3 * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
123 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
125 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
128 /* Configure default/group WEP keys for static WEP */
129 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
133 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
134 if (ssid
->wep_key_len
[i
] == 0)
138 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
139 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
140 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
147 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
148 struct wpa_ssid
*ssid
)
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
159 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
160 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
165 if (!ssid
->psk_set
) {
166 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
171 switch (wpa_s
->group_cipher
) {
172 case WPA_CIPHER_CCMP
:
173 os_memcpy(key
, ssid
->psk
, 16);
177 case WPA_CIPHER_GCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_TKIP
:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key
, ssid
->psk
, 16 + 8);
185 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
190 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s
->group_cipher
);
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
198 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
199 os_memset(key
, 0, sizeof(key
));
204 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
206 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
207 const u8
*bssid
= wpa_s
->bssid
;
208 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
209 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
210 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
211 bssid
= wpa_s
->pending_bssid
;
212 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
214 wpa_blacklist_add(wpa_s
, bssid
);
215 wpa_sm_notify_disassoc(wpa_s
->wpa
);
216 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
217 wpa_s
->reassociate
= 1;
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
223 wpa_supplicant_req_scan(wpa_s
, 1, 0);
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
233 * This function is used to schedule a timeout for the current authentication
236 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
239 if (wpa_s
->conf
->ap_scan
== 0 &&
240 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
243 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
244 "%d usec", sec
, usec
);
245 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
246 wpa_s
->last_auth_timeout_sec
= sec
;
247 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
256 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
258 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
261 wpa_dbg(wpa_s
, MSG_DEBUG
,
262 "Authentication timeout restart: %d sec", new_sec
);
263 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
264 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
278 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
280 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
281 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
282 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
283 os_free(wpa_s
->last_con_fail_realm
);
284 wpa_s
->last_con_fail_realm
= NULL
;
285 wpa_s
->last_con_fail_realm_len
= 0;
290 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
291 * @wpa_s: Pointer to wpa_supplicant data
293 * This function is used to configure EAPOL state machine based on the selected
294 * authentication mode.
296 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
298 #ifdef IEEE8021X_EAPOL
299 struct eapol_config eapol_conf
;
300 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
302 #ifdef CONFIG_IBSS_RSN
303 if (ssid
->mode
== WPAS_MODE_IBSS
&&
304 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
305 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
307 * RSN IBSS authentication is per-STA and we can disable the
308 * per-BSSID EAPOL authentication.
310 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
311 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
312 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
315 #endif /* CONFIG_IBSS_RSN */
317 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
318 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
321 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
322 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
324 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
326 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
327 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
328 eapol_conf
.accept_802_1x_keys
= 1;
329 eapol_conf
.required_keys
= 0;
330 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
331 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
333 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
334 eapol_conf
.required_keys
|=
335 EAPOL_REQUIRE_KEY_BROADCAST
;
338 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
339 eapol_conf
.required_keys
= 0;
341 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
342 eapol_conf
.workaround
= ssid
->eap_workaround
;
343 eapol_conf
.eap_disabled
=
344 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
345 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
346 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
347 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
350 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
351 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
352 if (wpa_s
->current_bss
) {
354 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
359 EAPOL_PEER_IS_WPS20_AP
;
364 #endif /* CONFIG_WPS */
366 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
369 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
370 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
372 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
373 #endif /* CONFIG_MACSEC */
374 #endif /* IEEE8021X_EAPOL */
379 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
380 * @wpa_s: Pointer to wpa_supplicant data
381 * @ssid: Configuration data for the network
383 * This function is used to configure WPA state machine and related parameters
384 * to a mode where WPA is not enabled. This is called as part of the
385 * authentication configuration when the selected network does not use WPA.
387 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
388 struct wpa_ssid
*ssid
)
392 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
393 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
394 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
397 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
398 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
399 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
400 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
401 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
402 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
403 wpa_s
->mgmt_group_cipher
= 0;
405 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
406 if (ssid
->wep_key_len
[i
] > 5) {
407 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
408 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
410 } else if (ssid
->wep_key_len
[i
] > 0) {
411 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
412 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
417 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
418 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
419 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
420 wpa_s
->pairwise_cipher
);
421 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
422 #ifdef CONFIG_IEEE80211W
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
424 wpa_s
->mgmt_group_cipher
);
425 #endif /* CONFIG_IEEE80211W */
427 pmksa_cache_clear_current(wpa_s
->wpa
);
431 void free_hw_features(struct wpa_supplicant
*wpa_s
)
434 if (wpa_s
->hw
.modes
== NULL
)
437 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
438 os_free(wpa_s
->hw
.modes
[i
].channels
);
439 os_free(wpa_s
->hw
.modes
[i
].rates
);
442 os_free(wpa_s
->hw
.modes
);
443 wpa_s
->hw
.modes
= NULL
;
447 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
449 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
451 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
452 struct wpa_bss_tmp_disallowed
, list
) {
453 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
454 dl_list_del(&bss
->list
);
460 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
462 struct fils_hlp_req
*req
;
464 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
466 dl_list_del(&req
->list
);
467 wpabuf_free(req
->pkt
);
473 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
477 bgscan_deinit(wpa_s
);
478 autoscan_deinit(wpa_s
);
479 scard_deinit(wpa_s
->scard
);
481 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
482 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
483 l2_packet_deinit(wpa_s
->l2
);
486 l2_packet_deinit(wpa_s
->l2_br
);
489 #ifdef CONFIG_TESTING_OPTIONS
490 l2_packet_deinit(wpa_s
->l2_test
);
491 wpa_s
->l2_test
= NULL
;
492 os_free(wpa_s
->get_pref_freq_list_override
);
493 wpa_s
->get_pref_freq_list_override
= NULL
;
494 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
495 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
496 #endif /* CONFIG_TESTING_OPTIONS */
498 if (wpa_s
->conf
!= NULL
) {
499 struct wpa_ssid
*ssid
;
500 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
501 wpas_notify_network_removed(wpa_s
, ssid
);
504 os_free(wpa_s
->confname
);
505 wpa_s
->confname
= NULL
;
507 os_free(wpa_s
->confanother
);
508 wpa_s
->confanother
= NULL
;
510 os_free(wpa_s
->last_con_fail_realm
);
511 wpa_s
->last_con_fail_realm
= NULL
;
512 wpa_s
->last_con_fail_realm_len
= 0;
514 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
515 eapol_sm_deinit(wpa_s
->eapol
);
518 rsn_preauth_deinit(wpa_s
->wpa
);
521 wpa_tdls_deinit(wpa_s
->wpa
);
522 #endif /* CONFIG_TDLS */
524 wmm_ac_clear_saved_tspecs(wpa_s
);
525 pmksa_candidate_free(wpa_s
->wpa
);
526 wpa_sm_deinit(wpa_s
->wpa
);
528 wpa_blacklist_clear(wpa_s
);
530 wpa_bss_deinit(wpa_s
);
532 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
533 wpa_supplicant_cancel_scan(wpa_s
);
534 wpa_supplicant_cancel_auth_timeout(wpa_s
);
535 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
536 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
537 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
539 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
541 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
543 wpas_wps_deinit(wpa_s
);
545 wpabuf_free(wpa_s
->pending_eapol_rx
);
546 wpa_s
->pending_eapol_rx
= NULL
;
548 #ifdef CONFIG_IBSS_RSN
549 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
550 wpa_s
->ibss_rsn
= NULL
;
551 #endif /* CONFIG_IBSS_RSN */
556 wpa_supplicant_ap_deinit(wpa_s
);
557 #endif /* CONFIG_AP */
559 wpas_p2p_deinit(wpa_s
);
561 #ifdef CONFIG_OFFCHANNEL
562 offchannel_deinit(wpa_s
);
563 #endif /* CONFIG_OFFCHANNEL */
565 wpa_supplicant_cancel_sched_scan(wpa_s
);
567 os_free(wpa_s
->next_scan_freqs
);
568 wpa_s
->next_scan_freqs
= NULL
;
570 os_free(wpa_s
->manual_scan_freqs
);
571 wpa_s
->manual_scan_freqs
= NULL
;
572 os_free(wpa_s
->select_network_scan_freqs
);
573 wpa_s
->select_network_scan_freqs
= NULL
;
575 os_free(wpa_s
->manual_sched_scan_freqs
);
576 wpa_s
->manual_sched_scan_freqs
= NULL
;
578 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
581 * Need to remove any pending gas-query radio work before the
582 * gas_query_deinit() call because gas_query::work has not yet been set
583 * for works that have not been started. gas_query_free() will be unable
584 * to cancel such pending radio works and once the pending gas-query
585 * radio work eventually gets removed, the deinit notification call to
586 * gas_query_start_cb() would result in dereferencing freed memory.
589 radio_remove_works(wpa_s
, "gas-query", 0);
590 gas_query_deinit(wpa_s
->gas
);
592 gas_server_deinit(wpa_s
->gas_server
);
593 wpa_s
->gas_server
= NULL
;
595 free_hw_features(wpa_s
);
597 ieee802_1x_dealloc_kay_sm(wpa_s
);
599 os_free(wpa_s
->bssid_filter
);
600 wpa_s
->bssid_filter
= NULL
;
602 os_free(wpa_s
->disallow_aps_bssid
);
603 wpa_s
->disallow_aps_bssid
= NULL
;
604 os_free(wpa_s
->disallow_aps_ssid
);
605 wpa_s
->disallow_aps_ssid
= NULL
;
607 wnm_bss_keep_alive_deinit(wpa_s
);
609 wnm_deallocate_memory(wpa_s
);
610 #endif /* CONFIG_WNM */
612 ext_password_deinit(wpa_s
->ext_pw
);
613 wpa_s
->ext_pw
= NULL
;
615 wpabuf_free(wpa_s
->last_gas_resp
);
616 wpa_s
->last_gas_resp
= NULL
;
617 wpabuf_free(wpa_s
->prev_gas_resp
);
618 wpa_s
->prev_gas_resp
= NULL
;
620 os_free(wpa_s
->last_scan_res
);
621 wpa_s
->last_scan_res
= NULL
;
625 wpa_drv_configure_frame_filters(wpa_s
, 0);
627 #endif /* CONFIG_HS20 */
629 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
630 wpabuf_free(wpa_s
->vendor_elem
[i
]);
631 wpa_s
->vendor_elem
[i
] = NULL
;
634 wmm_ac_notify_disassoc(wpa_s
);
636 wpa_s
->sched_scan_plans_num
= 0;
637 os_free(wpa_s
->sched_scan_plans
);
638 wpa_s
->sched_scan_plans
= NULL
;
641 wpa_s
->non_pref_chan_num
= 0;
642 os_free(wpa_s
->non_pref_chan
);
643 wpa_s
->non_pref_chan
= NULL
;
644 #endif /* CONFIG_MBO */
646 free_bss_tmp_disallowed(wpa_s
);
648 wpabuf_free(wpa_s
->lci
);
650 wpas_clear_beacon_rep_data(wpa_s
);
652 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
655 struct external_pmksa_cache
*entry
;
657 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
658 struct external_pmksa_cache
,
660 dl_list_del(&entry
->list
);
661 os_free(entry
->pmksa_cache
);
665 #endif /* CONFIG_MESH */
666 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
668 wpas_flush_fils_hlp_req(wpa_s
);
670 wpabuf_free(wpa_s
->ric_ies
);
671 wpa_s
->ric_ies
= NULL
;
674 wpas_dpp_deinit(wpa_s
);
675 #endif /* CONFIG_DPP */
680 * wpa_clear_keys - Clear keys configured for the driver
681 * @wpa_s: Pointer to wpa_supplicant data
682 * @addr: Previously used BSSID or %NULL if not available
684 * This function clears the encryption keys that has been previously configured
687 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
691 #ifdef CONFIG_IEEE80211W
693 #else /* CONFIG_IEEE80211W */
695 #endif /* CONFIG_IEEE80211W */
697 /* MLME-DELETEKEYS.request */
698 for (i
= 0; i
< max
; i
++) {
699 if (wpa_s
->keys_cleared
& BIT(i
))
701 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
704 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
705 !is_zero_ether_addr(addr
)) {
706 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
708 /* MLME-SETPROTECTION.request(None) */
709 wpa_drv_mlme_setprotection(
711 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
712 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
714 wpa_s
->keys_cleared
= (u32
) -1;
719 * wpa_supplicant_state_txt - Get the connection state name as a text string
720 * @state: State (wpa_state; WPA_*)
721 * Returns: The state name as a printable text string
723 const char * wpa_supplicant_state_txt(enum wpa_states state
)
726 case WPA_DISCONNECTED
:
727 return "DISCONNECTED";
730 case WPA_INTERFACE_DISABLED
:
731 return "INTERFACE_DISABLED";
734 case WPA_AUTHENTICATING
:
735 return "AUTHENTICATING";
736 case WPA_ASSOCIATING
:
737 return "ASSOCIATING";
740 case WPA_4WAY_HANDSHAKE
:
741 return "4WAY_HANDSHAKE";
742 case WPA_GROUP_HANDSHAKE
:
743 return "GROUP_HANDSHAKE";
754 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
758 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
759 name
= wpa_s
->current_ssid
->bgscan
;
761 name
= wpa_s
->conf
->bgscan
;
762 if (name
== NULL
|| name
[0] == '\0')
764 if (wpas_driver_bss_selection(wpa_s
))
766 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
769 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
771 #endif /* CONFIG_P2P */
773 bgscan_deinit(wpa_s
);
774 if (wpa_s
->current_ssid
) {
775 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
776 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
779 * Live without bgscan; it is only used as a roaming
780 * optimization, so the initial connection is not
784 struct wpa_scan_results
*scan_res
;
785 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
786 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
789 bgscan_notify_scan(wpa_s
, scan_res
);
790 wpa_scan_results_free(scan_res
);
794 wpa_s
->bgscan_ssid
= NULL
;
798 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
800 if (wpa_s
->bgscan_ssid
!= NULL
) {
801 bgscan_deinit(wpa_s
);
802 wpa_s
->bgscan_ssid
= NULL
;
806 #endif /* CONFIG_BGSCAN */
809 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
811 if (autoscan_init(wpa_s
, 0))
812 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
816 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
818 autoscan_deinit(wpa_s
);
822 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
824 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
825 wpa_s
->wpa_state
== WPA_SCANNING
) {
826 autoscan_deinit(wpa_s
);
827 wpa_supplicant_start_autoscan(wpa_s
);
833 * wpa_supplicant_set_state - Set current connection state
834 * @wpa_s: Pointer to wpa_supplicant data
835 * @state: The new connection state
837 * This function is called whenever the connection state changes, e.g.,
838 * association is completed for WPA/WPA2 4-Way Handshake is started.
840 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
841 enum wpa_states state
)
843 enum wpa_states old_state
= wpa_s
->wpa_state
;
845 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
846 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
847 wpa_supplicant_state_txt(state
));
849 if (state
== WPA_INTERFACE_DISABLED
) {
850 /* Assure normal scan when interface is restored */
851 wpa_s
->normal_scans
= 0;
854 if (state
== WPA_COMPLETED
) {
855 wpas_connect_work_done(wpa_s
);
856 /* Reinitialize normal_scan counter */
857 wpa_s
->normal_scans
= 0;
862 * P2PS client has to reply to Probe Request frames received on the
863 * group operating channel. Enable Probe Request frame reporting for
864 * P2P connected client in case p2p_cli_probe configuration property is
867 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
868 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
869 wpa_s
->current_ssid
->p2p_group
) {
870 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
871 wpa_dbg(wpa_s
, MSG_DEBUG
,
872 "P2P: Enable CLI Probe Request RX reporting");
873 wpa_s
->p2p_cli_probe
=
874 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
875 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
876 wpa_dbg(wpa_s
, MSG_DEBUG
,
877 "P2P: Disable CLI Probe Request RX reporting");
878 wpa_s
->p2p_cli_probe
= 0;
879 wpa_drv_probe_req_report(wpa_s
, 0);
882 #endif /* CONFIG_P2P */
884 if (state
!= WPA_SCANNING
)
885 wpa_supplicant_notify_scanning(wpa_s
, 0);
887 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
888 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
889 int fils_hlp_sent
= 0;
892 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
893 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
895 #endif /* CONFIG_SME */
896 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
897 wpa_auth_alg_fils(wpa_s
->auth_alg
))
900 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
901 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
902 MACSTR
" completed [id=%d id_str=%s%s]",
903 MAC2STR(wpa_s
->bssid
),
904 ssid
? ssid
->id
: -1,
905 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
906 fils_hlp_sent
? " FILS_HLP_SENT" : "");
907 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
908 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
909 wpa_blacklist_clear(wpa_s
);
910 wpa_s
->extra_blacklist_count
= 0;
911 wpa_s
->new_connection
= 0;
912 wpa_drv_set_operstate(wpa_s
, 1);
913 #ifndef IEEE8021X_EAPOL
914 wpa_drv_set_supp_port(wpa_s
, 1);
915 #endif /* IEEE8021X_EAPOL */
916 wpa_s
->after_wps
= 0;
917 wpa_s
->known_wps_freq
= 0;
918 wpas_p2p_completed(wpa_s
);
920 sme_sched_obss_scan(wpa_s
, 1);
922 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
923 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
924 wpas_update_fils_connect_params(wpa_s
);
925 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
926 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
927 state
== WPA_ASSOCIATED
) {
928 wpa_s
->new_connection
= 1;
929 wpa_drv_set_operstate(wpa_s
, 0);
930 #ifndef IEEE8021X_EAPOL
931 wpa_drv_set_supp_port(wpa_s
, 0);
932 #endif /* IEEE8021X_EAPOL */
933 sme_sched_obss_scan(wpa_s
, 0);
935 wpa_s
->wpa_state
= state
;
938 if (state
== WPA_COMPLETED
)
939 wpa_supplicant_start_bgscan(wpa_s
);
940 else if (state
< WPA_ASSOCIATED
)
941 wpa_supplicant_stop_bgscan(wpa_s
);
942 #endif /* CONFIG_BGSCAN */
944 if (state
== WPA_AUTHENTICATING
)
945 wpa_supplicant_stop_autoscan(wpa_s
);
947 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
948 wpa_supplicant_start_autoscan(wpa_s
);
950 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
951 wmm_ac_notify_disassoc(wpa_s
);
953 if (wpa_s
->wpa_state
!= old_state
) {
954 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
957 * Notify the P2P Device interface about a state change in one
960 wpas_p2p_indicate_state_change(wpa_s
);
962 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
963 old_state
== WPA_COMPLETED
)
964 wpas_notify_auth_changed(wpa_s
);
969 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
973 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
975 struct wpa_supplicant
*next
= wpa_s
->next
;
976 if (wpas_wps_terminate_pending(wpa_s
) == 1)
979 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
980 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
981 wpas_p2p_disconnect(wpa_s
);
982 #endif /* CONFIG_P2P */
985 #endif /* CONFIG_WPS */
992 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
994 struct wpa_global
*global
= signal_ctx
;
995 wpa_supplicant_terminate_proc(global
);
999 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1001 enum wpa_states old_state
= wpa_s
->wpa_state
;
1003 wpa_s
->pairwise_cipher
= 0;
1004 wpa_s
->group_cipher
= 0;
1005 wpa_s
->mgmt_group_cipher
= 0;
1006 wpa_s
->key_mgmt
= 0;
1007 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1008 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1010 if (wpa_s
->wpa_state
!= old_state
)
1011 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1016 * wpa_supplicant_reload_configuration - Reload configuration data
1017 * @wpa_s: Pointer to wpa_supplicant data
1018 * Returns: 0 on success or -1 if configuration parsing failed
1020 * This function can be used to request that the configuration data is reloaded
1021 * (e.g., after configuration file change). This function is reloading
1022 * configuration only for one interface, so this may need to be called multiple
1023 * times if %wpa_supplicant is controlling multiple interfaces and all
1024 * interfaces need reconfiguration.
