]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bgscan: Do not initialize bgscan if disabled by user
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14
15 #include "common.h"
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
23 #include "eloop.h"
24 #include "config.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
28 #include "driver_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "p2p/p2p.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
40 #include "ibss_rsn.h"
41 #include "sme.h"
42 #include "gas_query.h"
43 #include "ap.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
46 #include "notify.h"
47 #include "bgscan.h"
48 #include "autoscan.h"
49 #include "bss.h"
50 #include "scan.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
53 #include "wnm_sta.h"
54
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
58
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
66 ;
67
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
71 "";
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
74 "\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
77 "met:\n"
78 "\n";
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
82 "\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
86 "\n";
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
91 "\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
104 "\n";
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
106
107 /* Configure default/group WEP keys for static WEP */
108 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
109 {
110 int i, set = 0;
111
112 for (i = 0; i < NUM_WEP_KEYS; i++) {
113 if (ssid->wep_key_len[i] == 0)
114 continue;
115
116 set = 1;
117 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
118 i, i == ssid->wep_tx_keyidx, NULL, 0,
119 ssid->wep_key[i], ssid->wep_key_len[i]);
120 }
121
122 return set;
123 }
124
125
126 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
127 struct wpa_ssid *ssid)
128 {
129 u8 key[32];
130 size_t keylen;
131 enum wpa_alg alg;
132 u8 seq[6] = { 0 };
133
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
136
137 if (ssid->mode != WPAS_MODE_IBSS) {
138 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid->mode);
140 return -1;
141 }
142
143 if (!ssid->psk_set) {
144 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
145 "WPA-None");
146 return -1;
147 }
148
149 switch (wpa_s->group_cipher) {
150 case WPA_CIPHER_CCMP:
151 os_memcpy(key, ssid->psk, 16);
152 keylen = 16;
153 alg = WPA_ALG_CCMP;
154 break;
155 case WPA_CIPHER_GCMP:
156 os_memcpy(key, ssid->psk, 16);
157 keylen = 16;
158 alg = WPA_ALG_GCMP;
159 break;
160 case WPA_CIPHER_TKIP:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key, ssid->psk, 16 + 8);
163 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
164 keylen = 32;
165 alg = WPA_ALG_TKIP;
166 break;
167 default:
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s->group_cipher);
170 return -1;
171 }
172
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
175
176 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
177 }
178
179
180 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
181 {
182 struct wpa_supplicant *wpa_s = eloop_ctx;
183 const u8 *bssid = wpa_s->bssid;
184 if (is_zero_ether_addr(bssid))
185 bssid = wpa_s->pending_bssid;
186 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
187 MAC2STR(bssid));
188 wpa_blacklist_add(wpa_s, bssid);
189 wpa_sm_notify_disassoc(wpa_s->wpa);
190 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
191 wpa_s->reassociate = 1;
192
193 /*
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
196 */
197 wpa_supplicant_req_scan(wpa_s, 1, 0);
198 }
199
200
201 /**
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
206 *
207 * This function is used to schedule a timeout for the current authentication
208 * attempt.
209 */
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
211 int sec, int usec)
212 {
213 if (wpa_s->conf->ap_scan == 0 &&
214 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
215 return;
216
217 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
221 }
222
223
224 /**
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
227 *
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
230 * been completed.
231 */
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
233 {
234 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
237 }
238
239
240 /**
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
243 *
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
246 */
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
248 {
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
252
253 #ifdef CONFIG_IBSS_RSN
254 if (ssid->mode == WPAS_MODE_IBSS &&
255 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
257 /*
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
260 */
261 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
264 return;
265 }
266 #endif /* CONFIG_IBSS_RSN */
267
268 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
270
271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
274 else
275 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
276
277 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279 eapol_conf.accept_802_1x_keys = 1;
280 eapol_conf.required_keys = 0;
281 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
283 }
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285 eapol_conf.required_keys |=
286 EAPOL_REQUIRE_KEY_BROADCAST;
287 }
288
289 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
290 eapol_conf.required_keys = 0;
291 }
292 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
293 eapol_conf.workaround = ssid->eap_workaround;
294 eapol_conf.eap_disabled =
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
296 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
298 eapol_conf.external_sim = wpa_s->conf->external_sim;
299 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300 #endif /* IEEE8021X_EAPOL */
301 }
302
303
304 /**
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
308 *
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
312 */
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314 struct wpa_ssid *ssid)
315 {
316 int i;
317
318 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
321 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
322 else
323 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328 wpa_s->group_cipher = WPA_CIPHER_NONE;
329 wpa_s->mgmt_group_cipher = 0;
330
331 for (i = 0; i < NUM_WEP_KEYS; i++) {
332 if (ssid->wep_key_len[i] > 5) {
333 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334 wpa_s->group_cipher = WPA_CIPHER_WEP104;
335 break;
336 } else if (ssid->wep_key_len[i] > 0) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338 wpa_s->group_cipher = WPA_CIPHER_WEP40;
339 break;
340 }
341 }
342
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346 wpa_s->pairwise_cipher);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348 #ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350 wpa_s->mgmt_group_cipher);
351 #endif /* CONFIG_IEEE80211W */
352
353 pmksa_cache_clear_current(wpa_s->wpa);
354 }
355
356
357 void free_hw_features(struct wpa_supplicant *wpa_s)
358 {
359 int i;
360 if (wpa_s->hw.modes == NULL)
361 return;
362
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 os_free(wpa_s->hw.modes[i].channels);
365 os_free(wpa_s->hw.modes[i].rates);
366 }
367
368 os_free(wpa_s->hw.modes);
369 wpa_s->hw.modes = NULL;
370 }
371
372
373 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
374 {
375 bgscan_deinit(wpa_s);
376 autoscan_deinit(wpa_s);
377 scard_deinit(wpa_s->scard);
378 wpa_s->scard = NULL;
379 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
380 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
381 l2_packet_deinit(wpa_s->l2);
382 wpa_s->l2 = NULL;
383 if (wpa_s->l2_br) {
384 l2_packet_deinit(wpa_s->l2_br);
385 wpa_s->l2_br = NULL;
386 }
387
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
392 }
393
394 os_free(wpa_s->confname);
395 wpa_s->confname = NULL;
396
397 os_free(wpa_s->confanother);
398 wpa_s->confanother = NULL;
399
400 wpa_sm_set_eapol(wpa_s->wpa, NULL);
401 eapol_sm_deinit(wpa_s->eapol);
402 wpa_s->eapol = NULL;
403
404 rsn_preauth_deinit(wpa_s->wpa);
405
406 #ifdef CONFIG_TDLS
407 wpa_tdls_deinit(wpa_s->wpa);
408 #endif /* CONFIG_TDLS */
409
410 pmksa_candidate_free(wpa_s->wpa);
411 wpa_sm_deinit(wpa_s->wpa);
412 wpa_s->wpa = NULL;
413 wpa_blacklist_clear(wpa_s);
414
415 wpa_bss_deinit(wpa_s);
416
417 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
418 wpa_supplicant_cancel_scan(wpa_s);
419 wpa_supplicant_cancel_auth_timeout(wpa_s);
420 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
421 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
422 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
423 wpa_s, NULL);
424 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
425
426 wpas_wps_deinit(wpa_s);
427
428 wpabuf_free(wpa_s->pending_eapol_rx);
429 wpa_s->pending_eapol_rx = NULL;
430
431 #ifdef CONFIG_IBSS_RSN
432 ibss_rsn_deinit(wpa_s->ibss_rsn);
433 wpa_s->ibss_rsn = NULL;
434 #endif /* CONFIG_IBSS_RSN */
435
436 sme_deinit(wpa_s);
437
438 #ifdef CONFIG_AP
439 wpa_supplicant_ap_deinit(wpa_s);
440 #endif /* CONFIG_AP */
441
442 #ifdef CONFIG_P2P
443 wpas_p2p_deinit(wpa_s);
444 #endif /* CONFIG_P2P */
445
446 #ifdef CONFIG_OFFCHANNEL
447 offchannel_deinit(wpa_s);
448 #endif /* CONFIG_OFFCHANNEL */
449
450 wpa_supplicant_cancel_sched_scan(wpa_s);
451
452 os_free(wpa_s->next_scan_freqs);
453 wpa_s->next_scan_freqs = NULL;
454
455 os_free(wpa_s->manual_scan_freqs);
456 wpa_s->manual_scan_freqs = NULL;
457
458 gas_query_deinit(wpa_s->gas);
459 wpa_s->gas = NULL;
460
461 free_hw_features(wpa_s);
462
463 os_free(wpa_s->bssid_filter);
464 wpa_s->bssid_filter = NULL;
465
466 os_free(wpa_s->disallow_aps_bssid);
467 wpa_s->disallow_aps_bssid = NULL;
468 os_free(wpa_s->disallow_aps_ssid);
469 wpa_s->disallow_aps_ssid = NULL;
470
471 wnm_bss_keep_alive_deinit(wpa_s);
472 #ifdef CONFIG_WNM
473 wnm_deallocate_memory(wpa_s);
474 #endif /* CONFIG_WNM */
475
476 ext_password_deinit(wpa_s->ext_pw);
477 wpa_s->ext_pw = NULL;
478
479 wpabuf_free(wpa_s->last_gas_resp);
480 wpa_s->last_gas_resp = NULL;
481 wpabuf_free(wpa_s->prev_gas_resp);
482 wpa_s->prev_gas_resp = NULL;
483
484 os_free(wpa_s->last_scan_res);
485 wpa_s->last_scan_res = NULL;
486
487 #ifdef CONFIG_HS20
488 hs20_free_osu_prov(wpa_s);
489 #endif /* CONFIG_HS20 */
490 }
491
492
493 /**
494 * wpa_clear_keys - Clear keys configured for the driver
495 * @wpa_s: Pointer to wpa_supplicant data
496 * @addr: Previously used BSSID or %NULL if not available
497 *
498 * This function clears the encryption keys that has been previously configured
499 * for the driver.
500 */
501 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
502 {
503 int i, max;
504
505 #ifdef CONFIG_IEEE80211W
506 max = 6;
507 #else /* CONFIG_IEEE80211W */
508 max = 4;
509 #endif /* CONFIG_IEEE80211W */
510
511 /* MLME-DELETEKEYS.request */
512 for (i = 0; i < max; i++) {
513 if (wpa_s->keys_cleared & BIT(i))
514 continue;
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
516 NULL, 0);
517 }
518 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
519 !is_zero_ether_addr(addr)) {
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
521 0);
522 /* MLME-SETPROTECTION.request(None) */
523 wpa_drv_mlme_setprotection(
524 wpa_s, addr,
525 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
526 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
527 }
528 wpa_s->keys_cleared = (u32) -1;
529 }
530
531
532 /**
533 * wpa_supplicant_state_txt - Get the connection state name as a text string
534 * @state: State (wpa_state; WPA_*)
535 * Returns: The state name as a printable text string
536 */
537 const char * wpa_supplicant_state_txt(enum wpa_states state)
538 {
539 switch (state) {
540 case WPA_DISCONNECTED:
541 return "DISCONNECTED";
542 case WPA_INACTIVE:
543 return "INACTIVE";
544 case WPA_INTERFACE_DISABLED:
545 return "INTERFACE_DISABLED";
546 case WPA_SCANNING:
547 return "SCANNING";
548 case WPA_AUTHENTICATING:
549 return "AUTHENTICATING";
550 case WPA_ASSOCIATING:
551 return "ASSOCIATING";
552 case WPA_ASSOCIATED:
553 return "ASSOCIATED";
554 case WPA_4WAY_HANDSHAKE:
555 return "4WAY_HANDSHAKE";
556 case WPA_GROUP_HANDSHAKE:
557 return "GROUP_HANDSHAKE";
558 case WPA_COMPLETED:
559 return "COMPLETED";
560 default:
561 return "UNKNOWN";
562 }
563 }
564
565
566 #ifdef CONFIG_BGSCAN
567
568 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
569 {
570 const char *name;
571
572 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
573 name = wpa_s->current_ssid->bgscan;
574 else
575 name = wpa_s->conf->bgscan;
576 if (name == NULL || name[0] == '\0')
577 return;
578 if (wpas_driver_bss_selection(wpa_s))
579 return;
580 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
581 return;
582
583 bgscan_deinit(wpa_s);
584 if (wpa_s->current_ssid) {
585 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
586 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
587 "bgscan");
588 /*
589 * Live without bgscan; it is only used as a roaming
590 * optimization, so the initial connection is not
591 * affected.
592 */
593 } else {
594 struct wpa_scan_results *scan_res;
595 wpa_s->bgscan_ssid = wpa_s->current_ssid;
596 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
597 0);
598 if (scan_res) {
599 bgscan_notify_scan(wpa_s, scan_res);
600 wpa_scan_results_free(scan_res);
601 }
602 }
603 } else
604 wpa_s->bgscan_ssid = NULL;
605 }
606
607
608 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
609 {
610 if (wpa_s->bgscan_ssid != NULL) {
611 bgscan_deinit(wpa_s);
612 wpa_s->bgscan_ssid = NULL;
613 }
614 }
615
616 #endif /* CONFIG_BGSCAN */
617
618
619 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
620 {
621 if (autoscan_init(wpa_s, 0))
622 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
623 }
624
625
626 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
627 {
628 autoscan_deinit(wpa_s);
629 }
630
631
632 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
633 {
634 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
635 wpa_s->wpa_state == WPA_SCANNING) {
636 autoscan_deinit(wpa_s);
637 wpa_supplicant_start_autoscan(wpa_s);
638 }
639 }
640
641
642 /**
643 * wpa_supplicant_set_state - Set current connection state
644 * @wpa_s: Pointer to wpa_supplicant data
645 * @state: The new connection state
646 *
647 * This function is called whenever the connection state changes, e.g.,
648 * association is completed for WPA/WPA2 4-Way Handshake is started.
649 */
650 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
651 enum wpa_states state)
652 {
653 enum wpa_states old_state = wpa_s->wpa_state;
654
655 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
656 wpa_supplicant_state_txt(wpa_s->wpa_state),
657 wpa_supplicant_state_txt(state));
658
659 if (state == WPA_INTERFACE_DISABLED) {
660 /* Assure normal scan when interface is restored */
661 wpa_s->normal_scans = 0;
662 }
663
664 if (state == WPA_COMPLETED)
665 wpas_connect_work_done(wpa_s);
666
667 if (state != WPA_SCANNING)
668 wpa_supplicant_notify_scanning(wpa_s, 0);
669
670 if (state == WPA_COMPLETED && wpa_s->new_connection) {
671 struct wpa_ssid *ssid = wpa_s->current_ssid;
672 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
673 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
674 MACSTR " completed [id=%d id_str=%s]",
675 MAC2STR(wpa_s->bssid),
676 ssid ? ssid->id : -1,
677 ssid && ssid->id_str ? ssid->id_str : "");
678 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
679 wpas_clear_temp_disabled(wpa_s, ssid, 1);
680 wpa_s->extra_blacklist_count = 0;
681 wpa_s->new_connection = 0;
682 wpa_drv_set_operstate(wpa_s, 1);
683 #ifndef IEEE8021X_EAPOL
684 wpa_drv_set_supp_port(wpa_s, 1);
685 #endif /* IEEE8021X_EAPOL */
686 wpa_s->after_wps = 0;
687 wpa_s->known_wps_freq = 0;
688 #ifdef CONFIG_P2P
689 wpas_p2p_completed(wpa_s);
690 #endif /* CONFIG_P2P */
691
692 sme_sched_obss_scan(wpa_s, 1);
693 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
694 state == WPA_ASSOCIATED) {
695 wpa_s->new_connection = 1;
696 wpa_drv_set_operstate(wpa_s, 0);
697 #ifndef IEEE8021X_EAPOL
698 wpa_drv_set_supp_port(wpa_s, 0);
699 #endif /* IEEE8021X_EAPOL */
700 sme_sched_obss_scan(wpa_s, 0);
701 }
702 wpa_s->wpa_state = state;
703
704 #ifdef CONFIG_BGSCAN
705 if (state == WPA_COMPLETED)
706 wpa_supplicant_start_bgscan(wpa_s);
707 else if (state < WPA_ASSOCIATED)
708 wpa_supplicant_stop_bgscan(wpa_s);
709 #endif /* CONFIG_BGSCAN */
710
711 if (state == WPA_AUTHENTICATING)
712 wpa_supplicant_stop_autoscan(wpa_s);
713
714 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
715 wpa_supplicant_start_autoscan(wpa_s);
716
717 if (wpa_s->wpa_state != old_state) {
718 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
719
720 if (wpa_s->wpa_state == WPA_COMPLETED ||
721 old_state == WPA_COMPLETED)
722 wpas_notify_auth_changed(wpa_s);
723 }
724 }
725
726
727 void wpa_supplicant_terminate_proc(struct wpa_global *global)
728 {
729 int pending = 0;
730 #ifdef CONFIG_WPS
731 struct wpa_supplicant *wpa_s = global->ifaces;
732 while (wpa_s) {
733 struct wpa_supplicant *next = wpa_s->next;
734 #ifdef CONFIG_P2P
735 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
736 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
737 wpas_p2p_disconnect(wpa_s);
738 #endif /* CONFIG_P2P */
739 if (wpas_wps_terminate_pending(wpa_s) == 1)
740 pending = 1;
741 wpa_s = next;
742 }
743 #endif /* CONFIG_WPS */
744 if (pending)
745 return;
746 eloop_terminate();
747 }
748
749
750 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
751 {
752 struct wpa_global *global = signal_ctx;
753 wpa_supplicant_terminate_proc(global);
754 }
755
756
757 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
758 {
759 enum wpa_states old_state = wpa_s->wpa_state;
760
761 wpa_s->pairwise_cipher = 0;
762 wpa_s->group_cipher = 0;
763 wpa_s->mgmt_group_cipher = 0;
764 wpa_s->key_mgmt = 0;
765 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
766 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
767
768 if (wpa_s->wpa_state != old_state)
769 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
770 }
771
772
773 /**
774 * wpa_supplicant_reload_configuration - Reload configuration data
775 * @wpa_s: Pointer to wpa_supplicant data
776 * Returns: 0 on success or -1 if configuration parsing failed
777 *
778 * This function can be used to request that the configuration data is reloaded
779 * (e.g., after configuration file change). This function is reloading
780 * configuration only for one interface, so this may need to be called multiple
781 * times if %wpa_supplicant is controlling multiple interfaces and all
782 * interfaces need reconfiguration.
783 */
784 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
785 {
786 struct wpa_config *conf;
787 int reconf_ctrl;
788 int old_ap_scan;
789
790 if (wpa_s->confname == NULL)
791 return -1;
792 conf = wpa_config_read(wpa_s->confname, NULL);
793 if (conf == NULL) {
794 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
795 "file '%s' - exiting", wpa_s->confname);
796 return -1;
797 }
798 wpa_config_read(wpa_s->confanother, conf);
799
800 conf->changed_parameters = (unsigned int) -1;
801
802 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
803 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
804 os_strcmp(conf->ctrl_interface,
805 wpa_s->conf->ctrl_interface) != 0);
806
807 if (reconf_ctrl && wpa_s->ctrl_iface) {
808 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
809 wpa_s->ctrl_iface = NULL;
810 }
811
812 eapol_sm_invalidate_cached_session(wpa_s->eapol);
813 if (wpa_s->current_ssid) {
814 wpa_supplicant_deauthenticate(wpa_s,
815 WLAN_REASON_DEAUTH_LEAVING);
816 }
817
818 /*
819 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
820 * pkcs11_engine_path, pkcs11_module_path.
821 */
822 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
823 /*
824 * Clear forced success to clear EAP state for next
825 * authentication.
826 */
827 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
828 }
829 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
830 wpa_sm_set_config(wpa_s->wpa, NULL);
831 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
832 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
833 rsn_preauth_deinit(wpa_s->wpa);
834
835 old_ap_scan = wpa_s->conf->ap_scan;
836 wpa_config_free(wpa_s->conf);
837 wpa_s->conf = conf;
838 if (old_ap_scan != wpa_s->conf->ap_scan)
839 wpas_notify_ap_scan_changed(wpa_s);
840
841 if (reconf_ctrl)
842 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
843
844 wpa_supplicant_update_config(wpa_s);
845
846 wpa_supplicant_clear_status(wpa_s);
847 if (wpa_supplicant_enabled_networks(wpa_s)) {
848 wpa_s->reassociate = 1;
849 wpa_supplicant_req_scan(wpa_s, 0, 0);
850 }
851 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
852 return 0;
853 }
854
855
856 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
857 {
858 struct wpa_global *global = signal_ctx;
859 struct wpa_supplicant *wpa_s;
860 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
861 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
862 sig);
863 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
864 wpa_supplicant_terminate_proc(global);
865 }
866 }
867 }
868
869
870 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
871 struct wpa_ssid *ssid,
872 struct wpa_ie_data *ie)
873 {
874 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
875 if (ret) {
876 if (ret == -2) {
877 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
878 "from association info");
879 }
880 return -1;
881 }
882
883 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
884 "cipher suites");
885 if (!(ie->group_cipher & ssid->group_cipher)) {
886 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
887 "cipher 0x%x (mask 0x%x) - reject",
888 ie->group_cipher, ssid->group_cipher);
889 return -1;
890 }
891 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
892 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
893 "cipher 0x%x (mask 0x%x) - reject",
894 ie->pairwise_cipher, ssid->pairwise_cipher);
895 return -1;
896 }
897 if (!(ie->key_mgmt & ssid->key_mgmt)) {
898 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
899 "management 0x%x (mask 0x%x) - reject",
900 ie->key_mgmt, ssid->key_mgmt);
901 return -1;
902 }
903
904 #ifdef CONFIG_IEEE80211W
905 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
906 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
907 wpa_s->conf->pmf : ssid->ieee80211w) ==
908 MGMT_FRAME_PROTECTION_REQUIRED) {
909 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
910 "that does not support management frame protection - "
911 "reject");
912 return -1;
913 }
914 #endif /* CONFIG_IEEE80211W */
915
916 return 0;
917 }
918
919
920 /**
921 * wpa_supplicant_set_suites - Set authentication and encryption parameters
922 * @wpa_s: Pointer to wpa_supplicant data
923 * @bss: Scan results for the selected BSS, or %NULL if not available
924 * @ssid: Configuration data for the selected network
925 * @wpa_ie: Buffer for the WPA/RSN IE
926 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
927 * used buffer length in case the functions returns success.
928 * Returns: 0 on success or -1 on failure
929 *
930 * This function is used to configure authentication and encryption parameters
931 * based on the network configuration and scan result for the selected BSS (if
932 * available).
933 */
934 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
935 struct wpa_bss *bss, struct wpa_ssid *ssid,
936 u8 *wpa_ie, size_t *wpa_ie_len)
937 {
938 struct wpa_ie_data ie;
939 int sel, proto;
940 const u8 *bss_wpa, *bss_rsn, *bss_osen;
941
942 if (bss) {
943 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
944 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
945 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
946 } else
947 bss_wpa = bss_rsn = bss_osen = NULL;
948
949 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
950 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
951 (ie.group_cipher & ssid->group_cipher) &&
952 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
953 (ie.key_mgmt & ssid->key_mgmt)) {
954 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
955 proto = WPA_PROTO_RSN;
956 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
957 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
958 (ie.group_cipher & ssid->group_cipher) &&
959 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
960 (ie.key_mgmt & ssid->key_mgmt)) {
961 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
962 proto = WPA_PROTO_WPA;
963 #ifdef CONFIG_HS20
964 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
965 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
966 /* TODO: parse OSEN element */
967 ie.group_cipher = WPA_CIPHER_CCMP;
968 ie.pairwise_cipher = WPA_CIPHER_CCMP;
969 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
970 proto = WPA_PROTO_OSEN;
971 #endif /* CONFIG_HS20 */
972 } else if (bss) {
973 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
974 return -1;
975 } else {
976 if (ssid->proto & WPA_PROTO_OSEN)
977 proto = WPA_PROTO_OSEN;
978 else if (ssid->proto & WPA_PROTO_RSN)
979 proto = WPA_PROTO_RSN;
980 else
981 proto = WPA_PROTO_WPA;
982 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
983 os_memset(&ie, 0, sizeof(ie));
984 ie.group_cipher = ssid->group_cipher;
985 ie.pairwise_cipher = ssid->pairwise_cipher;
986 ie.key_mgmt = ssid->key_mgmt;
987 #ifdef CONFIG_IEEE80211W
988 ie.mgmt_group_cipher =
989 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
990 WPA_CIPHER_AES_128_CMAC : 0;
991 #endif /* CONFIG_IEEE80211W */
992 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
993 "based on configuration");
994 } else
995 proto = ie.proto;
996 }
997
998 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
999 "pairwise %d key_mgmt %d proto %d",
1000 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1001 #ifdef CONFIG_IEEE80211W
1002 if (ssid->ieee80211w) {
1003 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1004 ie.mgmt_group_cipher);
1005 }
1006 #endif /* CONFIG_IEEE80211W */
1007
1008 wpa_s->wpa_proto = proto;
1009 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1010 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1011 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1012
1013 if (bss || !wpa_s->ap_ies_from_associnfo) {
1014 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1015 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1016 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1017 bss_rsn ? 2 + bss_rsn[1] : 0))
1018 return -1;
1019 }
1020
1021 sel = ie.group_cipher & ssid->group_cipher;
1022 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1023 if (wpa_s->group_cipher < 0) {
1024 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1025 "cipher");
1026 return -1;
1027 }
1028 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1029 wpa_cipher_txt(wpa_s->group_cipher));
1030
1031 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1032 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1033 if (wpa_s->pairwise_cipher < 0) {
1034 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1035 "cipher");
1036 return -1;
1037 }
1038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1039 wpa_cipher_txt(wpa_s->pairwise_cipher));
1040
1041 sel = ie.key_mgmt & ssid->key_mgmt;
1042 #ifdef CONFIG_SAE
1043 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1044 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1045 #endif /* CONFIG_SAE */
1046 if (0) {
1047 #ifdef CONFIG_IEEE80211R
1048 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1049 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1050 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1051 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1052 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1053 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1054 #endif /* CONFIG_IEEE80211R */
1055 #ifdef CONFIG_SAE
1056 } else if (sel & WPA_KEY_MGMT_SAE) {
1057 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1058 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1059 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1060 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1061 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1062 #endif /* CONFIG_SAE */
1063 #ifdef CONFIG_IEEE80211W
1064 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1065 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1066 wpa_dbg(wpa_s, MSG_DEBUG,
1067 "WPA: using KEY_MGMT 802.1X with SHA256");
1068 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1069 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1070 wpa_dbg(wpa_s, MSG_DEBUG,
1071 "WPA: using KEY_MGMT PSK with SHA256");
1072 #endif /* CONFIG_IEEE80211W */
1073 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1074 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1075 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1076 } else if (sel & WPA_KEY_MGMT_PSK) {
1077 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1078 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1079 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1081 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1082 #ifdef CONFIG_HS20
1083 } else if (sel & WPA_KEY_MGMT_OSEN) {
1084 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1085 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1086 #endif /* CONFIG_HS20 */
1087 } else {
1088 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1089 "authenticated key management type");
1090 return -1;
1091 }
1092
1093 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1094 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1095 wpa_s->pairwise_cipher);
1096 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1097
1098 #ifdef CONFIG_IEEE80211W
1099 sel = ie.mgmt_group_cipher;
1100 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1101 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1102 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1103 sel = 0;
1104 if (sel & WPA_CIPHER_AES_128_CMAC) {
1105 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1106 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1107 "AES-128-CMAC");
1108 } else {
1109 wpa_s->mgmt_group_cipher = 0;
1110 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1111 }
1112 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1113 wpa_s->mgmt_group_cipher);
1114 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1115 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1116 wpa_s->conf->pmf : ssid->ieee80211w));
1117 #endif /* CONFIG_IEEE80211W */
1118
1119 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1120 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1121 return -1;
1122 }
1123
1124 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1125 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1126 #ifndef CONFIG_NO_PBKDF2
1127 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1128 ssid->passphrase) {
1129 u8 psk[PMK_LEN];
1130 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1131 4096, psk, PMK_LEN);
1132 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1133 psk, PMK_LEN);
1134 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1135 }
1136 #endif /* CONFIG_NO_PBKDF2 */
1137 #ifdef CONFIG_EXT_PASSWORD
1138 if (ssid->ext_psk) {
1139 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1140 ssid->ext_psk);
1141 char pw_str[64 + 1];
1142 u8 psk[PMK_LEN];
1143
1144 if (pw == NULL) {
1145 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1146 "found from external storage");
1147 return -1;
1148 }
1149
1150 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1151 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1152 "PSK length %d in external storage",
1153 (int) wpabuf_len(pw));
1154 ext_password_free(pw);
1155 return -1;
1156 }
1157
1158 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1159 pw_str[wpabuf_len(pw)] = '\0';
1160
1161 #ifndef CONFIG_NO_PBKDF2
1162 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1163 {
1164 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1165 4096, psk, PMK_LEN);
1166 os_memset(pw_str, 0, sizeof(pw_str));
1167 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1168 "external passphrase)",
1169 psk, PMK_LEN);
1170 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1171 } else
1172 #endif /* CONFIG_NO_PBKDF2 */
1173 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1174 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1175 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1176 "Invalid PSK hex string");
1177 os_memset(pw_str, 0, sizeof(pw_str));
1178 ext_password_free(pw);
1179 return -1;
1180 }
1181 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1182 } else {
1183 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1184 "PSK available");
1185 os_memset(pw_str, 0, sizeof(pw_str));
1186 ext_password_free(pw);
1187 return -1;
1188 }
1189
1190 os_memset(pw_str, 0, sizeof(pw_str));
1191 ext_password_free(pw);
1192 }
1193 #endif /* CONFIG_EXT_PASSWORD */
1194 } else
1195 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1196
1197 return 0;
1198 }
1199
1200
1201 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1202 {
1203 *pos = 0x00;
1204
1205 switch (idx) {
1206 case 0: /* Bits 0-7 */
1207 break;
1208 case 1: /* Bits 8-15 */
1209 break;
1210 case 2: /* Bits 16-23 */
1211 #ifdef CONFIG_WNM
1212 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1213 *pos |= 0x08; /* Bit 19 - BSS Transition */
1214 #endif /* CONFIG_WNM */
1215 break;
1216 case 3: /* Bits 24-31 */
1217 #ifdef CONFIG_WNM
1218 *pos |= 0x02; /* Bit 25 - SSID List */
1219 #endif /* CONFIG_WNM */
1220 #ifdef CONFIG_INTERWORKING
1221 if (wpa_s->conf->interworking)
1222 *pos |= 0x80; /* Bit 31 - Interworking */
1223 #endif /* CONFIG_INTERWORKING */
1224 break;
1225 case 4: /* Bits 32-39 */
1226 #ifdef CONFIG_INTERWORKING
1227 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1228 *pos |= 0x01; /* Bit 32 - QoS Map */
1229 #endif /* CONFIG_INTERWORKING */
1230 break;
1231 case 5: /* Bits 40-47 */
1232 #ifdef CONFIG_HS20
1233 if (wpa_s->conf->hs20)
1234 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1235 #endif /* CONFIG_HS20 */
1236 break;
1237 case 6: /* Bits 48-55 */
1238 break;
1239 }
1240 }
1241
1242
1243 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1244 {
1245 u8 *pos = buf;
1246 u8 len = 6, i;
1247
1248 if (len < wpa_s->extended_capa_len)
1249 len = wpa_s->extended_capa_len;
1250
1251 *pos++ = WLAN_EID_EXT_CAPAB;
1252 *pos++ = len;
1253 for (i = 0; i < len; i++, pos++) {
1254 wpas_ext_capab_byte(wpa_s, pos, i);
1255
1256 if (i < wpa_s->extended_capa_len) {
1257 *pos &= ~wpa_s->extended_capa_mask[i];
1258 *pos |= wpa_s->extended_capa[i];
1259 }
1260 }
1261
1262 while (len > 0 && buf[1 + len] == 0) {
1263 len--;
1264 buf[1] = len;
1265 }
1266 if (len == 0)
1267 return 0;
1268
1269 return 2 + len;
1270 }
1271
1272
1273 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1274 struct wpa_bss *test_bss)
1275 {
1276 struct wpa_bss *bss;
1277
1278 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1279 if (bss == test_bss)
1280 return 1;
1281 }
1282
1283 return 0;
1284 }
1285
1286
1287 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1288 struct wpa_ssid *test_ssid)
1289 {
1290 struct wpa_ssid *ssid;
1291
1292 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1293 if (ssid == test_ssid)
1294 return 1;
1295 }
1296
1297 return 0;
1298 }
1299
1300
1301 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1302 struct wpa_ssid *test_ssid)
1303 {
1304 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1305 return 0;
1306
1307 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1308 }
1309
1310
1311 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1312 {
1313 if (cwork == NULL)
1314 return;
1315 os_free(cwork);
1316 }
1317
1318
1319 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1320 {
1321 struct wpa_connect_work *cwork;
1322 struct wpa_radio_work *work = wpa_s->connect_work;
1323
1324 if (!work)
1325 return;
1326
1327 wpa_s->connect_work = NULL;
1328 cwork = work->ctx;
1329 work->ctx = NULL;
1330 wpas_connect_work_free(cwork);
1331 radio_work_done(work);
1332 }
1333
1334
1335 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1336
1337 /**
1338 * wpa_supplicant_associate - Request association
1339 * @wpa_s: Pointer to wpa_supplicant data
1340 * @bss: Scan results for the selected BSS, or %NULL if not available
1341 * @ssid: Configuration data for the selected network
1342 *
1343 * This function is used to request %wpa_supplicant to associate with a BSS.
1344 */
1345 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1346 struct wpa_bss *bss, struct wpa_ssid *ssid)
1347 {
1348 struct wpa_connect_work *cwork;
1349
1350 #ifdef CONFIG_IBSS_RSN
1351 ibss_rsn_deinit(wpa_s->ibss_rsn);
1352 wpa_s->ibss_rsn = NULL;
1353 #endif /* CONFIG_IBSS_RSN */
1354
1355 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1356 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1357 #ifdef CONFIG_AP
1358 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1359 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1360 "mode");
1361 return;
1362 }
1363 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1364 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1365 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1366 wpas_p2p_ap_setup_failed(wpa_s);
1367 return;
1368 }
1369 wpa_s->current_bss = bss;
1370 #else /* CONFIG_AP */
1371 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1372 "the build");
1373 #endif /* CONFIG_AP */
1374 return;
1375 }
1376
1377 #ifdef CONFIG_TDLS
1378 if (bss)
1379 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1380 bss->ie_len);
1381 #endif /* CONFIG_TDLS */
1382
1383 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1384 ssid->mode == IEEE80211_MODE_INFRA) {
1385 sme_authenticate(wpa_s, bss, ssid);
1386 return;
1387 }
1388
1389 if (wpa_s->connect_work) {
1390 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1391 return;
1392 }
1393
1394 if (radio_work_pending(wpa_s, "connect")) {
1395 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1396 return;
1397 }
1398
1399 cwork = os_zalloc(sizeof(*cwork));
1400 if (cwork == NULL)
1401 return;
1402
1403 cwork->bss = bss;
1404 cwork->ssid = ssid;
1405
1406 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1407 wpas_start_assoc_cb, cwork) < 0) {
1408 os_free(cwork);
1409 }
1410 }
1411
1412
1413 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1414 {
1415 struct wpa_connect_work *cwork = work->ctx;
1416 struct wpa_bss *bss = cwork->bss;
1417 struct wpa_ssid *ssid = cwork->ssid;
1418 struct wpa_supplicant *wpa_s = work->wpa_s;
1419 u8 wpa_ie[200];
1420 size_t wpa_ie_len;
1421 int use_crypt, ret, i, bssid_changed;
1422 int algs = WPA_AUTH_ALG_OPEN;
1423 unsigned int cipher_pairwise, cipher_group;
1424 struct wpa_driver_associate_params params;
1425 int wep_keys_set = 0;
1426 int assoc_failed = 0;
1427 struct wpa_ssid *old_ssid;
1428 #ifdef CONFIG_HT_OVERRIDES
1429 struct ieee80211_ht_capabilities htcaps;
1430 struct ieee80211_ht_capabilities htcaps_mask;
1431 #endif /* CONFIG_HT_OVERRIDES */
1432
1433 if (deinit) {
1434 if (work->started) {
1435 wpa_s->connect_work = NULL;
1436
1437 /* cancel possible auth. timeout */
1438 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1439 NULL);
1440 }
1441 wpas_connect_work_free(cwork);
1442 return;
1443 }
1444
1445 wpa_s->connect_work = work;
1446
1447 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1448 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1449 wpas_connect_work_done(wpa_s);
1450 return;
1451 }
1452
1453 os_memset(&params, 0, sizeof(params));
1454 wpa_s->reassociate = 0;
1455 wpa_s->eap_expected_failure = 0;
1456 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1457 #ifdef CONFIG_IEEE80211R
1458 const u8 *ie, *md = NULL;
1459 #endif /* CONFIG_IEEE80211R */
1460 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1461 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1462 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1463 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1464 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1465 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1466 if (bssid_changed)
1467 wpas_notify_bssid_changed(wpa_s);
1468 #ifdef CONFIG_IEEE80211R
1469 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1470 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1471 md = ie + 2;
1472 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1473 if (md) {
1474 /* Prepare for the next transition */
1475 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1476 }
1477 #endif /* CONFIG_IEEE80211R */
1478 #ifdef CONFIG_WPS
1479 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1480 wpa_s->conf->ap_scan == 2 &&
1481 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1482 /* Use ap_scan==1 style network selection to find the network
1483 */
1484 wpa_s->scan_req = MANUAL_SCAN_REQ;
1485 wpa_s->reassociate = 1;
1486 wpa_supplicant_req_scan(wpa_s, 0, 0);
1487 return;
1488 #endif /* CONFIG_WPS */
1489 } else {
1490 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1491 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1492 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1493 }
1494 wpa_supplicant_cancel_sched_scan(wpa_s);
1495 wpa_supplicant_cancel_scan(wpa_s);
1496
1497 /* Starting new association, so clear the possibly used WPA IE from the
1498 * previous association. */
1499 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1500
1501 #ifdef IEEE8021X_EAPOL
1502 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1503 if (ssid->leap) {
1504 if (ssid->non_leap == 0)
1505 algs = WPA_AUTH_ALG_LEAP;
1506 else
1507 algs |= WPA_AUTH_ALG_LEAP;
1508 }
1509 }
1510 #endif /* IEEE8021X_EAPOL */
1511 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1512 if (ssid->auth_alg) {
1513 algs = ssid->auth_alg;
1514 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1515 "0x%x", algs);
1516 }
1517
1518 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1519 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1520 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1521 int try_opportunistic;
1522 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1523 wpa_s->conf->okc :
1524 ssid->proactive_key_caching) &&
1525 (ssid->proto & WPA_PROTO_RSN);
1526 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1527 ssid, try_opportunistic) == 0)
1528 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1529 wpa_ie_len = sizeof(wpa_ie);
1530 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1531 wpa_ie, &wpa_ie_len)) {
1532 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1533 "key management and encryption suites");
1534 return;
1535 }
1536 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1537 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1538 /*
1539 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1540 * use non-WPA since the scan results did not indicate that the
1541 * AP is using WPA or WPA2.
1542 */
1543 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1544 wpa_ie_len = 0;
1545 wpa_s->wpa_proto = 0;
1546 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1547 wpa_ie_len = sizeof(wpa_ie);
1548 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1549 wpa_ie, &wpa_ie_len)) {
1550 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1551 "key management and encryption suites (no "
1552 "scan results)");
1553 return;
1554 }
1555 #ifdef CONFIG_WPS
1556 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1557 struct wpabuf *wps_ie;
1558 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1559 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1560 wpa_ie_len = wpabuf_len(wps_ie);
1561 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1562 } else
1563 wpa_ie_len = 0;
1564 wpabuf_free(wps_ie);
1565 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1566 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1567 params.wps = WPS_MODE_PRIVACY;
1568 else
1569 params.wps = WPS_MODE_OPEN;
1570 wpa_s->wpa_proto = 0;
1571 #endif /* CONFIG_WPS */
1572 } else {
1573 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1574 wpa_ie_len = 0;
1575 wpa_s->wpa_proto = 0;
1576 }
1577
1578 #ifdef CONFIG_P2P
1579 if (wpa_s->global->p2p) {
1580 u8 *pos;
1581 size_t len;
1582 int res;
1583 pos = wpa_ie + wpa_ie_len;
1584 len = sizeof(wpa_ie) - wpa_ie_len;
1585 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1586 ssid->p2p_group);
1587 if (res >= 0)
1588 wpa_ie_len += res;
1589 }
1590
1591 wpa_s->cross_connect_disallowed = 0;
1592 if (bss) {
1593 struct wpabuf *p2p;
1594 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1595 if (p2p) {
1596 wpa_s->cross_connect_disallowed =
1597 p2p_get_cross_connect_disallowed(p2p);
1598 wpabuf_free(p2p);
1599 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1600 "connection",
1601 wpa_s->cross_connect_disallowed ?
1602 "disallows" : "allows");
1603 }
1604 }
1605
1606 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1607 #endif /* CONFIG_P2P */
1608
1609 #ifdef CONFIG_HS20
1610 if (is_hs20_network(wpa_s, ssid, bss)) {
1611 struct wpabuf *hs20;
1612 hs20 = wpabuf_alloc(20);
1613 if (hs20) {
1614 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1615 wpas_hs20_add_indication(hs20, pps_mo_id);
1616 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1617 wpabuf_len(hs20));
1618 wpa_ie_len += wpabuf_len(hs20);
1619 wpabuf_free(hs20);
1620 }
1621 }
1622 #endif /* CONFIG_HS20 */
1623
1624 /*
1625 * Workaround: Add Extended Capabilities element only if the AP
1626 * included this element in Beacon/Probe Response frames. Some older
1627 * APs seem to have interoperability issues if this element is
1628 * included, so while the standard may require us to include the
1629 * element in all cases, it is justifiable to skip it to avoid
1630 * interoperability issues.
1631 */
1632 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1633 u8 ext_capab[10];
1634 int ext_capab_len;
1635 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1636 if (ext_capab_len > 0) {
1637 u8 *pos = wpa_ie;
1638 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1639 pos += 2 + pos[1];
1640 os_memmove(pos + ext_capab_len, pos,
1641 wpa_ie_len - (pos - wpa_ie));
1642 wpa_ie_len += ext_capab_len;
1643 os_memcpy(pos, ext_capab, ext_capab_len);
1644 }
1645 }
1646
1647 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1648 use_crypt = 1;
1649 cipher_pairwise = wpa_s->pairwise_cipher;
1650 cipher_group = wpa_s->group_cipher;
1651 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1652 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1653 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1654 use_crypt = 0;
1655 if (wpa_set_wep_keys(wpa_s, ssid)) {
1656 use_crypt = 1;
1657 wep_keys_set = 1;
1658 }
1659 }
1660 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1661 use_crypt = 0;
1662
1663 #ifdef IEEE8021X_EAPOL
1664 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1665 if ((ssid->eapol_flags &
1666 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1667 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1668 !wep_keys_set) {
1669 use_crypt = 0;
1670 } else {
1671 /* Assume that dynamic WEP-104 keys will be used and
1672 * set cipher suites in order for drivers to expect
1673 * encryption. */
1674 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1675 }
1676 }
1677 #endif /* IEEE8021X_EAPOL */
1678
1679 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1680 /* Set the key before (and later after) association */
1681 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1682 }
1683
1684 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1685 if (bss) {
1686 params.ssid = bss->ssid;
1687 params.ssid_len = bss->ssid_len;
1688 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1689 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1690 MACSTR " freq=%u MHz based on scan results "
1691 "(bssid_set=%d)",
1692 MAC2STR(bss->bssid), bss->freq,
1693 ssid->bssid_set);
1694 params.bssid = bss->bssid;
1695 params.freq = bss->freq;
1696 }
1697 params.bssid_hint = bss->bssid;
1698 params.freq_hint = bss->freq;
1699 } else {
1700 params.ssid = ssid->ssid;
1701 params.ssid_len = ssid->ssid_len;
1702 }
1703
1704 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1705 wpa_s->conf->ap_scan == 2) {
1706 params.bssid = ssid->bssid;
1707 params.fixed_bssid = 1;
1708 }
1709
1710 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1711 params.freq == 0)
1712 params.freq = ssid->frequency; /* Initial channel for IBSS */
1713 params.wpa_ie = wpa_ie;
1714 params.wpa_ie_len = wpa_ie_len;
1715 params.pairwise_suite = cipher_pairwise;
1716 params.group_suite = cipher_group;
1717 params.key_mgmt_suite = wpa_s->key_mgmt;
1718 params.wpa_proto = wpa_s->wpa_proto;
1719 params.auth_alg = algs;
1720 params.mode = ssid->mode;
1721 params.bg_scan_period = ssid->bg_scan_period;
1722 for (i = 0; i < NUM_WEP_KEYS; i++) {
1723 if (ssid->wep_key_len[i])
1724 params.wep_key[i] = ssid->wep_key[i];
1725 params.wep_key_len[i] = ssid->wep_key_len[i];
1726 }
1727 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1728
1729 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1730 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1731 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1732 params.passphrase = ssid->passphrase;
1733 if (ssid->psk_set)
1734 params.psk = ssid->psk;
1735 }
1736
1737 params.drop_unencrypted = use_crypt;
1738
1739 #ifdef CONFIG_IEEE80211W
1740 params.mgmt_frame_protection =
1741 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1742 wpa_s->conf->pmf : ssid->ieee80211w;
1743 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1744 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1745 struct wpa_ie_data ie;
1746 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1747 ie.capabilities &
1748 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1749 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1750 "MFP: require MFP");
1751 params.mgmt_frame_protection =
1752 MGMT_FRAME_PROTECTION_REQUIRED;
1753 }
1754 }
1755 #endif /* CONFIG_IEEE80211W */
1756
1757 params.p2p = ssid->p2p_group;
1758
1759 if (wpa_s->parent->set_sta_uapsd)
1760 params.uapsd = wpa_s->parent->sta_uapsd;
1761 else
1762 params.uapsd = -1;
1763
1764 #ifdef CONFIG_HT_OVERRIDES
1765 os_memset(&htcaps, 0, sizeof(htcaps));
1766 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1767 params.htcaps = (u8 *) &htcaps;
1768 params.htcaps_mask = (u8 *) &htcaps_mask;
1769 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1770 #endif /* CONFIG_HT_OVERRIDES */
1771
1772 #ifdef CONFIG_P2P
1773 /*
1774 * If multi-channel concurrency is not supported, check for any
1775 * frequency conflict. In case of any frequency conflict, remove the
1776 * least prioritized connection.
1777 */
1778 if (wpa_s->num_multichan_concurrent < 2) {
1779 int freq = wpa_drv_shared_freq(wpa_s);
1780 if (freq > 0 && freq != params.freq) {
1781 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1782 freq, params.freq);
1783 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1784 params.freq,
1785 ssid) < 0)
1786 return;
1787 }
1788 }
1789 #endif /* CONFIG_P2P */
1790
1791 ret = wpa_drv_associate(wpa_s, &params);
1792 if (ret < 0) {
1793 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1794 "failed");
1795 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1796 /*
1797 * The driver is known to mean what is saying, so we
1798 * can stop right here; the association will not
1799 * succeed.
1800 */
1801 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1802 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1803 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1804 return;
1805 }
1806 /* try to continue anyway; new association will be tried again
1807 * after timeout */
1808 assoc_failed = 1;
1809 }
1810
1811 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1812 /* Set the key after the association just in case association
1813 * cleared the previously configured key. */
1814 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1815 /* No need to timeout authentication since there is no key
1816 * management. */
1817 wpa_supplicant_cancel_auth_timeout(wpa_s);
1818 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1819 #ifdef CONFIG_IBSS_RSN
1820 } else if (ssid->mode == WPAS_MODE_IBSS &&
1821 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1822 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1823 /*
1824 * RSN IBSS authentication is per-STA and we can disable the
1825 * per-BSSID authentication.
1826 */
1827 wpa_supplicant_cancel_auth_timeout(wpa_s);
1828 #endif /* CONFIG_IBSS_RSN */
1829 } else {
1830 /* Timeout for IEEE 802.11 authentication and association */
1831 int timeout = 60;
1832
1833 if (assoc_failed) {
1834 /* give IBSS a bit more time */
1835 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1836 } else if (wpa_s->conf->ap_scan == 1) {
1837 /* give IBSS a bit more time */
1838 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1839 }
1840 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1841 }
1842
1843 if (wep_keys_set &&
1844 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1845 /* Set static WEP keys again */
1846 wpa_set_wep_keys(wpa_s, ssid);
1847 }
1848
1849 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1850 /*
1851 * Do not allow EAP session resumption between different
1852 * network configurations.
1853 */
1854 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1855 }
1856 old_ssid = wpa_s->current_ssid;
1857 wpa_s->current_ssid = ssid;
1858 wpa_s->current_bss = bss;
1859 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1860 wpa_supplicant_initiate_eapol(wpa_s);
1861 if (old_ssid != wpa_s->current_ssid)
1862 wpas_notify_network_changed(wpa_s);
1863 }
1864
1865
1866 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1867 const u8 *addr)
1868 {
1869 struct wpa_ssid *old_ssid;
1870
1871 wpa_clear_keys(wpa_s, addr);
1872 old_ssid = wpa_s->current_ssid;
1873 wpa_supplicant_mark_disassoc(wpa_s);
1874 wpa_sm_set_config(wpa_s->wpa, NULL);
1875 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1876 if (old_ssid != wpa_s->current_ssid)
1877 wpas_notify_network_changed(wpa_s);
1878 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1879 }
1880
1881
1882 /**
1883 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1884 * @wpa_s: Pointer to wpa_supplicant data
1885 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1886 *
1887 * This function is used to request %wpa_supplicant to deauthenticate from the
1888 * current AP.
1889 */
1890 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1891 int reason_code)
1892 {
1893 u8 *addr = NULL;
1894 union wpa_event_data event;
1895 int zero_addr = 0;
1896
1897 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1898 " pending_bssid=" MACSTR " reason=%d state=%s",
1899 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1900 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1901
1902 if (!is_zero_ether_addr(wpa_s->bssid))
1903 addr = wpa_s->bssid;
1904 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1905 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1906 wpa_s->wpa_state == WPA_ASSOCIATING))
1907 addr = wpa_s->pending_bssid;
1908 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1909 /*
1910 * When using driver-based BSS selection, we may not know the
1911 * BSSID with which we are currently trying to associate. We
1912 * need to notify the driver of this disconnection even in such
1913 * a case, so use the all zeros address here.
1914 */
1915 addr = wpa_s->bssid;
1916 zero_addr = 1;
1917 }
1918
1919 #ifdef CONFIG_TDLS
1920 wpa_tdls_teardown_peers(wpa_s->wpa);
1921 #endif /* CONFIG_TDLS */
1922
1923 if (addr) {
1924 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1925 os_memset(&event, 0, sizeof(event));
1926 event.deauth_info.reason_code = (u16) reason_code;
1927 event.deauth_info.locally_generated = 1;
1928 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1929 if (zero_addr)
1930 addr = NULL;
1931 }
1932
1933 wpa_supplicant_clear_connection(wpa_s, addr);
1934 }
1935
1936 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1937 struct wpa_ssid *ssid)
1938 {
1939 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1940 return;
1941
1942 ssid->disabled = 0;
1943 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1944 wpas_notify_network_enabled_changed(wpa_s, ssid);
1945
1946 /*
1947 * Try to reassociate since there is no current configuration and a new
1948 * network was made available.
1949 */
1950 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1951 wpa_s->reassociate = 1;
1952 }
1953
1954
1955 /**
1956 * wpa_supplicant_enable_network - Mark a configured network as enabled
1957 * @wpa_s: wpa_supplicant structure for a network interface
1958 * @ssid: wpa_ssid structure for a configured network or %NULL
1959 *
1960 * Enables the specified network or all networks if no network specified.
1961 */
1962 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1963 struct wpa_ssid *ssid)
1964 {
1965 if (ssid == NULL) {
1966 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1967 wpa_supplicant_enable_one_network(wpa_s, ssid);
1968 } else
1969 wpa_supplicant_enable_one_network(wpa_s, ssid);
1970
1971 if (wpa_s->reassociate && !wpa_s->disconnected) {
1972 if (wpa_s->sched_scanning) {
1973 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1974 "new network to scan filters");
1975 wpa_supplicant_cancel_sched_scan(wpa_s);
1976 }
1977
1978 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1979 wpa_supplicant_req_scan(wpa_s, 0, 0);
1980 }
1981 }
1982
1983
1984 /**
1985 * wpa_supplicant_disable_network - Mark a configured network as disabled
1986 * @wpa_s: wpa_supplicant structure for a network interface
1987 * @ssid: wpa_ssid structure for a configured network or %NULL
1988 *
1989 * Disables the specified network or all networks if no network specified.
1990 */
1991 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1992 struct wpa_ssid *ssid)
1993 {
1994 struct wpa_ssid *other_ssid;
1995 int was_disabled;
1996
1997 if (ssid == NULL) {
1998 if (wpa_s->sched_scanning)
1999 wpa_supplicant_cancel_sched_scan(wpa_s);
2000
2001 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2002 other_ssid = other_ssid->next) {
2003 was_disabled = other_ssid->disabled;
2004 if (was_disabled == 2)
2005 continue; /* do not change persistent P2P group
2006 * data */
2007
2008 other_ssid->disabled = 1;
2009
2010 if (was_disabled != other_ssid->disabled)
2011 wpas_notify_network_enabled_changed(
2012 wpa_s, other_ssid);
2013 }
2014 if (wpa_s->current_ssid)
2015 wpa_supplicant_deauthenticate(
2016 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2017 } else if (ssid->disabled != 2) {
2018 if (ssid == wpa_s->current_ssid)
2019 wpa_supplicant_deauthenticate(
2020 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2021
2022 was_disabled = ssid->disabled;
2023
2024 ssid->disabled = 1;
2025
2026 if (was_disabled != ssid->disabled) {
2027 wpas_notify_network_enabled_changed(wpa_s, ssid);
2028 if (wpa_s->sched_scanning) {
2029 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2030 "to remove network from filters");
2031 wpa_supplicant_cancel_sched_scan(wpa_s);
2032 wpa_supplicant_req_scan(wpa_s, 0, 0);
2033 }
2034 }
2035 }
2036 }
2037
2038
2039 /**
2040 * wpa_supplicant_select_network - Attempt association with a network
2041 * @wpa_s: wpa_supplicant structure for a network interface
2042 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2043 */
2044 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2045 struct wpa_ssid *ssid)
2046 {
2047
2048 struct wpa_ssid *other_ssid;
2049 int disconnected = 0;
2050
2051 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2052 wpa_supplicant_deauthenticate(
2053 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2054 disconnected = 1;
2055 }
2056
2057 if (ssid)
2058 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2059
2060 /*
2061 * Mark all other networks disabled or mark all networks enabled if no
2062 * network specified.
2063 */
2064 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2065 other_ssid = other_ssid->next) {
2066 int was_disabled = other_ssid->disabled;
2067 if (was_disabled == 2)
2068 continue; /* do not change persistent P2P group data */
2069
2070 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2071 if (was_disabled && !other_ssid->disabled)
2072 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2073
2074 if (was_disabled != other_ssid->disabled)
2075 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2076 }
2077
2078 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2079 /* We are already associated with the selected network */
2080 wpa_printf(MSG_DEBUG, "Already associated with the "
2081 "selected network - do nothing");
2082 return;
2083 }
2084
2085 if (ssid) {
2086 wpa_s->current_ssid = ssid;
2087 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2088 }
2089 wpa_s->connect_without_scan = NULL;
2090 wpa_s->disconnected = 0;
2091 wpa_s->reassociate = 1;
2092
2093 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2094 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2095
2096 if (ssid)
2097 wpas_notify_network_selected(wpa_s, ssid);
2098 }
2099
2100
2101 /**
2102 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2103 * @wpa_s: wpa_supplicant structure for a network interface
2104 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2105 * @pkcs11_module_path: PKCS #11 module path or NULL
2106 * Returns: 0 on success; -1 on failure
2107 *
2108 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2109 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2110 * module path fails the paths will be reset to the default value (NULL).
2111 */
2112 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2113 const char *pkcs11_engine_path,
2114 const char *pkcs11_module_path)
2115 {
2116 char *pkcs11_engine_path_copy = NULL;
2117 char *pkcs11_module_path_copy = NULL;
2118
2119 if (pkcs11_engine_path != NULL) {
2120 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2121 if (pkcs11_engine_path_copy == NULL)
2122 return -1;
2123 }
2124 if (pkcs11_module_path != NULL) {
2125 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2126 if (pkcs11_module_path_copy == NULL) {
2127 os_free(pkcs11_engine_path_copy);
2128 return -1;
2129 }
2130 }
2131
2132 os_free(wpa_s->conf->pkcs11_engine_path);
2133 os_free(wpa_s->conf->pkcs11_module_path);
2134 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2135 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2136
2137 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2138 eapol_sm_deinit(wpa_s->eapol);
2139 wpa_s->eapol = NULL;
2140 if (wpa_supplicant_init_eapol(wpa_s)) {
2141 /* Error -> Reset paths to the default value (NULL) once. */
2142 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2143 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2144 NULL);
2145
2146 return -1;
2147 }
2148 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2149
2150 return 0;
2151 }
2152
2153
2154 /**
2155 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2156 * @wpa_s: wpa_supplicant structure for a network interface
2157 * @ap_scan: AP scan mode
2158 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2159 *
2160 */
2161 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2162 {
2163
2164 int old_ap_scan;
2165
2166 if (ap_scan < 0 || ap_scan > 2)
2167 return -1;
2168
2169 #ifdef ANDROID
2170 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2171 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2172 wpa_s->wpa_state < WPA_COMPLETED) {
2173 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2174 "associating", wpa_s->conf->ap_scan, ap_scan);
2175 return 0;
2176 }
2177 #endif /* ANDROID */
2178
2179 old_ap_scan = wpa_s->conf->ap_scan;
2180 wpa_s->conf->ap_scan = ap_scan;
2181
2182 if (old_ap_scan != wpa_s->conf->ap_scan)
2183 wpas_notify_ap_scan_changed(wpa_s);
2184
2185 return 0;
2186 }
2187
2188
2189 /**
2190 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2191 * @wpa_s: wpa_supplicant structure for a network interface
2192 * @expire_age: Expiration age in seconds
2193 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2194 *
2195 */
2196 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2197 unsigned int bss_expire_age)
2198 {
2199 if (bss_expire_age < 10) {
2200 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2201 bss_expire_age);
2202 return -1;
2203 }
2204 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2205 bss_expire_age);
2206 wpa_s->conf->bss_expiration_age = bss_expire_age;
2207
2208 return 0;
2209 }
2210
2211
2212 /**
2213 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2214 * @wpa_s: wpa_supplicant structure for a network interface
2215 * @expire_count: number of scans after which an unseen BSS is reclaimed
2216 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2217 *
2218 */
2219 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2220 unsigned int bss_expire_count)
2221 {
2222 if (bss_expire_count < 1) {
2223 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2224 bss_expire_count);
2225 return -1;
2226 }
2227 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2228 bss_expire_count);
2229 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2230
2231 return 0;
2232 }
2233
2234
2235 /**
2236 * wpa_supplicant_set_scan_interval - Set scan interval
2237 * @wpa_s: wpa_supplicant structure for a network interface
2238 * @scan_interval: scan interval in seconds
2239 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2240 *
2241 */
2242 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2243 int scan_interval)
2244 {
2245 if (scan_interval < 0) {
2246 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2247 scan_interval);
2248 return -1;
2249 }
2250 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2251 scan_interval);
2252 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2253
2254 return 0;
2255 }
2256
2257
2258 /**
2259 * wpa_supplicant_set_debug_params - Set global debug params
2260 * @global: wpa_global structure
2261 * @debug_level: debug level
2262 * @debug_timestamp: determines if show timestamp in debug data
2263 * @debug_show_keys: determines if show keys in debug data
2264 * Returns: 0 if succeed or -1 if debug_level has wrong value
2265 */
2266 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2267 int debug_timestamp, int debug_show_keys)
2268 {
2269
2270 int old_level, old_timestamp, old_show_keys;
2271
2272 /* check for allowed debuglevels */
2273 if (debug_level != MSG_EXCESSIVE &&
2274 debug_level != MSG_MSGDUMP &&
2275 debug_level != MSG_DEBUG &&
2276 debug_level != MSG_INFO &&
2277 debug_level != MSG_WARNING &&
2278 debug_level != MSG_ERROR)
2279 return -1;
2280
2281 old_level = wpa_debug_level;
2282 old_timestamp = wpa_debug_timestamp;
2283 old_show_keys = wpa_debug_show_keys;
2284
2285 wpa_debug_level = debug_level;
2286 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2287 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2288
2289 if (wpa_debug_level != old_level)
2290 wpas_notify_debug_level_changed(global);
2291 if (wpa_debug_timestamp != old_timestamp)
2292 wpas_notify_debug_timestamp_changed(global);
2293 if (wpa_debug_show_keys != old_show_keys)
2294 wpas_notify_debug_show_keys_changed(global);
2295
2296 return 0;
2297 }
2298
2299
2300 /**
2301 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2302 * @wpa_s: Pointer to wpa_supplicant data
2303 * Returns: A pointer to the current network structure or %NULL on failure
2304 */
2305 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2306 {
2307 struct wpa_ssid *entry;
2308 u8 ssid[MAX_SSID_LEN];
2309 int res;
2310 size_t ssid_len;
2311 u8 bssid[ETH_ALEN];
2312 int wired;
2313
2314 res = wpa_drv_get_ssid(wpa_s, ssid);
2315 if (res < 0) {
2316 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2317 "driver");
2318 return NULL;
2319 }
2320 ssid_len = res;
2321
2322 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2323 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2324 "driver");
2325 return NULL;
2326 }
2327
2328 wired = wpa_s->conf->ap_scan == 0 &&
2329 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2330
2331 entry = wpa_s->conf->ssid;
2332 while (entry) {
2333 if (!wpas_network_disabled(wpa_s, entry) &&
2334 ((ssid_len == entry->ssid_len &&
2335 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2336 (!entry->bssid_set ||
2337 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2338 return entry;
2339 #ifdef CONFIG_WPS
2340 if (!wpas_network_disabled(wpa_s, entry) &&
2341 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2342 (entry->ssid == NULL || entry->ssid_len == 0) &&
2343 (!entry->bssid_set ||
2344 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2345 return entry;
2346 #endif /* CONFIG_WPS */
2347
2348 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2349 entry->ssid_len == 0 &&
2350 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2351 return entry;
2352
2353 entry = entry->next;
2354 }
2355
2356 return NULL;
2357 }
2358
2359
2360 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2361 {
2362 struct wpa_global *global = wpa_s->global;
2363
2364 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2365 global->drv_priv[i] = wpa_drivers[i]->global_init();
2366 if (global->drv_priv[i] == NULL) {
2367 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2368 "'%s'", wpa_drivers[i]->name);
2369 return -1;
2370 }
2371 }
2372
2373 wpa_s->driver = wpa_drivers[i];
2374 wpa_s->global_drv_priv = global->drv_priv[i];
2375
2376 return 0;
2377 }
2378
2379
2380 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2381 const char *name)
2382 {
2383 int i;
2384 size_t len;
2385 const char *pos, *driver = name;
2386
2387 if (wpa_s == NULL)
2388 return -1;
2389
2390 if (wpa_drivers[0] == NULL) {
2391 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2392 "wpa_supplicant");
2393 return -1;
2394 }
2395
2396 if (name == NULL) {
2397 /* default to first driver in the list */
2398 return select_driver(wpa_s, 0);
2399 }
2400
2401 do {
2402 pos = os_strchr(driver, ',');
2403 if (pos)
2404 len = pos - driver;
2405 else
2406 len = os_strlen(driver);
2407
2408 for (i = 0; wpa_drivers[i]; i++) {
2409 if (os_strlen(wpa_drivers[i]->name) == len &&
2410 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2411 0) {
2412 /* First driver that succeeds wins */
2413 if (select_driver(wpa_s, i) == 0)
2414 return 0;
2415 }
2416 }
2417
2418 driver = pos + 1;
2419 } while (pos);
2420
2421 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2422 return -1;
2423 }
2424
2425
2426 /**
2427 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2428 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2429 * with struct wpa_driver_ops::init()
2430 * @src_addr: Source address of the EAPOL frame
2431 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2432 * @len: Length of the EAPOL data
2433 *
2434 * This function is called for each received EAPOL frame. Most driver
2435 * interfaces rely on more generic OS mechanism for receiving frames through
2436 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2437 * take care of received EAPOL frames and deliver them to the core supplicant
2438 * code by calling this function.
2439 */
2440 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2441 const u8 *buf, size_t len)
2442 {
2443 struct wpa_supplicant *wpa_s = ctx;
2444
2445 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2446 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2447
2448 #ifdef CONFIG_PEERKEY
2449 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2450 wpa_s->current_ssid->peerkey &&
2451 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2452 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2453 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2454 return;
2455 }
2456 #endif /* CONFIG_PEERKEY */
2457
2458 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2459 (wpa_s->last_eapol_matches_bssid &&
2460 #ifdef CONFIG_AP
2461 !wpa_s->ap_iface &&
2462 #endif /* CONFIG_AP */
2463 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2464 /*
2465 * There is possible race condition between receiving the
2466 * association event and the EAPOL frame since they are coming
2467 * through different paths from the driver. In order to avoid
2468 * issues in trying to process the EAPOL frame before receiving
2469 * association information, lets queue it for processing until
2470 * the association event is received. This may also be needed in
2471 * driver-based roaming case, so also use src_addr != BSSID as a
2472 * trigger if we have previously confirmed that the
2473 * Authenticator uses BSSID as the src_addr (which is not the
2474 * case with wired IEEE 802.1X).
2475 */
2476 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2477 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2478 wpa_supplicant_state_txt(wpa_s->wpa_state),
2479 MAC2STR(wpa_s->bssid));
2480 wpabuf_free(wpa_s->pending_eapol_rx);
2481 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2482 if (wpa_s->pending_eapol_rx) {
2483 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2484 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2485 ETH_ALEN);
2486 }
2487 return;
2488 }
2489
2490 wpa_s->last_eapol_matches_bssid =
2491 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2492
2493 #ifdef CONFIG_AP
2494 if (wpa_s->ap_iface) {
2495 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2496 return;
2497 }
2498 #endif /* CONFIG_AP */
2499
2500 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2501 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2502 "no key management is configured");
2503 return;
2504 }
2505
2506 if (wpa_s->eapol_received == 0 &&
2507 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2508 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2509 wpa_s->wpa_state != WPA_COMPLETED) &&
2510 (wpa_s->current_ssid == NULL ||
2511 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2512 /* Timeout for completing IEEE 802.1X and WPA authentication */
2513 wpa_supplicant_req_auth_timeout(
2514 wpa_s,
2515 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2516 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2517 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2518 70 : 10, 0);
2519 }
2520 wpa_s->eapol_received++;
2521
2522 if (wpa_s->countermeasures) {
2523 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2524 "EAPOL packet");
2525 return;
2526 }
2527
2528 #ifdef CONFIG_IBSS_RSN
2529 if (wpa_s->current_ssid &&
2530 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2531 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2532 return;
2533 }
2534 #endif /* CONFIG_IBSS_RSN */
2535
2536 /* Source address of the incoming EAPOL frame could be compared to the
2537 * current BSSID. However, it is possible that a centralized
2538 * Authenticator could be using another MAC address than the BSSID of
2539 * an AP, so just allow any address to be used for now. The replies are
2540 * still sent to the current BSSID (if available), though. */
2541
2542 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2543 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2544 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2545 return;
2546 wpa_drv_poll(wpa_s);
2547 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2548 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2549 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2550 /*
2551 * Set portValid = TRUE here since we are going to skip 4-way
2552 * handshake processing which would normally set portValid. We
2553 * need this to allow the EAPOL state machines to be completed
2554 * without going through EAPOL-Key handshake.
2555 */
2556 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2557 }
2558 }
2559
2560
2561 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2562 {
2563 if (wpa_s->driver->send_eapol) {
2564 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2565 if (addr)
2566 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2567 } else if ((!wpa_s->p2p_mgmt ||
2568 !(wpa_s->drv_flags &
2569 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2570 !(wpa_s->drv_flags &
2571 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2572 l2_packet_deinit(wpa_s->l2);
2573 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2574 wpa_drv_get_mac_addr(wpa_s),
2575 ETH_P_EAPOL,
2576 wpa_supplicant_rx_eapol, wpa_s, 0);
2577 if (wpa_s->l2 == NULL)
2578 return -1;
2579 } else {
2580 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2581 if (addr)
2582 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2583 }
2584
2585 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2586 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2587 return -1;
2588 }
2589
2590 return 0;
2591 }
2592
2593
2594 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2595 const u8 *buf, size_t len)
2596 {
2597 struct wpa_supplicant *wpa_s = ctx;
2598 const struct l2_ethhdr *eth;
2599
2600 if (len < sizeof(*eth))
2601 return;
2602 eth = (const struct l2_ethhdr *) buf;
2603
2604 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2605 !(eth->h_dest[0] & 0x01)) {
2606 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2607 " (bridge - not for this interface - ignore)",
2608 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2609 return;
2610 }
2611
2612 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2613 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2614 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2615 len - sizeof(*eth));
2616 }
2617
2618
2619 /**
2620 * wpa_supplicant_driver_init - Initialize driver interface parameters
2621 * @wpa_s: Pointer to wpa_supplicant data
2622 * Returns: 0 on success, -1 on failure
2623 *
2624 * This function is called to initialize driver interface parameters.
2625 * wpa_drv_init() must have been called before this function to initialize the
2626 * driver interface.
2627 */
2628 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2629 {
2630 static int interface_count = 0;
2631
2632 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2633 return -1;
2634
2635 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2636 MAC2STR(wpa_s->own_addr));
2637 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2638
2639 if (wpa_s->bridge_ifname[0]) {
2640 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2641 "interface '%s'", wpa_s->bridge_ifname);
2642 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2643 wpa_s->own_addr,
2644 ETH_P_EAPOL,
2645 wpa_supplicant_rx_eapol_bridge,
2646 wpa_s, 1);
2647 if (wpa_s->l2_br == NULL) {
2648 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2649 "connection for the bridge interface '%s'",
2650 wpa_s->bridge_ifname);
2651 return -1;
2652 }
2653 }
2654
2655 wpa_clear_keys(wpa_s, NULL);
2656
2657 /* Make sure that TKIP countermeasures are not left enabled (could
2658 * happen if wpa_supplicant is killed during countermeasures. */
2659 wpa_drv_set_countermeasures(wpa_s, 0);
2660
2661 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2662 wpa_drv_flush_pmkid(wpa_s);
2663
2664 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2665 wpa_s->prev_scan_wildcard = 0;
2666
2667 if (wpa_supplicant_enabled_networks(wpa_s)) {
2668 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2669 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2670 interface_count = 0;
2671 }
2672 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2673 100000))
2674 wpa_supplicant_req_scan(wpa_s, interface_count,
2675 100000);
2676 interface_count++;
2677 } else
2678 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2679
2680 return 0;
2681 }
2682
2683
2684 static int wpa_supplicant_daemon(const char *pid_file)
2685 {
2686 wpa_printf(MSG_DEBUG, "Daemonize..");
2687 return os_daemonize(pid_file);
2688 }
2689
2690
2691 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2692 {
2693 struct wpa_supplicant *wpa_s;
2694
2695 wpa_s = os_zalloc(sizeof(*wpa_s));
2696 if (wpa_s == NULL)
2697 return NULL;
2698 wpa_s->scan_req = INITIAL_SCAN_REQ;
2699 wpa_s->scan_interval = 5;
2700 wpa_s->new_connection = 1;
2701 wpa_s->parent = wpa_s;
2702 wpa_s->sched_scanning = 0;
2703
2704 return wpa_s;
2705 }
2706
2707
2708 #ifdef CONFIG_HT_OVERRIDES
2709
2710 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2711 struct ieee80211_ht_capabilities *htcaps,
2712 struct ieee80211_ht_capabilities *htcaps_mask,
2713 const char *ht_mcs)
2714 {
2715 /* parse ht_mcs into hex array */
2716 int i;
2717 const char *tmp = ht_mcs;
2718 char *end = NULL;
2719
2720 /* If ht_mcs is null, do not set anything */
2721 if (!ht_mcs)
2722 return 0;
2723
2724 /* This is what we are setting in the kernel */
2725 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2726
2727 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2728
2729 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2730 errno = 0;
2731 long v = strtol(tmp, &end, 16);
2732 if (errno == 0) {
2733 wpa_msg(wpa_s, MSG_DEBUG,
2734 "htcap value[%i]: %ld end: %p tmp: %p",
2735 i, v, end, tmp);
2736 if (end == tmp)
2737 break;
2738
2739 htcaps->supported_mcs_set[i] = v;
2740 tmp = end;
2741 } else {
2742 wpa_msg(wpa_s, MSG_ERROR,
2743 "Failed to parse ht-mcs: %s, error: %s\n",
2744 ht_mcs, strerror(errno));
2745 return -1;
2746 }
2747 }
2748
2749 /*
2750 * If we were able to parse any values, then set mask for the MCS set.
2751 */
2752 if (i) {
2753 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2754 IEEE80211_HT_MCS_MASK_LEN - 1);
2755 /* skip the 3 reserved bits */
2756 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2757 0x1f;
2758 }
2759
2760 return 0;
2761 }
2762
2763
2764 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2765 struct ieee80211_ht_capabilities *htcaps,
2766 struct ieee80211_ht_capabilities *htcaps_mask,
2767 int disabled)
2768 {
2769 u16 msk;
2770
2771 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2772
2773 if (disabled == -1)
2774 return 0;
2775
2776 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2777 htcaps_mask->ht_capabilities_info |= msk;
2778 if (disabled)
2779 htcaps->ht_capabilities_info &= msk;
2780 else
2781 htcaps->ht_capabilities_info |= msk;
2782
2783 return 0;
2784 }
2785
2786
2787 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2788 struct ieee80211_ht_capabilities *htcaps,
2789 struct ieee80211_ht_capabilities *htcaps_mask,
2790 int factor)
2791 {
2792 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2793
2794 if (factor == -1)
2795 return 0;
2796
2797 if (factor < 0 || factor > 3) {
2798 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2799 "Must be 0-3 or -1", factor);
2800 return -EINVAL;
2801 }
2802
2803 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2804 htcaps->a_mpdu_params &= ~0x3;
2805 htcaps->a_mpdu_params |= factor & 0x3;
2806
2807 return 0;
2808 }
2809
2810
2811 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2812 struct ieee80211_ht_capabilities *htcaps,
2813 struct ieee80211_ht_capabilities *htcaps_mask,
2814 int density)
2815 {
2816 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2817
2818 if (density == -1)
2819 return 0;
2820
2821 if (density < 0 || density > 7) {
2822 wpa_msg(wpa_s, MSG_ERROR,
2823 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2824 density);
2825 return -EINVAL;
2826 }
2827
2828 htcaps_mask->a_mpdu_params |= 0x1C;
2829 htcaps->a_mpdu_params &= ~(0x1C);
2830 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2831
2832 return 0;
2833 }
2834
2835
2836 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2837 struct ieee80211_ht_capabilities *htcaps,
2838 struct ieee80211_ht_capabilities *htcaps_mask,
2839 int disabled)
2840 {
2841 /* Masking these out disables HT40 */
2842 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2843 HT_CAP_INFO_SHORT_GI40MHZ);
2844
2845 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2846
2847 if (disabled)
2848 htcaps->ht_capabilities_info &= ~msk;
2849 else
2850 htcaps->ht_capabilities_info |= msk;
2851
2852 htcaps_mask->ht_capabilities_info |= msk;
2853
2854 return 0;
2855 }
2856
2857
2858 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2859 struct ieee80211_ht_capabilities *htcaps,
2860 struct ieee80211_ht_capabilities *htcaps_mask,
2861 int disabled)
2862 {
2863 /* Masking these out disables SGI */
2864 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2865 HT_CAP_INFO_SHORT_GI40MHZ);
2866
2867 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2868
2869 if (disabled)
2870 htcaps->ht_capabilities_info &= ~msk;
2871 else
2872 htcaps->ht_capabilities_info |= msk;
2873
2874 htcaps_mask->ht_capabilities_info |= msk;
2875
2876 return 0;
2877 }
2878
2879
2880 void wpa_supplicant_apply_ht_overrides(
2881 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2882 struct wpa_driver_associate_params *params)
2883 {
2884 struct ieee80211_ht_capabilities *htcaps;
2885 struct ieee80211_ht_capabilities *htcaps_mask;
2886
2887 if (!ssid)
2888 return;
2889
2890 params->disable_ht = ssid->disable_ht;
2891 if (!params->htcaps || !params->htcaps_mask)
2892 return;
2893
2894 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2895 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2896 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2897 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2898 ssid->disable_max_amsdu);
2899 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2900 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2901 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2902 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2903 }
2904
2905 #endif /* CONFIG_HT_OVERRIDES */
2906
2907
2908 #ifdef CONFIG_VHT_OVERRIDES
2909 void wpa_supplicant_apply_vht_overrides(
2910 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2911 struct wpa_driver_associate_params *params)
2912 {
2913 struct ieee80211_vht_capabilities *vhtcaps;
2914 struct ieee80211_vht_capabilities *vhtcaps_mask;
2915
2916 if (!ssid)
2917 return;
2918
2919 params->disable_vht = ssid->disable_vht;
2920
2921 vhtcaps = (void *) params->vhtcaps;
2922 vhtcaps_mask = (void *) params->vhtcaps_mask;
2923
2924 if (!vhtcaps || !vhtcaps_mask)
2925 return;
2926
2927 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2928 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2929
2930 #define OVERRIDE_MCS(i) \
2931 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2932 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2933 3 << 2 * (i - 1); \
2934 vhtcaps->vht_supported_mcs_set.tx_map |= \
2935 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2936 } \
2937 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2938 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2939 3 << 2 * (i - 1); \
2940 vhtcaps->vht_supported_mcs_set.rx_map |= \
2941 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2942 }
2943
2944 OVERRIDE_MCS(1);
2945 OVERRIDE_MCS(2);
2946 OVERRIDE_MCS(3);
2947 OVERRIDE_MCS(4);
2948 OVERRIDE_MCS(5);
2949 OVERRIDE_MCS(6);
2950 OVERRIDE_MCS(7);
2951 OVERRIDE_MCS(8);
2952 }
2953 #endif /* CONFIG_VHT_OVERRIDES */
2954
2955
2956 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2957 {
2958 #ifdef PCSC_FUNCS
2959 size_t len;
2960
2961 if (!wpa_s->conf->pcsc_reader)
2962 return 0;
2963
2964 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2965 if (!wpa_s->scard)
2966 return 1;
2967
2968 if (wpa_s->conf->pcsc_pin &&
2969 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2970 scard_deinit(wpa_s->scard);
2971 wpa_s->scard = NULL;
2972 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2973 return -1;
2974 }
2975
2976 len = sizeof(wpa_s->imsi) - 1;
2977 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2978 scard_deinit(wpa_s->scard);
2979 wpa_s->scard = NULL;
2980 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2981 return -1;
2982 }
2983 wpa_s->imsi[len] = '\0';
2984
2985 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2986
2987 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2988 wpa_s->imsi, wpa_s->mnc_len);
2989
2990 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2991 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2992 #endif /* PCSC_FUNCS */
2993
2994 return 0;
2995 }
2996
2997
2998 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2999 {
3000 char *val, *pos;
3001
3002 ext_password_deinit(wpa_s->ext_pw);
3003 wpa_s->ext_pw = NULL;
3004 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3005
3006 if (!wpa_s->conf->ext_password_backend)
3007 return 0;
3008
3009 val = os_strdup(wpa_s->conf->ext_password_backend);
3010 if (val == NULL)
3011 return -1;
3012 pos = os_strchr(val, ':');
3013 if (pos)
3014 *pos++ = '\0';
3015
3016 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3017
3018 wpa_s->ext_pw = ext_password_init(val, pos);
3019 os_free(val);
3020 if (wpa_s->ext_pw == NULL) {
3021 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3022 return -1;
3023 }
3024 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3025
3026 return 0;
3027 }
3028
3029
3030 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3031 const char *rn)
3032 {
3033 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3034 struct wpa_radio *radio;
3035
3036 while (rn && iface) {
3037 radio = iface->radio;
3038 if (radio && os_strcmp(rn, radio->name) == 0) {
3039 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3040 wpa_s->ifname, rn);
3041 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3042 return radio;
3043 }
3044
3045 iface = iface->next;
3046 }
3047
3048 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3049 wpa_s->ifname, rn ? rn : "N/A");
3050 radio = os_zalloc(sizeof(*radio));
3051 if (radio == NULL)
3052 return NULL;
3053
3054 if (rn)
3055 os_strlcpy(radio->name, rn, sizeof(radio->name));
3056 dl_list_init(&radio->ifaces);
3057 dl_list_init(&radio->work);
3058 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3059
3060 return radio;
3061 }
3062
3063
3064 static void radio_work_free(struct wpa_radio_work *work)
3065 {
3066 if (work->wpa_s->scan_work == work) {
3067 /* This should not really happen. */
3068 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3069 work->type, work, work->started);
3070 work->wpa_s->scan_work = NULL;
3071 }
3072
3073 #ifdef CONFIG_P2P
3074 if (work->wpa_s->p2p_scan_work == work) {
3075 /* This should not really happen. */
3076 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3077 work->type, work, work->started);
3078 work->wpa_s->p2p_scan_work = NULL;
3079 }
3080 #endif /* CONFIG_P2P */
3081
3082 dl_list_del(&work->list);
3083 os_free(work);
3084 }
3085
3086
3087 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3088 {
3089 struct wpa_radio *radio = eloop_ctx;
3090 struct wpa_radio_work *work;
3091 struct os_reltime now, diff;
3092 struct wpa_supplicant *wpa_s;
3093
3094 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3095 if (work == NULL)
3096 return;
3097
3098 if (work->started)
3099 return; /* already started and still in progress */
3100
3101 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3102 radio_list);
3103 if (wpa_s && wpa_s->external_scan_running) {
3104 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3105 return;
3106 }
3107
3108 os_get_reltime(&now);
3109 os_reltime_sub(&now, &work->time, &diff);
3110 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3111 work->type, work, diff.sec, diff.usec);
3112 work->started = 1;
3113 work->time = now;
3114 work->cb(work, 0);
3115 }
3116
3117
3118 /*
3119 * This function removes both started and pending radio works running on
3120 * the provided interface's radio.
3121 * Prior to the removal of the radio work, its callback (cb) is called with
3122 * deinit set to be 1. Each work's callback is responsible for clearing its
3123 * internal data and restoring to a correct state.
3124 * @wpa_s: wpa_supplicant data
3125 * @type: type of works to be removed
3126 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3127 * this interface's works.
3128 */
3129 void radio_remove_works(struct wpa_supplicant *wpa_s,
3130 const char *type, int remove_all)
3131 {
3132 struct wpa_radio_work *work, *tmp;
3133 struct wpa_radio *radio = wpa_s->radio;
3134
3135 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3136 list) {
3137 if (type && os_strcmp(type, work->type) != 0)
3138 continue;
3139
3140 /* skip other ifaces' works */
3141 if (!remove_all && work->wpa_s != wpa_s)
3142 continue;
3143
3144 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3145 work->type, work, work->started ? " (started)" : "");
3146 work->cb(work, 1);
3147 radio_work_free(work);
3148 }
3149
3150 /* in case we removed the started work */
3151 radio_work_check_next(wpa_s);
3152 }
3153
3154
3155 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3156 {
3157 struct wpa_radio *radio = wpa_s->radio;
3158
3159 if (!radio)
3160 return;
3161
3162 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3163 wpa_s->ifname, radio->name);
3164 dl_list_del(&wpa_s->radio_list);
3165 if (!dl_list_empty(&radio->ifaces)) {
3166 wpa_s->radio = NULL;
3167 return; /* Interfaces remain for this radio */
3168 }
3169
3170 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3171 radio_remove_works(wpa_s, NULL, 0);
3172 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3173 wpa_s->radio = NULL;
3174 os_free(radio);
3175 }
3176
3177
3178 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3179 {
3180 struct wpa_radio *radio = wpa_s->radio;
3181
3182 if (dl_list_empty(&radio->work))
3183 return;
3184 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3185 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3186 }
3187
3188
3189 /**
3190 * radio_add_work - Add a radio work item
3191 * @wpa_s: Pointer to wpa_supplicant data
3192 * @freq: Frequency of the offchannel operation in MHz or 0
3193 * @type: Unique identifier for each type of work
3194 * @next: Force as the next work to be executed
3195 * @cb: Callback function for indicating when radio is available
3196 * @ctx: Context pointer for the work (work->ctx in cb())
3197 * Returns: 0 on success, -1 on failure
3198 *
3199 * This function is used to request time for an operation that requires
3200 * exclusive radio control. Once the radio is available, the registered callback
3201 * function will be called. radio_work_done() must be called once the exclusive
3202 * radio operation has been completed, so that the radio is freed for other
3203 * operations. The special case of deinit=1 is used to free the context data
3204 * during interface removal. That does not allow the callback function to start
3205 * the radio operation, i.e., it must free any resources allocated for the radio
3206 * work and return.
3207 *
3208 * The @freq parameter can be used to indicate a single channel on which the
3209 * offchannel operation will occur. This may allow multiple radio work
3210 * operations to be performed in parallel if they apply for the same channel.
3211 * Setting this to 0 indicates that the work item may use multiple channels or
3212 * requires exclusive control of the radio.
3213 */
3214 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3215 const char *type, int next,
3216 void (*cb)(struct wpa_radio_work *work, int deinit),
3217 void *ctx)
3218 {
3219 struct wpa_radio_work *work;
3220 int was_empty;
3221
3222 work = os_zalloc(sizeof(*work));
3223 if (work == NULL)
3224 return -1;
3225 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3226 os_get_reltime(&work->time);
3227 work->freq = freq;
3228 work->type = type;
3229 work->wpa_s = wpa_s;
3230 work->cb = cb;
3231 work->ctx = ctx;
3232
3233 was_empty = dl_list_empty(&wpa_s->radio->work);
3234 if (next)
3235 dl_list_add(&wpa_s->radio->work, &work->list);
3236 else
3237 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3238 if (was_empty) {
3239 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3240 radio_work_check_next(wpa_s);
3241 }
3242
3243 return 0;
3244 }
3245
3246
3247 /**
3248 * radio_work_done - Indicate that a radio work item has been completed
3249 * @work: Completed work
3250 *
3251 * This function is called once the callback function registered with
3252 * radio_add_work() has completed its work.
3253 */
3254 void radio_work_done(struct wpa_radio_work *work)
3255 {
3256 struct wpa_supplicant *wpa_s = work->wpa_s;
3257 struct os_reltime now, diff;
3258 unsigned int started = work->started;
3259
3260 os_get_reltime(&now);
3261 os_reltime_sub(&now, &work->time, &diff);
3262 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3263 work->type, work, started ? "done" : "canceled",
3264 diff.sec, diff.usec);
3265 radio_work_free(work);
3266 if (started)
3267 radio_work_check_next(wpa_s);
3268 }
3269
3270
3271 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3272 {
3273 struct wpa_radio_work *work;
3274 struct wpa_radio *radio = wpa_s->radio;
3275
3276 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3277 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3278 return 1;
3279 }
3280
3281 return 0;
3282 }
3283
3284
3285 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3286 struct wpa_interface *iface)
3287 {
3288 const char *ifname, *driver, *rn;
3289
3290 driver = iface->driver;
3291 next_driver:
3292 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3293 return -1;
3294
3295 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3296 if (wpa_s->drv_priv == NULL) {
3297 const char *pos;
3298 pos = driver ? os_strchr(driver, ',') : NULL;
3299 if (pos) {
3300 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3301 "driver interface - try next driver wrapper");
3302 driver = pos + 1;
3303 goto next_driver;
3304 }
3305 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3306 "interface");
3307 return -1;
3308 }
3309 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3310 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3311 "driver_param '%s'", wpa_s->conf->driver_param);
3312 return -1;
3313 }
3314
3315 ifname = wpa_drv_get_ifname(wpa_s);
3316 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3317 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3318 "interface name with '%s'", ifname);
3319 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3320 }
3321
3322 if (wpa_s->driver->get_radio_name)
3323 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3324 else
3325 rn = NULL;
3326 if (rn && rn[0] == '\0')
3327 rn = NULL;
3328
3329 wpa_s->radio = radio_add_interface(wpa_s, rn);
3330 if (wpa_s->radio == NULL)
3331 return -1;
3332
3333 return 0;
3334 }
3335
3336
3337 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3338 struct wpa_interface *iface)
3339 {
3340 struct wpa_driver_capa capa;
3341
3342 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3343 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3344 iface->confname ? iface->confname : "N/A",
3345 iface->driver ? iface->driver : "default",
3346 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3347 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3348
3349 if (iface->confname) {
3350 #ifdef CONFIG_BACKEND_FILE
3351 wpa_s->confname = os_rel2abs_path(iface->confname);
3352 if (wpa_s->confname == NULL) {
3353 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3354 "for configuration file '%s'.",
3355 iface->confname);
3356 return -1;
3357 }
3358 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3359 iface->confname, wpa_s->confname);
3360 #else /* CONFIG_BACKEND_FILE */
3361 wpa_s->confname = os_strdup(iface->confname);
3362 #endif /* CONFIG_BACKEND_FILE */
3363 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3364 if (wpa_s->conf == NULL) {
3365 wpa_printf(MSG_ERROR, "Failed to read or parse "
3366 "configuration '%s'.", wpa_s->confname);
3367 return -1;
3368 }
3369 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3370 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3371
3372 /*
3373 * Override ctrl_interface and driver_param if set on command
3374 * line.
3375 */
3376 if (iface->ctrl_interface) {
3377 os_free(wpa_s->conf->ctrl_interface);
3378 wpa_s->conf->ctrl_interface =
3379 os_strdup(iface->ctrl_interface);
3380 }
3381
3382 if (iface->driver_param) {
3383 os_free(wpa_s->conf->driver_param);
3384 wpa_s->conf->driver_param =
3385 os_strdup(iface->driver_param);
3386 }
3387
3388 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3389 os_free(wpa_s->conf->ctrl_interface);
3390 wpa_s->conf->ctrl_interface = NULL;
3391 }
3392 } else
3393 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3394 iface->driver_param);
3395
3396 if (wpa_s->conf == NULL) {
3397 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3398 return -1;
3399 }
3400
3401 if (iface->ifname == NULL) {
3402 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3403 return -1;
3404 }
3405 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3406 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3407 iface->ifname);
3408 return -1;
3409 }
3410 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3411
3412 if (iface->bridge_ifname) {
3413 if (os_strlen(iface->bridge_ifname) >=
3414 sizeof(wpa_s->bridge_ifname)) {
3415 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3416 "name '%s'.", iface->bridge_ifname);
3417 return -1;
3418 }
3419 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3420 sizeof(wpa_s->bridge_ifname));
3421 }
3422
3423 /* RSNA Supplicant Key Management - INITIALIZE */
3424 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3425 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3426
3427 /* Initialize driver interface and register driver event handler before
3428 * L2 receive handler so that association events are processed before
3429 * EAPOL-Key packets if both become available for the same select()
3430 * call. */
3431 if (wpas_init_driver(wpa_s, iface) < 0)
3432 return -1;
3433
3434 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3435 return -1;
3436
3437 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3438 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3439 NULL);
3440 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3441
3442 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3443 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3444 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3445 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3446 "dot11RSNAConfigPMKLifetime");
3447 return -1;
3448 }
3449
3450 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3451 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3452 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3453 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3454 "dot11RSNAConfigPMKReauthThreshold");
3455 return -1;
3456 }
3457
3458 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3459 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3460 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3461 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3462 "dot11RSNAConfigSATimeout");
3463 return -1;
3464 }
3465
3466 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3467 &wpa_s->hw.num_modes,
3468 &wpa_s->hw.flags);
3469
3470 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3471 wpa_s->drv_capa_known = 1;
3472 wpa_s->drv_flags = capa.flags;
3473 wpa_s->drv_enc = capa.enc;
3474 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3475 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3476 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3477 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3478 wpa_s->max_match_sets = capa.max_match_sets;
3479 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3480 wpa_s->max_stations = capa.max_stations;
3481 wpa_s->extended_capa = capa.extended_capa;
3482 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3483 wpa_s->extended_capa_len = capa.extended_capa_len;
3484 wpa_s->num_multichan_concurrent =
3485 capa.num_multichan_concurrent;
3486 }
3487 if (wpa_s->max_remain_on_chan == 0)
3488 wpa_s->max_remain_on_chan = 1000;
3489
3490 /*
3491 * Only take p2p_mgmt parameters when P2P Device is supported.
3492 * Doing it here as it determines whether l2_packet_init() will be done
3493 * during wpa_supplicant_driver_init().
3494 */
3495 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3496 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3497 else
3498 iface->p2p_mgmt = 1;
3499
3500 if (wpa_s->num_multichan_concurrent == 0)
3501 wpa_s->num_multichan_concurrent = 1;
3502
3503 if (wpa_supplicant_driver_init(wpa_s) < 0)
3504 return -1;
3505
3506 #ifdef CONFIG_TDLS
3507 if ((!iface->p2p_mgmt ||
3508 !(wpa_s->drv_flags &
3509 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3510 wpa_tdls_init(wpa_s->wpa))
3511 return -1;
3512 #endif /* CONFIG_TDLS */
3513
3514 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3515 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3516 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3517 return -1;
3518 }
3519
3520 if (wpas_wps_init(wpa_s))
3521 return -1;
3522
3523 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3524 return -1;
3525 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3526
3527 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3528 if (wpa_s->ctrl_iface == NULL) {
3529 wpa_printf(MSG_ERROR,
3530 "Failed to initialize control interface '%s'.\n"
3531 "You may have another wpa_supplicant process "
3532 "already running or the file was\n"
3533 "left by an unclean termination of wpa_supplicant "
3534 "in which case you will need\n"
3535 "to manually remove this file before starting "
3536 "wpa_supplicant again.\n",
3537 wpa_s->conf->ctrl_interface);
3538 return -1;
3539 }
3540
3541 wpa_s->gas = gas_query_init(wpa_s);
3542 if (wpa_s->gas == NULL) {
3543 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3544 return -1;
3545 }
3546
3547 #ifdef CONFIG_P2P
3548 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3549 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3550 return -1;
3551 }
3552 #endif /* CONFIG_P2P */
3553
3554 if (wpa_bss_init(wpa_s) < 0)
3555 return -1;
3556
3557 #ifdef CONFIG_EAP_PROXY
3558 {
3559 size_t len;
3560 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3561 &len);
3562 if (wpa_s->mnc_len > 0) {
3563 wpa_s->imsi[len] = '\0';
3564 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3565 wpa_s->imsi, wpa_s->mnc_len);
3566 } else {
3567 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3568 }
3569 }
3570 #endif /* CONFIG_EAP_PROXY */
3571
3572 if (pcsc_reader_init(wpa_s) < 0)
3573 return -1;
3574
3575 if (wpas_init_ext_pw(wpa_s) < 0)
3576 return -1;
3577
3578 return 0;
3579 }
3580
3581
3582 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3583 int notify, int terminate)
3584 {
3585 wpa_s->disconnected = 1;
3586 if (wpa_s->drv_priv) {
3587 wpa_supplicant_deauthenticate(wpa_s,
3588 WLAN_REASON_DEAUTH_LEAVING);
3589
3590 wpa_drv_set_countermeasures(wpa_s, 0);
3591 wpa_clear_keys(wpa_s, NULL);
3592 }
3593
3594 wpa_supplicant_cleanup(wpa_s);
3595
3596 #ifdef CONFIG_P2P
3597 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3598 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3599 "the management interface is being removed");
3600 wpas_p2p_deinit_global(wpa_s->global);
3601 }
3602 #endif /* CONFIG_P2P */
3603
3604 wpas_ctrl_radio_work_flush(wpa_s);
3605 radio_remove_interface(wpa_s);
3606
3607 if (wpa_s->drv_priv)
3608 wpa_drv_deinit(wpa_s);
3609
3610 if (notify)
3611 wpas_notify_iface_removed(wpa_s);
3612
3613 if (terminate)
3614 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3615
3616 if (wpa_s->ctrl_iface) {
3617 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3618 wpa_s->ctrl_iface = NULL;
3619 }
3620
3621 if (wpa_s->conf != NULL) {
3622 wpa_config_free(wpa_s->conf);
3623 wpa_s->conf = NULL;
3624 }
3625
3626 os_free(wpa_s);
3627 }
3628
3629
3630 /**
3631 * wpa_supplicant_add_iface - Add a new network interface
3632 * @global: Pointer to global data from wpa_supplicant_init()
3633 * @iface: Interface configuration options
3634 * Returns: Pointer to the created interface or %NULL on failure
3635 *
3636 * This function is used to add new network interfaces for %wpa_supplicant.
3637 * This can be called before wpa_supplicant_run() to add interfaces before the
3638 * main event loop has been started. In addition, new interfaces can be added
3639 * dynamically while %wpa_supplicant is already running. This could happen,
3640 * e.g., when a hotplug network adapter is inserted.
3641 */
3642 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3643 struct wpa_interface *iface)
3644 {
3645 struct wpa_supplicant *wpa_s;
3646 struct wpa_interface t_iface;
3647 struct wpa_ssid *ssid;
3648
3649 if (global == NULL || iface == NULL)
3650 return NULL;
3651
3652 wpa_s = wpa_supplicant_alloc();
3653 if (wpa_s == NULL)
3654 return NULL;
3655
3656 wpa_s->global = global;
3657
3658 t_iface = *iface;
3659 if (global->params.override_driver) {
3660 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3661 "('%s' -> '%s')",
3662 iface->driver, global->params.override_driver);
3663 t_iface.driver = global->params.override_driver;
3664 }
3665 if (global->params.override_ctrl_interface) {
3666 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3667 "ctrl_interface ('%s' -> '%s')",
3668 iface->ctrl_interface,
3669 global->params.override_ctrl_interface);
3670 t_iface.ctrl_interface =
3671 global->params.override_ctrl_interface;
3672 }
3673 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3674 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3675 iface->ifname);
3676 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3677 return NULL;
3678 }
3679
3680 /* Notify the control interfaces about new iface */
3681 if (wpas_notify_iface_added(wpa_s)) {
3682 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3683 return NULL;
3684 }
3685
3686 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3687 wpas_notify_network_added(wpa_s, ssid);
3688
3689 wpa_s->next = global->ifaces;
3690 global->ifaces = wpa_s;
3691
3692 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3693 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3694
3695 return wpa_s;
3696 }
3697
3698
3699 /**
3700 * wpa_supplicant_remove_iface - Remove a network interface
3701 * @global: Pointer to global data from wpa_supplicant_init()
3702 * @wpa_s: Pointer to the network interface to be removed
3703 * Returns: 0 if interface was removed, -1 if interface was not found
3704 *
3705 * This function can be used to dynamically remove network interfaces from
3706 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3707 * addition, this function is used to remove all remaining interfaces when
3708 * %wpa_supplicant is terminated.
3709 */
3710 int wpa_supplicant_remove_iface(struct wpa_global *global,
3711 struct wpa_supplicant *wpa_s,
3712 int terminate)
3713 {
3714 struct wpa_supplicant *prev;
3715
3716 /* Remove interface from the global list of interfaces */
3717 prev = global->ifaces;
3718 if (prev == wpa_s) {
3719 global->ifaces = wpa_s->next;
3720 } else {
3721 while (prev && prev->next != wpa_s)
3722 prev = prev->next;
3723 if (prev == NULL)
3724 return -1;
3725 prev->next = wpa_s->next;
3726 }
3727
3728 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3729
3730 if (global->p2p_group_formation == wpa_s)
3731 global->p2p_group_formation = NULL;
3732 if (global->p2p_invite_group == wpa_s)
3733 global->p2p_invite_group = NULL;
3734 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3735
3736 return 0;
3737 }
3738
3739
3740 /**
3741 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3742 * @wpa_s: Pointer to the network interface
3743 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3744 */
3745 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3746 {
3747 const char *eapol_method;
3748
3749 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3750 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3751 return "NO-EAP";
3752 }
3753
3754 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3755 if (eapol_method == NULL)
3756 return "UNKNOWN-EAP";
3757
3758 return eapol_method;
3759 }
3760
3761
3762 /**
3763 * wpa_supplicant_get_iface - Get a new network interface
3764 * @global: Pointer to global data from wpa_supplicant_init()
3765 * @ifname: Interface name
3766 * Returns: Pointer to the interface or %NULL if not found
3767 */
3768 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3769 const char *ifname)
3770 {
3771 struct wpa_supplicant *wpa_s;
3772
3773 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3774 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3775 return wpa_s;
3776 }
3777 return NULL;
3778 }
3779
3780
3781 #ifndef CONFIG_NO_WPA_MSG
3782 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3783 {
3784 struct wpa_supplicant *wpa_s = ctx;
3785 if (wpa_s == NULL)
3786 return NULL;
3787 return wpa_s->ifname;
3788 }
3789 #endif /* CONFIG_NO_WPA_MSG */
3790
3791
3792 /**
3793 * wpa_supplicant_init - Initialize %wpa_supplicant
3794 * @params: Parameters for %wpa_supplicant
3795 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3796 *
3797 * This function is used to initialize %wpa_supplicant. After successful
3798 * initialization, the returned data pointer can be used to add and remove
3799 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3800 */
3801 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3802 {
3803 struct wpa_global *global;
3804 int ret, i;
3805
3806 if (params == NULL)
3807 return NULL;
3808
3809 #ifdef CONFIG_DRIVER_NDIS
3810 {
3811 void driver_ndis_init_ops(void);
3812 driver_ndis_init_ops();
3813 }
3814 #endif /* CONFIG_DRIVER_NDIS */
3815
3816 #ifndef CONFIG_NO_WPA_MSG
3817 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3818 #endif /* CONFIG_NO_WPA_MSG */
3819
3820 wpa_debug_open_file(params->wpa_debug_file_path);
3821 if (params->wpa_debug_syslog)
3822 wpa_debug_open_syslog();
3823 if (params->wpa_debug_tracing) {
3824 ret = wpa_debug_open_linux_tracing();
3825 if (ret) {
3826 wpa_printf(MSG_ERROR,
3827 "Failed to enable trace logging");
3828 return NULL;
3829 }
3830 }
3831
3832 ret = eap_register_methods();
3833 if (ret) {
3834 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3835 if (ret == -2)
3836 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3837 "the same EAP type.");
3838 return NULL;
3839 }
3840
3841 global = os_zalloc(sizeof(*global));
3842 if (global == NULL)
3843 return NULL;
3844 dl_list_init(&global->p2p_srv_bonjour);
3845 dl_list_init(&global->p2p_srv_upnp);
3846 global->params.daemonize = params->daemonize;
3847 global->params.wait_for_monitor = params->wait_for_monitor;
3848 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3849 if (params->pid_file)
3850 global->params.pid_file = os_strdup(params->pid_file);
3851 if (params->ctrl_interface)
3852 global->params.ctrl_interface =
3853 os_strdup(params->ctrl_interface);
3854 if (params->ctrl_interface_group)
3855 global->params.ctrl_interface_group =
3856 os_strdup(params->ctrl_interface_group);
3857 if (params->override_driver)
3858 global->params.override_driver =
3859 os_strdup(params->override_driver);
3860 if (params->override_ctrl_interface)
3861 global->params.override_ctrl_interface =
3862 os_strdup(params->override_ctrl_interface);
3863 wpa_debug_level = global->params.wpa_debug_level =
3864 params->wpa_debug_level;
3865 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3866 params->wpa_debug_show_keys;
3867 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3868 params->wpa_debug_timestamp;
3869
3870 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3871
3872 if (eloop_init()) {
3873 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3874 wpa_supplicant_deinit(global);
3875 return NULL;
3876 }
3877
3878 random_init(params->entropy_file);
3879
3880 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3881 if (global->ctrl_iface == NULL) {
3882 wpa_supplicant_deinit(global);
3883 return NULL;
3884 }
3885
3886 if (wpas_notify_supplicant_initialized(global)) {
3887 wpa_supplicant_deinit(global);
3888 return NULL;
3889 }
3890
3891 for (i = 0; wpa_drivers[i]; i++)
3892 global->drv_count++;
3893 if (global->drv_count == 0) {
3894 wpa_printf(MSG_ERROR, "No drivers enabled");
3895 wpa_supplicant_deinit(global);
3896 return NULL;
3897 }
3898 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3899 if (global->drv_priv == NULL) {
3900 wpa_supplicant_deinit(global);
3901 return NULL;
3902 }
3903
3904 #ifdef CONFIG_WIFI_DISPLAY
3905 if (wifi_display_init(global) < 0) {
3906 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3907 wpa_supplicant_deinit(global);
3908 return NULL;
3909 }
3910 #endif /* CONFIG_WIFI_DISPLAY */
3911
3912 return global;
3913 }
3914
3915
3916 /**
3917 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3918 * @global: Pointer to global data from wpa_supplicant_init()
3919 * Returns: 0 after successful event loop run, -1 on failure
3920 *
3921 * This function starts the main event loop and continues running as long as
3922 * there are any remaining events. In most cases, this function is running as
3923 * long as the %wpa_supplicant process in still in use.
3924 */
3925 int wpa_supplicant_run(struct wpa_global *global)
3926 {
3927 struct wpa_supplicant *wpa_s;
3928
3929 if (global->params.daemonize &&
3930 wpa_supplicant_daemon(global->params.pid_file))
3931 return -1;
3932
3933 if (global->params.wait_for_monitor) {
3934 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3935 if (wpa_s->ctrl_iface)
3936 wpa_supplicant_ctrl_iface_wait(
3937 wpa_s->ctrl_iface);
3938 }
3939
3940 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3941 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3942
3943 eloop_run();
3944
3945 return 0;
3946 }
3947
3948
3949 /**
3950 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3951 * @global: Pointer to global data from wpa_supplicant_init()
3952 *
3953 * This function is called to deinitialize %wpa_supplicant and to free all
3954 * allocated resources. Remaining network interfaces will also be removed.
3955 */
3956 void wpa_supplicant_deinit(struct wpa_global *global)
3957 {
3958 int i;
3959
3960 if (global == NULL)
3961 return;
3962
3963 #ifdef CONFIG_WIFI_DISPLAY
3964 wifi_display_deinit(global);
3965 #endif /* CONFIG_WIFI_DISPLAY */
3966
3967 while (global->ifaces)
3968 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3969
3970 if (global->ctrl_iface)
3971 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3972
3973 wpas_notify_supplicant_deinitialized(global);
3974
3975 eap_peer_unregister_methods();
3976 #ifdef CONFIG_AP
3977 eap_server_unregister_methods();
3978 #endif /* CONFIG_AP */
3979
3980 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3981 if (!global->drv_priv[i])
3982 continue;
3983 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3984 }
3985 os_free(global->drv_priv);
3986
3987 random_deinit();
3988
3989 eloop_destroy();
3990
3991 if (global->params.pid_file) {
3992 os_daemonize_terminate(global->params.pid_file);
3993 os_free(global->params.pid_file);
3994 }
3995 os_free(global->params.ctrl_interface);
3996 os_free(global->params.ctrl_interface_group);
3997 os_free(global->params.override_driver);
3998 os_free(global->params.override_ctrl_interface);
3999
4000 os_free(global->p2p_disallow_freq.range);
4001 os_free(global->p2p_go_avoid_freq.range);
4002 os_free(global->add_psk);
4003
4004 os_free(global);
4005 wpa_debug_close_syslog();
4006 wpa_debug_close_file();
4007 wpa_debug_close_linux_tracing();
4008 }
4009
4010
4011 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4012 {
4013 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4014 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4015 char country[3];
4016 country[0] = wpa_s->conf->country[0];
4017 country[1] = wpa_s->conf->country[1];
4018 country[2] = '\0';
4019 if (wpa_drv_set_country(wpa_s, country) < 0) {
4020 wpa_printf(MSG_ERROR, "Failed to set country code "
4021 "'%s'", country);
4022 }
4023 }
4024
4025 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4026 wpas_init_ext_pw(wpa_s);
4027
4028 #ifdef CONFIG_WPS
4029 wpas_wps_update_config(wpa_s);
4030 #endif /* CONFIG_WPS */
4031
4032 #ifdef CONFIG_P2P
4033 wpas_p2p_update_config(wpa_s);
4034 #endif /* CONFIG_P2P */
4035
4036 wpa_s->conf->changed_parameters = 0;
4037 }
4038
4039
4040 static void add_freq(int *freqs, int *num_freqs, int freq)
4041 {
4042 int i;
4043
4044 for (i = 0; i < *num_freqs; i++) {
4045 if (freqs[i] == freq)
4046 return;
4047 }
4048
4049 freqs[*num_freqs] = freq;
4050 (*num_freqs)++;
4051 }
4052
4053
4054 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4055 {
4056 struct wpa_bss *bss, *cbss;
4057 const int max_freqs = 10;
4058 int *freqs;
4059 int num_freqs = 0;
4060
4061 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4062 if (freqs == NULL)
4063 return NULL;
4064
4065 cbss = wpa_s->current_bss;
4066
4067 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4068 if (bss == cbss)
4069 continue;
4070 if (bss->ssid_len == cbss->ssid_len &&
4071 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4072 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4073 add_freq(freqs, &num_freqs, bss->freq);
4074 if (num_freqs == max_freqs)
4075 break;
4076 }
4077 }
4078
4079 if (num_freqs == 0) {
4080 os_free(freqs);
4081 freqs = NULL;
4082 }
4083
4084 return freqs;
4085 }
4086
4087
4088 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4089 {
4090 int timeout;
4091 int count;
4092 int *freqs = NULL;
4093
4094 wpas_connect_work_done(wpa_s);
4095
4096 /*
4097 * Remove possible authentication timeout since the connection failed.
4098 */
4099 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4100
4101 if (wpa_s->disconnected) {
4102 /*
4103 * There is no point in blacklisting the AP if this event is
4104 * generated based on local request to disconnect.
4105 */
4106 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4107 "indication since interface has been put into "
4108 "disconnected state");
4109 return;
4110 }
4111
4112 /*
4113 * Add the failed BSSID into the blacklist and speed up next scan
4114 * attempt if there could be other APs that could accept association.
4115 * The current blacklist count indicates how many times we have tried
4116 * connecting to this AP and multiple attempts mean that other APs are
4117 * either not available or has already been tried, so that we can start
4118 * increasing the delay here to avoid constant scanning.
4119 */
4120 count = wpa_blacklist_add(wpa_s, bssid);
4121 if (count == 1 && wpa_s->current_bss) {
4122 /*
4123 * This BSS was not in the blacklist before. If there is
4124 * another BSS available for the same ESS, we should try that
4125 * next. Otherwise, we may as well try this one once more
4126 * before allowing other, likely worse, ESSes to be considered.
4127 */
4128 freqs = get_bss_freqs_in_ess(wpa_s);
4129 if (freqs) {
4130 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4131 "has been seen; try it next");
4132 wpa_blacklist_add(wpa_s, bssid);
4133 /*
4134 * On the next scan, go through only the known channels
4135 * used in this ESS based on previous scans to speed up
4136 * common load balancing use case.
4137 */
4138 os_free(wpa_s->next_scan_freqs);
4139 wpa_s->next_scan_freqs = freqs;
4140 }
4141 }
4142
4143 /*
4144 * Add previous failure count in case the temporary blacklist was
4145 * cleared due to no other BSSes being available.
4146 */
4147 count += wpa_s->extra_blacklist_count;
4148
4149 if (count > 3 && wpa_s->current_ssid) {
4150 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4151 "consider temporary network disabling");
4152 wpas_auth_failed(wpa_s);
4153 }
4154
4155 switch (count) {
4156 case 1:
4157 timeout = 100;
4158 break;
4159 case 2:
4160 timeout = 500;
4161 break;
4162 case 3:
4163 timeout = 1000;
4164 break;
4165 case 4:
4166 timeout = 5000;
4167 break;
4168 default:
4169 timeout = 10000;
4170 break;
4171 }
4172
4173 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4174 "ms", count, timeout);
4175
4176 /*
4177 * TODO: if more than one possible AP is available in scan results,
4178 * could try the other ones before requesting a new scan.
4179 */
4180 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4181 1000 * (timeout % 1000));
4182 }
4183
4184
4185 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4186 {
4187 return wpa_s->conf->ap_scan == 2 ||
4188 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4189 }
4190
4191
4192 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4193 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4194 struct wpa_ssid *ssid,
4195 const char *field,
4196 const char *value)
4197 {
4198 #ifdef IEEE8021X_EAPOL
4199 struct eap_peer_config *eap = &ssid->eap;
4200
4201 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4202 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4203 (const u8 *) value, os_strlen(value));
4204
4205 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4206 case WPA_CTRL_REQ_EAP_IDENTITY:
4207 os_free(eap->identity);
4208 eap->identity = (u8 *) os_strdup(value);
4209 eap->identity_len = os_strlen(value);
4210 eap->pending_req_identity = 0;
4211 if (ssid == wpa_s->current_ssid)
4212 wpa_s->reassociate = 1;
4213 break;
4214 case WPA_CTRL_REQ_EAP_PASSWORD:
4215 os_free(eap->password);
4216 eap->password = (u8 *) os_strdup(value);
4217 eap->password_len = os_strlen(value);
4218 eap->pending_req_password = 0;
4219 if (ssid == wpa_s->current_ssid)
4220 wpa_s->reassociate = 1;
4221 break;
4222 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4223 os_free(eap->new_password);
4224 eap->new_password = (u8 *) os_strdup(value);
4225 eap->new_password_len = os_strlen(value);
4226 eap->pending_req_new_password = 0;
4227 if (ssid == wpa_s->current_ssid)
4228 wpa_s->reassociate = 1;
4229 break;
4230 case WPA_CTRL_REQ_EAP_PIN:
4231 os_free(eap->pin);
4232 eap->pin = os_strdup(value);
4233 eap->pending_req_pin = 0;
4234 if (ssid == wpa_s->current_ssid)
4235 wpa_s->reassociate = 1;
4236 break;
4237 case WPA_CTRL_REQ_EAP_OTP:
4238 os_free(eap->otp);
4239 eap->otp = (u8 *) os_strdup(value);
4240 eap->otp_len = os_strlen(value);
4241 os_free(eap->pending_req_otp);
4242 eap->pending_req_otp = NULL;
4243 eap->pending_req_otp_len = 0;
4244 break;
4245 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4246 os_free(eap->private_key_passwd);
4247 eap->private_key_passwd = (u8 *) os_strdup(value);
4248 eap->pending_req_passphrase = 0;
4249 if (ssid == wpa_s->current_ssid)
4250 wpa_s->reassociate = 1;
4251 break;
4252 case WPA_CTRL_REQ_SIM:
4253 os_free(eap->external_sim_resp);
4254 eap->external_sim_resp = os_strdup(value);
4255 break;
4256 default:
4257 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4258 return -1;
4259 }
4260
4261 return 0;
4262 #else /* IEEE8021X_EAPOL */
4263 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4264 return -1;
4265 #endif /* IEEE8021X_EAPOL */
4266 }
4267 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4268
4269
4270 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4271 {
4272 int i;
4273 unsigned int drv_enc;
4274
4275 if (ssid == NULL)
4276 return 1;
4277
4278 if (ssid->disabled)
4279 return 1;
4280
4281 if (wpa_s && wpa_s->drv_capa_known)
4282 drv_enc = wpa_s->drv_enc;
4283 else
4284 drv_enc = (unsigned int) -1;
4285
4286 for (i = 0; i < NUM_WEP_KEYS; i++) {
4287 size_t len = ssid->wep_key_len[i];
4288 if (len == 0)
4289 continue;
4290 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4291 continue;
4292 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4293 continue;
4294 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4295 continue;
4296 return 1; /* invalid WEP key */
4297 }
4298
4299 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4300 !ssid->ext_psk)
4301 return 1;
4302
4303 return 0;
4304 }
4305
4306
4307 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4308 {
4309 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4310 return 1;
4311 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4312 return 0;
4313 return -1;
4314 }
4315
4316
4317 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4318 {
4319 struct wpa_ssid *ssid = wpa_s->current_ssid;
4320 int dur;
4321 struct os_reltime now;
4322
4323 if (ssid == NULL) {
4324 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4325 "SSID block");
4326 return;
4327 }
4328
4329 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4330 return;
4331
4332 ssid->auth_failures++;
4333
4334 #ifdef CONFIG_P2P
4335 if (ssid->p2p_group &&
4336 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4337 /*
4338 * Skip the wait time since there is a short timeout on the
4339 * connection to a P2P group.
4340 */
4341 return;
4342 }
4343 #endif /* CONFIG_P2P */
4344
4345 if (ssid->auth_failures > 50)
4346 dur = 300;
4347 else if (ssid->auth_failures > 10)
4348 dur = 120;
4349 else if (ssid->auth_failures > 5)
4350 dur = 90;
4351 else if (ssid->auth_failures > 3)
4352 dur = 60;
4353 else if (ssid->auth_failures > 2)
4354 dur = 30;
4355 else if (ssid->auth_failures > 1)
4356 dur = 20;
4357 else
4358 dur = 10;
4359
4360 if (ssid->auth_failures > 1 &&
4361 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4362 dur += os_random() % (ssid->auth_failures * 10);
4363
4364 os_get_reltime(&now);
4365 if (now.sec + dur <= ssid->disabled_until.sec)
4366 return;
4367
4368 ssid->disabled_until.sec = now.sec + dur;
4369
4370 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4371 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4372 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4373 ssid->auth_failures, dur);
4374 }
4375
4376
4377 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4378 struct wpa_ssid *ssid, int clear_failures)
4379 {
4380 if (ssid == NULL)
4381 return;
4382
4383 if (ssid->disabled_until.sec) {
4384 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4385 "id=%d ssid=\"%s\"",
4386 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4387 }
4388 ssid->disabled_until.sec = 0;
4389 ssid->disabled_until.usec = 0;
4390 if (clear_failures)
4391 ssid->auth_failures = 0;
4392 }
4393
4394
4395 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4396 {
4397 size_t i;
4398
4399 if (wpa_s->disallow_aps_bssid == NULL)
4400 return 0;
4401
4402 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4403 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4404 bssid, ETH_ALEN) == 0)
4405 return 1;
4406 }
4407
4408 return 0;
4409 }
4410
4411
4412 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4413 size_t ssid_len)
4414 {
4415 size_t i;
4416
4417 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4418 return 0;
4419
4420 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4421 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4422 if (ssid_len == s->ssid_len &&
4423 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4424 return 1;
4425 }
4426
4427 return 0;
4428 }
4429
4430
4431 /**
4432 * wpas_request_connection - Request a new connection
4433 * @wpa_s: Pointer to the network interface
4434 *
4435 * This function is used to request a new connection to be found. It will mark
4436 * the interface to allow reassociation and request a new scan to find a
4437 * suitable network to connect to.
4438 */
4439 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4440 {
4441 wpa_s->normal_scans = 0;
4442 wpa_supplicant_reinit_autoscan(wpa_s);
4443 wpa_s->extra_blacklist_count = 0;
4444 wpa_s->disconnected = 0;
4445 wpa_s->reassociate = 1;
4446
4447 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4448 wpa_supplicant_req_scan(wpa_s, 0, 0);
4449 }
4450
4451
4452 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4453 int *freq_array, unsigned int len)
4454 {
4455 unsigned int i;
4456
4457 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4458 len, title);
4459 for (i = 0; i < len; i++)
4460 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4461 }
4462
4463
4464 /*
4465 * Find the operating frequencies of any of the virtual interfaces that
4466 * are using the same radio as the current interface.
4467 */
4468 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4469 int *freq_array, unsigned int len)
4470 {
4471 struct wpa_supplicant *ifs;
4472 u8 bssid[ETH_ALEN];
4473 int freq;
4474 unsigned int idx = 0, i;
4475
4476 wpa_dbg(wpa_s, MSG_DEBUG,
4477 "Determining shared radio frequencies (max len %u)", len);
4478 os_memset(freq_array, 0, sizeof(int) * len);
4479
4480 /* First add the frequency of the local interface */
4481 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4482 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4483 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4484 freq_array[idx++] = wpa_s->current_ssid->frequency;
4485 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4486 freq_array[idx++] = wpa_s->assoc_freq;
4487 }
4488
4489 /* If get_radio_name is not supported, use only the local freq */
4490 if (!wpa_s->driver->get_radio_name) {
4491 freq = wpa_drv_shared_freq(wpa_s);
4492 if (freq > 0 && idx < len &&
4493 (idx == 0 || freq_array[0] != freq))
4494 freq_array[idx++] = freq;
4495 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4496 return idx;
4497 }
4498
4499 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4500 radio_list) {
4501 if (wpa_s == ifs)
4502 continue;
4503
4504 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4505 continue;
4506
4507 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4508 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4509 freq = ifs->current_ssid->frequency;
4510 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4511 freq = ifs->assoc_freq;
4512 else
4513 continue;
4514
4515 /* Hold only distinct freqs */
4516 for (i = 0; i < idx; i++)
4517 if (freq_array[i] == freq)
4518 break;
4519
4520 if (i == idx)
4521 freq_array[idx++] = freq;
4522 }
4523
4524 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);
4525 return idx;
4526 }
Unnamed repository; edit this file 'description' to name the repository.