3 * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
123 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
125 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
128 /* Configure default/group WEP keys for static WEP */
129 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
133 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
134 if (ssid
->wep_key_len
[i
] == 0)
138 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
139 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
140 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
147 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
148 struct wpa_ssid
*ssid
)
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
159 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
160 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
165 if (!ssid
->psk_set
) {
166 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
171 switch (wpa_s
->group_cipher
) {
172 case WPA_CIPHER_CCMP
:
173 os_memcpy(key
, ssid
->psk
, 16);
177 case WPA_CIPHER_GCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_TKIP
:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key
, ssid
->psk
, 16 + 8);
185 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
190 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s
->group_cipher
);
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
198 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
199 os_memset(key
, 0, sizeof(key
));
204 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
206 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
207 const u8
*bssid
= wpa_s
->bssid
;
208 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
209 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
210 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
211 bssid
= wpa_s
->pending_bssid
;
212 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
214 wpa_blacklist_add(wpa_s
, bssid
);
215 wpa_sm_notify_disassoc(wpa_s
->wpa
);
216 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
217 wpa_s
->reassociate
= 1;
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
223 wpa_supplicant_req_scan(wpa_s
, 1, 0);
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
233 * This function is used to schedule a timeout for the current authentication
236 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
239 if (wpa_s
->conf
->ap_scan
== 0 &&
240 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
243 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
244 "%d usec", sec
, usec
);
245 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
246 wpa_s
->last_auth_timeout_sec
= sec
;
247 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
256 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
258 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
261 wpa_dbg(wpa_s
, MSG_DEBUG
,
262 "Authentication timeout restart: %d sec", new_sec
);
263 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
264 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
278 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
280 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
281 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
282 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
283 os_free(wpa_s
->last_con_fail_realm
);
284 wpa_s
->last_con_fail_realm
= NULL
;
285 wpa_s
->last_con_fail_realm_len
= 0;
290 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
291 * @wpa_s: Pointer to wpa_supplicant data
293 * This function is used to configure EAPOL state machine based on the selected
294 * authentication mode.
296 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
298 #ifdef IEEE8021X_EAPOL
299 struct eapol_config eapol_conf
;
300 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
302 #ifdef CONFIG_IBSS_RSN
303 if (ssid
->mode
== WPAS_MODE_IBSS
&&
304 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
305 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
307 * RSN IBSS authentication is per-STA and we can disable the
308 * per-BSSID EAPOL authentication.
310 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
311 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
312 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
315 #endif /* CONFIG_IBSS_RSN */
317 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
318 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
321 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
322 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
324 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
326 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
327 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
328 eapol_conf
.accept_802_1x_keys
= 1;
329 eapol_conf
.required_keys
= 0;
330 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
331 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
333 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
334 eapol_conf
.required_keys
|=
335 EAPOL_REQUIRE_KEY_BROADCAST
;
338 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
339 eapol_conf
.required_keys
= 0;
341 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
342 eapol_conf
.workaround
= ssid
->eap_workaround
;
343 eapol_conf
.eap_disabled
=
344 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
345 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
346 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
347 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
350 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
351 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
352 if (wpa_s
->current_bss
) {
354 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
359 EAPOL_PEER_IS_WPS20_AP
;
364 #endif /* CONFIG_WPS */
366 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
369 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
370 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
372 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
373 #endif /* CONFIG_MACSEC */
374 #endif /* IEEE8021X_EAPOL */
379 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
380 * @wpa_s: Pointer to wpa_supplicant data
381 * @ssid: Configuration data for the network
383 * This function is used to configure WPA state machine and related parameters
384 * to a mode where WPA is not enabled. This is called as part of the
385 * authentication configuration when the selected network does not use WPA.
387 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
388 struct wpa_ssid
*ssid
)
392 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
393 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
394 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
397 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
398 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
399 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
400 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
401 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
402 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
403 wpa_s
->mgmt_group_cipher
= 0;
405 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
406 if (ssid
->wep_key_len
[i
] > 5) {
407 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
408 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
410 } else if (ssid
->wep_key_len
[i
] > 0) {
411 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
412 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
417 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
418 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
419 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
420 wpa_s
->pairwise_cipher
);
421 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
422 #ifdef CONFIG_IEEE80211W
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
424 wpa_s
->mgmt_group_cipher
);
425 #endif /* CONFIG_IEEE80211W */
427 pmksa_cache_clear_current(wpa_s
->wpa
);
431 void free_hw_features(struct wpa_supplicant
*wpa_s
)
434 if (wpa_s
->hw
.modes
== NULL
)
437 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
438 os_free(wpa_s
->hw
.modes
[i
].channels
);
439 os_free(wpa_s
->hw
.modes
[i
].rates
);
442 os_free(wpa_s
->hw
.modes
);
443 wpa_s
->hw
.modes
= NULL
;
447 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
449 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
451 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
452 struct wpa_bss_tmp_disallowed
, list
) {
453 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
454 dl_list_del(&bss
->list
);
460 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
462 struct fils_hlp_req
*req
;
464 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
466 dl_list_del(&req
->list
);
467 wpabuf_free(req
->pkt
);
473 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
477 bgscan_deinit(wpa_s
);
478 autoscan_deinit(wpa_s
);
479 scard_deinit(wpa_s
->scard
);
481 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
482 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
483 l2_packet_deinit(wpa_s
->l2
);
486 l2_packet_deinit(wpa_s
->l2_br
);
489 #ifdef CONFIG_TESTING_OPTIONS
490 l2_packet_deinit(wpa_s
->l2_test
);
491 wpa_s
->l2_test
= NULL
;
492 os_free(wpa_s
->get_pref_freq_list_override
);
493 wpa_s
->get_pref_freq_list_override
= NULL
;
494 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
495 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
496 #endif /* CONFIG_TESTING_OPTIONS */
498 if (wpa_s
->conf
!= NULL
) {
499 struct wpa_ssid
*ssid
;
500 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
501 wpas_notify_network_removed(wpa_s
, ssid
);
504 os_free(wpa_s
->confname
);
505 wpa_s
->confname
= NULL
;
507 os_free(wpa_s
->confanother
);
508 wpa_s
->confanother
= NULL
;
510 os_free(wpa_s
->last_con_fail_realm
);
511 wpa_s
->last_con_fail_realm
= NULL
;
512 wpa_s
->last_con_fail_realm_len
= 0;
514 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
515 eapol_sm_deinit(wpa_s
->eapol
);
518 rsn_preauth_deinit(wpa_s
->wpa
);
521 wpa_tdls_deinit(wpa_s
->wpa
);
522 #endif /* CONFIG_TDLS */
524 wmm_ac_clear_saved_tspecs(wpa_s
);
525 pmksa_candidate_free(wpa_s
->wpa
);
526 wpa_sm_deinit(wpa_s
->wpa
);
528 wpa_blacklist_clear(wpa_s
);
530 wpa_bss_deinit(wpa_s
);
532 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
533 wpa_supplicant_cancel_scan(wpa_s
);
534 wpa_supplicant_cancel_auth_timeout(wpa_s
);
535 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
536 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
537 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
539 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
541 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
543 wpas_wps_deinit(wpa_s
);
545 wpabuf_free(wpa_s
->pending_eapol_rx
);
546 wpa_s
->pending_eapol_rx
= NULL
;
548 #ifdef CONFIG_IBSS_RSN
549 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
550 wpa_s
->ibss_rsn
= NULL
;
551 #endif /* CONFIG_IBSS_RSN */
556 wpa_supplicant_ap_deinit(wpa_s
);
557 #endif /* CONFIG_AP */
559 wpas_p2p_deinit(wpa_s
);
561 #ifdef CONFIG_OFFCHANNEL
562 offchannel_deinit(wpa_s
);
563 #endif /* CONFIG_OFFCHANNEL */
565 wpa_supplicant_cancel_sched_scan(wpa_s
);
567 os_free(wpa_s
->next_scan_freqs
);
568 wpa_s
->next_scan_freqs
= NULL
;
570 os_free(wpa_s
->manual_scan_freqs
);
571 wpa_s
->manual_scan_freqs
= NULL
;
572 os_free(wpa_s
->select_network_scan_freqs
);
573 wpa_s
->select_network_scan_freqs
= NULL
;
575 os_free(wpa_s
->manual_sched_scan_freqs
);
576 wpa_s
->manual_sched_scan_freqs
= NULL
;
578 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
581 * Need to remove any pending gas-query radio work before the
582 * gas_query_deinit() call because gas_query::work has not yet been set
583 * for works that have not been started. gas_query_free() will be unable
584 * to cancel such pending radio works and once the pending gas-query
585 * radio work eventually gets removed, the deinit notification call to
586 * gas_query_start_cb() would result in dereferencing freed memory.
589 radio_remove_works(wpa_s
, "gas-query", 0);
590 gas_query_deinit(wpa_s
->gas
);
592 gas_server_deinit(wpa_s
->gas_server
);
593 wpa_s
->gas_server
= NULL
;
595 free_hw_features(wpa_s
);
597 ieee802_1x_dealloc_kay_sm(wpa_s
);
599 os_free(wpa_s
->bssid_filter
);
600 wpa_s
->bssid_filter
= NULL
;
602 os_free(wpa_s
->disallow_aps_bssid
);
603 wpa_s
->disallow_aps_bssid
= NULL
;
604 os_free(wpa_s
->disallow_aps_ssid
);
605 wpa_s
->disallow_aps_ssid
= NULL
;
607 wnm_bss_keep_alive_deinit(wpa_s
);
609 wnm_deallocate_memory(wpa_s
);
610 #endif /* CONFIG_WNM */
612 ext_password_deinit(wpa_s
->ext_pw
);
613 wpa_s
->ext_pw
= NULL
;
615 wpabuf_free(wpa_s
->last_gas_resp
);
616 wpa_s
->last_gas_resp
= NULL
;
617 wpabuf_free(wpa_s
->prev_gas_resp
);
618 wpa_s
->prev_gas_resp
= NULL
;
620 os_free(wpa_s
->last_scan_res
);
621 wpa_s
->last_scan_res
= NULL
;
625 wpa_drv_configure_frame_filters(wpa_s
, 0);
627 #endif /* CONFIG_HS20 */
629 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
630 wpabuf_free(wpa_s
->vendor_elem
[i
]);
631 wpa_s
->vendor_elem
[i
] = NULL
;
634 wmm_ac_notify_disassoc(wpa_s
);
636 wpa_s
->sched_scan_plans_num
= 0;
637 os_free(wpa_s
->sched_scan_plans
);
638 wpa_s
->sched_scan_plans
= NULL
;
641 wpa_s
->non_pref_chan_num
= 0;
642 os_free(wpa_s
->non_pref_chan
);
643 wpa_s
->non_pref_chan
= NULL
;
644 #endif /* CONFIG_MBO */
646 free_bss_tmp_disallowed(wpa_s
);
648 wpabuf_free(wpa_s
->lci
);
650 wpas_clear_beacon_rep_data(wpa_s
);
652 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
655 struct external_pmksa_cache
*entry
;
657 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
658 struct external_pmksa_cache
,
660 dl_list_del(&entry
->list
);
661 os_free(entry
->pmksa_cache
);
665 #endif /* CONFIG_MESH */
666 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
668 wpas_flush_fils_hlp_req(wpa_s
);
670 wpabuf_free(wpa_s
->ric_ies
);
671 wpa_s
->ric_ies
= NULL
;
674 wpas_dpp_deinit(wpa_s
);
675 #endif /* CONFIG_DPP */
680 * wpa_clear_keys - Clear keys configured for the driver
681 * @wpa_s: Pointer to wpa_supplicant data
682 * @addr: Previously used BSSID or %NULL if not available
684 * This function clears the encryption keys that has been previously configured
687 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
691 #ifdef CONFIG_IEEE80211W
693 #else /* CONFIG_IEEE80211W */
695 #endif /* CONFIG_IEEE80211W */
697 /* MLME-DELETEKEYS.request */
698 for (i
= 0; i
< max
; i
++) {
699 if (wpa_s
->keys_cleared
& BIT(i
))
701 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
704 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
705 !is_zero_ether_addr(addr
)) {
706 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
708 /* MLME-SETPROTECTION.request(None) */
709 wpa_drv_mlme_setprotection(
711 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
712 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
714 wpa_s
->keys_cleared
= (u32
) -1;
719 * wpa_supplicant_state_txt - Get the connection state name as a text string
720 * @state: State (wpa_state; WPA_*)
721 * Returns: The state name as a printable text string
723 const char * wpa_supplicant_state_txt(enum wpa_states state
)
726 case WPA_DISCONNECTED
:
727 return "DISCONNECTED";
730 case WPA_INTERFACE_DISABLED
:
731 return "INTERFACE_DISABLED";
734 case WPA_AUTHENTICATING
:
735 return "AUTHENTICATING";
736 case WPA_ASSOCIATING
:
737 return "ASSOCIATING";
740 case WPA_4WAY_HANDSHAKE
:
741 return "4WAY_HANDSHAKE";
742 case WPA_GROUP_HANDSHAKE
:
743 return "GROUP_HANDSHAKE";
754 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
758 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
759 name
= wpa_s
->current_ssid
->bgscan
;
761 name
= wpa_s
->conf
->bgscan
;
762 if (name
== NULL
|| name
[0] == '\0')
764 if (wpas_driver_bss_selection(wpa_s
))
766 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
769 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
771 #endif /* CONFIG_P2P */
773 bgscan_deinit(wpa_s
);
774 if (wpa_s
->current_ssid
) {
775 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
776 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
779 * Live without bgscan; it is only used as a roaming
780 * optimization, so the initial connection is not
784 struct wpa_scan_results
*scan_res
;
785 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
786 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
789 bgscan_notify_scan(wpa_s
, scan_res
);
790 wpa_scan_results_free(scan_res
);
794 wpa_s
->bgscan_ssid
= NULL
;
798 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
800 if (wpa_s
->bgscan_ssid
!= NULL
) {
801 bgscan_deinit(wpa_s
);
802 wpa_s
->bgscan_ssid
= NULL
;
806 #endif /* CONFIG_BGSCAN */
809 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
811 if (autoscan_init(wpa_s
, 0))
812 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
816 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
818 autoscan_deinit(wpa_s
);
822 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
824 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
825 wpa_s
->wpa_state
== WPA_SCANNING
) {
826 autoscan_deinit(wpa_s
);
827 wpa_supplicant_start_autoscan(wpa_s
);
833 * wpa_supplicant_set_state - Set current connection state
834 * @wpa_s: Pointer to wpa_supplicant data
835 * @state: The new connection state
837 * This function is called whenever the connection state changes, e.g.,
838 * association is completed for WPA/WPA2 4-Way Handshake is started.
840 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
841 enum wpa_states state
)
843 enum wpa_states old_state
= wpa_s
->wpa_state
;
845 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
846 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
847 wpa_supplicant_state_txt(state
));
849 if (state
== WPA_INTERFACE_DISABLED
) {
850 /* Assure normal scan when interface is restored */
851 wpa_s
->normal_scans
= 0;
854 if (state
== WPA_COMPLETED
) {
855 wpas_connect_work_done(wpa_s
);
856 /* Reinitialize normal_scan counter */
857 wpa_s
->normal_scans
= 0;
862 * P2PS client has to reply to Probe Request frames received on the
863 * group operating channel. Enable Probe Request frame reporting for
864 * P2P connected client in case p2p_cli_probe configuration property is
867 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
868 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
869 wpa_s
->current_ssid
->p2p_group
) {
870 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
871 wpa_dbg(wpa_s
, MSG_DEBUG
,
872 "P2P: Enable CLI Probe Request RX reporting");
873 wpa_s
->p2p_cli_probe
=
874 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
875 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
876 wpa_dbg(wpa_s
, MSG_DEBUG
,
877 "P2P: Disable CLI Probe Request RX reporting");
878 wpa_s
->p2p_cli_probe
= 0;
879 wpa_drv_probe_req_report(wpa_s
, 0);
882 #endif /* CONFIG_P2P */
884 if (state
!= WPA_SCANNING
)
885 wpa_supplicant_notify_scanning(wpa_s
, 0);
887 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
888 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
889 int fils_hlp_sent
= 0;
892 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
893 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
895 #endif /* CONFIG_SME */
896 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
897 wpa_auth_alg_fils(wpa_s
->auth_alg
))
900 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
901 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
902 MACSTR
" completed [id=%d id_str=%s%s]",
903 MAC2STR(wpa_s
->bssid
),
904 ssid
? ssid
->id
: -1,
905 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
906 fils_hlp_sent
? " FILS_HLP_SENT" : "");
907 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
908 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
909 wpa_blacklist_clear(wpa_s
);
910 wpa_s
->extra_blacklist_count
= 0;
911 wpa_s
->new_connection
= 0;
912 wpa_drv_set_operstate(wpa_s
, 1);
913 #ifndef IEEE8021X_EAPOL
914 wpa_drv_set_supp_port(wpa_s
, 1);
915 #endif /* IEEE8021X_EAPOL */
916 wpa_s
->after_wps
= 0;
917 wpa_s
->known_wps_freq
= 0;
918 wpas_p2p_completed(wpa_s
);
920 sme_sched_obss_scan(wpa_s
, 1);
922 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
923 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
924 wpas_update_fils_connect_params(wpa_s
);
925 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
926 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
927 state
== WPA_ASSOCIATED
) {
928 wpa_s
->new_connection
= 1;
929 wpa_drv_set_operstate(wpa_s
, 0);
930 #ifndef IEEE8021X_EAPOL
931 wpa_drv_set_supp_port(wpa_s
, 0);
932 #endif /* IEEE8021X_EAPOL */
933 sme_sched_obss_scan(wpa_s
, 0);
935 wpa_s
->wpa_state
= state
;
938 if (state
== WPA_COMPLETED
)
939 wpa_supplicant_start_bgscan(wpa_s
);
940 else if (state
< WPA_ASSOCIATED
)
941 wpa_supplicant_stop_bgscan(wpa_s
);
942 #endif /* CONFIG_BGSCAN */
944 if (state
== WPA_AUTHENTICATING
)
945 wpa_supplicant_stop_autoscan(wpa_s
);
947 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
948 wpa_supplicant_start_autoscan(wpa_s
);
950 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
951 wmm_ac_notify_disassoc(wpa_s
);
953 if (wpa_s
->wpa_state
!= old_state
) {
954 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
957 * Notify the P2P Device interface about a state change in one
960 wpas_p2p_indicate_state_change(wpa_s
);
962 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
963 old_state
== WPA_COMPLETED
)
964 wpas_notify_auth_changed(wpa_s
);
969 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
973 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
975 struct wpa_supplicant
*next
= wpa_s
->next
;
976 if (wpas_wps_terminate_pending(wpa_s
) == 1)
979 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
980 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
981 wpas_p2p_disconnect(wpa_s
);
982 #endif /* CONFIG_P2P */
985 #endif /* CONFIG_WPS */
992 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
994 struct wpa_global
*global
= signal_ctx
;
995 wpa_supplicant_terminate_proc(global
);
999 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1001 enum wpa_states old_state
= wpa_s
->wpa_state
;
1003 wpa_s
->pairwise_cipher
= 0;
1004 wpa_s
->group_cipher
= 0;
1005 wpa_s
->mgmt_group_cipher
= 0;
1006 wpa_s
->key_mgmt
= 0;
1007 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1008 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1010 if (wpa_s
->wpa_state
!= old_state
)
1011 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1016 * wpa_supplicant_reload_configuration - Reload configuration data
1017 * @wpa_s: Pointer to wpa_supplicant data
1018 * Returns: 0 on success or -1 if configuration parsing failed
1020 * This function can be used to request that the configuration data is reloaded
1021 * (e.g., after configuration file change). This function is reloading
1022 * configuration only for one interface, so this may need to be called multiple
1023 * times if %wpa_supplicant is controlling multiple interfaces and all
1024 * interfaces need reconfiguration.