1026 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1028 struct wpa_config
*conf
;
1032 if (wpa_s
->confname
== NULL
)
1034 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1036 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1037 "file '%s' - exiting", wpa_s
->confname
);
1040 if (wpa_s
->confanother
&&
1041 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1042 wpa_msg(wpa_s
, MSG_ERROR
,
1043 "Failed to parse the configuration file '%s' - exiting",
1044 wpa_s
->confanother
);
1048 conf
->changed_parameters
= (unsigned int) -1;
1050 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1051 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1052 os_strcmp(conf
->ctrl_interface
,
1053 wpa_s
->conf
->ctrl_interface
) != 0);
1055 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1056 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1057 wpa_s
->ctrl_iface
= NULL
;
1060 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1061 if (wpa_s
->current_ssid
) {
1062 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1063 wpa_s
->own_disconnect_req
= 1;
1064 wpa_supplicant_deauthenticate(wpa_s
,
1065 WLAN_REASON_DEAUTH_LEAVING
);
1069 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1070 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1072 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1073 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1074 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1076 * Clear forced success to clear EAP state for next
1079 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1081 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1082 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1083 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1084 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1085 rsn_preauth_deinit(wpa_s
->wpa
);
1087 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1088 wpa_config_free(wpa_s
->conf
);
1090 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1091 wpas_notify_ap_scan_changed(wpa_s
);
1094 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1096 wpa_supplicant_update_config(wpa_s
);
1098 wpa_supplicant_clear_status(wpa_s
);
1099 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1100 wpa_s
->reassociate
= 1;
1101 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1103 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1108 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1110 struct wpa_global
*global
= signal_ctx
;
1111 struct wpa_supplicant
*wpa_s
;
1112 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1113 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1115 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1116 wpa_supplicant_terminate_proc(global
);
1120 if (wpa_debug_reopen_file() < 0) {
1121 /* Ignore errors since we cannot really do much to fix this */
1122 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1127 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1128 struct wpa_ssid
*ssid
,
1129 struct wpa_ie_data
*ie
)
1131 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1134 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1135 "from association info");
1140 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1142 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1143 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1144 "cipher 0x%x (mask 0x%x) - reject",
1145 ie
->group_cipher
, ssid
->group_cipher
);
1148 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1149 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1150 "cipher 0x%x (mask 0x%x) - reject",
1151 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1154 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1155 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1156 "management 0x%x (mask 0x%x) - reject",
1157 ie
->key_mgmt
, ssid
->key_mgmt
);
1161 #ifdef CONFIG_IEEE80211W
1162 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1163 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1164 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1165 "that does not support management frame protection - "
1169 #endif /* CONFIG_IEEE80211W */
1176 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1177 * @wpa_s: Pointer to wpa_supplicant data
1178 * @bss: Scan results for the selected BSS, or %NULL if not available
1179 * @ssid: Configuration data for the selected network
1180 * @wpa_ie: Buffer for the WPA/RSN IE
1181 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1182 * used buffer length in case the functions returns success.
1183 * Returns: 0 on success or -1 on failure
1185 * This function is used to configure authentication and encryption parameters
1186 * based on the network configuration and scan result for the selected BSS (if
1189 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1190 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1191 u8
*wpa_ie
, size_t *wpa_ie_len
)
1193 struct wpa_ie_data ie
;
1195 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1198 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1199 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1200 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1202 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1204 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1205 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1206 (ie
.group_cipher
& ssid
->group_cipher
) &&
1207 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1208 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1209 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1210 proto
= WPA_PROTO_RSN
;
1211 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1212 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1213 (ie
.group_cipher
& ssid
->group_cipher
) &&
1214 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1215 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1216 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1217 proto
= WPA_PROTO_WPA
;
1219 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1220 wpa_parse_wpa_ie(bss_osen
, 2 + bss_osen
[1], &ie
) == 0 &&
1221 (ie
.group_cipher
& ssid
->group_cipher
) &&
1222 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1223 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1224 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1225 proto
= WPA_PROTO_OSEN
;
1226 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1227 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1228 (ie
.group_cipher
& ssid
->group_cipher
) &&
1229 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1230 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1231 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1232 proto
= WPA_PROTO_RSN
;
1233 #endif /* CONFIG_HS20 */
1235 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1236 wpa_dbg(wpa_s
, MSG_DEBUG
,
1237 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1238 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1240 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1241 MAC2STR(bss
->bssid
),
1242 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1243 bss_wpa
? " WPA" : "",
1244 bss_rsn
? " RSN" : "",
1245 bss_osen
? " OSEN" : "");
1247 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1248 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1249 wpa_dbg(wpa_s
, MSG_DEBUG
,
1250 "Could not parse RSN element");
1252 wpa_dbg(wpa_s
, MSG_DEBUG
,
1253 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1254 ie
.pairwise_cipher
, ie
.group_cipher
,
1259 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1260 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1261 wpa_dbg(wpa_s
, MSG_DEBUG
,
1262 "Could not parse WPA element");
1264 wpa_dbg(wpa_s
, MSG_DEBUG
,
1265 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1266 ie
.pairwise_cipher
, ie
.group_cipher
,
1272 if (ssid
->proto
& WPA_PROTO_OSEN
)
1273 proto
= WPA_PROTO_OSEN
;
1274 else if (ssid
->proto
& WPA_PROTO_RSN
)
1275 proto
= WPA_PROTO_RSN
;
1277 proto
= WPA_PROTO_WPA
;
1278 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1279 os_memset(&ie
, 0, sizeof(ie
));
1280 ie
.group_cipher
= ssid
->group_cipher
;
1281 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1282 ie
.key_mgmt
= ssid
->key_mgmt
;
1283 #ifdef CONFIG_IEEE80211W
1284 ie
.mgmt_group_cipher
= 0;
1285 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1286 if (ssid
->group_mgmt_cipher
&
1287 WPA_CIPHER_BIP_GMAC_256
)
1288 ie
.mgmt_group_cipher
=
1289 WPA_CIPHER_BIP_GMAC_256
;
1290 else if (ssid
->group_mgmt_cipher
&
1291 WPA_CIPHER_BIP_CMAC_256
)
1292 ie
.mgmt_group_cipher
=
1293 WPA_CIPHER_BIP_CMAC_256
;
1294 else if (ssid
->group_mgmt_cipher
&
1295 WPA_CIPHER_BIP_GMAC_128
)
1296 ie
.mgmt_group_cipher
=
1297 WPA_CIPHER_BIP_GMAC_128
;
1299 ie
.mgmt_group_cipher
=
1300 WPA_CIPHER_AES_128_CMAC
;
1302 #endif /* CONFIG_IEEE80211W */
1304 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1306 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1307 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1308 wpa_s
->wpa_proto
= 0;
1312 #endif /* CONFIG_OWE */
1313 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1314 "based on configuration");
1319 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1320 "pairwise %d key_mgmt %d proto %d",
1321 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1322 #ifdef CONFIG_IEEE80211W
1323 if (ssid
->ieee80211w
) {
1324 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1325 ie
.mgmt_group_cipher
);
1327 #endif /* CONFIG_IEEE80211W */
1329 wpa_s
->wpa_proto
= proto
;
1330 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1331 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1332 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1334 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1335 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1336 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1337 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1338 bss_rsn
? 2 + bss_rsn
[1] : 0))
1342 #ifdef CONFIG_NO_WPA
1343 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1344 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1345 #else /* CONFIG_NO_WPA */
1346 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1347 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1348 if (wpa_s
->group_cipher
< 0) {
1349 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1353 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1354 wpa_cipher_txt(wpa_s
->group_cipher
));
1356 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1357 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1358 if (wpa_s
->pairwise_cipher
< 0) {
1359 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1363 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1364 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1365 #endif /* CONFIG_NO_WPA */
1367 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1369 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1370 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1371 #endif /* CONFIG_SAE */
1373 #ifdef CONFIG_SUITEB192
1374 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1375 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1376 wpa_dbg(wpa_s
, MSG_DEBUG
,
1377 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1378 #endif /* CONFIG_SUITEB192 */
1379 #ifdef CONFIG_SUITEB
1380 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1381 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1382 wpa_dbg(wpa_s
, MSG_DEBUG
,
1383 "WPA: using KEY_MGMT 802.1X with Suite B");
1384 #endif /* CONFIG_SUITEB */
1386 #ifdef CONFIG_IEEE80211R
1387 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1388 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1389 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1390 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1391 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1392 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1393 #endif /* CONFIG_IEEE80211R */
1394 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1396 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1397 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1398 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1399 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1400 #endif /* CONFIG_FILS */
1401 #ifdef CONFIG_IEEE80211R
1402 #ifdef CONFIG_SHA384
1403 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) {
1404 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1405 wpa_dbg(wpa_s
, MSG_DEBUG
,
1406 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1407 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1408 /* PMKSA caching with FT is not fully functional, so
1409 * disable the case for now. */
1410 wpa_dbg(wpa_s
, MSG_DEBUG
,
1411 "WPA: Disable PMKSA caching for FT/802.1X connection");
1412 pmksa_cache_clear_current(wpa_s
->wpa
);
1414 #endif /* CONFIG_SHA384 */
1415 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1416 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1417 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1418 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1419 /* PMKSA caching with FT is not fully functional, so
1420 * disable the case for now. */
1421 wpa_dbg(wpa_s
, MSG_DEBUG
,
1422 "WPA: Disable PMKSA caching for FT/802.1X connection");
1423 pmksa_cache_clear_current(wpa_s
->wpa
);
1425 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1426 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1427 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1428 #endif /* CONFIG_IEEE80211R */
1430 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1431 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1432 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1433 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1434 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1435 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1436 #endif /* CONFIG_SAE */
1437 #ifdef CONFIG_IEEE80211W
1438 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1439 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1440 wpa_dbg(wpa_s
, MSG_DEBUG
,
1441 "WPA: using KEY_MGMT 802.1X with SHA256");
1442 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1443 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1444 wpa_dbg(wpa_s
, MSG_DEBUG
,
1445 "WPA: using KEY_MGMT PSK with SHA256");
1446 #endif /* CONFIG_IEEE80211W */
1447 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1448 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1449 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1450 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1451 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1452 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1453 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1454 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1455 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1457 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1458 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1459 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1460 #endif /* CONFIG_HS20 */
1462 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1463 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1464 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1465 #endif /* CONFIG_OWE */
1467 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1468 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1469 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1470 #endif /* CONFIG_DPP */
1472 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1473 "authenticated key management type");
1477 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1478 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1479 wpa_s
->pairwise_cipher
);
1480 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1482 #ifdef CONFIG_IEEE80211W
1483 sel
= ie
.mgmt_group_cipher
;
1484 if (ssid
->group_mgmt_cipher
)
1485 sel
&= ssid
->group_mgmt_cipher
;
1486 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1487 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1489 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1490 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1491 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1493 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1494 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1495 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1497 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1498 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1499 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1501 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1502 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1503 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1506 wpa_s
->mgmt_group_cipher
= 0;
1507 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1509 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1510 wpa_s
->mgmt_group_cipher
);
1511 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1512 wpas_get_ssid_pmf(wpa_s
, ssid
));
1513 #endif /* CONFIG_IEEE80211W */
1515 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_OCV
, ssid
->ocv
);
1516 #endif /* CONFIG_OCV */
1518 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1519 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1523 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1527 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1528 WPA_KEY_MGMT_FT_PSK
|
1529 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1531 if (ssid
->psk_set
&& !sae_only
) {
1532 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1533 ssid
->psk
, PMK_LEN
);
1534 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1539 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1540 (ssid
->sae_password
|| ssid
->passphrase
))
1543 #ifndef CONFIG_NO_PBKDF2
1544 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1545 ssid
->passphrase
&& !sae_only
) {
1547 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1548 4096, psk
, PMK_LEN
);
1549 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1551 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1553 os_memset(psk
, 0, sizeof(psk
));
1555 #endif /* CONFIG_NO_PBKDF2 */
1556 #ifdef CONFIG_EXT_PASSWORD
1557 if (ssid
->ext_psk
&& !sae_only
) {
1558 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1560 char pw_str
[64 + 1];
1564 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1565 "found from external storage");
1569 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1570 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1571 "PSK length %d in external storage",
1572 (int) wpabuf_len(pw
));
1573 ext_password_free(pw
);
1577 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1578 pw_str
[wpabuf_len(pw
)] = '\0';
1580 #ifndef CONFIG_NO_PBKDF2
1581 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1583 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1584 4096, psk
, PMK_LEN
);
1585 os_memset(pw_str
, 0, sizeof(pw_str
));
1586 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1587 "external passphrase)",
1589 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1592 os_memset(psk
, 0, sizeof(psk
));
1594 #endif /* CONFIG_NO_PBKDF2 */
1595 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1596 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1597 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1598 "Invalid PSK hex string");
1599 os_memset(pw_str
, 0, sizeof(pw_str
));
1600 ext_password_free(pw
);
1603 wpa_hexdump_key(MSG_MSGDUMP
,
1604 "PSK (from external PSK)",
1606 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1609 os_memset(psk
, 0, sizeof(psk
));
1611 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1613 os_memset(pw_str
, 0, sizeof(pw_str
));
1614 ext_password_free(pw
);
1618 os_memset(pw_str
, 0, sizeof(pw_str
));
1619 ext_password_free(pw
);
1621 #endif /* CONFIG_EXT_PASSWORD */
1624 wpa_msg(wpa_s
, MSG_INFO
,
1625 "No PSK available for association");
1626 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1630 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1631 /* OWE Diffie-Hellman exchange in (Re)Association
1632 * Request/Response frames set the PMK, so do not override it
1634 #endif /* CONFIG_OWE */
1636 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1642 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1647 case 0: /* Bits 0-7 */
1649 case 1: /* Bits 8-15 */
1650 if (wpa_s
->conf
->coloc_intf_reporting
) {
1651 /* Bit 13 - Collocated Interference Reporting */
1655 case 2: /* Bits 16-23 */
1657 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1658 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1659 #endif /* CONFIG_WNM */
1661 case 3: /* Bits 24-31 */
1663 *pos
|= 0x02; /* Bit 25 - SSID List */
1664 #endif /* CONFIG_WNM */
1665 #ifdef CONFIG_INTERWORKING
1666 if (wpa_s
->conf
->interworking
)
1667 *pos
|= 0x80; /* Bit 31 - Interworking */
1668 #endif /* CONFIG_INTERWORKING */
1670 case 4: /* Bits 32-39 */
1671 #ifdef CONFIG_INTERWORKING
1672 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1673 *pos
|= 0x01; /* Bit 32 - QoS Map */
1674 #endif /* CONFIG_INTERWORKING */
1676 case 5: /* Bits 40-47 */
1678 if (wpa_s
->conf
->hs20
)
1679 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1680 #endif /* CONFIG_HS20 */
1682 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1683 #endif /* CONFIG_MBO */
1685 case 6: /* Bits 48-55 */
1687 case 7: /* Bits 56-63 */
1689 case 8: /* Bits 64-71 */
1690 if (wpa_s
->conf
->ftm_responder
)
1691 *pos
|= 0x40; /* Bit 70 - FTM responder */
1692 if (wpa_s
->conf
->ftm_initiator
)
1693 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1695 case 9: /* Bits 72-79 */
1697 if (!wpa_s
->disable_fils
)
1699 #endif /* CONFIG_FILS */
1705 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1710 if (len
< wpa_s
->extended_capa_len
)
1711 len
= wpa_s
->extended_capa_len
;
1712 if (buflen
< (size_t) len
+ 2) {
1713 wpa_printf(MSG_INFO
,
1714 "Not enough room for building extended capabilities element");
1718 *pos
++ = WLAN_EID_EXT_CAPAB
;
1720 for (i
= 0; i
< len
; i
++, pos
++) {
1721 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1723 if (i
< wpa_s
->extended_capa_len
) {
1724 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1725 *pos
|= wpa_s
->extended_capa
[i
];
1729 while (len
> 0 && buf
[1 + len
] == 0) {
1740 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1741 struct wpa_bss
*test_bss
)
1743 struct wpa_bss
*bss
;
1745 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1746 if (bss
== test_bss
)
1754 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1755 struct wpa_ssid
*test_ssid
)
1757 struct wpa_ssid
*ssid
;
1759 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1760 if (ssid
== test_ssid
)
1768 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1769 struct wpa_ssid
*test_ssid
)
1771 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1774 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1778 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1786 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1788 struct wpa_connect_work
*cwork
;
1789 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1794 wpa_s
->connect_work
= NULL
;
1797 wpas_connect_work_free(cwork
);
1798 radio_work_done(work
);
1802 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1804 struct os_reltime now
;
1807 os_get_reltime(&now
);
1808 if (wpa_s
->last_mac_addr_style
== style
&&
1809 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1810 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1811 wpa_s
->conf
->rand_addr_lifetime
)) {
1812 wpa_msg(wpa_s
, MSG_DEBUG
,
1813 "Previously selected random MAC address has not yet expired");
1819 if (random_mac_addr(addr
) < 0)
1823 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1824 if (random_mac_addr_keep_oui(addr
) < 0)
1831 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1832 wpa_msg(wpa_s
, MSG_INFO
,
1833 "Failed to set random MAC address");
1837 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1838 wpa_s
->mac_addr_changed
= 1;
1839 wpa_s
->last_mac_addr_style
= style
;
1841 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1842 wpa_msg(wpa_s
, MSG_INFO
,
1843 "Could not update MAC address information");
1847 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1854 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1856 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1857 !wpa_s
->conf
->preassoc_mac_addr
)
1860 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1864 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1867 * wpa_supplicant_associate - Request association
1868 * @wpa_s: Pointer to wpa_supplicant data
1869 * @bss: Scan results for the selected BSS, or %NULL if not available
1870 * @ssid: Configuration data for the selected network
1872 * This function is used to request %wpa_supplicant to associate with a BSS.
1874 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1875 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1877 struct wpa_connect_work
*cwork
;
1880 wpa_s
->own_disconnect_req
= 0;
1883 * If we are starting a new connection, any previously pending EAPOL
1884 * RX cannot be valid anymore.
1886 wpabuf_free(wpa_s
->pending_eapol_rx
);
1887 wpa_s
->pending_eapol_rx
= NULL
;
1889 if (ssid
->mac_addr
== -1)
1890 rand_style
= wpa_s
->conf
->mac_addr
;
1892 rand_style
= ssid
->mac_addr
;
1894 wmm_ac_clear_saved_tspecs(wpa_s
);
1895 wpa_s
->reassoc_same_bss
= 0;
1896 wpa_s
->reassoc_same_ess
= 0;
1897 #ifdef CONFIG_TESTING_OPTIONS
1898 wpa_s
->testing_resend_assoc
= 0;
1899 #endif /* CONFIG_TESTING_OPTIONS */
1901 if (wpa_s
->last_ssid
== ssid
) {
1902 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1903 wpa_s
->reassoc_same_ess
= 1;
1904 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1905 wmm_ac_save_tspecs(wpa_s
);
1906 wpa_s
->reassoc_same_bss
= 1;
1910 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1911 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1913 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1914 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1915 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1916 wpa_msg(wpa_s
, MSG_INFO
,
1917 "Could not restore permanent MAC address");
1920 wpa_s
->mac_addr_changed
= 0;
1921 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1922 wpa_msg(wpa_s
, MSG_INFO
,
1923 "Could not update MAC address information");
1926 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1928 wpa_s
->last_ssid
= ssid
;
1930 #ifdef CONFIG_IBSS_RSN
1931 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1932 wpa_s
->ibss_rsn
= NULL
;
1933 #else /* CONFIG_IBSS_RSN */
1934 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1935 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1936 wpa_msg(wpa_s
, MSG_INFO
,
1937 "IBSS RSN not supported in the build");
1940 #endif /* CONFIG_IBSS_RSN */
1942 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1943 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1945 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1946 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1950 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1951 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1952 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1953 wpas_p2p_ap_setup_failed(wpa_s
);
1956 wpa_s
->current_bss
= bss
;
1957 #else /* CONFIG_AP */
1958 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1960 #endif /* CONFIG_AP */
1964 if (ssid
->mode
== WPAS_MODE_MESH
) {
1966 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1967 wpa_msg(wpa_s
, MSG_INFO
,
1968 "Driver does not support mesh mode");
1972 ssid
->frequency
= bss
->freq
;
1973 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1974 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1977 wpa_s
->current_bss
= bss
;
1978 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1979 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1981 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1982 #else /* CONFIG_MESH */
1983 wpa_msg(wpa_s
, MSG_ERROR
,
1984 "mesh mode support not included in the build");
1985 #endif /* CONFIG_MESH */
1990 * Set WPA state machine configuration to match the selected network now
1991 * so that the information is available before wpas_start_assoc_cb()
1992 * gets called. This is needed at least for RSN pre-authentication where
1993 * candidate APs are added to a list based on scan result processing
1994 * before completion of the first association.
1996 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1999 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
2001 #endif /* CONFIG_DPP */
2005 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2007 #endif /* CONFIG_TDLS */
2009 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2010 ssid
->mode
== IEEE80211_MODE_INFRA
) {
2011 sme_authenticate(wpa_s
, bss
, ssid
);
2015 if (wpa_s
->connect_work
) {
2016 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2020 if (radio_work_pending(wpa_s
, "connect")) {
2021 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2026 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2027 /* Clear possibly set auth_alg, if any, from last attempt. */
2028 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2030 #endif /* CONFIG_SME */
2032 wpas_abort_ongoing_scan(wpa_s
);
2034 cwork
= os_zalloc(sizeof(*cwork
));
2041 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2042 wpas_start_assoc_cb
, cwork
) < 0) {
2048 static int bss_is_ibss(struct wpa_bss
*bss
)
2050 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2055 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2056 const struct wpa_ssid
*ssid
)
2058 enum hostapd_hw_mode hw_mode
;
2059 struct hostapd_hw_modes
*mode
= NULL
;
2063 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2064 if (hw_mode
== NUM_HOSTAPD_MODES
)
2066 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2067 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2068 mode
= &wpa_s
->hw
.modes
[i
];
2076 return mode
->vht_capab
!= 0;
2080 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2081 const struct wpa_ssid
*ssid
,
2082 struct hostapd_freq_params
*freq
)
2084 enum hostapd_hw_mode hw_mode
;
2085 struct hostapd_hw_modes
*mode
= NULL
;
2086 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2088 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2089 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2091 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2093 struct hostapd_freq_params vht_freq
;
2094 int chwidth
, seg0
, seg1
;
2097 freq
->freq
= ssid
->frequency
;
2099 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2100 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2102 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2105 /* Don't adjust control freq in case of fixed_freq */
2106 if (ssid
->fixed_freq
)
2109 if (!bss_is_ibss(bss
))
2112 if (ssid
->ssid_len
== bss
->ssid_len
&&
2113 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2114 wpa_printf(MSG_DEBUG
,
2115 "IBSS already found in scan results, adjust control freq: %d",
2117 freq
->freq
= bss
->freq
;
2123 /* For IBSS check HT_IBSS flag */
2124 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2125 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2128 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2129 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2130 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2131 wpa_printf(MSG_DEBUG
,
2132 "IBSS: WEP/TKIP detected, do not try to enable HT");
2136 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2137 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2138 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2139 mode
= &wpa_s
->hw
.modes
[i
];
2147 #ifdef CONFIG_HT_OVERRIDES
2148 if (ssid
->disable_ht
) {
2149 freq
->ht_enabled
= 0;
2152 #endif /* CONFIG_HT_OVERRIDES */
2154 freq
->ht_enabled
= ht_supported(mode
);
2155 if (!freq
->ht_enabled
)
2158 /* Setup higher BW only for 5 GHz */
2159 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2162 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2163 pri_chan
= &mode
->channels
[chan_idx
];
2164 if (pri_chan
->chan
== channel
)
2171 /* Check primary channel flags */
2172 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2175 #ifdef CONFIG_HT_OVERRIDES
2176 if (ssid
->disable_ht40
)
2178 #endif /* CONFIG_HT_OVERRIDES */
2180 /* Check/setup HT40+/HT40- */
2181 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2182 if (ht40plus
[j
] == channel
) {
2188 /* Find secondary channel */
2189 for (i
= 0; i
< mode
->num_channels
; i
++) {
2190 sec_chan
= &mode
->channels
[i
];
2191 if (sec_chan
->chan
== channel
+ ht40
* 4)
2198 /* Check secondary channel flags */
2199 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2202 freq
->channel
= pri_chan
->chan
;
2205 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2208 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2211 freq
->sec_channel_offset
= ht40
;
2214 struct wpa_scan_results
*scan_res
;
2216 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2217 if (scan_res
== NULL
) {
2219 freq
->sec_channel_offset
= 0;
2223 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2228 freq
->sec_channel_offset
= 0;
2231 /* Configuration allowed */
2234 /* Switch pri/sec channels */
2235 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2236 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2237 freq
->channel
= sec_chan
->chan
;
2240 freq
->sec_channel_offset
= 0;
2244 wpa_scan_results_free(scan_res
);
2247 wpa_printf(MSG_DEBUG
,
2248 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2249 freq
->channel
, freq
->sec_channel_offset
);
2251 if (!drv_supports_vht(wpa_s
, ssid
))
2254 /* For IBSS check VHT_IBSS flag */
2255 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2256 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2261 #ifdef CONFIG_VHT_OVERRIDES
2262 if (ssid
->disable_vht
) {
2263 freq
->vht_enabled
= 0;
2266 #endif /* CONFIG_VHT_OVERRIDES */
2268 vht_freq
.vht_enabled
= vht_supported(mode
);
2269 if (!vht_freq
.vht_enabled
)
2272 /* setup center_freq1, bandwidth */
2273 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2274 if (freq
->channel
>= vht80
[j
] &&
2275 freq
->channel
< vht80
[j
] + 16)
2279 if (j
== ARRAY_SIZE(vht80
))
2282 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2283 struct hostapd_channel_data
*chan
;
2285 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2289 /* Back to HT configuration if channel not usable */
2290 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2294 chwidth
= VHT_CHANWIDTH_80MHZ
;
2295 seg0
= vht80
[j
] + 6;
2298 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2299 /* setup center_freq2, bandwidth */
2300 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2301 /* Only accept 80 MHz segments separated by a gap */
2302 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2304 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2305 struct hostapd_channel_data
*chan
;
2307 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2311 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2312 HOSTAPD_CHAN_NO_IR
|
2313 HOSTAPD_CHAN_RADAR
))
2316 /* Found a suitable second segment for 80+80 */
2317 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2319 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2320 seg1
= vht80
[k
] + 6;
2323 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2326 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2327 if (freq
->freq
== 5180) {
2328 chwidth
= VHT_CHANWIDTH_160MHZ
;
2329 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2331 } else if (freq
->freq
== 5520) {
2332 chwidth
= VHT_CHANWIDTH_160MHZ
;
2333 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2338 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2339 freq
->channel
, freq
->ht_enabled
,
2340 vht_freq
.vht_enabled
,
2341 freq
->sec_channel_offset
,
2342 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2347 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2348 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2353 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2356 struct fils_hlp_req
*req
;
2357 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2361 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2363 rem_len
= ie_buf_len
- ie_len
;
2364 pos
= wpabuf_head(req
->pkt
);
2365 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2366 hlp_len
= wpabuf_len(req
->pkt
);
2368 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2369 wpa_printf(MSG_ERROR
,
2370 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2371 (unsigned long) rem_len
,
2372 (unsigned long) (2 + hdr_len
+ hlp_len
));
2376 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2378 *buf
++ = WLAN_EID_EXTENSION
;
2381 /* Element ID Extension */
2382 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2383 /* Destination MAC address */
2384 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2386 /* Source MAC address */
2387 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2389 /* LLC/SNAP Header */
2390 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2393 os_memcpy(buf
, pos
, len
- hdr_len
);
2394 buf
+= len
- hdr_len
;
2395 pos
+= len
- hdr_len
;
2397 hlp_len
-= len
- hdr_len
;
2402 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2403 if (rem_len
< 2 + len
)
2405 *buf
++ = WLAN_EID_FRAGMENT
;
2407 os_memcpy(buf
, pos
, len
);
2421 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2423 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2424 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2425 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2426 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2430 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2432 #ifdef CONFIG_FILS_SK_PFS
2433 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2434 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2435 #else /* CONFIG_FILS_SK_PFS */
2437 #endif /* CONFIG_FILS_SK_PFS */
2440 #endif /* CONFIG_FILS */
2443 static u8
* wpas_populate_assoc_ies(
2444 struct wpa_supplicant
*wpa_s
,
2445 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2446 struct wpa_driver_associate_params
*params
,
2447 enum wpa_drv_update_connect_params_mask
*mask
)
2450 size_t max_wpa_ie_len
= 500;
2452 int algs
= WPA_AUTH_ALG_OPEN
;
2457 const u8
*realm
, *username
, *rrk
;
2458 size_t realm_len
, username_len
, rrk_len
;
2460 struct fils_hlp_req
*req
;
2462 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2464 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2465 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2467 #endif /* CONFIG_FILS */
2469 wpa_ie
= os_malloc(max_wpa_ie_len
);
2471 wpa_printf(MSG_ERROR
,
2472 "Failed to allocate connect IE buffer for %lu bytes",
2473 (unsigned long) max_wpa_ie_len
);
2477 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2478 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2479 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2480 int try_opportunistic
;
2481 const u8
*cache_id
= NULL
;
2483 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2485 ssid
->proactive_key_caching
) &&
2486 (ssid
->proto
& WPA_PROTO_RSN
);
2488 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2489 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2490 #endif /* CONFIG_FILS */
2491 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2492 ssid
, try_opportunistic
,
2494 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2495 wpa_ie_len
= max_wpa_ie_len
;
2496 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2497 wpa_ie
, &wpa_ie_len
)) {
2498 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2499 "key management and encryption suites");
2504 } else if (bss
&& wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
) &&
2505 (ssid
->key_mgmt
& WPA_KEY_MGMT_OSEN
)) {
2506 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2507 wpa_ie_len
= max_wpa_ie_len
;
2508 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2509 wpa_ie
, &wpa_ie_len
)) {
2510 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2511 "key management and encryption suites");
2515 #endif /* CONFIG_HS20 */
2516 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2517 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2519 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2520 * use non-WPA since the scan results did not indicate that the
2521 * AP is using WPA or WPA2.
2523 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2525 wpa_s
->wpa_proto
= 0;
2526 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2527 wpa_ie_len
= max_wpa_ie_len
;
2528 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2529 wpa_ie
, &wpa_ie_len
)) {
2530 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2531 "key management and encryption suites (no "
2537 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2538 struct wpabuf
*wps_ie
;
2539 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2540 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2541 wpa_ie_len
= wpabuf_len(wps_ie
);
2542 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2545 wpabuf_free(wps_ie
);
2546 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2547 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2548 params
->wps
= WPS_MODE_PRIVACY
;
2550 params
->wps
= WPS_MODE_OPEN
;
2551 wpa_s
->wpa_proto
= 0;
2552 #endif /* CONFIG_WPS */
2554 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2556 wpa_s
->wpa_proto
= 0;
2559 #ifdef IEEE8021X_EAPOL
2560 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2562 if (ssid
->non_leap
== 0)
2563 algs
= WPA_AUTH_ALG_LEAP
;
2565 algs
|= WPA_AUTH_ALG_LEAP
;
2570 /* Clear FILS association */
2571 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2573 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2574 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2575 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2576 &username_len
, &realm
, &realm_len
,
2577 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2578 (!wpa_s
->last_con_fail_realm
||
2579 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2580 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2581 algs
= WPA_AUTH_ALG_FILS
;
2582 params
->fils_erp_username
= username
;
2583 params
->fils_erp_username_len
= username_len
;
2584 params
->fils_erp_realm
= realm
;
2585 params
->fils_erp_realm_len
= realm_len
;
2586 params
->fils_erp_next_seq_num
= next_seq_num
;
2587 params
->fils_erp_rrk
= rrk
;
2588 params
->fils_erp_rrk_len
= rrk_len
;
2591 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2593 #endif /* CONFIG_FILS */
2594 #endif /* IEEE8021X_EAPOL */
2596 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2597 algs
= WPA_AUTH_ALG_SAE
;
2598 #endif /* CONFIG_SAE */
2600 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2601 if (ssid
->auth_alg
) {
2602 algs
= ssid
->auth_alg
;
2603 wpa_dbg(wpa_s
, MSG_DEBUG
,
2604 "Overriding auth_alg selection: 0x%x", algs
);
2608 if (wpa_s
->global
->p2p
) {
2612 pos
= wpa_ie
+ wpa_ie_len
;
2613 len
= max_wpa_ie_len
- wpa_ie_len
;
2614 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2620 wpa_s
->cross_connect_disallowed
= 0;
2623 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2625 wpa_s
->cross_connect_disallowed
=
2626 p2p_get_cross_connect_disallowed(p2p
);
2628 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2630 wpa_s
->cross_connect_disallowed
?
2631 "disallows" : "allows");
2635 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2636 #endif /* CONFIG_P2P */
2639 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2640 wpa_ie
+ wpa_ie_len
,
2646 * Workaround: Add Extended Capabilities element only if the AP
2647 * included this element in Beacon/Probe Response frames. Some older
2648 * APs seem to have interoperability issues if this element is
2649 * included, so while the standard may require us to include the
2650 * element in all cases, it is justifiable to skip it to avoid
2651 * interoperability issues.
2653 if (ssid
->p2p_group
)
2654 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2656 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2658 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2661 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2663 if (ext_capab_len
> 0 &&
2664 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2666 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2668 os_memmove(pos
+ ext_capab_len
, pos
,
2669 wpa_ie_len
- (pos
- wpa_ie
));
2670 wpa_ie_len
+= ext_capab_len
;
2671 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2676 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2677 struct wpabuf
*hs20
;
2679 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2681 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2684 wpas_hs20_add_indication(hs20
, pps_mo_id
,
2685 get_hs20_version(bss
));
2686 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2687 len
= max_wpa_ie_len
- wpa_ie_len
;
2688 if (wpabuf_len(hs20
) <= len
) {
2689 os_memcpy(wpa_ie
+ wpa_ie_len
,
2690 wpabuf_head(hs20
), wpabuf_len(hs20
));
2691 wpa_ie_len
+= wpabuf_len(hs20
);
2695 hs20_configure_frame_filters(wpa_s
);
2698 #endif /* CONFIG_HS20 */
2700 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2701 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2704 len
= max_wpa_ie_len
- wpa_ie_len
;
2705 if (wpabuf_len(buf
) <= len
) {
2706 os_memcpy(wpa_ie
+ wpa_ie_len
,
2707 wpabuf_head(buf
), wpabuf_len(buf
));
2708 wpa_ie_len
+= wpabuf_len(buf
);
2713 if (wpa_s
->fst_ies
) {
2714 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2716 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2717 os_memcpy(wpa_ie
+ wpa_ie_len
,
2718 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2719 wpa_ie_len
+= fst_ies_len
;
2722 #endif /* CONFIG_FST */
2725 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2729 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2730 max_wpa_ie_len
- wpa_ie_len
,
2731 !!mbo_attr_from_mbo_ie(mbo_ie
,
2732 OCE_ATTR_ID_CAPA_IND
));
2736 #endif /* CONFIG_MBO */
2739 if (algs
== WPA_AUTH_ALG_FILS
) {
2742 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2743 max_wpa_ie_len
- wpa_ie_len
);
2746 #endif /* CONFIG_FILS */
2749 #ifdef CONFIG_TESTING_OPTIONS
2750 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2751 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2753 #endif /* CONFIG_TESTING_OPTIONS */
2754 if (algs
== WPA_AUTH_ALG_OPEN
&&
2755 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2756 struct wpabuf
*owe_ie
;
2759 if (ssid
->owe_group
) {
2760 group
= ssid
->owe_group
;
2761 } else if (wpa_s
->assoc_status_code
==
2762 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED
) {
2763 if (wpa_s
->last_owe_group
== 19)
2765 else if (wpa_s
->last_owe_group
== 20)
2768 group
= OWE_DH_GROUP
;
2770 group
= OWE_DH_GROUP
;
2773 wpa_s
->last_owe_group
= group
;
2774 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2775 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2777 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2778 os_memcpy(wpa_ie
+ wpa_ie_len
,
2779 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2780 wpa_ie_len
+= wpabuf_len(owe_ie
);
2781 wpabuf_free(owe_ie
);
2784 #endif /* CONFIG_OWE */
2786 #ifdef CONFIG_IEEE80211R
2788 * Add MDIE under these conditions: the network profile allows FT,
2789 * the AP supports FT, and the mobility domain ID matches.
2791 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2792 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2794 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2796 const u8
*md
= mdie
+ 2;
2797 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2799 if (os_memcmp(md
, wpa_md
,
2800 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2801 /* Add mobility domain IE */
2802 len
= wpa_ft_add_mdie(
2803 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2804 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2808 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2809 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2810 wpa_dbg(wpa_s
, MSG_DEBUG
,
2811 "SME: Trying to use FT over-the-air");
2812 algs
|= WPA_AUTH_ALG_FT
;
2814 #endif /* CONFIG_SME */
2817 #endif /* CONFIG_IEEE80211R */
2819 params
->wpa_ie
= wpa_ie
;
2820 params
->wpa_ie_len
= wpa_ie_len
;
2821 params
->auth_alg
= algs
;
2823 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2829 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2830 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
2832 struct wpa_driver_associate_params params
;
2833 enum wpa_drv_update_connect_params_mask mask
= 0;
2836 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
2837 return; /* nothing to do */
2839 os_memset(¶ms
, 0, sizeof(params
));
2840 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2841 wpa_s
->current_ssid
, ¶ms
, &mask
);
2845 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
2850 wpa_s
->auth_alg
= params
.auth_alg
;
2851 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
2854 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2857 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2859 struct wpa_connect_work
*cwork
= work
->ctx
;
2860 struct wpa_bss
*bss
= cwork
->bss
;
2861 struct wpa_ssid
*ssid
= cwork
->ssid
;
2862 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2864 int use_crypt
, ret
, i
, bssid_changed
;
2865 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
2866 struct wpa_driver_associate_params params
;
2867 int wep_keys_set
= 0;
2868 int assoc_failed
= 0;
2869 struct wpa_ssid
*old_ssid
;
2870 u8 prev_bssid
[ETH_ALEN
];
2871 #ifdef CONFIG_HT_OVERRIDES
2872 struct ieee80211_ht_capabilities htcaps
;
2873 struct ieee80211_ht_capabilities htcaps_mask
;
2874 #endif /* CONFIG_HT_OVERRIDES */
2875 #ifdef CONFIG_VHT_OVERRIDES
2876 struct ieee80211_vht_capabilities vhtcaps
;
2877 struct ieee80211_vht_capabilities vhtcaps_mask
;
2878 #endif /* CONFIG_VHT_OVERRIDES */
2881 if (work
->started
) {
2882 wpa_s
->connect_work
= NULL
;
2884 /* cancel possible auth. timeout */
2885 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2888 wpas_connect_work_free(cwork
);
2892 wpa_s
->connect_work
= work
;
2894 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2895 wpas_network_disabled(wpa_s
, ssid
)) {
2896 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2897 wpas_connect_work_done(wpa_s
);
2901 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2902 os_memset(¶ms
, 0, sizeof(params
));
2903 wpa_s
->reassociate
= 0;
2904 wpa_s
->eap_expected_failure
= 0;
2906 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2907 #ifdef CONFIG_IEEE80211R
2908 const u8
*ie
, *md
= NULL
;
2909 #endif /* CONFIG_IEEE80211R */
2910 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2911 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2912 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2913 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2914 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2915 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2917 wpas_notify_bssid_changed(wpa_s
);
2918 #ifdef CONFIG_IEEE80211R
2919 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2920 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2922 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2924 /* Prepare for the next transition */
2925 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2927 #endif /* CONFIG_IEEE80211R */
2929 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2930 wpa_s
->conf
->ap_scan
== 2 &&
2931 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2932 /* Use ap_scan==1 style network selection to find the network
2934 wpas_connect_work_done(wpa_s
);
2935 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2936 wpa_s
->reassociate
= 1;
2937 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2939 #endif /* CONFIG_WPS */
2941 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2942 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2944 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2946 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2949 wpa_supplicant_cancel_sched_scan(wpa_s
);
2951 wpa_supplicant_cancel_scan(wpa_s
);
2953 /* Starting new association, so clear the possibly used WPA IE from the
2954 * previous association. */
2955 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2957 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
2959 wpas_connect_work_done(wpa_s
);
2963 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2965 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2966 cipher_group
= wpa_s
->group_cipher
;
2967 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
2968 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2969 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2970 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2972 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2977 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2980 #ifdef IEEE8021X_EAPOL
2981 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2982 if ((ssid
->eapol_flags
&
2983 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2984 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2988 /* Assume that dynamic WEP-104 keys will be used and
2989 * set cipher suites in order for drivers to expect
2991 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2994 #endif /* IEEE8021X_EAPOL */
2996 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2997 /* Set the key before (and later after) association */
2998 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3001 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
3003 params
.ssid
= bss
->ssid
;
3004 params
.ssid_len
= bss
->ssid_len
;
3005 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
3006 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3007 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
3008 MACSTR
" freq=%u MHz based on scan results "
3009 "(bssid_set=%d wps=%d)",
3010 MAC2STR(bss
->bssid
), bss
->freq
,
3012 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
3013 params
.bssid
= bss
->bssid
;
3014 params
.freq
.freq
= bss
->freq
;
3016 params
.bssid_hint
= bss
->bssid
;
3017 params
.freq_hint
= bss
->freq
;
3018 params
.pbss
= bss_is_pbss(bss
);
3020 if (ssid
->bssid_hint_set
)
3021 params
.bssid_hint
= ssid
->bssid_hint
;
3023 params
.ssid
= ssid
->ssid
;
3024 params
.ssid_len
= ssid
->ssid_len
;
3025 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3028 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3029 wpa_s
->conf
->ap_scan
== 2) {
3030 params
.bssid
= ssid
->bssid
;
3031 params
.fixed_bssid
= 1;
3034 /* Initial frequency for IBSS/mesh */
3035 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3036 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3037 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3039 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3040 params
.fixed_freq
= ssid
->fixed_freq
;
3041 if (ssid
->beacon_int
)
3042 params
.beacon_int
= ssid
->beacon_int
;
3044 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3047 params
.pairwise_suite
= cipher_pairwise
;
3048 params
.group_suite
= cipher_group
;
3049 params
.mgmt_group_suite
= cipher_group_mgmt
;
3050 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3051 params
.wpa_proto
= wpa_s
->wpa_proto
;
3052 wpa_s
->auth_alg
= params
.auth_alg
;
3053 params
.mode
= ssid
->mode
;
3054 params
.bg_scan_period
= ssid
->bg_scan_period
;
3055 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3056 if (ssid
->wep_key_len
[i
])
3057 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3058 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3060 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3062 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3063 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3064 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3065 params
.passphrase
= ssid
->passphrase
;
3067 params
.psk
= ssid
->psk
;
3070 if (wpa_s
->conf
->key_mgmt_offload
) {
3071 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3072 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3073 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3074 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3075 params
.req_key_mgmt_offload
=
3076 ssid
->proactive_key_caching
< 0 ?
3077 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3079 params
.req_key_mgmt_offload
= 1;
3081 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3082 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3083 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3085 params
.psk
= ssid
->psk
;
3088 params
.drop_unencrypted
= use_crypt
;
3090 #ifdef CONFIG_IEEE80211W
3091 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3092 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3093 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3094 struct wpa_ie_data ie
;
3095 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3097 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3098 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3099 "MFP: require MFP");
3100 params
.mgmt_frame_protection
=
3101 MGMT_FRAME_PROTECTION_REQUIRED
;
3103 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3105 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3106 #endif /* CONFIG_OWE */
3109 #endif /* CONFIG_IEEE80211W */
3111 params
.p2p
= ssid
->p2p_group
;
3113 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3114 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3118 #ifdef CONFIG_HT_OVERRIDES
3119 os_memset(&htcaps
, 0, sizeof(htcaps
));
3120 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3121 params
.htcaps
= (u8
*) &htcaps
;
3122 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3123 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3124 #endif /* CONFIG_HT_OVERRIDES */
3125 #ifdef CONFIG_VHT_OVERRIDES
3126 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3127 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3128 params
.vhtcaps
= &vhtcaps
;
3129 params
.vhtcaps_mask
= &vhtcaps_mask
;
3130 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3131 #endif /* CONFIG_VHT_OVERRIDES */
3135 * If multi-channel concurrency is not supported, check for any
3136 * frequency conflict. In case of any frequency conflict, remove the
3137 * least prioritized connection.
3139 if (wpa_s
->num_multichan_concurrent
< 2) {
3141 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3142 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3143 wpa_printf(MSG_DEBUG
,
3144 "Assoc conflicting freq found (%d != %d)",
3145 freq
, params
.freq
.freq
);
3146 if (wpas_p2p_handle_frequency_conflicts(
3147 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3148 wpas_connect_work_done(wpa_s
);
3154 #endif /* CONFIG_P2P */
3156 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3157 wpa_s
->current_ssid
)
3158 params
.prev_bssid
= prev_bssid
;
3160 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3163 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3165 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3167 * The driver is known to mean what is saying, so we
3168 * can stop right here; the association will not
3171 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3172 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3173 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3176 /* try to continue anyway; new association will be tried again
3181 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3182 /* Set the key after the association just in case association
3183 * cleared the previously configured key. */
3184 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3185 /* No need to timeout authentication since there is no key
3187 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3188 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3189 #ifdef CONFIG_IBSS_RSN
3190 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3191 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3192 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3194 * RSN IBSS authentication is per-STA and we can disable the
3195 * per-BSSID authentication.
3197 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3198 #endif /* CONFIG_IBSS_RSN */
3200 /* Timeout for IEEE 802.11 authentication and association */
3204 /* give IBSS a bit more time */
3205 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3206 } else if (wpa_s
->conf
->ap_scan
== 1) {
3207 /* give IBSS a bit more time */
3208 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3210 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3214 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3215 /* Set static WEP keys again */
3216 wpa_set_wep_keys(wpa_s
, ssid
);
3219 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3221 * Do not allow EAP session resumption between different
3222 * network configurations.
3224 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3226 old_ssid
= wpa_s
->current_ssid
;
3227 wpa_s
->current_ssid
= ssid
;
3229 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3230 wpa_s
->current_bss
= bss
;
3232 hs20_configure_frame_filters(wpa_s
);
3233 #endif /* CONFIG_HS20 */
3236 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3237 wpa_supplicant_initiate_eapol(wpa_s
);
3238 if (old_ssid
!= wpa_s
->current_ssid
)
3239 wpas_notify_network_changed(wpa_s
);
3243 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3246 struct wpa_ssid
*old_ssid
;
3248 wpas_connect_work_done(wpa_s
);
3249 wpa_clear_keys(wpa_s
, addr
);
3250 old_ssid
= wpa_s
->current_ssid
;
3251 wpa_supplicant_mark_disassoc(wpa_s
);
3252 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3253 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3254 if (old_ssid
!= wpa_s
->current_ssid
)
3255 wpas_notify_network_changed(wpa_s
);
3256 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3261 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3262 * @wpa_s: Pointer to wpa_supplicant data
3263 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3265 * This function is used to request %wpa_supplicant to deauthenticate from the
3268 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3272 union wpa_event_data event
;
3275 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3276 " pending_bssid=" MACSTR
" reason=%d state=%s",
3277 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3278 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3280 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3281 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3282 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3283 addr
= wpa_s
->pending_bssid
;
3284 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3285 addr
= wpa_s
->bssid
;
3286 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3288 * When using driver-based BSS selection, we may not know the
3289 * BSSID with which we are currently trying to associate. We
3290 * need to notify the driver of this disconnection even in such
3291 * a case, so use the all zeros address here.
3293 addr
= wpa_s
->bssid
;
3298 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3299 #endif /* CONFIG_TDLS */
3303 struct mesh_conf
*mconf
;
3305 mconf
= wpa_s
->ifmsh
->mconf
;
3306 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3308 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3309 mconf
->meshid_len
, reason_code
);
3310 wpa_supplicant_leave_mesh(wpa_s
);
3312 #endif /* CONFIG_MESH */
3315 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3316 os_memset(&event
, 0, sizeof(event
));
3317 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3318 event
.deauth_info
.locally_generated
= 1;
3319 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3324 wpa_supplicant_clear_connection(wpa_s
, addr
);
3327 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3328 struct wpa_ssid
*ssid
)
3330 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3334 ssid
->owe_transition_bss_select_count
= 0;
3335 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3336 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3339 * Try to reassociate since there is no current configuration and a new
3340 * network was made available.
3342 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3343 wpa_s
->reassociate
= 1;
3348 * wpa_supplicant_add_network - Add a new network
3349 * @wpa_s: wpa_supplicant structure for a network interface
3350 * Returns: The new network configuration or %NULL if operation failed
3352 * This function performs the following operations:
3353 * 1. Adds a new network.
3354 * 2. Send network addition notification.
3355 * 3. Marks the network disabled.
3356 * 4. Set network default parameters.
3358 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3360 struct wpa_ssid
*ssid
;
3362 ssid
= wpa_config_add_network(wpa_s
->conf
);
3365 wpas_notify_network_added(wpa_s
, ssid
);
3367 wpa_config_set_network_defaults(ssid
);
3374 * wpa_supplicant_remove_network - Remove a configured network based on id
3375 * @wpa_s: wpa_supplicant structure for a network interface
3376 * @id: Unique network id to search for
3377 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3378 * could not be removed
3380 * This function performs the following operations:
3381 * 1. Removes the network.
3382 * 2. Send network removal notification.
3383 * 3. Update internal state machines.
3384 * 4. Stop any running sched scans.
3386 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3388 struct wpa_ssid
*ssid
;
3391 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3394 wpas_notify_network_removed(wpa_s
, ssid
);
3396 if (wpa_s
->last_ssid
== ssid
)
3397 wpa_s
->last_ssid
= NULL
;
3399 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3401 wpa_s
->sme
.prev_bssid_set
= 0;
3402 #endif /* CONFIG_SME */
3404 * Invalidate the EAP session cache if the current or
3405 * previously used network is removed.
3407 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3410 if (ssid
== wpa_s
->current_ssid
) {
3411 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3412 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3414 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3415 wpa_s
->own_disconnect_req
= 1;
3416 wpa_supplicant_deauthenticate(wpa_s
,
3417 WLAN_REASON_DEAUTH_LEAVING
);
3420 was_disabled
= ssid
->disabled
;
3422 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3425 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3426 wpa_printf(MSG_DEBUG
,
3427 "Stop ongoing sched_scan to remove network from filters");
3428 wpa_supplicant_cancel_sched_scan(wpa_s
);
3429 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3437 * wpa_supplicant_enable_network - Mark a configured network as enabled
3438 * @wpa_s: wpa_supplicant structure for a network interface
3439 * @ssid: wpa_ssid structure for a configured network or %NULL
3441 * Enables the specified network or all networks if no network specified.
3443 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3444 struct wpa_ssid
*ssid
)
3447 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3448 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3450 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3452 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3453 (!wpa_s
->current_ssid
||
3454 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3455 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3456 if (wpa_s
->sched_scanning
) {
3457 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3458 "new network to scan filters");
3459 wpa_supplicant_cancel_sched_scan(wpa_s
);
3462 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3463 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3464 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3471 * wpa_supplicant_disable_network - Mark a configured network as disabled
3472 * @wpa_s: wpa_supplicant structure for a network interface
3473 * @ssid: wpa_ssid structure for a configured network or %NULL
3475 * Disables the specified network or all networks if no network specified.
3477 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3478 struct wpa_ssid
*ssid
)
3480 struct wpa_ssid
*other_ssid
;
3484 if (wpa_s
->sched_scanning
)
3485 wpa_supplicant_cancel_sched_scan(wpa_s
);
3487 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3488 other_ssid
= other_ssid
->next
) {
3489 was_disabled
= other_ssid
->disabled
;
3490 if (was_disabled
== 2)
3491 continue; /* do not change persistent P2P group
3494 other_ssid
->disabled
= 1;
3496 if (was_disabled
!= other_ssid
->disabled
)
3497 wpas_notify_network_enabled_changed(
3500 if (wpa_s
->current_ssid
) {
3501 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3502 wpa_s
->own_disconnect_req
= 1;
3503 wpa_supplicant_deauthenticate(
3504 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3506 } else if (ssid
->disabled
!= 2) {
3507 if (ssid
== wpa_s
->current_ssid
) {
3508 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3509 wpa_s
->own_disconnect_req
= 1;
3510 wpa_supplicant_deauthenticate(
3511 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3514 was_disabled
= ssid
->disabled
;
3518 if (was_disabled
!= ssid
->disabled
) {
3519 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3520 if (wpa_s
->sched_scanning
) {
3521 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3522 "to remove network from filters");
3523 wpa_supplicant_cancel_sched_scan(wpa_s
);
3524 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3532 * wpa_supplicant_select_network - Attempt association with a network
3533 * @wpa_s: wpa_supplicant structure for a network interface
3534 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3536 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3537 struct wpa_ssid
*ssid
)
3540 struct wpa_ssid
*other_ssid
;
3541 int disconnected
= 0;
3543 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3544 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3545 wpa_s
->own_disconnect_req
= 1;
3546 wpa_supplicant_deauthenticate(
3547 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3552 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3555 * Mark all other networks disabled or mark all networks enabled if no
3556 * network specified.
3558 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3559 other_ssid
= other_ssid
->next
) {
3560 int was_disabled
= other_ssid
->disabled
;
3561 if (was_disabled
== 2)
3562 continue; /* do not change persistent P2P group data */
3564 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3565 if (was_disabled
&& !other_ssid
->disabled
)
3566 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3568 if (was_disabled
!= other_ssid
->disabled
)
3569 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3572 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3573 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3574 /* We are already associated with the selected network */
3575 wpa_printf(MSG_DEBUG
, "Already associated with the "
3576 "selected network - do nothing");
3581 wpa_s
->current_ssid
= ssid
;
3582 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3583 wpa_s
->connect_without_scan
=
3584 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3587 * Don't optimize next scan freqs since a new ESS has been
3590 os_free(wpa_s
->next_scan_freqs
);
3591 wpa_s
->next_scan_freqs
= NULL
;
3593 wpa_s
->connect_without_scan
= NULL
;
3596 wpa_s
->disconnected
= 0;
3597 wpa_s
->reassociate
= 1;
3598 wpa_s
->last_owe_group
= 0;
3600 ssid
->owe_transition_bss_select_count
= 0;
3602 if (wpa_s
->connect_without_scan
||
3603 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3604 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3605 wpas_scan_reset_sched_scan(wpa_s
);
3606 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3610 wpas_notify_network_selected(wpa_s
, ssid
);
3615 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3616 * @wpa_s: wpa_supplicant structure for a network interface
3617 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3618 * @pkcs11_module_path: PKCS #11 module path or NULL
3619 * Returns: 0 on success; -1 on failure
3621 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3622 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3623 * module path fails the paths will be reset to the default value (NULL).
3625 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3626 const char *pkcs11_engine_path
,
3627 const char *pkcs11_module_path
)
3629 char *pkcs11_engine_path_copy
= NULL
;
3630 char *pkcs11_module_path_copy
= NULL
;
3632 if (pkcs11_engine_path
!= NULL
) {
3633 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3634 if (pkcs11_engine_path_copy
== NULL
)
3637 if (pkcs11_module_path
!= NULL
) {
3638 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3639 if (pkcs11_module_path_copy
== NULL
) {
3640 os_free(pkcs11_engine_path_copy
);
3645 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3646 os_free(wpa_s
->conf
->pkcs11_module_path
);
3647 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3648 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3650 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3651 eapol_sm_deinit(wpa_s
->eapol
);
3652 wpa_s
->eapol
= NULL
;
3653 if (wpa_supplicant_init_eapol(wpa_s
)) {
3654 /* Error -> Reset paths to the default value (NULL) once. */
3655 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3656 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3661 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3668 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3669 * @wpa_s: wpa_supplicant structure for a network interface
3670 * @ap_scan: AP scan mode
3671 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3674 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3679 if (ap_scan
< 0 || ap_scan
> 2)
3682 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3683 wpa_printf(MSG_INFO
,
3684 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3688 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3689 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3690 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3691 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3692 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3695 #endif /* ANDROID */
3697 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3698 wpa_s
->conf
->ap_scan
= ap_scan
;
3700 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3701 wpas_notify_ap_scan_changed(wpa_s
);
3708 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3709 * @wpa_s: wpa_supplicant structure for a network interface
3710 * @expire_age: Expiration age in seconds
3711 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3714 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3715 unsigned int bss_expire_age
)
3717 if (bss_expire_age
< 10) {
3718 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3722 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3724 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3731 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3732 * @wpa_s: wpa_supplicant structure for a network interface
3733 * @expire_count: number of scans after which an unseen BSS is reclaimed
3734 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3737 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3738 unsigned int bss_expire_count
)
3740 if (bss_expire_count
< 1) {
3741 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3745 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3747 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3754 * wpa_supplicant_set_scan_interval - Set scan interval
3755 * @wpa_s: wpa_supplicant structure for a network interface
3756 * @scan_interval: scan interval in seconds
3757 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3760 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3763 if (scan_interval
< 0) {
3764 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3768 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3770 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3777 * wpa_supplicant_set_debug_params - Set global debug params
3778 * @global: wpa_global structure
3779 * @debug_level: debug level
3780 * @debug_timestamp: determines if show timestamp in debug data
3781 * @debug_show_keys: determines if show keys in debug data
3782 * Returns: 0 if succeed or -1 if debug_level has wrong value
3784 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3785 int debug_timestamp
, int debug_show_keys
)
3788 int old_level
, old_timestamp
, old_show_keys
;
3790 /* check for allowed debuglevels */
3791 if (debug_level
!= MSG_EXCESSIVE
&&
3792 debug_level
!= MSG_MSGDUMP
&&
3793 debug_level
!= MSG_DEBUG
&&
3794 debug_level
!= MSG_INFO
&&
3795 debug_level
!= MSG_WARNING
&&
3796 debug_level
!= MSG_ERROR
)
3799 old_level
= wpa_debug_level
;
3800 old_timestamp
= wpa_debug_timestamp
;
3801 old_show_keys
= wpa_debug_show_keys
;
3803 wpa_debug_level
= debug_level
;
3804 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3805 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3807 if (wpa_debug_level
!= old_level
)
3808 wpas_notify_debug_level_changed(global
);
3809 if (wpa_debug_timestamp
!= old_timestamp
)
3810 wpas_notify_debug_timestamp_changed(global
);
3811 if (wpa_debug_show_keys
!= old_show_keys
)
3812 wpas_notify_debug_show_keys_changed(global
);
3819 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
3820 const u8
*entry_ssid
, size_t entry_ssid_len
)
3822 const u8
*owe
, *pos
, *end
;
3824 struct wpa_bss
*bss
;
3826 /* Check network profile SSID aganst the SSID in the
3827 * OWE Transition Mode element. */
3829 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
3833 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
3838 end
= owe
+ 2 + owe
[1];
3840 if (end
- pos
< ETH_ALEN
+ 1)
3844 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
3847 return entry_ssid_len
== ssid_len
&&
3848 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
3850 #endif /* CONFIG_OWE */
3854 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3855 * @wpa_s: Pointer to wpa_supplicant data
3856 * Returns: A pointer to the current network structure or %NULL on failure
3858 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3860 struct wpa_ssid
*entry
;
3861 u8 ssid
[SSID_MAX_LEN
];
3867 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3869 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3875 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3876 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3881 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3882 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3884 entry
= wpa_s
->conf
->ssid
;
3886 if (!wpas_network_disabled(wpa_s
, entry
) &&
3887 ((ssid_len
== entry
->ssid_len
&&
3888 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3889 (!entry
->bssid_set
||
3890 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3893 if (!wpas_network_disabled(wpa_s
, entry
) &&
3894 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3895 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3896 (!entry
->bssid_set
||
3897 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3899 #endif /* CONFIG_WPS */
3902 if (!wpas_network_disabled(wpa_s
, entry
) &&
3903 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
3905 (!entry
->bssid_set
||
3906 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3908 #endif /* CONFIG_OWE */
3910 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3911 entry
->ssid_len
== 0 &&
3912 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3915 entry
= entry
->next
;
3922 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3924 struct wpa_global
*global
= wpa_s
->global
;
3926 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3927 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3928 if (global
->drv_priv
[i
] == NULL
) {
3929 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3930 "'%s'", wpa_drivers
[i
]->name
);
3935 wpa_s
->driver
= wpa_drivers
[i
];
3936 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3942 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3947 const char *pos
, *driver
= name
;
3952 if (wpa_drivers
[0] == NULL
) {
3953 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3959 /* default to first driver in the list */
3960 return select_driver(wpa_s
, 0);
3964 pos
= os_strchr(driver
, ',');
3968 len
= os_strlen(driver
);
3970 for (i
= 0; wpa_drivers
[i
]; i
++) {
3971 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3972 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3974 /* First driver that succeeds wins */
3975 if (select_driver(wpa_s
, i
) == 0)
3983 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3989 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3990 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3991 * with struct wpa_driver_ops::init()
3992 * @src_addr: Source address of the EAPOL frame
3993 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3994 * @len: Length of the EAPOL data
3996 * This function is called for each received EAPOL frame. Most driver
3997 * interfaces rely on more generic OS mechanism for receiving frames through
3998 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3999 * take care of received EAPOL frames and deliver them to the core supplicant
4000 * code by calling this function.
4002 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
4003 const u8
*buf
, size_t len
)
4005 struct wpa_supplicant
*wpa_s
= ctx
;
4007 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
4008 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
4010 #ifdef CONFIG_TESTING_OPTIONS
4011 if (wpa_s
->ignore_auth_resp
) {
4012 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
4015 #endif /* CONFIG_TESTING_OPTIONS */
4017 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
4018 (wpa_s
->last_eapol_matches_bssid
&&
4021 #endif /* CONFIG_AP */
4022 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
4024 * There is possible race condition between receiving the
4025 * association event and the EAPOL frame since they are coming
4026 * through different paths from the driver. In order to avoid
4027 * issues in trying to process the EAPOL frame before receiving
4028 * association information, lets queue it for processing until
4029 * the association event is received. This may also be needed in
4030 * driver-based roaming case, so also use src_addr != BSSID as a
4031 * trigger if we have previously confirmed that the
4032 * Authenticator uses BSSID as the src_addr (which is not the
4033 * case with wired IEEE 802.1X).
4035 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4036 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4037 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4038 MAC2STR(wpa_s
->bssid
));
4039 wpabuf_free(wpa_s
->pending_eapol_rx
);
4040 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4041 if (wpa_s
->pending_eapol_rx
) {
4042 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4043 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4049 wpa_s
->last_eapol_matches_bssid
=
4050 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4053 if (wpa_s
->ap_iface
) {
4054 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4057 #endif /* CONFIG_AP */
4059 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4060 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4061 "no key management is configured");
4065 if (wpa_s
->eapol_received
== 0 &&
4066 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
4067 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4068 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4069 (wpa_s
->current_ssid
== NULL
||
4070 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
4071 /* Timeout for completing IEEE 802.1X and WPA authentication */
4074 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4075 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4076 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4077 /* Use longer timeout for IEEE 802.1X/EAP */
4082 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4083 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4084 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4086 * Use shorter timeout if going through WPS AP iteration
4087 * for PIN config method with an AP that does not
4088 * advertise Selected Registrar.
4090 struct wpabuf
*wps_ie
;
4092 wps_ie
= wpa_bss_get_vendor_ie_multi(
4093 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4095 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4097 wpabuf_free(wps_ie
);
4099 #endif /* CONFIG_WPS */
4101 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4103 wpa_s
->eapol_received
++;
4105 if (wpa_s
->countermeasures
) {
4106 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4111 #ifdef CONFIG_IBSS_RSN
4112 if (wpa_s
->current_ssid
&&
4113 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4114 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4117 #endif /* CONFIG_IBSS_RSN */
4119 /* Source address of the incoming EAPOL frame could be compared to the
4120 * current BSSID. However, it is possible that a centralized
4121 * Authenticator could be using another MAC address than the BSSID of
4122 * an AP, so just allow any address to be used for now. The replies are
4123 * still sent to the current BSSID (if available), though. */
4125 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4126 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4127 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4128 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4129 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4131 wpa_drv_poll(wpa_s
);
4132 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
4133 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4134 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4136 * Set portValid = TRUE here since we are going to skip 4-way
4137 * handshake processing which would normally set portValid. We
4138 * need this to allow the EAPOL state machines to be completed
4139 * without going through EAPOL-Key handshake.
4141 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4146 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4148 if ((!wpa_s
->p2p_mgmt
||
4149 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4150 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4151 l2_packet_deinit(wpa_s
->l2
);
4152 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4153 wpa_drv_get_mac_addr(wpa_s
),
4155 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4156 if (wpa_s
->l2
== NULL
)
4159 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4160 L2_PACKET_FILTER_PKTTYPE
))
4161 wpa_dbg(wpa_s
, MSG_DEBUG
,
4162 "Failed to attach pkt_type filter");
4164 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4166 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4169 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4170 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4174 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4180 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4181 const u8
*buf
, size_t len
)
4183 struct wpa_supplicant
*wpa_s
= ctx
;
4184 const struct l2_ethhdr
*eth
;
4186 if (len
< sizeof(*eth
))
4188 eth
= (const struct l2_ethhdr
*) buf
;
4190 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4191 !(eth
->h_dest
[0] & 0x01)) {
4192 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4193 " (bridge - not for this interface - ignore)",
4194 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4198 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4199 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4200 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4201 len
- sizeof(*eth
));
4206 * wpa_supplicant_driver_init - Initialize driver interface parameters
4207 * @wpa_s: Pointer to wpa_supplicant data
4208 * Returns: 0 on success, -1 on failure
4210 * This function is called to initialize driver interface parameters.
4211 * wpa_drv_init() must have been called before this function to initialize the
4214 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4216 static int interface_count
= 0;
4218 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4221 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4222 MAC2STR(wpa_s
->own_addr
));
4223 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4224 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4226 if (wpa_s
->bridge_ifname
[0]) {
4227 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4228 "interface '%s'", wpa_s
->bridge_ifname
);
4229 wpa_s
->l2_br
= l2_packet_init_bridge(
4230 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4231 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4232 if (wpa_s
->l2_br
== NULL
) {
4233 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4234 "connection for the bridge interface '%s'",
4235 wpa_s
->bridge_ifname
);
4240 if (wpa_s
->conf
->ap_scan
== 2 &&
4241 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4242 wpa_printf(MSG_INFO
,
4243 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4246 wpa_clear_keys(wpa_s
, NULL
);
4248 /* Make sure that TKIP countermeasures are not left enabled (could
4249 * happen if wpa_supplicant is killed during countermeasures. */
4250 wpa_drv_set_countermeasures(wpa_s
, 0);
4252 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4253 wpa_drv_flush_pmkid(wpa_s
);
4255 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4256 wpa_s
->prev_scan_wildcard
= 0;
4258 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4259 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4260 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4261 interface_count
= 0;
4264 if (!wpa_s
->p2p_mgmt
&&
4265 wpa_supplicant_delayed_sched_scan(wpa_s
,
4266 interface_count
% 3,
4268 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4270 #endif /* ANDROID */
4273 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4279 static int wpa_supplicant_daemon(const char *pid_file
)
4281 wpa_printf(MSG_DEBUG
, "Daemonize..");
4282 return os_daemonize(pid_file
);
4286 static struct wpa_supplicant
*
4287 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4289 struct wpa_supplicant
*wpa_s
;
4291 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4294 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4295 wpa_s
->scan_interval
= 5;
4296 wpa_s
->new_connection
= 1;
4297 wpa_s
->parent
= parent
? parent
: wpa_s
;
4298 wpa_s
->p2pdev
= wpa_s
->parent
;
4299 wpa_s
->sched_scanning
= 0;
4301 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4302 dl_list_init(&wpa_s
->fils_hlp_req
);
4308 #ifdef CONFIG_HT_OVERRIDES
4310 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4311 struct ieee80211_ht_capabilities
*htcaps
,
4312 struct ieee80211_ht_capabilities
*htcaps_mask
,
4315 /* parse ht_mcs into hex array */
4317 const char *tmp
= ht_mcs
;
4320 /* If ht_mcs is null, do not set anything */
4324 /* This is what we are setting in the kernel */
4325 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4327 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4329 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4333 v
= strtol(tmp
, &end
, 16);
4336 wpa_msg(wpa_s
, MSG_DEBUG
,
4337 "htcap value[%i]: %ld end: %p tmp: %p",
4342 htcaps
->supported_mcs_set
[i
] = v
;
4345 wpa_msg(wpa_s
, MSG_ERROR
,
4346 "Failed to parse ht-mcs: %s, error: %s\n",
4347 ht_mcs
, strerror(errno
));
4353 * If we were able to parse any values, then set mask for the MCS set.
4356 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4357 IEEE80211_HT_MCS_MASK_LEN
- 1);
4358 /* skip the 3 reserved bits */
4359 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4367 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4368 struct ieee80211_ht_capabilities
*htcaps
,
4369 struct ieee80211_ht_capabilities
*htcaps_mask
,
4374 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4379 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4380 htcaps_mask
->ht_capabilities_info
|= msk
;
4382 htcaps
->ht_capabilities_info
&= msk
;
4384 htcaps
->ht_capabilities_info
|= msk
;
4390 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4391 struct ieee80211_ht_capabilities
*htcaps
,
4392 struct ieee80211_ht_capabilities
*htcaps_mask
,
4395 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4400 if (factor
< 0 || factor
> 3) {
4401 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4402 "Must be 0-3 or -1", factor
);
4406 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4407 htcaps
->a_mpdu_params
&= ~0x3;
4408 htcaps
->a_mpdu_params
|= factor
& 0x3;
4414 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4415 struct ieee80211_ht_capabilities
*htcaps
,
4416 struct ieee80211_ht_capabilities
*htcaps_mask
,
4419 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4424 if (density
< 0 || density
> 7) {
4425 wpa_msg(wpa_s
, MSG_ERROR
,
4426 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4431 htcaps_mask
->a_mpdu_params
|= 0x1C;
4432 htcaps
->a_mpdu_params
&= ~(0x1C);
4433 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4439 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4440 struct ieee80211_ht_capabilities
*htcaps
,
4441 struct ieee80211_ht_capabilities
*htcaps_mask
,
4444 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4446 set_disable_ht40(htcaps
, disabled
);
4447 set_disable_ht40(htcaps_mask
, 0);
4453 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4454 struct ieee80211_ht_capabilities
*htcaps
,
4455 struct ieee80211_ht_capabilities
*htcaps_mask
,
4458 /* Masking these out disables SGI */
4459 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4460 HT_CAP_INFO_SHORT_GI40MHZ
);
4462 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4465 htcaps
->ht_capabilities_info
&= ~msk
;
4467 htcaps
->ht_capabilities_info
|= msk
;
4469 htcaps_mask
->ht_capabilities_info
|= msk
;
4475 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4476 struct ieee80211_ht_capabilities
*htcaps
,
4477 struct ieee80211_ht_capabilities
*htcaps_mask
,
4480 /* Masking these out disables LDPC */
4481 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4483 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4486 htcaps
->ht_capabilities_info
&= ~msk
;
4488 htcaps
->ht_capabilities_info
|= msk
;
4490 htcaps_mask
->ht_capabilities_info
|= msk
;
4496 void wpa_supplicant_apply_ht_overrides(
4497 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4498 struct wpa_driver_associate_params
*params
)
4500 struct ieee80211_ht_capabilities
*htcaps
;
4501 struct ieee80211_ht_capabilities
*htcaps_mask
;
4506 params
->disable_ht
= ssid
->disable_ht
;
4507 if (!params
->htcaps
|| !params
->htcaps_mask
)
4510 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4511 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4512 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4513 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4514 ssid
->disable_max_amsdu
);
4515 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4516 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4517 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4518 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4519 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4521 if (ssid
->ht40_intolerant
) {
4522 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4523 htcaps
->ht_capabilities_info
|= bit
;
4524 htcaps_mask
->ht_capabilities_info
|= bit
;
4528 #endif /* CONFIG_HT_OVERRIDES */
4531 #ifdef CONFIG_VHT_OVERRIDES
4532 void wpa_supplicant_apply_vht_overrides(
4533 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4534 struct wpa_driver_associate_params
*params
)
4536 struct ieee80211_vht_capabilities
*vhtcaps
;
4537 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4542 params
->disable_vht
= ssid
->disable_vht
;
4544 vhtcaps
= (void *) params
->vhtcaps
;
4545 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4547 if (!vhtcaps
|| !vhtcaps_mask
)
4550 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4551 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4553 #ifdef CONFIG_HT_OVERRIDES
4554 /* if max ampdu is <= 3, we have to make the HT cap the same */
4555 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4558 max_ampdu
= (ssid
->vht_capa
&
4559 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4560 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4562 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4563 wpa_set_ampdu_factor(wpa_s
,
4564 (void *) params
->htcaps
,
4565 (void *) params
->htcaps_mask
,
4568 #endif /* CONFIG_HT_OVERRIDES */
4570 #define OVERRIDE_MCS(i) \
4571 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4572 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4573 host_to_le16(3 << 2 * (i - 1)); \
4574 vhtcaps->vht_supported_mcs_set.tx_map |= \
4575 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4578 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4579 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4580 host_to_le16(3 << 2 * (i - 1)); \
4581 vhtcaps->vht_supported_mcs_set.rx_map |= \
4582 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4595 #endif /* CONFIG_VHT_OVERRIDES */
4598 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4603 if (!wpa_s
->conf
->pcsc_reader
)
4606 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4610 if (wpa_s
->conf
->pcsc_pin
&&
4611 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4612 scard_deinit(wpa_s
->scard
);
4613 wpa_s
->scard
= NULL
;
4614 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4618 len
= sizeof(wpa_s
->imsi
) - 1;
4619 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4620 scard_deinit(wpa_s
->scard
);
4621 wpa_s
->scard
= NULL
;
4622 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4625 wpa_s
->imsi
[len
] = '\0';
4627 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4629 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4630 wpa_s
->imsi
, wpa_s
->mnc_len
);
4632 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4633 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4634 #endif /* PCSC_FUNCS */
4640 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4644 ext_password_deinit(wpa_s
->ext_pw
);
4645 wpa_s
->ext_pw
= NULL
;
4646 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4648 if (!wpa_s
->conf
->ext_password_backend
)
4651 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4654 pos
= os_strchr(val
, ':');
4658 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4660 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4662 if (wpa_s
->ext_pw
== NULL
) {
4663 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4666 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4674 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4676 struct wpa_supplicant
*wpa_s
= ctx
;
4678 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4679 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4683 static void wpas_fst_get_channel_info_cb(void *ctx
,
4684 enum hostapd_hw_mode
*hw_mode
,
4687 struct wpa_supplicant
*wpa_s
= ctx
;
4689 if (wpa_s
->current_bss
) {
4690 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4692 } else if (wpa_s
->hw
.num_modes
) {
4693 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4701 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4703 struct wpa_supplicant
*wpa_s
= ctx
;
4705 *modes
= wpa_s
->hw
.modes
;
4706 return wpa_s
->hw
.num_modes
;
4710 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4712 struct wpa_supplicant
*wpa_s
= ctx
;
4714 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4715 wpa_s
->fst_ies
= fst_ies
;
4719 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4721 struct wpa_supplicant
*wpa_s
= ctx
;
4723 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4724 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4725 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4728 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4729 wpa_s
->own_addr
, wpa_s
->bssid
,
4730 wpabuf_head(data
), wpabuf_len(data
),
4735 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4737 struct wpa_supplicant
*wpa_s
= ctx
;
4739 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4740 return wpa_s
->received_mb_ies
;
4744 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4745 const u8
*buf
, size_t size
)
4747 struct wpa_supplicant
*wpa_s
= ctx
;
4748 struct mb_ies_info info
;
4750 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4752 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4753 wpabuf_free(wpa_s
->received_mb_ies
);
4754 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4759 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4760 struct fst_get_peer_ctx
**get_ctx
,
4763 struct wpa_supplicant
*wpa_s
= ctx
;
4766 if (!is_zero_ether_addr(wpa_s
->bssid
))
4767 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4768 wpa_s
->bssid
: NULL
;
4773 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4774 struct fst_get_peer_ctx
**get_ctx
,
4780 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4781 struct fst_wpa_obj
*iface_obj
)
4783 iface_obj
->ctx
= wpa_s
;
4784 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4785 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4786 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4787 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4788 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4789 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4790 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4791 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4792 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4794 #endif /* CONFIG_FST */
4796 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4797 const struct wpa_driver_capa
*capa
)
4799 struct wowlan_triggers
*triggers
;
4802 if (!wpa_s
->conf
->wowlan_triggers
)
4805 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4807 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4814 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4817 return BAND_2_4_GHZ
;
4824 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4827 unsigned int band
= 0;
4830 /* freqs are specified for the radio work */
4831 for (i
= 0; freqs
[i
]; i
++)
4832 band
|= wpas_freq_to_band(freqs
[i
]);
4835 * freqs are not specified, implies all
4836 * the supported freqs by HW
4838 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4839 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4840 if (wpa_s
->hw
.modes
[i
].mode
==
4841 HOSTAPD_MODE_IEEE80211B
||
4842 wpa_s
->hw
.modes
[i
].mode
==
4843 HOSTAPD_MODE_IEEE80211G
)
4844 band
|= BAND_2_4_GHZ
;
4845 else if (wpa_s
->hw
.modes
[i
].mode
==
4846 HOSTAPD_MODE_IEEE80211A
)
4848 else if (wpa_s
->hw
.modes
[i
].mode
==
4849 HOSTAPD_MODE_IEEE80211AD
)
4850 band
|= BAND_60_GHZ
;
4851 else if (wpa_s
->hw
.modes
[i
].mode
==
4852 HOSTAPD_MODE_IEEE80211ANY
)
4853 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4863 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4866 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4867 struct wpa_radio
*radio
;
4869 while (rn
&& iface
) {
4870 radio
= iface
->radio
;
4871 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4872 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4874 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4878 iface
= iface
->next
;
4881 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4882 wpa_s
->ifname
, rn
? rn
: "N/A");
4883 radio
= os_zalloc(sizeof(*radio
));
4888 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4889 dl_list_init(&radio
->ifaces
);
4890 dl_list_init(&radio
->work
);
4891 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4897 static void radio_work_free(struct wpa_radio_work
*work
)
4899 if (work
->wpa_s
->scan_work
== work
) {
4900 /* This should not really happen. */
4901 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4902 work
->type
, work
, work
->started
);
4903 work
->wpa_s
->scan_work
= NULL
;
4907 if (work
->wpa_s
->p2p_scan_work
== work
) {
4908 /* This should not really happen. */
4909 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4910 work
->type
, work
, work
->started
);
4911 work
->wpa_s
->p2p_scan_work
= NULL
;
4913 #endif /* CONFIG_P2P */
4915 if (work
->started
) {
4916 work
->wpa_s
->radio
->num_active_works
--;
4917 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4918 "radio_work_free('%s'@%p): num_active_works --> %u",
4920 work
->wpa_s
->radio
->num_active_works
);
4923 dl_list_del(&work
->list
);
4928 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4930 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4931 os_strcmp(work
->type
, "connect") == 0;
4935 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4937 return os_strcmp(work
->type
, "scan") == 0 ||
4938 os_strcmp(work
->type
, "p2p-scan") == 0;
4942 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4944 struct wpa_radio_work
*active_work
= NULL
;
4945 struct wpa_radio_work
*tmp
;
4947 /* Get the active work to know the type and band. */
4948 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4956 /* No active work, start one */
4957 radio
->num_active_works
= 0;
4958 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4960 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4961 radio
->external_scan_running
&&
4962 (((struct wpa_driver_scan_params
*)
4963 tmp
->ctx
)->only_new_results
||
4964 tmp
->wpa_s
->clear_driver_scan_cache
))
4971 if (radio_work_is_connect(active_work
)) {
4973 * If the active work is either connect or sme-connect,
4974 * do not parallelize them with other radio works.
4976 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4977 "Do not parallelize radio work with %s",
4982 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4987 * If connect or sme-connect are enqueued, parallelize only
4988 * those operations ahead of them in the queue.
4990 if (radio_work_is_connect(tmp
))
4993 /* Serialize parallel scan and p2p_scan operations on the same
4994 * interface since the driver_nl80211 mechanism for tracking
4995 * scan cookies does not yet have support for this. */
4996 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4997 radio_work_is_scan(active_work
) &&
4998 radio_work_is_scan(tmp
)) {
4999 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5000 "Do not start work '%s' when another work '%s' is already scheduled",
5001 tmp
->type
, active_work
->type
);
5005 * Check that the radio works are distinct and
5006 * on different bands.
5008 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
5009 (active_work
->bands
!= tmp
->bands
)) {
5011 * If a scan has to be scheduled through nl80211 scan
5012 * interface and if an external scan is already running,
5013 * do not schedule the scan since it is likely to get
5014 * rejected by kernel.
5016 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5017 radio
->external_scan_running
&&
5018 (((struct wpa_driver_scan_params
*)
5019 tmp
->ctx
)->only_new_results
||
5020 tmp
->wpa_s
->clear_driver_scan_cache
))
5023 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5024 "active_work:%s new_work:%s",
5025 active_work
->type
, tmp
->type
);
5030 /* Did not find a radio work to schedule in parallel. */
5035 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5037 struct wpa_radio
*radio
= eloop_ctx
;
5038 struct wpa_radio_work
*work
;
5039 struct os_reltime now
, diff
;
5040 struct wpa_supplicant
*wpa_s
;
5042 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5044 radio
->num_active_works
= 0;
5048 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5052 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5054 return; /* already started and still in progress */
5056 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5057 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5062 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5063 /* get the work to schedule next */
5064 work
= radio_work_get_next_work(radio
);
5070 wpa_s
= work
->wpa_s
;
5071 os_get_reltime(&now
);
5072 os_reltime_sub(&now
, &work
->time
, &diff
);
5073 wpa_dbg(wpa_s
, MSG_DEBUG
,
5074 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5075 work
->type
, work
, diff
.sec
, diff
.usec
);
5078 radio
->num_active_works
++;
5082 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5083 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5084 radio_work_check_next(wpa_s
);
5089 * This function removes both started and pending radio works running on
5090 * the provided interface's radio.
5091 * Prior to the removal of the radio work, its callback (cb) is called with
5092 * deinit set to be 1. Each work's callback is responsible for clearing its
5093 * internal data and restoring to a correct state.
5094 * @wpa_s: wpa_supplicant data
5095 * @type: type of works to be removed
5096 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5097 * this interface's works.
5099 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5100 const char *type
, int remove_all
)
5102 struct wpa_radio_work
*work
, *tmp
;
5103 struct wpa_radio
*radio
= wpa_s
->radio
;
5105 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5107 if (type
&& os_strcmp(type
, work
->type
) != 0)
5110 /* skip other ifaces' works */
5111 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5114 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5115 work
->type
, work
, work
->started
? " (started)" : "");
5117 radio_work_free(work
);
5120 /* in case we removed the started work */
5121 radio_work_check_next(wpa_s
);
5125 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5127 struct wpa_radio_work
*work
;
5128 struct wpa_radio
*radio
= wpa_s
->radio
;
5130 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5131 if (work
->ctx
!= ctx
)
5133 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5134 work
->type
, work
, work
->started
? " (started)" : "");
5135 radio_work_free(work
);
5141 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5143 struct wpa_radio
*radio
= wpa_s
->radio
;
5148 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5149 wpa_s
->ifname
, radio
->name
);
5150 dl_list_del(&wpa_s
->radio_list
);
5151 radio_remove_works(wpa_s
, NULL
, 0);
5152 wpa_s
->radio
= NULL
;
5153 if (!dl_list_empty(&radio
->ifaces
))
5154 return; /* Interfaces remain for this radio */
5156 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5157 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5162 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5164 struct wpa_radio
*radio
= wpa_s
->radio
;
5166 if (dl_list_empty(&radio
->work
))
5168 if (wpa_s
->ext_work_in_progress
) {
5169 wpa_printf(MSG_DEBUG
,
5170 "External radio work in progress - delay start of pending item");
5173 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5174 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5179 * radio_add_work - Add a radio work item
5180 * @wpa_s: Pointer to wpa_supplicant data
5181 * @freq: Frequency of the offchannel operation in MHz or 0
5182 * @type: Unique identifier for each type of work
5183 * @next: Force as the next work to be executed
5184 * @cb: Callback function for indicating when radio is available
5185 * @ctx: Context pointer for the work (work->ctx in cb())
5186 * Returns: 0 on success, -1 on failure
5188 * This function is used to request time for an operation that requires
5189 * exclusive radio control. Once the radio is available, the registered callback
5190 * function will be called. radio_work_done() must be called once the exclusive
5191 * radio operation has been completed, so that the radio is freed for other
5192 * operations. The special case of deinit=1 is used to free the context data
5193 * during interface removal. That does not allow the callback function to start
5194 * the radio operation, i.e., it must free any resources allocated for the radio
5197 * The @freq parameter can be used to indicate a single channel on which the
5198 * offchannel operation will occur. This may allow multiple radio work
5199 * operations to be performed in parallel if they apply for the same channel.
5200 * Setting this to 0 indicates that the work item may use multiple channels or
5201 * requires exclusive control of the radio.
5203 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5204 const char *type
, int next
,
5205 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5208 struct wpa_radio
*radio
= wpa_s
->radio
;
5209 struct wpa_radio_work
*work
;
5212 work
= os_zalloc(sizeof(*work
));
5215 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5216 os_get_reltime(&work
->time
);
5219 work
->wpa_s
= wpa_s
;
5224 work
->bands
= wpas_freq_to_band(freq
);
5225 else if (os_strcmp(type
, "scan") == 0 ||
5226 os_strcmp(type
, "p2p-scan") == 0)
5227 work
->bands
= wpas_get_bands(wpa_s
,
5228 ((struct wpa_driver_scan_params
*)
5231 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5233 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5235 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5237 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5239 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5240 radio_work_check_next(wpa_s
);
5241 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5242 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5243 wpa_dbg(wpa_s
, MSG_DEBUG
,
5244 "Try to schedule a radio work (num_active_works=%u)",
5245 radio
->num_active_works
);
5246 radio_work_check_next(wpa_s
);
5254 * radio_work_done - Indicate that a radio work item has been completed
5255 * @work: Completed work
5257 * This function is called once the callback function registered with
5258 * radio_add_work() has completed its work.
5260 void radio_work_done(struct wpa_radio_work
*work
)
5262 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5263 struct os_reltime now
, diff
;
5264 unsigned int started
= work
->started
;
5266 os_get_reltime(&now
);
5267 os_reltime_sub(&now
, &work
->time
, &diff
);
5268 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5269 work
->type
, work
, started
? "done" : "canceled",
5270 diff
.sec
, diff
.usec
);
5271 radio_work_free(work
);
5273 radio_work_check_next(wpa_s
);
5277 struct wpa_radio_work
*
5278 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5280 struct wpa_radio_work
*work
;
5281 struct wpa_radio
*radio
= wpa_s
->radio
;
5283 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5284 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5292 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5293 const struct wpa_interface
*iface
)
5295 const char *ifname
, *driver
, *rn
;
5297 driver
= iface
->driver
;
5299 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5302 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5303 if (wpa_s
->drv_priv
== NULL
) {
5305 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5307 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5308 "driver interface - try next driver wrapper");
5312 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5316 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5317 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5318 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5322 ifname
= wpa_drv_get_ifname(wpa_s
);
5323 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5324 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5325 "interface name with '%s'", ifname
);
5326 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5329 rn
= wpa_driver_get_radio_name(wpa_s
);
5330 if (rn
&& rn
[0] == '\0')
5333 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5334 if (wpa_s
->radio
== NULL
)
5341 #ifdef CONFIG_GAS_SERVER
5343 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5344 unsigned int freq
, const u8
*dst
,
5345 const u8
*src
, const u8
*bssid
,
5346 const u8
*data
, size_t data_len
,
5347 enum offchannel_send_action_result result
)
5349 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5352 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5353 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5355 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5356 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5360 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5361 struct wpabuf
*buf
, unsigned int wait_time
)
5363 struct wpa_supplicant
*wpa_s
= ctx
;
5364 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5366 if (wait_time
> wpa_s
->max_remain_on_chan
)
5367 wait_time
= wpa_s
->max_remain_on_chan
;
5369 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5370 wpabuf_head(buf
), wpabuf_len(buf
),
5371 wait_time
, wpas_gas_server_tx_status
, 0);
5374 #endif /* CONFIG_GAS_SERVER */
5376 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5377 const struct wpa_interface
*iface
)
5379 struct wpa_driver_capa capa
;
5383 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5384 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5385 iface
->confname
? iface
->confname
: "N/A",
5386 iface
->driver
? iface
->driver
: "default",
5387 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5388 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5390 if (iface
->confname
) {
5391 #ifdef CONFIG_BACKEND_FILE
5392 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5393 if (wpa_s
->confname
== NULL
) {
5394 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5395 "for configuration file '%s'.",
5399 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5400 iface
->confname
, wpa_s
->confname
);
5401 #else /* CONFIG_BACKEND_FILE */
5402 wpa_s
->confname
= os_strdup(iface
->confname
);
5403 #endif /* CONFIG_BACKEND_FILE */
5404 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5405 if (wpa_s
->conf
== NULL
) {
5406 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5407 "configuration '%s'.", wpa_s
->confname
);
5410 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5411 if (wpa_s
->confanother
&&
5412 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5413 wpa_printf(MSG_ERROR
,
5414 "Failed to read or parse configuration '%s'.",
5415 wpa_s
->confanother
);
5420 * Override ctrl_interface and driver_param if set on command
5423 if (iface
->ctrl_interface
) {
5424 os_free(wpa_s
->conf
->ctrl_interface
);
5425 wpa_s
->conf
->ctrl_interface
=
5426 os_strdup(iface
->ctrl_interface
);
5429 if (iface
->driver_param
) {
5430 os_free(wpa_s
->conf
->driver_param
);
5431 wpa_s
->conf
->driver_param
=
5432 os_strdup(iface
->driver_param
);
5435 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5436 os_free(wpa_s
->conf
->ctrl_interface
);
5437 wpa_s
->conf
->ctrl_interface
= NULL
;
5440 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5441 iface
->driver_param
);
5443 if (wpa_s
->conf
== NULL
) {
5444 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5448 if (iface
->ifname
== NULL
) {
5449 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5452 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5453 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5457 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5459 if (iface
->bridge_ifname
) {
5460 if (os_strlen(iface
->bridge_ifname
) >=
5461 sizeof(wpa_s
->bridge_ifname
)) {
5462 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5463 "name '%s'.", iface
->bridge_ifname
);
5466 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5467 sizeof(wpa_s
->bridge_ifname
));
5470 /* RSNA Supplicant Key Management - INITIALIZE */
5471 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5472 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5474 /* Initialize driver interface and register driver event handler before
5475 * L2 receive handler so that association events are processed before
5476 * EAPOL-Key packets if both become available for the same select()
5478 if (wpas_init_driver(wpa_s
, iface
) < 0)
5481 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5484 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5485 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5487 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5489 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5490 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5491 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5492 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5493 "dot11RSNAConfigPMKLifetime");
5497 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5498 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5499 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5500 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5501 "dot11RSNAConfigPMKReauthThreshold");
5505 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5506 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5507 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5508 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5509 "dot11RSNAConfigSATimeout");
5513 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5514 &wpa_s
->hw
.num_modes
,
5517 if (wpa_s
->hw
.modes
) {
5520 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5521 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5522 wpa_s
->hw_capab
= CAPAB_VHT
;
5526 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5527 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5528 wpa_s
->hw_capab
= CAPAB_HT40
;
5529 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5530 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5531 wpa_s
->hw_capab
= CAPAB_HT
;
5535 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5536 if (capa_res
== 0) {
5537 wpa_s
->drv_capa_known
= 1;
5538 wpa_s
->drv_flags
= capa
.flags
;
5539 wpa_s
->drv_enc
= capa
.enc
;
5540 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5541 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5542 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5543 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5544 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5545 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5546 wpa_s
->max_sched_scan_plan_interval
=
5547 capa
.max_sched_scan_plan_interval
;
5548 wpa_s
->max_sched_scan_plan_iterations
=
5549 capa
.max_sched_scan_plan_iterations
;
5550 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5551 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5552 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5553 wpa_s
->max_stations
= capa
.max_stations
;
5554 wpa_s
->extended_capa
= capa
.extended_capa
;
5555 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5556 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5557 wpa_s
->num_multichan_concurrent
=
5558 capa
.num_multichan_concurrent
;
5559 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5561 if (capa
.mac_addr_rand_scan_supported
)
5562 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5563 if (wpa_s
->sched_scan_supported
&&
5564 capa
.mac_addr_rand_sched_scan_supported
)
5565 wpa_s
->mac_addr_rand_supported
|=
5566 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5568 if (wpa_s
->max_remain_on_chan
== 0)
5569 wpa_s
->max_remain_on_chan
= 1000;
5572 * Only take p2p_mgmt parameters when P2P Device is supported.
5573 * Doing it here as it determines whether l2_packet_init() will be done
5574 * during wpa_supplicant_driver_init().
5576 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5577 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5579 if (wpa_s
->num_multichan_concurrent
== 0)
5580 wpa_s
->num_multichan_concurrent
= 1;
5582 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5586 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5588 #endif /* CONFIG_TDLS */
5590 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5591 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5592 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5597 if (wpa_s
->conf
->fst_group_id
) {
5598 struct fst_iface_cfg cfg
;
5599 struct fst_wpa_obj iface_obj
;
5601 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5602 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5603 sizeof(cfg
.group_id
));
5604 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5605 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5607 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5610 wpa_msg(wpa_s
, MSG_ERROR
,
5611 "FST: Cannot attach iface %s to group %s",
5612 wpa_s
->ifname
, cfg
.group_id
);
5616 #endif /* CONFIG_FST */
5618 if (wpas_wps_init(wpa_s
))
5621 #ifdef CONFIG_GAS_SERVER
5622 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5623 if (!wpa_s
->gas_server
) {
5624 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5627 #endif /* CONFIG_GAS_SERVER */
5630 if (wpas_dpp_init(wpa_s
) < 0)
5632 #endif /* CONFIG_DPP */
5634 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5636 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5638 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5639 if (wpa_s
->ctrl_iface
== NULL
) {
5640 wpa_printf(MSG_ERROR
,
5641 "Failed to initialize control interface '%s'.\n"
5642 "You may have another wpa_supplicant process "
5643 "already running or the file was\n"
5644 "left by an unclean termination of wpa_supplicant "
5645 "in which case you will need\n"
5646 "to manually remove this file before starting "
5647 "wpa_supplicant again.\n",
5648 wpa_s
->conf
->ctrl_interface
);
5652 wpa_s
->gas
= gas_query_init(wpa_s
);
5653 if (wpa_s
->gas
== NULL
) {
5654 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5658 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5660 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5661 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5665 if (wpa_bss_init(wpa_s
) < 0)
5668 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5670 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5671 #endif /* CONFIG_MESH */
5672 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5675 * Set Wake-on-WLAN triggers, if configured.
5676 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5677 * have effect anyway when the interface is down).
5679 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5682 #ifdef CONFIG_EAP_PROXY
5685 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5687 if (wpa_s
->mnc_len
> 0) {
5688 wpa_s
->imsi
[len
] = '\0';
5689 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5690 wpa_s
->imsi
, wpa_s
->mnc_len
);
5692 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5695 #endif /* CONFIG_EAP_PROXY */
5697 if (pcsc_reader_init(wpa_s
) < 0)
5700 if (wpas_init_ext_pw(wpa_s
) < 0)
5703 wpas_rrm_reset(wpa_s
);
5705 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5709 #endif /* CONFIG_HS20 */
5711 if (wpa_s
->conf
->oce
) {
5712 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5713 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5714 wpa_s
->enable_oce
= OCE_STA
;
5715 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5716 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5717 /* TODO: Need to add STA-CFON support */
5718 wpa_printf(MSG_ERROR
,
5719 "OCE STA-CFON feature is not yet supported");
5722 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5723 #endif /* CONFIG_MBO */
5725 wpa_supplicant_set_default_scan_ies(wpa_s
);
5731 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5732 int notify
, int terminate
)
5734 struct wpa_global
*global
= wpa_s
->global
;
5735 struct wpa_supplicant
*iface
, *prev
;
5737 if (wpa_s
== wpa_s
->parent
)
5738 wpas_p2p_group_remove(wpa_s
, "*");
5740 iface
= global
->ifaces
;
5742 if (iface
->p2pdev
== wpa_s
)
5743 iface
->p2pdev
= iface
->parent
;
5744 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5745 iface
= iface
->next
;
5748 wpa_printf(MSG_DEBUG
,
5749 "Remove remaining child interface %s from parent %s",
5750 iface
->ifname
, wpa_s
->ifname
);
5752 iface
= iface
->next
;
5753 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5756 wpa_s
->disconnected
= 1;
5757 if (wpa_s
->drv_priv
) {
5758 wpa_supplicant_deauthenticate(wpa_s
,
5759 WLAN_REASON_DEAUTH_LEAVING
);
5761 wpa_drv_set_countermeasures(wpa_s
, 0);
5762 wpa_clear_keys(wpa_s
, NULL
);
5765 wpa_supplicant_cleanup(wpa_s
);
5766 wpas_p2p_deinit_iface(wpa_s
);
5768 wpas_ctrl_radio_work_flush(wpa_s
);
5769 radio_remove_interface(wpa_s
);
5773 fst_detach(wpa_s
->fst
);
5776 if (wpa_s
->received_mb_ies
) {
5777 wpabuf_free(wpa_s
->received_mb_ies
);
5778 wpa_s
->received_mb_ies
= NULL
;
5780 #endif /* CONFIG_FST */
5782 if (wpa_s
->drv_priv
)
5783 wpa_drv_deinit(wpa_s
);
5786 wpas_notify_iface_removed(wpa_s
);
5789 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5791 if (wpa_s
->ctrl_iface
) {
5792 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5793 wpa_s
->ctrl_iface
= NULL
;
5798 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5799 wpa_s
->ifmsh
= NULL
;
5801 #endif /* CONFIG_MESH */
5803 if (wpa_s
->conf
!= NULL
) {
5804 wpa_config_free(wpa_s
->conf
);
5808 os_free(wpa_s
->ssids_from_scan_req
);
5814 #ifdef CONFIG_MATCH_IFACE
5817 * wpa_supplicant_match_iface - Match an interface description to a name
5818 * @global: Pointer to global data from wpa_supplicant_init()
5819 * @ifname: Name of the interface to match
5820 * Returns: Pointer to the created interface description or %NULL on failure
5822 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5826 struct wpa_interface
*iface
, *miface
;
5828 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5829 miface
= &global
->params
.match_ifaces
[i
];
5830 if (!miface
->ifname
||
5831 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5832 iface
= os_zalloc(sizeof(*iface
));
5836 iface
->ifname
= ifname
;
5846 * wpa_supplicant_match_existing - Match existing interfaces
5847 * @global: Pointer to global data from wpa_supplicant_init()
5848 * Returns: 0 on success, -1 on failure
5850 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5852 struct if_nameindex
*ifi
, *ifp
;
5853 struct wpa_supplicant
*wpa_s
;
5854 struct wpa_interface
*iface
;
5856 ifp
= if_nameindex();
5858 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5862 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5863 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5866 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5868 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5875 if_freenameindex(ifp
);
5879 #endif /* CONFIG_MATCH_IFACE */
5883 * wpa_supplicant_add_iface - Add a new network interface
5884 * @global: Pointer to global data from wpa_supplicant_init()
5885 * @iface: Interface configuration options
5886 * @parent: Parent interface or %NULL to assign new interface as parent
5887 * Returns: Pointer to the created interface or %NULL on failure
5889 * This function is used to add new network interfaces for %wpa_supplicant.
5890 * This can be called before wpa_supplicant_run() to add interfaces before the
5891 * main event loop has been started. In addition, new interfaces can be added
5892 * dynamically while %wpa_supplicant is already running. This could happen,
5893 * e.g., when a hotplug network adapter is inserted.
5895 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5896 struct wpa_interface
*iface
,
5897 struct wpa_supplicant
*parent
)
5899 struct wpa_supplicant
*wpa_s
;
5900 struct wpa_interface t_iface
;
5901 struct wpa_ssid
*ssid
;
5903 if (global
== NULL
|| iface
== NULL
)
5906 wpa_s
= wpa_supplicant_alloc(parent
);
5910 wpa_s
->global
= global
;
5913 if (global
->params
.override_driver
) {
5914 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5916 iface
->driver
, global
->params
.override_driver
);
5917 t_iface
.driver
= global
->params
.override_driver
;
5919 if (global
->params
.override_ctrl_interface
) {
5920 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5921 "ctrl_interface ('%s' -> '%s')",
5922 iface
->ctrl_interface
,
5923 global
->params
.override_ctrl_interface
);
5924 t_iface
.ctrl_interface
=
5925 global
->params
.override_ctrl_interface
;
5927 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5928 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5930 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5934 if (iface
->p2p_mgmt
== 0) {
5935 /* Notify the control interfaces about new iface */
5936 if (wpas_notify_iface_added(wpa_s
)) {
5937 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5941 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5942 wpas_notify_network_added(wpa_s
, ssid
);
5945 wpa_s
->next
= global
->ifaces
;
5946 global
->ifaces
= wpa_s
;
5948 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5949 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5952 if (wpa_s
->global
->p2p
== NULL
&&
5953 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5954 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5955 wpas_p2p_add_p2pdev_interface(
5956 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5957 wpa_printf(MSG_INFO
,
5958 "P2P: Failed to enable P2P Device interface");
5959 /* Try to continue without. P2P will be disabled. */
5961 #endif /* CONFIG_P2P */
5968 * wpa_supplicant_remove_iface - Remove a network interface
5969 * @global: Pointer to global data from wpa_supplicant_init()
5970 * @wpa_s: Pointer to the network interface to be removed
5971 * Returns: 0 if interface was removed, -1 if interface was not found
5973 * This function can be used to dynamically remove network interfaces from
5974 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5975 * addition, this function is used to remove all remaining interfaces when
5976 * %wpa_supplicant is terminated.
5978 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5979 struct wpa_supplicant
*wpa_s
,
5982 struct wpa_supplicant
*prev
;
5984 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5985 char *ifname
= NULL
;
5986 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5987 #endif /* CONFIG_MESH */
5989 /* Remove interface from the global list of interfaces */
5990 prev
= global
->ifaces
;
5991 if (prev
== wpa_s
) {
5992 global
->ifaces
= wpa_s
->next
;
5994 while (prev
&& prev
->next
!= wpa_s
)
5998 prev
->next
= wpa_s
->next
;
6001 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
6004 if (mesh_if_created
) {
6005 ifname
= os_strdup(wpa_s
->ifname
);
6006 if (ifname
== NULL
) {
6007 wpa_dbg(wpa_s
, MSG_ERROR
,
6008 "mesh: Failed to malloc ifname");
6012 #endif /* CONFIG_MESH */
6014 if (global
->p2p_group_formation
== wpa_s
)
6015 global
->p2p_group_formation
= NULL
;
6016 if (global
->p2p_invite_group
== wpa_s
)
6017 global
->p2p_invite_group
= NULL
;
6018 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
6021 if (mesh_if_created
) {
6022 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
6025 #endif /* CONFIG_MESH */
6032 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6033 * @wpa_s: Pointer to the network interface
6034 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6036 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6038 const char *eapol_method
;
6040 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6041 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6045 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6046 if (eapol_method
== NULL
)
6047 return "UNKNOWN-EAP";
6049 return eapol_method
;
6054 * wpa_supplicant_get_iface - Get a new network interface
6055 * @global: Pointer to global data from wpa_supplicant_init()
6056 * @ifname: Interface name
6057 * Returns: Pointer to the interface or %NULL if not found
6059 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6062 struct wpa_supplicant
*wpa_s
;
6064 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6065 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6072 #ifndef CONFIG_NO_WPA_MSG
6073 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6075 struct wpa_supplicant
*wpa_s
= ctx
;
6078 return wpa_s
->ifname
;
6080 #endif /* CONFIG_NO_WPA_MSG */
6083 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6084 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6085 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6087 /* Periodic cleanup tasks */
6088 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6090 struct wpa_global
*global
= eloop_ctx
;
6091 struct wpa_supplicant
*wpa_s
;
6093 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6094 wpas_periodic
, global
, NULL
);
6098 p2p_expire_peers(global
->p2p
);
6099 #endif /* CONFIG_P2P */
6101 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6102 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6105 #endif /* CONFIG_AP */
6111 * wpa_supplicant_init - Initialize %wpa_supplicant
6112 * @params: Parameters for %wpa_supplicant
6113 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6115 * This function is used to initialize %wpa_supplicant. After successful
6116 * initialization, the returned data pointer can be used to add and remove
6117 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6119 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6121 struct wpa_global
*global
;
6127 #ifdef CONFIG_DRIVER_NDIS
6129 void driver_ndis_init_ops(void);
6130 driver_ndis_init_ops();
6132 #endif /* CONFIG_DRIVER_NDIS */
6134 #ifndef CONFIG_NO_WPA_MSG
6135 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6136 #endif /* CONFIG_NO_WPA_MSG */
6138 if (params
->wpa_debug_file_path
)
6139 wpa_debug_open_file(params
->wpa_debug_file_path
);
6141 wpa_debug_setup_stdout();
6142 if (params
->wpa_debug_syslog
)
6143 wpa_debug_open_syslog();
6144 if (params
->wpa_debug_tracing
) {
6145 ret
= wpa_debug_open_linux_tracing();
6147 wpa_printf(MSG_ERROR
,
6148 "Failed to enable trace logging");
6153 ret
= eap_register_methods();
6155 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6157 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6158 "the same EAP type.");
6162 global
= os_zalloc(sizeof(*global
));
6165 dl_list_init(&global
->p2p_srv_bonjour
);
6166 dl_list_init(&global
->p2p_srv_upnp
);
6167 global
->params
.daemonize
= params
->daemonize
;
6168 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6169 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6170 if (params
->pid_file
)
6171 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6172 if (params
->ctrl_interface
)
6173 global
->params
.ctrl_interface
=
6174 os_strdup(params
->ctrl_interface
);
6175 if (params
->ctrl_interface_group
)
6176 global
->params
.ctrl_interface_group
=
6177 os_strdup(params
->ctrl_interface_group
);
6178 if (params
->override_driver
)
6179 global
->params
.override_driver
=
6180 os_strdup(params
->override_driver
);
6181 if (params
->override_ctrl_interface
)
6182 global
->params
.override_ctrl_interface
=
6183 os_strdup(params
->override_ctrl_interface
);
6184 #ifdef CONFIG_MATCH_IFACE
6185 global
->params
.match_iface_count
= params
->match_iface_count
;
6186 if (params
->match_iface_count
) {
6187 global
->params
.match_ifaces
=
6188 os_calloc(params
->match_iface_count
,
6189 sizeof(struct wpa_interface
));
6190 os_memcpy(global
->params
.match_ifaces
,
6191 params
->match_ifaces
,
6192 params
->match_iface_count
*
6193 sizeof(struct wpa_interface
));
6195 #endif /* CONFIG_MATCH_IFACE */
6197 if (params
->conf_p2p_dev
)
6198 global
->params
.conf_p2p_dev
=
6199 os_strdup(params
->conf_p2p_dev
);
6200 #endif /* CONFIG_P2P */
6201 wpa_debug_level
= global
->params
.wpa_debug_level
=
6202 params
->wpa_debug_level
;
6203 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6204 params
->wpa_debug_show_keys
;
6205 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6206 params
->wpa_debug_timestamp
;
6208 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6211 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6212 wpa_supplicant_deinit(global
);
6216 random_init(params
->entropy_file
);
6218 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6219 if (global
->ctrl_iface
== NULL
) {
6220 wpa_supplicant_deinit(global
);
6224 if (wpas_notify_supplicant_initialized(global
)) {
6225 wpa_supplicant_deinit(global
);
6229 for (i
= 0; wpa_drivers
[i
]; i
++)
6230 global
->drv_count
++;
6231 if (global
->drv_count
== 0) {
6232 wpa_printf(MSG_ERROR
, "No drivers enabled");
6233 wpa_supplicant_deinit(global
);
6236 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6237 if (global
->drv_priv
== NULL
) {
6238 wpa_supplicant_deinit(global
);
6242 #ifdef CONFIG_WIFI_DISPLAY
6243 if (wifi_display_init(global
) < 0) {
6244 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6245 wpa_supplicant_deinit(global
);
6248 #endif /* CONFIG_WIFI_DISPLAY */
6250 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6251 wpas_periodic
, global
, NULL
);
6258 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6259 * @global: Pointer to global data from wpa_supplicant_init()
6260 * Returns: 0 after successful event loop run, -1 on failure
6262 * This function starts the main event loop and continues running as long as
6263 * there are any remaining events. In most cases, this function is running as
6264 * long as the %wpa_supplicant process in still in use.
6266 int wpa_supplicant_run(struct wpa_global
*global
)
6268 struct wpa_supplicant
*wpa_s
;
6270 if (global
->params
.daemonize
&&
6271 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6272 eloop_sock_requeue()))
6275 #ifdef CONFIG_MATCH_IFACE
6276 if (wpa_supplicant_match_existing(global
))
6280 if (global
->params
.wait_for_monitor
) {
6281 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6282 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6283 wpa_supplicant_ctrl_iface_wait(
6287 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6288 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6297 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6298 * @global: Pointer to global data from wpa_supplicant_init()
6300 * This function is called to deinitialize %wpa_supplicant and to free all
6301 * allocated resources. Remaining network interfaces will also be removed.
6303 void wpa_supplicant_deinit(struct wpa_global
*global
)
6310 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6312 #ifdef CONFIG_WIFI_DISPLAY
6313 wifi_display_deinit(global
);
6314 #endif /* CONFIG_WIFI_DISPLAY */
6316 while (global
->ifaces
)
6317 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6319 if (global
->ctrl_iface
)
6320 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6322 wpas_notify_supplicant_deinitialized(global
);
6324 eap_peer_unregister_methods();
6326 eap_server_unregister_methods();
6327 #endif /* CONFIG_AP */
6329 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6330 if (!global
->drv_priv
[i
])
6332 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6334 os_free(global
->drv_priv
);
6340 if (global
->params
.pid_file
) {
6341 os_daemonize_terminate(global
->params
.pid_file
);
6342 os_free(global
->params
.pid_file
);
6344 os_free(global
->params
.ctrl_interface
);
6345 os_free(global
->params
.ctrl_interface_group
);
6346 os_free(global
->params
.override_driver
);
6347 os_free(global
->params
.override_ctrl_interface
);
6348 #ifdef CONFIG_MATCH_IFACE
6349 os_free(global
->params
.match_ifaces
);
6350 #endif /* CONFIG_MATCH_IFACE */
6352 os_free(global
->params
.conf_p2p_dev
);
6353 #endif /* CONFIG_P2P */
6355 os_free(global
->p2p_disallow_freq
.range
);
6356 os_free(global
->p2p_go_avoid_freq
.range
);
6357 os_free(global
->add_psk
);
6360 wpa_debug_close_syslog();
6361 wpa_debug_close_file();
6362 wpa_debug_close_linux_tracing();
6366 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6368 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6369 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6371 country
[0] = wpa_s
->conf
->country
[0];
6372 country
[1] = wpa_s
->conf
->country
[1];
6374 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6375 wpa_printf(MSG_ERROR
, "Failed to set country code "
6380 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6381 wpas_init_ext_pw(wpa_s
);
6383 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6384 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6386 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6387 struct wpa_driver_capa capa
;
6388 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6390 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6391 wpa_printf(MSG_ERROR
,
6392 "Failed to update wowlan_triggers to '%s'",
6393 wpa_s
->conf
->wowlan_triggers
);
6397 wpas_wps_update_config(wpa_s
);
6398 #endif /* CONFIG_WPS */
6399 wpas_p2p_update_config(wpa_s
);
6400 wpa_s
->conf
->changed_parameters
= 0;
6404 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6408 for (i
= 0; i
< *num_freqs
; i
++) {
6409 if (freqs
[i
] == freq
)
6413 freqs
[*num_freqs
] = freq
;
6418 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6420 struct wpa_bss
*bss
, *cbss
;
6421 const int max_freqs
= 10;
6425 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6429 cbss
= wpa_s
->current_bss
;
6431 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6434 if (bss
->ssid_len
== cbss
->ssid_len
&&
6435 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6436 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6437 add_freq(freqs
, &num_freqs
, bss
->freq
);
6438 if (num_freqs
== max_freqs
)
6443 if (num_freqs
== 0) {
6452 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6458 wpas_connect_work_done(wpa_s
);
6461 * Remove possible authentication timeout since the connection failed.
6463 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6466 * There is no point in blacklisting the AP if this event is
6467 * generated based on local request to disconnect.
6469 if (wpa_s
->own_disconnect_req
) {
6470 wpa_s
->own_disconnect_req
= 0;
6471 wpa_dbg(wpa_s
, MSG_DEBUG
,
6472 "Ignore connection failure due to local request to disconnect");
6475 if (wpa_s
->disconnected
) {
6476 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6477 "indication since interface has been put into "
6478 "disconnected state");
6483 * Add the failed BSSID into the blacklist and speed up next scan
6484 * attempt if there could be other APs that could accept association.
6485 * The current blacklist count indicates how many times we have tried
6486 * connecting to this AP and multiple attempts mean that other APs are
6487 * either not available or has already been tried, so that we can start
6488 * increasing the delay here to avoid constant scanning.
6490 count
= wpa_blacklist_add(wpa_s
, bssid
);
6491 if (count
== 1 && wpa_s
->current_bss
) {
6493 * This BSS was not in the blacklist before. If there is
6494 * another BSS available for the same ESS, we should try that
6495 * next. Otherwise, we may as well try this one once more
6496 * before allowing other, likely worse, ESSes to be considered.
6498 freqs
= get_bss_freqs_in_ess(wpa_s
);
6500 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6501 "has been seen; try it next");
6502 wpa_blacklist_add(wpa_s
, bssid
);
6504 * On the next scan, go through only the known channels
6505 * used in this ESS based on previous scans to speed up
6506 * common load balancing use case.
6508 os_free(wpa_s
->next_scan_freqs
);
6509 wpa_s
->next_scan_freqs
= freqs
;
6514 * Add previous failure count in case the temporary blacklist was
6515 * cleared due to no other BSSes being available.
6517 count
+= wpa_s
->extra_blacklist_count
;
6519 if (count
> 3 && wpa_s
->current_ssid
) {
6520 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6521 "consider temporary network disabling");
6522 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6543 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6544 "ms", count
, timeout
);
6547 * TODO: if more than one possible AP is available in scan results,
6548 * could try the other ones before requesting a new scan.
6550 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6551 1000 * (timeout
% 1000));
6556 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6558 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6559 const u8
*realm
, *username
, *rrk
;
6560 size_t realm_len
, username_len
, rrk_len
;
6563 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6564 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6565 &username
, &username_len
,
6566 &realm
, &realm_len
, &next_seq_num
,
6567 &rrk
, &rrk_len
) != 0 ||
6571 wpa_hexdump_ascii(MSG_DEBUG
,
6572 "FILS: Store last connection failure realm",
6574 os_free(wpa_s
->last_con_fail_realm
);
6575 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6576 if (wpa_s
->last_con_fail_realm
) {
6577 wpa_s
->last_con_fail_realm_len
= realm_len
;
6578 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6581 #endif /* CONFIG_FILS */
6584 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6586 return wpa_s
->conf
->ap_scan
== 2 ||
6587 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6591 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6592 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6593 struct wpa_ssid
*ssid
,
6597 #ifdef IEEE8021X_EAPOL
6598 struct eap_peer_config
*eap
= &ssid
->eap
;
6600 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6601 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6602 (const u8
*) value
, os_strlen(value
));
6604 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6605 case WPA_CTRL_REQ_EAP_IDENTITY
:
6606 os_free(eap
->identity
);
6607 eap
->identity
= (u8
*) os_strdup(value
);
6608 eap
->identity_len
= os_strlen(value
);
6609 eap
->pending_req_identity
= 0;
6610 if (ssid
== wpa_s
->current_ssid
)
6611 wpa_s
->reassociate
= 1;
6613 case WPA_CTRL_REQ_EAP_PASSWORD
:
6614 bin_clear_free(eap
->password
, eap
->password_len
);
6615 eap
->password
= (u8
*) os_strdup(value
);
6616 eap
->password_len
= os_strlen(value
);
6617 eap
->pending_req_password
= 0;
6618 if (ssid
== wpa_s
->current_ssid
)
6619 wpa_s
->reassociate
= 1;
6621 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6622 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6623 eap
->new_password
= (u8
*) os_strdup(value
);
6624 eap
->new_password_len
= os_strlen(value
);
6625 eap
->pending_req_new_password
= 0;
6626 if (ssid
== wpa_s
->current_ssid
)
6627 wpa_s
->reassociate
= 1;
6629 case WPA_CTRL_REQ_EAP_PIN
:
6630 str_clear_free(eap
->pin
);
6631 eap
->pin
= os_strdup(value
);
6632 eap
->pending_req_pin
= 0;
6633 if (ssid
== wpa_s
->current_ssid
)
6634 wpa_s
->reassociate
= 1;
6636 case WPA_CTRL_REQ_EAP_OTP
:
6637 bin_clear_free(eap
->otp
, eap
->otp_len
);
6638 eap
->otp
= (u8
*) os_strdup(value
);
6639 eap
->otp_len
= os_strlen(value
);
6640 os_free(eap
->pending_req_otp
);
6641 eap
->pending_req_otp
= NULL
;
6642 eap
->pending_req_otp_len
= 0;
6644 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6645 str_clear_free(eap
->private_key_passwd
);
6646 eap
->private_key_passwd
= os_strdup(value
);
6647 eap
->pending_req_passphrase
= 0;
6648 if (ssid
== wpa_s
->current_ssid
)
6649 wpa_s
->reassociate
= 1;
6651 case WPA_CTRL_REQ_SIM
:
6652 str_clear_free(eap
->external_sim_resp
);
6653 eap
->external_sim_resp
= os_strdup(value
);
6654 eap
->pending_req_sim
= 0;
6656 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6657 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6659 ssid
->mem_only_psk
= 1;
6660 if (ssid
->passphrase
)
6661 wpa_config_update_psk(ssid
);
6662 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6663 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6665 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6666 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6668 if (os_strcmp(value
, "good") == 0)
6669 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6670 else if (os_strcmp(value
, "bad") == 0)
6671 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6676 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6681 #else /* IEEE8021X_EAPOL */
6682 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6684 #endif /* IEEE8021X_EAPOL */
6686 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6689 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6692 unsigned int drv_enc
;
6694 if (wpa_s
->p2p_mgmt
)
6695 return 1; /* no normal network profiles on p2p_mgmt interface */
6703 if (wpa_s
->drv_capa_known
)
6704 drv_enc
= wpa_s
->drv_enc
;
6706 drv_enc
= (unsigned int) -1;
6708 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6709 size_t len
= ssid
->wep_key_len
[i
];
6712 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6714 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6716 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6718 return 1; /* invalid WEP key */
6721 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6722 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6723 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
6724 !ssid
->mem_only_psk
)
6731 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6733 #ifdef CONFIG_IEEE80211W
6734 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6735 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6736 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6738 * Driver does not support BIP -- ignore pmf=1 default
6739 * since the connection with PMF would fail and the
6740 * configuration does not require PMF to be enabled.
6742 return NO_MGMT_FRAME_PROTECTION
;
6747 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6748 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6750 * Do not use the default PMF value for non-RSN networks
6751 * since PMF is available only with RSN and pmf=2
6752 * configuration would otherwise prevent connections to
6753 * all open networks.
6755 return NO_MGMT_FRAME_PROTECTION
;
6758 return wpa_s
->conf
->pmf
;
6761 return ssid
->ieee80211w
;
6762 #else /* CONFIG_IEEE80211W */
6763 return NO_MGMT_FRAME_PROTECTION
;
6764 #endif /* CONFIG_IEEE80211W */
6768 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6770 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6772 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6778 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6780 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6782 struct os_reltime now
;
6785 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6790 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6793 ssid
->auth_failures
++;
6796 if (ssid
->p2p_group
&&
6797 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6799 * Skip the wait time since there is a short timeout on the
6800 * connection to a P2P group.
6804 #endif /* CONFIG_P2P */
6806 if (ssid
->auth_failures
> 50)
6808 else if (ssid
->auth_failures
> 10)
6810 else if (ssid
->auth_failures
> 5)
6812 else if (ssid
->auth_failures
> 3)
6814 else if (ssid
->auth_failures
> 2)
6816 else if (ssid
->auth_failures
> 1)
6821 if (ssid
->auth_failures
> 1 &&
6822 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6823 dur
+= os_random() % (ssid
->auth_failures
* 10);
6825 os_get_reltime(&now
);
6826 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6829 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6831 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6832 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6833 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6834 ssid
->auth_failures
, dur
, reason
);
6838 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6839 struct wpa_ssid
*ssid
, int clear_failures
)
6844 if (ssid
->disabled_until
.sec
) {
6845 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6846 "id=%d ssid=\"%s\"",
6847 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6849 ssid
->disabled_until
.sec
= 0;
6850 ssid
->disabled_until
.usec
= 0;
6852 ssid
->auth_failures
= 0;
6856 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6860 if (wpa_s
->disallow_aps_bssid
== NULL
)
6863 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6864 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6865 bssid
, ETH_ALEN
) == 0)
6873 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6878 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6881 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6882 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6883 if (ssid_len
== s
->ssid_len
&&
6884 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6893 * wpas_request_connection - Request a new connection
6894 * @wpa_s: Pointer to the network interface
6896 * This function is used to request a new connection to be found. It will mark
6897 * the interface to allow reassociation and request a new scan to find a
6898 * suitable network to connect to.
6900 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6902 wpa_s
->normal_scans
= 0;
6903 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6904 wpa_supplicant_reinit_autoscan(wpa_s
);
6905 wpa_s
->extra_blacklist_count
= 0;
6906 wpa_s
->disconnected
= 0;
6907 wpa_s
->reassociate
= 1;
6908 wpa_s
->last_owe_group
= 0;
6910 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6911 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6913 wpa_s
->reattach
= 0;
6918 * wpas_request_disconnection - Request disconnection
6919 * @wpa_s: Pointer to the network interface
6921 * This function is used to request disconnection from the currently connected
6922 * network. This will stop any ongoing scans and initiate deauthentication.
6924 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6927 wpa_s
->sme
.prev_bssid_set
= 0;
6928 #endif /* CONFIG_SME */
6929 wpa_s
->reassociate
= 0;
6930 wpa_s
->disconnected
= 1;
6931 wpa_supplicant_cancel_sched_scan(wpa_s
);
6932 wpa_supplicant_cancel_scan(wpa_s
);
6933 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6934 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6938 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6939 struct wpa_used_freq_data
*freqs_data
,
6944 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6946 for (i
= 0; i
< len
; i
++) {
6947 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6948 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6949 i
, cur
->freq
, cur
->flags
);
6955 * Find the operating frequencies of any of the virtual interfaces that
6956 * are using the same radio as the current interface, and in addition, get
6957 * information about the interface types that are using the frequency.
6959 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6960 struct wpa_used_freq_data
*freqs_data
,
6963 struct wpa_supplicant
*ifs
;
6966 unsigned int idx
= 0, i
;
6968 wpa_dbg(wpa_s
, MSG_DEBUG
,
6969 "Determining shared radio frequencies (max len %u)", len
);
6970 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6972 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6977 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6980 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6981 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6982 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6983 freq
= ifs
->current_ssid
->frequency
;
6984 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6985 freq
= ifs
->assoc_freq
;
6989 /* Hold only distinct freqs */
6990 for (i
= 0; i
< idx
; i
++)
6991 if (freqs_data
[i
].freq
== freq
)
6995 freqs_data
[idx
++].freq
= freq
;
6997 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6998 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6999 WPA_FREQ_USED_BY_P2P_CLIENT
:
7000 WPA_FREQ_USED_BY_INFRA_STATION
;
7004 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
7010 * Find the operating frequencies of any of the virtual interfaces that
7011 * are using the same radio as the current interface.
7013 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
7014 int *freq_array
, unsigned int len
)
7016 struct wpa_used_freq_data
*freqs_data
;
7019 os_memset(freq_array
, 0, sizeof(int) * len
);
7021 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
7025 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
7026 for (i
= 0; i
< num
; i
++)
7027 freq_array
[i
] = freqs_data
[i
].freq
;
7029 os_free(freqs_data
);
7035 struct wpa_supplicant
*
7036 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7040 case VENDOR_ELEM_PROBE_REQ_P2P
:
7041 case VENDOR_ELEM_PROBE_RESP_P2P
:
7042 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7043 case VENDOR_ELEM_BEACON_P2P_GO
:
7044 case VENDOR_ELEM_P2P_PD_REQ
:
7045 case VENDOR_ELEM_P2P_PD_RESP
:
7046 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7047 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7048 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7049 case VENDOR_ELEM_P2P_INV_REQ
:
7050 case VENDOR_ELEM_P2P_INV_RESP
:
7051 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7052 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7053 return wpa_s
->p2pdev
;
7054 #endif /* CONFIG_P2P */
7061 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7066 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7068 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7069 if (wpa_s
->vendor_elem
[i
]) {
7072 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7073 if (!os_snprintf_error(sizeof(buf
), res
)) {
7074 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7075 wpa_s
->vendor_elem
[i
]);
7081 if (wpa_s
->parent
== wpa_s
&&
7082 wpa_s
->global
->p2p
&&
7083 !wpa_s
->global
->p2p_disabled
)
7084 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7085 #endif /* CONFIG_P2P */
7089 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7090 const u8
*elem
, size_t len
)
7094 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7095 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7097 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7100 if (os_memcmp(ie
, elem
, len
) != 0)
7103 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7104 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7105 wpa_s
->vendor_elem
[frame
] = NULL
;
7107 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7108 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7110 wpas_vendor_elem_update(wpa_s
);
7118 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7119 u16 num_modes
, enum hostapd_hw_mode mode
)
7123 for (i
= 0; i
< num_modes
; i
++) {
7124 if (modes
[i
].mode
== mode
)
7133 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7136 struct wpa_bss_tmp_disallowed
*bss
;
7138 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7139 struct wpa_bss_tmp_disallowed
, list
) {
7140 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7148 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7150 struct wpa_bss_tmp_disallowed
*tmp
;
7151 unsigned int num_bssid
= 0;
7155 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7158 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7159 struct wpa_bss_tmp_disallowed
, list
) {
7160 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7164 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7170 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7172 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7173 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7175 /* Make sure the bss is not already freed */
7176 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7177 struct wpa_bss_tmp_disallowed
, list
) {
7179 dl_list_del(&tmp
->list
);
7181 wpa_set_driver_tmp_disallow_list(wpa_s
);
7188 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7191 struct wpa_bss_tmp_disallowed
*bss
;
7193 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7195 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7196 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7201 bss
= os_malloc(sizeof(*bss
));
7203 wpa_printf(MSG_DEBUG
,
7204 "Failed to allocate memory for temp disallow BSS");
7208 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7209 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7210 wpa_set_driver_tmp_disallow_list(wpa_s
);
7211 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7216 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7218 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
7220 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7221 struct wpa_bss_tmp_disallowed
, list
) {
7222 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {