3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 const char *const wpa_supplicant_version
=
66 "wpa_supplicant v" VERSION_STR
"\n"
67 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
69 const char *const wpa_supplicant_license
=
70 "This software may be distributed under the terms of the BSD license.\n"
71 "See README for more details.\n"
72 #ifdef EAP_TLS_OPENSSL
73 "\nThis product includes software developed by the OpenSSL Project\n"
74 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
75 #endif /* EAP_TLS_OPENSSL */
78 #ifndef CONFIG_NO_STDOUT_DEBUG
79 /* Long text divided into parts in order to fit in C89 strings size limits. */
80 const char *const wpa_supplicant_full_license1
=
82 const char *const wpa_supplicant_full_license2
=
83 "This software may be distributed under the terms of the BSD license.\n"
85 "Redistribution and use in source and binary forms, with or without\n"
86 "modification, are permitted provided that the following conditions are\n"
89 const char *const wpa_supplicant_full_license3
=
90 "1. Redistributions of source code must retain the above copyright\n"
91 " notice, this list of conditions and the following disclaimer.\n"
93 "2. Redistributions in binary form must reproduce the above copyright\n"
94 " notice, this list of conditions and the following disclaimer in the\n"
95 " documentation and/or other materials provided with the distribution.\n"
97 const char *const wpa_supplicant_full_license4
=
98 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
99 " names of its contributors may be used to endorse or promote products\n"
100 " derived from this software without specific prior written permission.\n"
102 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
103 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
104 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
105 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
106 const char *const wpa_supplicant_full_license5
=
107 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
108 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
109 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
110 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
111 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
112 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
113 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
115 #endif /* CONFIG_NO_STDOUT_DEBUG */
117 /* Configure default/group WEP keys for static WEP */
118 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
122 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
123 if (ssid
->wep_key_len
[i
] == 0)
127 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
128 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
129 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
136 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
137 struct wpa_ssid
*ssid
)
145 /* IBSS/WPA-None uses only one key (Group) for both receiving and
146 * sending unicast and multicast packets. */
148 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
149 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
150 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
154 if (!ssid
->psk_set
) {
155 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
160 switch (wpa_s
->group_cipher
) {
161 case WPA_CIPHER_CCMP
:
162 os_memcpy(key
, ssid
->psk
, 16);
166 case WPA_CIPHER_GCMP
:
167 os_memcpy(key
, ssid
->psk
, 16);
171 case WPA_CIPHER_TKIP
:
172 /* WPA-None uses the same Michael MIC key for both TX and RX */
173 os_memcpy(key
, ssid
->psk
, 16 + 8);
174 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
179 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
180 "WPA-None", wpa_s
->group_cipher
);
184 /* TODO: should actually remember the previously used seq#, both for TX
185 * and RX from each STA.. */
187 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
188 os_memset(key
, 0, sizeof(key
));
193 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
195 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
196 const u8
*bssid
= wpa_s
->bssid
;
197 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
198 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
199 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
200 bssid
= wpa_s
->pending_bssid
;
201 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
203 wpa_blacklist_add(wpa_s
, bssid
);
204 wpa_sm_notify_disassoc(wpa_s
->wpa
);
205 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
206 wpa_s
->reassociate
= 1;
209 * If we timed out, the AP or the local radio may be busy.
210 * So, wait a second until scanning again.
212 wpa_supplicant_req_scan(wpa_s
, 1, 0);
217 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
218 * @wpa_s: Pointer to wpa_supplicant data
219 * @sec: Number of seconds after which to time out authentication
220 * @usec: Number of microseconds after which to time out authentication
222 * This function is used to schedule a timeout for the current authentication
225 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
228 if (wpa_s
->conf
->ap_scan
== 0 &&
229 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
232 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
233 "%d usec", sec
, usec
);
234 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
235 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
240 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
241 * @wpa_s: Pointer to wpa_supplicant data
243 * This function is used to cancel authentication timeout scheduled with
244 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
247 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
249 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
250 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
251 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
256 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
257 * @wpa_s: Pointer to wpa_supplicant data
259 * This function is used to configure EAPOL state machine based on the selected
260 * authentication mode.
262 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
264 #ifdef IEEE8021X_EAPOL
265 struct eapol_config eapol_conf
;
266 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
268 #ifdef CONFIG_IBSS_RSN
269 if (ssid
->mode
== WPAS_MODE_IBSS
&&
270 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
271 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
273 * RSN IBSS authentication is per-STA and we can disable the
274 * per-BSSID EAPOL authentication.
276 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
277 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
278 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
281 #endif /* CONFIG_IBSS_RSN */
283 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
284 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
286 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
287 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
288 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
290 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
292 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
293 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
294 eapol_conf
.accept_802_1x_keys
= 1;
295 eapol_conf
.required_keys
= 0;
296 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
297 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
299 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
300 eapol_conf
.required_keys
|=
301 EAPOL_REQUIRE_KEY_BROADCAST
;
304 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
305 eapol_conf
.required_keys
= 0;
307 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
308 eapol_conf
.workaround
= ssid
->eap_workaround
;
309 eapol_conf
.eap_disabled
=
310 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
311 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
312 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
313 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
316 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
317 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
318 if (wpa_s
->current_bss
) {
320 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
325 EAPOL_PEER_IS_WPS20_AP
;
330 #endif /* CONFIG_WPS */
332 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
335 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
336 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
338 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
339 #endif /* CONFIG_MACSEC */
340 #endif /* IEEE8021X_EAPOL */
345 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
346 * @wpa_s: Pointer to wpa_supplicant data
347 * @ssid: Configuration data for the network
349 * This function is used to configure WPA state machine and related parameters
350 * to a mode where WPA is not enabled. This is called as part of the
351 * authentication configuration when the selected network does not use WPA.
353 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
354 struct wpa_ssid
*ssid
)
358 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
359 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
360 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
361 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
363 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
364 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
365 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
366 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
367 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
368 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
369 wpa_s
->mgmt_group_cipher
= 0;
371 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
372 if (ssid
->wep_key_len
[i
] > 5) {
373 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
374 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
376 } else if (ssid
->wep_key_len
[i
] > 0) {
377 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
378 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
383 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
384 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
385 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
386 wpa_s
->pairwise_cipher
);
387 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
388 #ifdef CONFIG_IEEE80211W
389 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
390 wpa_s
->mgmt_group_cipher
);
391 #endif /* CONFIG_IEEE80211W */
393 pmksa_cache_clear_current(wpa_s
->wpa
);
397 void free_hw_features(struct wpa_supplicant
*wpa_s
)
400 if (wpa_s
->hw
.modes
== NULL
)
403 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
404 os_free(wpa_s
->hw
.modes
[i
].channels
);
405 os_free(wpa_s
->hw
.modes
[i
].rates
);
408 os_free(wpa_s
->hw
.modes
);
409 wpa_s
->hw
.modes
= NULL
;
413 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
415 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
417 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
418 struct wpa_bss_tmp_disallowed
, list
) {
419 dl_list_del(&bss
->list
);
425 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
427 struct fils_hlp_req
*req
;
429 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
431 dl_list_del(&req
->list
);
432 wpabuf_free(req
->pkt
);
438 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
442 bgscan_deinit(wpa_s
);
443 autoscan_deinit(wpa_s
);
444 scard_deinit(wpa_s
->scard
);
446 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
447 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
448 l2_packet_deinit(wpa_s
->l2
);
451 l2_packet_deinit(wpa_s
->l2_br
);
454 #ifdef CONFIG_TESTING_OPTIONS
455 l2_packet_deinit(wpa_s
->l2_test
);
456 wpa_s
->l2_test
= NULL
;
457 os_free(wpa_s
->get_pref_freq_list_override
);
458 wpa_s
->get_pref_freq_list_override
= NULL
;
459 #endif /* CONFIG_TESTING_OPTIONS */
461 if (wpa_s
->conf
!= NULL
) {
462 struct wpa_ssid
*ssid
;
463 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
464 wpas_notify_network_removed(wpa_s
, ssid
);
467 os_free(wpa_s
->confname
);
468 wpa_s
->confname
= NULL
;
470 os_free(wpa_s
->confanother
);
471 wpa_s
->confanother
= NULL
;
473 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
474 eapol_sm_deinit(wpa_s
->eapol
);
477 rsn_preauth_deinit(wpa_s
->wpa
);
480 wpa_tdls_deinit(wpa_s
->wpa
);
481 #endif /* CONFIG_TDLS */
483 wmm_ac_clear_saved_tspecs(wpa_s
);
484 pmksa_candidate_free(wpa_s
->wpa
);
485 wpa_sm_deinit(wpa_s
->wpa
);
487 wpa_blacklist_clear(wpa_s
);
489 wpa_bss_deinit(wpa_s
);
491 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
492 wpa_supplicant_cancel_scan(wpa_s
);
493 wpa_supplicant_cancel_auth_timeout(wpa_s
);
494 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
495 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
496 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
498 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
500 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
502 wpas_wps_deinit(wpa_s
);
504 wpabuf_free(wpa_s
->pending_eapol_rx
);
505 wpa_s
->pending_eapol_rx
= NULL
;
507 #ifdef CONFIG_IBSS_RSN
508 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
509 wpa_s
->ibss_rsn
= NULL
;
510 #endif /* CONFIG_IBSS_RSN */
515 wpa_supplicant_ap_deinit(wpa_s
);
516 #endif /* CONFIG_AP */
518 wpas_p2p_deinit(wpa_s
);
520 #ifdef CONFIG_OFFCHANNEL
521 offchannel_deinit(wpa_s
);
522 #endif /* CONFIG_OFFCHANNEL */
524 wpa_supplicant_cancel_sched_scan(wpa_s
);
526 os_free(wpa_s
->next_scan_freqs
);
527 wpa_s
->next_scan_freqs
= NULL
;
529 os_free(wpa_s
->manual_scan_freqs
);
530 wpa_s
->manual_scan_freqs
= NULL
;
531 os_free(wpa_s
->select_network_scan_freqs
);
532 wpa_s
->select_network_scan_freqs
= NULL
;
534 os_free(wpa_s
->manual_sched_scan_freqs
);
535 wpa_s
->manual_sched_scan_freqs
= NULL
;
537 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
540 * Need to remove any pending gas-query radio work before the
541 * gas_query_deinit() call because gas_query::work has not yet been set
542 * for works that have not been started. gas_query_free() will be unable
543 * to cancel such pending radio works and once the pending gas-query
544 * radio work eventually gets removed, the deinit notification call to
545 * gas_query_start_cb() would result in dereferencing freed memory.
548 radio_remove_works(wpa_s
, "gas-query", 0);
549 gas_query_deinit(wpa_s
->gas
);
551 gas_server_deinit(wpa_s
->gas_server
);
552 wpa_s
->gas_server
= NULL
;
554 free_hw_features(wpa_s
);
556 ieee802_1x_dealloc_kay_sm(wpa_s
);
558 os_free(wpa_s
->bssid_filter
);
559 wpa_s
->bssid_filter
= NULL
;
561 os_free(wpa_s
->disallow_aps_bssid
);
562 wpa_s
->disallow_aps_bssid
= NULL
;
563 os_free(wpa_s
->disallow_aps_ssid
);
564 wpa_s
->disallow_aps_ssid
= NULL
;
566 wnm_bss_keep_alive_deinit(wpa_s
);
568 wnm_deallocate_memory(wpa_s
);
569 #endif /* CONFIG_WNM */
571 ext_password_deinit(wpa_s
->ext_pw
);
572 wpa_s
->ext_pw
= NULL
;
574 wpabuf_free(wpa_s
->last_gas_resp
);
575 wpa_s
->last_gas_resp
= NULL
;
576 wpabuf_free(wpa_s
->prev_gas_resp
);
577 wpa_s
->prev_gas_resp
= NULL
;
579 os_free(wpa_s
->last_scan_res
);
580 wpa_s
->last_scan_res
= NULL
;
584 wpa_drv_configure_frame_filters(wpa_s
, 0);
586 #endif /* CONFIG_HS20 */
588 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
589 wpabuf_free(wpa_s
->vendor_elem
[i
]);
590 wpa_s
->vendor_elem
[i
] = NULL
;
593 wmm_ac_notify_disassoc(wpa_s
);
595 wpa_s
->sched_scan_plans_num
= 0;
596 os_free(wpa_s
->sched_scan_plans
);
597 wpa_s
->sched_scan_plans
= NULL
;
600 wpa_s
->non_pref_chan_num
= 0;
601 os_free(wpa_s
->non_pref_chan
);
602 wpa_s
->non_pref_chan
= NULL
;
603 #endif /* CONFIG_MBO */
605 free_bss_tmp_disallowed(wpa_s
);
607 wpabuf_free(wpa_s
->lci
);
609 wpas_clear_beacon_rep_data(wpa_s
);
611 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
614 struct external_pmksa_cache
*entry
;
616 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
617 struct external_pmksa_cache
,
619 dl_list_del(&entry
->list
);
620 os_free(entry
->pmksa_cache
);
624 #endif /* CONFIG_MESH */
625 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
627 wpas_flush_fils_hlp_req(wpa_s
);
629 wpabuf_free(wpa_s
->ric_ies
);
630 wpa_s
->ric_ies
= NULL
;
633 wpas_dpp_deinit(wpa_s
);
634 #endif /* CONFIG_DPP */
639 * wpa_clear_keys - Clear keys configured for the driver
640 * @wpa_s: Pointer to wpa_supplicant data
641 * @addr: Previously used BSSID or %NULL if not available
643 * This function clears the encryption keys that has been previously configured
646 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
650 #ifdef CONFIG_IEEE80211W
652 #else /* CONFIG_IEEE80211W */
654 #endif /* CONFIG_IEEE80211W */
656 /* MLME-DELETEKEYS.request */
657 for (i
= 0; i
< max
; i
++) {
658 if (wpa_s
->keys_cleared
& BIT(i
))
660 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
663 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
664 !is_zero_ether_addr(addr
)) {
665 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
667 /* MLME-SETPROTECTION.request(None) */
668 wpa_drv_mlme_setprotection(
670 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
671 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
673 wpa_s
->keys_cleared
= (u32
) -1;
678 * wpa_supplicant_state_txt - Get the connection state name as a text string
679 * @state: State (wpa_state; WPA_*)
680 * Returns: The state name as a printable text string
682 const char * wpa_supplicant_state_txt(enum wpa_states state
)
685 case WPA_DISCONNECTED
:
686 return "DISCONNECTED";
689 case WPA_INTERFACE_DISABLED
:
690 return "INTERFACE_DISABLED";
693 case WPA_AUTHENTICATING
:
694 return "AUTHENTICATING";
695 case WPA_ASSOCIATING
:
696 return "ASSOCIATING";
699 case WPA_4WAY_HANDSHAKE
:
700 return "4WAY_HANDSHAKE";
701 case WPA_GROUP_HANDSHAKE
:
702 return "GROUP_HANDSHAKE";
713 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
717 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
718 name
= wpa_s
->current_ssid
->bgscan
;
720 name
= wpa_s
->conf
->bgscan
;
721 if (name
== NULL
|| name
[0] == '\0')
723 if (wpas_driver_bss_selection(wpa_s
))
725 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
728 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
730 #endif /* CONFIG_P2P */
732 bgscan_deinit(wpa_s
);
733 if (wpa_s
->current_ssid
) {
734 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
735 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
738 * Live without bgscan; it is only used as a roaming
739 * optimization, so the initial connection is not
743 struct wpa_scan_results
*scan_res
;
744 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
745 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
748 bgscan_notify_scan(wpa_s
, scan_res
);
749 wpa_scan_results_free(scan_res
);
753 wpa_s
->bgscan_ssid
= NULL
;
757 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
759 if (wpa_s
->bgscan_ssid
!= NULL
) {
760 bgscan_deinit(wpa_s
);
761 wpa_s
->bgscan_ssid
= NULL
;
765 #endif /* CONFIG_BGSCAN */
768 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
770 if (autoscan_init(wpa_s
, 0))
771 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
775 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
777 autoscan_deinit(wpa_s
);
781 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
783 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
784 wpa_s
->wpa_state
== WPA_SCANNING
) {
785 autoscan_deinit(wpa_s
);
786 wpa_supplicant_start_autoscan(wpa_s
);
792 * wpa_supplicant_set_state - Set current connection state
793 * @wpa_s: Pointer to wpa_supplicant data
794 * @state: The new connection state
796 * This function is called whenever the connection state changes, e.g.,
797 * association is completed for WPA/WPA2 4-Way Handshake is started.
799 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
800 enum wpa_states state
)
802 enum wpa_states old_state
= wpa_s
->wpa_state
;
804 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
805 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
806 wpa_supplicant_state_txt(state
));
808 if (state
== WPA_INTERFACE_DISABLED
) {
809 /* Assure normal scan when interface is restored */
810 wpa_s
->normal_scans
= 0;
813 if (state
== WPA_COMPLETED
) {
814 wpas_connect_work_done(wpa_s
);
815 /* Reinitialize normal_scan counter */
816 wpa_s
->normal_scans
= 0;
821 * P2PS client has to reply to Probe Request frames received on the
822 * group operating channel. Enable Probe Request frame reporting for
823 * P2P connected client in case p2p_cli_probe configuration property is
826 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
827 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
828 wpa_s
->current_ssid
->p2p_group
) {
829 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
830 wpa_dbg(wpa_s
, MSG_DEBUG
,
831 "P2P: Enable CLI Probe Request RX reporting");
832 wpa_s
->p2p_cli_probe
=
833 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
834 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
835 wpa_dbg(wpa_s
, MSG_DEBUG
,
836 "P2P: Disable CLI Probe Request RX reporting");
837 wpa_s
->p2p_cli_probe
= 0;
838 wpa_drv_probe_req_report(wpa_s
, 0);
841 #endif /* CONFIG_P2P */
843 if (state
!= WPA_SCANNING
)
844 wpa_supplicant_notify_scanning(wpa_s
, 0);
846 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
847 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
848 int fils_hlp_sent
= 0;
851 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
852 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
854 #endif /* CONFIG_SME */
855 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
856 wpa_auth_alg_fils(wpa_s
->auth_alg
))
859 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
860 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
861 MACSTR
" completed [id=%d id_str=%s%s]",
862 MAC2STR(wpa_s
->bssid
),
863 ssid
? ssid
->id
: -1,
864 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
865 fils_hlp_sent
? " FILS_HLP_SENT" : "");
866 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
867 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
868 wpa_blacklist_clear(wpa_s
);
869 wpa_s
->extra_blacklist_count
= 0;
870 wpa_s
->new_connection
= 0;
871 wpa_drv_set_operstate(wpa_s
, 1);
872 #ifndef IEEE8021X_EAPOL
873 wpa_drv_set_supp_port(wpa_s
, 1);
874 #endif /* IEEE8021X_EAPOL */
875 wpa_s
->after_wps
= 0;
876 wpa_s
->known_wps_freq
= 0;
877 wpas_p2p_completed(wpa_s
);
879 sme_sched_obss_scan(wpa_s
, 1);
880 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
881 state
== WPA_ASSOCIATED
) {
882 wpa_s
->new_connection
= 1;
883 wpa_drv_set_operstate(wpa_s
, 0);
884 #ifndef IEEE8021X_EAPOL
885 wpa_drv_set_supp_port(wpa_s
, 0);
886 #endif /* IEEE8021X_EAPOL */
887 sme_sched_obss_scan(wpa_s
, 0);
889 wpa_s
->wpa_state
= state
;
892 if (state
== WPA_COMPLETED
)
893 wpa_supplicant_start_bgscan(wpa_s
);
894 else if (state
< WPA_ASSOCIATED
)
895 wpa_supplicant_stop_bgscan(wpa_s
);
896 #endif /* CONFIG_BGSCAN */
898 if (state
== WPA_AUTHENTICATING
)
899 wpa_supplicant_stop_autoscan(wpa_s
);
901 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
902 wpa_supplicant_start_autoscan(wpa_s
);
904 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
905 wmm_ac_notify_disassoc(wpa_s
);
907 if (wpa_s
->wpa_state
!= old_state
) {
908 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
911 * Notify the P2P Device interface about a state change in one
914 wpas_p2p_indicate_state_change(wpa_s
);
916 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
917 old_state
== WPA_COMPLETED
)
918 wpas_notify_auth_changed(wpa_s
);
923 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
927 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
929 struct wpa_supplicant
*next
= wpa_s
->next
;
930 if (wpas_wps_terminate_pending(wpa_s
) == 1)
933 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
934 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
935 wpas_p2p_disconnect(wpa_s
);
936 #endif /* CONFIG_P2P */
939 #endif /* CONFIG_WPS */
946 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
948 struct wpa_global
*global
= signal_ctx
;
949 wpa_supplicant_terminate_proc(global
);
953 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
955 enum wpa_states old_state
= wpa_s
->wpa_state
;
957 wpa_s
->pairwise_cipher
= 0;
958 wpa_s
->group_cipher
= 0;
959 wpa_s
->mgmt_group_cipher
= 0;
961 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
962 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
964 if (wpa_s
->wpa_state
!= old_state
)
965 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
970 * wpa_supplicant_reload_configuration - Reload configuration data
971 * @wpa_s: Pointer to wpa_supplicant data
972 * Returns: 0 on success or -1 if configuration parsing failed
974 * This function can be used to request that the configuration data is reloaded
975 * (e.g., after configuration file change). This function is reloading
976 * configuration only for one interface, so this may need to be called multiple
977 * times if %wpa_supplicant is controlling multiple interfaces and all
978 * interfaces need reconfiguration.
980 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
982 struct wpa_config
*conf
;
986 if (wpa_s
->confname
== NULL
)
988 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
990 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
991 "file '%s' - exiting", wpa_s
->confname
);
994 wpa_config_read(wpa_s
->confanother
, conf
);
996 conf
->changed_parameters
= (unsigned int) -1;
998 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
999 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1000 os_strcmp(conf
->ctrl_interface
,
1001 wpa_s
->conf
->ctrl_interface
) != 0);
1003 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1004 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1005 wpa_s
->ctrl_iface
= NULL
;
1008 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1009 if (wpa_s
->current_ssid
) {
1010 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1011 wpa_s
->own_disconnect_req
= 1;
1012 wpa_supplicant_deauthenticate(wpa_s
,
1013 WLAN_REASON_DEAUTH_LEAVING
);
1017 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1018 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1020 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1021 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1023 * Clear forced success to clear EAP state for next
1026 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1028 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1029 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1030 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1031 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1032 rsn_preauth_deinit(wpa_s
->wpa
);
1034 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1035 wpa_config_free(wpa_s
->conf
);
1037 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1038 wpas_notify_ap_scan_changed(wpa_s
);
1041 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1043 wpa_supplicant_update_config(wpa_s
);
1045 wpa_supplicant_clear_status(wpa_s
);
1046 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1047 wpa_s
->reassociate
= 1;
1048 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1050 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1055 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1057 struct wpa_global
*global
= signal_ctx
;
1058 struct wpa_supplicant
*wpa_s
;
1059 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1060 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1062 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1063 wpa_supplicant_terminate_proc(global
);
1067 if (wpa_debug_reopen_file() < 0) {
1068 /* Ignore errors since we cannot really do much to fix this */
1069 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1074 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1075 struct wpa_ssid
*ssid
,
1076 struct wpa_ie_data
*ie
)
1078 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1081 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1082 "from association info");
1087 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1089 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1090 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1091 "cipher 0x%x (mask 0x%x) - reject",
1092 ie
->group_cipher
, ssid
->group_cipher
);
1095 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1096 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1097 "cipher 0x%x (mask 0x%x) - reject",
1098 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1101 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1102 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1103 "management 0x%x (mask 0x%x) - reject",
1104 ie
->key_mgmt
, ssid
->key_mgmt
);
1108 #ifdef CONFIG_IEEE80211W
1109 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1110 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1111 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1112 "that does not support management frame protection - "
1116 #endif /* CONFIG_IEEE80211W */
1123 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1124 * @wpa_s: Pointer to wpa_supplicant data
1125 * @bss: Scan results for the selected BSS, or %NULL if not available
1126 * @ssid: Configuration data for the selected network
1127 * @wpa_ie: Buffer for the WPA/RSN IE
1128 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1129 * used buffer length in case the functions returns success.
1130 * Returns: 0 on success or -1 on failure
1132 * This function is used to configure authentication and encryption parameters
1133 * based on the network configuration and scan result for the selected BSS (if
1136 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1137 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1138 u8
*wpa_ie
, size_t *wpa_ie_len
)
1140 struct wpa_ie_data ie
;
1142 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1145 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1146 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1147 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1149 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1151 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1152 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1153 (ie
.group_cipher
& ssid
->group_cipher
) &&
1154 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1155 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1156 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1157 proto
= WPA_PROTO_RSN
;
1158 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1159 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1160 (ie
.group_cipher
& ssid
->group_cipher
) &&
1161 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1162 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1163 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1164 proto
= WPA_PROTO_WPA
;
1166 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
)) {
1167 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1168 /* TODO: parse OSEN element */
1169 os_memset(&ie
, 0, sizeof(ie
));
1170 ie
.group_cipher
= WPA_CIPHER_CCMP
;
1171 ie
.pairwise_cipher
= WPA_CIPHER_CCMP
;
1172 ie
.key_mgmt
= WPA_KEY_MGMT_OSEN
;
1173 proto
= WPA_PROTO_OSEN
;
1174 #endif /* CONFIG_HS20 */
1176 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1177 wpa_dbg(wpa_s
, MSG_DEBUG
,
1178 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1179 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1181 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1182 MAC2STR(bss
->bssid
),
1183 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1184 bss_wpa
? " WPA" : "",
1185 bss_rsn
? " RSN" : "",
1186 bss_osen
? " OSEN" : "");
1188 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1189 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1190 wpa_dbg(wpa_s
, MSG_DEBUG
,
1191 "Could not parse RSN element");
1193 wpa_dbg(wpa_s
, MSG_DEBUG
,
1194 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1195 ie
.pairwise_cipher
, ie
.group_cipher
,
1200 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1201 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1202 wpa_dbg(wpa_s
, MSG_DEBUG
,
1203 "Could not parse WPA element");
1205 wpa_dbg(wpa_s
, MSG_DEBUG
,
1206 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1207 ie
.pairwise_cipher
, ie
.group_cipher
,
1213 if (ssid
->proto
& WPA_PROTO_OSEN
)
1214 proto
= WPA_PROTO_OSEN
;
1215 else if (ssid
->proto
& WPA_PROTO_RSN
)
1216 proto
= WPA_PROTO_RSN
;
1218 proto
= WPA_PROTO_WPA
;
1219 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1220 os_memset(&ie
, 0, sizeof(ie
));
1221 ie
.group_cipher
= ssid
->group_cipher
;
1222 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1223 ie
.key_mgmt
= ssid
->key_mgmt
;
1224 #ifdef CONFIG_IEEE80211W
1225 ie
.mgmt_group_cipher
=
1226 ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
?
1227 WPA_CIPHER_AES_128_CMAC
: 0;
1228 #endif /* CONFIG_IEEE80211W */
1229 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1230 "based on configuration");
1235 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1236 "pairwise %d key_mgmt %d proto %d",
1237 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1238 #ifdef CONFIG_IEEE80211W
1239 if (ssid
->ieee80211w
) {
1240 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1241 ie
.mgmt_group_cipher
);
1243 #endif /* CONFIG_IEEE80211W */
1245 wpa_s
->wpa_proto
= proto
;
1246 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1247 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1248 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1250 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1251 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1252 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1253 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1254 bss_rsn
? 2 + bss_rsn
[1] : 0))
1258 #ifdef CONFIG_NO_WPA
1259 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1260 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1261 #else /* CONFIG_NO_WPA */
1262 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1263 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1264 if (wpa_s
->group_cipher
< 0) {
1265 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1269 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1270 wpa_cipher_txt(wpa_s
->group_cipher
));
1272 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1273 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1274 if (wpa_s
->pairwise_cipher
< 0) {
1275 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1279 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1280 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1281 #endif /* CONFIG_NO_WPA */
1283 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1285 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1286 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1287 #endif /* CONFIG_SAE */
1289 #ifdef CONFIG_SUITEB192
1290 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1291 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1292 wpa_dbg(wpa_s
, MSG_DEBUG
,
1293 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1294 #endif /* CONFIG_SUITEB192 */
1295 #ifdef CONFIG_SUITEB
1296 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1297 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1298 wpa_dbg(wpa_s
, MSG_DEBUG
,
1299 "WPA: using KEY_MGMT 802.1X with Suite B");
1300 #endif /* CONFIG_SUITEB */
1302 #ifdef CONFIG_IEEE80211R
1303 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1304 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1305 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1306 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1307 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1308 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1309 #endif /* CONFIG_IEEE80211R */
1310 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1311 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1312 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1313 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1314 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1315 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1316 #endif /* CONFIG_FILS */
1317 #ifdef CONFIG_IEEE80211R
1318 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1319 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1320 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1321 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1322 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1323 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1324 #endif /* CONFIG_IEEE80211R */
1326 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1327 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1328 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1329 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1330 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1331 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1332 #endif /* CONFIG_SAE */
1333 #ifdef CONFIG_IEEE80211W
1334 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1335 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1336 wpa_dbg(wpa_s
, MSG_DEBUG
,
1337 "WPA: using KEY_MGMT 802.1X with SHA256");
1338 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1339 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1340 wpa_dbg(wpa_s
, MSG_DEBUG
,
1341 "WPA: using KEY_MGMT PSK with SHA256");
1342 #endif /* CONFIG_IEEE80211W */
1343 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1344 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1345 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1346 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1347 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1348 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1349 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1350 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1351 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1353 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1354 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1355 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1356 #endif /* CONFIG_HS20 */
1358 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1359 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1360 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1361 #endif /* CONFIG_OWE */
1363 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1364 "authenticated key management type");
1368 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1369 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1370 wpa_s
->pairwise_cipher
);
1371 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1373 #ifdef CONFIG_IEEE80211W
1374 sel
= ie
.mgmt_group_cipher
;
1375 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1376 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1378 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1379 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1380 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1382 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1383 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1384 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1386 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1387 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1388 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1390 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1391 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1392 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1395 wpa_s
->mgmt_group_cipher
= 0;
1396 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1398 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1399 wpa_s
->mgmt_group_cipher
);
1400 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1401 wpas_get_ssid_pmf(wpa_s
, ssid
));
1402 #endif /* CONFIG_IEEE80211W */
1404 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1405 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1409 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1412 if (ssid
->psk_set
) {
1413 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1417 #ifndef CONFIG_NO_PBKDF2
1418 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1421 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1422 4096, psk
, PMK_LEN
);
1423 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1425 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1427 os_memset(psk
, 0, sizeof(psk
));
1429 #endif /* CONFIG_NO_PBKDF2 */
1430 #ifdef CONFIG_EXT_PASSWORD
1431 if (ssid
->ext_psk
) {
1432 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1434 char pw_str
[64 + 1];
1438 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1439 "found from external storage");
1443 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1444 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1445 "PSK length %d in external storage",
1446 (int) wpabuf_len(pw
));
1447 ext_password_free(pw
);
1451 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1452 pw_str
[wpabuf_len(pw
)] = '\0';
1454 #ifndef CONFIG_NO_PBKDF2
1455 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1457 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1458 4096, psk
, PMK_LEN
);
1459 os_memset(pw_str
, 0, sizeof(pw_str
));
1460 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1461 "external passphrase)",
1463 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1466 os_memset(psk
, 0, sizeof(psk
));
1468 #endif /* CONFIG_NO_PBKDF2 */
1469 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1470 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1471 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1472 "Invalid PSK hex string");
1473 os_memset(pw_str
, 0, sizeof(pw_str
));
1474 ext_password_free(pw
);
1477 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1480 os_memset(psk
, 0, sizeof(psk
));
1482 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1484 os_memset(pw_str
, 0, sizeof(pw_str
));
1485 ext_password_free(pw
);
1489 os_memset(pw_str
, 0, sizeof(pw_str
));
1490 ext_password_free(pw
);
1492 #endif /* CONFIG_EXT_PASSWORD */
1495 wpa_msg(wpa_s
, MSG_INFO
,
1496 "No PSK available for association");
1500 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1506 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1511 case 0: /* Bits 0-7 */
1513 case 1: /* Bits 8-15 */
1515 case 2: /* Bits 16-23 */
1517 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1518 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1519 #endif /* CONFIG_WNM */
1521 case 3: /* Bits 24-31 */
1523 *pos
|= 0x02; /* Bit 25 - SSID List */
1524 #endif /* CONFIG_WNM */
1525 #ifdef CONFIG_INTERWORKING
1526 if (wpa_s
->conf
->interworking
)
1527 *pos
|= 0x80; /* Bit 31 - Interworking */
1528 #endif /* CONFIG_INTERWORKING */
1530 case 4: /* Bits 32-39 */
1531 #ifdef CONFIG_INTERWORKING
1532 if (wpa_s
->drv_flags
/ WPA_DRIVER_FLAGS_QOS_MAPPING
)
1533 *pos
|= 0x01; /* Bit 32 - QoS Map */
1534 #endif /* CONFIG_INTERWORKING */
1536 case 5: /* Bits 40-47 */
1538 if (wpa_s
->conf
->hs20
)
1539 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1540 #endif /* CONFIG_HS20 */
1542 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1543 #endif /* CONFIG_MBO */
1545 case 6: /* Bits 48-55 */
1547 case 7: /* Bits 56-63 */
1549 case 8: /* Bits 64-71 */
1550 if (wpa_s
->conf
->ftm_responder
)
1551 *pos
|= 0x40; /* Bit 70 - FTM responder */
1552 if (wpa_s
->conf
->ftm_initiator
)
1553 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1555 case 9: /* Bits 72-79 */
1558 #endif /* CONFIG_FILS */
1564 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1569 if (len
< wpa_s
->extended_capa_len
)
1570 len
= wpa_s
->extended_capa_len
;
1571 if (buflen
< (size_t) len
+ 2) {
1572 wpa_printf(MSG_INFO
,
1573 "Not enough room for building extended capabilities element");
1577 *pos
++ = WLAN_EID_EXT_CAPAB
;
1579 for (i
= 0; i
< len
; i
++, pos
++) {
1580 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1582 if (i
< wpa_s
->extended_capa_len
) {
1583 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1584 *pos
|= wpa_s
->extended_capa
[i
];
1588 while (len
> 0 && buf
[1 + len
] == 0) {
1599 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1600 struct wpa_bss
*test_bss
)
1602 struct wpa_bss
*bss
;
1604 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1605 if (bss
== test_bss
)
1613 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1614 struct wpa_ssid
*test_ssid
)
1616 struct wpa_ssid
*ssid
;
1618 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1619 if (ssid
== test_ssid
)
1627 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1628 struct wpa_ssid
*test_ssid
)
1630 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1633 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1637 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1645 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1647 struct wpa_connect_work
*cwork
;
1648 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1653 wpa_s
->connect_work
= NULL
;
1656 wpas_connect_work_free(cwork
);
1657 radio_work_done(work
);
1661 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1663 struct os_reltime now
;
1666 os_get_reltime(&now
);
1667 if (wpa_s
->last_mac_addr_style
== style
&&
1668 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1669 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1670 wpa_s
->conf
->rand_addr_lifetime
)) {
1671 wpa_msg(wpa_s
, MSG_DEBUG
,
1672 "Previously selected random MAC address has not yet expired");
1678 if (random_mac_addr(addr
) < 0)
1682 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1683 if (random_mac_addr_keep_oui(addr
) < 0)
1690 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1691 wpa_msg(wpa_s
, MSG_INFO
,
1692 "Failed to set random MAC address");
1696 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1697 wpa_s
->mac_addr_changed
= 1;
1698 wpa_s
->last_mac_addr_style
= style
;
1700 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1701 wpa_msg(wpa_s
, MSG_INFO
,
1702 "Could not update MAC address information");
1706 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1713 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1715 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1716 !wpa_s
->conf
->preassoc_mac_addr
)
1719 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1723 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1726 * wpa_supplicant_associate - Request association
1727 * @wpa_s: Pointer to wpa_supplicant data
1728 * @bss: Scan results for the selected BSS, or %NULL if not available
1729 * @ssid: Configuration data for the selected network
1731 * This function is used to request %wpa_supplicant to associate with a BSS.
1733 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1734 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1736 struct wpa_connect_work
*cwork
;
1739 wpa_s
->own_disconnect_req
= 0;
1742 * If we are starting a new connection, any previously pending EAPOL
1743 * RX cannot be valid anymore.
1745 wpabuf_free(wpa_s
->pending_eapol_rx
);
1746 wpa_s
->pending_eapol_rx
= NULL
;
1748 if (ssid
->mac_addr
== -1)
1749 rand_style
= wpa_s
->conf
->mac_addr
;
1751 rand_style
= ssid
->mac_addr
;
1753 wmm_ac_clear_saved_tspecs(wpa_s
);
1754 wpa_s
->reassoc_same_bss
= 0;
1755 wpa_s
->reassoc_same_ess
= 0;
1757 if (wpa_s
->last_ssid
== ssid
) {
1758 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1759 wpa_s
->reassoc_same_ess
= 1;
1760 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1761 wmm_ac_save_tspecs(wpa_s
);
1762 wpa_s
->reassoc_same_bss
= 1;
1766 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1767 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1769 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1770 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1771 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1772 wpa_msg(wpa_s
, MSG_INFO
,
1773 "Could not restore permanent MAC address");
1776 wpa_s
->mac_addr_changed
= 0;
1777 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1778 wpa_msg(wpa_s
, MSG_INFO
,
1779 "Could not update MAC address information");
1782 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1784 wpa_s
->last_ssid
= ssid
;
1786 #ifdef CONFIG_IBSS_RSN
1787 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1788 wpa_s
->ibss_rsn
= NULL
;
1789 #else /* CONFIG_IBSS_RSN */
1790 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1791 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1792 wpa_msg(wpa_s
, MSG_INFO
,
1793 "IBSS RSN not supported in the build");
1796 #endif /* CONFIG_IBSS_RSN */
1798 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1799 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1801 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1802 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1806 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1807 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1808 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1809 wpas_p2p_ap_setup_failed(wpa_s
);
1812 wpa_s
->current_bss
= bss
;
1813 #else /* CONFIG_AP */
1814 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1816 #endif /* CONFIG_AP */
1820 if (ssid
->mode
== WPAS_MODE_MESH
) {
1822 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1823 wpa_msg(wpa_s
, MSG_INFO
,
1824 "Driver does not support mesh mode");
1828 ssid
->frequency
= bss
->freq
;
1829 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1830 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1833 wpa_s
->current_bss
= bss
;
1834 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1835 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1837 #else /* CONFIG_MESH */
1838 wpa_msg(wpa_s
, MSG_ERROR
,
1839 "mesh mode support not included in the build");
1840 #endif /* CONFIG_MESH */
1846 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
1848 #endif /* CONFIG_TDLS */
1850 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1851 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1852 sme_authenticate(wpa_s
, bss
, ssid
);
1856 if (wpa_s
->connect_work
) {
1857 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
1861 if (radio_work_pending(wpa_s
, "connect")) {
1862 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
1867 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
1868 /* Clear possibly set auth_alg, if any, from last attempt. */
1869 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
1871 #endif /* CONFIG_SME */
1873 wpas_abort_ongoing_scan(wpa_s
);
1875 cwork
= os_zalloc(sizeof(*cwork
));
1882 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
1883 wpas_start_assoc_cb
, cwork
) < 0) {
1889 static int bss_is_ibss(struct wpa_bss
*bss
)
1891 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
1896 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
1897 const struct wpa_ssid
*ssid
)
1899 enum hostapd_hw_mode hw_mode
;
1900 struct hostapd_hw_modes
*mode
= NULL
;
1904 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
1905 if (hw_mode
== NUM_HOSTAPD_MODES
)
1907 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
1908 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
1909 mode
= &wpa_s
->hw
.modes
[i
];
1917 return mode
->vht_capab
!= 0;
1921 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
1922 const struct wpa_ssid
*ssid
,
1923 struct hostapd_freq_params
*freq
)
1925 enum hostapd_hw_mode hw_mode
;
1926 struct hostapd_hw_modes
*mode
= NULL
;
1927 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1929 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
1930 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
1932 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
1934 struct hostapd_freq_params vht_freq
;
1935 int chwidth
, seg0
, seg1
;
1938 freq
->freq
= ssid
->frequency
;
1940 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
1941 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
1943 if (ssid
->mode
!= WPAS_MODE_IBSS
)
1946 /* Don't adjust control freq in case of fixed_freq */
1947 if (ssid
->fixed_freq
)
1950 if (!bss_is_ibss(bss
))
1953 if (ssid
->ssid_len
== bss
->ssid_len
&&
1954 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
1955 wpa_printf(MSG_DEBUG
,
1956 "IBSS already found in scan results, adjust control freq: %d",
1958 freq
->freq
= bss
->freq
;
1964 /* For IBSS check HT_IBSS flag */
1965 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1966 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
1969 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
1970 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
1971 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
1972 wpa_printf(MSG_DEBUG
,
1973 "IBSS: WEP/TKIP detected, do not try to enable HT");
1977 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
1978 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
1979 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
1980 mode
= &wpa_s
->hw
.modes
[i
];
1988 #ifdef CONFIG_HT_OVERRIDES
1989 if (ssid
->disable_ht
) {
1990 freq
->ht_enabled
= 0;
1993 #endif /* CONFIG_HT_OVERRIDES */
1995 freq
->ht_enabled
= ht_supported(mode
);
1996 if (!freq
->ht_enabled
)
1999 /* Setup higher BW only for 5 GHz */
2000 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2003 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2004 pri_chan
= &mode
->channels
[chan_idx
];
2005 if (pri_chan
->chan
== channel
)
2012 /* Check primary channel flags */
2013 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2016 #ifdef CONFIG_HT_OVERRIDES
2017 if (ssid
->disable_ht40
)
2019 #endif /* CONFIG_HT_OVERRIDES */
2021 /* Check/setup HT40+/HT40- */
2022 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2023 if (ht40plus
[j
] == channel
) {
2029 /* Find secondary channel */
2030 for (i
= 0; i
< mode
->num_channels
; i
++) {
2031 sec_chan
= &mode
->channels
[i
];
2032 if (sec_chan
->chan
== channel
+ ht40
* 4)
2039 /* Check secondary channel flags */
2040 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2043 freq
->channel
= pri_chan
->chan
;
2046 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2049 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2052 freq
->sec_channel_offset
= ht40
;
2055 struct wpa_scan_results
*scan_res
;
2057 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2058 if (scan_res
== NULL
) {
2060 freq
->sec_channel_offset
= 0;
2064 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2069 freq
->sec_channel_offset
= 0;
2072 /* Configuration allowed */
2075 /* Switch pri/sec channels */
2076 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2077 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2078 freq
->channel
= sec_chan
->chan
;
2081 freq
->sec_channel_offset
= 0;
2085 wpa_scan_results_free(scan_res
);
2088 wpa_printf(MSG_DEBUG
,
2089 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2090 freq
->channel
, freq
->sec_channel_offset
);
2092 if (!drv_supports_vht(wpa_s
, ssid
))
2095 /* For IBSS check VHT_IBSS flag */
2096 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2097 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2102 #ifdef CONFIG_VHT_OVERRIDES
2103 if (ssid
->disable_vht
) {
2104 freq
->vht_enabled
= 0;
2107 #endif /* CONFIG_VHT_OVERRIDES */
2109 vht_freq
.vht_enabled
= vht_supported(mode
);
2110 if (!vht_freq
.vht_enabled
)
2113 /* setup center_freq1, bandwidth */
2114 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2115 if (freq
->channel
>= vht80
[j
] &&
2116 freq
->channel
< vht80
[j
] + 16)
2120 if (j
== ARRAY_SIZE(vht80
))
2123 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2124 struct hostapd_channel_data
*chan
;
2126 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2130 /* Back to HT configuration if channel not usable */
2131 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2135 chwidth
= VHT_CHANWIDTH_80MHZ
;
2136 seg0
= vht80
[j
] + 6;
2139 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2140 /* setup center_freq2, bandwidth */
2141 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2142 /* Only accept 80 MHz segments separated by a gap */
2143 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2145 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2146 struct hostapd_channel_data
*chan
;
2148 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2152 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2153 HOSTAPD_CHAN_NO_IR
|
2154 HOSTAPD_CHAN_RADAR
))
2157 /* Found a suitable second segment for 80+80 */
2158 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2160 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2161 seg1
= vht80
[k
] + 6;
2164 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2167 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2168 if (freq
->freq
== 5180) {
2169 chwidth
= VHT_CHANWIDTH_160MHZ
;
2170 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2172 } else if (freq
->freq
== 5520) {
2173 chwidth
= VHT_CHANWIDTH_160MHZ
;
2174 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2179 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2180 freq
->channel
, freq
->ht_enabled
,
2181 vht_freq
.vht_enabled
,
2182 freq
->sec_channel_offset
,
2183 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2188 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2189 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2194 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2197 struct fils_hlp_req
*req
;
2198 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2202 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2204 rem_len
= ie_buf_len
- ie_len
;
2205 pos
= wpabuf_head(req
->pkt
);
2206 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2207 hlp_len
= wpabuf_len(req
->pkt
);
2209 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2210 wpa_printf(MSG_ERROR
,
2211 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2212 (unsigned long) rem_len
,
2213 (unsigned long) (2 + hdr_len
+ hlp_len
));
2217 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2219 *buf
++ = WLAN_EID_EXTENSION
;
2222 /* Element ID Extension */
2223 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2224 /* Destination MAC address */
2225 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2227 /* Source MAC address */
2228 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2230 /* LLC/SNAP Header */
2231 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2234 os_memcpy(buf
, pos
, len
- hdr_len
);
2235 buf
+= len
- hdr_len
;
2236 pos
+= len
- hdr_len
;
2238 hlp_len
-= len
- hdr_len
;
2243 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2244 if (rem_len
< 2 + len
)
2246 *buf
++ = WLAN_EID_FRAGMENT
;
2248 os_memcpy(buf
, pos
, len
);
2260 #endif /* CONFIG_FILS */
2263 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2265 struct wpa_connect_work
*cwork
= work
->ctx
;
2266 struct wpa_bss
*bss
= cwork
->bss
;
2267 struct wpa_ssid
*ssid
= cwork
->ssid
;
2268 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2270 size_t max_wpa_ie_len
= 200;
2272 int use_crypt
, ret
, i
, bssid_changed
;
2273 int algs
= WPA_AUTH_ALG_OPEN
;
2274 unsigned int cipher_pairwise
, cipher_group
;
2275 struct wpa_driver_associate_params params
;
2276 int wep_keys_set
= 0;
2277 int assoc_failed
= 0;
2278 struct wpa_ssid
*old_ssid
;
2279 u8 prev_bssid
[ETH_ALEN
];
2280 #ifdef CONFIG_HT_OVERRIDES
2281 struct ieee80211_ht_capabilities htcaps
;
2282 struct ieee80211_ht_capabilities htcaps_mask
;
2283 #endif /* CONFIG_HT_OVERRIDES */
2284 #ifdef CONFIG_VHT_OVERRIDES
2285 struct ieee80211_vht_capabilities vhtcaps
;
2286 struct ieee80211_vht_capabilities vhtcaps_mask
;
2287 #endif /* CONFIG_VHT_OVERRIDES */
2289 const u8
*realm
, *username
, *rrk
;
2290 size_t realm_len
, username_len
, rrk_len
;
2292 #endif /* CONFIG_FILS */
2295 if (work
->started
) {
2296 wpa_s
->connect_work
= NULL
;
2298 /* cancel possible auth. timeout */
2299 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2302 wpas_connect_work_free(cwork
);
2306 wpa_s
->connect_work
= work
;
2308 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2309 wpas_network_disabled(wpa_s
, ssid
)) {
2310 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2311 wpas_connect_work_done(wpa_s
);
2315 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2316 os_memset(¶ms
, 0, sizeof(params
));
2317 wpa_s
->reassociate
= 0;
2318 wpa_s
->eap_expected_failure
= 0;
2320 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2321 #ifdef CONFIG_IEEE80211R
2322 const u8
*ie
, *md
= NULL
;
2323 #endif /* CONFIG_IEEE80211R */
2324 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2325 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2326 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2327 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2328 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2329 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2331 wpas_notify_bssid_changed(wpa_s
);
2332 #ifdef CONFIG_IEEE80211R
2333 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2334 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2336 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2338 /* Prepare for the next transition */
2339 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2341 #endif /* CONFIG_IEEE80211R */
2343 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2344 wpa_s
->conf
->ap_scan
== 2 &&
2345 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2346 /* Use ap_scan==1 style network selection to find the network
2348 wpas_connect_work_done(wpa_s
);
2349 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2350 wpa_s
->reassociate
= 1;
2351 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2353 #endif /* CONFIG_WPS */
2355 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2356 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2358 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2360 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2363 wpa_supplicant_cancel_sched_scan(wpa_s
);
2365 wpa_supplicant_cancel_scan(wpa_s
);
2367 /* Starting new association, so clear the possibly used WPA IE from the
2368 * previous association. */
2369 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2371 #ifdef IEEE8021X_EAPOL
2372 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2374 if (ssid
->non_leap
== 0)
2375 algs
= WPA_AUTH_ALG_LEAP
;
2377 algs
|= WPA_AUTH_ALG_LEAP
;
2382 /* Clear FILS association */
2383 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2385 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2386 ssid
->eap
.erp
&& wpa_key_mgmt_fils(ssid
->key_mgmt
) &&
2387 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2388 &username_len
, &realm
, &realm_len
,
2389 &next_seq_num
, &rrk
, &rrk_len
) == 0) {
2390 algs
= WPA_AUTH_ALG_FILS
;
2391 params
.fils_erp_username
= username
;
2392 params
.fils_erp_username_len
= username_len
;
2393 params
.fils_erp_realm
= realm
;
2394 params
.fils_erp_realm_len
= realm_len
;
2395 params
.fils_erp_next_seq_num
= next_seq_num
;
2396 params
.fils_erp_rrk
= rrk
;
2397 params
.fils_erp_rrk_len
= rrk_len
;
2399 #endif /* CONFIG_FILS */
2400 #endif /* IEEE8021X_EAPOL */
2402 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2403 if (ssid
->auth_alg
) {
2404 algs
= ssid
->auth_alg
;
2405 wpa_dbg(wpa_s
, MSG_DEBUG
, "Overriding auth_alg selection: "
2410 if (algs
== WPA_AUTH_ALG_FILS
) {
2411 struct fils_hlp_req
*req
;
2413 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2415 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 +
2416 wpabuf_len(req
->pkt
) +
2417 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2420 #endif /* CONFIG_FILS */
2421 wpa_ie
= os_malloc(max_wpa_ie_len
);
2423 wpa_printf(MSG_ERROR
,
2424 "Failed to allocate connect IE buffer for %lu bytes",
2425 (unsigned long) max_wpa_ie_len
);
2426 wpas_connect_work_done(wpa_s
);
2430 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2431 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2432 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2433 int try_opportunistic
;
2434 const u8
*cache_id
= NULL
;
2436 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2438 ssid
->proactive_key_caching
) &&
2439 (ssid
->proto
& WPA_PROTO_RSN
);
2441 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2442 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2443 #endif /* CONFIG_FILS */
2444 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2445 ssid
, try_opportunistic
,
2447 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2448 wpa_ie_len
= max_wpa_ie_len
;
2449 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2450 wpa_ie
, &wpa_ie_len
)) {
2451 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2452 "key management and encryption suites");
2453 wpas_connect_work_done(wpa_s
);
2457 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2458 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2460 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2461 * use non-WPA since the scan results did not indicate that the
2462 * AP is using WPA or WPA2.
2464 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2466 wpa_s
->wpa_proto
= 0;
2467 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2468 wpa_ie_len
= max_wpa_ie_len
;
2469 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2470 wpa_ie
, &wpa_ie_len
)) {
2471 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2472 "key management and encryption suites (no "
2474 wpas_connect_work_done(wpa_s
);
2479 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2480 struct wpabuf
*wps_ie
;
2481 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2482 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2483 wpa_ie_len
= wpabuf_len(wps_ie
);
2484 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2487 wpabuf_free(wps_ie
);
2488 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2489 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2490 params
.wps
= WPS_MODE_PRIVACY
;
2492 params
.wps
= WPS_MODE_OPEN
;
2493 wpa_s
->wpa_proto
= 0;
2494 #endif /* CONFIG_WPS */
2496 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2498 wpa_s
->wpa_proto
= 0;
2502 if (wpa_s
->global
->p2p
) {
2506 pos
= wpa_ie
+ wpa_ie_len
;
2507 len
= max_wpa_ie_len
- wpa_ie_len
;
2508 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2514 wpa_s
->cross_connect_disallowed
= 0;
2517 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2519 wpa_s
->cross_connect_disallowed
=
2520 p2p_get_cross_connect_disallowed(p2p
);
2522 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2524 wpa_s
->cross_connect_disallowed
?
2525 "disallows" : "allows");
2529 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2530 #endif /* CONFIG_P2P */
2533 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2534 wpa_ie
+ wpa_ie_len
,
2540 * Workaround: Add Extended Capabilities element only if the AP
2541 * included this element in Beacon/Probe Response frames. Some older
2542 * APs seem to have interoperability issues if this element is
2543 * included, so while the standard may require us to include the
2544 * element in all cases, it is justifiable to skip it to avoid
2545 * interoperability issues.
2547 if (ssid
->p2p_group
)
2548 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2550 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2552 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2555 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2557 if (ext_capab_len
> 0) {
2559 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2561 os_memmove(pos
+ ext_capab_len
, pos
,
2562 wpa_ie_len
- (pos
- wpa_ie
));
2563 wpa_ie_len
+= ext_capab_len
;
2564 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2569 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2570 struct wpabuf
*hs20
;
2572 hs20
= wpabuf_alloc(20);
2574 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2577 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2578 len
= max_wpa_ie_len
- wpa_ie_len
;
2579 if (wpabuf_len(hs20
) <= len
) {
2580 os_memcpy(wpa_ie
+ wpa_ie_len
,
2581 wpabuf_head(hs20
), wpabuf_len(hs20
));
2582 wpa_ie_len
+= wpabuf_len(hs20
);
2586 hs20_configure_frame_filters(wpa_s
);
2589 #endif /* CONFIG_HS20 */
2591 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2592 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2595 len
= max_wpa_ie_len
- wpa_ie_len
;
2596 if (wpabuf_len(buf
) <= len
) {
2597 os_memcpy(wpa_ie
+ wpa_ie_len
,
2598 wpabuf_head(buf
), wpabuf_len(buf
));
2599 wpa_ie_len
+= wpabuf_len(buf
);
2604 if (wpa_s
->fst_ies
) {
2605 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2607 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2608 os_memcpy(wpa_ie
+ wpa_ie_len
,
2609 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2610 wpa_ie_len
+= fst_ies_len
;
2613 #endif /* CONFIG_FST */
2616 if (bss
&& wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
)) {
2619 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2620 max_wpa_ie_len
- wpa_ie_len
);
2624 #endif /* CONFIG_MBO */
2627 if (algs
== WPA_AUTH_ALG_FILS
) {
2630 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2631 max_wpa_ie_len
- wpa_ie_len
);
2634 #endif /* CONFIG_FILS */
2636 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2638 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2639 cipher_group
= wpa_s
->group_cipher
;
2640 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2641 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2642 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2644 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2649 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2652 #ifdef IEEE8021X_EAPOL
2653 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2654 if ((ssid
->eapol_flags
&
2655 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2656 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2660 /* Assume that dynamic WEP-104 keys will be used and
2661 * set cipher suites in order for drivers to expect
2663 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2666 #endif /* IEEE8021X_EAPOL */
2668 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2669 /* Set the key before (and later after) association */
2670 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2673 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2675 params
.ssid
= bss
->ssid
;
2676 params
.ssid_len
= bss
->ssid_len
;
2677 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
2678 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
2679 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
2680 MACSTR
" freq=%u MHz based on scan results "
2681 "(bssid_set=%d wps=%d)",
2682 MAC2STR(bss
->bssid
), bss
->freq
,
2684 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
2685 params
.bssid
= bss
->bssid
;
2686 params
.freq
.freq
= bss
->freq
;
2688 params
.bssid_hint
= bss
->bssid
;
2689 params
.freq_hint
= bss
->freq
;
2690 params
.pbss
= bss_is_pbss(bss
);
2692 if (ssid
->bssid_hint_set
)
2693 params
.bssid_hint
= ssid
->bssid_hint
;
2695 params
.ssid
= ssid
->ssid
;
2696 params
.ssid_len
= ssid
->ssid_len
;
2697 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
2700 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
2701 wpa_s
->conf
->ap_scan
== 2) {
2702 params
.bssid
= ssid
->bssid
;
2703 params
.fixed_bssid
= 1;
2706 /* Initial frequency for IBSS/mesh */
2707 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
2708 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
2709 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
2711 if (ssid
->mode
== WPAS_MODE_IBSS
) {
2712 params
.fixed_freq
= ssid
->fixed_freq
;
2713 if (ssid
->beacon_int
)
2714 params
.beacon_int
= ssid
->beacon_int
;
2716 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
2719 params
.wpa_ie
= wpa_ie
;
2720 params
.wpa_ie_len
= wpa_ie_len
;
2721 params
.pairwise_suite
= cipher_pairwise
;
2722 params
.group_suite
= cipher_group
;
2723 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
2724 params
.wpa_proto
= wpa_s
->wpa_proto
;
2725 params
.auth_alg
= algs
;
2726 wpa_s
->auth_alg
= params
.auth_alg
;
2727 params
.mode
= ssid
->mode
;
2728 params
.bg_scan_period
= ssid
->bg_scan_period
;
2729 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
2730 if (ssid
->wep_key_len
[i
])
2731 params
.wep_key
[i
] = ssid
->wep_key
[i
];
2732 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
2734 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
2736 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
2737 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2738 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
2739 params
.passphrase
= ssid
->passphrase
;
2741 params
.psk
= ssid
->psk
;
2744 if (wpa_s
->conf
->key_mgmt_offload
) {
2745 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
2746 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
2747 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
2748 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
2749 params
.req_key_mgmt_offload
=
2750 ssid
->proactive_key_caching
< 0 ?
2751 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
2753 params
.req_key_mgmt_offload
= 1;
2755 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2756 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
2757 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
2759 params
.psk
= ssid
->psk
;
2762 params
.drop_unencrypted
= use_crypt
;
2764 #ifdef CONFIG_IEEE80211W
2765 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
2766 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
2767 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
2768 struct wpa_ie_data ie
;
2769 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
2771 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
2772 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
2773 "MFP: require MFP");
2774 params
.mgmt_frame_protection
=
2775 MGMT_FRAME_PROTECTION_REQUIRED
;
2778 #endif /* CONFIG_IEEE80211W */
2780 params
.p2p
= ssid
->p2p_group
;
2782 if (wpa_s
->p2pdev
->set_sta_uapsd
)
2783 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
2787 #ifdef CONFIG_HT_OVERRIDES
2788 os_memset(&htcaps
, 0, sizeof(htcaps
));
2789 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
2790 params
.htcaps
= (u8
*) &htcaps
;
2791 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
2792 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
2793 #endif /* CONFIG_HT_OVERRIDES */
2794 #ifdef CONFIG_VHT_OVERRIDES
2795 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
2796 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
2797 params
.vhtcaps
= &vhtcaps
;
2798 params
.vhtcaps_mask
= &vhtcaps_mask
;
2799 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
2800 #endif /* CONFIG_VHT_OVERRIDES */
2804 * If multi-channel concurrency is not supported, check for any
2805 * frequency conflict. In case of any frequency conflict, remove the
2806 * least prioritized connection.
2808 if (wpa_s
->num_multichan_concurrent
< 2) {
2810 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
2811 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
2812 wpa_printf(MSG_DEBUG
,
2813 "Assoc conflicting freq found (%d != %d)",
2814 freq
, params
.freq
.freq
);
2815 if (wpas_p2p_handle_frequency_conflicts(
2816 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
2817 wpas_connect_work_done(wpa_s
);
2823 #endif /* CONFIG_P2P */
2825 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
2826 wpa_s
->current_ssid
)
2827 params
.prev_bssid
= prev_bssid
;
2829 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
2832 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
2834 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
2836 * The driver is known to mean what is saying, so we
2837 * can stop right here; the association will not
2840 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
2841 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2842 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2845 /* try to continue anyway; new association will be tried again
2850 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2851 /* Set the key after the association just in case association
2852 * cleared the previously configured key. */
2853 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2854 /* No need to timeout authentication since there is no key
2856 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2857 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
2858 #ifdef CONFIG_IBSS_RSN
2859 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
2860 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
2861 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
2863 * RSN IBSS authentication is per-STA and we can disable the
2864 * per-BSSID authentication.
2866 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2867 #endif /* CONFIG_IBSS_RSN */
2869 /* Timeout for IEEE 802.11 authentication and association */
2873 /* give IBSS a bit more time */
2874 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
2875 } else if (wpa_s
->conf
->ap_scan
== 1) {
2876 /* give IBSS a bit more time */
2877 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
2879 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
2883 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
2884 /* Set static WEP keys again */
2885 wpa_set_wep_keys(wpa_s
, ssid
);
2888 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
2890 * Do not allow EAP session resumption between different
2891 * network configurations.
2893 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
2895 old_ssid
= wpa_s
->current_ssid
;
2896 wpa_s
->current_ssid
= ssid
;
2898 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
2899 wpa_s
->current_bss
= bss
;
2901 hs20_configure_frame_filters(wpa_s
);
2902 #endif /* CONFIG_HS20 */
2905 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
2906 wpa_supplicant_initiate_eapol(wpa_s
);
2907 if (old_ssid
!= wpa_s
->current_ssid
)
2908 wpas_notify_network_changed(wpa_s
);
2912 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
2915 struct wpa_ssid
*old_ssid
;
2917 wpas_connect_work_done(wpa_s
);
2918 wpa_clear_keys(wpa_s
, addr
);
2919 old_ssid
= wpa_s
->current_ssid
;
2920 wpa_supplicant_mark_disassoc(wpa_s
);
2921 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
2922 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
2923 if (old_ssid
!= wpa_s
->current_ssid
)
2924 wpas_notify_network_changed(wpa_s
);
2925 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
2930 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2931 * @wpa_s: Pointer to wpa_supplicant data
2932 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2934 * This function is used to request %wpa_supplicant to deauthenticate from the
2937 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
2941 union wpa_event_data event
;
2944 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
2945 " pending_bssid=" MACSTR
" reason=%d state=%s",
2946 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
2947 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
2949 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
2950 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
2951 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
2952 addr
= wpa_s
->pending_bssid
;
2953 else if (!is_zero_ether_addr(wpa_s
->bssid
))
2954 addr
= wpa_s
->bssid
;
2955 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
2957 * When using driver-based BSS selection, we may not know the
2958 * BSSID with which we are currently trying to associate. We
2959 * need to notify the driver of this disconnection even in such
2960 * a case, so use the all zeros address here.
2962 addr
= wpa_s
->bssid
;
2967 wpa_tdls_teardown_peers(wpa_s
->wpa
);
2968 #endif /* CONFIG_TDLS */
2972 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
2974 wpa_supplicant_leave_mesh(wpa_s
);
2976 #endif /* CONFIG_MESH */
2979 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
2980 os_memset(&event
, 0, sizeof(event
));
2981 event
.deauth_info
.reason_code
= (u16
) reason_code
;
2982 event
.deauth_info
.locally_generated
= 1;
2983 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
2988 wpa_supplicant_clear_connection(wpa_s
, addr
);
2991 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
2992 struct wpa_ssid
*ssid
)
2994 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
2998 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
2999 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3002 * Try to reassociate since there is no current configuration and a new
3003 * network was made available.
3005 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3006 wpa_s
->reassociate
= 1;
3011 * wpa_supplicant_add_network - Add a new network
3012 * @wpa_s: wpa_supplicant structure for a network interface
3013 * Returns: The new network configuration or %NULL if operation failed
3015 * This function performs the following operations:
3016 * 1. Adds a new network.
3017 * 2. Send network addition notification.
3018 * 3. Marks the network disabled.
3019 * 4. Set network default parameters.
3021 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3023 struct wpa_ssid
*ssid
;
3025 ssid
= wpa_config_add_network(wpa_s
->conf
);
3028 wpas_notify_network_added(wpa_s
, ssid
);
3030 wpa_config_set_network_defaults(ssid
);
3037 * wpa_supplicant_remove_network - Remove a configured network based on id
3038 * @wpa_s: wpa_supplicant structure for a network interface
3039 * @id: Unique network id to search for
3040 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3041 * could not be removed
3043 * This function performs the following operations:
3044 * 1. Removes the network.
3045 * 2. Send network removal notification.
3046 * 3. Update internal state machines.
3047 * 4. Stop any running sched scans.
3049 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3051 struct wpa_ssid
*ssid
;
3054 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3057 wpas_notify_network_removed(wpa_s
, ssid
);
3059 if (wpa_s
->last_ssid
== ssid
)
3060 wpa_s
->last_ssid
= NULL
;
3062 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3064 wpa_s
->sme
.prev_bssid_set
= 0;
3065 #endif /* CONFIG_SME */
3067 * Invalidate the EAP session cache if the current or
3068 * previously used network is removed.
3070 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3073 if (ssid
== wpa_s
->current_ssid
) {
3074 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3075 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3077 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3078 wpa_s
->own_disconnect_req
= 1;
3079 wpa_supplicant_deauthenticate(wpa_s
,
3080 WLAN_REASON_DEAUTH_LEAVING
);
3083 was_disabled
= ssid
->disabled
;
3085 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3088 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3089 wpa_printf(MSG_DEBUG
,
3090 "Stop ongoing sched_scan to remove network from filters");
3091 wpa_supplicant_cancel_sched_scan(wpa_s
);
3092 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3100 * wpa_supplicant_enable_network - Mark a configured network as enabled
3101 * @wpa_s: wpa_supplicant structure for a network interface
3102 * @ssid: wpa_ssid structure for a configured network or %NULL
3104 * Enables the specified network or all networks if no network specified.
3106 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3107 struct wpa_ssid
*ssid
)
3110 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3111 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3113 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3115 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3116 (!wpa_s
->current_ssid
||
3117 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3118 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3119 if (wpa_s
->sched_scanning
) {
3120 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3121 "new network to scan filters");
3122 wpa_supplicant_cancel_sched_scan(wpa_s
);
3125 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3126 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3127 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3134 * wpa_supplicant_disable_network - Mark a configured network as disabled
3135 * @wpa_s: wpa_supplicant structure for a network interface
3136 * @ssid: wpa_ssid structure for a configured network or %NULL
3138 * Disables the specified network or all networks if no network specified.
3140 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3141 struct wpa_ssid
*ssid
)
3143 struct wpa_ssid
*other_ssid
;
3147 if (wpa_s
->sched_scanning
)
3148 wpa_supplicant_cancel_sched_scan(wpa_s
);
3150 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3151 other_ssid
= other_ssid
->next
) {
3152 was_disabled
= other_ssid
->disabled
;
3153 if (was_disabled
== 2)
3154 continue; /* do not change persistent P2P group
3157 other_ssid
->disabled
= 1;
3159 if (was_disabled
!= other_ssid
->disabled
)
3160 wpas_notify_network_enabled_changed(
3163 if (wpa_s
->current_ssid
) {
3164 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3165 wpa_s
->own_disconnect_req
= 1;
3166 wpa_supplicant_deauthenticate(
3167 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3169 } else if (ssid
->disabled
!= 2) {
3170 if (ssid
== wpa_s
->current_ssid
) {
3171 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3172 wpa_s
->own_disconnect_req
= 1;
3173 wpa_supplicant_deauthenticate(
3174 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3177 was_disabled
= ssid
->disabled
;
3181 if (was_disabled
!= ssid
->disabled
) {
3182 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3183 if (wpa_s
->sched_scanning
) {
3184 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3185 "to remove network from filters");
3186 wpa_supplicant_cancel_sched_scan(wpa_s
);
3187 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3195 * wpa_supplicant_select_network - Attempt association with a network
3196 * @wpa_s: wpa_supplicant structure for a network interface
3197 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3199 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3200 struct wpa_ssid
*ssid
)
3203 struct wpa_ssid
*other_ssid
;
3204 int disconnected
= 0;
3206 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3207 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3208 wpa_s
->own_disconnect_req
= 1;
3209 wpa_supplicant_deauthenticate(
3210 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3215 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3218 * Mark all other networks disabled or mark all networks enabled if no
3219 * network specified.
3221 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3222 other_ssid
= other_ssid
->next
) {
3223 int was_disabled
= other_ssid
->disabled
;
3224 if (was_disabled
== 2)
3225 continue; /* do not change persistent P2P group data */
3227 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3228 if (was_disabled
&& !other_ssid
->disabled
)
3229 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3231 if (was_disabled
!= other_ssid
->disabled
)
3232 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3235 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3236 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3237 /* We are already associated with the selected network */
3238 wpa_printf(MSG_DEBUG
, "Already associated with the "
3239 "selected network - do nothing");
3244 wpa_s
->current_ssid
= ssid
;
3245 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3246 wpa_s
->connect_without_scan
=
3247 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3250 * Don't optimize next scan freqs since a new ESS has been
3253 os_free(wpa_s
->next_scan_freqs
);
3254 wpa_s
->next_scan_freqs
= NULL
;
3256 wpa_s
->connect_without_scan
= NULL
;
3259 wpa_s
->disconnected
= 0;
3260 wpa_s
->reassociate
= 1;
3262 if (wpa_s
->connect_without_scan
||
3263 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3264 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3265 wpas_scan_reset_sched_scan(wpa_s
);
3266 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3270 wpas_notify_network_selected(wpa_s
, ssid
);
3275 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3276 * @wpa_s: wpa_supplicant structure for a network interface
3277 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3278 * @pkcs11_module_path: PKCS #11 module path or NULL
3279 * Returns: 0 on success; -1 on failure
3281 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3282 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3283 * module path fails the paths will be reset to the default value (NULL).
3285 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3286 const char *pkcs11_engine_path
,
3287 const char *pkcs11_module_path
)
3289 char *pkcs11_engine_path_copy
= NULL
;
3290 char *pkcs11_module_path_copy
= NULL
;
3292 if (pkcs11_engine_path
!= NULL
) {
3293 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3294 if (pkcs11_engine_path_copy
== NULL
)
3297 if (pkcs11_module_path
!= NULL
) {
3298 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3299 if (pkcs11_module_path_copy
== NULL
) {
3300 os_free(pkcs11_engine_path_copy
);
3305 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3306 os_free(wpa_s
->conf
->pkcs11_module_path
);
3307 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3308 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3310 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3311 eapol_sm_deinit(wpa_s
->eapol
);
3312 wpa_s
->eapol
= NULL
;
3313 if (wpa_supplicant_init_eapol(wpa_s
)) {
3314 /* Error -> Reset paths to the default value (NULL) once. */
3315 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3316 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3321 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3328 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3329 * @wpa_s: wpa_supplicant structure for a network interface
3330 * @ap_scan: AP scan mode
3331 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3334 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3339 if (ap_scan
< 0 || ap_scan
> 2)
3342 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3343 wpa_printf(MSG_INFO
,
3344 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3348 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3349 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3350 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3351 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3352 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3355 #endif /* ANDROID */
3357 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3358 wpa_s
->conf
->ap_scan
= ap_scan
;
3360 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3361 wpas_notify_ap_scan_changed(wpa_s
);
3368 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3369 * @wpa_s: wpa_supplicant structure for a network interface
3370 * @expire_age: Expiration age in seconds
3371 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3374 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3375 unsigned int bss_expire_age
)
3377 if (bss_expire_age
< 10) {
3378 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3382 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3384 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3391 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3392 * @wpa_s: wpa_supplicant structure for a network interface
3393 * @expire_count: number of scans after which an unseen BSS is reclaimed
3394 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3397 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3398 unsigned int bss_expire_count
)
3400 if (bss_expire_count
< 1) {
3401 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3405 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3407 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3414 * wpa_supplicant_set_scan_interval - Set scan interval
3415 * @wpa_s: wpa_supplicant structure for a network interface
3416 * @scan_interval: scan interval in seconds
3417 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3420 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3423 if (scan_interval
< 0) {
3424 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3428 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3430 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3437 * wpa_supplicant_set_debug_params - Set global debug params
3438 * @global: wpa_global structure
3439 * @debug_level: debug level
3440 * @debug_timestamp: determines if show timestamp in debug data
3441 * @debug_show_keys: determines if show keys in debug data
3442 * Returns: 0 if succeed or -1 if debug_level has wrong value
3444 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3445 int debug_timestamp
, int debug_show_keys
)
3448 int old_level
, old_timestamp
, old_show_keys
;
3450 /* check for allowed debuglevels */
3451 if (debug_level
!= MSG_EXCESSIVE
&&
3452 debug_level
!= MSG_MSGDUMP
&&
3453 debug_level
!= MSG_DEBUG
&&
3454 debug_level
!= MSG_INFO
&&
3455 debug_level
!= MSG_WARNING
&&
3456 debug_level
!= MSG_ERROR
)
3459 old_level
= wpa_debug_level
;
3460 old_timestamp
= wpa_debug_timestamp
;
3461 old_show_keys
= wpa_debug_show_keys
;
3463 wpa_debug_level
= debug_level
;
3464 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3465 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3467 if (wpa_debug_level
!= old_level
)
3468 wpas_notify_debug_level_changed(global
);
3469 if (wpa_debug_timestamp
!= old_timestamp
)
3470 wpas_notify_debug_timestamp_changed(global
);
3471 if (wpa_debug_show_keys
!= old_show_keys
)
3472 wpas_notify_debug_show_keys_changed(global
);
3479 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3480 * @wpa_s: Pointer to wpa_supplicant data
3481 * Returns: A pointer to the current network structure or %NULL on failure
3483 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3485 struct wpa_ssid
*entry
;
3486 u8 ssid
[SSID_MAX_LEN
];
3492 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3494 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3500 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3501 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3506 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3507 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3509 entry
= wpa_s
->conf
->ssid
;
3511 if (!wpas_network_disabled(wpa_s
, entry
) &&
3512 ((ssid_len
== entry
->ssid_len
&&
3513 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3514 (!entry
->bssid_set
||
3515 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3518 if (!wpas_network_disabled(wpa_s
, entry
) &&
3519 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3520 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3521 (!entry
->bssid_set
||
3522 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3524 #endif /* CONFIG_WPS */
3526 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3527 entry
->ssid_len
== 0 &&
3528 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3531 entry
= entry
->next
;
3538 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3540 struct wpa_global
*global
= wpa_s
->global
;
3542 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3543 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3544 if (global
->drv_priv
[i
] == NULL
) {
3545 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3546 "'%s'", wpa_drivers
[i
]->name
);
3551 wpa_s
->driver
= wpa_drivers
[i
];
3552 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3558 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3563 const char *pos
, *driver
= name
;
3568 if (wpa_drivers
[0] == NULL
) {
3569 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3575 /* default to first driver in the list */
3576 return select_driver(wpa_s
, 0);
3580 pos
= os_strchr(driver
, ',');
3584 len
= os_strlen(driver
);
3586 for (i
= 0; wpa_drivers
[i
]; i
++) {
3587 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3588 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3590 /* First driver that succeeds wins */
3591 if (select_driver(wpa_s
, i
) == 0)
3599 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3605 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3606 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3607 * with struct wpa_driver_ops::init()
3608 * @src_addr: Source address of the EAPOL frame
3609 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3610 * @len: Length of the EAPOL data
3612 * This function is called for each received EAPOL frame. Most driver
3613 * interfaces rely on more generic OS mechanism for receiving frames through
3614 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3615 * take care of received EAPOL frames and deliver them to the core supplicant
3616 * code by calling this function.
3618 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3619 const u8
*buf
, size_t len
)
3621 struct wpa_supplicant
*wpa_s
= ctx
;
3623 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
3624 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
3626 #ifdef CONFIG_TESTING_OPTIONS
3627 if (wpa_s
->ignore_auth_resp
) {
3628 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
3631 #endif /* CONFIG_TESTING_OPTIONS */
3633 #ifdef CONFIG_PEERKEY
3634 if (wpa_s
->wpa_state
> WPA_ASSOCIATED
&& wpa_s
->current_ssid
&&
3635 wpa_s
->current_ssid
->peerkey
&&
3636 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3637 wpa_sm_rx_eapol_peerkey(wpa_s
->wpa
, src_addr
, buf
, len
) == 1) {
3638 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: Processed PeerKey EAPOL-Key");
3641 #endif /* CONFIG_PEERKEY */
3643 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
3644 (wpa_s
->last_eapol_matches_bssid
&&
3647 #endif /* CONFIG_AP */
3648 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
3650 * There is possible race condition between receiving the
3651 * association event and the EAPOL frame since they are coming
3652 * through different paths from the driver. In order to avoid
3653 * issues in trying to process the EAPOL frame before receiving
3654 * association information, lets queue it for processing until
3655 * the association event is received. This may also be needed in
3656 * driver-based roaming case, so also use src_addr != BSSID as a
3657 * trigger if we have previously confirmed that the
3658 * Authenticator uses BSSID as the src_addr (which is not the
3659 * case with wired IEEE 802.1X).
3661 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
3662 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
3663 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
3664 MAC2STR(wpa_s
->bssid
));
3665 wpabuf_free(wpa_s
->pending_eapol_rx
);
3666 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
3667 if (wpa_s
->pending_eapol_rx
) {
3668 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
3669 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
3675 wpa_s
->last_eapol_matches_bssid
=
3676 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
3679 if (wpa_s
->ap_iface
) {
3680 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
3683 #endif /* CONFIG_AP */
3685 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
3686 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
3687 "no key management is configured");
3691 if (wpa_s
->eapol_received
== 0 &&
3692 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
3693 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
3694 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
3695 (wpa_s
->current_ssid
== NULL
||
3696 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
3697 /* Timeout for completing IEEE 802.1X and WPA authentication */
3700 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
3701 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
3702 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3703 /* Use longer timeout for IEEE 802.1X/EAP */
3708 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
3709 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3710 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
3712 * Use shorter timeout if going through WPS AP iteration
3713 * for PIN config method with an AP that does not
3714 * advertise Selected Registrar.
3716 struct wpabuf
*wps_ie
;
3718 wps_ie
= wpa_bss_get_vendor_ie_multi(
3719 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
3721 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
3723 wpabuf_free(wps_ie
);
3725 #endif /* CONFIG_WPS */
3727 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3729 wpa_s
->eapol_received
++;
3731 if (wpa_s
->countermeasures
) {
3732 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
3737 #ifdef CONFIG_IBSS_RSN
3738 if (wpa_s
->current_ssid
&&
3739 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
3740 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
3743 #endif /* CONFIG_IBSS_RSN */
3745 /* Source address of the incoming EAPOL frame could be compared to the
3746 * current BSSID. However, it is possible that a centralized
3747 * Authenticator could be using another MAC address than the BSSID of
3748 * an AP, so just allow any address to be used for now. The replies are
3749 * still sent to the current BSSID (if available), though. */
3751 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
3752 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
3753 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
3754 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
3756 wpa_drv_poll(wpa_s
);
3757 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
3758 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
3759 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
3761 * Set portValid = TRUE here since we are going to skip 4-way
3762 * handshake processing which would normally set portValid. We
3763 * need this to allow the EAPOL state machines to be completed
3764 * without going through EAPOL-Key handshake.
3766 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
3771 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
3773 if ((!wpa_s
->p2p_mgmt
||
3774 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
3775 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
3776 l2_packet_deinit(wpa_s
->l2
);
3777 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
3778 wpa_drv_get_mac_addr(wpa_s
),
3780 wpa_supplicant_rx_eapol
, wpa_s
, 0);
3781 if (wpa_s
->l2
== NULL
)
3784 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
3786 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
3789 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
3790 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
3794 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3800 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
3801 const u8
*buf
, size_t len
)
3803 struct wpa_supplicant
*wpa_s
= ctx
;
3804 const struct l2_ethhdr
*eth
;
3806 if (len
< sizeof(*eth
))
3808 eth
= (const struct l2_ethhdr
*) buf
;
3810 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
3811 !(eth
->h_dest
[0] & 0x01)) {
3812 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3813 " (bridge - not for this interface - ignore)",
3814 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3818 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3819 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3820 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
3821 len
- sizeof(*eth
));
3826 * wpa_supplicant_driver_init - Initialize driver interface parameters
3827 * @wpa_s: Pointer to wpa_supplicant data
3828 * Returns: 0 on success, -1 on failure
3830 * This function is called to initialize driver interface parameters.
3831 * wpa_drv_init() must have been called before this function to initialize the
3834 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
3836 static int interface_count
= 0;
3838 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
3841 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
3842 MAC2STR(wpa_s
->own_addr
));
3843 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
3844 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3846 if (wpa_s
->bridge_ifname
[0]) {
3847 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
3848 "interface '%s'", wpa_s
->bridge_ifname
);
3849 wpa_s
->l2_br
= l2_packet_init_bridge(
3850 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
3851 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
3852 if (wpa_s
->l2_br
== NULL
) {
3853 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
3854 "connection for the bridge interface '%s'",
3855 wpa_s
->bridge_ifname
);
3860 if (wpa_s
->conf
->ap_scan
== 2 &&
3861 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3862 wpa_printf(MSG_INFO
,
3863 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3866 wpa_clear_keys(wpa_s
, NULL
);
3868 /* Make sure that TKIP countermeasures are not left enabled (could
3869 * happen if wpa_supplicant is killed during countermeasures. */
3870 wpa_drv_set_countermeasures(wpa_s
, 0);
3872 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
3873 wpa_drv_flush_pmkid(wpa_s
);
3875 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
3876 wpa_s
->prev_scan_wildcard
= 0;
3878 if (wpa_supplicant_enabled_networks(wpa_s
)) {
3879 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
3880 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3881 interface_count
= 0;
3884 if (!wpa_s
->p2p_mgmt
&&
3885 wpa_supplicant_delayed_sched_scan(wpa_s
,
3886 interface_count
% 3,
3888 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
3890 #endif /* ANDROID */
3893 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
3899 static int wpa_supplicant_daemon(const char *pid_file
)
3901 wpa_printf(MSG_DEBUG
, "Daemonize..");
3902 return os_daemonize(pid_file
);
3906 static struct wpa_supplicant
*
3907 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
3909 struct wpa_supplicant
*wpa_s
;
3911 wpa_s
= os_zalloc(sizeof(*wpa_s
));
3914 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
3915 wpa_s
->scan_interval
= 5;
3916 wpa_s
->new_connection
= 1;
3917 wpa_s
->parent
= parent
? parent
: wpa_s
;
3918 wpa_s
->p2pdev
= wpa_s
->parent
;
3919 wpa_s
->sched_scanning
= 0;
3921 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
3922 dl_list_init(&wpa_s
->fils_hlp_req
);
3928 #ifdef CONFIG_HT_OVERRIDES
3930 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
3931 struct ieee80211_ht_capabilities
*htcaps
,
3932 struct ieee80211_ht_capabilities
*htcaps_mask
,
3935 /* parse ht_mcs into hex array */
3937 const char *tmp
= ht_mcs
;
3940 /* If ht_mcs is null, do not set anything */
3944 /* This is what we are setting in the kernel */
3945 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
3947 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
3949 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
3953 v
= strtol(tmp
, &end
, 16);
3956 wpa_msg(wpa_s
, MSG_DEBUG
,
3957 "htcap value[%i]: %ld end: %p tmp: %p",
3962 htcaps
->supported_mcs_set
[i
] = v
;
3965 wpa_msg(wpa_s
, MSG_ERROR
,
3966 "Failed to parse ht-mcs: %s, error: %s\n",
3967 ht_mcs
, strerror(errno
));
3973 * If we were able to parse any values, then set mask for the MCS set.
3976 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
3977 IEEE80211_HT_MCS_MASK_LEN
- 1);
3978 /* skip the 3 reserved bits */
3979 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
3987 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
3988 struct ieee80211_ht_capabilities
*htcaps
,
3989 struct ieee80211_ht_capabilities
*htcaps_mask
,
3994 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
3999 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4000 htcaps_mask
->ht_capabilities_info
|= msk
;
4002 htcaps
->ht_capabilities_info
&= msk
;
4004 htcaps
->ht_capabilities_info
|= msk
;
4010 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4011 struct ieee80211_ht_capabilities
*htcaps
,
4012 struct ieee80211_ht_capabilities
*htcaps_mask
,
4015 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4020 if (factor
< 0 || factor
> 3) {
4021 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4022 "Must be 0-3 or -1", factor
);
4026 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4027 htcaps
->a_mpdu_params
&= ~0x3;
4028 htcaps
->a_mpdu_params
|= factor
& 0x3;
4034 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4035 struct ieee80211_ht_capabilities
*htcaps
,
4036 struct ieee80211_ht_capabilities
*htcaps_mask
,
4039 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4044 if (density
< 0 || density
> 7) {
4045 wpa_msg(wpa_s
, MSG_ERROR
,
4046 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4051 htcaps_mask
->a_mpdu_params
|= 0x1C;
4052 htcaps
->a_mpdu_params
&= ~(0x1C);
4053 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4059 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4060 struct ieee80211_ht_capabilities
*htcaps
,
4061 struct ieee80211_ht_capabilities
*htcaps_mask
,
4064 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4066 set_disable_ht40(htcaps
, disabled
);
4067 set_disable_ht40(htcaps_mask
, 0);
4073 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4074 struct ieee80211_ht_capabilities
*htcaps
,
4075 struct ieee80211_ht_capabilities
*htcaps_mask
,
4078 /* Masking these out disables SGI */
4079 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4080 HT_CAP_INFO_SHORT_GI40MHZ
);
4082 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4085 htcaps
->ht_capabilities_info
&= ~msk
;
4087 htcaps
->ht_capabilities_info
|= msk
;
4089 htcaps_mask
->ht_capabilities_info
|= msk
;
4095 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4096 struct ieee80211_ht_capabilities
*htcaps
,
4097 struct ieee80211_ht_capabilities
*htcaps_mask
,
4100 /* Masking these out disables LDPC */
4101 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4103 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4106 htcaps
->ht_capabilities_info
&= ~msk
;
4108 htcaps
->ht_capabilities_info
|= msk
;
4110 htcaps_mask
->ht_capabilities_info
|= msk
;
4116 void wpa_supplicant_apply_ht_overrides(
4117 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4118 struct wpa_driver_associate_params
*params
)
4120 struct ieee80211_ht_capabilities
*htcaps
;
4121 struct ieee80211_ht_capabilities
*htcaps_mask
;
4126 params
->disable_ht
= ssid
->disable_ht
;
4127 if (!params
->htcaps
|| !params
->htcaps_mask
)
4130 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4131 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4132 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4133 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4134 ssid
->disable_max_amsdu
);
4135 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4136 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4137 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4138 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4139 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4141 if (ssid
->ht40_intolerant
) {
4142 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4143 htcaps
->ht_capabilities_info
|= bit
;
4144 htcaps_mask
->ht_capabilities_info
|= bit
;
4148 #endif /* CONFIG_HT_OVERRIDES */
4151 #ifdef CONFIG_VHT_OVERRIDES
4152 void wpa_supplicant_apply_vht_overrides(
4153 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4154 struct wpa_driver_associate_params
*params
)
4156 struct ieee80211_vht_capabilities
*vhtcaps
;
4157 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4162 params
->disable_vht
= ssid
->disable_vht
;
4164 vhtcaps
= (void *) params
->vhtcaps
;
4165 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4167 if (!vhtcaps
|| !vhtcaps_mask
)
4170 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4171 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4173 #ifdef CONFIG_HT_OVERRIDES
4174 /* if max ampdu is <= 3, we have to make the HT cap the same */
4175 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4178 max_ampdu
= (ssid
->vht_capa
&
4179 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4180 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4182 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4183 wpa_set_ampdu_factor(wpa_s
,
4184 (void *) params
->htcaps
,
4185 (void *) params
->htcaps_mask
,
4188 #endif /* CONFIG_HT_OVERRIDES */
4190 #define OVERRIDE_MCS(i) \
4191 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4192 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4193 host_to_le16(3 << 2 * (i - 1)); \
4194 vhtcaps->vht_supported_mcs_set.tx_map |= \
4195 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4198 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4199 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4200 host_to_le16(3 << 2 * (i - 1)); \
4201 vhtcaps->vht_supported_mcs_set.rx_map |= \
4202 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4215 #endif /* CONFIG_VHT_OVERRIDES */
4218 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4223 if (!wpa_s
->conf
->pcsc_reader
)
4226 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4230 if (wpa_s
->conf
->pcsc_pin
&&
4231 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4232 scard_deinit(wpa_s
->scard
);
4233 wpa_s
->scard
= NULL
;
4234 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4238 len
= sizeof(wpa_s
->imsi
) - 1;
4239 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4240 scard_deinit(wpa_s
->scard
);
4241 wpa_s
->scard
= NULL
;
4242 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4245 wpa_s
->imsi
[len
] = '\0';
4247 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4249 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4250 wpa_s
->imsi
, wpa_s
->mnc_len
);
4252 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4253 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4254 #endif /* PCSC_FUNCS */
4260 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4264 ext_password_deinit(wpa_s
->ext_pw
);
4265 wpa_s
->ext_pw
= NULL
;
4266 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4268 if (!wpa_s
->conf
->ext_password_backend
)
4271 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4274 pos
= os_strchr(val
, ':');
4278 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4280 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4282 if (wpa_s
->ext_pw
== NULL
) {
4283 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4286 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4294 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4296 struct wpa_supplicant
*wpa_s
= ctx
;
4298 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4299 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4303 static void wpas_fst_get_channel_info_cb(void *ctx
,
4304 enum hostapd_hw_mode
*hw_mode
,
4307 struct wpa_supplicant
*wpa_s
= ctx
;
4309 if (wpa_s
->current_bss
) {
4310 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4312 } else if (wpa_s
->hw
.num_modes
) {
4313 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4321 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4323 struct wpa_supplicant
*wpa_s
= ctx
;
4325 *modes
= wpa_s
->hw
.modes
;
4326 return wpa_s
->hw
.num_modes
;
4330 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4332 struct wpa_supplicant
*wpa_s
= ctx
;
4334 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4335 wpa_s
->fst_ies
= fst_ies
;
4339 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4341 struct wpa_supplicant
*wpa_s
= ctx
;
4343 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4344 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4345 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4348 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4349 wpa_s
->own_addr
, wpa_s
->bssid
,
4350 wpabuf_head(data
), wpabuf_len(data
),
4355 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4357 struct wpa_supplicant
*wpa_s
= ctx
;
4359 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4360 return wpa_s
->received_mb_ies
;
4364 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4365 const u8
*buf
, size_t size
)
4367 struct wpa_supplicant
*wpa_s
= ctx
;
4368 struct mb_ies_info info
;
4370 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4372 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4373 wpabuf_free(wpa_s
->received_mb_ies
);
4374 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4379 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4380 struct fst_get_peer_ctx
**get_ctx
,
4383 struct wpa_supplicant
*wpa_s
= ctx
;
4386 if (!is_zero_ether_addr(wpa_s
->bssid
))
4387 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4388 wpa_s
->bssid
: NULL
;
4393 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4394 struct fst_get_peer_ctx
**get_ctx
,
4400 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4401 struct fst_wpa_obj
*iface_obj
)
4403 iface_obj
->ctx
= wpa_s
;
4404 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4405 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4406 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4407 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4408 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4409 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4410 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4411 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4412 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4414 #endif /* CONFIG_FST */
4416 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4417 const struct wpa_driver_capa
*capa
)
4419 struct wowlan_triggers
*triggers
;
4422 if (!wpa_s
->conf
->wowlan_triggers
)
4425 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4427 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4434 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4437 return BAND_2_4_GHZ
;
4444 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4447 unsigned int band
= 0;
4450 /* freqs are specified for the radio work */
4451 for (i
= 0; freqs
[i
]; i
++)
4452 band
|= wpas_freq_to_band(freqs
[i
]);
4455 * freqs are not specified, implies all
4456 * the supported freqs by HW
4458 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4459 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4460 if (wpa_s
->hw
.modes
[i
].mode
==
4461 HOSTAPD_MODE_IEEE80211B
||
4462 wpa_s
->hw
.modes
[i
].mode
==
4463 HOSTAPD_MODE_IEEE80211G
)
4464 band
|= BAND_2_4_GHZ
;
4465 else if (wpa_s
->hw
.modes
[i
].mode
==
4466 HOSTAPD_MODE_IEEE80211A
)
4468 else if (wpa_s
->hw
.modes
[i
].mode
==
4469 HOSTAPD_MODE_IEEE80211AD
)
4470 band
|= BAND_60_GHZ
;
4471 else if (wpa_s
->hw
.modes
[i
].mode
==
4472 HOSTAPD_MODE_IEEE80211ANY
)
4473 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4483 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4486 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4487 struct wpa_radio
*radio
;
4489 while (rn
&& iface
) {
4490 radio
= iface
->radio
;
4491 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4492 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4494 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4498 iface
= iface
->next
;
4501 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4502 wpa_s
->ifname
, rn
? rn
: "N/A");
4503 radio
= os_zalloc(sizeof(*radio
));
4508 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4509 dl_list_init(&radio
->ifaces
);
4510 dl_list_init(&radio
->work
);
4511 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4517 static void radio_work_free(struct wpa_radio_work
*work
)
4519 if (work
->wpa_s
->scan_work
== work
) {
4520 /* This should not really happen. */
4521 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4522 work
->type
, work
, work
->started
);
4523 work
->wpa_s
->scan_work
= NULL
;
4527 if (work
->wpa_s
->p2p_scan_work
== work
) {
4528 /* This should not really happen. */
4529 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4530 work
->type
, work
, work
->started
);
4531 work
->wpa_s
->p2p_scan_work
= NULL
;
4533 #endif /* CONFIG_P2P */
4535 if (work
->started
) {
4536 work
->wpa_s
->radio
->num_active_works
--;
4537 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4538 "radio_work_free('%s'@%p: num_active_works --> %u",
4540 work
->wpa_s
->radio
->num_active_works
);
4543 dl_list_del(&work
->list
);
4548 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4550 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4551 os_strcmp(work
->type
, "connect") == 0;
4555 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4557 return os_strcmp(work
->type
, "scan") == 0 ||
4558 os_strcmp(work
->type
, "p2p-scan") == 0;
4562 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4564 struct wpa_radio_work
*active_work
= NULL
;
4565 struct wpa_radio_work
*tmp
;
4567 /* Get the active work to know the type and band. */
4568 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4576 /* No active work, start one */
4577 radio
->num_active_works
= 0;
4578 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4580 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4581 radio
->external_scan_running
&&
4582 (((struct wpa_driver_scan_params
*)
4583 tmp
->ctx
)->only_new_results
||
4584 tmp
->wpa_s
->clear_driver_scan_cache
))
4591 if (radio_work_is_connect(active_work
)) {
4593 * If the active work is either connect or sme-connect,
4594 * do not parallelize them with other radio works.
4596 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4597 "Do not parallelize radio work with %s",
4602 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4607 * If connect or sme-connect are enqueued, parallelize only
4608 * those operations ahead of them in the queue.
4610 if (radio_work_is_connect(tmp
))
4613 /* Serialize parallel scan and p2p_scan operations on the same
4614 * interface since the driver_nl80211 mechanism for tracking
4615 * scan cookies does not yet have support for this. */
4616 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4617 radio_work_is_scan(active_work
) &&
4618 radio_work_is_scan(tmp
)) {
4619 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4620 "Do not start work '%s' when another work '%s' is already scheduled",
4621 tmp
->type
, active_work
->type
);
4625 * Check that the radio works are distinct and
4626 * on different bands.
4628 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
4629 (active_work
->bands
!= tmp
->bands
)) {
4631 * If a scan has to be scheduled through nl80211 scan
4632 * interface and if an external scan is already running,
4633 * do not schedule the scan since it is likely to get
4634 * rejected by kernel.
4636 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4637 radio
->external_scan_running
&&
4638 (((struct wpa_driver_scan_params
*)
4639 tmp
->ctx
)->only_new_results
||
4640 tmp
->wpa_s
->clear_driver_scan_cache
))
4643 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4644 "active_work:%s new_work:%s",
4645 active_work
->type
, tmp
->type
);
4650 /* Did not find a radio work to schedule in parallel. */
4655 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
4657 struct wpa_radio
*radio
= eloop_ctx
;
4658 struct wpa_radio_work
*work
;
4659 struct os_reltime now
, diff
;
4660 struct wpa_supplicant
*wpa_s
;
4662 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
4664 radio
->num_active_works
= 0;
4668 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
4672 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
4674 return; /* already started and still in progress */
4676 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
4677 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
4682 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4683 /* get the work to schedule next */
4684 work
= radio_work_get_next_work(radio
);
4690 wpa_s
= work
->wpa_s
;
4691 os_get_reltime(&now
);
4692 os_reltime_sub(&now
, &work
->time
, &diff
);
4693 wpa_dbg(wpa_s
, MSG_DEBUG
,
4694 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4695 work
->type
, work
, diff
.sec
, diff
.usec
);
4698 radio
->num_active_works
++;
4702 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
4703 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
4704 radio_work_check_next(wpa_s
);
4709 * This function removes both started and pending radio works running on
4710 * the provided interface's radio.
4711 * Prior to the removal of the radio work, its callback (cb) is called with
4712 * deinit set to be 1. Each work's callback is responsible for clearing its
4713 * internal data and restoring to a correct state.
4714 * @wpa_s: wpa_supplicant data
4715 * @type: type of works to be removed
4716 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4717 * this interface's works.
4719 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
4720 const char *type
, int remove_all
)
4722 struct wpa_radio_work
*work
, *tmp
;
4723 struct wpa_radio
*radio
= wpa_s
->radio
;
4725 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
4727 if (type
&& os_strcmp(type
, work
->type
) != 0)
4730 /* skip other ifaces' works */
4731 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
4734 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
4735 work
->type
, work
, work
->started
? " (started)" : "");
4737 radio_work_free(work
);
4740 /* in case we removed the started work */
4741 radio_work_check_next(wpa_s
);
4745 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
4747 struct wpa_radio
*radio
= wpa_s
->radio
;
4752 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
4753 wpa_s
->ifname
, radio
->name
);
4754 dl_list_del(&wpa_s
->radio_list
);
4755 radio_remove_works(wpa_s
, NULL
, 0);
4756 wpa_s
->radio
= NULL
;
4757 if (!dl_list_empty(&radio
->ifaces
))
4758 return; /* Interfaces remain for this radio */
4760 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
4761 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4766 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
4768 struct wpa_radio
*radio
= wpa_s
->radio
;
4770 if (dl_list_empty(&radio
->work
))
4772 if (wpa_s
->ext_work_in_progress
) {
4773 wpa_printf(MSG_DEBUG
,
4774 "External radio work in progress - delay start of pending item");
4777 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4778 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
4783 * radio_add_work - Add a radio work item
4784 * @wpa_s: Pointer to wpa_supplicant data
4785 * @freq: Frequency of the offchannel operation in MHz or 0
4786 * @type: Unique identifier for each type of work
4787 * @next: Force as the next work to be executed
4788 * @cb: Callback function for indicating when radio is available
4789 * @ctx: Context pointer for the work (work->ctx in cb())
4790 * Returns: 0 on success, -1 on failure
4792 * This function is used to request time for an operation that requires
4793 * exclusive radio control. Once the radio is available, the registered callback
4794 * function will be called. radio_work_done() must be called once the exclusive
4795 * radio operation has been completed, so that the radio is freed for other
4796 * operations. The special case of deinit=1 is used to free the context data
4797 * during interface removal. That does not allow the callback function to start
4798 * the radio operation, i.e., it must free any resources allocated for the radio
4801 * The @freq parameter can be used to indicate a single channel on which the
4802 * offchannel operation will occur. This may allow multiple radio work
4803 * operations to be performed in parallel if they apply for the same channel.
4804 * Setting this to 0 indicates that the work item may use multiple channels or
4805 * requires exclusive control of the radio.
4807 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
4808 const char *type
, int next
,
4809 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
4812 struct wpa_radio
*radio
= wpa_s
->radio
;
4813 struct wpa_radio_work
*work
;
4816 work
= os_zalloc(sizeof(*work
));
4819 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
4820 os_get_reltime(&work
->time
);
4823 work
->wpa_s
= wpa_s
;
4828 work
->bands
= wpas_freq_to_band(freq
);
4829 else if (os_strcmp(type
, "scan") == 0 ||
4830 os_strcmp(type
, "p2p-scan") == 0)
4831 work
->bands
= wpas_get_bands(wpa_s
,
4832 ((struct wpa_driver_scan_params
*)
4835 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
4837 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
4839 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
4841 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
4843 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
4844 radio_work_check_next(wpa_s
);
4845 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
4846 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4847 wpa_dbg(wpa_s
, MSG_DEBUG
,
4848 "Try to schedule a radio work (num_active_works=%u)",
4849 radio
->num_active_works
);
4850 radio_work_check_next(wpa_s
);
4858 * radio_work_done - Indicate that a radio work item has been completed
4859 * @work: Completed work
4861 * This function is called once the callback function registered with
4862 * radio_add_work() has completed its work.
4864 void radio_work_done(struct wpa_radio_work
*work
)
4866 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
4867 struct os_reltime now
, diff
;
4868 unsigned int started
= work
->started
;
4870 os_get_reltime(&now
);
4871 os_reltime_sub(&now
, &work
->time
, &diff
);
4872 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4873 work
->type
, work
, started
? "done" : "canceled",
4874 diff
.sec
, diff
.usec
);
4875 radio_work_free(work
);
4877 radio_work_check_next(wpa_s
);
4881 struct wpa_radio_work
*
4882 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
4884 struct wpa_radio_work
*work
;
4885 struct wpa_radio
*radio
= wpa_s
->radio
;
4887 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
4888 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
4896 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
4897 struct wpa_interface
*iface
)
4899 const char *ifname
, *driver
, *rn
;
4901 driver
= iface
->driver
;
4903 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
4906 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
4907 if (wpa_s
->drv_priv
== NULL
) {
4909 pos
= driver
? os_strchr(driver
, ',') : NULL
;
4911 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
4912 "driver interface - try next driver wrapper");
4916 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
4920 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
4921 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
4922 "driver_param '%s'", wpa_s
->conf
->driver_param
);
4926 ifname
= wpa_drv_get_ifname(wpa_s
);
4927 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
4928 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
4929 "interface name with '%s'", ifname
);
4930 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
4933 rn
= wpa_driver_get_radio_name(wpa_s
);
4934 if (rn
&& rn
[0] == '\0')
4937 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
4938 if (wpa_s
->radio
== NULL
)
4945 #ifdef CONFIG_GAS_SERVER
4947 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
4948 unsigned int freq
, const u8
*dst
,
4949 const u8
*src
, const u8
*bssid
,
4950 const u8
*data
, size_t data_len
,
4951 enum offchannel_send_action_result result
)
4953 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
4956 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
4957 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
4959 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
4960 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
4964 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
4965 struct wpabuf
*buf
, unsigned int wait_time
)
4967 struct wpa_supplicant
*wpa_s
= ctx
;
4968 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
4970 if (wait_time
> wpa_s
->max_remain_on_chan
)
4971 wait_time
= wpa_s
->max_remain_on_chan
;
4973 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
4974 wpabuf_head(buf
), wpabuf_len(buf
),
4975 wait_time
, wpas_gas_server_tx_status
, 0);
4978 #endif /* CONFIG_GAS_SERVER */
4980 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
4981 struct wpa_interface
*iface
)
4983 struct wpa_driver_capa capa
;
4987 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
4988 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
4989 iface
->confname
? iface
->confname
: "N/A",
4990 iface
->driver
? iface
->driver
: "default",
4991 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
4992 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
4994 if (iface
->confname
) {
4995 #ifdef CONFIG_BACKEND_FILE
4996 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
4997 if (wpa_s
->confname
== NULL
) {
4998 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
4999 "for configuration file '%s'.",
5003 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5004 iface
->confname
, wpa_s
->confname
);
5005 #else /* CONFIG_BACKEND_FILE */
5006 wpa_s
->confname
= os_strdup(iface
->confname
);
5007 #endif /* CONFIG_BACKEND_FILE */
5008 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5009 if (wpa_s
->conf
== NULL
) {
5010 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5011 "configuration '%s'.", wpa_s
->confname
);
5014 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5015 wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
);
5018 * Override ctrl_interface and driver_param if set on command
5021 if (iface
->ctrl_interface
) {
5022 os_free(wpa_s
->conf
->ctrl_interface
);
5023 wpa_s
->conf
->ctrl_interface
=
5024 os_strdup(iface
->ctrl_interface
);
5027 if (iface
->driver_param
) {
5028 os_free(wpa_s
->conf
->driver_param
);
5029 wpa_s
->conf
->driver_param
=
5030 os_strdup(iface
->driver_param
);
5033 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5034 os_free(wpa_s
->conf
->ctrl_interface
);
5035 wpa_s
->conf
->ctrl_interface
= NULL
;
5038 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5039 iface
->driver_param
);
5041 if (wpa_s
->conf
== NULL
) {
5042 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5046 if (iface
->ifname
== NULL
) {
5047 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5050 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5051 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5055 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5057 if (iface
->bridge_ifname
) {
5058 if (os_strlen(iface
->bridge_ifname
) >=
5059 sizeof(wpa_s
->bridge_ifname
)) {
5060 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5061 "name '%s'.", iface
->bridge_ifname
);
5064 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5065 sizeof(wpa_s
->bridge_ifname
));
5068 /* RSNA Supplicant Key Management - INITIALIZE */
5069 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5070 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5072 /* Initialize driver interface and register driver event handler before
5073 * L2 receive handler so that association events are processed before
5074 * EAPOL-Key packets if both become available for the same select()
5076 if (wpas_init_driver(wpa_s
, iface
) < 0)
5079 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5082 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5083 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5085 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5087 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5088 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5089 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5090 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5091 "dot11RSNAConfigPMKLifetime");
5095 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5096 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5097 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5098 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5099 "dot11RSNAConfigPMKReauthThreshold");
5103 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5104 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5105 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5106 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5107 "dot11RSNAConfigSATimeout");
5111 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5112 &wpa_s
->hw
.num_modes
,
5115 if (wpa_s
->hw
.modes
) {
5118 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5119 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5120 wpa_s
->hw_capab
= CAPAB_VHT
;
5124 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5125 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5126 wpa_s
->hw_capab
= CAPAB_HT40
;
5127 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5128 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5129 wpa_s
->hw_capab
= CAPAB_HT
;
5133 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5134 if (capa_res
== 0) {
5135 wpa_s
->drv_capa_known
= 1;
5136 wpa_s
->drv_flags
= capa
.flags
;
5137 wpa_s
->drv_enc
= capa
.enc
;
5138 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5139 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5140 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5141 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5142 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5143 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5144 wpa_s
->max_sched_scan_plan_interval
=
5145 capa
.max_sched_scan_plan_interval
;
5146 wpa_s
->max_sched_scan_plan_iterations
=
5147 capa
.max_sched_scan_plan_iterations
;
5148 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5149 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5150 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5151 wpa_s
->max_stations
= capa
.max_stations
;
5152 wpa_s
->extended_capa
= capa
.extended_capa
;
5153 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5154 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5155 wpa_s
->num_multichan_concurrent
=
5156 capa
.num_multichan_concurrent
;
5157 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5159 if (capa
.mac_addr_rand_scan_supported
)
5160 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5161 if (wpa_s
->sched_scan_supported
&&
5162 capa
.mac_addr_rand_sched_scan_supported
)
5163 wpa_s
->mac_addr_rand_supported
|=
5164 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5166 if (wpa_s
->max_remain_on_chan
== 0)
5167 wpa_s
->max_remain_on_chan
= 1000;
5170 * Only take p2p_mgmt parameters when P2P Device is supported.
5171 * Doing it here as it determines whether l2_packet_init() will be done
5172 * during wpa_supplicant_driver_init().
5174 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5175 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5177 iface
->p2p_mgmt
= 1;
5179 if (wpa_s
->num_multichan_concurrent
== 0)
5180 wpa_s
->num_multichan_concurrent
= 1;
5182 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5186 if ((!iface
->p2p_mgmt
||
5187 !(wpa_s
->drv_flags
&
5188 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
5189 wpa_tdls_init(wpa_s
->wpa
))
5191 #endif /* CONFIG_TDLS */
5193 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5194 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5195 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5200 if (wpa_s
->conf
->fst_group_id
) {
5201 struct fst_iface_cfg cfg
;
5202 struct fst_wpa_obj iface_obj
;
5204 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5205 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5206 sizeof(cfg
.group_id
));
5207 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5208 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5210 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5213 wpa_msg(wpa_s
, MSG_ERROR
,
5214 "FST: Cannot attach iface %s to group %s",
5215 wpa_s
->ifname
, cfg
.group_id
);
5219 #endif /* CONFIG_FST */
5221 if (wpas_wps_init(wpa_s
))
5224 #ifdef CONFIG_GAS_SERVER
5225 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5226 if (!wpa_s
->gas_server
) {
5227 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5230 #endif /* CONFIG_GAS_SERVER */
5233 if (wpas_dpp_init(wpa_s
) < 0)
5235 #endif /* CONFIG_DPP */
5237 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5239 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5241 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5242 if (wpa_s
->ctrl_iface
== NULL
) {
5243 wpa_printf(MSG_ERROR
,
5244 "Failed to initialize control interface '%s'.\n"
5245 "You may have another wpa_supplicant process "
5246 "already running or the file was\n"
5247 "left by an unclean termination of wpa_supplicant "
5248 "in which case you will need\n"
5249 "to manually remove this file before starting "
5250 "wpa_supplicant again.\n",
5251 wpa_s
->conf
->ctrl_interface
);
5255 wpa_s
->gas
= gas_query_init(wpa_s
);
5256 if (wpa_s
->gas
== NULL
) {
5257 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5261 if (iface
->p2p_mgmt
&& wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5262 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5266 if (wpa_bss_init(wpa_s
) < 0)
5269 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5271 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5272 #endif /* CONFIG_MESH */
5273 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5276 * Set Wake-on-WLAN triggers, if configured.
5277 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5278 * have effect anyway when the interface is down).
5280 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5283 #ifdef CONFIG_EAP_PROXY
5286 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5288 if (wpa_s
->mnc_len
> 0) {
5289 wpa_s
->imsi
[len
] = '\0';
5290 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5291 wpa_s
->imsi
, wpa_s
->mnc_len
);
5293 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5296 #endif /* CONFIG_EAP_PROXY */
5298 if (pcsc_reader_init(wpa_s
) < 0)
5301 if (wpas_init_ext_pw(wpa_s
) < 0)
5304 wpas_rrm_reset(wpa_s
);
5306 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5310 #endif /* CONFIG_HS20 */
5312 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5313 #endif /* CONFIG_MBO */
5315 wpa_supplicant_set_default_scan_ies(wpa_s
);
5321 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5322 int notify
, int terminate
)
5324 struct wpa_global
*global
= wpa_s
->global
;
5325 struct wpa_supplicant
*iface
, *prev
;
5327 if (wpa_s
== wpa_s
->parent
)
5328 wpas_p2p_group_remove(wpa_s
, "*");
5330 iface
= global
->ifaces
;
5332 if (iface
->p2pdev
== wpa_s
)
5333 iface
->p2pdev
= iface
->parent
;
5334 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5335 iface
= iface
->next
;
5338 wpa_printf(MSG_DEBUG
,
5339 "Remove remaining child interface %s from parent %s",
5340 iface
->ifname
, wpa_s
->ifname
);
5342 iface
= iface
->next
;
5343 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5346 wpa_s
->disconnected
= 1;
5347 if (wpa_s
->drv_priv
) {
5348 wpa_supplicant_deauthenticate(wpa_s
,
5349 WLAN_REASON_DEAUTH_LEAVING
);
5351 wpa_drv_set_countermeasures(wpa_s
, 0);
5352 wpa_clear_keys(wpa_s
, NULL
);
5355 wpa_supplicant_cleanup(wpa_s
);
5356 wpas_p2p_deinit_iface(wpa_s
);
5358 wpas_ctrl_radio_work_flush(wpa_s
);
5359 radio_remove_interface(wpa_s
);
5363 fst_detach(wpa_s
->fst
);
5366 if (wpa_s
->received_mb_ies
) {
5367 wpabuf_free(wpa_s
->received_mb_ies
);
5368 wpa_s
->received_mb_ies
= NULL
;
5370 #endif /* CONFIG_FST */
5372 if (wpa_s
->drv_priv
)
5373 wpa_drv_deinit(wpa_s
);
5376 wpas_notify_iface_removed(wpa_s
);
5379 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5381 if (wpa_s
->ctrl_iface
) {
5382 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5383 wpa_s
->ctrl_iface
= NULL
;
5388 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5389 wpa_s
->ifmsh
= NULL
;
5391 #endif /* CONFIG_MESH */
5393 if (wpa_s
->conf
!= NULL
) {
5394 wpa_config_free(wpa_s
->conf
);
5398 os_free(wpa_s
->ssids_from_scan_req
);
5404 #ifdef CONFIG_MATCH_IFACE
5407 * wpa_supplicant_match_iface - Match an interface description to a name
5408 * @global: Pointer to global data from wpa_supplicant_init()
5409 * @ifname: Name of the interface to match
5410 * Returns: Pointer to the created interface description or %NULL on failure
5412 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5416 struct wpa_interface
*iface
, *miface
;
5418 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5419 miface
= &global
->params
.match_ifaces
[i
];
5420 if (!miface
->ifname
||
5421 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5422 iface
= os_zalloc(sizeof(*iface
));
5426 iface
->ifname
= ifname
;
5436 * wpa_supplicant_match_existing - Match existing interfaces
5437 * @global: Pointer to global data from wpa_supplicant_init()
5438 * Returns: 0 on success, -1 on failure
5440 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5442 struct if_nameindex
*ifi
, *ifp
;
5443 struct wpa_supplicant
*wpa_s
;
5444 struct wpa_interface
*iface
;
5446 ifp
= if_nameindex();
5448 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5452 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5453 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5456 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5458 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5465 if_freenameindex(ifp
);
5469 #endif /* CONFIG_MATCH_IFACE */
5473 * wpa_supplicant_add_iface - Add a new network interface
5474 * @global: Pointer to global data from wpa_supplicant_init()
5475 * @iface: Interface configuration options
5476 * @parent: Parent interface or %NULL to assign new interface as parent
5477 * Returns: Pointer to the created interface or %NULL on failure
5479 * This function is used to add new network interfaces for %wpa_supplicant.
5480 * This can be called before wpa_supplicant_run() to add interfaces before the
5481 * main event loop has been started. In addition, new interfaces can be added
5482 * dynamically while %wpa_supplicant is already running. This could happen,
5483 * e.g., when a hotplug network adapter is inserted.
5485 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5486 struct wpa_interface
*iface
,
5487 struct wpa_supplicant
*parent
)
5489 struct wpa_supplicant
*wpa_s
;
5490 struct wpa_interface t_iface
;
5491 struct wpa_ssid
*ssid
;
5493 if (global
== NULL
|| iface
== NULL
)
5496 wpa_s
= wpa_supplicant_alloc(parent
);
5500 wpa_s
->global
= global
;
5503 if (global
->params
.override_driver
) {
5504 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5506 iface
->driver
, global
->params
.override_driver
);
5507 t_iface
.driver
= global
->params
.override_driver
;
5509 if (global
->params
.override_ctrl_interface
) {
5510 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5511 "ctrl_interface ('%s' -> '%s')",
5512 iface
->ctrl_interface
,
5513 global
->params
.override_ctrl_interface
);
5514 t_iface
.ctrl_interface
=
5515 global
->params
.override_ctrl_interface
;
5517 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5518 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5520 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5524 if (iface
->p2p_mgmt
== 0) {
5525 /* Notify the control interfaces about new iface */
5526 if (wpas_notify_iface_added(wpa_s
)) {
5527 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5531 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5532 wpas_notify_network_added(wpa_s
, ssid
);
5535 wpa_s
->next
= global
->ifaces
;
5536 global
->ifaces
= wpa_s
;
5538 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5539 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5542 if (wpa_s
->global
->p2p
== NULL
&&
5543 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5544 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5545 wpas_p2p_add_p2pdev_interface(
5546 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5547 wpa_printf(MSG_INFO
,
5548 "P2P: Failed to enable P2P Device interface");
5549 /* Try to continue without. P2P will be disabled. */
5551 #endif /* CONFIG_P2P */
5558 * wpa_supplicant_remove_iface - Remove a network interface
5559 * @global: Pointer to global data from wpa_supplicant_init()
5560 * @wpa_s: Pointer to the network interface to be removed
5561 * Returns: 0 if interface was removed, -1 if interface was not found
5563 * This function can be used to dynamically remove network interfaces from
5564 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5565 * addition, this function is used to remove all remaining interfaces when
5566 * %wpa_supplicant is terminated.
5568 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5569 struct wpa_supplicant
*wpa_s
,
5572 struct wpa_supplicant
*prev
;
5574 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5575 char *ifname
= NULL
;
5576 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5577 #endif /* CONFIG_MESH */
5579 /* Remove interface from the global list of interfaces */
5580 prev
= global
->ifaces
;
5581 if (prev
== wpa_s
) {
5582 global
->ifaces
= wpa_s
->next
;
5584 while (prev
&& prev
->next
!= wpa_s
)
5588 prev
->next
= wpa_s
->next
;
5591 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
5594 if (mesh_if_created
) {
5595 ifname
= os_strdup(wpa_s
->ifname
);
5596 if (ifname
== NULL
) {
5597 wpa_dbg(wpa_s
, MSG_ERROR
,
5598 "mesh: Failed to malloc ifname");
5602 #endif /* CONFIG_MESH */
5604 if (global
->p2p_group_formation
== wpa_s
)
5605 global
->p2p_group_formation
= NULL
;
5606 if (global
->p2p_invite_group
== wpa_s
)
5607 global
->p2p_invite_group
= NULL
;
5608 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
5611 if (mesh_if_created
) {
5612 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
5615 #endif /* CONFIG_MESH */
5622 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5623 * @wpa_s: Pointer to the network interface
5624 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5626 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
5628 const char *eapol_method
;
5630 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
5631 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
5635 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
5636 if (eapol_method
== NULL
)
5637 return "UNKNOWN-EAP";
5639 return eapol_method
;
5644 * wpa_supplicant_get_iface - Get a new network interface
5645 * @global: Pointer to global data from wpa_supplicant_init()
5646 * @ifname: Interface name
5647 * Returns: Pointer to the interface or %NULL if not found
5649 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
5652 struct wpa_supplicant
*wpa_s
;
5654 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5655 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
5662 #ifndef CONFIG_NO_WPA_MSG
5663 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
5665 struct wpa_supplicant
*wpa_s
= ctx
;
5668 return wpa_s
->ifname
;
5670 #endif /* CONFIG_NO_WPA_MSG */
5673 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5674 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5675 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5677 /* Periodic cleanup tasks */
5678 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
5680 struct wpa_global
*global
= eloop_ctx
;
5681 struct wpa_supplicant
*wpa_s
;
5683 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5684 wpas_periodic
, global
, NULL
);
5688 p2p_expire_peers(global
->p2p
);
5689 #endif /* CONFIG_P2P */
5691 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5692 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
5695 #endif /* CONFIG_AP */
5701 * wpa_supplicant_init - Initialize %wpa_supplicant
5702 * @params: Parameters for %wpa_supplicant
5703 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5705 * This function is used to initialize %wpa_supplicant. After successful
5706 * initialization, the returned data pointer can be used to add and remove
5707 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5709 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
5711 struct wpa_global
*global
;
5717 #ifdef CONFIG_DRIVER_NDIS
5719 void driver_ndis_init_ops(void);
5720 driver_ndis_init_ops();
5722 #endif /* CONFIG_DRIVER_NDIS */
5724 #ifndef CONFIG_NO_WPA_MSG
5725 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
5726 #endif /* CONFIG_NO_WPA_MSG */
5728 if (params
->wpa_debug_file_path
)
5729 wpa_debug_open_file(params
->wpa_debug_file_path
);
5731 wpa_debug_setup_stdout();
5732 if (params
->wpa_debug_syslog
)
5733 wpa_debug_open_syslog();
5734 if (params
->wpa_debug_tracing
) {
5735 ret
= wpa_debug_open_linux_tracing();
5737 wpa_printf(MSG_ERROR
,
5738 "Failed to enable trace logging");
5743 ret
= eap_register_methods();
5745 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
5747 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
5748 "the same EAP type.");
5752 global
= os_zalloc(sizeof(*global
));
5755 dl_list_init(&global
->p2p_srv_bonjour
);
5756 dl_list_init(&global
->p2p_srv_upnp
);
5757 global
->params
.daemonize
= params
->daemonize
;
5758 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
5759 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
5760 if (params
->pid_file
)
5761 global
->params
.pid_file
= os_strdup(params
->pid_file
);
5762 if (params
->ctrl_interface
)
5763 global
->params
.ctrl_interface
=
5764 os_strdup(params
->ctrl_interface
);
5765 if (params
->ctrl_interface_group
)
5766 global
->params
.ctrl_interface_group
=
5767 os_strdup(params
->ctrl_interface_group
);
5768 if (params
->override_driver
)
5769 global
->params
.override_driver
=
5770 os_strdup(params
->override_driver
);
5771 if (params
->override_ctrl_interface
)
5772 global
->params
.override_ctrl_interface
=
5773 os_strdup(params
->override_ctrl_interface
);
5774 #ifdef CONFIG_MATCH_IFACE
5775 global
->params
.match_iface_count
= params
->match_iface_count
;
5776 if (params
->match_iface_count
) {
5777 global
->params
.match_ifaces
=
5778 os_calloc(params
->match_iface_count
,
5779 sizeof(struct wpa_interface
));
5780 os_memcpy(global
->params
.match_ifaces
,
5781 params
->match_ifaces
,
5782 params
->match_iface_count
*
5783 sizeof(struct wpa_interface
));
5785 #endif /* CONFIG_MATCH_IFACE */
5787 if (params
->conf_p2p_dev
)
5788 global
->params
.conf_p2p_dev
=
5789 os_strdup(params
->conf_p2p_dev
);
5790 #endif /* CONFIG_P2P */
5791 wpa_debug_level
= global
->params
.wpa_debug_level
=
5792 params
->wpa_debug_level
;
5793 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
5794 params
->wpa_debug_show_keys
;
5795 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
5796 params
->wpa_debug_timestamp
;
5798 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
5801 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
5802 wpa_supplicant_deinit(global
);
5806 random_init(params
->entropy_file
);
5808 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
5809 if (global
->ctrl_iface
== NULL
) {
5810 wpa_supplicant_deinit(global
);
5814 if (wpas_notify_supplicant_initialized(global
)) {
5815 wpa_supplicant_deinit(global
);
5819 for (i
= 0; wpa_drivers
[i
]; i
++)
5820 global
->drv_count
++;
5821 if (global
->drv_count
== 0) {
5822 wpa_printf(MSG_ERROR
, "No drivers enabled");
5823 wpa_supplicant_deinit(global
);
5826 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
5827 if (global
->drv_priv
== NULL
) {
5828 wpa_supplicant_deinit(global
);
5832 #ifdef CONFIG_WIFI_DISPLAY
5833 if (wifi_display_init(global
) < 0) {
5834 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
5835 wpa_supplicant_deinit(global
);
5838 #endif /* CONFIG_WIFI_DISPLAY */
5840 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5841 wpas_periodic
, global
, NULL
);
5848 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5849 * @global: Pointer to global data from wpa_supplicant_init()
5850 * Returns: 0 after successful event loop run, -1 on failure
5852 * This function starts the main event loop and continues running as long as
5853 * there are any remaining events. In most cases, this function is running as
5854 * long as the %wpa_supplicant process in still in use.
5856 int wpa_supplicant_run(struct wpa_global
*global
)
5858 struct wpa_supplicant
*wpa_s
;
5860 if (global
->params
.daemonize
&&
5861 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
5862 eloop_sock_requeue()))
5865 #ifdef CONFIG_MATCH_IFACE
5866 if (wpa_supplicant_match_existing(global
))
5870 if (global
->params
.wait_for_monitor
) {
5871 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
5872 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
5873 wpa_supplicant_ctrl_iface_wait(
5877 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
5878 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
5887 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5888 * @global: Pointer to global data from wpa_supplicant_init()
5890 * This function is called to deinitialize %wpa_supplicant and to free all
5891 * allocated resources. Remaining network interfaces will also be removed.
5893 void wpa_supplicant_deinit(struct wpa_global
*global
)
5900 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
5902 #ifdef CONFIG_WIFI_DISPLAY
5903 wifi_display_deinit(global
);
5904 #endif /* CONFIG_WIFI_DISPLAY */
5906 while (global
->ifaces
)
5907 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
5909 if (global
->ctrl_iface
)
5910 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
5912 wpas_notify_supplicant_deinitialized(global
);
5914 eap_peer_unregister_methods();
5916 eap_server_unregister_methods();
5917 #endif /* CONFIG_AP */
5919 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
5920 if (!global
->drv_priv
[i
])
5922 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
5924 os_free(global
->drv_priv
);
5930 if (global
->params
.pid_file
) {
5931 os_daemonize_terminate(global
->params
.pid_file
);
5932 os_free(global
->params
.pid_file
);
5934 os_free(global
->params
.ctrl_interface
);
5935 os_free(global
->params
.ctrl_interface_group
);
5936 os_free(global
->params
.override_driver
);
5937 os_free(global
->params
.override_ctrl_interface
);
5938 #ifdef CONFIG_MATCH_IFACE
5939 os_free(global
->params
.match_ifaces
);
5940 #endif /* CONFIG_MATCH_IFACE */
5942 os_free(global
->params
.conf_p2p_dev
);
5943 #endif /* CONFIG_P2P */
5945 os_free(global
->p2p_disallow_freq
.range
);
5946 os_free(global
->p2p_go_avoid_freq
.range
);
5947 os_free(global
->add_psk
);
5950 wpa_debug_close_syslog();
5951 wpa_debug_close_file();
5952 wpa_debug_close_linux_tracing();
5956 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
5958 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
5959 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
5961 country
[0] = wpa_s
->conf
->country
[0];
5962 country
[1] = wpa_s
->conf
->country
[1];
5964 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
5965 wpa_printf(MSG_ERROR
, "Failed to set country code "
5970 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
5971 wpas_init_ext_pw(wpa_s
);
5973 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
5974 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5977 wpas_wps_update_config(wpa_s
);
5978 #endif /* CONFIG_WPS */
5979 wpas_p2p_update_config(wpa_s
);
5980 wpa_s
->conf
->changed_parameters
= 0;
5984 void add_freq(int *freqs
, int *num_freqs
, int freq
)
5988 for (i
= 0; i
< *num_freqs
; i
++) {
5989 if (freqs
[i
] == freq
)
5993 freqs
[*num_freqs
] = freq
;
5998 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6000 struct wpa_bss
*bss
, *cbss
;
6001 const int max_freqs
= 10;
6005 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6009 cbss
= wpa_s
->current_bss
;
6011 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6014 if (bss
->ssid_len
== cbss
->ssid_len
&&
6015 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6016 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6017 add_freq(freqs
, &num_freqs
, bss
->freq
);
6018 if (num_freqs
== max_freqs
)
6023 if (num_freqs
== 0) {
6032 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6038 wpas_connect_work_done(wpa_s
);
6041 * Remove possible authentication timeout since the connection failed.
6043 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6046 * There is no point in blacklisting the AP if this event is
6047 * generated based on local request to disconnect.
6049 if (wpa_s
->own_disconnect_req
) {
6050 wpa_s
->own_disconnect_req
= 0;
6051 wpa_dbg(wpa_s
, MSG_DEBUG
,
6052 "Ignore connection failure due to local request to disconnect");
6055 if (wpa_s
->disconnected
) {
6056 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6057 "indication since interface has been put into "
6058 "disconnected state");
6063 * Add the failed BSSID into the blacklist and speed up next scan
6064 * attempt if there could be other APs that could accept association.
6065 * The current blacklist count indicates how many times we have tried
6066 * connecting to this AP and multiple attempts mean that other APs are
6067 * either not available or has already been tried, so that we can start
6068 * increasing the delay here to avoid constant scanning.
6070 count
= wpa_blacklist_add(wpa_s
, bssid
);
6071 if (count
== 1 && wpa_s
->current_bss
) {
6073 * This BSS was not in the blacklist before. If there is
6074 * another BSS available for the same ESS, we should try that
6075 * next. Otherwise, we may as well try this one once more
6076 * before allowing other, likely worse, ESSes to be considered.
6078 freqs
= get_bss_freqs_in_ess(wpa_s
);
6080 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6081 "has been seen; try it next");
6082 wpa_blacklist_add(wpa_s
, bssid
);
6084 * On the next scan, go through only the known channels
6085 * used in this ESS based on previous scans to speed up
6086 * common load balancing use case.
6088 os_free(wpa_s
->next_scan_freqs
);
6089 wpa_s
->next_scan_freqs
= freqs
;
6094 * Add previous failure count in case the temporary blacklist was
6095 * cleared due to no other BSSes being available.
6097 count
+= wpa_s
->extra_blacklist_count
;
6099 if (count
> 3 && wpa_s
->current_ssid
) {
6100 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6101 "consider temporary network disabling");
6102 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6123 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6124 "ms", count
, timeout
);
6127 * TODO: if more than one possible AP is available in scan results,
6128 * could try the other ones before requesting a new scan.
6130 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6131 1000 * (timeout
% 1000));
6135 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6137 return wpa_s
->conf
->ap_scan
== 2 ||
6138 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6142 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6143 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6144 struct wpa_ssid
*ssid
,
6148 #ifdef IEEE8021X_EAPOL
6149 struct eap_peer_config
*eap
= &ssid
->eap
;
6151 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6152 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6153 (const u8
*) value
, os_strlen(value
));
6155 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6156 case WPA_CTRL_REQ_EAP_IDENTITY
:
6157 os_free(eap
->identity
);
6158 eap
->identity
= (u8
*) os_strdup(value
);
6159 eap
->identity_len
= os_strlen(value
);
6160 eap
->pending_req_identity
= 0;
6161 if (ssid
== wpa_s
->current_ssid
)
6162 wpa_s
->reassociate
= 1;
6164 case WPA_CTRL_REQ_EAP_PASSWORD
:
6165 bin_clear_free(eap
->password
, eap
->password_len
);
6166 eap
->password
= (u8
*) os_strdup(value
);
6167 eap
->password_len
= os_strlen(value
);
6168 eap
->pending_req_password
= 0;
6169 if (ssid
== wpa_s
->current_ssid
)
6170 wpa_s
->reassociate
= 1;
6172 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6173 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6174 eap
->new_password
= (u8
*) os_strdup(value
);
6175 eap
->new_password_len
= os_strlen(value
);
6176 eap
->pending_req_new_password
= 0;
6177 if (ssid
== wpa_s
->current_ssid
)
6178 wpa_s
->reassociate
= 1;
6180 case WPA_CTRL_REQ_EAP_PIN
:
6181 str_clear_free(eap
->pin
);
6182 eap
->pin
= os_strdup(value
);
6183 eap
->pending_req_pin
= 0;
6184 if (ssid
== wpa_s
->current_ssid
)
6185 wpa_s
->reassociate
= 1;
6187 case WPA_CTRL_REQ_EAP_OTP
:
6188 bin_clear_free(eap
->otp
, eap
->otp_len
);
6189 eap
->otp
= (u8
*) os_strdup(value
);
6190 eap
->otp_len
= os_strlen(value
);
6191 os_free(eap
->pending_req_otp
);
6192 eap
->pending_req_otp
= NULL
;
6193 eap
->pending_req_otp_len
= 0;
6195 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6196 str_clear_free(eap
->private_key_passwd
);
6197 eap
->private_key_passwd
= os_strdup(value
);
6198 eap
->pending_req_passphrase
= 0;
6199 if (ssid
== wpa_s
->current_ssid
)
6200 wpa_s
->reassociate
= 1;
6202 case WPA_CTRL_REQ_SIM
:
6203 str_clear_free(eap
->external_sim_resp
);
6204 eap
->external_sim_resp
= os_strdup(value
);
6205 eap
->pending_req_sim
= 0;
6207 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6208 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6210 ssid
->mem_only_psk
= 1;
6211 if (ssid
->passphrase
)
6212 wpa_config_update_psk(ssid
);
6213 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6214 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6216 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6217 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6219 if (os_strcmp(value
, "good") == 0)
6220 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6221 else if (os_strcmp(value
, "bad") == 0)
6222 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6227 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6232 #else /* IEEE8021X_EAPOL */
6233 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6235 #endif /* IEEE8021X_EAPOL */
6237 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6240 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6243 unsigned int drv_enc
;
6245 if (wpa_s
->p2p_mgmt
)
6246 return 1; /* no normal network profiles on p2p_mgmt interface */
6254 if (wpa_s
->drv_capa_known
)
6255 drv_enc
= wpa_s
->drv_enc
;
6257 drv_enc
= (unsigned int) -1;
6259 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6260 size_t len
= ssid
->wep_key_len
[i
];
6263 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6265 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6267 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6269 return 1; /* invalid WEP key */
6272 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6273 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6274 !ssid
->mem_only_psk
)
6281 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6283 #ifdef CONFIG_IEEE80211W
6284 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6285 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6286 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6288 * Driver does not support BIP -- ignore pmf=1 default
6289 * since the connection with PMF would fail and the
6290 * configuration does not require PMF to be enabled.
6292 return NO_MGMT_FRAME_PROTECTION
;
6297 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6298 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6300 * Do not use the default PMF value for non-RSN networks
6301 * since PMF is available only with RSN and pmf=2
6302 * configuration would otherwise prevent connections to
6303 * all open networks.
6305 return NO_MGMT_FRAME_PROTECTION
;
6308 return wpa_s
->conf
->pmf
;
6311 return ssid
->ieee80211w
;
6312 #else /* CONFIG_IEEE80211W */
6313 return NO_MGMT_FRAME_PROTECTION
;
6314 #endif /* CONFIG_IEEE80211W */
6318 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6320 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6322 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6328 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6330 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6332 struct os_reltime now
;
6335 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6340 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6343 ssid
->auth_failures
++;
6346 if (ssid
->p2p_group
&&
6347 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6349 * Skip the wait time since there is a short timeout on the
6350 * connection to a P2P group.
6354 #endif /* CONFIG_P2P */
6356 if (ssid
->auth_failures
> 50)
6358 else if (ssid
->auth_failures
> 10)
6360 else if (ssid
->auth_failures
> 5)
6362 else if (ssid
->auth_failures
> 3)
6364 else if (ssid
->auth_failures
> 2)
6366 else if (ssid
->auth_failures
> 1)
6371 if (ssid
->auth_failures
> 1 &&
6372 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6373 dur
+= os_random() % (ssid
->auth_failures
* 10);
6375 os_get_reltime(&now
);
6376 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6379 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6381 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6382 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6383 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6384 ssid
->auth_failures
, dur
, reason
);
6388 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6389 struct wpa_ssid
*ssid
, int clear_failures
)
6394 if (ssid
->disabled_until
.sec
) {
6395 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6396 "id=%d ssid=\"%s\"",
6397 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6399 ssid
->disabled_until
.sec
= 0;
6400 ssid
->disabled_until
.usec
= 0;
6402 ssid
->auth_failures
= 0;
6406 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6410 if (wpa_s
->disallow_aps_bssid
== NULL
)
6413 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6414 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6415 bssid
, ETH_ALEN
) == 0)
6423 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6428 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6431 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6432 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6433 if (ssid_len
== s
->ssid_len
&&
6434 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6443 * wpas_request_connection - Request a new connection
6444 * @wpa_s: Pointer to the network interface
6446 * This function is used to request a new connection to be found. It will mark
6447 * the interface to allow reassociation and request a new scan to find a
6448 * suitable network to connect to.
6450 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6452 wpa_s
->normal_scans
= 0;
6453 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6454 wpa_supplicant_reinit_autoscan(wpa_s
);
6455 wpa_s
->extra_blacklist_count
= 0;
6456 wpa_s
->disconnected
= 0;
6457 wpa_s
->reassociate
= 1;
6459 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6460 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6462 wpa_s
->reattach
= 0;
6467 * wpas_request_disconnection - Request disconnection
6468 * @wpa_s: Pointer to the network interface
6470 * This function is used to request disconnection from the currently connected
6471 * network. This will stop any ongoing scans and initiate deauthentication.
6473 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6476 wpa_s
->sme
.prev_bssid_set
= 0;
6477 #endif /* CONFIG_SME */
6478 wpa_s
->reassociate
= 0;
6479 wpa_s
->disconnected
= 1;
6480 wpa_supplicant_cancel_sched_scan(wpa_s
);
6481 wpa_supplicant_cancel_scan(wpa_s
);
6482 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6483 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6487 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6488 struct wpa_used_freq_data
*freqs_data
,
6493 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6495 for (i
= 0; i
< len
; i
++) {
6496 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6497 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6498 i
, cur
->freq
, cur
->flags
);
6504 * Find the operating frequencies of any of the virtual interfaces that
6505 * are using the same radio as the current interface, and in addition, get
6506 * information about the interface types that are using the frequency.
6508 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6509 struct wpa_used_freq_data
*freqs_data
,
6512 struct wpa_supplicant
*ifs
;
6515 unsigned int idx
= 0, i
;
6517 wpa_dbg(wpa_s
, MSG_DEBUG
,
6518 "Determining shared radio frequencies (max len %u)", len
);
6519 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6521 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6526 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6529 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6530 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6531 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6532 freq
= ifs
->current_ssid
->frequency
;
6533 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6534 freq
= ifs
->assoc_freq
;
6538 /* Hold only distinct freqs */
6539 for (i
= 0; i
< idx
; i
++)
6540 if (freqs_data
[i
].freq
== freq
)
6544 freqs_data
[idx
++].freq
= freq
;
6546 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6547 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6548 WPA_FREQ_USED_BY_P2P_CLIENT
:
6549 WPA_FREQ_USED_BY_INFRA_STATION
;
6553 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
6559 * Find the operating frequencies of any of the virtual interfaces that
6560 * are using the same radio as the current interface.
6562 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
6563 int *freq_array
, unsigned int len
)
6565 struct wpa_used_freq_data
*freqs_data
;
6568 os_memset(freq_array
, 0, sizeof(int) * len
);
6570 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
6574 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
6575 for (i
= 0; i
< num
; i
++)
6576 freq_array
[i
] = freqs_data
[i
].freq
;
6578 os_free(freqs_data
);
6584 struct wpa_supplicant
*
6585 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
6589 case VENDOR_ELEM_PROBE_REQ_P2P
:
6590 case VENDOR_ELEM_PROBE_RESP_P2P
:
6591 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
6592 case VENDOR_ELEM_BEACON_P2P_GO
:
6593 case VENDOR_ELEM_P2P_PD_REQ
:
6594 case VENDOR_ELEM_P2P_PD_RESP
:
6595 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
6596 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
6597 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
6598 case VENDOR_ELEM_P2P_INV_REQ
:
6599 case VENDOR_ELEM_P2P_INV_RESP
:
6600 case VENDOR_ELEM_P2P_ASSOC_REQ
:
6601 case VENDOR_ELEM_P2P_ASSOC_RESP
:
6602 return wpa_s
->p2pdev
;
6603 #endif /* CONFIG_P2P */
6610 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
6615 wpa_printf(MSG_DEBUG
, "Update vendor elements");
6617 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
6618 if (wpa_s
->vendor_elem
[i
]) {
6621 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
6622 if (!os_snprintf_error(sizeof(buf
), res
)) {
6623 wpa_hexdump_buf(MSG_DEBUG
, buf
,
6624 wpa_s
->vendor_elem
[i
]);
6630 if (wpa_s
->parent
== wpa_s
&&
6631 wpa_s
->global
->p2p
&&
6632 !wpa_s
->global
->p2p_disabled
)
6633 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
6634 #endif /* CONFIG_P2P */
6638 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
6639 const u8
*elem
, size_t len
)
6643 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
6644 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
6646 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
6649 if (os_memcmp(ie
, elem
, len
) != 0)
6652 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
6653 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
6654 wpa_s
->vendor_elem
[frame
] = NULL
;
6656 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
6657 wpa_s
->vendor_elem
[frame
]->used
-= len
;
6659 wpas_vendor_elem_update(wpa_s
);
6667 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
6668 u16 num_modes
, enum hostapd_hw_mode mode
)
6672 for (i
= 0; i
< num_modes
; i
++) {
6673 if (modes
[i
].mode
== mode
)
6682 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
6685 struct wpa_bss_tmp_disallowed
*bss
;
6687 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
6688 struct wpa_bss_tmp_disallowed
, list
) {
6689 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
6697 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
6700 struct wpa_bss_tmp_disallowed
*bss
;
6701 struct os_reltime until
;
6703 os_get_reltime(&until
);
6706 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
6708 bss
->disallowed_until
= until
;
6712 bss
= os_malloc(sizeof(*bss
));
6714 wpa_printf(MSG_DEBUG
,
6715 "Failed to allocate memory for temp disallow BSS");
6719 bss
->disallowed_until
= until
;
6720 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
6721 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
6725 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6727 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
6728 struct os_reltime now
, age
;
6730 os_get_reltime(&now
);
6732 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
6733 struct wpa_bss_tmp_disallowed
, list
) {
6734 if (!os_reltime_before(&now
, &tmp
->disallowed_until
)) {
6735 /* This BSS is not disallowed anymore */
6736 dl_list_del(&tmp
->list
);
6740 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {
6748 os_reltime_sub(&bss
->disallowed_until
, &now
, &age
);
6749 wpa_printf(MSG_DEBUG
,
6750 "BSS " MACSTR
" disabled for %ld.%0ld seconds",
6751 MAC2STR(bss
->bssid
), age
.sec
, age
.usec
);