1026 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1028 struct wpa_config
*conf
;
1032 if (wpa_s
->confname
== NULL
)
1034 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1036 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1037 "file '%s' - exiting", wpa_s
->confname
);
1040 if (wpa_s
->confanother
&&
1041 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1042 wpa_msg(wpa_s
, MSG_ERROR
,
1043 "Failed to parse the configuration file '%s' - exiting",
1044 wpa_s
->confanother
);
1048 conf
->changed_parameters
= (unsigned int) -1;
1050 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1051 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1052 os_strcmp(conf
->ctrl_interface
,
1053 wpa_s
->conf
->ctrl_interface
) != 0);
1055 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1056 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1057 wpa_s
->ctrl_iface
= NULL
;
1060 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1061 if (wpa_s
->current_ssid
) {
1062 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1063 wpa_s
->own_disconnect_req
= 1;
1064 wpa_supplicant_deauthenticate(wpa_s
,
1065 WLAN_REASON_DEAUTH_LEAVING
);
1069 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1070 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1072 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1073 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1074 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1076 * Clear forced success to clear EAP state for next
1079 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1081 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1082 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1083 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1084 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1085 rsn_preauth_deinit(wpa_s
->wpa
);
1087 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1088 wpa_config_free(wpa_s
->conf
);
1090 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1091 wpas_notify_ap_scan_changed(wpa_s
);
1094 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1096 wpa_supplicant_update_config(wpa_s
);
1098 wpa_supplicant_clear_status(wpa_s
);
1099 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1100 wpa_s
->reassociate
= 1;
1101 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1103 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1108 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1110 struct wpa_global
*global
= signal_ctx
;
1111 struct wpa_supplicant
*wpa_s
;
1112 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1113 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1115 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1116 wpa_supplicant_terminate_proc(global
);
1120 if (wpa_debug_reopen_file() < 0) {
1121 /* Ignore errors since we cannot really do much to fix this */
1122 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1127 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1128 struct wpa_ssid
*ssid
,
1129 struct wpa_ie_data
*ie
)
1131 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1134 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1135 "from association info");
1140 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1142 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1143 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1144 "cipher 0x%x (mask 0x%x) - reject",
1145 ie
->group_cipher
, ssid
->group_cipher
);
1148 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1149 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1150 "cipher 0x%x (mask 0x%x) - reject",
1151 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1154 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1155 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1156 "management 0x%x (mask 0x%x) - reject",
1157 ie
->key_mgmt
, ssid
->key_mgmt
);
1161 #ifdef CONFIG_IEEE80211W
1162 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1163 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1164 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1165 "that does not support management frame protection - "
1169 #endif /* CONFIG_IEEE80211W */
1176 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1177 * @wpa_s: Pointer to wpa_supplicant data
1178 * @bss: Scan results for the selected BSS, or %NULL if not available
1179 * @ssid: Configuration data for the selected network
1180 * @wpa_ie: Buffer for the WPA/RSN IE
1181 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1182 * used buffer length in case the functions returns success.
1183 * Returns: 0 on success or -1 on failure
1185 * This function is used to configure authentication and encryption parameters
1186 * based on the network configuration and scan result for the selected BSS (if
1189 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1190 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1191 u8
*wpa_ie
, size_t *wpa_ie_len
)
1193 struct wpa_ie_data ie
;
1195 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1198 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1199 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1200 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1202 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1204 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1205 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1206 (ie
.group_cipher
& ssid
->group_cipher
) &&
1207 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1208 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1209 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1210 proto
= WPA_PROTO_RSN
;
1211 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1212 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1213 (ie
.group_cipher
& ssid
->group_cipher
) &&
1214 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1215 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1216 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1217 proto
= WPA_PROTO_WPA
;
1219 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1220 wpa_parse_wpa_ie(bss_osen
, 2 + bss_osen
[1], &ie
) == 0 &&
1221 (ie
.group_cipher
& ssid
->group_cipher
) &&
1222 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1223 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1224 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1225 proto
= WPA_PROTO_OSEN
;
1226 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1227 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1228 (ie
.group_cipher
& ssid
->group_cipher
) &&
1229 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1230 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1231 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1232 proto
= WPA_PROTO_RSN
;
1233 #endif /* CONFIG_HS20 */
1235 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1236 wpa_dbg(wpa_s
, MSG_DEBUG
,
1237 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1238 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1240 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1241 MAC2STR(bss
->bssid
),
1242 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1243 bss_wpa
? " WPA" : "",
1244 bss_rsn
? " RSN" : "",
1245 bss_osen
? " OSEN" : "");
1247 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1248 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1249 wpa_dbg(wpa_s
, MSG_DEBUG
,
1250 "Could not parse RSN element");
1252 wpa_dbg(wpa_s
, MSG_DEBUG
,
1253 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1254 ie
.pairwise_cipher
, ie
.group_cipher
,
1259 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1260 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1261 wpa_dbg(wpa_s
, MSG_DEBUG
,
1262 "Could not parse WPA element");
1264 wpa_dbg(wpa_s
, MSG_DEBUG
,
1265 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1266 ie
.pairwise_cipher
, ie
.group_cipher
,
1272 if (ssid
->proto
& WPA_PROTO_OSEN
)
1273 proto
= WPA_PROTO_OSEN
;
1274 else if (ssid
->proto
& WPA_PROTO_RSN
)
1275 proto
= WPA_PROTO_RSN
;
1277 proto
= WPA_PROTO_WPA
;
1278 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1279 os_memset(&ie
, 0, sizeof(ie
));
1280 ie
.group_cipher
= ssid
->group_cipher
;
1281 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1282 ie
.key_mgmt
= ssid
->key_mgmt
;
1283 #ifdef CONFIG_IEEE80211W
1284 ie
.mgmt_group_cipher
= 0;
1285 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1286 if (ssid
->group_mgmt_cipher
&
1287 WPA_CIPHER_BIP_GMAC_256
)
1288 ie
.mgmt_group_cipher
=
1289 WPA_CIPHER_BIP_GMAC_256
;
1290 else if (ssid
->group_mgmt_cipher
&
1291 WPA_CIPHER_BIP_CMAC_256
)
1292 ie
.mgmt_group_cipher
=
1293 WPA_CIPHER_BIP_CMAC_256
;
1294 else if (ssid
->group_mgmt_cipher
&
1295 WPA_CIPHER_BIP_GMAC_128
)
1296 ie
.mgmt_group_cipher
=
1297 WPA_CIPHER_BIP_GMAC_128
;
1299 ie
.mgmt_group_cipher
=
1300 WPA_CIPHER_AES_128_CMAC
;
1302 #endif /* CONFIG_IEEE80211W */
1304 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1306 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1307 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1308 wpa_s
->wpa_proto
= 0;
1312 #endif /* CONFIG_OWE */
1313 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1314 "based on configuration");
1319 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1320 "pairwise %d key_mgmt %d proto %d",
1321 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1322 #ifdef CONFIG_IEEE80211W
1323 if (ssid
->ieee80211w
) {
1324 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1325 ie
.mgmt_group_cipher
);
1327 #endif /* CONFIG_IEEE80211W */
1329 wpa_s
->wpa_proto
= proto
;
1330 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1331 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1332 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1334 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1335 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1336 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1337 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1338 bss_rsn
? 2 + bss_rsn
[1] : 0))
1342 #ifdef CONFIG_NO_WPA
1343 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1344 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1345 #else /* CONFIG_NO_WPA */
1346 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1347 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1348 if (wpa_s
->group_cipher
< 0) {
1349 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1353 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1354 wpa_cipher_txt(wpa_s
->group_cipher
));
1356 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1357 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1358 if (wpa_s
->pairwise_cipher
< 0) {
1359 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1363 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1364 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1365 #endif /* CONFIG_NO_WPA */
1367 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1369 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1370 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1371 #endif /* CONFIG_SAE */
1373 #ifdef CONFIG_SUITEB192
1374 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1375 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1376 wpa_dbg(wpa_s
, MSG_DEBUG
,
1377 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1378 #endif /* CONFIG_SUITEB192 */
1379 #ifdef CONFIG_SUITEB
1380 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1381 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1382 wpa_dbg(wpa_s
, MSG_DEBUG
,
1383 "WPA: using KEY_MGMT 802.1X with Suite B");
1384 #endif /* CONFIG_SUITEB */
1386 #ifdef CONFIG_IEEE80211R
1387 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1388 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1389 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1390 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1391 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1392 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1393 #endif /* CONFIG_IEEE80211R */
1394 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1396 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1397 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1398 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1399 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1400 #endif /* CONFIG_FILS */
1401 #ifdef CONFIG_IEEE80211R
1402 #ifdef CONFIG_SHA384
1403 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) {
1404 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1405 wpa_dbg(wpa_s
, MSG_DEBUG
,
1406 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1407 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1408 /* PMKSA caching with FT is not fully functional, so
1409 * disable the case for now. */
1410 wpa_dbg(wpa_s
, MSG_DEBUG
,
1411 "WPA: Disable PMKSA caching for FT/802.1X connection");
1412 pmksa_cache_clear_current(wpa_s
->wpa
);
1414 #endif /* CONFIG_SHA384 */
1415 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1416 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1417 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1418 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1419 /* PMKSA caching with FT is not fully functional, so
1420 * disable the case for now. */
1421 wpa_dbg(wpa_s
, MSG_DEBUG
,
1422 "WPA: Disable PMKSA caching for FT/802.1X connection");
1423 pmksa_cache_clear_current(wpa_s
->wpa
);
1425 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1426 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1427 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1428 #endif /* CONFIG_IEEE80211R */
1430 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1431 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1432 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1433 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1434 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1435 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1436 #endif /* CONFIG_SAE */
1437 #ifdef CONFIG_IEEE80211W
1438 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1439 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1440 wpa_dbg(wpa_s
, MSG_DEBUG
,
1441 "WPA: using KEY_MGMT 802.1X with SHA256");
1442 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1443 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1444 wpa_dbg(wpa_s
, MSG_DEBUG
,
1445 "WPA: using KEY_MGMT PSK with SHA256");
1446 #endif /* CONFIG_IEEE80211W */
1447 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1448 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1449 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1450 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1451 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1452 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1453 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1454 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1455 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1457 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1458 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1459 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1460 #endif /* CONFIG_HS20 */
1462 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1463 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1464 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1465 #endif /* CONFIG_OWE */
1467 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1468 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1469 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1470 #endif /* CONFIG_DPP */
1472 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1473 "authenticated key management type");
1477 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1478 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1479 wpa_s
->pairwise_cipher
);
1480 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1482 #ifdef CONFIG_IEEE80211W
1483 sel
= ie
.mgmt_group_cipher
;
1484 if (ssid
->group_mgmt_cipher
)
1485 sel
&= ssid
->group_mgmt_cipher
;
1486 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1487 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1489 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1490 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1491 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1493 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1494 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1495 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1497 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1498 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1499 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1501 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1502 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1503 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1506 wpa_s
->mgmt_group_cipher
= 0;
1507 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1509 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1510 wpa_s
->mgmt_group_cipher
);
1511 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1512 wpas_get_ssid_pmf(wpa_s
, ssid
));
1513 #endif /* CONFIG_IEEE80211W */
1515 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_OCV
, ssid
->ocv
);
1516 #endif /* CONFIG_OCV */
1518 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1519 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1523 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1527 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1528 WPA_KEY_MGMT_FT_PSK
|
1529 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1531 if (ssid
->psk_set
&& !sae_only
) {
1532 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1533 ssid
->psk
, PMK_LEN
);
1534 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1539 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1540 (ssid
->sae_password
|| ssid
->passphrase
))
1543 #ifndef CONFIG_NO_PBKDF2
1544 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1545 ssid
->passphrase
&& !sae_only
) {
1547 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1548 4096, psk
, PMK_LEN
);
1549 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1551 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1553 os_memset(psk
, 0, sizeof(psk
));
1555 #endif /* CONFIG_NO_PBKDF2 */
1556 #ifdef CONFIG_EXT_PASSWORD
1557 if (ssid
->ext_psk
&& !sae_only
) {
1558 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1560 char pw_str
[64 + 1];
1564 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1565 "found from external storage");
1569 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1570 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1571 "PSK length %d in external storage",
1572 (int) wpabuf_len(pw
));
1573 ext_password_free(pw
);
1577 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1578 pw_str
[wpabuf_len(pw
)] = '\0';
1580 #ifndef CONFIG_NO_PBKDF2
1581 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1583 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1584 4096, psk
, PMK_LEN
);
1585 os_memset(pw_str
, 0, sizeof(pw_str
));
1586 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1587 "external passphrase)",
1589 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1592 os_memset(psk
, 0, sizeof(psk
));
1594 #endif /* CONFIG_NO_PBKDF2 */
1595 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1596 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1597 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1598 "Invalid PSK hex string");
1599 os_memset(pw_str
, 0, sizeof(pw_str
));
1600 ext_password_free(pw
);
1603 wpa_hexdump_key(MSG_MSGDUMP
,
1604 "PSK (from external PSK)",
1606 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1609 os_memset(psk
, 0, sizeof(psk
));
1611 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1613 os_memset(pw_str
, 0, sizeof(pw_str
));
1614 ext_password_free(pw
);
1618 os_memset(pw_str
, 0, sizeof(pw_str
));
1619 ext_password_free(pw
);
1621 #endif /* CONFIG_EXT_PASSWORD */
1624 wpa_msg(wpa_s
, MSG_INFO
,
1625 "No PSK available for association");
1626 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1630 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1631 /* OWE Diffie-Hellman exchange in (Re)Association
1632 * Request/Response frames set the PMK, so do not override it
1634 #endif /* CONFIG_OWE */
1636 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1642 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1647 case 0: /* Bits 0-7 */
1649 case 1: /* Bits 8-15 */
1650 if (wpa_s
->conf
->coloc_intf_reporting
) {
1651 /* Bit 13 - Collocated Interference Reporting */
1655 case 2: /* Bits 16-23 */
1657 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1658 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1659 #endif /* CONFIG_WNM */
1661 case 3: /* Bits 24-31 */
1663 *pos
|= 0x02; /* Bit 25 - SSID List */
1664 #endif /* CONFIG_WNM */
1665 #ifdef CONFIG_INTERWORKING
1666 if (wpa_s
->conf
->interworking
)
1667 *pos
|= 0x80; /* Bit 31 - Interworking */
1668 #endif /* CONFIG_INTERWORKING */
1670 case 4: /* Bits 32-39 */
1671 #ifdef CONFIG_INTERWORKING
1672 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1673 *pos
|= 0x01; /* Bit 32 - QoS Map */
1674 #endif /* CONFIG_INTERWORKING */
1676 case 5: /* Bits 40-47 */
1678 if (wpa_s
->conf
->hs20
)
1679 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1680 #endif /* CONFIG_HS20 */
1682 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1683 #endif /* CONFIG_MBO */
1685 case 6: /* Bits 48-55 */
1687 case 7: /* Bits 56-63 */
1689 case 8: /* Bits 64-71 */
1690 if (wpa_s
->conf
->ftm_responder
)
1691 *pos
|= 0x40; /* Bit 70 - FTM responder */
1692 if (wpa_s
->conf
->ftm_initiator
)
1693 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1695 case 9: /* Bits 72-79 */
1697 if (!wpa_s
->disable_fils
)
1699 #endif /* CONFIG_FILS */
1705 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1710 if (len
< wpa_s
->extended_capa_len
)
1711 len
= wpa_s
->extended_capa_len
;
1712 if (buflen
< (size_t) len
+ 2) {
1713 wpa_printf(MSG_INFO
,
1714 "Not enough room for building extended capabilities element");
1718 *pos
++ = WLAN_EID_EXT_CAPAB
;
1720 for (i
= 0; i
< len
; i
++, pos
++) {
1721 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1723 if (i
< wpa_s
->extended_capa_len
) {
1724 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1725 *pos
|= wpa_s
->extended_capa
[i
];
1729 while (len
> 0 && buf
[1 + len
] == 0) {
1740 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1741 struct wpa_bss
*test_bss
)
1743 struct wpa_bss
*bss
;
1745 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1746 if (bss
== test_bss
)
1754 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1755 struct wpa_ssid
*test_ssid
)
1757 struct wpa_ssid
*ssid
;
1759 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1760 if (ssid
== test_ssid
)
1768 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1769 struct wpa_ssid
*test_ssid
)
1771 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1774 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1778 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1786 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1788 struct wpa_connect_work
*cwork
;
1789 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1794 wpa_s
->connect_work
= NULL
;
1797 wpas_connect_work_free(cwork
);
1798 radio_work_done(work
);
1802 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1804 struct os_reltime now
;
1807 os_get_reltime(&now
);
1808 if (wpa_s
->last_mac_addr_style
== style
&&
1809 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1810 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1811 wpa_s
->conf
->rand_addr_lifetime
)) {
1812 wpa_msg(wpa_s
, MSG_DEBUG
,
1813 "Previously selected random MAC address has not yet expired");
1819 if (random_mac_addr(addr
) < 0)
1823 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1824 if (random_mac_addr_keep_oui(addr
) < 0)
1831 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1832 wpa_msg(wpa_s
, MSG_INFO
,
1833 "Failed to set random MAC address");
1837 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1838 wpa_s
->mac_addr_changed
= 1;
1839 wpa_s
->last_mac_addr_style
= style
;
1841 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1842 wpa_msg(wpa_s
, MSG_INFO
,
1843 "Could not update MAC address information");
1847 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1854 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1856 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1857 !wpa_s
->conf
->preassoc_mac_addr
)
1860 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1864 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1867 * wpa_supplicant_associate - Request association
1868 * @wpa_s: Pointer to wpa_supplicant data
1869 * @bss: Scan results for the selected BSS, or %NULL if not available
1870 * @ssid: Configuration data for the selected network
1872 * This function is used to request %wpa_supplicant to associate with a BSS.
