 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
6fc6879b 1116 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
7d232e23
ZC		 1117#ifndef CONFIG_NO_PBKDF2
1118 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1119 ssid->passphrase) {
1120 u8 psk[PMK_LEN];
986de33d
JM		 1121 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1122 4096, psk, PMK_LEN);
7d232e23
ZC		 1123 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1124 psk, PMK_LEN);
1125 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1126 }
1127#endif /* CONFIG_NO_PBKDF2 */
9173b16f
JM		 1128#ifdef CONFIG_EXT_PASSWORD
1129 if (ssid->ext_psk) {
1130 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1131 ssid->ext_psk);
1132 char pw_str[64 + 1];
1133 u8 psk[PMK_LEN];
1134
1135 if (pw == NULL) {
1136 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1137 "found from external storage");
1138 return -1;
1139 }
1140
1141 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1142 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1143 "PSK length %d in external storage",
1144 (int) wpabuf_len(pw));
1145 ext_password_free(pw);
1146 return -1;
1147 }
1148
1149 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1150 pw_str[wpabuf_len(pw)] = '\0';
1151
1152#ifndef CONFIG_NO_PBKDF2
1153 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1154 {
986de33d
JM		 1155 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1156 4096, psk, PMK_LEN);
9173b16f
JM		 1157 os_memset(pw_str, 0, sizeof(pw_str));
1158 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1159 "external passphrase)",
1160 psk, PMK_LEN);
1161 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1162 } else
1163#endif /* CONFIG_NO_PBKDF2 */
1164 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1165 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1166 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1167 "Invalid PSK hex string");
1168 os_memset(pw_str, 0, sizeof(pw_str));
1169 ext_password_free(pw);
1170 return -1;
1171 }
1172 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1173 } else {
1174 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1175 "PSK available");
1176 os_memset(pw_str, 0, sizeof(pw_str));
1177 ext_password_free(pw);
1178 return -1;
1179 }
1180
1181 os_memset(pw_str, 0, sizeof(pw_str));
1182 ext_password_free(pw);
1183 }
1184#endif /* CONFIG_EXT_PASSWORD */
7d232e23 1185 } else
6fc6879b
JM		 1186 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1187
1188 return 0;
1189}
1190
1191
8cd6b7bc 1192static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1193{
8cd6b7bc 1194 *pos = 0x00;
03e47c9c 1195
8cd6b7bc
JB		 1196 switch (idx) {
1197 case 0: /* Bits 0-7 */
1198 break;
1199 case 1: /* Bits 8-15 */
1200 break;
1201 case 2: /* Bits 16-23 */
1202#ifdef CONFIG_WNM
1203 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1204 *pos |= 0x08; /* Bit 19 - BSS Transition */
1205#endif /* CONFIG_WNM */
1206 break;
1207 case 3: /* Bits 24-31 */
1208#ifdef CONFIG_WNM
1209 *pos |= 0x02; /* Bit 25 - SSID List */
1210#endif /* CONFIG_WNM */
03e47c9c 1211#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1212 if (wpa_s->conf->interworking)
1213 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1214#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1215 break;
1216 case 4: /* Bits 32-39 */
1217 break;
1218 case 5: /* Bits 40-47 */
1219 break;
1220 case 6: /* Bits 48-55 */
1221 break;
1222 }
1223}
03e47c9c 1224
03e47c9c 1225
8cd6b7bc
JB		 1226int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1227{
1228 u8 *pos = buf;
1229 u8 len = 4, i;
1230
1231 if (len < wpa_s->extended_capa_len)
1232 len = wpa_s->extended_capa_len;
03e47c9c
JM		 1233
1234 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1235 *pos++ = len;
1236 for (i = 0; i < len; i++, pos++) {
1237 wpas_ext_capab_byte(wpa_s, pos, i);
1238
1239 if (i < wpa_s->extended_capa_len) {
1240 *pos &= ~wpa_s->extended_capa_mask[i];
1241 *pos |= wpa_s->extended_capa[i];
1242 }
1243 }
03e47c9c 1244
3db5439a
JM		 1245 while (len > 0 && buf[1 + len] == 0) {
1246 len--;
1247 buf[1] = len;
1248 }
1249 if (len == 0)
1250 return 0;
1251
1252 return 2 + len;
03e47c9c
JM		 1253}
1254
1255
6fc6879b
JM		 1256/**
1257 * wpa_supplicant_associate - Request association
1258 * @wpa_s: Pointer to wpa_supplicant data
1259 * @bss: Scan results for the selected BSS, or %NULL if not available
1260 * @ssid: Configuration data for the selected network
1261 *
1262 * This function is used to request %wpa_supplicant to associate with a BSS.
1263 */
1264void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1265 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1266{
5f3a6aa0 1267 u8 wpa_ie[200];
6fc6879b 1268 size_t wpa_ie_len;
8bac466b 1269 int use_crypt, ret, i, bssid_changed;
abd9fafa 1270 int algs = WPA_AUTH_ALG_OPEN;
71934751 1271 enum wpa_cipher cipher_pairwise, cipher_group;
6fc6879b
JM		 1272 struct wpa_driver_associate_params params;
1273 int wep_keys_set = 0;
6fc6879b 1274 int assoc_failed = 0;
8bac466b 1275 struct wpa_ssid *old_ssid;
03e47c9c
JM		 1276 u8 ext_capab[10];
1277 int ext_capab_len;
80e8a5ee
BG		 1278#ifdef CONFIG_HT_OVERRIDES
1279 struct ieee80211_ht_capabilities htcaps;
1280 struct ieee80211_ht_capabilities htcaps_mask;
1281#endif /* CONFIG_HT_OVERRIDES */
6fc6879b 1282
78177a00
JM		 1283#ifdef CONFIG_IBSS_RSN
1284 ibss_rsn_deinit(wpa_s->ibss_rsn);
1285 wpa_s->ibss_rsn = NULL;
1286#endif /* CONFIG_IBSS_RSN */
1287
2c5d725c
JM		 1288 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1289 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1290#ifdef CONFIG_AP
1291 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1292 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1293 "mode");
1581b38b
JM		 1294 return;
1295 }
8c981d17
DW		 1296 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1297 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1298 return;
1299 }
8f770587 1300 wpa_s->current_bss = bss;
1581b38b 1301#else /* CONFIG_AP */
f049052b
BG		 1302 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1303 "the build");
1581b38b
JM		 1304#endif /* CONFIG_AP */
1305 return;
1306 }
1307
52c9e6f3 1308#ifdef CONFIG_TDLS
95cb2d88
JM		 1309 if (bss)
1310 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1311 bss->ie_len);
52c9e6f3
JM		 1312#endif /* CONFIG_TDLS */
1313
5cc4d64b
JM		 1314 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1315 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1316 sme_authenticate(wpa_s, bss, ssid);
1317 return;
1318 }
1319
0c80427d 1320 os_memset(&params, 0, sizeof(params));
6fc6879b 1321 wpa_s->reassociate = 0;
22628eca 1322 if (bss && !wpas_driver_bss_selection(wpa_s)) {
6fc6879b 1323#ifdef CONFIG_IEEE80211R
6fa81a3b 1324 const u8 *ie, *md = NULL;
6fc6879b 1325#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1326 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1327 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
6fa81a3b 1328 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
8bac466b 1329 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1330 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1331 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1332 if (bssid_changed)
1333 wpas_notify_bssid_changed(wpa_s);
6fc6879b 1334#ifdef CONFIG_IEEE80211R
6fa81a3b 1335 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
6fc6879b
JM		 1336 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1337 md = ie + 2;
e7846b68 1338 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
91a05482
JM		 1339 if (md) {
1340 /* Prepare for the next transition */
76b7981d 1341 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
91a05482 1342 }
6fc6879b 1343#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1344#ifdef CONFIG_WPS
1345 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1346 wpa_s->conf->ap_scan == 2 &&
1347 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1348 /* Use ap_scan==1 style network selection to find the network
1349 */
4115303b 1350 wpa_s->scan_req = MANUAL_SCAN_REQ;
24c23d1b
JM		 1351 wpa_s->reassociate = 1;
1352 wpa_supplicant_req_scan(wpa_s, 0, 0);
1353 return;
1354#endif /* CONFIG_WPS */
6fc6879b
JM		 1355 } else {
1356 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1357 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1358 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1359 }
a4cba8f1 1360 wpa_supplicant_cancel_sched_scan(wpa_s);
6fc6879b
JM		 1361 wpa_supplicant_cancel_scan(wpa_s);
1362
1363 /* Starting new association, so clear the possibly used WPA IE from the
1364 * previous association. */
1365 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1366
1367#ifdef IEEE8021X_EAPOL
1368 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1369 if (ssid->leap) {
1370 if (ssid->non_leap == 0)
abd9fafa 1371 algs = WPA_AUTH_ALG_LEAP;
6fc6879b 1372 else
abd9fafa 1373 algs |= WPA_AUTH_ALG_LEAP;
6fc6879b
JM		 1374 }
1375 }
1376#endif /* IEEE8021X_EAPOL */
f049052b 1377 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
6fc6879b 1378 if (ssid->auth_alg) {
abd9fafa 1379 algs = ssid->auth_alg;
f049052b
BG		 1380 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1381 "0x%x", algs);
6fc6879b 1382 }
6fc6879b 1383
6fa81a3b
JM		 1384 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1385 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 1386 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 1387 int try_opportunistic;
6e202021
JM		 1388 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1389 wpa_s->conf->okc :
1390 ssid->proactive_key_caching) &&
6fc6879b
JM		 1391 (ssid->proto & WPA_PROTO_RSN);
1392 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
b2a12c4f 1393 ssid, try_opportunistic) == 0)
6fc6879b
JM		 1394 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1395 wpa_ie_len = sizeof(wpa_ie);
1396 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1397 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1398 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1399 "key management and encryption suites");
6fc6879b
JM		 1400 return;
1401 }
a3f7e518
JM		 1402 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1403 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1404 /*
1405 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1406 * use non-WPA since the scan results did not indicate that the
1407 * AP is using WPA or WPA2.
1408 */
1409 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1410 wpa_ie_len = 0;
1411 wpa_s->wpa_proto = 0;
0bf927a0 1412 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
6fc6879b
JM		 1413 wpa_ie_len = sizeof(wpa_ie);
1414 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1415 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1416 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1417 "key management and encryption suites (no "
1418 "scan results)");
6fc6879b
JM		 1419 return;
1420 }
ad08c363
JM		 1421#ifdef CONFIG_WPS
1422 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1423 struct wpabuf *wps_ie;
1424 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1425 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1426 wpa_ie_len = wpabuf_len(wps_ie);
1427 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1428 } else
1429 wpa_ie_len = 0;
ad08c363
JM		 1430 wpabuf_free(wps_ie);
1431 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d
JM		 1432 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1433 params.wps = WPS_MODE_PRIVACY;
1434 else
1435 params.wps = WPS_MODE_OPEN;
cf546f1a 1436 wpa_s->wpa_proto = 0;
ad08c363 1437#endif /* CONFIG_WPS */
6fc6879b
JM		 1438 } else {
1439 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1440 wpa_ie_len = 0;
cf546f1a 1441 wpa_s->wpa_proto = 0;
6fc6879b
JM		 1442 }
1443
5f3a6aa0
JM		 1444#ifdef CONFIG_P2P
1445 if (wpa_s->global->p2p) {
1446 u8 *pos;
1447 size_t len;
1448 int res;
5f3a6aa0
JM		 1449 pos = wpa_ie + wpa_ie_len;
1450 len = sizeof(wpa_ie) - wpa_ie_len;
b8a8d677
JM		 1451 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1452 ssid->p2p_group);
5f3a6aa0
JM		 1453 if (res >= 0)
1454 wpa_ie_len += res;
1455 }
72044390
JM		 1456
1457 wpa_s->cross_connect_disallowed = 0;
1458 if (bss) {
1459 struct wpabuf *p2p;
1460 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1461 if (p2p) {
1462 wpa_s->cross_connect_disallowed =
1463 p2p_get_cross_connect_disallowed(p2p);
1464 wpabuf_free(p2p);
f049052b
BG		 1465 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1466 "connection",
1467 wpa_s->cross_connect_disallowed ?
1468 "disallows" : "allows");
72044390
JM		 1469 }
1470 }
5f3a6aa0
JM		 1471#endif /* CONFIG_P2P */
1472
cb418324 1473#ifdef CONFIG_HS20
55a2df43 1474 if (is_hs20_network(wpa_s, ssid, bss)) {
cb418324
JM		 1475 struct wpabuf *hs20;
1476 hs20 = wpabuf_alloc(20);
1477 if (hs20) {
1478 wpas_hs20_add_indication(hs20);
1479 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1480 wpabuf_len(hs20));
1481 wpa_ie_len += wpabuf_len(hs20);
1482 wpabuf_free(hs20);
1483 }
1484 }
1485#endif /* CONFIG_HS20 */
1486
03e47c9c
JM		 1487 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1488 if (ext_capab_len > 0) {
92cbcf91
JM		 1489 u8 *pos = wpa_ie;
1490 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1491 pos += 2 + pos[1];
03e47c9c
JM		 1492 os_memmove(pos + ext_capab_len, pos,
1493 wpa_ie_len - (pos - wpa_ie));
1494 wpa_ie_len += ext_capab_len;
1495 os_memcpy(pos, ext_capab, ext_capab_len);
92cbcf91 1496 }
92cbcf91 1497
6fc6879b
JM		 1498 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1499 use_crypt = 1;
62769a88
JM		 1500 cipher_pairwise = wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher);
1501 cipher_group = wpa_cipher_to_suite_driver(wpa_s->group_cipher);
6fc6879b
JM		 1502 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1503 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1504 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1505 use_crypt = 0;
1506 if (wpa_set_wep_keys(wpa_s, ssid)) {
1507 use_crypt = 1;
1508 wep_keys_set = 1;
1509 }
1510 }
ad08c363
JM		 1511 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1512 use_crypt = 0;
6fc6879b
JM		 1513
1514#ifdef IEEE8021X_EAPOL
1515 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1516 if ((ssid->eapol_flags &
1517 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1518 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1519 !wep_keys_set) {
1520 use_crypt = 0;
1521 } else {
1522 /* Assume that dynamic WEP-104 keys will be used and
1523 * set cipher suites in order for drivers to expect
1524 * encryption. */
1525 cipher_pairwise = cipher_group = CIPHER_WEP104;
1526 }
1527 }
1528#endif /* IEEE8021X_EAPOL */
1529
1530 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1531 /* Set the key before (and later after) association */
1532 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1533 }
1534
6fc6879b 1535 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 1536 if (bss) {
6fa81a3b
JM		 1537 params.ssid = bss->ssid;
1538 params.ssid_len = bss->ssid_len;
f15854d1
JM		 1539 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1540 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1541 MACSTR " freq=%u MHz based on scan results "
1542 "(bssid_set=%d)",
1543 MAC2STR(bss->bssid), bss->freq,
1544 ssid->bssid_set);
22628eca
JM		 1545 params.bssid = bss->bssid;
1546 params.freq = bss->freq;
1547 }
6fc6879b
JM		 1548 } else {
1549 params.ssid = ssid->ssid;
1550 params.ssid_len = ssid->ssid_len;
1551 }
9e2af29f
NC		 1552
1553 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1554 wpa_s->conf->ap_scan == 2) {
1555 params.bssid = ssid->bssid;
1556 params.fixed_bssid = 1;
1557 }
1558
d7dcba70
JM		 1559 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1560 params.freq == 0)
6fc6879b
JM		 1561 params.freq = ssid->frequency; /* Initial channel for IBSS */
1562 params.wpa_ie = wpa_ie;
1563 params.wpa_ie_len = wpa_ie_len;
1564 params.pairwise_suite = cipher_pairwise;
1565 params.group_suite = cipher_group;
1566 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
64fa840a 1567 params.wpa_proto = wpa_s->wpa_proto;
6fc6879b
JM		 1568 params.auth_alg = algs;
1569 params.mode = ssid->mode;
1f6c0ab8 1570 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 1571 for (i = 0; i < NUM_WEP_KEYS; i++) {
1572 if (ssid->wep_key_len[i])
1573 params.wep_key[i] = ssid->wep_key[i];
1574 params.wep_key_len[i] = ssid->wep_key_len[i];
1575 }
1576 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1577
c2a04078 1578 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1579 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1580 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1581 params.passphrase = ssid->passphrase;
1582 if (ssid->psk_set)
1583 params.psk = ssid->psk;
1584 }
1585
36b15723
JM		 1586 params.drop_unencrypted = use_crypt;
1587
6fc6879b 1588#ifdef CONFIG_IEEE80211W
62d49803
JM		 1589 params.mgmt_frame_protection =
1590 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1591 wpa_s->conf->pmf : ssid->ieee80211w;
1592 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 1593 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 1594 struct wpa_ie_data ie;
1595 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1596 ie.capabilities &
1597 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 1598 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1599 "MFP: require MFP");
97d3497e
JM		 1600 params.mgmt_frame_protection =
1601 MGMT_FRAME_PROTECTION_REQUIRED;
1602 }
1603 }
6fc6879b
JM		 1604#endif /* CONFIG_IEEE80211W */
1605
ffad8858 1606 params.p2p = ssid->p2p_group;
6e3f4b89 1607
eea2fd9e
JM		 1608 if (wpa_s->parent->set_sta_uapsd)
1609 params.uapsd = wpa_s->parent->sta_uapsd;
1610 else
1611 params.uapsd = -1;
1612
80e8a5ee
BG		 1613#ifdef CONFIG_HT_OVERRIDES
1614 os_memset(&htcaps, 0, sizeof(htcaps));
1615 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1616 params.htcaps = (u8 *) &htcaps;
1617 params.htcaps_mask = (u8 *) &htcaps_mask;
1618 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1619#endif /* CONFIG_HT_OVERRIDES */
1620
17fbb751 1621 ret = wpa_drv_associate(wpa_s, &params);
6fc6879b
JM		 1622 if (ret < 0) {
1623 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1624 "failed");
871f4dd0
JM		 1625 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1626 /*
1627 * The driver is known to mean what is saying, so we
1628 * can stop right here; the association will not
1629 * succeed.
1630 */
1631 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 1632 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 1633 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1634 return;
1635 }
6fc6879b
JM		 1636 /* try to continue anyway; new association will be tried again
1637 * after timeout */
1638 assoc_failed = 1;
1639 }
1640
1641 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1642 /* Set the key after the association just in case association
1643 * cleared the previously configured key. */
1644 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1645 /* No need to timeout authentication since there is no key
1646 * management. */
1647 wpa_supplicant_cancel_auth_timeout(wpa_s);
1648 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 1649#ifdef CONFIG_IBSS_RSN
d7dcba70 1650 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 1651 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1652 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1653 /*
1654 * RSN IBSS authentication is per-STA and we can disable the
1655 * per-BSSID authentication.
1656 */
1657 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 1658#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1659 } else {
1660 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1661 int timeout = 60;
1662
1663 if (assoc_failed) {
1664 /* give IBSS a bit more time */
d7dcba70 1665 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 1666 } else if (wpa_s->conf->ap_scan == 1) {
1667 /* give IBSS a bit more time */
d7dcba70 1668 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 1669 }
6fc6879b
JM		 1670 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1671 }
1672
66562e9c
JM		 1673 if (wep_keys_set &&
1674 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 1675 /* Set static WEP keys again */
1676 wpa_set_wep_keys(wpa_s, ssid);
1677 }
1678
1679 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1680 /*
1681 * Do not allow EAP session resumption between different
1682 * network configurations.
1683 */
1684 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1685 }
8bac466b 1686 old_ssid = wpa_s->current_ssid;
6fc6879b 1687 wpa_s->current_ssid = ssid;
8f770587 1688 wpa_s->current_bss = bss;
6fc6879b
JM		 1689 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1690 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1691 if (old_ssid != wpa_s->current_ssid)
1692 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1693}
1694
1695
09f58c09
JM		 1696static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1697 const u8 *addr)
1698{
1699 struct wpa_ssid *old_ssid;
1700
1701 wpa_clear_keys(wpa_s, addr);
09f58c09 1702 old_ssid = wpa_s->current_ssid;
0d30cc24 1703 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 1704 wpa_sm_set_config(wpa_s->wpa, NULL);
1705 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1706 if (old_ssid != wpa_s->current_ssid)
1707 wpas_notify_network_changed(wpa_s);
1708 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1709}
1710
1711
6fc6879b
JM		 1712/**
1713 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1714 * @wpa_s: Pointer to wpa_supplicant data
1715 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1716 *
073ab58f 1717 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1718 * current AP.
1719 */
1720void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1721 int reason_code)
1722{
1723 u8 *addr = NULL;
ef48ff94 1724 union wpa_event_data event;
42d23547 1725 int zero_addr = 0;
8bac466b 1726
42d23547
JM		 1727 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1728 " pending_bssid=" MACSTR " reason=%d state=%s",
1729 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1730 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1731
1732 if (!is_zero_ether_addr(wpa_s->bssid))
1733 addr = wpa_s->bssid;
1734 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1735 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1736 wpa_s->wpa_state == WPA_ASSOCIATING))
1737 addr = wpa_s->pending_bssid;
1738 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1739 /*
1740 * When using driver-based BSS selection, we may not know the
1741 * BSSID with which we are currently trying to associate. We
1742 * need to notify the driver of this disconnection even in such
1743 * a case, so use the all zeros address here.
1744 */
6fc6879b 1745 addr = wpa_s->bssid;
42d23547
JM		 1746 zero_addr = 1;
1747 }
1748
7b44ff2c
SD		 1749#ifdef CONFIG_TDLS
1750 wpa_tdls_teardown_peers(wpa_s->wpa);
1751#endif /* CONFIG_TDLS */
1752
42d23547
JM		 1753 if (addr) {
1754 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94
JM		 1755 os_memset(&event, 0, sizeof(event));
1756 event.deauth_info.reason_code = (u16) reason_code;
1757 event.deauth_info.locally_generated = 1;
1758 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 1759 if (zero_addr)
1760 addr = NULL;
6fc6879b 1761 }
09f58c09
JM		 1762
1763 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1764}
1765
dca1a511
DS		 1766static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1767 struct wpa_ssid *ssid)
1768{
1769 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1770 return;
1771
1772 ssid->disabled = 0;
1773 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1774 wpas_notify_network_enabled_changed(wpa_s, ssid);
1775
1776 /*
1777 * Try to reassociate since there is no current configuration and a new
1778 * network was made available.
1779 */
1780 if (!wpa_s->current_ssid)
1781 wpa_s->reassociate = 1;
1782}
1783
6fc6879b 1784
86b89452
WS		 1785/**
1786 * wpa_supplicant_enable_network - Mark a configured network as enabled
1787 * @wpa_s: wpa_supplicant structure for a network interface
1788 * @ssid: wpa_ssid structure for a configured network or %NULL
1789 *
1790 * Enables the specified network or all networks if no network specified.
1791 */
1792void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1793 struct wpa_ssid *ssid)
1794{
86b89452 1795 if (ssid == NULL) {
14f79078
JM		 1796 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1797 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 1798 } else
1799 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 1800
dca1a511
DS		 1801 if (wpa_s->reassociate) {
1802 if (wpa_s->sched_scanning) {
1803 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1804 "new network to scan filters");
1805 wpa_supplicant_cancel_sched_scan(wpa_s);
1806 }
86b89452 1807
dad153d1
JM		 1808 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1809 wpa_supplicant_req_scan(wpa_s, 0, 0);
86b89452
WS		 1810 }
1811}
1812
1813
1814/**
1815 * wpa_supplicant_disable_network - Mark a configured network as disabled
1816 * @wpa_s: wpa_supplicant structure for a network interface
1817 * @ssid: wpa_ssid structure for a configured network or %NULL
1818 *
1819 * Disables the specified network or all networks if no network specified.
1820 */
1821void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1822 struct wpa_ssid *ssid)
1823{
1824 struct wpa_ssid *other_ssid;
1825 int was_disabled;
1826
1827 if (ssid == NULL) {
725fc39e
DS		 1828 if (wpa_s->sched_scanning)
1829 wpa_supplicant_cancel_sched_scan(wpa_s);
1830
4dac0245
JM		 1831 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1832 other_ssid = other_ssid->next) {
86b89452 1833 was_disabled = other_ssid->disabled;
4dac0245
JM		 1834 if (was_disabled == 2)
1835 continue; /* do not change persistent P2P group
1836 * data */
86b89452
WS		 1837
1838 other_ssid->disabled = 1;
1839
1840 if (was_disabled != other_ssid->disabled)
1841 wpas_notify_network_enabled_changed(
1842 wpa_s, other_ssid);
86b89452
WS		 1843 }
1844 if (wpa_s->current_ssid)
07783eaa 1845 wpa_supplicant_deauthenticate(
86b89452 1846 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4dac0245 1847 } else if (ssid->disabled != 2) {
86b89452 1848 if (ssid == wpa_s->current_ssid)
07783eaa 1849 wpa_supplicant_deauthenticate(
86b89452
WS		 1850 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1851
1852 was_disabled = ssid->disabled;
1853
1854 ssid->disabled = 1;
1855
725fc39e 1856 if (was_disabled != ssid->disabled) {
86b89452 1857 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 1858 if (wpa_s->sched_scanning) {
1859 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1860 "to remove network from filters");
1861 wpa_supplicant_cancel_sched_scan(wpa_s);
1862 wpa_supplicant_req_scan(wpa_s, 0, 0);
1863 }
1864 }
86b89452
WS		 1865 }
1866}
1867
1868
1869/**
1870 * wpa_supplicant_select_network - Attempt association with a network
1871 * @wpa_s: wpa_supplicant structure for a network interface
1872 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1873 */
1874void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1875 struct wpa_ssid *ssid)
1876{
1877
1878 struct wpa_ssid *other_ssid;
d93dfbd5 1879 int disconnected = 0;
86b89452 1880
d93dfbd5 1881 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
07783eaa 1882 wpa_supplicant_deauthenticate(
86b89452 1883 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 1884 disconnected = 1;
1885 }
86b89452 1886
00e5e3d5
JM		 1887 if (ssid)
1888 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1889
86b89452
WS		 1890 /*
1891 * Mark all other networks disabled or mark all networks enabled if no
1892 * network specified.
1893 */
4dac0245
JM		 1894 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1895 other_ssid = other_ssid->next) {
86b89452 1896 int was_disabled = other_ssid->disabled;
4dac0245
JM		 1897 if (was_disabled == 2)
1898 continue; /* do not change persistent P2P group data */
86b89452
WS		 1899
1900 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 1901 if (was_disabled && !other_ssid->disabled)
1902 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 1903
1904 if (was_disabled != other_ssid->disabled)
1905 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 1906 }
2a6f78fb
JJ		 1907
1908 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1909 /* We are already associated with the selected network */
1910 wpa_printf(MSG_DEBUG, "Already associated with the "
1911 "selected network - do nothing");
1912 return;
1913 }
1914
96efeeb6
JM		 1915 if (ssid)
1916 wpa_s->current_ssid = ssid;
7dcdcfd6 1917 wpa_s->connect_without_scan = NULL;
86b89452
WS		 1918 wpa_s->disconnected = 0;
1919 wpa_s->reassociate = 1;
cecdddc1
PS		 1920
1921 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1922 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
86b89452 1923
a1641d26
JM		 1924 if (ssid)
1925 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 1926}
1927
1928
1929/**
1930 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1931 * @wpa_s: wpa_supplicant structure for a network interface
1932 * @ap_scan: AP scan mode
1933 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1934 *
1935 */
1936int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1937{
1938
1939 int old_ap_scan;
1940
1941 if (ap_scan < 0 || ap_scan > 2)
1942 return -1;
1943
48f8e036
DS		 1944#ifdef ANDROID
1945 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1946 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1947 wpa_s->wpa_state < WPA_COMPLETED) {
1948 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1949 "associating", wpa_s->conf->ap_scan, ap_scan);
1950 return 0;
1951 }
1952#endif /* ANDROID */
1953
86b89452
WS		 1954 old_ap_scan = wpa_s->conf->ap_scan;
1955 wpa_s->conf->ap_scan = ap_scan;
1956
1957 if (old_ap_scan != wpa_s->conf->ap_scan)
1958 wpas_notify_ap_scan_changed(wpa_s);
1959
1960 return 0;
1961}
1962
1963
78633c37
SL		 1964/**
1965 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1966 * @wpa_s: wpa_supplicant structure for a network interface
1967 * @expire_age: Expiration age in seconds
1968 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1969 *
1970 */
1971int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1972 unsigned int bss_expire_age)
1973{
1974 if (bss_expire_age < 10) {
1975 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1976 bss_expire_age);
1977 return -1;
1978 }
1979 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1980 bss_expire_age);
1981 wpa_s->conf->bss_expiration_age = bss_expire_age;
1982
1983 return 0;
1984}
1985
1986
1987/**
1988 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1989 * @wpa_s: wpa_supplicant structure for a network interface
1990 * @expire_count: number of scans after which an unseen BSS is reclaimed
1991 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1992 *
1993 */
1994int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1995 unsigned int bss_expire_count)
1996{
1997 if (bss_expire_count < 1) {
1998 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1999 bss_expire_count);
2000 return -1;
2001 }
2002 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2003 bss_expire_count);
2004 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2005
2006 return 0;
2007}
2008
2009
c6e86b63
MA		 2010/**
2011 * wpa_supplicant_set_scan_interval - Set scan interval
2012 * @wpa_s: wpa_supplicant structure for a network interface
2013 * @scan_interval: scan interval in seconds
2014 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2015 *
2016 */
2017int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2018 int scan_interval)
2019{
2020 if (scan_interval < 0) {
2021 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2022 scan_interval);
2023 return -1;
2024 }
2025 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2026 scan_interval);
9e737f08 2027 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 2028
2029 return 0;
2030}
2031
2032
86b89452
WS		 2033/**
2034 * wpa_supplicant_set_debug_params - Set global debug params
2035 * @global: wpa_global structure
2036 * @debug_level: debug level
2037 * @debug_timestamp: determines if show timestamp in debug data
2038 * @debug_show_keys: determines if show keys in debug data
2039 * Returns: 0 if succeed or -1 if debug_level has wrong value
2040 */
2041int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2042 int debug_timestamp, int debug_show_keys)
2043{
2044
2045 int old_level, old_timestamp, old_show_keys;
2046
2047 /* check for allowed debuglevels */
14dc0011
PS		 2048 if (debug_level != MSG_EXCESSIVE &&
2049 debug_level != MSG_MSGDUMP &&
86b89452
WS		 2050 debug_level != MSG_DEBUG &&
2051 debug_level != MSG_INFO &&
2052 debug_level != MSG_WARNING &&
2053 debug_level != MSG_ERROR)
2054 return -1;
2055
2056 old_level = wpa_debug_level;
2057 old_timestamp = wpa_debug_timestamp;
2058 old_show_keys = wpa_debug_show_keys;
2059
2060 wpa_debug_level = debug_level;
2061 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2062 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2063
db9133ac
WS		 2064 if (wpa_debug_level != old_level)
2065 wpas_notify_debug_level_changed(global);
2066 if (wpa_debug_timestamp != old_timestamp)
2067 wpas_notify_debug_timestamp_changed(global);
2068 if (wpa_debug_show_keys != old_show_keys)
2069 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 2070
2071 return 0;
2072}
2073
2074
6fc6879b
JM		 2075/**
2076 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2077 * @wpa_s: Pointer to wpa_supplicant data
2078 * Returns: A pointer to the current network structure or %NULL on failure
2079 */
2080struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2081{
2082 struct wpa_ssid *entry;
2083 u8 ssid[MAX_SSID_LEN];
2084 int res;
2085 size_t ssid_len;
2086 u8 bssid[ETH_ALEN];
2087 int wired;
2088
17fbb751
JM		 2089 res = wpa_drv_get_ssid(wpa_s, ssid);
2090 if (res < 0) {
2091 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2092 "driver");
2093 return NULL;
6fc6879b 2094 }
17fbb751 2095 ssid_len = res;
6fc6879b 2096
17fbb751 2097 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 2098 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2099 "driver");
6fc6879b
JM		 2100 return NULL;
2101 }
2102
c2a04078
JM		 2103 wired = wpa_s->conf->ap_scan == 0 &&
2104 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 2105
2106 entry = wpa_s->conf->ssid;
2107 while (entry) {
349493bd 2108 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 2109 ((ssid_len == entry->ssid_len &&
2110 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2111 (!entry->bssid_set ||
2112 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2113 return entry;
24c23d1b 2114#ifdef CONFIG_WPS
349493bd 2115 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 2116 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2117 (entry->ssid == NULL || entry->ssid_len == 0) &&
2118 (!entry->bssid_set ||
2119 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2120 return entry;
2121#endif /* CONFIG_WPS */
7d232e23 2122
349493bd 2123 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 2124 entry->ssid_len == 0 &&
2125 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2126 return entry;
2127
6fc6879b
JM		 2128 entry = entry->next;
2129 }
2130
2131 return NULL;
2132}
2133
2134
7756114f
JM		 2135static int select_driver(struct wpa_supplicant *wpa_s, int i)
2136{
2137 struct wpa_global *global = wpa_s->global;
2138
2139 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2140 global->drv_priv[i] = wpa_drivers[i]->global_init();
2141 if (global->drv_priv[i] == NULL) {
2142 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2143 "'%s'", wpa_drivers[i]->name);
2144 return -1;
2145 }
2146 }
2147
2148 wpa_s->driver = wpa_drivers[i];
2149 wpa_s->global_drv_priv = global->drv_priv[i];
2150
2151 return 0;
2152}
2153
2154
6fc6879b
JM		 2155static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2156 const char *name)
2157{
2158 int i;
362f781e 2159 size_t len;
74b1c84a 2160 const char *pos, *driver = name;
6fc6879b
JM		 2161
2162 if (wpa_s == NULL)
2163 return -1;
2164
c5121837 2165 if (wpa_drivers[0] == NULL) {
f049052b
BG		 2166 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2167 "wpa_supplicant");
6fc6879b
JM		 2168 return -1;
2169 }
2170
2171 if (name == NULL) {
2172 /* default to first driver in the list */
7756114f 2173 return select_driver(wpa_s, 0);
6fc6879b
JM		 2174 }
2175
74b1c84a
SO		 2176 do {
2177 pos = os_strchr(driver, ',');
2178 if (pos)
2179 len = pos - driver;
2180 else
2181 len = os_strlen(driver);
2182
2183 for (i = 0; wpa_drivers[i]; i++) {
2184 if (os_strlen(wpa_drivers[i]->name) == len &&
2185 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 2186 0) {
2187 /* First driver that succeeds wins */
2188 if (select_driver(wpa_s, i) == 0)
2189 return 0;
2190 }
6fc6879b 2191 }
74b1c84a
SO		 2192
2193 driver = pos + 1;
2194 } while (pos);
6fc6879b 2195
f049052b 2196 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 2197 return -1;
2198}
2199
2200
a8e0505b
JM		 2201/**
2202 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2203 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2204 * with struct wpa_driver_ops::init()
2205 * @src_addr: Source address of the EAPOL frame
2206 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2207 * @len: Length of the EAPOL data
2208 *
2209 * This function is called for each received EAPOL frame. Most driver
2210 * interfaces rely on more generic OS mechanism for receiving frames through
2211 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2212 * take care of received EAPOL frames and deliver them to the core supplicant
2213 * code by calling this function.
2214 */
6fc6879b
JM		 2215void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2216 const u8 *buf, size_t len)
2217{
2218 struct wpa_supplicant *wpa_s = ctx;
2219
f049052b 2220 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 2221 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2222
3ab35a66
JM		 2223 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2224 (wpa_s->last_eapol_matches_bssid &&
2225#ifdef CONFIG_AP
2226 !wpa_s->ap_iface &&
2227#endif /* CONFIG_AP */
2228 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 2229 /*
2230 * There is possible race condition between receiving the
2231 * association event and the EAPOL frame since they are coming
2232 * through different paths from the driver. In order to avoid
2233 * issues in trying to process the EAPOL frame before receiving
2234 * association information, lets queue it for processing until
3ab35a66
JM		 2235 * the association event is received. This may also be needed in
2236 * driver-based roaming case, so also use src_addr != BSSID as a
2237 * trigger if we have previously confirmed that the
2238 * Authenticator uses BSSID as the src_addr (which is not the
2239 * case with wired IEEE 802.1X).
1ff73338 2240 */
f049052b 2241 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 2242 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2243 wpa_supplicant_state_txt(wpa_s->wpa_state),
2244 MAC2STR(wpa_s->bssid));
1ff73338
JM		 2245 wpabuf_free(wpa_s->pending_eapol_rx);
2246 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2247 if (wpa_s->pending_eapol_rx) {
2248 os_get_time(&wpa_s->pending_eapol_rx_time);
2249 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2250 ETH_ALEN);
2251 }
2252 return;
2253 }
2254
3ab35a66
JM		 2255 wpa_s->last_eapol_matches_bssid =
2256 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2257
db149ac9
JM		 2258#ifdef CONFIG_AP
2259 if (wpa_s->ap_iface) {
2260 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2261 return;
2262 }
2263#endif /* CONFIG_AP */
2264
6fc6879b 2265 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 2266 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2267 "no key management is configured");
6fc6879b
JM		 2268 return;
2269 }
2270
2271 if (wpa_s->eapol_received == 0 &&
c2a04078 2272 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 2273 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 2274 wpa_s->wpa_state != WPA_COMPLETED) &&
2275 (wpa_s->current_ssid == NULL ||
2276 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 2277 /* Timeout for completing IEEE 802.1X and WPA authentication */
2278 wpa_supplicant_req_auth_timeout(
2279 wpa_s,
56586197 2280 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 2281 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2282 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 2283 70 : 10, 0);
2284 }
2285 wpa_s->eapol_received++;
2286
2287 if (wpa_s->countermeasures) {
f049052b
BG		 2288 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2289 "EAPOL packet");
6fc6879b
JM		 2290 return;
2291 }
2292
8be18440
JM		 2293#ifdef CONFIG_IBSS_RSN
2294 if (wpa_s->current_ssid &&
d7dcba70 2295 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 2296 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2297 return;
2298 }
2299#endif /* CONFIG_IBSS_RSN */
2300
6fc6879b
JM		 2301 /* Source address of the incoming EAPOL frame could be compared to the
2302 * current BSSID. However, it is possible that a centralized
2303 * Authenticator could be using another MAC address than the BSSID of
2304 * an AP, so just allow any address to be used for now. The replies are
2305 * still sent to the current BSSID (if available), though. */
2306
2307 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 2308 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 2309 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2310 return;
2311 wpa_drv_poll(wpa_s);
c2a04078 2312 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 2313 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 2314 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 2315 /*
2316 * Set portValid = TRUE here since we are going to skip 4-way
2317 * handshake processing which would normally set portValid. We
2318 * need this to allow the EAPOL state machines to be completed
2319 * without going through EAPOL-Key handshake.
2320 */
2321 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2322 }
2323}
2324
2325
bfba8deb 2326int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 2327{
6fc6879b
JM		 2328 if (wpa_s->driver->send_eapol) {
2329 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2330 if (addr)
2331 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1c42b42f
JM		 2332 } else if ((!wpa_s->p2p_mgmt ||
2333 !(wpa_s->drv_flags &
2334 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
c68f6200 2335 !(wpa_s->drv_flags &
fdadd5fe 2336 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 2337 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 2338 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2339 wpa_drv_get_mac_addr(wpa_s),
2340 ETH_P_EAPOL,
2341 wpa_supplicant_rx_eapol, wpa_s, 0);
2342 if (wpa_s->l2 == NULL)
2343 return -1;
fdadd5fe
JM		 2344 } else {
2345 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2346 if (addr)
2347 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 2348 }
2349
2350 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 2351 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 2352 return -1;
2353 }
2354
bfba8deb
JM		 2355 return 0;
2356}
2357
2358
25f839c6
JM		 2359static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2360 const u8 *buf, size_t len)
2361{
2362 struct wpa_supplicant *wpa_s = ctx;
2363 const struct l2_ethhdr *eth;
2364
2365 if (len < sizeof(*eth))
2366 return;
2367 eth = (const struct l2_ethhdr *) buf;
2368
2369 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2370 !(eth->h_dest[0] & 0x01)) {
2371 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2372 " (bridge - not for this interface - ignore)",
2373 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2374 return;
2375 }
2376
2377 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2378 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2379 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2380 len - sizeof(*eth));
2381}
2382
2383
bfba8deb
JM		 2384/**
2385 * wpa_supplicant_driver_init - Initialize driver interface parameters
2386 * @wpa_s: Pointer to wpa_supplicant data
2387 * Returns: 0 on success, -1 on failure
2388 *
2389 * This function is called to initialize driver interface parameters.
2390 * wpa_drv_init() must have been called before this function to initialize the
2391 * driver interface.
2392 */
2393int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2394{
2395 static int interface_count = 0;
2396
2397 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2398 return -1;
2399
c68f6200
AS		 2400 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2401 MAC2STR(wpa_s->own_addr));
2402 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2403
6fc6879b 2404 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 2405 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2406 "interface '%s'", wpa_s->bridge_ifname);
6fc6879b
JM		 2407 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2408 wpa_s->own_addr,
2409 ETH_P_EAPOL,
25f839c6
JM		 2410 wpa_supplicant_rx_eapol_bridge,
2411 wpa_s, 1);
6fc6879b 2412 if (wpa_s->l2_br == NULL) {
f049052b
BG		 2413 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2414 "connection for the bridge interface '%s'",
2415 wpa_s->bridge_ifname);
6fc6879b
JM		 2416 return -1;
2417 }
2418 }
2419
6fc6879b
JM		 2420 wpa_clear_keys(wpa_s, NULL);
2421
2422 /* Make sure that TKIP countermeasures are not left enabled (could
2423 * happen if wpa_supplicant is killed during countermeasures. */
2424 wpa_drv_set_countermeasures(wpa_s, 0);
2425
f049052b 2426 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 2427 wpa_drv_flush_pmkid(wpa_s);
2428
ba2a573c 2429 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 2430 wpa_s->prev_scan_wildcard = 0;
2431
349493bd 2432 if (wpa_supplicant_enabled_networks(wpa_s)) {
6a90053c
LC		 2433 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2434 100000))
a4cba8f1
LC		 2435 wpa_supplicant_req_scan(wpa_s, interface_count,
2436 100000);
74e259ec
JM		 2437 interface_count++;
2438 } else
2439 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 2440
2441 return 0;
2442}
2443
2444
2445static int wpa_supplicant_daemon(const char *pid_file)
2446{
2447 wpa_printf(MSG_DEBUG, "Daemonize..");
2448 return os_daemonize(pid_file);
2449}
2450
2451
2452static struct wpa_supplicant * wpa_supplicant_alloc(void)
2453{
2454 struct wpa_supplicant *wpa_s;
2455
2456 wpa_s = os_zalloc(sizeof(*wpa_s));
2457 if (wpa_s == NULL)
2458 return NULL;
4115303b 2459 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 2460 wpa_s->scan_interval = 5;
c302f207 2461 wpa_s->new_connection = 1;
b22128ef 2462 wpa_s->parent = wpa_s;
cbdf3507 2463 wpa_s->sched_scanning = 0;
6fc6879b
JM		 2464
2465 return wpa_s;
2466}
2467
2468
80e8a5ee
BG		 2469#ifdef CONFIG_HT_OVERRIDES
2470
2471static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2472 struct ieee80211_ht_capabilities *htcaps,
2473 struct ieee80211_ht_capabilities *htcaps_mask,
2474 const char *ht_mcs)
2475{
2476 /* parse ht_mcs into hex array */
2477 int i;
2478 const char *tmp = ht_mcs;
2479 char *end = NULL;
2480
2481 /* If ht_mcs is null, do not set anything */
2482 if (!ht_mcs)
2483 return 0;
2484
2485 /* This is what we are setting in the kernel */
2486 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2487
2488 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2489
2490 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2491 errno = 0;
2492 long v = strtol(tmp, &end, 16);
2493 if (errno == 0) {
2494 wpa_msg(wpa_s, MSG_DEBUG,
2495 "htcap value[%i]: %ld end: %p tmp: %p",
2496 i, v, end, tmp);
2497 if (end == tmp)
2498 break;
2499
2500 htcaps->supported_mcs_set[i] = v;
2501 tmp = end;
2502 } else {
2503 wpa_msg(wpa_s, MSG_ERROR,
2504 "Failed to parse ht-mcs: %s, error: %s\n",
2505 ht_mcs, strerror(errno));
2506 return -1;
2507 }
2508 }
2509
2510 /*
2511 * If we were able to parse any values, then set mask for the MCS set.
2512 */
2513 if (i) {
2514 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2515 IEEE80211_HT_MCS_MASK_LEN - 1);
2516 /* skip the 3 reserved bits */
2517 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2518 0x1f;
2519 }
2520
2521 return 0;
2522}
2523
2524
2525static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2526 struct ieee80211_ht_capabilities *htcaps,
2527 struct ieee80211_ht_capabilities *htcaps_mask,
2528 int disabled)
2529{
2530 u16 msk;
2531
2532 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2533
2534 if (disabled == -1)
2535 return 0;
2536
2537 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2538 htcaps_mask->ht_capabilities_info |= msk;
2539 if (disabled)
2540 htcaps->ht_capabilities_info &= msk;
2541 else
2542 htcaps->ht_capabilities_info |= msk;
2543
2544 return 0;
2545}
2546
2547
2548static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2549 struct ieee80211_ht_capabilities *htcaps,
2550 struct ieee80211_ht_capabilities *htcaps_mask,
2551 int factor)
2552{
2553 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2554
2555 if (factor == -1)
2556 return 0;
2557
2558 if (factor < 0 || factor > 3) {
2559 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2560 "Must be 0-3 or -1", factor);
2561 return -EINVAL;
2562 }
2563
2564 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2565 htcaps->a_mpdu_params &= ~0x3;
2566 htcaps->a_mpdu_params |= factor & 0x3;
2567
2568 return 0;
2569}
2570
2571
2572static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2573 struct ieee80211_ht_capabilities *htcaps,
2574 struct ieee80211_ht_capabilities *htcaps_mask,
2575 int density)
2576{
2577 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2578
2579 if (density == -1)
2580 return 0;
2581
2582 if (density < 0 || density > 7) {
2583 wpa_msg(wpa_s, MSG_ERROR,
2584 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2585 density);
2586 return -EINVAL;
2587 }
2588
2589 htcaps_mask->a_mpdu_params |= 0x1C;
2590 htcaps->a_mpdu_params &= ~(0x1C);
2591 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2592
2593 return 0;
2594}
2595
2596
2597static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2598 struct ieee80211_ht_capabilities *htcaps,
2599 struct ieee80211_ht_capabilities *htcaps_mask,
2600 int disabled)
2601{
2602 /* Masking these out disables HT40 */
2603 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2604 HT_CAP_INFO_SHORT_GI40MHZ);
2605
2606 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2607
2608 if (disabled)
2609 htcaps->ht_capabilities_info &= ~msk;
2610 else
2611 htcaps->ht_capabilities_info |= msk;
2612
2613 htcaps_mask->ht_capabilities_info |= msk;
2614
2615 return 0;
2616}
2617
2618
a90497f8
BG		 2619static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2620 struct ieee80211_ht_capabilities *htcaps,
2621 struct ieee80211_ht_capabilities *htcaps_mask,
2622 int disabled)
2623{
2624 /* Masking these out disables SGI */
2625 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2626 HT_CAP_INFO_SHORT_GI40MHZ);
2627
2628 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2629
2630 if (disabled)
2631 htcaps->ht_capabilities_info &= ~msk;
2632 else
2633 htcaps->ht_capabilities_info |= msk;
2634
2635 htcaps_mask->ht_capabilities_info |= msk;
2636
2637 return 0;
2638}
2639
2640
80e8a5ee
BG		 2641void wpa_supplicant_apply_ht_overrides(
2642 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2643 struct wpa_driver_associate_params *params)
2644{
2645 struct ieee80211_ht_capabilities *htcaps;
2646 struct ieee80211_ht_capabilities *htcaps_mask;
2647
2648 if (!ssid)
2649 return;
2650
2651 params->disable_ht = ssid->disable_ht;
2652 if (!params->htcaps || !params->htcaps_mask)
2653 return;
2654
2655 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2656 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2657 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2658 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2659 ssid->disable_max_amsdu);
2660 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2661 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2662 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 2663 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
80e8a5ee
BG		 2664}
2665
2666#endif /* CONFIG_HT_OVERRIDES */
2667
2668
e9ee8dc3
JB		 2669#ifdef CONFIG_VHT_OVERRIDES
2670void wpa_supplicant_apply_vht_overrides(
2671 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2672 struct wpa_driver_associate_params *params)
2673{
2674 struct ieee80211_vht_capabilities *vhtcaps;
2675 struct ieee80211_vht_capabilities *vhtcaps_mask;
2676
2677 if (!ssid)
2678 return;
2679
2680 params->disable_vht = ssid->disable_vht;
2681
2682 vhtcaps = (void *) params->vhtcaps;
2683 vhtcaps_mask = (void *) params->vhtcaps_mask;
2684
2685 if (!vhtcaps || !vhtcaps_mask)
2686 return;
2687
2688 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2689 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2690
2691#define OVERRIDE_MCS(i) \
2692 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2693 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2694 3 << 2 * (i - 1); \
2695 vhtcaps->vht_supported_mcs_set.tx_map |= \
2696 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2697 } \
2698 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2699 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2700 3 << 2 * (i - 1); \
2701 vhtcaps->vht_supported_mcs_set.rx_map |= \
2702 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2703 }
2704
2705 OVERRIDE_MCS(1);
2706 OVERRIDE_MCS(2);
2707 OVERRIDE_MCS(3);
2708 OVERRIDE_MCS(4);
2709 OVERRIDE_MCS(5);
2710 OVERRIDE_MCS(6);
2711 OVERRIDE_MCS(7);
2712 OVERRIDE_MCS(8);
2713}
2714#endif /* CONFIG_VHT_OVERRIDES */
2715
2716
f64adcd7
JM		 2717static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2718{
2719#ifdef PCSC_FUNCS
2720 size_t len;
2721
2722 if (!wpa_s->conf->pcsc_reader)
2723 return 0;
2724
2725 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2726 if (!wpa_s->scard)
2727 return 1;
2728
2729 if (wpa_s->conf->pcsc_pin &&
2730 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2731 scard_deinit(wpa_s->scard);
2732 wpa_s->scard = NULL;
2733 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2734 return -1;
2735 }
2736
2737 len = sizeof(wpa_s->imsi) - 1;
2738 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2739 scard_deinit(wpa_s->scard);
2740 wpa_s->scard = NULL;
2741 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2742 return -1;
2743 }
2744 wpa_s->imsi[len] = '\0';
2745
2746 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2747
2748 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2749 wpa_s->imsi, wpa_s->mnc_len);
2750
2751 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2752 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2753#endif /* PCSC_FUNCS */
2754
2755 return 0;
2756}
2757
2758
306ae225
JM		 2759int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2760{
2761 char *val, *pos;
2762
2763 ext_password_deinit(wpa_s->ext_pw);
2764 wpa_s->ext_pw = NULL;
2765 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2766
2767 if (!wpa_s->conf->ext_password_backend)
2768 return 0;
2769
2770 val = os_strdup(wpa_s->conf->ext_password_backend);
2771 if (val == NULL)
2772 return -1;
2773 pos = os_strchr(val, ':');
2774 if (pos)
2775 *pos++ = '\0';
2776
2777 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2778
2779 wpa_s->ext_pw = ext_password_init(val, pos);
2780 os_free(val);
2781 if (wpa_s->ext_pw == NULL) {
2782 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2783 return -1;
2784 }
2785 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2786
2787 return 0;
2788}
2789
2790
6fc6879b
JM		 2791static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2792 struct wpa_interface *iface)
2793{
362f781e
JM		 2794 const char *ifname, *driver;
2795 struct wpa_driver_capa capa;
2796
6fc6879b
JM		 2797 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2798 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2799 iface->confname ? iface->confname : "N/A",
2800 iface->driver ? iface->driver : "default",
2801 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2802 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2803
6fc6879b
JM		 2804 if (iface->confname) {
2805#ifdef CONFIG_BACKEND_FILE
2806 wpa_s->confname = os_rel2abs_path(iface->confname);
2807 if (wpa_s->confname == NULL) {
2808 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2809 "for configuration file '%s'.",
2810 iface->confname);
2811 return -1;
2812 }
2813 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2814 iface->confname, wpa_s->confname);
2815#else /* CONFIG_BACKEND_FILE */
2816 wpa_s->confname = os_strdup(iface->confname);
2817#endif /* CONFIG_BACKEND_FILE */
e6304cad 2818 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 2819 if (wpa_s->conf == NULL) {
2820 wpa_printf(MSG_ERROR, "Failed to read or parse "
2821 "configuration '%s'.", wpa_s->confname);
2822 return -1;
2823 }
e6304cad
DS		 2824 wpa_s->confanother = os_rel2abs_path(iface->confanother);
2825 wpa_config_read(wpa_s->confanother, wpa_s->conf);
6fc6879b
JM		 2826
2827 /*
2828 * Override ctrl_interface and driver_param if set on command
2829 * line.
2830 */
2831 if (iface->ctrl_interface) {
2832 os_free(wpa_s->conf->ctrl_interface);
2833 wpa_s->conf->ctrl_interface =
2834 os_strdup(iface->ctrl_interface);
2835 }
2836
2837 if (iface->driver_param) {
2838 os_free(wpa_s->conf->driver_param);
2839 wpa_s->conf->driver_param =
2840 os_strdup(iface->driver_param);
2841 }
78f79fe5
JM		 2842
2843 if (iface->p2p_mgmt && !iface->ctrl_interface) {
2844 os_free(wpa_s->conf->ctrl_interface);
2845 wpa_s->conf->ctrl_interface = NULL;
2846 }
6fc6879b
JM		 2847 } else
2848 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2849 iface->driver_param);
2850
2851 if (wpa_s->conf == NULL) {
2852 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2853 return -1;
2854 }
2855
2856 if (iface->ifname == NULL) {
2857 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2858 return -1;
2859 }
2860 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2861 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2862 iface->ifname);
2863 return -1;
2864 }
2865 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2866
2867 if (iface->bridge_ifname) {
2868 if (os_strlen(iface->bridge_ifname) >=
2869 sizeof(wpa_s->bridge_ifname)) {
2870 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2871 "name '%s'.", iface->bridge_ifname);
2872 return -1;
2873 }
2874 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2875 sizeof(wpa_s->bridge_ifname));
2876 }
2877
6fc6879b
JM		 2878 /* RSNA Supplicant Key Management - INITIALIZE */
2879 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2880 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2881
2882 /* Initialize driver interface and register driver event handler before
2883 * L2 receive handler so that association events are processed before
2884 * EAPOL-Key packets if both become available for the same select()
2885 * call. */
362f781e
JM		 2886 driver = iface->driver;
2887next_driver:
2888 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2889 return -1;
2890
6fc6879b
JM		 2891 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2892 if (wpa_s->drv_priv == NULL) {
362f781e 2893 const char *pos;
a5b9337f 2894 pos = driver ? os_strchr(driver, ',') : NULL;
362f781e 2895 if (pos) {
f049052b
BG		 2896 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2897 "driver interface - try next driver wrapper");
362f781e
JM		 2898 driver = pos + 1;
2899 goto next_driver;
2900 }
f049052b
BG		 2901 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2902 "interface");
6fc6879b
JM		 2903 return -1;
2904 }
2905 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
f049052b
BG		 2906 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2907 "driver_param '%s'", wpa_s->conf->driver_param);
6fc6879b
JM		 2908 return -1;
2909 }
2910
2911 ifname = wpa_drv_get_ifname(wpa_s);
2912 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
f049052b
BG		 2913 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2914 "interface name with '%s'", ifname);
6fc6879b
JM		 2915 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2916 }
2917
2918 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2919 return -1;
2920
2921 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2922 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2923 NULL);
2924 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2925
2926 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2927 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2928 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 2929 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2930 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 2931 return -1;
2932 }
2933
2934 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2935 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2936 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 2937 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 2938 "dot11RSNAConfigPMKReauthThreshold");
2939 return -1;
2940 }
2941
2942 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2943 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2944 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 2945 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2946 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 2947 return -1;
2948 }
2949
6bf731e8
CL		 2950 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2951 &wpa_s->hw.num_modes,
2952 &wpa_s->hw.flags);
2953
814782b9 2954 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c58ab8f2 2955 wpa_s->drv_capa_known = 1;
814782b9 2956 wpa_s->drv_flags = capa.flags;
349493bd 2957 wpa_s->drv_enc = capa.enc;
4f73d88a 2958 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 2959 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507
LC		 2960 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2961 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 2962 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 2963 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 2964 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 2965 wpa_s->extended_capa = capa.extended_capa;
2966 wpa_s->extended_capa_mask = capa.extended_capa_mask;
2967 wpa_s->extended_capa_len = capa.extended_capa_len;
814782b9
JM		 2968 }
2969 if (wpa_s->max_remain_on_chan == 0)
2970 wpa_s->max_remain_on_chan = 1000;
2971
c68f6200
AS		 2972 /*
2973 * Only take p2p_mgmt parameters when P2P Device is supported.
2974 * Doing it here as it determines whether l2_packet_init() will be done
2975 * during wpa_supplicant_driver_init().
2976 */
2977 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
2978 wpa_s->p2p_mgmt = iface->p2p_mgmt;
2979 else
2980 iface->p2p_mgmt = 1;
2981
6fc6879b
JM		 2982 if (wpa_supplicant_driver_init(wpa_s) < 0)
2983 return -1;
2984
281ff0aa 2985#ifdef CONFIG_TDLS
1c42b42f
JM		 2986 if ((!iface->p2p_mgmt ||
2987 !(wpa_s->drv_flags &
2988 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2989 wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 2990 return -1;
2991#endif /* CONFIG_TDLS */
2992
315ce40a
JM		 2993 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2994 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 2995 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 2996 return -1;
2997 }
2998
116654ce
JM		 2999 if (wpas_wps_init(wpa_s))
3000 return -1;
3001
6fc6879b
JM		 3002 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3003 return -1;
3004 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3005
3006 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3007 if (wpa_s->ctrl_iface == NULL) {
3008 wpa_printf(MSG_ERROR,
3009 "Failed to initialize control interface '%s'.\n"
3010 "You may have another wpa_supplicant process "
3011 "already running or the file was\n"
3012 "left by an unclean termination of wpa_supplicant "
3013 "in which case you will need\n"
3014 "to manually remove this file before starting "
3015 "wpa_supplicant again.\n",
3016 wpa_s->conf->ctrl_interface);
3017 return -1;
3018 }
3019
04ea7b79
JM		 3020 wpa_s->gas = gas_query_init(wpa_s);
3021 if (wpa_s->gas == NULL) {
3022 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3023 return -1;
3024 }
3025
b22128ef 3026#ifdef CONFIG_P2P
c68f6200 3027 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 3028 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 3029 return -1;
3030 }
3031#endif /* CONFIG_P2P */
3032
83922c2d
JM		 3033 if (wpa_bss_init(wpa_s) < 0)
3034 return -1;
83922c2d 3035
ec7b97ab
JM		 3036#ifdef CONFIG_EAP_PROXY
3037{
3038 size_t len;
3039 wpa_s->mnc_len = eap_proxy_get_imsi(wpa_s->imsi, &len);
3040 if (wpa_s->mnc_len > 0) {
3041 wpa_s->imsi[len] = '\0';
3042 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3043 wpa_s->imsi, wpa_s->mnc_len);
3044 } else {
3045 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3046 }
3047}
3048#endif /* CONFIG_EAP_PROXY */
3049
f64adcd7
JM		 3050 if (pcsc_reader_init(wpa_s) < 0)
3051 return -1;
3052
306ae225
JM		 3053 if (wpas_init_ext_pw(wpa_s) < 0)
3054 return -1;
3055
6fc6879b
JM		 3056 return 0;
3057}
3058
3059
2ee055b3 3060static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 3061 int notify, int terminate)
6fc6879b 3062{
e679f140 3063 wpa_s->disconnected = 1;
6fc6879b
JM		 3064 if (wpa_s->drv_priv) {
3065 wpa_supplicant_deauthenticate(wpa_s,
3066 WLAN_REASON_DEAUTH_LEAVING);
3067
6fc6879b
JM		 3068 wpa_drv_set_countermeasures(wpa_s, 0);
3069 wpa_clear_keys(wpa_s, NULL);
3070 }
3071
8e56d189
JM		 3072 wpa_supplicant_cleanup(wpa_s);
3073
ab28911d
JM		 3074#ifdef CONFIG_P2P
3075 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3076 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3077 "the management interface is being removed");
3078 wpas_p2p_deinit_global(wpa_s->global);
3079 }
3080#endif /* CONFIG_P2P */
3081
6fc6879b
JM		 3082 if (wpa_s->drv_priv)
3083 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 3084
3085 if (notify)
3086 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 3087
3088 if (terminate)
3089 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3090
3091 if (wpa_s->ctrl_iface) {
3092 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3093 wpa_s->ctrl_iface = NULL;
3094 }
3095
3096 if (wpa_s->conf != NULL) {
3097 wpa_config_free(wpa_s->conf);
3098 wpa_s->conf = NULL;
3099 }
18e00b5e
JM		 3100
3101 os_free(wpa_s);
6fc6879b
JM		 3102}
3103
3104
3105/**
3106 * wpa_supplicant_add_iface - Add a new network interface
3107 * @global: Pointer to global data from wpa_supplicant_init()
3108 * @iface: Interface configuration options
3109 * Returns: Pointer to the created interface or %NULL on failure
3110 *
3111 * This function is used to add new network interfaces for %wpa_supplicant.
3112 * This can be called before wpa_supplicant_run() to add interfaces before the
3113 * main event loop has been started. In addition, new interfaces can be added
3114 * dynamically while %wpa_supplicant is already running. This could happen,
3115 * e.g., when a hotplug network adapter is inserted.
3116 */
3117struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3118 struct wpa_interface *iface)
3119{
3120 struct wpa_supplicant *wpa_s;
d27df100 3121 struct wpa_interface t_iface;
8e56d189 3122 struct wpa_ssid *ssid;
6fc6879b
JM		 3123
3124 if (global == NULL || iface == NULL)
3125 return NULL;
3126
3127 wpa_s = wpa_supplicant_alloc();
3128 if (wpa_s == NULL)
3129 return NULL;
3130
d8222ae3
JM		 3131 wpa_s->global = global;
3132
d27df100
JM		 3133 t_iface = *iface;
3134 if (global->params.override_driver) {
3135 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3136 "('%s' -> '%s')",
3137 iface->driver, global->params.override_driver);
3138 t_iface.driver = global->params.override_driver;
3139 }
3140 if (global->params.override_ctrl_interface) {
3141 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3142 "ctrl_interface ('%s' -> '%s')",
3143 iface->ctrl_interface,
3144 global->params.override_ctrl_interface);
3145 t_iface.ctrl_interface =
3146 global->params.override_ctrl_interface;
3147 }
3148 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 3149 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3150 iface->ifname);
df509539 3151 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 3152 return NULL;
3153 }
3154
dc461de4
WS		 3155 /* Notify the control interfaces about new iface */
3156 if (wpas_notify_iface_added(wpa_s)) {
df509539 3157 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6fc6879b
JM		 3158 return NULL;
3159 }
1bd3f426 3160
8e56d189
JM		 3161 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3162 wpas_notify_network_added(wpa_s, ssid);
3163
6fc6879b
JM		 3164 wpa_s->next = global->ifaces;
3165 global->ifaces = wpa_s;
3166
f049052b 3167 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 3168 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b
JM		 3169
3170 return wpa_s;
3171}
3172
3173
3174/**
3175 * wpa_supplicant_remove_iface - Remove a network interface
3176 * @global: Pointer to global data from wpa_supplicant_init()
3177 * @wpa_s: Pointer to the network interface to be removed
3178 * Returns: 0 if interface was removed, -1 if interface was not found
3179 *
3180 * This function can be used to dynamically remove network interfaces from
3181 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3182 * addition, this function is used to remove all remaining interfaces when
3183 * %wpa_supplicant is terminated.
3184 */
3185int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 3186 struct wpa_supplicant *wpa_s,
3187 int terminate)
6fc6879b
JM		 3188{
3189 struct wpa_supplicant *prev;
3190
3191 /* Remove interface from the global list of interfaces */
3192 prev = global->ifaces;
3193 if (prev == wpa_s) {
3194 global->ifaces = wpa_s->next;
3195 } else {
3196 while (prev && prev->next != wpa_s)
3197 prev = prev->next;
3198 if (prev == NULL)
3199 return -1;
3200 prev->next = wpa_s->next;
3201 }
3202
f049052b 3203 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 3204
b22128ef
JM		 3205 if (global->p2p_group_formation == wpa_s)
3206 global->p2p_group_formation = NULL;
dbca75f8
JM		 3207 if (global->p2p_invite_group == wpa_s)
3208 global->p2p_invite_group = NULL;
df509539 3209 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b
JM		 3210
3211 return 0;
3212}
3213
3214
cf83fb0b
PS		 3215/**
3216 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3217 * @wpa_s: Pointer to the network interface
3218 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3219 */
3220const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3221{
3222 const char *eapol_method;
3223
3224 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3225 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3226 return "NO-EAP";
3227 }
3228
3229 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3230 if (eapol_method == NULL)
3231 return "UNKNOWN-EAP";
3232
3233 return eapol_method;
3234}
3235
3236
6fc6879b
JM		 3237/**
3238 * wpa_supplicant_get_iface - Get a new network interface
3239 * @global: Pointer to global data from wpa_supplicant_init()
3240 * @ifname: Interface name
3241 * Returns: Pointer to the interface or %NULL if not found
3242 */
3243struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3244 const char *ifname)
3245{
3246 struct wpa_supplicant *wpa_s;
3247
3248 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3249 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3250 return wpa_s;
3251 }
3252 return NULL;
3253}
3254
3255
50b16da1 3256#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 3257static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3258{
3259 struct wpa_supplicant *wpa_s = ctx;
3260 if (wpa_s == NULL)
3261 return NULL;
3262 return wpa_s->ifname;
3263}
50b16da1 3264#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 3265
3266
6fc6879b
JM		 3267/**
3268 * wpa_supplicant_init - Initialize %wpa_supplicant
3269 * @params: Parameters for %wpa_supplicant
3270 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3271 *
3272 * This function is used to initialize %wpa_supplicant. After successful
3273 * initialization, the returned data pointer can be used to add and remove
3274 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3275 */
3276struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3277{
3278 struct wpa_global *global;
ac305589 3279 int ret, i;
6fc6879b
JM		 3280
3281 if (params == NULL)
3282 return NULL;
3283
39e7d718
JM		 3284#ifdef CONFIG_DRIVER_NDIS
3285 {
3286 void driver_ndis_init_ops(void);
3287 driver_ndis_init_ops();
3288 }
3289#endif /* CONFIG_DRIVER_NDIS */
3290
50b16da1 3291#ifndef CONFIG_NO_WPA_MSG
4f1495ae 3292 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 3293#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 3294
6fc6879b 3295 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 3296 if (params->wpa_debug_syslog)
3297 wpa_debug_open_syslog();
4f68895e
JB		 3298 if (params->wpa_debug_tracing) {
3299 ret = wpa_debug_open_linux_tracing();
3300 if (ret) {
3301 wpa_printf(MSG_ERROR,
3302 "Failed to enable trace logging");
3303 return NULL;
3304 }
3305 }
6fc6879b 3306
12760815 3307 ret = eap_register_methods();
6fc6879b
JM		 3308 if (ret) {
3309 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3310 if (ret == -2)
3311 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3312 "the same EAP type.");
3313 return NULL;
3314 }
3315
3316 global = os_zalloc(sizeof(*global));
3317 if (global == NULL)
3318 return NULL;
b22128ef
JM		 3319 dl_list_init(&global->p2p_srv_bonjour);
3320 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 3321 global->params.daemonize = params->daemonize;
3322 global->params.wait_for_monitor = params->wait_for_monitor;
3323 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3324 if (params->pid_file)
3325 global->params.pid_file = os_strdup(params->pid_file);
3326 if (params->ctrl_interface)
3327 global->params.ctrl_interface =
3328 os_strdup(params->ctrl_interface);
29257565
JM		 3329 if (params->ctrl_interface_group)
3330 global->params.ctrl_interface_group =
3331 os_strdup(params->ctrl_interface_group);
d27df100
JM		 3332 if (params->override_driver)
3333 global->params.override_driver =
3334 os_strdup(params->override_driver);
3335 if (params->override_ctrl_interface)
3336 global->params.override_ctrl_interface =
3337 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 3338 wpa_debug_level = global->params.wpa_debug_level =
3339 params->wpa_debug_level;
3340 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3341 params->wpa_debug_show_keys;
3342 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3343 params->wpa_debug_timestamp;
3344
f19858f5
JM		 3345 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3346
0456ea16 3347 if (eloop_init()) {
6fc6879b
JM		 3348 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3349 wpa_supplicant_deinit(global);
3350 return NULL;
3351 }
3352
38e24575 3353 random_init(params->entropy_file);
d47fa330 3354
6fc6879b
JM		 3355 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3356 if (global->ctrl_iface == NULL) {
3357 wpa_supplicant_deinit(global);
3358 return NULL;
3359 }
3360
dc461de4
WS		 3361 if (wpas_notify_supplicant_initialized(global)) {
3362 wpa_supplicant_deinit(global);
3363 return NULL;
6fc6879b
JM		 3364 }
3365
c5121837 3366 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 3367 global->drv_count++;
3368 if (global->drv_count == 0) {
3369 wpa_printf(MSG_ERROR, "No drivers enabled");
3370 wpa_supplicant_deinit(global);
3371 return NULL;
3372 }
3373 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3374 if (global->drv_priv == NULL) {
3375 wpa_supplicant_deinit(global);
3376 return NULL;
3377 }
ac305589 3378
9675ce35
JM		 3379#ifdef CONFIG_WIFI_DISPLAY
3380 if (wifi_display_init(global) < 0) {
3381 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3382 wpa_supplicant_deinit(global);
3383 return NULL;
3384 }
3385#endif /* CONFIG_WIFI_DISPLAY */
3386
6fc6879b
JM		 3387 return global;
3388}
3389
3390
3391/**
3392 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3393 * @global: Pointer to global data from wpa_supplicant_init()
3394 * Returns: 0 after successful event loop run, -1 on failure
3395 *
3396 * This function starts the main event loop and continues running as long as
3397 * there are any remaining events. In most cases, this function is running as
3398 * long as the %wpa_supplicant process in still in use.
3399 */
3400int wpa_supplicant_run(struct wpa_global *global)
3401{
3402 struct wpa_supplicant *wpa_s;
3403
3404 if (global->params.daemonize &&
3405 wpa_supplicant_daemon(global->params.pid_file))
3406 return -1;
3407
3408 if (global->params.wait_for_monitor) {
3409 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3410 if (wpa_s->ctrl_iface)
3411 wpa_supplicant_ctrl_iface_wait(
3412 wpa_s->ctrl_iface);
3413 }
3414
0456ea16
JM		 3415 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3416 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 3417
3418 eloop_run();
3419
3420 return 0;
3421}
3422
3423
3424/**
3425 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3426 * @global: Pointer to global data from wpa_supplicant_init()
3427 *
3428 * This function is called to deinitialize %wpa_supplicant and to free all
3429 * allocated resources. Remaining network interfaces will also be removed.
3430 */
3431void wpa_supplicant_deinit(struct wpa_global *global)
3432{
ac305589
JM		 3433 int i;
3434
6fc6879b
JM		 3435 if (global == NULL)
3436 return;
3437
9675ce35
JM		 3438#ifdef CONFIG_WIFI_DISPLAY
3439 wifi_display_deinit(global);
3440#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 3441
6fc6879b 3442 while (global->ifaces)
df509539 3443 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 3444
3445 if (global->ctrl_iface)
3446 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 3447
3448 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 3449
3450 eap_peer_unregister_methods();
3ec97afe
JM		 3451#ifdef CONFIG_AP
3452 eap_server_unregister_methods();
3453#endif /* CONFIG_AP */
6fc6879b 3454
c5121837 3455 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 3456 if (!global->drv_priv[i])
3457 continue;
c5121837 3458 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 3459 }
3460 os_free(global->drv_priv);
3461
d47fa330
JM		 3462 random_deinit();
3463
6fc6879b
JM		 3464 eloop_destroy();
3465
3466 if (global->params.pid_file) {
3467 os_daemonize_terminate(global->params.pid_file);
3468 os_free(global->params.pid_file);
3469 }
3470 os_free(global->params.ctrl_interface);
29257565 3471 os_free(global->params.ctrl_interface_group);
d27df100
JM		 3472 os_free(global->params.override_driver);
3473 os_free(global->params.override_ctrl_interface);
6fc6879b 3474
6f3bc72b
JM		 3475 os_free(global->p2p_disallow_freq);
3476
6fc6879b 3477 os_free(global);
daa70d49 3478 wpa_debug_close_syslog();
6fc6879b 3479 wpa_debug_close_file();
4f68895e 3480 wpa_debug_close_linux_tracing();
6fc6879b 3481}
611aea7d
JM		 3482
3483
3484void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3485{
849b5dc7
JM		 3486 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3487 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3488 char country[3];
3489 country[0] = wpa_s->conf->country[0];
3490 country[1] = wpa_s->conf->country[1];
3491 country[2] = '\0';
3492 if (wpa_drv_set_country(wpa_s, country) < 0) {
3493 wpa_printf(MSG_ERROR, "Failed to set country code "
3494 "'%s'", country);
3495 }
3496 }
3497
306ae225
JM		 3498 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3499 wpas_init_ext_pw(wpa_s);
3500
611aea7d
JM		 3501#ifdef CONFIG_WPS
3502 wpas_wps_update_config(wpa_s);
3503#endif /* CONFIG_WPS */
3504
b22128ef
JM		 3505#ifdef CONFIG_P2P
3506 wpas_p2p_update_config(wpa_s);
3507#endif /* CONFIG_P2P */
3508
611aea7d
JM		 3509 wpa_s->conf->changed_parameters = 0;
3510}
2f9c6aa6
JM		 3511
3512
0fb337c1
JM		 3513static void add_freq(int *freqs, int *num_freqs, int freq)
3514{
3515 int i;
3516
3517 for (i = 0; i < *num_freqs; i++) {
3518 if (freqs[i] == freq)
3519 return;
3520 }
3521
3522 freqs[*num_freqs] = freq;
3523 (*num_freqs)++;
3524}
3525
3526
3527static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3528{
3529 struct wpa_bss *bss, *cbss;
3530 const int max_freqs = 10;
3531 int *freqs;
3532 int num_freqs = 0;
3533
3534 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3535 if (freqs == NULL)
3536 return NULL;
3537
3538 cbss = wpa_s->current_bss;
3539
3540 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3541 if (bss == cbss)
3542 continue;
3543 if (bss->ssid_len == cbss->ssid_len &&
3544 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3545 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3546 add_freq(freqs, &num_freqs, bss->freq);
3547 if (num_freqs == max_freqs)
3548 break;
3549 }
3550 }
3551
3552 if (num_freqs == 0) {
3553 os_free(freqs);
3554 freqs = NULL;
3555 }
3556
3557 return freqs;
3558}
3559
3560
3561void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3562{
3563 int timeout;
3564 int count;
3565 int *freqs = NULL;
3566
5fd9fb27
JM		 3567 /*
3568 * Remove possible authentication timeout since the connection failed.
3569 */
3570 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3571
0cdb93fe
JM		 3572 if (wpa_s->disconnected) {
3573 /*
3574 * There is no point in blacklisting the AP if this event is
3575 * generated based on local request to disconnect.
3576 */
3577 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
3578 "indication since interface has been put into "
3579 "disconnected state");
3580 return;
3581 }
3582
0fb337c1
JM		 3583 /*
3584 * Add the failed BSSID into the blacklist and speed up next scan
3585 * attempt if there could be other APs that could accept association.
3586 * The current blacklist count indicates how many times we have tried
3587 * connecting to this AP and multiple attempts mean that other APs are
3588 * either not available or has already been tried, so that we can start
3589 * increasing the delay here to avoid constant scanning.
3590 */
3591 count = wpa_blacklist_add(wpa_s, bssid);
3592 if (count == 1 && wpa_s->current_bss) {
3593 /*
3594 * This BSS was not in the blacklist before. If there is
3595 * another BSS available for the same ESS, we should try that
3596 * next. Otherwise, we may as well try this one once more
3597 * before allowing other, likely worse, ESSes to be considered.
3598 */
3599 freqs = get_bss_freqs_in_ess(wpa_s);
3600 if (freqs) {
f049052b
BG		 3601 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3602 "has been seen; try it next");
0fb337c1
JM		 3603 wpa_blacklist_add(wpa_s, bssid);
3604 /*
3605 * On the next scan, go through only the known channels
3606 * used in this ESS based on previous scans to speed up
3607 * common load balancing use case.
3608 */
3609 os_free(wpa_s->next_scan_freqs);
3610 wpa_s->next_scan_freqs = freqs;
3611 }
3612 }
3613
f1a52633
JM		 3614 /*
3615 * Add previous failure count in case the temporary blacklist was
3616 * cleared due to no other BSSes being available.
3617 */
3618 count += wpa_s->extra_blacklist_count;
3619
dd579704
JM		 3620 if (count > 3 && wpa_s->current_ssid) {
3621 wpa_printf(MSG_DEBUG, "Continuous association failures - "
3622 "consider temporary network disabling");
3623 wpas_auth_failed(wpa_s);
3624 }
3625
0fb337c1
JM		 3626 switch (count) {
3627 case 1:
3628 timeout = 100;
3629 break;
3630 case 2:
3631 timeout = 500;
3632 break;
3633 case 3:
3634 timeout = 1000;
3635 break;
f1a52633 3636 case 4:
0fb337c1 3637 timeout = 5000;
f1a52633
JM		 3638 break;
3639 default:
3640 timeout = 10000;
3641 break;
0fb337c1
JM		 3642 }
3643
f1a52633
JM		 3644 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
3645 "ms", count, timeout);
3646
0fb337c1
JM		 3647 /*
3648 * TODO: if more than one possible AP is available in scan results,
3649 * could try the other ones before requesting a new scan.
3650 */
3651 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3652 1000 * (timeout % 1000));
99fcd404 3653
f85f545e 3654 wpas_p2p_continue_after_scan(wpa_s);
0fb337c1 3655}
22628eca
JM		 3656
3657
3658int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3659{
3660 return wpa_s->conf->ap_scan == 2 ||
3661 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3662}
d2118814
JM		 3663
3664
3665#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3666int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3667 struct wpa_ssid *ssid,
3668 const char *field,
3669 const char *value)
3670{
3671#ifdef IEEE8021X_EAPOL
3672 struct eap_peer_config *eap = &ssid->eap;
3673
3674 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3675 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3676 (const u8 *) value, os_strlen(value));
3677
3678 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3679 case WPA_CTRL_REQ_EAP_IDENTITY:
3680 os_free(eap->identity);
3681 eap->identity = (u8 *) os_strdup(value);
3682 eap->identity_len = os_strlen(value);
3683 eap->pending_req_identity = 0;
3684 if (ssid == wpa_s->current_ssid)
3685 wpa_s->reassociate = 1;
3686 break;
3687 case WPA_CTRL_REQ_EAP_PASSWORD:
3688 os_free(eap->password);
3689 eap->password = (u8 *) os_strdup(value);
3690 eap->password_len = os_strlen(value);
3691 eap->pending_req_password = 0;
3692 if (ssid == wpa_s->current_ssid)
3693 wpa_s->reassociate = 1;
3694 break;
3695 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3696 os_free(eap->new_password);
3697 eap->new_password = (u8 *) os_strdup(value);
3698 eap->new_password_len = os_strlen(value);
3699 eap->pending_req_new_password = 0;
3700 if (ssid == wpa_s->current_ssid)
3701 wpa_s->reassociate = 1;
3702 break;
3703 case WPA_CTRL_REQ_EAP_PIN:
3704 os_free(eap->pin);
3705 eap->pin = os_strdup(value);
3706 eap->pending_req_pin = 0;
3707 if (ssid == wpa_s->current_ssid)
3708 wpa_s->reassociate = 1;
3709 break;
3710 case WPA_CTRL_REQ_EAP_OTP:
3711 os_free(eap->otp);
3712 eap->otp = (u8 *) os_strdup(value);
3713 eap->otp_len = os_strlen(value);
3714 os_free(eap->pending_req_otp);
3715 eap->pending_req_otp = NULL;
3716 eap->pending_req_otp_len = 0;
3717 break;
3718 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3719 os_free(eap->private_key_passwd);
3720 eap->private_key_passwd = (u8 *) os_strdup(value);
3721 eap->pending_req_passphrase = 0;
3722 if (ssid == wpa_s->current_ssid)
3723 wpa_s->reassociate = 1;
3724 break;
3725 default:
3726 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3727 return -1;
3728 }
3729
3730 return 0;
3731#else /* IEEE8021X_EAPOL */
3732 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3733 return -1;
3734#endif /* IEEE8021X_EAPOL */
3735}
3736#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 3737
3738
3739int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3740{
3741 int i;
3742 unsigned int drv_enc;
3743
3744 if (ssid == NULL)
3745 return 1;
3746
3747 if (ssid->disabled)
3748 return 1;
3749
3750 if (wpa_s && wpa_s->drv_capa_known)
3751 drv_enc = wpa_s->drv_enc;
3752 else
3753 drv_enc = (unsigned int) -1;
3754
3755 for (i = 0; i < NUM_WEP_KEYS; i++) {
3756 size_t len = ssid->wep_key_len[i];
3757 if (len == 0)
3758 continue;
3759 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3760 continue;
3761 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3762 continue;
3763 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3764 continue;
3765 return 1; /* invalid WEP key */
3766 }
3767
9173b16f
JM		 3768 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3769 !ssid->ext_psk)
2518aad3
JM		 3770 return 1;
3771
349493bd
JM		 3772 return 0;
3773}
b9cfc09a
JJ		 3774
3775
3776int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3777{
3778 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3779 return 1;
3780 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3781 return 0;
3782 return -1;
3783}
00e5e3d5
JM		 3784
3785
3786void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3787{
3788 struct wpa_ssid *ssid = wpa_s->current_ssid;
3789 int dur;
3790 struct os_time now;
3791
3792 if (ssid == NULL) {
3793 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3794 "SSID block");
3795 return;
3796 }
3797
3798 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3799 return;
3800
3801 ssid->auth_failures++;
3802 if (ssid->auth_failures > 50)
3803 dur = 300;
3804 else if (ssid->auth_failures > 20)
3805 dur = 120;
3806 else if (ssid->auth_failures > 10)
3807 dur = 60;
3808 else if (ssid->auth_failures > 5)
3809 dur = 30;
3810 else if (ssid->auth_failures > 1)
3811 dur = 20;
3812 else
3813 dur = 10;
3814
3815 os_get_time(&now);
3816 if (now.sec + dur <= ssid->disabled_until.sec)
3817 return;
3818
3819 ssid->disabled_until.sec = now.sec + dur;
3820
3821 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3822 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3823 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3824 ssid->auth_failures, dur);
3825}
3826
3827
3828void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3829 struct wpa_ssid *ssid, int clear_failures)
3830{
3831 if (ssid == NULL)
3832 return;
3833
3834 if (ssid->disabled_until.sec) {
3835 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3836 "id=%d ssid=\"%s\"",
3837 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3838 }
3839 ssid->disabled_until.sec = 0;
3840 ssid->disabled_until.usec = 0;
3841 if (clear_failures)
3842 ssid->auth_failures = 0;
3843}
6407f413
JM		 3844
3845
3846int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
3847{
3848 size_t i;
3849
3850 if (wpa_s->disallow_aps_bssid == NULL)
3851 return 0;
3852
3853 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
3854 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
3855 bssid, ETH_ALEN) == 0)
3856 return 1;
3857 }
3858
3859 return 0;
3860}
3861
3862
3863int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
3864 size_t ssid_len)
3865{
3866 size_t i;
3867
3868 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
3869 return 0;
3870
3871 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
3872 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
3873 if (ssid_len == s->ssid_len &&
3874 os_memcmp(ssid, s->ssid, ssid_len) == 0)
3875 return 1;
3876 }
3877
3878 return 0;
3879}
9796a86c
JM		 3880
3881
3882/**
3883 * wpas_request_connection - Request a new connection
3884 * @wpa_s: Pointer to the network interface
3885 *
3886 * This function is used to request a new connection to be found. It will mark
3887 * the interface to allow reassociation and request a new scan to find a
3888 * suitable network to connect to.
3889 */
3890void wpas_request_connection(struct wpa_supplicant *wpa_s)
3891{
3892 wpa_s->normal_scans = 0;
3893 wpa_supplicant_reinit_autoscan(wpa_s);
3894 wpa_s->extra_blacklist_count = 0;
3895 wpa_s->disconnected = 0;
3896 wpa_s->reassociate = 1;
5e24beae
MH		 3897
3898 if (wpa_supplicant_fast_associate(wpa_s) != 1)
3899 wpa_supplicant_req_scan(wpa_s, 0, 0);
9796a86c 3900}
36b9883d
DG		 3901
3902
3903/**
3904 * wpas_wpa_is_in_progress - Check whether a connection is in progress
3905 * @wpa_s: Pointer to wpa_supplicant data
3906 *
3907 * This function is to check if the wpa state is in beginning of the connection
3908 * during 4-way handshake or group key handshake with WPA on any shared
3909 * interface.
3910 */
3911int wpas_wpa_is_in_progress(struct wpa_supplicant *wpa_s)
3912{
3913 const char *rn, *rn2;
3914 struct wpa_supplicant *ifs;
3915
3916 if (!wpa_s->driver->get_radio_name)
3917 return 0;
3918
3919 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3920 if (rn == NULL || rn[0] == '\0')
3921 return 0;
3922
3923 for (ifs = wpa_s->global->ifaces; ifs; ifs = ifs->next) {
3924 if (ifs == wpa_s || !ifs->driver->get_radio_name)
3925 continue;
3926
3927 rn2 = ifs->driver->get_radio_name(ifs->drv_priv);
3928 if (!rn2 || os_strcmp(rn, rn2) != 0)
3929 continue;
3930 if (ifs->wpa_state >= WPA_AUTHENTICATING &&
3931 ifs->wpa_state != WPA_COMPLETED) {
3932 wpa_dbg(wpa_s, MSG_DEBUG, "Connection is in progress "
3933 "on interface %s - defer scan", ifs->ifname);
3934 return 1;
3935 }
3936 }
3937
3938 return 0;
3939}
Unnamed repository; edit this file 'description' to name the repository.