1874 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1875 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1877 struct wpa_connect_work
*cwork
;
1880 wpa_s
->own_disconnect_req
= 0;
1883 * If we are starting a new connection, any previously pending EAPOL
1884 * RX cannot be valid anymore.
1886 wpabuf_free(wpa_s
->pending_eapol_rx
);
1887 wpa_s
->pending_eapol_rx
= NULL
;
1889 if (ssid
->mac_addr
== -1)
1890 rand_style
= wpa_s
->conf
->mac_addr
;
1892 rand_style
= ssid
->mac_addr
;
1894 wmm_ac_clear_saved_tspecs(wpa_s
);
1895 wpa_s
->reassoc_same_bss
= 0;
1896 wpa_s
->reassoc_same_ess
= 0;
1897 #ifdef CONFIG_TESTING_OPTIONS
1898 wpa_s
->testing_resend_assoc
= 0;
1899 #endif /* CONFIG_TESTING_OPTIONS */
1901 if (wpa_s
->last_ssid
== ssid
) {
1902 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1903 wpa_s
->reassoc_same_ess
= 1;
1904 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1905 wmm_ac_save_tspecs(wpa_s
);
1906 wpa_s
->reassoc_same_bss
= 1;
1910 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1911 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1913 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1914 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1915 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1916 wpa_msg(wpa_s
, MSG_INFO
,
1917 "Could not restore permanent MAC address");
1920 wpa_s
->mac_addr_changed
= 0;
1921 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1922 wpa_msg(wpa_s
, MSG_INFO
,
1923 "Could not update MAC address information");
1926 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1928 wpa_s
->last_ssid
= ssid
;
1930 #ifdef CONFIG_IBSS_RSN
1931 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1932 wpa_s
->ibss_rsn
= NULL
;
1933 #else /* CONFIG_IBSS_RSN */
1934 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1935 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1936 wpa_msg(wpa_s
, MSG_INFO
,
1937 "IBSS RSN not supported in the build");
1940 #endif /* CONFIG_IBSS_RSN */
1942 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1943 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1945 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1946 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1950 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1951 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1952 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1953 wpas_p2p_ap_setup_failed(wpa_s
);
1956 wpa_s
->current_bss
= bss
;
1957 #else /* CONFIG_AP */
1958 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1960 #endif /* CONFIG_AP */
1964 if (ssid
->mode
== WPAS_MODE_MESH
) {
1966 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1967 wpa_msg(wpa_s
, MSG_INFO
,
1968 "Driver does not support mesh mode");
1972 ssid
->frequency
= bss
->freq
;
1973 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1974 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1977 wpa_s
->current_bss
= bss
;
1978 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1979 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1981 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1982 #else /* CONFIG_MESH */
1983 wpa_msg(wpa_s
, MSG_ERROR
,
1984 "mesh mode support not included in the build");
1985 #endif /* CONFIG_MESH */
1990 * Set WPA state machine configuration to match the selected network now
1991 * so that the information is available before wpas_start_assoc_cb()
1992 * gets called. This is needed at least for RSN pre-authentication where
1993 * candidate APs are added to a list based on scan result processing
1994 * before completion of the first association.
1996 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1999 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
2001 #endif /* CONFIG_DPP */
2005 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2007 #endif /* CONFIG_TDLS */
2009 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2010 ssid
->mode
== IEEE80211_MODE_INFRA
) {
2011 sme_authenticate(wpa_s
, bss
, ssid
);
2015 if (wpa_s
->connect_work
) {
2016 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2020 if (radio_work_pending(wpa_s
, "connect")) {
2021 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2026 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2027 /* Clear possibly set auth_alg, if any, from last attempt. */
2028 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2030 #endif /* CONFIG_SME */
2032 wpas_abort_ongoing_scan(wpa_s
);
2034 cwork
= os_zalloc(sizeof(*cwork
));
2041 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2042 wpas_start_assoc_cb
, cwork
) < 0) {
2048 static int bss_is_ibss(struct wpa_bss
*bss
)
2050 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2055 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2056 const struct wpa_ssid
*ssid
)
2058 enum hostapd_hw_mode hw_mode
;
2059 struct hostapd_hw_modes
*mode
= NULL
;
2063 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2064 if (hw_mode
== NUM_HOSTAPD_MODES
)
2066 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2067 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2068 mode
= &wpa_s
->hw
.modes
[i
];
2076 return mode
->vht_capab
!= 0;
2080 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2081 const struct wpa_ssid
*ssid
,
2082 struct hostapd_freq_params
*freq
)
2084 enum hostapd_hw_mode hw_mode
;
2085 struct hostapd_hw_modes
*mode
= NULL
;
2086 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2088 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2089 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2091 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2093 struct hostapd_freq_params vht_freq
;
2094 int chwidth
, seg0
, seg1
;
2097 freq
->freq
= ssid
->frequency
;
2099 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2100 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2102 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2105 /* Don't adjust control freq in case of fixed_freq */
2106 if (ssid
->fixed_freq
)
2109 if (!bss_is_ibss(bss
))
2112 if (ssid
->ssid_len
== bss
->ssid_len
&&
2113 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2114 wpa_printf(MSG_DEBUG
,
2115 "IBSS already found in scan results, adjust control freq: %d",
2117 freq
->freq
= bss
->freq
;
2123 /* For IBSS check HT_IBSS flag */
2124 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2125 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2128 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2129 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2130 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2131 wpa_printf(MSG_DEBUG
,
2132 "IBSS: WEP/TKIP detected, do not try to enable HT");
2136 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2137 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2138 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2139 mode
= &wpa_s
->hw
.modes
[i
];
2147 #ifdef CONFIG_HT_OVERRIDES
2148 if (ssid
->disable_ht
) {
2149 freq
->ht_enabled
= 0;
2152 #endif /* CONFIG_HT_OVERRIDES */
2154 freq
->ht_enabled
= ht_supported(mode
);
2155 if (!freq
->ht_enabled
)
2158 /* Setup higher BW only for 5 GHz */
2159 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2162 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2163 pri_chan
= &mode
->channels
[chan_idx
];
2164 if (pri_chan
->chan
== channel
)
2171 /* Check primary channel flags */
2172 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2175 #ifdef CONFIG_HT_OVERRIDES
2176 if (ssid
->disable_ht40
)
2178 #endif /* CONFIG_HT_OVERRIDES */
2180 /* Check/setup HT40+/HT40- */
2181 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2182 if (ht40plus
[j
] == channel
) {
2188 /* Find secondary channel */
2189 for (i
= 0; i
< mode
->num_channels
; i
++) {
2190 sec_chan
= &mode
->channels
[i
];
2191 if (sec_chan
->chan
== channel
+ ht40
* 4)
2198 /* Check secondary channel flags */
2199 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2202 freq
->channel
= pri_chan
->chan
;
2205 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2208 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2211 freq
->sec_channel_offset
= ht40
;
2214 struct wpa_scan_results
*scan_res
;
2216 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2217 if (scan_res
== NULL
) {
2219 freq
->sec_channel_offset
= 0;
2223 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2228 freq
->sec_channel_offset
= 0;
2231 /* Configuration allowed */
2234 /* Switch pri/sec channels */
2235 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2236 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2237 freq
->channel
= sec_chan
->chan
;
2240 freq
->sec_channel_offset
= 0;
2244 wpa_scan_results_free(scan_res
);
2247 wpa_printf(MSG_DEBUG
,
2248 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2249 freq
->channel
, freq
->sec_channel_offset
);
2251 if (!drv_supports_vht(wpa_s
, ssid
))
2254 /* For IBSS check VHT_IBSS flag */
2255 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2256 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2261 #ifdef CONFIG_VHT_OVERRIDES
2262 if (ssid
->disable_vht
) {
2263 freq
->vht_enabled
= 0;
2266 #endif /* CONFIG_VHT_OVERRIDES */
2268 vht_freq
.vht_enabled
= vht_supported(mode
);
2269 if (!vht_freq
.vht_enabled
)
2272 /* setup center_freq1, bandwidth */
2273 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2274 if (freq
->channel
>= vht80
[j
] &&
2275 freq
->channel
< vht80
[j
] + 16)
2279 if (j
== ARRAY_SIZE(vht80
))
2282 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2283 struct hostapd_channel_data
*chan
;
2285 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2289 /* Back to HT configuration if channel not usable */
2290 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2294 chwidth
= VHT_CHANWIDTH_80MHZ
;
2295 seg0
= vht80
[j
] + 6;
2298 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2299 /* setup center_freq2, bandwidth */
2300 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2301 /* Only accept 80 MHz segments separated by a gap */
2302 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2304 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2305 struct hostapd_channel_data
*chan
;
2307 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2311 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2312 HOSTAPD_CHAN_NO_IR
|
2313 HOSTAPD_CHAN_RADAR
))
2316 /* Found a suitable second segment for 80+80 */
2317 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2319 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2320 seg1
= vht80
[k
] + 6;
2323 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2326 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2327 if (freq
->freq
== 5180) {
2328 chwidth
= VHT_CHANWIDTH_160MHZ
;
2329 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2331 } else if (freq
->freq
== 5520) {
2332 chwidth
= VHT_CHANWIDTH_160MHZ
;
2333 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2338 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2339 freq
->channel
, freq
->ht_enabled
,
2340 vht_freq
.vht_enabled
,
2341 freq
->sec_channel_offset
,
2342 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2347 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2348 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2353 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2356 struct fils_hlp_req
*req
;
2357 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2361 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2363 rem_len
= ie_buf_len
- ie_len
;
2364 pos
= wpabuf_head(req
->pkt
);
2365 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2366 hlp_len
= wpabuf_len(req
->pkt
);
2368 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2369 wpa_printf(MSG_ERROR
,
2370 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2371 (unsigned long) rem_len
,
2372 (unsigned long) (2 + hdr_len
+ hlp_len
));
2376 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2378 *buf
++ = WLAN_EID_EXTENSION
;
2381 /* Element ID Extension */
2382 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2383 /* Destination MAC address */
2384 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2386 /* Source MAC address */
2387 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2389 /* LLC/SNAP Header */
2390 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2393 os_memcpy(buf
, pos
, len
- hdr_len
);
2394 buf
+= len
- hdr_len
;
2395 pos
+= len
- hdr_len
;
2397 hlp_len
-= len
- hdr_len
;
2402 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2403 if (rem_len
< 2 + len
)
2405 *buf
++ = WLAN_EID_FRAGMENT
;
2407 os_memcpy(buf
, pos
, len
);
2421 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2423 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2424 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2425 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2426 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2430 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2432 #ifdef CONFIG_FILS_SK_PFS
2433 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2434 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2435 #else /* CONFIG_FILS_SK_PFS */
2437 #endif /* CONFIG_FILS_SK_PFS */
2440 #endif /* CONFIG_FILS */
2443 static u8
* wpas_populate_assoc_ies(
2444 struct wpa_supplicant
*wpa_s
,
2445 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2446 struct wpa_driver_associate_params
*params
,
2447 enum wpa_drv_update_connect_params_mask
*mask
)
2450 size_t max_wpa_ie_len
= 500;
2452 int algs
= WPA_AUTH_ALG_OPEN
;
2457 const u8
*realm
, *username
, *rrk
;
2458 size_t realm_len
, username_len
, rrk_len
;
2460 struct fils_hlp_req
*req
;
2462 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2464 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2465 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2467 #endif /* CONFIG_FILS */
2469 wpa_ie
= os_malloc(max_wpa_ie_len
);
2471 wpa_printf(MSG_ERROR
,
2472 "Failed to allocate connect IE buffer for %lu bytes",
2473 (unsigned long) max_wpa_ie_len
);
2477 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2478 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2479 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2480 int try_opportunistic
;
2481 const u8
*cache_id
= NULL
;
2483 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2485 ssid
->proactive_key_caching
) &&
2486 (ssid
->proto
& WPA_PROTO_RSN
);
2488 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2489 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2490 #endif /* CONFIG_FILS */
2491 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2492 ssid
, try_opportunistic
,
2494 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2495 wpa_ie_len
= max_wpa_ie_len
;
2496 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2497 wpa_ie
, &wpa_ie_len
)) {
2498 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2499 "key management and encryption suites");
2504 } else if (bss
&& wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
) &&
2505 (ssid
->key_mgmt
& WPA_KEY_MGMT_OSEN
)) {
2506 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2507 wpa_ie_len
= max_wpa_ie_len
;
2508 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2509 wpa_ie
, &wpa_ie_len
)) {
2510 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2511 "key management and encryption suites");
2515 #endif /* CONFIG_HS20 */
2516 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2517 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2519 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2520 * use non-WPA since the scan results did not indicate that the
2521 * AP is using WPA or WPA2.
2523 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2525 wpa_s
->wpa_proto
= 0;
2526 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2527 wpa_ie_len
= max_wpa_ie_len
;
2528 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2529 wpa_ie
, &wpa_ie_len
)) {
2530 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2531 "key management and encryption suites (no "
2537 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2538 struct wpabuf
*wps_ie
;
2539 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2540 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2541 wpa_ie_len
= wpabuf_len(wps_ie
);
2542 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2545 wpabuf_free(wps_ie
);
2546 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2547 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2548 params
->wps
= WPS_MODE_PRIVACY
;
2550 params
->wps
= WPS_MODE_OPEN
;
2551 wpa_s
->wpa_proto
= 0;
2552 #endif /* CONFIG_WPS */
2554 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2556 wpa_s
->wpa_proto
= 0;
2559 #ifdef IEEE8021X_EAPOL
2560 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2562 if (ssid
->non_leap
== 0)
2563 algs
= WPA_AUTH_ALG_LEAP
;
2565 algs
|= WPA_AUTH_ALG_LEAP
;
2570 /* Clear FILS association */
2571 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2573 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2574 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2575 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2576 &username_len
, &realm
, &realm_len
,
2577 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2578 (!wpa_s
->last_con_fail_realm
||
2579 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2580 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2581 algs
= WPA_AUTH_ALG_FILS
;
2582 params
->fils_erp_username
= username
;
2583 params
->fils_erp_username_len
= username_len
;
2584 params
->fils_erp_realm
= realm
;
2585 params
->fils_erp_realm_len
= realm_len
;
2586 params
->fils_erp_next_seq_num
= next_seq_num
;
2587 params
->fils_erp_rrk
= rrk
;
2588 params
->fils_erp_rrk_len
= rrk_len
;
2591 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2593 #endif /* CONFIG_FILS */
2594 #endif /* IEEE8021X_EAPOL */
2596 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2597 algs
= WPA_AUTH_ALG_SAE
;
2598 #endif /* CONFIG_SAE */
2600 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2601 if (ssid
->auth_alg
) {
2602 algs
= ssid
->auth_alg
;
2603 wpa_dbg(wpa_s
, MSG_DEBUG
,
2604 "Overriding auth_alg selection: 0x%x", algs
);
2608 if (wpa_s
->global
->p2p
) {
2612 pos
= wpa_ie
+ wpa_ie_len
;
2613 len
= max_wpa_ie_len
- wpa_ie_len
;
2614 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2620 wpa_s
->cross_connect_disallowed
= 0;
2623 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2625 wpa_s
->cross_connect_disallowed
=
2626 p2p_get_cross_connect_disallowed(p2p
);
2628 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2630 wpa_s
->cross_connect_disallowed
?
2631 "disallows" : "allows");
2635 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2636 #endif /* CONFIG_P2P */
2639 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2640 wpa_ie
+ wpa_ie_len
,
2646 * Workaround: Add Extended Capabilities element only if the AP
2647 * included this element in Beacon/Probe Response frames. Some older
2648 * APs seem to have interoperability issues if this element is
2649 * included, so while the standard may require us to include the
2650 * element in all cases, it is justifiable to skip it to avoid
2651 * interoperability issues.
2653 if (ssid
->p2p_group
)
2654 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2656 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2658 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2661 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2663 if (ext_capab_len
> 0 &&
2664 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2666 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2668 os_memmove(pos
+ ext_capab_len
, pos
,
2669 wpa_ie_len
- (pos
- wpa_ie
));
2670 wpa_ie_len
+= ext_capab_len
;
2671 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2676 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2677 struct wpabuf
*hs20
;
2679 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2681 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2684 wpas_hs20_add_indication(hs20
, pps_mo_id
,
2685 get_hs20_version(bss
));
2686 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2687 len
= max_wpa_ie_len
- wpa_ie_len
;
2688 if (wpabuf_len(hs20
) <= len
) {
2689 os_memcpy(wpa_ie
+ wpa_ie_len
,
2690 wpabuf_head(hs20
), wpabuf_len(hs20
));
2691 wpa_ie_len
+= wpabuf_len(hs20
);
2695 hs20_configure_frame_filters(wpa_s
);
2698 #endif /* CONFIG_HS20 */
2700 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2701 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2704 len
= max_wpa_ie_len
- wpa_ie_len
;
2705 if (wpabuf_len(buf
) <= len
) {
2706 os_memcpy(wpa_ie
+ wpa_ie_len
,
2707 wpabuf_head(buf
), wpabuf_len(buf
));
2708 wpa_ie_len
+= wpabuf_len(buf
);
2713 if (wpa_s
->fst_ies
) {
2714 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2716 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2717 os_memcpy(wpa_ie
+ wpa_ie_len
,
2718 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2719 wpa_ie_len
+= fst_ies_len
;
2722 #endif /* CONFIG_FST */
2725 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2729 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2730 max_wpa_ie_len
- wpa_ie_len
,
2731 !!mbo_attr_from_mbo_ie(mbo_ie
,
2732 OCE_ATTR_ID_CAPA_IND
));
2736 #endif /* CONFIG_MBO */
2739 if (algs
== WPA_AUTH_ALG_FILS
) {
2742 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2743 max_wpa_ie_len
- wpa_ie_len
);
2746 #endif /* CONFIG_FILS */
2749 #ifdef CONFIG_TESTING_OPTIONS
2750 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2751 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2753 #endif /* CONFIG_TESTING_OPTIONS */
2754 if (algs
== WPA_AUTH_ALG_OPEN
&&
2755 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2756 struct wpabuf
*owe_ie
;
2759 if (ssid
->owe_group
) {
2760 group
= ssid
->owe_group
;
2761 } else if (wpa_s
->assoc_status_code
==
2762 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED
) {
2763 if (wpa_s
->last_owe_group
== 19)
2765 else if (wpa_s
->last_owe_group
== 20)
2768 group
= OWE_DH_GROUP
;
2770 group
= OWE_DH_GROUP
;
2773 wpa_s
->last_owe_group
= group
;
2774 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2775 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2777 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2778 os_memcpy(wpa_ie
+ wpa_ie_len
,
2779 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2780 wpa_ie_len
+= wpabuf_len(owe_ie
);
2781 wpabuf_free(owe_ie
);
2784 #endif /* CONFIG_OWE */
2786 #ifdef CONFIG_IEEE80211R
2788 * Add MDIE under these conditions: the network profile allows FT,
2789 * the AP supports FT, and the mobility domain ID matches.
2791 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2792 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2794 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2796 const u8
*md
= mdie
+ 2;
2797 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2799 if (os_memcmp(md
, wpa_md
,
2800 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2801 /* Add mobility domain IE */
2802 len
= wpa_ft_add_mdie(
2803 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2804 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2808 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2809 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2810 wpa_dbg(wpa_s
, MSG_DEBUG
,
2811 "SME: Trying to use FT over-the-air");
2812 algs
|= WPA_AUTH_ALG_FT
;
2814 #endif /* CONFIG_SME */
2817 #endif /* CONFIG_IEEE80211R */
2819 if (ssid
->multi_ap_backhaul_sta
) {
2820 size_t multi_ap_ie_len
;
2822 multi_ap_ie_len
= add_multi_ap_ie(wpa_ie
+ wpa_ie_len
,
2823 max_wpa_ie_len
- wpa_ie_len
,
2824 MULTI_AP_BACKHAUL_STA
);
2825 if (multi_ap_ie_len
== 0) {
2826 wpa_printf(MSG_ERROR
,
2827 "Multi-AP: Failed to build Multi-AP IE");
2831 wpa_ie_len
+= multi_ap_ie_len
;
2834 params
->wpa_ie
= wpa_ie
;
2835 params
->wpa_ie_len
= wpa_ie_len
;
2836 params
->auth_alg
= algs
;
2838 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2844 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2845 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
2847 struct wpa_driver_associate_params params
;
2848 enum wpa_drv_update_connect_params_mask mask
= 0;
2851 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
2852 return; /* nothing to do */
2854 os_memset(¶ms
, 0, sizeof(params
));
2855 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2856 wpa_s
->current_ssid
, ¶ms
, &mask
);
2860 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
2865 wpa_s
->auth_alg
= params
.auth_alg
;
2866 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
2869 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2872 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2874 struct wpa_connect_work
*cwork
= work
->ctx
;
2875 struct wpa_bss
*bss
= cwork
->bss
;
2876 struct wpa_ssid
*ssid
= cwork
->ssid
;
2877 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2879 int use_crypt
, ret
, i
, bssid_changed
;
2880 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
2881 struct wpa_driver_associate_params params
;
2882 int wep_keys_set
= 0;
2883 int assoc_failed
= 0;
2884 struct wpa_ssid
*old_ssid
;
2885 u8 prev_bssid
[ETH_ALEN
];
2886 #ifdef CONFIG_HT_OVERRIDES
2887 struct ieee80211_ht_capabilities htcaps
;
2888 struct ieee80211_ht_capabilities htcaps_mask
;
2889 #endif /* CONFIG_HT_OVERRIDES */
2890 #ifdef CONFIG_VHT_OVERRIDES
2891 struct ieee80211_vht_capabilities vhtcaps
;
2892 struct ieee80211_vht_capabilities vhtcaps_mask
;
2893 #endif /* CONFIG_VHT_OVERRIDES */
2896 if (work
->started
) {
2897 wpa_s
->connect_work
= NULL
;
2899 /* cancel possible auth. timeout */
2900 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2903 wpas_connect_work_free(cwork
);
2907 wpa_s
->connect_work
= work
;
2909 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2910 wpas_network_disabled(wpa_s
, ssid
)) {
2911 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2912 wpas_connect_work_done(wpa_s
);
2916 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2917 os_memset(¶ms
, 0, sizeof(params
));
2918 wpa_s
->reassociate
= 0;
2919 wpa_s
->eap_expected_failure
= 0;
2921 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2922 #ifdef CONFIG_IEEE80211R
2923 const u8
*ie
, *md
= NULL
;
2924 #endif /* CONFIG_IEEE80211R */
2925 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2926 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2927 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2928 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2929 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2930 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2932 wpas_notify_bssid_changed(wpa_s
);
2933 #ifdef CONFIG_IEEE80211R
2934 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2935 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2937 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2939 /* Prepare for the next transition */
2940 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2942 #endif /* CONFIG_IEEE80211R */
2944 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2945 wpa_s
->conf
->ap_scan
== 2 &&
2946 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2947 /* Use ap_scan==1 style network selection to find the network
2949 wpas_connect_work_done(wpa_s
);
2950 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2951 wpa_s
->reassociate
= 1;
2952 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2954 #endif /* CONFIG_WPS */
2956 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2957 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2959 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2961 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2964 wpa_supplicant_cancel_sched_scan(wpa_s
);
2966 wpa_supplicant_cancel_scan(wpa_s
);
2968 /* Starting new association, so clear the possibly used WPA IE from the
2969 * previous association. */
2970 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2972 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
2974 wpas_connect_work_done(wpa_s
);
2978 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2980 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2981 cipher_group
= wpa_s
->group_cipher
;
2982 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
2983 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2984 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2985 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2987 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2992 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2995 #ifdef IEEE8021X_EAPOL
2996 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2997 if ((ssid
->eapol_flags
&
2998 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2999 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
3003 /* Assume that dynamic WEP-104 keys will be used and
3004 * set cipher suites in order for drivers to expect
3006 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
3009 #endif /* IEEE8021X_EAPOL */
3011 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3012 /* Set the key before (and later after) association */
3013 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3016 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
3018 params
.ssid
= bss
->ssid
;
3019 params
.ssid_len
= bss
->ssid_len
;
3020 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
3021 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3022 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
3023 MACSTR
" freq=%u MHz based on scan results "
3024 "(bssid_set=%d wps=%d)",
3025 MAC2STR(bss
->bssid
), bss
->freq
,
3027 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
3028 params
.bssid
= bss
->bssid
;
3029 params
.freq
.freq
= bss
->freq
;
3031 params
.bssid_hint
= bss
->bssid
;
3032 params
.freq_hint
= bss
->freq
;
3033 params
.pbss
= bss_is_pbss(bss
);
3035 if (ssid
->bssid_hint_set
)
3036 params
.bssid_hint
= ssid
->bssid_hint
;
3038 params
.ssid
= ssid
->ssid
;
3039 params
.ssid_len
= ssid
->ssid_len
;
3040 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3043 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3044 wpa_s
->conf
->ap_scan
== 2) {
3045 params
.bssid
= ssid
->bssid
;
3046 params
.fixed_bssid
= 1;
3049 /* Initial frequency for IBSS/mesh */
3050 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3051 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3052 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3054 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3055 params
.fixed_freq
= ssid
->fixed_freq
;
3056 if (ssid
->beacon_int
)
3057 params
.beacon_int
= ssid
->beacon_int
;
3059 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3062 params
.pairwise_suite
= cipher_pairwise
;
3063 params
.group_suite
= cipher_group
;
3064 params
.mgmt_group_suite
= cipher_group_mgmt
;
3065 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3066 params
.wpa_proto
= wpa_s
->wpa_proto
;
3067 wpa_s
->auth_alg
= params
.auth_alg
;
3068 params
.mode
= ssid
->mode
;
3069 params
.bg_scan_period
= ssid
->bg_scan_period
;
3070 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3071 if (ssid
->wep_key_len
[i
])
3072 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3073 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3075 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3077 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3078 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3079 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3080 params
.passphrase
= ssid
->passphrase
;
3082 params
.psk
= ssid
->psk
;
3085 if (wpa_s
->conf
->key_mgmt_offload
) {
3086 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3087 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3088 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3089 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3090 params
.req_key_mgmt_offload
=
3091 ssid
->proactive_key_caching
< 0 ?
3092 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3094 params
.req_key_mgmt_offload
= 1;
3096 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3097 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3098 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3100 params
.psk
= ssid
->psk
;
3103 params
.drop_unencrypted
= use_crypt
;
3105 #ifdef CONFIG_IEEE80211W
3106 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3107 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3108 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3109 struct wpa_ie_data ie
;
3110 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3112 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3113 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3114 "MFP: require MFP");
3115 params
.mgmt_frame_protection
=
3116 MGMT_FRAME_PROTECTION_REQUIRED
;
3118 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3120 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3121 #endif /* CONFIG_OWE */
3124 #endif /* CONFIG_IEEE80211W */
3126 params
.p2p
= ssid
->p2p_group
;
3128 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3129 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3133 #ifdef CONFIG_HT_OVERRIDES
3134 os_memset(&htcaps
, 0, sizeof(htcaps
));
3135 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3136 params
.htcaps
= (u8
*) &htcaps
;
3137 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3138 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3139 #endif /* CONFIG_HT_OVERRIDES */
3140 #ifdef CONFIG_VHT_OVERRIDES
3141 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3142 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3143 params
.vhtcaps
= &vhtcaps
;
3144 params
.vhtcaps_mask
= &vhtcaps_mask
;
3145 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3146 #endif /* CONFIG_VHT_OVERRIDES */
3150 * If multi-channel concurrency is not supported, check for any
3151 * frequency conflict. In case of any frequency conflict, remove the
3152 * least prioritized connection.
3154 if (wpa_s
->num_multichan_concurrent
< 2) {
3156 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3157 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3158 wpa_printf(MSG_DEBUG
,
3159 "Assoc conflicting freq found (%d != %d)",
3160 freq
, params
.freq
.freq
);
3161 if (wpas_p2p_handle_frequency_conflicts(
3162 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3163 wpas_connect_work_done(wpa_s
);
3169 #endif /* CONFIG_P2P */
3171 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3172 wpa_s
->current_ssid
)
3173 params
.prev_bssid
= prev_bssid
;
3175 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3178 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3180 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3182 * The driver is known to mean what is saying, so we
3183 * can stop right here; the association will not
3186 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3187 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3188 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3191 /* try to continue anyway; new association will be tried again
3196 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3197 /* Set the key after the association just in case association
3198 * cleared the previously configured key. */
3199 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3200 /* No need to timeout authentication since there is no key
3202 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3203 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3204 #ifdef CONFIG_IBSS_RSN
3205 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3206 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3207 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3209 * RSN IBSS authentication is per-STA and we can disable the
3210 * per-BSSID authentication.
3212 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3213 #endif /* CONFIG_IBSS_RSN */
3215 /* Timeout for IEEE 802.11 authentication and association */
3219 /* give IBSS a bit more time */
3220 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3221 } else if (wpa_s
->conf
->ap_scan
== 1) {
3222 /* give IBSS a bit more time */
3223 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3225 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3229 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3230 /* Set static WEP keys again */
3231 wpa_set_wep_keys(wpa_s
, ssid
);
3234 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3236 * Do not allow EAP session resumption between different
3237 * network configurations.
3239 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3241 old_ssid
= wpa_s
->current_ssid
;
3242 wpa_s
->current_ssid
= ssid
;
3244 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3245 wpa_s
->current_bss
= bss
;
3247 hs20_configure_frame_filters(wpa_s
);
3248 #endif /* CONFIG_HS20 */
3251 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3252 wpa_supplicant_initiate_eapol(wpa_s
);
3253 if (old_ssid
!= wpa_s
->current_ssid
)
3254 wpas_notify_network_changed(wpa_s
);
3258 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3261 struct wpa_ssid
*old_ssid
;
3263 wpas_connect_work_done(wpa_s
);
3264 wpa_clear_keys(wpa_s
, addr
);
3265 old_ssid
= wpa_s
->current_ssid
;
3266 wpa_supplicant_mark_disassoc(wpa_s
);
3267 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3268 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3269 if (old_ssid
!= wpa_s
->current_ssid
)
3270 wpas_notify_network_changed(wpa_s
);
3271 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3276 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3277 * @wpa_s: Pointer to wpa_supplicant data
3278 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3280 * This function is used to request %wpa_supplicant to deauthenticate from the
3283 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3287 union wpa_event_data event
;
3290 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3291 " pending_bssid=" MACSTR
" reason=%d state=%s",
3292 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3293 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3295 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3296 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3297 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3298 addr
= wpa_s
->pending_bssid
;
3299 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3300 addr
= wpa_s
->bssid
;
3301 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3303 * When using driver-based BSS selection, we may not know the
3304 * BSSID with which we are currently trying to associate. We
3305 * need to notify the driver of this disconnection even in such
3306 * a case, so use the all zeros address here.
3308 addr
= wpa_s
->bssid
;
3312 if (wpa_s
->enabled_4addr_mode
&& wpa_drv_set_4addr_mode(wpa_s
, 0) == 0)
3313 wpa_s
->enabled_4addr_mode
= 0;
3316 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3317 #endif /* CONFIG_TDLS */
3321 struct mesh_conf
*mconf
;
3323 mconf
= wpa_s
->ifmsh
->mconf
;
3324 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3326 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3327 mconf
->meshid_len
, reason_code
);
3328 wpa_supplicant_leave_mesh(wpa_s
);
3330 #endif /* CONFIG_MESH */
3333 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3334 os_memset(&event
, 0, sizeof(event
));
3335 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3336 event
.deauth_info
.locally_generated
= 1;
3337 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3342 wpa_supplicant_clear_connection(wpa_s
, addr
);
3345 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3346 struct wpa_ssid
*ssid
)
3348 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3352 ssid
->owe_transition_bss_select_count
= 0;
3353 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3354 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3357 * Try to reassociate since there is no current configuration and a new
3358 * network was made available.
3360 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3361 wpa_s
->reassociate
= 1;
3366 * wpa_supplicant_add_network - Add a new network
3367 * @wpa_s: wpa_supplicant structure for a network interface
3368 * Returns: The new network configuration or %NULL if operation failed
3370 * This function performs the following operations:
3371 * 1. Adds a new network.
3372 * 2. Send network addition notification.
3373 * 3. Marks the network disabled.
3374 * 4. Set network default parameters.
3376 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3378 struct wpa_ssid
*ssid
;
3380 ssid
= wpa_config_add_network(wpa_s
->conf
);
3383 wpas_notify_network_added(wpa_s
, ssid
);
3385 wpa_config_set_network_defaults(ssid
);
3392 * wpa_supplicant_remove_network - Remove a configured network based on id
3393 * @wpa_s: wpa_supplicant structure for a network interface
3394 * @id: Unique network id to search for
3395 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3396 * could not be removed
3398 * This function performs the following operations:
3399 * 1. Removes the network.
3400 * 2. Send network removal notification.
3401 * 3. Update internal state machines.
3402 * 4. Stop any running sched scans.
3404 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3406 struct wpa_ssid
*ssid
;
3409 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3412 wpas_notify_network_removed(wpa_s
, ssid
);
3414 if (wpa_s
->last_ssid
== ssid
)
3415 wpa_s
->last_ssid
= NULL
;
3417 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3419 wpa_s
->sme
.prev_bssid_set
= 0;
3420 #endif /* CONFIG_SME */
3422 * Invalidate the EAP session cache if the current or
3423 * previously used network is removed.
3425 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3428 if (ssid
== wpa_s
->current_ssid
) {
3429 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3430 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3432 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3433 wpa_s
->own_disconnect_req
= 1;
3434 wpa_supplicant_deauthenticate(wpa_s
,
3435 WLAN_REASON_DEAUTH_LEAVING
);
3438 was_disabled
= ssid
->disabled
;
3440 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3443 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3444 wpa_printf(MSG_DEBUG
,
3445 "Stop ongoing sched_scan to remove network from filters");
3446 wpa_supplicant_cancel_sched_scan(wpa_s
);
3447 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3455 * wpa_supplicant_enable_network - Mark a configured network as enabled
3456 * @wpa_s: wpa_supplicant structure for a network interface
3457 * @ssid: wpa_ssid structure for a configured network or %NULL
3459 * Enables the specified network or all networks if no network specified.
3461 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3462 struct wpa_ssid
*ssid
)
3465 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3466 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3468 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3470 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3471 (!wpa_s
->current_ssid
||
3472 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3473 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3474 if (wpa_s
->sched_scanning
) {
3475 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3476 "new network to scan filters");
3477 wpa_supplicant_cancel_sched_scan(wpa_s
);
3480 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3481 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3482 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3489 * wpa_supplicant_disable_network - Mark a configured network as disabled
3490 * @wpa_s: wpa_supplicant structure for a network interface
3491 * @ssid: wpa_ssid structure for a configured network or %NULL
3493 * Disables the specified network or all networks if no network specified.
3495 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3496 struct wpa_ssid
*ssid
)
3498 struct wpa_ssid
*other_ssid
;
3502 if (wpa_s
->sched_scanning
)
3503 wpa_supplicant_cancel_sched_scan(wpa_s
);
3505 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3506 other_ssid
= other_ssid
->next
) {
3507 was_disabled
= other_ssid
->disabled
;
3508 if (was_disabled
== 2)
3509 continue; /* do not change persistent P2P group
3512 other_ssid
->disabled
= 1;
3514 if (was_disabled
!= other_ssid
->disabled
)
3515 wpas_notify_network_enabled_changed(
3518 if (wpa_s
->current_ssid
) {
3519 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3520 wpa_s
->own_disconnect_req
= 1;
3521 wpa_supplicant_deauthenticate(
3522 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3524 } else if (ssid
->disabled
!= 2) {
3525 if (ssid
== wpa_s
->current_ssid
) {
3526 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3527 wpa_s
->own_disconnect_req
= 1;
3528 wpa_supplicant_deauthenticate(
3529 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3532 was_disabled
= ssid
->disabled
;
3536 if (was_disabled
!= ssid
->disabled
) {
3537 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3538 if (wpa_s
->sched_scanning
) {
3539 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3540 "to remove network from filters");
3541 wpa_supplicant_cancel_sched_scan(wpa_s
);
3542 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3550 * wpa_supplicant_select_network - Attempt association with a network
3551 * @wpa_s: wpa_supplicant structure for a network interface
3552 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3554 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3555 struct wpa_ssid
*ssid
)
3558 struct wpa_ssid
*other_ssid
;
3559 int disconnected
= 0;
3561 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3562 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3563 wpa_s
->own_disconnect_req
= 1;
3564 wpa_supplicant_deauthenticate(
3565 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3570 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3573 * Mark all other networks disabled or mark all networks enabled if no
3574 * network specified.
3576 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3577 other_ssid
= other_ssid
->next
) {
3578 int was_disabled
= other_ssid
->disabled
;
3579 if (was_disabled
== 2)
3580 continue; /* do not change persistent P2P group data */
3582 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3583 if (was_disabled
&& !other_ssid
->disabled
)
3584 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3586 if (was_disabled
!= other_ssid
->disabled
)
3587 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3590 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3591 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3592 /* We are already associated with the selected network */
3593 wpa_printf(MSG_DEBUG
, "Already associated with the "
3594 "selected network - do nothing");
3599 wpa_s
->current_ssid
= ssid
;
3600 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3601 wpa_s
->connect_without_scan
=
3602 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3605 * Don't optimize next scan freqs since a new ESS has been
3608 os_free(wpa_s
->next_scan_freqs
);
3609 wpa_s
->next_scan_freqs
= NULL
;
3611 wpa_s
->connect_without_scan
= NULL
;
3614 wpa_s
->disconnected
= 0;
3615 wpa_s
->reassociate
= 1;
3616 wpa_s
->last_owe_group
= 0;
3618 ssid
->owe_transition_bss_select_count
= 0;
3620 if (wpa_s
->connect_without_scan
||
3621 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3622 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3623 wpas_scan_reset_sched_scan(wpa_s
);
3624 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3628 wpas_notify_network_selected(wpa_s
, ssid
);
3633 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3634 * @wpa_s: wpa_supplicant structure for a network interface
3635 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3636 * @pkcs11_module_path: PKCS #11 module path or NULL
3637 * Returns: 0 on success; -1 on failure
3639 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3640 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3641 * module path fails the paths will be reset to the default value (NULL).
3643 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3644 const char *pkcs11_engine_path
,
3645 const char *pkcs11_module_path
)
3647 char *pkcs11_engine_path_copy
= NULL
;
3648 char *pkcs11_module_path_copy
= NULL
;
3650 if (pkcs11_engine_path
!= NULL
) {
3651 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3652 if (pkcs11_engine_path_copy
== NULL
)
3655 if (pkcs11_module_path
!= NULL
) {
3656 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3657 if (pkcs11_module_path_copy
== NULL
) {
3658 os_free(pkcs11_engine_path_copy
);
3663 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3664 os_free(wpa_s
->conf
->pkcs11_module_path
);
3665 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3666 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3668 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3669 eapol_sm_deinit(wpa_s
->eapol
);
3670 wpa_s
->eapol
= NULL
;
3671 if (wpa_supplicant_init_eapol(wpa_s
)) {
3672 /* Error -> Reset paths to the default value (NULL) once. */
3673 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3674 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3679 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3686 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3687 * @wpa_s: wpa_supplicant structure for a network interface
3688 * @ap_scan: AP scan mode
3689 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3692 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3697 if (ap_scan
< 0 || ap_scan
> 2)
3700 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3701 wpa_printf(MSG_INFO
,
3702 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3706 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3707 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3708 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3709 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3710 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3713 #endif /* ANDROID */
3715 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3716 wpa_s
->conf
->ap_scan
= ap_scan
;
3718 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3719 wpas_notify_ap_scan_changed(wpa_s
);
3726 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3727 * @wpa_s: wpa_supplicant structure for a network interface
3728 * @expire_age: Expiration age in seconds
3729 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3732 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3733 unsigned int bss_expire_age
)
3735 if (bss_expire_age
< 10) {
3736 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3740 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3742 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3749 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3750 * @wpa_s: wpa_supplicant structure for a network interface
3751 * @expire_count: number of scans after which an unseen BSS is reclaimed
3752 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3755 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3756 unsigned int bss_expire_count
)
3758 if (bss_expire_count
< 1) {
3759 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3763 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3765 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3772 * wpa_supplicant_set_scan_interval - Set scan interval
3773 * @wpa_s: wpa_supplicant structure for a network interface
3774 * @scan_interval: scan interval in seconds
3775 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3778 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3781 if (scan_interval
< 0) {
3782 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3786 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3788 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3795 * wpa_supplicant_set_debug_params - Set global debug params
3796 * @global: wpa_global structure
3797 * @debug_level: debug level
3798 * @debug_timestamp: determines if show timestamp in debug data
3799 * @debug_show_keys: determines if show keys in debug data
3800 * Returns: 0 if succeed or -1 if debug_level has wrong value
3802 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3803 int debug_timestamp
, int debug_show_keys
)
3806 int old_level
, old_timestamp
, old_show_keys
;
3808 /* check for allowed debuglevels */
3809 if (debug_level
!= MSG_EXCESSIVE
&&
3810 debug_level
!= MSG_MSGDUMP
&&
3811 debug_level
!= MSG_DEBUG
&&
3812 debug_level
!= MSG_INFO
&&
3813 debug_level
!= MSG_WARNING
&&
3814 debug_level
!= MSG_ERROR
)
3817 old_level
= wpa_debug_level
;
3818 old_timestamp
= wpa_debug_timestamp
;
3819 old_show_keys
= wpa_debug_show_keys
;
3821 wpa_debug_level
= debug_level
;
3822 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3823 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3825 if (wpa_debug_level
!= old_level
)
3826 wpas_notify_debug_level_changed(global
);
3827 if (wpa_debug_timestamp
!= old_timestamp
)
3828 wpas_notify_debug_timestamp_changed(global
);
3829 if (wpa_debug_show_keys
!= old_show_keys
)
3830 wpas_notify_debug_show_keys_changed(global
);
3837 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
3838 const u8
*entry_ssid
, size_t entry_ssid_len
)
3840 const u8
*owe
, *pos
, *end
;
3842 struct wpa_bss
*bss
;
3844 /* Check network profile SSID aganst the SSID in the
3845 * OWE Transition Mode element. */
3847 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
3851 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
3856 end
= owe
+ 2 + owe
[1];
3858 if (end
- pos
< ETH_ALEN
+ 1)
3862 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
3865 return entry_ssid_len
== ssid_len
&&
3866 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
3868 #endif /* CONFIG_OWE */
3872 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3873 * @wpa_s: Pointer to wpa_supplicant data
3874 * Returns: A pointer to the current network structure or %NULL on failure
3876 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3878 struct wpa_ssid
*entry
;
3879 u8 ssid
[SSID_MAX_LEN
];
3885 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3887 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3893 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3894 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3899 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3900 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3902 entry
= wpa_s
->conf
->ssid
;
3904 if (!wpas_network_disabled(wpa_s
, entry
) &&
3905 ((ssid_len
== entry
->ssid_len
&&
3906 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3907 (!entry
->bssid_set
||
3908 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3911 if (!wpas_network_disabled(wpa_s
, entry
) &&
3912 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3913 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3914 (!entry
->bssid_set
||
3915 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3917 #endif /* CONFIG_WPS */
3920 if (!wpas_network_disabled(wpa_s
, entry
) &&
3921 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
3923 (!entry
->bssid_set
||
3924 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3926 #endif /* CONFIG_OWE */
3928 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3929 entry
->ssid_len
== 0 &&
3930 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3933 entry
= entry
->next
;
3940 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3942 struct wpa_global
*global
= wpa_s
->global
;
3944 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3945 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3946 if (global
->drv_priv
[i
] == NULL
) {
3947 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3948 "'%s'", wpa_drivers
[i
]->name
);
3953 wpa_s
->driver
= wpa_drivers
[i
];
3954 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3960 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3965 const char *pos
, *driver
= name
;
3970 if (wpa_drivers
[0] == NULL
) {
3971 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3977 /* default to first driver in the list */
3978 return select_driver(wpa_s
, 0);
3982 pos
= os_strchr(driver
, ',');
3986 len
= os_strlen(driver
);
3988 for (i
= 0; wpa_drivers
[i
]; i
++) {
3989 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3990 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3992 /* First driver that succeeds wins */
3993 if (select_driver(wpa_s
, i
) == 0)
4001 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
4007 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4008 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4009 * with struct wpa_driver_ops::init()
4010 * @src_addr: Source address of the EAPOL frame
4011 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4012 * @len: Length of the EAPOL data
4014 * This function is called for each received EAPOL frame. Most driver
4015 * interfaces rely on more generic OS mechanism for receiving frames through
4016 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4017 * take care of received EAPOL frames and deliver them to the core supplicant
4018 * code by calling this function.
4020 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
4021 const u8
*buf
, size_t len
)
4023 struct wpa_supplicant
*wpa_s
= ctx
;
4025 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
4026 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
4028 #ifdef CONFIG_TESTING_OPTIONS
4029 if (wpa_s
->ignore_auth_resp
) {
4030 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
4033 #endif /* CONFIG_TESTING_OPTIONS */
4035 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
4036 (wpa_s
->last_eapol_matches_bssid
&&
4039 #endif /* CONFIG_AP */
4040 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
4042 * There is possible race condition between receiving the
4043 * association event and the EAPOL frame since they are coming
4044 * through different paths from the driver. In order to avoid
4045 * issues in trying to process the EAPOL frame before receiving
4046 * association information, lets queue it for processing until
4047 * the association event is received. This may also be needed in
4048 * driver-based roaming case, so also use src_addr != BSSID as a
4049 * trigger if we have previously confirmed that the
4050 * Authenticator uses BSSID as the src_addr (which is not the
4051 * case with wired IEEE 802.1X).
4053 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4054 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4055 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4056 MAC2STR(wpa_s
->bssid
));
4057 wpabuf_free(wpa_s
->pending_eapol_rx
);
4058 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4059 if (wpa_s
->pending_eapol_rx
) {
4060 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4061 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4067 wpa_s
->last_eapol_matches_bssid
=
4068 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4071 if (wpa_s
->ap_iface
) {
4072 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4075 #endif /* CONFIG_AP */
4077 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4078 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4079 "no key management is configured");
4083 if (wpa_s
->eapol_received
== 0 &&
4084 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
4085 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4086 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4087 (wpa_s
->current_ssid
== NULL
||
4088 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
4089 /* Timeout for completing IEEE 802.1X and WPA authentication */
4092 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4093 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4094 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4095 /* Use longer timeout for IEEE 802.1X/EAP */
4100 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4101 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4102 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4104 * Use shorter timeout if going through WPS AP iteration
4105 * for PIN config method with an AP that does not
4106 * advertise Selected Registrar.
4108 struct wpabuf
*wps_ie
;
4110 wps_ie
= wpa_bss_get_vendor_ie_multi(
4111 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4113 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4115 wpabuf_free(wps_ie
);
4117 #endif /* CONFIG_WPS */
4119 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4121 wpa_s
->eapol_received
++;
4123 if (wpa_s
->countermeasures
) {
4124 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4129 #ifdef CONFIG_IBSS_RSN
4130 if (wpa_s
->current_ssid
&&
4131 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4132 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4135 #endif /* CONFIG_IBSS_RSN */
4137 /* Source address of the incoming EAPOL frame could be compared to the
4138 * current BSSID. However, it is possible that a centralized
4139 * Authenticator could be using another MAC address than the BSSID of
4140 * an AP, so just allow any address to be used for now. The replies are
4141 * still sent to the current BSSID (if available), though. */
4143 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4144 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4145 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4146 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4147 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4149 wpa_drv_poll(wpa_s
);
4150 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
4151 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4152 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4154 * Set portValid = TRUE here since we are going to skip 4-way
4155 * handshake processing which would normally set portValid. We
4156 * need this to allow the EAPOL state machines to be completed
4157 * without going through EAPOL-Key handshake.
4159 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4164 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4166 if ((!wpa_s
->p2p_mgmt
||
4167 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4168 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4169 l2_packet_deinit(wpa_s
->l2
);
4170 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4171 wpa_drv_get_mac_addr(wpa_s
),
4173 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4174 if (wpa_s
->l2
== NULL
)
4177 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4178 L2_PACKET_FILTER_PKTTYPE
))
4179 wpa_dbg(wpa_s
, MSG_DEBUG
,
4180 "Failed to attach pkt_type filter");
4182 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4184 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4187 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4188 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4192 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4198 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4199 const u8
*buf
, size_t len
)
4201 struct wpa_supplicant
*wpa_s
= ctx
;
4202 const struct l2_ethhdr
*eth
;
4204 if (len
< sizeof(*eth
))
4206 eth
= (const struct l2_ethhdr
*) buf
;
4208 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4209 !(eth
->h_dest
[0] & 0x01)) {
4210 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4211 " (bridge - not for this interface - ignore)",
4212 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4216 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4217 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4218 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4219 len
- sizeof(*eth
));
4224 * wpa_supplicant_driver_init - Initialize driver interface parameters
4225 * @wpa_s: Pointer to wpa_supplicant data
4226 * Returns: 0 on success, -1 on failure
4228 * This function is called to initialize driver interface parameters.
4229 * wpa_drv_init() must have been called before this function to initialize the
4232 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4234 static int interface_count
= 0;
4236 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4239 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4240 MAC2STR(wpa_s
->own_addr
));
4241 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4242 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4244 if (wpa_s
->bridge_ifname
[0]) {
4245 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4246 "interface '%s'", wpa_s
->bridge_ifname
);
4247 wpa_s
->l2_br
= l2_packet_init_bridge(
4248 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4249 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4250 if (wpa_s
->l2_br
== NULL
) {
4251 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4252 "connection for the bridge interface '%s'",
4253 wpa_s
->bridge_ifname
);
4258 if (wpa_s
->conf
->ap_scan
== 2 &&
4259 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4260 wpa_printf(MSG_INFO
,
4261 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4264 wpa_clear_keys(wpa_s
, NULL
);
4266 /* Make sure that TKIP countermeasures are not left enabled (could
4267 * happen if wpa_supplicant is killed during countermeasures. */
4268 wpa_drv_set_countermeasures(wpa_s
, 0);
4270 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4271 wpa_drv_flush_pmkid(wpa_s
);
4273 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4274 wpa_s
->prev_scan_wildcard
= 0;
4276 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4277 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4278 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4279 interface_count
= 0;
4282 if (!wpa_s
->p2p_mgmt
&&
4283 wpa_supplicant_delayed_sched_scan(wpa_s
,
4284 interface_count
% 3,
4286 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4288 #endif /* ANDROID */
4291 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4297 static int wpa_supplicant_daemon(const char *pid_file
)
4299 wpa_printf(MSG_DEBUG
, "Daemonize..");
4300 return os_daemonize(pid_file
);
4304 static struct wpa_supplicant
*
4305 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4307 struct wpa_supplicant
*wpa_s
;
4309 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4312 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4313 wpa_s
->scan_interval
= 5;
4314 wpa_s
->new_connection
= 1;
4315 wpa_s
->parent
= parent
? parent
: wpa_s
;
4316 wpa_s
->p2pdev
= wpa_s
->parent
;
4317 wpa_s
->sched_scanning
= 0;
4319 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4320 dl_list_init(&wpa_s
->fils_hlp_req
);
4326 #ifdef CONFIG_HT_OVERRIDES
4328 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4329 struct ieee80211_ht_capabilities
*htcaps
,
4330 struct ieee80211_ht_capabilities
*htcaps_mask
,
4333 /* parse ht_mcs into hex array */
4335 const char *tmp
= ht_mcs
;
4338 /* If ht_mcs is null, do not set anything */
4342 /* This is what we are setting in the kernel */
4343 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4345 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4347 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4351 v
= strtol(tmp
, &end
, 16);
4354 wpa_msg(wpa_s
, MSG_DEBUG
,
4355 "htcap value[%i]: %ld end: %p tmp: %p",
4360 htcaps
->supported_mcs_set
[i
] = v
;
4363 wpa_msg(wpa_s
, MSG_ERROR
,
4364 "Failed to parse ht-mcs: %s, error: %s\n",
4365 ht_mcs
, strerror(errno
));
4371 * If we were able to parse any values, then set mask for the MCS set.
4374 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4375 IEEE80211_HT_MCS_MASK_LEN
- 1);
4376 /* skip the 3 reserved bits */
4377 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4385 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4386 struct ieee80211_ht_capabilities
*htcaps
,
4387 struct ieee80211_ht_capabilities
*htcaps_mask
,
4392 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4397 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4398 htcaps_mask
->ht_capabilities_info
|= msk
;
4400 htcaps
->ht_capabilities_info
&= msk
;
4402 htcaps
->ht_capabilities_info
|= msk
;
4408 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4409 struct ieee80211_ht_capabilities
*htcaps
,
4410 struct ieee80211_ht_capabilities
*htcaps_mask
,
4413 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4418 if (factor
< 0 || factor
> 3) {
4419 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4420 "Must be 0-3 or -1", factor
);
4424 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4425 htcaps
->a_mpdu_params
&= ~0x3;
4426 htcaps
->a_mpdu_params
|= factor
& 0x3;
4432 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4433 struct ieee80211_ht_capabilities
*htcaps
,
4434 struct ieee80211_ht_capabilities
*htcaps_mask
,
4437 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4442 if (density
< 0 || density
> 7) {
4443 wpa_msg(wpa_s
, MSG_ERROR
,
4444 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4449 htcaps_mask
->a_mpdu_params
|= 0x1C;
4450 htcaps
->a_mpdu_params
&= ~(0x1C);
4451 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4457 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4458 struct ieee80211_ht_capabilities
*htcaps
,
4459 struct ieee80211_ht_capabilities
*htcaps_mask
,
4462 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4464 set_disable_ht40(htcaps
, disabled
);
4465 set_disable_ht40(htcaps_mask
, 0);
4471 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4472 struct ieee80211_ht_capabilities
*htcaps
,
4473 struct ieee80211_ht_capabilities
*htcaps_mask
,
4476 /* Masking these out disables SGI */
4477 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4478 HT_CAP_INFO_SHORT_GI40MHZ
);
4480 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4483 htcaps
->ht_capabilities_info
&= ~msk
;
4485 htcaps
->ht_capabilities_info
|= msk
;
4487 htcaps_mask
->ht_capabilities_info
|= msk
;
4493 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4494 struct ieee80211_ht_capabilities
*htcaps
,
4495 struct ieee80211_ht_capabilities
*htcaps_mask
,
4498 /* Masking these out disables LDPC */
4499 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4501 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4504 htcaps
->ht_capabilities_info
&= ~msk
;
4506 htcaps
->ht_capabilities_info
|= msk
;
4508 htcaps_mask
->ht_capabilities_info
|= msk
;
4514 void wpa_supplicant_apply_ht_overrides(
4515 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4516 struct wpa_driver_associate_params
*params
)
4518 struct ieee80211_ht_capabilities
*htcaps
;
4519 struct ieee80211_ht_capabilities
*htcaps_mask
;
4524 params
->disable_ht
= ssid
->disable_ht
;
4525 if (!params
->htcaps
|| !params
->htcaps_mask
)
4528 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4529 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4530 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4531 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4532 ssid
->disable_max_amsdu
);
4533 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4534 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4535 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4536 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4537 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4539 if (ssid
->ht40_intolerant
) {
4540 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4541 htcaps
->ht_capabilities_info
|= bit
;
4542 htcaps_mask
->ht_capabilities_info
|= bit
;
4546 #endif /* CONFIG_HT_OVERRIDES */
4549 #ifdef CONFIG_VHT_OVERRIDES
4550 void wpa_supplicant_apply_vht_overrides(
4551 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4552 struct wpa_driver_associate_params
*params
)
4554 struct ieee80211_vht_capabilities
*vhtcaps
;
4555 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4560 params
->disable_vht
= ssid
->disable_vht
;
4562 vhtcaps
= (void *) params
->vhtcaps
;
4563 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4565 if (!vhtcaps
|| !vhtcaps_mask
)
4568 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4569 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4571 #ifdef CONFIG_HT_OVERRIDES
4572 /* if max ampdu is <= 3, we have to make the HT cap the same */
4573 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4576 max_ampdu
= (ssid
->vht_capa
&
4577 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4578 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4580 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4581 wpa_set_ampdu_factor(wpa_s
,
4582 (void *) params
->htcaps
,
4583 (void *) params
->htcaps_mask
,
4586 #endif /* CONFIG_HT_OVERRIDES */
4588 #define OVERRIDE_MCS(i) \
4589 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4590 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4591 host_to_le16(3 << 2 * (i - 1)); \
4592 vhtcaps->vht_supported_mcs_set.tx_map |= \
4593 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4596 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4597 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4598 host_to_le16(3 << 2 * (i - 1)); \
4599 vhtcaps->vht_supported_mcs_set.rx_map |= \
4600 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4613 #endif /* CONFIG_VHT_OVERRIDES */
4616 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4621 if (!wpa_s
->conf
->pcsc_reader
)
4624 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4628 if (wpa_s
->conf
->pcsc_pin
&&
4629 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4630 scard_deinit(wpa_s
->scard
);
4631 wpa_s
->scard
= NULL
;
4632 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4636 len
= sizeof(wpa_s
->imsi
) - 1;
4637 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4638 scard_deinit(wpa_s
->scard
);
4639 wpa_s
->scard
= NULL
;
4640 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4643 wpa_s
->imsi
[len
] = '\0';
4645 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4647 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4648 wpa_s
->imsi
, wpa_s
->mnc_len
);
4650 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4651 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4652 #endif /* PCSC_FUNCS */
4658 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4662 ext_password_deinit(wpa_s
->ext_pw
);
4663 wpa_s
->ext_pw
= NULL
;
4664 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4666 if (!wpa_s
->conf
->ext_password_backend
)
4669 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4672 pos
= os_strchr(val
, ':');
4676 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4678 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4680 if (wpa_s
->ext_pw
== NULL
) {
4681 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4684 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4692 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4694 struct wpa_supplicant
*wpa_s
= ctx
;
4696 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4697 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4701 static void wpas_fst_get_channel_info_cb(void *ctx
,
4702 enum hostapd_hw_mode
*hw_mode
,
4705 struct wpa_supplicant
*wpa_s
= ctx
;
4707 if (wpa_s
->current_bss
) {
4708 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4710 } else if (wpa_s
->hw
.num_modes
) {
4711 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4719 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4721 struct wpa_supplicant
*wpa_s
= ctx
;
4723 *modes
= wpa_s
->hw
.modes
;
4724 return wpa_s
->hw
.num_modes
;
4728 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4730 struct wpa_supplicant
*wpa_s
= ctx
;
4732 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4733 wpa_s
->fst_ies
= fst_ies
;
4737 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4739 struct wpa_supplicant
*wpa_s
= ctx
;
4741 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4742 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4743 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4746 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4747 wpa_s
->own_addr
, wpa_s
->bssid
,
4748 wpabuf_head(data
), wpabuf_len(data
),
4753 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4755 struct wpa_supplicant
*wpa_s
= ctx
;
4757 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4758 return wpa_s
->received_mb_ies
;
4762 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4763 const u8
*buf
, size_t size
)
4765 struct wpa_supplicant
*wpa_s
= ctx
;
4766 struct mb_ies_info info
;
4768 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4770 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4771 wpabuf_free(wpa_s
->received_mb_ies
);
4772 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4777 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4778 struct fst_get_peer_ctx
**get_ctx
,
4781 struct wpa_supplicant
*wpa_s
= ctx
;
4784 if (!is_zero_ether_addr(wpa_s
->bssid
))
4785 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4786 wpa_s
->bssid
: NULL
;
4791 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4792 struct fst_get_peer_ctx
**get_ctx
,
4798 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4799 struct fst_wpa_obj
*iface_obj
)
4801 iface_obj
->ctx
= wpa_s
;
4802 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4803 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4804 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4805 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4806 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4807 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4808 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4809 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4810 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4812 #endif /* CONFIG_FST */
4814 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4815 const struct wpa_driver_capa
*capa
)
4817 struct wowlan_triggers
*triggers
;
4820 if (!wpa_s
->conf
->wowlan_triggers
)
4823 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4825 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4832 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4835 return BAND_2_4_GHZ
;
4842 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4845 unsigned int band
= 0;
4848 /* freqs are specified for the radio work */
4849 for (i
= 0; freqs
[i
]; i
++)
4850 band
|= wpas_freq_to_band(freqs
[i
]);
4853 * freqs are not specified, implies all
4854 * the supported freqs by HW
4856 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4857 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4858 if (wpa_s
->hw
.modes
[i
].mode
==
4859 HOSTAPD_MODE_IEEE80211B
||
4860 wpa_s
->hw
.modes
[i
].mode
==
4861 HOSTAPD_MODE_IEEE80211G
)
4862 band
|= BAND_2_4_GHZ
;
4863 else if (wpa_s
->hw
.modes
[i
].mode
==
4864 HOSTAPD_MODE_IEEE80211A
)
4866 else if (wpa_s
->hw
.modes
[i
].mode
==
4867 HOSTAPD_MODE_IEEE80211AD
)
4868 band
|= BAND_60_GHZ
;
4869 else if (wpa_s
->hw
.modes
[i
].mode
==
4870 HOSTAPD_MODE_IEEE80211ANY
)
4871 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4881 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4884 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4885 struct wpa_radio
*radio
;
4887 while (rn
&& iface
) {
4888 radio
= iface
->radio
;
4889 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4890 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4892 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4896 iface
= iface
->next
;
4899 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4900 wpa_s
->ifname
, rn
? rn
: "N/A");
4901 radio
= os_zalloc(sizeof(*radio
));
4906 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4907 dl_list_init(&radio
->ifaces
);
4908 dl_list_init(&radio
->work
);
4909 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4915 static void radio_work_free(struct wpa_radio_work
*work
)
4917 if (work
->wpa_s
->scan_work
== work
) {
4918 /* This should not really happen. */
4919 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4920 work
->type
, work
, work
->started
);
4921 work
->wpa_s
->scan_work
= NULL
;
4925 if (work
->wpa_s
->p2p_scan_work
== work
) {
4926 /* This should not really happen. */
4927 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4928 work
->type
, work
, work
->started
);
4929 work
->wpa_s
->p2p_scan_work
= NULL
;
4931 #endif /* CONFIG_P2P */
4933 if (work
->started
) {
4934 work
->wpa_s
->radio
->num_active_works
--;
4935 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4936 "radio_work_free('%s'@%p): num_active_works --> %u",
4938 work
->wpa_s
->radio
->num_active_works
);
4941 dl_list_del(&work
->list
);
4946 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4948 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4949 os_strcmp(work
->type
, "connect") == 0;
4953 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4955 return os_strcmp(work
->type
, "scan") == 0 ||
4956 os_strcmp(work
->type
, "p2p-scan") == 0;
4960 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4962 struct wpa_radio_work
*active_work
= NULL
;
4963 struct wpa_radio_work
*tmp
;
4965 /* Get the active work to know the type and band. */
4966 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4974 /* No active work, start one */
4975 radio
->num_active_works
= 0;
4976 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4978 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4979 radio
->external_scan_running
&&
4980 (((struct wpa_driver_scan_params
*)
4981 tmp
->ctx
)->only_new_results
||
4982 tmp
->wpa_s
->clear_driver_scan_cache
))
4989 if (radio_work_is_connect(active_work
)) {
4991 * If the active work is either connect or sme-connect,
4992 * do not parallelize them with other radio works.
4994 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4995 "Do not parallelize radio work with %s",
5000 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5005 * If connect or sme-connect are enqueued, parallelize only
5006 * those operations ahead of them in the queue.
5008 if (radio_work_is_connect(tmp
))
5011 /* Serialize parallel scan and p2p_scan operations on the same
5012 * interface since the driver_nl80211 mechanism for tracking
5013 * scan cookies does not yet have support for this. */
5014 if (active_work
->wpa_s
== tmp
->wpa_s
&&
5015 radio_work_is_scan(active_work
) &&
5016 radio_work_is_scan(tmp
)) {
5017 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5018 "Do not start work '%s' when another work '%s' is already scheduled",
5019 tmp
->type
, active_work
->type
);
5023 * Check that the radio works are distinct and
5024 * on different bands.
5026 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
5027 (active_work
->bands
!= tmp
->bands
)) {
5029 * If a scan has to be scheduled through nl80211 scan
5030 * interface and if an external scan is already running,
5031 * do not schedule the scan since it is likely to get
5032 * rejected by kernel.
5034 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5035 radio
->external_scan_running
&&
5036 (((struct wpa_driver_scan_params
*)
5037 tmp
->ctx
)->only_new_results
||
5038 tmp
->wpa_s
->clear_driver_scan_cache
))
5041 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5042 "active_work:%s new_work:%s",
5043 active_work
->type
, tmp
->type
);
5048 /* Did not find a radio work to schedule in parallel. */
5053 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5055 struct wpa_radio
*radio
= eloop_ctx
;
5056 struct wpa_radio_work
*work
;
5057 struct os_reltime now
, diff
;
5058 struct wpa_supplicant
*wpa_s
;
5060 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5062 radio
->num_active_works
= 0;
5066 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5070 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5072 return; /* already started and still in progress */
5074 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5075 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5080 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5081 /* get the work to schedule next */
5082 work
= radio_work_get_next_work(radio
);
5088 wpa_s
= work
->wpa_s
;
5089 os_get_reltime(&now
);
5090 os_reltime_sub(&now
, &work
->time
, &diff
);
5091 wpa_dbg(wpa_s
, MSG_DEBUG
,
5092 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5093 work
->type
, work
, diff
.sec
, diff
.usec
);
5096 radio
->num_active_works
++;
5100 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5101 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5102 radio_work_check_next(wpa_s
);
5107 * This function removes both started and pending radio works running on
5108 * the provided interface's radio.
5109 * Prior to the removal of the radio work, its callback (cb) is called with
5110 * deinit set to be 1. Each work's callback is responsible for clearing its
5111 * internal data and restoring to a correct state.
5112 * @wpa_s: wpa_supplicant data
5113 * @type: type of works to be removed
5114 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5115 * this interface's works.
5117 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5118 const char *type
, int remove_all
)
5120 struct wpa_radio_work
*work
, *tmp
;
5121 struct wpa_radio
*radio
= wpa_s
->radio
;
5123 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5125 if (type
&& os_strcmp(type
, work
->type
) != 0)
5128 /* skip other ifaces' works */
5129 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5132 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5133 work
->type
, work
, work
->started
? " (started)" : "");
5135 radio_work_free(work
);
5138 /* in case we removed the started work */
5139 radio_work_check_next(wpa_s
);
5143 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5145 struct wpa_radio_work
*work
;
5146 struct wpa_radio
*radio
= wpa_s
->radio
;
5148 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5149 if (work
->ctx
!= ctx
)
5151 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5152 work
->type
, work
, work
->started
? " (started)" : "");
5153 radio_work_free(work
);
5159 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5161 struct wpa_radio
*radio
= wpa_s
->radio
;
5166 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5167 wpa_s
->ifname
, radio
->name
);
5168 dl_list_del(&wpa_s
->radio_list
);
5169 radio_remove_works(wpa_s
, NULL
, 0);
5170 wpa_s
->radio
= NULL
;
5171 if (!dl_list_empty(&radio
->ifaces
))
5172 return; /* Interfaces remain for this radio */
5174 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5175 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5180 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5182 struct wpa_radio
*radio
= wpa_s
->radio
;
5184 if (dl_list_empty(&radio
->work
))
5186 if (wpa_s
->ext_work_in_progress
) {
5187 wpa_printf(MSG_DEBUG
,
5188 "External radio work in progress - delay start of pending item");
5191 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5192 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5197 * radio_add_work - Add a radio work item
5198 * @wpa_s: Pointer to wpa_supplicant data
5199 * @freq: Frequency of the offchannel operation in MHz or 0
5200 * @type: Unique identifier for each type of work
5201 * @next: Force as the next work to be executed
5202 * @cb: Callback function for indicating when radio is available
5203 * @ctx: Context pointer for the work (work->ctx in cb())
5204 * Returns: 0 on success, -1 on failure
5206 * This function is used to request time for an operation that requires
5207 * exclusive radio control. Once the radio is available, the registered callback
5208 * function will be called. radio_work_done() must be called once the exclusive
5209 * radio operation has been completed, so that the radio is freed for other
5210 * operations. The special case of deinit=1 is used to free the context data
5211 * during interface removal. That does not allow the callback function to start
5212 * the radio operation, i.e., it must free any resources allocated for the radio
5215 * The @freq parameter can be used to indicate a single channel on which the
5216 * offchannel operation will occur. This may allow multiple radio work
5217 * operations to be performed in parallel if they apply for the same channel.
5218 * Setting this to 0 indicates that the work item may use multiple channels or
5219 * requires exclusive control of the radio.
5221 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5222 const char *type
, int next
,
5223 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5226 struct wpa_radio
*radio
= wpa_s
->radio
;
5227 struct wpa_radio_work
*work
;
5230 work
= os_zalloc(sizeof(*work
));
5233 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5234 os_get_reltime(&work
->time
);
5237 work
->wpa_s
= wpa_s
;
5242 work
->bands
= wpas_freq_to_band(freq
);
5243 else if (os_strcmp(type
, "scan") == 0 ||
5244 os_strcmp(type
, "p2p-scan") == 0)
5245 work
->bands
= wpas_get_bands(wpa_s
,
5246 ((struct wpa_driver_scan_params
*)
5249 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5251 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5253 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5255 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5257 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5258 radio_work_check_next(wpa_s
);
5259 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5260 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5261 wpa_dbg(wpa_s
, MSG_DEBUG
,
5262 "Try to schedule a radio work (num_active_works=%u)",
5263 radio
->num_active_works
);
5264 radio_work_check_next(wpa_s
);
5272 * radio_work_done - Indicate that a radio work item has been completed
5273 * @work: Completed work
5275 * This function is called once the callback function registered with
5276 * radio_add_work() has completed its work.
5278 void radio_work_done(struct wpa_radio_work
*work
)
5280 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5281 struct os_reltime now
, diff
;
5282 unsigned int started
= work
->started
;
5284 os_get_reltime(&now
);
5285 os_reltime_sub(&now
, &work
->time
, &diff
);
5286 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5287 work
->type
, work
, started
? "done" : "canceled",
5288 diff
.sec
, diff
.usec
);
5289 radio_work_free(work
);
5291 radio_work_check_next(wpa_s
);
5295 struct wpa_radio_work
*
5296 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5298 struct wpa_radio_work
*work
;
5299 struct wpa_radio
*radio
= wpa_s
->radio
;
5301 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5302 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5310 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5311 const struct wpa_interface
*iface
)
5313 const char *ifname
, *driver
, *rn
;
5315 driver
= iface
->driver
;
5317 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5320 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5321 if (wpa_s
->drv_priv
== NULL
) {
5323 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5325 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5326 "driver interface - try next driver wrapper");
5330 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5334 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5335 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5336 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5340 ifname
= wpa_drv_get_ifname(wpa_s
);
5341 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5342 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5343 "interface name with '%s'", ifname
);
5344 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5347 rn
= wpa_driver_get_radio_name(wpa_s
);
5348 if (rn
&& rn
[0] == '\0')
5351 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5352 if (wpa_s
->radio
== NULL
)
5359 #ifdef CONFIG_GAS_SERVER
5361 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5362 unsigned int freq
, const u8
*dst
,
5363 const u8
*src
, const u8
*bssid
,
5364 const u8
*data
, size_t data_len
,
5365 enum offchannel_send_action_result result
)
5367 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5370 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5371 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5373 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5374 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5378 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5379 struct wpabuf
*buf
, unsigned int wait_time
)
5381 struct wpa_supplicant
*wpa_s
= ctx
;
5382 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5384 if (wait_time
> wpa_s
->max_remain_on_chan
)
5385 wait_time
= wpa_s
->max_remain_on_chan
;
5387 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5388 wpabuf_head(buf
), wpabuf_len(buf
),
5389 wait_time
, wpas_gas_server_tx_status
, 0);
5392 #endif /* CONFIG_GAS_SERVER */
5394 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5395 const struct wpa_interface
*iface
)
5397 struct wpa_driver_capa capa
;
5401 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5402 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5403 iface
->confname
? iface
->confname
: "N/A",
5404 iface
->driver
? iface
->driver
: "default",
5405 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5406 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5408 if (iface
->confname
) {
5409 #ifdef CONFIG_BACKEND_FILE
5410 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5411 if (wpa_s
->confname
== NULL
) {
5412 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5413 "for configuration file '%s'.",
5417 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5418 iface
->confname
, wpa_s
->confname
);
5419 #else /* CONFIG_BACKEND_FILE */
5420 wpa_s
->confname
= os_strdup(iface
->confname
);
5421 #endif /* CONFIG_BACKEND_FILE */
5422 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5423 if (wpa_s
->conf
== NULL
) {
5424 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5425 "configuration '%s'.", wpa_s
->confname
);
5428 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5429 if (wpa_s
->confanother
&&
5430 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5431 wpa_printf(MSG_ERROR
,
5432 "Failed to read or parse configuration '%s'.",
5433 wpa_s
->confanother
);
5438 * Override ctrl_interface and driver_param if set on command
5441 if (iface
->ctrl_interface
) {
5442 os_free(wpa_s
->conf
->ctrl_interface
);
5443 wpa_s
->conf
->ctrl_interface
=
5444 os_strdup(iface
->ctrl_interface
);
5447 if (iface
->driver_param
) {
5448 os_free(wpa_s
->conf
->driver_param
);
5449 wpa_s
->conf
->driver_param
=
5450 os_strdup(iface
->driver_param
);
5453 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5454 os_free(wpa_s
->conf
->ctrl_interface
);
5455 wpa_s
->conf
->ctrl_interface
= NULL
;
5458 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5459 iface
->driver_param
);
5461 if (wpa_s
->conf
== NULL
) {
5462 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5466 if (iface
->ifname
== NULL
) {
5467 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5470 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5471 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5475 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5477 if (iface
->bridge_ifname
) {
5478 if (os_strlen(iface
->bridge_ifname
) >=
5479 sizeof(wpa_s
->bridge_ifname
)) {
5480 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5481 "name '%s'.", iface
->bridge_ifname
);
5484 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5485 sizeof(wpa_s
->bridge_ifname
));
5488 /* RSNA Supplicant Key Management - INITIALIZE */
5489 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5490 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5492 /* Initialize driver interface and register driver event handler before
5493 * L2 receive handler so that association events are processed before
5494 * EAPOL-Key packets if both become available for the same select()
5496 if (wpas_init_driver(wpa_s
, iface
) < 0)
5499 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5502 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5503 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5505 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5507 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5508 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5509 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5510 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5511 "dot11RSNAConfigPMKLifetime");
5515 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5516 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5517 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5518 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5519 "dot11RSNAConfigPMKReauthThreshold");
5523 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5524 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5525 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5526 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5527 "dot11RSNAConfigSATimeout");
5531 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5532 &wpa_s
->hw
.num_modes
,
5535 if (wpa_s
->hw
.modes
) {
5538 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5539 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5540 wpa_s
->hw_capab
= CAPAB_VHT
;
5544 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5545 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5546 wpa_s
->hw_capab
= CAPAB_HT40
;
5547 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5548 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5549 wpa_s
->hw_capab
= CAPAB_HT
;
5553 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5554 if (capa_res
== 0) {
5555 wpa_s
->drv_capa_known
= 1;
5556 wpa_s
->drv_flags
= capa
.flags
;
5557 wpa_s
->drv_enc
= capa
.enc
;
5558 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5559 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5560 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5561 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5562 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5563 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5564 wpa_s
->max_sched_scan_plan_interval
=
5565 capa
.max_sched_scan_plan_interval
;
5566 wpa_s
->max_sched_scan_plan_iterations
=
5567 capa
.max_sched_scan_plan_iterations
;
5568 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5569 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5570 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5571 wpa_s
->max_stations
= capa
.max_stations
;
5572 wpa_s
->extended_capa
= capa
.extended_capa
;
5573 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5574 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5575 wpa_s
->num_multichan_concurrent
=
5576 capa
.num_multichan_concurrent
;
5577 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5579 if (capa
.mac_addr_rand_scan_supported
)
5580 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5581 if (wpa_s
->sched_scan_supported
&&
5582 capa
.mac_addr_rand_sched_scan_supported
)
5583 wpa_s
->mac_addr_rand_supported
|=
5584 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5586 if (wpa_s
->max_remain_on_chan
== 0)
5587 wpa_s
->max_remain_on_chan
= 1000;
5590 * Only take p2p_mgmt parameters when P2P Device is supported.
5591 * Doing it here as it determines whether l2_packet_init() will be done
5592 * during wpa_supplicant_driver_init().
5594 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5595 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5597 if (wpa_s
->num_multichan_concurrent
== 0)
5598 wpa_s
->num_multichan_concurrent
= 1;
5600 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5604 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5606 #endif /* CONFIG_TDLS */
5608 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5609 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5610 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5615 if (wpa_s
->conf
->fst_group_id
) {
5616 struct fst_iface_cfg cfg
;
5617 struct fst_wpa_obj iface_obj
;
5619 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5620 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5621 sizeof(cfg
.group_id
));
5622 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5623 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5625 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5628 wpa_msg(wpa_s
, MSG_ERROR
,
5629 "FST: Cannot attach iface %s to group %s",
5630 wpa_s
->ifname
, cfg
.group_id
);
5634 #endif /* CONFIG_FST */
5636 if (wpas_wps_init(wpa_s
))
5639 #ifdef CONFIG_GAS_SERVER
5640 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5641 if (!wpa_s
->gas_server
) {
5642 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5645 #endif /* CONFIG_GAS_SERVER */
5648 if (wpas_dpp_init(wpa_s
) < 0)
5650 #endif /* CONFIG_DPP */
5652 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5654 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5656 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5657 if (wpa_s
->ctrl_iface
== NULL
) {
5658 wpa_printf(MSG_ERROR
,
5659 "Failed to initialize control interface '%s'.\n"
5660 "You may have another wpa_supplicant process "
5661 "already running or the file was\n"
5662 "left by an unclean termination of wpa_supplicant "
5663 "in which case you will need\n"
5664 "to manually remove this file before starting "
5665 "wpa_supplicant again.\n",
5666 wpa_s
->conf
->ctrl_interface
);
5670 wpa_s
->gas
= gas_query_init(wpa_s
);
5671 if (wpa_s
->gas
== NULL
) {
5672 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5676 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5678 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5679 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5683 if (wpa_bss_init(wpa_s
) < 0)
5686 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5688 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5689 #endif /* CONFIG_MESH */
5690 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5693 * Set Wake-on-WLAN triggers, if configured.
5694 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5695 * have effect anyway when the interface is down).
5697 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5700 #ifdef CONFIG_EAP_PROXY
5703 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5705 if (wpa_s
->mnc_len
> 0) {
5706 wpa_s
->imsi
[len
] = '\0';
5707 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5708 wpa_s
->imsi
, wpa_s
->mnc_len
);
5710 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5713 #endif /* CONFIG_EAP_PROXY */
5715 if (pcsc_reader_init(wpa_s
) < 0)
5718 if (wpas_init_ext_pw(wpa_s
) < 0)
5721 wpas_rrm_reset(wpa_s
);
5723 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5727 #endif /* CONFIG_HS20 */
5729 if (wpa_s
->conf
->oce
) {
5730 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5731 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5732 wpa_s
->enable_oce
= OCE_STA
;
5733 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5734 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5735 /* TODO: Need to add STA-CFON support */
5736 wpa_printf(MSG_ERROR
,
5737 "OCE STA-CFON feature is not yet supported");
5740 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5741 #endif /* CONFIG_MBO */
5743 wpa_supplicant_set_default_scan_ies(wpa_s
);
5749 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5750 int notify
, int terminate
)
5752 struct wpa_global
*global
= wpa_s
->global
;
5753 struct wpa_supplicant
*iface
, *prev
;
5755 if (wpa_s
== wpa_s
->parent
)
5756 wpas_p2p_group_remove(wpa_s
, "*");
5758 iface
= global
->ifaces
;
5760 if (iface
->p2pdev
== wpa_s
)
5761 iface
->p2pdev
= iface
->parent
;
5762 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5763 iface
= iface
->next
;
5766 wpa_printf(MSG_DEBUG
,
5767 "Remove remaining child interface %s from parent %s",
5768 iface
->ifname
, wpa_s
->ifname
);
5770 iface
= iface
->next
;
5771 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5774 wpa_s
->disconnected
= 1;
5775 if (wpa_s
->drv_priv
) {
5776 wpa_supplicant_deauthenticate(wpa_s
,
5777 WLAN_REASON_DEAUTH_LEAVING
);
5779 wpa_drv_set_countermeasures(wpa_s
, 0);
5780 wpa_clear_keys(wpa_s
, NULL
);
5783 wpa_supplicant_cleanup(wpa_s
);
5784 wpas_p2p_deinit_iface(wpa_s
);
5786 wpas_ctrl_radio_work_flush(wpa_s
);
5787 radio_remove_interface(wpa_s
);
5791 fst_detach(wpa_s
->fst
);
5794 if (wpa_s
->received_mb_ies
) {
5795 wpabuf_free(wpa_s
->received_mb_ies
);
5796 wpa_s
->received_mb_ies
= NULL
;
5798 #endif /* CONFIG_FST */
5800 if (wpa_s
->drv_priv
)
5801 wpa_drv_deinit(wpa_s
);
5804 wpas_notify_iface_removed(wpa_s
);
5807 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5809 if (wpa_s
->ctrl_iface
) {
5810 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5811 wpa_s
->ctrl_iface
= NULL
;
5816 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5817 wpa_s
->ifmsh
= NULL
;
5819 #endif /* CONFIG_MESH */
5821 if (wpa_s
->conf
!= NULL
) {
5822 wpa_config_free(wpa_s
->conf
);
5826 os_free(wpa_s
->ssids_from_scan_req
);
5832 #ifdef CONFIG_MATCH_IFACE
5835 * wpa_supplicant_match_iface - Match an interface description to a name
5836 * @global: Pointer to global data from wpa_supplicant_init()
5837 * @ifname: Name of the interface to match
5838 * Returns: Pointer to the created interface description or %NULL on failure
5840 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5844 struct wpa_interface
*iface
, *miface
;
5846 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5847 miface
= &global
->params
.match_ifaces
[i
];
5848 if (!miface
->ifname
||
5849 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5850 iface
= os_zalloc(sizeof(*iface
));
5854 iface
->ifname
= ifname
;
5864 * wpa_supplicant_match_existing - Match existing interfaces
5865 * @global: Pointer to global data from wpa_supplicant_init()
5866 * Returns: 0 on success, -1 on failure
5868 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5870 struct if_nameindex
*ifi
, *ifp
;
5871 struct wpa_supplicant
*wpa_s
;
5872 struct wpa_interface
*iface
;
5874 ifp
= if_nameindex();
5876 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5880 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5881 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5884 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5886 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5893 if_freenameindex(ifp
);
5897 #endif /* CONFIG_MATCH_IFACE */
5901 * wpa_supplicant_add_iface - Add a new network interface
5902 * @global: Pointer to global data from wpa_supplicant_init()
5903 * @iface: Interface configuration options
5904 * @parent: Parent interface or %NULL to assign new interface as parent
5905 * Returns: Pointer to the created interface or %NULL on failure
5907 * This function is used to add new network interfaces for %wpa_supplicant.
5908 * This can be called before wpa_supplicant_run() to add interfaces before the
5909 * main event loop has been started. In addition, new interfaces can be added
5910 * dynamically while %wpa_supplicant is already running. This could happen,
5911 * e.g., when a hotplug network adapter is inserted.
5913 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5914 struct wpa_interface
*iface
,
5915 struct wpa_supplicant
*parent
)
5917 struct wpa_supplicant
*wpa_s
;
5918 struct wpa_interface t_iface
;
5919 struct wpa_ssid
*ssid
;
5921 if (global
== NULL
|| iface
== NULL
)
5924 wpa_s
= wpa_supplicant_alloc(parent
);
5928 wpa_s
->global
= global
;
5931 if (global
->params
.override_driver
) {
5932 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5934 iface
->driver
, global
->params
.override_driver
);
5935 t_iface
.driver
= global
->params
.override_driver
;
5937 if (global
->params
.override_ctrl_interface
) {
5938 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5939 "ctrl_interface ('%s' -> '%s')",
5940 iface
->ctrl_interface
,
5941 global
->params
.override_ctrl_interface
);
5942 t_iface
.ctrl_interface
=
5943 global
->params
.override_ctrl_interface
;
5945 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5946 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5948 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5952 if (iface
->p2p_mgmt
== 0) {
5953 /* Notify the control interfaces about new iface */
5954 if (wpas_notify_iface_added(wpa_s
)) {
5955 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5959 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5960 wpas_notify_network_added(wpa_s
, ssid
);
5963 wpa_s
->next
= global
->ifaces
;
5964 global
->ifaces
= wpa_s
;
5966 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5967 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5970 if (wpa_s
->global
->p2p
== NULL
&&
5971 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5972 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5973 wpas_p2p_add_p2pdev_interface(
5974 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5975 wpa_printf(MSG_INFO
,
5976 "P2P: Failed to enable P2P Device interface");
5977 /* Try to continue without. P2P will be disabled. */
5979 #endif /* CONFIG_P2P */
5986 * wpa_supplicant_remove_iface - Remove a network interface
5987 * @global: Pointer to global data from wpa_supplicant_init()
5988 * @wpa_s: Pointer to the network interface to be removed
5989 * Returns: 0 if interface was removed, -1 if interface was not found
5991 * This function can be used to dynamically remove network interfaces from
5992 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5993 * addition, this function is used to remove all remaining interfaces when
5994 * %wpa_supplicant is terminated.
5996 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5997 struct wpa_supplicant
*wpa_s
,
6000 struct wpa_supplicant
*prev
;
6002 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
6003 char *ifname
= NULL
;
6004 struct wpa_supplicant
*parent
= wpa_s
->parent
;
6005 #endif /* CONFIG_MESH */
6007 /* Remove interface from the global list of interfaces */
6008 prev
= global
->ifaces
;
6009 if (prev
== wpa_s
) {
6010 global
->ifaces
= wpa_s
->next
;
6012 while (prev
&& prev
->next
!= wpa_s
)
6016 prev
->next
= wpa_s
->next
;
6019 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
6022 if (mesh_if_created
) {
6023 ifname
= os_strdup(wpa_s
->ifname
);
6024 if (ifname
== NULL
) {
6025 wpa_dbg(wpa_s
, MSG_ERROR
,
6026 "mesh: Failed to malloc ifname");
6030 #endif /* CONFIG_MESH */
6032 if (global
->p2p_group_formation
== wpa_s
)
6033 global
->p2p_group_formation
= NULL
;
6034 if (global
->p2p_invite_group
== wpa_s
)
6035 global
->p2p_invite_group
= NULL
;
6036 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
6039 if (mesh_if_created
) {
6040 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
6043 #endif /* CONFIG_MESH */
6050 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6051 * @wpa_s: Pointer to the network interface
6052 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6054 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6056 const char *eapol_method
;
6058 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6059 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6063 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6064 if (eapol_method
== NULL
)
6065 return "UNKNOWN-EAP";
6067 return eapol_method
;
6072 * wpa_supplicant_get_iface - Get a new network interface
6073 * @global: Pointer to global data from wpa_supplicant_init()
6074 * @ifname: Interface name
6075 * Returns: Pointer to the interface or %NULL if not found
6077 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6080 struct wpa_supplicant
*wpa_s
;
6082 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6083 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6090 #ifndef CONFIG_NO_WPA_MSG
6091 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6093 struct wpa_supplicant
*wpa_s
= ctx
;
6096 return wpa_s
->ifname
;
6098 #endif /* CONFIG_NO_WPA_MSG */
6101 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6102 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6103 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6105 /* Periodic cleanup tasks */
6106 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6108 struct wpa_global
*global
= eloop_ctx
;
6109 struct wpa_supplicant
*wpa_s
;
6111 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6112 wpas_periodic
, global
, NULL
);
6116 p2p_expire_peers(global
->p2p
);
6117 #endif /* CONFIG_P2P */
6119 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6120 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6123 #endif /* CONFIG_AP */
6129 * wpa_supplicant_init - Initialize %wpa_supplicant
6130 * @params: Parameters for %wpa_supplicant
6131 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6133 * This function is used to initialize %wpa_supplicant. After successful
6134 * initialization, the returned data pointer can be used to add and remove
6135 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6137 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6139 struct wpa_global
*global
;
6145 #ifdef CONFIG_DRIVER_NDIS
6147 void driver_ndis_init_ops(void);
6148 driver_ndis_init_ops();
6150 #endif /* CONFIG_DRIVER_NDIS */
6152 #ifndef CONFIG_NO_WPA_MSG
6153 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6154 #endif /* CONFIG_NO_WPA_MSG */
6156 if (params
->wpa_debug_file_path
)
6157 wpa_debug_open_file(params
->wpa_debug_file_path
);
6159 wpa_debug_setup_stdout();
6160 if (params
->wpa_debug_syslog
)
6161 wpa_debug_open_syslog();
6162 if (params
->wpa_debug_tracing
) {
6163 ret
= wpa_debug_open_linux_tracing();
6165 wpa_printf(MSG_ERROR
,
6166 "Failed to enable trace logging");
6171 ret
= eap_register_methods();
6173 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6175 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6176 "the same EAP type.");
6180 global
= os_zalloc(sizeof(*global
));
6183 dl_list_init(&global
->p2p_srv_bonjour
);
6184 dl_list_init(&global
->p2p_srv_upnp
);
6185 global
->params
.daemonize
= params
->daemonize
;
6186 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6187 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6188 if (params
->pid_file
)
6189 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6190 if (params
->ctrl_interface
)
6191 global
->params
.ctrl_interface
=
6192 os_strdup(params
->ctrl_interface
);
6193 if (params
->ctrl_interface_group
)
6194 global
->params
.ctrl_interface_group
=
6195 os_strdup(params
->ctrl_interface_group
);
6196 if (params
->override_driver
)
6197 global
->params
.override_driver
=
6198 os_strdup(params
->override_driver
);
6199 if (params
->override_ctrl_interface
)
6200 global
->params
.override_ctrl_interface
=
6201 os_strdup(params
->override_ctrl_interface
);
6202 #ifdef CONFIG_MATCH_IFACE
6203 global
->params
.match_iface_count
= params
->match_iface_count
;
6204 if (params
->match_iface_count
) {
6205 global
->params
.match_ifaces
=
6206 os_calloc(params
->match_iface_count
,
6207 sizeof(struct wpa_interface
));
6208 os_memcpy(global
->params
.match_ifaces
,
6209 params
->match_ifaces
,
6210 params
->match_iface_count
*
6211 sizeof(struct wpa_interface
));
6213 #endif /* CONFIG_MATCH_IFACE */
6215 if (params
->conf_p2p_dev
)
6216 global
->params
.conf_p2p_dev
=
6217 os_strdup(params
->conf_p2p_dev
);
6218 #endif /* CONFIG_P2P */
6219 wpa_debug_level
= global
->params
.wpa_debug_level
=
6220 params
->wpa_debug_level
;
6221 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6222 params
->wpa_debug_show_keys
;
6223 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6224 params
->wpa_debug_timestamp
;
6226 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6229 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6230 wpa_supplicant_deinit(global
);
6234 random_init(params
->entropy_file
);
6236 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6237 if (global
->ctrl_iface
== NULL
) {
6238 wpa_supplicant_deinit(global
);
6242 if (wpas_notify_supplicant_initialized(global
)) {
6243 wpa_supplicant_deinit(global
);
6247 for (i
= 0; wpa_drivers
[i
]; i
++)
6248 global
->drv_count
++;
6249 if (global
->drv_count
== 0) {
6250 wpa_printf(MSG_ERROR
, "No drivers enabled");
6251 wpa_supplicant_deinit(global
);
6254 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6255 if (global
->drv_priv
== NULL
) {
6256 wpa_supplicant_deinit(global
);
6260 #ifdef CONFIG_WIFI_DISPLAY
6261 if (wifi_display_init(global
) < 0) {
6262 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6263 wpa_supplicant_deinit(global
);
6266 #endif /* CONFIG_WIFI_DISPLAY */
6268 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6269 wpas_periodic
, global
, NULL
);
6276 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6277 * @global: Pointer to global data from wpa_supplicant_init()
6278 * Returns: 0 after successful event loop run, -1 on failure
6280 * This function starts the main event loop and continues running as long as
6281 * there are any remaining events. In most cases, this function is running as
6282 * long as the %wpa_supplicant process in still in use.
6284 int wpa_supplicant_run(struct wpa_global
*global
)
6286 struct wpa_supplicant
*wpa_s
;
6288 if (global
->params
.daemonize
&&
6289 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6290 eloop_sock_requeue()))
6293 #ifdef CONFIG_MATCH_IFACE
6294 if (wpa_supplicant_match_existing(global
))
6298 if (global
->params
.wait_for_monitor
) {
6299 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6300 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6301 wpa_supplicant_ctrl_iface_wait(
6305 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6306 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6315 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6316 * @global: Pointer to global data from wpa_supplicant_init()
6318 * This function is called to deinitialize %wpa_supplicant and to free all
6319 * allocated resources. Remaining network interfaces will also be removed.
6321 void wpa_supplicant_deinit(struct wpa_global
*global
)
6328 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6330 #ifdef CONFIG_WIFI_DISPLAY
6331 wifi_display_deinit(global
);
6332 #endif /* CONFIG_WIFI_DISPLAY */
6334 while (global
->ifaces
)
6335 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6337 if (global
->ctrl_iface
)
6338 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6340 wpas_notify_supplicant_deinitialized(global
);
6342 eap_peer_unregister_methods();
6344 eap_server_unregister_methods();
6345 #endif /* CONFIG_AP */
6347 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6348 if (!global
->drv_priv
[i
])
6350 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6352 os_free(global
->drv_priv
);
6358 if (global
->params
.pid_file
) {
6359 os_daemonize_terminate(global
->params
.pid_file
);
6360 os_free(global
->params
.pid_file
);
6362 os_free(global
->params
.ctrl_interface
);
6363 os_free(global
->params
.ctrl_interface_group
);
6364 os_free(global
->params
.override_driver
);
6365 os_free(global
->params
.override_ctrl_interface
);
6366 #ifdef CONFIG_MATCH_IFACE
6367 os_free(global
->params
.match_ifaces
);
6368 #endif /* CONFIG_MATCH_IFACE */
6370 os_free(global
->params
.conf_p2p_dev
);
6371 #endif /* CONFIG_P2P */
6373 os_free(global
->p2p_disallow_freq
.range
);
6374 os_free(global
->p2p_go_avoid_freq
.range
);
6375 os_free(global
->add_psk
);
6378 wpa_debug_close_syslog();
6379 wpa_debug_close_file();
6380 wpa_debug_close_linux_tracing();
6384 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6386 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6387 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6389 country
[0] = wpa_s
->conf
->country
[0];
6390 country
[1] = wpa_s
->conf
->country
[1];
6392 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6393 wpa_printf(MSG_ERROR
, "Failed to set country code "
6398 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6399 wpas_init_ext_pw(wpa_s
);
6401 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6402 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6404 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6405 struct wpa_driver_capa capa
;
6406 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6408 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6409 wpa_printf(MSG_ERROR
,
6410 "Failed to update wowlan_triggers to '%s'",
6411 wpa_s
->conf
->wowlan_triggers
);
6415 wpas_wps_update_config(wpa_s
);
6416 #endif /* CONFIG_WPS */
6417 wpas_p2p_update_config(wpa_s
);
6418 wpa_s
->conf
->changed_parameters
= 0;
6422 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6426 for (i
= 0; i
< *num_freqs
; i
++) {
6427 if (freqs
[i
] == freq
)
6431 freqs
[*num_freqs
] = freq
;
6436 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6438 struct wpa_bss
*bss
, *cbss
;
6439 const int max_freqs
= 10;
6443 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6447 cbss
= wpa_s
->current_bss
;
6449 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6452 if (bss
->ssid_len
== cbss
->ssid_len
&&
6453 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6454 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6455 add_freq(freqs
, &num_freqs
, bss
->freq
);
6456 if (num_freqs
== max_freqs
)
6461 if (num_freqs
== 0) {
6470 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6476 wpas_connect_work_done(wpa_s
);
6479 * Remove possible authentication timeout since the connection failed.
6481 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6484 * There is no point in blacklisting the AP if this event is
6485 * generated based on local request to disconnect.
6487 if (wpa_s
->own_disconnect_req
) {
6488 wpa_s
->own_disconnect_req
= 0;
6489 wpa_dbg(wpa_s
, MSG_DEBUG
,
6490 "Ignore connection failure due to local request to disconnect");
6493 if (wpa_s
->disconnected
) {
6494 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6495 "indication since interface has been put into "
6496 "disconnected state");
6501 * Add the failed BSSID into the blacklist and speed up next scan
6502 * attempt if there could be other APs that could accept association.
6503 * The current blacklist count indicates how many times we have tried
6504 * connecting to this AP and multiple attempts mean that other APs are
6505 * either not available or has already been tried, so that we can start
6506 * increasing the delay here to avoid constant scanning.
6508 count
= wpa_blacklist_add(wpa_s
, bssid
);
6509 if (count
== 1 && wpa_s
->current_bss
) {
6511 * This BSS was not in the blacklist before. If there is
6512 * another BSS available for the same ESS, we should try that
6513 * next. Otherwise, we may as well try this one once more
6514 * before allowing other, likely worse, ESSes to be considered.
6516 freqs
= get_bss_freqs_in_ess(wpa_s
);
6518 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6519 "has been seen; try it next");
6520 wpa_blacklist_add(wpa_s
, bssid
);
6522 * On the next scan, go through only the known channels
6523 * used in this ESS based on previous scans to speed up
6524 * common load balancing use case.
6526 os_free(wpa_s
->next_scan_freqs
);
6527 wpa_s
->next_scan_freqs
= freqs
;
6532 * Add previous failure count in case the temporary blacklist was
6533 * cleared due to no other BSSes being available.
6535 count
+= wpa_s
->extra_blacklist_count
;
6537 if (count
> 3 && wpa_s
->current_ssid
) {
6538 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6539 "consider temporary network disabling");
6540 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6561 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6562 "ms", count
, timeout
);
6565 * TODO: if more than one possible AP is available in scan results,
6566 * could try the other ones before requesting a new scan.
6568 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6569 1000 * (timeout
% 1000));
6574 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6576 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6577 const u8
*realm
, *username
, *rrk
;
6578 size_t realm_len
, username_len
, rrk_len
;
6581 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6582 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6583 &username
, &username_len
,
6584 &realm
, &realm_len
, &next_seq_num
,
6585 &rrk
, &rrk_len
) != 0 ||
6589 wpa_hexdump_ascii(MSG_DEBUG
,
6590 "FILS: Store last connection failure realm",
6592 os_free(wpa_s
->last_con_fail_realm
);
6593 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6594 if (wpa_s
->last_con_fail_realm
) {
6595 wpa_s
->last_con_fail_realm_len
= realm_len
;
6596 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6599 #endif /* CONFIG_FILS */
6602 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6604 return wpa_s
->conf
->ap_scan
== 2 ||
6605 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6609 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6610 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6611 struct wpa_ssid
*ssid
,
6615 #ifdef IEEE8021X_EAPOL
6616 struct eap_peer_config
*eap
= &ssid
->eap
;
6618 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6619 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6620 (const u8
*) value
, os_strlen(value
));
6622 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6623 case WPA_CTRL_REQ_EAP_IDENTITY
:
6624 os_free(eap
->identity
);
6625 eap
->identity
= (u8
*) os_strdup(value
);
6626 eap
->identity_len
= os_strlen(value
);
6627 eap
->pending_req_identity
= 0;
6628 if (ssid
== wpa_s
->current_ssid
)
6629 wpa_s
->reassociate
= 1;
6631 case WPA_CTRL_REQ_EAP_PASSWORD
:
6632 bin_clear_free(eap
->password
, eap
->password_len
);
6633 eap
->password
= (u8
*) os_strdup(value
);
6634 eap
->password_len
= os_strlen(value
);
6635 eap
->pending_req_password
= 0;
6636 if (ssid
== wpa_s
->current_ssid
)
6637 wpa_s
->reassociate
= 1;
6639 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6640 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6641 eap
->new_password
= (u8
*) os_strdup(value
);
6642 eap
->new_password_len
= os_strlen(value
);
6643 eap
->pending_req_new_password
= 0;
6644 if (ssid
== wpa_s
->current_ssid
)
6645 wpa_s
->reassociate
= 1;
6647 case WPA_CTRL_REQ_EAP_PIN
:
6648 str_clear_free(eap
->pin
);
6649 eap
->pin
= os_strdup(value
);
6650 eap
->pending_req_pin
= 0;
6651 if (ssid
== wpa_s
->current_ssid
)
6652 wpa_s
->reassociate
= 1;
6654 case WPA_CTRL_REQ_EAP_OTP
:
6655 bin_clear_free(eap
->otp
, eap
->otp_len
);
6656 eap
->otp
= (u8
*) os_strdup(value
);
6657 eap
->otp_len
= os_strlen(value
);
6658 os_free(eap
->pending_req_otp
);
6659 eap
->pending_req_otp
= NULL
;
6660 eap
->pending_req_otp_len
= 0;
6662 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6663 str_clear_free(eap
->private_key_passwd
);
6664 eap
->private_key_passwd
= os_strdup(value
);
6665 eap
->pending_req_passphrase
= 0;
6666 if (ssid
== wpa_s
->current_ssid
)
6667 wpa_s
->reassociate
= 1;
6669 case WPA_CTRL_REQ_SIM
:
6670 str_clear_free(eap
->external_sim_resp
);
6671 eap
->external_sim_resp
= os_strdup(value
);
6672 eap
->pending_req_sim
= 0;
6674 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6675 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6677 ssid
->mem_only_psk
= 1;
6678 if (ssid
->passphrase
)
6679 wpa_config_update_psk(ssid
);
6680 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6681 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6683 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6684 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6686 if (os_strcmp(value
, "good") == 0)
6687 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6688 else if (os_strcmp(value
, "bad") == 0)
6689 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6694 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6699 #else /* IEEE8021X_EAPOL */
6700 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6702 #endif /* IEEE8021X_EAPOL */
6704 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6707 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6710 unsigned int drv_enc
;
6712 if (wpa_s
->p2p_mgmt
)
6713 return 1; /* no normal network profiles on p2p_mgmt interface */
6721 if (wpa_s
->drv_capa_known
)
6722 drv_enc
= wpa_s
->drv_enc
;
6724 drv_enc
= (unsigned int) -1;
6726 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6727 size_t len
= ssid
->wep_key_len
[i
];
6730 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6732 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6734 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6736 return 1; /* invalid WEP key */
6739 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6740 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6741 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
6742 !ssid
->mem_only_psk
)
6749 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6751 #ifdef CONFIG_IEEE80211W
6752 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6753 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6754 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6756 * Driver does not support BIP -- ignore pmf=1 default
6757 * since the connection with PMF would fail and the
6758 * configuration does not require PMF to be enabled.
6760 return NO_MGMT_FRAME_PROTECTION
;
6765 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6766 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6768 * Do not use the default PMF value for non-RSN networks
6769 * since PMF is available only with RSN and pmf=2
6770 * configuration would otherwise prevent connections to
6771 * all open networks.
6773 return NO_MGMT_FRAME_PROTECTION
;
6776 return wpa_s
->conf
->pmf
;
6779 return ssid
->ieee80211w
;
6780 #else /* CONFIG_IEEE80211W */
6781 return NO_MGMT_FRAME_PROTECTION
;
6782 #endif /* CONFIG_IEEE80211W */
6786 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6788 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6790 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6796 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6798 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6800 struct os_reltime now
;
6803 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6808 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6811 ssid
->auth_failures
++;
6814 if (ssid
->p2p_group
&&
6815 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6817 * Skip the wait time since there is a short timeout on the
6818 * connection to a P2P group.
6822 #endif /* CONFIG_P2P */
6824 if (ssid
->auth_failures
> 50)
6826 else if (ssid
->auth_failures
> 10)
6828 else if (ssid
->auth_failures
> 5)
6830 else if (ssid
->auth_failures
> 3)
6832 else if (ssid
->auth_failures
> 2)
6834 else if (ssid
->auth_failures
> 1)
6839 if (ssid
->auth_failures
> 1 &&
6840 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6841 dur
+= os_random() % (ssid
->auth_failures
* 10);
6843 os_get_reltime(&now
);
6844 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6847 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6849 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6850 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6851 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6852 ssid
->auth_failures
, dur
, reason
);
6856 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6857 struct wpa_ssid
*ssid
, int clear_failures
)
6862 if (ssid
->disabled_until
.sec
) {
6863 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6864 "id=%d ssid=\"%s\"",
6865 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6867 ssid
->disabled_until
.sec
= 0;
6868 ssid
->disabled_until
.usec
= 0;
6870 ssid
->auth_failures
= 0;
6874 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6878 if (wpa_s
->disallow_aps_bssid
== NULL
)
6881 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6882 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6883 bssid
, ETH_ALEN
) == 0)
6891 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6896 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6899 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6900 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6901 if (ssid_len
== s
->ssid_len
&&
6902 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6911 * wpas_request_connection - Request a new connection
6912 * @wpa_s: Pointer to the network interface
6914 * This function is used to request a new connection to be found. It will mark
6915 * the interface to allow reassociation and request a new scan to find a
6916 * suitable network to connect to.
6918 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6920 wpa_s
->normal_scans
= 0;
6921 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6922 wpa_supplicant_reinit_autoscan(wpa_s
);
6923 wpa_s
->extra_blacklist_count
= 0;
6924 wpa_s
->disconnected
= 0;
6925 wpa_s
->reassociate
= 1;
6926 wpa_s
->last_owe_group
= 0;
6928 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6929 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6931 wpa_s
->reattach
= 0;
6936 * wpas_request_disconnection - Request disconnection
6937 * @wpa_s: Pointer to the network interface
6939 * This function is used to request disconnection from the currently connected
6940 * network. This will stop any ongoing scans and initiate deauthentication.
6942 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6945 wpa_s
->sme
.prev_bssid_set
= 0;
6946 #endif /* CONFIG_SME */
6947 wpa_s
->reassociate
= 0;
6948 wpa_s
->disconnected
= 1;
6949 wpa_supplicant_cancel_sched_scan(wpa_s
);
6950 wpa_supplicant_cancel_scan(wpa_s
);
6951 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6952 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6956 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6957 struct wpa_used_freq_data
*freqs_data
,
6962 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6964 for (i
= 0; i
< len
; i
++) {
6965 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6966 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6967 i
, cur
->freq
, cur
->flags
);
6973 * Find the operating frequencies of any of the virtual interfaces that
6974 * are using the same radio as the current interface, and in addition, get
6975 * information about the interface types that are using the frequency.
6977 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6978 struct wpa_used_freq_data
*freqs_data
,
6981 struct wpa_supplicant
*ifs
;
6984 unsigned int idx
= 0, i
;
6986 wpa_dbg(wpa_s
, MSG_DEBUG
,
6987 "Determining shared radio frequencies (max len %u)", len
);
6988 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6990 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6995 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6998 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6999 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
7000 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
7001 freq
= ifs
->current_ssid
->frequency
;
7002 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
7003 freq
= ifs
->assoc_freq
;
7007 /* Hold only distinct freqs */
7008 for (i
= 0; i
< idx
; i
++)
7009 if (freqs_data
[i
].freq
== freq
)
7013 freqs_data
[idx
++].freq
= freq
;
7015 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
7016 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
7017 WPA_FREQ_USED_BY_P2P_CLIENT
:
7018 WPA_FREQ_USED_BY_INFRA_STATION
;
7022 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
7028 * Find the operating frequencies of any of the virtual interfaces that
7029 * are using the same radio as the current interface.
7031 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
7032 int *freq_array
, unsigned int len
)
7034 struct wpa_used_freq_data
*freqs_data
;
7037 os_memset(freq_array
, 0, sizeof(int) * len
);
7039 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
7043 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
7044 for (i
= 0; i
< num
; i
++)
7045 freq_array
[i
] = freqs_data
[i
].freq
;
7047 os_free(freqs_data
);
7053 struct wpa_supplicant
*
7054 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7058 case VENDOR_ELEM_PROBE_REQ_P2P
:
7059 case VENDOR_ELEM_PROBE_RESP_P2P
:
7060 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7061 case VENDOR_ELEM_BEACON_P2P_GO
:
7062 case VENDOR_ELEM_P2P_PD_REQ
:
7063 case VENDOR_ELEM_P2P_PD_RESP
:
7064 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7065 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7066 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7067 case VENDOR_ELEM_P2P_INV_REQ
:
7068 case VENDOR_ELEM_P2P_INV_RESP
:
7069 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7070 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7071 return wpa_s
->p2pdev
;
7072 #endif /* CONFIG_P2P */
7079 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7084 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7086 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7087 if (wpa_s
->vendor_elem
[i
]) {
7090 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7091 if (!os_snprintf_error(sizeof(buf
), res
)) {
7092 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7093 wpa_s
->vendor_elem
[i
]);
7099 if (wpa_s
->parent
== wpa_s
&&
7100 wpa_s
->global
->p2p
&&
7101 !wpa_s
->global
->p2p_disabled
)
7102 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7103 #endif /* CONFIG_P2P */
7107 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7108 const u8
*elem
, size_t len
)
7112 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7113 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7115 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7118 if (os_memcmp(ie
, elem
, len
) != 0)
7121 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7122 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7123 wpa_s
->vendor_elem
[frame
] = NULL
;
7125 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7126 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7128 wpas_vendor_elem_update(wpa_s
);
7136 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7137 u16 num_modes
, enum hostapd_hw_mode mode
)
7141 for (i
= 0; i
< num_modes
; i
++) {
7142 if (modes
[i
].mode
== mode
)
7151 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7154 struct wpa_bss_tmp_disallowed
*bss
;
7156 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7157 struct wpa_bss_tmp_disallowed
, list
) {
7158 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7166 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7168 struct wpa_bss_tmp_disallowed
*tmp
;
7169 unsigned int num_bssid
= 0;
7173 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7176 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7177 struct wpa_bss_tmp_disallowed
, list
) {
7178 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7182 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7188 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7190 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7191 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7193 /* Make sure the bss is not already freed */
7194 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7195 struct wpa_bss_tmp_disallowed
, list
) {
7197 dl_list_del(&tmp
->list
);
7199 wpa_set_driver_tmp_disallow_list(wpa_s
);
7206 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7209 struct wpa_bss_tmp_disallowed
*bss
;
7211 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7213 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7214 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7219 bss
= os_malloc(sizeof(*bss
));
7221 wpa_printf(MSG_DEBUG
,
7222 "Failed to allocate memory for temp disallow BSS");
7226 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7227 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7228 wpa_set_driver_tmp_disallow_list(wpa_s
);
7229 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7234 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7236 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
7238 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7239 struct wpa_bss_tmp_disallowed
, list
) {
7240 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {